Synopses & Reviews
“As this book shows, Linux systems are just as functional, secure, and reliable as their proprietary counterparts. Thanks to the ongoing efforts of thousands of Linux developers, Linux is more ready than ever for deployment at the front lines of the real world. The authors of this book know that terrain well, and I am happy to leave you in their most capable hands.”
“This book is where I turn first when I have system administration questions. It is truly a wonderful resource and always within reach of my terminal.”
–W. Richard Stevens, author of numerous books on UNIX and TCP/IP
“This is a comprehensive guide to the care and feeding of UNIX systems. The authors present the facts along with seasoned advice and numerous real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility.”
–Pat Parseghian, Transmeta
“We noticed your book on the staff -recommendations shelf at our local bookstore: ‘Very clear, a masterful interpretation of the subject.’ We were most impressed, until we noticed that the same staff member had also recommended Aunt Bea's Mayberry Cookbook.”
–Shannon Bloomstran, history teacher
The twentieth anniversary edition of the world’s best-selling UNIX system administration book has been made even more invaluable by adding coverage of the leading Linux distributions: Ubuntu, RHEL, and openSUSE. System administrators looking to efficiently solve technical problems and maximize reliability and performance in production environments can now turn to UNIX® and Linux® System Administration Handbook, Fourth Edition, which has been systematically updated to reflect today’s most important enterprise Linux and UNIX distributions and most valuable administrative tools.
Drawing on decades of experience, the authors share clear, well-founded advice on constructing robust, production-grade systems and networks that can be easily maintained, monitored, and controlled. You’ll find detailed, up-to-date best practices advice and important new coverage of virtualization, cloud computing, security management, web load balancing and scalability, LDAP/Active Directory integration, modern web scripting languages, Spacewalk, DTrace, eco-friendly IT management, and much more. It reflects the latest versions of all these distributions:
- Red Hat® Enterprise Linux®
- Ubuntu® Linux
- Oracle Solaris
Sharing war stories and hard-won insights, the authors capture the behavior of UNIX and Linux systems in the real world, not just in ideal environments. They explain complex tasks in detail, with illustrations from actual production environments, and provide brand-new “Top 20 lists” of system administration rules, power-saving tips, and more.
-- New! Extensive coverage of Linux -- plus UNIX/NT integration via Samba, Web server maintenance, sendmail, and more!
-- Completely updated coverage of TCP/IP and routing -- plus a complete crash course in Cisco routing!
-- Covers every major flavor of UNIX: Red Hat Linux, Solaris, HP-UX, and FreeBSD!
Unix System Administration Handbook, Third Edition is the fully-updated, highly anticipated revision of the hands-down best-selling UNIX sysadmin guideever! Better than ever, it's an indispensable tutorial for new UNIX/Linux sysadmins -- and an awesome reference for seasoned professionals! Evi Nemeth and her friends are back -- and they've updated this classic best-seller with more of what makes it great: not just theory, but hundreds of war stories and great insights from those in the trenches!
Now covers Red Hat Linux!
Written by Evi Nemeth, Garth Snyder, Scott Seebass, and Trent R. Hein with Adam Boggs, Rob Braun, Ned McClain, Dan Crawl, Lynda McGinley, and Todd Miller
"This is not a nice, neat book for a nice, clean world. It's a nasty book for a nasty world. This is a book for the rest of us."
–Eric Allman and Marshall Kirk McKusick
"I am pleased to welcome Linux to the UNIX System Administration Handbook!"
–Linus Torvalds, Transmeta
"This book is most welcome!"
–Dennis Ritchie, AT&T Bell Laboratories
This new edition of the world's most comprehensive guide to UNIX system administration is an ideal tutorial for those new to administration and an invaluable reference for experienced professionals. The third edition has been expanded to include "direct from the frontlines" coverage of Red Hat Linux. UNIX System Administration Handbook describes every aspect of system administration–from basic topics to UNIX esoterica–and provides explicit coverage of four popular UNIX systems:
This book stresses a practical approach to system administration. It's packed with war stories and pragmatic advice, not just theory and watered-down restatements of the manuals. Difficult subjects such as sendmail, kernel building, and DNS configuration are tackled head-on. Examples are provided for all four versions of UNIX and are drawn from real-life systems–warts and all.
"This book is where I turn first when I have system administration questions. It is truly a wonderful resource and always within reach of my terminal."
–W. Richard Stevens, author of numerous books on UNIX and TCP/IP
"This is a comprehensive guide to the care and feeding of UNIX systems. The authors present the facts along with seasoned advice and numerous real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility."
–Pat Parseghian, Transmeta
"We noticed your book on the staff recommendations shelf at our local bookstore: 'Very clear, a masterful interpretation of the subject.' We were most impressed, until we noticed that the same staff member had also recommended Aunt Bea's Mayberry Cookbook."
–Shannon Bloomstran, history teacher
“As an author, editor, and publisher, I never paid much attention to the competition–except in a few cases. This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against.”
–From the Foreword by Tim O’Reilly, founder of O’Reilly Media
“This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems’ history but doesn’t bloviate. It’s just straightfoward information delivered in colorful and memorable fashion.”
–Jason A. Nunnelley
“This is a comprehensive guide to the care and feeding of UNIX and Linux systems. The authors present the facts along with seasoned advice and real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility.”
The twentieth anniversary edition of the world’s best-selling UNIX system administration book has been made even better by adding coverage of the leading Linux distributions: Ubuntu, openSUSE, and RHEL.
This book approaches system administration in a practical way and is an invaluable reference for both new administrators and experienced professionals. It details best practices for every facet of system administration, including storage management, network design and administration, email, web hosting, scripting, software configuration management, performance analysis, Windows interoperability, virtualization, DNS, security, management of IT service organizations, and much more. UNIX® and Linux® System Administration Handbook, Fourth Edition, reflects the current versions of these operating systems:
Red Hat® Enterprise Linux®
Oracle America® Solaris™ (formerly Sun Solaris)
About the Author
Evi Nemeth has retired from the Computer Science faculty at the University of Colorado. She is currently exploring the Pacific on her 40-foot sailboat named Wonderland. Garth Snyder has worked at NeXT and Sun and holds a BS in Engineering from Swarthmore College and an MD and an MBA from the University of Rochester. Trent R. Hein is the co-founder of Applied Trust, a company that provides IT infrastructure consulting services. Trent holds a BS in Computer Science from the University of Colorado. Ben Whaley is the Director of Enterprise Architecture at Applied Trust. Ben earned a BS in Computer Science from the University of Colorado. He is an expert in storage management, virtualization, and web infrastructure.'
Table of Contents
1. Where to Start.
Suggested Background. The Sordid History of UNIX. Example UNIX Systems. Notation and Typographical Conventions. System-Specific Information. How to Use Your Manuals. Organization of the Man Pages. Man: Read Manual Pages. Essential Tasks of the System Administrator. Adding and Removing Users. Adding and Removing Hardware. Performing Backups. Installing New Software. Monitoring the System. Troubleshooting. Maintaining Local Documentation. Auditing Security. Helping Users. How to Find Files on the Internet. System Administration Under Duress. System Administration Personality Syndrome. Recommended Reading.
2. Booting and Shutting Down.
Bootstrapping. Automatic and Manual Booting. Steps in the Boot Process. Kernel Initialization. Hardware Configuration. System Processes. Operator Intervention (Manual Boot Only). Execution of Startup Scripts. Multiuser Operation. Booting Pcs. How a PC Is Different from Proprietary Hardware. The PC Boot Process. LILO: The Linux Boot Loader. Configuring LILO. The Freebsd Boot Loader. Multibooting on Pcs. Multibooting Gotchas. LILO Multiboot Configuration. Freebsd Multiboot Configuration. Booting in Single-User Mode. Solaris Single-User Mode. HP-UX Single-User Mode. Linux Single-User Mode. Freebsd Single-User Mode. Startup Scripts. Systemv-Style Startup Scripts. Solaris Startup Scripts. HP-UX Startup Scripts. Red Hat Startup Scripts. Freebsd Startup Scripts. Rebooting and Shutting down. Turning Off the Power. Shutdown: The Genteel Way to Halt the System. Halt: A Simpler Way to Shut Down. Reboot: Quick and Dirty Restart. Sending Init a TERM Signal. Telinit: Change Init's Run Level. Killing Init.
3. Rootly Powers.
Ownership of Files and Processes. The Superuser. Choosing a Root Password. Becoming Root. Su: Substitute User Identity. Sudo: A Limited Su. Other Pseudo-Users. Daemon: Owner of Unprivileged System Software. Bin: Owner of System Commands. Sys: Owner of the Kernel and Memory Images. Nobody: The Generic NFS User.
4. Controlling Processes.
Components of a Process. PID: Process ID Number. PPID: Parent PID. UID and EUID: Real and Effective User ID. GID and EGID: Real and Effective Group ID. Niceness. Control Terminal. The Life Cycle of a Process. Signals. Kill: Send Signals. Process States. Nice and Renice: Influence Scheduling Priority. Ps: Monitor Processes. Top: Monitor Processes Even Better. Runaway Processes.
5. The Filesystem.
Pathnames. Mounting and Unmounting Filesystems. The Organization of the File Tree. File Types. Regular Files. Directories. Character and Block Device Files. UNIX Domain Sockets. Named Pipes. Symbolic Links. File Attributes. The Setuid and Setgid Bits. The Sticky Bit. The Permission Bits. Viewing File Attributes. Freebsd Bonus Flags. Chmod: Change Permissions. Chown and Chgrp: Change Ownerships. Umask: Assign Default Permissions.
6. Adding New Users.
The /Etc/Passwd File. Login Name. Encrypted Password. UID Number. Default GID Number. GECOS Field. Home Directory. Login Shell. The Freebsd /Etc/Master.Passwd File. The Freebsd /Etc/Login.Conf File. The Solaris and Red Hat /Etc/Shadow File. The /Etc/Group File. Adding Users. Editing the Passwd and Shadow Files. Setting an Initial Password. Creating the User's Home Directory. Copying in the Default Startup Files. Setting the User's Mail Home. Editing the /Etc/Group File. Setting Disk Quotas. Verifying the New Login. Removing Users. Disabling Logins. Vendor-Supplied Account Management Utilities.
7. Serial Devices.
Serial Standards. Alternative Connectors. The Mini DIN-8 Variant. The DB-9 Variant. The RJ-45 Variant. The Yost Standard for RJ-45 Wiring. Hard and Soft Carrier. Hardware Flow Control. Cable Length. Serial Device Files. Software Configuration for Serial Devices. Configuration of Hardwired Terminals. The Login Process. The /Etc/Ttys and /Etc/Ttytab Files. The /Etc/Ttytype File. The /Etc/Gettytab File. The /Etc/Inittab File. The /Etc/Gettydefs File. Solaris and Sacadm. Terminal Support: The Termcap and Terminfo Databases. Special Characters and the Terminal Driver. Stty: Set Terminal Options. Tset: Set Options Automatically. How to Unwedge a Terminal. Modems. Modulation, Error Correction, and Data Compression Protocols. Dial-Out Configuration: /Etc/Phones and /Etc/Remote. Bidirectional Modems. Debugging a Serial Line. Other Common I/O Ports. Parallel Ports. USB: The Universal Serial Bus.
8. Adding a Disk.
Disk Interfaces. The SCSI Interface. The IDE Interface. Which Is Better, SCSI or IDE? Disk Geometry. An Overview of the Disk Installation Procedure. Connecting the Disk. Creating Device Entries. Formatting the Disk. Labeling and Partitioning the Disk. Establishing Logical Volumes. Creating UNIX Filesystems. Setting Up Automatic Mounting. Enabling Swapping. Fsck: Check and Repair Filesystems. Vendor Specifics. Adding a Disk to Solaris. Adding a Disk to HP-UX. Adding a Disk to Red Hat Linux. Adding a Disk to Freebsd.
9. Periodic Processes.
Cron: Schedule Commands. The Format of Crontab Files. Crontab Management. Some Common Uses for Cron. Cleaning the Filesystem. Network Distribution of Configuration Files. Rotating Log Files. Vendor Specifics.
Motherhood and Apple Pie. Perform All Dumps from One Machine. Label Your Tapes. Pick a Reasonable Backup Interval. Choose Filesystems Carefully. Make Daily Dumps Fit on One Tape. Make Filesystems Smaller Than Your Dump Device. Keep Tapes Off-Site. Protect Your Backups. Limit Activity during Dumps. Check Your Tapes. Develop a Tape Life Cycle. Design Your Data for Backups. Prepare for the Worst. Backup Devices and Media. Floppy Disks. Super Floppies. CD-R and CD-RW. Removable Hard Disks. 8mm Cartridge Tapes. DAT (4mm) Cartridge Tapes. Travan Tapes. Onstream ADR. DLT. AIT. Mammoth. Jukeboxes, Stackers, and Tape Libraries. Hard Disks. Summary of Media Types. What to Buy. Setting Up an Incremental Backup Regime. Dumping Filesystems. Dump Sequences. Restoring from Dumps. Restoring Individual Files. Restoring Entire Filesystems. Dumping and Restoring for Upgrades. Using Other Archiving Programs. Tar: Package Files. Cpio: Sysv-Ish Archiving. Dd: Twiddle Bits. Volcopy: Duplicate Filesystems. Using Multiple Files on a Single Tape. Amanda. The Architecture of Amanda. Amanda Setup. The Amanda.Conf File. The Disklist File. Amanda Log Files. Amanda Debugging. File Restoration from an Amanda Backup. Alternatives to Amanda: Other Open Source Backup Packages. Commercial Backup Products. ADSM/TSM. Veritas. Legato. Other Alternatives. Recommended Reading.
11. Syslog and Log Files.
Logging Policies. Throwing Away Log Files. Rotating Log Files. Archiving Log Files. Finding Log Files. Files NOT to Manage. Vendor Specifics. Syslog: The System Event Logger. Configuring Syslogd. Red Hat Enhancements to Syslog. Freebsd Enhancements to Syslog. Config File Examples. Sample Syslog Output. Designing a Logging Scheme for Your Site. Software That Uses Syslog. Debugging Syslog. Using Syslog from Programs. Condensing Log Files to Useful Information.
12. Drivers and the Kernel.
Kernel Types. Why Configure the Kernel? Configuring a Solaris Kernel. The Solaris Kernel Area. Configuring the Kernel with /Etc/System. An Example /Etc/System File. Debugging a Solaris Configuration. Building an HP-UX Kernel. Configuring a Linux Kernel. Building the Linux Kernel Binary. Tuning Your Linux Configuration. Building a Freebsd Kernel. The Master Recipe for Building a Kernel. Audit the System's Hardware. Create a Configuration File in SYS/I386/Conf. Run Config. Run Make Depend. Build the Kernel. Install the New Kernel. Test the New Kernel. Document the New Kernel. Creating a BSD Configuration File. The Maxusers Keyword. The Options Keyword. The Config Keyword. Hardware Devices. The Pseudo-Device Keyword. A Sample Freebsd Configuration File. Tuning the Freebsd Kernel. Adding Device Drivers. Device Numbers. Adding a Solaris Device Driver. Adding a Linux Device Driver. Adding a Freebsd Device Driver. Device Files. Naming Conventions for Devices. Loadable Kernel Modules. Loadable Kernel Modules in Solaris. Loadable Kernel Modules in Linux. Loadable Kernel Modules in Freebsd. Recommended Reading.
13. TCP/IP Networking.
TCP/IP and the Internet. A Brief History Lesson. How the Internet Is Managed Today. Network Standards and Documentation. Networking Road Map. Packets and Encapsulation. The Link Layer. Packet Addressing. Ports. Address Types. IP Addresses: The Gory Details. IP Address Classes. Subnetting and Netmasks. The IP Address Crisis. CIDR: Classless Inter-Domain Routing. Address Allocation. Private Addresses and NAT. Ipv6 Addressing. Routing. Routing Tables. ICMP Redirects. ARP: The Address Resolution Protocol. DHCP: The Dynamic Host Configuration Protocol. DHCP Software. How DHCP Works. ISC's DHCP Server. PPP: The Point-to-Point Protocol. Addressing PPP Performance Issues. Connecting to a Network with PPP. Making Your Host Speak PPP. Controlling PPP Links. Finding a Host to Talk to. Assigning an Address. Routing. Ensuring Security. Using Terminal Servers. Using Chat Scripts. Security Issues. IP Forwarding. ICMP Redirects. Source Routing. Broadcast Pings and Other Forms of Directed Broadcast. UNIX-Based Firewalls. Virtual Private Networks. IPSEC: Secure IP. Addition of Machines to a Network. Assigning Hostnames and IP Addresses. Ifconfig: Configure Network Interfaces. Route: Configure Static Routes. Default Routes. Configuring DNS. Vendor-Specific Network Configuration. Solaris Network Configuration. Basic Network Configuration for Solaris. Configuration Examples for Solaris. DHCP Configuration for Solaris. Dynamic Reconfiguration and Tuning for Solaris. Security, Firewalls, Filtering, and NAT for Solaris. PPP Configuration for Solaris. Networking Quirks for Solaris. HP-UX Network Configuration. Basic Network Configuration for HP-UX. Configuration Examples for HP-UX. DHCP Configuration for HP-UX. Dynamic Reconfiguration and Tuning for HP-UX. Security, Firewalls, Filtering, and NAT for HP-UX. PPP Configuration for HP-UX. Networking Quirks for HP-UX. Network Configuration for Red Hat. Basic Network Configuration for Red Hat. Configuration Examples for Red Hat. DHCP Configuration for Red Hat. Dynamic Reconfiguration and Tuning for Red Hat. Security, Firewalls, Filters, and NAT for Red Hat. PPP Configuration for Red Hat. Networking Quirks for Red Hat. Network Configuration for Freebsd. Basic Network Configuration for Freebsd. Configuration Examples for Freebsd. DHCP Configuration for Freebsd. Dynamic Reconfiguration and Tuning for Freebsd. Security, Firewalls, Filters, and NAT for Freebsd. PPP Configuration for Freebsd. Networking Quirks for Freebsd. Recommended Reading.
Packet Forwarding: A Closer Look. Routing Daemons and Routing Protocols. Distance-Vector Protocols. Link-State Protocols. Cost Metrics. Interior and Exterior Protocols. Protocols on Parade. RIP: Routing Information Protocol. RIP-2: Routing Information Protocol, Version 2. OSPF: Open Shortest Path First. IGRP and EIGRP: Interior Gateway Routing Protocol. IS-IS: The ISO “Standard.” MOSPF, DVMRP, and PIM: Multicast Routing Protocols. Router Discovery Protocol. Routed: RIP Yourself a New Hole. Gated: A Better Routing Daemon. Gated Startup and Control. Tracing. The Gated Configuration File. Option Configuration Statements. Network Interface Definitions. Other Miscellaneous Definitions. Protocol Configuration for RIP. Some Preliminary Background on OSPF. Protocol Configuration for OSPF. Protocol Configuration for ICMP Redirects. Static Routes. Exported Routes. A Complete Gated Configuration Example. Vendor Specifics. Routing Strategy Selection Criteria. Cisco Routers. Recommended Reading.
15. Network Hardware.
LAN, WAN, or MAN? Ethernet: The Common LAN. How Ethernet Works. Ethernet Topology. Unshielded Twisted Pair. Connecting and Expanding Ethernets. FDDI: The Disappointing and Expensive LAN. ATM: The Promised (but Sorely Defeated) LAN. Frame Relay: The Sacrificial WAN. ISDN: The Indigenous WAN. DSL: The People's WAN. Where Is the Network Going? Network Testing and Debugging. Building Wiring. UTP Cabling Options. Connections to Offices. Wiring Standards. Network Design Issues. Network Architecture Vs Building Architecture. Existing Networks. Expansion. Congestion. Maintenance and Documentation. Management Issues. Recommended Vendors. Cables and Connectors. Test Equipment. Routers/Switches. Recommended Reading.
16. The Domain Name System.
DNS for the Impatient: Adding a New Machine. The History of DNS. Who Needs DNS? What's New in DNS. The DNS Namespace. Masters of Their Domains. Selecting a Domain Name. Domain Bloat. Registering a Second-Level Domain Name. Creating Your Own Subdomains. The BIND Software. Versions of BIND. Finding out What Version You Have. Components of BIND. Named: The BIND Name Server. Authoritative and Caching-Only Servers. Recursive and Nonrecursive Servers. The Resolver Library. Shell Interfaces to DNS. How DNS Works. Delegation. Caching and Efficiency. The Extended DNS Protocol. BIND Client Issues. Resolver Configuration. Resolver Testing. Impact on the Rest of the System. BIND Server Configuration. Hardware Requirements. Named Startup. Configuration Files. The Include Statement. The Options Statement. The Acl Statement. The Server Statement. The Logging Statement. The Zone Statement. The Key Statement. The Trusted-Keys Statement. The Controls Statement. The View Statement. BIND Configuration Examples. A Home Linux Box. A University Department. A Web Hosting Company. The DNS Database. Resource Records. The SOA Record. NS Records. A Records. PTR Records. MX Records. CNAME Records. The CNAME Hack. LOC Records. SRV Records. TXT Records. Ipv6 Resource Records. A6 Records. DNAME Records. Commands in Zone Files. The Localhost Zone. Glue Records: Links between Zones. Updating Zone Files. Zone Transfers. Dynamic Updates. Security Issues. Access Control Lists Revisited. Confining Named. Secure Server-to-Server Communication with TSIG and TKEY. DNSSEC. Microsoft Bad, UNIX Good. Testing and Debugging. Logging. Debug Levels. Debugging with Ndc. Debugging with Nslookup, Dig, and Host. Lame Delegations. Loose Ends. The Hints File. Localhost Configuration. Host Management Tools. DNS for Systems Not on the Internet. Vendor Specifics. Specifics for Solaris. Specifics for HP-UX. Specifics for Red Hat Linux. Specifics for Freebsd. Recommended Reading. Mailing Lists and Newsgroups. Books and Other Documentation. Online Resources. The Rfcs.
17. The Network File System.
General Information about NFS. NFS Protocol Versions. Choice of Transport. Webnfs. File Locking. Disk Quotas. Global Uids and Gids. Root Access and the Nobody Account. Cookies and Stateless Mounting. Naming Conventions for Shared Filesystems. Security and NFS. Server-Side NFS. The Share Command and Dfstab File (Solaris). The Exportfs Command and the Exports File (HP-UX, Red Hat, Freebsd). Nfsd: Serve Files. Client-Side NFS. Biod and Nfsiod: Provide Client-Side Caching. Mounting Remote Filesystems. Secure Port Restrictions. Nfsstat: Dump NFS Statistics. Dedicated NFS File Servers. Automatic Mounting. Automount: The Original Automounter. Indirect Maps. Direct Maps. Master Maps. Executable Maps. Replicated Filesystems Using Automount. Automatic Automounts. Specifics for Red Hat Linux. Amd: A More Sophisticated Automounter. Amd Maps. Starting Amd. Stopping Amd. Recommended Reading.
18. Sharing System Files.
What to Share. Copying Files around. Rdist: Push Files. Rsync: Push Files More Securely. Expect: Pull Files. NIS: The Network Information Service. Netgroups. Prioritizing Sources of Administrative Information. Advantages and Disadvantages of NIS. How NIS Works. Setting Up an NIS Domain. Vendor Specifics. NIS+: Son of NIS. LDAP: The Lightweight Directory Access Protocol. LDAP Documentation and Specifications. Hands-on LDAP.
19. Electronic Mail.
Mail Systems. User Agents. Transport Agents. Delivery Agents. Message Stores. Access Agents. Mail Submission Agents. The Anatomy of a Mail Message. Mail Addressing. Reading Mail Headers. Mail Philosophy. Using Mail Servers. Using Mail Homes. Using IMAP or POP. Mail Aliases. Getting Mailing Lists from Files. Mailing to Files. Mailing to Programs. Examples of Aliases. Mail Forwarding. The Hashed Alias Database. Mailing Lists and List Wrangling Software. LDAP: The Lightweight Directory Access Protocol. Sendmail: Ringmaster of the Electronic Mail Circus. The History of Sendmail. Vendor-Supplied Versions of Sendmail. Sendmail Installation. The Switch File. Modes of Operation. The Mail Queue. Sendmail Configuration. Using the M4 Preprocessor. The Sendmail Configuration Pieces. Building a Configuration File from a Sample .Mc File. Basic Sendmail Configuration Primitives. The VERSIONID Macro. The OSTYPE Macro. The DOMAIN Macro. The MAILER Macro. Fancier Sendmail Configuration Primitives. The FEATURE Macro. The Use_Cw_File Feature. The Redirect Feature. The Always_Add_Domain Feature. The Nocanonify Feature. Tables and Databases. The Mailertable Feature. The Genericstable Feature. The Virtusertable Feature. The Ldap_Routing Feature. Masquerading and the MASQUERADE_AS Macro. The MAIL_HUB and SMART_HOST Macros. Masquerading and Routing. The Nullclient Feature. The Local_Lmtp and Smrsh Features. The Local_Procmail Feature. The LOCAL_* Macros. Configuration Options. Configuration File Examples. A Computer Science Student's Home Machine. A Small but Sendmail-Clueful Company. Another Master/Client Example. Spam-Related Features in Sendmail. Relaying. The Access Database. Blacklisting Users or Sites. Header Checking. Handling Spam. Spam Examples. Security and Sendmail. Ownerships. Permissions. Safe Mail to Files and Programs. Privacy Options. Running a Chrooted Sendmail (for the Truly Paranoid). Denial of Service Attacks. Forgeries. Message Privacy. SASL: The Simple Authentication and Security Layer. Sendmail Statistics, Testing, and Debugging. Testing and Debugging. Verbose Delivery. Talking in SMTP. Logging. The Postfix Mail System. Postfix Architecture. Configuring Postfix. Spam Control. Postfix Examples. Recommended Reading.
20. Network Management and Debugging.
Troubleshooting a Network. Ping: Check to See If a Host Is Alive. Traceroute: Trace IP Packets. Netstat: Get Tons O' Network Statistics. Monitoring the Status of Network Connections. Inspecting Interface Configuration Information. Examining the Routing Table. Viewing Operational Statistics for Various Network Protocols. Packet Sniffers. Snoop: Solaris's Packet Sniffer. Nettl: HP-UX's Packet Sniffer. Tcpdump: King of Sniffers. Network Management Protocols. SNMP: The Simple Network Management Protocol. SNMP Organization. SNMP Protocol Operations. RMON: Remote Monitoring MIB. SNMP Agents. SNMP on Solaris. SNMP on HP-UX. The UCD SNMP Agent. Network Management Applications. The UCD SNMP Tools. MRTG: The Multi-Router Traffic Grapher. NOCOL: Network Operation Center Online. Commercial Management Platforms. Recommended Reading.
Seven Common-Sense Rules of Security. How Security Is Compromised. Security Problems in the /Etc/Passwd File. Password Checking and Selection. Shadow Passwords. Group Logins and Shared Logins. Password Aging. User Shells. Rootly Entries. Setuid Programs. Important File Permissions. Miscellaneous Security Issues. Remote Event Logging. Secure Terminals. /Etc/Hosts.Equiv and ~/.Rhosts. Rexd, Rexecd, and Tftpd. Fingerd. Security and NIS. Security and NFS. Security and Sendmail. Security and Backups. Trojan Horses. Security Power Tools. Nmap: Scan Network Ports. SAINT: Check Networked Systems for Vulnerabilities. Nessus: Next Generation Network Scanner. Crack: Find Insecure Passwords. Tcpd: Protect Internet Services. COPS: Audit System Security. Tripwire: Monitor Changes to System Files. Forensic Tools. Cryptographic Security Tools. Kerberos: A Unified Approach to Network Security. PGP: Pretty Good Privacy. SSH: The Secure Shell. SRP: Secure Remote Password. OPIE: One-Time Passwords in Everything. Firewalls. Packet-Filtering Firewalls. How Services Are Filtered. Service Proxy Firewalls. Stateful Inspection Firewalls. Firewalls: How Safe Are They? Sources of Security Information. CERT: A Registered Service Mark of Carnegie Mellon University. Securityfocus.Com and the Bugtraq Mailing List 678 SANS: The System Administration, Networking, and Security Institute. Vendor-Specific Security Resources. Other Mailing Lists and Web Sites. What to Do When Your Site Has Been Attacked. Recommended Reading.
22. Web Hosting and Internet Servers.
Web Hosting. Web Hosting Basics. Uniform Resource Locators. How HTTP Works. CGI Scripting: Generating Content on the Fly. Load Balancing. HTTP Server Installation. Choosing a Server. Compiling and Installing Apache. Configuring Apache. Running Apache. Virtual Interfaces. Configuring Virtual Interfaces. Telling Apache about a Virtual Interface. Caching and Proxy Servers. Setting Up Squid. Anonymous FTP Server Setup. Usenet News. Usenet News Feeds. Usenet Software. Whither Usenet News?
Mini-Glossary of Printing Terms. Types of Printers. Serial and Parallel Printers. Network Printers. Life without Postscript. BSD Printing. An Overview of the Printing Process. Controlling the Printing Environment. Lpd: The BSD Print Spooler. Lpr: Submit Print Jobs. Lpq: View the Printing Queue. Lprm: Remove Print Jobs. Lpc: Make Administrative Changes. The /Etc/Printcap File. Printcap Variables. Printcap Variables for Serial Devices. Printcap Extensions. Printing to Something Besides a Printer. System V Printing. Overview. Destinations and Classes. A Brief Description of Lp. Lpsched and Lpshut: Start and Stop Printing. Lpadmin: Configure the Printing Environment. Lpstat: Get Status Information. Cancel: Remove Print Jobs. Accept and Reject: Control Spooling. Enable and Disable: Control Printing. Lpmove: Transfer Jobs. Interface Programs. What to Do When the Lp System Is Completely Hosed. Adding a Printer. Adding Printers to Solaris. Adding Printers to HP-UX. Adding Printers to Red Hat Linux. Adding Printers to Freebsd. Lprng. The Lprng Commands. Obtaining and Installing Lprng. /Etc/Lpd.Conf: Configure Lpd. /Etc/Lpd.Perms: Configure Access Control. Setting Up the Printcap File. Filters. Accounting. Debugging Printing Problems. Common Printing Software. Rlpr. Ghostscript. Mpage. Enscript. Printer Philosophy. Use Printer Accounting. Use Banner Pages Only When Necessary. Provide Recycling Bins. Provide Previewers. Buy Cheap Printers. Keep Extra Toner Cartridges on Hand. Secure Your Printer.
24. Maintenance and Environment.
Maintenance Basics. Maintenance Contracts. On-Site Maintenance. Board Swap Maintenance. Warranties. Board-Handling Lore. Static Electricity. Reseating Boards. Monitors. Memory Modules. Preventive Maintenance. Environment. Temperature. Humidity. Office Cooling. Machine Room Cooling. Temperature Monitoring. Power. Remote Power Control. Racks. Tools.
25. Performance Analysis.
What You Can Do to Improve Performance. Factors That Affect Performance. System Performance Checkup. Analyzing CPU Usage. How UNIX Manages Memory. Analyzing Memory Usage. Analyzing Disk I/O. Virtual Adrian. Procinfo: Display Red Hat Performance Data. Pstat: Print Random Freebsd Statistics. Help! My System Just Got Really Slow! Recommended Reading.
26. Cooperating with Windows.
File and Print Sharing. NFS: The Network File System. CIFS: The Common Internet File System. Samba: CIFS for UNIX. Installing and Configuring Samba. Debugging Samba. Secure Terminal Emulation with SSH. X Windows Emulators. PC Mail Clients. PC Backups. Dual Booting. Running Windows Applications Under UNIX. PC Hardware Tips.
27. Policy and Politics.
Policy and Procedure. Security Policies. User Policy Agreements. Sysadmin Policy Agreements. Policy and Procedures for Emergency Situations. Disaster Planning. Miscellaneous Tidbits. Legal Issues. Liability. Encryption. Copyright. Privacy. Policy Enforcement. Software Licenses. Spam: Unsolicited Commercial Email. Sysadmin Surveys. SAGE Salary Survey. SANS Salary Survey. Scope of Service. Trouble-Reporting Systems. Managing Management. Hiring, Firing, and Training. Attitude Adjustment. Operator Wars. Iterative Refinement. War Stories and Ethics. Boss's Mistake #1. Boss's Mistake #2. Dan, Your New Name Is Lester. Which Ones to Fire. Horndog Joe. Wedding Invitations. Pornographic GIF Images. Migrating Data. Bill Must Die! Localization and Upgrades. Managing Software across Systems. Upgrades. Useful Third-Party Software. Local Documentation. Procurement. Decommissioning Hardware. Software Patents. Organizations, Conferences, and Other Resources. SAGE: The System Administrators' Guild. Mailing Lists and Web Resources. Printed Resources. Standards. Sample Documents. Recommended Reading.
Init: The Primordial Process. Cron: Schedule Commands. Inetd: Manage Daemons. Configuring Inetd. The Services File. Restarting Inetd. Securing Inetd. Portmap/Rpcbind: Map RPC Services to TCP and UDP Ports. System Daemons. The Paging Daemon. The Swapping Daemon. The Filesystem Synchronization Daemon. Printing Daemons. Lpd: Manage BSD-Style Printing. Lpsched: Manage ATT Printing. Rlpdaemon: Print from BSD to HP-UX. NFS Daemons. Nfsd: Serve Files. Mountd: Respond to Mount Requests. Amd and Automount: Mount Filesystems on Demand. Lockd and Statd: Manage NFS Locks. Biod: Cache NFS Blocks. NIS Daemons. Ypbind: Locate NIS Servers. Ypserv: NIS Server. Ypxfrd: Transfer NIS Databases. Rpc.Nisd: NIS+ Server. Internet Daemons. Talkd: Network Chat Service. Comsat: Notify Users of New Mail. Sendmail: Transport Electronic Mail. Snmpd: Provide Remote Network Management Service. Rwhod: Maintain Remote User List. Ftpd: File Transfer Server. Popper: Basic Mailbox Server. Imapd: Deluxe Mailbox Server. Rlogind: Remote Login Server. Telnetd: Yet Another Remote Login Server. Sshd: Secure Remote Login Server. Rshd: Remote Command Execution Server. Rexecd: Yet Another Command Execution Server. Rpc.Rexd: Yet a Third Command Execution Server. Routed: Maintain Routing Tables. Gated: Maintain Complicated Routing Tables. Named: DNS Server. Syslogd: Process Log Messages. Fingerd: Look Up Users. Httpd: World Wide Web Server. Time Synchronization Daemons. Timed: Synchronize Clocks. Xntpd: Synchronize Clocks Even Better. Booting and Configuration Daemons. Bootpd: Boot Server. Tftpd: Trivial File Transfer Server. Rarpd: Map Ethernet Addresses to IP Addresses. Bootparamd: Advanced Diskless Life Support. Dhcpd: Dynamic Address Assignment. Colophon.