1 / 62

LIS508 basic system administration

LIS508 basic system administration. Thomas Krichel 2010-01-09. background. now we have a functional system, what are we doing with it? What is the basic architecture? How to keep the box up to date? Basic troubleshooting. troubleshooting.

avital
Download Presentation

LIS508 basic system administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. LIS508basic system administration Thomas Krichel 2010-01-09

  2. background • now we have a functional system, what are we doing with it? • What is the basic architecture? • How to keep the box up to date? • Basic troubleshooting.

  3. troubleshooting • 95% of all times, you can put an error message into your Google search box and get some meaningful advice. • If you don't than you have a rare problem. Rare problem are usually your own fault rather than a systemic issue with the software.

  4. learning Debian • Debian is impossible to learn. • With 20,000 packages, you don't know what is in them to satisfy your needs. • The best way to find out is go to a meeting with Debian-knowledgable folks and talk to them.

  5. basic order • logs • time • processes • networks • users • disks • system upgrade

  6. /etc • This contains the configurations • If a packages is called foo, changes are that the configuration is in /etc/foo.conf or in /etc/foo/ somewhere. • Every package is configured in a different way.

  7. /usr/share/doc • This very large directory contains documentation that comes with packages. • Much of this documentation is in compressed files. • Compressed files are understood by the extention .gz • “zcat foo.gz” shows the file foo.gz • “zcat foo.gz | less ” shows the file in less

  8. /var/log • This directory contains logs. • When a package does not work as expected, looking at the logs is a good idea, usually. • Some daemon programs log to /var/log/daemon.log

  9. log permissions • The current logs are usually readable by a person in the adm group. • It is therefore a good idea to add the person that usually runs the machine to the adm group. • This can be done by editing /etc/group

  10. log rotation • Files in logs are rotated by the logrotate package. • This package compresses old logs and puts them into separate files. • Log rotation is fired up by a entry in the system crontab.

  11. log rotation • Files in logs are rotated by the logrotate package. • This package compresses old logs and puts them into separate files. • Log rotation is fired up by a entry in the system crontab.

  12. time keeping • Normally, ntp package will keep correct time on the machine. • Keeping accurate time is very important in digital library application. • You need the ntpd daemon package installed, the client on its own will not do it, I think.

  13. dating • To set up a machine for a local time zone, use “dpkg-reconfigure tzdata”. • You will be guided through a menu that allows you to choose the time zone. • Adjustment for daylight savings time happens automatically.

  14. processess • ps is the basic utility for looking at processes. • I most often use it as “ps axf | less”. Note that axf are command flags but strangely enough, there is no minus sign used.

  15. process managment • htop is a good program to watch system usage. • if you don't have it, get it with “aptitude install htop”

  16. killing • “kill -signal process” sends the signal signal to the process indentifed by the • The most important signal is 9, meaning to kill the process for as sure as you can. • If it still living, you can only get rid of it by a reboot.

  17. killall • killall is a utilty to kill a bunch of processes. • “killall foo” kills all processes that have to string foo in their names. • If you don’t have it, install it with “aptitude install psmisc”. • psmisc is a package for miscellaneous process utilities.

  18. shutdown • This is a utility to shutdown the system. • “shutdown -h now” brings the system to a halt. Don't use this on your rented machine. • “shutdown -r now” reboots the system. • “reboot” is an alias for “shutdown -r now”

  19. uptime • This says how long the system has been up for. • It is useful to find out if a reboot has occurred since a certain time. • Sometime reboots occur because of eletricity failures.

  20. starting and stopping daemons • To start a daemon daemon, use “/etc/init.d/daemon start” • To stop a daemon daemon, use “/etc/init.d/daemon stop” • To restart a daemon daemon, use “/etc/init.d/daemon restart”

  21. /etc/init.d/networking • This controls the network. It is dealt with in the same way as a daemon would. • The configuration of the network lives in /etc/networking. • The most important file is called interfaces. It contains the interface configuration. • On my laptop, I have many interface configuration files

  22. route • route is the command to show the kernel routing table. • It may help you it find out what is going on with the IP configuration.

  23. ifconfig • This is the command to find out the state of your interfaces. • This is an essential utility for the network with wired access. • For wireless, there is iwconfig

  24. traceroute • This is a utilty to see how packet are traveling between hosts. • Usually between your machine and another as in “traceroute foo” to see the route to host foo. • This is useful to understand at what level your are experiencing a problem with the network connection.

  25. /etc/hosts • This contains the basic host configuration. • You can use this to make local host configuration that bypass the DNS. • The exact detail of this file is a mystery to me. It should have lines • 127.0.0.1 localhost • 127.0.0.1 foo.domain foo

  26. /etc/resolv.conf • This contains the DNS configuration. • “nameserver ip” says that the machine with IP address ip will be a nameserver.It is good to have several of these lines. • “search domain” will instruct the DNS client to search for “foo.domain” when there is a request to resolve host “foo”. This saves typing time.

  27. adding and removing users • adduser is a utility to add physical users to the system. Its password strength checking • /etc/skel contains skeleton home directories • userdel removes a user. It needs the -f flag to remove the home directory as well.

  28. su & sudo • su is a utility to become a certain user. If you give no user name, root is assumed. • sudo is a command to run something as root. It appears to be popular, but I don't use it.

  29. user information • Information about all users is in /etc/password. • That file also used to contains passwords. • The passwords are now in /etc/shadow. The passwords are stored in an encrypted form that can not be decrypted (unless you use trial and error)

  30. passwd • passwd is a utility to set passwords. • root can set any password directly. • Other users have to enter the old password first. • There is no facility to look up passwords.

  31. last • This gives the list of users and when they last logged in. • If you have a machine with a lot of users, it is worth watching this.

  32. dmesg • This shows the last messages from the kernel. • This is useful when a new hardware device is plugged in, to find out if the kernel knows about it. • udev, a device manager, will usuall inform the kernel that a new device is there.

  33. disks • All spinning disks will break after a while. • Usually the kernel notices this and unmounts the mount point of the disk. • Sometimes you also see a message “input/output error”. • If such an error appears on the root disk, you have a serious problem.

  34. df • This utility shows you how full your disks are. • Unfortunately any disk will fill up after some time. You have to keep watching. • Note that inode fill-up can also make a disk unusable, see “df -i”.

  35. virtual volumes • There is a way to combine several disks into a virtual disk. • This is called logical volume management. • I only use this to build large disk for backup. I never use it for primary data.

  36. fdisk • This is a partition table manipulation utility. • I only used it as “fdisk -l” to list all the devices that the kernel knows about.

  37. cfdisk • This is full-screen (curses) utilty to manipulate a partition table. It is self-explanatory. It is invoqued with “cfdisk device” where device is a device name such as /dev/sda. • Remember, changing the partition table on a disk is like erasing all data that is on it.

  38. mount • Mounting a disk means making it available at a certain point in the file system. • For example, if you have directory /foo and a disk /dev/sdf, with a partition /dev/sdf1, you say “mount /dev/sdf1 /foo”. • mount has a -t flag to inform the mount about the type of file system used. Most times this can be read from the partition table of the device.

  39. umount • umount is a command to a mount point, i.e. a point in the file system where something is mounted. • Thus you say “umount /foo”. • You don't say “umont /dev/sdf1”

  40. /etc/fstab • This file contains information about mount points as they are supposed to be mounted at boot time. • “mount -a” will attempt to mount all mount points in that file. • I would not touch this on a rented machine.

  41. checking • e2fsck is a utility to check ext2 and ext3 type file systems. • These are the most widely used systems. • You can also add a physical check of every block on the device, but that takes a lot of time. • e2fsck will try to repair the system.

  42. broken disks • Disks usually don't break complete. • e2fsk -y will fix errors without you having to confirm all actions. This is useful when you have a lot of errors. • Even if there are few errors a disk has errors, more errors will appear. • You need to replace the disk.

  43. broken disk with root file system • If the disk with the root file system is broken, a reboot will usually activate e2fsck. • But if you have only ssh access to the machine, there is nothing you can do because ssh starts after the root disk is mounted. • Some providers allow you something like a virtual console.

  44. backups • Already the Beatles knew about the importance of backups. • What to back up is more an art than a science. • I back up /var, /home, /root, and /etc. • I back them up on a remote machine using rsync.

  45. rsync • rsync uses ssh to incementally copy file on one system to the other. Say “rsync -qa /etc/ root@remote:/backup/server/etc”. • Here the -a means archival. -q is quite, if you want verbosity say -v. • --delete deletes files on the remote machine that are not on the local. • Note the slash at the end of the source directory, it has to be there.

  46. rsync in the digital library • rsync is extremely important in my work because I rely on various machines to process digital library data • I use rsync to transport the result of the output of one system as the input of the other system. • It is fast and efficient, but can strain a network.

  47. package management • dpkg is the utility that deals with one package • To maintain packages as a whole, there are three systems. “dselect”, “apt-get” and “aptitude”.

  48. dpkg • man dpkg will tell you more about it. • The only time I use it is to say “dpkg -i foo.deb” to install a package contained in a file foo.deb.

  49. dselect • dselect is a full-screen package selection system with an unintuitive but simple to learn and well documentented interface. • I used it for many years, but I am told in makes bad suggestion and should be avoided. • I no longer use it.

  50. aptitude • Aptitude (apparently) makes better choices than apt-get and dselect • If invoqued on its own, it leads to an interface I don't understand. • I used it now with actions in command line.

More Related