1 / 38

System Administration: Core Concepts

System Administration: Core Concepts. Chapter 11. Introduction. What is the job of the system administrator? Keep one or more systems in a useful and convenient state for users. Introduction. A well-maintained system

lillian-beasley
Download Presentation

System Administration: Core Concepts

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. System Administration: Core Concepts Chapter 11

  2. Introduction • What is the job of the system administrator? • Keep one or more systems in a useful and convenient state for users

  3. Introduction • A well-maintained system • Runs quickly enough so users do not get too frustrated waiting for the system to respond • Has enough storage to accommodate users’ needs • Provides a working environment appropriate to each user’s abilities and requirements • Is secure from malicious and accidental acts altering its performance or compromising the security of the data is holds • Is backed up regularly, with recently backed-up files readily available. • Backups must be tested regularly • All software on the system is patched and updated

  4. System Administrator and SuperUser • Much of what a system administrator does is work that ordinary users do not have permission to do • To perform these tasks, the administrator typically will login as root (SuperUser) • Some commands can only be executed by root • Read, Write, and Execute file and directory access permissions do not affect root • Some safeguards built in to some commands do not apply to root • When running with root privileges, the shell will display a special prompt (#)

  5. System Administrator and SuperUser • Gaining or granting Superuser privileges • Bring the system up in single-user mode • Once the system is running in multi-user mode, login as root • Use the su (substitute user) command • Use the sudo command to give users superuserprivlidges for a limited amount of time on a per-user per-command basis • Using setuid

  6. System Administration Tools • Numerous tools exist to assist in system administration it’s up to your imagination to make them work the way you want • su (substitute user) • Gives you another user’s privileges • You must know the password of the user who’s privileges you want to use • When su is used to become the superuser, a new shell is spawned and displays the # prompt • Use CONTROL-D or exit to terminate the session

  7. System Administration Tools • su (cont.) • e.g. $ iduid=500(alex) gid=500(alex) groups=500(alex) context=user_u:system_r:unconfined_r$ suPassword:# iduid=0(root) gid=0(root) groups=0(root), 1(bin), 2(daemon), 3(sys), … • su can be used with the –c option to run a single command with other privilidges • e.g.$ kill -15 4982-bash: kill: (4982) – Operation not permitted$ su –c “kill -15 4982”Password:$

  8. System Administration Tools • kill • Sends a signal to a process • The signal may or may not terminate the process • kill -15 or kill –TERM • will send a terminate signal to the process. The process could ignore this. • kill -9 or kill –kill • will send a terminate signal that the process CAN’T ignore

  9. System Operation • Booting the system • The process of reading the Linux kernel into system memory and starting it running • The last step of the boot procedure is for Linux to run the init program as PID number 1 • init is the first genuine process to run after booting • init is the parent of all system processes • if you kill process 1, the system will crash

  10. System Operation • init scripts • start and stop system services • The first script that init runs is /etc/rc.d/rc.sysinit • performs basic system configuration • setting the clock • hostname • keyboard mapping • setting up swap partitions • checking the file systems for errors • turning on quota management

  11. System Operation • init scripts (cont.) • /etc/rc.d/rc • Runs next after rc.sysinit • Runs the scripts for services that need to be started or stopped when the system is first brought up or that need to be started or stopped when going from single user to multiuser and back • Init scripts (rc - run command) are shell scripts located in /etc/rc.d/init.d • run via symbolic link in the /etc/rc.d/rcn.d • n refers to the runlevel the system is entering

  12. System Operation • Configuring Services • service utility • reports on or changes the status of a service • system-config-services • Displays the Service Configuration window • Two functions • Turns a system service on and off • Controls which services are stopped and started when the system enters and leaves runlevels 3, 4, and 5

  13. Service Configuration GUI

  14. System Operation • Configuring Services (cont.) • chkconfig • Character based • Duplicates much of the system-config-services utility • Add, remove, list startup information, and check the state of system services • Changes the config only – not the current state of services

  15. System Operation • Bringing the system down • Shutdown utility • Must be told what time to bring the system down • Warns all users that the system is going down • Halt utility • Calls the shutdown utility • Both bring the system down safely • CONTROL-ALT-DEL • Reboots the system • DO NOT TURN POWER OFF BEFORE SYSTEM IS DOWN

  16. System Operation • CRASH!!!!! • Occurs when the system suddenly stops or fails. • Run fsck on all local filesystems that were mounted at time of a crash – this is a file system check utility - (p.470)

  17. System Administration Utilities • Red Hat configuration tools • system-config-authentication • Displays Authentication Configuration window with two tabs • User Information • Allows enabling of NIS, LDAP, Hesiod, and Winbind • Authentication • Allows the use of shadow and MD5 passwords • system-config-bind (Fedora) • Displays the DNS window

  18. System Administration Utilities • Red Hat configuration tools • system-config-boot • Displays the Boot Configuration window • system-config-date • Displays the date/time properties window • system-config-display • Displays the Display Settings window • system-config-httpd • Displays the HTTP window • system-config-keyboard • Displays the keyboard window

  19. Config Utilities

  20. System Administration Utilities • Red Hat configuration tools • system-config-kickstart • Displays the KickstartConfigurator window • used to create a Kickstart script • system-config-language • Displays the Language Selection window • system-config-lvm • Displays the Logical Volume Management window • system-config-mouse • Displays the Mouse Configuration window

  21. System Administration Utilities • Red Hat configuration tools • system-config-netboot • Displays the Network installation and Diskless Environment window • system-config-network • Displays the Network Configuration window (p.571) • system-config-network-cmd • Displays the parameters that system-config-network uses

  22. System Administration Utilities • Red Hat configuration tools • system-config-printer • Displays the Printer Configuration window • system-config-rootpassword • Displays the Root Password window • The passwd command can also be used • system-config-samba • Displays the Samba Server Configuration window

  23. System Administration Utilities • Red Hat configuration tools • system-config-services • Displays the Service Configuration window • Configures which services run at which runlevel • system-config-soundcard • Displays the Audio Devices window • system-config-users • Displays the User Management window • Used to manage users and groups

  24. System Administration Utilities • Command Line Utilities • kudzu • Finds new and changed hardware and configures it • mkfs • Creates a new filesystem • e.g. mkfs –t ext3 device • setserial • Gets and sets serial port information • stat • Displays the information about a file or filesystem

  25. Setting Up a Server – Admin Tasks • Writing configuration files • Specifying hosts and subnets • port-map • rpcinfo • xinetd • TCP wrappers • chroot jail

  26. Setting up a Server • Standard Rules in writing Configuration Files • Blank lines are ignored • # anywhere on a line starts a comment that continues to the end of the line • When a name contains a SPACE, it must be quoted by single or double quotes • Lines can be broken by inserting a backslash (\) and pressing RETURN

  27. Setting Up a Server • Specifying Clients in config files

  28. Setting Up a Server • rpcinfo and portmap • rpcinfo displays information about programs registered with portmap • RCP calls are made to programs to see if they are “alive”

  29. Setting Up a Server • xinetd • Superserver • Replaced inetd and is more secure • Listens for network connections • When a connection is made, it launches a specified server daemon and forwards the data from the socket to the daemon’s standard input • uses /etc/hosts.allow and /etc/hosts.deny

  30. Setting Up a Server • xinetd • Base configuration stored in /etc/xinetd.conf • View the contents of /etc/xinetd.conf • defaults • specifies the default configuration of xinetd • files in the included in the /etc/xinetd.d directory specify server specific configurations • defaults can be overridden by server-specific configuration files • instances • specify the number of instances a daemon can run at one time

  31. Setting Up a Server • DHCP • The client daemon (dhclient) contacts the server daemon (dhcpd), to obtain IP addressing and additional information • netmask • broadcast • dns • etc. • Broadcast based • Both client and server must be on the same subnet

  32. Setting Up a Server • DHCP • DHCP Client • Requests network configuration parameters from the DHCP server • Uses the obtained parameters to configure the network interface • Need to have dhclient installed • DHCP lease information is stored in dhclient.leases

  33. Setting Up a Server • DHCP • DHCP Server • Maintains a list of IP addresses and other configuration parameters • When requested, the DHCP server provides configuration parameters to a DHCP client • Need to have dhcp installed • To cause dhcpd to start when the system enters multiuser • /sbin/chkconfig dhcpd on • To start manually • /sbin/service dhcpd start

  34. Setting Up a Server • DHCP • DHCP Server • Simple DHCP server • Add clients to a network • Eliminates the need to maintain a list of assigned IP addresses • Some devices should NOT have an IP address assiged via DHCP • Routers • Servers • Switches • Others?

  35. Setting Up a Server • DHCP • DHCP Server • Simple DHCP server configuration • /etc/dhcpd.confdefault-lease-time 600;max-lease-time 86400;option subnet-mask 255.255.255.0;option broadcast-address 192.168.1.255;option routers 192.168.1.1;option domain-name-servers 192.168.1.1;subnet 192.168.1.0 netmask 255.255.255.0 {range 192.168.1.2 192.168.1.200}

  36. Setting Up a Server • DHCP • DHCP Server • To install • Download latest version from the Internet Software Consortium (www.isc.org) • Unpack the archive • $ tar xzf ./dhcp-3.0.6.tar.gz • Move the new directory that contains all the source files • $ ./configure • $ make • $ sudo make install • Copy the server/dhcp.conf to /etc

  37. Setting Up a Server • DHCP • DHCP Server • To install • $ sudo touch /var/lib/dhcp/dhcp.leases • $ sudo chkconfig –level 35 dhcpd on • $ /etc/init.d/dhcp restart

  38. Where do we go from here? • Read this chapter • Try out some of the commands • We will be installing DHCP in future lessons on your VM.

More Related