Linux System, Network, and X Administration

System Administration

Directory Tree

/boot
/root
/etc
/sbin, /usr/sbin
/bin, /usr/bin
/usr
/var

/home

System Startup and Processes

init: is the father of all the Unix processes.
Init creates processes (daemons) from information stored in /etc/inittab.
init -> getty -> login
id:3:initdefault: this sets system init runelve to 3
id:runlevel:action:process

l5:5:wait:/etc/rc.d/rc 5
1:12345:respawn:/sbin/mingetty tty1
x:5:respawn:/usr/bin/X11/xdm -nodaemon

Runlevels:

0: halt
1: single user mode. Press < ctl > < d > to switch to multi user mode. Under lilo: linux single or linux 1; change root password if password was lost.
2 - Multiuser, without NFS
3 - Full multiuser mode
4 - unused
5 - X11 (Full multiuser mode with graphics login interface)
6: reboot
/etc/rc.d/rc: stands for "run command" which is used for starting services at boot time. Services are started and stopped by scripts labeled with the letter "S" or "K" followed by numerical number and string. There are stored under rc.$runLevel. All the scripts should be setup as softlinks from /etc/rc.d/init.d via ln -s. When adding any new services, be sure the softlinks are setup properly.
inetd: stands for Internet daemon. It spawns Internet standard services upon request, and services are specified in /etc/services along with a configuration file named /etc/inetd.conf. (e.g. Pop3 server)
cron: clock daemon which starts a process that executes commands at specified dates and times. It can be updated by "crontab" command.
5 4 * * 6 /usr/lib/newsyslog

minute (0-59)
hour (0-23)
day of the month (1-31)
month of the year (1-12)
day of the week (0-6 with 0=Sunday)

ps and top: processes monitoring

ps aux

USER PID %CPU %MEM SIZE RSS TTY STAT START TIME COMMAND
root  1  0.0 0.0   764  108  ?  S   Nov 6  0:08 init [3]
root 132 0.0 1.0  1844 1256  ?  S  6:37:14 0:00 /usr/sbin/inetd -s
bin  181 0.0 0.0   760   76  ?  S   Nov 6  0:00 portmap
klai 332 0.0 0.2  1468  304  1  S   Nov 6  0:00 -tcsh
klai 455 0.0 0.0  1828  112  1  S   Nov 6  0:00 xinit /home/klai/.xinit

# To send a SIGHUP to a process such as inetd: kill -1 132

File Systems and Memory Monitoring

/etc/fstab
When system comes up, it reads fstab and perform file system integrity checking before mounting the file systems specified in fstab:

/dev/sdb2   /        ext2    defaults         1 1
/dev/sdb5   swap     swap    defaults         0 0
/dev/sdb1   /dos     msdos   defaults         0 0
moon:/pub   /sun     nfs     exec,dev,suid,rw 0 0

clustering

There are many projects in this area.  The purpose is to connect 
multiple computers together in such a way that they behave like a 
single computer. Clustering is used for parallel processing, 
for load balancing and for fault tolerance.  Due to the lower cost
of PCs and high cost of existing clustering solutions, this has drawn many 
interests from academy and vendors.

Memory monitoring: vmstat

 procs         memory (KB)       swap      io      system      cpu
 r b w  swpd  free  buff cache  si  so   bi   bo   in   cs  us  sy  id
 1 0 0     0  4352  5332 27928   0   0    1    0   40   89  14   2  85
 0 0 0     0  4352  5332 27928   0   0    0    0  149   77   0   1  99

Create swap space:
dd if=/dev/zero of=/extra-swap bs=1024 count=1024
mkswap /extra-swap 1024
mke2fs -c /dev/hda2 -i 10240: to create file system with 10k-block (default 4k-block) per inode. Ext2 file system has a 2GB limitation. You may also create a file system on a floppy (mke2fs -t /dev/fd0) or zip drive. You cannot mount a (raw) partition, without making an ext2 file system (cooked). To mount a floopy (cooked), enter mount /dev/fd0 /mnt/floppy -t ext2. For listing out files created on floopy (raw) with tar, enter tar tvf /dev/fd0
fsck -a: file system check
dumpe2fs: File system information such as inodes, superblocks and mount point.
mount /dev/cdrom /cdrom: use rpm -i $PackageNames for installing software. (/dev/cdrom is a softlink points to a hard drive. e.g. hdb )
mount -t msdos /dev/fd0 /mnt: to mount a MSDOS format floppy.

System log

syslogd - supports for system logging and kernel message trapping

/etc/syslog.conf

     *.info;mail.none;authpriv.none    /var/log/messages
     authpriv.*                        /var/log/secure
     mail.*                            /var/log/maillog
     local2.*                          /var/log/ppp

messages: system boot messages
wtmp: "last, and ac" commands
utmp: "finger, who, and w" commands
pacct: "lastcomm, and pac" command
cron: a directory contains cron log
xferlog: ftp
$APACHE_ROOT/logs/access_log: one can use webStat to analyze website traffic.

Managing Users

New users: /etc/{passwd,group,shadow} and /etc/skel/*

passwd
root:x:0:1:0000-Admin(0000):/:/sbin/sh
kloa:x:100:10::/home/klai:/bin/tcsh
nobody:x:101:1001:SunOS 4.x Nobody:/:

group
nobody::1001:nobody,somebody

shadow
klai:nDc48wi2LI/YI:10913:0:90::::

skel: contains default scripts for setting session environment.

Backup

Rule of thumb: back up all the configuration files (under /etc) before making any updates.

tar, cpio, afio: tar cf - . | (cd /backup; tar xf -)
KBackup, taper
Commercial: Bru, , and perfectBackup.

Network Administration

This section primarily focuses on the Internet services related to two major TCP/IP transport protocols: TCP and UDP which uses abstract destination points called ports as communication end points. For establishing a small network, refer to this page regarding fast Ethernet.

Netcfg: is a shell script, which invokes /usr/lib/rhs/netcfg/netcfg.py with GUI interface for hostname, hosts file network interface card and routing configuration. Networking configuration files include: (/etc/hosts, /etc/sysconfig/{network,static-routes},/etc/network-scripts/*)

# ifconfig eth0 10.10.10.1 netmask 255.0.0.0 up #Host connected to the ISP
# ifconfig eth0 10.10.10.2 netmask 255.0.0.0 up #Host not connected to ISP
# route add default gw 10.10.10.1 eth0 #Use the host connected to
ISP as the gateway
# ifconfig eth0:1 192.168.30.128 netmask 255.255.255.0
# route add -net 192.168.1.0 netmask 255.255.255.0 eth0

----------------------------------------------------------
| Network | Netmask | Network Addresses |
| Class | | |
----------------------------------------------------------
| A | 255.0.0.0 | 0.0.0.0 - 127.255.255.255 |
| B | 255.255.0.0 | 128.0.0.0 - 191.255.255.255 |
| C | 255.255.255.0 | 192.0.0.0 - 223.255.255.255 |
| D,E,F | 240.0.0.0 | 224.0.0.0 - 239.255.255.255 |
----------------------------------------------------------

Subnet addressing is used by system administrators in order to
further subdivide an Internet address within an organization.
This will increase the number of subnets with the cost of reducing
number of hosts.

Classless Interdomain Routing:
CIDR provides the mechanisms for breaking networks into "subnets", and
combining networks into "supernets". It uses < prefix, length >
notation. E.g. 172.16.2.0/23

Broadcast address refers to all hosts on the network.
Traditionally all Host ID with all 1s is used as
broadcast address. All 0s refers to "this".

Class A: comprises networks 1.0.0.0 through 127.0.0.0. The
network number is contained in the first octet. This provides
for a 24 bit host part, allowing roughly 1.6 million hosts.
Class B: contains networks 128.0.0.0 through 191.255.0.0; the
network number is in the first two octets. This allows for
16384 (16320) nets with 65534 (65024) hosts each. Lost 2.
Note: 1 class B = 256 class C nets.

Host ID and subnet masks of all 0s and all 1s
are used for broadcasts. So you will lost 2 host
addresses. Class B uses the 3_d byte for
for subnet mask. Two subnets are lost and each
has 255. Therefore 510 host addresses are lost.

Class C: networks range from 192.0.0.0 through 223.255.255.0,
with the network number being contained in the first three
octets. This allows for nearly 2 million networks with up to
254 hosts. Lost 2. (all 1s and 0s)
Classes D, E, and F: addresses falling into the range of 224.0.0.0
through 254.0.0.0 are either experimental, or are reserved for
future use such as

multicast
and don't specify any network.

-----------------------------------------------------------
| RESERVED PRIVATE NETWORK ALLOCATIONS |
-----------------------------------------------------------
| Network | Netmask | Network Addresses |
| Class | | |
-----------------------------------------------------------
| A | 255.0.0.0 | 10.0.0.0 - 10.255.255.255 |
| B | 255.255.0.0 | 172.16.0.0 - 172.31.255.255 |
| C | 255.255.255.0 | 192.168.0.0 - 192.168.255.255 |
-----------------------------------------------------------

Services

DNS server and client. The most popular
DNS server
is BIND
(Berkeley Internet Name Domain) implemented by Internet Software Consortium

To configure a dns client, you only have to update two files:

/etc/resolv.conf & /etc/nsswitch.conf
domain origin.com
nameserver 10.10.10.5

hosts: files dns

To install and configure a dns server, see
this readme for details.
NFS: /usr/sbin/exportfs, /etc/exports

/opt h1.origin.com(ro) h2.origin.com(ro)

Samba: implements

CIFS protocol to provide file and print services for Windows clients.
You may also refer to

the integration of

Samba into MS-Win world.

Sendmail server [25]: the most popular mail transfer agent.
The latest version
may be found under
this site.
Configuration files: /etc/{sendmail.cf,sendmail.cw,aliases}
# file containing names of hosts for which we receive email
Fw/etc/mail/sendmail.cw

# my official domain name
# ... define this only if sendmail cannot automatically determine your domain
Dj$w.origin.com

Pop3 server [110]:
Qpopper supports POP3 protocol for downloading
Internet e-mail using software clients. Qpopper does not
include a message transfer agent or SMTP support.
pop3 110/tcp # Post Office in services file
pop3 stream tcp nowait root /sbin/qpopper qpopper -s # inetd.conf

IMAP [143]: similar to POP3 except IMAP allows allow
users to maintain mail folders on the server.
LDAP server [389]: Lightweight Directory Access Protocol is
a protocol for accessing online directory services.
Both Ldap 3.3
and OpenLDAP 1.2.7 provide
client libraries to
support LDAP feature in sendmail. Netscape has ported

DS4.11 to Linux.
Mailing list server:

majordomo is a full-blown free
mailing list server that is written in Perl
and relatively easy to set-up, it supports moderated lists as well.

Wu-ftp server [21]: the most popular free file transfer protocol
server. Be sure that all the files under the $HOME
of ftp are owned by root. Two configuration files (
/etc/{shells,ftpusers}) are for determining which shells and
which users are allowed to invoke ftp command. Make sure that $HOME/ftp/etc/passwd's password
entry contains "*".
Apache [80]: the most popular
Web server. See

Enterprise Integration Servers for details. In the November 1999 survey,
Netcraft received responses from
8,844,573 sites.
Market Share for Top Servers Across All Domains August 1995 - November 1999
Developer October 1999 Percent November 1999 Percent Change
Apache 4355658 53.67 4847992 54.81 1.14
Microsoft 2023591 24.93 2145461 24.26 -0.67
Netscape 627571 7.73 653800 7.39 -0.34

X Window System

Traditionally, all the X Window System files are stored
under /usr/X11R6/{bin,lib,man,doc,include}.
Configuration information are detailed under this link.
Miscellaneous

Gnome control-center: to bring up Gnome
control-center window, click on the footprint icon. You may
select Settings -> Multimedia -> Sound to enable sound service.
You may have to

reconfigure your kernel to recognize the sound card on your system.
To paly CD, bring up xplaycd under graphics mode (i.e. X11).
control-panel: GUI tool for
general system management such as lilo,
system clock, printer, sound, network, kernel, SW packages installation
and uninstallation.
Note: For configuring parallel port printer, make
sure that the kernel is configured properly. dmesg |grep -i lp
should show which lp port is configured. If no text displayed, remake
kernel with parallel port printer support under the menu of character
device.

If you are running Gnome, click on the foot print of Gnome
panel. Select AnotherLevel -> Adminstration -> Printer Tool.
Click 'ignore' about when an error message appears.
Select 'Add' -> Local Printer -> OK -> OK -> Select Input Filter
-> OK -> OK.

For printing different file formats (such as postscript)
under Unix, you need to install

apsfilter. Apsfilter contains a SETUP shell script
for install and configuring printcap file based upon
a wide selection of different

printers.

CUPS is a web tool for configuring printers including unsupported
printers. Software may be found
here

For HP printers, check this

web site. Apsfilter does not come with a
GUI tool for installation and configuration.
Apsfilter will create a

printcap file which is a cryptic text configuration for printer.

Zip driver also works well under Linux.

Be sure to select built-in in the following items when making
a new kernel (get 2.2.14+):
General Setup -> Parallel port support
SCSI support -> SCSI low-level -> IOMEGA parallel port (ppa - older drives)
IOMEGA parallel port (imm - newer drives)
ppa/imm option - Use slow (but safe) EPP-16
ppa/imm option - Assume slow parport control register

Webmin: Web interface for general system management regarding

tweaking

DNS, sendmail and system reboot.
Reset system clock: /usr/bin/date -> /sbin/hwclock --systohc [--utc]

One may also use rdate and xntpd to set date from remote host.
modem: avoid PCI winmodem.

xminicom -s: Modmem configuration

ppp (point-to-point protocol): for exchanging
IP frames (and others) over a serial link; which is
the standard protocol for connecting to ISPs.
The kernel has to be configured with
ppp module or loaded via "insmod" if you don't want to
recompile the kernel. Refer to this

how to for PPP hook up.
For ADSL
connection, you need

install PPPoe client.
For connecting to worldNet with linux, refer to

this page. There are many other free

ppp tools to make life easier.
There are casese that you may
have to use the latest version of

ppp daemon.

rpm -qa | grep ppp

PPP server configured with CHAP
/usr/sbin/pppd name "webdev" -d connect '/usr/sbin/chat -v -f /etc/ppp/chat-ppp\0' /dev/modem 57600 noipdefault debug modem defaultroute crtscts

where /etc/ppp/chat-ppp0 is something like:
(Be sure to replace 3331112222 to the modem phone number as well and
replacing joe blow to your login name and password.)

'ABORT' 'BUSY'
'ABORT' 'ERROR'
'ABORT' 'NO CARRIER'
'ABORT' 'NO DIALTONE'
'ABORT' 'Invalid Login'
'ABORT' 'Login incorrect'
'' 'ATZ'
'OK' 'ATDT3331112222'
'CONNECT' ''
'ogin:' 'joe'
'ord:' 'blow'
'TIMEOUT' '5'
'~--' ''

/etc/ppp/options:

lock
crtscts
defaultroute
noauth
asyncmap 0xa0000
default-asyncmap

RedHat PPP

sh
gnomeppp or kppp: included in Gnome or Kde desktop

wget: is a neat tool web pages download. For
retrieving a whole web site, you may enter "wget -r http://www.some.com".
The "r" option stands for recursive retrieval. You may also specify what
type of files should be rejected (such as "gif" files.). Once your system
connects to an ISP, you may kick of wget as a batch job without
running X server at all. The next day, you may start up X and netscape
to surf web pages retrieved overnight.

IP Masquerading is a way to share one single
phone line (or DSL/Modem Cable) to the Internet.
You need to set up a private network with a hub/switch (or two modems)
and designate a Linux box running as the gateway which connects to
the Internet via ISP. On the rest of the systems, you need to
configure a default gateway with the IP address of the Linux.
This can be accomplished by
using the 'network' icon under Win/NT or Win98 to configure default
gateway. For other linux boxes, add
an entry such as GATEWAY=IP_ADDRES_OF_THE_LINUX_BOX into
/etc/sysconfig/network or use netcfg to define default gateway.
You then run this

script or

this one
on the gatway (the Linux box connected to the ISP. You have to adjust).
the IP address in the script.)
rdist: for maintaining same copies
of files on multiple hosts.

r host -l remuser rdistd -S

rdist -P /usr/local/bin/ssh -f myDistfile

A sample rdistFile:

HOSTS = ( herHost root@hisHost )
FILES = ( /usr/games /usr/lib )
EXLIB = ( Mail.rc aliases aliases.dir aliases.pag crontab
sendmail.cf )

(${FILES}) -> (${HOSTS})
install -oremove,chknfs ;
except /usr/lib/${EXLIB} ;

${FILES} :: /usr/local/lib/timestamp
notify me@workOnly;

References:

FAQs

T/TCP: TCP for Transactions

NTFS

Linux Docs

Linux HowTo

Basic Administration

Network Linux System Administration links

Printers

Samba

and networking at home

Printer

Printing Summit

LinuxPR

IDE CD-Write

Linux & NT Admin

Remote Administration
Starters for Linux
Journaling Filesystems
JFS
Sendmail on a Firewall
Lpr
PPPoe
Samba
Tripwire
Samba 2.2
DNS
DVD
Samba
Xine
ProcMail for mail filtering
Configuration files
XOSL
Samba
Amanda
KmyFirewal

Developer	October 1999	Percent	November 1999	Percent	Change
Apache	4355658	53.67	4847992	54.81	1.14
Microsoft	2023591	24.93	2145461	24.26	-0.67
Netscape	627571	7.73	653800	7.39	-0.34