System Admin Overview

Where to Start &

Policy and Politics

Where to get help with UNIX

• Man pages– Very detailed (not always) descriptions of commands,

etc.

– Organized into sections• Section 1 user command

• Section 2 system calls and kernel stuff

• 3 library calls

• 4/5 standard file formats, 5/7 misc info

• 6 games, 7/4 device and network

• 8 system admin stuff

• man <title> formats a specific page and displays it.

• man <title> |lpr will print it to default printer• man –k <title> lists the keywords found for the

command• man <section> <title> will list only the pages in

that section for the command.

• MANPATH variable allows you specify man pages that are not in the default places.

• printenv MANPATH will display the areas that man will look for manpages– Linux /etc/man.config will tell where it looks by default

• On Linux, when the MANPATH variable is set, it will look in those places first, then default

• You can set environment variables in your .login or .cshrc files in your home directory.

Tasks of a System Admin

• add/remove users– create accounts for new users– remove accounts and files, for “inactive” users– disable access to accounts for “special” reasons

• add/remove hardware– configure new hardware

• perform backups– User data, in case of lost and system failure– system data, in case of system failure

Tasks of a System Admin (2)

• installing/uninstalling software– compiling, setup, and testing– publicizing

• Monitoring the system– Checking up on the operation– Making sure users “play nice” with each other

• trouble shooting– fixing problems with the system– and users

Tasks of a System Admin (3)

• maintaining local doc’s– extra software, maintenance records

• auditing security– implementing security policy– check for attacks, break ins, and abuse

• using audits, traps, etc.

Tasks of a System Admin (4)

• helping users– maintenance tasks– questions and answers– restoring lost files– “having talks with users”

• System administration is a tough job

Who is an SA?

• System Administrators (SA):– Computer Administrators

– Network Administrators

– Internet Administrators (webmaster)

– Telephone (PBX) Administrators

– Voice-Mail Administrators

– Database Administrators (DBA)

– Email System Administrators

– Mainframe Systems Programmers ("sysprogs")

Policy and Procedure

• administrative service policies– What you will work on and not work on

• Rights and responsibilities of users

• Policies regarding administrator (and users with special privileges)

• Guest account policy (if guest accounts exist)

Standards and Procedures

• chores are always done the same way– faster for administrator– less likelihood of errors– changes are self-documenting– measurable standard of correctness

• For things like adding a host, user, upgrading systems, installing new systems, updates, backing up and restoring files

Other Issues

• Who can have an account?

• What happens when they leave?

• security break-ins

• group accounts

• password selection criteria and expiration

• Removal of users for cause

• software piracy / misuse

Security Policies

• Who is allowed to use the resources?• What constitutes proper use?• Who is authorized to grant access and approve

privileges?• What are the users rights and responsibilities?• What are the administrators rights and

responsibilities?• What do you do with sensitive information?

User Policy agreements

• Sharing of accounts

• Running password crackers on local and remote systems

• Disrupting service

• Misuse of E-mail

• breaking into other accounts or snooping though accounts

• install software? (never, always, with permission, etc)

• using system resources (printers, disk space, modems, CPU, etc)

User Policy agreements (2)

• coping licensed software

• other illegal activities: fraud, libel, etc.

• University/company policies

Admin Policies

• The Do’s and Don’ts

• When can an admin look at users files, e-mail, etc

• What is the admin responsible for?

• Where is the root password in case of an emergency

Emergency polices and procedures

• System backups and disaster recovery– DUMB (Disasters Usually Motivate

Backups)

• Who to call and what if they are not there?

• Response time

• What is an emergency?– Does a printer jammed at midnight count?

Legal Issues

• Generally, Sys admins are not normally liable for the actions of users.– The FBI has seized whole computers to get info from

one users account, so you have to careful.

• Things to note:– Liability, copyright, and privacy.

• There are a number of legal cases lately against the ISPs, including universities.

• In Wyoming, you can get more jail time for computer crime than stealing cars.

Scope of Service

• If the set of services are not clearly defined, user will expect everything.– So you need the policies of service (usually included

with admin policy)– Do you make “house calls”?– Can a user bring in their own hardware?

• What about ancient or weird ahardware?

– What the response time for a “service call”?– Is the admin responsible for cleaning keyboards and

screens???

SANS salary survey

• For 2012: (Still relatively close)– Average salary $65K

• $70 for UNIX/Linux

• $60 for windows

• Women’s pay were lower

• Security admins were always paid more

• Network admins were almost always paid less.

SANS salary survey (2)

• A BS degree worth about– + $5K for Windows admin– + $8K for UNIX

• A Masters adds another $5 to $8K (respectively)

• A PHD earns less than a Masters– Why would that be?– I have a theory on that one.

2005 Network World salary survey

• Only covers “networking” jobs• Senior IT officers

– Average about $105K, plus $10K bonus

• Middle IT management– Averages about $76K, plus $5K bonus

• “Staff”– High: Network architect or designer or DBA $75K– Average: LAN/WAN or network admin: $62K– Low: Network Help desk: $48K

Interesting factoids

• Linux based web sites cost 5% to 15% less for insurance, then windows web sites. (August, 2001, ZDNet article)

• Linux runs on everything from computers to wristwatches.– People are attempting to get to work on IPods as well.

• System administrator Appreciation day, http://www.sysadminday.com– Friday, July 31th, 2004 (last Friday in July every year).

• Scope of administrator responsibilities (USENIX June 1994)– 47.5 hours per week average– average user to admin ratio is 82– 37% of admin time spent on helping users– 24% spent on system maintenance– almost all sites feel understaffed

• There were too many “whiny” users and made the job oppressive

Attitude adjustment

• System admins may suffer from SAPS (System Administrators Personality Syndrome), often forget they are service providers and users are their customers. Some feel they are their to play with users and that they are just a regrettable nuisance. Symptoms may include (not a complete list).– According to the book, usually starts in the third year (but I have seen it

early).– Acute phantom pagerphobia: A feeling that your pager has gone off when

it hasn’t and that your peaceful evening has just been ruined by a 72 hour work marathon without food.

– User Voodoographia: creation of voodoo-doll representation of users who don’t understand lack of planning doesn’t constitute an emergency in your world.

– Idiopathic and tapereadaphexia: the sudden, late-night urge to mount backups to see if they are readable and labeled correctly

– Scienticifica inapplica: the strong desire to violently shake fellow system admins who seem never to have encountered the scientific method (or any problem solving skills)

– Blood for the computer god: The belief (after several accidents) that you most shed a little blood for the computer gods to keep the computers running. (small fuzzy animal or the admin’s own).

– Lonely Computers: Computer are like children; will do bad things if you don’t check up on them every so often.

• Some places, admin’s are paid well and respected.– Usually admin are less likely to get SAP here.

• Others they rank as “electronic” janitors– This usually leads to SAPS (and burnout) very quickly.

• Some admin develop surly, passive-aggressive attitudes, not really helping.

• Some good qualities– Able to adapt to new tech quickly

– brash enough to try and innovative solutions, but careful enough to not be destructive

– good people skills

– able to handle multiple interrupts at a time, several context switches in a day

End of Admin?

• Microsoft is attempting to remove the need for admin’s, but it will never work.– Why?

• Security?– Blaster Worm, SoBig Spammer worm, just name a few

• Someone still have to fix when it breaks– Instead of “Well, just reinstall it.”

• Who would the users blame then?

• And Google’s Chrome Web browser• “Brower to kill the OS!”

Lastly

• Sometimes a problem doesn’t have a single fix.

• You can fix one part only to find out, it was covering several more problems

• Testing is boring and sometimes an admin doesn’t have time test everything.– May have to rely on users.

Looming IT staff shortage?

• After years of Bad PR, lay offs, and out sourcing– The number of new IT staff in US is shrinking.– Not just SysAdmin, but IT personal in general.– With predicted growth for Admin jobs about 30% in

the next 5 years, there would be a real problem.• Analyst, software engineers/programmers are predicted to

40% growth rate.

– NOTE: the predictions have been wrong in the past.

QA&