next up previous contents
Next: 10 Linux Offers the Up: 10 Reasons Why I Previous: 8 Driver Stability   Contents

9 Linux Configuration Makes Sense

About Linux, it is often said that 'everything is a file.' This means kernel and system parameters, device interfaces, etc. are accessible as text files. For example, one can enable packet forwarding in the kernel by editing the 'file' /proc/sys/net/ipv4/ip_forward. Though this is a system kernel parameter, it is read and manipulated just as if it were a text file.

Personally, I find configuration of Linux much easier than that of Windows. In addtion to the system parameters in /proc, Linux systems store application configuration information in one of two places. System wide configuration (that applies to all users) is stored in the /etc directory; per user configuration settings are stored in the user's home directory. A text editor is all that is needed to edit Linux configuration files (though graphical configuration tools do exist) and the settings in the various configuration files tend to make sense once one reads the file (or documentation). For example, to configure the Samba SMB server to act as a domain controller, one needs the line (among others)

Domain Master = yes

in the Samba configuration file. This is pretty clear, and the setting is right where one would expect: in the file for the SMB server called smb.conf.

This is in direct contrast to the Windows configuration system. Configuration settings in Windows are done either using graphical tools (such as through Control Panel) or by editing the Registry directly (which is very error prone). To illustrate just how confusing Windows configuration can be, consider this example. The author recently had the opportunity to set up numerous Windows XP computers for domain membership and as IPSec VPN clients. Several of the relevant Windows settings contain double (or triple) negatives with the options in ``enable'' or ``disable'' format. For example, one setting was

Disable machine account password changes, Enable or Disable

Setting this to 'Disable' means that machine account password changes are enabled. How's that for a mental gyration to perform at 3:00 am while configuring a system during 'off peak' time to be ready for the next normal business day? Another is the Disable Last Accessed setting for performance tuning the file system; one needs to set this to ``0'', meaning ``Don't Disable.'' To me, at least, it is quite clear why Windows is difficult to configure properly for either proper operation or for security.


next up previous contents
Next: 10 Linux Offers the Up: 10 Reasons Why I Previous: 8 Driver Stability   Contents
John S. Riley, DSB Scientific Consulting