Inserisci Infobox

System Administration

Common administration activities on Linux distributions

Fedora - Syslog.conf
Autore: al - Ultimo Aggiornamento: 2004-09-07 10:46:34 - Data di creazione: 2004-09-07 10:46:34
Tipo Infobox: STDOUT - Skill: 3- INTERMEDIATE

Fedora's /etc/syslog.conf follows a standard logic: mail logs are stored in /var/log/maillog, system's logs are in /var/log/messages, cron jobs activities are in /var/log/cron, authentication data are in /var/log/secure.

[[email protected] /]# cat /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none;local6.none            /var/log/messages

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  /var/log/maillog

# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 *

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log
local6.*                                                /var/log/dhcpd.log

Managing Linux users
Autore: al - Ultimo Aggiornamento: 2004-09-17 18:19:18 - Data di creazione: 2004-09-17 18:19:18
Tipo Infobox: DESCRIPTION - Skill: 2- JUNIOR

Linux as every Unix is a full multiuser operating system, with a privileged user (root), system users used to launch system commands and daemons (lp, nobody, mail, news, uucp ...) and normal human interactive users.

The users database is /etc/passwd (its logic and syntax is the same for every Linux)
Every modern Linux stores local users' passwords (and data) in /etc/shadow
Users can be placed in groups, defined in /etc/group
Systems's settings for UID/GID policy, password and login management are usually stored in /etc/login.defs.
The standard user files (copied in its home directory, when a user is created) are in /etc/skel/
The commands useradd, userdel, usermod are the basic ones that can be used to handle users.
The command passwd is used to change passwords.
Every Linux distro provides its own text or graphical frontends for user management (sometimes more than one) and many of them can use external sources for authentication and accounting: LDAP, an NT or Active Directory Domain, NIS. Usually these databases, useful for a centrally managed user base, use used before checking local authentication data in the above mentioned files.

The graphical tools that can be used to manage easily users change according to the distro used:

FEDORA provides its own User Manager (Command: system-config-users, Menu System Settings - Users and groups) to handle local users and the Authentication Configuration tool (Command: system-config-authentication, Menu System Settings - Authentication) to configure easily an external authentication mechanism and activate the use of shadow passwords. The text based authconfig utility can be used also for these settings.

MANDRAKE provides the utility /usr/sbin/userdrake to manage users with a nice graphical interface (Menu System - Configuration - Other - User Administration).

SLACKWARE does not provide custom user configuration tools. If installed from the CDs, it's possibile to use graphical tools as kuser on KDE, or the normal command line programs like adduser.

Logging system
Autore: al - Ultimo Aggiornamento: 2004-09-17 18:37:45 - Data di creazione: 2004-09-17 18:37:45
Tipo Infobox: DESCRIPTION - Skill: 2- JUNIOR

Applications can log in two ways: according to their autonomous logic or via the system's log daemon: syslog
The syslog daemon has /etc/syslog.conf configuration file: analyze it in order to know where logs are stored.
Usually the directory /var/log/ is used for the system logs.

Many distributions provide tools to manage and analyze the system logs.
Logrotate is a well known log rotation tool which usually is configured in the /etc/logrotate.conf file and may have additional package-defined configurations in the /etc/logrotate.d/ directory

In order to understand what's happening on the system a brief analysys of /etc/syslog.conf is mandatory for checking the main logs positions.

Here is the basic logic used in the main Linux distro:

FEDORA logs the most relevant system messages in /var/log/messages, the mail messages in /var/log/maillog, the authentication attempts in /var/log/secure.
It uses by default LogRotate and provides the useful LogWatch to monitor and analyze system logs.
The command system-logviewer (Menu: System Tools - System Logs) is an handly graphical interface to check various logs.

MANDRAKE logs system messages in /var/log/syslog and /var/log/messages, mail messgaes in the directory /var/log/mail/ with different files for different logging levels, kernel messages in /var/log/kernel/, messages from varios daemons in the directory /var/log/daemons/, Mandrake's own configuration tools messages in /var/log/explanations, every kind of message on the tty12 virtual console, authentication data in /var/log/auth.log.
Interesting security related reports, not generated by syslog, but by Mandrake's own cronjob: /etc/cron.daily/msec are placed in /var/log/security/.
Logrotate is installed by default and supported by most of the packages.

SLACKWARE provides quite standard logging positions, with system messages in /var/log/messages and /var/log/syslog, mail messages in /var/log/maillog, authentication attempts in /var/log/secure. Logrotate is installed by default and supported by most of the packages.

Task scheduling
Autore: al - Ultimo Aggiornamento: 2004-09-17 18:37:51 - Data di creazione: 2004-09-17 18:37:51

The are two common ways to schedule the unattended execution of programs: at and cron.

Usually at is installed without any default rule, cron, instead is installed and required for the execution of various system event (Read: NEVER disable cron).
Cron's system config file is /etc/crontab, users can store their own cron jobs in /var/spool/cron
Many distro provide (or require) anacron in order to execute "missed" cron jobs (planned at an hour when the system was off).
As usual, besides the common textual nature, there can be different graphical tools to manage and configure cronjobs.

Analyzing the system cron configuration files is often useful. Let's see a brief overview of the major distros:

FEDORA cronjobs are configured in /etc/crontab, in the directories /etc/cron.hourly/, /etc/cron.daily/, /etc/cron.weekly, /etc/cron.monthly, /var/spoll/cron/ (cron files per single users), /etc/cron.d.
The graphical tool used is KCron (Menu System Tools - Task Scheduler).

MANDRAKE cron activities are configured exactly in the same files and directories used by RedHat.

SLACKWARE doesn't use the usual /etc/crontab file and stores the systems's cron jobs in the /var/spool/cron/crontabs/root file, the same directory can contain the cron jobs of the single users.
Similarly to other distros, in the directories /etc/cron.hourly/, /etc/cron.daily/, /etc/cron.weekly, /etc/cron.monthly can be placed scripts to be executed at the relative interval. Slack uses dcron, which is an essential and simple cron implementation rewritten from scratch.

Slackware - syslog.conf
Autore: al - Ultimo Aggiornamento: 2004-11-14 10:14:04 - Data di creazione: 2004-11-14 10:14:04
Tipo Infobox: STDOUT - Skill: 3- INTERMEDIATE

Slack's syslogd configuration is quite normal, with info system messages logged in /var/log/messages, system warnings logged in /var/log/syslog, mail movements in /var/log/maillog, authentication records in /var/log/secure and general debug information in /var/log/debug.

[email protected]:/home/al# cat /etc/syslog.conf
# [...]
# Uncomment this to see kernel messages on the console.
#kern.*                                                 /dev/console

# Log anything 'info' or higher, but lower than 'warn'.
# Exclude authpriv, cron, mail, and news.  These are logged elsewhere.

        authpriv.none;cron.none;mail.none;news.none     -/var/log/messages

# Log anything 'warn' or higher.
# Exclude authpriv, cron, mail, and news.  These are logged elsewhere.

        authpriv.none;cron.none;mail.none;news.none     -/var/log/syslog

# Debugging information is logged here.
*.=debug                                                -/var/log/debug

# Private authentication message logging:
authpriv.*                                              -/var/log/secure

# Cron related logs:
cron.*                                                  -/var/log/cron

# Mail related logs:
mail.*                                                  -/var/log/maillog

# Emergency level messages go to all users:
*.emerg                                                 *

# This log is for news and uucp errors:
uucp,news.crit                                          -/var/log/spooler
# [...]

Mandrake - /etc/syslog
Autore: al - Ultimo Aggiornamento: 2004-11-14 10:03:40 - Data di creazione: 2004-11-14 10:03:40
Tipo Infobox: STDOUT - Skill: 2- JUNIOR

Compared to other distros, Mandrake's /etc/syslog.conf has some particular settings that place some of its logs in unusual places.

[[email protected] root]# cat /etc/syslog.conf
# Various entry
auth,authpriv.*                                                 /var/log/auth.log
*.*;auth,authpriv.none                                          -/var/log/syslog
user.*                                                          -/var/log/user.log

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;;news.none;authpriv.none                                       -/var/log/messages

# The authpriv file has restricted access.
authpriv.*                                                      /var/log/secure

# Mail logging
mail.=debug;mail.=info;mail.=notice                             -/var/log/mail/info
mail.=warn                                                      -/var/log/mail/warnings
mail.err                                                        -/var/log/mail/errors

# Cron logging
cron.=debug;cron.=info;cron.=notice                             -/var/log/cron/info
cron.=warn                                                      -/var/log/cron/warnings
cron.err                                                        -/var/log/cron/errors

# Kernel logging
kern.=debug;kern.=info;kern.=notice                             -/var/log/kernel/info
kern.=warn                                                      -/var/log/kernel/warnings
kern.err                                                        /var/log/kernel/errors

# Lpr logging
lpr.=debug;lpr.=info;lpr.=notice                                -/var/log/lpr/info
lpr.=warn                                                       -/var/log/lpr/warnings
lpr.err                                                         -/var/log/lpr/errors

# News logging
news.=debug;news.=info;news.=notice                             -/var/log/news/news.notice
news.=crit                                                      -/var/log/news/news.crit
news.=err                                                       -/var/log/news/news.err

# Daemons logging
daemon.=debug;daemon.=info;daemon.=notice                       -/var/log/daemons/info
daemon.=warn                                                    -/var/log/daemons/warnings
daemon.err                                                      -/var/log/daemons/errors

# Everybody gets emergency messages
*.emerg                                                         *

# Save mail and news errors of level err and higher in a
# special file.
uucp,news.crit                                                  -/var/log/spooler

# Save boot messages also to boot.log
local7.*                                                        -/var/log/boot.log

# Explanations from Mandrake Linux configuration tools
local1.*                                                        -/var/log/explanations
*.* /dev/tty12

Privacy Policy