Linux Administration Cookbook

Book Description

Over 100 recipes to get up and running with the modern Linux administration ecosystem

Key Features

  • Understand and implement the core system administration tasks in Linux
  • Discover tools and techniques to troubleshoot your Linux system
  • Maintain a healthy system with good security and backup practices

Book Description

Linux is one of the most widely used operating systems among system administrators,and even modern application and server development is heavily reliant on the Linux platform.

The Linux Administration Cookbook is your go-to guide to get started on your Linux journey. It will help you understand what that strange little server is doing in the corner of your office, what the mysterious virtual machine languishing in Azure is crunching through, what that circuit-board-like thing is doing under your office TV, and why the LEDs on it are blinking rapidly.

This book will get you started with administering Linux, giving you the knowledge and tools you need to troubleshoot day-to-day problems, ranging from a Raspberry Pi to a server in Azure, while giving you a good understanding of the fundamentals of how GNU/Linux works.

Through the course of the book, you'll install and configure a system, while the author regales you with errors and anecdotes from his vast experience as a data center hardware engineer, systems administrator, and DevOps consultant.

By the end of the book, you will have gained practical knowledge of Linux, which will serve as a bedrock for learning Linux administration and aid you in your Linux journey.

What you will learn

  • Install and manage a Linux server, both locally and in the cloud
  • Understand how to perform administration across all Linux distros
  • Work through evolving concepts such as IaaS versus PaaS, containers, and automation
  • Explore security and configuration best practices
  • Troubleshoot your system if something goes wrong
  • Discover and mitigate hardware issues, such as faulty memory and failing drives

Who this book is for

If you are a system engineer or system administrator with basic experience of working with Linux, this book is for you.

Publisher Resources

Download Example Code

Table of Contents

  1. Title Page
  2. Copyright and Credits
    1. Linux Administration Cookbook
  3. About Packt
    1. Why subscribe?
    2. Packt.com
  4. Contributors
    1. About the author
    2. About the reviewer
    3. Packt is searching for authors like you
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
      1. Download the example code files
      2. Download the color images
      3. Conventions used
    4. Sections
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    5. Get in touch
      1. Reviews
  6. Introduction and Environment Setup
    1. Introduction
    2. Understanding and choosing a distribution
      1. Ubuntu
      2. Debian
      3. CentOS – the one we'll mostly be using
      4. Red Hat Enterprise Linux
    3. Installing VirtualBox
      1. Installing VirtualBox on Ubuntu
        1. Command-line installation
        2. Graphical installation
      2. Installing VirtualBox on macOS
        1. Command-line installation
        2. Graphical installation
      3. Installing VirtualBox on Windows
        1. Graphical installation
    4. Installing our chosen distribution manually
      1. Obtaining our CentOS installation media
        1. Checking the checksum
      2. Setting up our VM
        1. VirtualBox main window
        2. CentOS installation
    5. Accessing and updating our VM
      1. Logging in from the VirtualBox window
      2. Logging in from the host Terminal
        1. Making sure sshd is running
        2. Making sure that VirtualBox lets us through
      3. Updating our VM
    6. Understanding how VMs differ
      1. dmidecode
      2. lshw
    7. Quick sudo explanation
    8. Using Vagrant to automatically provision VMs
      1. Kickstart
      2. Vagrant
    9. Anecdote – try, try, and try again
  7. Remote Administration with SSH
    1. Introduction
    2. Technical requirements
    3. Generating and using key pairs with ssh-keygen
      1. Getting ready
      2. How to do it…
        1. RSA example
        2. Ed25519 example
      3. How it works…
        1. The public and private key files
        2. The authorized_keys file
      4. There's more...
        1. To passphrase or not to passphrase
        2. Additional flags
      5. See also
    4. SSH client arguments and options
      1. Getting ready
      2. How to do it…
        1. SSH using hostnames instead of IPs
        2. SSHing to a different user
        3. SSHing to a different port
        4. SSHing to an IPv6 address
        5. SSHing before running a command
        6. SSH and X11 forwarding
      3. How it works…
      4. There's more…
      5. See also
    5. Using a client-side SSH configuration file
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    6. Modifying the server-side SSH configuration file
      1. Getting ready
      2. How to do it…
        1. Changing the default port
        2. Changing the listen address
        3. Changing the daemon logging level
        4. Disallowing root login
        5. Disabling passwords (force key use)
        6. Setting a message of the day (motd)
        7. The UseDNS setting
        8. AllowUsers
      3. How it works…
      4. There's more…
      5. See also
    7. Rotating host keys and updating known_hosts
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    8. Technical requirements
    9. Using local forwarding
      1. Getting ready
      2. How to do it…
        1. On the command line
        2. Using an SSH config file
      3. How it works…
      4. There's more…
        1. Watching our SSH session
        2. Connecting to systems beyond the remote host
      5. See also
    10. Using remote forwarding
      1. Getting ready
      2. How to do it…
        1. On the command line
        2. Using an SSH config file
      3. How it works…
      4. There's more…
      5. See also
    11. ProxyJump and bastion hosts
      1. Getting ready
      2. How to do it…
        1. Using an SSH config file
      3. How it works…
      4. There's more…
        1. Multiple hosts
        2. ProxyCommand
        3. Bastion hosts
    12. Using SSH to create a SOCKS Proxy
      1. Getting ready
      2. How to do it…
        1. On the command line
        2. Using an SSH config file
      3. How it works…
      4. There's more…
    13. Understanding and using SSH agents
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
        1. ssh-add
        2. AddKeysToAgent
      5. See also
    14. Running multiple SSH servers on one box
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    15. Summary
  8. Networking and Firewalls
    1. Introduction
    2. Technical requirements
    3. Determining our network configuration
      1. Getting ready
      2. How to do it…
        1. Discerning the IP
        2. Discerning the IP (deprecated method)
        3. Discerning the gateway address
        4. Discerning the gateway address (deprecated method)
      3. How it works…
      4. There's more…
        1. Checking connectivity
        2. Checking what route our box will take
      5. See also
    4. More examples of using the ip suite
      1. Getting ready
      2. How to do it…
        1. Adding and removing an IP against an interface
        2. Shutting down and bringing up an interface administratively
        3. Adding a new route to our routing table
      3. How it works…
      4. There's more…
      5. See also
    5. Adding and configuring network interfaces
      1. Getting ready
      2. How to do it…
        1. Configuring a new interface
      3. How it works…
      4. There's more…
      5. See also
    6. Modern domain name resolution on Linux
      1. Getting ready
      2. How to do it…
        1. Querying a domain
        2. Checking the domain resolution settings
        3. Changing the domain resolution settings
      3. How it works…
      4. There's more…
      5. See also
    7. Configuring NTP and the problems we face
      1. Getting ready
      2. How to do it…
        1. Checking if NTP is running
        2. Checking if NTP traffic is flowing
        3. Enabling an NTP client
        4. Enabling an NTP server
      3. How it works…
      4. There's more…
      5. See also
    8. Listing firewall rules on the command line
      1. Getting ready
      2. How to do it…
        1. iptables
        2. firewall-cmd
        3. ufw
      3. How it works…
      4. There's more…
      5. See also
    9. Adding and removing firewall rules on the command line
      1. Getting ready
      2. How to do it…
        1. firewall-cmd
        2. iptables
        3. ufw
      3. How it works…
      4. There's more…
    10. Determining the running services and ports in use
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    11. Debugging with iftop
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    12. Summary
  9. Services and Daemons
    1. Introduction
    2. Technical requirements
    3. Determining running services
      1. How to do it…
      2. How it works…
      3. There's more…
      4. See also
    4. Listing installed services
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    5. Starting and stopping services
      1. How to do it…
        1. Stopping our service
        2. Starting our service
      2. How it works…
      3. There's more…
      4. See also
    6. Changing which services start and stop at boot
      1. Getting ready
      2. How to do it…
        1. Enabling our service
        2. Disabling our service
      3. How it works…
      4. There's more…
      5. See also
    7. Common services you might expect to see
      1. How to do it…
        1. auditd.service
        2. chronyd.service
        3. crond.service
        4. lvm2-*.service
        5. NetworkManager.service
        6. nfs.service
        7. postfix.service
        8. rsyslog.service
        9. sshd.service
        10. systemd-journald.service
        11. systemd-logind.service
      2. How it works…
      3. There's more…
      4. See also
    8. Understanding service unit files
      1. How to do it…
      2. How it works…
      3. There's more…
      4. See also
    9. Customizing systemd unit files
      1. How to do it…
      2. How it works…
      3. There's more…
      4. See also
    10. Testing running services
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    11. Writing a basic unit file
      1. How to do it…
      2. How it works…
      3. There's more…
      4. See also
    12. Working with systemd timers (and cron)
      1. How to do it…
        1. systemd timers
        2. cron
      2. How it works…
      3. There's more…
      4. See also
    13. Other init systems
      1. Getting ready
      2. How to do it…
        1. CentOS 6 and Upstart
        2. Debian 7 and SysV init
      3. How it works…
      4. There's more…
      5. See also
    14. Round-up – services and daemons
  10. Hardware and Disks
    1. Introduction
    2. Technical requirements
    3. Determining hardware
      1. Getting ready
      2. How to do it…
        1. lspci
        2. lshw
        3. /proc
        4. /sys
        5. dmesg (and the kernel logs)
        6. dmidecode
        7. /dev
      3. How it works…
    4. Testing hardware
      1. Getting ready
      2. How to do it…
        1. Self-monitoring, analysis, and reporting technology (SMART)
        2. hdparm
        3. Memory testing
      3. How it works…
      4. There's more…
    5. The role of the kernel
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    6. Disk configuration on Linux
      1. Getting ready
      2. How to do it…
        1. Listing disks with lsblk
        2. Listing mount points with df
        3. Listing filesystems with df
        4. Listing logical volume manager disks, volume groups, and logical volumes
          1. Physical disks
          2. Volume groups
          3. Logical volumes
        5. Listing swap
      3. How it works…
      4. There's more…
    7. The filesystem hierarchy
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    8. Configuring a blank disk and mounting it
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    9. Re-configuring a disk using LVM
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    10. Using systemd-mount and fstab
      1. Getting ready
      2. How to do it…
        1. fstab
        2. systemd-mount
      3. How it works…
      4. There's more…
      5. See also
    11. Disk encryption and working with encryption at rest
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    12. Current filesystem formats
      1. Getting ready
      2. How to do it…
      3. How it works…
    13. Upcoming filesystem formats
      1. Getting ready
      2. How to do it…
      3. How it works…
    14. Round-up – hardware and disks
  11. Security, Updating, and Package Management
    1. Introduction
    2. Technical requirements
    3. Checking package versions
      1. Getting ready
      2. How to do it…
        1. CentOS
        2. Debian
      3. How it works…
      4. There's more…
    4. Checking the OS version
      1. How to do it…
        1. CentOS
        2. Debian
        3. Ubuntu
      2. How it works…
      3. There's more…
      4. See also...
    5. Checking for updates
      1. How to do it…
        1. CentOS
        2. Debian
      2. How it works…
      3. There's more…
    6. Automating updates
      1. How to do it…
        1. CentOS
        2. Debian
      2. How it works…
      3. There's more…
        1. Automatic provisioning
    7. Checking mailing lists and errata pages
      1. Getting ready
      2. How to do it…
        1. Package changelogs
        2. Official sources and mailing Lists
        3. Other sources
      3. How it works…
      4. There's more…
    8. Using snaps
      1. How to do it…
        1. Searching out snaps
        2. Installing snaps
        3. Listing installed snaps
        4. Interacting with daemon snaps
        5. Removing snaps
      2. How it works…
      3. There's more…
      4. See also...
    9. Using Flatpak
      1. Getting ready
      2. How to do it…
        1. Searching for a package
        2. Installing our package
        3. Running our package
        4. Listing installed packages
        5. User installations
        6. Removing packages
      3. How it works…
      4. There's more…
      5. See also...
    10. Using Pip, RubyGems, and other package managers
      1. Getting ready
      2. How to do it…
        1. Pip
        2. RubyGems
      3. How it works…
      4. There's more…
        1. When to use programming-language package managers
        2. --user/ --system (pip) and --user-install (gem)
        3. Python virtualenv
      5. See also
    11. Dependency hell (a quick word)
      1. Getting ready
      2. How to do it…
        1. System-installed and third-party installed versions of Pip
        2. Dependency problems in conflicting Pip packages
        3. Apt's conflict solution
        4. Potential solutions
      3. How it works…
    12. Compiling from source
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also...
    13. Technical requirements
    14. Adding additional repositories
      1. Getting ready
      2. How to do it…
        1. CentOS – Adding the EPEL repository with epel-release
        2. CentOS – Adding the ELRepo repository by file
        3. Debian – Adding additional repositories
        4. Ubuntu – Adding PPAs
      3. How it works…
    15. Roundup – security, updating, and package management
  12. Monitoring and Logging
    1. Introduction
    2. Technical requirements
    3. Reading local logs
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    4. Using journalctl on systemd systems
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    5. Centralizing logging
      1. Getting ready
      2. How to do it…
        1. Remote logging with rsyslog – UDP example
        2. Remote logging with rsyslog – TCP example
        3. Remote logging with journald
      3. How it works…
      4. There's more…
    6. Local resource measuring tools
      1. Getting ready
      2. How to do it…
        1. top
        2. free
        3. htop
        4. NetData
      3. How it works…
      4. There's more…
    7. Local monitoring tools
      1. Getting ready
      2. How to do it…
        1. atop
        2. sar
        3. vmstat
      3. How it works…
    8. Remote monitoring tools
      1. Getting ready
      2. How to do it…
        1. Nagios
        2. Icinga2
      3. How it works…
      4. There's more…
      5. See also
    9. Centralizing logging with the Elastic Stack
      1. Getting ready
      2. How to do it…
        1. centos2
        2. debian1 and debian2
        3. Kibana
      3. How it works…
      4. There's more…
    10. Roundup – Monitoring and Logging
  13. Permissions, SELinux, and AppArmor
    1. Introduction
    2. Technical requirements
    3. Linux file permissions
      1. Getting ready
      2. How to do it…
      3. How it works…
        1. exampledir
        2. examplefile
      4. There's more…
        1. Root access to directories and files
        2. Other execute characters
    4. Modifying file permissions
      1. Getting ready
      2. How to do it…
        1. chown
        2. chmod
        3. chattr
      3. How it works…
        1. chown
        2. chmod
        3. chattr
      4. There's more…
        1. Avoiding octal notation (if you hate it) in chmod
        2. Hierarchical permissions
      5. See also
    5. Technical requirements
    6. Users and groups
      1. Getting ready
      2. How to do it…
        1. whoami
        2. Users on a system
        3. Groups on a system
        4. Daemons using users
      3. How it works…
      4. There's more…
    7. AppArmor and modification
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    8. SELinux and modification
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    9. Checking SELinux is running, and the importance of keeping it running
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    10. Resetting SELinux permissions
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    11. Roundup – permissions, SELinux, and AppArmor
  14. Containers and Virtualization
    1. Introduction
    2. Technical requirements
    3. What is a container?
      1. Getting ready
      2. How to do it…
      3. How it works…
        1. cgroups (Linux control groups)
        2. namespaces
        3. The breakdown of our creation
      4. There's more…
        1. The LXD daemon
      5. See also
    4. Installing Docker
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
        1. Slightly more
      5. See also
    5. Running your first Docker container
      1. Getting ready
      2. How to do it…
      3. How it works…
        1. Creating a container
        2. Listing our container
        3. Executing commands in our container
        4. Stopping our container
    6. Debugging a container
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    7. Searching for containers (and security)
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    8. What is virtualization?
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    9. Starting a QEMU machine with our VM
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    10. Using virsh and virt-install
      1. Getting ready
      2. How to do it…
        1. virt-install
        2. virsh
      3. How it works…
      4. There's more…
    11. Comparing the benefits of local installs, containers, and VMs
      1. Getting ready
      2. How to do it…
        1. Local Nginx install
        2. Docker Nginx install
        3. VM Nginx install
      3. How it works…
    12. Brief comparison of virtualization options (VMware, proxmox, and more)
      1. Getting ready
      2. How to do it…
        1. VMware ESXi
        2. Proxmox Virtual Environment
        3. OpenStack
      3. How it works…
    13. Roundup – containers and virtualization
  15. Git, Configuration Management, and Infrastructure as Code
    1. Introduction
    2. Technical requirements
    3. What is Git?
      1. Getting ready
      2. How to do it…
        1. Cloning
        2. Exploring and making changes
      3. How it works…
      4. There's more…
    4. Setting up a Git server
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    5. Committing to our Git repository
      1. Getting ready
      2. How to do it…
      3. How it works…
        1. Matching versus simple
    6. Branching our Git repository and committing changes
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    7. Installing Ansible
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
        1. The raw module
        2. The shell and command modules
      5. See also
    8. Using Ansible to install Java from a role
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    9. Storing our Ansible configuration in Git
      1. Getting ready
      2. How to do it…
      3. How it works…
    10. Exploring options for IaC
      1. Getting ready
      2. How to do it…
        1. Terraform
        2. Packer
      3. How it works…
      4. There's more…
      5. See also
    11. Roundup – Git, Configuration Management, and Infrastructure as Code
  16. Web Servers, Databases, and Mail Servers
    1. Introduction
    2. Technical requirements
    3. Installing and understanding a web server
      1. Getting ready
      2. How to do it…
        1. Installing httpd (Apache) on CentOS
        2. Installing Nginx on Debian
      3. How it works…
      4. There's more…
    4. Basic Apache configuration
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    5. Basic Nginx configuration
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
      5. See also
    6. SSL, TLS, and LetsEncrypt
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
        1. Let's Encrypt
        2. Work environment certificates
      5. See also
    7. Basic MySQL or MariaDB Installation
      1. Getting ready
      2. How to do it…
        1. Listing, creating, and selecting databases and tables
      3. How it works…
      4. There's more…
      5. See also
    8. Basic PostgreSQL installation
      1. Getting ready
      2. How to do it…
        1. Listing, creating, and selecting databases and tables
      3. How it works…
    9. Local MTA usage and configuration (Postfix)
      1. Getting ready
      2. How to do it…
        1. main.cf
        2. /etc/aliases
      3. How it works…
      4. There's more…
      5. See also
    10. Local MTA usage and configuration (Exim)
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    11. NoSQL documents (MongoDB example)
      1. Getting ready
      2. How to do it…
      3. How it works…
      4. There's more…
    12. NoSQL KV (Redis example)
      1. Getting ready
      2. How to do it…
      3. How it works…
    13. Messaging brokers and queues (RabbitMQ example)
      1. Getting ready
      2. How to do it…
      3. How it works…
    14. Roundup – web servers, databases, and mail servers
      1. Super personal preference time!
  17. Troubleshooting and Workplace Diplomacy
    1. Introduction
    2. Technical requirements
    3. What is troubleshooting?
      1. How to do it…
    4. Isolating the real issue
      1. Getting ready
      2. How to do it…
    5. Giving estimates and deciding on next steps
      1. Getting ready
      2. How to do it…
      3. There's more…
    6. Using ss, iftop, tcpdump, and others for network issues
      1. Getting ready
      2. How to do it…
        1. Ping
        2. ss
        3. iftop
        4. tcpdump
    7. Using cURL, wget, and OpenSSL for remote web issues
      1. Getting ready
      2. How to do it…
        1. cURL
        2. Wget
        3. OpenSSL
    8. Using iotop, top, and vmstat for local resource issues
      1. Getting ready
      2. How to do it…
        1. iotop
        2. top
        3. vmstat
    9. Using ps, lsof, Strace, and /proc for service issues
      1. Getting ready
      2. How to do it…
        1. ps
        2. lsof
        3. Strace
        4. /proc
    10. Making a copy of problems for later debugging
      1. Getting ready
      2. How to do it…
    11. Temporary solutions and when to invoke them
      1. How to do it…
    12. Handling irate developers
      1. How to do it…
    13. Handling irate managers
      1. How to do it…
    14. Handling irate business owners
      1. How to do it…
    15. Roundup - Troubleshooting and workplace diplomacy
      1. Don't trust time
      2. Don't overlook the simple
      3. On "cloud" deployments
      4. Learn from my mistakes
  18. BSDs, Solaris, Windows, IaaS and PaaS, and DevOps
    1. Introduction
    2. Determining the type of system you're on
      1. How to do it…
        1. uname
        2. The filesystem check
      2. How it works…
      3. There's more…
    3. Understanding how the BSDs differ
      1. The differences
        1. FreeBSD
        2. OpenBSD
    4. Understanding how Solaris and illumos differ
      1. The differences
        1. Oracle Solaris
        2. illumos
    5. Understanding how Windows differs
      1. The differences
    6. IaaS (Infrastructure as a Service)
      1. IaaS providers and features
    7. PaaS (Platform as a Service)
      1. PaaS providers and features
    8. The Ops versus DevOps Wars
      1. More of a skirmish, really
    9. Roundup – BSDs, Solaris, Windows, IaaS and PaaS, DevOps
  19. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think

Product Information

  • Title: Linux Administration Cookbook
  • Author(s): Adam K. Dean
  • Release date: December 2018
  • Publisher(s): Packt Publishing
  • ISBN: 9781789342529