1 / 27

Comprehensive Guide to Computer System Administration and User Management

This lecture continues the setup of your computer systems, emphasizing the importance of user management, security, and software packages. You'll learn about the root account's default password management and the significance of changing it. We cover the structure of user accounts, the passwd program, and understanding shadow passwords across different Unix architectures (Solaris, Irix, FreeBSD). Additionally, we delve into system startup processes, managing runlevels, and the use of man pages for Unix system reference. Equip yourself to take responsibility for your systems effectively.

kenna
Télécharger la présentation

Comprehensive Guide to Computer System Administration and User Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture 3 Setup (continued) Computer System Administration

  2. On Your Own • Machines Have/Will be reinstalled • Following Procedure in first 2 lectures • root passwords will be default • No further “interference” from me. • You are responsible for: • Security • Users • Packages/Software

  3. Passwords • The passwd(1) program • Same on all 3 architectures • Change the root password!!!!! • As root can change other users passwords.

  4. /etc/passwd • Database of user accounts • Flat-File • Also standard format • Colon separated • Username • Password (encrypted) • UID • GID

  5. Passwd(5) file format (cont) • GECOS field • Comma Separated • Name • Phone number • Office • Etc... • Home Directory • Shell

  6. Shadow Passwords • Hides the encrypted form of the password. • Root-only access • Solaris • /etc/shadow • Additional information (must update both) • Last change time • Min change time • Inactive time • ...

  7. Shadow Passwords(cont) • Irix • /etc/shadow • Also additional fields (must update both) • Last change • Min change • Inactive • ...

  8. FreeBSD Shadow Passwords • /etc/master.passwd • “master” password file • /etc/passwd is generated from master.passwd • pwd_mkdb • Hashed databases generated • /etc/pwd.db (public) • /etc/spwd.db (shadow/private)

  9. man(1) pages • Unix system self documentation/reference • Sections • Solaris (/usr/share/man/...) • Section 1: User Commands • Section 2: Kernel Functions • Section 3: Library Functions • Subsections: aio, c, curses, kstat, ... • Section 4: File Formats • Section 5: Standards, Environments, Macros

  10. Solaris man(1) Sections (cont) • Section 6: Games and Demos • Section 7: Device and Network Interfaces • Section 9: Device Driver Interfaces • Requesting a specific manpage • man [-s section] page • Search path • man -s 1 passwd • man -s 4 passwd

  11. FreeBSD man(1) sections • /usr/share/man • Section 1: User Commands • Section 2: Kernel Functions • Section 3: Library Functions • Section 4: Device Driver Reference • Section 5: File Formats • Section 6: Games

  12. FreeBSD man(1) sections • Section 7: Misc • Section 8: System Administration Commands • Section 9: Kernel Programming Reference • Requesting a specific section: • Man [section] page • Search path • Man 5 passwd

  13. Irix man(1) sections • Located in /usr/share/catman • Subdivided • a_man: Administrative • g_man: Graphics • u_man: User • p_man: Programming • Sections • Section 1: Shell Commands • Section 2: Kernel Functions

  14. Irix man(1) sections • Section 3: Library Functions • Section 4: File Formats • Section 5: Misc • Section 6: Games • Section 7: Devices • Section 8: System Daemons • Requesting specific sections • man [section] page • Man 4 passwd

  15. System Services • Securing your System • Stop unnecessary services • Tools • ps • netstat • fstat(FreeBSD)/fuser(Solaris/Irix)

  16. Solaris System Startup • Runlevels (man init) • S/s: Single User • 0: Firmware • 1: Administrative • 2: Multi-user mode • 3: Multi-user+Network share • 4: Free • 5: power-off • 6: reboot

  17. Runlevel State Transition • Startup (initdefault 3) • Runlevel 2 • Runlevel 3

  18. Runlevel Scripts • /etc/rc? • /etc/rc?.d • /etc/rc2.d • /etc/rc3.d • Scripts typically linked to their real location in /etc/init.d • Kill Scripts • Begin with K • Executed in alphabetical order • K00foo stop

  19. Runlevel Start Scripts • Start Scripts • Begin with S • Executed in alphabetical order • S99foo start

  20. start/stop scripts • Are ONLY executed on a transition INTO a state • KILL scripts are NOT executed when you leave a state, only the kill scripts of the new state are executed • If you want to have apache only running in runlevel 3 you need to put Kill scripts in any other runlevels (typically 2 and 1)

  21. Disabling Scripts • Delete links and originals in /etc/rc?.d and /etc/init.d • BAD • No record of what was once there, no way to get it back • Delete /etc/rc?.d/[KS]##foo. • Bad • Can retrieve it, but don't know where it goes.

  22. Disabling Scripts (cont) • Rename it • mv S99foo disabled.S99foo • mv K00foo disabled.K00foo • Doesn't start/stop (doesn't begin with K or S) • Keeps a record • Can be reversed

  23. Irix System Startup • Also runlevel/inittab based • You can manage irix processes in the same way • Better way • chkconfig • chkconfig doesn't know about runlevels • Process typically only started/stopped once, in a specific runlevel

  24. Chkconfig • Seeing whats on and whats off • chkconfig -s • Setting state • chkconfig [-f]{variable} {on | off} • -f for a new flag • Create your own! • State stored in /etc/config • One file/variable (same name as variable) • Optionally “variable.options” (stores options for that variable

  25. FreeBSD System Startup • No Runlevels/inittab • Configuration provided by 'rc.conf', similar to Irix chkconfig

  26. rc.conf • rc.conf • /etc/defaults/rc.conf • Read first • information/defaults only • DO NOT EDIT • Will be overwritten by system upgrades/etc • /etc/rc.conf • Read second • Make changes here • Only need to add specific entries for items you want changed

  27. FreeBSD Startup: Customizing • /usr/local/etc/rc.d • local_startup • Run like inittab scripts • Alphabetical • {start | stop} • Must end in “.sh” • Disable via: mv foo.sh foo.sh.disabled

More Related