Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, authenticity, or access to any online entitlements included with the product. Gain Essential Linux Administration Skills Easily Effectively set up and manage popular Linux distributions on individual servers and build entire network infrastructures using this practical resource. Fully updated to cover the latest tools and techniques, Linux Administration: A Beginner’s Guide, Eighth Edition features clear explanations, step-by-step instructions, and real-world examples. Find out how to configure hardware and software, work from the command line or GUI, maintain Internet and network services, and secure your data. Performance tuning, virtualization, containers, software management, security, and backup solutions are covered in detail. Install and configure Linux, including the latest distributions from Fedora, Ubuntu, CentOS, openSUSE, Debian, and RHEL. Set up and administer core system services, daemons, users, and groups. Manage software applications from source code or binary packages. Customize, build, or patch the Linux kernel. Understand and manage the Linux network stack and networking protocols, including TCP/IP, ARP, IPv4, and IPv6. Minimize security threats and build reliable firewalls and routers with Netfilter (iptables and nftables) and Linux. Create and maintain DNS, FTP, web, e-mail, print, LDAP, VoIP, and SSH servers and services. Share resources using GlusterFS, NFS, and Samba. Spin-up and manage Linux-based servers in popular cloud environments, such as OpenStack, AWS, Azure, Linode, and GCE. Explore virtualization and container technologies using KVM, Docker, Kubernetes, and Open Container Initiative (OCI) tooling. Download specially curated Virtual Machine image and containers that replicate various exercises, software, servers, commands, and concepts covered in the book. Wale Soyinka is a father, system administrator, a DevOps/SecOps aficionado, an open source evangelist, a hacker, and a well-respected world-renowned chef (in his mind). He is the author of Advanced Linux Administration as well as other Linux, Network, and Windows administration training materials.
Author(s): Wale Soyinka
Edition: 8
Publisher: McGraw Hill Professional
Year: 2020
Language: English
Pages: 688
Tags: GNU/Linux; Linux Kernel; OS Administration; CLI/GUI;
Cover
Title Page
Copyright Page
Dedication
About the Author
Contents at a Glance
Contents
Acknowledgments
Introduction
Part I Introduction and Installation
Chapter 1 Introduction to Linux, Distributions, and FOSS
Linux: The Operating System
Open Source Software and GNU: Overview
The GNU Public License
Upstream and Downstream
The Advantages of Open Source Software
Understanding the Differences Between Windows and Linux
Single Users vs. Multiple Users vs. Network Users
The Monolithic Kernel and the Micro-Kernel
Separation of the GUI and the Kernel
My Network Places
The Registry vs. Text Files
Domains and Active Directory
Summary
Chapter 2 Installing a Linux Server
Hardware and Environmental Considerations
Server Design
Uptime
Methods of Installation
Installing Fedora
Project Prerequisites
The Installation
Installation Summary
Localization Section
Software Section
System Section
User Settings Section
The Installation
Installing Ubuntu Server
Start the Installation
Configure the Network
Configure Proxy
Configure Ubuntu Archive Mirror
File System Setup
Profile Setup
SSH Setup
Featured Server Snaps
Install Complete
Summary
Chapter 3 Deploying Linux Servers in the Cloud
Behind the Cloud
Obtaining and Spinning Up New Virtual Linux Servers
Free-to-Run Virtual Linux Servers
Commercial Cloud Service Providers
Summary
Part II Single-Host Administration
Chapter 4 The Command Line
An Introduction to Bash
Job Control
Environment Variables
Pipes
Redirection
Command-Line Shortcuts
Filename Expansion
Environment Variables as Parameters
Multiple Commands
Backticks
Documentation Tools
The man Command
The texinfo System
Files (Types, Ownership, and Permissions)
Normal Files
Directories
Hard Links
Symbolic Links
Block Devices
Character Devices
Listing Files: ls
Change Ownership: chown
Change Group: chgrp
Change Mode: chmod
File Management and Manipulation
Copy Files: cp
Move Files: mv
Link Files: ln
Find a File: find
File Compression: gzip
File Compression: bzip2
File Compression: xz
Create a Directory: mkdir
Remove Files or Directories: rm
Show Present Working Directory: pwd
Tape Archive: tar
Concatenate Files: cat
Display a File One Screen at a Time: more or less
Show the Directory Location of a File: which
Locate a Command: whereis
Editors
vi
emacs
pico
sed
Miscellaneous Tools
Disk Utilization: du
Disk Free: df
List Processes: ps
Show an Interactive List of Processes: top
Send a Signal to a Process: kill
Show System Information: uname
Who Is Logged In: who
A Variation on who: w
Switch User: su
Putting It All Together (Moving a User and Its Home Directory)
Summary
Chapter 5 Managing Software
The Red Hat Package Manager
Managing Software Using RPM
Querying for Information the RPM Way (Getting to Know One Another)
Installing Software with RPM (Moving in Together)
Uninstalling Software with RPM (Ending the Relationship)
Other Things RPM Can Do
Yum
DNF
GUI RPM Package Managers
Fedora or Ubuntu
openSUSE and SLE
The Debian Package Management System
APT
Software Management in Ubuntu
Querying for Information
Installing Software in Ubuntu
Removing Software in Ubuntu
Compile and Install GNU Software
Getting and Unpacking the Source Package
Looking for Documentation
Configuring the Package
Compiling the Package
Installing the Package
Testing the Software
Cleanup
Common Problems when Building from Source Code
Problems with Libraries
Missing Configure Script
Broken Source Code
Summary
Chapter 6 Managing Users and Groups
What Exactly Constitutes a User?
Where User Information Is Kept
The /etc/passwd File
The /etc/shadow File
The /etc/group File
User Management Tools
Command-Line User Management
GUI User Managers
Users and Access Permissions
Understanding SetUID and SetGID Programs
Sticky Bit
Pluggable Authentication Modules
How PAM Works
PAM’s Files and Their Locations
Configuring PAM
A Sample PAM Configuration File
The “Other” File
D’oh! I Can’t Log In!
Debugging PAM
A Grand Tour
Creating Users with useradd
Creating Groups with groupadd
Modifying User Attributes with usermod
Modifying Group Attributes with groupmod
Deleting Users and Groups with userdel and groupdel
Summary
Chapter 7 Booting and Shutting Down
Boot Loaders
GRUB Legacy
GRUB 2
Bootstrapping
The init Process
Systemd Scripts
Writing Your Own rc Script
Enabling and Disabling Services
Enabling a Service
Disabling a Service
Odds and Ends of Booting and Shutting Down
fsck!
Booting into Single-User (“Recovery”) Mode
Summary
Chapter 8 File Systems
The Makeup of File Systems
i-Nodes
Blocks
Superblocks
ext4
Btrfs
XFS
Managing File Systems
Mounting and Unmounting Local Disks
Using fsck
Adding a New Disk
Overview of Partitions
Traditional Disk and Partition Naming Conventions
Volume Management
Creating Partitions and Logical Volumes
Creating File Systems
Summary
Chapter 9 Core System Services
systemd
systemd’s Role
How systemd Works
xinetd
The /etc/xinetd.conf File
Examples: A Simple (echo) Service Entry
The Logging Daemon
rsyslogd
systemd-journald (journald)
The cron Program
The crontab File
Editing the crontab File
Summary
Chapter 10 The Linux Kernel
What Exactly Is a Kernel?
Finding the Kernel Source Code
Getting the Correct Kernel Version
Unpacking the Kernel Source Code
Building the Kernel
Preparing to Configure the Kernel
Kernel Configuration
Compiling the Kernel
Installing the Kernel
Booting the Kernel
The Author Lied! It Didn’t Work!
Patching the Kernel
Downloading and Applying Patches
If the Patch Worked
If the Patch Didn’t Work
Summary
Chapter 11 Knobs and Dials: API (Virtual) File Systems
What’s Inside the /proc Directory?
Tweaking Files Inside of /proc
Some Useful /proc Entries
Enumerated /proc Entries
Common proc Settings and Reports
SYN Flood Protection
Issues on High-Volume Servers
SysFS
cgroupfs
tmpfs
tmpfs Example
Summary
Part III Networking and Security
Chapter 12 TCP/IP for System Administrators
The Layers
Packets
TCP/IP Model and the OSI Model
Headers
Ethernet
IP (IPv4)
TCP
UDP
A Complete TCP Connection
Opening a Connection
Transferring Data
Closing the Connection
How ARP Works
The ARP Header: ARP Works with Other Protocols, Too!
Bringing IP Networks Together
Hosts and Networks
Subnetting
Netmasks
Static Routing
Dynamic Routing with RIP
tcpdump Bits and Bobs
Reading and Writing Dumpfiles
Capturing More or Less per Packet
Performance Impact
Don’t Capture Your Own Network Traffic
Troubleshooting Slow Name Resolution (DNS) Issues
IPv6
IPv6 Address Format
IPv6 Address Types
IPv6 Backward Compatibility
Summary
Chapter 13 Network Configuration
Modules and Network Interfaces
Network Device Configuration Utilities (ip, ifconfig, and nmcli)
Sample Usage: ifconfig, ip, and nmcli
Setting Up NICs at Boot Time
Managing Routes
Sample Usage: Route Configuration
Displaying Routes
A Simple Linux Router
Routing with Static Routes
VPCs, Subnets, IPs, and Route Configuration (AWS Cloud Example)
VPCs and Subnets (AWS)
Internet Gateways and Routing (AWS)
Security Groups (AWS)
Launch a Linux Server in Its Own Subnet (AWS)
Hostname Configuration
Summary
Chapter 14 Linux Firewall (Netfilter)
How Netfilter Works
A NAT Primer
Chains
Installing Netfilter
Enabling Netfilter in the Kernel
Configuring Netfilter
Saving Your Netfilter Configuration
The iptables Command
firewalld
Cookbook Solutions
Simple NAT: iptables
Simple NAT: nftables
Simple Firewall: iptables
Summary
Chapter 15 Local Security
Common Sources of Risk
SetUID Programs
Unnecessary Processes
Picking the Right Runlevel
Nonhuman User Accounts
Limited Resources
Mitigating Risk
chroot
SELinux
AppArmor
Monitoring Your System
Logging
Using ps and netstat
Watch That Space (Using df)
Automated Monitoring
Staying in the Loop (Mailing Lists)
Summary
Chapter 16 Network Security
TCP/IP and Network Security
The Importance of Port Numbers
Tracking Services
Using the netstat Command
Security Implications of netstat’s Output
Binding to an Interface
Shutting Down Services
Shutting Down xinetd and inetd Services
Shutting Down Non-xinetd Services
Monitoring Your System
Making the Best Use of syslog
Monitoring Bandwidth with MRTG
Handling Attacks
Trust Nothing (and No One)
Change Your Passwords
Pull the Plug
Network Security Tools
nmap
Snort
Nessus and OpenVAS
Wireshark/tcpdump
Summary
Part IV Internet Services
Chapter 17 Domain Name System (DNS)
The Hosts File
How DNS Works
Domain and Host Naming Conventions
The Root Domain
Subdomain
The in-addr.arpa Domain
Types of Servers
Installing a DNS Server
Understanding the BIND Configuration File
The Specifics
Configuring a DNS Server
Defining a Primary Zone in the named.conf File
Defining a Secondary Zone in the named.conf File
Defining a Caching Zone in the named.conf File
DNS Records Types
SOA: Start of Authority
NS: Name Server
A and AAAA: Address Records
PTR: Pointer Record
MX: Mail Exchanger
CNAME: Canonical Name
RP and TXT: The Documentation Entries
Setting Up BIND Database Files
DNS Server Setup Walkthrough
The DNS Toolbox
host
dig
resolvectl
nslookup
whois
nsupdate
The rndc Tool
Configuring DNS Clients
The Resolver
Configuring the Client (Traditional)
Summary
Chapter 18 File Transfer Protocol (FTP)
The Mechanics of FTP
Client/Server Interactions
Obtaining and Installing vsftpd
Configuring vsftpd
Starting and Testing the FTP Server
Customizing the FTP Server
Setting Up an Anonymous-Only FTP Server
Setting Up an FTP Server with Virtual Users
Summary
Chapter 19 Apache Web Server
Understanding HTTP
Headers
Ports
Process Ownership and Security
Installing the Apache HTTP Server
Apache Modules
Starting Up and Shutting Down Apache
Starting Apache at Boot Time
Testing Your Installation
Configuring Apache
Creating a Simple Root-Level Page
Apache Configuration Files
Common Configuration Options
Troubleshooting Apache
Summary
Chapter 20 Simple Mail Transfer Protocol (SMTP)
Understanding SMTP
Rudimentary SMTP Details
Security Implications
E-mail Components
Installing the Postfix Server
Installing Postfix via DNF in Fedora, CentOS, or RHEL
Installing Postfix via APT in Ubuntu
Configuring the Postfix Server
The main.cf File
Checking Your Configuration
Running the Server
Checking the Mail Queue
Flushing the Mail Queue
The newaliases Command
Making Sure Everything Works
Summary
Chapter 21 Post Office Protocol and Internet Mail Access Protocol (POP and IMAP)
POP3 and IMAP Protocol Basics
Dovecot (IMAP and POP3 Server)
Installing Dovecot
Dovecot Configuration Files and Options
Configuring Dovecot
Running Dovecot
Checking Basic POP3 Functionality
Checking Basic IMAP Functionality
Other Issues with Mail Services
SSL/TLS Security
Availability
Log Files
Summary
Chapter 22 Voice over Internet Protocol (VoIP)
VoIP Overview
VoIP Server
Analog Telephone Adapter (ATA)
IP Phones
VoIP Protocols
VoIP Implementations
Asterisk
How Asterisk Works
Asterisk Installation
Starting and Stopping Asterisk
Understanding Asterisk Configuration Files and Structure
The Dialplan: extensions.conf
Modules: modules.conf
Asterisk Network, Port, and Firewall Requirements
Configuring the Local Firewall for Asterisk
Configuring the PBX
Local Extensions
Outside Connection (VoIP Trunking)
Trunking Using Twilio Elastic SIP Trunks
Asterisk Maintenance and Troubleshooting
Asterisk CLI Commands
Helpful CLI Commands
Common Issues with VoIP
Summary
Chapter 23 Secure Shell (SSH)
Understanding Public Key Cryptography
Key Characteristics
SSH Backstory (Versions)
OpenSSH and OpenBSD
Alternative Vendors for SSH Clients
Installing OpenSSH on RPM-Based Systems
Installing OpenSSH via APT in Ubuntu
Server Startup and Shutdown
SSHD Configuration File
Using OpenSSH
Secure Shell (ssh) Client Program
Secure Copy (scp) Program
Secure FTP (sftp) Program
Files Used by the OpenSSH Client
Summary
Part V Intranet Services
Chapter 24 Network File System (NFS)
The Mechanics of NFS
Versions of NFS
Security Considerations for NFS
Mount and Access a Partition
Enabling NFS in Fedora, RHEL, and CentOS
Enabling NFS in Ubuntu and Debian
The Components of NFS
Kernel Support for NFS
Configuring an NFS Server
The /etc/exports Configuration File
Configuring NFS Clients
The mount Command
Soft vs. Hard Mounts
Cross-Mounting Disks
The Importance of the intr Option
Performance Tuning
Troubleshooting Client-Side NFS Issues
Stale File Handles
Permission Denied
Sample NFS Client and NFS Server Configuration
Common Uses for NFS
Summary
Chapter 25 Samba
The Mechanics of SMB
Usernames and Passwords
Encrypted Passwords
Samba Daemons
Installing Samba via RPM
Installing Samba via APT
Samba Administration
Starting and Stopping Samba
Creating a Share
Using smbclient
Mounting Remote Samba Shares
Samba Users
Creating Samba Users
Allowing Null Passwords
Changing Passwords with smbpasswd
Using Samba to Authenticate Against a Windows Server
winbindd Daemon
Troubleshooting Samba
Summary
Chapter 26 Distributed File Systems (DFS)
DFS Overview
DFS Implementations
GlusterFS
Summary
Chapter 27 Lightweight Directory Access Protocol (LDAP)
LDAP Basics
LDAP Directory
Client/Server Model
Uses of LDAP
LDAP Terminology
OpenLDAP
Server-Side Daemons
OpenLDAP Utilities
Installing OpenLDAP
Configuring OpenLDAP
Configuring slapd
Starting and Stopping slapd
Configuring OpenLDAP Clients
Creating Directory Entries
Searching, Querying, and Modifying the Directory
Using OpenLDAP for User Authentication
Configuring the Server
Configuring the Client
Summary
Chapter 28 Printing
Printing Terminologies
The CUPS System
Running CUPS
Installing CUPS
Configuring CUPS
Adding Printers
Local Printers and Remote Printers
Using the Web Interface to Add a Printer
Using Command-Line Tools to Add a Printer
Routine CUPS Administration
Setting the Default Printer
Enabling, Disabling, and Deleting Printers
Accepting and Rejecting Print Jobs
Managing Printing Privileges
Managing Printers via the Web Interface
Using Client-Side Printing Tools
lpr
lpq
lprm
Summary
Chapter 29 Dynamic Host Configuration Protocol (DHCP)
The Mechanics of DHCP
The DHCP Server
Installing DHCP Software via RPM
Installing DHCP Software via APT in Ubuntu
Configuring the DHCP Server
A Sample dhcpd.conf File
The DHCP Client Daemon
Summary
Chapter 30 Virtualization
Why Virtualize?
Virtualization Concepts
Virtualization Implementations
Hyper-V
Kernel-Based Virtual Machine (KVM)
QEMU
VirtualBox
VMware
Xen
KVM
KVM Example
Managing KVM Virtual Machines
Setting Up KVM in Ubuntu/Debian
Containers
Containers vs. Virtual Machines
Docker
Summary
Chapter 31 Backups
Evaluating Your Backup Needs
Amount of Data
Backup Hardware and Backup Medium
Network Throughput
Speed and Ease of Data Recovery
Data Deduplication
Tape Management
Command-Line Backup Tools
dump and restore
tar
rsync
Miscellaneous Backup Solutions
Summary
Part VI Appendixes
A Creating a Linux Installer on Flash/USB Devices
Overview
Native Solutions
Distro-Specific Solutions
Universal Solutions
B Demo Virtual Machine and Container
Basic Host System Requirements
Installing the Virtualization Applications and Utilities
Download and Prep the Demo VM Image File
Import the Demo VM Image and Create a New VM Instance
Managing the Demo Virtual Machine
Connecting to the Demo VM
Virtual Network Computing (VNC)
Virtual Serial TTY Console
Connecting via SSH
Cockpit Application
Just Use It!
Demo Containers (Docker, podman, buildah, and kubectl)
Feedback
Index