Book Review: BSD Hacks

George Rosamond <george at nycbug dot org>

Dru Lavigne's BSD Hacks (O'Reilly and Associates, May 2004) is an enormously useful resource for systems administrators and end-users alike.

There has been a variety of BSD books that have been released over the past several years. BSD Hacks, however, is the first book that is almost solely focused on hacks for sysadmins, without boring you with the details for basic operating system installation and configuration that has been so well documented elsewhere.

It's not just for sysadmins though. Intermediate and more advanced BSD users will also find the book an excellent tool.

There are lots of good hacks buried in the various BSD books, around the Internet in different how-to's and tutorials. But BSD hacking is the sole purpose of BSD Hacks. No need to browse through install screens and the basics of TCP/IP before getting to the heart of the matter.

With 100 listed hacks, multiplied by an impressive level of detailed angles for each, Dru provides an array that demands the placement of this book right in your server room, not in a pile of "must-read-at-some-distant-point-in-the-future" texts.

This review obviously can't list every hack, although you would be smart to sit and work through the book yourself over a weekend or two. But it is possible to provide a good flavor of BSD Hacks in brief. O'Reilly and Associates does give a good glimpse on their Sample Hacks page. Let's do a quick work through ourselves.

The first chapter is called "Customizing the User Environment," and is probably best for end-users looking to go beyond their first steps. But it does include some very useful hacks, such as "Use an Interactive Shell" that certainly fit well into the arsenal of any sysadmin, not to mention Hack #12 "Use Multiple Screens on One Terminal."

The second chapter, "Dealing with Files and Filesystems" also contains gems for both end-users and sysadmins. The use of mtree, which maps a directory hierarchy, is mentioned as a tool for recovery. Later on in chapter 6, Dru details its use for making a hacked data integrity checker, thus filling the gap often played by products such as Tripwire.

Another great tool Dru covers in the second chapter is g4u, a free ghosting program that gives you the ability for quick restores over FTP. Ghosting a drive image is an incredibly useful tool, whether it's about replicating servers or doing a quick reinstall and configuration when a server fails in an emergency.

Chapter 3 is entitled "Boot and Login Environments." It gives some hacks that aren't just for basic system administration, but also some useful security ones including changing your /etc/passwd file to Blowfish encryption and utilizing OPIE for one-time passwords, which is built into FreeBSD.

"Backup Up" is the focus of Chapter 4. It includes some very creative methods of dealing with maintaining that necessity, but also includes an excellent primer on Bacula, which is increasingly gaining prominence as a cross-platform backup system.

Chapter 5 covers "Network Hacks," and continues on educating a sysadmin. Included in this chapter is the tcpdump program, a vital tool for watching traffic flowing by your network interfaces.

There is a strong security focus in Chapter 6, entitled "Securing the System." While security hacks are sprinkled generously throughout the book, this chapter works with firewalling with IPF and PF, in addition to covering SSH and Snort. It also includes the earlier mentioned intrusion detection light version with mtree.

Chapter 7, "Going Beyond the Basics" explores scripting, analyzing dreaded buffer overflows and more. She also includes a bit on "Creating a Trade Show Demo," not something you'd expect documented in print anywhere. Nevertheless something that is quite useful for anyone working for the BSDs at a conference.

Dru continues with "Keeping Up-to-Date" in Chapter 8, which includes useful details on upgrading and even downgrading your installed ports.

The final chapter is "Grokking BSD." "Grok," as Dru comments, refers to the science fiction writer Heinlein's Martian term for having a "thorough understanding." Dru covers creating your own manual pages, dealing with custom patches, playing with dictionaries and more.

Certainly there are no walls between each chapter, as many of the hacks could be shifted around. All the more reason to work your way through the book from beginning to end.

One useful addition for this book could have been somehow denoting which of the BSDs, if not all, the hacks were appropriate to. Certainly not all are available to Darwin and Apple's OS X, without further knowledge of hacking port source code.

While many of the hacks are found somewhere in the manual pages, on some useful website, buried in another book or in the minds of some developer somewhere, but not necessarily in the annals of official documentation.

No single book or site that provides the depth and breadth that Dru provides.

It's a project that no one individual is capable of doing. Dru managed to tap into the thoughts of dozens of developers and sysadmins around the world, greatly enhancing the variety of hacks in this book.

Whether you're a sysadmin managing hundreds of servers, or a power user ready to go beyond the obvious, BSD Hacks belongs next to your CRT.

Spend a weekend working through this book. You won't regret it.