Unexpected administrator: Step-by-step instructions on Linux server configuration were not originally written as a book. The author Don R. Crawley wrote a handout as a supplement to his Linux seminar. In the end, this handout was developed into a thick workbook and eventually published in the form of what you see now.
This book skips the void details that are rarely used by common administrators. The goal is to become a simple and necessary learning manual for basic Linux management knowledge. The topic of this chapter includes an introduction to the Linux platform and its system management, and then an in-depth explanation of necessary Linux management tasks, including network, security, integration, and learning to use some important commands, such as cron and grep.
You can try to read Chapter 4: file and directory management. In the book, Crawley also discussed with us some more important Linux configuration and management topics. In this article, Crawley will answer questions raised by the website editor about the content of this book.
Your book is called "unexpected administrator". Since this book is an unexpected product, can you explain how it becomes a book?
When I first wanted to turn my workshop workbook into a regular book, I thought it would be quite simple. I quickly learned Cisco's ASA (the first book in the unexpected administrator series) and found it was not that simple. In the classroom, students exercise assignments include interactions with other students. During actual operation training, I set up a dedicated server in a private network to provide network services for students' computers, including DNS, DHCP, file, and Web services. Readers of regular books may read them by themselves, and there is no dedicated server. Therefore, these exercise questions must be rewritten with consideration. In addition, the format of a book is completely different from that of a workbook. Of course, you must have an attractive cover. People always judge books based on the cover!
There are two chapters in the book to discuss Linux integration. Why is this an important topic for Linux administrators?
Scoot McNeally, a former CEO of Sun Microsystems, once said: "networks are computers ." Today, each of us is connected to each other to varying degrees. As IT professionals, we often handle a variety of systems, including Linux, Microsoft, Unix, Apple, mobile phone systems, and mainframe systems. Our users don't care about which system to use. They are deeply concerned about convenient access to their data. This book deals with the integration of NFS 'nix and Samba 'nix/Windows systems. Of course, there must be other ways to integrate different systems and exchange data between them. The most important thing is to ensure that users can easily access the necessary data for their work, regardless of the platform.
This book focuses on Bash, the most widely used command line interpretation tool. Which of the most useful functions or commands you have found over the years?
In addition to general scripts, more effective commands commonly used by experienced 'nix administrators include using aliases for commands and using the 'grep 'command to search for text strings, use "less" to display the content of a text file (one page is displayed each time and pages are displayed), use "find" to locate the file, and the "awk" command, is a powerful filtering tool (you can use "awk" to find accounts without a password ).
Can you cite some outstanding Linux management tools and technologies described in Chapter 2 "Linux management?
This is a difficult question to answer, because Chapter 2 only introduces the basic knowledge of Linux management. Therefore, most of the tools and technologies mentioned in this chapter are not so outstanding, but they are very basic and important. I think when using a red hat-based system, such as CentOS, RHEL, or Fedora, using tools in the "service" and "system" columns is much easier than manually configuring, starting, monitoring, and stopping daemon processes. It is also helpful to know where the user and system configuration files are saved.
"Whereis" is a utility used to find executable and configuration files. Understanding how to use a text editor is important for effective management of 'nix systems. I chose to introduce "vim" in the book because it is widely used. "Grep" is also one of the basic 'nix tools that can make your work more efficient. I also wrote a section about how to properly shut down the system to prevent data corruption. Although Google is a powerful tool for finding answers, man and info pages are still the most reliable sources of configuration and management information, so I joined a fairly long student exercise to practice how to use them. Archiving, compression, extraction, and decompression are common operations, so I introduced a series of tools that can complete these operations. The tools described in Chapter 2 are not outstanding, but they are very important and worth learning. This is especially true for new Linux users.
Ext4 file systems have been around for more than two years, and usage in the business world is steadily increasing. You mentioned that ext3 is still the default file system in some release versions. Do you mean that ext4 is more and more widely used, but it takes time to change people's usage inertia? What are the advantages and disadvantages of ext4 in file management compared with its predecessor?
From a management perspective, ext4 has several advantages, including support for larger hard disk partitions and more sub-directories. Ext4 supports a maximum of 16 TB and is faster than its predecessor. Ext4 also uses log verification to verify the disk region. According to some tests, this method can greatly improve file system operations.
In terms of disadvantages, I already know a problem. When the system crashes or suddenly loses power, the ext4 file system may lose data, especially for Kernel versions earlier than 2.6.30. Although there is no perfect file system in the world, this problem is not as significant in ext3 file systems as ext4. However, RHEL 6 still uses ext4by default. This shows that Red Hat does not consider ext4 to be a serious problem. On the contrary, they see a significant improvement in the performance of ext4. I like what Paul Ferrill said in his article about ext4: "If you need to support ultra-large files (> 2 TB) and ultra-large file systems (> 16 TB) or a large number of sub-directories (ext3 has a limit of 32000 sub-Directories), you will definitely want to upgrade ext3 to ext4. it makes sense to use ext4 for all-new system installations. As for some existing product systems, there will be no danger of exceeding the restrictions of the original file system in the short term, and the original file system may continue to be used ." He is right. If it is not broken, it will not be established.
What do Linux administrators need to know about setting permissions for files and directories? What information does this book provide?
The book covers the basic knowledge of setting file and directory permissions, including how to set readable, writable, and executable permissions for files and directories in the form of letters and numbers. What do you need to know about setting file and directory permissions for Linux administrators, the most important thing is to understand the concept of minimum permissions. For a system, directory, or even a file, you only set the required minimum level of permissions for the user, and never exceed this permission.
The problem with file and directory permissions in Linux systems is that this permission setting method was used in 1970s. Therefore, it does not apply to various advanced or complex requirements. For example, you can only set permissions for one user, a group of users, and all other users. In a later version of this book, I will introduce the access-control list, which allows you to set more detailed permissions than the traditional 'nix file and directory permissions. However, I once thought that the access control list (ACL) is beyond the scope of this book.
You have introduced in detail Webmin, which can simplify the daily management of Linux administrators. These daily management tasks include solving account locking and other tedious tasks. In your experience, where is the greatest use of Webmin in simplifying Linux management?
Webmin can be used in two aspects: Non-Technical administrators use Webmin, and Technical administrators use Webmin. you mentioned unlocking your account and resetting your password. In my opinion, such tasks should be handled by non-technical administrators such as employees in the Human Resources Department. For non-technical administrators, Webmin is a powerful tool that prevents them from dealing with mysterious and daunting command lines. Webmin can be configured to display specific modules based on the login account. It has powerful search capabilities and is easy to use. You only need to drag and click the mouse, all of this makes it very suitable for non-technical administrators.
For technical administrators, the benefits of Webmin are different. Just like all the guis, I found that the greatest use of Webmin is reflected in the need to complete operations that are rarely used. If I need to perform a new operation, I usually use a GUI on the Test System to complete it. After the operation is complete, the GUI generates an available configuration. Then I can interpret these configuration files to better understand the configuration process. From this point, you can see that the most commonly used is the command line (CLI ). GUI is becoming more and more reliable and flexible. whether to use GUI or CLI is purely a matter of personal preferences. If you have a background for using Windows or Mac, you may feel that it is easier to use GUI than to run commands, especially for simple configuration tasks. I believe that the most suitable tool is the best tool. Based on the same principle, I think it is worthwhile to spend time and energy learning the complex operations of my most important system. This means that I need help from the command line.
In chapter 16th, you mentioned that "system security first lies in physical security". Have you found that many Linux administrators have paid too much attention to network reinforcement and ignored the physical security threats of Linux systems? What do you think is the best way to protect the Linux physical environment?
I won't say that the Linux (or other system) Administrator ignores the physical threats of the system. I just think that we are all human beings and all people have weaknesses (we cannot cover all aspects), but we can always use the "Alarm Clock" to remind ourselves. (You can ask my wife how many times I need to be reminded of the obvious things !) All System Security begins with physical security. Recently, I heard a news story about the sale of obsolete hard disks (purchasers) in Ghana, where the garbage dumps only obtain data. This reminds me to run DBAN on the hard drive to be decommissioned-I usually remember to do this, but it is better to have a reminder. As long as the system disk is physically accessible, anyone can start Linux with "running level 1" and automatically obtain the root permission. In a Windows system, you can use a Linux boot CD to start it. The password of the Administrator account will also be changed. Cisco routers and firewalls can be powered-cycled, and configuration registers are modified to allow unauthorized login. Of course, even if we are physically exposed, there are still several ways to protect the system, but there are also several ways to crack our protection measures. The best way is to place the system in a secure data center to restrict physical access, lock the device rack, or at least lock the server in the closet. Oh, if you open the door and don't lock it, it's useless to put the server in the closet, which I often see.