Unix Comp-145 L ECTURE 9: I NTRODUCTION TO S YSTEM A DMINISTRATION S OURCE : S. D AS, “Y OUR U NIX : T HE ULTIMATE G UIDE ”, 2 ND E DITION, M C G RAW H

Unix Comp-145

LECTURE 9: INTRODUCTION TO SYSTEM ADMINISTRATION

SOURCE: S. DAS, “YOUR UNIX: THE ULTIMATE GUIDE”, 2ND EDITION, MCGRAW HILL, 2006

CHAPT 19

BROOKDALE COMMUNITY COLLEGE 111/19/2009 rwj

BROOKDALE COMMUNITY COLLEGE 2

SHELL PROGRAMMING

• BASIC SCOPE OF OPERATIONS FOR SYS ADMIN• BOOTING THE SYSTEM• BLOCK AND RAW DEVICES• CONCEPTS IN USING SCRIPTS TO DO SYS

ADMIN• SYS ADMIN KEY FILES• CONCEPTS AND COMMANDS TO MONITOR

SYS PERF

11/19/2009 rwj


BASIC SCOPE OF OPERATIONS FOR SYS ADMIN

• SYSTEM ADMIN LOGIN ID, A.K.A SUPERUSER (SU)– root– DEFAULT PS1 PROMPT = #– HOME DIRECTORY IS /

• WHEN ROOT CHANGES ITS PASSWORD IT DOES NOT ASK FOR THE EXITING PASSWORD.

• ROOT’S VALUE FOR PATH– NEVER INCLUDES THE CURRENT DIRECTORY– ONLY INCLUDES /sbin OR /user/sbin OR both

• /sbin CONTAINS MOST ADMINISTRATIVE COMMANDS

11/19/2009 rwj

BASIC SCOPE OF OPERATIONS FOR SYS ADMIN (cont’d)

• SUPERUSER CAN SWITCH FROM NORMAL USER TO SUPERUSER (SU)$ su –Password: ********#

• INCLUDING HYPHEN AFTER su COMMAND ASSURES SAME ENVIRONMENT AS ROOT.

• OMITTING HYPHEN AFTER su ASSURES ENVIRONMENT OF USER ACCOUNT FROM WHICH su IS EXECUTED, E.G., HOME DIRECTORY

• TO EXIT su MODE, TYPE exit OR ctl-D BROOKDALE COMMUNITY COLLEGE 411/19/2009 rwj


BASIC SCOPE OF OPERATIONS FOR SYS ADMIN (cont’d)

• SU COMMAND USED BY NON-PRIVILEGED USERS MUST HAVE USER-ID AS ARGUMENT $ su – jmensingPassword: ********#

• IF SUCCESSFUL, RECREATES JMENSING’S ENVIRONMENT


• CAN CHANGE THE CONTENTS OR ATTRIBUTES OF ANY FILE (E.G., ACCESS PERMISSIONS & OWNERSHIP)

• CAN DELETE ANY FILE EVEN IF IT IS WRITE PROTECTED BY THE OWNER.

• INITIATE OR KILL ANY PROCESS EXCEPT THOSE NECESSARY TO RUN THE UNIX ENVIRONMENT.

11/19/2009 rwj

SCOPE OF OPERATIONS FOR SYS ADMIN:ADMINISTRATOR PRIVILEGES


• CAN EXECUTE THE PASSWD COMMAND TO CHANGE ANY USER’S PASSWORD WITHOUT KNOWING THE EXISTING.

$ passwd henry

• USE DATE TO SET OR RESET SYSTEM CLOCK$ date <mmddhhmmss>

• USE wall COMMAND TO BROADCAST MESSAGES TO ALL USERS WHO ARE LOGGED IN– CAN DISPLAY CONTENT OF A FILE– APPEARS ON TERMINAL EVEN IF USERS CHOSE TO DENY

ALL MESSAGES

SCOPE OF OPERATIONS FOR SYS ADMIN:ADMINISTRATOR PRIVILEGES (cont’d)


• LIMIT MAX SIZE OF FILES THAT USERS ARE PERMITTED TO CREATE [ulimit]

• CONTROL USER ACCESS TO SCHEDULING SERVICES LIKE at AND cron

• CONTROL USER ACCESS TO MANY NETWORKING SERVICES LIKE $ ftp # file transfer services $ ssh # remote machine login service

$ ssh –f server1.brookdalecc.edu sleep 10

SCOPE OF OPERATIONS FOR SYS ADMIN:ADMINISTRATOR PRIVILEGES (cont’d)


• /etc/groupGroupName:Passwd:GID_Num:GrpMemberLst

— FILE HAS 1 PRIMARY GROUP— PLUS, 1 OR MORE SUPPLEMENTAL GROUPS— CONTAINS GID (BOTH NAME AND NUMBER)

root::0:root # root user’s supplementary groupstaff::1:bin::2:root,bin,daemonsys::3:root:bin,sys,admlp::8:root,lp,admstudent::100:users:*:30:

SCOPE OF OPERATIONS FOR SYS ADMIN:MANAGEMENT OF CONTROL FILES (CONT’D)


• Adding a member to a group [groupadd]GroupName:Passwd:GID_Num:GrpMemberLst

— INSERTS AN ENTRY IN TO /ETC/GROUP FILE— USED TO ADD NEW USERS TO THE SYSTEM— EACH OPTION REPRESENTS A FIELD IN THE

passwd FILE• Deleting a member from a group [groupdel]• Modifying a member in a group [groupmod]



• SYNTAX OF /etc/passwd FILEroot:*:0:0:Charlie &:/root:/bin/csh

o User login name o Encrypted password (or x if shadow passwords are in use) o Numerical user ID (UID)o Default Numerical group ID (GID)o User’s full name (also known as the GECOS field) o Home directory o Default shell

NOTE: GECOS means General Electric Comprehensive Operating System. Attributeintroduced by AT&T Bell Labs because some of its early Unix systems used GCOS machines for print spooling and various other services.



• ADD A USER INTO /etc/passwd FILE$ useradd –u 210 –g dba -c :The RDBMS” –d /home/oracle –s /bin/ksh –m oracleo MUST PROVIDE ALL ATTRIBUTES FOR PASSWD FILE’S ENTRY. o USUALLY PUT IN A SHELL



• DELETING AN ENTRY FROM passwd FILE [usrdel]– Deletes an entry, i.e., a user from the system– usrdel [-r] login

• MODIFYING AN ENTRY IN passwd FILE [usermod]– Modifies some parameters of entry– usrmod [-c comment] [-d home_dir [ -m]] [-e expire_date]

[-f inactive_time] [-g initial_group] [-G group[,...]] [-l login_name] [-p passwd] [-s shell] [-u uid [ -o]]

[-L|-U] login



• Controlled by automated shell scripts• After hardware is powered on, system looks for

peripherals towards loading kernal into memory.• Kernal spawns init (PID=1) which

1. Maintains system at specific states and decides which process to run for each run level (state)

2. Parent of all system daemons that continuously runs is init . 3. Spawns a getty process for every terminal so that users can

log in.

• To reveal current run level value use who –r

SYSTEM BOOT PROCESS


• ON BOOT, init RUN LEVEL MOVES TO 1 or s• ON SHUTDOWN, init RUN LEVEL MOVES TO 0 or

6• RUN LEVELS (STATES) – DISTINCT SET OF

PROCESSES, MOSTLY DAEMONS SCHEDULED TO RUN IN EACH STATE 0 SYSTEM SHUTDOWN 1 SYSTEM ADMIN MODE (LOCAL FILE SYSTEM MOUNTED)2 MULTI-USER MODE (NFS not available)3 FULL MULTIUSER MODE5 GRAPHICAL ENVIRONMENT MODE IN LINUX6 SHUTDOWN AND REBOOT MODES or S SINGLE USER MODE (FILE SYSTEM MOUNTED).

SYSTEM BOOT


$ shutdown COMMAND • ON SHUTDOWN, EXECUTES wall TO ANNOUNCE

SYSTEM SHUTTING DOWN AND DIRECTIVE TO LOG OFF.

• SLEEPS FOR 1 MINUTE THEN: 1. SENDS SIGNALS TO ALL RUNNING PROCESSES SO THEY CAN

TERMINATE NORMALLY2. LOGS USER’S OFF AND KILLS REMAINING PROCESSES3. UNMOUNTS ALL SECONDARY FILE SYSTEMS (USES unmount

COMMAND)4. INVOKES SYNC TO WRITE ALL MEMORY RESIDENT DATA TO DISK 5. PRESERVES INTEGRITY OF FILE SYSTEM6. NOTIFIES USERS TO REBOOT OR SWITCH OFF, OR MOVES SYS TO

SINGLE USER MODE

SYSTEM SHUTDOWN


• shutdown COMMAND (CONT’D)

shutdown [-krhp][-o [-n]] time [warning-message]

• COMMAND OPTIONS-r SHUTDOWN AND REBOOT AT SPECIFIED TIME-h SHUTDOWN AND HALT AT SPECIFIED TIME -p SYSTEM HALTED AND POWER TURNED OFF-k KICK EVERYONE OFFTime TIME AT WHICH SHUTDOWN OCCURS IN

RELATIVE (+number OF MINUTES) or ABSOLUTE time (yymmddhhmm)

Warning message -g<num> OVERRIDES DEFAULT SLEEP VALUE – EXPRESSED IN MINUTES

– not on sodapop

SYSTEM SHUTDOWN


• INIT TAKES ALL INSTRUCTIONS FROM /etc/inittab• CONTROLS THE WAY THE SYSTEM IS BOOTED AND

POWERED DOWN.

HOW INIT CONTROLS THE SYTEM


• SYNTAX: label:runLevels:action:command• TYPICAL FILE CONTENT

fs::sysinit:/sbin/rcS sysinit > /dev/msglog 2 <>/dev/msglog </dev/console

is:3:initdefault:s0:0:wait:/sbin/rc0 > /dev/msglog 2 <>/dev/msglog

</dev/consoles1:1:respawn:/sbin/rc1 > /dev/msglog 2 <>/dev/msglog

</dev/consoles2:2:wait:/sbin/rc2 > /dev/msglog 2 <>/dev/msglog



</dev/console

HOW INIT CONTROLS THE SYSTEM (CONT’D)


• HOW TO READ S2 ENTRY:o FOR RUN LEVELS 2 & 3, SCRIPT TO RUN /SBIN/RC2o WAIT TO COMPLETE BEFORE MOVING TO OTHER LINES IN THIS

FILEo LOG ALL MESSAGES IN msglog

• OTHER TERMS:o RESPAWN CAUSES PROCESS TO RESTART ON TERMINATION.o WAIT CAUSES INIT TO WAIT BEFORE CONTINUINGo SYSINIT USED FOR INITIALIZING SYSTEM, MAY CHECK FOR

DIRTINESS OF BOTH FILE SYSTEMS & ACTIVE SWAP PARTITIONS, AND SETS HOSTNAME.

o INITDEFAULT – SETS DEFAULT SYSTEM RUN LEVEL, E.G., 3 (FULL MULTIUSER MODE)

HOW INIT CONTROLS THE SYTEM


CHAPTER 19 (PART 2)

TO BE CONTINUED

Documents

Unix Comp-145 L ECTURE 9: I NTRODUCTION TO S YSTEM A DMINISTRATION S OURCE : S. D AS, “Y OUR U NIX : T HE ULTIMATE G UIDE ”, 2 ND E DITION, M C G RAW H