Linux System Administration
David Morgan
U. C. L. A. Extension - X 417.29D

Administrativa

Syllabus

Grade reports


General Information

RFC lookup

Linux links

Remote Unix access with
telnet

Variations among Unixes

Linux

Fundamental Unix Commands

vi - the Visual Editor

File permissions

Using Samba book


Slide presentations

The landscape

Bootup

Bootloaders

Sys Control Mechanisms

ssh - Secure shell

Backup

Backup - snapshots

Webmin - remote admin

Centralized logging

Logging: logrotate

Logging: swatch

Syslog-ng

Scheduled processes

User administration

A user mgmt script

 Init process

The Shell

Compilation

Installation

Patching

yum (auto-update)

Kernel building

Shell Scripting

Permissions

Processes

Homemade shell

ProcessUID control

Unix time

Pluggable Authentication Modules (PAM)

GNUPrivacyGuard (gpg)

stunnel

Passwords



SPRING 2007 4/4/07-6/6/07
Wednesdays 6:30pm-10:00pm
UCLA campus,
School of Public Health Rm A1-241

This Website (http://www.bol.ucla.edu/~dmorgan1/linadmin/) will be used to communicate with you. Announcements, grade reports, and assignments will be posted here. The site can be viewed from an internet-connected browser anywhere. You are responsible for awareness of the information posted here.

Endterm test - take-home, open book. Please answer questions on the endterm using these preparation and submittal instructions. Name your file "endterm" in subdirectory named "assignments" below your home, on sputnik.smc.edu. (Autograding program depends on that name and placement.) See 4/4 posting below regarding the accounts set up for you on sputnik. Please submit the test by 6/13, one week after our class meets for the last time on 6/6. (6/4)

Homework - cron daemon for scheduled/periodic jobs, ntp network time protocol
- read textbook chapter 9
- p/review slides "Scheduled processes" and lab exercise "scheduled jobs"
- textbook's scant ntp coverage on p. 902
- "Linux, Clocks, and Time"
- wikipedia article
- time precision howto (5/30)

Upcoming topics - I want to cover cron (scheduled jobs) and rpm/yum (software installation and maintenance). Beyond that are several possibilities, below, coverage depending on time, for which I'd like your feedback. Which are important to you? Others?
Possible topic - GNU Privacy Guard (gpg)
- the slides are posted as are 2 related exercises :"Message digests" and "GNUPrivacyGuard"
- textbook pp 696
- www.gnupg.org
- this PGP wiki (gpg derives fro pgp)
Possible topic - read about PAM (pluggable authentication modules)
- textbook's (sorry, scant) coverage p. 681
- look at the various resources on PAM's primary distribution site 
   especially click "Online documentation," find the System Administrator's Guide,
   read the "Overview" section
Possible topic - recompiling the kernel

Homework - read about logging and secure tunnels
Logging
- read textbook chapter 10 "Syslog and Log Files"
- preview the slides at the link "Centralized logging," at left. It concerns syslog specifically. We will also be looking at the newer syslog-ng.
- preview the exercise at the link "centralized logging," at right. We will do the part up to the paragraph headed "Making remote logging secure," which describes a hack that can do it. We will focus on using stunnel to do it instead and, since syslog isn't compatible with stunnel, replacing syslog with syslog-ng.
- see the syslog-ng site
- a syslog-ng article
Secure tunnel (stunnel)
- read "SSL Encrypting Syslog with Stunnel"
(5/23)

Sets of slides and their corresponding exercises -
Centralized logging - centralized logging
Logging: logrotate - rotating log files
stunnel - stunnel
Syslog-ng - syslog-ng
Logging: swatch - monitoring log files (5/23)

Test - 5/16, to be described in class (5/9)

Homework
ssh (secure shell) -
slides - "ssh - Secure shell"
in-class lab - "ssh key setup"
reading - ssh section in Chapter 21 and "Getting Started with SSH
backup
read about backup and backup tools. The textbook has a 40-page chapter 10 on it, but most of it concentrates on backup to media other than those we'll use, with software other than we'll use. The book talks about dedicated backup media such as tape. We will back up to a hard disk. It doesn't really matter, since linux uses the filesystem interface to refer to all manner of devices ("everything is a file"). A small syntax change can easily substitute one medium for another. Also, the book talks about dump/restore, amanda, and commercial products. But we'll use tar and rsync. Skim over chapter 10, and read fully what it has to say about tar (not much) and, in Chapter 23, about rsync (also not much).
More substantially, here is what you should read about those commands:
tar - see the GNU tar Reference Manual
read from section 1 "Introduction" - 1.1-1.4
read from section 2 "Tutorial Introduction to tar" - whole section
read from section 3 "Invoking GNU tar" - 3.1-3.4
from section 5 "Performing Backups and Restoring Files" - just scan it
rsync 
read from A Tutorial on Using rsync
read from Snapshot-style backups with rsync - this method is more subtle than it looks, in its use of hard links. The core of it is the 5-line script in the section titled "Putting it all together." Read through that section, paying particular attention to the "review of hard links" and the use of the option (-l) of the cp command to only copy links to files, not their data itself. We will use this method in class.
read about the rsync algorithm, which makes rsync particularly efficient for dealing with large data volumes sent over low bandwidth channels because it identifies incremental changes within files and sends/applies only those deltas. (5/9)

Homework - please revisit the postings below. You should have read the assigned chapters 2-6 or roughly the first 100 pages of the textbook. Do read them. Next topics are ssh, backup, logging. We won't get there till next week. If you want to read up, the related chapters (obvious by title) are 9 and 10. (4/25)

Article related to the unix process mechanism "fork/exec." This article reinforces our coverage of it with its own similar but distinct examples than ours. (4/25)

Demonstration programs for unix process mechanism "fork/exec" - If you wish to examine or experiment, here is the series of 11 programs used in my slides demonstrating the workings of fork and exec. You can get them by anonymous ftp from sputnik.smc.edu under the same names by which they appear in the slides shown in class: fork1.c, fork2.c,..., fork11.c. (Files are in /pub/molay/ch08/; slides are at links, lower left, entitled "Processes" and "Homemade shell". If you download these source files and want to compile so you can run them, the command to compile would be, for example:

  gcc  fork1.c  -o  fork1

The summary of the point of these programs is:

Version Purpose
fork1 shows fork, demonstrates that 2 processes result
fork2 shows PIDs (process id numbers) of these processes, and that they're distinct
fork3 shows fork's return value to the child copy (zero) and its return value to the parent copy (child's PID)
fork4 shows how to code differentiated behavior via an "if" structure conditioned on fork's return value
fork5 incorporates an exec call in the child
fork6 introduces exit call in child and wait call in parent, to give orderly discipline to their relative timing
fork7 gets the name of the program to be exec'd from the user via the command line
fork8 interactively gets the name of the program to be exec'd by prompting user
fork9 puts the activity inside a loop to extend it to second, third, fourth,... commands
fork10 shows a zombie process
fork11 shows an adopted child, init process as its step-parent after being pre-deceased by its original parent

(4/24)

Please bring floppies - for experimenting with the GRUB bootloader in class April 18. Newer ones are better, linux is sensitive to floppy defects when trying to format them and older floppies (that may work fine in Windows) often prove "defective" in this sense. (4/14)

Homework
current topics - GRUB bootloader, then system control mechanisms (namely, 1 kernel parameters, 2 sysconfig, 3 /proc dynamic access to kernel). The slides are those at the link entitled "Sys Control Mechanisms" lower left. The in-class exercise we'll do is the one at link entitled "system control," lower right. Read through the exercise before coming to class.
read - textbook's chapters 3 and 6 (users), 4 (processes) and 5 (filesystem) this week and next.
next up - topics (slides)
  user accounts ("User administration")
  birth of a process ("Processes" "Homemade shell" "ProcessUID control")
  ssh ("ssh - Secure shell")
  backup ("Backup")
(4/14)

Forget the coffee - I ran across this article, that promotes itself with, "If you usually run for a coffee refill while your computer is booting up, here's a look at what you're missing." Covers what happens when the system boots.

How access permissions work:

 

Homework - read the textbook's chapter 2 "Booting and Shutting Down." To your level of interest, read The Linux BootPrompt-HowTo. Review slides from first class, at link entitled "The landscape, lower left. Next week we'll look at "Bootup" and "Sys Control Mechanisms." Please preview them. Also preview (read) the upcoming exercises at the links entitled "boot sequence," "runlevels," and "system control." (4/4)

Optional Linux 101 - for those who want a quick hands-on with a dozen top commands. If you lack experience using linux/unix, here is an exercise you can optionally perform on a remote linux server where I've created an account for you. Designed originally for other classes as a homework assignment, for you it's a strictly optional offering. Do it if you think it would be useful. (If you have any doubt whether you would be able to use cat, echo, mv, or ls if asked, I'd say it would probably be useful.)
The target computer - is sputnik.smc.edu
Your username - your last name as it appears on my class list, all lowercase (e.g., bush). 
Your password - your first name as it appears on my class list, all lowercase (e.g., george).
Log in method - the instructions for the exercise ask you to "log in." Translation: use telnet as described in the "Remote Unix access with Telnet" link at left.
If you have any problems logging in, or questions, please email me. (4/4)

My 3 favorite linux books (see the syllabus), respective strengths:
Nemeth - explanatory revelations not found elsewhere, blends explanation with howto, stronger on the former
Negus - uniquely blends explanation with howto, stronger on the latter
Sobell - comprehensiveness, and particular accessibility. Find what you're looking for quickly in this book, that you spend time searching around for elsewhere. Sometimes uncanny how you can put your finger on what you need. (4/4)

Running linux on a Windows computer, without installing it or disturbing Windows
1 - boot it from a CD like knoppix (http://www.knoppix.org/) or other "live CDs." They  boot directly into linux (without using or messing with your hard disk) on a temporary/session basis. http://www.frozentech.com/content/livecd.php
2 - use virtual machine emulation. I use VMware. It's free. Let me know if you're interested in pursuing it. (4/4)

Welcome - you may view (almost all of) the presentations shown in class via links to them as pdf files, bottom of left column. See also the brief class syllabus, at the link entitled "Syllabus," upper left. The textbook is identified there. (4/4)

 

"What hath God wrought?"
May 24, 1844

"Mr. Watson come here, I want to see you."
March 10, 1876

"lo"
October 29, 1969


Assignments/due

Shellscript 1

Shellscript 2

system control
 (in-class)

boot sequence
 (in-class)

runlevels
 (in-class)

bootloaders
(in-class)

ssh key setup
 (in-class)

backup
 (in-class)

users/groups/access
 (in-class)

ProcessUID control
(in-class)

centralized logging
 (in-class)

rotating log files
 (in-class)

monitoring log files
 (in-class)

syslog-ng
(in-class)

scheduled jobs
 (in-class)

rpm economics
 (in-class)

yum and rpm
 (in-class)

Unix time
(in-class)

PAM
(in-class)

Message digests
(in-class)

GNUPrivacyGuard
(in-class)

stunnel
(in-class)

BIOS and bootloader passwords
(in-class)

compiling the kernel-FC4
(in-class)

compiling the kernel-FC5
(in-class)