Re: Newbie On XFree86

[Matt Drew <mdrew redhat com>]

> Wow.  I wish I personally knew someone who has the insight that you do
> into the difficulties and frustrations involved in migrating from
> 'something else' into the Unix/Linux environment.  You should perhaps
> consider writing a book.  I can see that you know a lot about your

Errrm.  Thanks.  Not unless Red Hat gives me time to do it, as I'm pretty
busy.:)  (Install-list is part of my job, although I get carried away
sometimes.)

> subject and yet have the ability to see that there are other worlds
> and other points of view that most 'help' and 'doc' writers fail to
> grasp.  Following is a verbatim passage from an Apache chapter from a
> Linux 'Complete Reference' manual I spent $70.00 on:
>
> The access control directives can be used globally to control access
> to the entire site or placed within Directory directives to control
> access to individual directives.  In the following example, all users
> are allowed access.
>
>    order  allow, deny
>    allow from all
>
> Now what am I supposed to infer (conclusively) from that?  The 'allow

You are supposed to infer that allowing happens first, then denying.  This
is similar to tcpwrappers if you have any experience with that.  The
reasoning behind this is that there are several modes in which I might
want to configure my access:

1)allow everyone except for some specific person
2)deny everyone except for some specific person
3)combination of both

This allows you to switch the order of the allow/deny commands in order to
control the access to the file(s).  For example, if I wanted to deny
everyone...

> from all' certainly seems to indicate that all users are allowed
> access, so why is the 'order allow,deny' part included in the example?
> What if I'd specified 'order deny, allow'?  This is never mentioned.

I would use this (actually "order deny, allow/deny from all" if I remember
my Apache syntax correctly).  You're on the right track even without them
mentioning it. :)

> I could cite a million examples of this sort of thing that I have
> encountered in my Linux experience.

This is because these documentators assume that you know what you are
doing relative not to Apache but to *web servers* in general, and think
that you are merely looking for how to do it in Apache.  This excerpt made
sense to me because I had already learned about that sort of thing working
with IIS.  This is an assumption that pervades almost all of the Linux
documentation that I have seen, especially man pages (and rightly so in
that case, since there is no room for explanations in the man page -- but
there should be examples).  I would go even further than that, come to
think of it, because most Microsoft documentation is that way too, and the
Solaris stuff I've read is worse than both of those.

This is why members of the Linux community often state that there is tons
of documentation, while new users go "huh?" because they can't find the
information they need to know -- namely, *why* something is the way it is
and how it works, rather than how to configure it.

It actually has bugged me for years that there isn't better theoretical
documentation on any computer system, let alone on any operating systems.
Linux and other open source OSes have the advantage of the source code,
and really good "how-to" type documentation, so despite the dearth of
theoretical docs, you can usually muddle your way through.

There are better books out there.  I highly recommend (still) Kabir's "Red
Hat Linux 6 Server" as the seminal Red Hat 6.x book -- excellent
descriptions and coverage.  Also, "Securing and Optimizing Linux, Red Hat
Edition" by Mourani is fantastic (www.linuxdoc.org).  There are a ton of
others, all recommended in their particular areas; O'Reilly tends to have
a very high concentration of these, for some reason. :)

Anyone else have some recommended books or favorites?

Matt

-- 
Matt Drew
Executive Officer
Red Hat Consumer Services