Essential System Administration, Second Edition

Quantified Score

Visualization

Abstract

From the Book:This book covers the fundamental and essential tasks of UNIX system administration. Although it includes information designed for people new to system administration, its contents extend well beyond the basics. The primary goal of this book is to make system administration on UNIX systems straightforward; it does so by providing you with exactly the information you need. As I see it, this means finding a middle ground between a general overview that is just too simple to be of much use to anyone but a complete novice, and a slog through all of the obscurities and eccentricities that only a fanatic could love (it's also possible to suffer from both of these conditions at the same time). In other words, I won't leave you hanging when the first complication arrives, and I also won't make you wade through a lot of extraneous information in order to find what actually matters.This book approaches system administration from a task-oriented perspective, and so it is organized around various facets of the system administrator's job, rather than around the features of the UNIX operating system, or the workings of the hardware subsystems in a typical system, or some designated group of administrative commands. These are the raw materials and tools of system administration, but an effective administrator has to know when and how to apply and deploy them. You need to have the ability, for example, to move from a user's complaint (Tints job only needs 10 minutes of CPU time, but it takes it three hours to get it!) through a diagnosis of the problem (The system is thrashing because there isn't enough swap space), to the particular command which will solveit (swap or swapon). Accordingly, this book will cover all facets of UNIX system administration: the general concepts, underlying structure, and guiding assumptions that define the UNIX environment, as well as the commands, procedures, strategies, and policies essential to success as i system administrator. It will talk about all the usual administrative tools that UNIX provides, but also how to use them more smartly and efficiently.Naturally, some of this information will constitute advice about system administration; I won't be shy about letting you know what my opinion is. But I'm actually much more interested in giving you the information you need to make informed decisions for your own situation than in providing a single, univocal view of the "right way" to administer a UNIX system. It's more important that you know what the issues are concerning, say, system backups, than that you adopt anyone's specific philosophy or scheme. When you are familiar with the problem and the potential approaches to it, you'll be in a position to decide for yourself what's right for your system.Although this book will be useful to anyone who takes care of a UNIX system, I have also included some material designed especially for system administration professionals. Another way that this book covers essential system administration is that it tries to convey the essence of what system administration is, as well as a way of approaching it when it is your job or a significant part of it. This encompasses intangibles like system administration as a profession, professionalism (not the same thing), human and humane factors inherent in system administration, and its relationship to the world at large. When such issues are directly relevant to the primary, technical content of the book, I mention them. In addition, I've included other information of this sort in special sidebars (the first one comes later in this Preface). They are designed to be informative and thought-provoking, and are, on occasion, deliberately provocative.The UNIX UniverseMore and more, people find themselves taking care of multiple computers, often from more than one manufacturer; it's quite rare to find a system administrator who is only responsible for one system (unless he has other, unrelated dudes as well). While UNIX is widely lauded in marketing brochures as the "standard" operating system "from microcomputers to supercomputers"--and I must confess to having written a few of those brochures myself--this is not at all the same as there being a "standard" UNIX. At this point, UNIX is hopelessly plural, and nowhere is this plurality more evident than in system administration. Before going on to discuss how this book addresses that fact, let's take a brief look at how things got to be the way they are now.The following diagram attempts to capture the current state of things. It illustrates a simplified UNIX genealogy, with an emphasis on influences and family relationships (albeit Faulknerian ones) rather than on strict chronology and historical accuracy. It traces the major lines of descent from an arbitrary point in time: UNIX Version 6 in 1975 (note that the dates in the diagram refer to the earliest manifestation of each version). Over time: two distinct flavors (strains) of UNIX emerged from its beginnings at AT&T Bell Laboratories--which I'll refer to as System V and BSD--but there was also considerable cross-influence between them (in fact, a more detailed diagram would indicate this even more clearly).The split we see today between System V and BSD occurred after Version 6. ( The movement from Version 7 to System m in the System v line is a simplification of strict chronology and descent. System III was derived from an intermediate release between Version 6 and Version 7 (CB UNIX), and not every Version 7 feature was included in System m.A word about nomenclature: The successive releases of UNIX from the research group at sell Labs were originally known as "editions"--the Sixth Edition, for example although these versions are now generally referred to as "Versions." After Version 6, there are two distinct sets of releases from Bell Labs: Versions 7 and following (constituting the original research line), and System m through System v (commercial implementations started from this line). Later versions of System v are called "Release," as in System v Release 3 and System v Release 4.The opening chapters of Life with UNIX by Don Libes and Sandy Ressler (Trill Prentice Hall Special Edition, 1992), give a very entertaining overview of the history of UNIX the preface to the Special Edition updates events through about 1992.) The developers at the University of California, Berkeley extended UNIX in many ways, adding virtual memory support, the C shell, job control, TCP/IP networking, to name just a few. Some of these contributions were merged into the AT&T code lines at various points.System V Release 4 is often described as a merger of the System v and BSD lines, but this is not quite accurate. It incorporates the most important features of BSD (and SunOS) into System v. The union is a marriage and not a merger, however, with some but not all characteristics from each parent dominant in the offspring (as well as a few whose origins no one is quite sure of). In this book, I'll refer to System v Releases 3 and 4 as V.3 and V.4 respectively.The diagram also includes two other variations: XENIX and OSF/1. XENIX, the first microcomputer UNIX version, is still in use today. It was derived from Version 7 and converted to System v Release 2 gradually over time. XENIX then in turn influenced System V Release 3 when many of its capabilities were merged into System V Release 3.2.In 1988, Sun and AT&T agreed to jointly develop future versions of System V. In response, IBM, DEC, Hewlett-Packard, and other computer and computer-related companies and organizations formed the Open Software Foundation (OSF), designing it with the explicit goal of producing an alternative, compatible, non-AT&T-dependant UNIX-like operating system. OSF/1 is the result of this effort ( As well as, and perhaps more importantly, Motif and the Distributed Computing Environment (DCE). ) (although its importance is more as a standards definition than as an actual operating system implementation).The proliferation of new computer companies throughout the 1980's brought dozens of new UNIX systems to market--UNIX was usually chosen as much for its low cost and lack of serious alternatives than for its technical characteristics--and also as many variants. These vendors tended to start with some version of System V or BSD and then make small to extensive modifications and customizations. Extant operating systems mostly spring from System v Release 3 (usually Release 3.2), System V Release 4, and occasionally 4.2 or 4.3 BSD (SunOS is the major exception, derived from an earlier BSD version). As a further complication, many vendors freely intermixed System v and BSD features within a single operating system.Recent years have seen a number of efforts at standardizing UNIX. ( The most important general standards are POSIX (defined by the IEEE/ANSI), AT&T's System V Interface Definition (SVID Issue 2 is System v Release 3, and SVID Issue 3 is System v Release 4), the OSF's Application Environment Specification (AES), and the X/Open Portability Guide (currently XPG4) from X/Open, a consortium founded in the United Kingdom in 1984 that now exists for the purpose of defining UNIX standards. X/Open controls the UNIX trademark and accordingly has the power to test and validate compliance with its standard, thereby awarding or withholding the right for an operating system to be called UNIX (the validation process is known as "branding"). Of all of these standards, only POSIX can truly be said to be vendor-independent.) Competition has shifted from acrimonious lawsuits and countersuits to surface-level cooperation in unifying the various versions. However, existing standards simply don't address system administration at anything beyond the most superficial level. ( POSIX.7 is designed to address this lack, but it is still in the early discussion stage. ) Since vendors are free to do as they please in the absence of a standard, there is i no guarantee that system administrative commands and procedures will even be similar under different operating systems that uphold the same set of standards.UNIX Versions Discussed in This Book How do you make sense out of the myriad of UNIX variations? One approach is to use computer systems only from a single vendor. However, since that often has other disadvantages, most of us end up having to deal with more than one kind of UNIX system. Fortunately, taking care of n different kinds of systems doesn't mean that you have to learn as many different administrative command sets and approaches. Ultimately, we get back to the fact that there are really just two distinct UNIX varieties; it's just that the features of any specific UNIX implementation can be an arbitrary mixture of System v and BSD features (regardless of its history and origins). This doesn't always ensure that there are only two different commands to perform the same administrative function--there are cases where practically every vendor uses a different one--but it does mean that there are generally just two different approaches to the area or issue. And once you understand the underlying structure, philosophy, and assumptions, learning the specific commands for any given system is simple.When you recognize and take advantage of this fact, juggling several UNIX versions becomes straightforward rather than impossibly difficult. In reality, lots of people do it every day, and this book is designed to reflect that and support them. I It will also make administering heterogeneous environments even easier by systematically fanatically providing information about different systems all in one place.The UNIX versions covered by this book appear in Figure 1-2, which illustrates the Influences on the various operating systems, rather than their actual origins.(If the version on your system isn't one of them, don't despair. Read on anyway, and you'll find that the general information given here applies to your system as well in most cases. Note that HP-UX 9 derives from V.3 rather than V.4. The names of some of these operating systems may very well change within the lifetime of this book as they become officially UNIX branded.) Each of them is described briefly in the following list; the icons which appear to the left of each name indicate the degree to which a particular version acts and feels more like a System v system or a BSD system from a system administration point of view.SCO UNIX: This designation will refer to SCO Open Desktop and SCO Open Server Release 3 from the Santa Cruz Operation, Inc. (running on a 486 system). This operating system is an implementation of V.3.2.5; SCO UNIX will be used for most generic System v output examples. It also includes many extensions, some of which are somewhat to quite eccentric (such as the graphical user and administrative interface). We will consider only those extensions which add essential capabilities missing from V.3.2, such as SCO UNIX's enhanced security features (which are themselves derived from important security standards).SunOS: The best known BSD-based operating system, SunOS also introduced many important capabilities into the UNIX world (most notably NFS). Sun originally intended for Solaris to replace SunOS, but gave in to user demands and continues to offer both of them at the moment. This book covers SunOS 4.1.4 (running on a Sun IPC).Solaris: This is Sun's V.4 implementation. The text covers Solaris 2.4; the reference system for output is a Tatung Sparc 10/40 running Solaris 2.3. Note that Solaris 2.x is sometimes referred to as SunOS 5.x; we won't propagate that terminology here.HP-UX: Hewlett-Packard's version of UNIX is a System V variant incorporating many of the features of OSF/1. HP-UX changes considerably between releases 9 and 10. From an administrative standpoint, HP-UX 9 feels like a fairly generic System V.3 system with a few extensions; HP-UX 10 is a System V.4 operating system. The reference systems are an HP 9000 Model 715 running HP-UX 9, and an HP 9000 Model 845 running HP-UX 10. Since HP-UX 10 is just being released as of this writing, important differences between it and release 9 will be noted. As appropriate, I'll also discuss the occasional variations in HP-UX between 700 and 800 series hardware under HP-UX 9.Digital UNIX: Digital Equipment Corporation's version of OSF/1--an origin noted explicitly in its former name, DEC OSF/1--greatly resembles a generic BSD system from an administrative point of view, although it is in fact at heart a System v version.(You can determine the ultimate origins of any UNIX variant by examining two items: whether it uses /etc/inittab for booting and the format of the raw accounting file.) The fact that both HP-UX: and Digital UNIX state that they conform to an almost identical set of standards and yet need to be administered very differently should indicate just how little standards mean for system administration. The reference system is a DEC AlphaStation 600 running Version 3.2.IRIX: This book covers IRIX 6.0 (running on a Challenge). Earlier Earlier versions signs of IRIX included many BSD features, but these have gone away over time in favor of what seems to be asymptotic V.4 compliance.AIX: This is IBM's System v-based operating system; it also supports a very large number of features from V.4, BSD, and OSF/1 (in addition to the inevitable proprietary features). The discussion will cover post-4.1 AIX; the reference systems are AIX 4.1.3 running on an RS/6000 Model 590 and a Model 250 ("Power PC") running 4.1.1, although most of it is applicable to AIX 3.x as well (changes introduced with Release 4 will be noted as appropriate). I'll use the term "AIX 4" to refer to post-3.2.5 releases. Note that earlier, PC AT-based versions of AIX are quite different from Releases 3.1 and later, and the discussion here will not apply to them.Linux: This is a free UNIX-like operating system for Intel processors (with other versions under development). It is being written "entirely from scratch" (in the words of its mete frequently-asked-questions list).(Most people I know pronounce the name so that it rhymes with "cynics" and uses the same vowel sounds as the its in "finicky" (i.e., short), although the official FAQ explanation of the pronunciation of the second syllable is that "'nux' is also short, non-dipthong, like in pUt.However, I don't think that reflects how most people say UNIX either. Just don't make "Linux" rhyme with the name of the Peanuts character and you'll be OK.) Linux is steadily gaining in popularity, and is important in a variety of contexts: as an inexpensive UNIX system and a research environment in colleges and universities, as a low-cost Internet connection solution in small businesses, as a home UNIX system for UNIX professionals and users, as a cheap X terminal in UNIX sites with limited budgets.The kernel was originally written by Linus Torvalds ("Linux" is "Linus' UNIX"), although other people also contribute to its continuing development. Linux is generally BSD-like. Technically, the name Linux refers only to the essential core (the kernel, some drivers, and the like), but it is commonly used to refer to the entire ensemble of freeware from a variety of sources that makes up a Linux distribution. Tools from the GNU Project of the Free Software Foundation constitute the largest single component of non-kernel items; in this book, I'll sometimes refer to these commands and utilities as the "GNU versions" to distinguish them from their less full-featured "standard" counterparts. There are many different Linux distributions available. No two are exactly alike since each person or group that creates a distribution chooses their own subset of freely-available software.For the record, the reference system for Linux output that I used for this book is a 486DX, originally installed with the Fall 1994 release from Yggdrasil, although I've upgraded the kernel to 1.3.10 (as of this writing) as well as many of its component packages, and I've added packages from other distributions, other freely-available software, as well as programs and source code changes of my own, making it, in the end, a very typical Linux systems.(See Appendix B. Selecting and Installing Linux Systems for information on Linux distributions.) This computer was chosen somewhat arbitrarily from the many I have access to, as was the particular Linux distribution (it's the oldest). In fact, the computer in question has four bootable Linux partitions running Yggdrasil, Linux-FT, Caldera, and vanilla Red Hat.(My fellow Blake fans will appreciate that its hostname is vala, with zoas as an alias, and that it has, of course, nine partitions in total (including also SCO UNIX two DOS, and two others used by Linux for files and swap).)Yggdrasil's distribution was considered somewhat eccentric in the past, but recent releases have been more conformant (if one can really apply that term to anything having to do with Linux). In the discussions of Linux in this book, I'll point out major variations in practice when appropriate. In general, discussions of commands and features will focus on the software packages from which they originate rather than any specific Linux distributions where they may happen to be found (this week).This list represents some changes from the first edition of this book. We've dropped XENIX altogether and replaced Interactive UNIX with SCO UNIX as the base System V system, reflecting changes in the patterns of use. Although the total number of systems covered is greater than it was previously (eight versus six); in many areas the amount of variation among them has actually decreased.When there are significant differences between versions, I've made extensive use of headers and other devices to indicate which version is being considered. You'll find it easy to keep track of where we are at any given point and even easier to find out the specific information you need for whatever version you're interested in at any given moment. In addition, the book will continue to be useful to you when you get your next, different UNIX system--and sooner or later you will...The book also covers a fair amount of freely-available software that is not an official part of any version of UNIX. In general, the packages discussed can be built for any of the discussed operating systems. Sources for such software are given in he Bibliography.AudienceThis book will be of interest to:Full or part-time administrators of UNIX computer systems. The book includes help both for UNIX users who are new to system administration and for experienced system administrators who are new to UNIX.Workstation and microcomputer users. For small, standalone systems, there is often no distinction between the user and the system administrator. And even if your workstation is part of a larger network with a designated administrator, in practice many system management tasks for your workstation will be left to you.Users of UNIX systems who are not full-time system managers but who perform form administrative tasks periodically.This book assumes that you are familiar with UNIX user commands: that you know how to change the current directory, get directory listings, search files for strings, edit files, use I/O redirection and pipes, set environment variables, and so on. It also assumes a very basic knowledge of shell scripts: you should know what a shell script is, how to execute one, and be able to recognize commonly-used features like if statements and comment characters. If you need help at this level, consult the Nutshell Handbooks Learning the UNIX Operating System (O'Reilly & Associates, 1993) and the relevant edition(s) of UNIX in a Nutshell (O'Reilly & Associates).Why Vendors Like StandardsStandards are supposed to help computer users by minimizing the differences between products from different vendors and ensuring that such products will successfully work together. However, standards have become a weapon in the competitive arsenal of computer-related companies, and vendor product literature and presentations are often a cacophony of acronyms.Warfare imagery dominates discussions comparing standards compliance rates for different products. For example, a recent report entitled "Standard Conformance: An Ongoing Battle" (D. H. Brown and Associates, October 1993) measured the degree of compliance with existing standards by various UNIX operating systems, and it found AIX, HP-UX and Solaris as the most compliant (with scores of 82-90%).If you're interested in system administration, however, you can't take those figures too literally, since existing standards usually overlook this area entirely. For example, although the report found IBM's MVS operating system to be about 60% compliant, it's simply not the case that even an experienced UNIX administrator will automatically be able to handle anything like 60% of MVS system administration.For vendors of computer-related products, upholding standards is in large part motivated by the desire to create a competitive advantage. There is nothing wrong with that, but it's important not to mistake it for the altruism that it is often purported to be. "Proprietary" is a dirty word these days, and "open systems" are all the rage, but that doesn't mean that what's going on is anything other than business as usual.Proprietary features are now called "extensions" and "enhancements," and defining new standards has become a site of competition. New standards are frequently created by starting from one of the existing alternatives, vendors are always ready to argue for the one they developed, and successful attempts are then touted as further evidence of their product's superiority (and occasionally they really are).Given all of this, though, we have to at least suspect that it is not really in most vendors' interest for the standards definition process to ever stop.If you have previous UNIX experience but no administrative experience, several sections in Chapter 1, Introduction to System Administration, will show you how to make transition from user to system manager. If you have some system administration experience but are new to UNIX, Chapter 2, The UNIX Way, will explain the UNIX approach to major system management tasks; it will also be helpful to current UNIX users who are unfamiliar with UNIX file, process, or device concepts.This book is not designed for people who are already UNIX wizards. Accordingly, stays away from topics like writing device drivers.OrganizationThis book is the foundation volume for O'Reilly & Associates' system administration series. As such, it provides you with the fundamental information needed by everyone who takes care of UNIX systems. At the same time, it consciously avoids trying to be all things to all people; the other books in the series treat individual topics in complete detail. Thus, you can expect this book to provide you with the essentials for all major administrative tasks by discussing both the underlying high level concepts and the details of the procedures needed to carry them out. It will also tell you where to get additional information as your needs become more highly specialized.These are the major changes in content with respect to the first edition (in addition to updating all material to the most recent versions of the various operating systems):The discussion of networking has been significantly expanded, reflecting a changed view of what would be needed for everyday network management.The security discussion now provides additional information for sites with more stringent security requirements.The discussion of writing shell scripts has been broadened to encompass more diverse examples and to include Perl and Expect.The discussions of issues related to running UNIX on a PC have been improved.The discussion of administrative tools formerly in Chapter 1 has been expanded into a separate chapter.A chapter on kernel configuration has been added since this task is periodically required on most UNIX systems.The discussion of resource management has been expanded to include more information about diagnosing performance problems.An overview of UNIX electronic mail has been added.There are also more localized changes to almost every section of the book.The first three chapters of the book provide some essential background material required by different types of readers. The remaining chapters generally focus on a single administrative area of concern and discuss various aspects of everyday system operation as well as configuration issues.Chapter 1, Introduction to System Administration, describes some general principles of system administration and the root account. By the end of this chapter, you'll be thinking like a system administrator.Chapter 2, The UNIX Way, considers the ways that UNIX structure and philosophy affect system administration. It opens with a description of the man on-line help facility and then goes on to discuss how UNIX approaches various operating system functions, including file ownership, privilege and protection, process creation and control, and device handling. This chapter closes with an overview of the UNIX system directory structure and important configuration files.Chapter 3, Essential Administrative Tools, discusses the administrative uses of UNIX commands and capabilities. It also provides approaches to several common administrative tasks.Chapter 4, Startup and Shutdown, describes how to boot up and shut down UNIX systems. It also considers UNIX boot scripts in detail, including how to modify them for the needs of your system.Chapter 5, User Accounts, details how to add new users to a UNIX system. It also discusses UNIX login initialization files and groups.Chapter 6, Security, provides an overview of UNIX security issues and solutions to common problems, including how to use UNIX groups to allow users to share files and other system resources while maintaining a secure environment. It also discusses optional security-related facilities like dialup passwords.In reality, though, security is something that is integral to every aspect of system administration, and a good administrator consciously considers the security implications of every action and decision. Thus, expecting to be able to isolate and abstract security into a separate chapter is unrealistic, and so you will find discussion of security-related issues and topics in every chapter of the book.Chapter 7, Managing System Resources, provides an introduction to performance issues on UNIX systems. It discusses monitoring and managing use of major system resources. CPU, memory and disk. It covers controlling process execution, optimizing memory performance and managing system paging space and concludes with information about tracking and apportioning disk usage.Chapter 8, Automating Tasks with and Such, considers how UNIX shell scripts, scripts and programs in other languages and environments like C, Perl and Expect, and the cron system may be used to automate many routine operations. It provides advice about script design and discusses techniques for testing and debugging them.Chapter 9, Filesystems and Disks, discusses how discrete disk part/dons become part of a UNIX filesystem. It begins by describing the disk mounting commands, filesystem configuration files, and the fsck utility, which is used to check filesystem integrity. It also considers UNIX disk partitioning schemes and describes how to add a new disk to a UNIX system. Accessing DOS filesystems from UNIX systems is also covered.Chapter 10, Backup and Restore, begins by considering several possible backup strategies before going on to discuss the various backup and restore services that UNIX provides.Chapter 11, Terminals and Modems, discusses UNIX handling of serial lines, including how to add and configure new serial devices.Chapter 12, Printers and the Spooling System, covers printing on UNIX systems, including both day-to-day operations and configuration issues. Remote printing via a local area network is also discussed.Chapter 13, TCP/IP Network Management, provides a detailed overview of UNIX networking capabilities. While not an exhaustive discussion of TCP/IP or NFS, this chapter will enable you to configure and manage a local area network and to administer NFS.Chapter 14, Electronic Mail, presents information about setting up and administering electronic mail for various common scenarios.Chapter 15, Configuring and Building Kernels, discusses when and how to create a customized kernel as well as related system configuration issues.Chapter 16, Accounting, describes the various UNIX accounting services. The Afterword contains some final thoughts on system administrati...