UNIX System Administration phần 1 pps

 1991-1998 University Technology Services, The Ohio State University, Baker Systems EngineeringBuilding, 1971 Neil Avenue, Columbus, OH 43210.All rights reserved.. PART I IntroductionOv

 1991-1998 University Technology Services, The Ohio State University, Baker Systems EngineeringBuilding, 1971 Neil Avenue, Columbus, OH 43210.

All rights reserved Redistribution and use, with or without modification, are permitted provided that the following conditions are met:

1 Redistributions must retain the above copyright notice, this list of conditions, and the following disclaimer.

2 Neither the name of the University nor the names of its contributors may be used to endorse or promote products or services derived from this document without specific prior written permission.

THIS PUBLICATION IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND THIS PUBLICATION MAY INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS.

UNIX is a registered trademark of The Open Group Sun, SunOS, Solaris, SPARC, NFS, NIS, NIS+,JumpStart, OpenWindows, Sunview and SunInstall are trademarks or registered trademarks of SunMicrosystems, Inc Ultrix, Digital UNIX and DEC are trademarks of Digital Equipment Corporation.HP-UX is a trademark of Hewlett-Packard Co IRIX is a trademark of Silicon Graphics, Inc AIX is

a trademark of International Business Machines, Inc AT&T is a trademark of American Telephoneand Telegraph, Inc GNU is a trademark of the Free Software Foundation X Window System is atrademark of Massachusetts Institute of Technology Ethernet is a registered trademark of XeroxCorporation Netscape is a copyright of Netscape Communications Crop Mosaic is a copyright of theNational Center for Supercomputing Applications at the University of Illinois, Urbana-Champaign.All other products mentioned are trademarks of their respective owners

This publication is available via the Internet as:

ftp://wks.uts.ohio-state.edu/sysadm_course/sysadm_book.psand

http://wks.uts.ohio-state.edu/sysadm_course/sysadm.html

Also available via the Internet is Introduction to Unix:

ftp://wks.uts.ohio-state.edu/unix_course/unix_book.psand

http://wks.uts.ohio-state.edu/unix_course/unix.html

Acknowledgements: The author wishes to thank the following for helpful advice and discussionsrelated to the material presented in this document: Harpal Chohan, Bob DeBula, Bob Manson, SteveRomig, and Bill Yang

Table of Contents

PART I Introduction 9

1 Overview 11

1.1 What is UNIX System Administration? 11

1.2 Daily Tasks of a System Administrator 11

1.3 Startup and Shutdown 11

1.4 Periodic Processes 12

1.5 Managing File Systems 12

1.6 Responsibilities to the users 12

1.7 Hardware responsibilities 12

1.8 Types of SunOS Systems 12

1.9 Resources for System Administrators 13

1.10 UTS Software Support 15

2 Disk Structure and Partitions 17

2.1 Disk Structure and Partitions 17

2.2 Disk Partitions 19

3 Devices 27

3.1 Logical Names 27

3.2 Disk Partitioning 28

3.3 Disk Label and Bootblock 31

3.4 Tapes 32

4 The UNIX File System 33

4.1 File Systems 33

4.2 File System Types 35

4.3 Compatibility 38

4.4 Names & contents of important UNIX directories 40

4.5 File structure of standalone and server machines 43

4.6 Disk Partitioning 43

5 File System Management 45

5.1 File System Management 45

5.2 Fsck 46

5.3 Disk Check Commands 47

5.4 Swapping and Paging 48

5.5 Adding swap space 49

5.6 Setting up a Cache File System 50

5.7 XFS (IRIX) 52

5.8 File System Quotas 52

5.9 Miscellaneous useful commands 53

5.10 Log files 54

6 Startup and Shutdown 55

6.1 Booting 55

6.2 Run Levels (SunOS 5.X, IRIX 5.X) 57

6.3 /etc/inittab (SunOS 5.X, IRIX 5.X, Digital UNIX) 57

6.4 Sun PROM 65

6.5 SGI Indy PROM 67

6.6 Diskless Workstations 67

6.7 Shutdown 69

6.8 Crashes 70

7 Operating System Installation 71

7.1 Suninstall 71

7.2 SunOS 4.1.X 71

7.3 SunOS 5.X 74

7.4 Post Install Actions 84

7.5 Sun Patch List 86

7.6 IRIX 5.X 90

8 Kernel Configuration 91

8.1 SunOS 4.1.X 91

8.2 SunOS 5.X 92

8.3 IRIX 5.X 100

8.4 Digital UNIX 101

8.5 Ultrix 101

9 Adding Hardware 103

9.1 SunOS 4.1.X 103

9.2 SunOS 5.X 110

9.3 IRIX 5.X 110

10 Special Files 111

10.1 Special Files 111

10.2 SunOS 4.X 112

10.3 SunOS 5.X 112

10.4 IRIX 5.X 113

10.5 Ultrix and Digital UNIX 114

11 System Directories 115

11.4 /usr - system programs, libraries, etc .120

12 User accounts 123

12.1 User accounts 123

12.2 Admittance - login procedure 126

12.3 Password Aging, SunOS 4.1.X 126

13 Daily System Administration 127

13.1 User and Group Administration 127

13.2 Communicating with system users 129

13.3 Running programs automatically, cron & at 129

14 Administration Tool & Solstice Adminsuite 131

14.1 Admintool 131

14.2 Solstice Adminsuite 131

14.3 Services Managed 132

14.4 The Distributed System Administration Daemon 140

14.5 Program Locations 140

15 Package Administration 141

15.1 Packages 141

15.2 Packages Distributed with Solaris 2.5 143

15.3 Swmtool 150

15.4 SunOS 4.X 152

15.5 IRIX 5.X 153

15.6 Digital UNIX and Ultrix 154

16 Backup Procedures 155

16.1 Backup Procedures 155

16.2 Backup strategies 155

16.3 Backup and Restore Commands 156

PART II Network Services 161

17 Service Access Facility 163

17.1 Overview of Service Access 163

17.2 Service Access Facility Overview 164

17.3 Service Access Controller 164

17.4 Port Monitors 165

17.5 Setting Up a Terminal 166

17.6 Network Port Monitors 168

17.7 Terminal Control 170

17.8 Summary 172

18 The Network 173

18.1 The Network 173

18.2 Hardware used in a network 174

18.3 Ethernet Frame 175

18.4 Trouble shooting the Ethernet 176

18.5 Monitoring the network 177

18.6 Difference between Ethernet and Internet Addresses 179

19 Network Administration 181

19.1 Network Initialization 181

19.2 Host Names and addresses 185

19.3 Services 187

19.4 Network Programs 188

19.5 SunOS 5.X 191

19.6 Ultrix and Digital UNIX 193

19.7 Miscellaneous Configuration Files 194

20 Distributed File System Administration 195

20.1 Distributed File Systems 195

20.2 NFS Protocol 196

20.3 SunOS 4.1.X 198

20.4 SunOS 5.X 202

20.5 DFS Command Summary 205

20.6 IRIX 5.X, Ultrix and Digital UNIX 206

20.7 NFS statistics 206

21 Network Information Services (NIS and NIS+) 209

21.1 What is it and what does it do for you? 209

21.2 NIS 209

21.3 NIS+ 211

22 Adding Clients 219

22.1 Clients 219

22.2 Server configuration and software 219

22.3 Installing the client of a server, SunOS 4.1.X 220

22.4 JumpStart 221

22.5 AutoClient 221

PART III Selected Topics 223

23 Usenet 225

23.1 Usenet 225

23.2 Reading news, rn/rrn/xrn/trn/nn 226

23.3 Network news transfer protocol, nntp 226

23.4 Disk space requirements 226

23.5 Relevant UNIX newsgroups 227

24 Useful Utilities 229

24.1 Format online manual pages, catman 229

24.2 System process status, ps 230

24.3 Swap space and kernel inode usage, pstat 231

24.4 top 231

24.5 vmstat 232

24.8 System usage, uptime, users, who and w 239

24.9 File Compression, compress & gzip 240

24.10 Shells, tcsh & bash 240

25 Print Service 241

25.1 SunOS 4.1.X 241

25.2 SunOS 5.X 243

25.3 IRIX 5.X 252

25.4 Ultrix and Digital UNIX 252

26 Mail 253

26.1 Send and receive electronic mail via SMTP, sendmail 253 26.2 Network mail configuration file 253

26.3 The mail alias file 254

26.4 Installation of sendmail 255

26.5 Security 256

26.6 Mail programs, mail, Mail, Columbia mm, elm, etc .256 27 World Wide Web 257

27.1 WWW 257

27.2 URLs 257

27.3 WWW Server 258

27.4 WWW Browsers 258

27.5 Setting up your Server 258

27.6 Home Page 260

28 System Security 265

28.1 Security Concerns 265

28.2 What needs to be Secured? 266

28.3 Security Programs 266

28.4 Security Response Teams 267

28.5 The password and group files 267

28.6 File and Directory Permissions 269

28.7 EEPROM Security 269

28.8 Secure the console port 270

28.9 Security Loopholes 271

28.10 Additional Security Features in SunOS 5.X 273

28.11 SRI Security Report 275

28.12 CERT Security Advisories 276

29 Secure Shell, SSH 277

29.1 Secure SHell 277

29.2 SSH Programs 279

29.3 Control Files 280

29.4 Setting up the Service 284

29.5 Login Process 286

29.6 Installation 287

PART IV Summary 291

30 Summary of SunOS/Solaris Differences 293

30.1 SunOS 4.1.X and 5.X Administrative Command Differences 293 30.2 SunOS 4.1.X and 5.X Administrative File Differences 296

31 UTS UNIX Workstation Support 297

31.1 UTS WORKSTATION SUPPORT TEAM 297 31.2 Software 298

PART I Introduction

Overview Disk Structure

Devices File Systems Startup & Shutdown

Installation Kernel Configuration Adding Hardware

Special Files System Directories User Accounts Daily System Administration Administration Tool & Solstice AdminSuite

Package Administration

Backup Procedures

Introduction

C H A P T E R 1 Overview

1.1 What is UNIX System Administration?

Systems administration is the installation and maintenance of the UNIX computer system The systemadministrator will need to maintain the software and hardware for the system This includes hardwareconfiguration, software installation, reconfiguration of the kernel, networking, and anything else that’srequired to make the system work and keep it running in a satisfactory manner To do this the systemadministrator can assume superuser, or root, privileges to perform many tasks not normally available

to the average user of the system

1.2 Daily Tasks of a System Administrator

1.2.1 Manage user logins

You add accounts by assigning login id’s, groups, user id numbers, group id numbers, logindirectories, and set-up the users’ login environments You also need to balance the needs of varioususers, e.g with quotas on disk space or limits on simultaneous processes

1.2.2 Monitor system activity and security

You need to monitor disk status, system processes, user process activity, system security, and systemlog files to make sure that your resources are available and that only valid users have access to them

1.2.3 Administer file systems, devices, and network services

You need to manage disk space usage, tape and CDROM devices and network services to make surethat these resources are available

1.3 Startup and Shutdown

Startup is when you boot the system from the PROM This can be from cdrom, disk, or over the

network (ethernet) The shutdown programs, shutdown/reboot/halt, allow you to close down the

system in an orderly fashion

Overview Overview

1.4 Periodic Processes

Cron is the clock daemon It executes periodic processes at pre-arranged times You can use this to

clean up old files, manage log files, backup the system to tape nightly, etc

1.5 Managing File Systems

1.5.1 File System Backups

Backup and restore procedures are need to insure data integrity against disk crashes, users accidently

deleting files, for the removal of seldom used programs to free up disk space, etc You can usuallyautomate this task

1.5.2 Disk space quotas

Quotas restrict users to a finite disk space and can be set individually This insures that individual

users don’t hog the available disk space

1.6 Responsibilities to the users

You have the responsibility to provide access to disk space, CPU cycles, data integrity, operatingsystem software updates, install necessary software, mail and network access, system security

1.7 Hardware responsibilities

You are responsible for keeping the system running and maintaining it, adding new hardware, andmaking sure that everything is working properly

1.8 Types of SunOS Systems

Standalone - system can function alone, independently of other systems.

Server - a standalone machine that can serve others, e.g with disk space via NFS; can boot diskless

workstations; can serve different architectures

Dataless - has minimal disk space for systems programs and swap space only, shares file space via

NFS mount of server disk space

Diskless - has no disk; requires server for boot (via network), swap, and all program and file space AutoClient - similar to a diskless client except that it uses a local disk for caching Requires a 100 MB

local disk

Resources for System Administrators Resources for System Administrators

1.9 Resources for System Administrators

1.9.1 Network Resources

Usenet newsgroups/Mailing lists - via Internet through SONNET (the Ohio State University network) WWW pages, you can start at the Workstation Groups home page: http://www-wks.acs.ohio-state.edu SunWorld Online (formerly Advanced Systems formerly SunWorld) - now available via the World

Wide Web at http://www.sun.com/sunworldonline/index.html

1.9.2 Periodicals

Information Week - weekly publication for high-end business and technology users, Information

Week, CMP Publications, Inc., 600 Community Drive, Manhasset, NY 11030

SunExpert - monthly publication for Sun users, Computer Publishing Group, 1330 Beacon St.

A Student’s Guide to Unix, Harley Hahn (McGraw Hill, 1993, ISBN 0-07-025511-3).

UNIX in a Nutshell for BSD 4.3, A Desktop Quick Reference (O’Reilly & Associates, Inc 1990,

0-937175-20-x)

UNIX in a Nutshell, A Desktop Quick Reference for System V & Solaris 2.0, Dan Gilly and the staff

of O’Reilly & Associates, Inc (O’Reilly & Associates, Inc 1992, ISBN 1-56592-001-5)

The C Programming Language, 2nd Ed., Brian Kernighan and Dennis Ritchie (Prentice Hall, 1988,

Overview Overview

Zen and the Art of the Internet, 3rd Ed., Brendan Kehoe (1994, ISBN 013-121492-6).

UNIX Power Tools, Jerry Peek, Tim O’Reilly, and Mike Loukides (O’Reilly & Associates, 1993,

ISBN 0-679-79073-X) (Includes a CDROM of useful software for various OSs.)

1.9.3.2 System Administration

UNIX System Administration Handbook, 2nd Ed., Evi Nemeth, Garth Snyder, Scott Seabass and

Trent Hein (Prentice-Hall, 1995, ISBN 0-13-151051-722) (Includes a CD-ROM)

Essential System Administration, 2nd Ed., Aeleen Frisch (O’Reilly, 1995, ISBN 1-56592-127-5) When You Can’t Find Your UNIX System Administrator, Linda Mui (O’Reilly & Associates, Inc.,

Managing NFS and NIS, Hal Stern (O’Reilly & Associates, 1991, ISBN 0-937175-75-7).

All About Administering NIS+, Rick Ramsey (SunSoft Press/Prentice Hall, 1992, ISBN

013-068800-2)

DNS and BIND, Paul Albitz and Cricket Liu (O’Reilly & Associates, 1993, ISBN 1-56592-010-4) TCP/IP Network Administration, Craig Hunt (O’Reilly & Associates, 1992, ISBN 0-937175-82-X) sendmail, Bryan Costales with Eric Allman and Neil Rickert (O’Reilly & Associates, 1994, ISBN 1-

56592-056-2)

Panic! UNIX System Crash Dump Analysis, Chris Drake and Kimberley Brown (SunSoft Press,

1995, ISBN 0-13-149386-8) (Includes a CD-ROM)

Improving the Security of Your UNIX System, David A Curry (SRI International), available via

anonymous ftp from www-wks.acs.ohio-state.edu:/pub/security/security-doc.tar

UTS Software Support UTS Software Support

1.10 UTS Software Support

University Technology Services UNIX Workstation Support - Software support for SunOS/Solaris (Sun), Ultrix and Digital UNIX (formerly OSF/1) (DEC), and IRIX (SGI).

1.10.1 Solaris

The Sun operating system, SunOS, along with the OpenWindows graphical user interface (GUI),make up the complete Sun UNIX environment The latest release is Solaris 2.6, which includesSunOS 5.6, OpenWindows 3.6, and version 1.2 of the Common Desktop Environment (CDE).SunOS 5 is based on the System V Revision 4 version of UNIX Solaris 2.4 runs on all SPARChardware Solaris 2.4 runs on all SPARC hardware except the Sun4 series (i.e Sun 4/110, 4/280,etc.) Solaris 2.4 is still available for those who need it

The latest release of the BSD version of UNIX for the SPARC architecture is Solaris 1.1.2, whichincludes SunOS 4.1.4 and OW 3_414 Solaris 1.1.2 runs on all SPARC hardware except the Sun4useries (UltraSPARCs)

Sun software is site licensed for all Ohio State University faculty, staff, and students, and can be

borrowed from UTS Customer Services, 512 Baker Systems All software is on CDROM.

SGI software is site licensed for all Ohio State University faculty, staff, and students, and can be

borrowed from UTS Customer Services, 512 Baker Systems All software is on CDROM.