book

Linux Server Hacks

by Rob Flickenger

January 2003

Intermediate to advanced

240 pages

5h 47m

English

O'Reilly Media, Inc.

Read now

Unlock full access

The Hacker Attitude1. 1. The world is full of fascinating problems waiting to be solved.2. 2. No problem should ever have to be solved twice.3. 3. Boredom and drudgery are evil.4. 4. Freedom is good.5. 5. Attitude is no substitute for competence.
How This Book is OrganizedHow to Use This BookConventions Used in This BookHow to Contact UsGotta Hack? CreditsAcknowledgments
1.1. Hacks #1-221. Removing Unnecessary Services1.1. See also: 2. Forgoing the Console Login3. Common Boot Parameters37. See also: 4. Creating a Persistent Daemon with init4.1. See also: 5. n>&m: Swap Standard Output and Standard Error6. Building Complex Command Lines6.1. Hacking the Hack7. Working with Tricky Files in xargs7.1. Listing: albumize8. Immutable Files in ext2/ext39. Speeding Up Compiles10. At Home in Your Shell Environment11. Finding and Eliminating setuid/setgid Binaries12. Make sudo Work Harder13. Using a Makefile to Automate Admin Tasks13.1. Listing: Makefile.mail13.2. Listing: Makefile.push14. Brute Forcing Your New Domain Name15. Playing Hunt the Disk Hog16. Fun with /proc17. Manipulating Processes Symbolically with procps17.1. See also: 18. Managing System Resources per Process18.1. See also: 19. Cleaning Up after Ex-Users20. Eliminating Unnecessary Drivers from the Kernel20.1. See also: 21. Using Large Amounts of RAM22. hdparm: Fine Tune IDE Drive Parameters
2.1. Hacks #23-3623. Getting Started with RCS24. Checking Out a Previous Revision in RCS25. Tracking Changes with rcs2log26. Getting Started with CVS26.1. Typical Uses26.2. Creating a Repository26.3. Importing a New Module26.4. Environment Variables26.5. See Also:27. CVS: Checking Out a Module28. CVS: Updating Your Working Copy29. CVS: Using Tags30. CVS: Making Changes to a Module31. CVS: Merging Files32. CVS: Adding and Removing Files and Directories32.1. Removing Files32.2. Removing Directories33. CVS: Branching Development34. CVS: Watching and Locking Files35. CVS: Keeping CVS Secure35.1. Remote Repositories35.2. Permissions35.3. Developer Machines36. CVS: Anonymous Repositories36.1. Creating an Anonymous Repository36.2. Installing pserver36.3. Using a Remote pserver
3.1. Hacks #37-4437. Backing Up with tar over ssh37.1. See also: 38. Using rsync over ssh38.1. See also: 39. Archiving with Pax39.1. Creating Archives39.2. Expanding Archives39.3. Interactive Restores39.4. Recursively Copy a Directory39.5. Incremental Backups39.6. Skipping Files on Restore39.7. See also: 40. Backing Up Your Boot Sector40.1. See also: 41. Keeping Parts of Filesystems in sync with rsync41.1. Listing: Balance-push.sh42. Automated Snapshot-Style Incremental Backups with rsync42.1. Extensions: Hourly, Daily, and Weekly Snapshots42.2. Listing: make_snapshot.sh42.3. Listing: Daily_snapshot_rotate.sh42.4. Sample Output of ls -l /snapshot/home42.5. See also: 43. Working with ISOs and CDR/CDRWs43.1. See also: 44. Burning a CD Without Creating an ISO File
4.1. Hacks #45-5345. Creating a Firewall from the Command Line of any Server45.1. See also: 46. Simple IP Masquerading46.1. See also: 47. iptables Tips & Tricks47.1. Advanced iptables Features47.2. See also: 48. Forwarding TCP Ports to Arbitrary Machines48.1. See also: 49. Using Custom Chains in iptables49.1. See also: 50. Tunneling: IPIP Encapsulation50.1. See also:51. Tunneling: GRE Encapsulation51.1. See also:52. Using vtun over ssh to Circumvent NAT52.1. See also: 53. Automatic vtund.conf Generator53.1. Listing: vtundconf
5.1. Hacks #54-6554. Steering syslog54.1. Mark Who?54.2. Remote Logging55. Watching Jobs with watch55.1. See also: 56. What’s Holding That Port Open?57. Checking On Open Files and Sockets with lsof57.1. See also:58. Monitor System Resources with top58.1. See also: 59. Constant Load Average Display in the Titlebar59.1. Listing: tl60. Network Monitoring with ngrep60.1. Listing: go-ogle60.2. See also: 61. Scanning Your Own Machines with nmap61.1. See also: 62. Disk Age Analysis62.1. Listing: diskage63. Cheap IP Takeover63.1. Listing: takeover63.2. See also: 64. Running ntop for Real-Time Network Stats64.1. See also: 65. Monitoring Web Traffic in Real Time with httptop65.1. Listing: httptop
6.1. Hacks #66-7166. Quick Logins with ssh Client Keys66.1. Security Concerns 66.2. See Also:67. Turbo-mode ssh Logins67.1. See also: 68. Using ssh-Agent Effectively69. Running the ssh-Agent in a GUI69.1. See Also:70. X over ssh70.1. See also: 71. Forwarding Ports over ssh71.1. See also:
7.1. Hacks #72-7572. Get Settled in Quickly with movein.sh72.1. Listing: movein.sh72.2. See also: 73. Global Search and Replace with Perl73.1. See also: 74. Mincing Your Data into Arbitrary Chunks (in bash)74.1. Listing: mince 75. Colorized Log Analysis in Your Terminal

8.1. Hacks #76-10076. Running BIND in a chroot Jail76.1. See also: 77. Views in BIND 977.1. Basic Syntax77.2. Defining Zones in Views77.3. Views in Slave Name Servers78. Setting Up Caching DNS with Authority for Local Domains78.1. See also: 79. Distributing Server Load with Round-Robin DNS79.1. See also: 80. Running Your Own Top-Level Domain81. Monitoring MySQL Health with mtop81.1. See also:82. Setting Up Replication in MySQL82.1. See also: 83. Restoring a Single Table from a Large MySQL Dump84. MySQL Server Tuning84.1. See also: 85. Using proftpd with a mysql Authentication Source85.1. See also: 86. Optimizing glibc, linuxthreads, and the Kernel for a Super MySQL Server86.1. Step 1: Build glib86.2. Step 2: The Kernel86.3. Step 3: Build a New MySQL86.4. Step 4: Expand the Maximum Filehandles at Boot87. Apache Toolbox87.1. See Also: 88. Display the Full Filename in Indexes89. Quick Configuration Changes with IfDefine90. Simplistic Ad Referral Tracking90.1. Listing: referral-report.pl91. Mimicking FTP Servers with Apache92. Rotate and compress Apache Server Logs92.1. Listing: logflume.pl93. Generating an SSL cert and Certificate Signing Request93.1. See also: 94. Creating Your Own CA94.1. See also: 95. Distributing Your CA to Client Browsers95.1. See also: 96. Serving multiple sites with the same DocumentRoot97. Delivering Content Based on the Query String Using mod_rewrite97.1. See also: 98. Using mod_proxy on Apache for Speed99. Distributing Load with Apache RewriteMap99.1. See Also: 100. Ultrahosting: Mass Web Site Hosting with Wildcards, Proxy, and Rewrite

Content preview from Linux Server Hacks

Preface

A hacker does for love what others would not do for money.

—/usr/games/fortune

The word hack has many connotations. A “good hack” makes the best of the situation of the moment, using whatever resources are at hand. An “ugly hack” approaches the situation in the most obscure and least understandable way, although many “good hacks” may also appear unintelligible to the uninitiated.

The effectiveness of a hack is generally measured by its ability to solve a particular technical problem, inversely proportional to the amount of human effort involved in getting the hack running. Some hacks are scalable and some are even sustainable. The longest running and most generally accepted hacks become standards and cause many more hacks to be invented. A good hack lasts until a better hack comes along.

A hack reveals the interface between the abstract and wonderfully complex mind of the designer, and the indisputable and vulgar experience of human needs. Sometimes, hacks may be ugly and only exist because someone had an itch that needed scratching. To the engineer, a hack is the ultimate expression of the Do-It-Yourself sentiment: no one understands how a hack came to be better than the person who felt compelled to solve the problem in the first place. If a person with a bent for problem solving thinks a given hack is ugly, then they are almost always irresistibly motivated to go one better — and hack the hack, something that we encourage the readers of this book to do.

In the end, even ...