Intel Day2

8/2/2019 Intel Day2

http://slidepdf.com/reader/full/intel-day2 1/92

Introduction to Linux

Administration & ProgrammingIntel, Hillsboro, OR

Jan 17 2012

8/2/2019 Intel Day2


2

Content

Users and files

Managing files

Managing useraccounts

Processes &resource monitoring

ManagingProcesses

File Servers Web servers

Troubleshooting &Support

Linux Administration

8/2/2019 Intel Day2


Linux Administration 3

Linux File System

tmp bin usr var etc dev

binlib

/

local spool

Somewherefor localadditions

Libraries,some utilitiesand config.files

Spool filesfor batchutilities

Admin utilitiesconfig. files

Specialdevice files

Somewhereeveryonecan use

Utilities

Systemprograms

The top-level ―root‖ directory

lib

Systemlibraries

8/2/2019 Intel Day2



File System Details System Executables: /sbin, /usr/sbin, …

User Executables: /bin, /usr/bin, /usr/local/bin

Other mount points: /media, /mnt

Configuration: /etc, /dev

Kernels, Bootloader: /boot

Shared Libraries: /lib, /usr/lib, /usr/local/lib

Server Data: /var, /srv Temporary Files: /tmp

8/2/2019 Intel Day2



Special Directories

Home Directories:

/root

/home/username System Information:

/proc, /sys (virtual file system)

Optional software: /opt

8/2/2019 Intel Day2



Changing Directories

pwd – displays your current working directory

cd changes directories

Examples: cd project/docs

cd ..

cd or cd ~ [takes you your home directory] cd – takes you to your previous working

directory

8/2/2019 Intel Day2



Listing Directory Contents

Listing files in current or specifieddirectory:

ls [options] [files_or_dirs]

Examples:

ls -a (include hidden files)

ls -l (display extra information) ls -R (recurse through directories

8/2/2019 Intel Day2



Copying Files & Directories

cp - copy files and directories

Usage:

cp [options] file destination

More than one file may be copied at atime if the destination is a directory:

cp [options] file1 file2 dest

8/2/2019 Intel Day2



Moving/Renaming Files & Dirs

mv - move and/or rename files &directories

Usage: mv [options] file destination

More than one file may be moved at a

time if the destination is a directory: mv [options] file1 file2 destination

8/2/2019 Intel Day2



Creating & Removing Files

touch - create empty files or update filetimestamps

rm - remove files

Usage:

rm [options] <file>...

Examples:

rm -i file (interactive)

rm -r directory (recursive

8/2/2019 Intel Day2



Creating & Removing Directories

mkdir creates directories

rmdir removes empty directories

rm -r recursively removes directorytrees

8/2/2019 Intel Day2



Navigating Filesystem Using Nautilus

(Gnome graphicalfilesystem browser)

Click on―Computer‖ icon

or

―Applications‖,―System Tools‖,

―File Browser‖

8/2/2019 Intel Day2



Moving & Copying in Nautilus

Drag-and-Drop

Drag: Move on same filesystem, copy on

different filesystem Drag + Ctrl: Always copy

Drag + Alt: Ask whether to copy, move or

create symbolic link (alias) Context menu

Right-click to rename, cut, copy or paste

8/2/2019 Intel Day2



Removable Media

Mounting means making a foreignfilesystem look like part of the main tree.

Before accessing, media must be mounted Before removing, media must be

unmounted

Mountpoints are usually under /mediacan also be defined in /etc/fstab

8/2/2019 Intel Day2



Mounting CDs / DVDs

Automatically mounted in Gnome/KDE

Otherwise, must be manually mounted

CD/DVD Reader

mount /media/cdrom

CD/DVD Writer

mount /media/cdrecorder

eject command unmounts & ejects thedisk

8/2/2019 Intel Day2



Mounting USB Media

Detected by the kernel as SCSIdevices: /dev/sdaX or /dev/sdbX or

similar Type: tail /var/log/messages to find out

Automatically mounted in Gnome/KDE

Icon created in Computer window Mounted under /media/Device ID

8/2/2019 Intel Day2



GUI User Mount Tool

Run from ―Applications‖,

―System Tools‖, ―Disk

Management.‖

Allows you to mount or

dismount drives orpartitions.

8/2/2019 Intel Day2


18

Filesystem Management

Creating and Managing Partitions

fdisk

Disk druid

Mounting partitions

mount /dev /mnt

umount /dev or /mnt

/etc/fstab


8/2/2019 Intel Day2


19

Filesystem Basics & Attributes

change directory: cd .. / dir pwd

create/del directories: mkdir rmdir

copy/move files: cp rm mv

list files: ls –la dir

change attributes: chmod chown chattr


8/2/2019 Intel Day2


20

Filesystem Creation

Owner

Group

Everyone else


8/2/2019 Intel Day2


21

Ext3: Journaling for Ext2

Filesystems /.journal hidden file

Writes buffers to hard drive during

intervals

Can be configured with e2tunefs


8/2/2019 Intel Day2


22

The Filesystem Hierarchy

/

/boot

/etc /dev

/bin /lib /sbin

/root /home

/usr /opt

/tmp /var


8/2/2019 Intel Day2


23

Mount Options & Configuration

mount –t type /device /mountpoint

Can be specified in /etc/fstab

Can be automounted

‗man mount‘ for list of ‗options‘


8/2/2019 Intel Day2


24

Connecting to Network Shares

NFS

mount server:/share /mountpoint

umount /mountpoint

SMB/CIFS

smbmount server:/share /mountpoint

smbumount /mountpoint


8/2/2019 Intel Day2


25

Unmounting Filesystems

umount /mountpoint

umount /device


8/2/2019 Intel Day2


26

The Auto-Mounter

Based on the autofs daemon

Uses /etc/auto.master config file and

/etc/auto.misc Or from command line:

automount [options] mount-point map-

type[,format] map [map-options]


8/2/2019 Intel Day2


27

Swap partitions

Used for temporary storage of programmemory

2-3x available RAM Partition type 83


8/2/2019 Intel Day2


28

Determining Filesystem Usage

mount

df –h

du -h

quota

repquota


8/2/2019 Intel Day2


29

Adding a Drive

Physically connect drive

Run fdisk, create partitions

Reboot

Format partitions

Edit /etc/fstab

Test it

Ready to use!


8/2/2019 Intel Day2



Hands-on Lab 1a Exploring RedHat Linux Services

From command line type:

top (press h, q after reading screens)

w [integrated who / uptime]

whoami

ps ax [list all active processes] pstree

8/2/2019 Intel Day2



Hands-on Lab 1b From command line type:

su -

service http start service http status

Or ―ps ax | grep httpd‖

killall httpd

8/2/2019 Intel Day2


32

Linux Processes


8/2/2019 Intel Day2


The init Program

Once the kernel has started /sbin/init

Can be configured for either BSD or SYSV boot

init is controlled by the file /etc/inittab

Each line of /etc/inittab has four colon-separated fields

Lines starting with # are comments

1. unique one-to-four –character label

2. list of run levels

3. an action

4. command to execute on entering the run level

33Linux Administration

8/2/2019 Intel Day2


Run Levels When Linux starts up or shuts down, it jumps to a

run levelRun Level 0 Halt

Run Level 1 or S Single-user

Run Level 2 Multiuser without networking

Run Level 3 Full multiuser

Run Level 4 Unused

Run Level 5 X11

Run Level 6 Reboot


8/2/2019 Intel Day2


A SYSV-Style /etc/inittab

# The default run levelid:5:initdefault:

# System initialization.si::sysinit:/etc/rc.d/rc.sysinit

# do the SYSV stuffl0:0:wait:/etc/rc.d/rc 0l1:1:wait:/etc/rc.d/rc 1l2:2:wait:/etc/rc.d/rc 2l3:3:wait:/etc/rc.d/rc 3l4:4:wait:/etc/rc.d/rc 4l5:5:wait:/etc/rc.d/rc 5l6:6:wait:/etc/rc.d/rc 6

# Trap CTRL-ALT-DELETEca::ctrlaltdel:/sbin/shutdown -t3 -r now

# Run gettys in standard runlevels1:12345:respawn:/sbin/mingetty tty12:2345:respawn:/sbin/mingetty tty2

# run a display manager in run level 5x:5:respawn:/usr/bin/kdm -nodaemon


8/2/2019 Intel Day2


The System Initialization Script

A SYSV init program runs a systeminitialization script

Usually /etc/rc.d/rc.sysinit

Critical

Errors in the script may prevent the system frombooting

Edit the file with extreme caution!


8/2/2019 Intel Day2


Startup and Shutdown Scripts

Each run level has a directory of scripts

Run Level 2 scripts are in /etc/rc.d/rc2.d

When a run level is entered

• All K##name scripts are called with a parameter stop• All S##name scripts are called with a parameter start

K and S scripts should be symbolic links to scripts in

/etc/rc.d/init.d

Simplest place to add new things that need tobe done at startup is /etc/rc.d/rc.local


8/2/2019 Intel Day2


Startup & Shutdown Example

Each program or group of programs has severalentries:/etc/rc.d/init.d/sendmail

Its symbolic links/etc/rc.d/rc0.d/K30sendmail

/etc/rc.d/rc1.d/K30sendmail

.../etc/rc.d/rc5.d/S80sendmail

/etc/rc.d/rc6.d/K30sendmail


8/2/2019 Intel Day2


Chkconfig Tool Manages boot scripts Some keywords are placed in the master script

in the /etc/rc.d/init.d directory

The following example creates S90 scripts for runlevels 3, 4, and 5 and K10 scripts for all other runlevels—they are comment lines in the script:# chkconfig: 345 90 10

# description: Description of the software


8/2/2019 Intel Day2


Chkconfig Example

K and S links are created using

chkconfig --add file

K and S links are removed usingchkconfig --del file

Settings can be viewed using

chkconfig --list file


8/2/2019 Intel Day2


System Shutdown

Linux, like any multitasking operatingsystem, needs to be shut down properly toensure that

All data is correctly written to disk

Network connections are released

Programs delete their temporary files

All disks have been unmounted or remountedread-only


8/2/2019 Intel Day2


Shutdown to Turn off

Shutting down for halt

shutdown -h [ -t seconds ] now init 0

halt


8/2/2019 Intel Day2


Shutdown to Reboot

Shutting down for reboot

shutdown -r [ -t seconds ] now

init 6

reboot


8/2/2019 Intel Day2


Software Updates


8/2/2019 Intel Day2


Packages

Integrated archive and installation process

Consist of an archive containing

Software either in another archive or as adirectory structure

Scripts to manage the installation

Allow a package to be removed cleanly


8/2/2019 Intel Day2


Packages & Distributions

Some example packages:

Debian .deb packages

Red Hat Package Manager (RPM) .rpm

packages

It is used by Suse, CentOS, ...

An RPM has a fixed format: package-version-tries.arch.rpm

gcc-2.95.2-1.i386.rpm


D

8/2/2019 Intel Day2


RPM Package Queries

List all installed packages

rpm -qa | less

List the version of a package

rpm -qi net-tools

List the contents of an installed package

rpm -ql net-tools | less

Find a package‘s dependencies

rpm -qR net-tools

DoNow!


8/2/2019 Intel Day2


RPM Package Usage Install a package

rpm --install package.rpm

rpm -ivh package.rpm

Upgrade a packagerpm --upgrade package.rpm

rpm -Uvh package.rpm

Erase a package

rpm --erase package


8/2/2019 Intel Day2


RPM Package Creation

To create an RPM package you need:

archives containing the source code that mustbe in the directory /usr/src/redhat/SOURCES

A specification file that instructs RPM how tobuild and install the software

The package is built by passing the specificationfile to RPM: rpmbuild – bb package.spec


8/2/2019 Intel Day2


Archives: tar

tar files

Tape archive files have file extension of .tar

Sometimes compressed .tar.Z

Or compressed with gzip .tar.gz or .tgz

Or compressed with bzip2 .tar.bz2


8/2/2019 Intel Day2


Archives: tar file use

GNU tar has a z option that directly supportscompress and gzip compression

GNU tar has a j option that directly supports

bzip2 compression

Archives usually contain a directory structurethat is extracted into the current working

directory


8/2/2019 Intel Day2


Tar Archive Extract Listing tar files

tar tf archive.tar

Extracting tar files

tar xvf archive.tar

Extracting compressed tar files

tar jxvf archive.tar.bz2

tar zxvf archive.tar.gz


8/2/2019 Intel Day2


Tar Archive Create Creating tar files

tar cvf archive.tar files

Creating compressed tar files

tar jcvf archive.tar.bz2 files

tar zcvf archive.tar.gz files


8/2/2019 Intel Day2


8/2/2019 Intel Day2


Digital Signatures & Encryption

Use encryption to validate files:

A message digest (or the wholefile) can be encrypted with the

originator‘s secret key

The file, the encrypted hash, andthe originator‘s public key

together can validate the file‘sauthenticity


8/2/2019 Intel Day2


Digital Signatures Illustrated

apache_1.3.20.tar.gz

The archiveThe hash

49255234

MD5 The encrypted hashRSA

AhF6Z789

Private keyencrypt

apache_1.3.20.tar.gz

The downloaded archive

The hash?

49255234RSA

Public keydecrypt

The encrypted hash?MD5

If both hashes are identicalthen the archive is genuine!

AhF6Z789


8/2/2019 Intel Day2


RH253-57

OpenSSH Overview

A secure replacement for ftp, telnet, rsh,rlogin

Available from www.openssl.org The OpenSSL Project is a collaborative

effort to develop an Open Source toolkit

implementing SSL v2/v3 & TLS v1


http://www.openssl.org/

http://www.openssl.org/

8/2/2019 Intel Day2


RH253-58

The OpenSSH

Generating a Certificate & Key in thePEM Format:

cd /usr/share/ssl/certs make give_me_a_name.pem


8/2/2019 Intel Day2


RH253-59

OpenSSH Authentication

# Provides encryption services forapplications without modifying the application.

# Uses public key encryption openssl req -new -newkey rsa:1024 -nodes

-x509 -keyout /tmp/key -out /tmp/cert

cd /usr/share/ssl/certs

make stunnel.pem


8/2/2019 Intel Day2


RH253-60

Protecting Your Keys

Your keys are encrypted with yourpassphrase

Do NOT share your passphrase withanyone


8/2/2019 Intel Day2


RH253-61

Applications: RPM

Import signature from vendor, CD ROMor web site

Red Hat.key verifying signatures from signature db

rpm –checksig package


8/2/2019 Intel Day2


62

User Administration


8/2/2019 Intel Day2


63

User Policy Considerations

The Unix security model is very simple:

Files & processes are ‗owned‘ by a specific

user or group root is the super user

Other accounts are for services (nointeractive login) or real users


8/2/2019 Intel Day2


64

The User Account Database

All accounts are defined in /etc/passwd

Format:

username:password:userid:groupid:description:homedir:loginshell

For security, real password is stored at /etc/shadow


8/2/2019 Intel Day2


65

Adding a New User Account

Use vi /etc/passwd and add account

Use useradd script

useradd username Creates /home/username

Assigns bash as default shell

Copies /etc/skel scripts to /home/username


8/2/2019 Intel Day2


66

Modifying/Deleting Accounts

Usermod username

set an expiration date

Userdel username

redhat-config-users or Main Menu |

System Settings | Users and Groups.


8/2/2019 Intel Day2


67

Group Administration

A group is a logical placeholder foraccounts

Is defined in /etc/group Commands available

groupadd

groupdel groupmod


8/2/2019 Intel Day2


68

Switching Accounts

It is recommended to run as a user formost operations within a server

If certain operations require supervisoraccess, use the su user command

Root can test certain scripts by temporally

becoming a user: su –

user To return to normal account, type exit


8/2/2019 Intel Day2


69

File Ownership

A file is owned by a user or group

Commands:

chown, chmod, chattr

If you type the ls –l command you getsomething like:

-rw-rw-r-- 1 sam grp 1 Apr 19 filex

Where sam is owner, grp is group


8/2/2019 Intel Day2


70

Linux File Permission

First char is:

- file

‗d‘ directory ‗l‘ link to another file or device

in the following three sets, you will see:

r — file can be read w — file can be written to

x — file can be executed (if it is a program)


8/2/2019 Intel Day2


71

Default File Permissions

umask –S shows current filepermissions in the form: -rw-r--r –

Use umask to change defaults

When creating files, by default, the

name of your group is the same as yourlogin name


8/2/2019 Intel Day2


72

SUID / SGID Executables

Set User ID / Set Group ID

if the SUID bit is set for any application

then your user ID would be set as thatof the owner of application/file ratherthan the current user, while running that

application chmod +s file


8/2/2019 Intel Day2


73

User Private Groups

When creating accounts in Red Hat,each user belongs to its own group

(private group) By default, they are the only member of

that group


8/2/2019 Intel Day2


74

Filesystem Quota

It‘s a kernel feature (has to be enabled)

Check if quota is installed: rpm -qi quota

/usr/sbin/edquota name Edits the quotasettings for user name

/sbin/quotaon /fs Enables quotas for the

/fs filesystem. /usr/bin/quota show resource use


8/2/2019 Intel Day2


Linux Servers

File Server (NFS, FTP or SMB)

Email Server

Web Server (http & https) Squid Web Proxy

Application Server

Database Server


8/2/2019 Intel Day2


Hypertext Transfer Protocol (HTTP)

httpd is a daemon that handles incoming

HTTP connections

Started from boot scripts

Configured using the file conf/httpd.conf


8/2/2019 Intel Day2


Apache Use

Source: Netcraft www.netcraft.com


8/2/2019 Intel Day2


Web Site Directories

Internet/ intranet

GET /index.html

Host: www.apache.org

...

<Blank Line>

httpd

HTTP/1.1 200 OK

Server: Apache/2.0.48

Date: Wed April 16

Content-Type: text/plain

Content Length: 150

<Blank Line>

Contents of /index.html

/webpages/htdocs/index.html

/index.html

/webpages/conf/httpd.conf


8/2/2019 Intel Day2


A Minimal Apache

conf/httpd.conf is as follows:

These directives are sufficient to ensure that ourserver will run

User webuser

Group webgroup

Listen 80

ServerName www.mydomain.com

DocumentRoot /webpages/htdocs/


8/2/2019 Intel Day2


Basic Server Directives By running httpd as apache/webgroup, the

number of files and directories that can be reador modified from HTTP requests are limited

User apache

Group webgroup

We respond to requests directed to this servername

In this example, www.mydomain.com


http://www.mydomain.com/

http://www.mydomain.com/

8/2/2019 Intel Day2


Apache can host several different Web sites

The DNS must resolve multiple hostnames to

the same IP address Apache must be configured to support multiple

hosts in conf/httpd.conf

This is called virtual hosting

Virtual Hosting


8/2/2019 Intel Day2


Virtual Hosting Setup

NameVirtualHost 10.0.0.1<VirtualHost 10.0.0.1>

ServerName www.mydomain01.com

DocumentRoot /www/docs/host01</VirtualHost>… <VirtualHost 10.0.0.1 >

ServerName www.mydomain09.comDocumentRoot /www/docs/host09

</VirtualHost>


8/2/2019 Intel Day2


83

Troubleshooting Guidelines

If it‘s not broken, … don‘t fix it!

If it becomes broken & used to work…

find what was the last configuration change what is running that could be causing the

problem

what is NOT running


8/2/2019 Intel Day2


84

Troubleshooting X

The newers X servers generates adebug log at /var/log/XFree86.log

Look for configuration or missing fileserror messages

Try X by itself


8/2/2019 Intel Day2


85

Troubleshooting Services

open another xtem window

type: tail –f /var/log/messages

from another xterm, stop & start service,look into the scrolling messages forerror messages


8/2/2019 Intel Day2


86

Troubleshooting Networking

Is network up (try ifconfig)?

if no: look for network module or

disconnected cable! if yes: then, can you connect to you

network?

if no, misconfigured gateway or DNS server


8/2/2019 Intel Day2


87

Troubleshooting Boot Problems

Kernel panic occurs when some devicesor hardware functionality are missing;

read into messages to identify problem Rescue CD becomes handy!


8/2/2019 Intel Day2


88

Filesystem Corruption

Normally e2fsck is run after x reboots

Serious crashes will require manual

intervention (runn level 1) e2fsck should be run from an

unmounted filesystem


8/2/2019 Intel Day2


89

Recovery Run-levels

runlevel 1: single user

boot: linux 1

init 1


8/2/2019 Intel Day2


90

Rescue Environment Utilities

boot device w/device drivers

vi (to edit passwd or fstab)

e2fsck rescue CD : be aware that rescue CD

puts your standard root directory (/) as

mounted on /mnt/sysimage you can: chroot /mnt/sysimage


8/2/2019 Intel Day2


8/2/2019 Intel Day2


Summary

Users and files

Managing files

Managing useraccounts

Processes &resource monitoring

ManagingProcesses

File Servers

Web servers

Troubleshooting &Support

Date post:	05-Apr-2018
Category:	Documents
Upload:	amikeliunas
View:	223 times
Download:	0 times

Intel Day2

Documents