O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  


 
Buy the book!
Linux Server Hacks
By Rob Flickenger
January 2003
More Info

How do these hacks stand up? Comment on a hack from the book by choosing the associated "Discuss" link below. You can also view the code from any of the hacks by clicking on the "Listing" or "Code" links. A number of hacks have been selected to be featured online in their entirety; you may view those hacks by clicking on the hack titles that are linked.

You can also download all the scripts and other files for this book here.

Jump to: Server Basics  | Revision Control  | Backups  | Networking  | Monitoring  | SSH  | Scripting  | Information Servers

Server Basics

HACK
#1

Removing Unnecessary Services
Fine tune your server to provide only the services you really want to serve
[Discuss (4) | Link to this hack]

HACK
#2

Forgoing the Console Login
All of the access, none of the passwords
[Discuss (4) | Link to this hack]

HACK
#3

Common Boot Parameters
Manipulate kernel parameters at boot time
[Discuss (1) | Link to this hack]

HACK
#4

Creating a Persistent Daemon with init
Make sure that your process stays up, no matter what
[Discuss (0) | Link to this hack]

HACK
#5

Swap Standard Output and Standard Error
Direct standard out and standard error to wherever you need them to go
[Discuss (0) | Link to this hack]

HACK
#6

Building Complex Command Lines
Build simple commands into full-fledged paragraphs for complex (but meaningful) reports
[Discuss (4) | Link to this hack]

HACK
#7

Working with Tricky Files in xargs
Deal with many files containing spaces or other strange characters
Listing: albumize
[Discuss (1) | Link to this hack]

HACK
#8

Immutable Files in ext2/ext3
Create files that even root can't manipulate
[Discuss (0) | Link to this hack]

HACK
#9

Speeding Up Compiles
Make sure you're keeping all processors busy with parallel builds
[Discuss (0) | Link to this hack]

HACK
#10

At Home in Your Shell Environment
Make bash more comfortable through environment variables
[Discuss (0) | Link to this hack]

HACK
#11

Finding and Eliminating setuid/setgid Binaries
Eliminate potential root exploits before they have a chance to happen
[Discuss (1) | Link to this hack]

HACK
#12

Make sudo Work Harder
Use sudo to let other users do your evil bidding, without giving away the machine
[Discuss (0) | Link to this hack]

HACK
#13

Using a Makefile to Automate Admin Tasks
Makefiles make everything (not just gcc) faster and easier
Listing: Makefile.mail
[Discuss (1) | Link to this hack]

HACK
#14

Brute Forcing Your New Domain Name
Find exactly the domain you'd like to register, whatever it turns out to be
[Discuss (0) | Link to this hack]

HACK
#15

Playing Hunt the Disk Hog
Browse your filesystem for heavy usage quickly with a handy alias
[Discuss (13) | Link to this hack]

HACK
#16

Fun with /proc
Directly view the kernel's running process table and system variables
[Discuss (1) | Link to this hack]

HACK
#17

Manipulating Processes Symbolically with procps
Signal and renice processes by name, terminal, or username (instead of PID)
[Discuss (2) | Link to this hack]

HACK
#18

Managing System Resources per Process
Prevent user processes from running away with all system resources
[Discuss (0) | Link to this hack]

HACK
#19

Cleaning Up after Ex-Users
Make sure you close the door all the way when a user takes their leave
[Discuss (0) | Link to this hack]

HACK
#20

Eliminating Unnecessary Drivers from the Kernel
Keep your kernel optimized for quick booting and long-term stability
[Discuss (0) | Link to this hack]

HACK
#21

Using Large Amounts of RAM
Be sure that Linux is using all of your available system RAM
[Discuss (0) | Link to this hack]

HACK
#22

hdparm: Fine Tune IDE Drive Parameters
Get the best possible performance from your IDE hardware
[Discuss (0) | Link to this hack]

Revision Control

HACK
#23

Getting Started with RCS
Let RCS manage your system files, and keep a revision history
[Discuss (0) | Link to this hack]

HACK
#24

Checking Out a Previous Revision in RCS
Save yourself with RCS revisions
[Discuss (0) | Link to this hack]

HACK
#25

Tracking Changes with rcs2log
See at a glance who's been editing your files, and why
[Discuss (0) | Link to this hack]

HACK
#26

Getting Started with CVS
The ins and outs of the Concurrent Versioning System
[Discuss (0) | Link to this hack]

HACK
#27

CVS: Checking Out a Module
How to get a working copy of a CVS Module
[Discuss (0) | Link to this hack]

HACK
#28

CVS: Updating Your Working Copy
Receiving recent changes in your CVS Module
[Discuss (0) | Link to this hack]

HACK
#29

CVS: Using Tags
Tagging a Module revision in CVS
[Discuss (0) | Link to this hack]

HACK
#30

CVS: Making Changes to a Module
Checking in your changes in CVS
[Discuss (0) | Link to this hack]

HACK
#31

CVS: Merging Files
Resolving update conflicts in CVS
[Discuss (0) | Link to this hack]

HACK
#32

CVS: Adding and Removing Files and Directories
Adding and removing files in your Module
[Discuss (0) | Link to this hack]

HACK
#33

CVS: Branching Development
Setting up a development branch in CVS
[Discuss (0) | Link to this hack]

HACK
#34

CVS: Watching and Locking Files
Setting up an email watch on files in CVS
[Discuss (0) | Link to this hack]

HACK
#35

CVS: Keeping CVS Secure
Protecting your users and your code base in CVS
[Discuss (0) | Link to this hack]

HACK
#36

CVS: Anonymous Repositories
Create your own read-only anonymous CVS repository
[Discuss (0) | Link to this hack]

Backups

HACK
#37

Backing Up with tar over ssh
Copy arbitrary bits of the filesystem between servers using ssh and tar
[Discuss (1) | Link to this hack]

HACK
#38

Using rsync over ssh
Keep large directory structures in sync quickly with rsync
[Discuss (7) | Link to this hack]

HACK
#39

Archiving with Pax
Make easy, portable archives using pax
[Discuss (0) | Link to this hack]

HACK
#40

Backing Up Your Boot Sector
Keep a copy of your boot sector packed away for a rainy day
[Discuss (1) | Link to this hack]

HACK
#41

Keeping Parts of Filesystems in sync with rsync
Use rsync over ssh to mirror exactly what you want, to any number of servers
Listing: Balance-push.sh
[Discuss (1) | Link to this hack]

HACK
#42

Automated Snapshot-Style Incremental Backups with rsync
Use rsync to create fast, small, and safe snapshots of your filesystem
Listing: make_snapshot.sh
[Discuss (4) | Link to this hack]

HACK
#43

Working with ISOs and CDR/CDRWs
The command line makes working with ISOs a snap
[Discuss (0) | Link to this hack]

HACK
#44

Burning a CD Without Creating an ISO File
Create a CD from another CD, the live filesystem, or even an http download
[Discuss (0) | Link to this hack]

Networking

HACK
#45

Creating a Firewall from the Command Line of any Server
You don't have to have a dedicated firewall to benefit from using iptables
[Discuss (2) | Link to this hack]

HACK
#46

Simple IP Masquerading
Set up NAT on your gateway in ten seconds
[Discuss (0) | Link to this hack]

HACK
#47

iptables Tips & Tricks
Make your firewall do far more than filter packets with iptables
[Discuss (4) | Link to this hack]

HACK
#48

Forwarding TCP Ports to Arbitrary Machines
Make non-local services appear to come from local ports
[Discuss (3) | Link to this hack]

HACK
#49

Using Custom Chains in iptables
Keep your firewall rules under control with custom chains
[Discuss (0) | Link to this hack]

HACK
#50

Tunneling: IPIP Encapsulation
IP tunneling with the Linux IPIP driver
[Discuss (0) | Link to this hack]

HACK
#51

Tunneling: GRE Encapsulation
IP tunnels with Generic Routing Encapsulation
[Discuss (0) | Link to this hack]

HACK
#52

Using vtun over ssh to Circumvent NAT
Connect two networks together using vtun and a single ssh connection
[Discuss (0) | Link to this hack]

HACK
#53

Automatic vtund.conf Generator
Generate a vtund.conf on the fly to match changing network conditions
Listing: vtundconf
[Discuss (1) | Link to this hack]

Monitoring

HACK
#54

Steering syslog
Make syslog work harder, and spend less time looking through huge log files
[Discuss (1) | Link to this hack]

HACK
#55

Watching Jobs with watch
Use watch to repeatedly run any command, and show you the results
[Discuss (0) | Link to this hack]

HACK
#56

What's Holding That Port Open?
Associate a process with the port it is bound to easily with netstat
[Discuss (2) | Link to this hack]

HACK
#57

Checking On Open Files and Sockets with lsof
Easily see which files, directories, and sockets your running processes are holding open
[Discuss (0) | Link to this hack]

HACK
#58

Monitor System Resources with top
Use the top utility to get a better overview of what your system is up to
[Discuss (3) | Link to this hack]

HACK
#59

Constant Load Average Display in the Titlebar
Make your title bar work harder, so you don't have to.
Listing: tl
[Discuss (2) | Link to this hack]

HACK
#60

Network Monitoring with ngrep
See who's doing what, with a grep for your network interface
Listing: go-ogle
[Discuss (3) | Link to this hack]

HACK
#61

Scanning Your Own Machines with nmap
Find out when servers and services come online anywhere on your network
[Discuss (0) | Link to this hack]

HACK
#62

Disk Age Analysis
Easily identify which parts of your disk change frequently
Listing: diskage
[Discuss (0) | Link to this hack]

HACK
#63

Cheap IP Takeover
Accomplish IP takeover with ping, bash, and a simple network utility
Listing: takeover
[Discuss (3) | Link to this hack]

HACK
#64

Running ntop for Real-Time Network Stats
See who's doing what on your network over time with ntop
[Discuss (0) | Link to this hack]

HACK
#65

Monitoring Web Traffic in Real Time with httptop
See who's hitting your web server the hardest up to the second with httptop
Listing: httptop
[Discuss (3) | Link to this hack]

SSH

HACK
#66

Quick Logins with ssh Client Keys
Using ssh keys instead of password authentication to speed up and automate logins
[Discuss (13) | Link to this hack]

HACK
#67

Turbo-mode ssh Logins
Even faster logins from the command line
[Discuss (3) | Link to this hack]

HACK
#68

Using ssh-Agent Effectively
Use ssh-agent to automatically manage your ssh client keys
[Discuss (0) | Link to this hack]

HACK
#69

Running the ssh-Agent in a GUI
Running ssh-agent in windowing environments
[Discuss (4) | Link to this hack]

HACK
#70

X over ssh
Run remote X11 applications easily and securely with ssh
[Discuss (0) | Link to this hack]

HACK
#71

Forwarding Ports over ssh
Keep network traffic to arbitrary ports secure with ssh port forwarding
[Discuss (0) | Link to this hack]

Scripting

HACK
#72

Get Settled in Quickly with movein.sh
Keep your local environment in sync on all of your servers
Listing: movein.sh
[Discuss (0) | Link to this hack]

HACK
#73

Global Search and Replace with Perl
Manipulate files and streams with arbitrary Perl substitutions, without a script
[Discuss (5) | Link to this hack]

HACK
#74

Mincing Your Data into Arbitrary Chunks (in bash)
Use bash arithmetic and dd to chop large binary files into reasonable chunks
Listing: mince
[Discuss (1) | Link to this hack]

HACK
#75

Colorized Log Analysis in Your Terminal
View your log files in an xterm window in full, living color
[Discuss (0) | Link to this hack]

Information Servers

HACK
#76

Running BIND in a chroot Jail
Keep your named isolated from the rest of the system with the judicious use of chroot
[Discuss (0) | Link to this hack]

HACK
#77

Views in BIND 9
Change the results that your DNS server returns depending on where the requests are coming from
[Discuss (0) | Link to this hack]

HACK
#78

Setting Up Caching DNS with Authority for Local Domains
Get BIND running quickly with a forwarding, caching server
[Discuss (0) | Link to this hack]

HACK
#79

Distributing Server Load with Round-Robin DNS
Direct traffic to multiple servers simultaneously with round-robin DNS
[Discuss (0) | Link to this hack]

HACK
#80

Running Your Own Top-Level Domain
Set up your own TLD in BIND for ease of navigation
[Discuss (0) | Link to this hack]

HACK
#81

Monitoring MySQL Health with mtop
Display MySQL threads in real time in a format similar to top
[Discuss (0) | Link to this hack]

HACK
#82

Setting Up Replication in MySQL
Keep live copies of your database running to increase performance and provide redundancy
[Discuss (2) | Link to this hack]

HACK
#83

Restoring a Single Table from a Large MySQL Dump
Here is a method for restoring a single mysql table from a huge mysqldump
[Discuss (1) | Link to this hack]

HACK
#84

MySQL Server Tuning
Try these practical steps to help make your MySQL server run as efficiently as it can
[Discuss (0) | Link to this hack]

HACK
#85

Using proftpd with a mysql Authentication Source
Eliminate the need for user accounts for ftp users with proftpd and mysql
[Discuss (0) | Link to this hack]

HACK
#86

Optimizing glibc, linuxthreads, and the Kernel for a Super MySQL Server
Make sure that your database system's OS is running as efficiently as possible with these tweaks
[Discuss (0) | Link to this hack]

HACK
#87

Apache Toolbox
Use this great installation script to automatically download, configure, compile, and install Apache (and friends)
[Discuss (0) | Link to this hack]

HACK
#88

Display the Full Filename in Indexes
Stop truncating the filenames in your auto-indexed directories
[Discuss (0) | Link to this hack]

HACK
#89

Quick Configuration Changes with IfDefine
Make changes to your running Apache configuration without editing httpd.conf
[Discuss (0) | Link to this hack]

HACK
#90

Simplistic Ad Referral Tracking
Create simple user tracking in print ads using the QUERY_STRING
Listing: referral-report.pl
[Discuss (1) | Link to this hack]

HACK
#91

Mimicking FTP Servers with Apache
Set up multiple levels of anonymous access in Apache
[Discuss (0) | Link to this hack]

HACK
#92

Rotate and compress Apache Server Logs
Use this tiny Perl script to compress all of your Apache logs automatically, even when you add more to your site
Listing: logflume.pl
[Discuss (1) | Link to this hack]

HACK
#93

Generating an SSL cert and Certificate Signing Request
Make an SSL key, CSR, and cert for use with Apache
[Discuss (0) | Link to this hack]

HACK
#94

Creating Your Own CA
Become your own Certificate Authority, and sign your own (or others') SSL certs
[Discuss (0) | Link to this hack]

HACK
#95

Distributing Your CA to Client Browsers
Installing your shiny new CA cert to client browsers is just a click away
[Discuss (0) | Link to this hack]

HACK
#96

Serving multiple sites with the same DocumentRoot
Through creative use of mod_rewrite, several sites can share a DocumentRoot and yet still appear to be independent sites
[Discuss (0) | Link to this hack]

HACK
#97

Delivering Content Based on the Query String Using mod_rewrite
Control content delivery based on a URL's query string without a CGI script
[Discuss (0) | Link to this hack]

HACK
#98

Using mod_proxy on Apache for Speed
Offload complex dynamic requests to another apache (or another machine entirely)
[Discuss (0) | Link to this hack]

HACK
#99

Distributing Load with Apache RewriteMap
Scale to any number of web application servers with RewriteMap
[Discuss (0) | Link to this hack]

HACK
#100

Ultrahosting: Mass Web Site Hosting with Wildcards, Proxy, and Rewrite
Support thousands of internal web servers without lifting a finger
[Discuss (0) | Link to this hack]


O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.