Fedora Bible 2011: Chapter 9: Understanding System Administration

snottysurfsideΔιακομιστές

9 Δεκ 2013 (πριν από 3 χρόνια και 7 μήνες)

131 εμφανίσεις

Fedora Bible 2011: Chapter 9: Understanding System Administration



Using the root user Account

The traditional role of the root user in Linux systems is to have complete control over the operation
of your Fedora system.


home directory for the root user i
s /root.



/etc/passwd file: root:x:0:0:root:/root:/bin/bash This shows that for the user named root, the x
indicates that the password is stored in /etc/shadow, the user ID is set to 0 (root user), and the
group ID is set to 0 (root group). The home direc
tory is /root and the shell for that user is
/bin/bash.



usermod



Among the defaults that are set for the root user are aliases for certain commands that could have
dangerous consequences. Aliases for the rm, cp, and mv commands allow those commands to b
e run
with the
-
i option.



sudo

su

su Password: ******

#

su
-

Password: ******

#



If you became the root user by just typing su, rather than su
-
, you would not have changed
directories or the environment of the current login session.



su


chum //

become another user other than root



When you are finished using super user permissions, return to the previous shell by exiting the
current shell. To do so, press Ctrl+D or type exit.




Using graphical administration tools


trend over the past few vers
ions of Fedora has been to steer clear of the massive administrative
interfaces (such as linuxconf and Webmin) and instead offer graphical windows that perform
individual administrative tasks.



Add/Remove Software (gnome
-
packagekit)

Authentication (authco
nfig
-
gtk)

Boot Loader (system
-
config
-
boot)

Date & Time


Figure 9
-
2: Choose an NTP server by clicking Synchronize date and time over the network.

Firewall (system
-
config
-
firewall)

Language (system
-
config
-
language)

Logical Volume Management (system
-
config
-
lv
m)

Network (system
-
config
-
network)

Network Device Control (system
-
config
-
network)

Printing (system
-
config
-
printer)

Root Password (system
-
config
-
rootpassword)

Samba (system
-
config
-
samba)


SWAT window. SWAT is described in Chapter 17.)

SELinux Management (po
licycoreutils
-
gui)

Services (system
-
config
-
services)

Software Sources (gnome
-
packagekit)

Software Update (gnome
-
packagekit)

Users (accountsdialog)

Users & Groups (system
-
config
-
users)

Configuration Editor (gconf
-
editor)

Disk Usage Analyzer (gnome
-
utils)

Di
sk Utility (gnome
-
disk
-
utility)

Kickstart (system
-
config
-
kickstart)

Log File Viewer (gnome
-
system
-
log)

System Monitor (gnome
-
system
-
monitor)




Administrative commands

When you log in as root, your $PATH variable is set to include some directories that con
tain
commands for the root user.



/sbin

/usr/sbin



Administrative configuration files

$HOME

/etc


adjtime


aliases


bashrc


crontab


csh.cshrc (and csh.login)


dovecot


exports


fedora
-
release


fstab


group


gshadow


host.conf


hosts


hosts.allow


hosts.
deny


inittab


issue


issue.net


mail.rc


modprobe.conf


mtab


mtools.conf


named.conf


nsswitch.conf


ntp.conf


passwd


printcap


profile


protocols


redhat
-
release


resolv.conf


rpc


services


shadow


shells


sudoers


rsyslog.conf


/etc/X11


/etc/alterna
tives


/etc/amanda


/etc/cron*


/etc/cups


/etc/default


/etc/httpd


/etc/init.d


/etc/mail


/etc/pcmcia


/etc/postfix


/etc/ppp


/etc/rc?.d


/etc/security


/etc/skel


/etc/squid


/etc/sysconfig


/etc/vsftpd


/etc/xinetd.d


Administrative log files

The mai
n utilities for logging error and debugging messages for Linux are the rsyslogd and klogd
daemons.



/etc/rsyslog.conf

/usr/sbin/visudo



Uncomment the following line to allow users in the group named wheel to have full root privileges on
the computer: %wh
eel ALL=(ALL) ALL 4. The previous line causes the user to be prompted for a
password to be allowed to use administrative commands. To allow users in the wheel group to have
that privilege without using a password, uncomment the following line instead: %whe
el ALL=(ALL)
NOPASSWD: ALL



edit the /etc/group file using the vigr
-
s command (
-
s update /etc/shadow file also)


wheel:x:10:root,mary,jake

jake


sudo ls (will be asked for password. This is the user jake’s password, not the root password.)



(You can c
hange the timeout value from five minutes to however long you want by setting the
passwd_timeout value in the /etc/sudoers file.)



Using PolicyKit for assigning administrative privilege
(fig 9.3shows example)


/etc/polkit
-
1/


`
--

localauthority


|
--

10
-
vendor.d


|
--

20
-
org.d


|
--

30
-
site.d


|
--

50
-
local.d


`
--

90
-
mandatory.d


and


/var/lib/polkit
-
1/


`
--

localauthority


|
--

10
-
vendor.d



|
--

20
-
org.d


|
--

30
-
site.d


|
--

50
-
local.d


`
--

90
-
mandatory.d

Administering Your Linux System



Configuring hardware


lsmod, modprobe, insmod,

Managing file systems and disk space



(You can use comma
nds such as find, du, and df to do this.)

Monitoring system performance


top, ps
-
aux


Managing hardware with the DeviceKit

starting with Fedora 11, HAL was deprecated in favor of a newer replacement called DeviceKit.



udisks
--
enumerate

udisks
--
show
-
inf
o /dev/sda1



Configuring modules

lsmod

modinfo fuse

modprobe parport

modprobe parport_pc io=0x3bc irq=auto



A shell script that ends with the extension of .modules in /etc/sysconfig/modules will be executed
automatically at boot time by the rc.sysinit sc
ript.



rmmod parport_pc




Managing File Systems and Disk Space

fdisk

l

mount



To see file system types that are currently available for use on your system, type cat
/proc/filesystems.



Using the fstab file to define mountable file systems



You find t
he following in each field of the fstab file:

Field 1


The name of the device representing LABEL or UUID options.

Field 2


The mount point in the file system.

Field 3


The file system type.

Field 4


Options to the mount command.

Field 5


The number in

this field indicates whether or not the indicated file system must be
backed up by a backup system called dump. A number 1 assumes that the file system
needs to be backed up, or dumped. A number 0 assumes that the file system doesn’t need
to be dumped.

Fi
eld 6


The number in this field indicates whether or not the indicated file system needs to
be checked with fsck.



Mounting removable media

Here are examples of entries you could add to your /etc/fstab file: /dev/cdrom /mnt/cdrom
auto noauto,user,exec,ro

0 0 /dev/fd0 /mnt/floppy auto noauto,owner 0 0



mount
-
t msdos /dev/fd0 /mnt/floppy

mkdir /mnt/mycdimage # mount
-
o loop whatever
-
i386
-
disc1.iso /mnt/mycdimage



Mounting Windows file systems

mkdir /mnt/windows # mount
-
t ntfs /dev/sda2 /mnt/windows

umou
nt /mnt/windows



umount /dev/sda2




device is busy,”
敲e潲 m敳s慧攠睨敮e畭潵ot

A渠慬瑥牮慴楶i f潲 畮mo畮瑩湧na 扵b礠y敶楣e 楳 t桥h
-
氠潰瑩潮o 坩瑨 畭潵湴n
-
氠(a 污穹 畮u潵湴), t桥h
畮u潵湴o桡hp敮e 慳 s潯渠慳 瑨t 摥癩de is 湯 汯l来爠扵r礮



啳楮i 瑨t m武s
c潭m慮搠瑯tc牥慴e a f楬攠獹e瑥m


m武s
-
琠數琳t⽤敶⽦搰


f摩dk ⽤/瘯s摢



C桥c歩n朠獹s瑥m space



䙩杵牥 9
-
㐺 䑥t敲e楮i 睨w牥r摩s欠獰kc攠is b敩n朠畳敤 睩瑨 䑩s欠啳k来 A湡n祺y爮

摵d
-
栠⽨潭支e物rfj



f楮搠/
-
硤敶x
-
畳敲e橡k攠
-
灲楮i〠簠硡牧s
-
〠汳
-
汤S 㸠/瑭瀯
橡步

Y潵om畳琠b攠牯潴ous敲et漠牵渠瑨ts comm慮a effec瑩癥汹v 畮汥ss 祯u 慲攠a畳琠捨tc歩湧n祯畲
灥牳潮o氠f楬敳.


M潮楴潲楮朠卹s瑥m P敲fo牭慮ce


System Tools ⇒ System Monitor.


top



Fixing Your System with the FirstAidKit



FirstAidKit is an automated recov
ery tool



yum install firstaidkit



firstaidkit
-
a (auto)



firstaidkit
-
plugin
-
all


To see a list of the available plugins, use the following command: # firstaidkit
--
list See
https://fedorahosted.org/firstaidkit/ for more information about FirstAidKit.



Using Security Enhanced Linux




Chapter 10: Setting Up and Supporting Users


In This Chapter: Creating user accounts, Setting user defaults, Extending user authentication,
Creating portable desktops, Providing support to users, Deleting user accounts,
Checking disk
quotas, & Sending mail to all users (please note that I have not added highlights for all sections)



Creating User Accounts

Regular users you add to your Fedora system typically fall into one of two categories:


Desktop users



Server users



Adding users with useradd



only required parameter to useradd is the login name of the user, but usually need additional
information.



useradd
-
c "John Smith"
-
m jsmith

passwd jsmith



In creating the account for John, the useradd command performs sev
eral actions: Reads the
/etc/login.defs and /etc/default/usradd files to get default values to use when creating accounts.
Checks command
-
line parameters to determine which default values to override. Creates a new user
entry in the /etc/passwd and /etc/sh
adow files based on the default values and command
-
line
parameters. Creates any new group entries in the /etc/group file. Creates a home directory based
on the user’s name and places it in the /home directory. Copies any files located within the
/etc/skel
directory to the new home directory. This usually includes login and application startup
scripts.



useradd
-
m
-
g users
-
G wheel,sales
-
s /bin/tcsh
-
c"Mary Smith" mary


In this case, the useradd command is told to create a home directory for the user mary

(
-
m), make
users the primary group she belongs to (
-
g), add her to the groups wheel and sales (
-
G), and assign
tcsh as her primary command shell (
-
s). Note that the wheel and sales groups must already exist for
this example to work. This results in a line

similar to the following being added to the /etc/passwd
file: mary:x:502:100:Mary Smith:/home/mary:/bin/tcsh



If you look at the/etc/group file, you should find something similar to this:

root:x:0:root

bin:x:1:root,bin,daemon

daemon:x:2:root,bin,daemo
n

sys:x:3:root,bin,adm

adm:x:4:root,adm,daemon

tty:x:5:



useradd
-
m
-
G wheel,sales
-
s /bin/tcsh
-
c"Mary Smith" mary

That would result in an /etc/passwd entry like this:

mary:x:502:502:Mary Smith:/home/mary:/bin/tcsh

And a new group

mary:x:502:



Addi
ng users with the Account Information dialog



Adding users with User Manager



system
-
config
-
users



Fedora uses a user private group (UPG) scheme,

You can extend this scheme for sharing files among several users. Here’s an example:

# useradd
-
m projectx


# mkdir /usr/local/x

# chown root.projectx /usr/local/x

# chmod 2775 /usr/local/x

# ls
-
ld /usr/local/x


drwxrwsr
-
x 2 root projectx 4096 Aug 18 01:54 /usr/local/x

# gpasswd
-
a nextuser projectx

This example creates a user named projectx



Setting U
ser Defaults



/etc/login.defs




/etc/default/useradd



Supplying initial login scripts



Global defaults can be assigned from /etc/profile



The bash shell looks for .bashrc in the current user’s home directory



You can supply initial default versions o
f these and other configuration files by placing them in the
/etc/skel directory.



The .bash_profile script is run each time the user starts a new bash shell and, in turn, runs the
.bashrc script.



example of the .bash_profile file:

# .bash_profile

# G
et the aliases and functions

if [
-
f ~/.bashrc ]; then


. ~/.bashrc fi

# User specific environment and startup programs

PATH=$PATH:$HOME/bin

export PATH



example of a .bashrc file:

# .bashrc

# Source global definitions

if [
-
f /etc/bashrc ]; then .

/etc/bashrc fi

# User specific aliases and functions

alias rm='rm
-
i'

alias cp='cp
-
i'

alias mv='mv
-
i'



Configuring system
-
wide shell options



/etc/bashrc



While you can put system
-
wide options in the /etc/bashrc file, users can override these set
tings.





Setting system profiles



/etc/profile


PATH


Environment variables



The last thing the /etc/profile file does is look at the contents of the /etc/profile.d directory and
source in the files that it finds.



To prevent a remote user from loggin
g in and accessing a shell (via ssh, telnet, or another login
service), you can set the default shell for a user to nologin.

For example: # useradd
-
s /sbin/nologin jerryb



A common practice with Web hosting is to allow a user to place content on the ser
ver, often in that
user’s /home/username/public_html directory,



Resetting a user’s password

灡ps睤 m慲a



Af瑥爠牥s整t楮i 瑨t p慳s睯牤w s整 i琠瑯 數灩牥rs漠瑨t 畳敲e桡s 瑯 c桡h来 i琠瑨t 湥硴 t業e s桥 汯ls 楮i
Y潵oc慮aus攠瑨e c桡he



command to set an exp
iration period for the password and to trick the system into thinking that the
password is long overdue to be changed:

# chage
-
M 30
-
d 0 mary

The
-
M 30 option tells the system to expire Mary’s password every 30 days. The
-
d 0 option tricks
the system in
to thinking that her password has not been changed since January 1, 1970.


If you do that it will force a new password every 30 days



Modifying Accounts



Modifying user accounts with usermod



Assume that a new employee named Jenny Barnes will be taking
over Mary’s job. We want to
convert the mary account to a new name (
-
l jenny), new comment (
-
c"Jenny Barnes"), and home
directory (
-
d /home/jenny). You can do that with the following command:

# usermod
-
l jenny
-
c"Jenny Barnes"
-
m
-
d /home/jenny



Users c
an also change their own user information using the chfn command. This information is
stored in the /etc/passwd file and displayed when you type the finger command (e.g., finger jenny,
to get information on a given user). In this example, the full name, of
fice name, office phone, home
phone, and work phone are set by the user jenny:

$ chfn
-
f"J Smith"
-
o"A
-
111"
-
p 555
-
1212
-
h 555
-
2323



finger command opens potential security issues.



Modifying user accounts with User Manager


system
-
config
-
users



Deleti
ng User Accounts



Deleting user accounts with userdel



To delete the user account with login name mary, type the following:

# userdel mary

To wipe out her home directory along with her account, type this:

# userdel
-
r mary



Files owned by the deleted

user but not located in the user’s home directory will not be deleted.
Soo


find /
-
user mary

Searches the entire file hierarchy (start at /) for all files and directories owned by mary and prints
the filenames to the screen.


find /home
-
user mary
-
exe
c rm
-
i {}
\

;

Searches for all files and subdirectories under /home owned by mary. Run the rm command
interactively to delete each file.

find /
-
user mary
-
exec chown jenny {}
\
;

Searches for all files and subdirectories under /home that are owned by use
r mary and runs the
chown command to change each file so that it is owned by jenny instead.




Deleting user accounts with User Manager



Using du to check disk use



The following checks disk usage for several home directories:

# du
-
hcs /home/tom /home/
bill /home/tina /home/sally



Removing temp files automatically


tmpwatch


/etc/cron.daily/tmpwatch


Chapter 11: Automating System Tasks



def: shell script is a group of commands, functions, variables, or just about anything else you can
use from a shell.



1. Understanding Shell Scripts

Shell scripts are the equivalent of batch files in MS
-
DOS,



Fedora uses shell scripts (/etc/rc.d/rc.sysinit and /etc/rc) to check and mount all your file
systems, set up your consoles, configure your network, launch all y
our system services, and
eventually provide you with your login screen.



1a. Executing and debugging shell scripts

One of the primary advantages of shell scripts is that you can open them in any text editor
to see what they do.



two basic ways to execute

a shell script:



The filename is used as an argument to the shell (as in bash myscript).



the name of the interpreter placed in the first line of the script, preceded by #! (as in
#!/bin/bash), and have its execute bit set (using chmod +x). You can then run

your script
just like any other program



pound sign (#) prefaces comments



tips



Place an echo statement at the beginning of lines within the body of a loop. That way,
rather than execute the code, you can see what will be executed without making any
pe
rmanent changes.



You could use set
-
x near the beginning of the script to display each command that is
executed or launch your scripts using bash

x myscript.



keeping your code readable


1b. Understanding shell variables

Variable names within shell scripts are case
-
sensitiv
e and can be defined in the following
manner: NAME=value



characters such as the dollar sign ($), backtick (`), asterisk (*), exclamation point (!), and
others have special meaning to the shell,



In Linux, to properly interpret a file named my big! f
ile!, you need to either surround it in
double quotes or type: my
\

big
\
! file
\
!



The following example sets the output of the uname
-
n command to the MACHINE variable.
You can use parentheses to set NUM_FILES to the number of files in the current director
y
by piping (|) the output


MACHINE='uname

n'

NUM_FILES=$(/bin/ls | wc

l)



In the next example the double quotes (") tell bash to substitute the value of the variable
CurBalance. If you used single quotes ('), the shell would merely display the text
$
CurBalance


BALANCE is set to the value of the CurBalance variable: BALANCE="$CurBalance"



1c. Special shell variables

$0, $1, $2, $3…$n. $0 is special and is assigned the name used to invoke your script; the
others are assigned the values of the paramet
ers passed on the command line.



1d. Parameter expansion in bash

As mentioned earlier, if you want the value of a variable, you precede it with a $ (for
example, $CITY). This is really just shorthand for the notation ${CITY};



Table 11
-
1: Examples of bas
h Parameter Expansion

Construction

Description


${var:
-
value}

If the variable is unset or empty, expand this to
value.

${var#pattern}

Chop the shortest match for pattern from the
front of var’s value.

${var##pattern}

Chop the longest match for patte
rn from the
front of var’s value.

${var%pattern}


Chop the shortest match for pattern from the
end of var’s value.

${var%%pattern}

Chop the longest match for pattern from the
end of var’s value.


Try typing the following commands from a shell to test ho
w parameter expansion works:

FOOD="Pizza"

$ FOOD=${FOOD:
-
"Not Set"}

$ SNACK=${SNACK:
-
"Not Set"}

$ echo $FOOD

Pizza


$ echo $SNACK

Not Set



2. Performing arithmetic in shell scripts



3. Using programming constructs in shell scripts



3a. The “if...t
hen” statements


VA剉R䉌䔽ㄠ

楦 [ ⑖A剉R䉌䔠
-
敱 ㄠ] ; 瑨tn

散桯≔桥h癡物慢汥 楳 1∠





T桥h㴠睯牫w 扥b琠f潲 com灡物湧 s瑲楮t 癡汵vs, w桩h攠
-
敱 is 潦瑥渠b整瑥爠f潲 c潭灡物p朠
湵n扥牳.



ST剉R䜽≆物摡礢G

if [ $STRING ="Friday" ] ; then

echo"WhooHoo. Frida
y."

else echo"Will Friday ever get here?"

fi



You can also reverse tests with an exclamation mark (!).




Tip

Leave a space before and after the square brackets, as [ is actually a Linux command in
/usr/bin (and built into the bash shell).



A simple ba
ckup script

filename = “$HOME"

if [
-
f"$filename" ] ; then

echo"$filename is a regular file"

elif [
-
d"$filename" ] ; then

echo"$filename is a directory"

else

echo"I have no idea what $filename is"

fi



value of 0, meaning it is true, or a 1, meanin
g it is false.



Table 11
-
2: Operators for Test Expressions

Operator

What Is Being Tested?

-
a file

Does the file exist?
Table 11
-
2: Operators for Test
Expressions

(same as




-
戠f楬e


䥳 瑨攠晩汥 a s灥c楡l 扬bc欠摥癩d政

-
c f楬e

䥳 瑨t fi汥 c桡牡c瑥爠sp
散楡e (攮朮, a ch慲慣t敲e摥d楣攩? 啳敤e瑯
楤i湴nf礠s敲楡氠汩n敳 慮a t敲e楮il 摥癩des.

-
搠f楬e

䥳 瑨t fi汥 愠摩牥c瑯特?

-
e file

Does the file exist? (same as
-
a)

-
f file

Does the file exist, and is it a regular file (e.g., not a
directory, socket, pipe,
link, or device file)?

-
g file

Does the file have the set
-
group
-
id bit set?

-
G file

Does your group own the file?

-
h file

Is the file a symbolic link? (same as

L)

-
k file

Does the file have the sticky bit set?

-
L file

Is the file a symbolic link
? (same as
-
h)

-
n string

Is the length of the string greater than 0 bytes?

-
N file

Has the file been modified since it was last read?

-
O file

Do you own the file?

-
p file

Is the file a named pipe?

-
r file

Is the file readable by you?

-
s file

D
oes the file exist, and is it larger than 0 bytes?

-
S file

Does the file exist, and is it a socket?

-
t fd

Is the file descriptor connected to a terminal?

-
u file

Does the file have the set
-
user
-
id bit set?

-
w file

Is the file writable by you?

-
x f
ile

Is the file executable by you?

-
z string

Is the length of the string 0 (zero)

expr1
-
a expr2

Are both the first expression and the second expression true?

expr1
-
o expr2


Is either of the two expressions true?

file1
-
nt file2

Is the first file
newer than the second file (using the
modification timestamp)?

file1
-
ot file2


Is the first file older than the second file (using the
modification timestamp)?

file1
-
ef file2

Are the two files associated by a hard link?

var1 = var2

Is the first va
riable equal to the second variable?

var1
-
eq var2

Is the first variable equal to the second variable?

var1
-
ge var2

Is the first variable greater than or equal to the second
variable?

var1
-
gt var2

Is the first variable greater than the second varia
ble?

var1 > var2

Does the first variable sort after the second variable?

var1
-
le var2

Is the first variable less than or equal to the second variable?

var1
-
lt var2

Is the first variable less than the second variable?

var1 < var2

Does the first variab
le sort before the second variable?

var1 != var2

Is the first variable not equal to the second variable?

var1
-
ne var2

Is the first variable not equal to the second variable?


3b. The case command

case"VAR" in

Result1)

{ body };;

Result2)

{ body };;


*)

{ body } ;;

esac

you need to replace "VAR" with the variable or command to test, and each { body } block
with the actual commands to run,



# Our VAR doesn't have to be a variable,

# it can be the output of a command as well

# Perform action based

on day of week

case 'date +%a' in

"Mon")

BACKUP=/home/myproject/data0

TAPE=/dev/rft0

# Note the use of the double semi
-
colon to end each option

;;

# Note the use of the"|" to mean"or"

"Tue" |"Thu")

BACKUP=/home/myproject/data1

TAPE=/dev/rft1

;;

"Wed" |"Fri")

BACKUP=/home/myproject/data2

TAPE=/dev/rft2 ;;

# Don't do backups on the weekend.

*)

BACKUP="none"

TAPE=/dev/null ;;

esac



asterisk (*) is used as a catchall,



3c. The “for...do” loop

for VAR in LIST

do

{ body }

done



for NUMBER in 0 1 2 3 4 5 6 7 8 9

do

echo The number is $NUMBER

one



for FILE in '/bin/ls'

do

echo $FILE

done



3d. “while...do” and “until...do”

睨w汥 c潮摩o楯i 畮瑩氠con摩d楯渠



笠扯摹 }

摯湥



Here is an example of a while loop that outputs
the number

0123456789:

N=0

while [ $N

lt 10 ] ; do

echo

n $N

let N=$N+1

done



Another way to output the number 0123456789 is to use an until loop as follows:

N=0

until [ $N

eq 10 ] ; do

echo

n $N

let N=$N+1

done

4. Some useful external prog
rams


(grep)

using grep to search for all lines that contain the text /home in the /etc/passwd file as
follows: grep /home /etc/passwd



(cut)

Using an earlier example of the grep command, this line pipes a list of regular users from the
/etc/passwd file,
then displays the sixth field (
-
f6) as delimited by a colon (
-
d':'). The
hyphen at the end tells cut to read from standard input (from the pipe).



grep /home /etc/passwd | cut

f6

d':'
-



(tr)

(sed)



5. Trying some simple shell scripts

A simple telepho
ne list This idea has been handed down from generation to generation of old
Unix hacks. It’s really quite simple, but it employs several of the concepts just introduced:
#!/bin/bash

# (@)/ph

# A very simple telephone list

# Type"ph new name number" to a
dd to the list, or

# just type"ph name" to get a phone number

PHONELIST=~/.phonelist.txt

# If no command line parameters ($#), there

# is a problem, so ask what they're talking about.

if [ $#
-
lt 1 ] ; then

echo"Whose phone number did you want?"

exi
t 1

fi

# Did you want to add a new phone number?

if [ $1 ="new" ] ; then

shift

echo $* >> $PHONELIST

echo $* added to database

exit 0

fi



# Nope. But does the file have anything in it yet?

# This might be our first time using it, after all.

if [

!
-
s $PHONELIST ] ; then

echo"No names in the phone list yet!"

exit 1

else grep
-
i
-
q"$*" $PHONELIST # Quietly search the file

if [ $?
-
ne 0 ] ; then # Did we find anything?

echo"Sorry, that name was not found in the phone list"

exit 1

else

grep
-
i"$*" $PHONELIST

fi

fi

exit 0



5a. A simple backup script



6. Initializing the System

1. Boot hardware

2. Start boot loader

3. Boot the kernel



7. Starting init

upstart,



Note


Upstart has been changing in recent versions of Fedora. Up through Fedor
a 12, the system
initialization files were in /etc/event.d/rcN, such as /etc/event.d/rc5. Starting in Fedora
13, these files are in /etc/init and have a .conf filename extension. Fedora 14 offers an
updated version of the upstart launch. Expect a lot of ch
anges in this area.



Fedora 14, a new system called systemd

configuration files are located in /etc/systemd/system

services are defined in /lib/systemd/system.

uses target files that define multiple units grouped together.



multi
-
user.target defines targ
et for run level 3

and graphical.target defines init level 5



Systemd associates each target, such as multi
-
user.target, with a set of things the target
wants, that is, things the target depends on, stored in the multi
-
user.target.wants
directory.



Even
with systemd, you’ll see that most services are still defined in /etc/rc.d/init.d. You
can continue to use those files if you desire.



Note

See www.freedesktop.org/wiki/Software/systemd and
http://0pointer.de/blog/projects/systemd.html for more informati
on on systemd. Most older
commands, such as service start and chkconfig, still work under systemd. See
http://docs.fedoraproject.org/en
-
US/Fedora/14/html/Installation_Guide/s2
-
boot
-
init
-
shutdown
-
init.html for more information on upstart.



8. Starting Up a
nd Shutting Down the System



8a. Starting run
-
level scripts



Any change of run level causes the /etc/rc.d/rc script to be executed, with the new run
level as an argument.



Checks that run
-
level scripts are correct



Determines current and previous run l
evels



Decides whether to enter interactive startup



Kills and starts run
-
level scripts




8b. Understanding run
-
level scripts



Table 11
-
4: Run
-
Level Scripts Contained in /etc/init.d

Run
-
Level
Scripts

Description

acpid

Controls the Advanced Configura
tion and Power
Interface daemon, which monitors events in the
kernel and reports them to user level.

atd

Starts or stops the at daemon to receive, queue, and
run jobs submitted via the at or batch commands.

autofs

Starts and stops the automount daemon
, for
automatically mounting file systems (so, for example,
a CD can be automatically mounted when it is
inserted).

bluetooth

Starts services such as authentication, discovery,
and human interface devices for communicating with
Bluetooth devices.

cron
d

Starts or stops the cron daemon to periodically run
routine commands.

dhcpd

Starts or stops the dhcpd daemon, which
automatically assigns IP addresses to computers on a
LAN.

firstboot

Checks to see if firstboot needs to be run and, if so,
runs it.

This is typically done after Fedora is first
installed.

haldaemon

Starts the hald daemon to discover and set up
hardware. Used to mount removable media, manage
power, or auto
-
play multimedia.

halt

Terminates all processes, writes out accounting
recor
ds, removes swap space, unmounts all file
systems, and either shuts down or reboots the
machine (depending on how the command was
called).

httpd

Starts the httpd daemon, which enables your
computer to act as an HTTP server (that is, to serve
Web pages).


ip6tables

Starts the ip6tables firewall daemon, which manages
any iptables
-
style firewall rules set up for your
computer for Ipv6 networking.

iptables

Starts the iptables firewall daemon, which manages
any iptables
-
style firewall rules set up for yo
ur
computer.

killall

Shuts down any subsystems that may still be running
prior to a shutdown or reboot.

messagebus

Runs the dbus
-
daemon for broadcasting system
messages to interested applications.

netfs

Mounts or unmounts network (NFS, SMB, and NC
P)
file systems.

network

Starts or stops all configured network interfaces and
initializes the TCP/IP and IPX protocols.

NetworkMan
ager

Switches automatically to the best
-
available network
connections.

nfs

Starts or stops the NFS
-
related daemons (
rpc.nfsd,
rpc.mountd, rpc.statd, and rcp.rquotad) and exports
shared file systems.

ntpd

Runs the Network Time Protocol daemon (ntpd),
which synchronizes system time with Internet
standard time servers.

openvpn

Runs the OpenVPN virtual private network
service.

rsyslog

Starts or stops the klogd and rsyslogd daemons that
handle logging events from the kernel and other
processes, respectively.

sendmail

Controls the sendmail daemon, which handles
incoming and outgoing SMTP (Simple Mail Transport
Proto
col) mail messages.

smb

Starts or stops the smbd and nmbd daemons for
allowing access to Samba file and print services.

snmpd

Starts or stops the snmpd (Simple Network
Management Protocol) daemon, which enables others
to view machine
-
configuration in
formation.

sshd

Runs the secure shell daemon (sshd), which listens
for requests from ssh clients for remote login or
remote execution requests.

vsftpd

Runs the Very Secure FTP server (vsftpd) to provide
FTP sessions to remote clients for downloading
and
uploading files.

winbind

Runs the winbind service for Samba file and print
services.



Each script is linked with K stops with S starts


two digits following the K or S select the priority



All of the programs within the /etc/rcX.d directories (wh
ere X is replaced by a run
-
level
number) are symbolic links, usually to a file in /etc/init.d.

9. Understanding what startup scripts do



10. Changing run
-
level script behavior

Note

Always make a copy



Many of the startup scripts use a file in the /etc/sy
sconfig



11. Reorganizing or removing run
-
level scripts


Caution

:You should never remove the run
-
level file from the /etc/init.d directory.



system
-
config
-
services

chkconfig
--
list | less

chkconfig
--
list cups

ntsysv



12. Adding run
-
level scripts



13.

Managing xinetd services

Several services, particularly network services, are not handled by separate run
-
level
scripts. Instead, a single run
-
level script called xinetd (formerly inetd) is run to handle
incoming requests for these services.



Fewer daemo
n processes



Access control and logging



14. Manipulating run levels

telinit command (really just a symbolic link to init) enables you to specify a desired run level,



14a. Determining the current run level

# runlevel S 5



14b. Changing to a shutdown r
un level

reboot, halt, poweroff, and shutdown



15. Scheduling System Tasks



15a. Using at.allow and at.deny


limit which users can use the at facility. The file /etc/at.allow contains a list of users who
are granted access, and the file /etc/at.deny cont
ains a similar list of those who may not
submit at jobs.


15b. Specifying when jobs are run

Table 11
-
5: Samples for Specifying Times in an at Job

Command Line

Description

at now

The job is run immediately.

at now + 2
minutes

The job will start two min
utes from the
current time.





15c. Submitting scheduled jobs



Piped in from standard input


echo"cd /tmp/perl; make ; ls
-
al" | at 2am tomorrow



Read as standard input

$ at 23:40

at> cd /tmp/perl

at> make

at> ls
-
al

at> <Ctrl
-
d>



Read from a file



$ at
-
f /root/bin/runme now + 5 hours




15d. Viewing scheduled jobs


atq

(effectively the same as at
-
l)



# atq

2 Sun Jan 9 00:51 a ericfj

3 Sun Jan 9 00:52 a ericfj

4 Sun Jan 9 23:52 a ericfj

Here you can see that three at jobs are pending (job
numbers 2, 3, and 4, all indicated as a).
After the job number, the output shows the date and hour each



15e. Deleting scheduled jobs

# atrm 19 20



15f. Using the batch command

If system resources are at a premium on your machine, or if the job you submi
t can run at a
priority lower than normal, the batch command (equivalent to at
-
q b) may be useful.



$ batch

at> du
-
h /home > /tmp/duhome

at> <Ctrl+d>



As soon as the load average is low enough, the command is run.



15g. Using the cron facility

cron
includes two access control files designed to limit which users can use it. The file
/etc/cron.allow contains a list of users who are granted access, and the file /etc/cron.deny



four places where a job can be submitted



/var/spool/cron/username



/etc/cron
tab



/etc/cron.d



/etc/cron.hourly, /etc/cron.daily, /etc/cron.weekly, and /etc/cron.monthly
directories




Table 11
-
6: Valid /etc/crontab Field Values

#

Field

Acceptable Values

1

minute

Any integer between 0 and 59

2

hour

Any integer between 0 and 23
, using a 24
-
hour
clock

3

day of
the
month

Any integer between 0 and 31

4

month

Any integer between 1 and 12, or an abbreviation
for the name of the month (Jan, Feb, Mar, Apr,
May, Jun, Jul, Aug, Sep, Oct, Nov, Dec)

5

day of
the
week

Any integer be
tween 0 and 7 (as a convenience,
both 0 and 7 can represent Sunday, 1 is Monday, 2
is Tuesday, and so on), or abbreviation for the day
(Sun, Mon, Tue, Wed, Thu, Fri, Sat)


15g. Modifying scheduled tasks with crontab

The files in /var/spool/cron should not

be edited directly. They should only be accessed via
the crontab command.



command: $ crontab
-
l



crontab
-
r



crontab
-
e



15h. Understanding cron files

examples



/etc/cron.daily/logrotate



/etc/cron.daily/makewhatis.cron



/etc/cron.daily/mlocate.cron



/e
tc/cron.daily/tmpwatch

makewhatis.cron script installed in /etc/cron.weekly is similar to the one in /etc/cron.daily
but it completely rebuilds the whatis database,



Finally, the /etc/cron.d directory contains files that have the same format as /etc/cron
tab
files.