1 / 77

CS465 -Unix

CS465 -Unix. System Administration. What does the System Administrator do?. Starts/stops the system Maintains the file system and user accounts Installs HW and SW Configures TCP/IP Performs system accounting, performance monitoring, and security. UNIX Processes. Program vs Process

geoff
Download Presentation

CS465 -Unix

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. CS465 -Unix System Administration

  2. What does the System Administrator do? • Starts/stops the system • Maintains the file system and user accounts • Installs HW and SW • Configures TCP/IP • Performs system accounting, performance monitoring, and security

  3. UNIX Processes • Program vs Process • Aprogram is an executable file. • A process is an instance of the program in execution. • When a process invokes a new program it creates a child process • A new process is created each time you execute a non-kernel command • Current process (parent) forks a new process (child) • ps shows process identifier (PID) and the parent process identifier (PPID)

  4. Process Creation Functions • UNIX provides two key functions that operate on processes: • fork - creates a duplicate process • Almost all info copied from original (parent) • New process has a unique process ID, which is returned to the parent process. • exec - loads a program from a file and overwrites the existing code

  5. Creating New Processes • Example: #include <stdio.h> #include <stdlib.h> /* system calls */ main() { if ( fork() == 0) /* child */ execl("/bin/ps", "ps", NULL); else wait(); /* parent */ printf("child’s ps done\n"); } • Note: Anyone (not just system administrator) can create new processes.

  6. Startup Processes • init process • last step in booting procedure • creates other processes to allow the users to login • getty process • conditions for terminal connection • waits for user-id • display login on the screen • login process • checks password with the uid • executes .profile or .login (depends on default shell) • displays shell prompt • shell process (command line interpreter) displays prompt

  7. fork exec fork exec inetd lpd Terminal for login /etc/getty /etc/getty httpd exec exec Check password /bin/login /bin/login exec exec Command interpreter shell shell Startup Process Diagram Process 0: Kernel bootstrap. Start process 1. kernel kernal mode user mode Process 1: create processes to allow login. /etc/init

  8. System Startup Processes UID PID PPID C STIME TTY STAT TIME CMD root 1 0 0 Oct01 ? Ss 0:01 init [2] root 2944 1 0 Oct01 tty1 Ss+ 0:00 /sbin/getty 38400 tty1 root 2946 1 0 Oct01 tty2 Ss+ 0:00 /sbin/getty 38400 tty2

  9. Who can perform system administrator duties? • Need root privileges to run many sysadmin commands • Can log in directly as user root • rwx privileges will not affect root • BETTER WAY: • Log in under your own username • Use su to switch to root • Maintains a log of which user logged into the root account

  10. The su utility • If you are logged in as an ordinary user, you may use switch user (su): $ su [username] If no username is listed, su will switch you to the root account. • Example: $ su Password: (enter root password) # Note that the prompt changes from $ to #

  11. Security Issue • If you are using su from someone else’s terminal to switch to root, you should ALWAYS type the entire path to avoid Trojan Horse programs: $ /bin/su <-- acadunix or sometimes: $ /usr/bin/su

  12. root commands • Most system administration commands are in the /usr/etc or /usr/bin directory Add /usr/etc to the root’s path by adding PATH=/usr/etc:$PATH to the /.profile file

  13. root precautions • When you are logged in as root, you should: • Test destructive commands non-destructively (Example: use ls before rm) • Create /etc/securetty to have a list of allowable terminals for root login • Only become root to do single specific tasks. Return back to your normal user shell (via exit command) until you are sure what needs to be done by root and to do your own work. • Always be slow and deliberate running as root. Your actions could affect a lot of things. Think before you type!

  14. su’s other use • You can also use switch user (su) to gain access to any user account $ su [username] Creates a subshell environment with user’s id and group id • Example: $ su jsmith Password: (enter jsmith’s password) $ • Note: If you use su from the root account, you will not need to enter a password.

  15. shutdown Utility • Use shutdown to stop the system. Users are notified of the impending shut down, as are the systems that are mounting resources from the server being shut down. • Format: shutdown [ -y ] [ -g grace-period ] [-i init-state ] [ message ] • Example: # shutdown -i S -g 120 "===== disk replacement =====“ Shutdown started. Tue Jun 7 14:51:40 PDT 1994 Broadcast Message from root (pts/1) on foo Tue Jun 7 14:51:41... The system will be shut down in 2 minutes ===== disk replacement ===== Broadcast Message from root (pts/1) on foo Tue Jun 7 14:52:41... The system will be shut down in 1 minutes ===== disk replacement =====

  16. halt Utility • Shuts the system down as quickly as possible (no user warning) • Flushes buffers • Halts system • Format: # halt

  17. Single User Mode • The system normally runs in multi-user mode. • After a system shutdown, you will be in Single User Mode: • Creates Bourne shell at console ONLY • Automatically logged in as root • Used for system maintenance and backup • Must issue sync command before returning to multi-user mode (writes changes to hard disk) • Can turn off power or reset the system

  18. Daemons • What is a daemon? • A process that only needs to be started once, and will lay dormant until it is required • Examples: • mail daemon • login daemon • Cron • Many system daemons are started on bootup UID PID PPID C STIME TTY STAT TIME CMD daemon 2694 1 0 Oct01 ? Ss 0:00 /usr/sbin/atd

  19. System Security:What are you trying to protect? The Risk: • Possibility of an intruder gaining unauthorized access • Motivations: • The Curious • The Malicious • The Competition • The Borrowers • The Leapfrogger

  20. Security Issues Vulnerability: How well protected is your computer? • Locate world writable directories • Check for unowned files • Do not permit .rhosts files Password Security Use crack on your own system Security Policy That which is not permitted is prohibited!!

  21. Unix System Logs • Unix keeps track of the following, by UserID: • Memory and CPU usage • Login/Logout time • Pages printed on printers

  22. Checking Logs Some things to check for in your logs (in directory /var/log or /var/logs): • Short or incomplete logs • Logs containing strange timestamps • Logs with incorrect permissions or ownership • Records of reboots or restarting of services • Missing logs • su entries or logins from strange places

  23. System logins/logouts • System file records all logins, logouts, and reboots, with the most recent activity at the top. • Can be viewed using the last command: • $ last [-n #] [username] • where -n # displays # lines of the file • username displays only lines for specific user • Each entry includes: • user name and login device • host that the user is logged in from • date and time that the user logged in and logged out • total login time in hours and minutes • Also includes entries for each reboot

  24. Example $ last -n6 small000 small000 pts/0 xlate.regis.edu Tue Oct 7 13:37 still logged in small000 pts/0 dsl-206-53-24-25 Mon Oct 6 18:20 - 18:35 (00:14) small000 pts/0 xlate.regis.edu Mon Oct 6 14:32 - 16:45 (02:13) small000 pts/2 xlate.regis.edu Fri Oct 3 14:10 - 14:35 (00:25) small000 pts/1 dsl-206-53-24-25 Thu Oct 2 19:24 - 19:32 (00:08) small000 pts/0 dsl-206-53-24-25 Thu Oct 2 14:38 - 15:17 (00:39) $

  25. System logins/logouts • You can log failed command-line login attempts in the /var/adm/loginlog file. • To turn on logging, root should create this file with read and write permissions for the root user only, and it should belong to the sys group. # touch /var/adm/loginlog# chown root /var/adm/loginlog# chmod 600 /var/adm/loginlog • All failed login activity is written to this file automatically after five consecutive failed attempts. If there are less than five consecutive failed attempts, no activity is logged to this file. • Each failed attempt entry contains: • user's login name • login device (TTY port) • time of the failed attempt.

  26. Monitoring su usage • It is a good idea to monitor who has been using the su command, especially to gain root access. • Set the SULOG variable in the /etc/default/su file to set up a file to log all su attempts. Example: SULOG=/var/adm/sulog • If the SULOG variable is not defined, su command logging is not enabled. • The SULOG log file records: • the date and time the command was issued, • whether it was successful (shown by the plus [+] symbol for success or the hyphen [-] symbol for failure), • the device from which the command was issued, the login and the effective identity.

  27. User Management • The system administrator can: • Add, modify and delete user accounts • Establish filesystem quotas • Change user passwords • Must be logged into the root account to do these things

  28. Logging into the root account • As the system administrator, you should: • log in to a system as a regular user • use su to switch to the root user account only when you need to perform system administrative tasks • Why? • reduces possiblitiy that the system will be left unattended with the root user logged in • critical mistakes are less likely to occur if you perform your routine work as a regular system user

  29. User Accounts • Each user needs a unique: • account name • user identification (UID) number • home directory and a login shell. • The system administrator also has to determine which groups a user may access.

  30. System Files • Unix stores user account and group entry information in the following system files: /etc/passwd • Stores login account entries for authorized system users (edit file via useradd, usermod & userdel). /etc/shadow • Shadow of /etc/passwd, but with encrypted passwords /etc/group • Defines the system group entries

  31. Steps for Adding a User • Create new user account via useradd • (adds new entry into both the /etc/passwd and /etc/shadow files) • Set user password via passwd • Add user to /etc/group file • Set quotas (if in effect)

  32. useradd defaults • Format: # useradd -D [-g default_group] [-b default_home] [-f default_inactive] [-e default_expire_date] [-s default_shell] • The –D option is used to list/set useradd defaults for account creation: # useradd –D GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel #

  33. useradd – Creating New Accounts • useradd without –D, creates new user accounts: useradd [-c comment] [-d home_dir] [-e expire_date] [-f inactive_time] [-g initial_group] [-G group[,...]] [-m [-k skeleton_dir] | -M] [-p passwd] [-s shell] [-u uid [ -o]] [-n] [-r] login • useradd has many options, but the minimum information required is a login name and a real name. • The user's real name is considered a "comment" and is given with the -c switch # useradd -c "President George Bush" gbush

  34. Notes on Adding Users • The new user's home directory is either given permission 700 or 711 by default (700 makes the home directory invisible to other users, 711 allows others to list it). • By default the user belongs to a group that consists only of himself (primary group). Or you may add the user to other groups that define access permissions to other directories. • When a user is added, his home directory is automatically created, with any subdirectories and scripts as defined in /etc/skel

  35. Defining Sample User Login Files • /etc/skel contains a "model" for the user's home directory • Create any files required by a typical user, for example .profile for a login template • Example: $ ls -l /etc/skel total 6 -rw-r--r-- 1 root sys 138 Mar 3 2002 local.cshrc -rw-r--r-- 1 root sys 607 Dec 22 2001 local.login -rw-r--r-- 1 root sys 596 Mar 3 2002 local.profile $

  36. User Account Passwords • By default, no password is given to a user when you use useradd • You must use the passwd command to supply an initial password, which will be encrypted • Changing password (user may change own password) # passwd jsmith Changing password for user jsmith New UNIX password: Retype new UNIX password: passwd: all authentication tokens updated successfully #

  37. Modifying User Accounts • usermod can be used to change user account settings • Format (similar to useradd): # usermod usage: usermod [-u uid [-o]] [-g group] [-G group,..] [-d home [-m]] [-s shell] [-c comment] [-l new_name] [-f inactive] [-e expire ] [-p passwd] [-L|-U] name # usermod -s /bin/ksh jsmith #

  38. Deleting User Accounts • userdel deletes user accounts from the system • Format: # userdel [ -r ] login Option: - rRemoves the user's home directory and all files below it from the system. • Examples: # userdel –r jsmith # userdel mjones

  39. User Groups • groupadd adds a new group (root only) • Format: groupadd [-g gid] group • Example: # groupadd CS465F08 • Use usermod to add users to the new group: # usermod -G CS465F08 jsmith

  40. Communicating with Users • Broadcast message to ALL users on local host: $ wall [< msgfile] • Takes input from stdin if no msgfile is given (until CTRL-D)

  41. Communicating with Users • You can also display a “message of the day” to users when they log on • Edit the file: /etc/motd • Can be used to: • Issue announcements • Warn of scheduled shutdowns • etc

  42. File System Maintenance

  43. Special Files • Unix treats every device as a file • Special files can refer to • floppy disk • CD-ROM • hard disk partitions • etc.. • Special files are located in the /dev directory • /dev/fd0first floppy disk • /dev/hda1first partition in first hard disk -/dev/tty0 first terminal

  44. Installing New Devices • First install the device driver, if necessary • Second, run mknod to associate a special file with the actual hardware device • Format: mknod spec-filename [c|b] major# minor# where c = character, b = block device major# = device class (uses this device driver) minor# = instance within the class • Example: # mknod /dev/tty0 c 2 0

  45. More on Filesystems • Unix stores files in filesystems • A filesystem lives in a hard disk partition, on a floppy or on a CD-ROM or on a networked computer • A filesystem must first be created using a special command: newfs or mkfs or something similar • Before a filesystem can be used it must be mounted

  46. Mounting Filesystems • Only root may mount a filesystem • The mount command requires two pieces of information • The special file which refers to the device where the filesystem lives • The place to make it appear in the filesystem, the mount point • Format: mount [-t type] device directory

  47. Mounting Example • Assuming: • /dev/fd0 refers to a floppy drive • There already exists a directory called /mnt/floppy • The command: # mount /dev/fd0 /mnt/floppy • “Attaches” the floppy filesystem • A file abc.txt on the floppy is now accessable as /mnt/floppy/abc.txt • The /etc/mtab file contains a list of all currently mounted devices

  48. Mounting Filesystems / • Root file system (/) is mounted at boot time and cannot be unmounted • All other file systems are mounted BELOW the root • A file system can be mounted to a directory of another mounted file system /dev /etc /var /bin /tmp /usr /mnt /home a file system

  49. Checking on Mounted Filesystems • The mount command with no arguments will displayed the currently mounted filesystems $ mount /dev/hda1 on / type ext3 (rw,errors=remount-ro) tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755) proc on /proc type proc (rw,noexec,nosuid,nodev) sysfs on /sys type sysfs (rw,noexec,nosuid,nodev) udev on /dev type tmpfs (rw,mode=0755) tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev) devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5) /dev/sda2 on /usr type ext3 (rw,errors=remount-ro) /dev/sdb1 on /tmp type ext3 (rw,errors=remount-ro) /dev/sdb2 on /opt type ext3 (rw,errors=remount-ro) $

  50. Disk Freespace Statistics • dfdisplays the number of free blocks and the number of files in each file system, or a particular file system • Format: $ df [filesystem] • Examples: • $ df • Filesystem 1K-blocks Used Available Use% Mounted on • /dev/hda1 2464936 287432 2052288 13% / • udev 10240 56 10184 1% /dev • /dev/sda2 6823216 2709144 4114072 40% /usr • /dev/sdb1 4031664 33108 3793760 1% /tmp • /dev/sdb2 4719996 548264 3931964 13% /opt • /dev/sdc1 8744304 534828 7765284 7% /home • $ df /dev/sdb1 • Filesystem 1K-blocks Used Available Use% Mounted on • /dev/sdb1 4031664 33108 3793760 1% /tmp

More Related