UVa Physics Computer Facilities
|
Linux System Administration for Researchers
Linux System Administration for Researchers
-------------------------------------------
This course aims to provide a practical introduction to
System Administration for researchers who find themselves
in charge of a Linux computer. We take a nuts-and-bolts approach
to each topic, examining realistic problems that the system
administrator may encounter. Although many of the details will
be Linux-specific, much of the course's content will be of general
value, including overviews of computer hardware and the
principles of networking.
Course Materials:
-----------------
The following items may be useful, but aren't required:
Linux Administration Handbook (2nd Edition),
by Evi Nemeth, Garth Snyder and Trent Hein
KNOPPIX DVD
Ubuntu DVD
CentOS DVD
Syllabus:
---------
Outline:
--------
1. Linux History and Introduction to computer hardware
2. Introduction to the command line, filesystem and text editors
3. Introduction to users, groups and permissions
4. Introduction to process management and a first look at init
5. Introduction to Bourne Shell Scripts
6. Introduction to X
7. Introduction to Networking
8. Network services and Security
9. Disks, Partitions, LVM and Filesystems
10. Installing the OS, and Package Management
11. Ssh and Rsync
12. Web Server
13. Grub and the Kernel
14. Physical Security, Printing, Certificates, Miscellaneous Topics
Details:
--------
1. Linux History and Introduction to computer hardware.
Slides from this talk: 01-hardware/presentation-notes.pdf
Summary:
We'll start with a brief history of Linux, followed by
a survey of the hardware components of a modern computer.
We'll talk about hard disks, memory, power supplies,
processors, expansion buses, motherboards, motherboard
architecture, and external interfaces, among other things.
We'll talk about the speeds of the various buses and
interfaces. We'll talk about the differences between CPUs,
including speed, cache, hyperthreading, virtualization
features and power management. The discussion of motherboard
architecture will present the Northbridge/Southbridge model
and note the limitations imposed by current memory bus speeds.
While discussing disks, we'll talk about the problem of static
Unrecoverable Read Error (URE) rates versus the rapidly growing
size of available disks. We'll also talk about recent
research disk failure rates. We'll discuss options for
connecting external storage devices. Finally, we'll discuss
the BIOS and newer EFI.
2. Introduction to the command line, filesystem and text editors.
Slides from this talk: 02-shell/presentation-notes.pdf
Summary:
We'll discuss the command line, with an overview of the most
commonly useful commands and a look at syntax conventions.
We'll introduce the most commonly used login shells. We'll
discuss shell built-in versus external commands, and how
external commands are located. We'll talk about environment
variables, and how they get set. We'll introduce pipes and
backticks, and show how they can be used to string commands
together. The directory tree as seen by Linux, including
special directories like the root directory and the "." and
".." directories. We'll discuss mount points, and the Unix
concept of a single tree structure representing all available
files. We'll introduce mounting and unmounting filesystems.
We'll discuss user and group file ownerships. We'll parse the
output of the "ls" command and discuss flags that control the
form of this output. We'll look at the directory structure
commonly found on a Linux computer. We'll talk about
documentation, in the form of man pages and info pages. We'll
introduce a few common editors.
3. Introduction to users, groups and permissions.
Slides from this talk: 03-users/presentation-notes.pdf
Summary:
Now we'll begin to talk about the creation of user accounts
and user groups, starting with a look at the passwd, shadow
and group files. We'll look at tools for creating and
deleting accounts and groups, and tools for modifying their
properties. We'll talk about how password information is
stored, and how password authentication works. We'll talk
more about the permission bits on files and directories, how
to use them and how to modify them. We'll talk about other
access-control mechanisms like file attributes and ACLs, and
introduce tools for managing these. We'll talk about setuid
and setgid files, and talk about situations in which they're
useful. Finally, we'll talk about the superuser, root, and
discuss ways to let users have partial or complete control
over a machine.
4. Introduction to process management and a first look at init.
Slides from this talk: 04-processes/presentation-notes.pdf
Summary:
We begin to look at processes and process management, starting
with tools for viewing information about currently-running
processes. We'll discuss running processes in the background,
and how to manage these processes. We'll talk more about
pipes and redirects, and differences in the ways these work
under different shells. We'll introduce the /proc filesystem,
and take a look under its hood. We'll talk about running
executables under strace to watch what they do. We'll look
at the lsof and fuser commands that allow you to see what
files a process is currently using. We'll introduce the
"watch" command. We'll look at tools for killing single
processes or groups of processes, and talk about signals as a
way of communicating with processes. We'll talk about the
niceness of a process, and how to change this. We'll look at
tools for viewing the load on the computer, and listing
logged-in users. Finally, we'll take a first look at the init
process, and /etc/inittab, and talk about runlevels.
5. Introduction to Bourne Shell Scripts.
Slides from this talk: 05-scripts/presentation-notes.pdf
Summary:
Now that we know how to use the shell, we'll begin talking
about ways to automate our work. We'll talk about the choice
of a Bourne shell language, like bash, versus other languages.
We'll then take a detailed look at scripting under the Bourne
shell. We'll look at flow control constructs like
if/else/elif/fi, while/do/done, for/do/done, etc. We'll look
at conditional expressions using "test" or "[]". We'll look
at the usefulness of the "$@" variable. We'll show how to
pass command-line arguments. We'll talk about grep, and
regular expressions, and we'll talk about sed, awk and several
other commands that are particularly useful when writing shell
scripts.
6. Introduction to X.
Slides from this talk: 06-x/presentation-notes.pdf
Summary:
We'll begin with a history of the X window system, then move
on to a discussion of how X works. We'll introduce the
concepts of X clients and servers, and talk about X's
principle of network transparency. We'll introduce tools for
finding out about the X server. Then we'll look at how to
configure an X server, through /etc/X11/xorg.conf. We'll look
how the X server gets started at boot time through init.
We'll talk about X sessions, and how they're configured.
We'll introduce the concept of X resources, and show how to
manage them. We'll look at how fonts are managed under X.
We'll look at tools for helping configure an X server. We'll
discuss security issues with X, and talk about some best
practices. We'll introduce tunnels, and briefly discuss the
use of X with ssh/nxclient. Finally, we'll talk a little bit
about the various window managers and desktop environments
available for X.
7. Introduction to Networking.
Slides from this talk: 07-network/presentation-notes.pdf
Summary:
We'll look, one by one, at the layers that make up the "five
layer" TCP/IP model of networking. We'll start out by
introducing ethernet by comparing it with other alternatives
and describing the CSMA/CD principle upon which it works.
We'll talk about hardware (MAC) addresses, and how they're
used along with the ARP protocol and gateways to route
messages. We'll talking about Internet Protocol (IP), and the
assignment of IP address and names. We'll talk about how the
Domain Name System (DNS) works, and how DNS lookups are
configured on a Linux computer. We'll also look at the local
/etc/hosts file and see how it contributes to name resolution.
We'll discuss dynamically-assigned IP addresses. We'll talk
about ping and traceroute. Next we'll move up to the
Transport layer and talk about the TCP and UDP protocols.
We'll talk about the pros and cons of TCP and UDP. We'll
introduce the concept of ports. We'll discuss how ethernet
interfaces are represented and configured under Linux,
including network interface names, the "ifconfig" and "route"
commands, and configuration files for common Linux
distributions. We'll talk about network monitoring tools.
8. Network services and Security.
Slides from this talk: 08-services/presentation-notes.pdf
Summary:
Now that we're familiar with networking, we'll take a look at
network services. We'll take another look at the init
process, and /etc/inittab. We'll talk about runlevels, the
System-V-style init scripts, and tools for maintaining them.
We'll look at tools for monitoring and discovering network
services. We'll talk about a few basic principles for safely
creating and using network services. Then we'll look at some
specific tools for controlling access to network services,
including tcp_wrappers and firewall rules. We'll take a look
at iptables and see how it can be used to configure firewall
rules. We'll also talk about some higher-level interfaces
that can be used to configure iptables rules. Then we'll take
a quick look at other things iptables can do, such as NAT, and
we'll look at netstat-nat for monitoring NATed connections.
We'll also look at ipvsadm, which can be used for
load-balancing. We'll look at a couple of tools for security
auditing. Finally, we'll discuss how some cheap commodity
routers use iptables and other network tools to do their jobs.
9. Disks, Partitions, LVM and Filesystems.
Slides from this talk: 09-filesystems/presentation-notes.pdf
Summary:
We'll begin by discussing the concept of disk partitions,
including the differences between primary, extended and
logical partitions. We'll look at a typical partition layout
under Linux. We'll look at how fdisk can be used to manage
partitions, and how disks and partitions show up in the /dev
filesystem. We'll quickly look at creating swap partitions.
Then we'll move on to creating filesystems on partitions or
logical volumes. We'll look at the types of filesystem
available and discuss some of their differences. We'll look
at tools for creating, labeling, checking and getting
information about filesystems. Then we'll move on to mounting
and unmounting filesystems. We'll introduce the ability to
automatically mount filesystems at boot time through
/etc/fstab. We'll look at Logical Volume Management (LVM), and
see how it can be used as another layer of abstraction on top
of raw disks and partitions. We'll introduce LVM concepts and
a minimal set of commands for creating and managing logical
volumes.
10. Installing the OS, and Package Management.
Slides from this talk: 10-packages/presentation-notes.pdf
Summary:
We'll talk about Linux distributions and package management
systems, then focus on the ones that are most prevalent today.
We'll introduce package management issues like uninstallation,
dependencies, verification, inventory and signatures. We'll
talk about live CDs, and their uses. Then we'll move on to
demonstrate a typical CentOS installation procedure. While
the installation is completing, we'll look at rpm and related
commands for managing the rpm packages used by CentOS. We'll
talk installing, uninstalling and querying packages, and
building packages from source. Then we'll move on to
higher-level interfaces for automatically installing packages
and dependencies from remote repositories, and look at how the
task of installing daily updates can be automated. We'll talk
about dealing with broken binary packages, and re-installing
already-installed packages. We'll look at how a corrupt rpm
database can be repaired. We'll then look at how rpm can be
used to list detailed information about the packages in its
database, in any format you choose. Then we'll move on to
another installation demo, this time showing a typical Ubuntu
installation procedure. While it's finishing, we'll talk
about deb packages, the dpkg command and "apt".
11. Ssh and rsync.
Slides from this talk: 11-ssh/presentation-notes.pdf
Summary:
We'll begin with a history of remote command-line tools. Next,
we'll talk a little bit about public-key cryptography. Then
we'll talk about the ssh client, its options and configuration
files. We'll revisit the idea of ssh port forwarding, first
introduced when we discussed X, and show how ssh can be used
to forward any port. We'll talk about how ssh can be used to
hop through multiple hosts. Then we'll take a look at the ssh
server and its configuration options. We'll talk about ssh
keys, both personal keys and host keys, the tools that
generate them and the configuration files that use
them. Finally, we'll look at rsync, a very useful tool that
can be used in conjunction with ssh.
12. Web server.
Slides from this talk: 12-web/presentation-notes.pdf
Summary:
We'll begin with an overview of web servers and web browsers.
Then we'll take a look at the apache web server, the most
common web server in use today. We'll talk about apache
configuration options, including some of the available modules
that extend the core apache functionality. We'll see how to
check the syntax of configuration files. We'll talk about how
to find documentation for apache. Then we'll look at how the
apache httpd service is started under Linux. We'll discuss
password-protected web pages, and see how users can control
apache's behavior for their own pages within limits set by the
administrator. Next, we'll look at mod_include, one of most
useful apache modules. We'll see how mod_include enables
server-side-includes, conditional expressions and variables.
13. Grub and the kernel.
Slides from this talk: 13-kernel/presentation-notes.pdf
Summary:
We'll start out by reviewing the boot process. Then we'll
take a look at the grub boot loader, and its configuration.
We'll see how multiple operating systems can exist on the same
computer and be booted through grub. We'll discuss
password-protecting the grub boot menu. Then we'll take a
look at the Linux kernel, starting with a discussion about
what the kernel is. We'll talk about kernel modules, and
tools for managing them. Then we'll look at building the
kernel from source code, using code directly from Linux kernel
repositories. We'll look at kernel configuration and look at
the steps necessary to build the kernel and its related
modules from source.
14. Physical Security, Printing, Certificates, Miscellaneous topics.
Slides from this talk: 14-misc/presentation-notes.pdf
Summary:
In this final meeting, we'll look at ways to break into Linux
computers, given access to the console. We'll talk about
using grub or live CDs to accomplish this. Once in, we'll see
how to perform tasks like changing the root password. We'll
also take a quick look at printing under Linux, and an even
quicker look at how digital signatures and certificates work.
Finally, we'll look at a few miscellaneous topics that we
haven't had time for yet, including cron, tar, date, and a few
useful information sources on the web.
|