Skip to main content

Posts

Showing posts from 2007

BSD Hack

The term hacking has an unfortunate reputation in the popular press, where it often refers to someone who breaks into systems or wreaks havoc with computers. Among enthusiasts, on the other hand, the term hack refers to a "quick-n-dirty" solution to a problem or a clever way to do something. The term hacker is very much a compliment, praising someone for being creative and having the technical chops to get things done. O'Reilly's Hacks series is an attempt to reclaim the word, document the ways people are hacking (in a good way), and pass the hacker ethic of creative participation on to a new generation of hackers. Seeing how others approach systems and problems is often the quickest way to learn about a new technology.

How to: Configure Linux to track and log failed login attempt records

Under Linux you can use faillog command to display faillog records or to .set login failure limits. faillog formats the contents of the failure log from /var/log/faillog database / log file. It also can be used for maintains failure counters and limits. Run faillog without arguments display only list of user faillog records who have ever had a login failure. more ...

Building the Linux Kernel Image

This section explains the steps taken during compilation of the Linux kernel and the output produced at each stage. The build process depends on the architecture so I would like to emphasize that we only consider building a Linux/x86 kernel. When the user types 'make zImage' or 'make bzImage' the resulting bootable kernel image is stored as arch/i386/boot/zImage or arch/i386/boot/bzImage respectively. Here is how the image is built:

Perl Programming

ERL was designed to be simple and direct. We outlined earlier that file manipulation and grep style functions are the bread and butter of PERL. Often times these types of tasks will require some form of user input. PERL can do exactly that (imagine that) and these next few pages of tutorial will walk you through the process step by step.

Optimizing IBM DB2 for Solaris 10 1/06 OS on Sun Fire T2000 Server

This article is for users planning to deploy DB2 on the Solaris 10 platform using a Sun Fire T2000 server. The information here is based on experiments carried out on DB2 with the Solaris 10 OS on the Sun Fire T2000 server in Sun's Market Development Engineering (MDE) and Strategic Applications Engineering (SAE) Labs in Burlington, Massachusetts. These tests used various workloads to identify configurations that allow the right mix of performance and ease-of-use. Results may vary for other users and environments. Tips are provided here to help system administrators and DBAs optimize DB2 deployed with the Solaris 10 OS and the Sun Fire T2000 architecture.

Reading from a pipeline with Perl

One of the great things about Perl is that it's very easy to run operating system commands, and read the output of those commands. Perl makes this process very easy and natural - it's just like reading data from a file.In this article we'll demonstrate the process of running external commands from within Perl, and then reading the output of those commands.

Upgrading FreeBSD

This document started as a follow up to The Ultimate Multimedia Server Guide and how to go about keeping your server up to date and patched with the latest O/S patches and security patches. The other reason for this document was to try and create an easy to follow update guide for the not so Unix savvy users that visit my website from time to time. My first time trying to upgrade FreeBSD from sources went well but trying to understand and piece together all the other documentation was more of a daunting task than actually upgrading.

Get started with the Linux key retention service

The Linux® key retention service introduced with Linux 2.6 is a great new way to handle authentication, cryptography, cross-domain user mappings, and other security concerns for the Linux platform. Learn the components of the Linux key retention service and get an understanding of its usage with a working sample application. more...

Ethernet Bridges under Linux

Bridging is the process of transparently connecting two networks segments together, so that packets can pass between the two as if they were a single logical network. Bridging is performed on the data link layer; hence it is independent of the network protocol being used - it doesn't matter if you use IP, Appletalk, Netware or any other protocol, as the bridge operates upon the raw ethernet packets. read more .

Network scanning

Discover how to scan your network for services and how to regularly monitor your services to keep uptimes to a maximum. A key way of ensuring the security of your network is to know what is on your network and what services individual machines are at risk of exposure. Unauthorized services, such as Web servers or file sharing solutions, not only degrade performance, but others can use these services as routes into your network. In this article , learn how to use these same techniques to ensure that genuine services remain available.

Troubleshooting Perl CGI scripts

This resource is intended as a general framework for working through problems with CGI scripts. It is not a complete guide to every problem that you may encounter, nor a tutorial on bug squashing. It is just the culmination of my experience debugging CGI scripts for ten years. This page seems to have had many different homes ... more

Linux Shell Scripting Tutorial

This Linux Shell Scripting Tutorial is designed for people who wish to learn the fundamentals of shell scripting/programming. It also contains an introduction to power tools such as awk and sed. It is not the manual for the shell. While reading this tutorial you may find the manual quite useful (type man bash at $ prompt to see the manual pages). The manual contains all of the necessary information you need, but will not contain any examples which would make the ideas clear. Therefore, this tutorial contains examples rather than all of the features of the shell.

Bash FAQ

This document contains a set of requently-asked questions concerning Bash, the GNU Bourne-Again Shell.Bash is a freely-available command interpreter with advanced features for both interactive use and shell programming.

Modularity: Keeping It Clean, Keeping It Simple

There is a natural hierarchy of code-partitioning methods that has evolved as programmers have had to manage ever-increasing levels of complexity. In the beginning, everything was one big lump of machine code. The earliest procedural languages brought in the notion of partition by subroutine. Then we invented service libraries to share common utility functions among multiple programs. Next, we invented separated address spaces and communicating processes. Today we routinely distribute program systems across multiple hosts separated by thousands of miles of network cable. read more...

What you already know. (should know) - About BASH.

First you probably need to read a UNIX command bible to really understand this tutorial, but I will try to make it as clear as possible, there is about 100-150 UNIX commands explained later in this tutorial. You are to have some UNIX experience before starting on this tutorial, so if you feel that you have UNIX/Linux experience feel free to start to learn here .

RHEL / CentOS Support 4GB or more RAM (memory).

If you have 4 GB or more RAM use the Linux kernel compiled for PAE capable machines. Your machine may not show up total 4GB ram. All you have to do is install PAE kernel package. This package includes a version of the Linux kernel with support for up to 64GB of high memory. It requires a CPU with Physical Address Extensions (PAE). The non-PAE kernel can only address up to 4GB of memory. Install the kernel-PAE package if your machine has more than 4GB of memory (>=4GB). more.. .

Perlfaq

The perlfaq comprises several documents that answer the most commonly asked questions about Perl and Perl programming. It's divided by topic into nine major sections outlined in this document .

Types of Firewall and DMZ Architectures

In the world of expensive commercial firewalls (the world in which I earn my living), the term "firewall" nearly always denotes a single computer or dedicated hardware device with multiple network interfaces. This definition can apply not only to expensive rack-mounted behemoths, but also to much lower-end solutions: network interface cards are cheap, as are PCs in general. This is different from the old days, when a single computer typically couldn't keep up with the processor overhead required to inspect all ingoing and outgoing packets for a large network. In other words, routers, not computers, used to be one's first line of defense against network attacks. read more.

Perl

Computer languages differ not so much in what they make possible, but in what they make easy. Perl is designed to make the easy jobs easy, without making the hard jobs impossible. Perl makes it easy to manipulate numbers, text, files, directories, computers, networks, and programs. It also makes it easy to develop, modify, and debug your own programs portably, on any modern operating system. more...

Clone Systems Quickly and Easily

Now that Linux is in widespread use, many businesses that don't want to roll their own Linux systems simply deploy out-of-the-box systems based on supported distributions from sources such as SUSE, Mandriva, Turbo Linux, and Red Hat. Businesses that need a wider array of system or application software than these distributions provide often spend significant effort adding this software to their server and desktop systems, fine-tuning system configuration files, setting up networking, disabling unnecessary services, and setting up their corporate distributed authentication mechanisms. All of this takes a fair amount of time to get "just right"it also takes time to replicate on multiple systems and can be a pain to recreate if this becomes necessary. Read more...

Recover Data from Crashed Disks

As the philosopher once said, "Into each life, a few disk crashes must fall." Or something like that. Today's relatively huge disks make it more tempting than ever to store large collections of data online, such as your entire music collection or all of the research associated with your thesis. Backups can be problematic, as today's disks are much larger than most backup media, and backups can't restore any data that was created or modified after the last backup was made. Luckily, the fact that any Linux/Unix device can be accessed as a stream of characters presents some interesting opportunities for restoring some or all of your data even after a hard drive failure. When disaster strikes, consult this hack for recovery tips.

Perl debugging tutorial

A very lightweight introduction in the use of the perl debugger, and a pointer to existing, deeper sources of information on the subject of debugging perl programs. There's an extraordinary number of people out there who don't appear to know anything about using the perl debugger, though they use the language every day. This is for them.

Scalable Public Key Infrastructure for both OpenSWAN and OpenVPN

User management and the related cryptographic authentication infrastructure is a major hurdle in deploying scalable, manageable VPNs (Virtual Private Networks). After introducing VPNs and Public Key Infrastructure (PKI) and discussing some of the benefits and challenges of two popular VPN implementations, we'll document how to build a scalable PKI to simplify VPN authentication management

Tuning network performance

This three-part series on AIX® networking focuses on the challenges of optimizing network performance. In the first installment, you’ll review some best practices for network configuration, and utilize those practices for efficient monitoring of your hardware by taking advantage of network tools such as netstat, netpmon, entstat, and nmon. You'll also examine certain tools used to look at your interfaces to see how to configure them.

Kernel synchronization primitives

Multiprocessor systems are mainstream these days. From the desktop to the datacenter, systems with more than one processor are used for everything from high-end desktop applications to large datacenter backends. This month, Jim takes a brief look at the multiprocessor systems architectures in use today , including the shared memory multiprocessor architecture, Sun's choice for its multiprocessor systems. His discussion will provide a solid background for a segue into the locking primitives used by the Solaris kernel to facilitate multiprocessor platform support.

Anatomy of the Linux SCSI subsystem

The Small Computer Systems Interface (SCSI) is a collection of standards that define the interface and protocols for communicating with a large number of devices (predominantly storage related). Linux® provides a SCSI subsystem to permit communication with these devices. Linux is a great example of a layered architecture that joins high-level drivers, such as disk or CD-ROM drivers, to a physical interface such as Fibre Channel or Serial Attached SCSI (SAS). This article introduces you to the Linux SCSI subsystem and discusses where this subsystem is going in the future.

Linux Kernel 2.4 Internals

Introduction to the Linux 2.4 kernel. The latest copy of this document can be always downloaded from: http://www.moses.uklinux.net/patches/lki.sgml This guide is now part of the Linux Documentation Project and can also be downloaded in various formats from: http://www.linuxdoc.org/guides.html or can be read online (latest version) at: http://www.moses.uklinux.net/patches/lki.html This documentation is free software.. read more

HOWTO Use hdparm to improve IDE device performance

Hdparm is a tool that allows you to set IDE device settings. This includes things such as DMA modes, transfer settings and various other settings that can help improve the speed of your hard disks and CDROMs. These settings are not enabled by default, so you will probably want to enable them. This guide is also intended to provide more up-to-date information on hdparm settings and inform the user how to check what settings are supported so that the optimum settings for the drive can be used. Many hdparm guides simply tell people to enable specific modes such as '-X33' or '-c1', and as most of these guides are now out-of-date many people end up using those older settings when better, newer options may now be used. By speeding up your hard drives you should get a faster system. It should also help solve stuttering DVD playback or extremely slow burning.

The /proc filesystem

The /proc filesystem is used to store many system configuration parameters. It is a virtual filesystem that resides in the kernels memory. Some of the areas in this filesystem cannot be written to by the root user including /proc/sys. Much information here is based on the proc man page. Fro more information refer to that page. Elements of the proc filesystem include:

Awk - a tutorial and introduction

Why is AWK so important? It is an excellent filter and report writer. Many UNIX utilities generates rows and columns of information. AWK is an excellent tool for processing these rows and columns, and is easier to use AWK than most conventional programming languages. It can be considered to be a pseudo-C interpretor, as it understands the same arithmatic operators as C. AWK also has string manipulation functions, so it can search for particular strings and modify the output. AWK also has associative arrays, which are incredible useful, and is a feature most computing languages lack. Associative arrays can make a complex problem a trivial exercise. read more...

Adding New Kernel Modules

Building a kernel module that is not yet included in the los-kernel-extras package is a two step process. First you need to create a source package for it. Then you need to add a build directory to the los-kernel-extras package. If you are lucky, the source will already be available as a debian package. You might search for this at | Debian or | Ubuntu package servers. We will use the example of fuse, a kernel module that implements user space file systems. As of right now, fuse-source version 2.5.3-2.1 is available in Debian unstable (sid), so we will use that. We put these lines in our sources list....

The GNU Bourne-Again SHell

Bash is the GNU Project's Bourne Again SHell, a complete implementation of the IEEE POSIX and Open Group shell specification with interactive command line editing, job control on architectures that support it, csh-like features such as history substitution and brace expansion, and a slew of other features. Here is a short list of some of the features available in bash.. read more.

Building Products with FreeBSD

The FreeBSD project is a worldwide, voluntary, and collaborative project, which develops a portable and high-quality operating system. The FreeBSD project distributes the source code for its product under a liberal license, with the intention of encouraging the use of its code. Collaborating with the FreeBSD project can help organizations reduce their time to market, reduce engineering costs and improve their product quality. This article examines the issues in using FreeBSD code in appliances and software products. It highlights the characteristics of FreeBSD that make it an excellent substrate for product development. The article concludes by suggesting a few “best practices” for organizations collaborating with the FreeBSD project.

Anatomy of Linux synchronization methods

In your Linux® education, you may have learned about concurrency, critical sections, and locking, but how do you use these concepts within the kernel? This article reviews the locking mechanisms available within the 2.6 kernel, including atomic operators, spinlocks, reader/writer locks, and kernel semaphores. It also explores where each mechanism is most applicable for building safe and efficient kernel code. This article explores many of the synchronization or locking mechanisms that are available in the Linux kernel. It presents the application program interfaces (APIs) for many of the available methods from the 2.6.23 kernel. But before you dig into the APIs, you need to understand the problem that's being solved.

Socket Programming in PERL

In this article , Rahul shows us how to create a client-server socket program in Perl and then demonstrates it by pinging the server. What is a socket? Just another bit of computer jargon? Devling a little into networking history, it is a Berkeley UNIX mechanism of creating a virtual duplex connection between processes. This was later ported on to every known OS enabling communication between systems across geographical location running on different OS software. If not for the socket, most of the network communication between systems would never ever have happened.

Perl programming with DB2 Universal Database

Perl – Practical Extraction and Report Language -- is a powerful and easy-to-use programming language available for many operating systems. Perl is free. You can download the language (in source code or binary form) and use it without paying a license fee. Perl is an increasingly popular choice. It contains aspects of the C programming language, as well as UNIX® commands such as awk and sed. An interpreted language, Perl can be used in stand-alone applications or with Apache to build Web applications. You can use Perl to quickly manipulate large sets of data from files or RDBMSs. DBI, the standard for connecting Perl scripts to an RDBMS, was introduced in 1994. You can find the DBI driver source and its documentation at http://dbi.perl.org/. This article shows you how to write simple Perl programs that extract or manipulate data stored in DB2 UDB. You'll go from the simple task of selecting a row from a database into a Perl program to more advance topics, including dealing with la...

Unix Daemons in Perl

The word daemon is derived from the Greek word daimon, meaning a "supernatural being" or "spirit", rather than demon, referring to the fallen angels or followers of Satan. Some would insist that Unix is infested with both daemons and demons. In Unix, daemons are typically started by the root process when the operating system is initialized, and run in the background indefinitely. Daemons typically spend most of their time waiting for an event or period when they will perform some task. Examples of common Internet daemons include WU-Ftpd, Apache, BIND, and Sendmail. These particular daemon programs are responsible in part for making the Internet useful, but daemons also serve other purposes that are not as visible to users. In this tutorial , we'll learn how easy it is to turn a Perl script into a daemon process.

Unix Systems Administration

The first question is usually "Why am I using UNIX as opposed to another operating system, such as DOS?", or "Why am I using UNIX instead of a mainframe or mini-computer?". This section provides an overview of the capabilities of the UNIX operating system, and why it is a preferred computing platform.

UNIX shell differences

In the near beginning there was the Bourne shell /bin/sh (written by S. R. Bourne). It had (and still does) a very strong powerful syntactical language built into it, with all the features that are commonly considered to produce structured programs; it has particularly strong provisions for controlling input and output and in its expression matching facilities. But no matter how strong its input language is, it had one major drawback; it made nearly no concessions to the interactive user (the only real concession being the use of shell functions and these were only added later) and so there was a gap for something better. read more ...

Perl Arrays - a tutorial

Arrays are a sequence of variables, whose members can be retrieved and assigned to by using their indices. An index passed to an array may well be, and usually is, another variable. To refer to the $i'th element of the array @myarray, one uses the syntax $myarray[$i]. This element can be assigned to or its value can be retrieved, with the same notation. Array indices are whole numbers and the first index is 0. As in the length of a string, the number of elements in an array is bounded only by the amount of available memory the computer has. more...

KernelHacking-HOWTO/Overview of the Kernel Source Code/Internals of Interrupt Handling

This section will discuss, the hardware prospective of interrupt handling fromCPU, Linux Kernel's Interrupt Routing subsystem, Device Drivers's rolein Interrupt handling. Term Interrupt is self defined,Interrupts are signals sent to CPU on an INTR bus (connected to CPU) whenever any device want to get attention of CPU. As soon as theinterrupt signal occurs, CPU defer the current activity and service the interrupt by executing the interrupt handler corresponding to that interrupt number (also know as IRQ number). One of the clasifications of Interrupts can be done as follows: - Synchronous Interrupts (also know on as software interrupts) - Asynchronous Interrupts (also know as hardware interrupts)

Key-enabling kernel extensions for the IBM AIX Version 6.1 operating system

Memory overlays and addressing errors are difficult problems to diagnose and service. Growing software size and complexity further complicate the situation. Many software components in the AIX® operating system share the kernel address space. POWER6™ processors and AIX Version 6.1 now have storage protection keys which the kernel extensions and device drivers can use to improve the reliability and serviceability of the system. In this article , learn about the new storage protection mechanism, and how to take advantage of storage protection keys to improve the Reliability, Availability, and Serviceability (RAS) characteristics of an existing device driver or kernel extension

Debian way to make tiny change to package

Have you ever had to make a one-line correction (or customization) in a big package? If so how did you manage it? The obvious way is to rebuild a package and serve it locally, but is there some other approach? After spending an hour investigating bad behavior from the amoverview perl script in the amanda-server package (2.5.1p1-2.1), I traced the problem to one line in the script. It was an easy fix if you don't mind tweaking code directly in /usr/sbin/, read more ...

Maximum swappage

When you set up a brand new Linux server, do you create a single 128 MB swap partition? If so, did you know that you are severely limiting swap performance? Would you like to increase swap performance by several orders of magnitude, and to create swap partitions larger than 1 GB? It's possible, requiring no kernel patches or special hardware, just pure geek know-how! Some of you may not really care about swap. After all, Linux systems are typically very memory efficient, and swap is often barely touched. While often true on desktop systems, servers are another story. Because servers may handle unexpected stresses, such as runaway processes, denial of service attacks, or even the Slashdot effect, they need to have adequate high-speed swap so that they do not grind to a halt and possibly crash when all physical memory (and then some) is exhausted. More...

FreeBSD Security Event Auditing

FreeBSD 6.2-RELEASE and later include support for fine-grained security event auditing. Event auditing allows the reliable, fine-grained, and configurable logging of a variety of security-relevant system events, including logins, configuration changes, and file and network access. These log records can be invaluable for live system monitoring, intrusion detection, and postmortem analysis. FreeBSD implements Sun™'s published BSM API and file format, and is interoperable with both Sun's Solaris™ and Apple®'s Mac OS® X audit implementations. read more ..

Perl 5.6 for C and Java programmers

Ted Zlatanov explains some of the peculiarities in Perl 5.6 for C and Java programmers , who may actually be pleasantly surprised by some familiar features hailing from sources other than Perl, like operator ambiguity, multiple ways of doing the same thing, punctuation, regular expressions, and variable mechanism. All of them put variety and power at your fingertips. The point is, Perl isn't too far from anyone's familiar territory and may be useful to even C and Java programmers at some point. So here's your opportunity to enhance your Perl 5.6 skills.

Teach Yourself Perl 5 in 21 days

This book is designed to teach you the Perl programming language in just 21 days. When you finish reading this book, you will have learned why Perl is growing rapidly in popularity: It is powerful enough to perform many useful, sophisticated programming tasks, yet it is easy to learn and use.

Understanding the Solaris socket filesystem

Sockets provide an interface into the kernel's networking protocols by allowing programmers to create a communication endpoint in the form of a file descriptor, and by binding a name to the file descriptor. That follows a convention that has existed in Unix systems since its inception: file-based I/O, where the source or destination of an I/O operation appears to the programmer as a file, and a standard set of interfaces (open(2), read(2), write(2), close(2)) can be used to acquire a file descriptor and issue I/O operations. more...

Debian way to make tiny change to package

Have you ever had to make a one-line correction (or customization) in a big package? If so how did you manage it? The obvious way is to rebuild a package and serve it locally, but is there some other approach? After spending an hour investigating bad behavior from the amoverview perl script in the amanda-server package (2.5.1p1-2.1), I traced the problem to one line in the script. It was an easy fix if you don't mind tweaking code directly in /usr/sbin/ read more ...

A Simple Socket Server Using inetd .

It is often the case that one needs to test a system before the hardware is available or on-line. In my case, I'm developing an interface which will talk to a socket on a complex piece of Fab Metrology gear called an Applied Materials NanoSEM, using a complex protocol called SEMI SECS-II/GEM HSMS. I needed a quick and dirty handler to act as the NanoSEM while I get the protocol parser working. read full tutorial.

How to move FreeBSD to a new hard disk

This article will explain how you can move your FreeBSD installation from one hard disk drive to another. I have done this many times using the dump/restore utility. Before you begin, be sure you have read this document carefully. Let's assume that our FreeBSD installation is on a 4 gigabyte drive (ide master ad0) and we would like to move it to a new 20 gig drive. What you need to do is remove the old hard disk, install the new [20G] drive as an ide master and perform a minimal clean install of FreeBSD, setting up the partitions exactly how you want them. Be se sure to set the drive as bootable and boot from it one time as a test. Next, put your old [4G] drive back in the system as an ide master and the new [20G] drive in as an ide slave. Boot the system on your old installation in single user mode.

Linux IPv6 HOWTO

The goal of the Linux IPv6 HOWTO is to answer both basic and advanced questions about IPv6 on the Linux operating system. This HOWTO will provide the reader with enough information to install, configure, and use IPv6 applications on Linux machines. Intermediate releases of this HOWTO are available at mirrors.bieringer.de or mirrors.deepspace6.net. See also revision history for changes.

Linux assemblers: A comparison of GAS and NASM

This article explains some of the more important syntactic and semantic differences between two of the most popular assemblers for Linux®, GNU Assembler (GAS) and Netwide Assembler (NASM), including differences in basic syntax, variables and memory access, macro handling, functions and external routines, stack handling, and techniques for easily repeating blocks of code.

Perl, Sockets and TCP/IP Networking

Sockets are a mechanism that allows programs to communicate, either on the same machine or across a network. The way it works is pretty simple: Each machine on a network is identified by some address. In this tutorial we will talk about tcp/ip networking, so by network address we mean an IP address. (like 192.168.4.4) Apart from the IP address that specifies a machine, each machine has a number of ports that allow handling multiple connections simultaneously... more

Rebuilding failed Linux software RAID

Recently I had a hard drive fail. It was part of a Linux software RAID 1 (mirrored drives), so we lost no data, and just needed to replace hardware. However, the raid does requires rebuilding. A hardware array would usually automatically rebuild upon drive replacement, but this needed some help. When you look at a "normal" array, you see something like this ... read more

Egroupware server with LDAP backend.

Egroupware is a webbased groupware suite with an impressive list of features. Egroupware uses a Mysql backend to store all it's data but the latest release makes it easy to store useraccounts in an LDAP tree. This documents describes how to install the latest version while using an LDAP backend for useraccounts. Egroupware can then manage the unix loginaccounts as well as samba login accounts.

Learn the Perl/Tk module: The basics of Perl/Tk

The Perl language is usually used by IBM® AIX® operating system administrators and developers, and it can be found on nearly every successful Web site and most AIX systems. Although Perl scripts are powerful, they produce a Web interface that lacks a graphical front end, and the user has to type information instead of using the mouse, which can be an unsatisfying experience for the customer. This problem has been resolved with the introduction to the Tk module in Perl. An administrator or developer can quickly breathe new life into their Perl script with the Tk module and satisfy their customer's desire for an X11 product... read more .

Secure SSH

SSH is not only the secure replacement for rlogin, rsh and telnet, which has been used in the past to do remote administration work, but there are also neat tricks like port forwarding, vpn tunneling and file transfers that you can do with minimal configuration work, leaving only one port open to the internet. read full article..

UNIX work with Windows XP and Mac OS X

Learn about using a UNIX® system as a primary domain controller (PDC) and file repository, including an anonymous, read-only shared area accessible by anyone with a Web browser. To be a good citizen on your local network, you need to integrate your favorite UNIX system with the networking features of client systems, generally running Windows® XP or Mac OS X . This makes it easier for the users of those workstations to take advantage of the centralized authentication and storage facilities you can provide.

Configure Linux Firewalls Using iptables

Network security is a primary consideration in any decision to host a website as the threats are becoming more widespread and persistent every day. One means of providing additional protection is to invest in a firewall . Though prices are always falling, in some cases you may be able to create a comparable unit using the Linux iptables package on an existing server for little or no additional expenditure. read more. ..

Configuring Wine

Most of the most common configuration changes can be done with the Winecfg tool. We'll go through an easy, step-by-step introduction to Winecfg and outline the options available. In the next section we'll go over more advanced changes you can make using regedit as well as provide a complete reference to all Wine configuration settings. Finally, some things you might want to configure fall out of the scope of Winecfg and regedit, and we'll go over those.

How-to Install Ubuntu Linux on a usb drive.

This tutorial will show how-to install Ubuntu on a usb stick. Even though this tutorial uses Ubuntu as its base distribution, you could virtually use any type of Linux liveCD distribution. Being able to run Linux out of a usb bar is a great way to enjoy the live CD experience (being able to use Linux on any computer you might get by) and the big advantage of being easier to carry around than a CD.

Introduction to Porting UNIX/Linux Applications to Mac OS X.

The UNIX Porting Guide is a first stop for UNIX developers coming to Mac OS X. This document helps guide developers in bringing applications written for UNIX-based operating systems to Mac OS X. It provides the background needed to understand the operating system. It touches on some of the design decisions, and it provides a listing and discussion of some of the main areas that you should be concerned with in bringing UNIX applications to Mac OS X. It also points out some of the advanced features of Mac OS X not available in traditional UNIX applications that you can add to your ported applications.

Crontab - Quick reference.

Setting up cronjobs in Unix and Solaris cron is a unix, solaris utility that allows tasks to be automatically run in the background at regular intervals by the cron daemon. These tasks are often termed as cron jobs in unix , solaris. Crontab (CRON TABle) is a file which contains the schedule of cron entries to be run and at specified times.

Easier Linux/Unix remote CGI Debugging.

By Hero Zzyzzx : The things I'll discuss here are aimed at new/intermediate perl coders that know basic *nix commands: ls,cd,chmod,chgrp,mv,cp, etc., meaning I'm not going to discuss these. I also assume you can use man and understand how to use telnet/ssh to get to your server. I realize that what I discuss here isn't specific to perl (or even CGI programming with perl) but is still (IMHO) very useful. If you want to know perl tricks to ease debugging, read the other tutorials in this section.

Implement lower timer granularity for retransmission of TCP.

Reduce the overhead of per-tick processing with a timer wheel algorithm that implements the retransmission timer. The AIX® Transmission Control Protocol (TCP) has seven timers (per-connection) and uses global timer functions with two granularities to implement the timers. In this article , learn how to get lower granularity with your retransmission timer by using the AIX TCP fast timer, and discover other advantages of lower timer granularity.

Understanding the Linux Kernel Initcall Mechanism.

All kernel files that are referenced in this paper are specifed by a path name relative to the kernel's root directory. For example the setup.c file for the PowerPC architecture would be given as: arch/ppc/kernel/setup.c. A specific function (e.g. early_init) within a given file is expressed as arch/ppc/kernel/setup.c:early_init() regardless of what parameters it accepts (if any) and what it returns (if anything). read more.

Windows to UNIX porting.

Software programs are often made to run on systems that are completely different from the system in which the program is coded or developed. This process of adapting software across systems is known as porting. You might need to port software for any one of several reasons. Perhaps your end users want to use the software in a new environment, such as a different version of UNIX®, or perhaps your developers are integrating their own code into the software to optimize it for your organization's platform.

Linux Infrared HOWTO.

The Infrared-HOWTO provides an introduction to Linux and infrared devices and how to use the software provided by the Linux/IrDA project. This package uses IrDA(TM) compliant standards. IrDA(TM) is an industrial standard for infrared wireless communication, and most laptops made after January 1996 are equipped with an IrDA(TM) compliant infrared transceiver. Infrared ports let you communicate with printers, modems, fax machines, LANs, and other laptops or PDAs. Speed ranges from 2400bps to 4Mbps.

CONFIGURE NDISWRAPPER in the CONTROL CENTER.

Installing a windows wireless driver in Linux can be done through the use of a program called ndiswrapper . This is the way to go if your wireless card does not have Linux support. If you are using Mandriva/Mandrake or PCLinuxOS, then you may be able to install your NDISWrapper through the Control Center.. more .

Installing FreeBSD 6.x under VMWare Server.

First of all you will need to install the host OS, and in this case we are using Windows Server 2003X64 Standard Edition R2 which must include IIS, however could have easily been an approve Linux variant, or even the VMWare ESX solution. In either case it is probably a good idea to ensure that all of the patches and updates have been applied... read more.

Linux for the handset: a rising force.

This article traces Linux's transformation into one of the most popular mobile phone environments today. It was written by Jim Ready, founder and CTO of MontaVista -- and arguably one of the most important pioneers in the market for off-the-shelf commercial embedded operating systems. Enjoy ...

System emulation with QEMU.

QEMU is an open source emulator for complete PC systems. In addition to emulating a processor, QEMU permits emulation of all necessary subsystems, such as networking and video hardware. It also permits emulation of advanced concepts, such as symmetric multiprocessing systems (up to 255 CPUs) and other processor architectures, such as ARM or PowerPC. This article explores QEMU and its architecture and shows how to emulate a guest operating system on a Linux® host.

Debian and Windows Shared Printing.

Debian GNU/Linux ( http://www.debian.org ) is the premier volunteer-supported Linux distribution. Unfortunately, setting up printers in Debian can be difficult. Also, simple step-by-step instructions for sharing printers between Windows and Linux using the latest tools are hard to find. This HOWTO was written to address both problems. This HOWTO will demonstrate how to use command-line tools to configure your Debian system for printing. It will explain how to send documents from Linux to Windows printers and how to share Linux printers with Windows PCs. Some troubleshooting examples are also given.

Chrooted Snort on Solaris.

Do most people ever worry about the security of their Intrusion Detection System (IDS)? They should. With high speed Internet access being so common around the world, many personal PCs are being hijacked or shared by hackers these days. These hijacked PCs serve as a launch point for attacks.. more

A Linux Toolbox for AMD64 Developers.

While you can't judge a book by its cover, you can often judge a development platform by its tools. By that measure, the AMD64 platform demonstrates a maturity that exceeds the youth of its release, in early 2003. The breadth of 64-bit tools available for the Opteron processor... read more.

Configuration/installation of ndiswrapper.

Lately i noticed alot of people asking questions about how to configure wireless for dell inspiron 1501 Laptops - this article will help you to get over it. Dell TrueMobile wireless cards are based on Broadcom Wireless chipsets. Dell recommends using the ndiswrapper driver framework for TrueMobile wireless cards. While not officially tested or supported by Dell.

Creating dynamic swap space.

When a GNU/Linux machine runs out of physical memory it will start to use any configured swap-space. This is usually a sign of trouble as swap files and partitions are significantly slower to access than physical memory, however having some swap is generally better than having none at all... read more.

Sun Solaris for AMD64—What It Will Mean?

Sun's Solaris will soon appear in a native 64-bit version for the AMD64 architecture. While you can already run the 32-bit version of Solaris x86 today, Alan Zeichick explains the significance of this new operating system release, and highlights Sun's plans to support the AMD Opteron and Athlon 64 processors.

Ten more command-line concoctions.

A great number of shell features affect how the command name you type is interpreted. Each shell has an assortment of built-in commands; the PATH environment variable specifies the list and order of directories to search; and each alias acts as shorthand. With so many ways to run a program, how do you know what you're actually executing? Use the built-in type command of the shell to reveal the truth. read more.

Linux IPv6 HOWTO.

The goal of the Linux IPv6 HOWTO is to answer both basic and advanced questions about IPv6 on the Linux operating system. This HOWTO will provide the reader with enough information to install, configure, and use IPv6 applications on Linux machines.

Automated Backups With rdiff-backup.

This tutorial describes how to do automated server backups with the tool rdiff-backup. rdiff-backup lets you make backups over a network using SSH so that the data transfer is encrypted. The use of SSH makes rdiff-backup very secure because noone can read the data that is being transferred. rdiff-backup makes incremental backups, thus saving bandwidth.

Application configuration with Perl.

File-based configurations break down quickly if you use a hand-built method. Teodor Zlatanov demonstrates how the AppConfig module can handle local configuration storage for Perl programs, and how such configurations can be stored in a database that can then be accessed from any machine on the network. more .

Controlling the duration of scheduled jobs.

Terminating a job after a certain time, or after other criteria are met, usually involves having one process to run the job and another to monitor the completion criteria. In this tip you learn how to have a process manage the time while the real job runs. You also learn how to use the signal and trap facilities to terminate one of these tasks if the other finishes prematurely.

Windows to UNIX porting,

Software programs are often made to run on systems that are completely different from the system in which the program is coded or developed. This process of adapting software across systems is known as porting. You might need to port software for any one of several reasons read more...

Gentoo Initscripts.

Gentoo uses a special initscript format which, amongst other features, allows dependency-driven decisions and virtual initscripts. This chapter explains all these aspects and explains how to deal with these scripts.

Using kvm, or kqemu, to speed up qemu.

Have you ever wanted to play with a new distro without having to burn and then reboot into a liveCD or do an install into a spare partition that you may or may not have? QEMU has been an option for awhile but it is slow. There are several options available to run up a virtual machine. read more.

The Ultimate Do-It-Yourself Linux Box.

Some of us just like to do it ourselves. There's something uniquely satisfying about selecting every component in a system. It allows you to balance the exact price/performance trade-off that suits you best. Do-it-yourself is also one of the best ways to ensure that you have a system that won't become obsolete within six months. For example, most AMD64 motherboards support only 4GB of RAM, but our favorite board supports up to 8GB of RAM. We may never upgrade it to the full 8GB, but it's nice to have that room for expansion. You may not get that kind of room for expansion with a pre-made system.

File management in Linux.

Unix systems provide a number of commands to manage files and directories. Their strong point is the ability to use them in a rather simple manner against a group of files/directories meeting certain conditions. For example all the files satisfying specific criteria can be deleted or have their names changed en masse. more ...

Building a Linux firewall.

The growth of the Internet has prompted many organizations to become security-conscious. Documented and undocumented incidents of security violations, expanded research about security issues, and even media hype have brought about the potential for at least partial solutions for securing a networked environment---without completely isolating the network from the outside world. Leading the pack of solutions is the firewall. Just about everyone has defined what a firewall is, so I won't be any different. more .

BSD Sockets: A Quick And Dirty Primer.

As you delve into the mysteries of UNIX, you find more and more things that are difficult to understand immediately. One of these things, at least for most people, is the BSD socket concept. This is a short tutorial that explains what they are, how they work, and gives sample code showing how to use them.

Set up a Web server cluster in 5 easy steps.

To get the most out of this article, you should be familiar with Linux and basic networking, and you should have Apache servers already configured. Our examples are based on standard SUSE Linux Enterprise Server 10 (SLES10) installations, but savvy users of other distributions should be able to adapt the methods shown here.

FreeBSD Security Advisories.

Like many production quality operating systems, FreeBSD publishes “Security Advisories”. These advisories are usually mailed to the security lists and noted in the Errata only after the appropriate releases have been patched. This section will work to explain what an advisory is, how to understand it, and what measures to take in order to patch a system.

Securing 802.11 with OpenBSD.

How can we make sure that our WLAN traffic is useless for all unauthorized listeners? From the OSI layer 3 point of view, 802.11 is not different than any other LAN technique (ethernet, token ring..). This makes it possible to use standard solutions for securing IP traffic. This document describes an implementation of 802.11 wireless LAN access point and VPN gateway using the OpenBSD operating system and how to secure the WLAN traffic with IPsec. We are going to utilize many of the hot Internet buzzwords

Multicast over TCP/IP HOWTO.

This HOWTO written by Juan-Mariano de Goyeneche tries to cover most aspects related to multicast over TCP/IP networks. So, a lot of information within it is not Linux-specific (just in case you don't use GNU/Linux... yet). Multicast is currently an active area of research and, at the time of writing, many of the "standards" are merely drafts. Keep it in mind while reading the lines that follow.

Configuring a Cron Task.

The crontab command, found in Unix and Unix-like operating systems, is used to schedule commands to be executed periodically. It reads a series of commands from standard input and collects them into a file known also known as a "crontab" which is later read and whose instructions are carried out. read more.

Configuring the Cisco VPN 5000 Client to the Cisco VPN 5000 Concentrator with Cisco Secure UNIX (RADIUS) Authentication.

The Cisco VPN 5000 Concentrator can be configured to authenticate VPN 5000 Clients through Cisco Secure UNIX (CSUNIX) RADIUS. This document assumes that local authentication works prior to adding RADIUS authentication (hence our user localuser in group ciscolocal). Authentication is then added to Cisco Secure UNIX RADIUS for users that do not exist in the local database (user csunixuser is assigned to group csunix by virtue of the attributes returned from the Cisco Secure UNIX RADIUS server).

Simplified kernel extensions with AIX Version 6.

Discover why you need to change your applications and build environments that supply 32-bit-only kernel extensions to accommodate IBM AIX® Version 6. With AIX Version 6, the kernel environment is 64-bit kernel only. Previously, the AIX operating system provided both 32-bit and 64-bit kernels, requiring 32-bit and 64-bit kernel extensions. In this article , apply two easy solutions to help you make the transition and start reaping the benefits of the simplified kernel environment.

Install and configure NIS+.

Ease your system administration tasks and use Network Information Service plus (NIS+) to quickly handle maintenance and security issues for information. NIS+ is a network-wide naming and administration service that works on a client-server model. The server maintains all the details of the users and clients in a central database. In this article , get step-by-step instructions on how to install, configure, and administer NIS+.

Unix programming : tutorials.

The following set of tutorials reflects an effort to give Unix programmers and programmers wanna-be a chance to get familiar with various aspects of programming on Unix-like systems, without the need to buy an expensive set of books and spending a lot of time in understanding lots of technical material. The one assumption common to all tutorials (unless stated otherwise) is that you already know C programming on any system.

The ways, means of Linux on the iPod.

Imagine recording studio-quality audio using your iPod and a regular-old microphone. Or sitting on the commuter train, playing Othello, Pong, Tetris or Asteroids. All this and more is possible when you install Linux on your 3rd generation or earlier iPod. Best of all, one soft-reset and you're back in Apple Computer's iPod operating system. read more.

Making Perl Reusable with Modules.

Perl software development can occur at several levels. When first developing the idea for an application, a Perl developer may start with a short program to flesh out the necessary algorithms. After that, the next step might be to create a package to support object-oriented development. The final work is often to create a Perl module for the package to make the logic available to all parts of the application. Andy Sylvester explores this topic with a simple mathematical function. read more.

Unix Shell Tips & Tricks.

Tips and tricks for the Unix shell environment. Shell examples assume a non-csh-based shell, such as bash or zsh. Consult the manual for the commands in question if you see errors, as tools vary depending on the flavor of Unix.

Linux links wirelessly.

You say you prefer to work in Linux? All the better -- and it doesn't mean you have to be left out of the freedom wireless computing brings you. Systems administrator and book author Tom Syroid teaches you how to configure a wireless network card under Linux. Upon completion of this tutorial, you'll know how to set up a Linux laptop for wireless transmission using Gentoo distribution as an example.

Gentoo Linux Bluetooth Guide.

Bluetooth is an industrial specification that provides users a way to connect and exchange information between devices like personal computers, PDAs or mobile phones. Using the Bluetooth technology, users can achieve wireless voice and data transmission between devices at a low cost. Bluetooth also offers the possibility to create small wireless LANs and to synchronize devices. read more.

Emacs editing environment, Part 5: Shape your Emacs view.

This tutorial , the fifth in a series , shows you how to manage and manipulate the shape your Emacs session—examine how to partition the Emacs screen, create multiple X client windows for a single Emacs session, and display multiple buffers in each window, dividing the screen with horizontal and vertical divisions. You also learn about mouse window control and characteristics so that by the time you're through, you can make your Emacs session look and work the way you want it to.

Learning GNU C.

The aim of this book is to teach GNU users how to write software in C. It is written primarily as a tutorial for beginners but should be thorough enough to be used as a reference by experience programmers. The basics are layed down in full in the first few chapters, beginners will read these chapters carefully while those with prior experience can skim through them. All the information is there, no prior knowledge of programming is assumed.

Linux tip: Controlling the duration of scheduled jobs.

Say you need to debug a pesky problem by running some traces for 30 minutes at midnight, or you would just like to use your Linux system as an alarm clock. This tip helps you stop jobs, such as those started with the cron and at capabilities, after the jobs have run for a certain time, or when some other criteria are met. This tip now includes information on the timeout command in the AppleTalk networking package (Netatalk). -Ed.

System Administration Toolkit: Distributed administration using SSH.

Use Secure Shell (SSH) to run commands on remote UNIX® systems and, with some simple scripts, put together a system that enables you to manage many systems simultaneously from one machine without having to log in directly to the machines themselves. Also examine the basics of a distributed management system and some scripts and solutions using the technique. more...

PC-BSD

PC-BSD has been designed with the "casual" computer user in mind. Installing the system is simply a matter of a few clicks and a few minutes for the installation process to finish. Hardware such as video, sound, network and other devices will be auto-detected and available at the first system startup. Home users will immediately feel comfortable with PC-BSD's desktop interface, with KDE 3.5 running under the hood. Software installation has also been designed to be as painless as possible, simply double-click and software will be installed.

Perl version 5.8.8 documentation.

perldoc.perl.org contains the core documentation for Perl version 5.8.8, in HTML and PDF formats. If you are new to the Perl language, good places to start reading are the introduction and overview at perlintro, and the extensive FAQ section, which provides answers to over 300 common questions.

FreeBSD 6.2 Server Deployment Guide.

This document will show the steps to take to deploy a FreeBSD server . This server will have the latest stable from the Apache 2.2 tree, PHP 5, MySQL 5.0, Sendmail with SMTP-AUTH, Webmail, Bind DNS, SNMP, synchronized local time, and Webmin. I have also included steps to take to build a network graphing solution with Rrdtool/Cacti, and this part can be considered optional

WWWsmith: Installation and Configuration of FreeBSD.

Here's how to set up a web server using another freely available operating system, FreeBSD, a high performance, mature, UNIX-like system. FreeBSD is a popular (and free) Unix-like operating system, available from the Internet and on CD-ROM (chiefly from Walnut Creek CD-ROM). In this respect, it shares much with Linux, which is admittedly more popular and better documented. read more.

CUPS (Common UNIX Printing System) - installation and configuration. -- by Gerard Samuel

Well I am no article writer, but I decided to write down the steps I took to setup up a usb printer (HP DeskJet 640C) to a FreeBSD Server, and to be able to print from another FreeBSD workstation running KDE or Windows 2k/XP workstation from within my LAN. At first I tried an apsfilter/LPRng combo, but couldn't get past the test page. So I turned to CUPS. Their online manual, seemed pretty complete, so if you run into any problems, check out the manual first. I am going to assume Samba is installed and working. read more

How System Calls Work on Linux/i86.

This section covers first the mechanisms provided by the 386 for handling system calls, and then shows how Linux uses those mechanisms. This is not a reference to the individual system calls: There are very many of them, new ones are added occasionally, and they are documented in man pages that should be on your Linux system.

Virtual tunnel

VTun - or Virtual tunnel is the easiest way to create Virtual Tunnels over TCP/IP networks. It support various tunnel types and provides many useful features: Encryption , Compressio, Traffic shaping read more

Running a High-Performance Web Server for HPUX.

Install the latest cumulative ARPA Transport Patch. This will allow you to configure the size of the TCP connection lookup hash table. The default is 256 buckets and must be set to a power of two. This is accomplished with adb against the *disc* image of the kernel. The variable name is tcp_hash_size. read more.

Linux Networking.

This tutorial covers TCP/IP networking and system configuration basics. Linux can support multiple network devices. The device names are numbered and begin at zero and count upwards. For example, a computer running two ethernet cards will have two devices labeled /dev/eth0 and /dev/eth1. Linux network configuration, management, monitoring and system tools are covered in this tutorial.

Linux PCMCIA HOWTO.

This document describes how to install and use PCMCIA Card Services for Linux, and answers some frequently asked questions. The latest version of this document can always be found at http://pcmcia-cs.sourceforge.net .

Wireless Howto.

Wireless is a new technology in networking cards, with high speed rate (up to 11 Mbps). This document explains how to setup Wireless in Linux, compatibility problems, something about geographic requirements and more. Latest release of this document can be found at http://www.fatamorgana.com/bertolinux

Linux tip: Job scheduling with cron and at.

You need to run a job at midnight when system usage is low, or you need to run jobs daily or weekly, but you would rather be sleeping, or enjoying life in some other way. Other good reasons for scheduling jobs include letting routine tasks happen automatically, or ensuring tasks are handled the same way every time. This tip helps you use the cron and at capabilities to schedule jobs periodically or at a single future time.

Installing Samba on a Unix System.

you know what Samba can do for you and your users, it's time to get your own network set up. Let's start with the installation of Samba itself on a Unix system. When dancing the samba, one learns by taking small steps. It's just the same when installing Samba; we need to teach it step by step. This chapter will help you to start off on the right foot. read more

Anatomy of the Linux networking stack.

One of the greatest features of the Linux® operating system is its networking stack. It was initially a derivative of the BSD stack and is well organized with a clean set of interfaces. Its interfaces range from the protocol agnostics, such as the common sockets layer interface or the device layer, to the specific interfaces of the individual networking protocols. This article explores the structure of the Linux networking stack from the perspective of its layers and also examines some of its major structures.

Emacs editing environment, Part 4: Options, registers, and bookmarks.

Take charge of your editing session within Emacs and use it to your advantage. This tutorial is the fourth in a series, and shows you three areas of Emacs that control some aspect of the editing session: various command-line options, the register, and bookmark facilities for setting and saving positions and data. Knowing how and when to use these features, and what tricks are possible with them, are important topics in power editing

Review: OpenBSD 3.5.

The OpenBSD Project released OpenBSD 3.5 exactly on schedule on May 1, adding support for new functions and devices in the kernel and updating the base system. While it may not be the most versatile operating system in the world, OpenBSD shines when it comes to security, providing a default installation that doesn't have to be locked down and partially disabled before using it. read more

Optimizing AIX 5L performance: Tuning disk performance, Part 1.

Learn more about direct I/O, concurrent I/O, asynchronous I/O, and best practices for each method of I/O implementation. This three-part series on the AIX® disk and I/O subsystem focuses on the challenges of optimizing disk I/O performance. While disk tuning is arguably less exciting than CPU or memory tuning, it is a crucial component in optimizing server performance. In fact, partly because disk I/O is your weakest subsystem link, you can do more to improve disk I/O performance than on any other subsystem, read more

FreeBSD Setting up Firewall using IPFW

Ipfirewall (ipfw) is a FreeBSD IP packet filter and traffic accounting facility. IPFW is included in the basic FreeBSD install as a separate run time loadable module. The system will dynamically load the kernel module when the rc.conf statement firewall_enable=”YES” is used. read more

The Third International Conference on Open Source Systems.

Over the past decade, the Open Source Software (OSS) phenomenon has had a global impact on the way organisations and individuals create, distribute, acquire and use software and software-based services. OSS has challenged the conventional wisdom of the software engineering and software business communities, has been instrumental for educators and researchers ... read more

Testing and measuring the TAMS 3011, Part 6: Booting NetBSD on new hardware, the saga begins.

Porting an operating system to new hardware can be a fairly easy process, or a fairly difficult one, depending on the issues you encounter. Peter Seebach walks you through his experience getting NetBSD running on a new board using existing hardware. Although we'd all like it to be otherwise, the process of porting an operating system to new hardware is hardly an instantaneous one, and it is not always easy. You might run into a number of potential difficulties, especially if you are coming to the problem for the first time. This article , and likely the next couple in the Testing and measuring the TAMS 3011 series, details my experience porting NetBSD to the TAMS 3011. These articles are not about the finished port, but about the process of developing it. I can only hope you find the hilarious errors as funny as I found them frustrating at the time.

A quick partition primer.

I just finished installing OpenSUSE 10.2 on my laptop. While the process went without a hitch (image gallery of the install with instructions and potential stumbling blocks to follow later today) and SUSE even recognized my wireless cards immediately, I realized that a basic understanding of disk partitions would be helpful, whether you live in L’Unix-land or Windows World. So here goes (experienced partitioners need not read any further unless you’d like some training materials for other users). read more

Server Monitoring With munin And monit On Debian Etch.

In this article I will describe how you can monitor your Debian Etch server with munin and monit. munin produces nifty little graphics about nearly every aspect of your server (load average, memory usage, CPU usage, MySQL throughput, eth0 traffic, etc.) without much configuration, whereas monit checks the availability of services like Apache, MySQL, Postfix and takes the appropriate action such as a restart if it finds a service is not behaving as expected. The combination of the two gives you full monitoring: graphics that let you recognize current or upcoming problems (like "We need a bigger server soon, our load average is increasing rapidly."), and a watchdog that ensures the availability of the monitored services.

Anatomy of the Linux networking stack.

One of the greatest features of the Linux® operating system is its networking stack. It was initially a derivative of the BSD stack and is well organized with a clean set of interfaces. Its interfaces range from the protocol agnostics, such as the common sockets layer interface or the device layer, to the specific interfaces of the individual networking protocols. This article explores the structure of the Linux networking stack from the perspective of its layers and also examines some of its major structures.

Speaking UNIX: Ramble around the UNIX file system

Many directories in the UNIX® file system serve a special purpose, and certain directories are named per long-standing convention. In this installment of the "Speaking UNIX" series, discover where UNIX stores important files. I just purchased a Global Positioning System (GPS) navigation device and, after only a handful of uses, I'm hooked. Getting from Point A to Point B is now a snap. No more MapQuest. No more guessing which way is east. No more pit stops in the sticks to ask for clarifications. I simply jump in my car, specify my destination, and follow the voice prompts. Why, the GPS makes me look like a local, giving new meaning to the Buckaroo Banzai maxim, "Wherever you go, there you are." read more

Four ways to hide information inside image and sound objects.

Ever find yourself with too many passwords to remember and no idea where to keep them so that only you can find the password list? Creating a password.txt file in your root directory is out of the question, as is a password-protected OpenOffice.org file. A piece of paper hidden somewhere is not a good idea, because after you forget where did you put it, someone else will find it and abuse it. Instead of these approaches, consider using steganography, a method for hiding sensitive information inside some other object, typically a JPEG picture or a sound file, read more

Red Hat Linux awarded top government security rating.

June 15, 2007 (IDG News Service) -- Red Hat Linux has received a new level of security certification, one that should make the software more appealing to some government agencies. Last week IBM Corp. was able to achieve EAL4 Augmented with ALC_FLR.3 certification for Red Hat Enterprise Linux, putting it on a par with Sun Microsystems Inc.'s Trusted Solaris operating system, said Dan Frye, vice president of open systems with IBM , read more

VectorLinux SOHO: A better Slackware than Slackware.

VectorLinux has been one of my favorite projects since my first test of the distribution almost 18 months ago. I like VectorLinux because its roots are firmly planted in the stability and simplicity of Slackware, yet it comes with an extensive software base and lots of out-of-the-box great looks; in other words, a rock solid foundation with eye candy and useful functionality. While standard VectorLinux comes with the Xfce desktop environment and a variety of general-purpose applications, VectorLinux 5.8 SOHO offers the KDE desktop and a host of applications for small and home office users. read more.

Develop with Java and PHP technology on AIX Version 5.3, Part 2: Building the Java business application.

It is possible to develop applications that employ both Java™ and PHP technology. You can use Java technology for the core logic (or redeploy an existing Java-based application), while gaining the benefits of PHP as a Web-based interface platform. In this tutorial , the second part of a six-part series, create a simple Java business application and then deploy it as a servlet on the Apache Tomcat application server on a System p™ system with the IBM AIX® Version 5.3 operating system.

A different flavor of BSD -- 24-hour test drive: PC-BSD.

PC-BSD is not a Linux distribution, but rather it could be considered among the first major FreeBSD-based distributions to live outside of the official FreeBSD. Like most distributions, it has implemented certain features in a way that attempts to distinguish it from the competition, and I will focus mostly on these differences. This test drive is intended to give an overview of what PC-BSD is and why one would consider using it.

Working on UNIX through your laptop.

I use cygwin to open up terminals from my Windows laptop to my IBM p270 workstation (running AIX 5.1 ML3) when I want to stay in the same windowing environment for both. The following procedure will work on any flavor of Unix that uses terminfo terminal descriptions. read more

Hone your regexp pattern-building skills, Handy regular expressions for system administration

Add to your bag of tricks several handy techniques for crafting real-world regular expressions (regexps). Building regexps is a part of the daily life of any administrator. Learning to think in terms of pattern matching, in order to construct successful regexps that return the desired criteria, is a skill that takes both time and practice. more

Linux tip: Bash parameters and parameter expansions.

Do you sometimes wonder how to use parameters with your scripts, and how to pass them to internal functions or other scripts? Do you need to do simple validity tests on parameters or options, or perform simple extraction and replacement operations on the parameter strings? This tip helps you with parameter use and the various parameter expansions available in the bash shell.

Port your code around the world with m17n.

To make Linux® applications usable worldwide, with no inequity between Western dialects and the rest of the world's many languages, you must be able to deliver localized versions that input, store, retrieve, and render any language, no matter how complex. The multilingualization library, or m17n, provides a single internationalization solution for all languages on UNIX®-like platforms. read more

Second Life client, Part 1: Hacking Second Life.

The open source release of the Second Life viewer program by developer Linden Lab offers a rare opportunity to peer into the comparative strengths of closed and open source development models. This article , the first in a series, gives an overview of some of the differences between these development styles, and talks about what's involved in setting up your own build environment.

Virtual Linux.

Virtualization means many things to many people. A big focus of virtualization currently is server virtualization, or the hosting of multiple independent operating systems on a single host computer. This article explores the ideas behind virtualization and then discusses some of the many ways to implement virtualization. We also look at some of the other virtualization technologies out there, such as operating system virtualization on Linux. To virtualize means to take something of one form and make it appear to be another form. Virtualizing a computer means to make it appear to be multiple computers or a different computer entirely. Virtualization also can mean making many computers appear to be a single computer. This is more commonly called server aggregation or grid computing. Let's begin with the origins of virtualization. read more

Anatomy of the Linux kernel.

The Linux® kernel is the core of a large and complex operating system, and while it's huge, it is well organized in terms of subsystems and layers. In this article, you explore the general structure of the Linux kernel and get to know its major subsystems and core interfaces. Where possible, you get links to other IBM articles to help you dig deeper. Given that the goal of this article is to introduce you to the Linux kernel and explore its architecture and major components, let's start with a short tour of Linux kernel history, then look at the Linux kernel architecture from 30,000 feet, and, finally, examine its major subsystems. The Linux kernel is over six million lines of code, so this introduction is not exhaustive. Use the pointers to more content to dig in further

Open BIOSes for Linux.

On many systems, a large portion of boot time goes into providing legacy support for MS-DOS. Various projects, including LinuxBIOS and Open Firmware, are trying to replace the proprietary BIOS systems with streamlined pieces of code able to do only what is necessary to get a Linux® kernel loaded and running. This article gives a brief overview of the field.

Industrial-strength Linux lockdown, Part 1: Removing the shell.

For technical and non-technical users alike, maintaining a large installed base of Linux machines can be a harrowing experience for an administrator. Technical users take advantage of Linux®'s extreme configurability to change everything to their liking, while non-technical users running amok within their own file systems. This tutorial is the first in a two-part series that shows you how and why to lock those machines down to streamline the associated support and administration processes. In this tutorial, you learn how to remove the interpreters from the installation base system.

The Perfect Server - CentOS 4.5 (32-bit).

This tutorial shows how to set up a CentOS 4.5 server that offers all services needed by ISPs and web hosters: Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and TLS, BIND DNS server, Proftpd FTP server, MySQL server, Dovecot POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the 32-bit version of CentOS 4.5, but should apply to the 64-bit version with very little modifications as well.

Writing AIX kernel extensions.

Learn how to use the AIX kernel to build routines to extend functions and create your own system calls, kernel processes, or file systems. The rapid improvements in Power architecture, combined with the enhancements of AIX® Version 5.3, have caused more interest than ever in AIX. This article shows you, with extensive examples, how to tap into the power of kernel extensions on AIX. more

How-To: Recover root password under linux with single user mode.

It happens sometime that you can't remember root password. On Linux, recovering root password can be done by booting Linux under a specific mode: single user mode. This tutorial will show how to boot Linux in single user mode when using GRUB and finally how to change root password. During normal usage, a Linux OS runs under runlevels between 2 and 5 which corresponds to various multi-user modes. Booting Linux under runlevel 1 will allow one to enter into a specific mode, single user mode. Under such a level, you directly get a root prompt. From there, changing root password is a piece of cake. read more

How-To set up a LDAP server and its clients.

LDAP (Lightweight Directory Access Protocol) allows central user, group, domain..... authentication, information storage ... Using LDAP in a local network, you can allow your users to login and authenticate from anywhere on your network. This tutorial will be split in 2 parts. In the first part, I will explain how-to install, configure the LDAP server, add a few users and group, in the second part, we will set up Linux client to authenticate through LDAP if the user does not exist on the local filesystem.

Six ways to write more comprehensible code.

As a developer, time is your most valuable resource. These six tips on how to write maintainable code are guaranteed to save you time and frustration: one minute spent writing comments can save you an hour of anguish. I learned to write, clear, maintainable code the hard way. For the last twelve years, I've made my living writing computer games and selling them over the Net using the marketing technique that was once charmingly known as shareware. What this means is that I start with a blank screen, start coding, and, a few tens of thousands of lines of code later, I have something to sell. readmore

Take a closer look at OpenBSD.

OpenBSD is quite possibly the most secure operating system on the planet. Every step of the development process focuses on building a secure, open, and free platform. UNIX® and Linux® administrators take note: Without realizing it, you probably use tools ported from OpenBSD every day. Maybe it's time to give the whole operating system a closer look. read more

Deploying OpenSSH on AIX.

Learn how to improve the security and integrity of your AIX® servers using network services provided by the OpenSSH implementation of the Secure Shell protocol. This tutorial is designed for administrators of IBM RS/6000 systems who wish to improve the security and integrity of their servers running AIX by replacing standard insecure network services with those provided by the OpenSSH implementation of the Secure Shell protocol. Neither general network security, nor the use of the SSH client software is discussed in-depth in this tutorial. The primary focus of this tutorial is to detail the necessary components, steps, and configuration required to compile OpenSSH and its prerequisites from source to deploy across AIX systems.

Backing up MySQL data.

Backing up files and directories is relatively easy; databases, however, have some special quirks that you need to address. Our examples use MySQL, but the same principles apply to PostgreSQL and other relational databases. This article is excerpted from O'Reilly's recently published book Linux System Administration .

Industrial-strength Linux lockdown - Removing the shell

For technical and non-technical users alike, maintaining a large installed base of Linux machines can be a harrowing experience for an administrator. Technical users take advantage of Linux®'s extreme configurability to change everything to their liking, while non-technical users running amok within their own file systems. This tutorial is the first in a two-part series that shows you how and why to lock those machines down to streamline the associated support and administration processes. In this tutorial , you learn how to remove the interpreters from the installation base system.

PERL --

This web document is a re-organized version of the "perl.1" man page for PERL version 4. (I will not be producing a revised version for Perl5. However, someone else's hypertexted Perl5 manual may be found at many sites, including perl.com )read more

Discover the Linux Kernel Virtual Machine.

Linux® and flexibility go hand in hand, and the options for virtualization are no different. But recently, a change in the Linux virtualization landscape has appeared with the introduction of the Kernel virtual Machine, or KVM. KVM is the first virtualization solution to be part of the mainline Linux kernel (V2.6.20). KVM supports the virtualization of Linux guest operating systems -- even Windows® with hardware that is virtualization-aware. Learn about the architecture of the Linux KVM as well as why its tight integration with the kernel may change the way you use Linux. more

( MULTIPLE IPs - DMZ segments) - I have several EXTERNAL IP addresses that I want to PORTFW to several internal machines. How do I do this?

Though technically possible, DON'T do this with IP MASQ. There are far better solutions for this network design. MASQ is a 1:Many NAT setup which is the incorrect tool to perform what you are looking for. You are looking for is either Many:Many NAT solution or a Briding setup. read more

System Administration Toolkit: Monitoring disk space and usage.

Look at methods for determining disk usage across multiple UNIX® systems and how to create a simple warning system to alert you of potential problems. Keeping an eye on your file systems and ensuring they don't fill up is a trivial, but vital process in the day-to-day management of your UNIX systems. In this article , you'll look at methods for keeping an eye on disk space, discovering which files, users, or applications are using up the most space, and how to make use of quotas and other solutions to find the information you need.

New GCC 4.2.0 -- boon to developers, bore to distros

Earlier this week, the GNU project announced a major release of the popular GNU Compiler Collection. GCC 4.2.0 introduces new features and several improvements for developers, but most of the distribution developers we spoke with aren't rushing to take advantage of the new release. GCC began life as a C compiler, but it now has compilers for C, C++, Objective-C, Objective-C++, Java, Fortran, and Ada. GCC is most popular for compiling the Linux kernel and has been ported to more than 60 platforms. read more

Learn 10 good UNIX usage habits.

Adopt 10 good habits that improve your UNIX® command line efficiency -- and break away from bad usage patterns in the process. This article takes you step-by-step through several good, but too often neglected, techniques for command-line operations. Learn about common errors and how to overcome them, so you can learn exactly why these UNIX habits are worth picking up. read more