LPI Linux Certification in a Nutshell (74 page)

Read LPI Linux Certification in a Nutshell Online

Authors: Adam Haeder; Stephen Addison Schneiter; Bruno Gomes Pessanha; James Stanger

Tags: #Reference:Computers

BOOK: LPI Linux Certification in a Nutshell
9.72Mb size Format: txt, pdf, ePub
Administrative Tasks
Objective 107.1: Manage User and Group Accounts and Related
System Files
passwd and group

  • User account information is stored in
    /etc/passwd
    .

  • Each line in
    /etc/passwd
    contains a
    username, password, UID, GID, user’s name, home directory, and
    default shell.

  • Group information is stored in
    /etc/group
    .

  • Each line in
    /etc/group
    contains a
    group name, group password, GID, and group member list.

  • passwd
    and
    group
    are world-readable.

Shadow files

  • To prevent users from obtaining encrypted passwords from
    passwd
    and
    group
    , shadow
    files are implemented.

  • Encrypted passwords are moved to a new file, which is
    readable only by
    root
    .

  • The shadow file for
    /etc/passwd
    is
    /etc/shadow
    .

  • The shadow file for
    /etc/group
    is
    /etc/gshadow
    .

User and group management commands

The following commands are commonly used for manual user and
group
management
:

useradd
user

Create the account
user
.

usermod
user

Modify the
user
account.

userdel
user

Delete the
user
account.

groupadd
group

Add
group
.

groupmod
group

Modify the parameters of
group
.

groupdel
group

Delete
group
.

passwd
username

Interactively set the password for
username
.

chage user

Modify password aging and expiration settings for
user
.

Objective 107.2: Automate System Administration Tasks by
Scheduling
Jobs

  • Both
    cron
    and
    at
    can be used to schedule jobs in the
    future.

  • Scheduled jobs can be any executable program or script.

Using cron

  • The
    cron
    facility consists of
    crond
    , the
    cron
    daemon, and
    crontab
    files containing
    job-scheduling information.

  • cron
    is intended for the execution of
    commands on a periodic basis.

  • crond
    examines all
    crontab
    files every minute.

  • Each system user has access to
    cron
    through a personal
    crontab
    file.

  • The
    crontab
    command allows the
    crontab
    file to be viewed and, with the
    –e
    option, edited.

  • Entries in the
    crontab
    file are in the
    form of:

    minute hour day month dayofweek command

  • Asterisks in any of the time fields match all possible
    values.

  • In addition to personal
    crontab
    files,
    the system has its own
    crontab
    files in
    /etc/crontab
    , as well as files in
    /etc/cron.d
    .

Using at

  • The
    at
    facility, shown here, is
    for setting up one-time future command
    execution
    :

    at
    time

    Enter an interactive session with
    at
    , where commands may be entered.
    time
    is of the form
    hh:mm
    ,
    midnight
    ,
    noon
    , and so on.

  • The
    atd
    daemon must be running in order
    for
    at
    commands to be processed.

User access

  • Access to
    cron
    can be controlled using
    lists of users in
    cron.allow
    and
    cron.deny
    .

  • Access to
    at
    can be controlled using
    lists of users in
    at.allow
    and
    at.deny
    .

Objective 107.3: Localization and Internationalization

  • The suite of programs that comes with the Network Time
    Protocol (NTP) allow you to keep your system and hardware clocks in
    sync with accurate time servers over the Internet.

  • ntpd –q
    will update a system clock
    against an NTP server and then exit.

  • Hardware clocks are configured to reflect either local time or
    Universal Coordinated Time (UTC) plus a time zone offset. The
    command
    hwclock
    can be used to manipulate a
    hardware clock from within Linux.

  • The file
    /etc/localtime
    should be a
    symbolic link to the time zone configuration file appropriate for
    your locale. For example, in the central United States:

    #
    ls –l /etc/localtime
    lrwxrwxrwx 1 root root 30 Sep 12 13:56 /etc/localtime \
    -> /usr/share/zoneinfo/US/Central

  • The command
    tzselect
    can be used to
    change your system’s time zone.

Essential System Services
Objective 108.1: Maintain System Time

  • Refer to the previous section on localization and
    internationalization.

Objective 108.2: System Logging
Syslog

  • The syslog system displays and records messages
    describing system events.

  • The syslog program is made up of two processes:
    syslogd
    , which logs user-level events, and
    klogd
    , which logs kernel events.

  • Messages can be placed on the console, in logfiles, and on
    the text screens of users.

  • Syslog is configured by
    /etc/syslog.conf
    in the form
    facility
    .
    level
    action
    :

    facility

    The creator of the message, selected from among
    auth
    ,
    authpriv
    ,
    cron
    ,
    daemon
    ,
    kern
    ,
    lpr
    ,
    mail
    ,
    mark
    ,
    news
    ,
    syslog
    ,
    user
    , or
    local0
    through
    local7
    .

    level

    Specifies a severity threshold beyond which messages
    are logged and is one of (from lowest to highest severity)
    debug
    ,
    info
    ,
    notice
    ,
    warning
    ,
    err
    ,
    crit
    ,
    alert
    , or
    emerg
    . The special level
    none
    disables a facility.

    action

    The destination for messages that correspond to a
    given selector. It can be a filename,
    @
    hostname
    , a
    comma-separated list of users, or an asterisk (meaning all
    logged-in users).

  • Together,
    facility.levels
    comprise the
    message selector
    .

  • Most syslog messages go to
    /var/log/messages
    .

Logfile rotation

  • Most system logfiles are rotated to expire old information
    and prevent disks from filling up.

  • logrotate
    accomplishes log rotation and
    is configured using
    /etc/logrotate.conf
    .

Examining logfiles

  • Files in
    /var/log
    (such as
    messages
    ) and elsewhere can be examined using
    utilities such as
    tail
    ,
    less
    , and
    grep
    .

  • Information in
    syslogd
    logfiles
    includes date, time, origin hostname, message sender, and
    descriptive text.

  • To debug problems using logfile information, first look at
    the hostname and sender, and then at the message text.

Objective 108.3: Mail Transfer Agent (MTA) Basics

  • The most common MTAs on Linux are sendmail, postfix,
    qmail, and exim.

  • sendmail, being the oldest MTA, has influenced current MTAs
    greatly. The other three popular MTAs all have sendmail
    “compatibility programs” to enable them to act as drop-in
    replacements for sendmail.

  • The file
    /etc/aliases
    stores aliases for
    inbound mail addresses; it can redirect mail to one or more
    users.

  • Whenever
    /etc/aliases
    is modified,
    newaliases
    must be executed.

  • Each user can forward his own mail using a
    .forward
    file, containing the forwarding email
    address, in his home directory.

  • Outbound mail that is trapped due to a network or other
    problem will remain queued; it can be examined using the
    mailq
    command.

Objective 108.4: Manage Printers and Printing
CUPS

  • The Common Unix Printing System (CUPS) is the
    current standard for printing on Linux.

  • The
    cupsd
    daemon handles print
    spooling. Configuration files are stored in
    /etc/cups/
    , and configuration usually
    happens through a web interface accessed through
    http://localhost:631/
    .

  • CUPS maintains backward compatibility with
    lpd
    .

  • CUPS supports printer configuration in the file
    /etc/printcap
    for backward
    compatibility
    .

Legacy printing (lpd)

  • Printers are assigned to queues, which are managed
    by
    lpd
    , the print daemon.
    lpd
    listens for inbound print requests,
    forking a copy of itself for each active print queue.

  • lpr
    submits jobs to print
    queues.

  • lpq
    queries and displays queue
    status.

  • lprm
    allows jobs to be removed from
    print queues.

  • lpc
    allows root to administer queues;
    it has both interactive and command-line forms.

  • Filters translate data formats into a printer definition
    language.

  • Spool directories hold spooled job data.

/etc/printcap

  • New printer definitions are added to
    /etc/printcap
    :

    lp|ljet:\
    :sd=/var/spool/lpd/lp:\
    :mx#0:\
    :sh:\
    :lp=/dev/lp0:\
    :if=/var/spool/lpd/lp/filter:
    :lf=/var/spool/lpd/lp/log:

    The lines in this example are defined as follows:

    lp|ljet:\

    This parameter defines two alternate names for the
    printer,
    lp
    or
    ljet
    .

    sd=
    spool_directory

    This parameter specifies the spool directory, under
    /var/spool/lpd
    .

    mx=
    max_size

    The maximum size of a print job in blocks. Setting
    this to
    #0
    indicates no
    limit.

    sh

    Suppress header pages. Placing this attribute in
    printcap
    sets it, eliminating the
    headers.

    lp=
    printer_device

    The local printer device, such as a parallel
    port.

    if=
    input_filter

    The input filter to be used. See
    CUPS filters
    for additional information.

    lf=
    log_file

    The file where error messages are logged.

Other books

Love of Seven Dolls by Paul Gallico
Let Me Be The One by Bella Andre
[Oxrun Station] The Bloodwind by Charles L. Grant
Next August by Kelly Moore
Golda by Elinor Burkett