Book Review: Tuning and Customizing a Linux System
Even though its title gives the impression, the goal of this four-hundred-page book is not to explain how to build a GNU/Linux distribution from scratch. For example, there are no step-by-step explanations of how to tune a kernel or the X Window system, nor is any instruction given for how to build from scratch a customized KDE or GNOME desktop. The issues discussed at length, however, are clearly stated on the cover: "give insight into what happens behind GNU/Linux scenes", "explain the architecture of Red Hat, Slackware and Debian", "give guidelines and best practices for installing several types of packages".
All the source code written for the book is available on-line, in the Downloads section of the Apress Web site. The book says that "You will need to answer questions pertaining to this book in order to successfully download the code", but that was not the case for me.
The material is divided in four sections, and the first one simply provides a short presentation of the GNU/Linux movement, free software and open-source concepts. The second section illustrates how a GNU/Linux distribution is created and thoroughly analyzes the three distributions mentioned above.
The first chapter of the second section, which can be read on-line on the Apress site, introduces the necessary concepts and definitions. Following this, and for each chosen distribution, the author presents the differences between its kernel and the official one and discusses the package management system used. The latter element, being one of the things that make the real difference between two distribution, is covered much more exhaustively than the former.
The programs available for installing and upgrading packages are introduced through examples, together with their main command-line options and the related front ends, where available. A nice table is included that lists side by side, for each package management operation, the complete rpm (Red Hat) or dpkg (Debian) syntax.
The filesystem layout is explained directory by directory, making clear what is the content and purpose of each. All deviations from the Filesystem Hierarchy standard are presented.
The startup scripts also receive extended coverage, and summaries are given of the differences between the SYSV and BSD startup systems. The reader learns how they interact with each other and how they must be written and installed to be integrated with the rest of the system, depending on the distribution.
The other cornerstones of all GNU/Linux system are presented as well: system libraries (and the importance of their versions), the role of X and, very briefly, the Linux Standard Base. The chapters dedicated to each distribution also lists their most popular derivatives.
This second section ends with a useful check list titled "Learning a New Linux Distribution in Ten Easy Steps", and it sums up in one page everything a person should look at when switching from one distribution to another. The only tip missing is how easy are they to upgrade.
The third section of the book is titled "Installing Software", and it begins with an introductory chapter that lists the necessary steps, from choosing between source or binary installs to configuring the user environment. The author then chooses six packages, and for each one devotes am entire chapter to explaining how to install and configure it. This section is really interesting because each tool belongs to a different category, as far as building and installation are concerned. The author makes clear which actions are necessary only for the chosen application and which ones are best practices for all packages of the same kind.
The fourth and final section of the book explains how to build three real world systems: a multimedia capable desktop, a corporate software development workstation and a network firewall. The case studies choices are good here, because together they cover almost every possible kind of problem. The multimedia desktop chapter is probably the least satisfying: it does list all the components and issues that the reader would encounter in building such a system, but it gives little more information than that.
The hardware support part of this chapter, however, stands independent and is worth reading. It synthesizes clearly, without going in technical detail, the Linux way to support ZIP drives, USB devices and, through SCSI emulation, IDE CD-ROM burners.
The corporate workstation case is more useful, as it covers criteria for local versus network software installation, (again, briefly) VMware and what needs to be done in order to develop J2EE applications.
The network firewall chapter is the best of this section: it includes several diagrams and listings, all carefully explained, and discusses all the steps and alternatives to run a Linux-based firewall on general purpose hardware. Intrusion detection systems, booting from read-only media and peculiarities of dial-up firewalls are covered, as are tips on firewalling wireless LANs and building VPNs.
Articles about Digital Rights and more at http://stop.zona-m.net CV, talks and bio at http://mfioretti.com
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The US Government and Open-Source Software
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide