Linux in Action

The Linux operating system powers millions of web servers, data centers, and application platforms worldwide. Whether you're pushing applications to a cloud system like AWS, building a twitter bot on a Raspberry Pi, or rescuing files from a crashed laptop, Linux is required knowledge. The good news is that the same Linux command set will work for you no matter where you're using it. The better news is that Linux skills have staying power, so what you learn about Linux now will probably still work in a decade or two. Bottom line? If you're a developer, administrator, or just a weekend hacker, you need to know your way around the Linux command line. Let's get started!

"It's the best book for anyone that likes to learn more Linux and manage it."

~ Mohsen Mostafa Jokar

"Learning any computer-related skill is always a matter of the chicken or the egg. Clinton takes a gentle approach to introducing you to the Linux 'chicken' by showing you how the egg is assembled."

~ Tim Kane

"Clinton's book is exceptionally clear, organized and concise."

~ Jonás Medina de los Reyes

1. Welcome to Linux

1.1. What makes Linux different from other operating systems

1.2. Basic survival skills

1.2.1. The Linux file system

1.2.2. Getting around: Linux navigation tools

1.2.3. Getting things done: Linux file management tools

1.2.4. Keyboard tricks

1.2.5. Pseudo File Systems

1.2.6. Showing 'em who’s boss: sudo

1.3. Getting help

1.3.1. Man

1.3.2. Info

1.3.3. The Internet

1.4. Summary

1.5. Definitions

1.6. Security best practices

1.7. Command line review

1.8. Test yourself

1.8.1. Answer Key:

2. Linux virtualization - building a safe and simple Linux working environment

2.1. What is virtualization?

2.1.1. How virtualization works

2.2. Working with VirtualBox

2.2.1. Working with Linux package managers

2.2.2. Defining a virtual machine

2.2.3. Installing an Operating System

2.2.4. Cloning and sharing a VirtualBox VM

2.3. Working with LXC

2.3.1. Getting started with LXC

2.4. Summary

2.5. Definitions

2.6. Security best practices

2.7. Command line review

2.8. Test yourself

2.8.1. Answer Key:

3. Remote connectivity - safely access networked machines

3.1. The importance of encryption

3.2. Getting started with OpenSSH

3.2.1. The OpenSSH package

3.3. Logging into a remote server with SSH

3.4. Password-free SSH access

3.4.1. Generating a new key pair

3.4.2. Copying the public key over a network

3.4.3. Working with multiple encryption keys

3.5. Safely copying files with scp

3.6. Using remote graphic programs over SSH connections

3.6.1. Linux process management

3.6.2. Viewing processes with the ps command

3.6.3. Working with systemd

3.7. Summary

3.8. Definitions

3.9. Security best practices

3.10. Command line review

3.11. Test yourself

3.11.1. Answer Key:

4. Archive management: backup or copy entire filesystems

4.1. Why archive?

4.1.1. Compression

4.1.2. Archives: some important considerations

4.2. What to archive

4.2.1. Identifying partitions on a Linux file system

4.3. Where to back up

4.4. Archiving files and file systems using tar

4.4.1. Simple archive and compression examples

4.4.2. Streaming file system archives

4.4.3. Aggregating files

4.4.4. Preserving permissions and ownership—and extracting archives

4.5. Archiving partitions with dd

4.5.1. dd operations

4.5.2. Wiping disks with dd

4.6. Synchronizing archives with rsync

4.7. Planning considerations

4.7.1. Incremental or differential backups?

4.8. Summary

4.9. Definitions

4.10. Security best practices

4.11. Command line review

4.12. Test yourself

4.12.1. Answer Key:

5. Automated administration: configuring automated offsite backups

5.1. Scripting with Bash

5.1.1. A sample script

5.2. Back up data to AWS S3

5.2.1. Install the AWS command line interface (CLI)

5.3. Schedule regular backups with cron

5.4. Schedule irregular backups with anacron

5.4.1. Running the S3 sync job

5.5. Schedule regular backups with systemd timers

5.6. Summary:

5.7. Definitions

5.8. Security best practices

5.9. Command line review

5.10. Test yourself

5.10.1. Answer Key:

6. Emergency tools: build a system recovery device

6.1. Working in recovery/rescue mode

6.1.1. The GRUB bootloader

6.1.2. Using recovery mode on Ubuntu

6.1.3. Using rescue mode on CentOS

6.1.4. Finding command line rescue tools

6.2. Building a live-boot recovery drive

6.2.1. System rescue images

6.2.2. Writing live-boot images to USB drives

6.3. Putting your live-boot drive to work

6.3.1. Test system memory

6.3.2. Damaged partitions

6.3.3. Recovering files from a damaged file system

6.4. Chroot: mounting a file system as a process

6.5. Summary

6.6. Definitions

6.7. Security best practices

6.8. Command line review

6.9. Test yourself

6.9.1. Answer Key:

7. Web servers - build a MediaWiki server

7.1. Building a LAMP server?

7.2. Setting up an Apache web server

7.2.1. Installing the Apache web server on Ubuntu

7.2.2. Installing the Apache web server (httpd) on CentOS

7.2.3. Understanding network ports

7.2.4. Controlling network traffic

7.2.5. Populating your website document root

7.3. Installing an SQL database

7.3.1. SQL administration

7.4. Installing PHP

7.4.1. Installing PHP on Ubuntu

7.4.2. Installing PHP on CentOS

7.5. Installing and configuring MediaWiki

7.5.1. Troubleshooting missing extensions

7.5.2. Connecting MediaWiki to the database

7.6. Summary

7.7. Key terms

7.8. Security best practices

7.9. Command line review

7.10. Test yourself

7.10.1. Answer Key:

8. Networked file sharing - build a Nextcloud file sharing server

8.1. Enterprise file sharing and Nextcloud

8.2. Installing Nextcloud using snaps

8.3. Installing Nextcloud manually

8.3.1. Hardware prerequisites

8.3.2. Building a LAMP server

8.3.3. Apache configuration

8.3.4. Downloading and unpacking Nextcloud

8.4. Administrating Nextcloud

8.5. Using AWS S3 as primary Nextcloud storage

8.5.1. Connect Nextcloud to an S3 bucket

8.6. Summary

8.7. Key terms

8.8. Security best practices

8.9. Command line review

8.10. Test yourself

8.10.1. Answer Key:

9. Securing your web server

9.1. The obvious stuff

9.2. Controlling network access

9.2.1. Configuring a firewall

9.2.2. Using non-standard ports

9.3. Encrypting data in transit

9.3.1. Preparing your website domain

9.3.2. Generating certificates using Let’s Encrypt

9.4. Hardening the authentication process

9.4.1. Controlling file system objects with SELinux

9.4.2. Installing and activating SELinux

9.4.3. Applying SELinux policies

9.4.4. System groups and the principle of least privilege

9.4.5. Isolating processes within containers

9.4.6. Scanning for dangerous user ID values

9.5. Auditing system resources

9.5.1. Scanning for open ports

9.5.2. Scanning for active services

9.5.3. Searching for installed software

9.6. Summary

9.7. Key terms

9.8. Command line review

9.9. Test yourself

9.9.1. Answer Key:

10. Securing your network connections - create a VPN or DMZ

10.1. Building an OpenVPN tunnel

10.1.1. Configuring an OpenVPN server

10.1.2. Configuring an OpenVPN client

10.1.3. Testing your VPN

10.2. Building intrusion-resistant networks

10.2.1. Demilitarized zones (DMZs)

10.2.2. Resistant networks: design considerations

10.2.3. Using iptables

10.2.4. Create a DMZ using Shorewall

10.3. Building a virtual network for infrastructure testing

10.4. Summary:

10.5. Key terms

10.6. Command line review

10.7. Test yourself

10.7.1. Answer Key:

11. System monitoring - working with log files

11.1. Working with system logs

11.1.1. Logging with journald

11.1.2. Logging with syslogd

11.2. Managing log files

11.2.1. The journald way

11.2.2. The syslogd way

11.3. Consuming large files

11.3.1. grep

11.3.2. awk

11.3.3. sed

11.4. Intrusion detection

11.4.1. Set up a mail server

11.4.2. Installing Tripwire

11.4.3. Configuring Tripwire

11.4.4. Generate a test Tripwire report

11.5. Summary:

11.6. Key terms

11.7. Security best practices

11.8. Command line review

11.9. Test yourself

11.9.1. Answer Key:

12. Sharing data over a private network

12.1. Sharing files through the Network File System (NFS)

12.1.1. Setting up the NFS server

12.1.2. Setting up the client

12.1.3. Mounting an NFS share at boot time

12.1.4. NFS security

12.2. Samba: sharing files with Windows users

12.2.1. Testing your Samba configuration

12.2.2. Accessing a Samba server from Windows

12.3. Symbolic links: sharing files with yourself

12.3.1. Symbolic vs. hard links

12.4. Summary:

12.5. Key terms

12.6. Security best practices

12.7. Command line review

12.8. Test yourself

12.8.1. Answer Key:

13. Troubleshooting system performance issues

13.1. CPU load problems

13.1.1. Measuring CPU load

13.1.2. Managing CPU loads

13.1.3. Making trouble (simulating CPU load)

13.2. Memory problems

13.2.1. Assessing memory status

13.3. Storage availability problems

13.3.1. Inode limits

13.4. Network load problems

13.4.1. Measuring bandwidth

13.4.2. Solutions

13.4.3. Shaping network traffic with tc

13.5. Monitoring tools

13.5.1. Aggregating monitoring data

13.6. Summary:

13.7. Key terms

13.8. Security best practices

13.9. Command line review

13.10. Test yourself

13.10.1. Answer Key:

14. Troubleshooting network issues

14.1. Understanding TCP/IP addressing

14.1.1. NAT addressing

14.2. Establishing network connectivity

14.3. Troubleshooting outbound connectivity

14.3.1. Tracking down the status of your network

14.3.2. Assigning IP addresses

14.3.3. Configuring DNS service

14.3.4. Plumbing

14.4. Troubleshooting inbound connectivity

14.4.1. netstat: internal connection scanning

14.4.2. netcat: external connection scanning

14.5. Summary

14.6. Key terms

14.7. Security best practices

14.8. Command line review

14.9. Test yourself

14.9.1. Answer Key:

15. Troubleshooting peripheral devices

15.1. Identifying attached devices

15.2. Managing peripherals with Linux kernel modules

15.2.1. Finding kernel modules

15.2.2. Manually loading kernel modules

15.3. Manually managing kernel parameters at boot time

15.3.1. Passing parameters at boot time

15.3.2. Passing parameters via the file system

15.4. Managing printers

15.4.1. Basics of lp

15.4.2. Managing printers using CUPS

15.5. Summary:

15.6. Key terms

15.7. Security best practices

15.8. Command line review

15.9. Test yourself

15.9.1. Answer Key:

16. DevOps tools — deploy a scripted server environment using Ansible

16.1. What can deployment orchestrators do for you

16.2. Ansible: installation and setup

16.2.1. Organize Ansible hosts

16.2.2. Test connectivity

16.3. Authentication

16.3.1. Administrating remote hosts using permissions

16.4. Ansible playbooks

16.4.1. Write a simple playbook

16.4.2. Multi-tiered, roles-powered playbooks

16.4.3. Managing passwords in Ansible

16.5. Summary:

16.6. Key Terms

16.7. Security best practices

16.8. Command line review

16.9. Test yourself

16.9.1. Answer Key:

About the book

Linux in Action is a task-based tutorial that will give you the skills and deep understanding you'll need to administer a Linux-based system. This hands-on book guides you through real-world projects so you can practice as you learn. You'll learn critical techniques like virtualization, disaster recovery, infrastructure security, data backup, web servers, DevOps, and system troubleshooting. Plus, each chapter ends with a command-line review, list of security best practices, unfamiliar terms & definitions, and exercises to bring home the key takeaways!

What's inside

Setting up a Linux environment suitable for safely experimenting with modern technologies
Managing secure remote connectivity
Securing a web server
Building a system recovery device
Securely sharing files within a local network and across the internet
Creating a VPN to safely connect to a server
Troubleshooting network and system performance issues
Making automated and reliable backup solutions

About the reader

Readers should be comfortable working with the files, networks, and basic resources of a modern operating system.

About the author

David Clinton is a Linux Server Professional with a long history of teaching IT subjects. He is the author of the Practical LPIC-1 Linux Certification Study Guide and Manning's popular Learn Amazon Web Services in a Month of Lunches.

Manning Early Access Program (MEAP) Read chapters as they are written, get the finished eBook as soon as it’s ready, and receive the pBook long before it's in bookstores.

all chapters available

buy

MEAP combo $39.99 pBook + eBook + liveBook

MEAP eBook $31.99 pdf + ePub + kindle + liveBook

FREE domestic shipping on three or more pBooks

Free Downloads

Chapter 1

Links

Book Forum

Slideshare: A Fresh Approach to Learning Linux

Article: Would you hire a junior Linux admin with these skills?

Article: The Ubuntu Recovery Menu: demystifying Linux system recovery

Article: A brief overview and history of systemd -- the Linux process manager

Would you hire a junior Linux admin with these skills: Part 2

Article: AWS S3-based enterprise network file sharing using Nextcloud

Article: Securing your Linux web server

Article: Chroot: the magical healing powers of the original Linux virtualization tool

Article: Tips for top: Monitoring CPU load on Linux