USAH and LAH

Foreword   xxvi

Foreword to the Second Edition   xxvii

Foreword to the First Edition   xxix

Preface   xxxi

Acknowledgments   xxxiv

SECTION ONE: BASIC ADMINISTRATION

Chapter 1: Where to Start   1

Suggested background   2

The sordid history of Unix   2

Example Unix systems   3

Notation and typographical conventions   4

System-specific information   5

How to use your manuals   5

Organization of the man pages   6

man : read manual pages   7

Essential tasks of the system administrator   8

Adding and removing users   8

Adding and removing hardware   8

Performing backups   8

Installing new software   8

Monitoring the system   9

Troubleshooting   9

Maintaining local documentation   9

Auditing security   9

Helping users   9

How to find files on the Internet   9

System administration under duress   10

System Administration Personality Syndrome   10

Recommended reading   11

Chapter 2: Booting and Shutting Down   12

Bootstrapping   12

Automatic and manual booting   13

Steps in the boot process   13

Kernel initialization   14

Hardware configuration   14

System processes   14

Operator intervention (manual boot only)   15

Execution of startup scripts   16

Multiuser operation   16

Booting PCs   16

How a PC is different from proprietary hardware   17

The PC boot process   17

LILO: the Linux boot loader   18

Configuring LILO   18

The FreeBSD boot loader   19

Multibooting on PCs   20

Multibooting gotchas   20

LILO multiboot configuration   21

FreeBSD multiboot configuration   22

Booting in single-user mode   22

Solaris single-user mode   22

HP-UX single-user mode   23

Linux single-user mode   23

FreeBSD single-user mode   24

Startup scripts   24

SystemV-style startup scripts   25

Solaris startup scripts   28

HP-UX startup scripts   28

Red Hat startup scripts   30

FreeBSD startup scripts   32

Rebooting and shutting down   33

Turning off the power   34

shutdown : the genteel way to halt the system   34

halt : a simpler way to shut down   35

reboot : quick and dirty restart   35

Sending init a TERM signal   36

telinit : change init 's run level   36

Killing init   36

Chapter 3: Rootly Powers   37

Ownership of files and processes   37

The superuser   39

Choosing a root password   39

Becoming root   40

su : substitute user identity   41

sudo : a limited su   41

Other pseudo-users   44

daemon: owner of unprivileged system software   44

bin: owner of system commands   44

sys: owner of the kernel and memory images   44

nobody: the generic NFS user   44

Chapter 4: Controlling Processes   45

Components of a process   45

PID: process ID number   46

PPID: parent PID   46

UID and EUID: real and effective user ID   46

GID and EGID: real and effective group ID   47

Niceness   47

Control terminal   47

The life cycle of a process   47

Signals   48

kill : send signals   51

Process states   51

nice and renice : influence scheduling priority   52

ps : monitor processes   53

top : monitor processes even better   57

Runaway processes   57

Chapter 5: The Filesystem   60

Pathnames   61

Mounting and unmounting filesystems   62

The organization of the file tree   64

File types   66

Regular files   66

Directories   66

Character and block device files   67

Unix domain sockets   68

Named pipes   68

Symbolic links   68

File attributes   69

The setuid and setgid bits   69

The sticky bit   69

The permission bits   70

Viewing file attributes   71

FreeBSD bonus flags   73

chmod : change permissions   73

chown and chgrp : change ownerships   74

umask : assign default permissions   75

Chapter 6: Adding New Users   76

The /etc/passwd file   76

Login name   77

Encrypted password   78

UID number   79

Default GID number   79

GECOS field   80

Home directory   81

Login shell   81

The FreeBSD /etc/master.passwd file   81

The FreeBSD /etc/login.conf file   82

The Solaris and Red Hat /etc/shadow file   82

The /etc/group file   84

Adding users   85

Editing the passwd and shadow files   86

Setting an initial password   86

Creating the user's home directory   87

Copying in the default startup files   87

Setting the user's mail home   88

Editing the /etc/group file   88

Setting disk quotas   89

Verifying the new login   89

Removing users   90

Disabling logins   90

Vendor-supplied account management utilities   91

Chapter 7: Serial Devices   93

Serial standards   93

Alternative connectors   97

The mini DIN-8 variant   97

The DB-9 variant   98

The RJ-45 variant   99

The Yost standard for RJ-45 wiring   99

Hard and soft carrier   101

Hardware flow control   102

Cable length   102

Serial device files   103

Software configuration for serial devices   103

Configuration of hardwired terminals   104

The login process   105

The /etc/ttys and /etc/ttytab files   106

The /etc/ttytype file   106

The /etc/gettytab file   107

The /etc/inittab file   107

The /etc/gettydefs file   108

Solaris and sacadm   109

Terminal support: the termcap and terminfo databases   109

Special characters and the terminal driver   110

stty : set terminal options   111

tset : set options automatically   112

How to unwedge a terminal   112

Modems   113

Modulation, error correction, and data compression protocols   113

Dial-out configuration: /etc/phones and /etc/remote   114

Bidirectional modems   115

Debugging a serial line   115

Other common I/O ports   116

Parallel ports   116

USB: the Universal Serial Bus   117

Chapter 8: Adding a Disk   118

Disk interfaces   118

The SCSI interface   120

The IDE interface   124

Which is better, SCSI or IDE?   126

Disk geometry   126

An overview of the disk installation procedure   128

Connecting the disk   128

Creating device entries   129

Formatting the disk   129

Labeling and partitioning the disk   130

Establishing logical volumes   131

Creating Unix filesystems   132

Setting up automatic mounting   133

Enabling swapping   136

fsck : check and repair filesystems   136

Vendor specifics   138

Adding a disk to Solaris   139

Adding a disk to HP-UX   143

Adding a disk to Red Hat Linux   148

Adding a disk to FreeBSD   153

Chapter 9: Periodic Processes   157

cron : schedule commands   157

The format of crontab files   158

Crontab management   160

Some common uses for cron   160

Cleaning the filesystem   161

Network distribution of configuration files   162

Rotating log files   162

Vendor specifics   162

Chapter 10: Backups   164

Motherhood and apple pie   165

Perform all dumps from one machine   165

Label your tapes   165

Pick a reasonable backup interval   166

Choose filesystems carefully   166

Make daily dumps fit on one tape   166

Make filesystems smaller than your dump device   167

Keep tapes off-site   167

Protect your backups   167

Limit activity during dumps   167

Check your tapes   168

Develop a tape life cycle   169

Design your data for backups   169

Prepare for the worst   169

Backup devices and media   169

Floppy disks   170

Super floppies   170

CD-R and CD-RW   171

Removable hard disks   171

8mm cartridge tapes   171

DAT (4mm) cartridge tapes   172

Travan tapes   172

OnStream ADR   172

DLT   172

AIT   173

Mammoth   173

Jukeboxes, stackers, and tape libraries   173

Hard disks   174

Summary of media types   174

What to buy   174

Setting up an incremental backup regime   175

Dumping filesystems   176

Dump sequences   179

Restoring from dumps   180

Restoring individual files   180

Restoring entire filesystems   182

Dumping and restoring for upgrades   184

Using other archiving programs   184

tar : package files   184

cpio : SysV-ish archiving   185

dd : twiddle bits   185

volcopy : duplicate filesystems   186

Using multiple files on a single tape   186

Amanda   187

The architecture of Amanda   188

Amanda setup   188

The amanda.conf file   190

The disklist file   195

Amanda log files   196

Amanda debugging   196

File restoration from an Amanda backup   200

Alternatives to Amanda: other open source backup packages   201

Commercial backup products   202

ADSM/TSM   202

Veritas   202

Legato   203

Other alternatives   203

Recommended reading   203

Chapter 11: Syslog and Log Files   204

Logging policies   204

Throwing away log files   204

Rotating log files   205

Archiving log files   206

Finding log files   207

Files NOT to manage   208

Vendor specifics   209

Syslog: the system event logger   210

Configuring syslogd   211

Red Hat enhancements to syslog   213

FreeBSD enhancements to syslog   214

Config file examples   215

Sample syslog output   217

Designing a logging scheme for your site   218

Software that uses syslog   218

Debugging syslog   219

Using syslog from programs   220

Condensing log files to useful information   222

Chapter 12: Drivers and the Kernel   224

Kernel types   225

Why configure the kernel?   226

Configuring a Solaris kernel   226

The Solaris kernel area   227

Configuring the kernel with /etc/system   228

An example /etc/system file   228

Debugging a Solaris configuration   229

Building an HP-UX kernel   229

Configuring a Linux kernel   231

Building the Linux kernel binary   232

Tuning your Linux configuration   233

Building a FreeBSD kernel   233

The master recipe for building a kernel   234

Audit the system's hardware   235

Create a configuration file in SYS/i386/conf   235

Run config   236

Run make depend   236

Build the kernel   236

Install the new kernel   237

Test the new kernel   237

Document the new kernel   237

Creating a BSD configuration file   237

The maxusers keyword   238

The options keyword   239

The config keyword   240

Hardware devices   240

The pseudo-device keyword   242

A sample FreeBSD configuration file   243

Tuning the FreeBSD kernel   244

Adding device drivers   246

Device numbers   247

Adding a Solaris device driver   248

Adding a Linux device driver   249

Adding a FreeBSD device driver   251

Device files   252

Naming conventions for devices   252

Loadable kernel modules   253

Loadable kernel modules in Solaris   253

Loadable kernel modules in Linux   254

Loadable kernel modules in FreeBSD   256

Recommended reading   257

SECTION TWO: NETWORKING

Chapter 13: TCP/IP Networking   261

TCP/IP and the Internet   262

A brief history lesson   262

How the Internet is managed today   263

Network standards and documentation   263

Networking road map   265

Packets and encapsulation   266

The link layer   267

Packet addressing   269

Ports   270

Address types   271

IP addresses: the gory details   271

IP address classes   272

Subnetting and netmasks   272

The IP address crisis   275

CIDR: Classless Inter-Domain Routing   276

Address allocation   278

Private addresses and NAT   279

IPv6 addressing   281

Routing   283

Routing tables   283

ICMP redirects   285

ARP: The address resolution protocol   285

DHCP: the Dynamic Host Configuration Protocol   287

DHCP software   288

How DHCP works   288

ISC's DHCP server   289

PPP: the Point-to-Point Protocol   291

Addressing PPP performance issues   292

Connecting to a network with PPP   293

Making your host speak PPP   293

Controlling PPP links   293

Finding a host to talk to   294

Assigning an address   294

Routing   294

Ensuring security   294

Using terminal servers   295

Using chat scripts   295

Security issues   295

IP forwarding   295

ICMP redirects   295

Source routing   296

Broadcast pings and other forms of directed broadcast   296

Unix-based firewalls   296

Virtual private networks   296

IPSEC: secure IP   297

Addition of machines to a network   298

Assigning hostnames and IP addresses   298

ifconfig : configure network interfaces   300

route : configure static routes   302

Default routes   304

Configuring DNS   304

Vendor-specific network configuration   306

Solaris network configuration   307

Basic network configuration for Solaris   307

Configuration examples for Solaris   309

DHCP configuration for Solaris   310

Dynamic reconfiguration and tuning for Solaris   311

Security, firewalls, filtering, and NAT for Solaris   313

PPP configuration for Solaris   314

Networking quirks for Solaris   315

HP-UX network configuration   315

Basic network configuration for HP-UX   315

Configuration examples for HP-UX   317

DHCP configuration for HP-UX   318

Dynamic reconfiguration and tuning for HP-UX   319

Security, firewalls, filtering, and NAT for HP-UX   320

PPP configuration for HP-UX   321

Networking quirks for HP-UX   322

Network configuration for Red Hat   322

Basic network configuration for Red Hat   322

Configuration examples for Red Hat   323

DHCP configuration for Red Hat   324

Dynamic reconfiguration and tuning for Red Hat   325

Security, firewalls, filters, and NAT for Red Hat   326

PPP configuration for Red Hat   329

Networking quirks for Red Hat   329

Network configuration for FreeBSD   330

Basic network configuration for FreeBSD   330

Configuration examples for FreeBSD   331

DHCP configuration for FreeBSD   332

Dynamic reconfiguration and tuning for FreeBSD   333

Security, firewalls, filters, and NAT for FreeBSD   333

PPP configuration for FreeBSD   337

Networking quirks for FreeBSD   340

Recommended reading   340

Chapter 14: Routing   342

Packet forwarding: a closer look   343

Routing daemons and routing protocols   345

Distance-vector protocols   346

Link-state protocols   347

Cost metrics   348

Interior and exterior protocols   348

Protocols on parade   349

RIP: Routing Information Protocol   349

RIP-2: Routing Information Protocol, version 2   349

OSPF: Open Shortest Path First   350

IGRP and EIGRP: Interior Gateway Routing Protocol   350

IS-IS: the ISO "standard"   351

MOSPF, DVMRP, and PIM: multicast routing protocols   351

Router Discovery Protocol   351

routed : RIP yourself a new hole   351

gated : a better routing daemon   352

gated startup and control   353

Tracing   353

The gated configuration file   354

Option configuration statements   355

Network interface definitions   356

Other miscellaneous definitions   357

Protocol configuration for RIP   358

Some preliminary background on OSPF   360

Protocol configuration for OSPF   361

Protocol configuration for ICMP redirects   363

Static routes   363

Exported routes   364

A complete gated configuration example   364

Vendor specifics   366

Routing strategy selection criteria   367

Cisco routers   368

Recommended reading   371

Chapter 15: Network Hardware   372

LAN, WAN, or MAN?   372

Ethernet: the common LAN   373

How Ethernet works   373

Ethernet topology   375

Unshielded twisted pair   375

Connecting and expanding Ethernets   377

FDDI: the disappointing and expensive LAN   380

ATM: the promised (but sorely defeated) LAN   381

Frame relay: the sacrificial WAN   382

ISDN: the indigenous WAN   383

DSL: the people's WAN   383

Where is the network going?   384

Network testing and debugging   385

Building wiring   386

UTP cabling options   386

Connections to offices   386

Wiring standards   386

Network design issues   387

Network architecture vs. building architecture   388

Existing networks   388

Expansion   388

Congestion   389

Maintenance and documentation   389

Management issues   389

Recommended vendors   390

Cables and connectors   390

Test equipment   391

Routers/switches   391

Recommended reading   391

Chapter 16: The Domain Name System   392

DNS for the impatient: adding a new machine   392

The history of DNS   394

Who needs DNS?   395

What's new in DNS   396

The DNS namespace   397

Masters of their domains   399

Selecting a domain name   400

Domain bloat   401

Registering a second-level domain name   401

Creating your own subdomains   401

The BIND software   402

Versions of BIND   402

Finding out what version you have   403

Components of BIND   404

named : the BIND name server   404

Authoritative and caching-only servers   404

Recursive and nonrecursive servers   406

The resolver library   407

Shell interfaces to DNS   407

How DNS works   407

Delegation   407

Caching and efficiency   409

The extended DNS protocol   410

BIND client issues   410

Resolver configuration   411

Resolver testing   413

Impact on the rest of the system   414

BIND server configuration   414

Hardware requirements   414

named startup   415

Configuration files   415

The include statement   417

The options statement   417

The acl statement   422

The server statement   422

The logging statement   423

The zone statement   424

The key statement   427

The trusted-keys statement   427

The controls statement   427

The view statement   428

BIND configuration examples   429

A home Linux box   429

A university department   431

A web hosting company   434

The DNS database   436

Resource records   436

The SOA record   438

NS records   440

A records   441

PTR records   442

MX records   443

CNAME records   445

The CNAME hack   445

LOC records   447

SRV records   448

TXT records   449

IPv6 resource records   450

A6 records   450

DNAME records   451

Commands in zone files   453

The localhost zone   455

Glue records: links between zones   455

Updating zone files   457

Zone transfers   458

Dynamic updates   459

Security issues   460

Access control lists revisited   460

Confining named   462

Secure server-to-server communication with TSIG and TKEY   462

DNSSEC   464

Microsoft bad, Unix good   468

Testing and debugging   469

Logging   469

Debug levels   473

Debugging with ndc   473

Debugging with nslookup, dig, and host   475

Lame delegations   478

Loose ends   479

The hints file   479

Localhost configuration   480

Host management tools   481

DNS for systems not on the Internet   481

Vendor specifics   481

Specifics for Solaris   481

Specifics for HP-UX   482

Specifics for Red Hat Linux   484

Specifics for FreeBSD   484

Recommended reading   485

Mailing lists and newsgroups   486

Books and other documentation   486

On-line resources   486

The RFCs   486

Chapter 17: The Network File System   488

General information about NFS   488

NFS protocol versions   488

Choice of transport   489

WebNFS   489

File locking   490

Disk quotas   490

Global UIDs and GIDs   490

Root access and the nobody account   491

Cookies and stateless mounting   491

Naming conventions for shared filesystems   492

Security and NFS   492

Server-side NFS   493

The share command and dfstab file (Solaris)   494

The exportfs command and the exports file (HP-UX, Red Hat, FreeBSD)   495

nfsd : serve files   499

Client-side NFS   500

biod and nfsiod : provide client-side caching   501

Mounting remote filesystems   501

Secure port restrictions   502

nfsstat : dump NFS statistics   503

Dedicated NFS file servers   503

Automatic mounting   504

automount : the original automounter   505

Indirect maps   506

Direct maps   506

Master maps   507

Executable maps   507

Replicated filesystems using automount   508

Automatic automounts   508

Specifics for Red Hat Linux   509

amd : a more sophisticated automounter   509

amd maps   510

Starting amd   511

Stopping amd   512

Recommended reading   512

Chapter 18: Sharing System Files   513

What to share   514

Copying files around   515

rdist : push files   515

rsync : push files more securely   518

expect : pull files   519

NIS: the Network Information Service   521

Netgroups   522

Prioritizing sources of administrative information   523

Advantages and disadvantages of NIS   524

How NIS works   525

Setting up an NIS domain   527

Vendor specifics   529

NIS+: son of NIS   530

LDAP: the Lightweight Directory Access Protocol   532

LDAP documentation and specifications   533

Hands-on LDAP   534

Chapter 19: Electronic Mail   535

Mail systems   537

User agents   538

Transport agents   539

Delivery agents   540

Message stores   540

Access agents   540

Mail submission agents   540

The anatomy of a mail message   541

Mail addressing   542

Reading mail headers   543

Mail philosophy   546

Using mail servers   547

Using mail homes   549

Using IMAP or POP   549

Mail aliases   550

Getting mailing lists from files   552

Mailing to files   553

Mailing to programs   553

Examples of aliases   553

Mail forwarding   555

The hashed alias database   557

Mailing lists and list wrangling software   557

LDAP: the Lightweight Directory Access Protocol   560

sendmail : ringmaster of the electronic mail circus   562

The history of sendmail   563

Vendor-supplied versions of sendmail   564

sendmail installation   565

The switch file   566

Modes of operation   566

The mail queue   568

sendmail configuration   570

Using the m4 preprocessor   570

The sendmail configuration pieces   572

Building a configuration file from a sample .mc file   572

Basic sendmail configuration primitives   573

The VERSIONID macro   574

The OSTYPE macro   574

The DOMAIN macro   576

The MAILER macro   576

Fancier sendmail configuration primitives   577

The FEATURE macro   577

The use_cw_file feature   578

The redirect feature   578

The always_add_domain feature   578

The nocanonify feature   579

Tables and databases   579

The mailertable feature   580

The genericstable feature   581

The virtusertable feature   581

The ldap_routing feature   582

Masquerading and the MASQUERADE_AS macro   583

The MAIL_HUB and SMART_HOST macros   584

Masquerading and routing   585

The nullclient feature   585

The local_lmtp and smrsh features   586

The local_procmail feature   587

The LOCAL_* macros   587

Configuration options   587

Configuration file examples   588

A computer science student's home machine   590

A small but sendmail -clueful company   591

Another master/client example   594

Spam-related features in sendmail   595

Relaying   597

The access database   599

Blacklisting users or sites   601

Header checking   602

Handling spam   603

Spam examples   604

Security and sendmail   607

Ownerships   608

Permissions   609

Safe mail to files and programs   610

Privacy options   610

Running a chroot ed sendmail (for the truly paranoid)   611

Denial of service attacks   611

Forgeries   612

Message privacy   613

SASL: the Simple Authentication and Security Layer   614

sendmail statistics, testing, and debugging   614

Testing and debugging   615

Verbose delivery   615

Talking in SMTP   617

Logging   617

The Postfix mail system   618

Postfix architecture   618

Configuring Postfix   619

Spam control   621

Postfix examples   622

Recommended reading   623

Chapter 20: Network Management and Debugging   625

Troubleshooting a network   626

ping : check to see if a host is alive   627

traceroute : trace IP packets   629

netstat : get tons o' network statistics   631

Monitoring the status of network connections   632

Inspecting interface configuration information   633

Examining the routing table   634

Viewing operational statistics for various network protocols   635

Packet sniffers   636

snoop : Solaris's packet sniffer   637

nettl : HP-UX's packet sniffer   638

tcpdump : king of sniffers   638

Network management protocols   639

SNMP: the Simple Network Management Protocol   640

SNMP organization   640

SNMP protocol operations   641

RMON: remote monitoring MIB   642

SNMP agents   642

SNMP on Solaris   643

SNMP on HP-UX   643

The UCD SNMP agent   645

Network management applications   646

The UCD SNMP tools   646

MRTG: the Multi-Router Traffic Grapher   647

NOCOL: Network Operation Center On-Line   648

Commercial management platforms   648

Recommended reading   649

Chapter 21: Security   651

Seven common-sense rules of security   652

How security is compromised   653

Security problems in the /etc/passwd file   655

Password checking and selection   655

Shadow passwords   656

Group logins and shared logins   657

Password aging   657

User shells   657

Rootly entries   657

Setuid programs   658

Important file permissions   659

Miscellaneous security issues   660

Remote event logging   660

Secure terminals   660

/etc/hosts.equiv and ~/.rhosts   660

rexd , rexecd , and tftpd   661

fingerd   661

Security and NIS   661

Security and NFS   662

Security and sendmail   662

Security and backups   662

Trojan horses   662

Security power tools   663

nmap : scan network ports   663

SAINT: check networked systems for vulnerabilities   665

Nessus: next generation network scanner   665

crack : find insecure passwords   666

tcpd : protect Internet services   666

COPS: audit system security   667

tripwire : monitor changes to system files   668

Forensic tools   669

Cryptographic security tools   669

Kerberos: a unified approach to network security   670

PGP: Pretty Good Privacy   671

SSH: the secure shell   672

SRP: Secure Remote Password   674

OPIE: One-time Passwords in Everything   674

Firewalls   675

Packet-filtering firewalls   675

How services are filtered   675

Service proxy firewalls   676

Stateful inspection firewalls   677

Firewalls: how safe are they?   677

Sources of security information   678

CERT: a registered service mark of Carnegie Mellon University   678

SecurityFocus.com and the BugTraq mailing list   678

SANS: the System Administration, Networking, and Security Institute   679

Vendor-specific security resources   679

Other mailing lists and web sites   680

What to do when your site has been attacked   680

Recommended reading   682

Chapter 22: Web Hosting and Internet Servers   684

Web hosting   684

Web hosting basics   685

Uniform resource locators   686

How HTTP works   687

CGI scripting: generating content on the fly   687

Load balancing   688

HTTP server installation   688

Choosing a server   688

Compiling and installing Apache   689

Configuring Apache   690

Running Apache   690

Virtual interfaces   691

Configuring virtual interfaces   692

Telling Apache about a virtual interface   694

Caching and proxy servers   694

Setting up Squid   695

Anonymous FTP server setup   696

Usenet news   698

Usenet news feeds   698

Usenet software   699

Whither Usenet news?   700

SECTION THREE: BUNCH O' STUFF

Chapter 23: Printing   703

Mini-glossary of printing terms   704

Types of printers   705

Serial and parallel printers   705

Network printers   706

Life without PostScript   706

BSD printing   707

An overview of the printing process   707

Controlling the printing environment   708

lpd : the BSD print spooler   709

lpr : submit print jobs   709

lpq : view the printing queue   709

lprm : remove print jobs   710

lpc : make administrative changes   710

The /etc/printcap file   712

printcap variables   713

printcap variables for serial devices   717

printcap extensions   718

Printing to something besides a printer   719

System V printing   719

Overview   719

Destinations and classes   719

A brief description of lp   720

lpsched and lpshut : start and stop printing   721

lpadmin : configure the printing environment   722

lpstat : get status information   724

cancel : remove print jobs   725

accept and reject : control spooling   725

enable and disable : control printing   726

lpmove : transfer jobs   726

Interface programs   726

What to do when the lp system is completely hosed   727

Adding a printer   728

Adding printers to Solaris   729

Adding printers to HP-UX   731

Adding printers to Red Hat Linux   732

Adding printers to FreeBSD   734

LPRng   735

The LPRng commands   735

Obtaining and installing LPRng   736

/etc/lpd.conf : configure lpd   737

/etc/lpd.perms : configure access control   737

Setting up the printcap file   738

Filters   738

Accounting   738

Debugging printing problems   739

Common printing software   740

rlpr   740

ghostscript   740

mpage   740

enscript   740

Printer philosophy   741

Use printer accounting   741

Use banner pages only when necessary   741

Provide recycling bins   741

Provide previewers   741

Buy cheap printers   742

Keep extra toner cartridges on hand   742

Secure your printer   742

Chapter 24: Maintenance and Environment   744

Maintenance basics   744

Maintenance contracts   745

On-site maintenance   745

Board swap maintenance   746

Warranties   746

Board-handling lore   746

Static electricity   746

Reseating boards   747

Monitors   747

Memory modules   747

Preventive maintenance   748

Environment   749

Temperature   749

Humidity   749

Office cooling   749

Machine room cooling   749

Temperature monitoring   751

Power   751

Remote power control   752

Racks   752

Tools   753

Chapter 25: Performance Analysis   754

What you can do to improve performance   755

Factors that affect performance   756

System performance checkup   757

Analyzing CPU usage   757

How Unix manages memory   760

Analyzing memory usage   761

Analyzing disk I/O   763

Virtual Adrian   765

procinfo : display Red Hat performance data   765

pstat : print random FreeBSD statistics   766

Help! My system just got really slow!   766

Recommended reading   768

Chapter 26: Cooperating with Windows   769

File and print sharing   769

NFS: the Network File System   770

CIFS: the Common Internet File System   770

Samba: CIFS for Unix   770

Installing and configuring Samba   771

Debugging Samba   773

Secure terminal emulation with SSH   773

X Windows emulators   774

PC mail clients   775

PC backups   775

Dual booting   776

Running Windows applications under Unix   776

PC hardware tips   776

Chapter 27: Policy and Politics   778

Policy and procedure   779

Security policies   781

User policy agreements   782

Sysadmin policy agreements   784

Policy and procedures for emergency situations   784

Disaster planning   785

Miscellaneous tidbits   787

Legal issues   787

Liability   788

Encryption   788

Copyright   788

Privacy   789

Policy enforcement   790

Software licenses   792

Spam: unsolicited commercial email   792

Sysadmin surveys   793

SAGE salary survey   793

SANS salary survey   794

Scope of service   795

Trouble-reporting systems   796

Managing management   797

Hiring, firing, and training   797

Attitude adjustment   799

Operator wars   799

Iterative refinement   799

War stories and ethics   800

Boss's mistake #1   800

Boss's mistake #2   801

Dan, your new name is Lester   801

Which ones to fire   802

Horndog Joe   802

Wedding invitations   803

Pornographic GIF images   803

Migrating data   803

Bill must die!   804

Localization and upgrades   805

Managing software across systems   805

Upgrades   806

Useful third-party software   808

Local documentation   809

Procurement   811

Decommissioning hardware   812

Software patents   813

Organizations, conferences, and other resources   814

SAGE: the System Administrators' Guild   815

Mailing lists and web resources   816

Printed resources   817

Standards   817

Sample documents   819

Recommended reading   820

Chapter 28: Daemons   821

init : the primordial process   822

cron : schedule commands   823

inetd : manage daemons   823

Configuring inetd   824

The services file   825

Restarting inetd   826

Securing inetd   826

portmap/rpcbind : map RPC services to TCP and UDP ports   826

System daemons   827

The paging daemon   827

The swapping daemon   827

The filesystem synchronization daemon   828

Printing daemons   828

lpd : manage BSD-style printing   828

lpsched : manage ATT printing   828

rlpdaemon : print from BSD to HP-UX   828

NFS daemons   828

nfsd : serve files   828

mountd : respond to mount requests   829

amd and automount : mount filesystems on demand   829

lockd and statd : manage NFS locks   829

biod : cache NFS blocks   829

NIS daemons   829

ypbind : locate NIS servers   829

ypserv : NIS server   830

ypxfrd : transfer NIS databases   830

rpc.nisd : NIS+ server   830

Internet daemons   830

talkd : network chat service   830

comsat : notify users of new mail   830

sendmail : transport electronic mail   830

snmpd : provide remote network management service   831

rwhod : maintain remote user list   831

ftpd : file transfer server   831

popper : basic mailbox server   831

imapd : deluxe mailbox server   831

rlogind : remote login server   831

telnetd : yet another remote login server   832

sshd : secure remote login server   832

rshd : remote command execution server   832

rexecd : yet another command execution server   832

rpc.rexd : yet a third command execution server   832

routed : maintain routing tables   832

gated : maintain complicated routing tables   832

named : DNS server   833

syslogd : process log messages   833

fingerd : look up users   833

httpd : World Wide Web server   833

Time synchronization daemons   833

timed : synchronize clocks   834

xntpd : synchronize clocks even better   834

Booting and configuration daemons   834

bootpd : boot server   835

tftpd : trivial file transfer server   835

rarpd : map Ethernet addresses to IP addresses   835

bootparamd : advanced diskless life support   835

dhcpd : dynamic address assignment   835

Colophon   836

Index   837



Unix System Administration Handbook	\| Linux Administration Handbook
FAQ \| Errors \| Goodies \| Purchase \| Register \| Send Email
Hosting for admin.com provided by Applied Trust Engineering.