The Perl CD Bookshelf

O'Reilly & Associates, Inc., May 2001
672 pages, £56.95
ISBN 0-596-00164-9

(Reviewed by Joel Smith)

O'Reilly have updated their Perl CD Bookshelf . In the process, it has shrunk from six books to five. So what is going on? The common books are Perl in a Nutshell, Advanced Perl Programming and The Perl Cookbook (all 1st edition). Programming Perl gets updated to the current 3rd Edition, and Perl for System Administration replaces Learning Perl and Learning Perl on Win32. As before, the bookshelf comes with a paperback copy of Perl in a Nutshell as a bonus.

Although some might complain that the CD is less value than before, as it only covers five books, rather than the six of the first edition, I think that the balance is far better now than it used to be. Was there really a need to have Perl in Nutshell, Learning Perl, and Learning Perl on Win32 on the CD? My feeling is that Perl for System Administration adds more depth to the CD than the two omitted books.

I also suspect that it might have been partly to do with logistics. The Perl CD Bookshelf was published in May, whilst the 3rd edition of Learning Perl did not come along until July. The 2nd edition dates back to 1997, and is more than a little long in the tooth. Putting the older version on the CD would lead to it rapidly becoming out of date.

Enough of the books, and on to the CD itself, and in particular the usability of the search engine. Firstly a word of caution. There is a bug on the CD which prevents the search engine from working with anything other than Windows (and versions of Mac OS prior to X). It fails under Linux, Solaris, MacOS X (native and classic mode).

The problem is that the Java search page refers to an archive, which is a file which does not exist on the CD (DOH!), even though the expanded directory does exist. The Windows version works because there is an alternative reference to a file which does exist.

For O'Reilly to produce a Perl CD which does not work under UNIX is a serious faux pas, and they appreciate this. I received this email back from them when I reported the problem.

You're right about expecting better QA testing on the disk, especially for Linux from us. This was definitely a blunder, but we have made changes in our QA process for those products, and it should not happen again!

They have provided a fix for the problem which can be downloaded from . The file is called This supplies the missing file as well as providing several fixes for broken links and errata from the books. Of course, to be able to apply the fixes, you need to install the files on your hard disk, rather than running from the CD, but if this bothers you, you can always cut the fixed files to a new CD.

But how good is the search engine once you have it installed? On one hand, it is streets ahead of the rather dismal engine that came with the older edition. It runs directly from the browser, without requiring any server processes running. It does this by using a Java applet interface to query a pre-generated index of terms derived from the full text of all book pages on the CD-ROM. It runs on any browser supporting Java 1.1.2 or later, and it does indeed seem to be cross-platform.

Unfortunately one other rather serious blunder is with the indexing (once I got the search applet working). Bearing in mind that this is a bookshelf on Perl, I would have thought that I should have been able to search on functions such as $arg, or ExtUtils::MakeMaker, or $_, etc. It appears that anything with a special character (not that rare in Perl!) is excluded from the search engine. So to do a search on ExtUtils::MakeMaker, you would have to search on ExtUtils and MakeMaker, rather than the full module. Thankfully, there is also the master index on the CD which allows you to browse through a linked alphabetical index (exactly as you would find in the back of the books).

Since you have had to install the files on your hard disk, there is nothing to stop you running ht://dig or your favourite indexing software on it yourself, and creating your own search engine. However, it should not be necessary to have to resort to this. O'Reilly are looking into ways to fix things in future editions.

To sum up, it is very useful to be able to have an electronic version of these books. In spite of the reduction in the number of books on the CD, the breadth of information is greater, and the CD hence more useful. Oh yes, it also works out much cheaper than buying the books individually, but is probably less amenable to bedtime reading!

Joel Smith is the Senior UNIX Administrator for IFonline.

Effective awk programming

Arnold Robbins
O'Reilly & Associates, Inc.
421 pages, £28.50
ISBN 0-596-00070-7

(Reviewed by Jan Wysocki)

This book claims just one version of a freely adaptable manual. It is licensed with the Free Software Foundation's Free Documentation Licence and is said to be available in electronic form for you to copy and modify. However, I (well ok — Google and Teoma) was unable to locate an online copy of the whole book.

I realise that awk may be so old and obscure to today's Unix newcomers that I should explain what awk is. It is an interpreted language designed to allow you to search and manipulate large text files. The text might be in a terse database format, for example, a few years ago, you could download the whole Internet Movie Database and the associated awk programs to allow you to do much the same searches that you can conduct via the website today. You might use it today to filter news items on a press agency feed, or to tidy your email archives.

Long ago I wrote and maintained fairly large awk programs. Nowadays I rarely use more than single line awk programs in the shell scripts that I write. I know that I could often write the whole shell script more effectively as an awk program, but habit and memory loss get in the way. When I saw that this new edition was coming out I decided that reviewing it would be just the fillip I needed to get back into awk programming. As it turns out I have not actually written much awk since receiving the book, but I have got excited enough to actually grab and compile version 3.1 of the gawk source code, so that I could try out some new features. When work requires it, this will be the book I choose to consult when writing awk programs in future.

The book is arranged in two parts and works conveniently as either an introduction to awk programming, or as a reference manual for the whole language. I am a little surprised that there is only one reference to executable awk programs, right at the start. It is such a convenient feature, of modern Unix variants, that I feel that beginners need a later reminder. However, I cannot fault the comprehensive nature of this book. It is clearly laid out with an adequate guide to the contents, frequent cross references to other parts of the book and a comprehensive index. A book like this is never going to be unputdownable, but if you need to write or understand awk programs on your system, then you might want this book on your desk. I say might because, if you do not need the newer or more complex features of awk, then O'Reilly's "Sed and Awk" 2nd edition, 1997, may be sufficient.

Oh, I had better tell you that what got me excited enough to move from gawk 3.0 to 3.1 is the introduction of two way pipes that allow awk to communicate with subprograms either on the same host or across a network using TCP/IP. I have not actually written anything useful yet, but writing trivial awk programs to communicate with remote hosts is quick, simple and unaccountably pleasing.

Jan is currently administrating a Solaris / Apache / Weblogic / Oracle / Java development environment for Virgin Money.

Learning Web Design: A beginner's Guide to HTML, Graphics and Beyond

Jennifer Niederst
O'Reilly & Associates, Inc.
388 pages, £24.95
ISBN 0-596-00036-7

(Reviewed by Lindsay Marshall)

The blow-ins say "The Internet Runs on O'Reilly Books", and let's face it, it's true, at least as far as the web is concerned. How many times a week do you reach for a reference book on some web issue and pick up something that is not an O'Reilly book? I just glanced at my shelf of frequently used references and they are all O'Reilly apart from one book (Russell Winder's Java book since you ask). O'Reilly have always had the "just the facts, ma'am" market pretty well sown up for a few years now, but their less terse books are (in most cases) just as good.

This book on Web Design is a case in point. Written y the author of Web Design in Nutshell, it takes a slower more developmental approach to the whole process of web design, from basics right through to sound advice on Flash (only where appropriate). Whatever your level of skill and experience you will certainly learn something by dipping in somewhere in the book, and for people starting out, it will bring them up to speed very quickly.

Of course, it won't turn you into a graphic designer overnight and the author makes pains to point this out, but it will point out the major pitfalls to avoid, and the best ways to approach a particular task. The book is bursting with examples, tips, pointers to useful software and references books that will provide more information on particular topics. The illustrations are printed in grey-scale, but are no less clear because of this (and a small colour insert shows many of them as they would be seen in a browser). There are some nice "how not to" examples as well — the animations on a black background homepage is wonderful.

If you want to get to grips with web design then I can definitely recommend this book. For more experienced practitioners — though they will certainly learn something — it is a less useful purchase. They will know a lot of the day to day stuff already and may feel the need for lower level detail.

A Beginner's Guide to HTML, Graphics and Beyond

Jennifer Niederst
O'Reilly & Associates, Inc., March 2001
388 pages, £24.95
ISBN 0-596-00036-7

(Reviewed by Paul Webb)

Learning Web Design is intended to introduce the novice web designer to a broad range of web related technologies. Niederst therefore begins with an Internet-related definition of terms and moves, via discussions of HTML and Graphics, towards lucid descriptions of technologies like Flash, DHTML, Audio and Video.

The book is therefore explicitly intended for the newcomer who wants both an introduction to the subject and a reference to more advanced resources. Niederst writes in a chatty and accessible style and demonstrates techniques and concepts with reference to sample web pages and images which are intermittently reproduced as coloured prints in a `Gallery' section. She also defines any terms as they occur and provides a balanced appraisal of the pros and cons of any particular technology. (Chapter 18 on `Usability' is essential reading for those designers who choose special effects before assessing audience needs). The book is also liberally sprinkled with a range of sidebars which contain invaluable hints and tips, useful URLs and pointers to books for further study.

In short, if you would like to get into web design, buy this book. After all, it seems that we now have a companion volume for the same author's Web Design in a Nutshell.

LPI Linux Certification in a Nutshell

Jeffrey Dean
O'Reilly & Associates, Inc., May 2001
570 pages, £28.50
ISBN 1-56592-748-6

(Reviewed by Neil Levine)

Certification has unfortunately become more of an accepted industry standard over the past few years with MSCE or CCIE qualifications becoming more important than the number of hours you spent at home hacking your bash startup scripts or XF86Config file at 3:00 in the morning.

With the popularity of GNU/Linux, it was inevitable that exams such as the RHCE (Red Hat) or the more general LPI (Linux Professional Institute) would crop up. LPI Linux Certification in a Nutshell documents the first two exams in the LPI course and as such provides a good introduction to the basics of UNIX whilst giving enough insight into the specifics of maintaining GNU/Linux box to hopefully make the Certification worth something.

The first exam, as detailed in the first half of the book, covers general UNIX concepts such as file and stream manipulation, file system administration and file system hierarchy. The brief 20-odd page given to each section consists of a mixture of manpage-"lite" descriptions accompanied with more verbose three to four page explanations of the topics. As you would expect each topic has an accompanying set of examples and review questions. What is less practical is the setting out of "Objectives" detailing why you would need to perform certain tasks. Listing "User Support" as an objective under the Documentation section or "Maintain An Effective Data Backup Strategy" appear more biblical in their hopes than useful for exam purposes.

The second half of the book, and exam, cover more Linux specific areas such as package installation and kernel compilation as well as networking topics. Again the level of information is sufficient to push people in the right direction armed with the relevant tools and concepts if not the absolute answer.

The exam aside, this book is a very competent introduction to using UNIX for the uninitiated and goes some way to illuminating the atomic nature of the many individual UNIX features which can be combined to produce powerful results. The latter half of the book would also help as a compact FAQ for those who have got their GNU/Linux box up and running already and want to start customising and installing applications.

SSH, The Secure Shell: The Definitive Guide

Daniel J. Barrett & Richard Silverman
O'Reilly & Associates, Inc., January 2001
558 pages, £28.50
ISBN 0-596-00011-1

(Reviewed by Bob Vickers)

SSH is a very useful collection of tools, providing secure replacements for programs such as telnet, rlogin, rsh, rcp, ftp, xon, and rxterm. Any administrator concerned about passwords and other sensitive information being stolen by packet sniffers needs to be familiar with it.

Once set up SSH is generally easier to use than the less secure equivalents, but before you get to this happy state there are a number of choices to be made and hurdles to be jumped. This book is aimed primarily at the UNIX system administrator or advanced UNIX user and provides a huge amount of useful information.

The book starts with an introduction to the concepts of SSH, then moves on to the meat: detailed information about SSH for UNIX users and administrators. Finally, it discusses some implementations for Windows and Macintosh users.

There are currently three main implementations of SSH for UNIX: SSH1, SSH2 and the new but rapidly developing OpenSSH. They have much in common and the authors have elected to describe all three, pointing out differences as they go along. This is an ambitious approach, and inevitably adds some clutter to the text, but the authors have risen to the challenge and written an extremely clear and helpful book. They cover server administration, client configuration, and the clever port forwarding features that allow you to tunnel other protocols such as X11 and IMAP across an insecure network.

I would recommend this book to people who simply want to get SSH working as quickly as possible as well as those with an interest in cryptography.

Bob manages the Computer Science computers at Royal Holloway, University of London.

SSH, The Secure Shell: The Definitive Guide

Daniel J. Barrett & Richard Silverman
O'Reilly & Associates, Inc., January 2001
558 pages, £28.50
ISBN 0-596-00011-1

(Reviewed by Virantha Mendis)

Until the Internet became a fashionable commodity in the mid-90s, there was not much talk about its security aspects. The emergence of ISPs (Internet Service Provider) brought many household connections to the Internet. A new breed of hackers started to emerge with these connections. These young people had access to powerful computers, lots of time, as well as a wealth of information on how to become a hacker. All these hacking activities have resulted in many high profile security breaches in last few years. SSH, the Secure Shell: The Definitive Guide by Daniel Barrett and Richard Silverman tries to educate the user on how to conduct their business in a secure manner when performing interactive connections, i.e. telnet. When the Internet was part of the original ARPA network, one of main objective was the ease of use. One example of this is the "r" utilities such as rlogin, rsh and rcp. These are written purely to provide the necessary functionality with minimum effort. For example, login onto remote machines without a password. Unfortunately, these are the areas hackers started concentrating their efforts most. Also, most of the network traffic generated by computers travels across the network in plain text.

Once this became common knowledge, the main target for hacking shifted towards capturing user account details and passwords. Two common utilities, telnet and ftp, that are used to connect to remote servers, became the main source for revealing the user account details. One way to stop snooping of the user account details is to encrypt the network traffic. In the mid-nineties, Tatu Ylonen used public encryption mechanisms to encrypt the network traffic between the server and the client, and released the first version of Secure Shell. The Internet community adopted this as a protection against snooping attacks. There are now two versions of the secure shell protocol and various versions of the client software, which run on various UNIX flavours, Windows and even on epoch based machines.

The Secure Shell suite is comprised of a daemon program (sshd) and a collection of client programs (ssh, scp, etc.). The daemon and the client programs use public-key authentication to identify and verify the client. Once a connection is established, a secure tunnel is created and the network traffic is encrypted. This prevents any would be attackers from snooping the user account details such as usernames and passwords.

The authors have organised the book into several "tracks". This allows readers with varying skills to identify the relevant sections for reading. The tracks are grouped according to the functionality of the software: installation and configuration for system administrators, how to use the secure shell client programs for UNIX users and several sections for Windows and Macintosh users.

As there are now two versions of the protocols available, the authors have done their best to explain the differences. This is augmented by detailed explanation on how to configure the two versions of the sshd. Given the importance of using software to encrypt the network traffic and the use of the public-key encryption to authenticate clients, Secure Shell has gained wide popularity. For any user or system administrator who is concerned about the vulnerability in the network and decides to use the software, this book provides valuable wealth of information. The book is written in easy to understand English and there are numerous diagrams that are used to convey complex technical details behind the secure shell protocol. This book is a must for any person who uses the Internet for communicating with remote servers.

Virantha is a Senior UNIX System Support thingy with BT Internet Data Centres.

Server Load Balancing

Tony Bourke
O'Reilly & Associates, Inc., August 2001
192 pages, £24.95
ISBN 0596000502

(Reviewed by Joel Smith)

This new book assumes no more knowledge of IP and Ethernet than a familiarity with their basic workings, and the workings of the Internet in general. Although it briefly touches on DNS round robin and clustering solutions, this book is firmly based around hardware Server Load Balancing (SLB) solutions.

The book is divided into three sections. Part I concentrates on the theories and concepts of Server Load Balancing. Part II concentrates on the implementation and network topology of load balancers. Part III is a configuration guide to four major load balancing products on the market: Alteon WebSystems, Cisco's CSS (formerly Arrow Point), F5's BIG-IP and the Foundry ServerIron Series.

The first four chapters are a clearly laid out treatment of the theory behind SLB and the essential terminology and concepts used. There is the inevitable explanation of the 7 layer OSI model and networking basics. Perhaps some of the ground covered is a little too basic to be really necessary — I am not sure how necessary it is to cover concepts like "read-only", "super-user" and "server". A quick definition of terms in the introduction should be sufficient, but to be still devoting pages to such concepts in chapter 2 smacks of bulking out the text. That said, the information is communicated well, and the illustrations aid the text well.

Part II gets down to the nitty gritty of designing a network to work with SLB. There are two basic approaches using either a flat-based SLB architecture, or a Network Address Translation-based architecture. A NAT-based architecture is where the load balancer routes network packets between different subnets, and translates them appropriately. A flat-based architecture is where the load balancer is on the same subnet as the servers and does not route packets between subnets. This section deals with both of these two architectures in some detail again using clear illustrations to communicate the differences being discussed.

The final section gives a walk-through to configure SLB products from four of the major vendors in this area. The walk-through takes you from a new out of the box load balancer through setting it up in the each of the two basic architectures. The walk-throughs are conducted via the CLI wherever possible, rather than any web interfaces. This section is useful if you have these particular load balancers, but I would think is of limited value if you do not.

A very nice touch is the Quick Command Guide in Appendix A. This appendix provides a quick reference to commonly performed administration tasks involving the load balancers featured in the book. It is designed to save time and help in a crisis situation, when reading through a chapter would take too long. Since load balancers are by their very nature fairly critical pieces of equipment — you would not buy an expensive load balancer for an unimportant service — I thought that this could prove to be a very useful feature of the book.

Appendix B covers how to set up Direct Server Return (where the server sends the return packet back without returning it via the SLB) for various different server systems. It covers the configuration required for Solaris, Linus and Windows 2000 operating systems, and Apache as the web server.

Although the final Appendix C is entitled Sample Configurations, this is in fact vendor neutral. The "Configurations" referred to are network configurations rather than hardware configurations. Consequently it is filled with network diagrams showing several different possible network topologies and implementations.

This book would be useful for those deciding to implement SLB on their networks. It is a help for those new to their load balancer, but does not delve into the more complex features on offer, for which you are referred to the documentation. At present the book is up to date with the various load balancer OS revisions. As the book ages, the information it presents will become less relevant. As half the book is devoted to the OS specific configuration, I suspect that it will date quite badly, unless frequently revised. But for now, this does not present a problem. I suspect I will find this book an easy source of information.

Joel Smith is the Senior UNIX Administrator for IFonline.

Linux Device Drivers

Allesandro Rubini and Jonathan Corbet
O'Reilly & Associates, Inc.
570 pages, £28.50
ISBN 0-59600-008-1

(Reviewed by Matt Palmer / Richard Ibbotson)


Linux like all operating systems uses device drivers to get the software to drive a piece of hardware. This book is all about those drivers. How to understand them and what to do with them.

The open source revolution has given us access to several things which were previously inaccessible. One of the reasons I got into Linux in the beginning was I thought "hey, I can see how an operating system works". One look at the kernel code scared me off, and I went into other things. The second edition of Rubini's book now with help from Jonathan Corbet goes a long way to dispelling my fears to do with technology that scares me because I do not understand it. While it is primarily written for those who wish to support new hardware and program within kernel space, it is impossible to do these things without knowing a fair bit of information about core kernel activities. All of these things are explained well in the book.

The primary focus, of course, is device driver functionality. At the outset, Rubini and friend make sure the reader is familiar with the concept of a loadable module, and the things which are required to understand the book. These are:

It is probably a good idea to upgrade that last point to a firm grasp of C programming or something similar. If you are capable of running C code in your head while reading it, your comprehension of the code snippets provided will be greatly improved. The coding style is open and readable, and it makes for a greatly improved understanding.

There is only a very small part of the book which actually requires you to work with hardware — almost all of the basic concepts of device driver writing and use can be demonstrated purely in software — wait queues, task queues, ioctls, I/O, and a host of other things. Debugging, the bane of every programmer, is dealt with well, especially when one considers just how hard it is to debug something which you cannot start and stop at will, and which will bring down the system if it crashes. You will also pick up a working knowledge of real live hardware issues — it is obvious that the author has `been there, done that' with real devices. He has also been gifted with an ability to explain concepts very clearly, with the aid of diagrams, where appropriate. This is, in fact, one of the strongest points in the book — all of the hard technical details are spelt out, in detail, to the level where you can immediately say "I get that now".

After a thorough grounding in the basics, there are some advanced topics as well — handling versioning within modules, DMA access, network drivers, and peripheral buses, to name a few. The extensive advances made in newer kernels — up to and including 2.1.43, are also covered, allowing some measure of advanced design. If you follow the advice given throughout the book, however, your own modules should work, with minimal modifications, with the newer 2.4.x source tree. I would be interested to see a book by Rubini concentrating on the function of the Linux kernel in detail. Chapter 16, Physical Layout of the Kernel Source, gives a taste of what the authors are capable of.

In short, if you want to support hardware, or want to know what goes on under the hood of your kernel, and have a good working knowledge of C, I would recommend buying this book. You will not regret it, even if you never actually write a device driver that ends up in the Linux kernel.

Matt lives at Wollongong in Australia. Richard is from Sheffield. Sheffield LUG is the link.

Professional XSL

Kurt Cagle, et al
Wrox Press Ltd., April 2001
727 pages, £38.99
ISBN 1-861003-57-9

(Reviewed by Alan McLintock)

I was quite pleased when I got this book for review: I thought it had a whole chapter on FOP. It doesn't!

What it does have is a chapter on CSS and XSL:FO. I guess I do need to read all of the CSS section to know what I can and cannot do with font styling and the like. So I get to the XSL-FO part of the chapter. It starts off with a good description of where FO fits into the world, and how the page is broken up into regions. It lists the 56 XSL-FO elements, and points out that many of them have HTML analogies (e.g. the "list" ones). And then I flipped back and forth trying to find an explanation of each one. I flipped in vain.

The explanation of the structure of an XSL-FO Document was good. I think it is better than the documentation with FOP — but that documentation has improved since I first read it.

It talks about creating XSL-FO files from XSLT — something I have not yet needed to do since I've generated the FO directly.

And then for some reason the author uses Antenna House XSL Formatter. This seems to be an add-on for Microsoft Internet Explorer and so is useless for generating PDF. Hurrah. A few pages later we find FOP mentioned. The exact file they use in their examples is at which does not seem to exist any more. Perhaps we can re-reinstate it — or redirect users to a the current release.

Sadly it does not really talk about FOP in any more detail than enough to get it going.

What else might you like to know...

It has a whole chapter on SVG! Unfortunately this chapter seemed a bit disappointing too. It did not give me any examples I wanted, for instance, on dotted lines. (I have some colour line graphs which I want to produce with different styles of dotted lines for rendering on a black and white printer).

The next thing I want to learn about is Cocoon. Cocoon is mentioned — but once.

Oh well. Never mind.

Alex works for the Open Source Consultancy OpenWeb Analysts Ltd.