System Admin Class Spring 2006 HW5/Lab - 30 points (part A- 20 points part B- 10 pionts) Due 2 weeks after last lab class dealing with hw5 Your Name ________________________________________ Follow all the below steps, and answer the questions. Type up your answers neatly. There are two parts to this assignment..Part A and Part B. Part A you will do on your own. Part B we will do together in class!!! ------------------------------------------------------- Notes: -in some of the below examples, under X windows, you will have to open up multiple X terminal windows..thats easy by Right clicking the mouse on the background screen and selecting "New Terminal". -BE VERY CAREFUL when editing files. You have to be exact. Spacing has to be exact. You cant add extra black lines at the end of the file. Be careful and precise. If you mess up a system file, you system may not reboot or let you login and you would have to re-install from scratch. Be careful! The easiest editor to use, is emacs. -when typing in commands, you also need to be exact. Unix is case sensitive. Spacing matters. Syntax is exact. Also, when you want to abort a command or something that is running, a control-c or control-d often works (or using the word "quit" or "exit" at a prompt) ------------------------------------------------------- Unix System Administration: This lab should give you a better understanding, and hands on experience with various system administration duties and commands (all of which was discussed in class last week..and is in your book). This is a long lab. You can do Part A on your own. Part B you MUST wait for me and we will do it together as a group. Part B can cause problems with your systems (so you wont be ever able to sign back on) if done incorrectly. If that happens, you will have to come in on your own time to reinstall everything from scratch. I WILL TAKE ROLL TO MAKE SURE EVERYONE IS PRESENT FOR PART B..IF NOT YOU WILL LOSE POINTS ON THIS HW! Note: With System Administration in mind, the main tools/settings a system admin needs to access under Linux can be found under the start button (red hat): red hat --> System Settings red hat --> System Tools red hat --> Logout The last item, Logout, allows you to logout, shutdown or reboot the system. You saw this in a previous lab. System Tools gives access to various useful system admin gui tools. Of course, in these labs you learn BOTH the gui tool approach, and the command line approach. Both are very useful for a unix system admin. Finally, System Settings allows access to various settings (like time/day) and be able to make changes. These are the areas we will be focusing on below. --------------------------------------------------------------- PART A 1. booting up This describes what happens on a linux system, during boot up. Every system admin should have a feel on how a system boots up and shutdowns (you practiced various shutdown/halt commands in the last lab). First you will see Grub, the linux loader, giving you a choice of what to load (in case of dual booting and such). It states "Now booting kernel". Detects hard drives, floppy and ram. INIT Booting (we talked bout the init process in class) Next it runs thru various checks on the partitions/file systems then mounts them. This include /, /var, /boot, /usr, and others. Enable Swap Space (swap space turned on) INIT: Entering Run Level 5 (from /etc/inittab) Starting: crond inetd named lpd nfsd sendmail syslogd httpd etc... (thus starting various daemons) Update /etc/fstab (with partition info). Turns on networking. Red Hat Linux and login: prompt. Just watch and learn every time you boot up..... Every system admin should know about how the system starts up and shuts down. (no questions or answers in question 1) 2. xinetd - superdaemon. This is a special daemon (inetd/xinetd) that starts up other daemons as needed. xinetd listens to incoming connections on various ports (like on the telnet port or ftp port) and if it sees someone trying to connect to one of these ports, it calls and wakes up the appropriate daemon (like telnetd or ftpd). Q. what other daemons does inetd control (look in /etc/xinetd.conf and the /etc/xinetd.d directory)? Open another terminal window, and try telneting to yourself "telnet localhost" or "telnet lab23.rutgers.edu" or "telnet lab23" or "telnet 127.0.0.1". (assuming you are lab23) note - 127.0.0.1 is a special ip addresses that refers back to yourself...the same with the name "localhost", both mean your own local machine. note2- you can normally telnet to yourself, but most versions of unix dont allow you to login via root through a telnet sessions. For security reasons. You can login as a different user, but not root. root can only login via the console directly (not via telnet). Q. What happens? Do you get a login prompt? if you look into /etc/xinetd.d directory, you will see a file there called "telnet". Pull that into the editor. cd /etc/xinetd.d emacs telnet The last line where is says 'disable' controls whether xinetd will enable or disable the telnet deamon. Make sure its set to "no". Then save the file and get out of the editor. Now we need to restart the xinetd daemon, so that it reads its configuration file. You can check to see if the daemon is running by doing a "ps -ax | grep xinetd". We could kill it using the kill command, but lets handle this a better way.. (you can also restart the daemon by rebooting the whole system, but thats a bit crude). The xinetd deamon itself is started at boot times from the /etc/rc scripts. Go to /etc/rc3.d and do a "ls". You will see a file there that controls xinetd called "S56xinetd". Look at the file, its just a shell script: more S56xinetd You can use this script to control the xinetd daemon in various ways, like (DONT TYPE THIS IN YET) ./S56xinetd stop ./S56xinetd start ./S56xinetd status ./S56xinetd restart (you would need to type the above exactly ...including the leading . and slash) So lets stop the daemon, type in: ./S56xinetd stop Check to make sure its stopped "ps -ax | grep xinetd" Q. IS is still running? (hopefully no) Next, lets restart it: ./S56xineted restart Check using "ps -ax | grep xinetd" Q. Did it restart ? (hopefully yes) Now, in the other terminal window, try "telnet localhost". Q. What happens now? Why? Did you get the login prompt now? Thus inetd/xinetd is another way for jobs to start up, and thus something that the system admin has to be aware of as well. Normally its used for controlling network daemons like telnet, ssh and ftp. So thats the super daemon, inetd/xinetd, as we discussed in class. 3. log files System admins also have to monitor systems for problems and check logs... Look in /var/log/messages (a log file, text file, with lots of info). Q. What type of information do you see logged? Give some examples? Next enter the "last" command (this command reads a log file /var/log/lastlog, which is in binary format..and thus cant be read directly). Q. What does the "last | more" command show you? Give some examples. What does this mean? 4. mount / umount local hard drive partitions/file systems Disk space management is another major task of a system admin. This includes not only watching the amount of disk space in each partitions (via "df"), but also mounting and unmounting partitions (bringing them online and offline). First, use the "df" command to find the location (on disk) of the /home partition (it may be something like on /dev/hda8). Q. Where is the /home partition located at on disk? Q. How full is it (what is its capacity)? As root, go to the /home partition and look whats there: cd /home ls -l Q. What do you see? Next create a directory for stan : mkdir stan ls -l You should now see the directory called "stan". Now, go to the top of the root partition: cd / Create a directory called "xyz". (mkdir xyz) Go into this directory and look around. cd /xyz ls -l Q. What do you see? (Should be nothing...) Q. Why is nothing there? Go back up to the root location. cd / Next un-mount the /home partition. (this disconnects the partition from the unix tree structure..in other words, this hard drives partition is no longer connected to the system). umount /dev/hda3 (whatever partition corresponds to /home, you can use the 'df' command to see this) or umount /home Now go back into /home: cd /home ls -l Q. Is anything there? Why not? Next, remount this /home partition under /xyz (the empty directory from above, this is your mount point). cd / mount /dev/hda3 /xzy cd /xyz ls -l Q. What do you see now, in the /xyz directory? Why? Finally, just unmount the /dev/hda3 partition (or whatever partition that corresponds to /home). umount /dev/hda3 5. fsck fsck is the file system check that is run when the system boots up and can also be run manually. Its purpose is to check (and fix if needed) various file systems. Try running fsck on your /home partition (whatever /dev/hd it is located at...see above). fsck /dev/hda3 (for example, wherever home is). Q. What does it say? Try running fsck on a non-existent partition fsck /dev/hdb3 Q. What does it say? Try running it on a currently mounted partition, like /var. (dont actually go ahead with this..just try to start it up) Q. What does it say? 6. Look also under System admins have to be aware of all ways system jobs can start up, via inetd/xinetd, via cron, or on bootup. /etc/rc.d directory, where all startup and shutdown scripts are located. cd /etc/rc.d ls -l cd rc3.d ls -l | more note - the K scripts are kill scripts that kill running daemons on shutdown and the S scripts are used to startup jobs on bootup. rc3.d control jobs when entering run level 3 (multi-user mode) Q. look closely at S90crond. What type of script is it (shell script or perl or c program)? What are the different actions/options can you call the script with (listed within the script, like "start", "stop", etc..). 7. tar Tar is a handy tool for system admins, often used for tape backups or to install software. We are going to get some practice with the tar command (tape archival, which can be used to backup files to tape or to create a single file called a tarfile or tarball). We are also going to get practice compressing/uncompressing files. This is useful for backups, AND also handy when installing new software (that often comes in a compressed tar file format). Lets tar up the /etc directory, into a tarfile (tarball), called file.tar cd / ls -l file.tar Q. Does the file, "file.tar" exist yet? Next, type in the following command: tar -cvf file.tar etc Q. What do you see happening on the screen? What do the options "cvf" mean? (see "man tar" if not sure) Take a look at the tarfile: ls -l file.tar Q. What is its size (in meg)? Next lets get a table of contents of this tar file: tar -tvf file.tar Q. What do you see happen on the screen? How does this listing differ then the previous (what other info is shown)? Thus note when you create a tar file, it includes not just the files and data, but also other info about every file (permissions, ownership, group, etc..) Lets compress/zip the file: gzip file.tar (be patient, this takes a while) Q. What is the new file name (ls -l) ? What is its new size (in meg)? Did the file decrease or increase in size? Next, lets copy the tar file to another location: cp file.tar.gz /var/tmp cd /var/tmp ls -l You should now see the compressed/zipped tar file in this new location. Let uncompress the file: gunzip file.tar.gz ls -l Q. What the new name of the file and what is its size? (should be the same as the beginning) Let untar this tarball at this location: tar -xvf file.tar Q. What does the -x option stand for? (see "man tar" if not sure). Next: pwd (look at your current working directory/location) ls -l (look around) cd etc pwd ls -l Q. what happened with the above untar? What do you see? 8. System admins also need a good understanding of networking and service configuration, and other configs. and settings. Click on Red Hat --> System Settings to see many of the below settings that you can manipulate. (you can see the same by clicking on the Start Here icon on the upper left of your screen) a. Red Hat --> System Settings --> Date/Time Q. What does this allow you to change/set? Q. You can also enable NTP (network time protocol). What is that? b. Red Hat --> System Settings --> Network Hardware Tab: Q. What type of network card (hardware) and what is its "type" and "device"? DNS tab: Q. What is the hostname? Are any dns servers listed? Click on hosts tab. Same hostname as before. What is the ip address listed? What does this mean? Devices tab: Q. What is the NIC's nickname and what is its "type"? What is its status? Click on edit. Q. What fields do you see listed that you can change? Cancel out of all of the above and dont save any changes.. c. Red Hat --> System Settings --> Server Settings --> Services : You can highlight and start/stop/restart any service. You can also pick what services start by default at boot time. Q. Tell which of the following services start at boot time or not (those checked will start up by default): crond httpd kudzu named network nfs sendmail sshd syslog telnetd xinetd Q. What do the above services do/describe: (when you highlight a service above, you can read the description in the box to the right) Next, crond is normally running. You can see if by doing "ps -ax | grep crond". Q. Is cron currently running? Highlight crond in the service configuration window and then click on "stop" button. Then do a "ps -ax | grep crond" again. Q. Is it still running? (you can also check the "status" listed in the services box) Now click on the restart button, and do a the ps command again. Q. Is cron running again? Thus you can start and stop any service..and also set services to start up automatically on boot up. d. Red Hat --> System Settings --> Add/Remove Applications Just look around. Notice these are the same applications that you selected during the install. You can remove any of them..or even add any that you didnt originally install (as long as you have the install CD). Dont do anything, just look around. Then quit. e. Red Hat --> System Settings --> Root Password Q. What does this do? Dont change anything..just cancel out of it. f. Red Hat --> System Settings --> Security Level Q. What is allowed incoming to make connections? Q. What is the security level? Q. Where did you see all of this before (when did you set this)? No changes..just cancel out. 9. Now lets investigate some system tools. a. goto red hat --> system tools --> disk management Q. What choices (buttons) do you see...what can you do? b. red hat --> system tools --> system logs Q. What log files are available? c. red hat --> system tools --> system monitor Q. What can you monitor? Q. besides monitoring, what else can you do? Q. Go to red hat --> accessories --> calculator and start up the calculator. Now back to the system monitor tool. highlight gnome-calculator and "end process". What happens? ------------------------END OF PART A---------------------------