unit 10
Cards (44)
- System administration deals with all the things you have to do to keep your computer system in a stable and usable order.
- System administration can include tasks such as backing up files, installing new programs, managing accounts, and keeping the integrity of the file system.
- Understanding the organisation of the file system tree can make your job as a sys admin easier.
- This understanding comes through experience.
- There are many different directories and files with varying importance in the file system tree.
- This unit will focus on two main areas: /var and /etc.
- /var contains spool directories, log files, accounting information and various other items.
- Sub-directories of /var include /var/adm, which holds logs and setup records, /var/log, which holds various system log files, /var/spool, which holds spooling directories for printers, mail, etc., and /var/tmp, which holds temporary space.
- System daemons, the kernel, utilities and services all produce data that is logged, which is stored in various 'log files'.
- Log files can be very useful in determining any issues with the system.
- For example, if a daemon refuses to start, check the log files.
- The log files have a limited useful life span and there should be a clear retention policy.
- Most log files are text files and can be easily viewed with standard tools such as cat, more, grep.
- UNIX can be inconsistent with the location of log files, but Linux is better.
- Having a clear logging and retention policy is very important.
- Different distributions of Linux have their own ways of naming and dividing up log files, but generally, Linux sends log files to the /var/log directory.
- The /var directory is specific for each computer or server.
- dmesg is used to examine or control the kernel ring buffer and can assist in determining any errors or problems with the system.
- httpd is a web server daemon and the Apache HyperText Transfer Protocol (HTTP) server program, it runs as a standalone daemon process.
- Mysqld.log logs each SQL statement received from clients.
- Examples of services that run at start-up include httpd, init.d, mysqld, ntpd, and ftpd.
- The ‘syslog’ file can be viewed using ‘more’ and is a record of system activity.
- These initialise during the boot process of your system.
- The purpose of the ‘syslog’ file is to record system activity.
- /etc/passwd consists of information about the user, including Username, Real name, Home directory, and other information about the user.
- For example, specifying Mail.info in /etc/syslog.conf results in mail messages being saved in /var/log/maillog.
- /etc/ is part of the root filesystem and is used for critical system and configuration files.
- Sudo has been largely superseded by ‘sudo’, which works in a similar way to ‘su’ but is more restricted in that it does not automatically grant full root privileges.
- Three services which are configured to run at start-up are httpd, init.d, and mysqld.
- /etc/init.d contains a number of start-up and stop scripts for various services on your system.
- Mysqld.log, also known as the MySQL Server, manages access to MySQL database and tables.
- Upon using the ‘sudo’ command, sudo consults the /etc/sudoers file to see if the user is authorised to use sudo.
- Upon typing ‘su’, you will be asked for a password, which can be the root password or the password of the user (su – username).
- Sudo is faster to use than use su or log in as root.
- Sudo keeps a log for the commands which were executed.
- At times, you may need to view sensitive files, such as those in /etc/passwd and /etc/shadow, and for this, you will need to use ‘su’ or ‘sudo’.
- The server writes information to this log when clients connect or disconnect.
- The other two service files are /etc/passwd and /etc/shadow.
- Some important files and directories in /etc are /etc/syslog.conf, /etc/init.d, /etc/passwd, and /etc/shadow.
- /etc/syslog.conf controls syslogd’s behaviour.