- •Table of Contents
- •Introduction
- •Saving Time with This Book
- •Foolish Assumptions
- •Part I: Making the Desktop Work for You
- •Part II: Getting the Most from Your File System
- •Part III: Good Housekeeping with Linux
- •Part IV: Tweaking the Kernel on Your Linux System
- •Part V: Securing Your Workspace
- •Part VI: Networking Like a Professional
- •Part VII: Monitoring Your System
- •Part VIII: Serving Up the Internet and More
- •Part X: Programming Tricks
- •Part XI: The Scary (Or Fun!) Stuff
- •Icons Used in This Book
- •Discovering Your Protocols
- •Managing Snapshots with the camera: Protocol
- •Remote File Management with fish:
- •Getting Help with help:, info:, and man:
- •Other KDE Protocols
- •Using GNOME VFS Modules
- •Stacking VFS Modules
- •Working with Packages: rpm and rpms
- •Putting VFS to Work at the Command Line
- •Burning CDs with a VFS
- •Skinning Your Desktop with VFS
- •Classifying Data with MIME
- •Creating KDE File Associations
- •Creating New MIME Types with GNOME
- •Making Basic Prompt Transformations
- •Adding Dynamically Updated Data to Your Prompt
- •Colorizing Your Prompt
- •Seeing a Red Alert When You Have Superuser Privileges
- •Saving Your Work
- •Completing Names Automatically
- •Using the Escape Key to Your Advantage
- •Customizing Completion for Maximum Speed
- •Using cd and ls to Navigate through bash
- •Setting Your CDPATH Variables to Find Directories Fast
- •Streamlining Archive Searches
- •Turning the Output of a Command into a Variable with $( )
- •Using $UID and $EUID in Shell Scripts
- •Customizing Variables for Rapid Transit
- •Finding the Right Shell Script
- •Choosing your victims
- •Timing is everything
- •Cleaning up made easy
- •Changing prototype scripts
- •Customizing Your Autostart File
- •Navigating the History List
- •Scrolling
- •Summoning a command by number
- •Searching through history
- •Customizing the History List
- •Adjusting key default settings
- •Filtering the history list
- •Executing Commands Quickly with History Variables
- •Viewing Your Aliases
- •Using Aliases for Complex Commands
- •Automating Tedious Tasks with Functions
- •Filtering file searches by file type
- •Automatic downloading
- •Monitoring Your System in a Snap
- •Un-tarring the Easy Way
- •What Is Samba?
- •Getting Up and Running with Samba
- •Checking whether Samba is installed
- •Enabling Samba
- •Adjusting the workgroup name and creating user accounts
- •Giving a Windows machine access to your home directory
- •Sharing Linux files and directories with other computers
- •Hooking Everyone Up to the Printer
- •Sharing Linux printers with SWAT
- •Using a Windows printer from Linux
- •Plugging In to Remote Data with Linux Programs Quickly
- •Finding Files with locate
- •Finding Files with find
- •Qualifying Your Search with the find Command
- •Doing updated filename searches
- •Adding time-based qualifications
- •Filtering by file size
- •Perusing commonly used qualifications
- •Acting on What You Find
- •Displaying specific info with -printf
- •Checking disk usage by user
- •Executing commands with find
- •Building Complex Commands with xargs
- •Creating Archives with File Roller
- •Inspecting and Extracting Archives with File Roller
- •Adding Functionality to tar with Complex Commands
- •Building archives from the command line
- •Archiving complex search results
- •Backing up an installed package
- •Uprooting Entire Directory Trees with scp
- •Splitting Big Files into Manageable Chunks
- •Building Software from Downloaded tarballs
- •Compiling a tarball: The basic steps
- •Downloading and compiling SuperKaramba
- •Versatile Downloading with wget
- •Mirroring sites with wget
- •Verifying your bookmarks with wget
- •Downloading files with wget
- •Downloading and unpacking in one quick step
- •Downloading and Uploading with curl
- •Setting Up ADIOS
- •Downloading ADIOS
- •Burning ADIOS to CD
- •Installing ADIOS
- •Finding Your Way around UML
- •Connecting to the Internet from an ADIOS VM
- •Using a GUI with UML
- •Installing Software into UML
- •Merging Changes to Your Prototype
- •Querying RPM Packages for Content
- •Digesting Information
- •Creating a Package Index
- •Querying for Prerequisites
- •Dissecting an RPM Package
- •Using RPM at the Command Line
- •Removing RPMs
- •Flagging Down RPM
- •Getting Graphic with RPM
- •Using Rpmdrake to install from media
- •Installing from your Konqueror browser
- •Verifying Your System
- •Reading the Tamper-Proof Seal
- •Setting Up Synaptic and apt in a Snap
- •Keeping Up-to-Date with apt and Synaptic: The Basics
- •Handy Hints about Synaptic
- •Changing repositories
- •Viewing package details
- •Installing new packages with Synaptic
- •Importing the Keys to the Repository
- •Letting Task Scheduler Work for You
- •Scheduling a new task
- •Editing a task
- •Adding environment variables
- •Reining In Resources with Disk Quotas
- •Installing the quota RPM package
- •Enabling file system quotas
- •Getting your files together
- •Setting quotas
- •Reviewing your quotas
- •Using System Accounting to Keep Track of Users
- •Setting up system accounting
- •Looking up user login hours
- •Checking out command and program usage
- •Running Down the Runlevels
- •Runlevel basics
- •Customizing runlevels in Fedora
- •Customizing runlevels in SuSE
- •Customizing runlevels in Mandrake
- •Customizing runlevels at the command line
- •Switching to a new runlevel
- •Disabling Unused Services
- •Removing Unneeded Services
- •Learning about modules
- •Installing a module with insmod
- •Taking care of dependencies automatically with modprobe and depmod
- •Loading a module for a slightly different kernel with insmod and modprobe
- •Removing modules with rmmod
- •Step 1: Making an Emergency Plan, or Boot Disk
- •Step 2: Finding the Source Code
- •Step 4: Customizing the Kernel
- •Step 5: Building the Kernel
- •Understanding the Principles of SELinux
- •Everything is an object
- •Identifying subjects in SELinux
- •Understanding the security context
- •Disabling or Disarming SELinux
- •Playing the Right Role
- •Exploring the Process-Related Entries in /proc
- •Surveying Your System from /proc
- •Popping the Cork: Speeding Up WINE with /proc
- •Reading and Understanding File Permissions
- •Controlling Permissions at the Command Line
- •Changing File Permissions from a Desktop
- •Encryption Made Easy with kgpg and the KDE Desktop
- •Creating keys with kgpg
- •Sharing your key with the world
- •Importing a public key from a public-key server
- •Encrypting and decrypting documents with drag-and-drop ease
- •Encrypting Documents with gpg at the Command Line
- •Sharing a secret file
- •Creating a key pair and receiving encrypted documents
- •Encrypting documents on your home system
- •Encrypting E-Mail for Added Security
- •Encrypting with Ximian Evolution
- •Setting up Mozilla e-mail for encryption
- •Sending and receiving encrypted messages with Mozilla mail
- •Using Cross-Platform Authentication with Linux and Windows
- •Prepping for cross-platform authentication
- •Setting up cross-platform authentication
- •Using PAM and Kerberos to Serve Up Authentication
- •Establishing synchronized system times
- •Testing your domain name server (DNS)
- •Setting up a Key Distribution Center
- •Setting up automatic ticket management with Kerberos and PAM
- •Adding users to the Key Distribution Center
- •Building Good Rules with PAM
- •Phase
- •Control level
- •Module pathname
- •Arguments
- •Dissecting a Configuration File
- •Skipping a Password with PAM
- •Feeling the Power
- •Gaining Superuser Privileges
- •Pretending to Be Other Users
- •Limiting Privileges with sudo
- •Installing sudo
- •Adding Up the Aliases
- •Adding Aliases to the sudo Configuration File
- •Defining the Alias
- •Creating a User_Alias
- •Creating a Runas_Alias
- •Simplifying group managment with a Host_Alias
- •Mounting and unmounting CDs without the superuser password
- •Managing access to dangerous commands with command aliases
- •Using SSH for Top-Speed Connections
- •Setting Up Public-Key Authentication to Secure SSH
- •Generating the key pair
- •Distributing your public key
- •Passing on your passphrase
- •Logging In with SSH and Key Authentication
- •Starting from the command line
- •Getting graphic
- •Creating Shortcuts to Your Favorite SSH Locations
- •Copying Files with scp
- •Secure (And Fast) Port Forwarding with SSH
- •Finding Your Firewall
- •Setting up a simple firewall in Mandrake Linux
- •Setting up a simple firewall in Fedora Linux
- •Setting up a simple firewall in SuSE Linux
- •Editing the Rules with Webmin
- •Starting a Webmin session
- •Reading the rules with Webmin
- •Changing the rules
- •Editing existing rules
- •Adding a new rule with Webmin
- •Sharing Desktops with VNC
- •Inviting Your Friends to Use Your Desktop
- •Serving Up a New Desktop with VNC Server
- •Using tsclient to View Remote Desktops from Linux
- •Using tsclient with a VNC server
- •Using tsclient with an RDP server
- •Creating New VNC Desktops on Demand
- •Switching display managers in SuSE Linux
- •Switching display managers in Mandrake Linux
- •Connecting gdm and VNC
- •Exploring Your Network with lsof
- •Running lsof
- •Interpreting the lsof output
- •Reading file types
- •Discovering Network Connections
- •Other Timesaving lsof Tricks
- •Packet Sniffing with the Ethereal Network Analyzer
- •Starting Ethereal
- •Capturing packets
- •Applying filters to screen packets
- •Peeking in packets
- •Color-coding packets coming from your network
- •Getting Up and Running with Nessus
- •Installing programs Nessus needs to run
- •Installing Nessus
- •Adding a user to Nessus
- •Generating a certificate
- •Starting the daemon and the interface
- •Reading the grim results
- •Keeping Your Plug-ins Up-to-Date
- •Chatting in the Fedora Chat Room
- •Looking for Answers in the SuSE Chat Room
- •Processing Processes with procps
- •Using ps to filter process status information
- •Viewing ps output the way you want to see it
- •Making parent-child relationships stand out in a ps listing
- •Climbing the family tree with pstree
- •Finding processes with pgrep
- •Killing Processes with pkill
- •Killing Processes with killall
- •Closing Windows with xkill
- •Managing Users and Groups with the Fedora/Mandrake User Manager
- •Adding new users
- •Modifying user accounts
- •Adding groups
- •Filtering users and groups
- •Managing Users and Groups with the SuSE User Administrator
- •Adding new users
- •Modifying user accounts
- •Adding groups
- •Filtering users and groups
- •Adding and deleting log files from the viewer
- •Setting up alerts and warnings
- •Viewing your log files from SuSE
- •Monitoring your log files from SuSE
- •Customizing Your Log Files
- •Keeping an Eye on Resources with KDE System Guard
- •Finding and killing runaway processes
- •Prioritizing processes to smooth a network bottleneck
- •Watching your system load
- •Creating a new worksheet
- •Creating system resource logs
- •Displaying network resources
- •Using Synaptic to download and install Apache
- •Installing Apache from disc
- •Starting the Apache Service
- •Building a Quick Web Page with OpenOffice.org
- •Taking Your Site Public with Dynamic DNS
- •Understanding how dynamic DNS works
- •Setting up dynamic DNS
- •Updating your IP address
- •Installing the Fedora HTTP Configuration tool
- •Putting the HTTP Configuration tool to work
- •Watching Your Web Server Traffic with apachetop
- •Installing apachetop
- •Running and exiting apachetop
- •Navigating apachetop
- •Switching among the log files (or watching several at once)
- •Changing the display time of apachetop statistics
- •Accessing MySQL Control Center features
- •Viewing, managing, and repairing a database with the Databases controls
- •Putting the Server Administration controls to work
- •Adding a new user
- •Watching Your MySQL Traffic with mtop
- •Gathering all the packages that mtop needs
- •Installing mtop
- •Monitoring traffic
- •Building a MySQL Server
- •Installing the necessary packages
- •Starting the MySQL server
- •Replicating MySQL Data
- •Configuring replication: The three topologies
- •Setting up replication for a single slave and master
- •Choosing a Method to Back Up MySQL Data
- •Backing Up and Restoring with mysqldump
- •mysqldump backup options
- •Backing up multiple databases
- •Compressing the archive
- •Restoring a mysqldump archive
- •Making a mysqlhotcopy of Your Database
- •Archiving a Replication Slave
- •Taking Care of Business with MySQL Administrator
- •Installing MySQL Administrator
- •Starting MySQL Administrator
- •Choosing an SSL Certificate
- •Creating a Certificate Signing Request
- •Creating a Signing Authority with openssl
- •Creating a certificate authority
- •Signing a CSR
- •Exploring Your Certificate Collection with Mozilla
- •Introducing hotway
- •Getting Started with hotway
- •Setting Up Evolution to Read HTTPMail Accounts with hotway
- •Ringing the Bells and Blowing the Whistles: Your Evolution Summary Page
- •Installing SpamAssassin
- •Installing from the distribution media
- •Installing from RPM downloads
- •Starting the service
- •Fine-Tuning SpamAssassin to Separate the Ham from the Spam
- •Customizing settings
- •Saving your settings
- •Adding a New Filter to Evolution
- •Serving Up a Big Bowl of the RulesDuJour
- •Registering Your Address
- •Taming a Sendmail Server
- •Tweaking Your Configuration Files with Webmin
- •Serving up mail for multiple domains
- •Relaying e-mail
- •Using aliases to simplify mail handling
- •Deciding What to Archive
- •Choosing Archive Media
- •Tape drives
- •Removable and external disk drives
- •Removable media
- •Optical media (CDs and DVDs)
- •Online storage
- •Choosing an Archive Scheme
- •Full backups
- •Differential backups
- •Incremental backups
- •Incremental versus differential backups
- •Choosing an Archive Program
- •Estimating Your Media Needs
- •Creating Data Archives with tar
- •Backing up files and directories
- •Backing up account information and passwords
- •Targeting bite-sized backups for speedier restores
- •Rolling whole file systems into a tarball
- •Starting an Incremental Backup Cycle
- •Restoring from Backup with tar
- •Backing Up to CD (Or DVD) with cdbackup
- •Creating the backup
- •Restoring from a CD or DVD backup
- •Restoring from a disc containing multiple archives
- •Combining the Power of tar with ssh for Quick Remote Backups
- •Testing the ssh connection to the remote host
- •Creating a tar archive over the ssh connection
- •Backing up to tape drives on remote machines
- •Backing Up to a Remote Computer with rdist and ssh
- •Testing the ssh connection to the remote host
- •Creating the distfile
- •Backing up
- •Getting Started with CVS
- •Checking whether CVS is installed
- •Discovering what to use CVS for
- •Creating a CVS Repository
- •Populating Your Repository with Files
- •Simplifying CVS with cervisia
- •Installing cervisia
- •Putting files in your sandbox
- •Adding more files to your repository
- •Committing your changes
- •Browsing your log files
- •Marking milestones with tags
- •Branching off with cervisia
- •Using the libcurl Library (C Programming)
- •Uploading a File with a Simple Program Using libcurl
- •Line 7: Defining functions and data types
- •Line 14: Calling the initialization function
- •Lines 18– 21: Defining the transfer
- •Line 23: Starting the transfer
- •Line 26: Finishing the upload
- •Installing the Ming Library
- •Building a Simple Flash Movie with Ming
- •Examining the program
- •Compiling the program
- •Running the program
- •Building Interactive Movies with Ming
- •Examining the program
- •Compiling the program
- •Running the program
- •Doing the curl E-shuffle with PHP
- •Combining PHP with curl and XML: An overview
- •Checking out the XML file
- •Downloading and displaying the XML file with a PHP script (and curl)
- •Sending E-Mail from PHP When Problems Occur
- •Debugging Perl Code with DDD
- •Installing and starting DDD
- •Examining the main window
- •Reviewing and stepping through source code
- •Making Stop Signs: Using Breakpoints to Watch Code
- •Setting a breakpoint
- •Modifying a breakpoint
- •Opening the data window
- •Adding a variable to the data window
- •Changing the display to a table
- •Using the Backtrace feature
- •Using the Help menu
- •Making Fedora Distribution CDs
- •Downloading the ISO images
- •Verifying the checksums
- •Burning an ISO File to Disc at the Command Line
- •Finding the identity of your drive
- •Running a test burn
- •Burning the distribution discs
- •Burning CDs without Making an ISO First
- •Finding setuid quickly and easily with kfind
- •Finding setuid and setgid programs at the command line
- •Deciding to Turn Off setuid or setgid
- •Changing the setuid or setgid Bit
- •Who Belongs in Jail?
- •Using UML to Jail Programs
- •Using lsof to Find Out Which Files Are Open
- •Debugging Your Environment with strace
- •Investigating Programs with ltrace
- •Handy strace and ltrace Options
- •Recording Program Errors with valgrind
- •Hardening Your Hat with Bastille
- •Downloading and installing Bastille and its dependencies
- •Welcome to the Bastille
- •Addressing file permission issues
- •Clamping down on SUID privileges
- •Moving on to account security
- •Making the boot process more secure
- •Securing connection broker
- •Limiting compiler access
- •Limiting access to hackers
- •Logging extra information
- •Keeping the daemons in check
- •Securing sendmail
- •Closing the gaps in Apache
- •Keeping temporary files safe
- •Building a better firewall
- •Port scanning with Bastille
- •Turning LIDS On and Off
- •Testing LIDS before Applying It to Your System
- •Controlling File Access with LIDS
- •Hiding Processes with LIDS
- •Running Down the Privilege List
- •Getting Graphical at the Command Line
- •Getting graphical in GNOME
- •Getting graphical with KDE
- •Staying desktop neutral
- •Index
Taking Your Site Public with Dynamic DNS 313
To edit and update your page with the current news of the day, just fire up OpenOffice.org Writer and open your document. Make your changes and save the file, and your local network site is automatically updated.
Taking Your Site Public with Dynamic DNS
You can make your Web site public by renting server space from an ISP or by obtaining your own domain name and hosting the site from your Apache server. When you rent machine space from an ISP, you pay not only for the room your data takes up, but also for the Web traffic to your site. If you have a small and simple site with little traffic, that’s not a problem. If you have a large or complex site with a lot of traffic, renting server space can get costly.
You can save time and money by running high-maintenance Web sites on local machines. If you use PHP to build your site or have live database access from the site, keeping the data where it can be updated easily is a real timesaver.
In order for others to find your Web site, you have to have a host name, and the host name must be fully qualified — that is, your host name must include a domain name (something like www.example.com). If your ISP is willing to assign you a fully qualified host name, you’re good to go. If not, don’t despair — you can borrow someone’s domain name by using dynamic DNS.
Understanding how dynamic DNS works
When a user surfs to your spanking new Web site, he types a name (say www.example.com). His Web browser asks a name server to convert the site name into an IP address. His local name server defers the request to a well-known name server somewhere on the Internet. Eventually, the name server chain locates a
server that’s responsible for the example.com domain. That name server returns the IP address for host www (that is, host www within the example.com domain).
A normal name server maintains a database that converts host names into IP addresses for the hosts on the name server’s local network. A dynamic DNS server provides the same service (host name to IP address translation), but it lets you change the database. To use a dynamic DNS server, you send your IP address and desired host name to the server, and it agrees to give out your IP address whenever someone asks for your fully qualified host name. Of course, the domain name that you get to use is owned by the dynamic DNS provider, but it gives you a permanent, fully qualified name that you can hand out to friends and business partners (without purchasing a domain name for yourself).
What happens if your Internet service provider changes your IP address? Simple — just update the dynamic DNS database.
Setting up dynamic DNS
To use dynamic DNS, you first contact a company (often an ISP) that will register your site name. You can find quite a few free (and paid) dynamic DNS providers online.
Each service provider has its own how-to’s for setting up a dynamic DNS service. The basics are pretty much the same, but read the FAQs for each service online before registering an account with that service.
One dynamic DNS service worthy of mention is DynDNS.org. Follow the simple how-to page at www.dyndns.org/services/dyndns/howto.html to set up your dynamic DNS account in no time. Follow the links to do the following:
1. Register for an account.
You’ll receive an e-mail confirming the account registration.
314 Technique 42: Keeping an Apache Server in Top Form
2. Confirm the account registration to activate the account.
3. Add host information for your computer:
Choose a host name and an extension. Our personal favorite has to be is-a-geek.com.
The DynDNS service automatically detects and fills in the IP Address field.
Select the Wildcard check box if you want your name to be accessible from both www.sitename.dyndns.com and sitename.dyndns.com.
4. Click the Add Host button, and you’re done.
If your Apache server is running and your firewall is allowing access through port 80, your Web site should be exposed to the Web.
The exposure you get through the Web is also a liability. Build a good, sturdy firewall to protect the rest of your system — see Technique 34 for more information about firewalls.
Better yet, keep your site in a UML jail. Visit Technique 58 for information about installing Apache in a UML jail with ADIOS.
Updating your IP address
Different ISPs have different policies about changing the IP address of your local network. If you’re connected to the Internet using a dial-up account, your IP address changes each time you connect. Other connection types may assign you a semi-permanent IP address or change your address every few days. If your ISP changes your IP address only when you log out, you need to update the dynamic DNS host information only when you’ve logged out and back in again. If your IP address changes more often, you’ll probably want to use a client program to monitor the changes and update the host information for you.
You can also update the host information manually by visiting your account information at DynDNS. Choose your host from the list of hosts that you manage, and its server will detect your address. If your address has changed, click the Modify Host button to update the information.
Be sensitive to the fact that updating your IP address when it hasn’t changed will invoke the ire of the good people at DynDNS. Compare IP addresses and update your account only if the IP address has changed. Otherwise, your service will be interrupted for abusing your privileges.
Technique 45 is all about creating a self-signed SSL certificate for your Apache Web site. Check it out!
Keeping Your Apache Server
Up-to-Date the Easy Way
If you run an Apache server for any length of time, you’ll probably find it needs a bit of tweaking. You may want to enable new features or add virtual hosts (whole new Web sites) to your servers. You can make those changes directly with a text editor and the Apache configuration file, but you can save time by configuring your server with a good graphical tool.
Fedora Linux comes with a very friendly configuration tool that makes it easy to manage your Apache server: It’s called the HTTP Configuration tool, and we show you how to install and use it in this section. If you’re using a distribution other than Fedora
(say, Mandrake or SuSE), we recommend that you get familiar with Webmin’s Apache configuration module — it’s not as friendly as Fedora’s tool, but it’s better than editing configuration files by hand. See Technique 17 for more information about Webmin.
Keeping Your Apache Server Up-to-Date the Easy Way 315
Fedora’s HTTP Configuration tool is an easy-to-use, graphical interface that allows you to access many of the Apache configuration options with just a few mouse clicks. For simple configuration changes, or complex virtual host setups, it’s great.
Installing the Fedora HTTP Configuration tool
The Fedora HTTP Configuration tool is not installed by default with a standard Fedora installation, but it is included on the Fedora distribution media. So you can have it up and running in no time.
To install the HTTP Configuration tool, follow these steps:
1. Open the terminal window and give yourself superuser privileges with the su command.
2. Mount your Fedora media and move into the directory containing the RPM packages.
3. Enter the following command:
#rpm -Uhv redhat-config-httpd- 1.1.0-5.noarch.rpm
With a few whirrs and clicks, the package installs.
Putting the HTTP Configuration tool to work
After you install the HTTP Configuration tool, it’s ready to use. Follow these steps to open the HTTP Configuration tool:
1. Open the Main Menu and choose System Settings Server Settings HTTP.
A dialog opens, prompting you for the root password.
2. Enter the password and click OK.
The HTTP Configuration tool opens, as shown in Figure 42-9.
• Figure 42-9: The HTTP Configuration tool.
The tool features four tabs, each controlling a different aspect of the Apache service:
Main: The Main tab controls the basic setup of the server. Use this tab to specify the server name and the Webmaster’s e-mail address, and to add or change the IP address(es) that Apache listens to. Click the Edit button to edit the IP address and port information (see Figure 42-10).
• Figure 42-10: Edit the address for your Apache server.
If you have multiple network interface cards on your system, each card has a unique IP address (and, probably, a unique host name). Specify which card Apache should service by selecting the Address radio button and entering the address of the preferred card.
316 Technique 42: Keeping an Apache Server in Top Form
Virtual Hosts: Choose the Virtual Hosts tab to add or edit information about virtual hosts residing on your Apache server. Your Apache server can host multiple Web sites. Each virtual Web site has its own set of properties defining its name, where its root directory resides, and security information for that site.
Click Edit to open the Properties window for existing hosts, or click Add to create additional hosts.
Click the General Options entry in the left frame to open the Basic Setup menu. Use the Basic Setup menu to enter information about the name and location of the Web site files, as well as the Webmaster’s e-mail address.
Use the Site Configuration menu to edit the directory name list and error pages that display for the virtual host.
Click the SSL entry in the left frame of the Virtual Host Properties window to edit the SSL certificate information for the virtual host. If you choose to enable SSL certification, enter the location of the certificates on this menu.
Use the Logging menu to control the transfer logs and error logs for the virtual host.
Adding a reverse DNS lookup to the error log shows you who generates errors, but it also slows down your server. Gain a bit of speed by changing the drop-down list to read No Reverse Lookup.
Use the Environment Variables and Directories menus for advanced management of scripts and directories.
Server: Choose the Server tab on the HTTP Configuration tool to edit user and group ownership information and set the file locations for the process ID, lock file, and core dump directory.
Performance Tuning: Choose the Performance Tuning tab to set the number of connections allowed to the Apache server, and the connection timeout information.
The HTTP Configuration tool manipulates variables in the Apache configuration file. You can edit the configuration file directly with your favorite editor, but if you’re trying to keep life simple, the HTTP Configuration tool is about as quick as it can get.
The configuration file for your Apache server is located at /etc/httpd/conf/httpd.conf. You need superuser privileges to make changes to this file.
We recommend that you make a copy of the configuration file before making any changes to the original. It’s always good to have something to fall back on.
43 Keeping an Eye
on Your Servers
Technique
Save Time By
Using apachetop to monitor your Apache server
Using the MySQL Control Center to monitor and maintain your MySQL server
Using mtop to audit your MySQL statistics at the command line
When you expose a server to others, you need to be able to monitor the server traffic and statistics. With good monitoring tools, you can find the slowdowns and tailor the server’s responses to
your users’ needs.
apachetop is a handy, open-source monitoring tool designed specifically to return information about an Apache Web server. It’s similar in nature to top, running at the command line, and it displays statistics about your server and the users who are visiting it. apachetop is easy to install and use, and although it doesn’t go all out with bells and whistles, it returns a good amount of information. You can use apachetop to monitor not only the visitors to your server, but also your server speed as it serves up the resources in its repertoire.
The MySQL database server is a great tool by itself, but it’s even better with good monitoring and management tools. The MySQL Control Center (MySQLCC) is a graphical tool that lets you monitor, test, and repair the tables in your MySQL databases. You can also use the handy features of the Control Center to manage database users and supervise the database processes.
If you’re working with MySQL in a nongraphical environment, mtop is a handy tool that gathers and displays information about the traffic on your MySQL server. It’s similar to top (and apachetop), and it’s a breeze to use. Installation is a bit of a chore, but don’t worry — we help you through that.
This technique is all about using the tools to monitor and improve your servers. Whether it’s an Apache server or a MySQL server, keeping track of the vital statistics about its operation will let you make decisions that make your servers run faster and keep your users happy.