Linux System Administration and Configuration

Page 1 of 29

Monitoring the system:
Basic command line: pstree top iostat ps -auxw uname -a cat /proc/version cat /etc/redhatrelease uptime w /sbin/lsmod /sbin/runlevel hostname service Processes and parent-child relationships Show top processes Report CPU statistics and input/output statistics for devices and partitions. process status print system information Display Linux kernel version in use. Display Red Hat Linux Release. (also /etc/issue) Tell how long the system has been running. Also number of users and system's load average. Show who is logged on and what they are doing. List all currently loaded kernel modules. Same as cat /proc/modules Displays the system's current runlevel. Displays/changes the system's node name. (Must also manually change hostname setting in /etc/sysconfig/network. Command will change entry in /etc/hosts) Red Hat/Fedora command to display status of system services. Example: service --status-all Help: service --help

GUI/Graphical: gnome-system-monitor Operating system monitor and usage graphing. gkrellm Graphical system monitor. (Additional RPM package: gkrellm) ps3 3D load meter. Very cool 3-D graphics. xosview Operating system monitor: load, memory, swap, net, disk, ... List of tools: tools for finding the status of your system

Process Management:
The basic monitoring commands such as pstree and ps -auxw and top will inform you of the processes running on your system. Sometimes a process must be terminated. To terminate a process: 1. Identify the process:
pstree -p

OR
ps -auxw

OR
top

2. Kill the process:
kill <process-id-number> killall <command-name>

This will perform an orderly shutdown of the process. If it hangs give a stronger signal with: kill -9 <process-id-number>. This method is not as sanitary and thus less preferred. A signal may be given to the process. The program must be programmed to handle the given signal. See /usr/include/bits/signum.h for a full list. For example, to restart a process after updating it's configuration file, issue the command kill -HUP <process-id-number> In the previous example, the HUP signal was sent to the process. The software was written to trap for the signal so that it could respond to it. If the software (command) is not written to respond to a particular signal, then the sending of the signal to the process is futile. Identify all known signals: fuser -l Process Management GUI Tools: xosview: Oldie but goodie. gnome-system-monitor ksysguard (comes with SuSE) QPS (See below) QPS: Also see the GUI tool QPS. (Handles MOSIX cluster) This tool is outstanding for monitoring, adjusting nice values (priorities), issue signals to the process, view files the process is using, the memory, environmnet variables and sockets the process is using. RPM available from this site. It is so simple to use, no instructions are necessary. It can monitor a program to make sure it isn't doing something bad. It is also reverse engineer what applications are doing and the environments under which they run. I love this tool!! QPS home page: Downloads

http://www.yolinux.com/TUTORIALS/LinuxTutorialSysAdmin.html

03/14/08

Linux System Administration and Configuration

Page 2 of 29

QPS: 1.9.8-1.9.14 Download RPMs for Fedora 4, 5, SuSE, Mandriva (SuSE version 9.3 ships with a brokern QPS. Download a working version at link above.) Note: The RPM provided was compiled for RedHat 7.x. For RedHat 8.0+ one must install the appropriate QT library RPMs to satisfy dependencies:
rpm -ivh qt2-2.3.1-8.i386.rpm qt2-Xt-2.3.1-8.i386.rpm qt2-devel-2.3.1-8.i386.rpm qt2-static-2.3.1-8.i386.rpm

Then install qps: rpm -ivh qps-1.9.7-5.i386.rpm Note Fedora Core 3: rpm -ivh qt2-2.3.1-8.i386.rpm qps-1.9.7-5.i386.rpm These older RH 8.0 and 7 binary release rpms even work on my AMD64 Fedora Core 3 x86_64 OS system. Configuring QPS to run applications against a process: Select "Command" + "Edit Commands..." + "Add..." Description: GDB Command Line: xterm -T "GDB %C" -e gdb -d /directory-where-source-code-is-located --pid=%p Description: gdb Command Line: xterm -T "gdb %c (%p)" -e gdb /proc/%p/exe %p & (As issued in RPM) gdb man page Description: strace Command Line: xterm -T "strace %c (%p)" -e sh -c 'strace -f -p%p; sleep 10000'& (show process system calls and signals. Try it with the process qps itself.) Show output written by process:
xterm -T "strace %c (%p)" -e sh -c 'strace -f -q -e trace=write -p%p; sleep 10000'&

strace man page Description: truss (Solaris command) Command Line: xterm -T "truss %C (%p) -e sh -c 'truss -f -p %p; sleep 1000'& IPCs: Semaphores, Shared Memory and Queues Note that some processes may use Linux InterProcess Communication or IPC (semaphores, shared memory or queues) which may need to be cleaned up manually: 1. Identify the semaphores: ipcs ipcs -q List share queues. ipcs -m Shared memory. ipcs -s List Semaphores. 2. Remove the semaphores: ipcrm -s <ipcs id> Example: If you are running Apache, you may see the following:
[root@node DIR]# ipcs -m ------ Shared Memory Segments -------key shmid owner perms 0x00000000 341504 nobody 600

bytes 46084

nattch 27

status dest

lsof - Processes attached to open files or open network ports: The command lsof shows a list of processes attached to open files or network ports. List processes attached to a given file: lsof filename:
[root@node DIR]# lsof /var/log/mailman/qrunner python 18538 mailman 4u REG 3,5 657 486746 python 18578 mailman 6u REG 3,5 657 486746 python 18579 mailman 6u REG 3,5 657 486746 python 18580 mailman 6u REG 3,5 657 486746 python 18581 mailman 6u REG 3,5 657 486746 python 18582 mailman 6u REG 3,5 657 486746 python 18583 mailman 6u REG 3,5 657 486746 python 18584 mailman 6u REG 3,5 657 486746 /var/log/mailman/qrunner /var/log/mailman/qrunner /var/log/mailman/qrunner /var/log/mailman/qrunner /var/log/mailman/qrunner /var/log/mailman/qrunner /var/log/mailman/qrunner /var/log/mailman/qrunner

The process attached to an open file can be killed using the command fuser -ki filename List all open files on system: lsof (Long list) List all files opened by user: lsof -u user-id The commands netstat -punta and socklist will list open network connections. Use the command lsof -i TCP:port-number to see the processes attached to the port. Example:
[root@node DIR]# lsof -i TCP:389 COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME slapd 5927 ldap 6u IPv4 7560023 TCP *:ldap (LISTEN) slapd 5928 ldap 6u IPv4 7560023 TCP *:ldap (LISTEN) slapd 21185 ldap 6u IPv4 7560023 TCP *:ldap (LISTEN) slapd 21186 ldap 6u IPv4 7560023 TCP *:ldap (LISTEN) slapd 21193 ldap 6u IPv4 7560023 TCP *:ldap (LISTEN)

This shows that the command slapd running under user id ldap is running five process connected to port 389. Restricting user resources:

http://www.yolinux.com/TUTORIALS/LinuxTutorialSysAdmin.html

03/14/08

(RH 7. Usage: pmap pid Show top processes Show statistics on page swapping.. Limits can be set for the number of open files and processes. then "w" to write. memory and virtual memory etc. cat /proc/sys/vm/freepages Display virtual memory "free pages".. (Also: cat /proc/meminfo) Display/examine memory map and libraries (so).yolinux. Note you must fully qualify the command as "/usr/bin/time" to avoid using the bash shell command "time".Create file system. Adding an extra hard drive: (See commands and dialog of adding a second IDE hard drive) 1..ro 0 3) Also see: mkefs man page http://www. mount -t ext3 /dev/<drive's device name> /<home2 or some suitable directory> . See limits assigned in /etc/security (discussed below) Modify process scheduling priority: Range goes from -20 (highest priority) to 19 (lowest).0 use ext3) 3. mkfs -t ext3 /dev/<drive> . cat /proc/ide/hda/any-file Displays disk information held by kernel. Examination of memory usage: Show system page size: /usr/bin/time -v date . Page size (bytes): 4096 Exit status: 0 Show paging: /usr/bin/time -v firefox . cat /proc/swaps Displays swap partition(s) size. RH 7.. fdisk /dev/<drive> .Linux System Administration and Configuration Page 3 of 29 ulimit: (bash shell command) Shell and process resources may be controlled and reported using the ulimit command. cat /proc/filesystems Display filesystems currently in use.) Also see: sfdisk .Allocate drive space and register info on the partition table. page faults.2-8.0-i386-Disk1. cat /proc/mounts Display mounted filesystems currently in use. filesystem. Show system page size. their mount point.Mount the drive Mount a raw ISO file: mount -t iso9660 -o loop /home/user1/RedHat-9.) nice -n 19 program-to-launch Default for "nice -n" is 10 Show default for any process: nice executable Shows nice value to be used if run.. (Option "n"/"p"..iso /mnt/iso-1 (Fstab entry: /home/user1/RedHat-9. etc of a process during execution. The MPF occurs most when an application is started.html 03/14/08 . a request to the disk subsystem to retrieve pages from virtual memory and buffer them in RAM.cfdisk 2.0-i386-Disk1. showmount Displays mount info for NFS filesystems. One may increase/decrease this limit: echo 300 400 500 > /proc/sys/vm/freepages cat /proc/meminfo Show memory size and usage. Display the limits of a shell using the bash command "ulimit -a". (and everything under it) (-s option summarizes) Displays all mounted devices. type and quantity used. Lower scheduling priority (runs slower and less likely to slow you down. (-k reports in Kbytes) Calculates file space usage for a given directory. Major (requiring I/O) page faults: 24 Minor (reclaiming a frame) page faults: 11271 Voluntary context switches: 302 Involuntary context switches: 3689 . Used with command line arguments to mount file mount system.iso /mnt/iso-1 iso9660 loop. Minor Page Fault (MnPF): Reusing a page in memory as opposed to placing it back on disk.1 and earlier use ext2.com/TUTORIALS/LinuxTutorialSysAdmin. Memory Usage: Linux Commands to Monitor Memory Usage: vmstat free pmap top sar -B time -v date Monitor virtual memory Display amount of free and used memory in the system. Filesystems and Storage Devices: Hard Drive Info: df -k du -sh report filesystem disk space usage. and access. Explanation of terms: Major Page Fault (MPF): When a request for memory is made but it does not exist in physical memory.

Manipulate/configure the partition table.mode=620 0 0 defaults 0 0 Add SCSI drive by adding line: /dev/sdc1 /home2 ext2 defaults 1 2 At this point one may optionally check the file system created with the command: fsck /dev/sdc1 Note that fsck is NOT run against a mounted file system.4/Documentation/devices. See Linux devices: Kernel 2. sfdisk ..4: file:/usr/src/linux-2. add it to your /etc/fstab file which holds all the file system information for your system. Other distributions may require the following set-up: ln -sf /dev/hdc /dev/scd0 OR ln -sf /dev/hdc /dev/cdrom Reference SCSI device directly. See man page for fstab.1+) file:/usr/src/linux-2. Peter Anvin To make the drive a permanent member of your system and have it mount upon system boot. A more typical system cd /mnt mkdir cdrom mount -t iso9660 -o ro /dev/cdrom /mnt/cdrom Don't forget to un-mount the CD with umount /mnt/cdrom [Potential Pitfall]: There is NO "N" in umount!!! For trouble shooting your CD see your kernel documentation: Kernel 2.4/Documentation/ide. hdb for the second etc.Manipulate/configure the partition table.txt (local file) .txt (local file) Kernel 2. etc. (very nice) fdisk .(local file) Kernel 2. Mounting a floppy: Mount MS-DOS floppy: mount /dev/fd1 -t vfat /mnt/floppy http://www.. IDE uses separate ribbon cables for primary and secondary drives.html 03/14/08 . (umount) Also see the man page for: cfdisk .txt (local file) Mounting a Windows partition.Curses based disk partition table manipulator.ro 0 0 noauto.users. the second as hda2. Use the command cat /proc/partitions to see full list of disks and partitions that your system can see.user. Linux IDE naming conventions: Device Description Configuration Master Slave /dev/hda 1st (Primary) IDE controller /dev/hdb 1st (Primary) IDE controller /dev/hdc 2nd (Secondary) IDE controller Master /dev/hdd 2nd (Secondary) IDE controller Slave Note: SCSI disks are labeled /dev/sda. Example of existing /etc/fstab file: /dev/sdb6 /dev/sdb1 /dev/cdrom /dev/fd0 none none /dev/sdb5 / /boot /mnt/cdrom /mnt/floppy /proc /dev/pts swap ext2 ext2 iso9660 auto proc devpts swap defaults 1 1 defaults 1 2 noauto.. sdb. the third as hda3 etc . The partitions on each drive are referred numerically.2: file:/usr/src/linux/Documentation/ide.2: (Red Hat 7.Linux System Administration and Configuration Page 4 of 29 Where the drive is /dev/hdb or some device as conforms to the Linux device names: IDE drives are referred to as hda for the first drive. For more info see SCSI info. fsck Mounting other file systems: (locally attached drives) Mounting a CD: mount -r -t iso9660 /dev/cdrom /mnt/cdrom Un-Mount the CD-ROM: umount /dev/cdrom (No "n" in umount) This command should work for a Red Hat installation..yolinux.0-) file:/usr/src/linux/Documentation/devices. The first partition on the first drive is referred to as hda1.4: (Red Hat 7.owner 0 0 defaults 0 0 gid=5.. Unmount it first if necessary..com/TUTORIALS/LinuxTutorialSysAdmin.txt .H.

a swap file or a combination of the two. (This is default) cat /proc/sys/fs/inode-max .process information pseudo-filesystem Local file Kernel 2. umount /dev/sdb6 tune2fs -C 9 /dev/sdb6 mount /dev/sdb6 http://www.Begin use of given swap file.Create swap file swapon /swapfile . The individual file system's mount count may be changed so that they will be checked on a different reboot.2 (RH 7. swapon -s . Unix floppy: See YoLinux Tutorial . use the command swapoff.List swap files cat /proc/swaps .html 03/14/08 .Kernel 2. (but less than 2GB) dd if=/dev/zero of=/swapfile bs=1024 count=265032 . Make entry to /etc/fstab to permanently use swap file or partition. This is annoying for systems with many file systems because they will all be checked at once. Use at your own risk! See How to use a Ramdisk for Linux Add system swap space for virtual memory paging: Swap space may be a swap partition. Next change the mount counts for some of them. If using a swap partition.Linux System Administration and Configuration Page 5 of 29 Also see the YoLinux tutorial on using MS-DOS floppies with Linux.) Perform the previous command on all the filesystems to obtain their mount counts.txt (local file) Reboot count and fsck: Pertains to Red Hat systems using the EXT2 filesystem (RH 7.0-):file:/usr/src/linux/Documentation/proc.Linux Recovery and Boot Disk Creation Ramdisk: Using a portion of RAM memory to act like a superfast disk.Create file filled with zeros of size 256Mb mkswap /swapfile .5b. Refer to your particular filesystem.2+ uses EXT3) After 20 reboots of the system. Linux will perform a file system check using fsck.Same as above This example refers to a swap file.com/TUTORIALS/LinuxTutorialSysAdmin. Check current reboot status: /sbin/dumpe2fs /dev/sdb6 | grep '[mM]ount count' dumpe2fs 1. Assign a priority with the "-p" flag. /swapfile swap swap defaults 0 0 Note: To remove the use of swap space.19.Kernel configuration for max number of files cat /proc/sys/fs/file-nr . One should size swap space to be at least twice the size of the computer's RAM. 13-Jul-2000 for EXT2 FS 0. /sbin/mkfs -t ext2 /dev/ram mount /dev/ram /mnt/ramd [Potential Pitfall]: I've never actually tried this. 95/08/09 Mount count: 2 Maximum mount count: 20 (This of course is specific for my system. Man pages: swapon/swapoff mkswap fstab YoLinux Tutorial: Adding an Additional Hard Drive to Your Linux System YoLinux Tutorial: System Optimization and hdparm Mounting a Windows partition or other file systems. the partition must be unmounted.Number of files presently open echo 4096 > /proc/sys/fs/file-max .Set max file limit.yolinux.2 configuration for max number of inodes To change: echo 12288 > /proc/sys/kernel/inode-max See: proc man page . YoLinux Tutorial: File System Quotas Hard Disk Upgrade Mini How-To Increase open files limit: cat /proc/sys/fs/file-max . One may also use a swap partition.

E.. IBM JFS and reiserfs.S. (RH 7. i.. Devices: /dev/raw/raw?? Raw device controller: /dev/rawctl Sample use of command: raw /dev/raw/raw1 /dev/hdb5 One must be of group disk to use the raw device or change permissions: chmod a+r /dev/rawctl chmod a+r /dev/hdb5 chmod a+rw /dev/raw/raw1 Note: The above information applies to Red Hat distributions. One may use the raw command for both IDE and SCSI devices. This info may be different for other distributions.. http://www. the system will reboot .. Raw Devices: Commercial databases such as Oracle and IBM DB2 can maximize performance by using raw I/O. .Linux System Administration and Configuration Page 6 of 29 Now the filesystems will have an fsck performed on them on different system boots rather than all at the same time.html 03/14/08 .. *** Dropping you to a shell.1 EXT2 filesystems and earlier which require an integrity check. (repair file system) 2# exit The system will hopefully reboot properly at this point.. To see if your system is using raw I/O issue the command: raw -a raw man page Configuration file: /etc/sysconfig/rawdevices Add entries to this file to invoke raw I/O upon system boot. Run fsck Manually . Give root password for maintenance (or type Control-D for normal startup): At this point enter the root password then run fsck: (repair file system) 1# fsck -A -y . Journaled Filesystem EXT3: Convert from ext2 to ext3: Red Hat 7.) If the system crashes (due to power outage etc.) then upon boot the system will check if the disk was unmounted cleanly. . *** An error occurred during the file system check...yolinux. . You can mimic Red Hat behavior with a symbolic link: ln -s /dev/your_raw_controller /dev/rawctl Mounting Network Drives: SMB Mount: Mounting a Microsoft Windows shared file server drive NFS: Mounting/exporting a Linux shared file server drive with NFS. Manual method: Convert: tune2fs -j /dev/hda1 Configuration file changes: /etc/fstab change ext2 to ext3 Also see: tune2fs Man Page Linux today: EXT3 info Other journaled file systems: SGI XFS..e.U. For home users who routinely shutdown and boot their systems. S.2 upgrade gives one the option to perform this file system upgrade. This will map a raw device to a blocked device for an entire disk partition. ***** FILE SYSTEM WAS MODIFIED ***** . ... . one can increase the maximum mount count: tune2fs -c 40 This feature can also be disabled: tune2fs -c -1 Check every week: tune2fs -i 7 System crash and disk check upon boot: Pertains to Red Hat 7. fsck man page Note that fsck is NOT run against mounted file systems.com/TUTORIALS/LinuxTutorialSysAdmin.2+ uses EXT3 which is a journaled file system which maintains file system integrity even with a crash. For files larger than 2Gb use SGI XFS and the SGI Linux Red Hat RPM or Red Hat ISO CD install image.. If not you may get the following message: Unexpected inconsistency. uses /dev/raw1 as a device and /dev/raw as the controller.

Clear iptables rules with iptables -F to test. The user id (uid) numbers and the group id (gid) numbers on both systems MUST match to preserve sanity. 176. Check PAM restrictions in /etc/hosts.yolinux.allow..com/TUTORIALS/LinuxTutorialSysAdmin.Linux System Administration and Configuration Page 7 of 29 Client File: /etc/fstab . use the "intr" option to allow the process to be interrupted.hard. . Keep ports 111 and 2049 clear. ssh. users Show all users logged in. groups Display groups you are part of.png Set background: BackgroundImage=/path/file.html 03/14/08 .png http://www. Show last 100 logins: last -100 history Shell command to display previously entered commands.intr 0 0 server1:/shared/images /mnt/srv1-images nfs rw. User Greetings: The greeting messages and login displays are all customizable. Server File: /etc/exports . Use id user-id to display info for another user id. (message of the day) GDM graphical login display: /etc/X11/gdm/gdm.0/255... whoami Displays user id. date and time of login (ftp. Pitfalls: Server must run services: portmap..mountd . Use who -uH for idle time and terminal info. For more see exports man page. the user's home directory is wiped and all subdirectories including the path below the mount point will be erased!! NFS Man pages: nfs . To avoid NFS hanging up the system and immunity from the kill command. User Info: Commands: who Displays currently logged in users. Use NIS or LDAP. Typically this problem is solved by using a single point of authentication.maintain list of NFS exported file systems nfsd/rpc.NFS file systems being exported (for Kernel based NFS) exportfs . RHEL4) (Fedora Core 1) NIS (Network Information Systems) is often used in NFS clusters to manage authentication. /shared/images . Use groups user-id to display groups for a given user. NEVER EVER mount to a user's home directory.1.255.conf Set text greeting: ftpd_banner=Put welcome greeting here /etc/motd Post login text message: Default is blank.. netfs.255. w Displays currently logged in users and processes they are running. Show where from.. Type of greeting Telnet pre-login Text: Ssh pre-login Text: vsftpd Login Text: File File containing text: /etc/issue /etc/ssh/sshd_config Specify text file: Banner /etc/issue vsftpd config file: /etc/vsftpd/vsftpd. See the YoLinux. last Listing of most recent logins by users. server:/directory-to-export /mnt/mount-point nfs rw.0(rw) Hard mount read/write..NFS server process nfsstat .) Also see lastlog command. Mount can be interrupted by the kill command.conf (or /etc/gdm/gdm.deny and hosts.print NFS statistics rpc.e.png Set logo: Logo=/path/file. Check the numbers used in /etc/passwd and /etc/group.168. nfslock. i.com NIS tutorial.nfsd . nfs Restart server service to pick up file changes: service nfs restart (or: /etc/init.d/nfs restart) Iptables may block port.NFS mount daemon NFS GUI Configuration tool: system-config-nfs redhat-config-nfs (Fedora Core 2+.intr 0 0 .fstab format and options exports . Command line mount: mount -t nfs server1:/shared/images /mnt/srv1-images List of directories to export and restrictions. id Display user and all group ids..hard.conf) Set image: DefaultFace=/path/file... set Display all environment variables in your current environment. /home/user1/mount-point This is because when the user is removed from the system with the command userdel -r user1.

Autonomous systems are often eventually linked together to share files using NFS at a later date and have synchronization problems. -s Specify default shell. To specify an NIS authentication server. (Fedora Core 2+.Select the user from the list. Network authentication using an LDAP authentication server 3. Large organizations need to think ahead when creating a new user. This tool will allow you to set default directories. group and shadow files userdel -r user_name : Delete user and remove his home directory from the system.server. -d HOME_DIR Specify but don't create the user's home directory. use options Config + User accounts + Normal + User accounts . See the third ":" delimited field in the file /etc/passwd.Linux System Administration and Configuration Page 8 of 29 Creating a new system local user account: The three most common methods of defining a Linux user and authenticating their logins are: 1.com/TUTORIALS/LinuxTutorialSysAdmin. Thus as a policy it is best to NEVER generate a mount point within a user's directory. passwd user_name : Assign a password to the user. set email aliases. use /etc/ypconf which contains the line: ypserver ip. group membership and disk quotas.address.3+) Start linuxconf: RH 5. (Fedora Core 1) linuxconf: (Note: Linuxconf is no longer included with Red Hat Linux 7. Add the user: Select options Config + User accounts +Normal + User accounts + select button Add .2: Select Start + Programs + Administration + linuxconf .e enter floppy under the heading Supplementary groups and then Accept ) For a list of groups. Other files will remain. The problem this http://www. grp2 Specify additional supplementary groups to which the user belongs.html 03/14/08 . GUI Method: system-config-users: GUI admin tool for managing users and groups.defs useradd -m user_name : Add a user to the system and create a home directory populated with default files from /etc/skel/ useradd -m user_name -G floppy : Will grant the user read/write privileges to the floppy (/dev/fd0) upon creation of user by adding user to group floppy in addition to the default group specified in /etc/default/useradd. Dude User:/home/user:/bin/bash Create group: /etc/group user:x:505: Create home directory: cd /home mkdir user Copy default files: cp -pR /etc/skel/. See the useradd man page for a full list of options. System uses configuration and security defaults set in /etc/default/useradd and /etc/login.(as root) Edit files to add/remove a user Create user entry in /etc/passwd user:x:505:505:Mr.bashrc. (Also see pwgen. Purges user from /etc/passwd. Note: For every user ID text string there is an associated UID integer. [Potential Pitfall]: Use the command "df" to see if there are any mount points to the user's directory. RH 6+: Select Gnome Start icon (located lower left corner) + System + Linuxconf . Set user password: After creating the user. Configuration file for useradd command: /etc/default/useradd Default directory configuration and files for a new user are copied from the directory /etc/skel/. Create (if it does not already exist by appending username to "/home/") and specify this as the users home -m directory. Assign a password: passwd user Also see: Shadow integrity verification: grpck [-r] [group shadow] File editor: vipw. eg. The same user ID (text string) on two different systems may have different UIDs. The users personal bash shell customizations are held in $HOME/. Red Hat/Fedora Linux distributions begin incrementing user UIDs from 500. ~/. The default shell is called bash (bsh) and is a cross of the UNIX ksh and csh command shells. Local user authenticated locally with the password files /etc/passwd and /etc/shadow 2.yolinux. It is best to mount to /mnt/mount-dir and use a sym-link (ln -s /mnt/mount-dir /home/user-name/mount-dir-local) to the user's directory. a password generator) Also see man page for: usermod. NIS authentication server.bashrc -g Initial (default) group -G grp1. If there are any. Then select the Passwd button. (I. There is also the option of adding the user to additional groups. add rules about passwords. they will get wiped out with the recursive delete. the group names should be separated by a simple space. Find with ypwhich The following describes creating a local user: Command Line Method: (My preference) useradd user_name : Add a user to the system. This will allow you to enter an initial password for the account. userdel user_name : Delete user from system. /home/user chown -R user. Default files from /etc/skel/ will be placed in the users home directory. By default the useradd command will increment by one for each new ID. RHEL4) redhat-config-users: GUI admin tool for managing users and groups. File Editing Method: . Use the commands pwconv and grpconv to synchronize the shadow files. One can modify or delete users from linuxconf as well.of.user /home/user The creation of /etc/shadow and /etc/gshadow require the execution of a program to encrypt passwords. The default is to not follow symlinks during the delete. Default is /bin/bash in most Linux distributions. shells. useradd options: Option Description -c Adds a comment or description to the password record.

yolinux. Group GIDs can be assigned to department or division numbers..SELinux is fully disabled. This tip is for separate autonomous systems or for systems using different authentication servers which are sharing files using NFS.) Disable: Use command: setenforce 0 or echo 0 > /selinux/enforce or Specify in /etc/grub. devices.SELinux prints warnings instead of enforcing.) or echo 1 > /selinux/enforce or Specify in /etc/grub. Possible values are: # targeted .) are each assigned a collection of security attributes known as a security context. SELINUXTYPE=targeted One may turn off the SELinux features by setting: SELINUX=disabled (Requires reboot to read new configuration. # permissive . . NFS: For systems which will use NFS to share files. Look at the file /etc/passwd on the file server which you will mount to determine the user ID number and group ID number. # disabled . http://www.kde/ configuration files for new users. make the changes here.. This tip also can also apply to smbmounted MS/Windows shares.conf on the "kernel" command line: selinux=0 See current setting using the command: getenforce Security contexts: View file/directory contexts: ls -Z /var/www Set file/directory context: chcon -R -h -t httpd_sys_content_t /home/user1/public_html Options: -R: Recursive.gtkrc . System processes and files (including socket descriptors.conf on the "kernel" command line: enforcing=1 (Sets enforcement during boot. -t: Specify type of security context.Full SELinux protection. IPC's. Both "type" enforcement and Role Based Access Control (RBAC) are supported. This will allow smooth operation of connected systems.bashrc . one can administer user accounts to make creation. # strict . SELINUX=enforcing # SELINUXTYPE= type of policy in use. Also see the YoLinux tutorial on Managing groups SELinux security policies and context: Security Enhanced Linux (SELinux) enhancements developed by the US Federal National Security Agency (NSA) are included with Fedora Core beginning with version 3 and Red Hat Enterprise Linux version 4. user1:x:505:505:Joe Hacker:/home/user1:/bin/bash User-ID:User-ID-Number:Group-ID-Number:comment:/home/User-ID-Home-Directory:default-shell Add a user to the system which matches. selinux-doc Configuration file: /etc/selinux/config # This file controls the state of SELinux on the system. It is best to use the useradd "-u" option to assign users a UID integer associated with the text string ID. This will allow files generated on the file server to match ownership of those generated on the client system.bash_profile . The fine-grained access control architecture is supported in the Linux kernel. Files and directories in current directory and all subdirectories. Default settings for new users are stored in /etc/skel/.bash_logout . # SELINUX= can take one of these three values: # enforcing . To modify default .SELinux security policy is enforced.Only targeted network daemons are protected.com/TUTORIALS/LinuxTutorialSysAdmin.) Direct setting of enforcement: Enforce: Use command: setenforce 1 (Alter SELinux enforcement while kernel is running.html 03/14/08 . Many systems administrators use the employee ID as they know it will be unique across the corporation. Security Goals: Protect the system from the users Protect the users from each other Protect the files from scripts/programs The following RPM packages comprise SELinux: selinux-policy-strict selinux-policy-strict-sources: Configuration files selinux-policy-targeted selinux-policy-targeted-sources: Configuration files libselinux: Library which provides a set of interfaces for security-aware applications to get and set process and file security contexts. -h: Affect symbolic links. editing and ownership of files seamless and consistent.Linux System Administration and Configuration Page 9 of 29 creates is when a file with one system can not be edited when accessed from the second system as the second system regard him as a different user because the system has a different UID. [root]# useradd -u User-ID-Number -g Group-ID-Number User-ID Ideally you would configure an NIS or LDAP authentication server so that login id's and group id's would reside on one server.

conf : core . APT/dpkg .max data size (KB) fsize .get/set resource limits and usage (C programmer api) sysconf .yolinux.) Command dpkg -l dpkg -l package-name Description List all packages installed on system. getrusage.com/TUTORIALS/LinuxTutorialSysAdmin. Since no user id was given.address space limit maxlogins . (Mentioned above) getrlimit.conf : Grant/restrict group device access.max number of logins for this user priority .conf : Restrict user access by time. (Remember X-windows is a network enables windowing system) export DISPLAY=:0. http://www. Also see YoLinux Tutorials on Web Site configuration and SELinux policies.Get configuration information at runtime (C programmer api) Operating as root: (System Administrator) If you are planning to administer the system. File: /etc/security/group. see star discussed in backups and archiving below.max number of open files rss .conf : Limit access by network or local console logins.max number of processes as .YoLinux Tutorial bash shell command ulimit.max stack size (KB) cpu .max locked-in-memory address space (KB) nofile . the default is root user.Ubuntu / Debian Package Manager: dpkg: Ubuntu/Debian package management.root Some systems may be configured so that only the switch user (su) command may be required without all of the X-window configuration.maximum filesize (KB) memlock .max number of file locks the user can hold File: /etc/security/access. GUI mode: Allow console to be accessed by another user from same system: xhost +localhost Switch user and then you will be prompted to enter the root password: su - Set environment variable for GUI sessions so that display used is local display. This all would be equivalent to: su .limits the core file size (KB) data .html 03/14/08 . Note: The su command was issued with a trailing "-" which means that the login process will follow the login steps of the user and will execute its profiles. day.max CPU time (MIN) nproc .0 Launch GUI application. setrlimit .Linux System Administration and Configuration Page 10 of 29 View security context of running processes: ps -eZ View security context of a user: id uid=500(user1) gid=500(user1) groups=500(user1) context=user_u:system_r:unconfined_t Security contexts for a new file default to that of the parent directory. Also see: Set user quotas on hard drive usage . Here is how: Switch user account to root: Shell/command mode: su - and then you will be prompted to enter the root password. In many instances one would be logged in as a user and wish to perform some "root" sys-admin tasks.the priority to run user process with locks .max resident set size (KB) stack . For tar backups which preserve SELinux file and directory policies. (equivalent to rpm in functionality. one would login as root to perform the tasks. Often used with grep: dpkg -l | grep partial-name-of-package Query version of package and if package is installed. Restrict/Limit Users: (/etc/security/) User limitations are set in the following files: File: /etc/security/limits. Also see the YoLinux tutorial on Managing groups File: /etc/security/time.

com/ubuntu dapper-security universe [Potential Pitfall]: If you add a new repository you must execute the command: apt-get update.com/ubuntu/ dapper-backports main restricted universe multiverse deb http://security. package is missing.com/ubuntu/ dapper-backports main restricted universe multiverse #deb-src http://us. please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team.archive. Upgrade all packages on the system to the newest versions of all the packages.ubuntu. has been obsoleted. (equivalent to yum in functionality.ubuntu.html 03/14/08 . software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Keep configuration files. The command will first identify all packages to be upgraded and then with permission. Configure build-dependencies for source packages.archive. will give you the following error message: Package xxxxxxx is not This may mean that the is only available from E: Package mplayer has available. will perform an upgrade on the packages. Upgrade the OS and all packages on the system to the newest version. Keeps configuration files. Remove configuration files.archive.com/ubuntu dapper-security main restricted # deb http://security. Attempting to install a package (apt-get install xxxxxxx) from a new archive without first updating.conf Uses the repository source list: /etc/apt/sources. Simulate apt-get actions to be taken but no action is performed. download and install. Remove package.archive. See /var/lib/dpkg/available Install package.deb dpkg -r package-name dpkg -P package-name List all files on the system associated with the package.com/ubuntu/ dapper universe deb-src http://us.com/ubuntu/ dapper main restricted ## Major bug fix updates produced after the final release of the ## distribution.archive.com/ubuntu dapper-security main restricted deb-src http://security. ## Also.ubuntu.archive.Linux System Administration and Configuration Page 11 of 29 dpkg -L package-name dpkg -S file-name dpkg -p file-name dpkg -i package-name.com/ubuntu/ dapper-updates main restricted deb-src http://us. Other: http://www. Print package information. and may not be under a free licence.ubuntu.ubuntu. Stop any services targeted for upgrade before perfoming the upgrade.B.com/ubuntu/ dapper main restricted deb-src http://us.ubuntu.ubuntu. apt-get: Ubuntu/Debian package installer using an internet repository. deb http://us. #deb http://us.archive. please note that software in ## universe WILL NOT receive any review or updates from the Ubuntu security ## team.com/ubuntu dapper-security universe # deb-src http://security. Also see "apt-get remove package-name". but is referred to by another package.) Command apt-get install package-name apt-get install package-1.ubuntu.B.ubuntu. ## N. Remove package from system. Use flag "-y" to grant permission and avoid question. List the package name to which this file is associated.com/TUTORIALS/LinuxTutorialSysAdmin. Download package source. An update should always be performed before an upgrade The command will identify all packages to be upgraded without performing an upgrade. or apt-get --simulate update apt-get update apt-get -s upgrade apt-get upgrade apt-get dist-upgrade apt-get source package-name apt-get build-dep package-name Uses the configuration file: /etc/apt/apt.com/ubuntu/ dapper universe ## Uncomment the following two lines to add software from the 'backports' ## repository. software from this repository may not have been tested as ## extensively as that contained in the main release.com/ubuntu/ dapper-updates main restricted ## Uncomment the following two lines to add software from the 'universe' ## repository.ubuntu.yolinux. although it includes ## newer versions of some applications which may provide useful features.ubuntu. or another source no installation candidate Where "xxxxxxx" is the package you were trying to install. package-2 apt-get remove package-name apt-get -s update Description Query repository for package and if package is available. Also.list deb http://us.archive. Also see "apt-get remove package-name". Update the package index on the system to the latest version associated with the OS release in use. Also see "apt-get install package-name". Only the index (package list) is changed. Use flag "--purge" to remove configuration files. Please satisfy yourself as to ## your rights to use the software. In this example.ubuntu. ## N. Remove package. deb http://us. apt-get simulates an update.

veridis.) Note: Many GPG public keys for other RPM packages (i. gpg --keyserver keyserver. Removes all files (including config files) of older version during upgrade. RPM flag to force install even if dependency requirements are not met. https. The purpose is to protect you from using a corrupt or hacked RPM. Identify the package to which this file belongs.rpm rpm -ivh program_package-ver. you are ready to use the RPM command. What packages will break if this RPM is removed.< program_package-ver.. Fedora. Also see the man pages for: dpkg. apt-config RPM .rpm rpm -q --whatrequires program_package rpm -K --nogpg *. (like with glibc library or Netscape RPMs etc) it is necessary to mention two or more packages on the command line. Extract a single file (with path) from the RPM package to the local directory.keyserver. Step One: Import Red Hat and Fedora GPG signature keys: [root@yoserver2 ~]# rpm --import /usr/share/rhn/RPM-GPG-KEY [root@yoserver2 ~]# rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora Do this once to configure RPM so that you won't constantly get the warning message that the signature is "NOKEY".rpm abc-package2-i386. The rpm command will account for the co-dependency of the packages. This means the database will be read or modified under /directory-name. to see if package is installed.rpm rpm -Fvh program_package-ver. dselect.redhat. (Used by developers to maintain multiple environments) Allow installation even if the architectures of the binary RPM and host don't match.com/TUTORIALS/LinuxTutorialSysAdmin. Use the system chrooted at /directory-name. apt-get. MySQL: 0x5072E1F5). . List dependant packages of RPM. wget.rpm Description Query for information on package and list destination of files to be installed by the package.com/pub/fedora/linux/core/ Use your browser.rpm Configuration information is stored in /var/lib/rpm http://www. Use this with grep to find families of packages. i. password: youremail-address). Once these command are performed. (This is also required for the YUM commands below.fedora.rpm RPM Flag --nodeps --force --notriggers --root /directoryname --ignorearch Notes: Overwrite of other packages allowed. Description rpm2cpio . Great tool for inspecting an RPM package and reading the package documentation before you decide to install the package. List dependancies (files and packages) of RPM. key ID 5072e1f5) Importing a new key from key server: 1.net/. curl (downloads using http.rpm abc-package3-i386../path/and/file-name rpm -Uvh program_package-ver.) or ftp the site download. rpm --import pubkey_mysql. Uninstall package from your system List ALL packages on your system.e.redhat.: rpm -ivh abc-package1-i386. gpg --export -a 5072e1f5 > pubkey_mysql. Suse and many other Linux distributions. Upgrade the system with the RPM package New Install Freshen install. Query system RPM database (/var/lib/rpm). Query system RPM database for info/description on package (if installed) List all files on the system associated with the package.Linux System Administration and Configuration Page 12 of 29 Command apt-cache search package-name Description Query repositories to see if package is available. apt-cdrom (add CD-Rom to sources list). Non sure if RPM downloaded ok? Verify md5 sum.fedora. ftp.rpm rpm -q program_package rpm -qi program_package rpm -ql program_package rpm -qf file rpm -e program_package rpm -qa rpm -qp --requires program_package-ver.asc 3. You can also use the Gnome GUI program file-roller to view and read the contents of an RPM.html 03/14/08 .Redhat Package Manager: The rpm command is used to manage software applications and system modules for Red Hat. CentOS.asc Step Two: RPM commands and their use RPM Command rpm -qilp program_package-ver.e. (The following RPM installation warning will inform you of the key to obtain: warning: MySQL-XXXX.rpm | cpio id .rpm: V3 DSA signature: NOKEY. apt-cache.yolinux. can be obtained from http://www.com (login: anonymous. Don't execute scripts which are triggered by the installation of this package. Many times. This is often required for RPM's which were assembled incorrectly Fedora Core RPM downloads: http://download. List prerequisites.com --recv-key 5072e1f5 2.

Red Hat Package Manager rpmbuild .x. stampede slp. install and finally creates a new binary RPM package. use of GPG for package verification.x. Installs database of all packages in distributions to make RPM more informative. compile. Execute the following commands (in order given) to perform an automatic system update: 1.e.rmp. Use option --clean for cleanup... glibc-x.0. Debian or Slackware for install and uninstall.X.1.package converter between rpm. When installing additional RPM's from the Red Hat CD.Operation not permitted (1) error: cannot open Packages database in /var/lib/rpm then you must check: Who are you logged in as?: whoami You must be root.e. 1.Build/create an RPM package.1 and later) Select the red dot and exclamation mark icon on the toolbar to launch up2date and follow the GUI.e. cd to the RPMS directory on the CD which contains the packages to be installed.RH 6. Automated System Updates: up2date (Red Hat 7. CheckInstall .. Command to kill processes locking file: fuser -k /var/lib/rpm/Packages It is best to terminate processes by exiting program (like glint) normally if possible. cp .yolinux.X-X" specifies multiple packages This is because a package is doubly listed: (Often due to dual 32/64 bit architectures such as the AMD Athelon/Opteron and Intel EM64T Extended Memory 64 Technology) [root]# rpm -q package-name package-name-X. network access (i. 4. It allows you to define directories to use.X-X Fix: rpm -e --allmatches package-name [Potential Pitfall]: You try and install an RPM but you can not get the appropriate version of the run time libraries because they are too old and not present on your system or you get a runtime error: /usr/bin/ld: cannot find /lib/libxx.2 GUI Also see: RPM HowTo.1.X. First force the installation of the RPM without the dependency requirement: rpm --nodeps -ivh xxxx-.Linux System Administration and Configuration Page 13 of 29 Database of descriptive package info. 2. download updates./usr/lib/.x..4 /lib/libxx.X..0+ GUI glint .1./lib/.html 03/14/08 . Fedora.X-X package-name-X. File permissions: ls -l /var/lib/rpm/Packages File must be owned by root. Extract the libraries from the RPM: rpm2cpio glibc-x. Manually copy the library file to the library directory or path accessible by LD_LIBRARY_PATH or ldconfig: i. /usr/bin/rhn_register :You must first register your system with the Red Hat database.4 Useful man pages: rpm .so. etc. actions to take (i.org Home Page Alien . 2./lib/libxx.e.RH 8. and . packages or files to skip. Next download an old RPM of the appropriate library.so. RPM package rpmdb-redhat. Use of GPG requires the Red Hat public key: rpm -import /usr/share/rhn/RPM-GPG-KEY http://www.src. The command rpmbuild --showrc package-name. [Potential Pitfall]: If you get the errors: [root]# rpm -e package-name error: "package-name-X.0. /usr/bin/up2date-config :This allows you to configure the "up2date" process.. Building from a "src" (source) RPM: rpmbuild --rebuild package-name. The command then performs a prep. and slackware tgz file formats.rpm 3. install or not install. dpkg.0. redhat-config-packages .com/TUTORIALS/LinuxTutorialSysAdmin.RH 5. The source RPMs are not in the RPM database and will not be seen with "rpm -qa [Potential Pitfall]: If you get the errors: error: cannot get exclusive lock on /var/lib/rpm/Packages error: cannot open Packages index using db3 .src. Suse).0 GUI gnorpm . keep RPM's after install or not)..so.rpm shows options to be used as specified in rpmrc and macros configuration file(s).rpm The source will be placed in /usr/src/redhat/RPMS/. i. One may also use the command line if managing a remote server.rpm | cpio -idv This will install to your current directory: .Create packages for RPM (Red Hat. RPM. proxy configuration). This command will perform a hardware inventory and reporting of your system so that Red Hat knows which software to load to match your needs..4 Here is how to install some old libraries on your newer system without corrupting your current installation.x.

I use the 32 bit version so that 32 bit plugins will work. RPM packages and support files are downloaded to this directory.redhat.1 Apache upgrade to 1. it will be downloaded and installed. including those not currently installed.3. along with any dependencies that package requires. Red Hat 8 and 9 can be upgraded to Fedora Core.repo # in /etc/yum.): exclude=package-name (i. It will download RPM packages needed.log pkgpolicy=newest distroverpkg=redhat-release tolerant=1 exactarch=1 retries=20 obsoletes=1 gpgcheck=1 exclude=firefox mozplugger gftp # PUT YOUR REPOS HERE OR IN separate files named file.$basearch .) Set "gpgcheck=0" to avoid the signature check. ftp://yyy or even file://zzz local or NFS).com/download/mirrors/fedora-core-$releasever enabled=1 gpgcheck=1 Mirror site/sites which contain Fedora base configuration RPM's.Linux System Administration and Configuration Page 14 of 29 3. YUM config file: /etc/yum. It gives you a chance to unselect packages targeted for upgrade. use the "rpm --import GPG-KEY commands as detailed above in section one of the RPM tutorial.conf (Fedora Core 3) [main] cachedir=/var/cache/yum debuglevel=2 logfile=/var/log/yum.html 03/14/08 . Modified) is a client command line application for updating an RPM based system from an internet repository (YUM "yum-arch" server) accessible by URL (http://xxx. manual clean-up and re-configuration is required). YUM will resolve RPM package dependencies and manage the importation and installation of dependencies.yolinux.fedora.repos.d/rhnsd start Description YUM/YUMEX: RPM Updates YUM (Yellowdog Updater. Also see man pages for: up2date-gnome rhn_register-gnome Notes: Update in console mode (no GUI): up2date --nox --update Configuration file for up2date: /etc/sysconfig/rhn/up2date System id and configuration info held in XML format for up2date: /etc/sysconfig/rhn/systemid The default download directory for up2date is /var/spool/up2date/. '*' wildcards allowed.com/pub/fedora/linux/core/$releasever/$basearch/os/ mirrorlist=http://fedora. For the option "gpgcheck=1" to work. On x86_64 I do not update firefox or mozplugger with the 64 bit version.22 changed the configuration completely.e. http://www. YUM is also capable of upgrading across releases. Red Hat 7. See Red Hat YUM upgrades. (Beware.repo (Fedora Core 3) [base] name=Fedora Core $releasever . Other protocols such as ftp can be used as well as http.repos. /usr/sbin/up2date :This command will perform an audit of RPM's on your system and discover what needs to be updated. An automated alert to the need to update utilizes the rhnsd which can be started by issuing the command: /etc/rc. Command line options (partial list) for up2date: Option --nox Do not display the GUI interface. Installing a new package with up2date: up2date package-name The package name is given without the version number. resolve dependencies and perform a system update if requested. The YUM repository has a directory of the headers with RPM info and directory path information. [root@server2 ~]# rpm --import /usr/share/rhn/RPM-GPG-KEY [root@server2 ~]# rpm --import /usr/share/rhn/RPM-GPG-KEY-fedora File: /etc/yum. It then starts again from the beginning. When up2date finds the first messed up dependency it stops to tells you. If the package is not currently installed.d You may list packages you wish NOT to update (Space delimited list.com/TUTORIALS/LinuxTutorialSysAdmin.d/init. You then have to unselect the package. [Potential Pitfall]: This works quite well but it is not perfect.Base #baseurl=http://download. -u Completely update the system --update -h Display command line arguments --help -v Print more info about what up2date is doing --verbose --showall Show a list of all packages available for your release of Red Hat Linux.d/fedora. One can upgrade Red Hat Linux 7 and 8 to 9.redhat.

repos. basearch: Base Architecture .d/fedora-updates.rutgers.ucsc.d/flash. i386 Add other repositories: (not included in default install) Fedora Extras: Create file: /etc/yum.com/TUTORIALS/LinuxTutorialSysAdmin.repo (Fedora Core 3) [updates-released] name=Fedora Core $releasever .edu/macromedia/apt/fedora/$releasever http://ruslug.freshrpms baseurl=http://ayo.mirrorservice.org Create file: /etc/yum.org/fedora/extras/$releasever/$basearch/ http://www.e.redhat.net/fedora/$releasever/en/$basearch/dag/ http://dag. etc) Create file: /etc/yum.repo [freshrpms] name=Fedora Linux $releasever .e. List of mirrors: http://fedora.com/pub/fedora/linux/extras/RPM-GPG-KEY-Fedora-Extras Add FreshRPM repository site to your list for downloads of non-standard Fedora software.d/dag. i.rediris.redhat.freshrpms More examples of FreshRPMs yum.fedora.dag.Released Updates #baseurl=http://download.txt Add: Macromedia.rpmfind.wieers.freshrpms.com/download/mirrors.fedora.$basearch baseurl=http://mirrors.repo [extras] name=Fedora Extras $releasever .. audio encoders/rippers.mplug.redhat.system hardware architecture i.com/download/mirrors/updates-released-fc$releasever enabled=1 gpgcheck=1 Mirror site which contain Fedora updated RPM's.org/apt/fedora/$releasever http://sluglug.net/packages/builds/yum/RPM-GPG-KEY.kernel.com/packages/RPM-GPG-KEY.repos.$basearch .) Using YUM and YUM examples: Update: List packages which will be updated: yum check-update (Does not perform an update) Update all packages on your system: yum update Update a package: yum update package-name Update all with same prefix: yum update package-name-prefix\* This command will update your system.wieers.yolinux.net/fedora/$releasever/en/$basearch/dag/ http://ftp.repos.com/pub/fedora/linux/extras/$releasever/$basearch/ http://fr2.org/sites/download.repos.net/linux/fedora/extras/$releasever/$basearch/ gpgcheck=1 Adding FreshRPM GPG signature key: [root@server2 ~]# rpm --import http://download.mplug.$basearch .d/extras.es/apt/fedora/$releasever enabled=0 #gpgcheck=1 To directly enable a particular repository which is currently disabled (enabled=0): yum -y --enablerepo=flash install flash-plugin Fedora examples (more repositories: Jpackage.com Create file: /etc/yum. It will interactively ask permission. . (Software not released by Red Hat like DVD players.html Terms: releasever: Release Version . "Is this ok [y/N]:" To avoid the prompt/questions use the command: yum -y update Sample session: http://www.atrpms.fedora.heanet.repo [flash] name=Macromedia Flash plugin baseurl=http://macromedia.ie/pub/freshrpms/pub/dag/fedora/$releasever/en/$basearch/dag/ enabled=0 gpgcheck=1 Directly enable repository: yum -y --enablerepo=dag install fortune-oneliners Adding dag GPG signature key: [root@server2 ~]# rpm --import http://dag.conf Add: dag..current version of Fedora.html 03/14/08 .repos.com/pub/fedora/linux/core/updates/$releasever/$basearch/ mirrorlist=http://fedora.freshrpms.redhat.Linux System Administration and Configuration Page 15 of 29 File: /etc/yum.repo [dag] name=Dag APT Repository baseurl=http://dag.edu/macromedia/apt/fedora/$releasever http://macromedia.net/fedora/linux/$releasever/$basearch/freshrpms enabled=0 gpgcheck=1 To directly enable a particular repository which is currently disabled (enabled=0): yum -y --enablerepo=freshrpms install kino Adding FreshRPM GPG signature key: [root@server2 ~]# rpm --import http://freshrpms.redhat.d/freshrpms.

.9.i386 0:0. Obsoleted: openhbci.x86_64 0:0.6.1. . Installed: aqhbci..2beta-0.170/333 Completing update for gtk2 . installed.17-1 openhbci. initscripts-7.7-1 set to be updated ---> Downloading header for gtk2 to pack into transaction set.fc3 ImageMagick-c++..93.fc3 aqhbci-devel.x86_64 0:1.x86_64 0:1..x86_64 0:2.. .0.fc3 gwenhywfar-devel.4beta-0.yolinux.7.0.1 MB 00:03 .93.updates-released Install: gwenhywfar-devel..2beta-0.x86_ 100% |=========================| 87 kB 00:00 ---> Package initscripts.9 kB 00:00 ---> Package mod_dav_svn..93 100% |=========================| 1.fc3 ..com/TUTORIALS/LinuxTutorialSysAdmin..2-0...9. Running Transaction Test Finished Transaction Test Transaction Test Succeeded Running Transaction Updating: libgcc 100 % done 1/333 Updating: libgcc 100 % done 2/333 ..updates-released Total download size: 431 M Downloading Packages: (1/168): mod_dav_svn-1. I find that removing the newer version and re-running YUM to install an upgrade gets past these errors.Linux System Administration and Configuration Page 16 of 29 # yum -y update Setting up Update Process Setting up Repos base 100% |=========================| 1. --> Finished Dependency Resolution Error: Missing Dependency: package-name I find that the error is traced to having two version of a package installed at once.updates-released Install: kernel.fc3 ...fc3 . .1. Completing update for mod_dav_svn . mod_dav_svn-1...7-1.4-1.2beta-0. Remove a package: yum remove package-name Info: List available packages.x86_64 0:0.7-2. version and state (base.x86 100% |=========================| 8.11-1.x86_64 0:7.. Performing the following to resolve dependencies: Install: aqbanking-devel..updates-released .0....x86_64 0:1.7. 100% |=========================| 54 kB 00:00 (2/168): initscripts-7.0.4-1.fc3 ImageMagick. The following command will reveal if this is true: rpm -q If there are two versions of the same package installed. .xml.17-1 openhbci-devel.gz 100% |=========================| 367 kB 00:02 MD Read : ################################################## 927/927 updates-re: ################################################## 927/927 Excluding Packages in global exclude list Finished Resolving Dependencies --> Populating transaction set with selected packages.fc3 Updated: ImageMagick..x86_64 0:1.0...17-1 Complete! # [Potential Pitfall]: Many times I have found that I can get the following errors: Setting up Update Process Setting up repositories Reading repository metadata in from local files Could not find update match for package-name .2.6.14_FC3 ..x86_64 0:6.x86_64 0:1. --> Running transaction check Dependencies Resolved Transaction Listing: Install: aqhbci.updates-released Install: aqhbci-devel.2beta-0. .14_FC3 Dependency Installed: aqbanking-devel. updates-released): yum list List the packages installed which are not available in repository listed in config file: yum list extras List packages which are obsoleted by packages in yum repository: yum list obsoletes Clean local cache of headers and RPM's: yum clean all (See: /var/cache/yum/) package-name.7-2..html 03/14/08 .. . .i386 0:6.x86_64 0:1.x86_64 0:1.11-1.. Please wait. .fc3 .2. To install a single package: yum -y install package-name This will also resolve package dependencies. ---> Downloading header for mod_dav_svn to pack into transaction set.. .fc3 kernel.0.2-0.9.x86_64 0:1.0.. Yum Commands: http://www.171/333 .x86_64 0:2.x86_64 0:1.1.1 set to be updated ---> Downloading header for initscripts to pack into transaction set.1 kB 00:00 updates-released 100% |=========================| 951 B 00:00 Reading repository metadata in from local files base : ################################################## 2852/2852 primary.4beta-0.0.i386 .1.169/333 Completing update for initscripts .

html 03/14/08 .Linux System Administration and Configuration Page 17 of 29 YUM Command yum -y install package-name yum -y update package-name yum -y update yum -y --exclude=package-name update yum remove package-name yum remove package-name-1 package-name yum remove package-name-2 yum clean headers yum clean cache yum clean all yum list package-name yum check-update yum search partial-package-name Description Install package. Set up a web server with the same paths as used in the configuration files and point your configuration files to your server.daily/yum. YUM header repository YumEx: (Yum Extender) GUI interface to YUM commands and configuration YumEx will allow you to manage the RPM packages on your system. Remove packages.conf man page You can set up your own YUM server for your own cluster or intranet.com/TUTORIALS/LinuxTutorialSysAdmin. Update all packages on system for which updates are available. YumEx illustrated tutorial http://www. List all packages which match the string specied in the package name or description. See YoLinux web server tutorial for configuration information. Remove RPM header files. Fedora configures YUM as a daily cron job: /etc/cron.yolinux. Update all packages which have available updates excluding the specified package. Update package.cron #!/bin/sh if [ -f /var/lock/subsys/yum ].YUM download. then /usr/bin/yum -R 10 -e 0 -d 0 -y update yum /usr/bin/yum -R 120 -e 0 -d 0 -y update fi Links: YUM Homepage YUM HowTo . Remove files from YUM cache: /var/cache/yum/ Clean up all YUM files left over from previous installations. See yum man page for a full listing of commands and command arguments. Notes: yum man page yum. Show which packages are available to be updated. Remove package. install and YUM server configuration. List information about available packages from configured YUM repository. It allows the administrator to install/update packages from internet repositories as well as un-install RPMs from the system.

For more info see the rdist man page and rdistd man page (section 8: "man 8 rdistd").Linux System Administration and Configuration Page 18 of 29 RDIST: Remotely distributing and installing software/files The command rdist helps the system administrator install software or update files across many machines.com: Test with flags -navzu File: files-to-sync.html +webpage-2. RSYNC: Synchronizing files on two computers The command rsync helps the system administrator synchronize files on two separate computers.txt +index.com/TUTORIALS/LinuxTutorialSysAdmin.html +webpage-3. Command to use rsync with ssh: rsync -e ssh -p 777 --delete --include-from=files-to-sync. This is ideal for web site maintenance.html Files to include (+) and files which are excluded from synchronization (-).html 03/14/08 . The process is launched from one computer." at the end./ www. Also see the rsync man page to migrate file changes. Command: rdist -f instruction-file Instruction file: files=( /fully-qualified-path-and-file-name /next-fully-qualified-path-and-file-name ) dest = ( computer-node-name ) ${files} -> ${dest} install /fully-qualified-directory-name-of-destination.txt -avzu .html -README +webpage-1. Links: rsync Home Page Rsync Documentation For more info see the rsync man page System log files: http://www. Note: Don't forget the ".your-domain.yolinux.

generate log files. chmod -s filename +s. Find all world writable directories: find / -perm -0002 -type d -print Find all world writable files: find / -perm -0002 -type f -print find / -perm -2 ! -type l -ls Find files with no user: find / -nouser -o -nogroup -print Find files modified in the last two days: find / -mtime 2 -o -ctime 2 Compare two drives to see if all files are identical: find / -path /proc -prune -o -path /new-disk -prune -o -xtype f -exec cmp {} /new-disk{} \.1 /lastlog /maillog - system messages Logging by PAM of network access attempts Log of system boot./ -type f -print | xargs grep -H "ABC" /dev/null egrep -r ABC * Find all files of a given type from current directory on down: find .d/process-name /var/log/process-name.Linux System Administration and Configuration Page 19 of 29 /var/log/messages /secure /dmesg /boot. The logrotate program will periodically backup the log file by renaming it. Find all suid and setgid executables: find / \( -perm -4000 -o -perm -2000 \) -type f -exec ls -ldb {} \./ -name "*" -exec grep -H ABC {} \. The program will also allow the system administrator to set the limit for the number of logs or their size. Thus it is prudent to run this command and remove the "sticky" bits from executables which either won't be used or are not required by users. logrotate . These are created by applying a "sticky" bit: chmod These programs should be watched as they are often the first point of entry for hackers. see /etc/passwd) on the system: (could take a very long time) find / -user 501 -print Find all files created or updated in the last five minutes: (Great for finding effects of make install) find / -cmin -5 Find all users in group 20 and change them to group 102: (execute as root) find / -group 20 -exec chown :102 {} \. If left unchecked they would grow large enough to burden the system and application.Rotate log files: Many system and server application programs such as Apache. Configuration file: /etc/logrotate.html 03/14/08 .log { rotate 12 monthly errors root@localhost missingok postrotate /usr/bin/killall -HUP process-name 2> /dev/null || true endscript } The configuration file lists the log file to be rotated. (Interprets file: /var/log/lastlog) Also see last command.conf Directory for logrotate configuration scripts: /etc/logrotate.log /xferlog. Partial list of find directives: http://www. Also see command dmesg Log of system init process File transfer log Requires the use of the lastlog command to examine contents log from sendmail daemon Note: The lastlog command prints time stamp of the last login of system users. the process kill command to momentarily shut down and restart the process. Using the find command: Find man page Form of command: find path operators Examples: Search and list all files from current directory and down for the string ABC: find .yolinux.conf" -print Find all user files larger than 5Mb: find /home -size +5000000c -print Find all files owned by a user (defined by user id number./ -name "*. There is also the option to compress the backed up files. and some configuration parameters listed in the logrotate man page.com/TUTORIALS/LinuxTutorialSysAdmin. find / -type f -perm +6000 -ls Note: suid executable binaries are programs which switch to root privileges to perform their tasks.d/ Example logrotate configuration script: /etc/logrotate. find .

Scheduling a re-occurring task: Add shell script to have run hourly..com/TUTORIALS/LinuxTutorialSysAdmin. Command must be in path. Note: The script /etc/cron. It will generate the database /var/lib/locatedb File Information/Status/Ownership/Security: ls List directory contents. CRON .Linux System Administration and Configuration Page 20 of 29 Directive -name -print -user -exec command {} \.mime for file signatures to identify file type.-t.daily/ /etc/cron.yolinux. Either terminate the process through the application interface or using the fuser command: fuser -k file-name file Identify file type. group and all others have read.GUI front-end to the GNU find utility Finding/Locating files: locate/slocate Find location/list of files which contain a given partial name which Find executable file location of command given. Find files changed .root file-name :Make file owned by root.-t. Find files set with specified permissions. file file-name Uses /usr/share/magic.weekly/ /etc/cron.cron generates the index for the locate command.. whereis Find executable file location of command given and related files rpm -qf file Display name of RPM package from which the file was installed.t) -ctime (+t.hourly/ /etc/cron.daily/updatedb.allow files. Description Find files accessed more that +t days ago. chmod go-wx file-name :Remove file access so that the group and all others have write and execute privileges revoked/removed.deny and /etc/at. weekly or monthly into the appropriate directory: /etc/cron. fuser Identify processes using files or sockets If you ever get the message: error: cannot get exclusive lock then you may need to kill a process that has the file locked. less than -t or precisely t days ago. chown Change file owner and group chown root.allow files. Cron entries may also be added to a crontab formatted file located in the directory /var/spool/cron/. Scheduling access and control: The administrator can allow users to use this facility with specific control by using the /etc/cron.deny and /etc/cron. -atime (+t. To assign a very specific schedule add a line to the /etc/crontab file. daily. Locate files of a specified type: c: character device files b: blocked device d: directories p: pipes l: symbolic links s: sockets f: regular files -size n Find file size is larger than "n" 512-byte blocks (default) or specify a different measurement by using the specified letter following "n": nb: bytes nc: bytes nk: kilobytes nw: 2-byte words Also see: gnome-Find . List file information chmod Change file access permissions chmod ugo+rwx file-name :Change file security so that the user. The file extension is NOT used. Group assignment is also root. write and execute privileges.html 03/14/08 . /usr/share/magic. http://www. The at facility may be controlled with the /etc/at.monthly/ These are preconfigured schedules.t) -perm -type Find files whose name matches given pattern Display path of matching files Searches for files belonging to a specific user Execute Unix/Linux command for each matching file.

com/TUTORIALS/LinuxTutorialSysAdmin.Scheduling a single occurrance of a task: The at command will schedule single jobs.Execute a command after a time delay Managing Time: The BIOS computer clock stores hardware time while the OS keeps track of system time. Delete job with the command atrm [prompt]$ atrm 1 Man pages: at .schedule job at a specified time atq . More commands may be entered.lists the user's pending jobs or all if root atrm . identified by their job number batch . minute. (cron is for re-occurring jobs) The daemon /usr/sbin/atd will run jobs scheduled with the at command. Input at commands from a file: at midnight today < job-list-file List jobs with the command atq [prompt]$ atq 1 2002-03-07 12:00 a user-id The first column lists the job number.deletes jobs. Microsoft OS's use local time.YY 14:30 19. Access control to the command is controlled using the files /etc/at. The system time is initialized during boot by syncing OS time to the hardware time. hour. Set hardware clock and sync system (OS) time to match: (hctosys) Set hardware clock: /sbin/hwclock --set --date="07/30/2008 23:16:30" Then match system clock: hwclock --hctosys (Set the System Time from the Hardware Clock.allow (list of user id's permitted to use the at command) and /etc/at.html 03/14/08 .) 2.06 noon tomorrow The at command will respond with it's "at>" prompt upon which you enter the command you wish to execute followed by "Enter". 2008 11:16 pm and 30 seconds date MMDDhhmm.deny.yolinux.ss (month.Linux System Administration and Configuration Page 21 of 29 Man pages: cron crontab AT .seconds optional) (where hours are from 00 to 24) Set hardware clock to system clock in UTC: /sbin/hwclock --systohc --utc (UTC preferred for Linux because it allows automatic accounting of daylight savings time. Functionality built into at after . Set system (OS) clock and sync hardware time to match: (systohc) Set system time (Linux OS time): date -s 10:20 date 073023162008. Time is specified before the date: at at at at at at HH:MM month-name day with an optional year midnight MMDDYY HH PM today noon DD.03. year and dot seconds .30 July 30.executes commands when system load levels permit (based on a specified system load) atrun .for backward compatibility. UTC will mess up the time setting on a dual boot system which hosts a Microsoft OS) Set hardware clock in localtime to current system clock: /sbin/hwclock --systohc (Same as: /sbin/hwclock --systohc --localtime) http://www. day. When done enter "control-d".MM. Read time: Read system time (Linux OS time): date Read hardware clock (BIOS clock): /sbin/hwclock (Same as /sbin/hwclock --show) /sbin/hwclock --utc Set time: (two methods) 1.

beginning March 2007).1.2): rdate -p hostname Set the system time to the returned time: (Must be root. UTC=true) View settings in /etc/adjtime Configure time settings: Time. zic (time zone compiler) man pages.ntp.5 4 5 5 6 7 7 8 9 9 10 -12 -10 -10 -9.2): rdate -s hostname Try: /usr/sbin/ntpdate -q time. Time zone.yolinux. NTP Red Hat Enterprise 4/ Fedora Core (2+) GUI configuration: /usr/bin/system-config-time Time zone: tzselect Ubuntu: Time zone: tzconfig Note that the time zone setting is a soft link from /etc/localtime to a file under /usr/share/zoneinfo/ (or /usr/lib/zoneinfo/ on older systems).2.1.pool. To set the default time zone to US CST.slave configuration.: export TZ=PST8PDT Zone format: [time standard] [offset] [dst] See directory: /usr/share/zoneinfo/ File: /usr/share/zoneinfo/PST8PDT not viewable.0 (RPM: ntp-4. Internally UNIX systems use Coordinated Universal Time (UTC) which is the number of seconds since Jan 1.com/TUTORIALS/LinuxTutorialSysAdmin. "Calendar Time" is then calculated based on your time zone and whether you are on Standard or Daylight Savings time (Second Sunday of March to First Sunday of November .e.edu See List of public NTP Time Servers or http://www.0): /usr/sbin/ntpdate -q hostname Up to Red Hat 9.0): /usr/sbin/ntpdate -s hostname Up to Red Hat 9.Network Time Protocol) Query/Print the time returned by the remote host: Fedora Core (RPM: ntp-4.ucla.0 (RPM: ntp-4. 1970 0 hrs.) Fedora Core (RPM: ntp-4.tab See tzselect.e.2. Print time zone info with zdump: zdump HKT-8 TIMEFORMAT: For more info see the man page for your shell. generate a new link manually with the command: ln -sf /usr/share/zoneinfo/US/Central /etc/localtime Set System Time: (using NTP . 8 hrs from GMT USA Alaska Standard Time/Alaska Daylight Time Yukon Standard Time/Yukon Daylight Time USA Hawaiian Standard Time/ Hawaiian Daylight Time New Zealand Standard Time/ New Zealand Daylight Time Australian Eastern Standard Time Australian Eastern Standard Time/Australian Eastern Daylight Time Australian Central Standard Time http://www.html 03/14/08 . Only root can change system clock. Sync System Time: The timed (time server daemon) allows one to synchronizes the host's time with the time of another host.5 Description Greewich Mean Time Universal Coordinated Time Fernando De Noronha Std Greenland Standard Time Brazil Standard Time Eastern Brazil Standard Time Newfoundland Standard Time/Newfoundland Daylight Time Atlantic Standard Time/ Atlantic Daylight Time USA Eastern Standard Time/ Eastern Daylight Time USA Eastern Standard Time/ Central Daylight Time USA Central Standard Time/ Central Daylight Time USA Mountain Standard Time USA Mountain Standard Time/ Mountain Daylight Time USA Pacific Standard Time/Pacific Daylight Time. See file: /usr/share/zoneinfo/zone. See the timed and timedc man pages. This is a master . (i. Note: Typically many web servers set their time to GMT due to the world wide nature of their service.org. tzset.Linux System Administration and Configuration Page 22 of 29 UTC (true/false) set in /etc/sysconfig/clock (eg. tzfile. Shell environment variables: TZ: Time Zone i. man bash) TZ Environment Variables: TZ Variable GMT0 UTC0 FST2FDT GST3 BST3 EST3EDT NST3:30NDT AST4ADT EST5EDT EST6CDT CST6CDT MST7 MST7MDT PST8PDT AKS9AKD YST9YDT HST10 NZST-12NZDT EST-10 EST-10EDT CST-9:30 GMT Offset 0 0 2 3 3 3 3.

Start NTP daemon: service ntpd start (or: /etc/init.0.255. Check time: date Note: NTP uses UDP on port 123 for inbound and outbound communication.mil This will hang without an internet connection!!! Time servers: time.ntpServer. nomodify Run time configuration can not be modified by remote NTP server notrap Do not log remote messages.0.5 -7 -5.255.nist.0.255.arc.nasa.arc.0.255.ntpServer.gov tick. default mask 0. 2.gov mask 255.mil Configuring NTP: The system may be configured as: 1.ntpServer. Errors of over 1000 seconds causes ntpd to abort correction.ntpServer. Syncronize time with NTP server: ntpdate -u time1.usno.nist. a pure NTP client.d/init.gov server time2. Note that using IP addresses instead of fully qualified domain names will provide a faster response. List accurate clocks to use in file: /etc/ntp.d/ntpd issues the command /usr/sbin/ntpdate to set the time.0. a pure NTP server 3.gov mask 255. Check /var/log/messages for errors.usno.navy.d/ntpd start) 4.Linux System Administration and Configuration Page 23 of 29 CST-9:30CDT JST-9 KST-9KDT WST-8:00 WAS-8WAD CCT-8 HKT-8 JST-7:30 NST-7 IST-5:30 IST-3:30IDT MSK-3MSD SAST-2SADT EET-2EEST -9.1 This will synchronize your system clock with the times servers listed.255 nomodify notrap noquery restrict time2.255).conf server time1. Network Time Protocol (NTP): (configuration) The daemon ntpd will continually monitor time and synchronize your system clock with that of a known accurate time system (atomic clock).ntpServer.gov restrict time1.gov 3. Corrections are implemented in small steps to correct the clock over time.yolinux.com/TUTORIALS/LinuxTutorialSysAdmin.255.nasa.5 -9 -9 -8 -8 -8 -7. restrict options: option Description mask Limits the remote NTP server to a single IP address (255.5 -3.255.gov ns.html 03/14/08 .gov tick. noquery Do not allow remote ntpq or ntpdc querries notrust Deny cryptographically un-authenticated NTP querries. http://www. an NTP client which then acts as an NTP server for a domain Client Configuration: 1.255 nomodify notrap noquery restrict 127. The init script /etc/rc.5 -3 -2 -2 Australian Central Standard Time/Australian Central Daylight Time Japan Standard Time Korean Standard Time Australian Western Standard Time China Coast Time Hong Kong Time Java Standard Time North Sumatra Time Indian Standard Time Iran Standard Time Moscow Time South Africa Standard Time/South Africa Daylight Time Eastern European Time/Eastern European Time Daylight Savings Time Middle European Time/Middle European Time Daylight Savings Time Central European Time/Central European Time Daylight Savings Time West Africa Time Western European Time/Western European Time Daylight Savings Time MET-2METDST -2 CET-1CEST -1 WAT-1 -1 WET0WETDST 0 See /usr/share/zoneinfo/.gov ns.navy. You may also issue the command: /usr/sbin/ntpdate -b -s time. 2.

software installation or as an error message meant to alert the system administrator.yolinux.older "You have new mail.old RFC 868 .com/TUTORIALS/LinuxTutorialSysAdmin.Set the date and time via NTP ntpq .Special NTP query program ntpstat . this message may greet you.html Time codes IRIG . Very accurate. Mail command Description ? h h1 q x t t4 n List commands (Help) Print mail headers Print mail headers starting with message number 1 Quit and delete mail which has been viewed (typed) Quit but save mail viewed. The system will often send a mail message to the "root" user after the completion of some cron jobs.html 03/14/08 .": When you login. Type (view) current message Type out message 4 to the console Type out next message http://www.Linux System Administration and Configuration Page 24 of 29 Linux GUI Time Configuration Tools: Red Hat Enterprise 4/ Fedora Core (2+) GUI configuration: Command: /usr/bin/system-config-time SuSE GUI configuration: [root]# yast2 ntp-client NTP Man Pages: ntpd . Type the console command "mail".Read kernel time variables ntprace .org: Network Time Protocol (NTP) See documentation /usr/share/doc/ntp-*/ntpd.Network Time Protocol (NTP) daemon ntpdate .NTP RFC 867 .Inter-Range Instrumentation Group (GPS satellite based time.) IRIG PCI cards (Linux drivers) Internet time code RFCs: RFC 1305 .Trace a chain of NTP servers back to the primary source Links: NTP.Standard NTP query program ntpc . The following simple commands will help you navigate through this simple mail client.Show network time synchronization status ntptime .

Text Terminal Configuration: tty: Print the file name of the terminal connected to standard input [prompt]$ tty /dev/pts/4 stty: Text Terminal configuration commands. [prompt]$ stty -all . For example. intr = ^C. stop = ^S. line = 0. Control Character ctrl-j ctrl-m ctrl-v ctrl-s ctrl-q ctrl-h ctrl-w ctrl-u ctrl-d ctrl-z (DOS/VAX) ctrl-c ctrl-z ctrl-\ ctrl-r C format ASCII (decimal) \n 10 \r 13 22 19 17 \b 8 23 21 4 3 26 28 18 gnome-terminal http://www. lnext = ^V.. Ubuntu users must include the "universe" repository to get access to the package "mailx". This is included with the default Fedora and Red Hat installations. eol = M-^?. Gnome Terminal: Terminal configuration to handle the annoying backspace problems associated with telnet-ing to a different system. how to configure the Linux for use with an SGI/IRIX system: Start /usr/bin/gnome-terminal Select: "File" + "New Profile. rprnt = ^R. rows 24. eof = ^D. quit = ^\. min = 1. kill = ^U. erase = ^?. time = 0. susp = ^Z.com/TUTORIALS/LinuxTutorialSysAdmin..Linux System Administration and Configuration Page 25 of 29 d d4 d 1-4 Delete the active message Delete message number 4 Delete messages number 1 to 4 The "mail" command is included with the package "mailx"." Select profile: "SGI" and select "Edit" button.Human-readable form speed 38400 baud.html 03/14/08 . columns 80.yolinux.stty-readable form 2d02:5:4bf:8a3b:3:1c:7f:15:4:0:1:ff:11:13:1a:ff:12:f:17:16:ff:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0 [prompt]$ stty `echo 2d02:5:4bf:8a3b:3:1c:7f:15:4:0:1:ff:11:13:1a:ff:12:f:17:16:ff:0:0:0:0:0:0:0:0:0:0:0:0:0:0:0` [prompt]$ stty columns 132 [prompt]$ stty erase '^?' . If you want to enter the "ctrl-m" as part of the entry to the stty command then prefix it with "ctrl-v" so that the "ctrl-m" "escaped" from acting as a terminal directive but instead acts as command input..Expand tabs to spaces [prompt]$ stty --help | more clear: Clear Text Terminal reset: Reset Text Terminal Terminal control characters: Description Linefeed Carriage Return Escape Character Stop screen scroll Resume screen scroll Backspace (and delete) one character Backspace (and delete) one word Delete line End of file Interrupt signal SIGINT Suspend signal SIGSTOP Quit signal SIGQUIT Typically repaint screen. start = ^Q.Here the "^" refers to the caracter shift-6 and not <ctrl> [prompt]$ stty sane [prompt]$ stty -tabs . werase = ^W.. eol2 = M-^?. Check terminal type: echo $TERM Set terminal type: export TERM=xterm This is a very common fix for many remote terminal problems. flush = ^O. (In bash reverse search of command history) (Non POSIX) Note: When typing a "ctrl-m" is just like hitting the "Enter" key. -parenb -parodd cs8 hupcl -cstopb cread -clocal -crtscts -ignbrk brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr icrnl ixon -ixoff -iuclc ixany imaxbel opost -olcuc -ocrnl onlcr -onocr -onlret -ofill -ofdel nl0 cr0 tab0 bs0 vt0 ff0 isig icanon iexten echo echoe echok -echonl -noflsh -xcase -tostop -echoprt echoctl echoke [prompt]$ stty -g ." Enter profile name: SGI Base on: Default Select: "Create" Select: "Edit" + "Profiles.

deb=01.32:*.tgz=01.yolinux.35:*.wav=01.01:cd=40.jar=01.mpeg=01. An "*" denotes execute permissions.lzh=01.multiplex terminal between processes.35:*.xpm=01. Also See: Kernel 2. Set an alias in your $HOME/.txt (local file) PERL Administration/Maintenance: At some point you will be required to administer the installation of PERL modules. Use the command dircolors to list the system default. export LS_COLORS System defaults shown.2: (Red Hat 7.avi=01. 2.35: *.H. Specify colors used in the system configuration file: /etc/DIR_COLORS or in your local file $HOME/.35:*.33:so=01.35: bd=40.gz=01.35:*. you will quickly find that the display from the command "ls" may obscure some of the results.the ASCII character set setserial . The color scheme can be ignored and all output displayed in the foreground color.35:*.fli=01.CRT screen handling and optimization package Also see /usr/include/bits/termios.png=01.pbm=01.tar.PL make http://www. There are three options for setting the colors applied to the results of the "ls" command: 1.35:*.jpeg=01.35:*. (Fedora Core 3) 3. Change and assign new colors using the environment variable "LS_COLORS".ogg=01.rpm=01.35:*.31:*. This can be set in your $HOME/.01:or=40. cat /proc/ioports List I/O ports used by system.bashrc file.bz2=01.xwd=01.zip=01. cat /proc/dma List DMA channels and device used by system.35:*. MultiGnomeTerminal KDE: Konsole xterm PuTTY Directory Listings and Terminal Colors for "ls": If you alter your terminal background color.33.33.html 03/14/08 .35: *.31:*.31:*.dir_colors Hardware Info: /usr/bin/lsdev List devices and info on system hardware.35: *.xbm=01.tar=01.tga=01. Peter Anvin Local file Kernel 2.31. Installation can be done: Manually: Un-zip/Un-tar module: tar xzf yourmodule.txt .taz=01.35:*.31: *.z=01.34:ln=01.format of compiled term file terminfo .31:*. LS_COLORS='no=00:fi=00:di=01.mpg=01.35:*.35:*.bmp=01.36:pi=40.4/Documentation/devices.31:*.31: *.31:*.txt (local file) .(RPM package procinfo) list all PCI devices (result of probe) Also lspci -vvx and cat /proc/pci /sbin/lspci cat /proc/interrupts List IRQ's used by system and the device using the interrupt.01:ex=01.31:*.35:*.get and set terminal attributes ascii .35:*.gif=01.31:*.gz Build with PERL makefile: perl Makefile. cat /proc/cpuinfo List info about CPU.xcf=01.31:*.pgm=01.tif=01.bashrc file: alias ls='ls -F' The output will use symbols instead of colors to identify the types: A closing "/" will denote a directory.tiff=01.h Text Terminal Programs: GNU Screen .(local file) Kernel 2.31:*.ppm=01. Also IRQ's.0-) See Linux devices: file:/usr/src/linux/Documentation/devices.35:*.Linux System Administration and Configuration Page 26 of 29 Select the tab: "Compatibility" Backspace key generates: change from "ASCII DEL" to "Control-H" Select: "Close" Select: "Terminal" + "Profile" + "SGI" Man Pages: termios .35:*.4: (Red Hat 7.jpg=01.get/set Linux serial port information term .terminal capability data base tic .35: *.mov=01.gl=01.1+) file:/usr/src/linux-2.35:*.35:*.dl=01.35:do=01.terminal emulator for X ncurses .35:*.com/TUTORIALS/LinuxTutorialSysAdmin.31: *.2:file:/usr/src/linux/Documentation/proc.arj=01.35:'.the terminfo entry-description compiler xterm .35:*. A "@" denotes a symbolic link.Z=01.mp3=01.

you must load the appropriate RPMs and retry using "force install module-name" PERL update: perl -MCPAN -e 'install Perl' Testing for a working Perl module: (Apache::AuthenNIS) File: testAuthenNIS. " installed". The only reason to manually configure this is if you are using a proxy.... bzip2recover compress: bzip2 file-name decompress: bunzip2 file-name.com (Also available via YUM) Search RpmFind.net File compression/decompression utilities: Basic file compression utilities: (and file extensions) gzip (..8.Z (Provided by the RPM package ncompress) pack (. $hasApacheAuth = $@ ? 0 : 1.zip Also see the GUI Gnome based program file-roller. Test: [root]# .yolinux.36. cpan> install URI . RPM and Java "jar" files.bz2 compress (. cpan> install Image::Info .) Defaults were good for me. . cpan> help . ($hasApacheAuth ? "" : " not") . First time through it will ask a bunch of questions. gznew. See: Dag.. This method rocks! It connects to a CPAN server and ftp's a gzipped tarball and installs it.zip): Compress files or groups of files. printf "\n". . Great tool for inspecting an RPM package and reading the package documentation before you decide to install the package..gz) cpan> install Image::Magick ./testAuthenNIS.tar.gz Module Image::Magick (J/JC/JCRISTY/PerlMagick-5. gzmore compress: gzip file-name decompress: gzip -d file-name.Byrne compression) Compatible with PC PKZIP files.bz2): Also see: bunzip2. (Search by keyword) Distribution J/JC/JCRISTY/PerlMagick-5.. cpan> i /PerlMagick/ . I entered a number for the first CPAN server but after that the actual URL was cut and pasted in whole. printf "Apache::AuthenNIS". (Answer "no" to the first question for autoconfigure.z zip (.gz bzip2 (..pl #!/usr/bin/perl BEGIN{push @INC.. bzcat. North America) and country. Also see: unzip compress: zip file-name decompress: unzip file-name. (Introduced in Red Hat 8.P.. It even can view and extract compressed files within other compressed tar archives!! It can also create compressed archive files as well. It then asks for your location (i. .Inquire about module. If it fails..} eval "use Apache::AuthenNIS".5/Apache". (R.First time through it will ask questions.pl Good: Apache::AuthenNIS installed Not good: Apache::AuthenNIS not installed (Installation) Most PERL modules are now available as RPMs. gunzip. cpan> install IO::String IO::String is up to date.0) Gnome file-roller home page Using TAR (Tape Archive) for simple backups: http://www..tar.Wieers.z): Also see: unpack compress: pack file-name decompress: unpack file-name. The file utility is great for viewing the contents and extracting compressed tar.e. Answer "no" to the first question for autoconfigure.com/TUTORIALS/LinuxTutorialSysAdmin.html 03/14/08 . "/usr/lib/perl5/site_perl/5.Z): (Adaptive Lempel-Ziv compression) Also see: uncompress.36. zcat compress: compress file-name decompress: uncompress file-name.Linux System Administration and Configuration Page 27 of 29 Install: make install See: CPAN module install page Automatically: (preferred) # perl -MCPAN -e shell ..gz): Also see zcat.

Backup sub-directory to floppy using a relative path: tar -cvf /dev/fd0 src First execute this command to go to the parent directory: cd /home/user1 Backup sub-directory to floppy using a defined relative path: tar -cvf /dev/fd0 -C /home/user1 src Restore from floppy: tar -xvf /dev/fd0 Backup directory to a compressed archive file: tar -z -cvf /usr/local/Backups/backup-03212001. will save and restore the SELinux attributes.html 03/14/08 . (See Backup/Restore links on YoLinux home page) Simple backups can be performed using the tar command: tar -cvf /dev/st0 /home /opt This will backup the files. directories and all it's subdirectories and files of the directories /home and /opt to the first SCSI tape device." To fix this condition run the script: /usr/bin/oaf-slay This script will kill OAF processes on systems using OAF and bonobo.sh #!/bin/bash tar -cz -f /mnt/BackupServer/user-id/backup-weekly-`date +%F`.com/TUTORIALS/LinuxTutorialSysAdmin.star /directory/path/to/backup/ For more on SELinux. SELinux Tar: "Security Enhanced" Linux archive backup.gz Also see: Automated Snapshot-Style Backups with Linux and Rsync Manual page for the mt mag tape control command. (XFS file system users use xfsrestore) System Fixes: Fix the error: "Failed to activate 'OAFID:GNOME_SettingsDaemon" This annoying dialog box may appear after one logs in. see above section. Notes: Backup using compression to put more on SCSI tape device: tar -z -cvf /dev/st0 /home /opt List contents of tape: tar -tf /dev/st0 List contents of compressed backup tape: tar -tzf /dev/st0 Backup directory to a floppy: tar -cvf /dev/fd0 /home/user1 When restored it requires root because the root of the backup is "/home". "star". (/dev/st0) Restoring files from backup: tar -xvf /dev/st0 Script to perform weekly archive backups: /etc/cron.sh Manual page for the tar command. star -xattr -H=exustar -c -f archive-file. You may also get the error message "The Settings Daemon restarted too many times.gz -C /home/user-id dir-to-back-up Be sure to allow execute permission on the script: chmod ugo+x /etc/cron. For more on Linux floppy devices see the YoLinux tutorial: Using floppies with Linux. Manual page for the restore command.gz -C /home/user2/src project-x List contents: tar -tzf /usr/local/Backups/backup-03212001.yolinux.tar.weekly/backup-weekly.tar. Example.tar. sounds or background may cease to operate properly.gz Restore: cd /home/user2/src tar -xzf /usr/local/Backups/backup-03212001.Linux System Administration and Configuration Page 28 of 29 It should be noted that automated enterprise wide multi-system backups should use a system such as Amanda. Admin Scripts: http://www. Note that the "tar" command will not operate with the "star" archive. Example: /sbin/dump -0u -f /dev/st0 /home/user1 Level 0 (everything backed up. retrieve and convert data from tape: dd if=/dev/st0 bs=2 | tar -x (National Institute of Justice (NIJ) Special Report documenting results of testing dd for computer forensics) Manual page for the dump command.weekly/backup-weekly. Example. Themes. rewind tape: mt -f /dev/st0 rewind Manual page for the dd command.tar. not incremental) Option u: Update file /etc/dumpdates (XFS file system users use xfsdump) Note: this is also tied to the /etc/fstab file and dump flags (field 5) set for each file system.

http://www.txt Red Hat Enterprise 4/Fedora Core (2+) GUI system configuration tool commands begin with "system-config-". Type this in a bash shell and press tab twice to view all the GUI configuration tool commands available.Linux System Administration and Configuration Page 29 of 29 sysreport .com/TUTORIALS/LinuxTutorialSysAdmin.html 03/14/08 .This script generates an HTML report on your system configuration.yolinux. Admin Tips: Unix command line output is sent to the screen (default) but you would also like the output to print to a file (bash shell): command 2>&1 | tee output-file.

Sign up to vote on this title
UsefulNot useful