Linux Server Hacks
Book notes - Linux Server Hacks by Rob Flickenger and Linux Server Hacks, Volume Two (Tips & Tools for Connecting, Monitoring, and Troubleshooting) by William von Hagen and Brian K. Jones, published by O’Reilly.
Notes
Linux Server Hacks Volume 1: Table of Contents - Highlights
1. Server Basics
-
- Removing Unnecessary Services
-
- Forgoing the Console Login
-
- Common Boot Parameters
-
- Creating a Persistent Daemon with init
-
- n>&m: Swap Standard Output and Standard Error
-
- Building Complex Command Lines
-
- Working with Tricky Files in xargs
-
- Immutable Files in ext2/ext3
-
- Speeding Up Compiles
-
- At Home in Your Shell Environment
-
- Finding and Eliminating setuid/setgid Binaries
-
- Make sudo Work Harder
-
- Using a Makefile to Automate Admin Tasks
-
- Brute Forcing Your New Domain Name
-
- Playing Hunt the Disk Hog
-
- Fun with /proc
-
- Manipulating Processes Symbolically with procps
-
- Managing System Resources per Process
-
- Cleaning Up after Ex-Users
-
- Eliminating Unnecessary Drivers from the Kernel
-
- Using Large Amounts of RAM
-
- hdparm: Fine Tune IDE Drive Parameters
2. Revision Control
-
- Getting Started with RCS
-
- Checking Out a Previous Revision in RCS
-
- Tracking Changes with rcs2log
-
- Getting Started with CVS
-
- CVS: Checking Out a Module
-
- CVS: Updating Your Working Copy
-
- CVS: Using Tags
-
- CVS: Making Changes to a Module
-
- CVS: Merging Files
-
- CVS: Adding and Removing Files and Directories
-
- CVS: Branching Development
-
- CVS: Watching and Locking Files
-
- CVS: Keeping CVS Secure
-
- CVS: Anonymous Repositories
3. Backups
-
- Backing Up with tar over ssh
-
- Using rsync over ssh
-
- Archiving with Pax
-
- Backing Up Your Boot Sector
-
- Keeping Parts of Filesystems in sync with rsync
-
- Automated Snapshot-Style Incremental Backups with rsync
-
- Working with ISOs and CDR/CDRWs
-
- Burning a CD Without Creating an ISO File
4. Networking
-
- Creating a Firewall from the Command Line of any Server
-
- Simple IP Masquerading
-
- iptables Tips & Tricks
-
- Forwarding TCP Ports to Arbitrary Machines
-
- Using Custom Chains in iptables
-
- Tunneling: IPIP Encapsulation
-
- Tunneling: GRE Encapsulation
-
- Using vtun over ssh to Circumvent NAT
-
- Automatic vtund.conf Generator
5. Monitoring
-
- Steering syslog
-
- Watching Jobs with watch
-
- What’s Holding That Port Open?
-
- Checking On Open Files and Sockets with lsof
-
- Monitor System Resources with top
-
- Constant Load Average Display in the Titlebar
-
- Network Monitoring with ngrep
-
- Scanning Your Own Machines with nmap
-
- Disk Age Analysis
-
- Cheap IP Takeover
-
- Running ntop for Real-Time Network Stats
-
- Monitoring Web Traffic in Real Time with httptop
6. SSH
-
- Quick Logins with ssh Client Keys
-
- Turbo-mode ssh Logins
-
- Using ssh-Agent Effectively
-
- Running the ssh-Agent in a GUI
-
- X over ssh
-
- Forwarding Ports over ssh
7. Scripting
-
- Get Settled in Quickly with movein.sh
-
- Global Search and Replace with Perl
-
- Mincing Your Data into Arbitrary Chunks (in bash)
-
- Colorized Log Analysis in Your Terminal
8. Information Servers
-
- Running BIND in a chroot Jail
-
- Views in BIND 9
-
- Setting Up Caching DNS with Authority for Local Domains
-
- Distributing Server Load with Round-Robin DNS
-
- Running Your Own Top-Level Domain
-
- Monitoring MySQL Health with mtop
-
- Setting Up Replication in MySQL
-
- Restoring a Single Table from a Large MySQL Dump
-
- MySQL Server Tuning
-
- Using proftpd with a mysql Authentication Source
-
- Optimizing glibc, linuxthreads, and the Kernel for a Super MySQL Server
-
- Apache Toolbox
-
- Display the Full Filename in Indexes
-
- Quick Configuration Changes with IfDefine
-
- Simplistic Ad Referral Tracking
-
- Mimicking FTP Servers with Apache
-
- Rotate and compress Apache Server Logs
-
- Generating an SSL cert and Certificate Signing Request
-
- Creating Your Own CA
-
- Distributing Your CA to Client Browsers
-
- Serving multiple sites with the same DocumentRoot
-
- Delivering Content Based on the Query String Using mod_rewrite
-
- Using mod_proxy on Apache for Speed
-
- Distributing Load with Apache RewriteMap
-
- Ultrahosting: Mass Web Site Hosting with Wildcards, Proxy, and Rewrite
Linux Server Hacks, Volume Two: Table of Contents - Highlights
Tips & Tools for Connecting, Monitoring, and Troubleshooting
1. Linux Authentication
-
- Disable User Accounts Instantly
-
- Edit Your Password File for Greater Access Control
-
- Deny All Access in One Second or Less
-
- Customize Authentication with PAMs
-
- Authenticate Linux Users with a Windows Domain Controller
-
- Centralize Logins with LDAP
-
- Secure Your System with Kerberos
-
- Authenticate NFS-Lovers with NIS
-
- Sync LDAP Data with NIS
2. Remote GUI Connectivity
-
- Access Systems Remotely with VNC
-
- Access VNC Servers over the Web
-
- Secure VNC via SSH
-
- Autostart VNC Servers on Demand
-
- Put Your Desktops on a Thin Client Diet (LTSP)
-
- Run Windows over the Network
-
- Secure, Lightweight X Connections with FreeNX
-
- Secure VNC Connections with FreeNX
-
- Secure Windows Terminal Connections with FreeNX
-
- Remote Administration with Webmin
3. System Services
-
- Quick and Easy DHCP Setup
-
- Integrate DHCP and DNS with Dynamic DNS Updates (BIND, ISC DHCP)
-
- Synchronize Your Watches!
-
- Centralize X Window System Font Resources
-
- Create a CUPS Print Server
-
- Configure Linux Connections to Remote CUPS Printers
-
- Integrate Windows Printing with CUPS
-
- Centralize Macintosh Printing with CUPS
-
- Define a Secure CUPS Printer
4. Cool Sysadmin Tools and Tips
-
- Execute Commands Simultaneously on Multiple Servers
-
- Collaborate Safely with a Secured Wiki (MediaWiki)
-
- Edit Your GRUB Configuration with grubby
-
- Give Your Tab Key a Workout
-
- Keep Processes Running After a Shell Exits (nohup, disown)
-
- Disconnect Your Console Without Ending Your Session (screen)
-
- Use script to Save Yourself Time and Train Others
-
- Install Linux Simply by Booting
-
- Turn Your Laptop into a Makeshift Console
-
- Usable Documentation for the Inherently Lazy
-
- Exploit the Power of Vim
-
- Move Your PHP Web Scripting Skills to the Command Line
-
- Enable Quick telnet/SSH Connections from the Desktop
-
- Speed Up Compiles (distcc)
-
- Avoid Common Junior Mistakes
-
- Get Linux Past the Gatekeeper
-
- Prioritize Your Work
5. Storage Management and Backups
-
- Create Flexible Storage with LVM
-
- Combine LVM and Software RAID
-
- Create a Copy-on-Write Snapshot of an LVM Volume
-
- Clone Systems Quickly and Easily (partimage)
-
- Make Disk-to-Disk Backups for Large Drives
-
- Free Up Disk Space Now
-
- Share Files Using Linux Groups
-
- Refine Permissions with ACLs
-
- Make Files Easier to Find with Extended Attributes
-
- Prevent Disk Hogs with Quotas
6. Standardizing, Sharing, and Synchronizing Resources
-
- Centralize Resources Using NFS
-
- Automount NFS Home Directories with autofs
-
- Keep Filesystems Handy, but Out of Your Way
-
- Synchronize root Environments with rsync
-
- Share Files Across Platforms Using Samba
-
- Quick and Dirty NAS
-
- Share Files and Directories over the Web
7. Security
-
- Increase Security by Disabling Unnecessary Services
-
- Allow or Deny Access by IP Address
-
- Detect Network Intruders with snort
-
- Tame Tripwire
-
- Verify Fileystem Integrity with Afick
-
- Check for Rootkits and Other Attacks (chkrootkit)
8. Troubleshooting and Performance
-
- Find Resource Hogs with Standard Commands
-
- Reduce Restart Times with Journaling Filesystems
-
- Grok and Optimize Your System with sysctl
-
- Get the Big Picture with Multiple Displays
-
- Maximize Resources with a Minimalist Window Manager (Fluxbox)
-
- Profile Your Systems Using /proc
-
- Kill Processes the Right Way
-
- Use a Serial Console for Centralized Access to Your Systems
-
- Clean Up NIS After Users Depart
9. Logfiles and Monitoring
-
- Avoid Catastrophic Disk Failure
-
- Monitor Network Traffic with MRTG
-
- Keep a Constant Watch on Hosts
-
- Remotely Monitor and Configure a Variety of Networked Equipment
-
- Force Standalone Apps to Use syslog
-
- Monitor Your Logfiles (log-guardian, logcheck)
-
- Send Log Messages to Your Jabber Client
-
- Monitor Service Availability with Zabbix
-
- Fine-Tune the syslog Daemon
-
- Centralize System Logs Securely (stunnel, syslog-ng)
-
- Keep Tabs on Systems and Services (Nagios)
10. System Rescue, Recovery, and Repair
-
- Resolve Common Boot and Startup Problems (BIOS, runlevel)
-
- Rescue Me! (rescue disk)
-
- Bypass the Standard Init Sequence for Quick Repairs
-
- Find Out Why You Can’t Unmount a Partition
-
- Recover Lost Partitions
-
- Recover Data from Crashed Disks
-
- Repair and Recover ReiserFS Filesystems
-
- Piece Together Data from the lost+found
-
- Recover Deleted Files
-
- Permanently Delete Files (shred)
-
- Permanently Erase Hard Disks (shred, Darik’s Boot and Nuke)
-
- Recover Lost Files and Perform Forensic Analysis (The Sleuth Kit, Autopsy)
Getting the Source
Volume 1 examples are available form the O’Reilly git server:
git clone https://resources.oreilly.com/examples/9780596004613.git example_source/vol1
It seems there is no published example code for volume 2.
Credits and References
- Linux Server Hacks, Volume One:
- Linux Server Hacks, Volume Two