System Administration - PowerPoint PPT Presentation

system administration n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
System Administration PowerPoint Presentation
Download Presentation
System Administration

play fullscreen
1 / 75
System Administration
242 Views
Download Presentation
danil
Download Presentation

System Administration

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. System Administration

  2. What is System Administration? • Managing the whole system • User accounts • Backup • Security • etc. • Services • Configuring • Starting • Stopping

  3. Users and security

  4. Root and su • root • Account used by system admin • Note: passwd works more leniently for root • Use extreme caution to guard root's PW • Sometimes called the superuser • Only account with 0 as the user-id • # grep "^root" /etc/passwdroot:x:0:0:root:/root:/bin/bash • PATH usually has /sbin or /usr/sbin • # echo $PATH • /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin • Note: sbin contains most admin commands

  5. Root and su • su • Switch Users • Syntax • su [-] user-id • if user-id is not specified root is assumed • the optional – assumes the id's environment • Omit – if want to keep current environment • Runs in a separate sub-shell • Use <ctrl>-d or exit to terminate

  6. Admin privileges • root has great powers • Change contents and attributes of any file • Delete any file or directory • even if write protected • Start or kill any process • Change any user's password • Set the system clock • Send message to all users with wall • Limit file size • Control access to certain services • at and cron • FTP, SSH, etc.

  7. User management • Users • useradd • low level • adduser • "friendlier" • Groups • groupadd • Low level • addgroup • "friendlier"

  8. passwd and shadow files Enrty in passwd file: tkombol:x:1001:1001:tkombol,,,,:/home/tkombol:/bin/bash User Name Login Shell or script to run Numeric UID Comment field Home Directory Password: x means using encrypted pw, look in shadow file Numeric GID Entry in shadow file: ajkombol:$6$HDwv268pQ/O4 … uMm80Cs/:15347:0:99999:7::: User Name Encrypted password

  9. Maintaining security • In general only the administrator should have access to the system directories: • /bin, /usr/bin, /etc, /sbin, etc. • Security Measures: • Restricted Shell • Set-User-Id (SUID) • Set-Group-Id (SGID • Sticky Bit

  10. Restricted Shell • Some user accounts to use a special restricted shell • Restrictions: • cannot use cd • cannot change their PATH • cannot redefine the SHELL • cannot use a path containing a / •  cannot run a program outside the PWD • Cannot use > or >> to create or append to file • rsh • do not confuse with the remote shell rsh • newer systems have other versions • e.g. rbash and rksh

  11. Special attributes • SUID, SGID and sticky bit • Allows temporary permissions

  12. SUID • Set-User-Id • Lets common users update certain sensitive files • Usually executables • Gives that user the same privileges as the owner • Can be set only by superuser • chmodu+s filename • chmod 4755 filename • the 4 sets the SUID property • Denoted by the letter s in the owner's execute position

  13. SUID • Example: • passwd is a "dangerous" program • Changes the password for a user • Not everyone should have the power to change PWs • Superuser (root) must have the power  • passwd should be owner by root • Users should be able to change their own PW • SUID allows for this

  14. SGID • Same is true for Groups if SGID is set • Set only by superuser • chmodg+s filename • chmod 2755 filename

  15. Sticky Bit • Usually used for directories •  files cannot be deleted in the directory by non owners • even if it has directory write permissions • For files: •  image is kept loaded in memory for quick execution • Set only by superuser • chmodx+t filename • chmod 1755 file name

  16. Booting and Shutdown

  17. run-level review • System dependent run levels: • 0 • shutdown • 1 • system admin mode (local file systems) • 2 • Multiuser (NFS not available) • 3 • Full multiuser • 5 • GUI mode in Linux • 6 • shutdown and reboot • s or S • single user mode (file system mounted)) • Note: • the run levels may vary between distributions

  18. booting • When system powered on: • checks for peripherals • does a set of steps to load kernel • kernel spins off the first progam: init • init maintains the complete system • init is the parent of all daemons • init spawns getty for all terminals • init starts at level 1 or s • before switching to final mode (2-5)

  19. shutdown • When the system is ready to be turned off: • Sends signals to all running processes • So they may terminate normally • Logs off all users • Kill their remaining processes • Unmounts all secondary storage • Invokes sync • writes all data in memory to disk • preserves integrity of file system • Notifies users to switch off • or moves system to single user mode

  20. Init Details • instructions in a file: /etc/inittab • each line has a 4 field instruction: • label:run_levels:action:command # cat inittab # /etc/inittab: init(8) configuration. # The default runlevel. id:2:initdefault: si::sysinit:/etc/init.d/rcS # What to do in single-user mode. ~~:S:wait:/sbin/sulogin … # /etc/init.d executes the S and K scripts upon change of runlevel. # Runlevel 0 is halt. # Runlevel 1 is single-user. # Runlevels 2-5 are multi-user. # Runlevel 6 is reboot. l0:0:wait:/etc/init.d/rc 0 l1:1:wait:/etc/init.d/rc 1 l2:2:wait:/etc/init.d/rc 2 … # What to do when the power fails/returns. pf::powerwait:/etc/init.d/powerfail start pn::powerfailnow:/etc/init.d/powerfail now po::powerokwait:/etc/init.d/powerfail stop … 1:2345:respawn:/sbin/getty 38400 tty1 2:23:respawn:/sbin/getty 38400 tty2

  21. init actions • There are many, here are the big ones: • sysinit • used to initialize • do checks at this time: • file systems ok • activate swap partitions • etc. • respawn • make sure process is restarted on termination • e.g. when someone logs off a terminal • boot • executes only when the inittab is read the first time • init ignores any run levels placed here • off • kills a process if it is running • ctrlaltdel • executes shutdown (linux only)

  22. in the beginning… • init forks getty • more than 1 getty can be forked • init goes dormant • getty (get tty) • waits for user to login • starts login (exec) • login • user logs in • shell is started (exec) • shell • user works under the shell • when user logs out • shell is killed • init is notified • init wakes • init spawns another getty • repeat …

  23. rc scripts • Directories labeled • rco.d, rc1.d, … rc6.d, rcS.d • Debian • Similar names in other distros • Number in the name matches the runlevel of the system • When the run level changes the scripts in the directory for that run level are run • In alphabetic order

  24. rc scripts • The script names • Begin with a K or S • Kill or Start • Followed by a two digit number • Followed by characters • Usually a name that indicates the script function • K's go first to remove any improper programs from a previous run level • S's follow to start the programs appropriate for this run level

  25. rc scripts • Example for run level one on a Debian system # cd /etc/rc1.d # ls K01alsa-utils K01krb5-admin-server K01squid K06nfs-common K01anacron K01metasploit K01tomcat6 K06portmap K01apache2 K01nfs-kernel-server K01winbind README K01atd K01openbsd-inetd K02avahi-daemon S01killprocs K01bluetooth K01openvpn K02cups S06bootlogs K01exim4 K01proftpd K02krb5-kdc S07single K01gdm3 K01samba K02mysql K01hal K01saned K02postgresql K01kerneloops K01smartmontools K04rsyslog #

  26. rc scripts • Example for run level five on a Debian system # cd /etc/rc5.d/ # ls README S04cron S04rsync S05krb5-admin-server S01binfmt-support S04dbus S04smartmontools S06bootlogs S01fancontrol S04kerneloops S04squid S06cups S01rsyslog S04krb5-kdc S04ssh S06saned S01sudo S04loadcpufreq S04winbind S07samba S01tomcat6 S04metasploit S05avahi-daemon S14portmap S02openvpn S04mysql S05bluetooth S15nfs-common S03apache2 S04ntp S05cpufrequtils S16nfs-kernel-server S04acpid S04openbsd-inetd S05exim4 S17rc.local S04anacron S04postgresql S05gdm3 S17rmnologin S04atd S04proftpd S05hal S17stop-bootlogd #

  27. Device Files

  28. Device Files • In Linux everything is a file • This includes devices • /dev • directory that "lists" the devices • entries are not literal files • a device file contains no data • reference to a program (device driver) to read or write that device • permissions are analogous to those for files

  29. Device files • Block or Character • Devices can read/write data as "chunks" • Blocks • Usually buffered in memory before used or written • Devices can read/write data in "streams" • Character • read or write one character (byte) at a time • Usually a device works in one mode or the other • Some devices can work in either mode

  30. Device Files: General rule • Storage devices like discs (hard, optical) work in block (b) mode • Devices like terminals, tape drives and printers work in character (c) mode

  31. Device Files: Sample Listing ls /dev total 0 crw-rw---- 1 root video 10, 175 2013-01-16 18:18 agpgart crw-rw---- 1 root audio 14, 4 2013-01-16 18:18 audio lrwxrwxrwx 1 root root 3 2013-01-16 18:18 cdrom -> hdc lrwxrwxrwx 1 root root 3 2013-01-16 18:18 cdrw -> hdc lrwxrwxrwx 1 root root 3 2013-01-16 18:18 cdrw1 -> hdd drwxr-xr-x 2 root root 2780 2013-04-02 16:25 char lrwxrwxrwx 1 root root 3 2013-01-16 18:18 dvd -> hdc brw-rw---- 1 root disk 3, 0 2013-01-16 18:18 hda brw-rw---- 1 root disk 3, 1 2013-01-16 18:20 hda1 brw-rw---- 1 root cdrom 22, 0 2013-01-16 18:18 hdc brw-rw---- 1 root cdrom 22, 64 2013-01-16 18:18 hdd crw-rw-rw- 1 root root 1, 3 2013-01-16 18:18 null lrwxrwxrwx 1 root root 15 2013-01-16 18:18 stderr -> /proc/self/fd/2 lrwxrwxrwx 1 root root 15 2013-01-16 18:18 stdin -> /proc/self/fd/0 lrwxrwxrwx 1 root root 15 2013-01-16 18:18 stdout -> /proc/self/fd/1 crw-rw-rw- 1 root root 5, 0 2013-04-03 14:43 tty crw-rw---- 1 root root 4, 0 2013-01-16 18:18 tty0 crw------- 1 tkombol tty 4, 1 2013-04-03 15:08 tty1 crw-rw---- 1 root dialout 4, 64 2013-02-18 17:06 ttyS0 crw-rw---- 1 root dialout 4, 65 2013-01-16 18:18 ttyS1 crw-rw---- 1 root root 252, 1 2013-01-16 18:18 usbdev1.1_ep00 crw-rw---- 1 root root 252, 0 2013-01-16 18:18 usbdev1.1_ep81

  32. File Systems

  33. File systems • Directory structure with its own root • Disk can be divided into multiple file systems • Separates data • Corruption in one file system will not affect another • Each file system can be backed up independently

  34. File Systems • Components • boot block • boot program • partition table • superblock • global info on file system • OS keeps a copy in memory • inode blocks • keeps track of every disk block • data blocks • all the data

  35. Unix/Linux File Systems • Types • s5 • ufs • ext2, ext3 and ext4 • Current linux systems • iso9660 or hsfs • cd rom file system • msdos or pcfs • original floppy for DOS • swap • bfs • proc or procfs

  36. File Systems • Mounting • A directory in one filesystem which contains another file system is a mount point • Classical mount points • /dev/fd • floppy disk • fd0 • first floppy drive • /dev/hda • first ide drive • hda1 • a partition in hda • /dev/hdb • second ide drive • /dev/sda • first scsi drive • also used for pata/sata drives • /dev/ttyS0 • a serial port

  37. File systems • mount points may be different on various distros • My Debian at home and one at work have different dev names for the same function

  38. File Systems • Notes • Can mount multiple drive blocks to make one larger file system • Combine partitions, drives • LVM • Logical Volume Manager

  39. File Systems • Mounting • assign file blocks to a directory name • Unmounting • removes the mount • fstab • lists all available disks and partitions • where they should be mounted and how • can be used by mount

  40. mounting • mount [opts] devnamedirname • must know device name • dirname must exist • it should be empty • permissions set to at least 755 • 777 works but is less secure • some may be predefined • Notes: • mount • no option lists all current mounts • fdisk –l • will list available hard drives

  41. mount example # mount /dev/hda1 on / type ext3 (rw,errors=remount-ro) tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755) proc on /proc type proc (rw,noexec,nosuid,nodev) sysfs on /sys type sysfs (rw,noexec,nosuid,nodev) procbususb on /proc/bus/usb type usbfs (rw) udev on /dev type tmpfs (rw,mode=0755) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev) devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620) rpc_pipefs on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw) nfsd on /proc/fs/nfsd type nfsd (rw) /dev/sda1 on /media/EGMONITOR type vfat (rw,nosuid,nodev,uhelper=hal,shortname=lower,uid=1000)

  42. fdisk –l example #sudofdisk -l Disk /dev/hda: 40.0 GB, 40020664320 bytes 255 heads, 63 sectors/track, 4865 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Disk identifier: 0x93dd93dd Device Boot Start End Blocks Id System /dev/hda1 * 1 4660 37431418+ 83 Linux /dev/hda2 4661 4865 1646662+ 5 Extended /dev/hda5 4661 4865 1646631 82 Linux swap / Solaris Disk /dev/sda: 1018 MB, 1018167296 bytes 2 heads, 63 sectors/track, 15782 cylinders Units = cylinders of 126 * 512 = 64512 bytes Disk identifier: 0x017c9ef7 Device Boot Start End Blocks Id System /dev/sda1 * 1 15783 994288 6 FAT16 # • Notes: • hda is an ide drive with 3 partitions • sda is a USB drive currently plugged in

  43. unmounting • umountdirname • can also use devname • unmount before removing device • prevents loss or corruption of data • note the name is umount, not unmount

  44. fstab • List of default mount points • Gets mounted during the booting process • Notes: • mount –a • will mount the fstab entries • mount /dirname • will mount to the device listed in fstab • umount –a • will try to unmount the entries in fstab • if device is busy will get an error • cannot unmount a directory you are in

  45. fstab # cat /etc/fstab # /etc/fstab: static file system information. # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 /dev/hda1 / ext3 defaults,errors=remount-ro 0 1 /dev/hda5 none swap sw 0 0 /dev/hdc /media/cdrom0 udf,iso9660 user,noauto 0 0 /dev/hdd /media/cdrom1 udf,iso9660 user,noauto 0 0 /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0 # • Sample fstab: • Columns: • 1: device name • 2: mount point • 3: file system type • 4: mount options • 5: enable backing up (dump) • 6: fsck order

  46. File System Checking • superblock must be kept in sync between the version on the disk and the one in memory • update does a sync every 30 seconds • if there is a powerfailure before a change can be synced there can be discrepancies • Examples: • two or more inodes claiming same disk block • block marked free, but not listed in superblock • used block marked free • mismatch in sizes • file not having a directory entry • fsck can check for and fix these problems

  47. Files system checking • fsck • five sequential phases • each feeding the next phase • if there is an error • fsck becomes interactive • user answers questions to fix

  48. Manageing Disk Space

  49. Managing Disk space • Fact: disks fill up! • Need to monitor and maintain use • Two good base tools: • df • du

  50. Managing Disk space • df • reports free space on disk • -h option makes it human readable # df -h Filesystem Size Used Avail Use% Mounted on /dev/sda1 323M 160M 147M 53% / tmpfs 2.0G 0 2.0G 0% /lib/init/rw udev 2.0G 236K 2.0G 1% /dev tmpfs 2.0G 0 2.0G 0% /dev/shm /dev/sda9 440G 2.9G 415G 1% /home /dev/sda8 368M 11M 339M 4% /tmp /dev/sda5 8.3G 4.2G 3.7G 54% /usr /dev/sda6 2.8G 1.1G 1.6G 41% /var /dev/sdb1 114G 1.9G 106G 2% /opt /dev/sde1 16G 7.2G 8.1G 48% /media/PENDRIVE