{"id":147,"date":"1999-12-21T20:16:00","date_gmt":"1999-12-22T04:16:00","guid":{"rendered":"http:\/\/www.jeffcarl.com\/?p=147"},"modified":"2020-07-08T19:04:33","modified_gmt":"2020-07-09T02:04:33","slug":"freenixes-ease-of-use-and-common-administrative-tasks","status":"publish","type":"post","link":"http:\/\/www.jeffcarl.com\/index.php\/1999\/12\/21\/freenixes-ease-of-use-and-common-administrative-tasks\/","title":{"rendered":"Freenixes, Ease of Use and Common Administrative Tasks"},"content":{"rendered":"\n

By Jeffrey Carl<\/strong><\/p>\n\n\n\n

\"Boardwatch
Boardwatch Magazine, December 1999<\/figcaption><\/figure><\/div>\n\n\n\n

Boardwatch Magazine was the place to go for Internet Service Provider industry news, opinions and gossip for much of the 1990s. It was founded by the iconoclastic and opinionated Jack Rickard in the commercial Internet’s early days, and by the time I joined it had a niche following but an influential among ISPs, particularly for its annual ranking of Tier 1 ISPs and through the ISPcon tradeshow. Writing and speaking for Boardwatch was one of my fondest memories of the first dot-com age.<\/em><\/p>\n\n\n\n

Hi there, and welcome back to the only column in Boardwatch<\/em>  read even less frequently than the lame Lucent ads. This month, we\u2019ll be taking a look at common tasks for many system administrators, and whether doing them with a Free Unix (Linux or any of the various free BSDs) will make you pull out your hair and insert your foot in the disk drive instead of a system disk.<\/p>\n\n\n\n

Freenixes and Ease of Use<\/h2>\n\n\n\n

Recently, we\u2019ve looked at why you might want to switch to a Freenix instead of a commercial OS like Solaris (\u201cWe\u2019re the dot in $6,000.00\u201d) or Windows NT Server (\u201cThe best Solitaire $2500 can buy!\u201d). But the fact remains that an operating system isn\u2019t really \u201cfree\u201d if you need to include the costs of divorce and therapy in it. So, can a non-Unix-guru easily accomplish the tasks with a Freenix that he or she is accustomed to doing on a commercial OS?<\/p>\n\n\n\n

There are two main ease-of-use problems you\u2019ll face with a Freenix. First is that there\u2019s no such thing as a Unix Server for Dummies. All<\/em> Unixes are \u2013 by design \u2013 operating systems by<\/em> people who know what they\u2019re doing, for<\/em> people who know what they\u2019re doing. (By way of comparison, Windows 98 and MacOS are operating systems by people who usually know what they\u2019re doing, for people who don\u2019t even want to know what they\u2019re doing. Windows NT is an operating system by people who like stock options, for people who like certification classes.) You\u2019re probably never going to be in full command of a Freenix system until you\u2019ve taken the time to read through a stack of \u201cO\u2019Reilly\u201d books and really learn your OS. This is true of any server OS; it\u2019s just a lot harder to \u201cfake it\u201d with Unix. <\/p>\n\n\n\n

Second is an element that sounds obvious but shouldn\u2019t be discounted: there\u2019s no tech support number to call. Unless you\u2019re willing to pay LinuxCare or one of the other Linux or OpenBSD commercial support companies, you\u2019re stuck with books, online manual pages and documentation, and the support of your fellow Freenix users. Books and documentation cover a lot of your questions, but you\u2019ll still run into plenty of problems where the only real solution is to ask someone who has had the same problem before. Ninety-nine percent of the problems new users will encounter can be handled by the tried-and-true RTFM (\u201cRead The F***ing Manual\u201d) method; but you will<\/em> inevitably encounter a technical dead end where your best bet is to pray that someone responds to your newsgroup or mailing list post quickly. <\/p>\n\n\n\n

A few caveats need to be given for these ratings. I\u2019m assuming that you\u2019re using the most common free tools here (Apache<\/strong>, Sendmail<\/strong>, etc.); using third-party applications may be significantly different (and probably easier). Also, I\u2019m assuming that you\u2019re willing to get your hands dirty a little with command-line administration and aren\u2019t relying entirely on point-and-click options. So, with that being said, let\u2019s take a look at a few common administrative tasks, the flexibility of configuration options that Freenixes provide, and their ease of use:<\/p>\n\n\n\n

Networking Setup<\/em><\/strong><\/h1>\n\n\n\n

Flexibility:<\/strong> Immense.<\/p>\n\n\n\n

Ease for Enough-To-Get-By Administration:<\/strong> Very easy.<\/p>\n\n\n\n

Ease for Advanced Administration:<\/strong> Ranges from breezy to baffling.<\/p>\n\n\n\n

The greatest virtue of all Freenixes is that, for everything that you want to do, somebody else has already wanted to do that same thing. And, usually, they\u2019ve been a Computer Science student or professor, a communist, or someone else dumb enough to write a program to do it and give it away for free. Therefore, the vast majority of common sysadmin tasks on a Freenix already have a tool to set things up and save you work.<\/p>\n\n\n\n

Most Freenixes provide a networking setup tool during their installer process that allows you to set up basic (Ethernet or PPP) network connectivity with only a few pieces of information. Even for some more advanced tasks, Linux tools (like linuxconf<\/strong> in its command-line or GUI versions) or FreeBSD\u2019s \/stand\/sysinstall program give you simple options for configuring normally arcane tasks. You can generally turn your machine into an ersatz router by running RouteD<\/strong> or GateD<\/strong>, share NFS drives or enable ISDN, ATM or other interfaces with a couple of minutes\u2019 work. These easy-admin programs are (as all Freenix GUI\/semi-GUI tools are) just tools for modifying the text configuration files hidden somewhere else on the server (e.g., \/etc\/rc.network, etc.) that do the actual work. If you\u2019re willing to take a shot at editing the actual text configuration files, your options increase. <\/p>\n\n\n\n

However, be warned that certain advanced or uncommon tasks are going to require not only hunting down the requisite files but also knowing about how networking actually<\/em> works on an interface and packet level. Nonetheless, the majority of us who don\u2019t<\/em> have a \u201cseven-layer OSI model\u201d tattoo can still get the job done using the available tools.<\/p>\n\n\n\n

User Administration<\/em><\/strong><\/h1>\n\n\n\n

Flexibility:<\/strong> So-so.<\/p>\n\n\n\n

Ease for Enough-To-Get-By Administration:<\/strong> Very easy.<\/p>\n\n\n\n

Ease for Advanced Administration:<\/strong> Nothing you can\u2019t handle.<\/p>\n\n\n\n

It should be noted that the Unix system security model defines the amount of user account configuration you can do. Unlike Windows NT, you aren\u2019t able to specify \u201csemi-privileged\u201d accounts; practically speaking, you\u2019re root<\/strong> or you\u2019re nobody<\/strong>. (A little joke there. Very<\/em> little.) However, if you\u2019re willing to get wise in the ways of the Unix permission structure (each file or directory has settings for the permissions allowed to the owner\/creator of the file, other users in the owner\u2019s group, and all other users on the system), you can replicate much of this functionality through selectively adding users to specific groups.<\/p>\n\n\n\n

For ease-of-administration, Linux leads the way here, providing GUI tools for nearly all window managers that allow you to create and delete users, set disk space quotas, define user meta information and shell info. (These tools are also available for the *BSDs, but they are native to Linux.) Overall, you\u2019ll find simple user administration tasks (as mentioned above) to be quite simple and easily done through either a GUI tool or the command line. Advanced tasks (like putting the user in a chroot<\/strong>-ed environment, or limiting their access to certain methods) are less simple, but still pretty easily accomplished.<\/p>\n\n\n\n

FTP Server<\/em><\/strong><\/h1>\n\n\n\n

Flexibility:<\/strong> How flexible were you expecting FTP to be?<\/p>\n\n\n\n

Ease for Enough-To-Get-By Administration:<\/strong> Super easy.<\/p>\n\n\n\n

Ease for Advanced Administration:<\/strong> Nothing a few Unix man<\/strong> pages can\u2019t fix.<\/p>\n\n\n\n

If what you\u2019re looking for is to allow users to FTP their files to and from their accounts, this is a no-brainer: it\u2019s already set up by default in the *BSDs and most Linux distributions. Likewise, allowing anonymous FTP (even for specific users or directories) is a very simple task \u2013 albeit one handled through a command-line interface with a text editor. <\/p>\n\n\n\n

Even better, there are plenty of free FTP Daemons (servers) which give even more advanced features than the default FTPD provided with most Freenixes. FTP isn\u2019t exactly a terribly option-heavy service, and nearly all of your needs can be easily dealt with. Note, however, that advanced issues (like denying FTP to specific users or hosts) aren\u2019t immediately obvious, and may take a bit more work with your \/etc\/hosts.allow or ftpd config file.<\/p>\n\n\n\n

Web Server<\/em><\/strong><\/h1>\n\n\n\n

Flexibility:<\/strong> Like a gymnastics instructor.<\/p>\n\n\n\n

Ease for Enough-To-Get-By Administration:<\/strong> Easy.<\/p>\n\n\n\n

Ease for Advanced Administration:<\/strong> No worse than doing your taxes.<\/p>\n\n\n\n

Apache (so named because it was \u201ca patchy\u201d upgrade to the original free NCSA webserver) is by far the most popular webserver for Freenixes, and with good reason. It\u2019s stable, it\u2019s almost ridiculously extensible, and it has excellent performance. <\/p>\n\n\n\n

While fairly rudimentary GUI tools exist (again, native to Linux) for Apache configuration, the command line is the way to go. The good news is that the Apache team has gone to great lengths to make this as painless as possible. There are plenty of great books out there on not only configuring Apache, but also on tweaking it for performance as well. With the newest versions of Apache (1.3.4 and greater), all configuration options have by default moved to a single file, the httpd.conf file, located in \/etc\/httpd\/, \/usr\/local\/apache\/etc\/, or some other directory depending on your OS, your version of Apache, the phase of the moon and a random 32-bit number). <\/p>\n\n\n\n

The default httpd.conf file is extremely well documented, and includes either explanations or examples (or both) for every configuration directive in the file. The great part is that most options are relatively self-explanatory, and by editing this one file you can easily set up everything from CGI execution and file icons to virtual hosts.  <\/p>\n\n\n\n

Performance tuning is where things can sometimes get tricky. Most of the GUI\/semi-GUI tools (as mentioned above) available will carry the heavy lifting for you \u2013 including kernel modifications and other items. However, getting the most out of your webserver may require you to recompile Apache with or without some of its default modules. Nonetheless, Apache is nothing if not exhaustively documented in books and at its website (www.apache.org)<\/a>, and things are at worst frustrating rather than impossible.<\/p>\n\n\n\n

Mail Server<\/em><\/strong><\/h1>\n\n\n\n

Flexibility:<\/strong> Ridiculously flexible.<\/p>\n\n\n\n

Ease for Enough-To-Get-By Administration:<\/strong> Fairly easy.<\/p>\n\n\n\n

Ease for Advanced Administration:<\/strong> You\u2019d better have some \u201cAdvil\u201d handy.<\/p>\n\n\n\n

Sendmail is the most powerful and configurable mail server out there (especially for free). The default configuration installed with nearly all Freenixes is all that 99 percent of Sendmail users (like you and me) will ever need. Thank God, because we\u2019d be shooting ourselves left and right if we ever needed to seriously configure the damn thing.<\/p>\n\n\n\n

Simple mailserver elements like POP3 accounts are built in by default. E-mail aliases and redirection are easily accomplished with an absolute minimum of configuration (through the \/etc\/aliases and \/etc\/mail\/virtusertable.db files). In recent versions of Sendmail, anti-spam relaying measures are included by default, and these can easily be circumvented if needed by adding mail-sending domains to the \/etc\/mail\/relay-domains file. <\/p>\n\n\n\n

With that being said, God help you if you ever need to do some serious digging in the Sendmail configuration (\/etc\/sendmail.cf) file. Sendmail\u2019s primary configuration file is written in something that looks like a cross between C code and Swedish, or maybe both. I was looking through that file and somewhere around line 4000 I actually found a bunch of John Dvorak\u2019s delicious recipes. Sendmail is probably the archetypal example of Unix\u2019s configurability and inscrutability at its best and worst.<\/p>\n\n\n\n

For other common mail tasks, there are plenty of common free tools out there. The free pine 4.10<\/strong> package offers not only the easiest Unix mail reader out there, but an excellent IMAP server (and text editor, with pico<\/strong>) as well. The free majordomo 1.94.4<\/strong> package provides excellent mailing list options \u2013 although at a performance price, since it\u2019s written in Perl and tends to eat up a lot of RAM when it\u2019s running.<\/p>\n\n\n\n

The Moral of the Story<\/h2>\n\n\n\n

Freenixes can save you thousands of dollars if you\u2019re willing to pay a few hundred dollars for technical books and learn how to use them (the Freenixes, not the books). For common ISP sysadmin tasks, 90 to 95 percent of your work can be easily done on an OS with friendly tools and frequent updates. If you\u2019re brave enough to handle any<\/em> Unix, you\u2019re brave enough to handle a Freenix. However, if you\u2019re a point-and-click addict, or need something with an unhelpful tech support phone line, a Freenix won\u2019t be for you.<\/p>\n","protected":false},"excerpt":{"rendered":"

By Jeffrey Carl Boardwatch Magazine was the place to go for Internet Service Provider industry news, opinions and gossip for much of the 1990s. It was founded by the iconoclastic and opinionated Jack Rickard in the commercial Internet’s early days, and by the time I joined it had a niche following but an influential among … Continue reading Freenixes, Ease of Use and Common Administrative Tasks<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":22,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,66],"tags":[],"class_list":["post-147","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-boardwatch-writing","category-tech"],"jetpack_featured_media_url":"http:\/\/www.jeffcarl.com\/wp-content\/uploads\/2020\/04\/bwatch.gif","_links":{"self":[{"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/147","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/comments?post=147"}],"version-history":[{"count":1,"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/147\/revisions"}],"predecessor-version":[{"id":148,"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/posts\/147\/revisions\/148"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/media\/22"}],"wp:attachment":[{"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/media?parent=147"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/categories?post=147"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.jeffcarl.com\/index.php\/wp-json\/wp\/v2\/tags?post=147"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}