Linux系统管理技术手册(第二版)(英文版) pdf epub mobi txt 电子书 下载 2026

想要找书就要到 图书目录大全

立刻按 ctrl+D收藏本页

你会得到大惊喜!!

《Linux系统管理技术手册(第2版)(英文版)》(LAHv2)延续了该书第一版(LAH)以及《UNlX系统管理技术手册》(LISAFl)的讲解风格，以当前主流的5种Linux发行版本(Red Hat ES、SuSE、Debian、Fedora Core和Ubuntu)为例，把Linu×系统管理技术分为三个方面分别介绍。第一部分“基本管理技术”全面介绍了运行单机Linux系统涉及的各种管理知识和技术，如系统引导和关机、进程控制、文件系统管理、用户管理、设备管理、系统备份、软件配置以及cron和系统日志的管理使用等。第二部分“网络管理技术”从详细讲解TCP／IP协议基本原理开始，深入讨论了网络的两大基本应用——域名系统和路由技术，然后逐章讲解Linux上的各种Intemet关键应用，如电子邮件、NFS、文件共享、Web托管和Intemet服务，在这部分里还有专门的章节介绍网络硬件、网络管理与调试以及系统安全。第三部分“其他管理技术”包括了多种不容忽视的重要主题：X Wi rldow系统、打印系统、系统维护与环境、性能分析、与Wit‘idows系统的协作、串行设备、操作系统驱动程序和内核、系统守护进程以及政策与行政管理方面的知识等。《Linux系统管理技术手册(第2版)(英文版)》的几位作者是分别来自学术界、企业界以及职业培训领域的Li nLJx／LJNIx系统管理专家，这使得《Linux系统管理技术手册(第2版)(英文版)》从第1版开始，即成为全面、深入而且颇富实用性的Linux系统管理权威参考书。《Linux系统管理技术手册(第2版)(英文版)》适合于从Linux初学者到具有丰富经验的Linux专业技术人员使用。

Evi Nemeth已经从科罗拉多大学（University of Colorado）计算机科学系教师的岗位上退休了，但是她仍然在参与CAIDA的网络研究工作，CAIDA是圣地亚哥超级计算中心（San Diego Supercomputer Center）的Internet数据分析协作组织（Cooperative Association for Internet Data Analysis）

Garth Snyder曾经在NeXT和Sun公司工作过，他从斯沃索莫学院（Swarthmore College）获得了电机工程专业的学位，并且在罗彻斯特大学（University of Rochester）取得MD和MBA学位。

Trent R. Hein（trent@atrust.com）是Applied Trust Engineering公司的创办人之一，这是一家提供网络基础设施的安全和性能咨询服务的公司。Trent从科罗拉多大学（University of Colorado）获得了计算机科学专业学士学位。

SECTION ONE: BASIC ADMINISRATIONCHAPTER 1　WHERE TO START　3　Suggested background　4　Linux’s relationship to UNIX　4　Linux in historical context　5　Linux distributions　6　　So what’s the best distribution?　8　　Distribution-specific administration tools　9　Notation and typographical conventions　9　　System-specific information　10　Where to go for information　11　　Organization of the man pages　12　　man: read manual pages　13　　Other sources of Linux information　13　How to find and install software　14　Essential tasks of the system administrator　16　　Adding, removing, and managing user accounts　16　　Adding and removing hardware　16　　Performing backups　17　　Installing and upgrading software　17　　Monitoring the system　17　　Troubleshooting　17　　Maintaining local documentation　17　　Vigilantly monitoring security　17　　Helping users　18　System administration under duress　18　　System Administration Personality Syndrome　18　Recommended reading　19　Exercises　20CHAPTER 2　BOOTING AND SHUTTING DOWN　21　Bootstrapping　21　　Automatic and manual booting　22　　Steps in the boot process　22　　Kernel initialization　23　　Hardware configuration　23　　Kernel threads　23　　Operator intervention (manual boot only)　24　　Execution of startup scripts　25　　Multiuser operation　25　Booting PCs　25　Using boot loaders: LILO and GRUB　26　　GRUB: The GRand Unified Boot loader　26　　LILO: The traditional Linux boot loader　28　　Kernel options　29　　Multibooting on PCs　30　　GRUB multiboot configuration　30　　LILO multiboot configuration　31　Booting single-user mode　31　　Single-user mode with GRUB　32　　Single-user mode with LILO　32　Working with startup scripts　32　　init and run levels　33　　Red Hat and Fedora startup scripts　36　　SUSE startup scripts　38　　Debian and Ubuntu startup scripts　40　Rebooting and shutting down　40　　Turning off the power　41　　shutdown: the genteel way to halt the system　41　　halt: a simpler way to shut down　42　　reboot: quick and dirty restart　42　　telinit: change init’s run level　42　　poweroff: ask Linux to turn off the power　42　Exercises　43CHAPTER 3　ROOTLY POWERS　44　Ownership of files and processes　44　The superuser　46　Choosing a root password　47　Becoming root　48　　su: substitute user identity　48　　sudo: a limited su　48　Other pseudo-users　51　　bin: legacy owner of system commands　51　　daemon: owner of unprivileged system software　51　　nobody: the generic NFS user　51　Exercises　52CHAPTER 4　CONTROLLING PROCESSES　53　Components of a process　53　　PID: process ID number　54　　PPID: parent PID　54　　UID and EUID: real and effective user ID　54　　GID and EGID: real and effective group ID　55　　Niceness　55　　Control terminal　56　The life cycle of a process　56　Signals　57　kill and killall: send signals　60　Process states　60　nice and renice: influence scheduling priority　61　ps: monitor processes　62　top: monitor processes even better　65　The /proc filesystem　65　strace: trace signals and system calls　66　Runaway processes　67　Recommended reading　69　Exercises　69CHAPTER 5　THE FILESYSTEM　70　Pathnames　72　Filesystem mounting and unmounting　73　The organization of the file tree　75　File types　76　　Regular files　78　　The localhost zone　439　　A small security company　441　　The Internet Systems Consortium, isc.org　444　Starting named　446　Updating zone files　447　　Zone transfers　447　　Dynamic updates　448　Security issues　451　　Access control lists revisited　451　　Confining named　453　　Secure server-to-server communication with TSIG and TKEY　453　　DNSSEC　456　　Negative answers　463　　Microsoft and DNS　464　Testing and debugging　466　　Logging　466　　Sample logging configuration　470　　Debug levels　471　　Debugging with rndc　471　　BIND statistics　473　　Debugging with dig　473　　Lame delegations　475　　doc: domain obscenity control　476　　Other DNS sanity checking tools　478　　Performance issues　478　Distribution specifics　478　Recommended reading　481　　Mailing lists and newsgroups　481　　Books and other documentation　481　　On-line resources　482　　The RFCs　482　Exercises　482CHAPTER 16　THE NETWORK FILE SYSTEM　484　General information about NFS　484　　NFS protocol versions　484　　Choice of transport　485　　File locking　486　　Disk quotas　486　　Cookies and stateless mounting　486　　Naming conventions for shared filesystems　487　　Security and NFS　487　　Root access and the nobody account　488　Server-side NFS　489　　The exports file　490　　nfsd: serve files　492　Client-side NFS　492　　Mounting remote filesystems at boot time　495　　Restricting exports to insecure ports　495　nfsstat: dump NFS statistics　495　Dedicated NFS file servers　496　Automatic mounting　497　　automount: mount filesystems on demand　497　　The master file　498　　Map files　499　　Executable maps　499　Recommended reading　500　Exercises　501CHAPTER 17　SHARING SYSTEM FILES　502　What to share　503　nscd: cache the results of lookups　504　Copying files around　505　　rdist: push files　505　　rsync: transfer files more securely　508　　Pulling files　510　NIS: the Network Information Service　511　　Understanding how NIS works　512　　Weighing advantages and disadvantages of NIS　514　　Prioritizing sources of administrative information　515　　Using netgroups　517　　Setting up an NIS domain　517　　Setting access control options in /etc/ypserv.conf　519　　Configuring NIS clients　519　　NIS details by distribution　520　LDAP: the Lightweight Directory Access Protocol　520　　The structure of LDAP data　521　　The point of LDAP　522　　LDAP documentation and specifications　523　　OpenLDAP: LDAP for Linux　523　　NIS replacement by LDAP　525　　LDAP and security　526　Recommended reading　526　Exercises　527CHAPTER 18　ELECTRONIC MAIL　528　Mail systems　530　　User agents　531　　Transport agents　532　　Delivery agents　532　　Message stores　533　　Access agents　533　　Mail submission agents　533　The anatomy of a mail message　534　　Mail addressing　535　　Mail header interpretation　535　Mail philosophy　539　　Using mail servers　540　　Using mail homes　542　　Using IMAP or POP　542　Mail aliases　544　　Getting mailing lists from files　546　　Mailing to files　547　　Mailing to programs　547　　Aliasing by example　548　　Forwarding mail　549　　The hashed alias database　551　Mailing lists and list wrangling software　551　　Software packages for maintaining mailing lists　551　　LDAP: the Lightweight Directory Access Protocol　555　sendmail: ringmaster of the electronic mail circus　557　　Versions of sendmail　557　　sendmail installation from sendmail.org　559　　sendmail installation on Debian and Ubuntu systems　561　　The switch file　562　　Modes of operation　562　　The mail queue　563　sendmail configuration　565　　Using the m4 preprocessor　566　　The sendmail configuration pieces　567　　Building a configuration file from a sample .mc file　568　　Changing the sendmail configuration　569　Basic sendmail configuration primitives　570　　The VERSIONID macro　570　　The OSTYPE macro　570　　The DOMAIN macro　572　　The MAILER macro　573　Fancier sendmail configuration primitives 574　　The FEATURE macro　574　　The use_cw_file feature　574　　The redirect feature　575　　The always_add_domain feature　575　　The nocanonify feature　576　　Tables and databases　576　　The mailertable feature　578　　The genericstable feature　579　　The virtusertable feature　579　　The ldap_routing feature　580　　Masquerading and the MASQUERADE_AS macro　581　　The MAIL_HUB and SMART_HOST macros　583　　Masquerading and routing　583　　The nullclient feature　584　　The local_lmtp and smrsh features　585　　The local_procmail feature　585　　The LOCAL_* macros　586　　Configuration options　586　Spam-related features in sendmail　588　　Relaying　589　　The access database　591　　User or site blacklisting　594　　Header checking　595　　Rate and connection limits　596　　Slamming　597　　Miltering: mail filtering　597　　Spam handling　598　　SpamAssassin　598　　SPF and Sender ID　599　Configuration file case study　599　　Client machines at sendmail.com　599　　Master machine at sendmail.com　600　Security and sendmail　603　　Ownerships　603　　Permissions　604　　Safer mail to files and programs　605　　Privacy options　606　　Running a chrooted sendmail (for the truly paranoid)　607　　Denial of service attacks　608　　Forgeries　608　　Message privacy　610　　SASL: the Simple Authentication and Security Layer　610　sendmail performance　611　　Delivery modes　611　　Queue groups and envelope splitting　611　　Queue runners　613　　Load average controls　613　　Undeliverable messages in the queue　613　　Kernel tuning　614　sendmail statistics, testing, and debugging　615　　Testing and debugging　616　　Verbose delivery　617　　Talking in SMTP　618　　Queue monitoring　619　　Logging　619　The Exim Mail System　621　　History　621　　Exim on Linux　621　　Exim configuration　622　　Exim/sendmail similarities　622　Postfix　623　　Postfix architecture　623　　Receiving mail　624　　The queue manager　624　　Sending mail　625　　Security　625　　Postfix commands and documentation　625　　Configuring Postfix　626　　What to put in main.cf　626　　Basic settings　626　　Using postconf　627　　Lookup tables　627　　Local delivery　629　　Virtual domains　630　　Virtual alias domains　630　　Virtual mailbox domains　631　　Access control　632　　Access tables　633　　Authentication of clients　634　　Fighting spam and viruses　634　　Black hole lists　635　　SpamAssassin and procmail　636　　Policy daemons　636　　Content filtering　636　　Debugging　637　　Looking at the queue　638　　Soft-bouncing　638　　Testing access control 638　Recommended reading　639　Exercises　640CHAPTER 19　NETWORK MANAGEMENT AND DEBUGGING　643　Network troubleshooting　644　ping: check to see if a host is alive　645　traceroute: trace IP packets　647　netstat: get network statistics　649　　Inspecting interface configuration information　649　　Monitoring the status of network connections　651　　Identifying listening network services　652　　Examining the routing table　652　　Viewing operational statistics for network protocols　653　sar: inspect live interface activity　654　Packet sniffers　655　　tcpdump: king of sniffers　656　　Wireshark: visual sniffer　657　Network management protocols　657　SNMP: the Simple Network Management Protocol　659　　SNMP organization　659　　SNMP protocol operations　660　　RMON: remote monitoring MIB　661　The NET-SMNP agent　661　Network management applications　662　　The NET-SNMP tools　663　　SNMP data collection and graphing　664　　Nagios: event-based SNMP and service monitoring　665　　Commercial management platforms　666　Recommended reading　667　Exercises　668CHAPTER 20　SECURITY　669　Is Linux secure?　670　How security is compromised　671　　Social engineering　671　　Software vulnerabilities　672　　Configuration errors　673　Certifications and standards　673　　Certifications　674　　Standards　675　Security tips and philosophy　676　　Packet filtering　677　　Unnecessary services　677　　Software patches　677　　Backups　677　　Passwords　677Vigilance　677　　General philosophy　678　Security problems in /etc/passwd and /etc/shadow　678　　Password checking and selection　679　　Password aging　680　　Group logins and shared logins　680　　User shells　680　　Rootly entries　681　　PAM: cooking spray or authentication wonder?　681　POSIX capabilities　683　Setuid programs　683　Important file permissions　684　Miscellaneous security issues　685　　Remote event logging　685　　Secure terminals　685　　/etc/hosts.equiv and ~/.rhosts　685　　Security and NIS　685　　Security and NFS　686　　Security and sendmail　686　　Security and backups　686　　Viruses and worms　686　　Trojan horses　687　　Rootkits　688　Security power tools　688　　Nmap: scan network ports　688　　Nessus: next generation network scanner　690　　John the Ripper: find insecure passwords　690　　hosts_access: host access control　691　　Samhain: host-based intrusion detection　692　　Security-Enhanced Linux (SELinux)　693　Cryptographic security tools　694　　Kerberos: a unified approach to network security　695　　PGP: Pretty Good Privacy　696　　SSH: the secure shell　697　　One-time passwords　698　　Stunnel　699　Firewalls　701　　Packet-filtering firewalls　701　　How services are filtered　702　　Service proxy firewalls　703　　Stateful inspection firewalls　703　　Firewalls: how safe are they?　704　Linux firewall features: IP tables　704　Virtual private networks (VPNs)　708　　IPsec tunnels　709　　All I need is a VPN, right?　710　Hardened Linux distributions　710　What to do when your site has been attacked　710　Sources of security information　712　　CERT: a registered service mark of Carnegie Mellon University　712　　SecurityFocus.com and the BugTraq mailing list　713　　Crypto-Gram newsletter　713　　SANS: the System Administration, Networking, and Security Institute　713　　Distribution-specific security resources　713　　Other mailing lists and web sites　714　Recommended reading　715　Exercises　716CHAPTER 21　WEB HOSTING AND INTERNET SERVERS　719　Web hosting basics　720　　Uniform resource locators　720　　How HTTP works　720　　Content generation on the fly　722　　Load balancing　722　HTTP server installation　724　　Choosing a server　724　　Installing Apache　724　　Configuring Apache　726　　Running Apache　726　　Analyzing log files　727　　Optimizing for high-performance hosting of static content　727　Virtual interfaces　727　　Using name-based virtual hosts　728　　Configuring virtual interfaces　728　　Telling Apache about virtual interfaces　729　The Secure Sockets Layer (SSL)　730　　Generating a certificate signing request　731　　Configuring Apache to use SSL　732　Caching and proxy servers　733　　The Squid cache and proxy server　733　　Setting up Squid　734　Anonymous FTP server setup　734　Exercises　736SECTION THREE: BUNCH O' STUFFCHAPTER 22　THE X WINDOW SYSTEM　741　The X display manager　743　Running an X application　744　　The DISPLAY environment variable　744　　Client authentication　745　　X connection forwarding with SSH　747　X server configuration　748　　Device sections　750　　Monitor sections　750　　Screen sections　751　　InputDevice sections　752　　ServerLayout sections　753　Troubleshooting and debugging　754　　Special keyboard combinations for X　754　　When good X servers go bad　755　A brief note on desktop environments　757　　KDE　758　　GNOME　758　　Which is better, GNOME or KDE?　759　Recommended Reading　759　Exercises　759CHAPTER 23　PRINTING　761　Printers are complicated　762　Printer languages　763　　PostScript　763　　PCL　763　　PDF　764　　XHTML　764　　PJL　765　　Printer drivers and their handling of PDLs　765　CUPS architecture　767　　Document printing　767　　Print queue viewing and manipulation　767　　Multiple printers　768　　Printer instances　768　　Network printing　768　　The CUPS underlying protocol: HTTP　769　　PPD files　770　　Filters　771　CUPS server administration　772　　Network print server setup　773　　Printer autoconfiguration　774　　Network printer configuration　774　　Printer configuration examples　775　　Printer class setup　775　　Service shutoff　776　　Other configuration tasks　777　　Paper sizes　777　　Compatibility commands　778　　Common printing software　779　　CUPS documentation　780　Troubleshooting tips　780　　CUPS logging　781　　Problems with direct printing　781　　Network printing problems　781　　Distribution-specific problems　782　Printer practicalities　782　　Printer selection　782　　GDI printers　783　　Double-sided printing　783　　Other printer accessories　783　　Serial and parallel printers　784　　Network printers　784　Other printer advice　784　　Use banner pages only if you have to　784　　Provide recycling bins　785　　Use previewers　785　　Buy cheap printers　785　　Keep extra toner cartridges on hand　786　　Pay attention to the cost per page　786　　Consider printer accounting　787　　Secure your printers　787　Printing under KDE　788　　kprinter: printing documents　789　　Konqueror and printing　789　Recommended reading　790　Exercises　790CHAPTER 24　MAINTENANCE AND ENVIRONMENT　791　Hardware maintenance basics　791　Maintenance contracts　792　　On-site maintenance　792　　Board swap maintenance　792　　Warranties　793　Electronics-handling lore　793　　Static electricity　793　　Reseating boards　794　Monitors　794　Memory modules　794　Preventive maintenance　795　Environment　796　　Temperature　796　　Humidity　796　　Office cooling　796　　Machine room cooling　797　　Temperature monitoring　798　Power　798　Racks　799　Data center standards　800　Tools　800　Recommended reading　800　Exercises　802CHAPTER 25　PERFORMANCE ANALYSIS　803　What you can do to improve performance　804　Factors that affect performance　806　System performance checkup　807　　Analyzing CPU usage　807　　How Linux manages memory　809　　Analyzing memory usage　811　　Analyzing disk I/O　813　　Choosing an I/O scheduler　815　　sar: Collect and report statistics over time　816　　oprofile: Comprehensive profiler　817　Help! My system just got really slow!　817　Recommended reading　819　Exercises　819CHAPTER 26　COOPERATING WITH WINDOWS　821　Logging in to a Linux system from Windows　821　Accessing remote desktops　822　　Running an X server on a Windows computer　823　　VNC: Virtual Network Computing　824　　Windows RDP: Remote Desktop Protocol　824　Running Windows and Windows-like applications　825　　Dual booting, or why you shouldn’t　826　　The OpenOffice.org alternative　826　Using command-line tools with Windows　826　Windows compliance with email and web standards　827　Sharing files with Samba and CIFS　828　　Samba: CIFS server for UNIX　828　　Samba installation　829　　Filename encoding　830　　Network Neighborhood browsing　831　　User authentication　832　　Basic file sharing　833　　Group shares　833　　Transparent redirection with MS DFS　834　　smbclient: a simple CIFS client　835　　The smbfs filesystem　835　Sharing printers with Samba　836　　Installing a printer driver from Windows　838　　Installing a printer driver from the command line　839　Debugging Samba　840　Recommended reading　841　Exercises　842CHAPTER 27　SERIAL DEVICES　843　The RS-232C standard　844　Alternative connectors　847　　The mini DIN-8 variant　847　　The DB-9 variant　848　　The RJ-45 variant　849　　The Yost standard for RJ-45 wiring　850　Hard and soft carrier　852　Hardware flow control　852　Cable length　853　Serial device files　853　setserial: set serial port parameters　854　Software configuration for serial devices　855　Configuration of hardwired terminals　855　　The login process　855　　The /etc/inittab file　856　　Terminal support: the termcap and terminfo databases　858　Special characters and the terminal driver　859　stty: set terminal options　860　tset: set options automatically　861　　Directories　78　　Character and block device files　79　　Local domain sockets　80　　Named pipes　80　　Symbolic links　80　File attributes　81　　The permission bits　81　　The setuid and setgid bits　82　　The sticky bit　82　　Viewing file attributes　82　　chmod: change permissions　84　　chown: change ownership and group　86　　umask: assign default permissions　86　　Bonus flags　87　Access control lists　88　　ACL overview　88　　Default entries　91　Exercises　92CHAPTER 6　ADDING NEW USERS　93　The /etc/passwd file　93　　Login name　94　　Encrypted password　96　　UID (user ID) number　96　　Default GID number　97　　GECOS field　98　　Home directory　98　　Login shell　98　The /etc/shadow file　99　The /etc/group file　101　Adding users　102　　Editing the passwd and shadow files　103　　Editing the /etc/group file　104　　Setting an initial password　104　　Creating the user’s home directory　105　　Copying in the default startup files　105　　Setting the user’s mail home　106　　Verifying the new login　106　　Recording the user’s status and contact information　107　Removing users　107　Disabling logins　108　Managing accounts　108　Exercises　110CHAPTER 7　ADDING A DISK　111　Disk interfaces　111　　The PATA interface　112　　The SATA interface　114　　The SCSI interface　114　　Which is better, SCSI or IDE?　118　Disk geometry　119　Linux filesystems　120　Terminal unwedging　862　Modems　862　　Modulation, error correction, and data compression protocols　863　　minicom: dial out　864　　Bidirectional modems　864　Debugging a serial line　864　Other common I/O ports　865　　USB: the Universal Serial Bus　865　Exercises　866CHAPTER 28　DRIVERS AND THE KERNEL　868　Kernel adaptation　869　Drivers and device files　870　　Device files and device numbers　870　　Creating device files　871　　sysfs: a window into the souls of devices　872　　Naming conventions for devices　872　Why and how to configure the kernel　873　Tuning Linux kernel parameters　874　Building a Linux kernel　876　　If it ain’t broke, don’t fix it　876　　Configuring kernel options　876　　Building the kernel binary　878　Adding a Linux device driver　878　　Device awareness　880　Loadable kernel modules　880　Hot-plugging　882　Setting bootstrap options　883　Recommended reading　884　Exercises　884CHAPTER 29　DAEMONS　885　init: the primordial process　886　cron and atd: schedule commands　887　xinetd and inetd: manage daemons　887　　Configuring xinetd　888　　Configuring inetd　890　　The services file　892　　portmap: map RPC services to TCP and UDP ports　893　Kernel daemons　893　　klogd: read kernel messages　894　Printing daemons　894　　cupsd: scheduler for the Common UNIX Printing System　894　　lpd: manage printing　894　File service daemons　895　　rpc.nfsd: serve files　895　　rpc.mountd: respond to mount requests　895　　amd and automount: mount filesystems on demand　895　　rpc.lockd and rpc.statd: manage NFS locks　895　　rpciod: cache NFS blocks　896　　rpc.rquotad: serve remote quotas　896　　smbd: provide file and printing service to Windows clients　896　　nmbd: NetBIOS name server　896　Administrative database daemons　896　　ypbind: locate NIS servers　896　　ypserv: NIS server　896　　rpc.ypxfrd: transfer NIS databases　896　　lwresd: lightweight resolver library server　897　　nscd: name service cache daemon　897　Electronic mail daemons　897　　sendmail: transport electronic mail　897　　smtpd: Simple Mail Transport Protocol daemon　897　　popd: basic mailbox server　897　　imapd: deluxe mailbox server　897　Remote login and command execution daemons　898　　sshd: secure remote login server　898　　in.rlogind: obsolete remote login server　898　　in.telnetd: yet another remote login server　898　　in.rshd: remote command execution server　898　Booting and configuration daemons　898　　dhcpd: dynamic address assignment　899　　in.tftpd: trivial file transfer server　899　　rpc.bootparamd: advanced diskless life support　899　　hald: hardware abstraction layer (HAL) daemon　899　　udevd: serialize device connection notices　899　Other network daemons　900　　talkd: network chat service　900　　snmpd: provide remote network management service　900　　ftpd: file transfer server　900　　rsyncd: synchronize files among multiple hosts　900　　routed: maintain routing tables　900　　gated: maintain complicated routing tables　901　　named: DNS server　901　　syslogd: process log messages　901　　in.fingerd: look up users　901　　httpd: World Wide Web server　901　ntpd: time synchronization daemon　902　Exercises　903CHAPTER 30　MANAGEMENT, POLICY, AND POLITICS　904　Make everyone happy　904　Components of a functional IT organization　906　The role of management　907　　Leadership　907　　Hiring, firing, and personnel management 908　　Assigning and tracking tasks　911　　Managing upper management　913　　Conflict resolution　913　The role of administration　915　　Sales　915　　Purchasing　916　　Accounting　917　　Personnel　917　　Marketing　918　　Miscellaneous administrative chores　919　The role of development　919　　Architectural principles　920　　Anatomy of a management system　922　　The system administrator’s tool box　922　　Software engineering principles　923　The role of operations　924　　Aim for minimal downtime　925　　Document dependencies　925　　Repurpose or eliminate older hardware　926　The work of support　927　　Availability　927　　Scope of service　927　　Skill sets　929　　Time management　930　Documentation　930　　Standardized documentation 931　　Hardware labeling　933　　User documentation　934　Request-tracking and trouble-reporting systems　934　　Common functions of trouble ticket systems　935　　User acceptance of ticketing systems　935　　Ticketing systems　936　　Ticket dispatching　937　Disaster recovery　938　　Backups and off-line information　939　　Staffing your disaster　939　　Power and HVAC　940　　Network redundancy　941　　Security incidents　941　　Second-hand stories from the World Trade Center　942　Written policy　943　　Security policies　945　　User policy agreements　946　　Sysadmin policy agreements　948　Legal Issues　949　　Encryption　949　　Copyright　950　　Privacy　951　　Click-through EULAs　953　　Policy enforcement　953　　Control = liability　954　　Software licenses　955　　Regulatory compliance　956　Software patents　957　Standards　958　　LSB: the Linux Standard Base　959　　POSIX　959　　ITIL: the Information Technology Interface Library　960　　COBIT: Control Objectives for Information and related Technology　960　Linux culture　961　Mainstream Linux　962　Organizations, conferences, and other resources　964　　Conferences and trade shows　965　　LPI: the Linux Professional Institute　967　　Mailing lists and web resources　967　　Sysadmin surveys　968　Recommended Reading　968　　Infrastructure　968　　Management　969　　Policy and security　969　　Legal issues, patents, and privacy　969　　General industry news　970　Exercises　970INDEX　973ABOUT THE CONTRIBUTORS　999ABOUT THE AUTHORS　1001　　Ext2fs and ext3fs　120　　ReiserFS　121　　XFS and JFS　122　An overview of the disk installation procedure　122　　Connecting the disk　122　　Formatting the disk　123　　Labeling and partitioning the disk　124　　Creating filesystems within disk partitions　125　　Mounting the filesystems　126　　Setting up automatic mounting　127　　Enabling swapping　129　hdparm: set IDE interface parameters　129　fsck: check and repair filesystems　131　Adding a disk: a step-by-step guide　133　Advanced disk management: RAID and LVM　138　　Linux software RAID　139　　Logical volume management　139　　An example configuration with LVM and RAID　140　　Dealing with a failed disk　144　　Reallocating storage space　146　Mounting USB drives　147　Exercises　148CHAPTER 8　PERIODIC PROCESSES　150　cron: schedule commands　150　The format of crontab files　151　Crontab management　153　Some common uses for cron　154　　Cleaning the filesystem　154　　Network distribution of configuration files　155　　Rotating log files　156　Other schedulers: anacron and fcron　156　Exercises　157CHAPTER 9　BACKUPS　158　Motherhood and apple pie　159　　Perform all dumps from one machine　159　　Label your media　159　　Pick a reasonable backup interval　159　　Choose filesystems carefully　160　　Make daily dumps fit on one piece of media　160　　Make filesystems smaller than your dump device　161　　Keep media off-site　161　　Protect your backups　161　　Limit activity during dumps　162　　Verify your media　162　　Develop a media life cycle　163　　Design your data for backups　163　　Prepare for the worst　163　Backup devices and media　163　　Optical media: CD-R/RW, DVD±R/RW, and DVD-RAM　164　　Removable hard disks (USB and FireWire)　165　　Small tape drives: 8mm and DDS/DAT　166　　DLT/S-DLT　166　　AIT and SAIT　166　　VXA/VXA-X　167　　LTO　167　　Jukeboxes, stackers, and tape libraries　167　　Hard disks　168　　Summary of media types　168　　What to buy　168　Setting up an incremental backup regime with dump　169　　Dumping filesystems　169　　Dump sequences　171　Restoring from dumps with restore　173　　Restoring individual files　173　　Restoring entire filesystems　175　Dumping and restoring for upgrades　176　Using other archiving programs　177　　tar: package files　177　　cpio: archiving utility from ancient times　178　　dd: twiddle bits　178　Using multiple files on a single tape　178　Bacula　179　　The Bacula model　180　　Setting up Bacula　181　　Installing the database and Bacula daemons　181　　Configuring the Bacula daemons　182　　bacula-dir.conf: director configuration　183　　bacula-sd.conf: storage daemon configuration　187　　bconsole.conf: console configuration　188　　Installing and configuring the client file daemon　188　　Starting the Bacula daemons　189　　Adding media to pools　190　　Running a manual backup　190　　Running a restore job　192　　Monitoring and debugging Bacula configurations　195　　Alternatives to Bacula　197　Commercial backup products　197　　ADSM/TSM　197　　Veritas　198　　Other alternatives　198　Recommended reading　198　Exercises　198CHAPTER 10　SYSLOG AND LOG FILES　201　Logging policies　201　　Throwing away log files　201　　Rotating log files　202　　Archiving log files　204　Linux log files　204　　Special log files　206　　Kernel and boot-time logging　206　logrotate: manage log files　208　Syslog: the system event logger　209　　Alternatives to syslog　209　　Syslog architecture　210　　Configuring syslogd　210　　Designing a logging scheme for your site　214　　Config file examples　214　　Sample syslog output　216　　Software that uses syslog　217　　Debugging syslog　217　　Using syslog from programs　218　Condensing log files to useful information　220　Exercises　222CHAPTER 11　SOFTWARE AND CONFIGURATION MANAGEMENT　223　Basic Linux installation　223　　Netbooting PCs　224　　Setting up PXE for Linux　225　　Netbooting non-PCs　226Kickstart: the automated installer for 　　Enterprise Linux and Fedora　226　　AutoYaST: SUSE’s automated installation tool　230　　The Debian and Ubuntu installer　231　　Installing from a master system　232　Diskless clients　232　Package management　234　　Available package management systems　235　　rpm: manage RPM packages　235　　dpkg: manage Debian-style packages　237　High-level package management systems　237　　Package repositories　239　　RHN: the Red Hat Network　240　　APT: the Advanced Package Tool　241　　Configuring apt-get　242　　An example /etc/apt/sources.list file　243　　Using proxies to make apt-get scale　244　　Setting up an internal APT server　244　　Automating apt-get　245　　yum: release management for RPM　246　Revision control　247　　Backup file creation　247　　Formal revision control systems　248　　RCS: the Revision Control System　249　　CVS: the Concurrent Versions System　251　　Subversion: CVS done right　253　Localization and configuration　255　　Organizing your localization　256　　Testing　257　　Local compilation　258　　Distributing localizations　259　　Resolving scheduling issues　260　Configuration management tools　260　　cfengine: computer immune system　260　　LCFG: a large-scale configuration system　261　　The Arusha Project (ARK)　261　　Template Tree 2: cfengine helper　262　　DMTF/CIM: the Common Information Model　262　Sharing software over NFS　263　　Package namespaces　264　　Dependency management　265　　Wrapper scripts　265　　Implementation tools　266　Recommended software　266　Recommended reading　268　Exercises　268SECTION TWO: NETWORKINGCHAPTER 12　TCP/IP NETWORKING　271　TCP/IP and the Internet　272　　A brief history lesson　272　　How the Internet is managed today　273　　Network standards and documentation　274　Networking road map　275　Packets and encapsulation　276　　The link layer　277　　Packet addressing　279　　Ports　281　　Address types　281　IP addresses: the gory details　282　　IP address classes　282　　Subnetting and netmasks　282　　The IP address crisis　285　　CIDR: Classless Inter-Domain Routing　287　　Address allocation　288　　Private addresses and NAT　289　　IPv6 addressing　291　Routing　293　　Routing tables　294　　ICMP redirects　295　ARP: the address resolution protocol　296　Addition of a machine to a network　297　　Hostname and IP address assignment　298　　ifconfig: configure network interfaces　299　　mii-tool: configure autonegotiation and other media-specific options　302　　route: configure static routes　303　　Default routes　305　　DNS configuration　306　　The Linux networking stack　307　Distribution-specific network configuration　307　　Network configuration for Red Hat and Fedora　308　　Network configuration for SUSE　309　　Network configuration for Debian and Ubuntu　310　DHCP: the Dynamic Host Configuration Protocol　311　　DHCP software　312　　How DHCP works　312　　ISC’s DHCP server　313　Dynamic reconfiguration and tuning　314　Security issues　316　　IP forwarding　316　　ICMP redirects　317　　Source routing　317　　Broadcast pings and other forms of directed broadcast　317　　IP spoofing　317　　Host-based firewalls　318　　Virtual private networks　318　　Security-related kernel variables　319　Linux NAT　319　PPP: the Point-to-Point Protocol　320Addressing PPP performance 　　issues　321　　Connecting to a network with PPP　321　　Making your host speak PPP　321　　Controlling PPP links　321　　Assigning an address　322　　Routing　322　　Ensuring security　323　　Using chat scripts　323　　Configuring Linux PPP　323　Linux networking quirks　330　Recommended reading　331　Exercises　332CHAPTER 13　ROUTING　334　Packet forwarding: a closer look　335　Routing daemons and routing protocols　337　　Distance-vector protocols　338　　Link-state protocols　339　　Cost metrics　340　　Interior and exterior protocols　340　Protocols on parade　341　　RIP: Routing Information Protocol　341　　RIP-2: Routing Information Protocol, version 2　341　　OSPF: Open Shortest Path First　342　　IGRP and EIGRP: Interior Gateway Routing Protocol　342　　IS-IS: the ISO “standard”　343　　MOSPF, DVMRP, and PIM: multicast routing protocols　343　　Router Discovery Protocol　343　routed: RIP yourself a new hole　343　gated: gone to the dark side　344　Routing strategy selection criteria　344　Cisco routers　346　Recommended reading　348　Exercises　349CHAPTER 14　NETWORK HARDWARE　350　LAN, WAN, or MAN?　351　Ethernet: the common LAN　351　　How Ethernet works　351　　Ethernet topology　352　　Unshielded twisted pair　353　　Connecting and expanding Ethernets　355　Wireless: nomad’s LAN　359　　Wireless security　360　　Wireless switches　360　FDDI: the disappointing, expensive, and outdated LAN　361　ATM: the promised (but sorely defeated) LAN　362　Frame relay: the sacrificial WAN　363　ISDN: the indigenous WAN　364　DSL and cable modems: the people’s WAN　364　Where is the network going?　365　Network testing and debugging　366　Building wiring　366　　UTP cabling options　366　　Connections to offices　367　　Wiring standards　367　Network design issues　368　　Network architecture vs　building architecture　368　　Existing networks　369　　Expansion　369　　Congestion　369　　Maintenance and documentation　370　Management issues　370　Recommended vendors　371　　Cables and connectors　371　　Test equipment　371　　Routers/switches　372　Recommended reading　372　Exercises　372CHAPTER 15　DNS: THE DOMAIN NAME SYSTEM　373　DNS for the impatient: adding a new machine　374　The history of DNS　375　　BIND implementations　376　　Other implementations of DNS　376　Who needs DNS?　377　The DNS namespace　378　　Masters of their domains 381　　Selecting a domain name　382　　Domain bloat　382　　Registering a second-level domain name　383　　Creating your own subdomains　383　How DNS works　383　　Delegation　383　　Caching and efficiency　384　　The extended DNS protocol　386　What’s new in DNS　386　The DNS database　389　　Resource records　389　　The SOA record　392　　NS records　395　　A records　396　　PTR records　396　　MX records　397　　CNAME records　399　　The CNAME hack　400　　LOC records　401　　SRV records　402　　TXT records　403　　IPv6 resource records　404　　IPv6 forward records　404　　IPv6 reverse records　405　　Security-related records　405　　Commands in zone files　405　　Glue records: links between zones　407　The BIND software　409　　Versions of BIND　410　　Finding out what version you have　410　　Components of BIND　411　　named: the BIND name server　412　　Authoritative and caching-only servers　412　　Recursive and nonrecursive servers　413　　The resolver library　414　　Shell interfaces to DNS　415　Designing your DNS environment　415　　Namespace management　415　　Authoritative servers　416　　Caching servers　417　　Security　417　　Summing up　418　　A taxonomy of DNS/BIND chores　418　BIND client issues　418　　Resolver configuration　418　　Resolver testing　420　　Impact on the rest of the system　420　BIND server configuration　420　　Hardware requirements　421　　Configuration files　421　　The include statement　423　　The options statement　423　　The acl statement　429　　The key statement　430　　The trusted-keys statement　430　　The server statement　431　　The masters statement　432　　The logging statement　432　　The zone statement　432　　The controls statement　436　　Split DNS and the view statement　438　BIND configuration examples　439
· · · · · · (收起)