Automating System Administration with Perl SECOND EDITION Automating System Administration with Perl
Total Page:16
File Type:pdf, Size:1020Kb
Automating System Administration with Perl SECOND EDITION Automating System Administration with Perl David N. Blank-Edelman Beijing • Cambridge • Farnham • Köln • Sebastopol • Taipei • Tokyo Automating System Administration with Perl, Second Edition by David N. Blank-Edelman Copyright © 2009 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (http://my.safaribooksonline.com). For more information, contact our corporate/institutional sales department: 800-998-9938 or [email protected]. Editor: Andy Oram Indexer: Lucie Haskins Production Editor: Sarah Schneider Cover Designer: Karen Montgomery Copyeditor: Rachel Head Interior Designer: David Futato Proofreader: Kiel Van Horn Illustrator: Robert Romano Printing History: May 2009: Second Edition. O’Reilly and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. Automating System Administration with Perl, the image of a sea otter, and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information con- tained herein. ISBN: 978-0-596-00639-6 [M] 1241809111 To Cindy, ever the love of my life, and to Elijah, a true blessing. Table of Contents Preface . xv 1. Introduction . 1 Automation Is a Must 1 How Perl Can Help You 2 This Book Will Show You How 3 What You Need 5 Some Notes About the Perl Versions Used for This Book 6 What About Perl 5.10? 6 What About Strawberry Perl? 6 What About Perl 6? 6 Some Notes About Using Vista with the Code in This Book 7 Locating and Installing Modules 8 Installing Modules on Unix 9 Installing Modules on Win32 9 It’s Not Easy Being Omnipotent 10 Don’t Do It 10 Drop Your Privileges As Soon As Possible 10 Be Careful When Reading Data 11 Be Careful When Writing Data 12 Avoid Race Conditions 12 Enjoy 13 References for More Information 13 2. Filesystems . 15 Perl to the Rescue 15 Filesystem Differences 16 Unix 16 Windows-Based Operating Systems 16 Mac OS X 18 Filesystem Differences Summary 19 Dealing with Filesystem Differences from Perl 19 vii Walking or Traversing the Filesystem by Hand 21 Walking the Filesystem Using the File::Find Module 26 Walking the Filesystem Using the File::Find::Rule Module 36 Manipulating Disk Quotas 38 Editing Quotas with edquota Trickery 40 Editing Quotas Using the Quota Module 44 Editing NTFS Quotas Under Windows 45 Querying Filesystem Usage 46 Module Information for This Chapter 48 References for More Information 48 3. User Accounts . 49 Unix User Identities 50 The Classic Unix Password File 50 Changes to the Password File in BSD 4.4 Systems 57 Shadow Passwords 58 Windows-Based Operating System User Identities 59 Windows User Identity Storage and Access 59 Windows User ID Numbers 61 Windows Passwords Don’t Play Nice with Unix Passwords 63 Windows Groups 63 Windows User Rights 68 Building an Account System to Manage Users 71 The Backend Database 73 The Low-Level Component Library 78 The Process Scripts 89 Account System Wrap-Up 94 Module Information for This Chapter 97 References for More Information 97 Unix Password Files 97 Windows User Administration 98 4. User Activity . 99 Process Management 100 Windows-Based Operating System Process Control 100 Unix Process Control 119 File and Network Operations 125 Tracking File Operations on Windows 125 Tracking Network Operations on Windows 128 Tracking File and Network Operations in Unix 129 Module Information for This Chapter 135 Installing Win32::Setupsup 135 References for More Information 136 viii | Table of Contents 5. TCP/IP Name and Configuration Services . 137 Host Files 137 Generating Host Files 140 Error-Checking the Host File Generation Process 143 Improving the Host File Output 144 Incorporating a Source Code Control System 148 NIS, NIS+, and WINS 151 NIS+ 154 Windows Internet Name Server (WINS) 154 Domain Name Service (DNS) 155 Generating DNS (BIND) Configuration Files 156 DNS Checking: An Iterative Approach 165 DHCP 174 Active Probing for Rogue DHCP Servers 176 Monitoring Legitimate DHCP Servers 181 Module Information for This Chapter 183 References for More Information 184 6. Working with Configuration Files . 185 Configuration File Formats 188 Binary 188 Naked Delimited Data 189 Key/Value Pairs 190 Markup Languages 192 All-in-One Modules 235 Advanced Configuration Storage Mechanisms 236 Module Information for This Chapter 236 References for More Information 237 XML and YAML 237 7. SQL Database Administration . 239 Interacting with a SQL Server from Perl 240 Using the DBI Framework 243 Using ODBC from Within DBI 249 Server Documentation 251 MySQL Server via DBI 252 Oracle Server via DBI 254 Microsoft SQL Server via ODBC 255 Database Logins 258 Monitoring Space Usage on a Database Server 260 Module Information for This Chapter 263 References for More Information 263 DBI 263 Table of Contents | ix Microsoft SQL Server 264 ODBC 264 Oracle 264 8. Email . 265 Sending Mail 265 Getting sendmail (or a Similar Mail Transport Agent) 266 Using the OS-Specific IPC Framework to Drive a Mail Client 266 Speaking the Mail Protocols Directly 268 Common Mistakes in Sending Email 273 Overzealous Message Sending 273 Subject Line Waste 282 Insufficient Information in the Message Body 282 Fetching Mail 285 Talking POP3 to Fetch Mail 285 Talking IMAP4rev1 to Fetch Mail 287 Processing Mail 291 Dissecting a Single Message 291 Dissecting a Whole Mailbox 296 Dealing with Spam 297 Support Mail Augmentation 305 Module Information for This Chapter 310 References for More Information 311 9. Directory Services . 313 What’s a Directory? 313 Finger: A Simple Directory Service 314 The WHOIS Directory Service 318 LDAP: A Sophisticated Directory Service 321 LDAP Programming with Perl 322 The Initial LDAP Connection 323 Performing LDAP Searches 325 Entry Representation in Perl 329 Adding Entries with LDIF 331 Adding Entries with Standard LDAP Operations 333 Deleting Entries 334 Modifying Entry Names 335 Modifying Entry Attributes 337 Deeper LDAP Topics 339 Putting It All Together 348 Active Directory Service Interfaces 354 ADSI Basics 355 Using ADSI from Perl 357 x | Table of Contents Dealing with Container/Collection Objects 359 Identifying a Container Object 360 So How Do You Know Anything About an Object? 360 Searching 363 Performing Common Tasks Using the WinNT and LDAP Namespaces 366 Working with Users via ADSI 367 Working with Groups via ADSI 369 Working with File Shares via ADSI 369 Working with Print Queues and Print Jobs via ADSI 370 Working with Windows-Based Operating System Services via ADSI 371 Module Information for This Chapter 373 References for More Information 373 LDAP 373 ADSI 374 10. Log Files . 377 Reading Text Logs 377 Reading Binary Log Files 378 Using unpack() 378 Calling an OS (or Someone Else’s) Binary 383 Using the OS’s Logging API 384 Structure of Log File Data 385 Dealing with Log File Information 388 Space Management of Logging Information 388 Log Parsing and Analysis 395 Writing Your Own Log Files 425 Logging Shortcuts and Formatting Help 425 Basic/Intermediate Logging Frameworks 426 Advanced Logging Framework 428 Module Information for This Chapter 429 References for More Information 430 11. Security . 433 Noticing Unexpected or Unauthorized Changes 434 Local Filesystem Changes 434 Changes in Data Served Over the Network 440 Noticing Suspicious Activities 442 Local Signs of Peril 442 Finding Problematic Patterns 444 Danger on the Wire, or “Perl Saves the Day” 449 Preventing Suspicious Activities 460 Suggest Better Passwords 460 Reject Bad Passwords 461 Table of Contents | xi Module Information for This Chapter 466 References for More Information 467 12. SNMP . 469 Using SNMP from Perl 469 Sending and Receiving SNMP Traps, Notifications, and Informs 480 Alternative SNMP Programming Interfaces 484 Module Information for This Chapter 486 References for More Information 486 13. Network Mapping and Monitoring . 489 Network Mapping 489 Discovering Hosts 490 Discovering Network Services 499 Physical Location 501 Presenting the Information 503 Textual Presentation Tools 503 Graphical Presentation Tools 507 Monitoring Frameworks 522 Extending Existing Monitoring Packages 524 What’s Left? 526 Module Information for This Chapter 527 References for More Information 527 14. Experiential Learning . 529 Playing with Timelines 530 Task One: Parsing crontab Files 530 Task Two: Displaying the Timeline 531 Task Three: Writing Out the Correct XML File 533 Putting It All Together 534 Summary: What Can We Learn from This? 536 Playing with Geocoding 537 Geocoding from Postal Addresses 537 Geocoding from IP Addresses 541 Summary: What Can We Learn from This? 544 Playing with an MP3 Collection 544 Summary: What Can We Learn from This? 546 One Final Exploration 546 Part One: Retrieving the Wiki Page with WWW::Mechanize 547 Part Two: Extracting the Data 550 Part Three: Geocoding and Mapping the Data 551 Summary: What Can We Learn from This? 554 Remember to Play 555 xii | Table of Contents Module Information for This Chapter 555 Source Material for This Chapter 556 A. The Eight-Minute XML Tutorial . 557 B. The 10-Minute XPath Tutorial . 563 C. The 10-Minute LDAP Tutorial . 573 D. The 15-Minute SQL Tutorial . 579 E. The Five-Minute RCS Tutorial . 593 F. The Two-Minute VBScript-to-Perl Tutorial . 597 G.