Experience Seamless Full Ebook Downloads for Every Genre at textbookfull.

com

UNIX and Linux System Administration Handbook 5th

Edition Evi Nemeth

https://textbookfull.com/product/unix-and-linux-system-
administration-handbook-5th-edition-evi-nemeth/

OR CLICK BUTTON

DOWNLOAD NOW

Explore and download more ebook at https://textbookfull.com

 Recommended digital products (PDF, EPUB, MOBI) that
you can download immediately if you are interested.

Practical System Programming with C: Pragmatic Example

Applications in Linux and Unix-Based Operating Systems 1st
Edition Sri Manikanta Palakollu
https://textbookfull.com/product/practical-system-programming-with-c-
pragmatic-example-applications-in-linux-and-unix-based-operating-
systems-1st-edition-sri-manikanta-palakollu/
textboxfull.com

Practical System Programming with C - Pragmatic Example

Applications in Linux and Unix-Based Operating Systems.
1st Edition Sri Manikanta Palakollu
https://textbookfull.com/product/practical-system-programming-with-c-
pragmatic-example-applications-in-linux-and-unix-based-operating-
systems-1st-edition-sri-manikanta-palakollu-2/
textboxfull.com

Shell Programming in Unix Linux and OS X Stephen G. Kochan

https://textbookfull.com/product/shell-programming-in-unix-linux-and-
os-x-stephen-g-kochan/

textboxfull.com

Private Security and the Law, 5th Edition Charles P.

Nemeth

https://textbookfull.com/product/private-security-and-the-law-5th-
edition-charles-p-nemeth/

textboxfull.com
Red Hat Enterprise Linux 8 0 RH294 Red Hat System
Administration III Trey Feagle Et Al.

https://textbookfull.com/product/red-hat-enterprise-
linux-8-0-rh294-red-hat-system-administration-iii-trey-feagle-et-al/

textboxfull.com

Pro linux system administration Learn to build systems for

your business using free and open source software
Lieverdink
https://textbookfull.com/product/pro-linux-system-administration-
learn-to-build-systems-for-your-business-using-free-and-open-source-
software-lieverdink/
textboxfull.com

Pro linux system administration Learn to build systems for

your business using free and open source software
Lieverdink
https://textbookfull.com/product/pro-linux-system-administration-
learn-to-build-systems-for-your-business-using-free-and-open-source-
software-lieverdink-2/
textboxfull.com

ubuntu and Centos linux server administration Md. Tanvir

Rahman

https://textbookfull.com/product/ubuntu-and-centos-linux-server-
administration-md-tanvir-rahman/

textboxfull.com

Linux Administration a Beginner s Guide Wale Soyinka

https://textbookfull.com/product/linux-administration-a-beginner-s-
guide-wale-soyinka/

textboxfull.com
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those
designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial
capital letters or in all capitals.
Ubuntu is a registered trademark of Canonical Limited, and is used with permission.

Debian is a registered trademark of Software in the Public Interest Incorporated.

CentOS is a registered trademark of Red Hat Inc., and is used with permission.

FreeBSD is a registered trademark of The FreeBSD Foundation, and is used with permission.
The Linux Tux logo was created by Larry Ewing, [email protected].

The authors and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind
and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection
with or arising out of the use of the information or programs contained herein.
For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions;
custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact
our corporate sales department at [email protected] or (800) 382-3419.

For government sales inquiries, please contact [email protected].

For questions about sales outside the U.S., please contact [email protected].
Visit us on the web: informit.com

Library of Congress Control Number: 2017945559

Copyright © 2018 Pearson Education, Inc.

All rights reserved. Printed in the United States of America. This publication is protected by copyright, and permission must be
obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission in any form or by any
means, electronic, mechanical, photocopying, recording, or likewise. For information regarding permissions, request forms and the
appropriate contacts within the Pearson Education Global Rights & Permissions Department, please visit
www.pearsoned.com/permissions/.
ISBN-13: 978-0-13-427755-4
ISBN-10: 0-13-427755-4
1 17
Table of Contents

TRIBUTE TO EVI
PREFACE
FOREWORD
ACKNOWLEDGMENTS

SECTION ONE: BASIC ADMINISTRATION

CHAPTER 1: WHERE TO START

Essential duties of a system administrator
Controlling access
Adding hardware
Automating tasks
Overseeing backups
Installing and upgrading software
Monitoring
Troubleshooting
Maintaining local documentation
Vigilantly monitoring security
Tuning performance
Developing site policies
Working with vendors
Fire fighting
Suggested background
Linux distributions
Example systems used in this book
Example Linux distributions
 Example UNIX distribution
Notation and typographical conventions
Units
Man pages and other on-line documentation
Organization of the man pages
man: read man pages
Storage of man pages
Other authoritative documentation
System-specific guides
Package-specific documentation
Books
RFC publications
Other sources of information
Keeping current
HowTos and reference sites
Conferences
Ways to find and install software
Determining if software is already installed
Adding new software
Building software from source code
Installing from a web script
Where to host
Specialization and adjacent disciplines
DevOps
Site reliability engineers
Security operations engineers
Network administrators
Database administrators
Network operations center (NOC) engineers
Data center technicians
Architects
Recommended reading
System administration and DevOps
Essential tools

CHAPTER 2: BOOTING AND SYSTEM MANAGEMENT DAEMONS

Boot process overview
System firmware
BIOS vs. UEFI
Legacy BIOS
 UEFI
Boot loaders
GRUB: the GRand Unified Boot loader
GRUB configuration
The GRUB command line
Linux kernel options
The FreeBSD boot process
The BIOS path: boot0
The UEFI path
loader configuration
loader commands
System management daemons
Responsibilities of init
Implementations of init
Traditional init
systemd vs. the world
inits judged and assigned their proper punishments
systemd in detail
Units and unit files
systemctl: manage systemd
Unit statuses
Targets
Dependencies among units
Execution order
A more complex unit file example
Local services and customizations
Service and startup control caveats
systemd logging
FreeBSD init and startup scripts
Reboot and shutdown procedures
Shutting down physical systems
Shutting down cloud systems
Stratagems for a nonbooting system
Single-user mode
Single-user mode on FreeBSD
Single-user mode with GRUB
Recovery of cloud systems

CHAPTER 3: ACCESS CONTROL AND ROOTLY POWERS

Standard UNIX access control
 Filesystem access control
Process ownership
The root account
Setuid and setgid execution
Management of the root account
Root account login
su: substitute user identity
sudo: limited su
Disabling the root account
System accounts other than root
Extensions to the standard access control model
Drawbacks of the standard model
PAM: Pluggable Authentication Modules
Kerberos: network cryptographic authentication
Filesystem access control lists
Linux capabilities
Linux namespaces
Modern access control
Separate ecosystems
Mandatory access control
Role-based access control
SELinux: Security-Enhanced Linux
AppArmor
Recommended reading

CHAPTER 4: PROCESS CONTROL

Components of a process
PID: process ID number
PPID: parent PID
UID and EUID: real and effective user ID
GID and EGID: real and effective group ID
Niceness
Control terminal
The life cycle of a process
Signals
kill: send signals
Process and thread states
ps: monitor processes
Interactive monitoring with top
nice and renice: influence scheduling priority
 The /proc filesystem
strace and truss: trace signals and system calls
Runaway processes
Periodic processes
cron: schedule commands
systemd timers
Common uses for scheduled tasks

CHAPTER 5: THE FILESYSTEM

Pathnames
Filesystem mounting and unmounting
Organization of the file tree
File types
Regular files
Directories
Hard links
Character and block device files
Local domain sockets
Named pipes
Symbolic links
File attributes
The permission bits
The setuid and setgid bits
The sticky bit
ls: list and inspect files
chmod: change permissions
chown and chgrp: change ownership and group
umask: assign default permissions
Linux bonus flags
Access control lists
A cautionary note
ACL types
Implementation of ACLs
Linux ACL support
FreeBSD ACL support
POSIX ACLs
NFSv4 ACLs

CHAPTER 6: SOFTWARE INSTALLATION AND MANAGEMENT

Operating system installation
 Installing from the network
Setting up PXE
Using kickstart, the automated installer for Red Hat and CentOS
Automating installation for Debian and Ubuntu
Netbooting with Cobbler, the open source Linux provisioning server
Automating FreeBSD installation
Managing packages
Linux package management systems
rpm: manage RPM packages
dpkg: manage .deb packages
High-level Linux package management systems
Package repositories
RHN: the Red Hat Network
APT: the Advanced Package Tool
Repository configuration
An example /etc/apt/sources.list file
Creation of a local repository mirror
APT automation
yum: release management for RPM
FreeBSD software management
The base system
pkg: the FreeBSD package manager
The ports collection
Software localization and configuration
Organizing your localization
Structuring updates
Limiting the field of play
Testing
Recommended reading

CHAPTER 7: SCRIPTING AND THE SHELL

Scripting philosophy
Write microscripts
Learn a few tools well
Automate all the things
Don’t optimize prematurely
Pick the right scripting language
Follow best practices
Shell basics
Command editing
 Pipes and redirection
Variables and quoting
Environment variables
Common filter commands
sh scripting
Execution
From commands to scripts
Input and output
Spaces in filenames
Command-line arguments and functions
Control flow
Loops
Arithmetic
Regular expressions
The matching process
Literal characters
Special characters
Example regular expressions
Captures
Greediness, laziness, and catastrophic backtracking
Python programming
The passion of Python 3
Python 2 or Python 3?
Python quick start
Objects, strings, numbers, lists, dictionaries, tuples, and files
Input validation example
Loops
Ruby programming
Installation
Ruby quick start
Blocks
Symbols and option hashes
Regular expressions in Ruby
Ruby as a filter
Library and environment management for Python and Ruby
Finding and installing packages
Creating reproducible environments
Multiple environments
Revision control with Git
A simple Git example
Git caveats
 Social coding with Git
Recommended reading
Shells and shell scripting
Regular expressions
Python
Ruby

CHAPTER 8: USER MANAGEMENT

Account mechanics
The /etc/passwd file
Login name
Encrypted password
UID (user ID) number
Default GID (group ID) number
GECOS field
Home directory
Login shell
The Linux /etc/shadow file
FreeBSD's /etc/master.passwd and /etc/login.conf files
The /etc/master.passwd file
The /etc/login.conf file
The /etc/group file
Manual steps for adding users
Editing the passwd and group files
Setting a password
Creating the home directory and installing startup files
Setting home directory permissions and ownerships
Configuring roles and administrative privileges
Finishing up
Scripts for adding users: useradd, adduser, and newusers
useradd on Linux
adduser on Debian and Ubuntu
adduser on FreeBSD
newusers on Linux: adding in bulk
Safe removal of a user’s account and files
User login lockout
Risk reduction with PAM
Centralized account management
LDAP and Active Directory
Application-level single sign-on systems
 Identity management systems

CHAPTER 9: CLOUD COMPUTING

The cloud in context
Cloud platform choices
Public, private, and hybrid clouds
Amazon Web Services
Google Cloud Platform
DigitalOcean
Cloud service fundamentals
Access to the cloud
Regions and availability zones
Virtual private servers
Networking
Storage
Identity and authorization
Automation
Serverless functions
Clouds: VPS quick start by platform
Amazon Web Services
Google Cloud Platform
DigitalOcean
Cost control
Recommended Reading

CHAPTER 10: LOGGING

Log locations
Files not to manage
How to view logs in the systemd journal
The systemd journal
Configuring the systemd journal
Adding more filtering options for journalctl
Coexisting with syslog
Syslog
Reading syslog messages
Rsyslog architecture
Rsyslog versions
Rsyslog configuration
Config file examples
Syslog message security
 Syslog configuration debugging
Kernel and boot-time logging
Management and rotation of log files
logrotate: cross-platform log management
newsyslog: log management on FreeBSD
Management of logs at scale
The ELK stack
Graylog
Logging as a service
Logging policies

CHAPTER 11: DRIVERS AND THE KERNEL

Kernel chores for system administrators
Kernel version numbering
Linux kernel versions
FreeBSD kernel versions
Devices and their drivers
Device files and device numbers
Challenges of device file management
Manual creation of device files
Modern device file management
Linux device management
FreeBSD device management
Linux kernel configuration
Tuning Linux kernel parameters
Building a custom kernel
Adding a Linux device driver
FreeBSD kernel configuration
Tuning FreeBSD kernel parameters
Building a FreeBSD kernel
Loadable kernel modules
Loadable kernel modules in Linux
Loadable kernel modules in FreeBSD
Booting
Linux boot messages
FreeBSD boot messages
Booting alternate kernels in the cloud
Kernel errors
Linux kernel errors
 FreeBSD kernel panics
Recommended reading

CHAPTER 12: PRINTING

CUPS printing
Interfaces to the printing system
The print queue
Multiple printers and queues
Printer instances
Network printer browsing
Filters
CUPS server administration
Network print server setup
Printer autoconfiguration
Network printer configuration
Printer configuration examples
Service shutoff
Other configuration tasks
Troubleshooting tips
Print daemon restart
Log files
Direct printing connections
Network printing problems
Recommended reading

SECTION TWO: NETWORKING

CHAPTER 13: TCP/IP NETWORKING

TCP/IP and its relationship to the Internet
Who runs the Internet?
Network standards and documentation
Networking basics
IPv4 and IPv6
Packets and encapsulation
Ethernet framing
Maximum transfer unit
Packet addressing
Hardware (MAC) addressing
 IP addressing
Hostname “addressing”
Ports
Address types
IP addresses: the gory details
IPv4 address classes
IPv4 subnetting
Tricks and tools for subnet arithmetic
CIDR: Classless Inter-Domain Routing
Address allocation
Private addresses and network address translation (NAT)
IPv6 addressing
Routing
Routing tables
ICMP redirects
IPv4 ARP and IPv6 neighbor discovery
DHCP: the Dynamic Host Configuration Protocol
DHCP software
DHCP behavior
ISC’s DHCP software
Security issues
IP forwarding
ICMP redirects
Source routing
Broadcast pings and other directed broadcasts
IP spoofing
Host-based firewalls
Virtual private networks
Basic network configuration
Hostname and IP address assignment
Network interface and IP configuration
Routing configuration
DNS configuration
System-specific network configuration
Linux networking
NetworkManager
ip: manually configure a network
Debian and Ubuntu network configuration
Red Hat and CentOS network configuration
Linux network hardware options
Linux TCP/IP options
 Security-related kernel variables
FreeBSD networking
ifconfig: configure network interfaces
FreeBSD network hardware configuration
FreeBSD boot-time network configuration
FreeBSD TCP/IP configuration
Network troubleshooting
ping: check to see if a host is alive
traceroute: trace IP packets
Packet sniffers
Network monitoring
SmokePing: gather ping statistics over time
iPerf: track network performance
Cacti: collect and graph data
Firewalls and NAT
Linux iptables: rules, chains, and tables
IPFilter for UNIX systems
Cloud networking
AWS’s virtual private cloud (VPC)
Google Cloud Platform networking
DigitalOcean networking
Recommended reading
History
Classics and bibles
Protocols

CHAPTER 14: PHYSICAL NETWORKING

Ethernet: the Swiss Army knife of networking
Ethernet signaling
Ethernet topology
Unshielded twisted-pair cabling
Optical fiber
Ethernet connection and expansion
Autonegotiation
Power over Ethernet
Jumbo frames
Wireless: Ethernet for nomads
Wireless standards
Wireless client access
Wireless infrastructure and WAPs
 Wireless security
SDN: software-defined networking
Network testing and debugging
Building wiring
UTP cabling options
Connections to offices
Wiring standards
Network design issues
Network architecture vs. building architecture
Expansion
Congestion
Maintenance and documentation
Management issues
Recommended vendors
Cables and connectors
Test equipment
Routers/switches
Recommended reading

CHAPTER 15: IP ROUTING

Packet forwarding: a closer look
Routing daemons and routing protocols
Distance-vector protocols
Link-state protocols
Cost metrics
Interior and exterior protocols
Protocols on parade
RIP and RIPng: Routing Information Protocol
OSPF: Open Shortest Path First
EIGRP: Enhanced Interior Gateway Routing Protocol
BGP: Border Gateway Protocol
Routing protocol multicast coordination
Routing strategy selection criteria
Routing daemons
routed: obsolete RIP implementation
Quagga: mainstream routing daemon
XORP: router in a box
Cisco routers
Recommended reading
CHAPTER 16: DNS: THE DOMAIN NAME SYSTEM
DNS architecture
Queries and responses
DNS service providers
DNS for lookups
resolv.conf: client resolver configuration
nsswitch.conf: who do I ask for a name?
The DNS namespace
Registering a domain name
Creating your own subdomains
How DNS works
Name servers
Authoritative and caching-only servers
Recursive and nonrecursive servers
Resource records
Delegation
Caching and efficiency
Multiple answers and round robin DNS load balancing
Debugging with query tools
The DNS database
Parser commands in zone files
Resource records
The SOA record
NS records
A records
AAAA records
PTR records
MX records
CNAME records
SRV records
TXT records
SPF, DKIM, and DMARC records
DNSSEC records
The BIND software
Components of BIND
Configuration files
The include statement
The options statement
The acl statement
The (TSIG) key statement
 The server statement
The masters statement
The logging statement
The statistics-channels statement
The zone statement
The controls statement for rndc
Split DNS and the view statement
BIND configuration examples
The localhost zone
A small security company
Zone file updating
Zone transfers
Dynamic updates
DNS security issues
Access control lists in BIND, revisited
Open resolvers
Running in a chrooted jail
Secure server-to-server communication with TSIG and TKEY
Setting up TSIG for BIND
DNSSEC
DNSSEC policy
DNSSEC resource records
Turning on DNSSEC
Key pair generation
Zone signing
The DNSSEC chain of trust
DNSSEC key rollover
DNSSEC tools
Debugging DNSSEC
BIND debugging
Logging in BIND
Name server control with rndc
Command-line querying for lame delegations
Recommended reading
Books and other documentation
On-line resources
The RFCs

CHAPTER 17: SINGLE SIGN-ON

Core SSO elements
 LDAP: “lightweight” directory services
Uses for LDAP
The structure of LDAP data
OpenLDAP: the traditional open source LDAP server
389 Directory Server: alternative open source LDAP server
LDAP Querying
Conversion of passwd and group files to LDAP
Using directory services for login
Kerberos
sssd: the System Security Services Daemon
nsswitch.conf: the name service switch
PAM: cooking spray or authentication wonder?
Alternative approaches
NIS: the Network Information Service
rsync: transfer files securely
Recommended reading

CHAPTER 18: ELECTRONIC MAIL

Mail system architecture
User agents
Submission agents
Transport agents
Local delivery agents
Message stores
Access agents
Anatomy of a mail message
The SMTP protocol
You had me at EHLO
SMTP error codes
SMTP authentication
Spam and malware
Forgeries
SPF and Sender ID
DKIM
Message privacy and encryption
Mail aliases
Getting aliases from files
Mailing to files
Mailing to programs
Building the hashed alias database
Email configuration
sendmail
The switch file
Starting sendmail
Mail queues
sendmail configuration
The m4 preprocessor
The sendmail configuration pieces
A configuration file built from a sample .mc file
Configuration primitives
Tables and databases
Generic macros and features
Client configuration
m4 configuration options
Spam-related features in sendmail
Security and sendmail
sendmail testing and debugging
Exim
Exim installation
Exim startup
Exim utilities
Exim configuration language
Exim configuration file
Global options
Access control lists (ACLs)
Content scanning at ACL time
Authenticators
Routers
Transports
Retry configuration
Rewriting configuration
Local scan function
Logging
Debugging
Postfix
Postfix architecture
Security
Postfix commands and documentation
Postfix configuration
Virtual domains
Access control
Debugging
 Recommended reading
sendmail references
Exim references
Postfix references
RFCs

CHAPTER 19: WEB HOSTING

HTTP: the Hypertext Transfer Protocol
Uniform Resource Locators (URLs)
Structure of an HTTP transaction
curl: HTTP from the command line
TCP connection reuse
HTTP over TLS
Virtual hosts
Web software basics
Web servers and HTTP proxy software
Load balancers
Caches
Content delivery networks
Languages of the web
Application programming interfaces (APIs)
Web hosting in the cloud
Build versus buy
Platform-as-a-Service
Static content hosting
Serverless web applications
Apache httpd
httpd in use
httpd configuration logistics
Virtual host configuration
Logging
NGINX
Installing and running NGINX
Configuring NGINX
Configuring TLS for NGINX
Load balancing with NGINX
HAProxy
Health checks
Server statistics
Sticky sessions
 TLS termination
Recommended reading

SECTION THREE: STORAGE

CHAPTER 20: STORAGE

I just want to add a disk!
Linux recipe
FreeBSD recipe
Storage hardware
Hard disks
Solid state disks
Hybrid drives
Advanced Format and 4KiB blocks
Storage hardware interfaces
The SATA interface
The PCI Express interface
The SAS interface
USB
Attachment and low-level management of drives
Installation verification at the hardware level
Disk device files
Ephemeral device names
Formatting and bad block management
ATA secure erase
hdparm and camcontrol: set disk and interface parameters
Hard disk monitoring with SMART
The software side of storage: peeling the onion
Elements of a storage system
The Linux device mapper
Disk partitioning
Traditional partitioning
MBR partitioning
GPT: GUID partition tables
Linux partitioning
FreeBSD partitioning
Logical volume management
Linux logical volume management
 FreeBSD logical volume management
RAID: redundant arrays of inexpensive disks
Software vs. hardware RAID
RAID levels
Disk failure recovery
Drawbacks of RAID 5
mdadm: Linux software RAID
Filesystems
Traditional filesystems: UFS, ext4, and XFS
Filesystem terminology
Filesystem polymorphism
Filesystem formatting
fsck: check and repair filesystems
Filesystem mounting
Setup for automatic mounting
USB drive mounting
Swapping recommendations
Next-generation filesystems: ZFS and Btrfs
Copy-on-write
Error detection
Performance
ZFS: all your storage problems solved
ZFS on Linux
ZFS architecture
Example: disk addition
Filesystems and properties
Property inheritance
One filesystem per user
Snapshots and clones
Raw volumes
Storage pool management
Btrfs: “ZFS lite” for Linux
Btrfs vs. ZFS
Setup and storage conversion
Volumes and subvolumes
Volume snapshots
Shallow copies
Data backup strategy
Recommended reading

CHAPTER 21: THE NETWORK FILE SYSTEM

 Meet network file services
The competition
Issues of state
Performance concerns
Security
The NFS approach
Protocol versions and history
Remote procedure calls
Transport protocols
State
Filesystem exports
File locking
Security concerns
Identity mapping in version 4
Root access and the nobody account
Performance considerations in version 4
Server-side NFS
Linux exports
FreeBSD exports
nfsd: serve files
Client-side NFS
Mounting remote filesystems at boot time
Restricting exports to privileged ports
Identity mapping for NFS version 4
nfsstat: dump NFS statistics
Dedicated NFS file servers
Automatic mounting
Indirect maps
Direct maps
Master maps
Executable maps
Automount visibility
Replicated filesystems and automount
Automatic automounts (V3; all but Linux)
Specifics for Linux
Recommended reading

CHAPTER 22: SMB

Samba: SMB server for UNIX
Installing and configuring Samba
 File sharing with local authentication
File sharing with accounts authenticated by Active Directory
Configuring shares
Mounting SMB file shares
Browsing SMB file shares
Ensuring Samba security
Debugging Samba
Querying Samba’s state with smbstatus
Configuring Samba logging
Managing character sets
Recommended reading

SECTION FOUR: OPERATIONS

CHAPTER 23: CONFIGURATION MANAGEMENT

Configuration management in a nutshell
Dangers of configuration management
Elements of configuration management
Operations and parameters
Variables
Facts
Change handlers
Bindings
Bundles and bundle repositories
Environments
Client inventory and registration
Popular CM systems compared
Terminology
Business models
Architectural options
Language options
Dependency management options
General comments on Chef
General comments on Puppet
General comments on Ansible and Salt
YAML: a rant
Introduction to Ansible
Ansible example
 Client setup
Client groups
Variable assignments
Dynamic and computed client groups
Task lists
state parameters
Iteration
Interaction with Jinja
Template rendering
Bindings: plays and playbooks
Roles
Recommendations for structuring the configuration base
Ansible access options
Introduction to Salt
Minion setup
Variable value binding for minions
Minion matching
Salt states
Salt and Jinja
State IDs and dependencies
State and execution functions
Parameters and names
State binding to minions
Highstates
Salt formulas
Environments
Documentation roadmap
Ansible and Salt compared
Deployment flexibility and scalability
Built-in modules and extensibility
Security
Miscellaneous
Best practices
Recommended reading

CHAPTER 24: VIRTUALIZATION

Virtual vernacular
Hypervisors
Live migration
Virtual machine images
Containerization
 Virtualization with Linux
Xen
Xen guest installation
KVM
KVM guest installation
FreeBSD bhyve
VMware
VirtualBox
Packer
Vagrant
Recommended reading

CHAPTER 25: CONTAINERS

Background and core concepts
Kernel support
Images
Networking
Docker: the open source container engine
Basic architecture
Installation
Client setup
The container experience
Volumes
Data volume containers
Docker networks
Storage drivers
dockerd option editing
Image building
Registries
Containers in practice
Logging
Security advice
Debugging and troubleshooting
Container clustering and management
A synopsis of container management software
Kubernetes
Mesos and Marathon
Docker Swarm
AWS EC2 Container Service
Recommended reading
CHAPTER 26: CONTINUOUS INTEGRATION AND DELIVERY
CI/CD essentials
Principles and practices
Environments
Feature flags
Pipelines
The build process
Testing
Deployment
Zero-downtime deployment techniques
Jenkins: the open source automation server
Basic Jenkins concepts
Distributed builds
Pipeline as code
CI/CD in practice
UlsahGo, a trivial web application
Unit testing UlsahGo
Taking first steps with the Jenkins Pipeline
Building a DigitalOcean image
Provisioning a single system for testing
Testing the droplet
Deploying UlsahGo to a pair of droplets and a load balancer
Concluding the demonstration pipeline
Containers and CI/CD
Containers as a build environment
Container images as build artifacts
Recommended reading

CHAPTER 27: SECURITY

Elements of security
How security is compromised
Social engineering
Software vulnerabilities
Distributed denial-of-service attacks (DDoS)
Insider abuse
Network, system, or application configuration errors
Basic security measures
Software updates
Unnecessary services
Remote event logging
Exploring the Variety of Random
Documents with Different Content
acted in a very kindly manner toward him. I ask him if these three
matters were really contemporaneous.”
M. Leblois.—“The reply is simple enough. You must distinguish
between two utterly distinct orders of events,—the events at the end
of 1896, which was the time of Colonel Picquart’s departure, and the
events at the end of 1897. I know of only one letter intercepted at the
bureau of information in 1896,—namely, the letter signed ‘Speranza.’
It was at that time that General Gonse showed the greatest
sympathy for Colonel Picquart. Coming to the conspiracy of 1897, it
is my opinion that letters were then intercepted, but I prefer that the
testimony on this point should come from Lieutenant-Colonel
Picquart.”
M. Clemenceau.—“Yet the witness said just now that they sent a
letter to Lieutenant-Colonel Picquart after having opened it.”
M. Leblois.—“That was in 1896. It was in December of that year that
the Speranza letter was sent.”
M. Clemenceau.—“Then my question was appropriate. All these
things happened at the same time.”
M. Labori.—“Does M. Leblois know of certain facts in the relations
that prevailed in 1892 between M. du Paty de Clam and the de
Comminges family that offer a singular analogy with the participation
of the veiled lady in the Esterhazy case?”
M. Leblois.—“The comte de Comminges received in 1892 a certain
number of very serious anonymous letters. He had reason to
suspect that they were written by Colonel du Paty de Clam, who was
then only a major. He consulted the prefect of police, M. Lozé, who,
if I have been correctly informed, answered: ‘It is du Paty de Clam.’”
The Judge.—“But you know nothing about it; this information is
second-hand.”
M. Labori.—“But the sequel is interesting.”
M. Leblois.—“Thereupon the comte de Comminges went to General
Davout, and asked him to insist that these conspiracies should
cease. General Davout sent for Major du Paty de Clam, and, as a
result, the anonymous letters stopped entirely. But there remained a
letter in the hands of Major du Paty de Clam, and the comte de
Comminges insisted upon its restitution. General Davout helped him
to bring this about, if I am correctly informed. But, however that may
be, Major du Paty de Clam restored the letter under the following
circumstances. He said that this letter had fallen into the hands of a
woman, and that she would not part with it unless the sum of 500
francs was paid to her. So he convoked certain members of the
family on the bank of the Seine, near the Jardin de Paris, at ten
o’clock in the evening. There came a woman, carrying an umbrella,
whom Major du Paty de Clam approached. After conversing with her
a few minutes, he came back, saying: ‘I have just handed this
woman an envelope containing a 500-franc bill. In exchange, she
has given me the letter that you desire, in another envelope. Here it
is.’ They opened the envelope, and, to be sure, found the letter. It is
evident that there was something very strange about all this,—
something useless, to say the least.”
The Judge.—“But what relation has all this to the charge against the
defendants?”
M. Labori.—“I am ready to explain at once. It is our contention that
the veiled lady, far from being in relations with, or in the circle of,
Colonel Picquart, as has been insinuated, was in relations with
certain members of the war department, and that those who have
aided Major Esterhazy in his campaign may well have been in
relation with certain members of the war department. That is the
bearing of the question.”
The Judge.—“At what time did the events in connection with this
letter occur?”
M. Leblois.—“In the spring of 1892, and, if I am not mistaken, the
restitution took place on Good Friday of that year.”

Testimony of M. Scheurer-Kestner.

The next witness was M. Scheurer-Kestner.

M. Labori.—“Monsieur le Président, will you ask M. Scheurer-
Kestner under what circumstances he was led to concern himself
with the facts which revealed to him that the authorship of the
bordereau, attributed in 1894 to Captain Dreyfus, was really to be
attributed to Major Esterhazy, and what steps he took in the matter
afterwards?”
The Judge.—“Monsieur Attorney-General!”
The Attorney-General.—“It is always the same question.”
M. Labori.—“It is always the same question, and I understand why
you are always ready to welcome it in the same manner.”
The Judge.—“M. Scheurer-Kestner, you are to tell us of Major
Esterhazy, but I beg you not to say anything of the Dreyfus case,
concerning which we will not hear a word. Tell us of the Esterhazy
case, but not of the Dreyfus case.”
M. Scheurer-Kestner.—“I note what you say, Monsieur le Président.
Last July I learned that, at the office of the general staff, in the
bureau of information, in September, 1896, Colonel Picquart, who
was then a major and the chief of this bureau, had discovered, in the
course of investigations undertaken à propos of other matters, but
relating to Major Esterhazy, that there had been a mistake in 1894 in
attributing the bordereau to M. Alfred Dreyfus. I learned at the same
time that, as soon as Colonel Picquart had made his discovery, he
made haste to consult M. Bertillon, who had been one of the experts
consulted in 1894, and who, without any hesitation, had attributed
the bordereau to Alfred Dreyfus. Colonel Picquart, showing him the
bordereau and Major Esterhazy’s handwriting, but without telling him
whose handwriting it was, asked him what he thought of it, and M.
Bertillon said to him: ‘Ah! the forgers have succeeded. It is no
similarity; it is identity.’ Colonel Picquart came back with this reply,
and asked his chief to continue an investigation in this direction. He
proposed to General Gonse, among others, to submit the documents
to a new expert examination, and General Gonse dissuaded him.
There is in existence a correspondence which was then exchanged
between General Gonse and Colonel Picquart. I took pains to
become acquainted with this correspondence, for it was of great
value to me, being of a nature to settle my opinion. The
correspondence being communicated to me, I was convinced by
reading it that General Gonse accepted the opinion of Colonel
Picquart, who was paving the way for a revision of the trial. It seems
to me indispensable, in order to enlighten the jurors, that I should
read this correspondence to them.”
The Judge.—“No, that is not possible.”
M. Labori.—“We must have the light, and I consider it indispensable
that these letters should be put in evidence.”
The Judge.—“The law requires that witnesses shall testify without
the aid of any document. However, if the attorney-general is not
opposed to it, I shall not oppose it.”
The Attorney-General.—“General Gonse and Lieutenant-Colonel
Picquart have been summoned. They will testify concerning the
letters, if they see fit.”
M. Labori.—“I suggest that M. Scheurer-Kestner be authorized to
hand the letters to the court.”
The Attorney-General.—“It is not possible. The government should
have been notified of them at the proper time.”
M. Labori.—“M. Zola could not do so, as he did not then have the
letters in his possession; but he called upon the attorney-general, as
the representative of the complainant, to put these letters in
evidence, thereby complying as far as possible with Article 52 of the
law of 1881; therefore I have the honor to offer a motion” ...
The Judge.—“Oh!”
M. Labori.—“Oh! Monsieur le Président, if you knew how much pain
it gives me, as a man of the world, to thus make you suffer.”
The Judge.—“Permit me to tell you, before you offer your motion,
that it is impossible. Article 52 of the law concerning the press does
not permit the production of documents not previously announced.”
M. Albert Clemenceau.—“The law obliges us to announce
documents. We ought to have announced the letters of General
Gonse. Why did we not do so? It is well that the jurors should know.
We did not do so, because these letters have already been produced
at one hearing,—the hearing of the council of war,—and under the
following circumstances. Colonel Picquart was asked: ‘Have you
General Gonse’s letters?’ He answered: ‘They are in my pocket.’
The president of the council of war then asked: ‘Will you give them to
me?’ Colonel Picquart handed him the letters. The president of the
council of war took them and placed them with the documents of the
case, without having them read. So that, in order to conform to the
law, we had to give notice of letters which had been confiscated, as it
were, by a president of the council of war,—letters which were not at
our disposal, and which only the attorney-general could produce.”
The Judge.—“Offer your motion. But, after all, if M. Schemer-
Kestner, instead of reading them, wishes to say what they contain,
he may do so.”
M. Labori.—“Very well; so be it.”
M. Scheurer-Kestner.—“I greatly regret that I cannot read these
letters. I regret it from the standpoint of the manifestation of truth. I
considered this reading indispensable, but I see that it is forbidden.
Since, however, I am authorized to say what they contain, I will do so
in a manner necessarily incomplete, but sufficient perhaps to
enlighten the jurors.”
M. Scheurer-Kestner then repeated the substance of the letters, but,
as the full text of the letters was printed in “L’Aurore” of the following
day, February 9, they are given here in place of the description of
them made to the jury by M. Scheurer-Kestner, although legally the
full text of the letters forms no part of the evidence placed before the
jury.
Cormeilles-en-Parisis (Seine-et-Oise),
September 7, 1896.
My dear Picquart:
I have received your letter of the 5th, and, after reflecting upon all
that you say. I hasten to tell you that it seems to me useful to
proceed in this matter with great prudence, distrusting first
impressions. The thing necessary now is to determine the nature
of the documents.[1] How could they have been copied? What
requests for information have been preferred by third parties?
You may say that in this order of ideas it is rather difficult to reach
a result without making some stir. I admit it. But in my opinion it is
the best way of making sure progress. To the continuation of the
inquiry from the standpoint of the handwritings[2] there is the
grave objection that it compels us to take new people into our
confidence under bad conditions, and it seems to me better to
wait until we are more firmly settled in our opinions before going
further in this rather delicate path. I return September 15, and we
can better discuss an affair of this nature in conversation. But my
feeling is that it is necessary to proceed with extreme prudence. I
shake your hand most affectionately, my dear Picquart.
Devotedly yours,
A. Gonse.
[1] The reference here is to the documents that accompanied the
bordereau attributed to Dreyfus.
[2] The reference here is to the comparison of Major Esterhazy’s
handwriting with that of the bordereau.

Paris, September 8, 1896.

My General:
I have read your letter carefully, and I shall scrupulously follow
your instructions, but I believe it my duty to say this to you.
Numerous indications, and a serious fact of which I shall speak to
you on your return, show me that the time is near at hand when
people who have the conviction that there has been an error in
this matter are going to make a great effort and create a great
scandal. I believe that I have done all that was necessary to give
ourselves the opportunity of initiative. If too much time is lost, that
initiative will be taken by others, which, to say nothing of higher
considerations, will not leave us in a pleasant position. I must add
that the people to whom I refer do not seem to be as well
informed as we are,[3] and that in my opinion they will make a
mess of it, creating a scandal and a great uproar without
furnishing light. There will be a sad and useless crisis, which we
could avoid by doing justice in season. Be good enough, etc.,
Picquart.
[3] The reference here is to the relatives of Dreyfus.

Cormeilles-en-Parisis (Seine-et-Oise),
September 10, 1896.
My dear Picquart:
I acknowledge receipt of your letter of the 8th, after having given
it careful consideration. In spite of the disturbing fact stated
therein, I persist in my first feeling. I believe that it is necessary to
act in the most circumspect manner. At the point at which you
have arrived in your investigation there is no question, of course,
of avoiding the light, but we must ascertain what course should
be taken in order to arrive at a manifestation of the truth. This
granted, it is necessary to avoid all false manœuvres, and
especially to guard against irreparable steps. It seems to me
necessary to arrive silently, and in the order of ideas that I have
pointed out to you, at as complete a certainty as possible before
compromising anything. I know very well that the problem is a
difficult one, and may be full of unexpected elements. But it is
precisely for this reason that it is necessary to proceed with
prudence. You are not lacking in that virtue; so my mind is easy.
Remember that the difficulties are great, and that wise tactics,
weighing in advance all possibilities, are indispensable. I have
occasion to write to General de Boisdeffre; I say to him a few
words of the same tenor as this letter. Prudence! Prudence! That
is the word that you must keep steadily before your eyes. I return
on the morning of the 15th. Come to see me at my office early,
after you have been through your mail. I shake your hand most
affectionately, my dear Picquart. Yours devotedly,
Gonse.
 Paris, September 14, 1896.
My General:
September 7 I had the honor to direct your attention to the
scandal that certain people were threatening to precipitate, and I
permitted myself to say to you that, in my opinion, if we do not
take the initiative, we shall have much trouble on our hands. The
article from “L’Eclair” which you will find enclosed confirms me
unhappily in my opinion. I shall try to find out who has succeeded
so well in preparing the bomb. But I believe it my duty to affirm
once more that it is necessary to act without delay. If we wait
longer, we shall be run over, and imprisoned in an inextricable
situation, where it will be impossible for us to establish the real
truth. Be good enough, etc.,
Picquart.
M. Scheurer-Kestner, after repeating the substance of the foregoing
letters, continued his testimony as follows:
“Such, gentlemen, is the résumé that I have been able to make from
memory of these fine letters, which honor their author, both as a
soldier and as a man. After reading them, I was convinced that there
had been an error. I saw that General Gonse, Colonel Picquart’s
superior, shared his ideas, and looked upon revision as a possibility.
What had I to do? My first duty was to inform the minister of war, and
show him the documents which proved that the handwriting of the
bordereau was the handwriting of Major Esterhazy, and not that of
Captain Dreyfus. That was what I did. I had a long conversation with
General Billot, and showed him the documents that I possessed,
though I did not speak at that time of the correspondence between
General Gonse and Colonel Picquart, thinking it better not to do so.
But I was not slow in offering this correspondence to the
government, and naturally I was authorized to keep a copy of it.
Unhappily new events had taken place, and the government perhaps
had changed its attitude; I do not know; in any case, my offer was
refused. It seemed to me that the honor of the government, of the
republic, of democracy, and of the army required that the initiative in
such a reparation should come from above, and not from below.
“Then what happened? The day after my visit to the minister of war,
in which I spoke to him of the documents and showed them to him
(that was October 31),—on the day after, November 1, though it had
been agreed between us that our conversation should be secret, that
it should not be noised abroad, that there should be no mention of it,
what did I see in the newspapers inspired, so I was told, by the
minister of war,—my visit to the minister related with false
comments. It was said that I had shown nothing, that I had refused to
give the minister of war proof of the innocence of Dreyfus, when, in
fact, I had been with him three hours, begging him to make the proof
public, and offering to cry it from the house-tops. He either would
not, or could not, do it. He confined himself to saying: ‘He is guilty.’
‘Prove to me that he is guilty,’ I said. ‘I cannot prove it to you.’ That
was General Billot’s answer when I had brought important
documents, and when my heart was full of all that I knew through the
reading of the letters of which I had just spoken. That is how I came
to my present conviction, and that is the way in which I gained
courage to take up a cause which is a cause of humanity, truth, and
justice.”
M. Labori.—“M. Scheurer-Kestner has told us of his conversation
with General Billot. Will he now be good enough to tell us if he has
interviewed the prime minister?”
M. Scheurer-Kestner.—“I had several interviews with the prime
minister in the early days of November. To him I told all that I knew,
all that I had learned. I offered to him the letters that passed between
General Gonse and Colonel Picquart, for to him I could speak of
what had happened at the bureau of information.”
M. Labori.—“Whence and under what circumstances came M.
Mathieu Dreyfus’s denunciation of Major Esterhazy? Did not M.
Mathieu Dreyfus have a conversation with you in which he revealed
to you the name of Major Esterhazy,—a name which had come to his
knowledge by a path wholly different from that by which it had come
to your ears?”
M. Scheurer-Kestner.—“I had not uttered the name of Major
Esterhazy in the presence of a single private individual. I had
mentioned it only to the government when, on November 12, I
received a message from M. Mathieu Dreyfus, asking me to receive
him at my house. I had no relations with him; he had never been at
my house; I had never seen him; I was not acquainted with him. He
came, and this is the story that he told. A certain M. de Castro,
whom he did not know, was walking on the boulevards, at the time
when they were selling the placards which contained the proof of
treason,—placards which bore portraits on both sides, and in the
middle a fac-simile of the bordereau. M. de Castro, who is a
foreigner, and who theretofore had not been much interested in this
matter, bought one of these placards simply to pass away the time,
and, as soon as he had it in his hands,—I make use of a word which
he used himself when he told me the story later,—he was dazed. ‘I
went home,’ he said, ‘took out the package of letters from Esterhazy
that I had in my desk,—thirty or forty of them,—and made sure that I
was not mistaken. The bordereau was really in his writing.’ M. de
Castro hurried to the house of M. Mathieu Dreyfus, and it was after
this visit that M. Mathieu Dreyfus came to me in the evening to say
this: ‘You must know the author of the bordereau. It is said that you
have been occupying yourself with this matter for a long time, with
an earnestness really feverish, and that you are searching for
information everywhere. Then you must know whom they have
substituted, or tried to substitute, for M. Alfred Dreyfus as the author
of the bordereau, since I know that you are convinced, from the
examination of handwritings, that Alfred Dreyfus is not the author of
it.’ And, as I refused to give him the name, he said: ‘Well, if I speak
the name, and if the name that I speak has come under your eyes in
your investigations, will you tell me so?’ I answered: ‘In that case I
shall consider myself unbound, and will say yes.’ Then M. Mathieu
Dreyfus spoke the name of Major Esterhazy, and I said to him:
‘Under the circumstances in which you find yourself, it is your duty to
state this immediately to the minister of war.’ For at that moment,
thanks to the newspapers, a certain number of superior officers were
under suspicion, and I was very glad that, under the circumstances
in which this fact appeared, these superior officers would be placed
out of the question. Thus it was that M. Mathieu Dreyfus pointed out
Major Esterhazy to the minister of war as the author of the
bordereau.”
M. Zola.—“I beg M. Scheurer-Kestner to give us further details
regarding his interview with General Billot, in order to emphasize a
thing which I consider of great importance. You know, Monsieur le
Président, that they accuse us, and that they accuse me personally,
of having been the cause of the frightful crisis that is now dividing the
country. They say that we have produced this great trouble which is
disturbing business and inflaming hearts. Well, I should like it to be
clearly established that General Billot was warned by M. Scheurer-
Kestner of what would take place. I would like M. Scheurer-Kestner
to say that he is an old friend of General Billot, that he addresses
him with the utmost familiarity, that he almost wept in his arms, and
that he begged him, in the name of France, to take the matter up. I
would like him to say that.”
M. Scheurer-Kestner.—“The conversation that I had with General
Billot, who has been my friend for twenty-five years, was a long one.
Yes, I begged him to give his best attention to this matter, which
otherwise was likely to become extremely serious. ‘It is incumbent
upon you,’ I said to him, ‘to take the first steps, make a personal
investigation; do not trust the matter to anyone. There are bundles of
documents in certain offices. Send for them. Use no intermediary.
Make an earnest investigation. If you will promise to make this
earnest personal investigation. I pledge myself to maintain silence
until I shall know the result.’ As I left, General Billot asked me to say
nothing to anyone. I agreed, but on one condition. ‘Two hours,’ I
said, ‘are all that is necessary for this investigation. I give you a
fortnight, and during that fortnight I will not take a step.’ Now, during
that fortnight I was dragged in the mud, pronounced a dishonest
man, treated as a wretch, covered with insults, and called a German
and a Prussian.”
M. Zola.—“As they call me an Italian.”
M. Scheurer-Kestner—“It was during that fortnight that I wrote to
General Billot: ‘We have made a truce, but I did not think that this
truce would turn against me, thanks to the people who are about
you, and whom you either cause to act or suffer to act.’ I even
pointed out to him the names of officers who had been indicated to
me as the bearers of the articles to the newspapers. I told him that I
did not guarantee the accuracy of this information, but I asked him to
inquire into the matter. He pretended that he would make this inquiry,
and that, after it, he would report to me. The fortnight passed, and I
am still without news, without reply. That is the truth.”
M. Zola.—“Without news, with insults.”

Testimony of M. Casimir-Perier.

The next witness was M. Casimir-Perier, ex-president of the republic.

The Judge.—“You are M. Casimir-Perier, former president of the
republic. Of course you are neither the relative or an ally of the
accused, and they are not in your service. Will you raise your right
hand?”
M. Casimir-Perier.—“Monsieur le Président, before taking the oath, I
ask your permission to reiterate the declaration that I made
yesterday in writing.”
The Judge.—“Yes, but, before making your declaration, it is
necessary to take the oath.”
M. Casimir-Perier.—“I cannot tell the whole truth; it is my duty not to
tell it.”
M. Labori.—“When M. Casimir-Perier was president of the republic,
did he know, prior to the arrest of a staff officer, that this officer was
suspected of treason, and did he know the charges against him?”
The Judge.—“The question will not be put.”
M. Labori.—“Did M. Casimir-Perier know at any time that there was a
secret document in the war department relating either to the Dreyfus
case or to the Esterhazy case?”
The Judge.—“Let the Dreyfus case alone; let us have nothing to say
about it. Can you answer, M. Casimir-Perier, in regard to the
Esterhazy case?”
M. Casimir-Perier.—“I did not know, while I was president of the
republic, that there were any Esterhazy papers.”
M. Labori.—“Was M. Casimir-Perier aware that at a certain moment
a secret document was laid before the council of war in the Dreyfus
case, outside of the proceedings of the trial and without the
knowledge of the accused?”
The Judge.—“The question will not be put.”
M. Zola.—“Is it understood, then, that no attention is to be paid to the
word ‘illegality’ contained in the sentence complained of? You do not
take that into consideration? Then why was it included in the
summons?”
The Judge.—“On that point the court has rendered a decree.”
M. Zola.—“As a man, I bow to that decree, but my reason does not
bow. I do not comprehend your limitation of the defence to certain
matters indicated in the complaint, in the light of your refusal to hear
evidence regarding this word ‘illegality’ that also appears therein.”
The Judge.—“There can be no testimony against the thing judged.
That was repeated in today’s decree.”
M. Labori.—“We offer no testimony against the authority of the thing
judged.”
The Judge.—“It is the same thing.”
M. Labori.—“No, no.”
The Judge.—“You maintain that in the Dreyfus case there was
illegality.”
M. Labori.—“Yes.”
The Judge.—“Then it is the same thing. It is useless to insist.”
M. Zola.—“But the Esterhazy case is also a thing judged.”
The Judge.—“But you are prosecuted on that matter.”
M. Zola.—“But we are also prosecuted on the other.”
The Judge.—“Not the least in the world.”
M. Zola.—“Then there are differences in the thing judged?”
The Judge.—“The question will not be put. It is useless to debate it.”
M. Labori.—“No, it is not useless. Useless, perhaps, so far as
obtaining a decision in our favor is concerned; but not useless from
the standpoint of our cause, for everybody judges us, and the jurors
follow these discussions with interest. But, as you say that
discussion is useless, I shall have the honor to offer a motion, and
await a decree of the court. I do not wish to detain M. Casimir-Perier
longer, so I shall ask you, Monsieur le Président, on the ground of
morality and good faith,—and I hope that no decree of the court will
be needed to give us satisfaction on this point,—to ask M. Casimir-
Perier the following question: If a secret document had been
produced in any trial whatever, before any jurisdiction whatever, and
if in this way an adverse verdict had been obtained, what would M.
Casimir-Perier,—who will not, I am sure, in order to answer me, take
refuge behind any sort of professional secrecy, since the question
here is one of right and public morality, on which such men as
Daguesseau have given an opinion before him,—what would M.
Casimir-Perier think of it?”
The Judge.—“Allow me to tell you that it is useless to try to arrive by
indirect questions at the same result. I will not put the question.”
M. Clemenceau.—“I think the court does not clearly understand my
confrère’s question, which is this: If M. Casimir-Perier were to learn
tomorrow that a person had been condemned on a document that
had not been shown to him, what would be his opinion? It is a
question of good faith. The high position that M. Casimir-Perier has
occupied justifies us in asking his opinion.”
The Judge.—“It is not a fact; it is an opinion.”
M. Clemenceau.—“Then the court refuses to ask this question?”
The Judge.—“It is not a proper question to ask.”
M. Labori.—“Well, on this question, as on the others, we shall offer a
motion.”
M. Clemenceau.—“One word more. When M. Casimir-Perier took
the stand, he began to testify before making oath, saying: ‘I believe
that it is my duty not to tell the whole truth.’”
The Judge.—“That is not at all what M. Casimir-Perier said. He
declared that he did not believe it his duty to speak.”
M. Clemenceau.—“I demand that the question be put to the witness.”
M. Casimir-Perier.—“I had in view the formula of the oath, which
requires the telling of the whole truth, and I desired to point out that I
could not tell the truth entire, having in view, in saying so, my
declaration of yesterday, and, moreover, knowing no facts relating to
the case before the court, besides considering that concerning other
matters silence is imposed upon me by my duty and my
constitutional responsibility.”
M. Labori.—“I ask pardon of M. Casimir-Perier for keeping him
longer, but I cannot allow him to go until my motion has been passed
upon.”
M. Casimir-Perier.—“I am a simple citizen, and at the service of the
courts of my country.”
M. Labori.—“M. Casimir-Perier sets an illustrious example, when
others have to be forced by legal measures to appear in the assize
court.”
The Judge.—“You offer a motion, but you know what the opinion of
the court is. It will be the same decree again.”
M. Labori.—“Well, it will be only the easier to render it.”

Testimony of M. de Castro.

The witness-chair was then taken by M. de Castro, who testified as

follows:
“At the time in question I was a banker and broker near the Paris
Bourse, and I had had occasion to do some business for Major
Esterhazy. He was in regular correspondence with the house, and I
was very familiar with his writing,—so familiar, indeed, that in the
morning, when I opened my mail, I knew the major’s writing before
opening his letter. Toward the end of last October I was on the
boulevard when a street-fakir passed by me, selling a fac-simile of
the famous bordereau attributed to Dreyfus. I was struck by the
writing. It looked to me like a letter from Major Esterhazy. I returned
to my house much perturbed in mind. The next day I went with my
brother-in-law to find some of Major Esterhazy’s letters. I compared
them with the fac-simile, and found a perfect similarity,—in fact, a
striking identity. I spoke to some friends of this strange coincidence,
and they advised me to carry a few letters to M. Scheurer-Kestner,
who was concerning himself with the Dreyfus case. Meantime these
friends probably spoke to M. Mathieu Dreyfus, who came one day to
ask me to show him these letters. I offered him some of them, but he
refused them, saying: ‘I advise you to go yourself to M. Scheurer-
Kestner, and show them to him.’ So I went one morning, and said to
him: ‘I come to lay before you some very curious types. You will see
for yourself the similarity between the handwriting of these letters
and the famous bordereau.’ M. Scheurer-Kestner took the letters,
and looked at them for some time; then he went to a bureau, and
came back, saying: ‘Here are some letters probably written by the
same hand.’ and, indeed, I recognized Major Esterhazy’s writing.”
M. Labori.—“At that time had Major Esterhazy’s name been spoken
as that of the possible author of the bordereau? Did M. de Castro
suspect that M. Esterhazy was already under suspicion?”
M. de Castro.—“No.”
M. Labori.—“Did M. de Castro receive threatening letters?”
M. de Castro.—“No; no letters. I received one day a telegram. If the
court desires, I will produce it.”
The Judge.—“No, but what did it say?”
M. de Castro.—“It contained this threat: ‘If you have given in
evidence the letters which “Paris” designates by the initials d. d. c.,
you will pay dear for this infamy.’”
The Judge.—“Did this handwriting resemble that of Major
Esterhazy?”
M. de. Castro.—“No, there was nothing to indicate the origin of the
dispatch. It was not signed, and the writing was quite different from
that of Major Esterhazy.”
The witness was then allowed to step down, and the court adjourned
for the day.

Third Day—February 9.
The third day’s proceedings began with a statement of the judge
that, in refusing to hear Mme. Dreyfus the day before, concerning M.
Zola’s good faith, he had supposed that the question to be put to her
concerned M. Zola’s good faith in the matter of the Dreyfus case.
Therefore the court desired the defence to specify whether the
question concerned M. Zola’s good faith in the matter of the Dreyfus
case, or his good faith in the matter of the Esterhazy case.
M. Labori.—“I do not understand. M. Zola has committed an act
which is considered criminal. We maintain that it is an act of good
faith, and we ask the witness what she thinks of M. Zola’s good faith.
As to the Dreyfus case and the Esterhazy case, they are connected
only indirectly with the Zola case.”
The Judge.—“There is no Zola case. I can question Mme. Dreyfus
on the good faith of M. Zola only so far as the Esterhazy case is
concerned.”
M. Labori.—“The court will act according to its understanding. It is
the sovereign judge. But we are the sovereign judges in the matter of
the questions that we wish to put, and to us the question of good
faith is indivisible. A man who commits an act commits it either in
good or in bad faith, and we have not to inquire whether his faith is
good concerning this point or that point. I do not know what Mme.
Dreyfus will answer, but I ask that she be questioned in a general
way as to the good faith of M. Zola in writing his letter.”
The Judge.—“There must be no confusion here, no arriving by
indirect methods at that which the decree of the court has forbidden.”
M. Labori.—“I allow no one to say that I pursue indirect methods. I
have neither the face or the attitude or the voice of a man who does
things indirectly, and, if there are any indirect methods used here, I
leave the entire responsibility—I do not say to the attorney-general—
but to the complainant, the minister of war. I insist that the question
shall be put as I framed it, and, if the court refuses, I shall offer a
motion.”
The Judge.—“I will question Mme. Dreyfus concerning only the
second council of war that tried the Esterhazy case.”
M. Clemenceau.—“I am informed that witnesses are present in the
court-room, though the trial is now in progress. It seems that General
de Boisdeffre, General Mercier” ...
The Judge.—“The trial is not in progress.”
M. Clemenceau.—“It is essential that the witnesses should not be
present at any part of the trial before their deposition” ...
The Judge.—“The day’s debate has not begun.”
Nevertheless the military officers, who formed a group in the middle
of the room, were then excluded, and Dr. Socquet, the expert
physician who had been sent to examine the health of those
witnesses who had pleaded illness, took the stand.
He reported that M. Autant had been seized on the previous Sunday
with an attack of renal colic, but had now recovered, and was in the
witnesses’ room. As to Mme. de Boulancy, he said that her case
offered all the symptoms of angina pectoris, and that, considering
her condition, her appearance in court would be attended by serious
danger.
M. Clemenceau.—“I gather from the doctor’s testimony that it is
materially possible for Mme. de Boulancy to come to this bar, but
that the doctor thinks that the excitement would be bad for her. I ask
him, then, supposing that this question had been put to him; ‘Do you
believe that Mme. de Boulancy could appear before the examining
magistrate in the presence of Major Esterhazy?’ would he have
thought that that excitement would be bad for her?”
Dr. Socquet.—“I cannot answer. It is evident that the surroundings in
the assize court are different from those in the office of an examining
magistrate.”
Being questioned as to Mlle. de Comminges, he said that her
physician, Dr. Florent, told him that she was the victim of a nervous
affection, and had heart trouble so clearly defined that she was liable
to fainting-spells on entering a room the temperature of which was a
little above the ordinary.
M. Clemenceau.—“The jurors will note that these two ladies, Mlle. de
Comminges and Mme. de Boulancy, were at their residences, and
that their own physicians were present.”
Dr. Socquet.—“No, their physicians were not present.”
M. Clemenceau.—“The expert just said that the physician of Mlle. de
Comminges told him a certain thing.”
Dr. Socquet.—“That was in his certificate.”
These preliminaries over, the witness-stand was taken by General
de Boisdeffre.

Testimony of General de Boisdeffre.

M. Labori.—“Will General de Boisdeffre tell us first what the

document was that Major Esterhazy brought to the minister of war
some time before his appearance before the council of war?”
General de Boisdeffre.—“That document relates to the Dreyfus case;
consequently I cannot speak of it without violating the decree of the
court and my professional secrecy.”
M. Labori.—“I am glad to learn that it relates to the Dreyfus case, but
Major Esterhazy made use of it as a means of defence, and
described it by an interesting phrase which General de Boisdeffre no
doubt has heard,—‘the liberating document.’ Moreover, the minister
of war gave Major Esterhazy a receipt for it; therefore it concerns
exclusively the case of Major Esterhazy. So I ask General de
Boisdeffre what the liberating document is.”
General de Boisdeffre.—“Professional secrecy does not permit me to
answer.”
M. Labori.—“Professional secrecy can be invoked only by persons
capable of receiving confidences because of their profession. Where
there is no profession that involves such confidences, there is no
secrecy. General de Boisdeffre has received no confidences, and, if
he has, we do not ask him to betray them. As chief of staff of the
army, he has acted as an official, and, if he invokes any secrecy, it
can be only that which seems to have been devised in many
respects especially for the necessities of this case, and which is
called the secret of State. When the secret of State is invoked by a
government, we are at liberty to ask if there is a reason to recognize
it. That question will arise when the members of the Dupuy cabinet
shall come to the stand. When it is invoked by a former president of
the republic, we bow with deference, because the president of the
republic is irresponsible. But General de Boisdeffre is a responsible
official. Respect for the army is never shown to a person, but to a
symbol or an ideal, and it is based on the confidence that we have in
those who represent it, and on their ability to answer at any moment
for all their acts before the justice of the country, represented here by
twelve jurors who are France, and to whom everybody owes
explanations. General de Boisdeffre is in the presence of justice. He
can escape by no appeal to secrecy. Therefore I ask the court to put
my question again.”
General de Boisdeffre.—“I have the profoundest respect for the
justice of my country. Perhaps I do not know how to make the legal
distinctions that have just been pointed out, but I consider the secret
of State a professional secret. That is my reply.”
The Judge.—“Let us pass to another order of ideas.”
M. Labori.—“I pass not to another order of ideas, but to another
order of questions. Can General de Boisdeffre tell us anything about
the veiled lady?”
General de Boisdeffre.—“I know absolutely nothing about the veiled
lady, and have not heard her spoken of except by the newspapers.”
Welcome to our website – the ideal destination for book lovers and
knowledge seekers. With a mission to inspire endlessly, we offer a
vast collection of books, ranging from classic literary works to
specialized publications, self-development books, and children's
literature. Each book is a new journey of discovery, expanding
knowledge and enriching the soul of the reade

Our website is not just a platform for buying books, but a bridge
connecting readers to the timeless values of culture and wisdom. With
an elegant, user-friendly interface and an intelligent search system,
we are committed to providing a quick and convenient shopping
experience. Additionally, our special promotions and home delivery
services ensure that you save time and fully enjoy the joy of reading.

Let us accompany you on the journey of exploring knowledge and

personal growth!

textbookfull.com