查看同类图书：科学技术»计算机/网络»操作系统»Linux»LINUX系统管理技术手册（第二版英文版）

LINUX系统管理技术手册（第二版英文版）

【作　者】：（美）内梅斯（Nemeth，E.），（美）斯奈德（Snyder，G.），（美）海因（Hein，T.R.）著

【丛编项】：典藏原版书苑

【装帧项】：平装 800*1000 1/16 / 1000

【出版项】：人民邮电出版社 / 2007-10-1

【ISBN号】：9787115164810 / 7115164819

【原书定价】：￥128.00　有4家书店打折销售　

【主题词】：计算机/网络－操作系统/系统开发－LINUX

书籍介绍

购买本书

【图书简介】
　　《Linux系统管理技术手册（第二版）》（LAHv2）延续了该书第一版（LAH）以及《UNlX系统管理技术手册》（LISAFl）的讲解风格，以当前主流的5种Linux发行版本（Red Hat ES、SuSE、Debian、Fedora Core和Ubuntu）为例，把Linu×系统管理技术分为三个方面分别介绍。第一部分“基本管理技术”全面介绍了运行单机Linux系统涉及的各种管理知识和技术，如系统引导和关机、进程控制、文件系统管理、用户管理、设备管理、系统备份、软件配置以及cron和系统日志的管理使用等。第二部分“网络管理技术”从详细讲解TCP／IP协议基本原理开始，深入讨论了网络的两大基本应用——域名系统和路由技术，然后逐章讲解Linux上的各种Intemet关键应用，如电子邮件、NFS、文件共享、Web托管和Intemet服务，在这部分里还有专门的章节介绍网络硬件、网络管理与调试以及系统安全。第三部分“其他管理技术”包括了多种不容忽视的重要主题：X Wi rldow系统、打印系统、系统维护与环境、性能分析、与Wit‘idows系统的协作、串行设备、操作系统驱动程序和内核、系统守护进程以及政策与行政管理方面的知识等。本书的几位作者是分别来自学术界、企业界以及职业培训领域的Li nLJx／LJNIx系统管理专家，这使得本书从第1版开始，即成为全面、深入而且颇富实用性的Linux系统管理权威参考书。本书适合于从Linux初学者到具有丰富经验的Linux专业技术人员使用。-读书网|DuShu.com

【本书目录】
SECTION ONE: BASIC ADMINISRATION
CHAPTER 1　WHERE TO START　3
　Suggested background　4
　Linux’s relationship to UNIX　4
　Linux in historical context　5
　Linux distributions　6
　　So what’s the best distribution?　8
　　Distribution-specific administration tools　9
　Notation and typographical conventions　9
　　System-specific information　10
　Where to go for information　11
　　Organization of the man pages　12
　　man: read manual pages　13
　　Other sources of Linux information　13
　How to find and install software　14
　Essential tasks of the system administrator　16
　　Adding, removing, and managing user accounts　16
　　Adding and removing hardware　16
　　Performing backups　17
　　Installing and upgrading software　17
　　Monitoring the system　17
　　Troubleshooting　17
　　Maintaining local documentation　17
　　Vigilantly monitoring security　17
　　Helping users　18　System administration under duress　18
　　System Administration Personality Syndrome　18
　Recommended reading　19
　Exercises　20
CHAPTER 2　BOOTING AND SHUTTING DOWN　21
　Bootstrapping　21
　　Automatic and manual booting　22
　　Steps in the boot process　22
　　Kernel initialization　23
　　Hardware configuration　23
　　Kernel threads　23
　　Operator intervention (manual boot only)　24
　　Execution of startup scripts　25
　　Multiuser operation　25
　Booting PCs　25
　Using boot loaders: LILO and GRUB　26
　　GRUB: The GRand Unified Boot loader　26
　　LILO: The traditional Linux boot loader　28
　　Kernel options　29
　　Multibooting on PCs　30
　　GRUB multiboot configuration　30
　　LILO multiboot configuration　31
　Booting single-user mode　31
　　Single-user mode with GRUB　32
　　Single-user mode with LILO　32
　Working with startup scripts　32
　　init and run levels　33
　　Red Hat and Fedora startup scripts　36
　　SUSE startup scripts　38
　　Debian and Ubuntu startup scripts　40
　Rebooting and shutting down　40
　　Turning off the power　41
　　shutdown: the genteel way to halt the system　41
　　halt: a simpler way to shut down　42
　　reboot: quick and dirty restart　42
　　telinit: change init’s run level　42
　　poweroff: ask Linux to turn off the power　42
　Exercises　43
CHAPTER 3　ROOTLY POWERS　44
　Ownership of files and processes　44
　The superuser　46
　Choosing a root password　47
　Becoming root　48
　　su: substitute user identity　48
　　sudo: a limited su　48
　Other pseudo-users　51
　　bin: legacy owner of system commands　51
　　daemon: owner of unprivileged system software　51
　　nobody: the generic NFS user　51
　Exercises　52
CHAPTER 4　CONTROLLING PROCESSES　53
　Components of a process　53
　　PID: process ID number　54
　　PPID: parent PID　54
　　UID and EUID: real and effective user ID　54
　　GID and EGID: real and effective group ID　55
　　Niceness　55
　　Control terminal　56
　The life cycle of a process　56
　Signals　57
　kill and killall: send signals　60
　Process states　60
　nice and renice: influence scheduling priority　61
　ps: monitor processes　62
　top: monitor processes even better　65
　The /proc filesystem　65
　strace: trace signals and system calls　66
　Runaway processes　67
　Recommended reading　69
　Exercises　69
CHAPTER 5　THE FILESYSTEM　70
　Pathnames　72
　Filesystem mounting and unmounting　73
　The organization of the file tree　75
　File types　76
　　Regular files　78
　　Directories　78
　　Character and block device files　79
　　Local domain sockets　80
　　Named pipes　80
　　Symbolic links　80
　File attributes　81
　　The permission bits　81
　　The setuid and setgid bits　82
　　The sticky bit　82
　　Viewing file attributes　82
　　chmod: change permissions　84
　　chown: change ownership and group　86
　　umask: assign default permissions　86
　　Bonus flags　87
　Access control lists　88
　　ACL overview　88
　　Default entries　91
　Exercises　92
CHAPTER 6　ADDING NEW USERS　93
　The /etc/passwd file　93
　　Login name　94
　　Encrypted password　96
　　UID (user ID) number　96
　　Default GID number　97
　　GECOS field　98
　　Home directory　98
　　Login shell　98
　The /etc/shadow file　99
　The /etc/group file　101
　Adding users　102
　　Editing the passwd and shadow files　103
　　Editing the /etc/group file　104
　　Setting an initial password　104
　　Creating the user’s home directory　105
　　Copying in the default startup files　105
　　Setting the user’s mail home　106
　　Verifying the new login　106
　　Recording the user’s status and contact information　107
　Removing users　107
　Disabling logins　108
　Managing accounts　108
　Exercises　110
CHAPTER 7　ADDING A DISK　111
　Disk interfaces　111
　　The PATA interface　112
　　The SATA interface　114
　　The SCSI interface　114
　　Which is better, SCSI or IDE?　118
　Disk geometry　119
　Linux filesystems　120
　　Ext2fs and ext3fs　120
　　ReiserFS　121
　　XFS and JFS　122
　An overview of the disk installation procedure　122
　　Connecting the disk　122
　　Formatting the disk　123
　　Labeling and partitioning the disk　124
　　Creating filesystems within disk partitions　125
　　Mounting the filesystems　126
　　Setting up automatic mounting　127
　　Enabling swapping　129
　hdparm: set IDE interface parameters　129
　fsck: check and repair filesystems　131
　Adding a disk: a step-by-step guide　133
　Advanced disk management: RAID and LVM　138
　　Linux software RAID　139
　　Logical volume management　139
　　An example configuration with LVM and RAID　140
　　Dealing with a failed disk　144
　　Reallocating storage space　146
　Mounting USB drives　147
　Exercises　148
CHAPTER 8　PERIODIC PROCESSES　150
　cron: schedule commands　150
　The format of crontab files　151
　Crontab management　153
　Some common uses for cron　154
　　Cleaning the filesystem　154
　　Network distribution of configuration files　155
　　Rotating log files　156
　Other schedulers: anacron and fcron　156
　Exercises　157
CHAPTER 9　BACKUPS　158
　Motherhood and apple pie　159
　　Perform all dumps from one machine　159
　　Label your media　159
　　Pick a reasonable backup interval　159
　　Choose filesystems carefully　160
　　Make daily dumps fit on one piece of media　160
　　Make filesystems smaller than your dump device　161
　　Keep media off-site　161
　　Protect your backups　161
　　Limit activity during dumps　162
　　Verify your media　162
　　Develop a media life cycle　163
　　Design your data for backups　163
　　Prepare for the worst　163
　Backup devices and media　163
　　Optical media: CD-R/RW, DVD±R/RW, and DVD-RAM　164
　　Removable hard disks (USB and FireWire)　165
　　Small tape drives: 8mm and DDS/DAT　166
　　DLT/S-DLT　166
　　AIT and SAIT　166
　　VXA/VXA-X　167
　　LTO　167
　　Jukeboxes, stackers, and tape libraries　167
　　Hard disks　168
　　Summary of media types　168
　　What to buy　168
　Setting up an incremental backup regime with dump　169
　　Dumping filesystems　169
　　Dump sequences　171
　Restoring from dumps with restore　173
　　Restoring individual files　173
　　Restoring entire filesystems　175
　Dumping and restoring for upgrades　176
　Using other archiving programs　177
　　tar: package files　177
　　cpio: archiving utility from ancient times　178
　　dd: twiddle bits　178
　Using multiple files on a single tape　178
　Bacula　179
　　The Bacula model　180
　　Setting up Bacula　181
　　Installing the database and Bacula daemons　181
　　Configuring the Bacula daemons　182
　　bacula-dir.conf: director configuration　183
　　bacula-sd.conf: storage daemon configuration　187
　　bconsole.conf: console configuration　188
　　Installing and configuring the client file daemon　188
　　Starting the Bacula daemons　189
　　Adding media to pools　190
　　Running a manual backup　190
　　Running a restore job　192
　　Monitoring and debugging Bacula configurations　195
　　Alternatives to Bacula　197
　Commercial backup products　197
　　ADSM/TSM　197
　　Veritas　198
　　Other alternatives　198
　Recommended reading　198
　Exercises　198
CHAPTER 10　SYSLOG AND LOG FILES　201
　Logging policies　201
　　Throwing away log files　201
　　Rotating log files　202
　　Archiving log files　204
　Linux log files　204
　　Special log files　206
　　Kernel and boot-time logging　206
　logrotate: manage log files　208
　Syslog: the system event logger　209
　　Alternatives to syslog　209
　　Syslog architecture　210
　　Configuring syslogd　210
　　Designing a logging scheme for your site　214
　　Config file examples　214
　　Sample syslog output　216
　　Software that uses syslog　217
　　Debugging syslog　217
　　Using syslog from programs　218
　Condensing log files to useful information　220
　Exercises　222
CHAPTER 11　SOFTWARE AND CONFIGURATION MANAGEMENT　223
　Basic Linux installation　223
　　Netbooting PCs　224
　　Setting up PXE for Linux　225
　　Netbooting non-PCs　226Kickstart: the automated installer for 　　Enterprise Linux and Fedora　226
　　AutoYaST: SUSE’s automated installation tool　230
　　The Debian and Ubuntu installer　231
　　Installing from a master system　232
　Diskless clients　232
　Package management　234
　　Available package management systems　235
　　rpm: manage RPM packages　235
　　dpkg: manage Debian-style packages　237
　High-level package management systems　237
　　Package repositories　239
　　RHN: the Red Hat Network　240
　　APT: the Advanced Package Tool　241
　　Configuring apt-get　242
　　An example /etc/apt/sources.list file　243
　　Using proxies to make apt-get scale　244
　　Setting up an internal APT server　244
　　Automating apt-get　245
　　yum: release management for RPM　246
　Revision control　247
　　Backup file creation　247
　　Formal revision control systems　248
　　RCS: the Revision Control System　249
　　CVS: the Concurrent Versions System　251
　　Subversion: CVS done right　253
　Localization and configuration　255
　　Organizing your localization　256
　　Testing　257
　　Local compilation　258
　　Distributing localizations　259
　　Resolving scheduling issues　260
　Configuration management tools　260
　　cfengine: computer immune system　260
　　LCFG: a large-scale configuration system　261
　　The Arusha Project (ARK)　261
　　Template Tree 2: cfengine helper　262
　　DMTF/CIM: the Common Information Model　262
　Sharing software over NFS　263
　　Package namespaces　264
　　Dependency management　265
　　Wrapper scripts　265
　　Implementation tools　266
　Recommended software　266
　Recommended reading　268
　Exercises　268
SECTION TWO: NETWORKING
CHAPTER 12　TCP/IP NETWORKING　271
　TCP/IP and the Internet　272
　　A brief history lesson　272
　　How the Internet is managed today　273
　　Network standards and documentation　274
　Networking road map　275
　Packets and encapsulation　276
　　The link layer　277
　　Packet addressing　279
　　Ports　281
　　Address types　281
　IP addresses: the gory details　282
　　IP address classes　282
　　Subnetting and netmasks　282
　　The IP address crisis　285
　　CIDR: Classless Inter-Domain Routing　287
　　Address allocation　288
　　Private addresses and NAT　289
　　IPv6 addressing　291
　Routing　293
　　Routing tables　294
　　ICMP redirects　295
　ARP: the address resolution protocol　296
　Addition of a machine to a network　297
　　Hostname and IP address assignment　298
　　ifconfig: configure network interfaces　299
　　mii-tool: configure autonegotiation and other media-specific options　302
　　route: configure static routes　303
　　Default routes　305
　　DNS configuration　306
　　The Linux networking stack　307
　Distribution-specific network configuration　307
　　Network configuration for Red Hat and Fedora　308
　　Network configuration for SUSE　309
　　Network configuration for Debian and Ubuntu　310
　DHCP: the Dynamic Host Configuration Protocol　311
　　DHCP software　312
　　How DHCP works　312
　　ISC’s DHCP server　313
　Dynamic reconfiguration and tuning　314
　Security issues　316
　　IP forwarding　316
　　ICMP redirects　317
　　Source routing　317
　　Broadcast pings and other forms of directed broadcast　317
　　IP spoofing　317
　　Host-based firewalls　318
　　Virtual private networks　318
　　Security-related kernel variables　319
　Linux NAT　319
　PPP: the Point-to-Point Protocol　320Addressing PPP performance 　　issues　321
　　Connecting to a network with PPP　321
　　Making your host speak PPP　321
　　Controlling PPP links　321
　　Assigning an address　322
　　Routing　322
　　Ensuring security　323
　　Using chat scripts　323
　　Configuring Linux PPP　323
　Linux networking quirks　330
　Recommended reading　331
　Exercises　332
CHAPTER 13　ROUTING　334
　Packet forwarding: a closer look　335
　Routing daemons and routing protocols　337
　　Distance-vector protocols　338
　　Link-state protocols　339
　　Cost metrics　340
　　Interior and exterior protocols　340
　Protocols on parade　341
　　RIP: Routing Information Protocol　341
　　RIP-2: Routing Information Protocol, version 2　341
　　OSPF: Open Shortest Path First　342
　　IGRP and EIGRP: Interior Gateway Routing Protocol　342
　　IS-IS: the ISO “standard”　343
　　MOSPF, DVMRP, and PIM: multicast routing protocols　343
　　Router Discovery Protocol　343
　routed: RIP yourself a new hole　343
　gated: gone to the dark side　344
　Routing strategy selection criteria　344
　Cisco routers　346
　Recommended reading　348
　Exercises　349
CHAPTER 14　NETWORK HARDWARE　350
　LAN, WAN, or MAN?　351
　Ethernet: the common LAN　351
　　How Ethernet works　351
　　Ethernet topology　352
　　Unshielded twisted pair　353
　　Connecting and expanding Ethernets　355
　Wireless: nomad’s LAN　359
　　Wireless security　360
　　Wireless switches　360
　FDDI: the disappointing, expensive, and outdated LAN　361
　ATM: the promised (but sorely defeated) LAN　362
　Frame relay: the sacrificial WAN　363
　ISDN: the indigenous WAN　364
　DSL and cable modems: the people’s WAN　364
　Where is the network going?　365
　Network testing and debugging　366
　Building wiring　366
　　UTP cabling options　366
　　Connections to offices　367
　　Wiring standards　367
　Network design issues　368
　　Network architecture vs　building architecture　368
　　Existing networks　369
　　Expansion　369
　　Congestion　369
　　Maintenance and documentation　370
　Management issues　370
　Recommended vendors　371
　　Cables and connectors　371
　　Test equipment　371
　　Routers/switches　372
　Recommended reading　372
　Exercises　372
CHAPTER 15　DNS: THE DOMAIN NAME SYSTEM　373
　DNS for the impatient: adding a new machine　374
　The history of DNS　375
　　BIND implementations　376
　　Other implementations of DNS　376
　Who needs DNS?　377
　The DNS namespace　378
　　Masters of their domains 381
　　Selecting a domain name　382
　　Domain bloat　382
　　Registering a second-level domain name　383
　　Creating your own subdomains　383
　How DNS works　383
　　Delegation　383
　　Caching and efficiency　384
　　The extended DNS protocol　386
　What’s new in DNS　386
　The DNS database　389
　　Resource records　389
　　The SOA record　392
　　NS records　395
　　A records　396
　　PTR records　396
　　MX records　397
　　CNAME records　399
　　The CNAME hack　400
　　LOC records　401
　　SRV records　402
　　TXT records　403
　　IPv6 resource records　404
　　IPv6 forward records　404
　　IPv6 reverse records　405
　　Security-related records　405
　　Commands in zone files　405
　　Glue records: links between zones　407
　The BIND software　409
　　Versions of BIND　410
　　Finding out what version you have　410
　　Components of BIND　411
　　named: the BIND name server　412
　　Authoritative and caching-only servers　412
　　Recursive and nonrecursive servers　413
　　The resolver library　414
　　Shell interfaces to DNS　415
　Designing your DNS environment　415
　　Namespace management　415
　　Authoritative servers　416
　　Caching servers　417
　　Security　417
　　Summing up　418
　　A taxonomy of DNS/BIND chores　418
　BIND client issues　418
　　Resolver configuration　418
　　Resolver testing　420
　　Impact on the rest of the system　420
　BIND server configuration　420
　　Hardware requirements　421
　　Configuration files　421
　　The include statement　423
　　The options statement　423
　　The acl statement　429
　　The key statement　430
　　The trusted-keys statement　430
　　The server statement　431
　　The masters statement　432
　　The logging statement　432
　　The zone statement　432
　　The controls statement　436
　　Split DNS and the view statement　438
　BIND configuration examples　439
　　The localhost zone　439
　　A small security company　441
　　The Internet Systems Consortium, isc.org　444
　Starting named　446
　Updating zone files　447
　　Zone transfers　447
　　Dynamic updates　448
　Security issues　451
　　Access control lists revisited　451
　　Confining named　453
　　Secure server-to-server communication with TSIG and TKEY　453
　　DNSSEC　456
　　Negative answers　463
　　Microsoft and DNS　464
　Testing and debugging　466
　　Logging　466
　　Sample logging configuration　470
　　Debug levels　471
　　Debugging with rndc　471
　　BIND statistics　473
　　Debugging with dig　473
　　Lame delegations　475
　　doc: domain obscenity control　476
　　Other DNS sanity checking tools　478
　　Performance issues　478
　Distribution specifics　478
　Recommended reading　481
　　Mailing lists and newsgroups　481
　　Books and other documentation　481
　　On-line resources　482
　　The RFCs　482
　Exercises　482
CHAPTER 16　THE NETWORK FILE SYSTEM　484
　General information about NFS　484
　　NFS protocol versions　484
　　Choice of transport　485
　　File locking　486
　　Disk quotas　486
　　Cookies and stateless mounting　486
　　Naming conventions for shared filesystems　487
　　Security and NFS　487
　　Root access and the nobody account　488
　Server-side NFS　489
　　The exports file　490
　　nfsd: serve files　492
　Client-side NFS　492
　　Mounting remote filesystems at boot time　495
　　Restricting exports to insecure ports　495
　nfsstat: dump NFS statistics　495
　Dedicated NFS file servers　496
　Automatic mounting　497
　　automount: mount filesystems on demand　497
　　The master file　498
　　Map files　499
　　Executable maps　499
　Recommended reading　500
　Exercises　501
CHAPTER 17　SHARING SYSTEM FILES　502
　What to share　503
　nscd: cache the results of lookups　504
　Copying files around　505
　　rdist: push files　505
　　rsync: transfer files more securely　508
　　Pulling files　510
　NIS: the Network Information Service　511
　　Understanding how NIS works　512
　　Weighing advantages and disadvantages of NIS　514
　　Prioritizing sources of administrative information　515
　　Using netgroups　517
　　Setting up an NIS domain　517
　　Setting access control options in /etc/ypserv.conf　519
　　Configuring NIS clients　519
　　NIS details by distribution　520
　LDAP: the Lightweight Directory Access Protocol　520
　　The structure of LDAP data　521
　　The point of LDAP　522
　　LDAP documentation and specifications　523
　　OpenLDAP: LDAP for Linux　523
　　NIS replacement by LDAP　525
　　LDAP and security　526
　Recommended reading　526
　Exercises　527
CHAPTER 18　ELECTRONIC MAIL　528
　Mail systems　530
　　User agents　531
　　Transport agents　532
　　Delivery agents　532
　　Message stores　533
　　Access agents　533
　　Mail submission agents　533
　The anatomy of a mail message　534
　　Mail addressing　535
　　Mail header interpretation　535
　Mail philosophy　539
　　Using mail servers　540
　　Using mail homes　542
　　Using IMAP or POP　542
　Mail aliases　544
　　Getting mailing lists from files　546
　　Mailing to files　547
　　Mailing to programs　547
　　Aliasing by example　548
　　Forwarding mail　549
　　The hashed alias database　551
　Mailing lists and list wrangling software　551
　　Software packages for maintaining mailing lists　551
　　LDAP: the Lightweight Directory Access Protocol　555
　sendmail: ringmaster of the electronic mail circus　557
　　Versions of sendmail　557
　　sendmail installation from sendmail.org　559
　　sendmail installation on Debian and Ubuntu systems　561
　　The switch file　562
　　Modes of operation　562
　　The mail queue　563
　sendmail configuration　565
　　Using the m4 preprocessor　566
　　The sendmail configuration pieces　567
　　Building a configuration file from a sample .mc file　568
　　Changing the sendmail configuration　569
　Basic sendmail configuration primitives　570
　　The VERSIONID macro　570
　　The OSTYPE macro　570
　　The DOMAIN macro　572
　　The MAILER macro　573
　Fancier sendmail configuration primitives 574
　　The FEATURE macro　574
　　The use_cw_file feature　574
　　The redirect feature　575
　　The always_add_domain feature　575
　　The nocanonify feature　576
　　Tables and databases　576
　　The mailertable feature　578
　　The genericstable feature　579
　　The virtusertable feature　579
　　The ldap_routing feature　580
　　Masquerading and the MASQUERADE_AS macro　581
　　The MAIL_HUB and SMART_HOST macros　583
　　Masquerading and routing　583
　　The nullclient feature　584
　　The local_lmtp and smrsh features　585
　　The local_procmail feature　585
　　The LOCAL_* macros　586
　　Configuration options　586
　Spam-related features in sendmail　588
　　Relaying　589
　　The access database　591
　　User or site blacklisting　594
　　Header checking　595
　　Rate and connection limits　596
　　Slamming　597
　　Miltering: mail filtering　597
　　Spam handling　598
　　SpamAssassin　598
　　SPF and Sender ID　599
　Configuration file case study　599
　　Client machines at sendmail.com　599
　　Master machine at sendmail.com　600
　Security and sendmail　603
　　Ownerships　603
　　Permissions　604
　　Safer mail to files and programs　605
　　Privacy options　606
　　Running a chrooted sendmail (for the truly paranoid)　607
　　Denial of service attacks　608
　　Forgeries　608
　　Message privacy　610
　　SASL: the Simple Authentication and Security Layer　610
　sendmail performance　611
　　Delivery modes　611
　　Queue groups and envelope splitting　611
　　Queue runners　613
　　Load average controls　613
　　Undeliverable messages in the queue　613
　　Kernel tuning　614
　sendmail statistics, testing, and debugging　615
　　Testing and debugging　616
　　Verbose delivery　617
　　Talking in SMTP　618
　　Queue monitoring　619
　　Logging　619
　The Exim Mail System　621
　　History　621
　　Exim on Linux　621
　　Exim configuration　622
　　Exim/sendmail similarities　622
　Postfix　623
　　Postfix architecture　623
　　Receiving mail　624
　　The queue manager　624
　　Sending mail　625
　　Security　625
　　Postfix commands and documentation　625
　　Configuring Postfix　626
　　What to put in main.cf　626
　　Basic settings　626
　　Using postconf　627
　　Lookup tables　627
　　Local delivery　629
　　Virtual domains　630
　　Virtual alias domains　630
　　Virtual mailbox domains　631
　　Access control　632
　　Access tables　633
　　Authentication of clients　634
　　Fighting spam and viruses　634
　　Black hole lists　635
　　SpamAssassin and procmail　636
　　Policy daemons　636
　　Content filtering　636
　　Debugging　637
　　Looking at the queue　638
　　Soft-bouncing　638
　　Testing access control 638
　Recommended reading　639
　Exercises　640
CHAPTER 19　NETWORK MANAGEMENT AND DEBUGGING　643
　Network troubleshooting　644
　ping: check to see if a host is alive　645
　traceroute: trace IP packets　647
　netstat: get network statistics　649
　　Inspecting interface configuration information　649
　　Monitoring the status of network connections　651
　　Identifying listening network services　652
　　Examining the routing table　652
　　Viewing operational statistics for network protocols　653
　sar: inspect live interface activity　654
　Packet sniffers　655
　　tcpdump: king of sniffers　656
　　Wireshark: visual sniffer　657
　Network management protocols　657
　SNMP: the Simple Network Management Protocol　659
　　SNMP organization　659
　　SNMP protocol operations　660
　　RMON: remote monitoring MIB　661
　The NET-SMNP agent　661
　Network management applications　662
　　The NET-SNMP tools　663
　　SNMP data collection and graphing　664
　　Nagios: event-based SNMP and service monitoring　665
　　Commercial management platforms　666
　Recommended reading　667
　Exercises　668
CHAPTER 20　SECURITY　669
　Is Linux secure?　670
　How security is compromised　671
　　Social engineering　671
　　Software vulnerabilities　672
　　Configuration errors　673
　Certifications and standards　673
　　Certifications　674
　　Standards　675
　Security tips and philosophy　676
　　Packet filtering　677
　　Unnecessary services　677
　　Software patches　677
　　Backups　677
　　Passwords　677Vigilance　677
　　General philosophy　678
　Security problems in /etc/passwd and /etc/shadow　678
　　Password checking and selection　679
　　Password aging　680
　　Group logins and shared logins　680
　　User shells　680
　　Rootly entries　681
　　PAM: cooking spray or authentication wonder?　681
　POSIX capabilities　683
　Setuid programs　683
　Important file permissions　684
　Miscellaneous security issues　685
　　Remote event logging　685
　　Secure terminals　685
　　/etc/hosts.equiv and ~/.rhosts　685
　　Security and NIS　685
　　Security and NFS　686
　　Security and sendmail　686
　　Security and backups　686
　　Viruses and worms　686
　　Trojan horses　687
　　Rootkits　688
　Security power tools　688
　　Nmap: scan network ports　688
　　Nessus: next generation network scanner　690
　　John the Ripper: find insecure passwords　690
　　hosts_access: host access control　691
　　Samhain: host-based intrusion detection　692
　　Security-Enhanced Linux (SELinux)　693
　Cryptographic security tools　694
　　Kerberos: a unified approach to network security　695
　　PGP: Pretty Good Privacy　696
　　SSH: the secure shell　697
　　One-time passwords　698
　　Stunnel　699
　Firewalls　701
　　Packet-filtering firewalls　701
　　How services are filtered　702
　　Service proxy firewalls　703
　　Stateful inspection firewalls　703
　　Firewalls: how safe are they?　704
　Linux firewall features: IP tables　704
　Virtual private networks (VPNs)　708
　　IPsec tunnels　709
　　All I need is a VPN, right?　710
　Hardened Linux distributions　710
　What to do when your site has been attacked　710
　Sources of security information　712
　　CERT: a registered service mark of Carnegie Mellon University　712
　　SecurityFocus.com and the BugTraq mailing list　713
　　Crypto-Gram newsletter　713
　　SANS: the System Administration, Networking, and Security Institute　713
　　Distribution-specific security resources　713
　　Other mailing lists and web sites　714
　Recommended reading　715
　Exercises　716
CHAPTER 21　WEB HOSTING AND INTERNET SERVERS　719
　Web hosting basics　720
　　Uniform resource locators　720
　　How HTTP works　720
　　Content generation on the fly　722
　　Load balancing　722
　HTTP server installation　724
　　Choosing a server　724
　　Installing Apache　724
　　Configuring Apache　726
　　Running Apache　726
　　Analyzing log files　727
　　Optimizing for high-performance hosting of static content　727
　Virtual interfaces　727
　　Using name-based virtual hosts　728
　　Configuring virtual interfaces　728
　　Telling Apache about virtual interfaces　729
　The Secure Sockets Layer (SSL)　730　　Generating a certificate signing request　731
　　Configuring Apache to use SSL　732
　Caching and proxy servers　733
　　The Squid cache and proxy server　733
　　Setting up Squid　734
　Anonymous FTP server setup　734
　Exercises　736
SECTION THREE: BUNCH O' STUFF
CHAPTER 22　THE X WINDOW SYSTEM　741
　The X display manager　743
　Running an X application　744
　　The DISPLAY environment variable　744
　　Client authentication　745
　　X connection forwarding with SSH　747
　X server configuration　748
　　Device sections　750
　　Monitor sections　750
　　Screen sections　751
　　InputDevice sections　752
　　ServerLayout sections　753
　Troubleshooting and debugging　754
　　Special keyboard combinations for X　754
　　When good X servers go bad　755
　A brief note on desktop environments　757
　　KDE　758
　　GNOME　758
　　Which is better, GNOME or KDE?　759
　Recommended Reading　759
　Exercises　759
CHAPTER 23　PRINTING　761
　Printers are complicated　762
　Printer languages　763
　　PostScript　763
　　PCL　763
　　PDF　764
　　XHTML　764
　　PJL　765
　　Printer drivers and their handling of PDLs　765
　CUPS architecture　767
　　Document printing　767
　　Print queue viewing and manipulation　767
　　Multiple printers　768
　　Printer instances　768
　　Network printing　768
　　The CUPS underlying protocol: HTTP　769
　　PPD files　770
　　Filters　771
　CUPS server administration　772
　　Network print server setup　773
　　Printer autoconfiguration　774
　　Network printer configuration　774
　　Printer configuration examples　775
　　Printer class setup　775
　　Service shutoff　776
　　Other configuration tasks　777
　　Paper sizes　777
　　Compatibility commands　778
　　Common printing software　779
　　CUPS documentation　780
　Troubleshooting tips　780
　　CUPS logging　781
　　Problems with direct printing　781
　　Network printing problems　781
　　Distribution-specific problems　782
　Printer practicalities　782
　　Printer selection　782
　　GDI printers　783
　　Double-sided printing　783
　　Other printer accessories　783
　　Serial and parallel printers　784
　　Network printers　784
　Other printer advice　784
　　Use banner pages only if you have to　784
　　Provide recycling bins　785
　　Use previewers　785
　　Buy cheap printers　785
　　Keep extra toner cartridges on hand　786
　　Pay attention to the cost per page　786
　　Consider printer accounting　787
　　Secure your printers　787
　Printing under KDE　788
　　kprinter: printing documents　789
　　Konqueror and printing　789
　Recommended reading　790
　Exercises　790
CHAPTER 24　MAINTENANCE AND ENVIRONMENT　791
　Hardware maintenance basics　791
　Maintenance contracts　792
　　On-site maintenance　792
　　Board swap maintenance　792
　　Warranties　793
　Electronics-handling lore　793
　　Static electricity　793
　　Reseating boards　794
　Monitors　794
　Memory modules　794
　Preventive maintenance　795
　Environment　796
　　Temperature　796
　　Humidity　796
　　Office cooling　796
　　Machine room cooling　797
　　Temperature monitoring　798
　Power　798
　Racks　799
　Data center standards　800
　Tools　800
　Recommended reading　800
　Exercises　802
CHAPTER 25　PERFORMANCE ANALYSIS　803
　What you can do to improve performance　804
　Factors that affect performance　806
　System performance checkup　807
　　Analyzing CPU usage　807
　　How Linux manages memory　809
　　Analyzing memory usage　811
　　Analyzing disk I/O　813
　　Choosing an I/O scheduler　815
　　sar: Collect and report statistics over time　816
　　oprofile: Comprehensive profiler　817
　Help! My system just got really slow!　817
　Recommended reading　819
　Exercises　819
CHAPTER 26　COOPERATING WITH WINDOWS　821　Logging in to a Linux system from Windows　821
　Accessing remote desktops　822
　　Running an X server on a Windows computer　823
　　VNC: Virtual Network Computing　824
　　Windows RDP: Remote Desktop Protocol　824
　Running Windows and Windows-like applications　825
　　Dual booting, or why you shouldn’t　826
　　The OpenOffice.org alternative　826
　Using command-line tools with Windows　826
　Windows compliance with email and web standards　827
　Sharing files with Samba and CIFS　828
　　Samba: CIFS server for UNIX　828
　　Samba installation　829
　　Filename encoding　830
　　Network Neighborhood browsing　831
　　User authentication　832
　　Basic file sharing　833
　　Group shares　833
　　Transparent redirection with MS DFS　834
　　smbclient: a simple CIFS client　835
　　The smbfs filesystem　835
　Sharing printers with Samba　836
　　Installing a printer driver from Windows　838
　　Installing a printer driver from the command line　839
　Debugging Samba　840
　Recommended reading　841
　Exercises　842
CHAPTER 27　SERIAL DEVICES　843
　The RS-232C standard　844
　Alternative connectors　847
　　The mini DIN-8 variant　847
　　The DB-9 variant　848
　　The RJ-45 variant　849
　　The Yost standard for RJ-45 wiring　850
　Hard and soft carrier　852
　Hardware flow control　852
　Cable length　853
　Serial device files　853
　setserial: set serial port parameters　854
　Software configuration for serial devices　855
　Configuration of hardwired terminals　855
　　The login process　855
　　The /etc/inittab file　856
　　Terminal support: the termcap and terminfo databases　858
　Special characters and the terminal driver　859
　stty: set terminal options　860
　tset: set options automatically　861
　Terminal unwedging　862
　Modems　862
　　Modulation, error correction, and data compression protocols　863
　　minicom: dial out　864
　　Bidirectional modems　864
　Debugging a serial line　864
　Other common I/O ports　865
　　USB: the Universal Serial Bus　865
　Exercises　866
CHAPTER 28　DRIVERS AND THE KERNEL　868
　Kernel adaptation　869
　Drivers and device files　870
　　Device files and device numbers　870
　　Creating device files　871　　sysfs: a window into the souls of devices　872
　　Naming conventions for devices　872
　Why and how to configure the kernel　873
　Tuning Linux kernel parameters　874
　Building a Linux kernel　876
　　If it ain’t broke, don’t fix it　876
　　Configuring kernel options　876
　　Building the kernel binary　878
　Adding a Linux device driver　878
　　Device awareness　880
　Loadable kernel modules　880
　Hot-plugging　882
　Setting bootstrap options　883
　Recommended reading　884
　Exercises　884
CHAPTER 29　DAEMONS　885
　init: the primordial process　886
　cron and atd: schedule commands　887
　xinetd and inetd: manage daemons　887
　　Configuring xinetd　888
　　Configuring inetd　890
　　The services file　892
　　portmap: map RPC services to TCP and UDP ports　893
　Kernel daemons　893
　　klogd: read kernel messages　894
　Printing daemons　894
　　cupsd: scheduler for the Common UNIX Printing System　894
　　lpd: manage printing　894
　File service daemons　895
　　rpc.nfsd: serve files　895
　　rpc.mountd: respond to mount requests　895
　　amd and automount: mount filesystems on demand　895
　　rpc.lockd and rpc.statd: manage NFS locks　895
　　rpciod: cache NFS blocks　896
　　rpc.rquotad: serve remote quotas　896
　　smbd: provide file and printing service to Windows clients　896
　　nmbd: NetBIOS name server　896
　Administrative database daemons　896
　　ypbind: locate NIS servers　896
　　ypserv: NIS server　896
　　rpc.ypxfrd: transfer NIS databases　896
　　lwresd: lightweight resolver library server　897
　　nscd: name service cache daemon　897
　Electronic mail daemons　897
　　sendmail: transport electronic mail　897
　　smtpd: Simple Mail Transport Protocol daemon　897
　　popd: basic mailbox server　897
　　imapd: deluxe mailbox server　897
　Remote login and command execution daemons　898
　　sshd: secure remote login server　898
　　in.rlogind: obsolete remote login server　898
　　in.telnetd: yet another remote login server　898
　　in.rshd: remote command execution server　898
　Booting and configuration daemons　898
　　dhcpd: dynamic address assignment　899
　　in.tftpd: trivial file transfer server　899
　　rpc.bootparamd: advanced diskless life support　899
　　hald: hardware abstraction layer (HAL) daemon　899
　　udevd: serialize device connection notices　899
　Other network daemons　900
　　talkd: network chat service　900
　　snmpd: provide remote network management service　900
　　ftpd: file transfer server　900
　　rsyncd: synchronize files among multiple hosts　900
　　routed: maintain routing tables　900
　　gated: maintain complicated routing tables　901
　　named: DNS server　901
　　syslogd: process log messages　901
　　in.fingerd: look up users　901
　　httpd: World Wide Web server　901
　ntpd: time synchronization daemon　902
　Exercises　903
CHAPTER 30　MANAGEMENT, POLICY, AND POLITICS　904
　Make everyone happy　904
　Components of a functional IT organization　906
　The role of management　907
　　Leadership　907
　　Hiring, firing, and personnel management 908
　　Assigning and tracking tasks　911
　　Managing upper management　913
　　Conflict resolution　913
　The role of administration　915
　　Sales　915
　　Purchasing　916
　　Accounting　917
　　Personnel　917
　　Marketing　918
　　Miscellaneous administrative chores　919
　The role of development　919
　　Architectural principles　920
　　Anatomy of a management system　922
　　The system administrator’s tool box　922
　　Software engineering principles　923
　The role of operations　924
　　Aim for minimal downtime　925
　　Document dependencies　925
　　Repurpose or eliminate older hardware　926
　The work of support　927
　　Availability　927
　　Scope of service　927
　　Skill sets　929
　　Time management　930
　Documentation　930
　　Standardized documentation 931
　　Hardware labeling　933
　　User documentation　934
　Request-tracking and trouble-reporting systems　934
　　Common functions of trouble ticket systems　935
　　User acceptance of ticketing systems　935
　　Ticketing systems　936
　　Ticket dispatching　937
　Disaster recovery　938
　　Backups and off-line information　939
　　Staffing your disaster　939
　　Power and HVAC　940
　　Network redundancy　941
　　Security incidents　941
　　Second-hand stories from the World Trade Center　942
　Written policy　943
　　Security policies　945
　　User policy agreements　946
　　Sysadmin policy agreements　948
　Legal Issues　949
　　Encryption　949
　　Copyright　950
　　Privacy　951
　　Click-through EULAs　953
　　Policy enforcement　953
　　Control = liability　954
　　Software licenses　955
　　Regulatory compliance　956
　Software patents　957
　Standards　958
　　LSB: the Linux Standard Base　959
　　POSIX　959
　　ITIL: the Information Technology Interface Library　960
　　COBIT: Control Objectives for Information and related Technology　960
　Linux culture　961
　Mainstream Linux　962
　Organizations, conferences, and other resources　964
　　Conferences and trade shows　965
　　LPI: the Linux Professional Institute　967
　　Mailing lists and web resources　967
　　Sysadmin surveys　968
　Recommended Reading　968
　　Infrastructure　968
　　Management　969
　　Policy and security　969
　　Legal issues, patents, and privacy　969
　　General industry news　970
　Exercises　970
INDEX　973
ABOUT THE CONTRIBUTORS　999
ABOUT THE AUTHORS　1001

【购买本书】

购书指南»

商城名称	价格	配送信息	优惠活动	去看看	购买
卓越网	￥97.70	送货上门：国内308个城市邮寄：全球特快专递：全球海外航空快递	七周年店庆，全场免费配送	去看看	订购
当当网	￥98.70	当天加急送：北京五环以内送货上门：国内178个城市邮寄：全球特快专递：全球	特惠商品68折封顶	去看看	订购
新华书店	￥98.60	快递：大陆地区邮寄：全球特快专递：全球		去看看	订购
华储网	￥102.40	送货上门：辽宁、长春、北京快递、邮政递送：全球	30万春节大礼包连环送，全场7折+满100免运费	去看看	订购