Certification Objective 1.08-System Administration


Most system administration tasks require root or superuser privileges. You should already be familiar with a number of basic Linux system administration commands and files. Standard user files are stored in /etc/skel. Daemons are processes that run in the background and run various Linux services. cron is a specialized daemon that can run scripts when you want. It's especially useful for setting up backup jobs in the middle of the night. Logging is a key part of monitoring Linux and any services that you choose to run.

The Superuser

Generally in Linux, a system administrator does everything possible as a normal user. It's a good practice to use superuser privileges only when absolutely necessary. But one time when it's appropriate is during the Red Hat exams. Good administrators will return to being normal users when they're done with their tasks. Mistakes as the root user can disable your Linux system.

There are two basic ways to make this work:

  • su The superuser command, su, prompts you for the root password before logging you in with root privileges. A variation, su -c, sets up root privileges for one specific command. Many Red Hat GUI utilities are set up to prompt for the root password before they can be started using Pluggable Authentication Modules (see Chapter 6). One more variation, su - root, sets up root privileges with the root user PATH. (Remember to use a space on both sides of the dash in this command.)

  • sudo The sudo command allows users listed in /etc/sudoers to run administrative commands. You can configure /etc/sudoers to set limits on the root privileges granted to a specific user.

However, Red Hat Enterprise Linux provides some features that make working as root somewhat safer. For example, logins using the ftp and telnet commands to remote computers are disabled by default.

/etc/skel for Home Directories

Basic configuration files for individual users are available in the /etc/skel directory. This directory includes a number of hidden files. For a full list, run the ls -a /etc/skel command. If you want all future users to get specific files in their home directories, include them here.

The next time you create a regular user, check that person's home directory. For example, if you just created a user named elizabeth, run the ls -a /home/elizabeth command. Compare the results to the previous command on the /etc/skel directory.

Daemons

A daemon is a process that runs in the background. It is resident in your computer's RAM and watches for signals before it goes into action. For example, a network daemon such as httpd, the Linux Web server known as Apache, waits for a request from a browser before it actually serves a Web page.

Daemons are often configured to start automatically when you start Linux. This process is documented at various runlevels in the /etc/rc.d directory. Alternatively, you can use a tool such as ntsysv to identify and manage the daemons that are started at various Linux runlevels. This is discussed in more detail in Chapter 4.

Controlling Network Services Through Daemons

Networks don't always work. Sometimes you need to restart a network daemon to implement a configuration change. Red Hat Enterprise Linux provides an easy way to control network service daemons through the scripts in /etc/rc.d/init.d. This directory includes scripts that can control installed Linux network services (and more) for everything from the Network File System (NFS) to sendmail. The actual daemon itself is usually located in the /sbin or /usr/sbin directory.

image from book
Exam Watch

In Red Hat Enterprise Linux, a simpler way to reload or restart a service in the /etc/init.d directory is with the service command. For example, to restart the vsftpd service, you could run the service vsftpd restart command. (And that's one more reason to log in as the root user; if you invoke root privileges with su, based on the default $PATH, you'd have to type /sbin/service vsftpd restart.)

image from book

With these scripts, it's easy to start, stop, status, reload, or restart a network daemon. This is useful to implement or test changes that you make to a specific configuration file. For example, if you make a change to the Postfix mail server configuration file in /etc/ postfix/main.cf, you can implement the change right away with the /etc/init.d/postfix reload command. Other switches to these scripts allow you to stop, start, or status these services. Service management is discussed in more detail in Chapter 3.

cron

Perhaps the most important daemon is cron, which can be used to execute a command or a series of commands in a script, on a schedule. Red Hat Enterprise Linux already includes a series of scripts that are executed by cron on committed schedules in the /etc/cron.hourly, /etc/cron.daily, /etc/cron.weekly, and /etc/cron .monthly directories.

System crontab

The easiest way to set up your own cron jobs is through the crontab file, which can be managed through the crontab command. Users can edit their own crontab files with the crontab -e command; the root user can configure the crontab for a specific user with the crontab -u username -e command.

The general format for a crontab file can be found in the /etc/crontab script, which is used to run the scripts in the aforementioned schedule-related directories. A typical crontab entry from that file is

 42 4 1 * * root run-parts /etc/cron.monthly 

Five schedule fields appear on the left side of each crontab entry: minute, hour, day of month, month, and day of week. This line executes the scripts in the /etc/cron .monthly directory at 4:42 A.M. on the first of every month, no matter what day of the week it is.

Backup and Restore

Hard drives include spinning disks and magnetic media. These are mechanical parts. By definition, all mechanical hard drives will eventually fail. If you're administering a Linux system with multiple users, you do not want to have to hear the complaints of people who "know" that their data is more important than yours, because you'll know that they are "right."

Configuring backups involves a number of strategic choices that go beyond Linux.

Using full backups, you can back up the entire drive; using incremental backups, you back up just the data that has changed since the last backup. A wide variety of media are available for backups, including tape drives, writable CD/DVDs, and other hard drives in various RAID configurations. You can back up data locally or over a network. Linux includes a number of quality tools for backups.

It's common to back up through a network to a dedicated backup server. Since you're transferring at least substantial portions of a hard drive during a backup, backups can degrade network performance for other users. So it is best to perform backups when few people are using your Linux system, which in most cases is during the middle of the night. For this reason, it's a common practice to automate backups using the cron daemon.

Tape Backups

Using magnetic tape in Linux depends on the ftape system using tarballs to group directories into single compressed backup files. Once it is mounted, it's easy to test a tape drive; just use the mt -f /dev/tapedevice command to status, rewind, or eject the tape. If it's a SCSI tape drive, use the st command instead.

You don't mount a tape as you would when using regular media; you can actually use switches with the tar command to write or restore directly from the tape device. Just cite the appropriate /dev/tapedevice in the command. Make sure you can also restore from the backup you've made.

DVD/CD Backups

Backups to DVDs and CDs can be made in a similar fashion, using "iso" files instead of tarballs. The mkisofs -J -r -T -o /tmp/backhome.iso /home command can consolidate regular users' home directories from /home onto a single file-or it can be easily saved to a remote system. You can then record this file onto the media with a command such as this:

 # cdrecord -v /tmp/backhome.iso 

You can then store the DVD/CD and later restore the files from it by mounting it as you would any regular DVD/CD.

Hard Drive (RAID) Backups

Hard drive backups are based on the system known as the Redundant Array of Independent Disks (RAID), which is covered in more detail in Chapter 8. There are several versions of RAID that can automatically restore data once you've replaced a broken hard disk.

gzip and bzip2

The gzip and bzip2 commands are similar-they compress and decompress files, using different algorithms. If you wanted to compress a big picture file, you could do so with one of the following commands:

 # gzip big.jpg # bzip2 big.jpg 

It adds a .gz or a .bz2 suffix to the file, compressed to the associated algorithms.

You can uncompress from these files with the -d switch:

 # gzip -d big.jpg.gz # bzip2 -d big.jpg.bz2 

tar

The tar command was originally developed for archiving data to tape drives. However, it's commonly used today for collecting a series of files, especially from a directory. For example, the following command backs up the information from the /home directory in the home.tar.gz file:

 # tar czvf home.tar.gz /home 

This is one of the few commands that does not require a dash in front of the switch. This particular command creates (c) an archive, compresses (z) it, in verbose (v) mode, with the filename (f) that follows. Alternatively, you can extract (x) from that file with the following command:

 # tar xzvf home.tar.gz /home 

The compression specified (z) is associated with the gzip command; if you wanted to use bzip2 compression, substitute the j switch.

System Log File Management

Log files are controlled by the syslogd daemon and organized in the /etc/syslog.conf file. It is important to use log files to understand the behavior of your Linux system; deviations may be a sign of problems with a recently installed service or a security breach. Basic log files are organized in the /var/log directory. For more information on system logs, see Chapter 7.



RHCE Red Hat Certified Engineer Linux Study Guide (Exam RH302)
Linux Patch Management: Keeping Linux Systems Up To Date
ISBN: 0132366754
EAN: 2147483647
Year: 2004
Pages: 227
Authors: Michael Jang

Similar book on Amazon
Linux Quick Fix Notebook
Linux Quick Fix Notebook
Self-Service Linux: Mastering the Art of Problem Determination
Self-Service Linux: Mastering the Art of Problem Determination
RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition (Certification Press)
RHCSA/RHCE Red Hat Linux Certification Study Guide (Exams EX200 & EX300), 6th Edition (Certification Press)
Security Strategies in Linux Platforms and Applications (Information Systems Security & Assurance)
Security Strategies in Linux Platforms and Applications (Information Systems Security & Assurance)

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net