Book Image

Mastering Linux Administration

By : Alexandru Calcatinge, Julian Balog
Book Image

Mastering Linux Administration

By: Alexandru Calcatinge, Julian Balog

Overview of this book

Linux plays a significant role in modern data center management and provides great versatility in deploying and managing your workloads on-premises and in the cloud. This book covers the important topics you need to know about for your everyday Linux administration tasks. The book starts by helping you understand the Linux command line and how to work with files, packages, and filesystems. You'll then begin administering network services and hardening security, and learn about cloud computing, containers, and orchestration. Once you've learned how to work with the command line, you'll explore the essential Linux commands for managing users, processes, and daemons and discover how to secure your Linux environment using application security frameworks and firewall managers. As you advance through the chapters, you'll work with containers, hypervisors, virtual machines, Ansible, and Kubernetes. You'll also learn how to deploy Linux to the cloud using AWS and Azure. By the end of this Linux book, you'll be well-versed with Linux and have mastered everyday administrative tasks using workflows spanning from on-premises to the cloud. If you also find yourself adopting DevOps practices in the process, we'll consider our mission accomplished.
Table of Contents (20 chapters)
Section 1: Linux Basic Administration
Section 2: Advanced Linux Server Administration
Section 3: Cloud Administration

Understanding Linux security

One of the significant considerations for securing a computer system or network is the means for system administrators to control how users and processes can access various resources, such as files, devices, and interfaces, across systems. The Linux kernel provides a handful of such mechanisms, collectively referred to as Access Control Mechanisms (ACMs). We will describe them briefly next.

Discretionary Access Control

Discretionary Access Control (DAC) is the typical ACM related to filesystem objects, including files, directories, and devices. Such access is at the discretion of the object's owner when managing permissions. DAC controls the access to objects based on the identity of users and groups (subjects). Depending on a subject's access permissions, they could also pass permissions to other subjects – an administrator managing regular users, for example.

Access Control Lists

Access Control Lists (ACLs)...