UNIX System Administration Handbook,9780130206015

UNIX System Administration Handbook

by ; ; ;
Edition: 3rd
ISBN13: 9780130206015
ISBN10: 0130206016
Format: Paperback
Pub. Date: 2000-08-29
Publisher(s): Prentice Hall
Upgraded Edition: Click here!
  • Free Shipping Icon

    This Item Qualifies for Free Shipping!*

    *Excludes marketplace orders.

List Price: $93.44

Rent Textbook

Select for Price
Add to Cart
There was a problem. Please try again later.

New Textbook

We're Sorry
Sold Out

Used Textbook

We're Sorry
Sold Out

eTextbook

We're Sorry
Not Available

Buy from our Marketplace starting at $3.54

How Marketplace Works:

  • This item is offered by an independent seller and not shipped from our warehouse
  • Item details like edition and cover design may differ from our description; see seller's comments before ordering.
  • Sellers much confirm and ship within two business days; otherwise, the order will be cancelled and refunded.
  • Marketplace purchases cannot be returned to eCampus.com. Contact the seller directly for inquiries; if no response within two days, contact customer service.
  • Additional shipping costs apply to Marketplace purchases. Review shipping costs at checkout.

Summary

This handbook is the fully updated, highly anticipated revision of the hands-down bestselling UNIX system administration guide. Better than ever, it's an indispensable tutorial for new UNIX/Linux systems. The authors have updated this classic with not just theory, but hundreds of war stories and great insights from those in the trenches.

Table of Contents

Foreword xxvi
Foreword to the Second Edition xxvii
Foreword to the First Edition xxix
Preface xxxi
Acknowledgments xxxiv
BASIC ADMINISTRATION
Where to Start
1(11)
Suggested background
2(1)
The sordid history of UNIX
2(1)
Example UNIX systems
3(1)
Notation and typographical conventions
4(1)
System-specific information
5(1)
How to use your manuals
5(3)
Organization of the man pages
6(1)
man: read manual pages
7(1)
Essential tasks of the system administrator
8(1)
Adding and removing users
8(1)
Adding and removing hardware
8(1)
Performing backups
8(1)
Installing new software
8(1)
Monitoring the system
9(1)
Troubleshooting
9(1)
Maintaining local documentation
9(1)
Auditing security
9(1)
Helping users
9(1)
How to find files on the Internet
9(1)
System administration under duress
10(1)
System Administration Personality Syndrome
10(1)
Recommended reading
11(1)
Booting and Shutting Down
12(25)
Bootstrapping
12(4)
Automatic and manual booting
13(1)
Steps in the boot process
13(1)
Kernel initialization
14(1)
Hardware configuration
14(1)
System processes
14(1)
Operator intervention (manual boot only)
15(1)
Execution of startup scripts
16(1)
Multiuser operation
16(1)
Booting PCs
16(6)
How a PC is different from proprietary hardware
17(1)
The PC boot process
17(1)
LILO: the Linux boot loader
18(1)
Configuring LILO
18(1)
The FreeBSD boot loader
19(1)
Multibooting on PCs
20(1)
Multibooting gotchas
20(1)
LILO multiboot configuration
21(1)
FreeBSD multiboot configuration
22(1)
Booting in single-user mode
22(2)
Solaris single-user mode
22(1)
HP-UX single-user mode
23(1)
Linux single-user mode
23(1)
FreeBSD single-user mode
24(1)
Startup scripts
24(9)
SystemV-style startup scripts
25(3)
Solaris startup scripts
28(1)
HP-UX startup scripts
28(2)
Red Hat startup scripts
30(2)
FreeBSD startup scripts
32(1)
Rebooting and shutting down
33(4)
Turning off the power
34(1)
shutdown: the genteel way to halt the system
34(1)
halt: a simpler way to shut down
35(1)
reboot: quick and dirty restart
35(1)
Sending init a TERM signal
36(1)
telinit: change init's run level
36(1)
Killing init
36(1)
Rootly Powers
37(8)
Ownership of files and processes
37(2)
The superuser
39(1)
Choosing a root password
39(1)
Becoming root
40(4)
su: substitute user identity
41(1)
sudo: a limited su
41(3)
Other pseudo-users
44(1)
daeman: owner of unprivileged system software
44(1)
bin: owner of the system commands
44(1)
sys: owner of the kernel and memory images
44(1)
nobody: the generic NFS user
44(1)
Controlling Processes
45(15)
Components of a process
45(2)
PID: process ID number
46(1)
PPID: parent PID
46(1)
UID and EUID: real and effective user ID
46(1)
GID and EGID: real and effective group ID
47(1)
Niceness
47(1)
Control terminal
47(1)
The life cycle of a process
47(1)
Signals
48(3)
kill: send signals
51(1)
Process states
51(1)
nice and renice: influence sheduling priority
52(1)
ps: monitor processes
53(4)
top: monitor processes even better
57(1)
Runaway processes
57(3)
The Filesystem
60(16)
Pathnames
61(1)
Mounting and unmounting filesystems
62(2)
The organization of the file tree
64(2)
File types
66(3)
Regular files
66(1)
Directories
66(1)
Character and block device files
67(1)
UNIX domain sockets
68(1)
Named pipes
68(1)
Symbolic links
68(1)
File attributes
69(7)
The setuid and setgid bits
69(1)
The sticky bit
69(1)
The permission bits
70(1)
Viewing file attributes
71(2)
FreeBSD bonus flags
73(1)
chmod: change permissions
73(1)
chown and chgrp: change ownerships
74(1)
umask: assign default permissions
75(1)
Adding New Users
76(17)
The/etc/passwd file
76(5)
Login name
77(1)
Encrypted password
78(1)
UID number
79(1)
Default GID number
79(1)
GECOS field
80(1)
Home directory
81(1)
Login shell
81(1)
The FreeBSD/etc/master.passwd file
81(1)
The FreeBSD/etc/login.conf file
82(1)
The Solaris and Red Hat/etc/shadow file
82(2)
The/etc/group file
84(1)
Adding users
85(5)
Editing the passwd and shadow files
86(1)
Setting an initial password
86(1)
Creating the user's home directory
87(1)
Copying in the default startup files
87(1)
Setting the user's mail home
88(1)
Editing the/etc/group file
88(1)
Setting disk quotas
89(1)
Verifying the new login
89(1)
Removing users
90(1)
Disabling logins
90(1)
Vendor-supplied account management utilities
91(2)
Serial Devices
93(25)
Serial standards
93(4)
Alternative connectors
97(4)
The mini DIN-8 variant
97(1)
The DB-9 variant
98(1)
The RJ-45 variant
99(1)
The Yost standard for RJ-45 wiring
99(2)
Hard and soft carrier
101(1)
Hardware flow control
102(1)
Cable length
102(1)
Serial device files
103(1)
Software configuration for serial devices
103(1)
Configuration of hardwired terminals
104(6)
The login process
105(1)
The/etc/ttys and/etc/ttytab files
106(1)
The /etc/ttytype file
106(1)
The/etc/gettytab file
107(1)
The/etc/inittab file
107(1)
The/etc/gettydefs file
108(1)
Solaris and sacadm
109(1)
Terminal support: the termcap and terminfo databases
109(1)
Special characters and the terminal driver
110(1)
stty: set terminal options
111(1)
tset: set options automatically
112(1)
How to unwedge a terminal
112(1)
Modems
113(2)
Modulation, error correction, and data compression protocols
113(1)
Dial-out configuration:/etc/phones and/etc/remote
114(1)
Bidirectional modems
115(1)
Debugging a serial line
115(1)
Other common I/O ports
116(2)
Parallel ports
116(1)
USB: the Universal Serial Bus
117(1)
Adding a Disk
118(39)
Disk interfaces
118(8)
The SCSI interface
120(4)
The IDE interface
124(2)
Which is better, SCSI or IDE?
126(1)
Disk geometry
126(2)
An overview of the disk installation procedure
128(8)
Connecting the disk
128(1)
Creating device entries
129(1)
Formatting the disk
129(1)
Labeling and partitioning the disk
130(1)
Establishing logical volumes
131(1)
Creating UNIX filesystems
132(1)
Setting up automatic mounting
133(3)
Enabling swapping
136(1)
fsck: check and repair filesystems
136(2)
Vendor specifics
138(19)
Adding a disk to Solaris
139(4)
Adding a disk to HP-UX
143(5)
Adding a disk to Red Hat Linux
148(5)
Adding a disk to FreeBSD
153(4)
Periodic Processes
157(7)
cron: schedule commands
157(1)
The format of crontab files
158(2)
Crontab management
160(1)
Some common uses for cron
160(2)
Cleaning the filesystem
161(1)
Network distribution of configuration files
162(1)
Rotating log files
162(1)
Vendor specifics
162(2)
Backups
164(40)
Motherhood and apple pie
165(4)
Perform all dumps from one machine
165(1)
Label your tapes
165(1)
Pick a reasonable backup interval
166(1)
Choose filesystems carefully
166(1)
Make daily dumps fit on one tape
166(1)
Make filesystems smaller than your dump device
167(1)
Keep tapes off-site
167(1)
Protect your backups
167(1)
Limit activity during dumps
167(1)
Check your tapes
168(1)
Develop a tape life cycle
169(1)
Design your data for backups
169(1)
Prepare for the worst
169(1)
Backup devices and media
169(6)
Floppy disks
170(1)
Super floppies
170(1)
CD-R and CD-RW
171(1)
Removable hard disks
171(1)
8mm cartridge tapes
171(1)
DAT (4mm) cartridge tapes
172(1)
Travan tapes
172(1)
OnStream ADR
172(1)
DLT
172(1)
AIT
173(1)
Mammoth
173(1)
Jukeboxes, stackers, and tape libraries
173(1)
Hard disks
174(1)
Summary of media types
174(1)
What to buy
174(1)
Setting up an incremental backup regime
175(5)
Dumping filesystems
176(3)
Dump sequences
179(1)
Restoring from dumps
180(4)
Restoring individual files
180(2)
Restoring entire filesystems
182(2)
Dumping and restoring for upgrades
184(1)
Using other archiving programs
184(2)
tar: package files
184(1)
cpio: SysV-ish archiving
185(1)
dd: twiddle bits
185(1)
volcopy: dupulicate filesystems
186(1)
Using multiple files on a single tape
186(1)
Amanda
187(15)
The architecture of Amanda
188(1)
Amanda setup
188(2)
The amanda.conf file
190(5)
The disklist file
195(1)
Amanda log files
196(1)
Amanda debugging
196(4)
File restoration from an Amanda backup
200(1)
Alternatives to Amanda: other open source backup packages
201(1)
Commercial backup products
202(1)
ADSM/TSM
202(1)
Veritas
202(1)
Legato
203(1)
Other alternatives
203(1)
Recommended reading
203(1)
Syslog and Log Files
204(20)
Logging policies
204(3)
Throwing away log files
204(1)
Rotating log files
205(1)
Archiving log files
206(1)
Finding log files
207(1)
Files NOT to manage
208(1)
Vendor specifics
209(1)
Syslog: the system event logger
210(12)
Configuring syslogd
211(2)
Red Hat enhancements to syslog
213(1)
FreeBSD enhancements to syslog
214(1)
Config the examples
215(2)
Sample syslog output
217(1)
Designing a logging scheme for your site
218(1)
Software that uses syslog
218(1)
Debugging syslog
219(1)
Using syslog from programs
220(2)
Condensing log files to useful information
222(2)
Drivers and the Kernel
224(37)
Kernel types
225(1)
Why configure the kernel?
226(1)
Confiruging a Solaris kernel
226(3)
The Solaris kernel area
227(1)
Configuring the kernel with/etc/system
228(1)
An example/etc/system file
228(1)
Debugging a Solaris configuration
229(1)
Building an HP-UX kernel
229(2)
Configuring a Linux kernel
231(2)
Building the Linux kernel binary
232(1)
Tuning your Linux configuration
233(1)
Building a FreeBSD kernel
233(4)
The master recipe for building a kernel
234(1)
Audit the system's hardware
235(1)
Create a configuration file in SYS/i386/conf
235(1)
Run config
236(1)
Run make depend
236(1)
Build the kernel
236(1)
Install the new kernel
237(1)
Test the new kernel
237(1)
Document the new kernel
237(1)
Creating a BSD configuration file
237(9)
The maxusers keyword
238(1)
The options keyword
239(1)
The config keyword
240(1)
Hardware devices
240(2)
The pseudo-device keyword
242(1)
A sample FreeBSD configuration file
243(1)
Tuning the FreeBSD kernel
244(2)
Adding device drivers
246(6)
Device numbers
247(1)
Adding a Solaris device driver
248(1)
Adding a Linux device driver
249(2)
Adding a FreeBSD device driver
251(1)
Device files
252(1)
Naming conventions for devices
252(1)
Loadable kernel modules
253(4)
Loadable kernel modules on Solaris
253(1)
Loadable kernel modules in Linux
254(2)
Loadable kernel modules in FreeBSD
256(1)
Recommended reading
257(4)
NETWORKING
TCP/IP Networking
261(81)
TCP/IP and the Internet
262(3)
A brief history sesson
262(1)
How the Internet is managed today
263(1)
Network standards and documentation
263(2)
Networking road map
265(1)
Packets and encapsulation
266(5)
The link layer
267(2)
Packet addressing
269(1)
Ports
270(1)
Address types
271(1)
IP addresses: the gory details
271(12)
IP address classes
272(1)
Subnetting and netmasks
272(3)
The IP address crisis
275(1)
CIDR: Classless Inter-Domain Routing
276(2)
Address allocation
278(1)
Private addresses and NAT
279(2)
IPv6 addressing
281(2)
Routing
283(2)
Routing tables
283(2)
ICMP redirects
285(1)
ARP: The address resolution protocol
285(2)
DHCP: the Dynamic Host Configuration Protocol
287(4)
DHCP software
288(1)
How DHCP works
288(1)
ISC's DHCP server
289(2)
PPP: the Point-to-Point Protocol
291(4)
Addressing PPP performance issues
292(1)
Connecting to a network with PPP
293(1)
Making your host speak PPP
293(1)
Controlling PPP links
293(1)
Finding a host to talk to
294(1)
Assigning an address
294(1)
Routing
294(1)
Ensuring security
294(1)
Using terminal servers
295(1)
Using chat scripts
295(1)
Security issues
295(3)
IP forwarding
295(1)
ICMP redirects
295(1)
Source routing
296(1)
Broadcast pings and other forms of directed broadcast
296(1)
UNIX-based firewalls
296(1)
Virtual private networks
296(1)
IPSEC: secure IP
297(1)
Addition of machines to a network
298(8)
Assigning hostnames and IP addresses
298(2)
ifconfig: configure network interfaces
300(2)
route: configure static routes
302(2)
Default routes
304(1)
Configuring DNS
304(2)
Vendor-specific network configuration
306(1)
Solaris network configuration
307(8)
Basic network configuration for Solaris
307(2)
Configuration examples for Solaris
309(1)
DHCP configuration for Solaris
310(1)
Dynamic reconfiguration and tuning for Solaris
311(2)
Security, firewalls, filtering, and NAT for Solaris
313(1)
PPP configuration for Solaris
314(1)
Networking quicks for Solaris
315(1)
HP-UX network configuration
315(7)
Basic network configuration for HP-UX
315(2)
Configuration examples for HP-UX
317(1)
DHCP configuration for HP-UX
318(1)
Dynamic reconfiguration and tuning for HP-UX
319(1)
Security, firewalls, filtering, and NAT for HP-UX
320(1)
PPP configuration for HP-UX
321(1)
Networking quirks for HP-UX
322(1)
Network configuration for Red Hat
322(8)
Basic network configuration for Red Hat
322(1)
Configuration examples for Red Hat
323(1)
DHCP configuration for Red Hat
324(1)
Dynamic reconfiguration and tuning for Red Hat
325(1)
Security, firewalls, filters, and NAT for Red Hat
326(3)
PPP configuration for Red Hat
329(1)
Networking quirks for Red Hat
329(1)
Network configuration for FreeBSD
330(10)
Basic network configuration for FreeBSD
330(1)
Configuration examples for FreeBSD
331(1)
DHCP configuration for FreeBSD
332(1)
Dynamic reconfiguration and tuning for FreeBSD
333(1)
Security, firewalls, filters, and NAT for FreeBSD
333(4)
PPP configuration for FreeBSD
337(3)
Networking quirks for FreeBSD
340(1)
Recommended reading
340(2)
Routing
342(30)
Packet forwarding: a closer look
343(2)
Routing daemons and routing protocols
345(4)
Distance-vector protocols
346(1)
Link-state protocols
347(1)
Cost metrics
348(1)
Interior and exterior protocols
348(1)
Protocols on parade
349(2)
RIP: Routing Information Protocol
349(1)
RIP-2: Routing Information Protocol, version 2
349(1)
OSPF: Open Shortest Path First
350(1)
IGRP and EIGRP: Interior Gateway Routing Protocol
350(1)
IS-IS: the ISO ``standard''
351(1)
MOSPF, DVMRP, and PIM: multicast routing protocols
351(1)
Router Discovery Protocol
351(1)
routed: RIP yourself a new hole
351(1)
gated: a better routing daemon
352(14)
gated startup and control
353(1)
Tracing
353(1)
The gated configuration file
354(1)
Option configuration statements
355(1)
Network interface definitions
356(1)
Other miscellaneous definitions
357(1)
Protocol configuration for RIP
358(2)
Some preliminary background on OSPF
360(1)
Protocol configuration for OSPF
361(2)
Protocol configuration for ICMP redirects
363(1)
Static routes
363(1)
Exported routes
364(1)
A complete gated configuration example
364(2)
Vendor specifics
366(1)
Routing strategy selection criteria
367(1)
Cisco routers
368(3)
Recommended reading
371(1)
Network Hardware
372(20)
LAN, WAN, or MAN?
372(1)
Ethernet: the common LAN
373(7)
How Ethernet works
373(2)
Ethernet topology
375(1)
Unshielded twisted pair
375(2)
Connecting and expanding Ethernets
377(3)
FDDI: the disappointing and expensive LAN
380(1)
ATM: the promised (but sorely defeated) LAN
381(1)
Frame relay: the sacrificial WAN
382(1)
ISDN: the indigenous WAN
383(1)
DSL: the people's WAN
383(1)
Where is the network going?
384(1)
Network testing and debugging
385(1)
Building wiring
386(1)
UTP cabling options
386(1)
Connections to offices
386(1)
Wiring standards
386(1)
Network design issues
387(2)
Network architecture vs. building architecture
388(1)
Existing networks
388(1)
Expansion
388(1)
Congestion
389(1)
Maintenance and documentation
389(1)
Management issues
389(1)
Recommended vendors
390(1)
Cables and connectors
390(1)
Test equipment
391(1)
Routers/switches
391(1)
Recommended reading
391(1)
The Domain Name System
392(96)
DNS for the impatient: adding a new machine
392(2)
The history of DNS
394(1)
Who needs DNS?
395(1)
What's new in DNS
396(1)
The DNS namespace
397(5)
Masters of their domains
399(1)
Selecting a domain name
400(1)
Domain bloat
401(1)
Registering a second-level domain name
401(1)
Creating your own subdomains
401(1)
The BIND software
402(5)
Versions of BIND
402(1)
Finding out what version you have
403(1)
Components of BIND
404(1)
named: the BIND name server
404(1)
Authoritative and caching-only servers
404(2)
Recursive and nonrecursive servers
406(1)
The resolver library
407(1)
Shell interfaces to DNS
407(1)
How DNS works
407(3)
Delegation
407(2)
Caching and efficiency
409(1)
The extended DNS protocol
410(1)
BIND client issues
410(4)
Resolver configuration
411(2)
Resolver testing
413(1)
Impact on the rest of the system
414(1)
BIND server configuration
414(15)
Hardware requirements
414(1)
named startup
415(1)
Configuration files
415(2)
The include statement
417(1)
The options statement
417(5)
The acl statement
422(1)
The server statement
422(1)
The logging statement
423(1)
The zone statement
424(3)
The key statement
427(1)
The trusted-keys statement
427(1)
The controls statement
427(1)
The view statement
428(1)
BIND configuration examples
429(7)
A home Linux box
429(2)
A university department
431(3)
A web hosting company
434(2)
The DNS database
436(21)
Resource records
436(2)
The SOA record
438(2)
NS records
440(1)
A records
441(1)
PTR records
442(1)
MX records
443(2)
CNAME records
445(1)
The CNAME hack
445(2)
LOC records
447(1)
SRV records
448(1)
TXT records
449(1)
IPv6 resource records
450(1)
A6 records
450(1)
DNAME records
451(2)
Commands in zone files
453(2)
The localhost zone
455(1)
Glue records: links between zones
455(2)
Updating zone files
457(3)
Zone transfers
458(1)
Dynamic updates
459(1)
Security issues
460(9)
Access control lists revisited
460(2)
Confining named
462(1)
Secure server-to-server communication with TSIG and TKEY
462(2)
DNSSEC
464(4)
Microsoft bad, UNIX good
468(1)
Testing and debugging
469(10)
Logging
469(4)
Debug levels
473(1)
Debugging with ndc
473(2)
Debugging with nslookup, dig, and host
475(3)
Lame delegations
478(1)
Loose ends
479(2)
The hints file
479(1)
Localhost configuration
480(1)
Host management tools
481(1)
DNS for systems not on the Internet
481(1)
Vendor specifics
481(4)
Specific for Solaris
481(1)
Specifics for HP-UX
482(2)
Specifics for Red Hat Linux
484(1)
Specifics for FreeBSD
484(1)
Recommended reading
485(3)
Mailing lists and newsgroups
486(1)
Books and other documentation
486(1)
On-line resources
486(1)
The RFCs
486(2)
The Network File System
488(25)
General information about NFS
488(5)
NFS protocol versions
488(1)
Choice of transport
489(1)
WebNFS
489(1)
File locking
490(1)
Disk quotas
490(1)
Global UIDs and GIDs
490(1)
Root access and the nobody account
491(1)
Cookies and stateless mounting
491(1)
Naming conventions for shared filesystems
492(1)
Security and NFS
492(1)
Server-side NFS
493(7)
The share command and dfstab file (Solaris)
494(1)
The exportfs command and the exports file (HP-UX, Red Hat, FreeBSD)
495(4)
nfsd: serve files
499(1)
Client-side NFS
500(3)
biod and nfsiod: provide client-side caching
501(1)
Mounting remote filesystems
501(1)
Secure port restrictions
502(1)
nfsstat: dump NFS statistics
503(1)
Dedicated NFS file servers
503(1)
Automatic mounting
504(1)
automount: the original automounter
505(4)
Indirect maps
506(1)
Direct maps
506(1)
Master maps
507(1)
Executable maps
507(1)
Replicated filesystems using automount
508(1)
Automatic automounts
508(1)
Specifics for Red Hat Linux
509(1)
amd: a more sophisticated automounter
509(3)
amd maps
510(1)
Starting amd
511(1)
Stopping amd
512(1)
Recommended reading
512(1)
Sharing System Files
513(22)
What to share
514(1)
Copying files around
515(6)
rdist: push files
515(3)
rsync: push files more securely
518(1)
expect: pull files
519(2)
NIS: the Network Information Service
521(9)
Netgroups
522(1)
Prioritizing sources of administrative information
523(1)
Advantages and disadvantages of NIS
524(1)
How NIS works
525(2)
Setting up an NIS domain
527(2)
Vendor specifics
529(1)
NIS+: son of NIS
530(2)
LDAP: the Lightweight Directory Access Protocol
532(3)
LDAP documentation and specifications
533(1)
Hands-on LDAP
534(1)
Electronic Mail
535(90)
Mail systems
537(4)
User agents
538(1)
Transport agents
539(1)
Delivery agents
540(1)
Message stores
540(1)
Access agents
540(1)
Mail submission agents
540(1)
The anatomy of a mail message
541(5)
Mail addressing
542(1)
Reading mail headers
543(3)
Mail philosophy
546(4)
Using mail servers
547(2)
Using mail homes
549(1)
Using IMAP or POP
549(1)
Mail aliases
550(12)
Getting mailing lists from files
552(1)
Mailing to files
553(1)
Mailing to programs
553(1)
Examples of aliases
553(2)
Mail forwarding
555(2)
The hashed alias database
557(1)
Mailing lists and list wrangling software
557(3)
LDAP: the Lightweight Directory Access Protocol
560(2)
sendmail: ringmaster of the electronic mail circus
562(8)
The history of sendmail
563(1)
Vendor-supplied versions of sendmail
564(1)
sendmail installation
565(1)
The switch file
566(1)
Modes of operation
566(2)
The mail queue
568(2)
sendmail configuration
570(3)
Using the m4 preprocessor
570(2)
The sendmail configuration pieces
572(1)
Building a configuration file from a sample .mc file
572(1)
Basic sendmail configuration primitives
573(4)
The VERSIONID macro
574(1)
The OSTYPE macro
574(2)
The DOMAIN macro
576(1)
The MAILER macro
576(1)
Fancier sendmail configuration primitives
577(11)
The FEATURE macro
577(1)
The use_cw_file feature
578(1)
The redirect feature
578(1)
The always_add_domain feature
578(1)
The nocanonify feature
579(1)
Tables and databases
579(1)
The mailertable feature
580(1)
The genericstable feature
581(1)
The virtusertable feature
581(1)
The ladp_routing feature
582(1)
Masquerading and the MASQUERADE_AS macro
583(1)
The MAIL_HUB and SMART_HOST macros
584(1)
Masquerading and routing
585(1)
The nullclient feature
585(1)
The local_lmtp and smrsh features
586(1)
The local_procmail feature
587(1)
The LOCAL_* macros
587(1)
Configuration options
587(1)
Configuration file examples
588(7)
A computer science student's home machine
590(1)
A small but sendmail-clueful company
591(3)
Another master/client example
594(1)
Spam-related features in sendmail
595(12)
Relaying
597(2)
The access database
599(2)
Blacklisting users or sites
601(1)
Header checking
602(1)
Handling spam
603(1)
Spam examples
604(3)
Security and sendmail
607(7)
Ownerships
608(1)
Permissions
609(1)
Safe mail to files and programs
610(1)
Privacy options
610(1)
Running a chrooted sendmail (for the truly paranoid)
611(1)
Denial of service attacks
611(1)
Forgeries
612(1)
Message privacy
613(1)
SASL: the Simple Authentication and Security Layer
614(1)
sendmail statistics, testing, and debugging
614(4)
Testing and debugging
615(1)
Verbose delivery
615(2)
Talking in SMTP
617(1)
Logging
617(1)
The Postfix mail system
618(5)
Postfix architecture
618(1)
Configuring Postfix
619(2)
Spam control
621(1)
Postfix examples
622(1)
Recommended reading
623(2)
Network Management and Debugging
625(26)
Troubleshooting a network
626(1)
ping: check to see if a host is alive
627(2)
traceroute: trace IP packets
629(2)
netstat: get tons o' network statistics
631(5)
Monitoring the status of network connections
632(1)
Inspecting interface configuration information
633(1)
Examining the routing table
634(1)
Viewing operational statistics for various network protocols
635(1)
Packet sniffers
636(3)
snoop: Solaris's packet sniffer
637(1)
nettl: HP-UX's packet sniffer
638(1)
tcpdump: king of sniffers
638(1)
Network management protocols
639(1)
SNMP: the Simple Network Management Protocol
640(2)
SNMP organization
640(1)
SNMP protocol operations
641(1)
RMON: remote monitoring MIB
642(1)
SNMP agents
642(4)
SNMP on Solaris
643(1)
SNMP on HP-UX
643(2)
The UCD SNMP agent
645(1)
Network management applications
646(3)
The UCD SNMP tools
646(1)
MRTG: the Multi-Router Traffic Grapher
647(1)
NOCOL: Network Operation Center On-Line
648(1)
Commercial management platforms
648(1)
Recommended reading
649(2)
Security
651(33)
Seven common-sense rules of security
652(1)
How security is compromised
653(2)
Security problems in the/etc/passwd file
655(3)
Password checking and selection
655(1)
Shadow passwords
656(1)
Group logins and shared logins
657(1)
Password aging
657(1)
User shells
657(1)
Rootly entries
657(1)
Setuid programs
658(1)
Important file permissions
659(1)
Miscellaneous security issues
660(3)
Remote event logging
660(1)
Secure terminals
660(1)
/etc/hosts.equiv and ∼/.rhosts
660(1)
rexd, rexecd, and tftpd
661(1)
fingerd
661(1)
Security and NIS
661(1)
Security and NFS
662(1)
Security and sendmail
662(1)
Security and backups
662(1)
Trojan horses
662(1)
Security power tools
663(6)
nmap: scan network ports
663(2)
SAINT: check networked systems for vulnerabilities
665(1)
Nessus: next generation network scanner
665(1)
crack: find insecure passwords
666(1)
tcpd: protect Internet services
666(1)
COPS: audit system security
667(1)
tripwire: monitor changes to system files
668(1)
Forensic tools
669(1)
Cryptographic security tools
669(6)
Kerberos: a unified approach to network security
670(1)
PGP: Pretty Good Privacy
671(1)
SSH: the secure shell
672(2)
SRP: Secure Remote Password
674(1)
OPIE: One-time Passwords in Everything
674(1)
Firewalls
675(3)
Packet-filtering firewalls
675(1)
How services are filtered
675(1)
Service proxy firewalls
676(1)
Stateful inspection firewalls
677(1)
Firewalls: how safe are they?
677(1)
Sources of security information
678(2)
CERT: a registered service mark of Carnegie Mellon University
678(1)
SecurityFocus.com and the BugTraq mailing list
678(1)
SANS: the System Administration, Networking, and Security Institute
679(1)
Vendor-specific security resources
679(1)
Other mailing lists and web sites
680(1)
What to do when your site has been attacked
680(2)
Recommended reading
682(2)
Web Hosting and Internet Services
684(19)
Web hosting
684(1)
Web hosting basics
685(3)
Uniform resource locators
686(1)
How HTTP works
687(1)
GGI scripting: generating content on the fly
687(1)
Load balancing
688(1)
HTTP server installation
688(3)
Choosing a server
688(1)
Compiling and installing Apache
689(1)
Configuring Apache
690(1)
Running Apache
690(1)
Virtual interfaces
691(3)
Configuring virtual interfaces
692(2)
Telling Apache about a virtual interface
694(1)
Caching and proxy servers
694(2)
Setting up Squid
695(1)
Anonymous FTP server setup
696(2)
Unsnet news
698(5)
Usenet news feeds
698(1)
Usenet software
699(1)
Whither Usenet news?
700(3)
BUNCH O'STUFF
Printing
703(41)
Mini-glossary of printing terms
704(1)
Types of printers
705(2)
Serial and parallel printers
705(1)
Network printers
706(1)
Life without PostScript
706(1)
BSD printing
707(12)
An overview of the printing process
707(1)
Controlling the printing environment
708(1)
lpd: the BSD print spooler
709(1)
lpr: submit print jobs
709(1)
lpq: view the printing queue
709(1)
lprm: remove print jobs
710(1)
lpc: make administrative changes
710(2)
The/etc/printcap file
712(1)
printcap variables
713(4)
printcap variables for serial devices
717(1)
printcap extensions
718(1)
Printing to something besides a printer
719(1)
System V printing
719(9)
Overview
719(1)
Destinations and classes
719(1)
A brief description of Ip
720(1)
lpsched and lpshut: start and stop printing
721(1)
lpadmin: configure the printing environment
722(2)
lpstat: get status information
724(1)
cancel: remove print jobs
725(1)
accept and reject: control spooling
725(1)
enable and disable: control printing
726(1)
lpmove: transfer jobs
726(1)
Interface programs
726(1)
What to do when the lp system is completely hosed
727(1)
Adding a printer
728(7)
Adding printers to Solaris
729(2)
Adding printers to HP-UX
731(1)
Adding printers to Red Hat Linux
732(2)
Adding printers to FreeBSD
734(1)
LPRng
735(4)
The LPRng commands
735(1)
Obtaining and installing LPRng
736(1)
/etc/lpd.conf: configure lpd
737(1)
/etc/lpd.perms: configure access control
737(1)
Setting up the printcap file
738(1)
Filters
738(1)
Accounting
738(1)
Debugging printing problems
739(1)
Common printing software
740(1)
rlpr
740(1)
ghostscript
740(1)
mpage
740(1)
enscript
740(1)
Printer philosophy
741(3)
Use printer accounting
741(1)
Use banner pages only when necessary
741(1)
Provide recycling bins
741(1)
Provide previewers
741(1)
Buy cheap printers
742(1)
Keep extra toner cartridges on hand
742(1)
Secure your printer
742(2)
Maintenance and Environment
744(10)
Maintenance basics
744(1)
Maintenance contracts
745(1)
On-site maintenance
745(1)
Board swap maintenance
746(1)
Warranties
746(1)
Board-handling lore
746(1)
Static electricity
746(1)
Reseating boards
747(1)
Monitors
747(1)
Memory modules
747(1)
Preventive maintenance
748(1)
Environment
749(2)
Temperature
749(1)
Humidity
749(1)
Office cooling
749(1)
Machine room cooling
749(2)
Temperature monitoring
751(1)
Power
751(1)
Remote power control
752(1)
Racks
752(1)
Tools
753(1)
Performance Analysis
754(15)
What you can do to improve performance
755(1)
Factors that affect performance
756(1)
System performance checkup
757(9)
Analyzing CPU usage
757(3)
How UNIX managers memory
760(1)
Analyzing memory usage
761(2)
Analyzing disk I/O
763(2)
Virtual Adrian
765(1)
procifo: display Red Hat performance data
765(1)
pstat: print random FreeBSD statistics
766(1)
Help! My system just got really slow!
766(2)
Recommended reading
768(1)
Cooperating with Windows
769(9)
File and print sharing
769(4)
NFS: the Network File System
770(1)
CIFS: the Common Internet File System
770(1)
Samba: CIFS for UNIX
770(1)
Installing and configuring Samba
771(2)
Debugging Samba
773(1)
Secure terminal emulation with SSH
773(1)
X Windows emulators
774(1)
PC mail clients
775(1)
PC backups
775(1)
Dual booting
776(1)
Running Windows applications under UNIX
776(1)
PC hardware tips
776(2)
Policy and Politics
778(43)
Policy and procedure
779(8)
Security policies
781(1)
User policy agreements
782(2)
Sysadmin policy agreements
784(1)
Policy and procedures for emergency situations
784(1)
Disaster planning
785(2)
Miscellaneous tidbits
787(1)
Legal issues
787(6)
Liability
788(1)
Encryption
788(1)
Copyright
788(1)
Privacy
789(1)
Policy enforcement
790(2)
Software licenses
792(1)
Spam: unsolicited commercial email
792(1)
Sysadmin surveys
793(2)
SAGE salary survey
793(1)
SANS salary survey
794(1)
Scope of service
795(1)
Trouble-reporting systems
796(1)
Managing management
797(1)
Hiring, firing, and training
797(3)
Attitude adjustment
799(1)
Operator wars
799(1)
Iterative refinement
799(1)
War stories and ethics
800(5)
Boss's mistake #1
800(1)
Boss's mistake #2
801(1)
Dan, your new name is Lester
801(1)
Which ones to fire
802(1)
Horndog Joe
802(1)
Wedding invitations
803(1)
Pornographic GIF images
803(1)
Migrating data
803(1)
Bill must die!
804(1)
Localization and upgrades
805(4)
Managing software across systems
805(1)
Upgrades
806(2)
Useful third-party software
808(1)
Local documentation
809(2)
Procurement
811(1)
Decommissioning hardware
812(1)
Software patients
813(1)
Organizations, conferences, and other resources
814(3)
SAGE: the System Administrators' Guild
815(1)
Mailing lists and web resources
816(1)
Printed resources
817(1)
Standards
817(2)
Sample documents
819(1)
Recommended reading
820(1)
Daemons
821(15)
init: the primordial process
822(1)
cron: schedule commands
823(1)
inetd: manage daemons
823(4)
Configuring inetd
824(1)
The services file
825(1)
Restarting inetd
826(1)
Securing inetd
826(1)
portmap/rpcbind: map RPC services to TCP and UDP ports
826(1)
System daemons
827(1)
The paging daemon
827(1)
The swapping daemon
827(1)
The filesystem synchronization daemon
828(1)
Printing daemons
828(1)
lpd: manage BSD-style printing
828(1)
lpsched: manage ATT printing
828(1)
rlpademon: print from BSD to HP-UX
828(1)
NFS daemons
828(1)
nfsd: serve files
828(1)
mountd: respond to mount requests
829(1)
amd and automount: mount filesystems on demand
829(1)
lockd and statd: manage NFS locks
829(1)
biod: cache NFS blocks
829(1)
NIS daemons
829(1)
ypbind: locate NIS servers
829(1)
ypserv: NIS server
830(1)
ypxfrd: transfer NIS databases
830(1)
rpc.nisd: NIS+ server
830(1)
Internet daemons
830(3)
talkd: network chat service
830(1)
comsat: notify users of new mail
830(1)
sendmail: transport electronic mail
830(1)
snmpd: provide remote network management service
831(1)
rwhod: maintain remote user list
831(1)
ftpd: the transfer server
831(1)
popper: basic mailbox server
831(1)
imapd: deluxe mailbox server
831(1)
rlogind: remote login server
831(1)
telnetd: yet another remote login server
832(1)
sshd: secure remote login server
832(1)
rshd: remote command execution server
832(1)
rexecd: yet another command execution server
832(1)
rpc.rexd: yet a third command execution server
832(1)
routed: maintain routing tables
832(1)
gated: maintain complicated routing tables
832(1)
named: DNS server
833(1)
syslogd: process log messages
833(1)
fingerd: look up users
833(1)
httpd: World Wide Web server
833(1)
Time synchronization daemons
833(1)
timed: synchronize clocks
834(1)
xntpd: synchronize clocks even better
834(1)
Booting and configuration daemons
834(2)
bootpd: boot server
835(1)
tftpd: trivial file transfer server
835(1)
rarpd: map Ethernet addresses to IP addresses
835(1)
bootparamd: advanced diskless life support
835(1)
dchpd: dynsmic address assignment
835(1)
Colophon 836(1)
Index 837

Excerpts

Preface When we were writing the first edition of this book in the mid-1980s, we were eager to compare our manuscript with other books about UNIX system administration. To our delight, we could find only three. These days, you have your choice of at least fifty. Here are the features that distinguish our book: We take a practical approach. Our purpose is not to restate the contents of your manuals but rather to give you the benefit of our collective experience in system administration. This book contains numerous war stories and a wealth of pragmatic advice. We cover UNIX networking in detail. It is the most difficult aspect of UNIX system administration, and the area in which we think we can most likely be of help to you. We do not oversimplify the material. Our examples reflect true-life situations, with all their warts and unsightly complications. In most cases, the examples have been taken directly from production systems. We emphasize the use of software tools. Every piece of software mentioned in the text is either a standard UNIX tool or is freely available from the Internet--sometimes both, since many vendors don't do a perfect job of keeping up with new releases. We cover all the major variants of UNIX. Our four example systems There have historically been two main flavors of UNIX: one from AT&T (known generically as System V) and one from the University of California, Berkeley (known as BSD). Neither AT&T nor Berkeley is still active in the UNIX marketplace, but the terms "AT&T UNIX" and "Berkeley UNIX" live on.This book covers four different operating systems: Solaris 2.7 HP-UX 11.00 Red Hat Linux 6.2 FreeBSD 3.4 (and bits of 4.0) We chose these systems because they are among the most popular and because they illustrate a broad range of approaches to UNIX administration. The first two systems are similar to AT&T UNIX, FreeBSD is a direct descendant of Berkeley UNIX, and Red Hat Linux is something of a mix. We provide detailed information about each of these example systems for every topic that we discuss. Comments specific to a particular operating system are marked with the manufacturer's logo. There are many other versions of UNIX. Most fall within the range of variation defined by these four systems, but a few (such as AIX and SCO) are so beautifully strange that they must be taken on their own terms. The organization of this book This book is divided into three large chunks: Basic Administration, Networking, and Bunch o' Stuff. Basic Administration provides a broad overview of UNIX from a system administrator's perspective. The chapters in this section cover most of the facts and techniques needed to run a stand-alone UNIX system. The Networking section describes the protocols used on UNIX systems and the techniques used to set up, extend, and maintain networks. High-level network software is also covered here. Among the featured topics are the Domain Name System, the Network File System, routing, sendmail, and network management. Bunch o' Stuff includes a variety of supplemental information. Some chapters discuss optional software packages such as the UNIX printing system (or more accurately, systems ). Others give advice on topics ranging from hardware maintenance to the politics of running a UNIX installation. Contact information In this edition, we're pleased to welcome Adam Boggs, Rob Braun, Dan Crawl, Ned McClain, Lynda McGinley, and Todd Miller as contributing authors. We've turned to them for their deep knowledge in a variety of areas (and also for their ability to function amid the shifting sands of this book and its temperamental parents). Their contributions have greatly enriched the overall content of the book and the collective experience that we're able to share with you. Please send sug

An electronic version of this book is available through VitalSource.

This book is viewable on PC, Mac, iPhone, iPad, iPod Touch, and most smartphones.

By purchasing, you will be able to view this book online, as well as download it, for the chosen number of days.

Digital License

You are licensing a digital product for a set duration. Durations are set forth in the product description, with "Lifetime" typically meaning five (5) years of online access and permanent download to a supported device. All licenses are non-transferable.

More details can be found here.

A downloadable version of this book is available through the eCampus Reader or compatible Adobe readers.

Applications are available on iOS, Android, PC, Mac, and Windows Mobile platforms.

Please view the compatibility matrix prior to purchase.