Unix and linux system administration handbook

Visit us on the Web: informit.com/ph Library of Congress Cataloging-in-Publication Data UNIX and Linux system administration handbook / Evi Nemeth .... ed of: Unix system administration

SYSTEM

ADMINISTRATION

/FX
:PSL
t
5PSPOUP
t
.POUSFBM
t
-POEPO
t
.VOJDI
t
1BSJT
t
.BESJE

$BQFUPXO
t
4ZEOFZ
t
5PLZP
t
4JOHBQPSF
t
.FYJDP
$JUZ

Evi Nemeth Garth Snyder Trent R Hein Ben Whaley

SYSTEM

ADMINISTRATION

with Terry Morreale, Ned McClain, Ron Jachim, David Schweikert, and Tobi Oetiker

U.S Corporate and Government Sales

(800) 382-3419

corpsales@pearsontechgroup.com

For sales outside the United States, please contact International Sales (international@pearson.com)

Visit us on the Web: informit.com/ph

Library of Congress Cataloging-in-Publication Data

UNIX and Linux system administration handbook / Evi Nemeth [et al.]

—4th ed

p cm

Rev ed of: Unix system administration handbook, 3rd ed., 2001

Includes index

ISBN 978-0-13-148005-6 (pbk : alk paper)

1 Operating systems (Computers) 2 UNIX (Computer file) 3 Linux

I Nemeth, Evi II Unix system administration handbook

QA76.76.O63N45 2010

005.4'32—dc22

2010018773 Copyright © 2011 Pearson Education, Inc

All rights reserved Printed in the United States of America This publication is protected by copyright, and permission

must be obtained from the publisher prior to any prohibited reproduction, storage in a retrieval system, or transmission

in any form or by any means, electronic, mechanical, photocopying, recording, or likewise For information regarding

permissions, write to:

Pearson Education, Inc

Rights and Contracts Department

501 Boylston Street, Suite 900

Boston, MA 02116

Fax: (617) 671-3447

ISBN-13: 978-0-13-148005-6

ISBN-10: 0-13-148005-7

Text printed in the United States on recycled paper at Edwards Brothers in Ann Arbor, Michigan

First printing, June 2010

v

Table of Contents

ACKNOWLEDGMENTS xlvi

SECTION ONE: BASIC ADMINISTRATION

CHAPTER 1 WHERE TO START 3

Essential duties of the system administrator 4

Account provisioning 4

Adding and removing hardware 4

Performing backups 5

Installing and upgrading software 5

Monitoring the system 5

Troubleshooting 5

Maintaining local documentation 5

Vigilantly monitoring security 6

Fire fighting 6

Suggested background 6

Friction between UNIX and Linux 7

Linux distributions 9

Example systems used in this book 10

Example Linux distributions 11

Example UNIX distributions 12

Ways to find and install software 21

Determining whether software has already been installed 22

Adding new software 23

Building software from source code 25

System administration under duress 26

Recommended reading 27

System administration 27

Essential tools 27

Exercises 28

CHAPTER 2 SCRIPTING AND THE SHELL 29 Shell basics 30

Command editing 30

Pipes and redirection 31

Variables and quoting 32

Common filter commands 33

cut: separate lines into fields 34

sort: sort lines 34

uniq: print unique lines 35

wc: count lines, words, and characters 35

tee: copy input to two places 35

head and tail: read the beginning or end of a file 36

grep: search text 36

bash scripting 37

From commands to scripts 38

Input and output 40

Command-line arguments and functions 40

Variable scope 42

Control flow 43

Loops 45

Arrays and arithmetic 47

Regular expressions 48

The matching process 49

Literal characters 49

Special characters 50

Example regular expressions 51

Captures 52

Greediness, laziness, and catastrophic backtracking 53

Perl programming 54

Variables and arrays 55

Array and string literals 56

Function calls 56

Type conversions in expressions 57

String expansions and disambiguation of variable references 57

Hashes 57

References and autovivification 59

Regular expressions in Perl 60

Input and output 61

Control flow 61

Accepting and validating input 63

Perl as a filter 64

Add-on modules for Perl 65

Python scripting 66

Python quick start 67

Objects, strings, numbers, lists, dictionaries, tuples, and files 69

Input validation example 70

Loops 71

Scripting best practices 73

Recommended reading 74

Shell basics and bash scripting 74

Regular expressions 75

Perl scripting 75

Python scripting 75

Exercises 76

Booting to single-user mode 86

Single-user mode with GRUB 86

Single-user mode on SPARC 86

HP-UX single-user mode 87

AIX single-user mode 87

Working with startup scripts 87

init and its run levels 88

Overview of startup scripts 89

Red Hat startup scripts 91

SUSE startup scripts 93

Ubuntu startup scripts and the Upstart daemon 94

HP-UX startup scripts 95

AIX startup 95

Booting Solaris 97

The Solaris Service Management Facility 97

A brave new world: booting with SMF 99

Rebooting and shutting down 100

shutdown: the genteel way to halt the system 100

halt and reboot: simpler ways to shut down 101

Exercises 102

CHAPTER 4 ACCESS CONTROL AND ROOTLY POWERS 103 Traditional UNIX access control 104

Filesystem access control 104

Process ownership 105

The root account 105

Setuid and setgid execution 106

Modern access control 106

Role-based access control 108

SELinux: security-enhanced Linux 109

POSIX capabilities (Linux) 109

PAM: Pluggable Authentication Modules 109

Kerberos: third-party cryptographic authentication 110

Access control lists 110

Real-world access control 110

Choosing a root password 111

Logging in to the root account 112

su: substitute user identity 113

sudo: limited su 113

Password vaults and password escrow 117

Pseudo-users other than root 118

Exercises 119

CHAPTER 5 CONTROLLING PROCESSES 120 Components of a process 120

PID: process ID number 121

PPID: parent PID 121

UID and EUID: real and effective user ID 122

GID and EGID: real and effective group ID 122

Niceness 123

Control terminal 123

The life cycle of a process 123

Signals 124

kill: send signals 127

Process states 128

nice and renice: influence scheduling priority 129

ps: monitor processes 130

Dynamic monitoring with top, prstat, and topas 133

The /proc filesystem 135

strace, truss, and tusc: trace signals and system calls 136

Runaway processes 138

Recommended reading 139

Exercises 139

CHAPTER 6 THE FILESYSTEM 140 Pathnames 142

Absolute and relative paths 142

Spaces in filenames 142

Filesystem mounting and unmounting 143

The organization of the file tree 145