Essential System Administration

iEleen Frisch

Preface xv

UNIX Versions Discussed xvii iAudience xixOrganization xxConventions Used in this Handbook xxiiAcknowledgments

'

Chapter 1 Introduction to System Administration 1

The System Administrator's Job 1Becoming Superuser 5Communicating with Users 7

Interactive Communication with Users 7Sending a Message to All Users 8The Message of the Day 9System V Local System News 9Sending Mail to a Group of Users 1 0

Essential Administrative Tools 1 2Menu Interfaces for System Administration 1 7

Chapter 2 The UNIX Way : 20

Files 2 1File Ownership l4 22File Protection 25How to Recognize a File Access Problem 32Mapping Files to Disks 34File Types 35

Processes 40

Process Types 40Process Attributes 42The Life Cycle of a Process 43SUID and SGID File Access and Process Execution 44The Relationship Between Commands and Files 46

Devices 47Fixed Disk Special Files 49Special Files for Other Devices 5 1

The UNIX Filesystem Layout 5 2The /usr Directory 5 5System V.4 Filesystem Organization 57

Chapter 3 Startup and Shutdown 59

The UNIX Boot Process 6 0Single-User Mode 62System V Run-levels 6 3

Starting a Boot 6 5Filesystem Checking 66

UNIX Initialization Scripts 67BSD Initialization Files 68System V Initialization Files 76

Shutting Down a UNIX System 8 5Shutdown and Automatic Reboot 88Rebooting from Single-user Mode 89Shutdown and Halt 89Guaranteeing Disk Accuracy 90Disabling Logins Under BSD 9 1Aborting a Shutdown 9 1Fake Shutdowns (BSD and AIX 3 .1) 92

When the System Crashes 92When the System Won't Boot 94

Chapter 4 User Accounts ., , m „.u~v~„*, „ « .,,, . ~,,.n•.,. .t 96

Adding New Users 97Defining a New User Account 98Assigning User Passwords 10 1Setting Password Restrictions 105

Creating a Home Directory 110Initialization Files 110Setting File Ownership 117Adding the User to Other System Facilities 117Adding the User to Secondary Groups 117Additional Tasks 11 8Testing the New Account 11 8Automating the Account Creation Process 11 9Captive Accounts 12 4Removing a User Account 12 5

'UNIX Groups 12 6The /etc/group File 12 8

.Standard UNIX Users and Groups 13 1

Chapter 5 Security 134

UNIX Lines of Defense 136Preventing Security Problems 14 1

Password File Issues 14 1Using Groups Effectively 145The SUID and SGID Access Modes 14 7Search Path Issues 15 1Encryption 15 1Dialup Passwords 15 3AIX 3 .1 Access Control Lists 15 6

Detecting Problems 16 1Monitoring the Filesystem 16 1Tools for Detective Work 16 7

Chapter 6 Automating Routine Tasks 17 6

Using Scripts Effectively 177Example : Password File Security 177Example : Monitoring Disk Usage 179

Periodic Program Execution : The cron Facility 18 4Execution Scheduling 18 4Adding Crontab Entries 18 7Using cron to Automate System Administration 18 9cron Security Issues 191

Chapter 7 Managing System Resources 19 3

Monitoring System Load 19 3Controlling Execution Priorities 19 7

Destroying Processes 20 0Introducing the System V.4 Process Scheduler 20 1UNIX Batch Processing Facilities 204

Process Resource Limits 20 5Managing Memory 20 7

Monitoring Memory Use and Paging Activity 20 9Managing Paging Space 214

Managing Disk Usage with Disk Quotas (BSD and V.4) 22 1Preparing Filesystems for Quotas 22 2Setting Users ' Quota Limits 22 3Enabling Quota Checking 22 3

Chapter 8 Filesystems and Disks 225

Mounting and Dismounting Filesystems 226The mount and umount Commands 229The Filesystem Configuration File 229Automatic Filesystem Mounting 234

Managing Disk Space Usage 235df: Display Filesystem Statistics 235du: Report on Disk Usage 236quot: Report Usage by User (BSD, XENIX, and V.4) 23 7Handling Disk Shortage Problems 237

Using fsck to Validate a Filesystem 242After fsck 246

From Disks to Filesystems 246Disk Partitions 246Filesystems 249

Adding Disks ; 25 1Adding a Hard Disk (XENIX and Interactive UNIX) 25 2Adding Disks to Multiuser Systems (BSD and System V) 254Remaking an Existing Filesystem 257

Striped Disks 25 8

Floppy Disks 25 9

Floppy Disk Special Files 26 0Disks and Filesystems Under AIX 3 .1 26 1

Disks 261

Volume Groups 262Logical Volumes 263Filesystems 266Adding a Disk Under AIX 3 .1 267Reorganizing the Default root Volume Group Structure 268

System V.4 Additional Device Management Features 270The Device Database 270Device Groups 272

Chapter 9 Backup and Restore 27 3

Backing Up the Filesystem 274Is tar Enough? 275Planning a Backup Schedule 276Backup Under System V.3 279Backup Under BSD 280The V.4 Backup Service 28 4Other Backup Considerations 28 7

Restoring Files from Backup 28 9Restore Under System V.3 28 9Restore Under BSD, AIX 3 .1, XENIX, and V.4 290restore's Interactive Mode 29 3The V.4 Restore Service 294

Storing Backup Media 295Tape Special Files 296

Chapter 10 Terminals and Modems 29 8

Terminal-Related Special Files 29 8Specifying Terminal Characteristics 30 0

termcap and terminfo 30 0The tset Command 302The stty Command 305

Adding a New Device 307Making the Physical Connection 307Gather the Necessary Data 31 5Terminal Line Configuration Files 316Starting the Terminal Line 325

Troubleshooting Terminal Problems 326

Configuring a Dialin/Dialout Modem 327

Chapter 11 Printers and the Spooling Subsystem 329

The BSD Spooling System 330

The printcap File 33 1

Spooling Directories 33 2The Spooling Daemon 33 3Managing Queues 33 4

Adding a New Printer 33 6Remote Printing 33 7

System V Printing 33 8

Device Classes 33 8

Setting the System Default Destination 339

Obtaining Destination Status Information 339Manipulating Individual Print Requests 340Controlling Print Queues 341Starting and Stopping the Print Service 342Managing Printers and Destination Classes 342Adding a New Printer 345Enhancements to the System V Printing System 346

The AIX 3 .1 Queueing System 352The /etc/qconfig File 353Controlling Queues and Print Jobs 356Adding a New Printer 359Configuring Remote Printing 35 9Using the Queueing System as a Batch Service 36 0

Troubleshooting Printers 36 1

Chapter 12 TCP/IP Network Management 36 3

About TCP/IP Networking 36 3

Hostnames 36 5

Network Addresses 36 5

The Host Table /etc/hosts 367

Network Daemons 368Monitoring the Network 370Adding a New Host 372

Network Security 373Host Level Equivalence 373Account Equivalence 374

NFS and NIS 375About NFS 376Mounting Remote Directories 377NIS 38 1

TCP/IP Networking and AIX 3 .1 382

Chapter 13 Accounting 384

Standard Accounting Files 385BSD Accounting 386

Enabling and Disabling Accounting 387Merging Accounting Records into the Summary Files 387Administrative Accounting Options 38 8After a Crash 38 9Image-Based Resource Use Reporting : sa 390Connect Time Reporting : ac 392

System V Accounting 393Setting Up Accounting 394Accounting Reports 396Accounting Under XENIX 39 8Accounting Under AIX 3 .1 39 8

Bourne Shell Programming Appendix 400

Basic Syntax 400The dot Command 40 1Return Codes and the exit Command 40 1Argument Symbols and Other $ Abbreviations 402Parameter Substitution 40 3

The if Statement 40 4The test Command, aka [ 40 6

Other Control Structures 40 8The while and until Commands 408The case Command 409The for Command 410The Null Command 411

Getting Input : The read Command 41 1Other Useful Commands : 412

set 412expr 412eval 41 3

Functions 41 3

Bibliography „f e 41 5

Index 417