Published by Addison-Wesley Professional (September 14, 2017) © 2018

Evi Nemeth | Garth Snyder | Trent Hein | Ben Whaley | Dan Mackin
    VitalSource eTextbook (Lifetime access)
    €43,99
    Adding to cart… The item has been added
    ISBN-13: 9780134278292

    UNIX and Linux System Administration Handbook ,5th edition

    Language: English

    “As an author, editor, and publisher, I never paid much attention to the competition—except in a few cases. This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against.”

    —Tim O’Reilly, founder of O’Reilly Media

     

    “This edition is for those whose systems live in the cloud or in virtualized data centers; those whose administrative work largely takes the form of automation and configuration source code; those who collaborate closely with developers, network engineers, compliance officers, and all the other worker bees who inhabit the modern hive.”

    —Paul Vixie, Internet Hall of Fame-recognized innovator and founder of ISC and Farsight Security

     

    “This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems’ history but doesn’t bloviate. It’s just straight-forward information delivered in a colorful and memorable fashion.”

    —Jason A. Nunnelley

     

    UNIX® and Linux® System Administration Handbook, Fifth Edition, is today’s definitive guide to installing, configuring, and maintaining any UNIX or Linux system, including systems that supply core Internet and cloud infrastructure.

     

    Updated for new distributions and cloud environments, this comprehensive guide covers best practices for every facet of system administration, including storage management, network design and administration, security, web hosting, automation, configuration management, performance analysis, virtualization, DNS, security, and the management of IT service organizations. The authors—world-class, hands-on technologists—offer indispensable new coverage of cloud platforms, the DevOps philosophy, continuous deployment, containerization, monitoring, and many other essential topics.

     

    Whatever your role in running systems and networks built on UNIX or Linux, this conversational, well-written ¿guide will improve your efficiency and help solve your knottiest problems.

    Tribute to Evi xl

    Preface xlii

    Foreword xliv

    Acknowledgments xlvi

     

    Section One: Basic Administration 1

     

    Chapter 1: Where to Start 3

    Essential duties of a system administrator 4

    Suggested background 7

    Linux distributions 8

    Example systems used in this book 9

    Notation and typographical conventions 12

    Units 13

    Man pages and other on-line documentation 14

    Other authoritative documentation 16

    Other sources of information 18

    Ways to find and install software 19

    Where to host 25

    Specialization and adjacent disciplines 26

    Recommended reading28

     

    Chapter 2: Booting and System Management Daemons 30

    Boot process overview 30

    System firmware 32

    Boot loaders 35

    GRUB: the GRand Unified Boot loader 35

    The FreeBSD boot process 39

    System management daemons .41

    systemd in detail 44

    FreeBSD init and startup scripts 57

    Reboot and shutdown procedures 59

    Stratagems for a nonbooting system 60

     

    Chapter 3: Access Control and Rootly Powers 65

    Standard UNIX access control 66

    Management of the root account69

    Extensions to the standard access control model 79

    Modern access control 83

    Recommended reading89

     

    Chapter 4: Process Control 90

    Components of a process 90

    The life cycle of a process 93

    ps: monitor processes 98

    Interactive monitoring with top101

    nice and renice: influence scheduling priority102

    The /proc filesystem 104

    strace and truss: trace signals and system calls 105

    Runaway processes 107

    Periodic processes109

     

    Chapter 5: The Filesystem 120

    Pathnames 122

    Filesystem mounting and unmounting 122

    Organization of the file tree125

    File types 126

    File attributes132

    Access control lists 140

     

    Chapter 6: Software Installation and Management 153

    Operating system installation 154

    Managing packages 162

    Linux package management systems 164

    High-level Linux package management systems 166

    FreeBSD software management175

    Software localization and configuration 178

    Recommended reading 181

     

    Chapter 7: Scripting and the Shell 182

    Scripting philosophy 183

    Shell basics 189

    sh scripting 198

    Regular expressions 209

    Python programming 215

    Ruby programming 223

    Library and environment management for Python and Ruby 229

    Revision control with Git 235

    Recommended reading 241

     

    Chapter 8: User Management 243

    Account mechanics 244

    The /etc/passwd file 245

    The Linux /etc/shadow file250

    FreeBSD's /etc/master.passwd and /etc/login.conf files 252

    The /etc/group file 254

    Manual steps for adding users 255

    Scripts for adding users: useradd, adduser, and newusers 260

    Safe removal of a user’s account and files264

    User login lockout265

    Risk reduction with PAM 266

    Centralized account management 266

     

    Chapter 9: Cloud Computing 270

    The cloud in context 271

    Cloud platform choices 273

    Cloud service fundamentals 276

    Clouds: VPS quick start by platform283

    Cost control 291

    Recommended Reading 293

     

    Chapter 10: Logging 294

    Log locations296

    The systemd journal 299

    Syslog 302

    Kernel and boot-time logging 318

    Management and rotation of log files 319

    Management of logs at scale 321

    Logging policies 323

     

    Chapter 11: Drivers and the Kernel 325

    Kernel chores for system administrators 326

    Kernel version numbering 327

    Devices and their drivers 328

    Linux kernel configuration339

    FreeBSD kernel configuration 344

    Loadable kernel modules 346

    Booting 348

    Booting alternate kernels in the cloud 355

    Kernel errors356

    Recommended reading 359

     

    Chapter 12: Printing 360

    CUPS printing 361

    CUPS server administration 365

    Troubleshooting tips 369

    Recommended reading 371

     

    Section Two: Networking 373

     

    Chapter 13: TCP/IP Networking 375

    TCP/IP and its relationship to the Internet 375

    Networking basics 378

    Packet addressing384

    IP addresses: the gory details 387

    Routing 398

    IPv4 ARP and IPv6 neighbor discovery 401

    DHCP: the Dynamic Host Configuration Protocol402

    Security issues 406

    Basic network configuration 410

    Linux networking417

    FreeBSD networking 425

    Network troubleshooting 428

    Network monitoring 437

    Firewalls and NAT 440

    Cloud networking448

    Recommended reading 457

     

    Chapter 14: Physical Networking 459

    Ethernet: the Swiss Army knife of networking460

    Wireless: Ethernet for nomads 469

    SDN: software-defined networking 473

    Network testing and debugging474

    Building wiring 475

    Network design issues476

    Management issues 478

    Recommended vendors 479

    Recommended reading 480

     

    Chapter 15: IP Routing 481

    Packet forwarding: a closer look482

    Routing daemons and routing protocols 485

    Protocols on parade 488

    Routing protocol multicast coordination490

    Routing strategy selection criteria 490

    Routing daemons492

    Cisco routers494

    Recommended reading 496

     

    Chapter 16: DNS: The Domain Name System 498

    DNS architecture 499

    DNS for lookups 500

    The DNS namespace 502

    How DNS works 503

    The DNS database512

    The BIND software 525

    Split DNS and the view statement 541

    BIND configuration examples 543

    Zone file updating547

    DNS security issues 551

    BIND debugging 568

    Recommended reading 576

     

    Chapter 17: Single Sign-On 578

    Core SSO elements 579

    LDAP: “lightweight” directory services 580

    Using directory services for login 586

    Alternative approaches594

    Recommended reading 595

     

    Chapter 18: Electronic Mail 596

    Mail system architecture 597

    Anatomy of a mail message600

    The SMTP protocol 603

    Spam and malware 605

    Message privacy and encryption 607

    Mail aliases 608

    Email configuration 612

    sendmail 613

    Exim 640

    Postfix 658

    Recommended reading 672

     

    Chapter 19: Web Hosting 674

    HTTP: the Hypertext Transfer Protocol 674

    Web software basics 682

    Web hosting in the cloud 694

    Apache httpd696

    NGINX 704

    HAProxy 710

    Recommended reading 714

     

    Section Three: Storage 715

     

    Chapter 20: Storage 717

    I just want to add a disk! 718

    Storage hardware 721

    Storage hardware interfaces 730

    Attachment and low-level management of drives 733

    The software side of storage: peeling the onion 739

    Disk partitioning 742

    Logical volume management 747

    RAID: redundant arrays of inexpensive disks 753

    Filesystems 762

    Traditional filesystems: UFS, ext4, and XFS 763

    Next-generation filesystems: ZFS and Btrfs 772

    ZFS: all your storage problems solved 773

    Btrfs: “ZFS lite” for Linux 783

    Data backup strategy 788

    Recommended reading 790

     

    Chapter 21: The Network File System 791

    Meet network file services 791

    The NFS approach794

    Server-side NFS 801

    Client-side NFS 807

    Identity mapping for NFS version 4 810

    nfsstat: dump NFS statistics 811

    Dedicated NFS file servers 812

    Automatic mounting 812

    Recommended reading 818

     

    Chapter 22: SMB 819

    Samba: SMB server for UNIX 820

    Installing and configuring Samba 821

    Mounting SMB file shares 825

    Browsing SMB file shares 826

    Ensuring Samba security 826

    Debugging Samba827

    Recommended reading 829

     

    Section Four: Operations 831

     

    Chapter 23: Configuration Management 833

    Configuration management in a nutshell834

    Dangers of configuration management 834

    Elements of configuration management 835

    Popular CM systems compared 841

    Introduction to Ansible 852

    Introduction to Salt 871

    Ansible and Salt compared 893

    Best practices895

    Recommended reading 899

     

    Chapter 24: Virtualization 900

    Virtual vernacular901

    Virtualization with Linux 905

    FreeBSD bhyve 910

    VMware910

    VirtualBox 911

    Packer 911

    Vagrant 913

    Recommended reading 914

     

    Chapter 25: Containers 915

    Background and core concepts 916

    Docker: the open source container engine 919

    Containers in practice937

    Container clustering and management 942

    Recommended reading 948

     

    Chapter 26: Continuous Integration and Delivery 949

    CI/CD essentials 951

    Pipelines 955

    Jenkins: the open source automation server 961

    CI/CD in practice964

    Containers and CI/CD978

    Recommended reading 980

     

    Chapter 27: Security 981

    Elements of security 983

    How security is compromised 983

    Basic security measures 987

    Passwords and user accounts 992

    Security power tools 996

    Cryptography primer1005

    SSH, the Secure SHell1016

    Firewalls 1027

    Virtual private networks (VPNs) 1030

    Certifications and standards 1031

    Sources of security information 1034

    When your site has been attacked 1037

    Recommended reading 1038

     

    Chapter 28: Monitoring 1040

    An overview of monitoring 1041

    The monitoring culture 1044

    The monitoring platforms1045

    Data collection 1051

    Network monitoring 1055

    Systems monitoring 1056

    Application monitoring 1059

    Security monitoring 1061

    SNMP: the Simple Network Management Protocol 1063

    Tips and tricks for monitoring1068

    Recommended reading 1069

     

    Chapter 29: Performance Analysis 1070

    Performance tuning philosophy 1071

    Ways to improve performance 1073

    Factors that affect performance 1074

    Stolen CPU cycles 1075

    Analysis of performance problems 1076

    System performance checkup 1077

    Help! My server just got really slow! 1088

    Recommended reading 1090

     

    Chapter 30: Data Center Basics 1091

    Racks1092

    Power 1092

    Cooling and environment1096

    Data center reliability tiers 1101

    Data center security 1102

    Tools 1103

    Recommended reading 1104

     

    Chapter 31: Methodology, Policy, and Politics 1105

    The grand unified theory: DevOps 1106

    Ticketing and task management systems 1111

    Local documentation maintenance1115

    Environment separation 1118

    Disaster management1119

    IT policies and procedures 1122

    Service level agreements 1125

    Compliance: regulations and standards 1127

    Legal issues 1131

    Organizations, conferences, and other resources 1133

    Recommended reading 1135

     

    Index 1136

    A Brief History of System Administration 1166

    Colophon 1176

    About the Contributors 1178

    About the Authors 1179