Linux System Administration for Researchers

	Linux System Administration for Researchers
	-------------------------------------------

	This course aims to provide a practical introduction to
System Administration for researchers who find themselves
in charge of a Linux computer.  We take a nuts-and-bolts approach
to each topic, examining realistic problems that the system 
administrator may encounter.  Although many of the details will
be Linux-specific, much of the course's content will be of general
value, including overviews of computer hardware and the 
principles of networking.


Course Materials:
-----------------
The following items may be useful, but aren't required:

Linux Administration Handbook (2nd Edition), 
 by Evi Nemeth, Garth Snyder and Trent Hein

KNOPPIX DVD
Ubuntu DVD
CentOS DVD


Syllabus:
---------

Outline:
--------
1. Linux History and Introduction to computer hardware
2. Introduction to the command line, filesystem and text editors
3. Introduction to users, groups and permissions
4. Introduction to process management and a first look at init
5. Introduction to Bourne Shell Scripts
6. Introduction to X
7. Introduction to Networking
8. Network services and Security
9. Disks, Partitions, LVM and Filesystems
10. Installing the OS, and Package Management
11. Ssh and Rsync
12. Web Server
13. Grub and the Kernel
14. Physical Security, Printing, Certificates, Miscellaneous Topics


Details:
--------
1. Linux History and Introduction to computer hardware.
   Slides from this talk: 01-hardware/presentation-notes.pdf
   Summary:
	We'll start with a brief history of Linux, followed by
	a survey of the hardware components of a modern computer.
	We'll talk about hard disks, memory, power supplies,
	processors, expansion buses, motherboards, motherboard
	architecture, and external interfaces, among other things.
	We'll talk about the speeds of the various buses and
	interfaces.  We'll talk about the differences between CPUs,
	including speed, cache, hyperthreading, virtualization
	features and power management.  The discussion of motherboard
	architecture will present the Northbridge/Southbridge model
	and note the limitations imposed by current memory bus speeds.
	While discussing disks, we'll talk about the problem of static
	Unrecoverable Read Error (URE) rates versus the rapidly growing
	size of available disks.  We'll also talk about recent
	research disk failure rates.  We'll discuss options for
	connecting external storage devices.  Finally, we'll discuss
	the BIOS and newer EFI.

2. Introduction to the command line, filesystem and text editors.
   Slides from this talk: 02-shell/presentation-notes.pdf
   Summary:
	We'll discuss the command line, with an overview of the most
	commonly useful commands and a look at syntax conventions.
	We'll introduce the most commonly used login shells.  We'll
	discuss shell built-in versus external commands, and how
	external commands are located.  We'll talk about environment
	variables, and how they get set.  We'll introduce pipes and
	backticks, and show how they can be used to string commands
	together. The directory tree as seen by Linux, including
	special directories like the root directory and the "." and
	".." directories.  We'll discuss mount points, and the Unix
	concept of a single tree structure representing all available
	files.  We'll introduce mounting and unmounting filesystems.
	We'll discuss user and group file ownerships.  We'll parse the
	output of the "ls" command and discuss flags that control the
	form of this output.  We'll look at the directory structure
	commonly found on a Linux computer. We'll talk about
	documentation, in the form of man pages and info pages.  We'll
	introduce a few common editors.

3. Introduction to users, groups and permissions.
   Slides from this talk: 03-users/presentation-notes.pdf
   Summary:
	Now we'll begin to talk about the creation of user accounts
	and user groups, starting with a look at the passwd, shadow
	and group files.  We'll look at tools for creating and
	deleting accounts and groups, and tools for modifying their
	properties.  We'll talk about how password information is
	stored, and how password authentication works.  We'll talk
	more about the permission bits on files and directories, how
	to use them and how to modify them.  We'll talk about other
	access-control mechanisms like file attributes and ACLs, and
	introduce tools for managing these.  We'll talk about setuid
	and setgid files, and talk about situations in which they're
	useful.  Finally, we'll talk about the superuser, root, and
	discuss ways to let users have partial or complete control
	over a machine.

4. Introduction to process management and a first look at init.
   Slides from this talk: 04-processes/presentation-notes.pdf
   Summary:
	We begin to look at processes and process management, starting
	with tools for viewing information about currently-running
	processes.  We'll discuss running processes in the background,
	and how to manage these processes.  We'll talk more about
	pipes and redirects, and differences in the ways these work
	under different shells.  We'll introduce the /proc filesystem,
	and take a look under its hood.  We'll talk about running
	executables under strace to watch what they do.  We'll look
	at the lsof and fuser commands that allow you to see what
	files a process is currently using.  We'll introduce the
	"watch" command.  We'll look at tools for killing single
	processes or groups of processes, and talk about signals as a
	way of communicating with processes.  We'll talk about the
	niceness of a process, and how to change this.  We'll look at
	tools for viewing the load on the computer, and listing
	logged-in users.  Finally, we'll take a first look at the init
	process, and /etc/inittab, and talk about runlevels.

5. Introduction to Bourne Shell Scripts.
   Slides from this talk: 05-scripts/presentation-notes.pdf
   Summary:
	Now that we know how to use the shell, we'll begin talking
	about ways to automate our work. We'll talk about the choice
	of a Bourne shell language, like bash, versus other languages.
	We'll then take a detailed look at scripting under the Bourne
	shell.  We'll look at flow control constructs like
	if/else/elif/fi, while/do/done, for/do/done, etc.  We'll look
	at conditional expressions using "test" or "[]".  We'll look
	at the usefulness of the "$@" variable.  We'll show how to
	pass command-line arguments.  We'll talk about grep, and
	regular expressions, and we'll talk about sed, awk and several
	other commands that are particularly useful when writing shell
	scripts.

6. Introduction to X.
   Slides from this talk: 06-x/presentation-notes.pdf
   Summary:
	We'll begin with a history of the X window system, then move
	on to a discussion of how X works.  We'll introduce the
	concepts of X clients and servers, and talk about X's
	principle of network transparency.  We'll introduce tools for
	finding out about the X server.  Then we'll look at how to
	configure an X server, through /etc/X11/xorg.conf.  We'll look
	how the X server gets started at boot time through init.
	We'll talk about X sessions, and how they're configured.
	We'll introduce the concept of X resources, and show how to
	manage them.  We'll look at how fonts are managed under X.
	We'll look at tools for helping configure an X server.  We'll
	discuss security issues with X, and talk about some best
	practices.  We'll introduce tunnels, and briefly discuss the
	use of X with ssh/nxclient.  Finally, we'll talk a little bit
	about the various window managers and desktop environments
	available for X.

7. Introduction to Networking.
   Slides from this talk: 07-network/presentation-notes.pdf
   Summary:
        We'll look, one by one, at the layers that make up the "five
        layer" TCP/IP model of networking.  We'll start out by
        introducing ethernet by comparing it with other alternatives
        and describing the CSMA/CD principle upon which it works.
        We'll talk about hardware (MAC) addresses, and how they're
        used along with the ARP protocol and gateways to route
        messages.  We'll talking about Internet Protocol (IP), and the
        assignment of IP address and names.  We'll talk about how the
        Domain Name System (DNS) works, and how DNS lookups are
        configured on a Linux computer.  We'll also look at the local
        /etc/hosts file and see how it contributes to name resolution.
        We'll discuss dynamically-assigned IP addresses.  We'll talk
        about ping and traceroute.  Next we'll move up to the
        Transport layer and talk about the TCP and UDP protocols.
        We'll talk about the pros and cons of TCP and UDP.  We'll
        introduce the concept of ports.  We'll discuss how ethernet
        interfaces are represented and configured under Linux,
        including network interface names, the "ifconfig" and "route"
        commands, and configuration files for common Linux
        distributions.  We'll talk about network monitoring tools.


8. Network services and Security.
   Slides from this talk: 08-services/presentation-notes.pdf
   Summary:
	Now that we're familiar with networking, we'll take a look at
	network services.  We'll take another look at the init
	process, and /etc/inittab.  We'll talk about runlevels, the
	System-V-style init scripts, and tools for maintaining them.
	We'll look at tools for monitoring and discovering network
	services.  We'll talk about a few basic principles for safely
	creating and using network services.  Then we'll look at some
	specific tools for controlling access to network services,
	including tcp_wrappers and firewall rules.  We'll take a look
	at iptables and see how it can be used to configure firewall
	rules.  We'll also talk about some higher-level interfaces
	that can be used to configure iptables rules.  Then we'll take
	a quick look at other things iptables can do, such as NAT, and
	we'll look at netstat-nat for monitoring NATed connections.
	We'll also look at ipvsadm, which can be used for
	load-balancing.  We'll look at a couple of tools for security
	auditing.  Finally, we'll discuss how some cheap commodity
	routers use iptables and other network tools to do their jobs.

9. Disks, Partitions, LVM and Filesystems.
   Slides from this talk: 09-filesystems/presentation-notes.pdf
   Summary:
        We'll begin by discussing the concept of disk partitions,
	including the differences between primary, extended and
	logical partitions.  We'll look at a typical partition layout
	under Linux.  We'll look at how fdisk can be used to manage
	partitions, and how disks and partitions show up in the /dev
	filesystem.  We'll quickly look at creating swap partitions.
	Then we'll move on to creating filesystems on partitions or
	logical volumes.  We'll look at the types of filesystem
	available and discuss some of their differences.  We'll look
	at tools for creating, labeling, checking and getting
	information about filesystems.  Then we'll move on to mounting
	and unmounting filesystems.  We'll introduce the ability to
	automatically mount filesystems at boot time through
	/etc/fstab. We'll look at Logical Volume Management (LVM), and
	see how it can be used as another layer of abstraction on top
	of raw disks and partitions.  We'll introduce LVM concepts and
	a minimal set of commands for creating and managing logical
	volumes.

10. Installing the OS, and Package Management.
   Slides from this talk: 10-packages/presentation-notes.pdf
   Summary:
	We'll talk about Linux distributions and package management
	systems, then focus on the ones that are most prevalent today.
	We'll introduce package management issues like uninstallation,
	dependencies, verification, inventory and signatures.  We'll
	talk about live CDs, and their uses.  Then we'll move on to
	demonstrate a typical CentOS installation procedure.  While
	the installation is completing, we'll look at rpm and related
	commands for managing the rpm packages used by CentOS.  We'll
	talk installing, uninstalling and querying packages, and
	building packages from source.  Then we'll move on to
	higher-level interfaces for automatically installing packages
	and dependencies from remote repositories, and look at how the
	task of installing daily updates can be automated.  We'll talk
	about dealing with broken binary packages, and re-installing
	already-installed packages.  We'll look at how a corrupt rpm
	database can be repaired.  We'll then look at how rpm can be
	used to list detailed information about the packages in its
	database, in any format you choose.  Then we'll move on to
	another installation demo, this time showing a typical Ubuntu
	installation procedure.  While it's finishing, we'll talk
	about deb packages, the dpkg command and "apt".

11. Ssh and rsync.
   Slides from this talk: 11-ssh/presentation-notes.pdf
    Summary:
	We'll begin with a history of remote command-line tools. Next,
	we'll talk a little bit about public-key cryptography.  Then
	we'll talk about the ssh client, its options and configuration
	files.  We'll revisit the idea of ssh port forwarding, first
	introduced when we discussed X, and show how ssh can be used
	to forward any port.  We'll talk about how ssh can be used to
	hop through multiple hosts.  Then we'll take a look at the ssh
	server and its configuration options.  We'll talk about ssh
	keys, both personal keys and host keys, the tools that
	generate them and the configuration files that use
	them. Finally, we'll look at rsync, a very useful tool that
	can be used in conjunction with ssh.

12. Web server.
   Slides from this talk: 12-web/presentation-notes.pdf
    Summary:
	We'll begin with an overview of web servers and web browsers.
	Then we'll take a look at the apache web server, the most
	common web server in use today.  We'll talk about apache
	configuration options, including some of the available modules
	that extend the core apache functionality.  We'll see how to
	check the syntax of configuration files.  We'll talk about how
	to find documentation for apache.  Then we'll look at how the
	apache httpd service is started under Linux.  We'll discuss
	password-protected web pages, and see how users can control
	apache's behavior for their own pages within limits set by the
	administrator.  Next, we'll look at mod_include, one of most
	useful apache modules.  We'll see how mod_include enables
	server-side-includes, conditional expressions and variables.
	

13. Grub and the kernel.
   Slides from this talk: 13-kernel/presentation-notes.pdf
    Summary:
	We'll start out by reviewing the boot process.  Then we'll
	take a look at the grub boot loader, and its configuration.
	We'll see how multiple operating systems can exist on the same
	computer and be booted through grub. We'll discuss
	password-protecting the grub boot menu.  Then we'll take a
	look at the Linux kernel, starting with a discussion about
	what the kernel is.  We'll talk about kernel modules, and
	tools for managing them. Then we'll look at building the
	kernel from source code, using code directly from Linux kernel
	repositories.  We'll look at kernel configuration and look at
	the steps necessary to build the kernel and its related
	modules from source.

14. Physical Security, Printing, Certificates, Miscellaneous topics.
   Slides from this talk: 14-misc/presentation-notes.pdf
    Summary:
	In this final meeting, we'll look at ways to break into Linux
	computers, given access to the console.  We'll talk about
	using grub or live CDs to accomplish this.  Once in, we'll see
	how to perform tasks like changing the root password.  We'll
	also take a quick look at printing under Linux, and an even
	quicker look at how digital signatures and certificates work.
	Finally, we'll look at a few miscellaneous topics that we
	haven't had time for yet, including cron, tar, date, and a few
	useful information sources on the web.