O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

UNIX and Linux System Administration Handbook, 5th Edition

UNIX and Linux System Administration Handbook, 5th Edition

by Dan Mackin, Ben Whaley, Trent R. Hein, Garth Snyder, Evi Nemeth
Publisher: Addison-Wesley Professional
Release Date: September 2017
ISBN: 9780134278308
View table of contents
Start reading

Book Description

“As an author, editor, and publisher, I never paid much attention to the competition—except in a few cases. This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against.”

—Tim O’Reilly, founder of O’Reilly Media

“This edition is for those whose systems live in the cloud or in virtualized data centers; those whose administrative work largely takes the form of automation and configuration source code; those who collaborate closely with developers, network engineers, compliance officers, and all the other worker bees who inhabit the modern hive.”

—Paul Vixie, Internet Hall of Fame-recognized innovator and founder of ISC and Farsight Security

“This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems’ history but doesn’t bloviate. It’s just straight-forward information delivered in a colorful and memorable fashion.”

—Jason A. Nunnelley

UNIX® and Linux® System Administration Handbook, Fifth Edition, is today’s definitive guide to installing, configuring, and maintaining any UNIX or Linux system, including systems that supply core Internet and cloud infrastructure.

Updated for new distributions and cloud environments, this comprehensive guide covers best practices for every facet of system administration, including storage management, network design and administration, security, web hosting, automation, configuration management, performance analysis, virtualization, DNS, security, and the management of IT service organizations. The authors—world-class, hands-on technologists—offer indispensable new coverage of cloud platforms, the DevOps philosophy, continuous deployment, containerization, monitoring, and many other essential topics.

Whatever your role in running systems and networks built on UNIX or Linux, this conversational, well-written guide will improve your efficiency and help solve your knottiest problems.

Table of Contents

  1. Full Table of Contents
  2. Tribute to Evi
  3. Preface
  4. Foreword
  5. Acknowledgments
  6. Where to Start
    1. 1.1 Essential duties of a system administrator
    2. 1.2 Suggested background
    3. 1.3 Linux distributions
    4. 1.4 Example systems used in this book
    5. 1.5 Notation and typographical conventions
    6. 1.6 Units
    7. 1.7 Man pages and other on-line documentation
    8. 1.8 Other authoritative documentation
    9. 1.9 Other sources of information
    10. 1.10 Ways to find and install software
    11. 1.11 Where to host
    12. 1.12 Specialization and adjacent disciplines
    13. 1.13 Recommended reading
  7. Booting and System Management Daemons
    1. 2.1 Boot process overview
    2. 2.2 System firmware
    3. 2.3 Boot loaders
    4. 2.4 GRUB: the GRand Unified Boot loader
    5. 2.5 The FreeBSD boot process
    6. 2.6 System management daemons
    7. 2.7 systemd in detail
    8. 2.8 FreeBSD init and startup scripts
    9. 2.9 Reboot and shutdown procedures
    10. 2.10 Stratagems for a nonbooting system
  8. Access Control and Rootly Powers
    1. 3.1 Standard UNIX access control
    2. 3.2 Management of the root account
    3. 3.3 Extensions to the standard access control model
    4. 3.4 Modern access control
    5. 3.5 Recommended reading
  9. Process Control
    1. 4.1 Components of a process
    2. 4.2 The life cycle of a process
    3. 4.3 ps: monitor processes
    4. 4.4 Interactive monitoring with top
    5. 4.5 nice and renice: influence scheduling priority
    6. 4.6 The /proc filesystem
    7. 4.7 strace and truss: trace signals and system calls
    8. 4.8 Runaway processes
    9. 4.9 Periodic processes
  10. The Filesystem
    1. 5.1 Pathnames
    2. 5.2 Filesystem mounting and unmounting
    3. 5.3 Organization of the file tree
    4. 5.4 File types
    5. 5.5 File attributes
    6. 5.6 Access control lists
  11. Software Installation and Management
    1. 6.1 Operating system installation
    2. 6.2 Managing packages
    3. 6.3 Linux package management systems
    4. 6.4 High-level Linux package management systems
    5. 6.5 FreeBSD software management
    6. 6.6 Software localization and configuration
    7. 6.7 Recommended reading
  12. Scripting and the Shell
    1. 7.1 Scripting philosophy
    2. 7.2 Shell basics
    3. 7.3 sh scripting
    4. 7.4 Regular expressions
    5. 7.5 Python programming
    6. 7.6 Ruby programming
    7. 7.7 Library and environment management for Python and Ruby
    8. 7.8 Revision control with Git
    9. 7.9 Recommended reading
  13. User Management
    1. 8.1 Account mechanics
    2. 8.2 The /etc/passwd file
    3. 8.3 The Linux /etc/shadow file
    4. 8.4 FreeBSD's /etc/master.passwd and /etc/login.conf files
    5. 8.5 The /etc/group file
    6. 8.6 Manual steps for adding users
    7. 8.7 Scripts for adding users: useradd, adduser, and newusers
    8. 8.8 Safe removal of a user’s account and files
    9. 8.9 User login lockout
    10. 8.10 Risk reduction with PAM
    11. 8.11 Centralized account management
  14. Cloud Computing
    1. 9.1 The cloud in context
    2. 9.2 Cloud platform choices
    3. 9.3 Cloud service fundamentals
    4. 9.4 Clouds: VPS quick start by platform
    5. 9.5 Cost control
    6. 9.6 Recommended Reading
  15. Logging
    1. 10.1 Log locations
    2. 10.2 The systemd journal
    3. 10.3 Syslog
    4. 10.4 Kernel and boot-time logging
    5. 10.5 Management and rotation of log files
    6. 10.6 Management of logs at scale
    7. 10.7 Logging policies
  16. Drivers and the Kernel
    1. 11.1 Kernel chores for system administrators
    2. 11.2 Kernel version numbering
    3. 11.3 Devices and their drivers
    4. 11.4 Linux kernel configuration
    5. 11.5 FreeBSD kernel configuration
    6. 11.6 Loadable kernel modules
    7. 11.7 Booting
    8. 11.8 Booting alternate kernels in the cloud
    9. 11.9 Kernel errors
    10. 11.10 Recommended reading
  17. Printing
    1. 12.1 CUPS printing
    2. 12.2 CUPS server administration
    3. 12.3 Troubleshooting tips
    4. 12.4 Recommended reading
  18. TCP/IP Networking
    1. 13.1 TCP/IP and its relationship to the Internet
    2. 13.2 Networking basics
    3. 13.3 Packet addressing
    4. 13.4 IP addresses: the gory details
    5. 13.5 Routing
    6. 13.6 IPv4 ARP and IPv6 neighbor discovery
    7. 13.7 DHCP: the Dynamic Host Configuration Protocol
    8. 13.8 Security issues
    9. 13.9 Basic network configuration
    10. 13.10 Linux networking
    11. 13.11 FreeBSD networking
    12. 13.12 Network troubleshooting
    13. 13.13 Network monitoring
    14. 13.14 Firewalls and NAT
    15. 13.15 Cloud networking
    16. 13.16 Recommended reading
  19. Physical Networking
    1. 14.1 Ethernet: the Swiss Army knife of networking
    2. 14.2 Wireless: Ethernet for nomads
    3. 14.3 SDN: software-defined networking
    4. 14.4 Network testing and debugging
    5. 14.5 Building wiring
    6. 14.6 Network design issues
    7. 14.7 Management issues
    8. 14.8 Recommended vendors
    9. 14.9 Recommended reading
  20. IP Routing
    1. 15.1 Packet forwarding: a closer look
    2. 15.2 Routing daemons and routing protocols
    3. 15.3 Protocols on parade
    4. 15.4 Routing protocol multicast coordination
    5. 15.5 Routing strategy selection criteria
    6. 15.6 Routing daemons
    7. 15.7 Cisco routers
    8. 15.8 Recommended reading
  21. DNS: The Domain Name System
    1. 16.1 DNS architecture
    2. 16.2 DNS for lookups
    3. 16.3 The DNS namespace
    4. 16.4 How DNS works
    5. 16.5 The DNS database
    6. 16.6 The BIND software
    7. 16.7 Split DNS and the view statement
    8. 16.8 BIND configuration examples
    9. 16.9 Zone file updating
    10. 16.10 DNS security issues
    11. 16.11 BIND debugging
    12. 16.12 Recommended reading
  22. Single Sign-On
    1. 17.1 Core SSO elements
    2. 17.2 LDAP: “lightweight” directory services
    3. 17.3 Using directory services for login
    4. 17.4 Alternative approaches
    5. 17.5 Recommended reading
  23. Electronic Mail
    1. 18.1 Mail system architecture
    2. 18.2 Anatomy of a mail message
    3. 18.3 The SMTP protocol
    4. 18.4 Spam and malware
    5. 18.5 Message privacy and encryption
    6. 18.6 Mail aliases
    7. 18.7 Email configuration
    8. 18.8 sendmail
    9. 18.9 Exim
    10. 18.10 Postfix
    11. 18.11 Recommended reading
  24. Web Hosting
    1. 19.1 HTTP: the Hypertext Transfer Protocol
    2. 19.2 Web software basics
    3. 19.3 Web hosting in the cloud
    4. 19.4 Apache httpd
    5. 19.5 NGINX
    6. 19.6 HAProxy
    7. 19.7 Recommended reading
  25. Storage
    1. 20.1 I just want to add a disk!
    2. 20.2 Storage hardware
    3. 20.3 Storage hardware interfaces
    4. 20.4 Attachment and low-level management of drives
    5. 20.5 The software side of storage: peeling the onion
    6. 20.6 Disk partitioning
    7. 20.7 Logical volume management
    8. 20.8 RAID: redundant arrays of inexpensive disks
    9. 20.9 Filesystems
    10. 20.10 Traditional filesystems: UFS, ext4, and XFS
    11. 20.11 Next-generation filesystems: ZFS and Btrfs
    12. 20.12 ZFS: all your storage problems solved
    13. 20.13 Btrfs: “ZFS lite” for Linux
    14. 20.14 Data backup strategy
    15. 20.15 Recommended reading
  26. The Network File System
    1. 21.1 Meet network file services
    2. 21.2 The NFS approach
    3. 21.3 Server-side NFS
    4. 21.4 Client-side NFS
    5. 21.5 Identity mapping for NFS version 4
    6. 21.6 nfsstat: dump NFS statistics
    7. 21.7 Dedicated NFS file servers
    8. 21.8 Automatic mounting
    9. 21.9 Recommended reading
  27. SMB
    1. 22.1 Samba: SMB server for UNIX
    2. 22.2 Installing and configuring Samba
    3. 22.3 Mounting SMB file shares
    4. 22.4 Browsing SMB file shares
    5. 22.5 Ensuring Samba security
    6. 22.6 Debugging Samba
    7. 22.7 Recommended reading
  28. Configuration Management
    1. 23.1 Configuration management in a nutshell
    2. 23.2 Dangers of configuration management
    3. 23.3 Elements of configuration management
    4. 23.4 Popular CM systems compared
    5. 23.5 Introduction to Ansible
    6. 23.6 Introduction to Salt
    7. 23.7 Ansible and Salt compared
    8. 23.8 Best practices
    9. 23.9 Recommended reading
  29. Virtualization
    1. 24.1 Virtual vernacular
    2. 24.2 Virtualization with Linux
    3. 24.3 FreeBSD bhyve
    4. 24.4 VMware
    5. 24.5 VirtualBox
    6. 24.6 Packer
    7. 24.7 Vagrant
    8. 24.8 Recommended reading
  30. Containers
    1. 25.1 Background and core concepts
    2. 25.2 Docker: the open source container engine
    3. 25.3 Containers in practice
    4. 25.4 Container clustering and management
    5. 25.5 Recommended reading
  31. Continuous Integration and Delivery
    1. 26.1 CI/CD essentials
    2. 26.2 Pipelines
    3. 26.3 Jenkins: the open source automation server
    4. 26.4 CI/CD in practice
    5. 26.5 Containers and CI/CD
    6. 26.6 Recommended reading
  32. Security
    1. 27.1 Elements of security
    2. 27.2 How security is compromised
    3. 27.3 Basic security measures
    4. 27.4 Passwords and user accounts
    5. 27.5 Security power tools
    6. 27.6 Cryptography primer
    7. 27.7 SSH, the Secure SHell
    8. 27.8 Firewalls
    9. 27.9 Virtual private networks (VPNs)
    10. 27.10 Certifications and standards
    11. 27.11 Sources of security information
    12. 27.12 When your site has been attacked
    13. 27.13 Recommended reading
  33. Monitoring
    1. 28.1 An overview of monitoring
    2. 28.2 The monitoring culture
    3. 28.3 The monitoring platforms
    4. 28.4 Data collection
    5. 28.5 Network monitoring
    6. 28.6 Systems monitoring
    7. 28.7 Application monitoring
    8. 28.8 Security monitoring
    9. 28.9 SNMP: the Simple Network Management Protocol
    10. 28.10 Tips and tricks for monitoring
    11. 28.11 Recommended reading
  34. Performance Analysis
    1. 29.1 Performance tuning philosophy
    2. 29.2 Ways to improve performance
    3. 29.3 Factors that affect performance
    4. 29.4 Stolen CPU cycles
    5. 29.5 Analysis of performance problems
    6. 29.6 System performance checkup
    7. 29.7 Help! My server just got really slow!
    8. 29.8 Recommended reading
  35. Data Center Basics
    1. 30.1 Racks
    2. 30.2 Power
    3. 30.3 Cooling and environment
    4. 30.4 Data center reliability tiers
    5. 30.5 Data center security
    6. 30.6 Tools
    7. 30.7 Recommended reading
  36. Methodology, Policy, and Politics
    1. 31.1 The grand unified theory: DevOps
    2. 31.2 Ticketing and task management systems
    3. 31.3 Local documentation maintenance
    4. 31.4 Environment separation
    5. 31.5 Disaster management
    6. 31.6 IT policies and procedures
    7. 31.7 Service level agreements
    8. 31.8 Compliance: regulations and standards
    9. 31.9 Legal issues
    10. 31.10 Organizations, conferences, and other resources
    11. 31.11 Recommended reading
  37. A Brief History of System Administration
  38. Colophon
  39. About the Contributors
  40. About the Authors
  41. Index