• Tidak ada hasil yang ditemukan

PDF The Linux System Administrator's Guide

N/A
N/A
Info
Unduh - Bebas
Protected

Academic year: 2024

Membagikan "PDF The Linux System Administrator's Guide"

Copied!
130
0
0

Memuat.... (Lihat teks lengkap sekarang)

Unduh sekarang ( 130 Halaman )

Teks penuh

34;Only two things are infinite, the universe and human stupidity, and I am not sure of the first.” Albert Einstein.

Acknowledgments

Joanna's acknowledgments

Stephen's acknowledgments

Alex's Acknowledgments

Revision History

Source and pre−formatted versions available

Typographical Conventions

Print queue software also merges output to disk, meaning that the text is kept in a file while the job is in the queue. Each different spool has its own subdirectory under /var/spool, for example, the news spool is in /var/spool/news.

Introduction

Linux or GNU/Linux, that is the question

I mention it here because I think it is important to understand the relationship between GNU and Linux, and also to explain why some Linux systems are sometimes called GNU/Linux. Why Linux Should Be GNU/Linux − http://www.gnu.org/gnu/why−gnu−linux.html GNU/Linux Frequently Asked Questions − http://www.gnu.org/gnu/gnu−linux −faq. html.

Trademarks

Most of the basic command-line tools were written by the Free Software Foundation while developing their GNU operating system. Red Hat is a trademark of Red Hat, Inc., in the United States and other countries.

Overview of a Linux System

Various parts of an operating system

Important parts of the kernel

Probably the most important parts of the kernel (nothing else works without it) are memory management and process management. Memory management takes care of allocating memory areas and swap space areas to processes, parts of the kernel and for the buffer cache.

Major services in a UNIX system

  • init
  • Logins from terminals
  • Syslog
  • Periodic command execution: cron and at
  • Graphical user interface
  • Networking
  • Network logins
  • Network file systems
  • Mail
  • Printing
  • The filesystem layout

A more in-depth discussion of kernel internals can be found at http://www.tldp.org/LDP/lki/index.html. When the shell terminates, i.e. the user logs out, or when the login is terminated because the username and password do not match, init notices this and starts a new instance of getty.

Overview of the Directory Tree

  • Background
  • The root filesystem
  • The /etc directory
  • The /dev directory
  • The /usr filesystem
  • The /var filesystem
  • The /proc filesystem

SCSI drives use a sequential sector number (ie the controller translates a sequential sector number to a head, cylinder and sector triplet), and a completely different method for the CPU to talk to the controller, so they are isolated from the problem . A very small program (usually in ROM) that reads a fixed location on a disk (eg the MBR) and transfers control to it.

Hardware, Devices, and Tools

Hardware Utilities

  • The MAKEDEV Script
  • The mknod command
  • The lspci command
  • The lsdev command
  • The lsusb command
  • The lsraid command
  • The hdparm command
  • More Hardware Resources

However, sometimes the MAKEDEV script will not know about the device file you want to create. To use mknod, you need to know the major and minor node numbers for the device you want to create.

Kernel Modules

  • lsmod
  • insmod
  • depmod
  • rmmod
  • modprobe

It is unlikely that the ttyS0 file would not be provided by the MAKEDEV script, but it is sufficient to illustrate this point. More information about what hardware resources the kernel uses can be found in the /proc directory.

Using Disks and Other Storage Media

Two kinds of devices

The first character in the first column, i.e. The `c' in crw−rw−rw− above tells an informed user the type of the file, in this case a character unit. For regular files the first character is `−', for directories it is `d', and for block devices `b'; see the ls man page for further information.

Hard disks

The number of surfaces (or heads, which is the same thing), cylinders and sectors vary greatly; the specification of the number of each is called the geometry of a hard drive. To overcome this, the hard drive controller lies about the geometry and translates the addresses given by the computer into something that matches reality.

Storage Area Networks − Draft

Since Linux often doesn't know the real geometry of a disk, its filesystems don't even try to keep files within a single cylinder. Note that the device files for hard drives allow access to the entire disk, regardless of partitions (which will be discussed below), and it's easy to corrupt the partitions or the data in them if you're not careful.

Network Attached Storage − Draft

  • NFS
  • CIFS

Disk device files are typically only used to access the master boot record (which we'll also discuss below). Does this mean that your Windows 2003 server or your Linux box are NAS servers because they allow access to shared drives over your network.

Floppies

Traditionally, CIFS was used with Microsoft Windows networks, and NFS was used with UNIX and Linux networks.

CD−ROMs

Tapes

Formatting

The badblocks command can be used to search any disk or partition for bad blocks (including a floppy). The initial check for bad blocks can be done with the mkfs command (which initializes the file system), but subsequent checks must be done with bad blocks and new blocks added with fsck.

Partitions

  • The MBR, boot sectors and partition table
  • Extended and logical partitions
  • Partition types
  • Partitioning a hard disk
  • Device files and partitions

This feature should be documented in the disc manual if you're wondering if it's happening. Sometimes it is possible to use a boot partition that is only partially within the first 1024 cylinders.

Filesystems

  • What are filesystems?
  • Filesystems galore
  • Which filesystem should be used?
  • Creating a filesystem
  • Filesystem block size
  • Filesystem comparison
  • Mounting and unmounting
  • Filesystem Security
  • Checking filesystem integrity with fsck
  • Checking for disk errors with badblocks
  • Fighting fragmentation?
  • Other tools for all filesystems
  • Other tools for the ext2/ext3 filesystem

It is designed to be easily upwardly compatible, so that new versions of the filesystem code do not have to remake the existing filesystems. The device file gives access to the raw contents of the disk, the . mounted-on directory gives access to the files on the disk.

Disks without filesystems

It provides direct access to the file system data structures stored on disk and thus can be used to repair a disk that is so broken that fsck cannot repair it automatically. The first dd creates an exact image of the diskette to the floppy−image file, the second writes the image to the diskette.

Allocating disk space

  • Partitioning schemes
  • Logical Volume Manager (LVM)
  • Space requirements
  • Examples of hard disk allocation
  • Adding more disk space for Linux
  • Tips for saving disk space

It is also possible to specify a command line argument for the kernel, after the name of the kernel or operating system. Make the same adjustment to the section titles in the list of Invariant Sections in the combined work's license notice.

Memory Management

What is virtual memory?

The kernel will write the contents of a currently unused block of memory to the hard disk so that the memory can be used for another purpose. A swap partition is faster, but it's easier to resize a swap file (no need to repartition the entire hard drive, and possibly reinstall everything from scratch).

Creating a swap space

Because a gap in a file means that no disk sectors are allocated (for that location in the file), it is not good for the kernel to try to use them. It is best for the size to be a multiple of 4 because the kernel prints memory pages that are 4 kilobytes in size.

Using a swap space

All pages used in the exchange space are redeemed first; if there is not enough physical. Sometimes there can be a lot of swap space in use, even though there is a lot of free physical memory.

Sharing swap spaces with other operating systems

Check (e.g. with free) whether there is enough free memory before taking the swap space out of use. Any swap spaces automatically used by swapon can be removed from use by swapoff; looks in the /etc/fstab file to find what to remove.

Allocating swap space

The buffer cache

If the command is never executed, the data is from the last restart until now. This license is a type of "copyleft", meaning that derivative works of the document itself must be free in the same sense.

System Monitoring

System Resources

  • The top command
  • The iostat command
  • The ps command
  • The vmstat command
  • The lsof command
  • Finding More Utilities

The fifth column is the start time, from date if the process has been running long enough. The seventh column is the cumulative CPU usage (total amount of CPU time used while running).

Filesystem Usage

  • The df command
  • The du command
  • Quotas

If you want to learn more about the command line tools available, Chris Karakas has written a reference guide called GNU/Linux Command Line Tools Summary. It is a good resource for learning what tools exist and how to do many tasks.

Monitoring Users

  • The who command
  • The ps command −again!
  • The w command
  • The skill command
  • nice and renice

If you do not specify a filename, du will work recursively. user@server:~> du −h /usr/local 4.0K /usr/local/games. If you only want a summary of this directory, you can use the −s option. user@server:~> du −hs /usr/local 210M /usr/local.

Boots And Shutdowns

  • An overview of boots and shutdowns
  • The boot process in closer look
    • A Word About Bootloaders
  • More about shutdowns
  • Rebooting
  • Single user mode
  • Emergency boot floppies

If the name of the link starts with a K, the service will be killed (if it is running). When the Document is included in an aggregate, this License does not apply to the other works in the aggregate that are not themselves derivative works of the Document.

Once the kernel has booted itself (been loaded into memory, started running, and initialized all device drivers and data structures and such), it completes its own part of the boot process by starting a user-level program, init. When the system is up properly, init restarts getty for each terminal after a user logs out (so the next user can log in).

Configuring init to start getty: the /etc/inittab file

For other lines it doesn't matter (except for length constraints), but it must be unique. The third field means that the command should be executed again, after it is out (so one can log in, log out and then log in again).

Run levels

The third box means that init should run the command in the fourth box once the runlevel is entered, and that init should wait for it to complete. The command in the fourth box does all the hard work of setting the run level.

Special configuration in /etc/inittab

It starts services that are not already running, and stops services that should no longer be running in the new runtime. You can tell init to go to a non-default runlevel at startup by giving the kernel a command-line argument of single or emergency.

Booting in single user mode

The startup scripts that start running will automatically enter single-user mode if the automatic fsck fails on startup. As a security measure, a properly configured system will ask for the root password before starting the shell in single-user mode.

Logging In And Out

  • Logins via terminals
  • Logins via the network
  • What login does
  • X and xdm
  • Access control
  • Shell startup

The user group database is kept in /etc/group; for systems with shadow passwords there may be an /etc/shadow.group. Most shells first execute a global file, for example the Bourne shell (/bin/sh) and its derivatives execute /etc/profile; additionally, they run .profile in the user's home directory.

Managing user accounts

  • What's an account?
  • Creating a user
    • Picking numeric user and group ids
    • Initial environment: /etc/skel
    • Creating a user by hand
  • Changing user properties
  • Removing a user
  • Disabling a user temporarily

You must make the password field "*" so that it is impossible to log in. In such cases, it is usually not necessary to set the password (last step above).

Backups

On the importance of being backed up

Selecting the backup medium

Floppies are very cheap, fairly reliable, not very fast, very available, but not very useful for large amounts of data. They're usually not very good at availability, but if that's not an issue, they can be better in other ways.

Selecting the backup tool

On the other hand, speed is an issue if the backup cannot be performed when the computer would otherwise be idle. Tapes are cheap to somewhat expensive, fairly reliable, fairly fast, fairly affordable and, depending on the size of the tape, fairly comfortable.

Simple backups

  • Making backups with tar
  • Restoring files with tar

This can be solved by finding and comparing the current file system state with lists of files that have been previously backed up. This can be a big problem if the file has sensitive data that should no longer be available.

Multilevel backups

Note that tar always reads the backup volume sequentially, so for large volumes it is quite slow. The number of tapes for a restore depends on how long you wait between full backups, but it is less than in the simple schemes.

What to back up

Instead, you can use level numbers that are not monotonous, and keep the number of backups you want to restore low. To minimize the number of tapes needed for recovery, you can use a smaller level for each incremental tape.

Compressed backups

Enter on the Title page the name of the publisher of the Modified Version as the publisher. Translation is considered a type of modification, so you may distribute translations of the Document under the terms of Section 4.

Task Automation −−To Be Added

Keeping Time

The concept of localtime

Linux has a timezone package that knows all existing timezones and can be easily updated when the rules change. Other than setting the system time zone and updating files with time zone information, there is no need to worry about the time.

The hardware and software clocks

Showing and setting time

It is used when the system boots, to read the hardware clock and set the software clock. If you need to set both clocks, you first set the software clock with date, and then the hardware clock with clock −w.

When the clock is wrong

While each user may have their own time zone, the time is the same for everyone. On an early Unix system, someone set the clock twenty years into the future, and Cron wanted to execute all periodic commands twenty years at once.

NTP − Network Time Protocol

If you change the clock, it can get confused whether to run the commands or not. In my home, all of our clocks are set based on what my Linux system says the time is.

Basic NTP configuration

You can use that to install NTP, or you can download the source files from http://www.ntp.org/downloads.html and compile them yourself. For example, if you use time-sensitive security software, you could accidentally terminate someone's access.

NTP Toolkit

This will contact the NTP server and determine the time difference, but will not change your system time. If you need to synchronize the system time immediately, you can use the remote server name ntpdate to force synchronization.

Some known NTP servers

NTP Links

Keep all unedited sections of the document unchanged in their text and headings. File System Hierarchy Standard (FHS), File System Layout, Directory Tree Overview, Background File Types.

System Logs −−To Be Added

System Updates −−To Be Added

The front cover should present the full title with all words of the title equally spaced. If there is no section titled "History" in the document, create one by stating the title, year, authors, and publisher of the document as given on its title page, then add an article describing the modified version as stated I.

The Linux Kernel Source

Finding Help

Newsgroups and Mailing Lists

  • Finding The Right Forum
  • Before You Post
  • Writing Your Post
  • Formatting Your Post
  • Follow Up
  • More Information

There are many newsgroups and mailing lists dedicated to Linux, so try to find and use the one that best suits your question. There are also archives of newsgroups and mailing lists and it is entirely possible that your question has been asked and answered before.

IRC

  • Colours
  • Be Polite
  • Type Properly, in English
  • Port scanning
  • Keep it in the Channel
  • Stay On Topic
  • CTCPs
  • Hacking, Cracking, Phreaking, Warezing
  • Round Up
  • Further Reading

If you can't find the right channel, asking in the #linux channel (preferably in English) should help you find the one you're looking for. Don't ask about feats unless you're looking for another way to get kicked out unceremoniously.

PREAMBLE

APPLICABILITY AND DEFINITIONS

A section "Entitled XYZ" means a named subsection of the Document whose title is exactly XYZ or contains XYZ in parentheses after text that translates XYZ into another language. The document may include disclaimers of warranty next to the notice stating that this license applies to the document.

VERBATIM COPYING

The “Title Page” means, for a printed book, the title page itself, plus any subsequent pages necessary to legibly contain the material required to appear on the title page under this License. For works in formats that do not have a title page as such, "Title Page" means the text near the most prominent appearance of the title of the work, preceding the beginning of the body of the text.

COPYING IN QUANTITY

Copying with changes limited to the covers, so long as the title of the document is preserved and these conditions are met, may otherwise be treated as verbatim copying. It is required, but not mandatory, that you contact the authors of the Document well in advance of distributing a large number of copies so that they have an opportunity to provide you with an updated version of the Document.

MODIFICATIONS

You may omit a network location for a work published at least four years before the Document itself, or if the original publisher of the version to which it refers gives permission. You can add a passage of up to five words as cover text on the front page and a passage of up to 25 words as cover text on the back page at the end of the list of cover texts in the modified version.

COMBINING DOCUMENTS

For any section titled "Acknowledgments" or "Dedications", retain the title of the section, and within the section retain all substance and tone of each contributor's acknowledgments and/or dedications given therein. Do not rename any existing section to become eligible for "endorsements" or to conflict with any invariant section.

COLLECTIONS OF DOCUMENTS

In the combination, combine all sections titled "History" in the various original documents and form one section titled "History"; also combine all sections titled "Acknowledgments" and all sections titled "Dedications".

AGGREGATION WITH INDEPENDENT WORKS

TRANSLATION

TERMINATION

FUTURE REVISIONS OF THIS LICENSE

ADDENDUM: How to use this License for your documents

  • 120
  • 122

On most modern Linux systems, the /etc/passwd file does not actually contain password data. MBR, MBR, Boot Sectors and Partition Table. partition table, MBR, boot sectors and partition table partition type, partition types. saves space, Tips to save disk space sectors, Hard disks. fiber channel, Storage Area Networks − Draft. file system, the file system layout, the /usr file system. root), Background, The root file system /bin, The file system layout, The root file system /boot, The root file system.

Referensi

Unduh sekarang ( PDF - 130 Halaman - 848.93 KB )

Garis besar

Partitions Mounting and unmounting Allocating disk space System Resources Boots And Shutdowns Logging In And Out Managing user accounts IRC ADDENDUM: How to use this License for your documents

Dokumen terkait