| Acknowledgments |
|
xi | |
| Introduction |
|
xxxiii | |
| Part I: Getting Started |
|
1 | (62) |
|
Chapter 1 Starting with Linux |
|
|
3 | (26) |
|
Understanding What Linux Is |
|
|
4 | (2) |
|
Understanding How Linux Differs from Other Operating Systems |
|
|
6 | (1) |
|
|
|
6 | (10) |
|
Free-flowing UNIX culture at Bell Labs |
|
|
7 | (2) |
|
|
|
9 | (2) |
|
Berkeley Software Distribution arrives |
|
|
9 | (1) |
|
UNIX Laboratory and commercialization |
|
|
10 | (1) |
|
GNU transitions UNIX to freedom |
|
|
11 | (2) |
|
|
|
13 | (1) |
|
Linus builds the missing piece |
|
|
13 | (1) |
|
OSI open source definition |
|
|
14 | (2) |
|
Understanding How Linux Distributions Emerged |
|
|
16 | (4) |
|
Choosing a Red Hat distribution |
|
|
17 | (2) |
|
Using Red Hat Enterprise Linux |
|
|
17 | (1) |
|
|
|
18 | (1) |
|
Choosing Ubuntu or another Debian distribution |
|
|
19 | (1) |
|
Finding Professional Opportunities with Linux Today |
|
|
20 | (6) |
|
Understanding how companies make money with Linux |
|
|
21 | (1) |
|
Becoming Red Hat certified |
|
|
22 | (11) |
|
|
|
23 | (1) |
|
|
|
24 | (2) |
|
|
|
26 | (3) |
|
Chapter 2 Creating the Perfect Linux Desktop |
|
|
29 | (34) |
|
Understanding Linux Desktop Technology |
|
|
30 | (2) |
|
Starting with the Fedora GNOME Desktop Live image |
|
|
32 | (1) |
|
Using the GNOME 3 Desktop |
|
|
33 | (16) |
|
After the computer boots up |
|
|
33 | (8) |
|
Navigating with the mouse |
|
|
34 | (4) |
|
Navigating with the keyboard |
|
|
38 | (3) |
|
Setting up the GNOME 3 desktop |
|
|
41 | (1) |
|
Extending the GNOME 3 desktop |
|
|
42 | (3) |
|
Using GNOME shell extensions |
|
|
42 | (2) |
|
Using the GNOME Tweak Tool |
|
|
44 | (1) |
|
Starting with desktop applications |
|
|
45 | (4) |
|
Managing files and folders with Nautilus |
|
|
45 | (1) |
|
Installing and managing additional software |
|
|
46 | (2) |
|
Playing music with Rhythmbox |
|
|
48 | (1) |
|
Stopping the GNOME 3 desktop |
|
|
49 | (1) |
|
Using the GNOME 2 Desktop |
|
|
49 | (11) |
|
Using the Metacity window manager |
|
|
50 | (2) |
|
Changing GNOME's appearance |
|
|
52 | (1) |
|
|
|
53 | (5) |
|
Using the Applications and System menus |
|
|
54 | (1) |
|
|
|
54 | (1) |
|
|
|
55 | (1) |
|
Adding an application launcher |
|
|
55 | (1) |
|
|
|
56 | (1) |
|
Changing panel properties |
|
|
57 | (1) |
|
Adding 3D effects with AIGLX |
|
|
58 | (2) |
|
|
|
60 | (1) |
|
|
|
61 | (2) |
| Part II: Becoming a Linux Power User |
|
63 | (108) |
|
Chapter 3 Using the Shell |
|
|
65 | (32) |
|
About Shells and Terminal Windows |
|
|
66 | (3) |
|
|
|
67 | (1) |
|
|
|
68 | (1) |
|
|
|
69 | (1) |
|
|
|
69 | (1) |
|
|
|
70 | (6) |
|
Understanding command syntax |
|
|
71 | (3) |
|
|
|
74 | (2) |
|
Recalling Commands Using Command History |
|
|
76 | (6) |
|
|
|
77 | (2) |
|
|
|
79 | (1) |
|
|
|
80 | (2) |
|
Connecting and Expanding Commands |
|
|
82 | (3) |
|
|
|
82 | (1) |
|
|
|
83 | (1) |
|
|
|
83 | (1) |
|
|
|
84 | (1) |
|
Expanding arithmetic expressions |
|
|
84 | (1) |
|
|
|
85 | (1) |
|
|
|
85 | (3) |
|
Creating and using aliases |
|
|
87 | (1) |
|
|
|
88 | (1) |
|
Creating Your Shell Environment |
|
|
88 | (4) |
|
|
|
88 | (1) |
|
|
|
89 | (2) |
|
Adding environment variables |
|
|
91 | (1) |
|
Getting Information about Commands |
|
|
92 | (2) |
|
|
|
94 | (1) |
|
|
|
95 | (2) |
|
Chapter 4 Moving around the Filesystem |
|
|
97 | (20) |
|
Using Basic Filesystem Commands |
|
|
100 | (2) |
|
Using Metacharacters and Operators |
|
|
102 | (3) |
|
Using file-matching metacharacters |
|
|
102 | (1) |
|
Using file-redirection metacharacters |
|
|
103 | (2) |
|
Using brace expansion characters |
|
|
105 | (1) |
|
Listing Files and Directories |
|
|
105 | (4) |
|
Understanding File Permissions and Ownership |
|
|
109 | (5) |
|
Changing permissions with chmod (numbers) |
|
|
111 | (1) |
|
Changing permissions with chmod (letters) |
|
|
111 | (1) |
|
Setting default file permission with umask |
|
|
112 | (1) |
|
|
|
113 | (1) |
|
Moving, Copying, and Removing Files |
|
|
114 | (1) |
|
|
|
115 | (1) |
|
|
|
115 | (2) |
|
Chapter 5 Working with Text Files |
|
|
117 | (20) |
|
Editing Files with vim and vi |
|
|
117 | (8) |
|
|
|
119 | (4) |
|
|
|
119 | (1) |
|
Moving around in the text |
|
|
120 | (1) |
|
Deleting, copying, and changing text |
|
|
121 | (1) |
|
|
|
122 | (1) |
|
|
|
122 | (1) |
|
|
|
122 | (1) |
|
Skipping around in the file |
|
|
123 | (1) |
|
|
|
124 | (1) |
|
|
|
124 | (1) |
|
Learning more about vi and vim |
|
|
124 | (1) |
|
|
|
125 | (9) |
|
Using locate to find files by name |
|
|
125 | (2) |
|
Searching for files with find |
|
|
127 | (5) |
|
|
|
127 | (1) |
|
|
|
128 | (1) |
|
|
|
128 | (1) |
|
Finding files by permission |
|
|
129 | (1) |
|
Finding files by date and time |
|
|
130 | (1) |
|
Using 'not' and 'or' when finding files |
|
|
131 | (1) |
|
Finding files and executing commands |
|
|
131 | (1) |
|
Searching in files with grep |
|
|
132 | (2) |
|
|
|
134 | (1) |
|
|
|
134 | (3) |
|
Chapter 6 Managing Running Processes |
|
|
137 | (16) |
|
|
|
137 | (1) |
|
|
|
138 | (6) |
|
Listing processes with ps |
|
|
138 | (2) |
|
Listing and changing processes with top |
|
|
140 | (2) |
|
Listing processes with System Monitor |
|
|
142 | (2) |
|
Managing Background and Foreground Processes |
|
|
144 | (2) |
|
Starting background processes |
|
|
144 | (1) |
|
Using foreground and background commands |
|
|
145 | (1) |
|
Killing and Renicing Processes |
|
|
146 | (3) |
|
Killing processes with kill and killall |
|
|
146 | (2) |
|
Using kill to signal processes by PID |
|
|
147 | (1) |
|
Using killall to signal processes by name |
|
|
148 | (1) |
|
Setting processor priority with nice and renice |
|
|
148 | (1) |
|
Limiting Processes with cgroups |
|
|
149 | (2) |
|
|
|
151 | (1) |
|
|
|
151 | (2) |
|
Chapter 7 Writing Simple Shell Scripts |
|
|
153 | (18) |
|
Understanding Shell Scripts |
|
|
153 | (15) |
|
Executing and debugging shell scripts |
|
|
154 | (1) |
|
Understanding shell variables |
|
|
154 | (4) |
|
Special shell positional parameters |
|
|
156 | (1) |
|
|
|
157 | (1) |
|
Parameter expansion in bash |
|
|
157 | (1) |
|
Performing arithmetic in shell scripts |
|
|
158 | (1) |
|
Using programming constructs in shell scripts |
|
|
159 | (5) |
|
The "if...then" statements |
|
|
159 | (3) |
|
|
|
162 | (1) |
|
|
|
163 | (1) |
|
The "while...do" and "until...do" loops |
|
|
164 | (1) |
|
Trying some useful text manipulation programs |
|
|
164 | (3) |
|
The general regular expression parser |
|
|
165 | (1) |
|
Remove sections of lines of text (cut) |
|
|
165 | (1) |
|
Translate or delete characters (tr) |
|
|
165 | (1) |
|
|
|
166 | (1) |
|
Using simple shell scripts |
|
|
167 | (8) |
|
|
|
167 | (1) |
|
|
|
168 | (1) |
|
|
|
168 | (1) |
|
|
|
169 | (2) |
| Part III: Becoming a Linux System Administrator |
|
171 | (142) |
|
Chapter 8 Learning System Administration |
|
|
173 | (28) |
|
Understanding System Administration |
|
|
173 | (2) |
|
Using Graphical Administration Tools |
|
|
175 | (2) |
|
Using system-config-* tools |
|
|
175 | (2) |
|
Using browser-based admin tools |
|
|
177 | (1) |
|
Using the root user account |
|
|
177 | (5) |
|
Becoming root from the shell (su command) |
|
|
178 | (2) |
|
Allowing administrative access via the GUI |
|
|
180 | (1) |
|
Gaining administrative access with sudo |
|
|
180 | (2) |
|
Exploring Administrative Commands, Configuration Files, and Log Files |
|
|
182 | (7) |
|
|
|
182 | (1) |
|
Administrative configuration files |
|
|
183 | (5) |
|
Administrative log files and systemd journal |
|
|
188 | (2) |
|
Using journalctl to view the systemd journal |
|
|
188 | (1) |
|
Managing log messages with rsyslogd |
|
|
189 | (1) |
|
Using Other Administrative Accounts |
|
|
189 | (1) |
|
Checking and Configuring Hardware |
|
|
190 | (9) |
|
|
|
191 | (3) |
|
Managing removable hardware |
|
|
194 | (3) |
|
Working with loadable modules |
|
|
197 | (16) |
|
|
|
197 | (1) |
|
|
|
198 | (1) |
|
|
|
198 | (1) |
|
|
|
199 | (1) |
|
|
|
199 | (2) |
|
Chapter 9 Installing Linux |
|
|
201 | (32) |
|
|
|
202 | (1) |
|
Installing Fedora from Live media |
|
|
203 | (5) |
|
Installing Red Hat Enterprise Linux from Installation Media |
|
|
208 | (3) |
|
Understanding Cloud-Based Installations |
|
|
211 | (1) |
|
Installing Linux in the Enterprise |
|
|
211 | (2) |
|
Exploring Common Installation Topics |
|
|
213 | (18) |
|
Upgrading or installing from scratch |
|
|
213 | (1) |
|
|
|
214 | (2) |
|
Installing Linux to run virtually |
|
|
216 | (1) |
|
Using installation boot options |
|
|
216 | (3) |
|
Boot options for disabling features |
|
|
217 | (1) |
|
Boot options for video problems |
|
|
217 | (1) |
|
Boot options for special installation types |
|
|
218 | (1) |
|
Boot options for kickstarts and remote repositories |
|
|
218 | (1) |
|
Miscellaneous boot options |
|
|
219 | (1) |
|
Using specialized storage |
|
|
219 | (1) |
|
|
|
220 | (4) |
|
Understanding different partition types |
|
|
221 | (1) |
|
Reasons for different partitioning schemes |
|
|
222 | (1) |
|
Tips for creating partitions |
|
|
222 | (2) |
|
Using the GRUB boot loader |
|
|
224 | (12) |
|
Using GRUB Legacy (version 1) |
|
|
225 | (4) |
|
|
|
229 | (2) |
|
|
|
231 | (1) |
|
|
|
231 | (2) |
|
Chapter 10 Getting and Managing Software |
|
|
233 | (26) |
|
Managing Software on the Desktop |
|
|
233 | (2) |
|
Going Beyond the Software Window |
|
|
235 | (1) |
|
Understanding Linux RPM and DEB Software Packaging |
|
|
236 | (4) |
|
Understanding DEB packaging |
|
|
237 | (1) |
|
Understanding RPM packaging |
|
|
238 | (2) |
|
|
|
238 | (1) |
|
|
|
239 | (1) |
|
|
|
239 | (1) |
|
Managing RPM Packages with YUM |
|
|
240 | (12) |
|
Understanding how yum works |
|
|
241 | (3) |
|
|
|
242 | (1) |
|
Checking /etc/sysconfig/rhn/up2date (RHEL only) |
|
|
242 | (1) |
|
Checking /etc/yum.repos.d/*.repo files |
|
|
243 | (1) |
|
Downloading RPM packages and metadata from a YUM repository |
|
|
243 | (1) |
|
RPM packages installed to Linux file system |
|
|
244 | (1) |
|
Store YUM repository metadata to local RPM database |
|
|
244 | (1) |
|
Using YUM with third-party software repositories |
|
|
244 | (1) |
|
Managing software with the YUM command |
|
|
245 | (7) |
|
|
|
246 | (1) |
|
Installing and removing packages |
|
|
247 | (2) |
|
|
|
249 | (1) |
|
Updating groups of packages |
|
|
250 | (1) |
|
Maintaining your RPM package database and cache |
|
|
251 | (1) |
|
Downloading RPMs from a yum repository |
|
|
252 | (1) |
|
Installing, Querying, and Verifying Software with the rpm Command |
|
|
252 | (4) |
|
Installing and removing packages with rpm |
|
|
253 | (1) |
|
|
|
254 | (1) |
|
|
|
255 | (1) |
|
Managing Software in the Enterprise |
|
|
256 | (1) |
|
|
|
257 | (1) |
|
|
|
258 | (1) |
|
Chapter 11 Managing User Accounts |
|
|
259 | (24) |
|
|
|
259 | (9) |
|
Adding users with useradd |
|
|
262 | (3) |
|
|
|
265 | (1) |
|
Modifying users with usermod |
|
|
266 | (2) |
|
Deleting users with userdel |
|
|
268 | (1) |
|
Understanding Group Accounts |
|
|
268 | (2) |
|
|
|
269 | (1) |
|
|
|
270 | (1) |
|
Managing Users in the Enterprise |
|
|
270 | (8) |
|
Setting permissions with Access Control Lists |
|
|
271 | (5) |
|
Setting ACLs with setfacl |
|
|
272 | (1) |
|
|
|
273 | (1) |
|
|
|
274 | (2) |
|
Adding directories for users to collaborate |
|
|
276 | (2) |
|
Creating group collaboration directories (set GID bit) |
|
|
276 | (2) |
|
Creating restricted deletion directories (sticky bit) |
|
|
278 | (1) |
|
Centralizing User Accounts |
|
|
278 | (3) |
|
|
|
279 | (1) |
|
Using the Authentication Configuration window |
|
|
279 | (2) |
|
|
|
281 | (1) |
|
|
|
281 | (2) |
|
Chapter 12 Managing Disks and Filesystems |
|
|
283 | (30) |
|
Understanding Disk Storage |
|
|
283 | (2) |
|
|
|
285 | (10) |
|
Understanding partition tables |
|
|
286 | (1) |
|
|
|
286 | (2) |
|
Creating a single-partition disk |
|
|
288 | (4) |
|
Creating a multiple-partition disk |
|
|
292 | (3) |
|
Using Logical Volume Management Partitions |
|
|
295 | (6) |
|
|
|
296 | (3) |
|
Creating LVM logical volumes |
|
|
299 | (1) |
|
Growing LVM logical volumes |
|
|
300 | (1) |
|
|
|
301 | (9) |
|
|
|
301 | (2) |
|
|
|
303 | (1) |
|
|
|
304 | (1) |
|
Using the fstab file to define mountable file systems |
|
|
305 | (2) |
|
Using the mount command to mount file systems |
|
|
307 | (1) |
|
Mounting a disk image in loopback |
|
|
308 | (1) |
|
|
|
309 | (1) |
|
Using the mkfs Command to Create a Filesystem |
|
|
310 | (1) |
|
|
|
311 | (1) |
|
|
|
311 | (2) |
| Part IV: Becoming a Linux Server Administrator |
|
313 | (276) |
|
Chapter 13 Understanding Server Administration |
|
|
315 | (32) |
|
Starting with Server Administration |
|
|
316 | (7) |
|
Step 1 Install the server |
|
|
316 | (2) |
|
Step 2 Configure the server |
|
|
318 | (1) |
|
Using configuration files |
|
|
318 | (1) |
|
Checking the default configuration |
|
|
319 | (1) |
|
|
|
319 | (2) |
|
|
|
321 | (1) |
|
|
|
321 | (1) |
|
|
|
321 | (1) |
|
|
|
322 | (1) |
|
|
|
322 | (1) |
|
Security settings in configuration files |
|
|
322 | (1) |
|
Step 5 Monitor the server |
|
|
322 | (1) |
|
|
|
322 | (1) |
|
Run system activity reports |
|
|
323 | (1) |
|
Keep system software up to date |
|
|
323 | (1) |
|
Check the filesystem for signs of crackers |
|
|
323 | (1) |
|
Managing Remote Access with the Secure Shell Service |
|
|
323 | (11) |
|
Starting the openssh-server service |
|
|
324 | (2) |
|
|
|
326 | (6) |
|
Using ssh for remote login |
|
|
326 | (2) |
|
Using ssh for remote execution |
|
|
328 | (1) |
|
Copying files between systems with scp and rsync |
|
|
329 | (3) |
|
Interactive copying with sftp |
|
|
332 | (1) |
|
Using key-based (passwordless) authentication |
|
|
332 | (2) |
|
Configuring System Logging |
|
|
334 | (6) |
|
Enabling system logging with rsyslog |
|
|
334 | (5) |
|
Understanding the rsyslog.conf file |
|
|
335 | (2) |
|
Understanding the messages log file |
|
|
337 | (1) |
|
Setting up and using a loghost with rsyslogd |
|
|
337 | (2) |
|
Watching logs with logwatch |
|
|
339 | (1) |
|
Checking System Resources with sar |
|
|
340 | (1) |
|
|
|
341 | (3) |
|
Displaying system space with df |
|
|
342 | (1) |
|
Checking disk usage with du |
|
|
342 | (1) |
|
Finding disk consumption with find |
|
|
343 | (1) |
|
Managing Servers in the Enterprise |
|
|
344 | (1) |
|
|
|
344 | (1) |
|
|
|
345 | (2) |
|
Chapter 14 Administering Networking |
|
|
347 | (30) |
|
Configuring Networking for Desktops |
|
|
348 | (12) |
|
Checking your network interfaces |
|
|
350 | (5) |
|
Checking your network from NetworkManager |
|
|
350 | (2) |
|
Checking your network from the command line |
|
|
352 | (3) |
|
Configuring network interfaces |
|
|
355 | (3) |
|
Setting IP addresses manually |
|
|
355 | (1) |
|
Setting IP address aliases |
|
|
356 | (1) |
|
|
|
357 | (1) |
|
Configuring a network proxy connection |
|
|
358 | (2) |
|
Configuring Networking from the Command Line |
|
|
360 | (11) |
|
|
|
360 | (2) |
|
Understanding networking configuration files |
|
|
362 | (5) |
|
|
|
363 | (2) |
|
|
|
365 | (2) |
|
Setting alias network interfaces |
|
|
367 | (1) |
|
Setting up Ethernet channel bonding |
|
|
368 | (2) |
|
|
|
370 | (1) |
|
Configuring Networking in the Enterprise |
|
|
371 | (3) |
|
Configuring Linux as a router |
|
|
371 | (1) |
|
Configuring Linux as a DHCP server |
|
|
372 | (1) |
|
Configuring Linux as a DNS server |
|
|
372 | (1) |
|
Configuring Linux as a proxy server |
|
|
373 | (1) |
|
|
|
374 | (1) |
|
|
|
374 | (3) |
|
Chapter 15 Starting and Stopping Services |
|
|
377 | (46) |
|
Understanding the Initialization Daemon (init or systemd) |
|
|
378 | (21) |
|
Understanding the classic init daemons |
|
|
380 | (6) |
|
Understanding the Upstart init daemon |
|
|
386 | (6) |
|
Learning Upstart init daemon basics |
|
|
386 | (2) |
|
Learning Upstart's backward compatibility to SysVinit |
|
|
388 | (4) |
|
Understanding systemd initialization |
|
|
392 | (7) |
|
|
|
392 | (5) |
|
Learning systemd's backward compatibility to SysVinit |
|
|
397 | (2) |
|
Checking the Status of Services |
|
|
399 | (4) |
|
Checking services for SysVinit systems |
|
|
400 | (1) |
|
Checking services for Upstart systems |
|
|
401 | (1) |
|
Checking services for systemd systems |
|
|
402 | (1) |
|
Stopping and Starting Services |
|
|
403 | (5) |
|
Stopping and starting SysVinit services |
|
|
403 | (2) |
|
Stopping and starting Upstart services |
|
|
405 | (1) |
|
Stopping and starting systemd services |
|
|
406 | (2) |
|
Stopping a service with systemd |
|
|
406 | (1) |
|
Starting a service with systemd |
|
|
406 | (1) |
|
Restarting a service with systemd |
|
|
407 | (1) |
|
Reloading a service with systemd |
|
|
407 | (1) |
|
Enabling Persistent Services |
|
|
408 | (4) |
|
Configuring persistent services for SysVinit |
|
|
408 | (1) |
|
Configuring persistent services for Upstart |
|
|
409 | (1) |
|
Configuring persistent services for systemd |
|
|
410 | (2) |
|
Enabling a service with systemd |
|
|
410 | (1) |
|
Disabling a service with systemd |
|
|
411 | (1) |
|
Configuring a Default Runlevel or Target Unit |
|
|
412 | (2) |
|
Configuring the SysVinit default runlevel |
|
|
412 | (1) |
|
Configuring the default runlevel in Upstart |
|
|
413 | (1) |
|
Configuring the default target unit for systemd |
|
|
413 | (1) |
|
Adding New or Customized Services |
|
|
414 | (8) |
|
Adding new services to SysVinit |
|
|
414 | (3) |
|
Step 1 Create a new or customized service script file |
|
|
415 | (1) |
|
Step 2 Add the service script to /etc/rc.d/init.d |
|
|
416 | (1) |
|
Step 3 Add the service to runlevel directories |
|
|
417 | (1) |
|
Adding new services to Upstart |
|
|
417 | (2) |
|
Adding new services to systemd |
|
|
419 | (6) |
|
Step 1 Create a new or customized service configuration unit file |
|
|
419 | (1) |
|
Step 2 Move the service configuration unit file |
|
|
420 | (1) |
|
Step 3 Add the service to the Wants directory |
|
|
420 | (2) |
|
|
|
422 | (1) |
|
|
|
422 | (1) |
|
Chapter 16 Configuring a Print Server |
|
|
423 | (26) |
|
Common UNIX Printing System |
|
|
423 | (2) |
|
|
|
425 | (10) |
|
Adding a printer automatically |
|
|
425 | (1) |
|
Using web-based CUPS administration |
|
|
426 | (2) |
|
Using the Print Settings window |
|
|
428 | (7) |
|
Configuring local printers with the Print Settings window |
|
|
429 | (3) |
|
Configuring remote printers |
|
|
432 | (1) |
|
Adding a remote CUPS printer |
|
|
433 | (1) |
|
Adding a remote UNIX (LDP/LPR) printer |
|
|
433 | (1) |
|
Adding a Windows (SMB) printer |
|
|
434 | (1) |
|
Working with CUPS Printing |
|
|
435 | (4) |
|
Configuring the CUPS server (cupsd.conf) |
|
|
436 | (1) |
|
|
|
437 | (1) |
|
Configuring CUPS printer options manually |
|
|
438 | (1) |
|
|
|
439 | (2) |
|
|
|
440 | (1) |
|
|
|
440 | (1) |
|
Removing print jobs with 1prm |
|
|
441 | (1) |
|
Configuring Print Servers |
|
|
441 | (5) |
|
Configuring a shared CUPS printer |
|
|
442 | (1) |
|
Configuring a shared Samba printer |
|
|
443 | (7) |
|
Understanding smb.conf for printing |
|
|
444 | (1) |
|
|
|
445 | (1) |
|
|
|
446 | (1) |
|
|
|
446 | (3) |
|
Chapter 17 Configuring a Web Server |
|
|
449 | (28) |
|
Understanding the Apache Web Server |
|
|
449 | (1) |
|
Getting and Installing Your Web Server |
|
|
450 | (4) |
|
Understanding the httpd package |
|
|
450 | (3) |
|
|
|
453 | (1) |
|
|
|
454 | (17) |
|
|
|
455 | (2) |
|
Apache file permissions and ownership |
|
|
455 | (1) |
|
|
|
455 | (1) |
|
|
|
456 | (1) |
|
Understanding the Apache configuration files |
|
|
457 | (5) |
|
|
|
457 | (3) |
|
Understanding default settings |
|
|
460 | (2) |
|
Adding a virtual host to Apache |
|
|
462 | (2) |
|
Allowing users to publish their own web content |
|
|
464 | (1) |
|
Securing your web traffic with SSL/TLS |
|
|
465 | (6) |
|
Understanding how SSL is configured |
|
|
467 | (2) |
|
Generating an SSL key and self-signed certificate |
|
|
469 | (1) |
|
Generating a certificate signing request |
|
|
470 | (1) |
|
Troubleshooting Your Web Server |
|
|
471 | (4) |
|
Checking for configuration errors |
|
|
472 | (2) |
|
Accessing forbidden and server internal errors |
|
|
474 | (1) |
|
|
|
475 | (1) |
|
|
|
475 | (2) |
|
Chapter 18 Configuring an FTP Server |
|
|
477 | (22) |
|
|
|
477 | (2) |
|
Installing the vsftpd FTP Server |
|
|
479 | (1) |
|
Starting the vsftpd Service |
|
|
480 | (3) |
|
|
|
483 | (5) |
|
Opening up your firewall for FTP |
|
|
483 | (3) |
|
Allowing FTP access in TCP wrappers |
|
|
486 | (1) |
|
Configuring SELinux for your FTP server |
|
|
486 | (2) |
|
Relating Linux file permissions to vsftpd |
|
|
488 | (1) |
|
Configuring Your FTP Server |
|
|
488 | (4) |
|
|
|
488 | (1) |
|
|
|
489 | (2) |
|
Setting up vsftpd for the Internet |
|
|
491 | (1) |
|
Using FTP Clients to Connect to Your Server |
|
|
492 | (4) |
|
Accessing an FTP server from Firefox |
|
|
493 | (1) |
|
Accessing an FTP server with the lftp command |
|
|
493 | (2) |
|
|
|
495 | (1) |
|
|
|
496 | (1) |
|
|
|
497 | (2) |
|
Chapter 19 Configuring a Windows File Sharing (Samba) Server |
|
|
499 | (28) |
|
|
|
499 | (1) |
|
|
|
500 | (2) |
|
Starting and Stopping Samba |
|
|
502 | (4) |
|
Starting the Samba (smb) service |
|
|
503 | (2) |
|
Starting the NetBIOS (nmbd) name server |
|
|
505 | (1) |
|
Stopping the Samba (smb) and NetBIOS (nmb) services |
|
|
506 | (1) |
|
|
|
506 | (5) |
|
Configuring firewalls for Samba |
|
|
507 | (1) |
|
Configuring SELinux for Samba |
|
|
508 | (2) |
|
Setting SELinux Booleans for Samba |
|
|
508 | (2) |
|
Setting SELinux file contexts for Samba |
|
|
510 | (1) |
|
Configuring Samba host/user permissions |
|
|
510 | (1) |
|
|
|
511 | (10) |
|
Using system-config-samba |
|
|
511 | (5) |
|
Choosing Samba server settings |
|
|
511 | (1) |
|
Configuring Samba user accounts |
|
|
512 | (1) |
|
Creating a Samba shared folder |
|
|
513 | (1) |
|
|
|
514 | (2) |
|
Configuring Samba in the smb.conf file |
|
|
516 | (5) |
|
Configuring the [ global] section |
|
|
516 | (2) |
|
Configuring the [ homes] section |
|
|
518 | (1) |
|
Configuring the [ printers] section |
|
|
519 | (1) |
|
Creating custom shared directories |
|
|
519 | (2) |
|
|
|
521 | (4) |
|
Accessing Samba shares in Linux |
|
|
522 | (2) |
|
Accessing Samba shares in Windows |
|
|
524 | (1) |
|
Using Samba in the Enterprise |
|
|
525 | (1) |
|
|
|
525 | (1) |
|
|
|
526 | (1) |
|
Chapter 20 Configuring an NFS File Server |
|
|
527 | (24) |
|
|
|
529 | (1) |
|
|
|
530 | (1) |
|
|
|
531 | (5) |
|
Configuring the /etc/exports file |
|
|
532 | (3) |
|
Hostnames in /etc/exports |
|
|
533 | (1) |
|
Access options in /etc/exports |
|
|
534 | (1) |
|
User mapping options in /etc/exports |
|
|
534 | (1) |
|
Exporting the shared filesystems |
|
|
535 | (1) |
|
|
|
536 | (4) |
|
Opening up your firewall for NFS |
|
|
537 | (2) |
|
Allowing NFS access in TCP wrappers |
|
|
539 | (1) |
|
Configuring SELinux for your NFS server |
|
|
539 | (1) |
|
|
|
540 | (9) |
|
|
|
540 | (1) |
|
Manually mounting an NFS filesystem |
|
|
541 | (1) |
|
Mounting an NFS filesystem at boot time |
|
|
542 | (3) |
|
Mounting noauto filesystems |
|
|
543 | (1) |
|
|
|
543 | (2) |
|
Using autofs to mount NFS filesystems on demand |
|
|
545 | (6) |
|
Automounting to the /net directory |
|
|
546 | (1) |
|
Automounting home directories |
|
|
547 | (2) |
|
Unmounting NFS filesystems |
|
|
549 | (1) |
|
|
|
549 | (1) |
|
|
|
550 | (1) |
|
Chapter 21 Troubleshooting Linux |
|
|
551 | (38) |
|
|
|
551 | (17) |
|
Understanding Startup Methods |
|
|
552 | (2) |
|
Starting with System V init scripts |
|
|
552 | (1) |
|
|
|
553 | (1) |
|
|
|
554 | (1) |
|
Starting from the firmware (BIOS or UEFI) |
|
|
554 | (3) |
|
Troubleshooting BIOS setup |
|
|
555 | (1) |
|
Troubleshooting boot order |
|
|
556 | (1) |
|
Troubleshooting the GRUB boot loader |
|
|
557 | (2) |
|
|
|
559 | (9) |
|
Troubleshooting the initialization system |
|
|
560 | (1) |
|
Troubleshooting System V initialization |
|
|
560 | (1) |
|
Troubleshooting rc.sysinit |
|
|
561 | (1) |
|
Troubleshooting runlevel processes |
|
|
562 | (4) |
|
Troubleshooting systemd initialization |
|
|
566 | (2) |
|
Troubleshooting Software Packages |
|
|
568 | (5) |
|
Fixing RPM databases and cache |
|
|
572 | (1) |
|
Troubleshooting Networking |
|
|
573 | (7) |
|
Troubleshooting outgoing connections |
|
|
573 | (4) |
|
|
|
574 | (1) |
|
Check physical connections |
|
|
574 | (1) |
|
|
|
575 | (1) |
|
Check hostname resolution |
|
|
576 | (1) |
|
Troubleshooting incoming connections |
|
|
577 | (3) |
|
Check if the client can reach your system at all |
|
|
577 | (1) |
|
Check if the service is available to the client |
|
|
578 | (1) |
|
Check the firewall on the server |
|
|
578 | (1) |
|
Check the service on the server |
|
|
579 | (1) |
|
|
|
580 | (5) |
|
|
|
581 | (10) |
|
Checking for memory problems |
|
|
583 | (1) |
|
Dealing with memory problems |
|
|
584 | (1) |
|
Troubleshooting in Rescue Mode |
|
|
585 | (2) |
|
|
|
587 | (1) |
|
|
|
587 | (2) |
| Part V: Learning Linux Security Techniques |
|
589 | (138) |
|
Chapter 22 Understanding Basic Linux Security |
|
|
591 | (36) |
|
Understanding Security Basics |
|
|
591 | (17) |
|
Implementing physical security |
|
|
591 | (1) |
|
Implementing disaster recovery |
|
|
592 | (1) |
|
|
|
593 | (3) |
|
One user per user account |
|
|
593 | (1) |
|
Limit access to the root user account |
|
|
594 | (1) |
|
Setting expiration dates on temporary accounts |
|
|
594 | (1) |
|
Removing unused user accounts |
|
|
595 | (1) |
|
|
|
596 | (7) |
|
|
|
597 | (1) |
|
Setting and changing passwords |
|
|
598 | (1) |
|
Enforcing best password practices |
|
|
599 | (2) |
|
Understanding the password files and password hashes |
|
|
601 | (2) |
|
|
|
603 | (4) |
|
Managing dangerous filesystem permissions |
|
|
603 | (1) |
|
Securing the password files |
|
|
604 | (2) |
|
Locking down the filesystem |
|
|
606 | (1) |
|
Managing software and services |
|
|
607 | (1) |
|
Updating software packages |
|
|
607 | (1) |
|
Keeping up with security advisories |
|
|
607 | (1) |
|
|
|
608 | (1) |
|
|
|
608 | (14) |
|
|
|
608 | (4) |
|
|
|
612 | (3) |
|
Detecting counterfeit new accounts and privileges |
|
|
612 | (2) |
|
Detecting bad account passwords |
|
|
614 | (1) |
|
Monitoring the filesystem |
|
|
615 | (7) |
|
Verifying software packages |
|
|
615 | (1) |
|
|
|
616 | (2) |
|
Detecting viruses and rootkits |
|
|
618 | (4) |
|
Auditing and Reviewing Linux |
|
|
622 | (2) |
|
Conducting compliance reviews |
|
|
623 | (1) |
|
Conducting security reviews |
|
|
623 | (1) |
|
|
|
624 | (1) |
|
|
|
624 | (3) |
|
Chapter 23 Understanding Advanced Linux Security |
|
|
627 | (42) |
|
Implementing Linux Security with Cryptography |
|
|
627 | (21) |
|
|
|
628 | (2) |
|
Understanding encryption/decryption |
|
|
630 | (9) |
|
Understanding cryptographic ciphers |
|
|
630 | (1) |
|
Understanding cryptographic cipher keys |
|
|
631 | (6) |
|
Understanding digital signatures |
|
|
637 | (2) |
|
Implementing Linux cryptography |
|
|
639 | (9) |
|
|
|
639 | (1) |
|
Encrypting a Linux filesystem |
|
|
640 | (2) |
|
Encrypting a Linux directory |
|
|
642 | (3) |
|
|
|
645 | (1) |
|
Encrypting Linux with miscellaneous tools |
|
|
645 | (1) |
|
Using Encryption from the Desktop |
|
|
646 | (2) |
|
Implementing Linux Security with PAM |
|
|
648 | (20) |
|
Understanding the PAM authentication process |
|
|
649 | (5) |
|
Understanding PAM contexts |
|
|
650 | (1) |
|
Understanding PAM control flags |
|
|
651 | (1) |
|
Understanding PAM modules |
|
|
652 | (1) |
|
Understanding PAM system event configuration files |
|
|
653 | (1) |
|
Administering PAM on your Linux system |
|
|
654 | (13) |
|
Managing PAM-aware application configuration files |
|
|
654 | (1) |
|
Managing PAM system event configuration files |
|
|
655 | (2) |
|
Implementing resources limits with PAM |
|
|
657 | (1) |
|
Implementing time restrictions with PAM |
|
|
658 | (2) |
|
Enforcing good passwords with PAM |
|
|
660 | (4) |
|
Encouraging sudo use with PAM |
|
|
664 | (1) |
|
Locking accounts with PAM |
|
|
665 | (2) |
|
Obtaining more information on PAM |
|
|
667 | (1) |
|
|
|
668 | (1) |
|
|
|
668 | (1) |
|
Chapter 24 Enhancing Linux Security with SELinux |
|
|
669 | (30) |
|
Understanding SELinux Benefits |
|
|
669 | (2) |
|
Understanding How SELinux Works |
|
|
671 | (8) |
|
Understanding type enforcement |
|
|
671 | (1) |
|
Understanding multi-level security |
|
|
672 | (1) |
|
Implementing SELinux security models |
|
|
673 | (6) |
|
Understanding SELinux operational modes |
|
|
673 | (1) |
|
Understanding SELinux security contexts |
|
|
674 | (3) |
|
Understanding SELinux policy types |
|
|
677 | (1) |
|
Understanding SELinux policy rule packages |
|
|
678 | (1) |
|
|
|
679 | (10) |
|
|
|
680 | (2) |
|
Setting the SELinux policy type |
|
|
682 | (1) |
|
Managing SELinux security contexts |
|
|
683 | (3) |
|
Managing the user security context |
|
|
684 | (1) |
|
Managing the file security context |
|
|
684 | (1) |
|
Managing the process security context |
|
|
685 | (1) |
|
Managing SELinux policy rule packages |
|
|
686 | (2) |
|
Managing SELinux via booleans |
|
|
688 | (1) |
|
Monitoring and Troubleshooting SELinux |
|
|
689 | (5) |
|
Understanding SELinux logging |
|
|
689 | (2) |
|
Reviewing SELinux messages in the audit log |
|
|
690 | (1) |
|
Reviewing SELinux messages in the messages log |
|
|
690 | (1) |
|
Troubleshooting SELinux logging |
|
|
691 | (1) |
|
Troubleshooting common SELinux problems |
|
|
692 | (7) |
|
Using a nonstandard directory for a service |
|
|
692 | (1) |
|
Using a nonstandard port for a service |
|
|
693 | (1) |
|
Moving files and losing security context labels |
|
|
693 | (1) |
|
|
|
694 | (1) |
|
|
|
694 | (1) |
|
Obtaining More Information on SELinux |
|
|
695 | (1) |
|
|
|
695 | (1) |
|
|
|
696 | (3) |
|
Chapter 25 Securing Linux on a Network |
|
|
699 | (28) |
|
Auditing Network Services |
|
|
699 | (11) |
|
Evaluating access to network services with nmap |
|
|
701 | (3) |
|
Using nmap to audit your network services advertisements |
|
|
704 | (4) |
|
Controlling access to network services |
|
|
708 | (2) |
|
|
|
710 | (14) |
|
|
|
710 | (1) |
|
|
|
711 | (18) |
|
|
|
712 | (1) |
|
Understanding the iptables utility |
|
|
713 | (3) |
|
Using the iptables utility |
|
|
716 | (8) |
|
|
|
724 | (1) |
|
|
|
724 | (3) |
| Part VI: Extending Linux into the Cloud |
|
727 | (42) |
|
Chapter 26 Using Linux for Cloud Computing |
|
|
729 | (20) |
|
Overview of Linux and Cloud Computing |
|
|
729 | (3) |
|
Cloud hypervisors (a.k.a. compute nodes) |
|
|
730 | (1) |
|
|
|
730 | (1) |
|
|
|
731 | (1) |
|
|
|
731 | (1) |
|
Cloud deployment and configuration |
|
|
732 | (1) |
|
|
|
732 | (1) |
|
Trying Basic Cloud Technology |
|
|
732 | (2) |
|
|
|
734 | (13) |
|
|
|
735 | (3) |
|
Step 1 Get Linux software |
|
|
735 | (1) |
|
Step 2 Check your computers |
|
|
735 | (1) |
|
Step 3 Install Linux on hypervisors |
|
|
736 | (1) |
|
Step 4 Start services on the hypervisors |
|
|
737 | (1) |
|
Step 5 Edit /etc/hosts or set up DNS |
|
|
738 | (1) |
|
|
|
738 | (2) |
|
Step 1 Install Linux software |
|
|
738 | (1) |
|
Step 2 Configure NFS share |
|
|
739 | (1) |
|
Step 3 Start the NFS service |
|
|
739 | (1) |
|
Step 4 Mount the NFS share on the hypervisors |
|
|
740 | (1) |
|
Creating virtual machines |
|
|
740 | (4) |
|
Step 1 Get images to make virtual machines |
|
|
741 | (1) |
|
Step 2 Check the network bridge |
|
|
741 | (1) |
|
Step 3 Start Virtual Machine Manager (virt-manager) |
|
|
741 | (1) |
|
Step 4 Check connection details |
|
|
742 | (1) |
|
Step 5 Create a new virtual machine |
|
|
743 | (1) |
|
Managing virtual machines |
|
|
744 | (1) |
|
Migrating virtual machines |
|
|
745 | (6) |
|
Step 1 Identify other hypervisors |
|
|
745 | (1) |
|
Step 2 Migrate running VM to another hypervisor |
|
|
746 | (1) |
|
|
|
747 | (1) |
|
|
|
747 | (2) |
|
Chapter 27 Deploying Linux to the Cloud |
|
|
749 | (20) |
|
Getting Linux to Run in a Cloud |
|
|
749 | (2) |
|
Creating Linux Images for Clouds |
|
|
751 | (9) |
|
Configuring and running a cloud-init cloud instance |
|
|
751 | (2) |
|
Investigating the cloud instance |
|
|
753 | (1) |
|
Cloning the cloud instance |
|
|
754 | (2) |
|
Trying an Ubuntu cloud image |
|
|
756 | (1) |
|
Expanding your cloud-init configuration |
|
|
757 | (2) |
|
Adding ssh keys with cloud-init |
|
|
757 | (1) |
|
Adding network interfaces with cloud-init |
|
|
758 | (1) |
|
Adding software with cloud-init |
|
|
758 | (1) |
|
Using cloud-init in enterprise computing |
|
|
759 | (1) |
|
Using OpenStack to Deploy Cloud Images |
|
|
760 | (5) |
|
Starting from the OpenStack Dashboard |
|
|
761 | (4) |
|
Configuring your OpenStack virtual network |
|
|
761 | (2) |
|
Configuring keys for remote access |
|
|
763 | (1) |
|
Launching a virtual machine in OpenStack |
|
|
764 | (1) |
|
Accessing the virtual machine via ssh |
|
|
765 | (1) |
|
Using Amazon EC2 to Deploy Cloud Images |
|
|
765 | (1) |
|
|
|
766 | (3) |
| Part VII: Appendixes |
|
769 | (70) |
|
|
|
771 | (10) |
|
Appendix B: Exercise Answers |
|
|
781 | (58) |
| Index |
|
839 | |
