Upload
christal-hutchinson
View
219
Download
2
Tags:
Embed Size (px)
Citation preview
Unix Comp-145
LECTURE 9: INTRODUCTION TO SYSTEM ADMINISTRATION
SOURCE: S. DAS, “YOUR UNIX: THE ULTIMATE GUIDE”, 2ND EDITION, MCGRAW HILL, 2006
CHAPT 19
BROOKDALE COMMUNITY COLLEGE 111/19/2009 rwj
BROOKDALE COMMUNITY COLLEGE 2
SHELL PROGRAMMING
• BASIC SCOPE OF OPERATIONS FOR SYS ADMIN• BOOTING THE SYSTEM• BLOCK AND RAW DEVICES• CONCEPTS IN USING SCRIPTS TO DO SYS
ADMIN• SYS ADMIN KEY FILES• CONCEPTS AND COMMANDS TO MONITOR
SYS PERF
11/19/2009 rwj
BROOKDALE COMMUNITY COLLEGE 3
BASIC SCOPE OF OPERATIONS FOR SYS ADMIN
• SYSTEM ADMIN LOGIN ID, A.K.A SUPERUSER (SU)– root– DEFAULT PS1 PROMPT = #– HOME DIRECTORY IS /
• WHEN ROOT CHANGES ITS PASSWORD IT DOES NOT ASK FOR THE EXITING PASSWORD.
• ROOT’S VALUE FOR PATH– NEVER INCLUDES THE CURRENT DIRECTORY– ONLY INCLUDES /sbin OR /user/sbin OR both
• /sbin CONTAINS MOST ADMINISTRATIVE COMMANDS
11/19/2009 rwj
BASIC SCOPE OF OPERATIONS FOR SYS ADMIN (cont’d)
• SUPERUSER CAN SWITCH FROM NORMAL USER TO SUPERUSER (SU)$ su –Password: ********#
• INCLUDING HYPHEN AFTER su COMMAND ASSURES SAME ENVIRONMENT AS ROOT.
• OMITTING HYPHEN AFTER su ASSURES ENVIRONMENT OF USER ACCOUNT FROM WHICH su IS EXECUTED, E.G., HOME DIRECTORY
• TO EXIT su MODE, TYPE exit OR ctl-D BROOKDALE COMMUNITY COLLEGE 411/19/2009 rwj
BROOKDALE COMMUNITY COLLEGE 511/19/2009 rwj
BASIC SCOPE OF OPERATIONS FOR SYS ADMIN (cont’d)
• SU COMMAND USED BY NON-PRIVILEGED USERS MUST HAVE USER-ID AS ARGUMENT $ su – jmensingPassword: ********#
• IF SUCCESSFUL, RECREATES JMENSING’S ENVIRONMENT
BROOKDALE COMMUNITY COLLEGE 6
• CAN CHANGE THE CONTENTS OR ATTRIBUTES OF ANY FILE (E.G., ACCESS PERMISSIONS & OWNERSHIP)
• CAN DELETE ANY FILE EVEN IF IT IS WRITE PROTECTED BY THE OWNER.
• INITIATE OR KILL ANY PROCESS EXCEPT THOSE NECESSARY TO RUN THE UNIX ENVIRONMENT.
11/19/2009 rwj
SCOPE OF OPERATIONS FOR SYS ADMIN:ADMINISTRATOR PRIVILEGES
BROOKDALE COMMUNITY COLLEGE 711/19/2009 rwj
• CAN EXECUTE THE PASSWD COMMAND TO CHANGE ANY USER’S PASSWORD WITHOUT KNOWING THE EXISTING.
$ passwd henry
• USE DATE TO SET OR RESET SYSTEM CLOCK$ date <mmddhhmmss>
• USE wall COMMAND TO BROADCAST MESSAGES TO ALL USERS WHO ARE LOGGED IN– CAN DISPLAY CONTENT OF A FILE– APPEARS ON TERMINAL EVEN IF USERS CHOSE TO DENY
ALL MESSAGES
SCOPE OF OPERATIONS FOR SYS ADMIN:ADMINISTRATOR PRIVILEGES (cont’d)
BROOKDALE COMMUNITY COLLEGE 811/19/2009 rwj
• LIMIT MAX SIZE OF FILES THAT USERS ARE PERMITTED TO CREATE [ulimit]
• CONTROL USER ACCESS TO SCHEDULING SERVICES LIKE at AND cron
• CONTROL USER ACCESS TO MANY NETWORKING SERVICES LIKE $ ftp # file transfer services $ ssh # remote machine login service
$ ssh –f server1.brookdalecc.edu sleep 10
SCOPE OF OPERATIONS FOR SYS ADMIN:ADMINISTRATOR PRIVILEGES (cont’d)
BROOKDALE COMMUNITY COLLEGE 911/19/2009 rwj
• /etc/groupGroupName:Passwd:GID_Num:GrpMemberLst
— FILE HAS 1 PRIMARY GROUP— PLUS, 1 OR MORE SUPPLEMENTAL GROUPS— CONTAINS GID (BOTH NAME AND NUMBER)
root::0:root # root user’s supplementary groupstaff::1:bin::2:root,bin,daemonsys::3:root:bin,sys,admlp::8:root,lp,admstudent::100:users:*:30:
SCOPE OF OPERATIONS FOR SYS ADMIN:MANAGEMENT OF CONTROL FILES (CONT’D)
BROOKDALE COMMUNITY COLLEGE 1011/19/2009 rwj
• Adding a member to a group [groupadd]GroupName:Passwd:GID_Num:GrpMemberLst
— INSERTS AN ENTRY IN TO /ETC/GROUP FILE— USED TO ADD NEW USERS TO THE SYSTEM— EACH OPTION REPRESENTS A FIELD IN THE
passwd FILE• Deleting a member from a group [groupdel]• Modifying a member in a group [groupmod]
SCOPE OF OPERATIONS FOR SYS ADMIN:MANAGEMENT OF CONTROL FILES (CONT’D)
BROOKDALE COMMUNITY COLLEGE 1111/19/2009 rwj
• SYNTAX OF /etc/passwd FILEroot:*:0:0:Charlie &:/root:/bin/csh
o User login name o Encrypted password (or x if shadow passwords are in use) o Numerical user ID (UID)o Default Numerical group ID (GID)o User’s full name (also known as the GECOS field) o Home directory o Default shell
NOTE: GECOS means General Electric Comprehensive Operating System. Attributeintroduced by AT&T Bell Labs because some of its early Unix systems used GCOS machines for print spooling and various other services.
SCOPE OF OPERATIONS FOR SYS ADMIN:MANAGEMENT OF CONTROL FILES (CONT’D)
BROOKDALE COMMUNITY COLLEGE 1211/19/2009 rwj
• ADD A USER INTO /etc/passwd FILE$ useradd –u 210 –g dba -c :The RDBMS” –d /home/oracle –s /bin/ksh –m oracleo MUST PROVIDE ALL ATTRIBUTES FOR PASSWD FILE’S ENTRY. o USUALLY PUT IN A SHELL
SCOPE OF OPERATIONS FOR SYS ADMIN:MANAGEMENT OF CONTROL FILES (CONT’D)
BROOKDALE COMMUNITY COLLEGE 1311/19/2009 rwj
• DELETING AN ENTRY FROM passwd FILE [usrdel]– Deletes an entry, i.e., a user from the system– usrdel [-r] login
• MODIFYING AN ENTRY IN passwd FILE [usermod]– Modifies some parameters of entry– usrmod [-c comment] [-d home_dir [ -m]] [-e expire_date]
[-f inactive_time] [-g initial_group] [-G group[,...]] [-l login_name] [-p passwd] [-s shell] [-u uid [ -o]]
[-L|-U] login
SCOPE OF OPERATIONS FOR SYS ADMIN:MANAGEMENT OF CONTROL FILES (CONT’D)
BROOKDALE COMMUNITY COLLEGE 1411/19/2009 rwj
• Controlled by automated shell scripts• After hardware is powered on, system looks for
peripherals towards loading kernal into memory.• Kernal spawns init (PID=1) which
1. Maintains system at specific states and decides which process to run for each run level (state)
2. Parent of all system daemons that continuously runs is init . 3. Spawns a getty process for every terminal so that users can
log in.
• To reveal current run level value use who –r
SYSTEM BOOT PROCESS
BROOKDALE COMMUNITY COLLEGE 1511/19/2009 rwj
• ON BOOT, init RUN LEVEL MOVES TO 1 or s• ON SHUTDOWN, init RUN LEVEL MOVES TO 0 or
6• RUN LEVELS (STATES) – DISTINCT SET OF
PROCESSES, MOSTLY DAEMONS SCHEDULED TO RUN IN EACH STATE 0 SYSTEM SHUTDOWN 1 SYSTEM ADMIN MODE (LOCAL FILE SYSTEM MOUNTED)2 MULTI-USER MODE (NFS not available)3 FULL MULTIUSER MODE5 GRAPHICAL ENVIRONMENT MODE IN LINUX6 SHUTDOWN AND REBOOT MODES or S SINGLE USER MODE (FILE SYSTEM MOUNTED).
SYSTEM BOOT
BROOKDALE COMMUNITY COLLEGE 1611/19/2009 rwj
$ shutdown COMMAND • ON SHUTDOWN, EXECUTES wall TO ANNOUNCE
SYSTEM SHUTTING DOWN AND DIRECTIVE TO LOG OFF.
• SLEEPS FOR 1 MINUTE THEN: 1. SENDS SIGNALS TO ALL RUNNING PROCESSES SO THEY CAN
TERMINATE NORMALLY2. LOGS USER’S OFF AND KILLS REMAINING PROCESSES3. UNMOUNTS ALL SECONDARY FILE SYSTEMS (USES unmount
COMMAND)4. INVOKES SYNC TO WRITE ALL MEMORY RESIDENT DATA TO DISK 5. PRESERVES INTEGRITY OF FILE SYSTEM6. NOTIFIES USERS TO REBOOT OR SWITCH OFF, OR MOVES SYS TO
SINGLE USER MODE
SYSTEM SHUTDOWN
BROOKDALE COMMUNITY COLLEGE 1711/19/2009 rwj
• shutdown COMMAND (CONT’D)
shutdown [-krhp][-o [-n]] time [warning-message]
• COMMAND OPTIONS-r SHUTDOWN AND REBOOT AT SPECIFIED TIME-h SHUTDOWN AND HALT AT SPECIFIED TIME -p SYSTEM HALTED AND POWER TURNED OFF-k KICK EVERYONE OFFTime TIME AT WHICH SHUTDOWN OCCURS IN
RELATIVE (+number OF MINUTES) or ABSOLUTE time (yymmddhhmm)
Warning message -g<num> OVERRIDES DEFAULT SLEEP VALUE – EXPRESSED IN MINUTES
– not on sodapop
SYSTEM SHUTDOWN
BROOKDALE COMMUNITY COLLEGE 1811/19/2009 rwj
• INIT TAKES ALL INSTRUCTIONS FROM /etc/inittab• CONTROLS THE WAY THE SYSTEM IS BOOTED AND
POWERED DOWN.
HOW INIT CONTROLS THE SYTEM
BROOKDALE COMMUNITY COLLEGE 1911/19/2009 rwj
• SYNTAX: label:runLevels:action:command• TYPICAL FILE CONTENT
fs::sysinit:/sbin/rcS sysinit > /dev/msglog 2 <>/dev/msglog </dev/console
is:3:initdefault:s0:0:wait:/sbin/rc0 > /dev/msglog 2 <>/dev/msglog
</dev/consoles1:1:respawn:/sbin/rc1 > /dev/msglog 2 <>/dev/msglog
</dev/consoles2:2:wait:/sbin/rc2 > /dev/msglog 2 <>/dev/msglog
</dev/consoles3:3:wait:/sbin/rc3 > /dev/msglog 2 <>/dev/msglog
</dev/consoles6:6:wait:/sbin/rc6 > /dev/msglog 2 <>/dev/msglog
</dev/console
HOW INIT CONTROLS THE SYSTEM (CONT’D)
BROOKDALE COMMUNITY COLLEGE 2011/19/2009 rwj
• HOW TO READ S2 ENTRY:o FOR RUN LEVELS 2 & 3, SCRIPT TO RUN /SBIN/RC2o WAIT TO COMPLETE BEFORE MOVING TO OTHER LINES IN THIS
FILEo LOG ALL MESSAGES IN msglog
• OTHER TERMS:o RESPAWN CAUSES PROCESS TO RESTART ON TERMINATION.o WAIT CAUSES INIT TO WAIT BEFORE CONTINUINGo SYSINIT USED FOR INITIALIZING SYSTEM, MAY CHECK FOR
DIRTINESS OF BOTH FILE SYSTEMS & ACTIVE SWAP PARTITIONS, AND SETS HOSTNAME.
o INITDEFAULT – SETS DEFAULT SYSTEM RUN LEVEL, E.G., 3 (FULL MULTIUSER MODE)
HOW INIT CONTROLS THE SYTEM
BROOKDALE COMMUNITY COLLEGE 2111/19/2009 rwj
CHAPTER 19 (PART 2)
TO BE CONTINUED