Common Linux Systems Administration Commands

Jacob Mathai

I started compiling this page many moons ago while still at university as a place to centralize many of the Linux and Unix related concepts I came across. Time and an evolving career have drifted me away from these roots, however most of my understanding of Operating Systems flourished here. Although some of the data is out of date, I still find myself referencing these archives from time to time. What's stored in an inode again? I hope you enjoy it as much as I have compiling it all these years . | Cheers -Jacob Mathai


Kernel 
Linux Scheduler 
Processes & Programs 
PXE 
Threads 
DNS 
SAN & NAS 
SWAP 
NIS 
Kernel Debugging 
TCP,UDP,IP Headers 
JumpStart 
KickStart 
Sendmail 
Apache 
PMAP PSTREE 
Linux Boot Process 
mkfs 
raid 
LVM 
NFS 
TroubleShooting 
Rescue Mode Linux 
Security 
SSL & some openssl commands 
OpenSSL & RSA in Python 
Veritas Volume Manager 
Veritas Cluster Service 
eeprom-solaris 
Python 
  1. Linux hardware information collected by kudzu is stored in /etc/sysconfig/hwconf
  2. List all PCI devices lspci (Probes the pci bus)
  3. SMP Kernels (Multi CPU) BigMem (12G ram) and Hugemem (64G ram) Kernels
  4. You create device files with the mknode command. (ie mknode fd0 b 2 0The 2 and 0 are major/minor #'s)
  5. Block and Character devices are special device files typically stored in /dev/. A Block device supports random access (disk, floppy) and a character device supports stream access (audio,printing). (ie cat /etc/hosts > /dev/fd0)
  6. Major and Minor Numbers are information stored in a disk inode (ls -i : prints inode information). A major number refers to the type of device it is and the minor number refers to any special parameters to the device. Refer to Documentation/devices.txt if you need to rebuild a character or block devices)
  7. Inode : An inode stores basic information about a regular file, directory, or other file system object. (ie length of the file in bytes, user group id info,device id (device containing the file),reference counts (The # of hard links to the file)
  8. SuperBlock :Superblock contains a description of the basic size and shape of this file system.
  9. Run mke2fs -S if you have a corrupted superblock and this will leave inode tables intact and just rebuild your superblock.
  10. Pre Boot Execution (PXE BOOT) is included on RedHat CD's and is used with building blade centers and cloning workstations. PXE Bootrom is able to get an ip address by DHCP and loads an image into memory -typically by using TFTP.
  11. BOOTP is short for Bootstrap Protocol and it allows a diskless workstation to discover its own IP address, the IP address of a BootP server, and the configuration file it loads into memory.
  12. Primary and Extended partitions are creaded with fdisk. Typically, partitions 1-4 are primary. If you require more than 4 partitons, then 1 of the primary partitions becimes and Extended partion and logical partitions are created.(hda=ide drives, sda=scsi drives, eda=esdi drives, xd=xt disks)
  13. Raid 0 = concat, Raid 1 = mirror, and Raid 5 = stripping with distributed parity Typically you create raid partitions with fdisk across seperate physical disks, and then use raidtools. (see raidtools below)
  14. LVM (Logical Volume Manager) creates logical partitions or logical volumes from 1 or more disk partitions or raid devices. 1 or more partitions or rad devices are assigned to a volume group which is divided into extents and assigned to volumes.
  15. Extents are 4M primitives that volume groups divide available disks into.
  16. Use ethtool and mii-tool to set the low level ethernet card settings
  17. Important System Files :
    • /etc/sysconfig/ (most system and networking settings)
    • /etc/sysconfig/network (default gw, etc)
    • /etc/sysconfig/init (init parameters)
    • /etc/sysconfig/network-scripts/ (network interface configs and scripts)
    • /etc/sysconfig/clock (timezone)
  18. Linux Boot Process
    • BIOS Initialization : AFter the Bios passes POST, it loads the Initial Program Loader from the first 512 bytes of the boot media (Master Boot Record)
    • BOOT LOADER: MBR mounts /boot and the boot loader selects the kernel to start.
    • KERNEL initialiazation: Kernel boots and spawns init.
    • INIT enters a specific run level and machine starts.
  19. Boot Loader utilities :
    • /sbin/grub-install /dev/hda (recreate the master boot record)
    • In the grub menu -- pass 'e' to edit and modify a boot stanza or to change the default 'init'
  20. Init Level
    • 0=Halt
    • 1=Single User
    • 2=Multiuser without NFS
    • 3=FULL (no x-11)
    • 5=Full and X11
    • 6=Reboot
  21. /etc/rc.d/rc.sysinit is an important script (it calls sysctl.conf)
  22. Controlling Services
    • Traditional System 5 (/etc/rc0-5)
    • 'service httpd graceful'
    • chkconfig
  23. Create partitions with fdisk. (fdisk -l , fdisk /dev/hda) (p=print table, m=menu, n=new, t=change partition type***)
  24. clearpart --all : Clears the whole partition table.
  25. partprobe:inform the OS of partition table changes
  26. Create filessystems with the mkfs command.
    • -b : set block size of datablocks in bytes. (Filesystems wit smaller files should use smaller block sizes)
    • -i : set block to inode ration. (Large data sets managed by a filesystem would benefit from higher ratios-meaning fewer inodes and more space)
    • -j : Create a journel (aka ext3) filesystem.
  27. Use the tune2fs command to tune an existing file system. (ie tune2fs -j /dev/hda4 : make an ext2 filesystem into an ext3 filesystem)
  28. The mount command allows access to block devices.
    • mount -o remount ro /home : remounts a block device
    • mount -t smbfs (Mount a windows shares)
  29. Misc Commands :
    • lsattr, chattr : special file attributes on an extended file system. (Can render a file immutable) Good for security
    • setfacl, getfacl : ACL's on files. Only available in ext3 fileststems
  30. PAM (Pluggable authentication Module) is a set of libraries that handle the authentication tasks of applications (services) on the system.
    • /etc/pam.d contains the config files for additonal libraries.
    • A is a shared library :code dynamically loaded into the memory of a running process. Most pam modules are located in /lib/security/.
    • Some example control flags are :
      • Required: Success required and other libs will still be checked.
      • Requisite: If a failure at this level, exit immediately.
      • Sufficient: Access granted immediately upon success.
      • Optional: Result Irrevelant
    • Simple Config File : (Moduletype)auth (Control Flag)irequired (Module Path) pam_unix.so (Arguments)nullok
  31. Syslogd and Klogd : Syslogd is the system logging daemon and klogd intercepts msgs from the kernel and sends them to syslog.
  32. Can configure klogd to send kernel msgs to a console klogd -c 3 (Error)
  33. Software Raid logical partitions and are typically across diferent physical disks.
  34. Logical Volumes with LVM
    • Run vgscan to build the initial database.
    • Create the physical volumes: pvcreate /dev/hda3Assign physical volumes to volume groups: vgcreate vg0 /dev/hda3
    • Create a volume : lvcreate -L 512M -n data vg0
    • Create a file system on the volume :mk2fs -j /dev/vg0/data
    • Shrink the volume by 16M : e2fsadm -L -16M /dev/vg0/data
    • Other Useful Commands :pvdisplay, vgchange, vgremove, lvremove, vgdisplay, lvdisplay
    • /proc/lvm
    • Add a partition to a volume group : vgextend vg0 /dev/hda20
    • Remove a partition from a volume group : vgreduce vg0 /dev/hda20
  35. NFS Network File System
    • /etc/exports contains all exported nfs shares
    • 4 main NFS daemons :
      • portmap
      • nfsd
      • rpc.mountd
      • lockd
    • exportfs: is used to maintain the current table of exported file systems for NFS.
      • -r : option to refresh list of exported shares.
      • -u : option to unexport shares.
      • -a : export shares
      • -v : display all options on the server.
  36. Debugging NFS : (run nfsstat, check for stale file handles, or you can strace prc.mountd or put nfs and rpc.mountd into debug mode by redirecting "1" to /proc/sys/sunrpc/rpc_debug & /proc/sys/sunrpc/nfs_debug
  37. Samba A Windows SMB/CIFS fileserver for UNIX
    • 2 main daemons :
      • smbd : smb/cifs server. takes care of authentication, file sharing, printer sharing etc
      • nmbd: netbios name server. takes care of resource browsing, wins browsing.
    • /etc/samba/smb.conf and /etc/samba/smbpasswd
    • smvpasswd -a john
    • smbclient is an ftp style client that can ’talk’ to an SMB/CIFS server. (ie smbclient //some_Server/c$ -U admin)
  38. XINETD :extended Internet services daemon
    • /etc/xinetd.conf is the main configuration file
    • Individual services are defined in /etc/xinetd/ config files
  39. Sshd daemon configuration is in /etc/ssh/sshd_config
  40. DHCP
    • The dhcpd daemon provides services to both dhcp and bootp clients.
    • /etc/dhcp.conf is the dhcpd daemon configuration filea where lease times, gw's, dns server info, and ip ranges are defines
  41. X Windows
    • A Client Server Architecture; The X Server is the program that speaks to your graphics hardware.
    • Any application that wants to display graphics is an X Client
    • /etc/X11/XF86Config is the main configuration file.
    • redhat-config-xfree86 is the gui tool and XFree86 is the command line tool
    • /etc/X11/xinit/xinitrc.d/ is the folder to place scripts to launch any x client applications on startup
  42. TCP Wrappers (/etc/hosts.allow, /etc/hosts.deny)
    • Is access explicitly granted ?
    • Is access explicitly denied ?
    • If neither, access is granted.
  43. NetFilter : asserts polices in layer 2,3,4 of OSI model.
    • PreRouting : Filtering point; deals with packets pn arrival (NAT)
    • Routing Decision : Is traffic local or do we forward the packet on ?
    • Forward Packet being routed through the local system to another destination.
    • Input Packet is destined for local system ?
    • Output Packet is leaving a local process but just prior to post routing.
    • Post Routing
      • Handles packet immediately after leaving the system (NAT)
    • Drop, Accept, Log, Reject
    • iptables commands:
      • Basic Chain Operations
      • -A : option to append a rule (ie iptables -A Input 12.34.23.12 Drop)
      • -F : option to flush rules
      • -I : option to inser a rule for the first time in a new or empty chain.
      • -D : option to delete a rule from a chain.
        • Match Criteria
      • -i : incoming interface
      • -o : outgoing interface
      • -p : layer 4 protcol (ie icmp etc)
      • -s : soutce ip address
      • -d : destination IP address
      • examples: iptables -A Input -i eth0 -j Drop
      • exanples: iptables -A Input -p ICMP -j -i eth0 -j Reject
      • TCP Match Extensions
      • -p : protocol
      • - -sport : source port
      • - -dport : destination port
      • - -tcp-flags : Tcp Flags
      • - - syn : initial connection request
      • examples: iptables -A Input -p tcp - - dport 80 -j drop
      • Connection Tracking
      • Netfilter allows for stateful connection tracking.
      • example:iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

  44. Troubleshooting: Common Linux Booting Issues
    1. No bootloader splash screen or prompt. (Check GRUB, corrupt boot sector, Bios issue)
    2. Kernel does not Load at all or partially before a panic occurs. (Corrupt kernel image or incorrect parameters passed to the kernel by the bootloader. Check /etc/grub.conf)
    3. Kernel load completely, but panics or fails when it tries to mount root filesystem and run /sbin/init. (Bootloader is misconfigured or /sbin/init is corrupted, or a problem with /etc/inittab)
    4. Kernel loads completely, and /etc/rc.d/rc.sysinit is started and interrupted. (/bin/bash is missing, error in /etc/fstab, failed fsck)
    5. Run Level Errors (services) (misconfigured services, missing dependent services, issues with X)

  45. Rescue Mode Linux
    1. Hopefully you made a bootable floppy with the mkbootdisk command. ;-)
    2. Use /sbin/grub-install /dev/hda to repair the Master Boot Record in the boot sector. Remember to spawn a chrooted shell before using grub-install from rescue mode so the grub installer thinks the root of your filesystem is /mnt/sysimage. 
      
sh-2.04# chroot /mnt/sysimage
sh-2.04# grub-install /dev/hda
sh-2.04# exit
    3. Boot to a rescue disk (floppy or cdrom) and type linux rescue at the prompt. THe rescue environment should have most of the utilities you need and the rescue environment exists as a ramdisk /dev/root.
    4. The rescue environment will try to reconstruct the harddisk's filesystem and mount it on /mnt/sysimage. Good Luck.
    5. If you need to recreate any character or block devices, make sure that you have a copy of Documenetation/devices.txt to pull the major and minor #'s.
    6. /etc/hosts.conf is used to set name resolver order.
    7. ldd is used to print shared library dependencies (ie ldd /usr/bin/ssh)

      OSI Model

    8. Printing : Cupsd - running on localhost:631 -web interface to printing admin tool >/etc/cups/cupsd.conf & /etc/cups/printers.conf (lpadmin is the command line tool)