Linux Server Hacks Volume Two phần 1 docx

Which is why we created Linux Server Hacks, Volume Two, a second collection of incredibly useful tipsand tricks for finding and using dozens of open source tools you can apply to solve y

Linux Server Hacks, Volume Two

By Brian K Jones, William von Hagen

Table of Contents | Index

Today's system administrators deal with a vast number of situations, operating systems, software packages,and problems Those who are in the know have kept their copy of Linux Server Hacks close at hand to easetheir burden And while this helps, it's not enough: any sys admin knows there are many more hacks, cooltips, and ways of solving problems than can fit in a single volume (one that mere mortals can lift, that is)

Which is why we created Linux Server Hacks, Volume Two, a second collection of incredibly useful tipsand tricks for finding and using dozens of open source tools you can apply to solve your sys admin

problems The power and flexibility of Linux and Open Source means that there is an astounding amount ofgreat software out there waiting to be applied to your sys admin problems if only you knew about it andhad enough information to get started Hence, Linux Server Hacks, Volume Two

This handy reference offers 100 completely new server management tips and techniques designed to

improve your productivity and sharpen your administrative skills Each hack represents a clever way toaccomplish a specific task, saving you countless hours of searching for the right answer No more siftingthrough man pages, HOWTO websites, or source code comments the only resource you need is right here.And you don't have to be a system administrator with hundreds of boxen to get something useful from thisbook as many of the hacks apply equally well to a single system or a home network

Compiled by experts, these hacks not only give you the step-by-step instructions necessary to implement thesoftware, but they also provide the context to truly enable you to learn the technology Topics include:

Whether they help you recover lost data, collect information from distributed clients, or synchronize

administrative environments, the solutions found in Linux Server Hacks, Volume Two will simplify your life

as a system administrator

Linux Server Hacks, Volume Two

By Brian K Jones, William von Hagen

Publisher: O'Reilly

Pub Date: December 2005

Print ISBN-10: 0-596-10082-5

Print ISBN-13: 978-0-59-610082-7 Pages: 478

Table of Contents | Index

KerberosHack 8 AuthenticateNFS-Loverswith

NIS

Hack 9 Sync

LDAPData

ConnectivitySection2.1

Hacks1019:IntroductionHack 10 AccessSystemsRemotelywith

VNCHack 11 AccessVNCServersover

the

Web

Hack 12 SecureVNCvia

SSH

Hack 13 AutostartVNCServerson

DemandHack 14 Put

YourDesktops

DNSwith

DynamicDNSUpdatesHack 22 SynchronizeYourWatches!Hack 23 CentralizeX

WindowSystemFont

ResourcesHack 24 Createa

CUPSPrint

ServerHack 25 ConfigureLinuxConnectionsto

RemoteCUPSPrintersHack 26 IntegrateWindowsPrintingwith

CUPSHack 27 CentralizeMacintoshPrintingwith

CUPSHack 28 Definea

SecureCUPSPrinterChapter

4

Cool

Train

Others

Hack 36 Install

Linux

Simply

by

BootingHack 37 Turn

Documentationfor

the

InherentlyLazy

Hack 39 Exploit

Your

PHP

Web

ScriptingSkills

to

the

CommandLine

Hack 41 Enable

Quick

telnet/SSHConnectionsfrom

the

EasilyHack 50 MakeDisk-to-DiskBackupsfor

LargeDrivesHack 51 Free

Up

Disk

SpaceNow

Hack 52 ShareFiles

UsingLinuxGroupsHack 53 RefinePermissionswith

ACLsHack 54 MakeFiles

Easierto

Find

with

ExtendedAttributesHack 55 PreventDisk

Hogs

with

QuotasChapter

6

Standardizing,Sharing,and

SynchronizingResourcesSection6.1

Section7.1

Hacks

6368:

IntroductionHack 63 IncreaseSecurityby

DisablingUnnecessaryServicesHack 64 Allow

or

Deny

Accessby

IP

AddressHack 65 Detect

NetworkIntruderswith

snort

Hack 66 Tame

TripwireHack 67 Verify

FileystemIntegritywith

Afick

Hack 68 Check

for

Rootkitsand

PerformanceSection8.1

Hacks

6977:

IntroductionHack 69

CentralizedAccessto

YourSystemsHack 77 CleanUp

NIS

AfterUsersDepartChapter

9

Logfilesand

MonitoringSection9.1

Hacks7888:IntroductionHack 78 AvoidCatastrophicDisk

FailureHack 79 MonitorNetworkTrafficwith

MRTGHack 80 Keepa

ConstantWatchon

HostsHack 81 RemotelyMonitorand

Configurea

Varietyof

NetworkedEquipmentHack 82 Force

StartupProblemsHack 90 RescueMe!

Hack 91 Bypassthe

StandardInit

Sequencefor

QuickRepairsHack 92 FindOut

WhyYouCan'tUnmounta

PartitionHack 93 RecoverLostPartitionsHack 94 RecoverDatafromCrashedDisksHack 95 Repairand

RecoverReiserFSFilesystemsHack 96 PieceTogetherDatafromthe

lost+foundHack 97 RecoverDeletedFiles

Copyright © 2006 O'Reilly Media, Inc All rights reserved.

Printed in the United States of America

Published by O'Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472

O'Reilly books may be purchased for educational, business, or sales promotional use Online editions are alsoavailable for most titles (safari.oreilly.com) For more information, contact our corporate/institutional salesdepartment: (800) 998-9938 or corporate@oreilly.com

Editor: David Brickner Production Editor: Jamie Peppard

Series Editor: Rael Dornfest Cover Designer: Karen Montgomery

Executive Editor: Dale Dougherty Interior Designer: David Futato

Printing History:

December 2005: First Edition

Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks of O'ReillyMedia, Inc The Hacks series designations, Linux Server Hacks, Volume Two, the image of two hatchets, andrelated trade dress are trademarks of O'Reilly Media, Inc

Many of the designations used by manufacturers and sellers to distinguish their products are claimed astrademarks Where those designations appear in this book, and O'Reilly Media, Inc was aware of a trademarkclaim, the designations have been printed in caps or initial caps

While every precaution has been taken in the preparation of this book, the publisher and authors assume noresponsibility for errors or omissions, or for damages resulting from the use of the information containedherein

Small print: The technologies discussed in this publication, the limitations on these technologies that

technology and content owners seek to impose, and the laws actually limiting the use of these technologies areconstantly changing Thus, some of the hacks described in this publication may not work, may cause

unintended harm to systems on which they are used, or may not be consistent with applicable user

agreements Your use of these hacks is at your own risk, and O'Reilly Media, Inc disclaims responsibility forany damage or expense resulting from their use In any event, you should take care that your use of thesehacks does not violate any applicable laws, including copyright laws

About the Authors

Bill von Hagen has been a Unix system administrator for 20 years and a Linux fanatic since 1993 He has alsoworked as a systems programmer, product manager, writer, application developer, drummer, and contentmanager

Bill has written or cowritten books on such topics as Linux filesystems, SUSE Linux, Red Hat Linux, GCC,SGML, Mac OS X, Linux system administration, and hacking the TiVo He has written numerous articles onLinux, Unix, and open source topics for publications including Linux Magazine, Linux Journal, Linux

Format, and Mac Format An avid computer collector specializing in workstations, he owns more than 200computer systems and wants more You can reach him at vonhagen@vonhagen.org

Brian K Jones (Jonesy) has been a Unix and Linux system and network administrator for six years He hasalso held positions and consulted in the capacity of database administrator, web developer, project manager,instructional speaker, technical writer and editor, and studio musician, for clients large and small

In the past, Brian has written extensively on topics revolving around Linux and open source software forLinux.com, Newsforge, and Linux Magazine, and he has served as author and Editor-in-Chief of php|architectmagazine In his copious free time (right), Brian enjoys playing billiards and guitar, woodworking, andwriting code He has worked as a system and network administrator for the computer science department atPrinceton University since 2001, and as a part-time infrastructure computing consultant since 2000 You canreach him at jonesy@linuxlaboratory.org

The following people contributed their writing, code, and inspiration to Linux Server Hacks, Volume Two:

Jon Fox [Hacks #33 and #62] (jon.fox@gnu.org.uk) is a Linux user and free software advocate He'sbeen using Linux since 1996

•

Tom Limoncelli [Hack #45] has over 15 years of system administration experience and has beenteaching workshops on time management at conferences since 2003 Tom has authored Time

Management for System Administrators (O'Reilly) and The Practice of System and Network

Administration (Addison Wesley) Outside of work, Tom has won awards for his activism in

gay/bi/lesbian rights and now helps progressive causes to use technology to further their goals

•

Lance Tost has been a Linux user since the 0.98 kernel days, while he earned his B.S in ComputerScience He has held programming, DBA, and, Unix administration positions Lance is a Red HatCertified Engineer as well as a Solaris Certified System Administrator Lance contributed [Hacks #29,

#41, #48, #59, #63, and #72]

•

Brian Warshawsky is an enthusiastic proponent of all things Linux and open source His main

interests include security, wireless networking, and finding new applications for the Linux operatingsystem By day he is a professional Unix/Linux system administrator, and by night he's a technicalwriter and avid mountain biker He lives in Virginia with his soon-to-be wife Jennifer, his loyal dogMax, and his much less loyal cat Jackie Brian contributed [Hacks #19, #55, #64, #66, #67, #73, #75,

Finally, no book having to do with GNU/Linux would be complete without thanking Richard Stallman, LinusTorvalds, and the open source community in general I'd also like to thank my coauthor, Brian Jones, formaking this book better than it would have been without him

Brian: For my wife, Natasha, who has supported and encouraged me in all of my ambitions and goals, and hasdealt with my nonsense while in pursuit of said ambitions and goals Also for my siblings: Heather, forforcing me to pursue computing as a career; Jessica, for being almost sickeningly positive and encouraging;Jon, for keeping me on my toes; and Russell, without whom I might've self-destructed long ago

A hearty thanks goes to David Brickner, who offered me the opportunity to write for O'Reilly, and whoseeven keel, firm hand, and sheer diligence have made this a wonderful experience I'd also like to thank all thefolks at OSTG, TriLUG, and php|architect, for being friends of mine; Matt Appio, for making me take

occasional fishing breaks; and my coworkers at Princeton, for teaching me far more than I could ever list here

To Linus Torvalds and the rest of the open source community: thank you so much for all your work

As we worked on this book, thinking about cool server and sysadmin hacks mutated into thinking aboutgeneral tips and tricks that we found useful to simplify our lives as system administrators We also noticedthat there weren't really any books available along the lines of "Things We Wish Previous System

Administrators Had Told Us." Leaving aside obvious questions like "where is the key to the RAID array" and

"what was the root password on <insert hostname here>," we decided to "hack the Hacks series" a bit andincorporate some general sysadmin information, tips, and tricks as another of this book's primary themes Thismeans that we provide a bit more background material than you ordinarily see in Hacks books You're notgoing to hurt our feelings if you skip over things you already know, but we hope that all the material will befound useful by some of our readers We could have used it years ago, and as Mr Rogers used to say, "It'snice to share."

Sometimes, too much software and too many choices can be a problem Should we use MTRG, Ethereal,EtherApe, or some other application to monitor network traffic? Should we create logical volumes usinglinear RAID, LVM, LVM2, or EVMS? Should we do our resumes in TeX, LaTeX, troff, lout, SGML, orXML? You get the idea If you need to solve a problem but don't know what tool to select from among themyriad choices available, you can spend exponentially more time selecting the right software and ramping upthan you do actually solving the problem For that reason, a book on task-oriented solutions to commonproblems has been a lot of fun to write, and it should save you many an overnight Google sessionas well asproviding information that works together and is up to date at the time of writing All the hacks in this bookare techniques that we've used at various times and that we view as time-and hassle-savers that are usuallydownright fun and cool

Aside from the "too much software" issue just mentioned, a related concept (and the deep, dark secret of opensource) is that not all open source projects are "finished"ever (For God's sake, don't tell Microsoft!) Not only

do you have many, many choices in the open source space, but the ones you find may do only 95% of whatyou want, missing on the truly critical 5% Though there's a lot of really cool-looking, whizzy open sourcesoftware out there, sometimes the zip gun that reliably fires one bullet using a rubber band is preferable to thechromed fusion-powered death ray that works only 75% of the timethus books like this one, in which peopleexplain how to accomplish things using packages they've actually used and often still depend on, even if thepackages aren't perfect The tools discussed in these hacks are generally good additions to anyone's toolbox/library of tips and tricksand we'll show you how to use them for a variety of purposes

Again, rather than just explaining how to do specific tasks, we've tried to provide a little background andcontext for our approach This is a book of hacks, but you deserve a little bit of extra info to put the hacks,tools, and solutions in the right context Where possible, we've also identified other packages and proceduresthat may accomplish the same goal, but we focus on our preferred solutions for different types of problems

Why Linux Server Hacks, Volume Two?

The term hacking has a bad reputation in the press, where it used to refer to someone who breaks into systems

or wreaks havoc, using computers as their weapon Among people who write code, though, the term hackrefers to a "quick-and-dirty" solution to a problem or a clever way to get something done And the term hacker

is taken very much as a compliment, referring to someone as being creative, having the technical chops to getthings done The Hacks series is an attempt to reclaim the word, document the good ways people are hacking,and pass the hacker ethic of creative participation on to the uninitiated Seeing how others approach systemsand problems is often the quickest way to learn about a new technology

Linux Server Hacks, Volume Two came about because today's sysadmins need to deal with a vast number ofsituations, operating systems, software packages, and problemsand also because our original title, Son ofLinux Server Hacks, was rejected The original Linux Server Hacks is a great bookboth authors owned itbefore starting this projectbut there are many more hacks, cool tips, and ways of resolving problems thatsysadmins face than can fit in a single volume (one that mere mortals can lift, that is) The power and

flexibility of Linux means that there is an incredible amount of great Linux software out there, waiting tosolve your sysadmin problemsif you know about it Hence Linux Server Hacks, Volume Two This bookdiscusses some of our favorite software packages, how to use them to make your life as a sysadmin easier,how to best keep all the systems you're responsible for up and running smoothly, and how to keep your usershappy (even if they may not know or appreciate just how wizardly you've been)

How to Use This Book

You can read this book from cover to cover if you like, but each hack stands on its own, so feel free to browseand jump to the different sections that interest you most If there's a prerequisite you need to know about, across-reference will guide you to the right hack We've also tried not to be shy or "our book"-centricif thereare other books on a topic that we particularly like or find valuable, we've put references to them at the end ofthe hack Some of them are other books from O'Reilly, but we're not recommending them for any reason otherthan the fact that we've found them to be useful We only recommend what we believe in

How This Book Is Organized

This book is divided into 10 chapters, organized by subject:

Chapter 1, Linux Authentication

Use the hacks in this chapter to explore the authentication options that are available to you in

heterogeneous networked computing environments and simplify administering user accounts andpasswords This chapter also provides some quick and dirty tips for those unfortunate moments when,for one reason or another, you have to lock users out of specific systems quickly

Chapter 2, Remote GUI Connectivity

This chapter explores ways of connecting to remote systems When you just can't be everywhere atonce, it's incredibly useful to be able to access multiple consoles and graphical displays from theconvenience of your office or machine room You'll find many of the hacks in this chapter to behandy tips that you may want to pass on to your users who also need to work on multiple systems,regardless of what operating systems they're running