620 likes | 744 Views
LIS508 basic system administration. Thomas Krichel 2010-01-09. background. now we have a functional system, what are we doing with it? What is the basic architecture? How to keep the box up to date? Basic troubleshooting. troubleshooting.
E N D
LIS508basic system administration Thomas Krichel 2010-01-09
background • now we have a functional system, what are we doing with it? • What is the basic architecture? • How to keep the box up to date? • Basic troubleshooting.
troubleshooting • 95% of all times, you can put an error message into your Google search box and get some meaningful advice. • If you don't than you have a rare problem. Rare problem are usually your own fault rather than a systemic issue with the software.
learning Debian • Debian is impossible to learn. • With 20,000 packages, you don't know what is in them to satisfy your needs. • The best way to find out is go to a meeting with Debian-knowledgable folks and talk to them.
basic order • logs • time • processes • networks • users • disks • system upgrade
/etc • This contains the configurations • If a packages is called foo, changes are that the configuration is in /etc/foo.conf or in /etc/foo/ somewhere. • Every package is configured in a different way.
/usr/share/doc • This very large directory contains documentation that comes with packages. • Much of this documentation is in compressed files. • Compressed files are understood by the extention .gz • “zcat foo.gz” shows the file foo.gz • “zcat foo.gz | less ” shows the file in less
/var/log • This directory contains logs. • When a package does not work as expected, looking at the logs is a good idea, usually. • Some daemon programs log to /var/log/daemon.log
log permissions • The current logs are usually readable by a person in the adm group. • It is therefore a good idea to add the person that usually runs the machine to the adm group. • This can be done by editing /etc/group
log rotation • Files in logs are rotated by the logrotate package. • This package compresses old logs and puts them into separate files. • Log rotation is fired up by a entry in the system crontab.
log rotation • Files in logs are rotated by the logrotate package. • This package compresses old logs and puts them into separate files. • Log rotation is fired up by a entry in the system crontab.
time keeping • Normally, ntp package will keep correct time on the machine. • Keeping accurate time is very important in digital library application. • You need the ntpd daemon package installed, the client on its own will not do it, I think.
dating • To set up a machine for a local time zone, use “dpkg-reconfigure tzdata”. • You will be guided through a menu that allows you to choose the time zone. • Adjustment for daylight savings time happens automatically.
processess • ps is the basic utility for looking at processes. • I most often use it as “ps axf | less”. Note that axf are command flags but strangely enough, there is no minus sign used.
process managment • htop is a good program to watch system usage. • if you don't have it, get it with “aptitude install htop”
killing • “kill -signal process” sends the signal signal to the process indentifed by the • The most important signal is 9, meaning to kill the process for as sure as you can. • If it still living, you can only get rid of it by a reboot.
killall • killall is a utilty to kill a bunch of processes. • “killall foo” kills all processes that have to string foo in their names. • If you don’t have it, install it with “aptitude install psmisc”. • psmisc is a package for miscellaneous process utilities.
shutdown • This is a utility to shutdown the system. • “shutdown -h now” brings the system to a halt. Don't use this on your rented machine. • “shutdown -r now” reboots the system. • “reboot” is an alias for “shutdown -r now”
uptime • This says how long the system has been up for. • It is useful to find out if a reboot has occurred since a certain time. • Sometime reboots occur because of eletricity failures.
starting and stopping daemons • To start a daemon daemon, use “/etc/init.d/daemon start” • To stop a daemon daemon, use “/etc/init.d/daemon stop” • To restart a daemon daemon, use “/etc/init.d/daemon restart”
/etc/init.d/networking • This controls the network. It is dealt with in the same way as a daemon would. • The configuration of the network lives in /etc/networking. • The most important file is called interfaces. It contains the interface configuration. • On my laptop, I have many interface configuration files
route • route is the command to show the kernel routing table. • It may help you it find out what is going on with the IP configuration.
ifconfig • This is the command to find out the state of your interfaces. • This is an essential utility for the network with wired access. • For wireless, there is iwconfig
traceroute • This is a utilty to see how packet are traveling between hosts. • Usually between your machine and another as in “traceroute foo” to see the route to host foo. • This is useful to understand at what level your are experiencing a problem with the network connection.
/etc/hosts • This contains the basic host configuration. • You can use this to make local host configuration that bypass the DNS. • The exact detail of this file is a mystery to me. It should have lines • 127.0.0.1 localhost • 127.0.0.1 foo.domain foo
/etc/resolv.conf • This contains the DNS configuration. • “nameserver ip” says that the machine with IP address ip will be a nameserver.It is good to have several of these lines. • “search domain” will instruct the DNS client to search for “foo.domain” when there is a request to resolve host “foo”. This saves typing time.
adding and removing users • adduser is a utility to add physical users to the system. Its password strength checking • /etc/skel contains skeleton home directories • userdel removes a user. It needs the -f flag to remove the home directory as well.
su & sudo • su is a utility to become a certain user. If you give no user name, root is assumed. • sudo is a command to run something as root. It appears to be popular, but I don't use it.
user information • Information about all users is in /etc/password. • That file also used to contains passwords. • The passwords are now in /etc/shadow. The passwords are stored in an encrypted form that can not be decrypted (unless you use trial and error)
passwd • passwd is a utility to set passwords. • root can set any password directly. • Other users have to enter the old password first. • There is no facility to look up passwords.
last • This gives the list of users and when they last logged in. • If you have a machine with a lot of users, it is worth watching this.
dmesg • This shows the last messages from the kernel. • This is useful when a new hardware device is plugged in, to find out if the kernel knows about it. • udev, a device manager, will usuall inform the kernel that a new device is there.
disks • All spinning disks will break after a while. • Usually the kernel notices this and unmounts the mount point of the disk. • Sometimes you also see a message “input/output error”. • If such an error appears on the root disk, you have a serious problem.
df • This utility shows you how full your disks are. • Unfortunately any disk will fill up after some time. You have to keep watching. • Note that inode fill-up can also make a disk unusable, see “df -i”.
virtual volumes • There is a way to combine several disks into a virtual disk. • This is called logical volume management. • I only use this to build large disk for backup. I never use it for primary data.
fdisk • This is a partition table manipulation utility. • I only used it as “fdisk -l” to list all the devices that the kernel knows about.
cfdisk • This is full-screen (curses) utilty to manipulate a partition table. It is self-explanatory. It is invoqued with “cfdisk device” where device is a device name such as /dev/sda. • Remember, changing the partition table on a disk is like erasing all data that is on it.
mount • Mounting a disk means making it available at a certain point in the file system. • For example, if you have directory /foo and a disk /dev/sdf, with a partition /dev/sdf1, you say “mount /dev/sdf1 /foo”. • mount has a -t flag to inform the mount about the type of file system used. Most times this can be read from the partition table of the device.
umount • umount is a command to a mount point, i.e. a point in the file system where something is mounted. • Thus you say “umount /foo”. • You don't say “umont /dev/sdf1”
/etc/fstab • This file contains information about mount points as they are supposed to be mounted at boot time. • “mount -a” will attempt to mount all mount points in that file. • I would not touch this on a rented machine.
checking • e2fsck is a utility to check ext2 and ext3 type file systems. • These are the most widely used systems. • You can also add a physical check of every block on the device, but that takes a lot of time. • e2fsck will try to repair the system.
broken disks • Disks usually don't break complete. • e2fsk -y will fix errors without you having to confirm all actions. This is useful when you have a lot of errors. • Even if there are few errors a disk has errors, more errors will appear. • You need to replace the disk.
broken disk with root file system • If the disk with the root file system is broken, a reboot will usually activate e2fsck. • But if you have only ssh access to the machine, there is nothing you can do because ssh starts after the root disk is mounted. • Some providers allow you something like a virtual console.
backups • Already the Beatles knew about the importance of backups. • What to back up is more an art than a science. • I back up /var, /home, /root, and /etc. • I back them up on a remote machine using rsync.
rsync • rsync uses ssh to incementally copy file on one system to the other. Say “rsync -qa /etc/ root@remote:/backup/server/etc”. • Here the -a means archival. -q is quite, if you want verbosity say -v. • --delete deletes files on the remote machine that are not on the local. • Note the slash at the end of the source directory, it has to be there.
rsync in the digital library • rsync is extremely important in my work because I rely on various machines to process digital library data • I use rsync to transport the result of the output of one system as the input of the other system. • It is fast and efficient, but can strain a network.
package management • dpkg is the utility that deals with one package • To maintain packages as a whole, there are three systems. “dselect”, “apt-get” and “aptitude”.
dpkg • man dpkg will tell you more about it. • The only time I use it is to say “dpkg -i foo.deb” to install a package contained in a file foo.deb.
dselect • dselect is a full-screen package selection system with an unintuitive but simple to learn and well documentented interface. • I used it for many years, but I am told in makes bad suggestion and should be avoided. • I no longer use it.
aptitude • Aptitude (apparently) makes better choices than apt-get and dselect • If invoqued on its own, it leads to an interface I don't understand. • I used it now with actions in command line.