Absolute FreeBSD, 2nd Edition

Book description

FreeBSD—the powerful, flexible, and free Unix-like operatingsystem—is the preferred server for many enterprises. But it can beeven trickier to use than either Unix or Linux, and harder still tomaster.

Absolute FreeBSD, 2nd Edition is your complete guide toFreeBSD, written by FreeBSD committer Michael W. Lucas. Lucasconsiders this completely revised and rewritten second edition ofhis landmark work to be his best work ever; a true product of hislove for FreeBSD and the support of the FreeBSD community.Absolute FreeBSD, 2nd Edition covers installation,networking, security, network services, system performance, kerneltweaking, filesystems, SMP, upgrading, crash debugging, and muchmore, including coverage of how to:

  • Use advanced security features like packet filtering, virtualmachines, and host-based intrusion detection

  • Build custom live FreeBSD CDs and bootable flash

  • Manage network services and filesystems

  • Use DNS and set up email, IMAP, web, and FTP services for bothservers and clients

  • Monitor your system with performance-testing andtroubleshooting tools

  • Run diskless systems

  • Manage schedulers, remap shared libraries, and optimize yoursystem for your hardware and your workload

  • Build custom network appliances with embedded FreeBSD

  • Implement redundant disks, even without special hardware

  • Integrate FreeBSD-specific SNMP into your network managementsystem.

Whether you're just getting started with FreeBSD or you've beenusing it for years, you'll find this book to be the definitiveguide to FreeBSD that you've been waiting for.

Table of contents

  1. Absolute FreeBSD, 2nd Edition
  2. FOREWORD
  3. ACKNOWLEDGMENTS
  4. INTRODUCTION
    1. What Is FreeBSD?
      1. BSD: FreeBSD’s Granddaddy
      2. The BSD License
      3. The AT&T/CSRG/BSDi Iron Cage Match
      4. The Birth of FreeBSD
    2. FreeBSD Development
      1. Committers
      2. Contributors
      3. Users
    3. Other BSDs
      1. NetBSD
      2. OpenBSD
      3. Mac OS X
      4. FreeBSD’s Children
    4. Other Unixes
      1. Solaris/OpenSolaris
      2. AIX
      3. Linux
      4. IRIX, HP/UX, and So On
    5. FreeBSD’s Strengths
      1. Portability
      2. Power
      3. Simplified Software Management
      4. Optimized Upgrade Process
      5. Advanced Filesystem
    6. Who Should Use FreeBSD?
    7. Who Should Run Another BSD?
    8. Who Should Run a Proprietary Operating System?
    9. How to Read This Book
    10. What Must You Know?
    11. For the New System Administrator
      1. Desktop FreeBSD
      2. How to Think About Unix
        1. Channels of Communication
        2. Small Programs, Channels, and the Command Line
      3. Everything Is a File
    12. Notes on the Second Edition
    13. Contents of This Book
  5. 1. GETTING MORE HELP
    1. Why Not Just Email for Help?
      1. The FreeBSD Attitude
      2. Support Options
    2. Man Pages
      1. Manual Sections
      2. Navigating Man Pages
      3. Finding Man Pages
      4. Section Numbers and Man
      5. Man Page Contents
    3. FreeBSD.org
      1. Web Documents
      2. The Mailing List Archives
    4. Other Websites
    5. Using FreeBSD Problem-Solving Resources
      1. Checking the Handbook/FAQ
      2. Checking the Man Pages
      3. Checking the Mailing List Archives
      4. Using Your Answer
    6. Emailing for Help
      1. Writing Your Email
      2. Sending Your Email
      3. Responding to Email
      4. Email Is Forever
  6. 2. INSTALLING FREEBSD
    1. FreeBSD Hardware
      1. Sample Hardware
      2. Proprietary Hardware
      3. What We Won’t Cover
      4. Hardware Requirements
        1. Processor
        2. Memory
        3. Hard Drives
    2. Preinstall Decisions
      1. Partitioning
        1. / (root)
        2. Swap Space
        3. /tmp
        4. /var
        5. /usr
        6. Other Partitions
      2. Multiple Hard Drives
      3. Partition Block Size
      4. Choosing Your Distribution(s)
        1. Games?
    3. The FreeBSD FTP Site
      1. FTP Server Content
    4. The Install Process
      1. Choosing Boot Media
      2. Choosing Installation Media
    5. Preparing Boot Floppies
    6. Preparing Boot CDs
    7. FTP Media Setup
    8. Actually Installing FreeBSD
      1. Configuring the Network
      2. Miscellaneous Network Services
      3. Time Zone
      4. Linux Mode
      5. PS/2 Mouse
      6. Adding Packages
      7. Adding Users
      8. Root Password
      9. Post-Installation Setup
    9. Restart!
  7. 3. START ME UP! THE BOOT PROCESS
    1. Power-On and the Loader
    2. Single-User Mode
      1. Disks in Single-User Mode
      2. Programs Available in Single-User Mode
      3. The Network in Single-User Mode
      4. Uses for Single-User Mode
    3. The Loader Prompt
    4. Default Files
    5. Loader Configuration
    6. Serial Consoles
      1. Hardware Serial Consoles
      2. Software Serial Consoles
      3. Serial Console Physical Setup
      4. Serial Console Use
      5. Serial Console Disconnection
    7. Startup Messages
    8. Multi-User Startup
      1. /etc/rc.conf and /etc/defaults/rc.conf
        1. Startup Options
        2. Filesystem Options
        3. Miscellaneous Network Daemons
        4. Network Options
        5. Network Routing Options
        6. Console Options
        7. Other Options
      2. The rc.d Startup System
      3. Shutdown
  8. 4. READ THIS BEFORE YOU BREAK SOMETHING ELSE!(BACKUP AND RECOVERY)
    1. System Backups
    2. Backup Tapes
      1. Tape Drive Device Nodes, Rewinding, and Ejecting
      2. The $TAPE Variable
      3. Tape Status with mt(1)
      4. Other Tape Drive Commands
      5. To Rewind or Not?
    3. Backup Programs
    4. tar
      1. tar Modes
        1. Create an Archive
        2. List Archive Contents
        3. Extract Files from Backup
        4. Verify Backups
      2. Other tar Features
        1. Use a File Instead of Tape
        2. Verbose
      3. gzip
        1. Compression
        2. bzip Compression
        3. Permissions Restore
        4. And More, More, More . . .
    5. dump
      1. User Control
      2. dump Levels
      3. dump, Tape Drives, and Files
      4. dump and Live Filesystems
      5. Timestamps and dump
      6. Running dump
      7. Throwing Data Overboard with nodump
    6. Restoring from a dump
      1. Checking the Contents of an Archive
      2. Restoring dump Data
        1. Restoring a File
        2. Restoring a Filesystem
        3. Interactive Restores
    7. Multiple Backups on One Tape
    8. Revision Control
      1. Initializing Revision Control
      2. Editing Files in RCS
      3. Checking Back In
      4. Viewing RCS Logs
      5. Reviewing a File’s Revision History
      6. Getting Older Versions
      7. Breaking Locks
        1. Multiple Check-ins
        2. RCS and ident Strings
    9. Recording What Happened
    10. The Fixit Disk
  9. 5. KERNEL GAMES
    1. What Is the Kernel?
    2. sysctl
      1. sysctl MIBs
      2. sysctl Values
      3. Viewing sysctls
      4. Changing sysctls
        1. Setting sysctls Automatically
        2. Boot-Time Tunable sysctls
        3. Dropping Hints on Device Drivers
    3. Kernel Modules
      1. Viewing Loaded Modules
      2. Loading and Unloading Modules?
      3. Loading Modules at Boot
    4. Build Your Own Kernel
      1. Preparations
      2. Buses and Attachments
      3. Back Up Your Working Kernel
      4. Configuration File Format
      5. Configuration Files
    5. Trimming a Kernel
      1. CPU Types
      2. Basic Options
      3. Multiple Processors
      4. Device Drivers
      5. Pseudodevices
      6. Removable Hardware
    6. Building a Kernel
      1. Troubleshooting Kernel Builds
      2. Booting an Alternate Kernel
    7. Inclusions, Exclusions, and Expanding the Kernel
      1. NOTES
      2. Inclusions and Exclusions
      3. How Kernel Options Fix Problems
    8. Sharing Kernels
    9. Testing Kernels Remotely
    10. Kernel Stuff You Should Know About
      1. ACPI
      2. PAE
      3. Symmetric Multiprocessing
      4. Lock Order Reversals
  10. 6. THE NETWORK
    1. Network Layers
      1. The Physical Layer
      2. Datalink: The Physical Protocol
      3. The Network Layer
      4. Heavy Lifting: The Transport Layer
      5. Applications
    2. The Network in Practice
    3. Getting Bits and Hexes
    4. Remedial TCP/IP
      1. IP Addresses and Netmasks
        1. Computing Netmasks in Decimal
        2. Unusable IP Addresses
        3. Assigning IP Addresses
      2. ICMP
      3. UDP
      4. TCP
      5. How Protocols Fit Together
      6. Transport Protocol Ports
        1. Reserved Ports
    5. Understanding Ethernet
      1. Protocol and Hardware
        1. Switch Failure
      2. Ethernet Speed and Duplex
      3. MAC Addresses
    6. Configuring Your Ethernet Connection
      1. ifconfig(8)
      2. Adding an IP to an Interface
      3. Testing Your Interface
      4. Set Default Route
      5. Multiple IP Addresses on One Interface
      6. Renaming Interfaces
      7. DHCP
      8. Reboot!
    7. Network Activity
      1. Current Network Activity
      2. What’s Listening on What Port?
      3. Port Listeners in Detail
      4. Network Capacity in the Kernel
    8. Optimizing Network Performance
      1. Optimizing Network Hardware
      2. Memory Usage
        1. Network Capacity Planning
      3. Maximum Incoming Connections
      4. Polling
      5. Changing Window Size
      6. Other Optimizations
    9. Network Adapter Teaming
      1. Aggregation Protocols
      2. Configuring lagg(4)
  11. 7. SECURING YOUR SYSTEM
    1. Who Is the Enemy?
      1. Script Kiddies
      2. Botnets
      3. Disaffected Users
      4. Motivated Skilled Attackers
    2. FreeBSD Security Announcements
    3. User Security
      1. Creating User Accounts
        1. Configuring Adduser: /etc/adduser.conf
      2. Editing Users: passwd(1), chpass(1), and Friends
        1. Changing a Password
        2. Changing Accounts with chpass(1)
        3. The Big Hammer: vipw(8)
        4. Removing a User
        5. Scripting with pw(8)
    4. Shells and /etc/shells
    5. root, Groups, and Management
      1. The root Password
      2. Groups of Users
        1. /etc/group
        2. Changing Group Memberships
        3. Creating Groups
      3. Using Groups to Avoid Root
        1. System Accounts
        2. Administrative Group Creation
        3. Interesting Default Groups
    6. Tweaking User Security
      1. Restricting Login Ability
        1. Hostnames
        2. Host Addresses and Networks
        3. LOCAL
        4. ALL and ALL EXCEPT
        5. Tie It All Together
      2. Restricting System Usage
        1. Class Definitions
        2. Resource Limits
        3. Current and Maximum Resource Limits
        4. Class Environment
        5. Password and Login Control
    7. File Flags
      1. Setting and Viewing File Flags
    8. Securelevels
      1. Securelevel Definitions
        1. Securelevel -1
        2. Securelevel 0
        3. Securelevel 1
        4. Securelevel 2
        5. Securelevel 3
      2. Which Securelevel Do You Need?
      3. What Won’t Securelevels and File Flags Accomplish?
      4. Living with Securelevels
    9. Network Targets
    10. Putting It All Together
  12. 8. DISKS AND FILESYSTEMS
    1. Disk Drives 101
    2. Device Nodes
      1. Hard Disks and Partitions
    3. The Filesystem Table: /etc/fstab
    4. What’s Mounted Now?
    5. Mounting and Unmounting Disks
      1. Mounting Standard Filesystems
      2. Mounting at Nonstandard Locations
      3. Unmounting a Partition
    6. How Full Is a Partition?
    7. The Fast File System
      1. Vnodes
      2. FFS Mount Types
        1. Read-Only Mounts
        2. Synchronous Mounts
        3. Asynchronous Mounts
        4. Noasync Mounts
      3. FFS Mount Options
        1. noatime
        2. noexec
        3. nosuid
        4. nosymfollow
      4. Soft Updates and Journaling with FFS
      5. Write Caching
      6. Snapshots
      7. Dirty Disks
        1. fsck(8)
        2. Failed Automatic fscks Runs
        3. Turning Off the fsck Prompt
        4. Avoiding fsck -y
        5. Background fsck
      8. Forcing Read-Write Mounts on Dirty Disks
      9. FFS Syncer at Shutdown
      10. Background fsck, fsck -y, Foreground fsck, Oy Vey!
    8. Using Foreign Filesystems
      1. Supported Foreign Filesystems
        1. FAT (MS-DOS)
        2. ISO 9660
        3. UDF
        4. NTFS
        5. ext2fs and ext3fs
        6. ReiserFS
        7. XFS
        8. ZFS
      2. Permissions and Foreign Filesystems
    9. Removable Media Filesystems
      1. Formatting FAT32 Media
        1. Low-Level Formatting
        2. Creating an FFS Filesystem
        3. Creating a FAT32 Filesystem
      2. Using Removable Media
      3. Ejecting Removable Media
      4. Removable Media and /etc/fstab
    10. Other FreeBSD Filesystems
      1. Memory Filesystems
        1. Memory Disk /tmp
        2. Memory Disk Types
        3. Creating and Mounting Memory Disks
        4. Memory Disk Headaches
        5. Memory Disk Shutdown
        6. Memory Disks and /etc/fstab
      2. Mounting Disk Images
      3. Filesystems in Files
        1. Creating an Empty Filesystem File
        2. Creating the Filesystem on the File
        3. File-Backed Filesystems and /etc/fstab
      4. Miscellaneous Filesystems
    11. Wiring Down Devices
    12. Adding New Hard Disks
      1. Creating Slices
      2. Creating Partitions
      3. Configuring /etc/fstab
      4. Installing Existing Files onto New Disks
      5. Stackable Mounts
    13. Network Filesystems
      1. Enabling the NFS Server
        1. Enabling the NFS Server
        2. Configuring NFS Exports
        3. Enabling the NFS Client
        4. NFS and Users
        5. Exporting Multiple Directories
        6. Restricting Clients
        7. Combinations of Clients and Exports
        8. NFS Performance and Options
    14. FreeBSD and CIFS
      1. Prerequisites
      2. Kernel Support
      3. Configuring CIFS
      4. nsmb.conf Keywords
        1. workgroup=string
        2. addr=a.b.c.d
        3. nbns=a.b.c.d
        4. password=string
      5. CIFS Name Resolution
      6. Other smbutil(1) Functions
      7. Mounting a Share
      8. Other mount_smbfs Options
      9. Sample nsmb.conf Entries
        1. Unique Password on a Standalone System
        2. Accessing a Second Domain
      10. CIFS File Ownership
    15. Serving CIFS Shares
    16. devfs
      1. devfs at Boot: devfs.conf
        1. devfs.conf
      2. Global devfs Rules
        1. devfs Ruleset Format
        2. Ruleset Content
      3. Dynamic Device Management with devd(8)
        1. devd Configuration
        2. devd(8) Example: Laptops
        3. Another devd Example: Flash Drives
  13. 9. Advanced Security Features
    1. Unprivileged Users
      1. The nobody Account
      2. A Sample Unprivileged User
    2. Network Traffic Control
    3. Default Accept vs. Default Deny
    4. TCP Wrappers
      1. Configuring Wrappers
        1. Daemon Name
        2. The Client List
        3. The ALL and ALL EXCEPT Keywords
        4. Options
        5. Logging
        6. Twisting
        7. Spawning
      2. Wrapping Up Wrappers
    5. Packet Filtering
      1. Enabling PF
      2. Default Accept and Default Deny in Packet Filtering
      3. Basic Packet Filtering and Stateful Inspection
      4. Configuring PF
        1. Macros
        2. Tables and Options
        3. Packet Normalization
        4. Bandwidth, Translation, and Redirection
        5. Traffic Filtering Rules
      5. Complete PF Rule Sample
      6. Activating PF Rules
    6. Public Key Encryption
      1. Configuring OpenSSL
      2. Certificates
        1. SSL Host Key
        2. Create a Certificate Request
        3. Get a Signed Certificate
        4. Sign a Certificate Yourself
      3. SSL Trick: Connecting to SSL-Protected Ports
    7. Jails
      1. Jail Host Server Setup
        1. syslogd
        2. inetd
        3. sshd
        4. NFS
      2. Jail and the Kernel
        1. security.jail.set_hostname_allowed
        2. security.jail.socket_unixiproute_only
        3. security.jail.sysvipc_allowed
        4. security.jail.enforce_statfs
        5. security.jail.allow_raw_sockets
        6. security.jail.chflags_allowed
        7. security.jail.jailed
        8. security.jail.list
      3. Client Setup
      4. Decorating Your Cell: In-Jail Setup
        1. Create /etc/fstab
        2. configure DNS Resolution
        3. sendmail
        4. /etc/rc.conf
        5. Root Password and User Account
        6. Other Setup
      5. Jail and /etc/rc.conf
      6. Jail Startup and Shutdown
      7. Managing Jails
        1. jls
        2. jexec
        3. Processes and procfs
      8. Jail Shutdown
      9. What’s Wrong with Jails
    8. Preparing for Intrusions with mtree(1)
      1. Running mtree(1)
        1. mtree(1) Output: The Spec File
      2. Saving the Spec File
      3. Reacting to an Intrusion
    9. Monitoring System Security
    10. If You’re Hacked
  14. 10. EXPLORING /ETC
    1. /etc Across Unix Species
    2. /etc/adduser.conf
    3. /etc/amd.map
    4. /etc/bluetooth, /etc/bluetooth.device.conf, and /etc/defaults/bluetooth.device.conf
    5. /etc/crontab
    6. /etc/csh.*
    7. /etc/devd.conf
    8. /etc/devfs.conf, /etc/devfs.rules, and /etc/defaults/devfs.rules
    9. /etc/dhclient.conf
    10. /etc/disktab
    11. /etc/freebsd-update.conf
    12. /etc/fstab
    13. /etc/ftp.*
    14. /etc/group
    15. /etc/hosts
    16. /etc/hosts.allow
    17. /etc/hosts.equiv
    18. /etc/hosts.lpd
    19. /etc/inetd.conf
    20. /etc/localtime
    21. /etc/locate.rc
    22. /etc/login.*
    23. /etc/mail/mailer.conf
    24. /etc/make.conf
      1. CFLAGS
      2. COPTFLAGS
      3. CXXFLAGS
      4. CPUTYPE=i686
      5. INSTALL=install -C
    25. /etc/master.passwd
    26. /etc/motd
    27. /etc/mtree
    28. /etc/namedb
    29. /etc/netstart
    30. /etc/network.subr
    31. /etc/newsyslog.conf
    32. /etc/nscd.conf
    33. /etc/nsmb.conf
    34. /etc/nsswitch.conf
    35. /etc/opie*
    36. /etc/pam.d/*
    37. /etc/pccard_ether
    38. /etc/periodic.conf and /etc/defaults/periodic.conf
      1. daily_output="root”
      2. daily_show_success="YES”
      3. daily_show_info="YES”
      4. daily_show_badconfig="NO”
      5. daily_local="/etc/daily.local”
    39. /etc/pf.conf
    40. /etc/pf.os
    41. /etc/phones
    42. /etc/portsnap.conf
    43. /etc/ppp
    44. /etc/printcap
    45. /etc/profile
    46. /etc/protocols
    47. /etc/rc*
    48. /etc/remote
    49. /etc/rpc
    50. /etc/security/
    51. /etc/services
    52. /etc/shells
    53. /etc/snmpd.config
    54. /etc/src.conf
    55. /etc/sysctl.conf
    56. /etc/syslog.conf
    57. /etc/termcap
    58. /etc/ttys
  15. 11. MAKING YOUR SYSTEM USEFUL
    1. Making Software
    2. Source Code and Software
    3. The Ports and Packages System
      1. Ports
        1. Ports Tree Installation
        2. Ports Tree Contents
    4. Finding Software
      1. Finding by Name
      2. Finding by Keyword
        1. Other Ways to Browse the Ports Collection
      3. Legal Restrictions
    5. Using Packages
      1. CD Packages
      2. FTP Packages
      3. Installing Packages
      4. pkg_add(1) Environment Settings
        1. PKG_TMPDIR
        2. PACKAGEROOT
        3. PACKAGESITE
        4. PKGDIR
      5. What Does a Package Install?
      6. Uninstalling Packages
      7. Package Information
        1. Other pkg_info(1) Options
      8. Package Problems
    6. Using Ports
      1. Installing a Port
        1. make config
        2. make fetch
        3. make checksum
        4. make extract
        5. make patch
        6. make depends
        7. make configure
        8. make build
        9. make install
      2. Integrated Port Customizations
      3. Port Makefiles
      4. Uninstalling and Reinstalling
      5. Tracking Port Build Status
      6. Cleaning Up Ports
      7. Building Packages
      8. Changing the Install Path
      9. Setting make Options Permanently
    7. Ports and Package Security
  16. 12. ADVANCED SOFTWARE MANAGEMENT
    1. Using Multiple Processors: SMP
      1. Kernel Assumptions
      2. SMP: The First Try
      3. Today’s SMP
        1. SMP Problems: Deadlocks, Deadly Embraces, and Lock Order Reversals
        2. Handling Lock Order Reversals
      4. Processors and SMP
      5. Using SMP
        1. SMP and make(1)
    2. Schedulers
    3. Startup and Shutdown Scripts
      1. rc Script Ordering
      2. A Typical rc Script
      3. Special rc Script Providers
      4. Using Scripts to Manage Running Programs
      5. Vendor Startup/Shutdown Scripts
      6. Debugging Custom rc Scripts
    4. Managing Shared Libraries
      1. Shared Library Versions and Files
      2. Attaching Shared Libraries to Programs
        1. The Library Directory List: ldconfig(8)
        2. Adding Library Directories to the Search List
        3. ldconfig(8) and Weird Libraries
      3. LD_LIBRARY_PATH
      4. What a Program Wants
    5. Threads, Threads, and More Threads
    6. Userland Threading Libraries
    7. Remapping Shared Libraries
    8. Running Software from the Wrong OS
      1. Recompilation
      2. Emulation
      3. ABI Reimplementation
      4. Binary Branding
      5. Supported ABIs
      6. Foreign Software Libraries
    9. Using Linux Mode
      1. The Linuxulator Userland
      2. Testing Linux Mode
      3. Identifying and Setting Brands
      4. linprocfs
      5. Debugging Linux Mode with truss(1)
    10. Running Software from the Wrong Architecture
  17. 13. UPGRADING FREEBSD
    1. FreeBSD Versions
      1. Releases
        1. Errata Branches
      2. FreeBSD-current
        1. -current Code Freezes
      3. FreeBSD-stable
        1. Merging from -current
      4. Snapshots
      5. FreeBSD and Testing
      6. Which Version Should You Use?
    2. Upgrade Methods
    3. Binary Updates
      1. /etc/freebsd-update.conf
      2. Running freebsd-update(8)
      3. Scheduling Binary Updates
        1. Optimizing and Customizing FreeBSD Update
    4. Upgrading via sysinstall
    5. Upgrading via Source
      1. Selecting Your Supfile
      2. Modifying Your Supfile
      3. A Complete Supfile
      4. Blocking Updates: The Refuse File
      5. Updating System Source Code
      6. Using csup to Get the Whole Source Tree
    6. Building FreeBSD from Source
      1. Build the World
      2. Build, Install, and Test a Kernel
      3. Optimization with Parallel Builds
      4. Prepare to Install the New World
      5. Installing the World
        1. Obsolete Shared Libraries
      6. mergemaster Revisited
      7. Upgrades and Single-User Mode
    7. Shrinking FreeBSD
    8. Updating with csup and make
    9. Cross-Building FreeBSD
    10. Building a Local CVSup Server
      1. Controlling Access
    11. Upgrading the Ports Collection
      1. Configuring portsnap
      2. Using portsnap(8)
    12. Updating Installed Ports
      1. Initial portmaster Setup
      2. Identifying Unneeded Software
      3. Identifying and Upgrading Software
      4. Forcing a Rebuild
      5. Rebuilding Upward Dependencies
      6. Changing Dependencies
      7. Ignoring Ports
      8. Other portmaster Features
      9. Reducing the Size of the Ports Tree
  18. 14. THE INTERNET ROAD MAP: DNS
    1. How DNS Works
    2. Basic DNS Tools
      1. The host(1) Command
      2. Digging for Detail
        1. Query Section
        2. Answer Section
        3. Authority Section
        4. Additional Section
      3. Finding Hostnames with dig
      4. More dig Options
        1. Querying a Specific Nameserver
        2. Disabling Recursion
      5. in-addr.arpa
    3. Configuring the Resolver
      1. Host/IP Information Sources
      2. Setting Local Domain Names
        1. Specifying the Local Domain
        2. Specifying a List of Domains
      3. The Nameserver List
    4. Local DNS Overrides with /etc/hosts
    5. Building a Nameserver
      1. Masters and Slaves
      2. BIND Configuration Files
    6. Configuring BIND with named.conf
      1. Options
      2. Zones in named.conf
        1. The Root Zone
        2. Localhost Zones
      3. Configuring a Slave Domain
      4. Configuring a Master Domain
      5. Master and Slave File Storage
      6. Zone Files
        1. Refresh, Retry, and Expire in Practice
        2. A Real Sample Zone
        3. Mail Exchanger
        4. Host Records
      7. Dots and Termination in Zone Files
      8. Reverse DNS Zones
    7. Managing named
      1. Configuring rndc
      2. Using rndc
    8. Checking DNS
    9. Nameserver Security
      1. Controlling Zone Transfers
      2. Securing named(8)
    10. More on BIND
  19. 15. Small System Services
    1. SSH
      1. The SSH Server: sshd(8)
        1. SSH Keys and Fingerprints
      2. Configuring the SSH Daemon
        1. VersionAddendum FreeBSD-20061110
        2. Port 22
        3. Protocol 2
        4. ListenAddress 0.0.0.0
        5. SyslogFacility AUTH and LogLevel INFO
        6. LoginGraceTime 2m
        7. PermitRootLogin no
        8. MaxAuthTries 6
        9. Allow TcpForwarding yes
        10. X11 Forwarding yes
        11. MaxStartups 10
        12. Banner /some/path
        13. Subsystem sftp /usr/libexec/sftp-server
      3. Managing SSH User Access
      4. SSH Clients
        1. Copying Files over SSH
    2. Network Time
      1. Setting the Time Zone
      2. Network Time Protocol
        1. Configuring ntpd(8)
        2. Instant Time Correction
        3. ntpd(8) at Boot Time
        4. Redistributing Time
    3. Name Service Switching and Caching
      1. /etc/nsswitch.conf
      2. Name Query Caching with nscd(8)
        1. nscd(8) and Timing
        2. Zeroing the Cache
        3. nscd(8) at Boot
    4. inetd
      1. /etc/inetd.conf
      2. Configuring inetd Servers
        1. port number
        2. network protocol
        3. user
        4. path
        5. Running the Command
        6. Sample inetd.conf Configuration
      3. Starting inetd(8)
      4. Changing inetd’s Behavior
    5. DHCP
      1. How DHCP Works
      2. Managing dhcpd(8)
      3. Configuring dhcpd(8)
    6. Printing and Print Servers
      1. /etc/printcap
    7. TFTP
      1. Root Directory
      2. tftpd and Files
      3. File Ownership
      4. tftpd(8) Configuration
    8. Scheduling Tasks
      1. User Crontabs vs. /etc/crontab
      2. cron and Environment
      3. Crontab Format
        1. Sample Crontabs
  20. 16. SPAM, WORMS, AND VIRUSES (PLUS EMAIL, IF YOU INSIST)
    1. Email Overview
      1. Finding Mail Servers for a Domain
      2. Undeliverable Email
      3. The SMTP Protocol
      4. Relay Control
      5. Stopping Bad Email
    2. Sendmail
      1. mailwrapper(8)
      2. Submission vs. Reception
      3. Sendmail Logging
    3. Configuring Sendmail
      1. The access File
      2. The aliases File
        1. Forwarding Email from One User to Another
        2. Aliased Mailing Lists
        3. Forwarding Email to Files
        4. Forwarding Email to Programs
        5. Inclusions
      3. The mailertable File
      4. The relay-domains File
      5. Making Changes Take Effect
    4. Virtual Domains
      1. The /etc/mail/local-host-names File
      2. User Mapping
    5. Changing sendmail.cf
      1. Custom .mc Files
        1. Smart Hosts
      2. Rejecting Spam Sources
    6. Greylisting
      1. Configuring milter-greylist
        1. Base Program Settings
        2. MX Peers
        3. Lists of Addresses
        4. Lists of Domains
        5. Lists of Users
        6. Access Controls
        7. Greylist Timing
      2. Attaching milter-sendmail to Sendmail
    7. Sendmail Authentication with SASL
      1. saslauthd(8)
      2. mailer.conf and Your New Sendmail
      3. Building sendmail.cf
      4. Testing SASL
    8. IMAP and POP3
      1. Installing Dovecot
      2. Configuring Dovecot
      3. Creating a Dovecot SSL Certificate
      4. Running Dovecot
      5. Testing POP3S
      6. Testing IMAPS
  21. 17. WEB AND FTP SERVICES
    1. How a Web Server Works
    2. The Apache Web Server
      1. Apache Configuration Files
        1. mime.types
        2. magic
        3. httpd.conf
      2. Core Apache Configuration
        1. Server Root Path
        2. Listen
        3. User and Group
        4. Administrator’s Email Address
        5. Server Name
        6. Document Root Path
      3. Apache Logs
        1. Basic Logs
        2. Rotating Logs
    3. Apache Modules
    4. Directories and Permissions
      1. Controlling Access by IP Address
      2. Directory Options
      3. Configuration by Users
      4. Other Directory Settings
        1. Index Documents
        2. Aliases
        3. Custom Error Pages
      5. Password Protection and Apache
        1. Password Files
        2. Radius User Authentication
        3. Groups and .htaccess
    5. Including Other Configuration Files
    6. Virtual Hosting
      1. Configuring Virtual Hosts
      2. Tuning Virtual Hosts
        1. Port Numbers
        2. Options and AllowOverride
    7. HTTPS Websites
    8. Controlling Apache
    9. File Transfer
      1. FTP Security
      2. The FTP Client
      3. Binary and ASCII Transfers
      4. The FTP Server
        1. Logging ftpd(8) Usage
        2. Read-Only Mode
        3. Write-Only Mode
        4. Timeout
      5. FTP User Control
        1. Chrooting Users
        2. Disallowing Users’ FTP Access
      6. FTP Server Messages
      7. Setting Up Anonymous FTP Servers
        1. Anonymous FTP Pitfalls
    10. Chrooting sftp(1) and scp(1)
  22. 18. DISK TRICKS WITH GEOM
    1. GEOM Essentials
    2. Disk Drives 102
    3. Slicing Disks
      1. Viewing the Slice Table with fdisk(8)
      2. Backing Up the Slice Table
      3. Changing the Slice Table
      4. Partitioning Slices
      5. Reading Disklabels
      6. Backing Up and Restoring Disklabels
      7. Editing Disklabels
      8. Replicating Drive Slicing and Partitioning
      9. Missing Disklabels
    4. Building Filesystems
    5. RAID
      1. Hardware vs. Software RAID
      2. GEOM RAID and Disk Size
      3. Parity and Stripe Size
      4. RAID Types
    6. Generic GEOM Commands
    7. Striping Disks
      1. Creating a Striped Provider
      2. gstripe Destruction
      3. Daily Status Check
    8. Mirroring Disks
      1. Creating a Mirror
      2. Repairing Mirrors
      3. Mirrored Boot Disks
      4. Destroying Mirrored Disks
      5. Daily Status Check
    9. RAID-3
      1. Creating a RAID-3
      2. Repairing a RAID-3
      3. Destroying a RAID-3
    10. RAID-10
      1. RAID-10 Setup
      2. RAID-10 Status
      3. Destroying a RAID-10
    11. Journaling Filesystems with gjournal(8)
      1. Configuring gjournal(8)
      2. Jounalling and newfs(8)
      3. Mounting Journaled Filesystems
      4. Using a Separate Journal Device
      5. De-Journaling Partitions
    12. Filesystem Encryption
      1. Kernel Configuration
      2. Generating and Using a Cryptographic Key
      3. Filesystems on Encrypted Devices
      4. Deactivating Encrypted Disks
      5. Encrypting Swap Space with geli(8)
    13. Disk Device Network Exports
      1. geom_gate Security
      2. geom_gate Server Setup
      3. geom_gate Client Setup
      4. Identifying geom_gate Devices
      5. Shutting Down geom_gate
      6. Oops! Rescuing geom_gate
    14. Mirroring Disks Across the Network
      1. Backup Server Setup
      2. Primary Server Setup
      3. Mirror Failover and Recovery
  23. 19. SYSTEM PERFORMANCE AND MONITORING
    1. Computer Resources
    2. Checking the Network
    3. General Bottleneck Analysis with vmstat(8)
      1. Processes
      2. Memory
      3. Paging
      4. Disks
      5. Faults
      6. CPU
      7. Using vmstat
      8. Continuous vmstat
    4. Disk I/O
    5. CPU, Memory, and I/O with top(1)
      1. PID Values
      2. Load Average
      3. Uptime
      4. Process Counts
      5. Process Types
      6. Memory
      7. Swap
      8. Process List
      9. top(1) and I/O
    6. Following Processes
    7. Paging and Swapping
      1. Paging
      2. Swapping
    8. Performance Tuning
      1. Memory Usage
      2. Swap Space Usage
      3. CPU Usage
      4. Rescheduling
      5. Reprioritizing with Niceness
      6. Investigating Software
    9. Status Mail
    10. Logging with syslogd
      1. Facilities
      2. Levels
      3. Processing Messages with syslogd(8)
        1. Wildcards
        2. Excluding Information
        3. Comparison
        4. Local Facilities
        5. Logging by Program Name
        6. Logging to User Sessions
        7. Sending Log Messages to Programs
        8. Logging to a Logging Host
        9. Logging Overlap
      4. syslogd Customization
        1. Allowed Log Senders
        2. Attach to a Single Address
        3. Additional Log Sockets
        4. Verbose Logging
    11. Log File Management
      1. Log File Path
      2. Owner and Group
      3. Permissions
      4. Count
      5. Size
      6. Time
        1. ISO 8601 Time Format
        2. FreeBSD-Specific Time
      7. Flags
        1. Log File Format and Compression
        2. Special Log File Handling
      8. Pidfile
      9. Signal
      10. Sample newsyslog.conf Entry
    12. FreeBSD and SNMP
      1. SNMP 101
        1. SNMP MIBs
        2. MIB Definitions and MIB Browsers
        3. SNMP Security
      2. Configuring bsnmpd
        1. bsnmpd Variables
        2. Detailed bsnmpd Configuration
        3. Loading bsnmpd Modules
  24. 20. THE FRINGE OF FREEBSD
    1. /etc/ttys
      1. /etc/ttys Format
      2. Insecure Console
        1. Serial Logins
    2. Diskless FreeBSD
      1. Diskless Clients
      2. DHCP Server Setup
        1. MAC Address
        2. DHCP Configuration: Specific Diskless Hosts
        3. DHCP Configuration: Diskless Farms
      3. tftpd and the Boot Loader
      4. The NFS Server and the Diskless Client Userland
    3. Diskless Farm Configuration
      1. The /conf/base Directory
        1. Activating Diskless Remounting
        2. Populating and Trimming Remounted Filesystems
    4. The /conf/default Directory
      1. Per-Subnet and Per-Client Directories
    5. Diskless Packages and Files
      1. Installing Packages
      2. Diskless Configuration Files
        1. /etc/rc.conf
        2. /etc/fstab
        3. SSH Keys
        4. Password Files
        5. syslogd.conf
    6. NanoBSD: Building Your Own Appliances
      1. What Is NanoBSD?
      2. Your Hardware and Your Flash Drive
      3. The NanoBSD Toolkit
      4. Expanding FlashDevice.sub
      5. NanoBSD Configuration Options
      6. A Sample NanoBSD Configuration
      7. Building NanoBSD
        1. NanoBSD Build Directory
        2. NanoBSD Build Troubleshooting
        3. The Completed Build
        4. Serial Console Speeds
      8. Customizing NanoBSD
        1. Customization Scripts
        2. Adding Packages
        3. Adding Files
        4. Perfecting Customizations
      9. Using NanoBSD
        1. Minor Updates
        2. Updating Disk Images
    7. Live Media with FreeSBIE
      1. Installing the FreeSBIE Toolkit
      2. Configuring FreeSBIE
      3. FreeSBIE Plug-ins
      4. Choosing Packages
      5. Building a FreeSBIE Image
      6. Rebuilding FreeSBIE
  25. 21. SYSTEM (AND SYSADMIN)PANICS AND CRASHES
    1. What Causes Panics?
    2. Recognizing Panics
    3. Responding to a Panic
      1. Preparations
      2. The Crash Dump in Action
      3. Configuring Crash Dumps
      4. Debugging Kernels
    4. When Panic Strikes: Manual Crash Dumps
    5. Using the Dump
      1. Getting a Backtrace
      2. Vmcore and Security
    6. Submitting Problem Reports
      1. Before Filing a PR
      2. Bad PRs
      3. Good PRs
      4. A Sample PR
      5. Submitting the PR
      6. After Submitting the PR
  26. AFTERWORD
  27. SOME INTERESTING SYSCTL MIBS
  28. Index
  29. COLOPHON
  30. Copyright

Product information

  • Title: Absolute FreeBSD, 2nd Edition
  • Author(s): Michael W. Lucas
  • Release date: November 2007
  • Publisher(s): No Starch Press
  • ISBN: 9781593271510