1 / 14

Introduction to System Admin

Introduction to System Admin. Sirak Kaewjamnong. The system administration’s job. Adding a new user Doing backup and restoring files from backups Answer user questions Monitoring system activity and tuning system performance for good respond time

len
Download Presentation

Introduction to System Admin

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Introduction to System Admin Sirak Kaewjamnong

  2. The system administration’s job • Adding a new user • Doing backup and restoring files from backups • Answer user questions • Monitoring system activity and tuning system performance for good respond time • Worrying about system security and patching security holds

  3. The system administration’s job • Installing programs and OS updates • Trying to free up disk space • Rebooting the system after a crash • Adding a new equipment and new systems • Fixing any problems • Writing scripts to automate as many of the above activities as possible

  4. Unix superuser • Superuser is a privileged account with unrestricted access to all files and command • The user name of superuser is “root” • This user has a user ID of 0

  5. Becoming root • There are two ways to become the superuser • Login as root directly • Execute command su to change privileged • % su

  6. Sudo command • The sudo utility allows users defined in the /etc/sudoers configuration file to have temporary access to run commands they would not normally be able to due to file permission restrictions • Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root

  7. The /etc/sudoers File • The /etc/sudoers file contains all the configuration and permission parameters needed for sudo to work

  8. Format of the /etc/sudoers File usernames/group servername = (usernames command can be run as) command • Groups are the same as user groups and are differentiated from regular users by a % at the beginning. The Linux user group "users" would be represented by %users. • can have multiple usernames per line separated by commas. • Multiple commands also can be separated by commas. Spaces are considered part of the command. • The keyword ALL can mean all usernames, groups, commands and servers. • If run out of space on a line, admin can end it with a back slash (\) and continue on the next line. • The NOPASSWD keyword provides access without prompting for your password.

  9. /etc/sudoers Examples root ALL = (ALL) ALL %wheel ALL = (ALL) ALL • root and users in group wheel can run anything on any machine as any user Srk,rp ALL = NOPASSWD: ALL • User srk and rp can run anything on any machine without a password peter, %operator ALL= /sbin/, /usr/sbin, /usr/local/apps/check.pl • user peter and all the members of the group operator to gain access to all the program files in the /sbin and /usr/sbin directories, plus the privilege of running the command /usr/local/apps/check.pl

  10. Using Aliases in the sudoers File User_Alias ADMINS = millert, mikef, dowdy ADMINS ALL = NOPASSWD: ALL • User aliasADMINS are user millert.mikef,dowdy • User aliasADMINS can run anything on any machine without a password Cmnd_Alias PRINTING = /usr/sbin/lpc, /usr/bin/lprm Cmnd_Alias SHUTDOWN = /usr/sbin/shutdown srk ALL = PRINTING, /usr/bin/adduser • User srk can use printer and add new user

  11. How to add user • Add linux group #groupadd students #groupadd staff #groupadd teachers • Add the Linux users and assign them to their respective groups #useradd –g teachers rp #useradd –g staff srk • Each user's personal directory is placed in the /home directory. The directory name will be the same as their user name

  12. Change password • User root changing the password for user paul [root@myhost]# passwd paul Changing password for user paul. New password: Retype new password: passwd: all authentication tokens updated successfully. [root@myhost]#

  13. Delete user • The userdel command is used to remove the user's record from the /etc/passwd and /etc/shadow used in the login process. The command has a single argument, the username [root@myhost]# userdel paul • an optional -r switch that additionally removes all the contents of the user's home directory [root@myhost]# userdel -r paul

  14. http://www.sudo.ws/sudo/sample.sudoers

More Related