Sudo: You're Doing It Wrong Unix-like operating systems use a rudimentary access control system: the root account can do anything, while other users are peasants with only minimal access. This worked fine in UNIX's youth, but now that sysadmin responsibilities are spread among many people and applications, many people need a tiny slice of root's power. Sudo lets you divide root's monolithic power between the people who need it with accountability and auditability. Sudo Mastery will teach you to: design a secure sudo policy simplify policies with lists and aliases manage shell environments verify system integrity via intrusion detection deploy a single sudo policy across your enterprise manage sudo policies via LDAP log and debug sudo record and replay full sudo sessions use authentication systems other than passwords Master sudo with Sudo Mastery!
Sudo: You’re Doing It Wrong Unix-like operating systems use a rudimentary access control system: the root account can do anything, while other users are peasants with only minimal access. This worked fine in UNIX’s youth, but now that sysadmin responsibilities are spread among many people and applications, many people need a tiny slice of root’s power. Sudo lets you divide root’s monolithic power between the people who need it with accountability and auditability. Sudo Mastery will teach you to: · design a secure sudo policy · simplify policies with lists and aliases · manage shell environments · verify system integrity via intrusion detection · deploy a single sudo policy across your enterprise · manage sudo policies via LDAP · log and debug sudo · record and replay full sudo sessions · use authentication systems other than passwords Master sudo with Sudo Mastery!
Pluggable Authentication Modules: Threat or Menace? PAM is one of the most misunderstood parts of systems administration. Many sysadmins live with authentication problems rather than risk making them worse. PAM’s very nature makes it unlike any other Unix access control system. If you have PAM misery or PAM mysteries, you need PAM Mastery! With PAM Mastery, you’ll understand: · the different versions of PAM · the intricacies of Linux-PAM and OpenPAM · how PAM policies make decisions · how to debug PAM · the most frequently seen PAM modules · Linux-PAM extended controls and substacks · time-based one-time passwords · using SSH keys for more than SSH · password quality testing · policies from CentOS, Debian, and FreeBSD · and more! Transform PAM from a headache to an ally with PAM Mastery.
Filesystems for everything! FreeBSD includes many special-purpose filesystems. FreeBSD Mastery: Specialty Filesystems takes you through these filesystems, helping you solve problems you didn’t know you have. These filesystems underlie everything from application servers to jails. You’ll learn to manage: -removable media -MSDOS and Linux filesystems -CD, DVD, and Blu-Ray disks -devfs -process filesystems -the file descriptor filesystem -the POSIX message queue filesystem -union mounts -null mounts -both memory filesystems, and when to use each -NFS versions 2, 3, and 4 -iSCSI targets and initiators -the Common Internet File System -networked disk redundancy with geom_gate and HAST -high availability storage with HAST and iSCSI -NFSv4 Access Control Lists -User Space Filesystems -FreeBSD’s Solaris-compatible automounter System administrators of any expertise level will expand their FreeBSD mastery with FreeBSD Mastery: Specialty Filesystems.
ZFS improves everything about systems administration. Once you peek under the hood, though, ZFS’ bewildering array of knobs and tunables can overwhelm anyone. ZFS experts can make their servers zing—and now you can, too, with FreeBSD Mastery: Advanced ZFS. This small book teaches you to: •Use boot environments to make the riskiest sysadmin tasks boring •Delegate filesystem privileges to users •Containerize ZFS datasets with jails •Quickly and efficiently replicate data between machines •split layers off of mirrors •optimize ZFS block storage •handle large storage arrays •select caching strategies to improve performance •manage next-generation storage hardware •identify and remove bottlenecks •build screaming fast database storage •dive deep into pools, metaslabs, and more! Whether you manage a single small server or international datacenters, simplify your storage with FreeBSD Mastery: Advanced ZFS.
“I’m glad someone’s finally giving ed the attention it deserves.” – Ken Thompson, co-creator of Unix Let me be perfectly clear: ed is the standard Unix text editor. If you don’t know ed, you’re not a real sysadmin. Forty years after ed’s introduction, internationally acclaimed author Michael W Lucas has finally unlocked the mysteries of ed for everyone. With Ed Mastery, you too can become a proper sysadmin. Ed Mastery will help you: · understand buffers and addresses · insert, remove, and mangle text · master file management and shell escapes · comprehend regular expressions, searches, and substitutions · create high-performance scripts for transforming files You must be at least this competent to use this computer. Read Ed Mastery today!
“I think we’re gonna need a bigger web server.” OpenBSD has a solid reputation for security and stability. It’s well known for the OpenSMTPd mail server, the LibreSSL cryptography library, and the PF packet filter. But nobody ever talks about the load balancer, or the web server. Until now. The httpd web server provides a fast, stable, secure environment for your web applications. The relayd load balancer lets you distribute Internet application load across multiple hosts. Between the two, you can slash hundreds of thousands of dollars off the cost of building, deploying, and managing applications. With Httpd and Relayd Mastery you’ll learn how to: · set up web sites · configure software to run in a chroot · run dozens or hundreds of sites on one host · dynamically reconfigure sites with Lua patterns · manage site logs · maintain free, globally-valid SSL certificates · improve performance with SSL stapling · install and maintain two-server clusters · distribute traffic between any number of hosts · stop worrying about old SSL versions and bad crypto algorithms Slash the amount of time you spend futzing with web servers. Get Httpd and Relayd Mastery today!
CONFINE YOUR SOFTWARE Jails are FreeBSD’s most legendary feature: known to be powerful, tricky to master, and cloaked in decades of dubious lore. Deploying jails calls upon every sysadmin skill you have, and more—but unleashing lightweight virtualization is so worth it. FreeBSD Mastery: Jails cuts through the clutter to expose the inner mechanisms of jails and unleash their power in your service. You will: · Understand how jails achieve lightweight virtualization · Understand the base system’s jail tools and the iocage toolkit · Optimally configure jail hardware · Manage jails from the host and from within the jail · Optimize disk space usage to support hundreds or thousands of jails · Comfortably work within the limits of jails · Implement fine-grained control of jail features · Build virtual networks · Deploy hierarchical jails · Constrain jail resource usage · And more! Strip away the mystery. Read FreeBSD Mastery: Jails today! “This is the sequel to Git Commit Murder, right ?” /phk, creator of the jail system
Transport Layer Security, or TLS, makes ecommerce and online banking possible. It protects your passwords and your privacy. Let’s Encrypt transformed TLS from an expensive tool to a free one. TLS understanding and debugging is an essential sysadmin skill you must have. TLS Mastery takes you through: · How TLS works · What TLS provides, and what it doesn’t · Wrapping unencrypted connections inside TLS · Assessing TLS configurations · The Automated Certificate Management Environment (ACME) protocol · Using Let’s Encrypt to automatically maintain TLS certificates · Online Certificate Status Protocol · Certificate Revocation · CAA, HSTS, and Certificate Transparency · Why you shouldn’t run your own CA, and how to do it anyway · and more! Stop wandering blindly around TLS. Master the protocol with TLS Mastery!
Online Backup you can Trust and Verify! Tarsnap, the secure online backup service for Unix-like systems, raised the bar for online backups. It’s inexpensive. It’s reliable. And you don’t need to trust the Tarsnap service—they can’t access your backups even if they wanted to. With Tarsnap Mastery you’ll learn to: · install and manage Tarsnap on Linux, Unix, Windows, and OS X · fully exploit features like encryption and deduplication · create and recover archives · customize backups to precisely your requirements · passphrase protect keys · create and manage special-purpose keys · automatically back up and rotate archives · understand and resolve performance issues · quickly restore complete systems Ditch the tape room. Put your backups online, and know that they’re safe. Tarsnap Mastery. Because life doesn’t back itself up.
Stop waiting for the network team! If basic TCP/IP was hard, network administrators couldn’t do it. Servers give sysadmins a incredible visibility into the network—once they know how to unlock it. Most sysadmins don’t need to understand window scaling, or the differences between IPv4 and IPv6 echo requests, or other intricacies of the TCP/IP protocols. You need only enough to deploy your own applications and get easy support from the network team. This book teaches you: •How modern networks really work •The essentials of TCP/IP •The next-generation protocol, IPv6 •The right tools to diagnose network problems, and how to use them •Troubleshooting everything from the physical wire to DNS •How to see the traffic you send and receive •Connectivity testing •How to communicate with your network team to quickly resolve problems A systems administrator doesn’t need to know the innards of TCP/IP, but knowing enough to diagnose your own network issues transforms a good sysadmin into a great one.
Physics inconvenient? Change it. Then watch it try to kill you. Solve a murder in a universe without ground to stand on. Investigate inexplicable deaths a few million years after the Big Bang. Take too many breaths and never go home again. Let the antimatter trickle between your fingers, and visit five alien universes in this first Montague Portal omnibus. Contains: Forever Falls Hydrogen Sleets Drinking Heavy Water Sticky Supersaturation No More Lonesome Blue Rings
There’s no grounds for murder. There’s no ground at all. The people exploring and exploiting alien universes risk everything, including their lives. But Devin Gupper’s death makes no sense. And the more questions security officer Aidan Redding asks, the less rational it seems. But in a bottomless universe full of impossibilities, one impossible murder begins everything...
A FAMILY AFFRAY With her father's death, mercenary thief Beaks returns to the place she hates most—her childhood home, to both pay her respects and make certain he's gone. She finds only lies. Determined to rip the truth out of the shadows, Beaks ricochets around the world, defying killers and government agents alike. With the man she loves and the secretive hacker Sister Silence, she targets a nightmare that turns suffering into profit and slaughter into joy. Family. It's worse than murder.
50% Die Hard 50% Robin Hood 100% trouble Reeling from the death of her lover and partner, freelance “exfiltration specialist” Billie Carrie Salton breaks into a high-tech, high-security biotechnology firm to steal their sickle cell anemia cure and broadcast it to the world. In, out, announce. Easy. Except Salton’s life never works that smoothly. And a gig gone wrong only begins the disasters. Thievery, lies, and betrayals propel Salton across the world, from Atlanta, Georgia, to the heat of Portugal and the jungles of Myanmar, where she must put everything on the line to save everything she loves.
Accessible to all, this book teaches the essentials to anyone who wants to become an effective and independent Debian GNU/Linux administrator. It covers all the topics that a competent Linux administrator should master, from the installation and the update of the system, up to the creation of packages and the compilation of the kernel, but also monitoring, backup and migration, without forgetting advanced topics like SELinux setup to secure services, automated installations, or virtualization with Xen, KVM or LXC. Learn more about the book on http: //debian-handbook.info
This updated edition of Michael W. Lucas' definitive volume on FreeBSD-based systems adds coverage of modern disks, the ZFS filesystem IPv6, redesigned jail and packaging systems, and virtualization, among dozens of new features added in the last 10 years. FreeBSD is the muscle behind companies like Netflix and EMC. Any place where someone does heavy lifting on the Internet, you'll find FreeBSD. This newly revised edition of Absolute FreeBSD brings FreeBSD's strengths to bear on your problems and covers FreeBSD's newest features, all in the inimitable style that has made author Michael W. Lucas' system administration books so popular. Any computer system is only as good as the system administrator's knowledge. Absolute FreeBSD teaches you everything you need to know about managing FreeBSD systems, from installation, configuration, and taking the system from "just working" to "working well." A cohesive focus on service delivery and best practice means that you can apply much of the book to other operating systems. Absolute FreeBSD dives deep into server management, taking you beyond just making things work and into understanding why they work. You'll learn: • How to best install FreeBSD to meet your needs • Which filesystem to use in your environment • How to back up and restore critical data • How to tweak the kernel, and when not to • Network configuration, from activating interfaces to selecting congestion control algorithms • How to manage UFS, ZFS, and other critical filesystems • FreeBSD's software packaging system, including how to build your own package repository • How and when to upgrade • Techniques to build your own FreeBSD • Advanced security features like blacklistd and packet filtering • How to monitor and adjust performance • Container-style virtualization with jails • Diskless systems • Panic management and bug reporting With Absolute FreeBSD you will get the solid introduction you need; and if you're a fan of the earlier editions, you will expand your skills even further.
Teaching for Mastery in Writing provides a practical approach to developing mastery in writing which helps all primary children to develop their skills and inspires a love of writing. This innovative book follows an approach that integrates mastery into existing teaching sequences – an approach which aims to improve the writing ability of all children, not just the more able. Writing is a tough discipline for children in today's primary schools. The number of skills they are expected to learn is a source of amazement to many adults outside education. It is no easier to teach, not least because of the many and varied demands on schools, including the National Curriculum, SPaG tests, assessment frameworks and inspections. Now, more than ever, it is crucial that teachers focus on helping children become the most effective communicators they can be through the medium of writing. Throughout the book, Mike Cain promotes the importance of a classroom culture characterised by focused talk and reasoning, and provides lots of ideas for challenging children in their writing through the development of key learning dispositions and critical thinking skills.
Design, develop, and solve real-world automation and orchestration problems by unlocking the automation capabilities of Ansible. Key Features Tackle complex automation challenges with the newly added features in Ansible 2.7 Book Description Automation is essential for success in the modern world of DevOps. Ansible provides a simple, yet powerful, automation engine for tackling complex automation challenges. This book will take you on a journey that will help you exploit the latest version's advanced features to help you increase efficiency and accomplish complex orchestrations. This book will help you understand how Ansible 2.7 works at a fundamental level and will also teach you to leverage its advanced capabilities. Throughout this book, you will learn how to encrypt Ansible content at rest and decrypt data at runtime. Next, this book will act as an ideal resource to help you master the advanced features and capabilities required to tackle complex automation challenges. Later, it will walk you through workflows, use cases, orchestrations, troubleshooting, and Ansible extensions. Lastly, you will examine and debug Ansible operations, helping you to understand and resolve issues. By the end of the book, you will be able to unlock the true power of the Ansible automation engine and tackle complex, real- world actions with ease. What you will learn Gain an in-depth understanding of how Ansible works under the hood Fully automate Ansible playbook executions with encrypted data Access and manipulate variable data within playbooks Use blocks to perform failure recovery or cleanup Explore the Playbook debugger and the Ansible Console Troubleshoot unexpected behavior effectively Work with cloud infrastructure providers and container systems Develop custom modules, plugins, and dynamic inventory sources Who this book is for This book is for Ansible developers and operators who have an understanding of its core elements and applications but are now looking to enhance their skills in applying automation using Ansible.