Interview with Marcel Gagné, President of Salmar Consulting, Inc.
by Mirko Zorz - Tuesday, 24 September 2002.
Aside from it having been an amazing amount of work (insert appropriate smiley here), it was fantastic! When I started writing the book, I had been writing articles in the field for some time. Nevertheless, it was a real kick to move from a short, magazine format to a book. Anytime I've covered something in an article, I tried to explain things in a way that I wished someone had explained it to me. Writing "Linux System Administration: A User's Guide" gave me the opportunity to create the book I would have wanted to have and to present information in a way that respected the reader's intelligence. I'm not a "RTFM" guy. Forcing people to learn by intimidation is not my way. System administration is no more magic than anything else -- I've always believed that people want to learn this stuff and that the person who has been put in charge of the system isn't stupid. Consequently, I'm always inviting people to try things out for themselves. With the book, I was thrilled to have the opportunity to reach people in a new and exciting way.

Linux is exciting because it has opened up so many possibilities in such a short period of time. These days, I'm hard at work writing my second book and I look forward to sharing that excitement with a whole new audience.

If you could start writing "Linux System Administration - A User's Guide" all over again, would you make any major changes?

As I mentioned in the book, Linux (as with all dynamic things) is a moving target. I don't know that I would make any _major_ changes, but Linux has evolved since I wrote the book and some new things have been added or have become popular. If I were starting today, I would certainly look at some of those things and they might become part of the book.

That said, I wrote "Linux System Administration - A User's Guide" with the intention of concentrating on concepts, on things that won't change with the fashion of the day, and being as release agnostic as possible. I wanted the information I provided to be something that outlived the book's publication date. I also wanted it to be useful to people regardless of what distribution they were running, whether it was Red Hat, SuSE, Slackware, Debian, or whatever.

What's your take on the adoption of Linux in the enterprise? Do you think it will give a boost to security?

Linux in the enterprise can only be a good thing. I know that the arguments will continue until for some time, but I personally don't believe in security through obscurity. Keeping a glaring security hole a secret by not publishing the code or informing the public doesn't change the fact that a glaring security hole exists. Yes, I know the argument... if you open the code then all the bad boys and girls out there will be busy looking for exploits. On the other hand, if you open the source, all the good boys and girls will be out there looking to make sure that these problems happen as rarely as possible, and are dealt with as quickly as possible when they do happen.

When it comes to system administration and particularly security, there can be a lot of stress involved at times. Do you find yourself in tough situations and what do you do to handle them?

System administration, by its nature, is stressful. BOFH stories aside, a great deal of expectation falls on the shoulders of the person in charge of making sure everything works. As a sysadmin, if anything goes wrong, it is your fault. That holds true for me as well. In all cases, I try to maintain a sense of humour. If you can keep your head while everyone around you is panicking, that air of calmness will spread somewhat. Confidence instills confidence. If you are at your wits end, don't be afraid to ask for help. We're all in this together.

And remember, the best way to avoid stress is to avoid the stressful situations in the first place. Get to know your systems and your network. Stay on top of it. Knowledge is power. Learn all that you can, script what can be scripted and schedule everything imaginable with cron jobs (where possible). If it isn't broken, people won't be complaining and you can build up that reputation "as a miracle worker" (as Scotty might say).

What's the most careless act in system administration you've ever seen?

(insert sound of laughter here) I don't even know where to begin. I've been in offices where people have their passwords stuck to their monitors because it's easier than remembering. As bad as that is, I think this next one probably rates as the worst. A company (that shall remain nameless) spent a small fortune on a high capacity, enterprise backup solution. That doesn't sound so bad except that they just assumed (presumably because it was so expensive) that the configuration and hence, the backups, should not be verified or tested. After three months of running this solution, the inevitable happened. I leave the rest to your imagination.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th