≡ Menu

linux system administrator

It happens all the time. Sooner or later, every organization may run out of qualified UNIX system administrator / staff because of various issues. As a single admin you may have to do lots of work because other people in accouting, sales, or programmers may not have all the skills required to run servers. Also, I don't trust new people or people with Windows background. I also don't have a time for UNIX admin training for new person.

In short, to avoid overloading yourself, I recommend sudo. It allows you to delegate authority to give certain users or groups of users the ability to run some commands as root or another user while providing an audit trail of the commands and their arguments via a log file. With sudo you don't have to share root password with anybody. Another option is Pluggable Authentication Modules (PAM) under UNIX / Linux. Command tasks such can be delegated via sudo program:

  1. Start / stop / restart common services and configurations, e.g. Jboss, Tomcat, Apache, Mysql etc
  2. Shutdown / reboot server
  3. Backup data to tape
  4. Run other individuate tasks and commands as per requirements and so on.

Once you started to trust their skills sets, grant them more privileges or may be promote them as full time UNIX sys admins.

In totally unrelated news : Bill Gates, retired as chairman. Checkout the hits and misses of his leadership of Microsoft.

Understanding UNIX / Linux File System

A conceptual understanding of file system, especially data structure and related terms will help you become a successful system administrator. I have seen many new Linux system administrator without any clue about file system. The conceptual knowledge can be applied to restore file system in an emergency situation.
[click to continue…]

Linux commands to help you navigate

As a Linux system administrator, you will need to find files in directories all over the file system. Especially those coming from a Windows background, often lost themselves while navigating file system.

Linux and other UNIX (BSD) OS offers an excellent collection of utilities, which can be use to finding the files and executables, remember you cannot memorize all the commands and files ;)
Commands to help you navigate:

  • file: Determines file types
  • which: Locates an executable in your PATH
  • whereis: Locates binaries and man page
  • find: Find the file
  • grep: Search for text/string in the named file name
  • strings: Find text string in a binary file

The which command

It is useful to locate a command. Some opertating system such as Solaris/HP-UX (even linux) have multiple homes. So you wanna find out which version you are going to use by order of the directories in your PATH variable. Try out following commands:
$ which ls
$ which vi
$ which vim

The file command

You would like to find out if a command is a shell script or a binary file or simply cannot recognize file by its extension then use file command to determine file type.
$ file /usr/sbin/useradd

/usr/sbin/useradd: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.0, dynamically linked (uses shared libs), stripped

Let us try another example:
# file /etc/shadow

/etc/shadow: ASCII text

But wait sec, you don't have to type full command path:
$ file $(which adduser)

/usr/sbin/adduser: perl script text executable

The whereis command

It locates binaries and man pages. When you get message command not found then use whereis command to locate binary file. For example ifconfig command:
$ ifconfig

bash: ifconfig: command not found

Now locate ifconfig binary, enter:
$ whereis -b ifconfig

ifconfig: /sbin/ifconfig

So let us try the full path, enter:
$ /sbin/ifconfig

The grep command

The grep command can search for text or strings such as IP address, domain names and lots of other stuff inside a text file. Often new Linux sys admin forgets to configuration file names. However, you can use grep to find out those configuration file name. For example, find out the file containing IP address
# grep -R "" /etc/* | less

Find out kernel driver module bttv configuration file name, so that you can remove the driver:
# grep -R "bttv" /etc/* | less<

The strings Commands

The grep command is useful to search a text file, if you would like to find text string in a binary file then use strings command.
# strings /usr/bin/users

You might think this is stupid idea to search inside binary file for text string. Well, no it is not a stupid idea. For example, you would like to quickly find out if internet service supports tcpd access control facility via /etc/hosts.allow and /etc/hosts.deny files (read as tcp wrappers) or not. Let us find out if sshd server support tcpd or not:
# strings $(which sshd)| grep libwrap

libwrap refuse returns

The find Command

Use find command to find the files. Find all files belonging to the user charvi:
# find / -user charvi

Remove all core dump files
# find / -name core -exec rm -i{}\;

Please see more find command examples here and here. For more info please read the man pages of find, grep, file, which.