Certification
System Administration Tools
Copyright © 2003 Red Hat, Inc.
1
Rev RH133-9.0-1
UNIT 6
System Administration Tools
Copyright © 2003 Red Hat, Inc.
2
Rev RH133-9.0-1
UNIT 6: Objectives
Upon completion of this unit you should be able to:
• Configure printing• Perform task automation with at and cron• Configure system logging• Monitor system resources and activities• Perform backup and restore
Copyright © 2003 Red Hat, Inc.
3
Rev RH133-9.0-1
UNIT 6: Agenda
• Printing• Task Automation• System Logging• System Monitoring• Backup and Restore
Copyright © 2003 Red Hat, Inc.
4
Rev RH133-9.0-1
Alternatives
• Multiple services in the distribution may provide the same functions
• alternatives allows the selection of which service is used through a generic name
• Generic name is a link to a link in/etc/alternatives/
• Only the links in /etc/alternatives/ are modified
• Related links can be arranged in a link group
• Master link and slave links
• Link groups have two modes, auto and manual
Copyright © 2003 Red Hat, Inc.
5
Rev RH133-9.0-1
Using alternatives• Systems with alternatives available
• print: /usr/bin/lpr.cups and /usr/bin/lpr.LPRng• mta: /usr/sbin/sendmail.sendmail and /usr/sbin/sendmail.postfix
• alternatives displays and sets link groups• alternatives --display name• alternatives --auto name• alternatives --config name• alternatives --set name path
• redhat-switch-printer{-nox}• redhat-switch-mail{-nox}
Copyright © 2003 Red Hat, Inc.
6
Rev RH133-9.0-1
Print System User Interface• BSD Interface
• lpr, lpq, lprm• System V Interface
• lp, lpstat, cancel• Print Queue Specification
• lpr -P printer• lp -d printer• $PRINTER, $LPDEST
Copyright © 2003 Red Hat, Inc.
7
Rev RH133-9.0-1
CUPS Overview• New IPP protocol based on HTTP/1.1
• Web administration interface on port 631• Can communicate with LPD print servers
• System V and BSD command interfaces• Classes support automatic job redirection and printer
pooling• Authentication by user/host/digital certificate• Log files in web server Common Log Format• Print Queue Design
• program --> lp --> cupsd --> filter --> printer
Copyright © 2003 Red Hat, Inc.
8
Rev RH133-9.0-1
CUPS Configuration Files
• /etc/cups/cupsd.conf• cupsd server configuration file• similar syntax to Apache httpd.conf file
• /etc/cups/printers.conf• print queue configuration file• automatically generated by lpadmin or web
administration interface
Copyright © 2003 Red Hat, Inc.
9
Rev RH133-9.0-1
CUPS Queue Management• lpadmin commands
• Add printer:lpadmin -p PRINTER -E -v DEV
• Set system default printer:lpadmin -d PRINTER
• Delete printer: lpadmin -x PRINTER• Web interface: http://localhost:631/
• To authenticate, user must be a member of theSystemGroup (sys by default) listed in /etc/cups/cupsd.conf
• Connection is not encrypted
Copyright © 2003 Red Hat, Inc.
10
Rev RH133-9.0-1
LPRng Overview• LPRng Features
• RFC1167 (LPD) compliant• BSD and System V command interfaces• Dynamic Job Redirection• Printer Pool Support
• Print Queue Design• program --> lpr --> lpd --> filter --> printer
• configuration files:• /etc/printcap, /etc/printcap.local• lpd.conf• lpd.perms
Copyright © 2003 Red Hat, Inc.
11
Rev RH133-9.0-1
/etc/printcap and redhat-config-printer• /etc/printcap
• print queue configuration file for LPRng• automatically generated by redhat-config-printer
• redhat-config-printer, redhat-config-printer-tui
• /etc/printcap.local• for manually managed printcap entries• automatically appended to /etc/printcap
• checkpc
Copyright © 2003 Red Hat, Inc.
12
Rev RH133-9.0-1
LPRng Queue Management• lpc commands
• status, abort, redo, kill• queue state commands: enable, disable, start, stop, up, down
• scheduling commands: topq, hold, release• queue management: redirect, class
• print filters• printconf (foomatic)
Copyright © 2003 Red Hat, Inc.
13
Rev RH133-9.0-1
Task Automation
• Red Hat Linux provides three facilities• at - Execute a task at a specific time• cron - Execute tasks at scheduled intervals• anacron – Run tasks after prescribed intervals
have passed
Copyright © 2003 Red Hat, Inc.
14
Rev RH133-9.0-1
Using at
• Useful for schedule a single future event• Use cron instead for recurring events
• Use atq, atrm to manage jobs• atq - lists pending jobs (and job IDs)• atrm - deletes pending job by job ID
• Example:$ at 6:00at> mail joe < joe.msg
Copyright © 2003 Red Hat, Inc.
15
Rev RH133-9.0-1
Controlling Access to at
• Use access files• /etc/at.allow• /etc/at.deny
• Contains usernames to whom access is allowed or denied
Copyright © 2003 Red Hat, Inc.
16
Rev RH133-9.0-1
Using cron
• Schedules recurring events• Use crontab to edit, install, and view job
schedules• Syntax
• crontab [-u user] file• crontab [-l|-r|-e]
Copyright © 2003 Red Hat, Inc.
17
Rev RH133-9.0-1
crontab Format
30 6 * * 0 /home/joe/mailmom.sh
CommandDay of Week (0-6)Month (1-12)Day Hour (0-23)Minute (0-59)
Copyright © 2003 Red Hat, Inc.
18
Rev RH133-9.0-1
System crontab Files• Different format than user crontab files• Master crontab file /etc/crontab runs
executables in• /etc/cron.hourly• /etc/cron.daily• /etc/cron.weekly• /etc/cron.monthly
• /etc/cron.d/ directory contains additional system crontab files
Copyright © 2003 Red Hat, Inc.
19
Rev RH133-9.0-1
Controlling Access to cron
• Restrict / allow user access to cron• /etc/cron.allow• /etc/cron.deny
• Contains usernames to allow / deny access for
Copyright © 2003 Red Hat, Inc.
20
Rev RH133-9.0-1
Using anacron
• Does not assume machine is powered at all times.
• Not a daemon like cron• Useful on laptops, workstations
Copyright © 2003 Red Hat, Inc.
21
Rev RH133-9.0-1
The anacrontab file
• Schedules anacron tasks• /etc/anacrontab• Format different from crontab
7 10 weekly.tasks /opt/bin/weekly.sh
CommandLabelDelay (min)Interval (days)
Copyright © 2003 Red Hat, Inc.
22
Rev RH133-9.0-1
Using tmpwatch
• Cleans old files out of specified directories• Useful for keeping /tmp directory from filling
up• tmpwatch is run daily in /etc/cron.daily
Copyright © 2003 Red Hat, Inc.
23
Rev RH133-9.0-1
System Log Configuration
• Centralized system logging• Logging daemons
•Syslogd•klogd
Copyright © 2003 Red Hat, Inc.
24
Rev RH133-9.0-1
System Log Configuration (cont.)
• /etc/syslog.conf• Configures system logging
• /etc/sysconfig/syslog• Sets switches used when starting syslogd and klogd from the System V startup script
• /var/log/messages• File where logged messages are written
Copyright © 2003 Red Hat, Inc.
25
Rev RH133-9.0-1
System Logging
• /var/log/dmesg• Kernel boot messages
• /var/log/messages• Standard system error messages
• /var/log/maillog• Mail system messages
• dmesg• prints contents of kernel ring buffer
Copyright © 2003 Red Hat, Inc.
26
Rev RH133-9.0-1
System Logging - cont
• /var/log/xferlog• FTP transfers using wu-ftpd• vsftpd uses /var/log/vsftpd.log
• /var/log/secure• Security information • System login and network connection info
Copyright © 2003 Red Hat, Inc.
27
Rev RH133-9.0-1
Maintaining Logs• Maintain with logrotate
• Keeps log files from getting too large• Keeps filesystem from filling up
• logrotate is run daily in /etc/cron.daily
• Highly configurable• Configure all logs in /etc/logrotate.conf• Configure individual log files in files within /etc/logrotate.d
Copyright © 2003 Red Hat, Inc.
28
Rev RH133-9.0-1
Monitoring Logs
• Monitor with logwatch• Helps catch problem issues• Detects suspicious behavior
• logwatch is run daily in /etc/cron.daily• Configured in /etc/log.d/conf/logwatch.conf
• Sends nightly email report• Other tools
Copyright © 2003 Red Hat, Inc.
29
Rev RH133-9.0-1
Managing whatis
• The whatis command relies on a database• Database updated with makewhatis
• Updated daily via /etc/cron.daily script
Copyright © 2003 Red Hat, Inc.
30
Rev RH133-9.0-1
System Monitoring and Process Control
• top, gnome-system-monitor - display snapshotof processes
• procinfo - displays information from /proc• vmstat - reports virtual memory stats• iostat - lists information on resource usage,
including I/O statistics• free - summary of system memory usage• renice - change priority of a process• kill - send system signal to a process
Copyright © 2003 Red Hat, Inc.
31
Rev RH133-9.0-1
Backup to Tape
• Red Hat Linux supports many tape devices• IDE tape devices
• /dev/[n]ht0, /dev/[n]ht1, etc.• SCSI tape devices (i.e., DDS, DLT)
• /dev/[n]st0, /dev/[n]st1, etc.• Floppy tape devices
• /dev/[n]rft0, /dev/[n]rft1, etc.
Copyright © 2003 Red Hat, Inc.
32
Rev RH133-9.0-1
Controlling Tape Drives
• Use the mt utility to control tape drive• mt -f /dev/st0 rewind (Rewind)• mt -f /dev/st0 fsf 50 (Position)• mt -f /dev/st0 offline (Eject)• mt -f /dev/st0 erase (Erase)• mt -f /dev/st0 rewoff (Rewind, Eject)
Copyright © 2003 Red Hat, Inc.
33
Rev RH133-9.0-1
Using tar• Originally used for tapes• Also used for creating archive files• Parameter syntax
• Use x to extract from archive• Use c to create from archive• Use v for verbose output
• Example• tar xvf archive.tar
Copyright © 2003 Red Hat, Inc.
34
Rev RH133-9.0-1
Using dump/restore
• Back up and restore ext2/3 filesystems• Does not work with other filesystems
• Can do full or incremental backups• Example
• dump -0u -f /dev/nst0 /dev/hda2• restore -rf /dev/nst0
Copyright © 2003 Red Hat, Inc.
35
Rev RH133-9.0-1
Using cpio
• Similar to tar• Does not recurse directories by itself• Piping output from find into cpio is common
• Example• find /tmp | cpio -ocv > /dev/nst0
Copyright © 2003 Red Hat, Inc.
36
Rev RH133-9.0-1
Remote Backups
• dump and tar can use rmt (remote tape mgr)• dump -0uf joe@svr:/dev/nst0 /home• Use user@host:path format to specify the
remote user, host, and device.• dump can use ssh for secure backups when RSH
environment variable is set to ssh• i.e., ($ RSH=ssh)
Copyright © 2003 Red Hat, Inc.
37
Rev RH133-9.0-1
Other Backup Software
• Higher-level applications for tape backup include:• Amanda
• Highly-scalable command-line client-server archiver included with Red Hat Linux
• Commercial applications• Arkeia, Bru, Veritas (client), UNiBACK, ArcServe
Copyright © 2003 Red Hat, Inc.
38
Rev RH133-9.0-1
End of Unit 6
• Questions and answers• Summary
• Configuring Printing• Task Automation• Configuring System Logging• Performing System Monitoring• Backup and Restore