LIS508

basic system administration

Thomas Krichel

2010-01-09

background

• now we have a functional system, what are we doing with it?

• What is the basic architecture?

• How to keep the box up to date?

• Basic troubleshooting.

troubleshooting

• 95% of all times, you can put an error message into your Google search box and get some meaningful advice

• If you don't than you have a rare problem. Rare problem are usually your own fault rather than a systemic issue with the software.

learning Debian

• Debian is impossible to learn.

• With 20,000 packages, you don't know what is in them to satisfy your needs.

• The best way to find out is go to a meeting with Debian-knowledgable folks and talk to them.

basic order

• logs

• time

• processes

• networks

• users

• disks

• system upgrade

/etc

• This contains the configurations

• If a packages is called foo, changes are that the configuration is in /etc/foo.conf or in /etc/foo/ somewhere.

• Every package is configured in a different way.

/usr/share/doc

• This very large directory contains documentation that comes with packages

• Much of this documentation is in compressed files.

• Compressed files are understood by the extention .gz

• “zcat foo.gz” shows the file foo.gz

• “zcat foo.gz | less ” shows the file is less

/var/log

• This directory contains logs.

• When a package does not work as expected, looking at the logs is a good idea, usually.

• Some daemon programs log to /var/daemon.log

log permissions

• The current logs are usually readable by a person in the adm group.

• It is therefore a good idea to add the person that usually runs the machine to the adm group.

• This can be done by editing /etc/group

log rotation

• Files in logs are rotated by the logrotate package.

• This package compresses old logs and puts them into separate files.

• Log rotation is fired up by a entry in the system crontab.

time keeping

• Normally, ntp package will keep correct time on the machine.

• Keeping accurate time is very important in digital library application.

• You need the ntpd daemon package installed, the client on its own will not do it, I think.

dating

• To set up a machine for a local time zone, use “dpkg-reconfigure tzdata”.

• You will be guided through a menu that

• Adjustment for daylight savings time happens automatically.

processess

• ps is the basic utility for looking at processes.

• I most often use it as “ps axf | less”. Note that axf are command flags but strangely enough, there is no minus sign used.

process managment

• htop is a good program to watch system usage.

• if you don't have it, get it with “aptitude install htop”

killing

• “kill -signal process” sends the signal signal to the process indentifed by the

• The most important signal is 9, meaning to kill the process for as sure as you can.

• If it still living, you can only get rid of it by a reboot.

killalll

• killall is a utilty to kill a bunch of processes.

• “killall foo” kills all processes that have to string foo in their names.

shutdown

• This is a ulity to shutdown the system.

• “shutdown -h now” brings the system to a halt. Don't use this on your rented machine.

• “shutdown -r now” reboots the system.

• “reboot” is an alias for “shutdown -r now”

uptime

• This says how long the system has been up for.

• It is useful to find out if a reboot has occurred since a certain time.

• Sometime reboots occur because of eletricity failures.

starting and stopping daemons

• To start a daemon daemon, use “/etc/init.d/daemon start”

• To stop a daemon daemon, use “/etc/init.d/daemon stop”

• To restart a daemon daemon, use “/etc/init.d/daemon restart”

/etc/init.d/networking

• This controls the network. It is dealt with in the same way as a daemon would.

• The configuration of the network lives in /etc/networking.

• The most important file is called interfaces. It contains the interface configuration.

• On my laptop, I have many interface configuration files

route

• route is the command to show the kernel routing table.

• It may help you it find out what is going on with the IP configuration.

ifconfig

• This is the command to find out the state of your interfaces.

• This is an essential utility for the network with wired access.

• For wireless, there is iwconfig

traceroute

• This is a utilty to see how packet are traveling between hosts.

• Usually between your machine and another as in “traceroute foo” to see the route to host foo.

• This is useful to understand at what level your are experiencing a problem with the network connection.

/etc/hosts

• This contains the basic host configuration.

• You can use this to make local host configuration that bypass the DNS.

• The exact detail of this file is a mystery to me. It should have lines

– 127.0.0.1 localhost– 127.0.0.1 foo.domain foo

/etc/resolv.conf

• This contains the DNS configuration.

• “nameserver ip” says that the machine with IP address ip will be a nameserver.It is good to have several of these lines.

• “search domain” will instruct the DNS client to search for “foo.domain” when there is a request to resolve host “foo”. This saves typing time.

adding and removing users

• adduser is a utity to add physical users to the system. Its password strength checking

• /etc/skel contains skeleton home directories

• userdel removes a user. It needs the -f flag to remove the home directory as well.

su & sudo

• su is a utility to become a certain user. If you give no user name, root is assumed.

• sudo is a command to run something as root. It appears to be popular, but I don't use it.

user information

• Information about all users is in /etc/password.

• That file also used to contains passwords.

• The passwords are now in /etc/shadow. The passwords are stored in an encrypted form that can not be decrypted (unless you use trial and error)

passwd

• passwd is a utility to set passwords.

• root can set any password directly.

• Other users have to enter the old password first.

• There is no facility to look up passwords.

last

• This gives the list of users and when they last logged in.

• If you have a machine with a lot of users, it is worth watching this.

dmesg

• This shows the last messages from the kernel.

• This is useful when a new hardware device is plugged in, to find out if the kernel knows about it.

• udev, a device manager, will usuall inform the kernel that a new device is there.

disks

• All spinning disks will break after a while.

• Usually the kernel notices this and unmounts the mount point of the disk.

• Sometimes you also see a message “input/output error”.

• If such an error appears on the root disk, you have a serious problem.

df

• This utility shows you how full your disks are.

• Unfortunately any disk will fill up after some time. You have to keep watching.

• Note that inode fill-up can also make a disk unusable, see “df -i”.

virtual volumes

• There is a way to combine several disks into a virtual disk.

• This is called logical volume management.

• I only use this to build large disk for backup. I never use it for primary data.

fdisk

• This is a partition table manipulation utility.

• I only used it as “fdisk -l” to list all the devices that the kernel knows about.

cfdisk

• This is full-screen (curses) utilty to manipulate a partition table. It is self-explanatory. It is invoqued with “cfdisk device” where device is a device name such as /dev/sda.

• Remember, changing the partition table on a disk is like erasing all data that is on it.

mount

• Mounting a disk means making it available at a certain point in the file system.

• For example, if you have directory /foo and a disk /dev/sdf, with a partition /dev/sdf1, you say “mount /dev/sdf1 /foo”.

• mount has a -t flag to inform the mount about the type of file system used. Most times this can be read from the partition table of the device.

umount

• umount is a command to a mount point, i.e. a point in the file system where something is mounted.

• Thus you say “umount /foo”.

• You don't say “umont /dev/sdf1”

/etc/fstab

• This file contains information about mount points as they are supposed to be mounted at boot time.

• “mount -a” will attempt to mount all mount points in that file.

• I would not touch this on a rented machine.

checking

• e2fsck is a utility to check ext2 and ext3 type file systems.

• These are the most widely used systems.

• You can also add a physical check of every block on the device, but that takes a lot of time.

• e2fsck will try to repair the system.

broken disks

• Disks usually don't break complete.

• e2fsk -y will fix errors without you having to confirm all actions. This is useful when you have a lot of errors.

• Even if there are few errors a disk has errors, more errors will appear.

• You need to replace the disk.

broken disk with root file system

• If the disk with the root file system is broken, a reboot will usually activate e2fsck.

• But if you have only ssh access to the machine, there is nothing you can do because ssh starts after the root disk is mounted.

• Some providers allow you something like a virtual console.

backups

• Already the Beatles knew about the importance of backups.

• What to back up is more an art than a science.

• I back up /var, /home, /root, and /etc.

• I back them up on a remote machine using rsync.

rsync

• rsync uses ssh to incementally copy file on one system to the other. Say “rsync -qa /etc/ root@remote:/backup/server/etc”.

• Here the -a means archival. -q is quite, if you want verbosity say -v.

• --delete deletes files on the remote machine that are not on the local.

• Note the slash at the end of the source directory, it has to be there.

rsync in the digital library

• rsync is extremely important in my work because I rely on various machines to process digital library data

• I use rsync to transport the result of the output of one system as the input of the other system.

• It is fast and efficient, but can strain a network.

package management

• dpkg is the utility that deals with one package

• To maintain packages as a whole, there are three systems. “dselect”, “apt-get” and “aptitude”.

dpkg

• man dpkg will tell you more about it.

• The only time I use it is to say “dpkg -i foo.deb” to install a package contained in a file foo.deb.

dselect

• dselect is a full-screen package selection system with an unintuitive but simple to learn and well documentented interface.

• I used it for many years, but I am told in makes bad suggestion and should be avoided.

• I no longer use it.

aptitude

• Aptitude (apparently) makes better choices than apt-get and dselect

• If invoqued on its own, it leads to an interface I don't understand.

• I used it now with actions in command line.

aptitude install

• “aptitude install foo” installs a package that is called foo.

• Example: “aptitude install apache2-common”.

• This will also install packages that the package to be installed depends on.

aptitude remove

• “aptitude remove foo” remove a package that is called foo.

• Example: “aptitude remove apache2-common”.

• This will also remove packages that depend on the removed package.

• The configuration of the package, in /etc, will be kept.

aptitude search

• “aptitude search foo” searchs for a package that contains the string foo in the name.

• Example: “aptitude search view”

aptitude update

• This will fetch a list of available packages from a package server.

• Use the file /etc/apt/sources.list to maintain information about where to get packages from.

• Use the # to make comments in the file.

sources of packages: Debian

• Debian has a number of mirrors that distribute all the Debian packages.

• Choose mirrors that are close to you to get fast access to the packages. Have at two Debian mirrors as sources.

aptitude save-upgrade

• This will look at the packages you have installed and the latest packages version available

• When a new version of package foo, say depends a package bar that is not installed, package foo will be held in its current state.

aptitude full-upgrade

• This will look at the packages you have installed and the latest package versions available.

• When a new version of package foo, say depends a package bar that is not installed, package bar will be installed an package foo will be updated.

aptitude purge

• “aptitude purge foo” removes a package that is called foo.

• Example: “aptitude purge apache2-common”.

• This will also remove packages that depend on the removed package.

• The configuration of the package, in /etc, will be removed.

sources of packages: others

• Debian only distirbutes free software, mostly GPL.

• But anybody can produced .deb files even for non-free software.

• Such providers usually set up archives that you can also include in your /etc/apt/sources.list file.

http://openlib.org/home/krichel

Please shutdown the computers when

you are done.

Thank you for your attention!

head

• foo

• bar