lis508 basic system administration
DESCRIPTION
LIS508 basic system administration. Thomas Krichel 2010-01-09. background. now we have a functional system, what are we doing with it? What is the basic architecture? How to keep the box up to date? Basic troubleshooting. troubleshooting. - PowerPoint PPT PresentationTRANSCRIPT
LIS508
basic system administration
Thomas Krichel
2010-01-09
background
• now we have a functional system, what are we doing with it?
• What is the basic architecture?
• How to keep the box up to date?
• Basic troubleshooting.
troubleshooting
• 95% of all times, you can put an error message into your Google search box and get some meaningful advice.
• If you don't than you have a rare problem. Rare problem are usually your own fault rather than a systemic issue with the software.
learning Debian
• Debian is impossible to learn.
• With 20,000 packages, you don't know what is in them to satisfy your needs.
• The best way to find out is go to a meeting with Debian-knowledgable folks and talk to them.
basic order
• logs
• time
• processes
• networks
• users
• disks
• system upgrade
/etc
• This contains the configurations
• If a packages is called foo, changes are that the configuration is in /etc/foo.conf or in /etc/foo/ somewhere.
• Every package is configured in a different way.
/usr/share/doc
• This very large directory contains documentation that comes with packages.
• Much of this documentation is in compressed files.
• Compressed files are understood by the extention .gz
• “zcat foo.gz” shows the file foo.gz
• “zcat foo.gz | less ” shows the file in less
/var/log
• This directory contains logs.
• When a package does not work as expected, looking at the logs is a good idea, usually.
• Some daemon programs log to /var/log/daemon.log
log permissions
• The current logs are usually readable by a person in the adm group.
• It is therefore a good idea to add the person that usually runs the machine to the adm group.
• This can be done by editing /etc/group
log rotation
• Files in logs are rotated by the logrotate package.
• This package compresses old logs and puts them into separate files.
• Log rotation is fired up by a entry in the system crontab.
log rotation
• Files in logs are rotated by the logrotate package.
• This package compresses old logs and puts them into separate files.
• Log rotation is fired up by a entry in the system crontab.
time keeping
• Normally, ntp package will keep correct time on the machine.
• Keeping accurate time is very important in digital library application.
• You need the ntpd daemon package installed, the client on its own will not do it, I think.
dating
• To set up a machine for a local time zone, use “dpkg-reconfigure tzdata”.
• You will be guided through a menu that allows you to choose the time zone.
• Adjustment for daylight savings time happens automatically.
processess
• ps is the basic utility for looking at processes.
• I most often use it as “ps axf | less”. Note that axf are command flags but strangely enough, there is no minus sign used.
process managment
• htop is a good program to watch system usage.
• if you don't have it, get it with “aptitude install htop”
killing
• “kill -signal process” sends the signal signal to the process indentifed by the
• The most important signal is 9, meaning to kill the process for as sure as you can.
• If it still living, you can only get rid of it by a reboot.
killall
• killall is a utilty to kill a bunch of processes.
• “killall foo” kills all processes that have to string foo in their names.
• If you don’t have it, install it with “aptitude install psmisc”.
• psmisc is a package for miscellaneous process utilities.
shutdown
• This is a utility to shutdown the system.
• “shutdown -h now” brings the system to a halt. Don't use this on your rented machine.
• “shutdown -r now” reboots the system.
• “reboot” is an alias for “shutdown -r now”
uptime
• This says how long the system has been up for.
• It is useful to find out if a reboot has occurred since a certain time.
• Sometime reboots occur because of eletricity failures.
starting and stopping daemons
• To start a daemon daemon, use “/etc/init.d/daemon start”
• To stop a daemon daemon, use “/etc/init.d/daemon stop”
• To restart a daemon daemon, use “/etc/init.d/daemon restart”
/etc/init.d/networking
• This controls the network. It is dealt with in the same way as a daemon would.
• The configuration of the network lives in /etc/networking.
• The most important file is called interfaces. It contains the interface configuration.
• On my laptop, I have many interface configuration files
route
• route is the command to show the kernel routing table.
• It may help you it find out what is going on with the IP configuration.
ifconfig
• This is the command to find out the state of your interfaces.
• This is an essential utility for the network with wired access.
• For wireless, there is iwconfig
traceroute
• This is a utilty to see how packet are traveling between hosts.
• Usually between your machine and another as in “traceroute foo” to see the route to host foo.
• This is useful to understand at what level your are experiencing a problem with the network connection.
/etc/hosts
• This contains the basic host configuration.
• You can use this to make local host configuration that bypass the DNS.
• The exact detail of this file is a mystery to me. It should have lines
– 127.0.0.1 localhost– 127.0.0.1 foo.domain foo
/etc/resolv.conf
• This contains the DNS configuration.
• “nameserver ip” says that the machine with IP address ip will be a nameserver.It is good to have several of these lines.
• “search domain” will instruct the DNS client to search for “foo.domain” when there is a request to resolve host “foo”. This saves typing time.
adding and removing users
• adduser is a utility to add physical users to the system. Its password strength checking
• /etc/skel contains skeleton home directories
• userdel removes a user. It needs the -f flag to remove the home directory as well.
su & sudo
• su is a utility to become a certain user. If you give no user name, root is assumed.
• sudo is a command to run something as root. It appears to be popular, but I don't use it.
user information
• Information about all users is in /etc/password.
• That file also used to contains passwords.
• The passwords are now in /etc/shadow. The passwords are stored in an encrypted form that can not be decrypted (unless you use trial and error)
passwd
• passwd is a utility to set passwords.
• root can set any password directly.
• Other users have to enter the old password first.
• There is no facility to look up passwords.
last
• This gives the list of users and when they last logged in.
• If you have a machine with a lot of users, it is worth watching this.
dmesg
• This shows the last messages from the kernel.
• This is useful when a new hardware device is plugged in, to find out if the kernel knows about it.
• udev, a device manager, will usuall inform the kernel that a new device is there.
disks
• All spinning disks will break after a while.
• Usually the kernel notices this and unmounts the mount point of the disk.
• Sometimes you also see a message “input/output error”.
• If such an error appears on the root disk, you have a serious problem.
df
• This utility shows you how full your disks are.
• Unfortunately any disk will fill up after some time. You have to keep watching.
• Note that inode fill-up can also make a disk unusable, see “df -i”.
virtual volumes
• There is a way to combine several disks into a virtual disk.
• This is called logical volume management.
• I only use this to build large disk for backup. I never use it for primary data.
fdisk
• This is a partition table manipulation utility.
• I only used it as “fdisk -l” to list all the devices that the kernel knows about.
cfdisk
• This is full-screen (curses) utilty to manipulate a partition table. It is self-explanatory. It is invoqued with “cfdisk device” where device is a device name such as /dev/sda.
• Remember, changing the partition table on a disk is like erasing all data that is on it.
mount
• Mounting a disk means making it available at a certain point in the file system.
• For example, if you have directory /foo and a disk /dev/sdf, with a partition /dev/sdf1, you say “mount /dev/sdf1 /foo”.
• mount has a -t flag to inform the mount about the type of file system used. Most times this can be read from the partition table of the device.
umount
• umount is a command to a mount point, i.e. a point in the file system where something is mounted.
• Thus you say “umount /foo”.
• You don't say “umont /dev/sdf1”
/etc/fstab
• This file contains information about mount points as they are supposed to be mounted at boot time.
• “mount -a” will attempt to mount all mount points in that file.
• I would not touch this on a rented machine.
checking
• e2fsck is a utility to check ext2 and ext3 type file systems.
• These are the most widely used systems.
• You can also add a physical check of every block on the device, but that takes a lot of time.
• e2fsck will try to repair the system.
broken disks
• Disks usually don't break complete.
• e2fsk -y will fix errors without you having to confirm all actions. This is useful when you have a lot of errors.
• Even if there are few errors a disk has errors, more errors will appear.
• You need to replace the disk.
broken disk with root file system
• If the disk with the root file system is broken, a reboot will usually activate e2fsck.
• But if you have only ssh access to the machine, there is nothing you can do because ssh starts after the root disk is mounted.
• Some providers allow you something like a virtual console.
backups
• Already the Beatles knew about the importance of backups.
• What to back up is more an art than a science.
• I back up /var, /home, /root, and /etc.
• I back them up on a remote machine using rsync.
rsync
• rsync uses ssh to incementally copy file on one system to the other. Say “rsync -qa /etc/ root@remote:/backup/server/etc”.
• Here the -a means archival. -q is quite, if you want verbosity say -v.
• --delete deletes files on the remote machine that are not on the local.
• Note the slash at the end of the source directory, it has to be there.
rsync in the digital library
• rsync is extremely important in my work because I rely on various machines to process digital library data
• I use rsync to transport the result of the output of one system as the input of the other system.
• It is fast and efficient, but can strain a network.
package management
• dpkg is the utility that deals with one package
• To maintain packages as a whole, there are three systems. “dselect”, “apt-get” and “aptitude”.
dpkg
• man dpkg will tell you more about it.
• The only time I use it is to say “dpkg -i foo.deb” to install a package contained in a file foo.deb.
dselect
• dselect is a full-screen package selection system with an unintuitive but simple to learn and well documentented interface.
• I used it for many years, but I am told in makes bad suggestion and should be avoided.
• I no longer use it.
aptitude
• Aptitude (apparently) makes better choices than apt-get and dselect
• If invoqued on its own, it leads to an interface I don't understand.
• I used it now with actions in command line.
aptitude install
• “aptitude install foo” installs a package that is called foo.
• Example: “aptitude install apache2-common”.
• This will also install packages that the package to be installed depends on.
aptitude remove
• “aptitude remove foo” remove a package that is called foo.
• Example: “aptitude remove apache2-common”.
• This will also remove packages that depend on the removed package.
• The configuration of the package, in /etc, will be kept.
aptitude search
• “aptitude search foo” searchs for a package that contains the string foo in the name.
• Example: “aptitude search view”
aptitude update
• This will fetch a list of available packages from a package server.
• Use the file /etc/apt/sources.list to maintain information about where to get packages from.
• Use the # to make comments in the file.
sources of packages: Debian
• Debian has a number of mirrors that distribute all the Debian packages.
• Choose mirrors that are close to you to get fast access to the packages. Have at least two Debian mirrors as sources.
aptitude save-upgrade
• This will look at the packages you have installed and the latest packages version available
• When a new version of package foo, say depends a package bar that is not installed, package foo will be held in its current state.
aptitude full-upgrade
• This will look at the packages you have installed and the latest package versions available.
• When a new version of package foo, say depends a package bar that is not installed, package bar will be installed an package foo will be updated.
aptitude purge
• “aptitude purge foo” removes a package that is called foo.
• Example: “aptitude purge apache2-common”.
• This will also remove packages that depend on the removed package.
• The configuration of the package, in /etc, will be removed.
sources of packages: others
• Debian only distirbutes free software, mostly GPL.
• But anybody can produced .deb files even for non-free software.
• Such providers usually set up archives that you can also include in your /etc/apt/sources.list file.
http://openlib.org/home/krichel
Please shutdown the computers when
you are done.
Thank you for your attention!
/etc/apt/sources.list
• This is the key file that lists the sources you get the packages from.
• Edit this file to change the distribution, from “lenny” or “squeeze” or “sid”.
head
• foo
• bar