Ensurepass

9. Other System Administration
9.1 Date/Time
1. redhat-config-time
o a.k.a redhat-config-date, dateconfig
o GUI based.
o Set system time/date.
o Select timezone.
o Enable Network Time Protocol (NTP).
o Set whether hardware clock is set to UTC.
2. timeconfig
o TUI based.
o Select timezone.
o Set whether hardware clock is set to UTC.
3. date
o CLI based.
o Set system date/time.
4. hwclock
o Used to query/set hardware clock.
o Can sync the hardware clock to the system clock and vice-versa.
o Hardware clock used at boot up to set system clock, then never used again during normal operation.
o Hardware clock is synced to the system clock at shutdown.
9.2 Keyboard
1. kbdconfig
o TUI based.
o Sets the default keyboard map.
o Value stored in /etc/syconfig/keyboard (KEYTABLE=”us”).
2. kbdrate
Sets keyboard repeat rate and delay:
kbdrate -r30 -d0
Sets the repeat rate to 30 characters per second (the max) and a repeat delay of 250 ms (lowest possible).
9.3 Mouse
1. mouseconfig
o Configures file links and modifies configuration files necessary to use a mouse.
o TUI or CLI
o Modifies X Configuration file
o CLI Options:
o –modifyx # Modify X configuration file
o –device # Specify device to use for mouse
o –noprobe # No automatic probing is done
o –emulthree # Enable 3 button emulation
o –kickstart # Forces mouseconfig to run in non-interactive mode and
o # probe for as much information about the mouse as possible
o
2. Xconfigurator
See section on X for more information.
9.4 Sound
1. sndconfig
o TUI based.
o Options:
o –noprobe # Prevent probing of PnP cards
o –noautoconfig # Allow user to choose settings for card
o
9.5 RH System configuration files
RH stores many sys config files under /etc/sysconfig:
Note: The following is taken from the sysconfig.txt file provided in Red Hat’s initscripts (version 6.40) package. Obsolete options have been removed.
/etc/sysconfig/authconfig
used by authconfig to store information about the system’s user
information and authentication setup; changes made to this file
have no effect until the next time authconfig is run

USEHESIOD=no
Whether or not the hesiod naming service is in use. If not set,
authconfig examines the passwd setting in /etc/nsswitch.conf.
USELDAP=no
Whether or not LDAP is used as a naming service. If not set,
authconfig examines the passwd setting in /etc/nsswitch.conf.
USENIS=no
Whether or not NIS is in use. If not set, authconfig examines
the passwd setting in /etc/nsswitch.conf.

USEKERBEROS=no
Whether or not Kerberos is in use. If not set, authconfig examines
the settings in /etc/pam.d/system-auth.
USELDAPAUTH=no
Whether or not LDAP is being used for authentication. If not set,
authconfig examines the settings in /etc/pam.d/system-auth. Note
that this option is separate from USELDAP, and that neither implies
the other.
USEMD5=no
Whether or not MD5-based hashing should be used when setting passwords.
If not set, authconfig examines the settings in /etc/pam.d/system-auth.
This option affects authentication using both local files and LDAP.
USESHADOW=no
Whether or not shadow passwords are in use. If not set, authconfig
checks for the existence of /etc/shadow.
USESMBAUTH=no
Whether or not SMB authentication is in use. If not set, authconfig
examines the settings in /etc/pam.d/system-auth.
/etc/sysconfig/autofsck
does not normally exist; if it does, it can influence a choice
whether or not to fsck after a crash

AUTOFSCK_TIMEOUT=5
Number of seconds to wait for console user to make a choice
AUTOFSCK_DEF_CHECK=no
If the user does not respond, choose whether or not to fsck
/etc/sysconfig/clock:
UTC=true indicates that the clock is set to UTC; anything
else indicates that it is set to local time
ARC=true on alpha only indicates the ARC console’s
42-year time offset is in effect; otherwise the normal
Unix epoch is assumed
ZONE=”filename” indicates the zone file under /usr/share/zoneinfo
that /etc/localtime is a copy of, for example:
ZONE=”US/Eastern”
/etc/sysconfig/desktop:
DESKTOP=GNOMEKDEAnotherLevel
This determines the display manager started by /etc/X11/prefdm
/etc/sysconfig/init:
BOOTUP=
BOOTUP=color means new (as of RH6.0) boot display.
BOOTUP=verbose means old style display
Anything else means new display, but without ANSI-formatting
LOGLEVEL=
Sets the initial console logging level for the kernel.
The default is 7. 8 means everything (including debugging);
1 means nothing except kernel panics. syslogd will override
this once it starts.
RES_COL=

Column of the screen to start status labels at. Defaults to 60
MOVE_TO_COL=

A command to move the cursor to $RES_COL. Defaults to nasty
ANSI sequences output by echo -e.
SETCOLOR_SUCCESS=

A command to set the color to a color indicating success.
Defaults to nasty ANSI sequences output by echo -e setting
the color to green.
SETCOLOR_FAILURE=

A command to set the color to a color indicating failure.
Defaults to nasty ANSI sequences output by echo -e setting
the color to red.
SETCOLOR_WARNING=

A command to set the color to a color indicating warning.
Defaults to nasty ANSI sequences output by echo -e setting
the color to yellow.
SETCOLOR_NORMAL=

A command to set the color to ‘normal’. Defaults to nasty
ANSI sequences output by echo -e.
PROMPT=yesno
Set to ‘no’ to disable the key check for interactive mode.
/etc/sysconfig/keyboard:
KEYTABLE=
for example: KEYTABLE=”/usr/lib/kbd/keytables/us.map”

If you dump a keymap (using ‘dumpkeys’) to
/etc/sysconfig/console/default.kmap
it will be loaded on bootup before file systems are mounted/checked.
This could be useful if you need to emergency type the root password.
This has to be a dumped keymap, as opposed to copying the shipped
keymap files, as the shipped files include other maps from the
/usr/lib/kbd/keytables directory.

KEYBOARDTYPE=sunpc
on SPARC only, sun means a sun keyboard is attached on /dev/kbd,
pc means a PS/2 keyboard is on ps/2 port.
/etc/sysconfig/mouse:
MOUSETYPE=microsoftmousemanmousesystemsps/2msbmlogibmatibm
logitechmmseriesmmhittab
XEMU3=yesno (emulate three buttons with two buttons whenever
necessary, most notably in X)
DEVICE=
(the device of the mouse)

In addition, /dev/mouse points to the mouse device.
/etc/sysconfig/network:
NETWORKING=yesno
HOSTNAME=
GATEWAY=
GATEWAYDEV= (e.g. eth0)
NISDOMAIN=
IPX=yesno
IPXAUTOPRIMARY=onoff (note, that MUST be onoff, not yesno)
IPXAUTOFRAME=onoff (again, not yesno)
IPXINTERNALNETNUM=
IPXINTERNALNODENUM=

NETWORKING_IPV6=yesno
Enable or disable global IPv6 initialization
IPV6FORWARDING=yesno
Enable or disable global forwarding of incoming IPv6 packes
on all interfaces.
Note: Actual packet forwarding cannot be controlled per-device.
IPV6INIT=yesno
Enable or disable IPv6 configuration for all interfaces.
Use with caution!

IPV6_AUTOCONF=yesno
Sets the default for device-based autoconfiguration.
Default: yes if IPV6FORWARDING=no, no if IPV6FORWARDING=yes
IPV6_ROUTER=yesno
Sets the default for device-based Host/Router behaviour.
Default: yes if IPV6FORWARDING=yes, no if IPV6FORWARDING=no
IPV6_AUTOTUNNEL=yesno
Controls automatic IPv6 tunneling.

IPV6_TUNNELMODE=IPNBMA [OPTIONAL: IP by default]
Mode of tunnel setup
IP: separate tunnel device mode (now recommeded)
NBMA: NBMA-styled tunnel mode (now mostly obsolete)

All IPv6 options can be overridden in interface-specific configuration.

All the IPX stuff is optional, and should default to off.
/etc/sysconfig/static-routes:
Contains lines of the form:

hostnet

may be a device name to have the route brought up and
down with the device, or “any” to have the correct devices calculated
at run time.

For example:

eth0 host 192.168.2.2 eth0

adds a host route through eth0 to 192.168.2.2, while

any net 192.168.2.0 netmask 255.255.255.0 ppp0

adds a network route to the 192.168.2.0 network through ppp0.
/etc/sysconfig/static-routes-ipv6:
Contains lines of the form:

ipv6network ipv6gateway
ipv6network

must be a device name to have the route brought up and
down with the device

For example:

eth0 fec0:0:0:2::/64 fec0:0:0:1:0:0:0:20
adds a route for IPv6 network fec0:0:0:2::/64 through fec0:0:0:1:0:0:0:20

eth0 2000::/3 3ffe:400:100:f101::1
eth0 3ffe::/16 3ffe:400:100:f101::1
so-called “default” route for clients

sit1 2000::/3
sit1 3ffe::/16
adds routes through virtual tunnel sit1
/etc/sysconfig/routed:
SILENT=yesno
EXPORT_GATEWAY=yesno
/etc/sysconfig/rawdevices:
This is used for setting up raw device to block device mappings.
It has the format:


For example:
/dev/raw/raw1 /dev/sda1
/dev/raw/raw2 8 5
/etc/sysconfig/pcmcia:
PCMCIA=yesno
PCIC=i82365tcic
PCIC_OPTS=
CORE_OPTS= CARDMGR_OPTS=
/etc/sysconfig/amd:
ADIR=/.automount (normally never changed)
MOUNTPTS=’/net /etc/amd.conf’ (standard automount stuff)
AMDOPTS= (extra options for AMD)
/etc/sysconfig/tape:
DEV=/dev/nst0
Tape device. Use the non-rewinding one for these scripts.

For SCSI tapes this is /dev/nst#, where # is the number of the
tape drive you want to use. If you only have one then use
nst0.

For IDE tapes you use /dev/ht#, where # is the number of the tape
drive you want to use (usually ht0).

For floppy tape drives use /dev/ftape.

ADMIN=root
Person to mail to if the backup fails for any reason

SLEEP=5
Time to sleep between tape operations. Some drives need a bit
more than others, but 5 seems to work for 8mm, 4mm, and DLT

BLOCKSIZE=32768
This worked fine for 8mm, then 4mm, and now DLT. An optimal
setting is probably however much data your drive writes at one
time.

SHORTDATE=$(date +%y:%m:%d:%H:%M)
A short date string, used in backup log filenames.

DAY=$(date +log-%y:%m:%d)
This is used for the log file directory.

DATE=$(date)
Regular date string, used in log files.

LOGROOT=/var/log/backup
Root of the logging directory

LIST=$LOGROOT/incremental-list
This is the file name the incremental backup will use to store
the incremental list. It will be $LIST-{some number}.

DOTCOUNT=$LOGROOT/.count
For counting as you go to know which incremental list to use

COUNTER=$LOGROOT/counter-file
For rewinding when done…might not use.

BACKUPTAB=/etc/backuptab
The file in which we keep our list of backup(s) we want to make.
/etc/sysconfig/sendmail:
DAEMON=yesno
yes implies -bd (i.e., listen on port 25 for new mail)
QUEUE=1h
given to sendmail as -q$QUEUE
-q option is not given to sendmail if /etc/sysconfig/sendmail
exists and QUEUE is empty or undefined.
/etc/sysconfig/i18n
LANG= set locale for all categories, can be any two letter ISO
language code
LC_CTYPE= localedata configuration for classification and conversion
of characters
LC_COLLATE= localedata configuration for collation (sort order) of
strings
LC_MESSAGES= localedata configuration for translation of yes and no
messages
LC_NUMERIC= localedata configuration for non-monetary numeric data
LC_MONETARY= localedata configuration for monetary data
LC_TIME= localedata configuration for date and time
LC_ALL= localedata configuration overriding all of the above
LANGUAGE= can be a : separated list of ISO language codes
LINGUAS= can be a ‘ ‘ separated list of ISO language codes

The above variables are used in /etc/profile.d/lang.sh.

SYSFONT= any font that is legal when used as
/usr/bin/consolechars -f $SYSFONT …
(See console-tools package for consolechars command)

UNIMAP= any SFM (screen font map, formerly called Unicode mapping
table – see consolechars(8))
/usr/bin/consolechars -f $SYSFONT –sfm $UNIMAP

SYSFONTACM= any ACM (application charset map – see consolechars(8))
/usr/bin/consolechars -f $SYSFONT –acm $SYSFONTACM

The above is used by the /sbin/setsysfont command (which is run
by rc.sysinit at boot time.)
/etc/sysconfig/harddisks
/etc/sysconfig/harddiskhd[a-h] (for specific devices)
These options are used to tune (E)IDE hard drives –
read the hdparm man page for more information

USE_DMA=1
Set this to 1 to enable DMA. This might cause some
data corruption on certain chipset / hard drive
combinations. USE WITH CAUTION AND BACKUP.
This is used with the “-d” option

MULTIPLE_IO=16
Multiple sector I/O. a feature of most modern IDE hard drives,
permitting the transfer of multiple sectors per I/O interrupt,
rather than the usual one sector per interrupt. When this feature
is enabled, it typically reduces operating system overhead for disk
I/O by 30-50%. On many systems, it also provides increased data
throughput of anywhere from 5% to 50%. Some drives, however (most
notably the WD Caviar series), seem to run slower with multiple mode
enabled. Under rare circumstances, such failures can result in
massive filesystem corruption. USE WITH CAUTION AND BACKUP.
This is the sector count for multiple sector I/O – the “-m” option

EIDE_32BIT=3
(E)IDE 32-bit I/O support (to interface card). USE WITH CAUTION.

LOOKAHEAD=1
Enable drive read-lookahead (safe)

EXTRA_PARAMS=
Add any extra parameters you want to pass to hdparm here.
/etc/sysconfig/network-scripts/ifup:
/etc/sysconfig/network-scripts/ifdown:
Symlinks to /sbin/ifup and /sbin/ifdown, respectively.
These are the only two scripts “in” this directory that should
be called directly; these two scripts call all the other
scripts as needed. These symlinks are here for legacy purposes
only — they’ll will probably be removed in future versions, so
only /sbin/ifup and /sbin/ifdown should currently be used.

These scripts take one argument normally: the name of the device
(e.g. eth0). They are called with a second argument of “boot”
during the boot sequence so that devices that are not meant to
be brought up on boot (ONBOOT=no, see below) can be ignored at
that time.
/etc/sysconfig/network-scripts/init.ipv6-global:
Not really a public file. Contains different basic settings that
are set from /etc/rc.d/init.d/network at different stages of
network initialization.
/etc/sysconfig/network-scripts/network-functions:
Not really a public file. Contains functions which the scripts use
for bringing interfaces up and down. In particular, it contains
most of the code for handling alternative interface configurations
and interface change notification through netreport.
/etc/sysconfig/network-scripts/network-functions-ipv6:
Not really a public file. Contains functions which the scripts use
for bringing IPv6 on interfaces up and down, like addresses, routes,
forwarding handling and static or automatic tunneling.
/etc/sysconfig/network-scripts/ifcfg- and
/etc/sysconfig/network-scripts/ifcfg-::
The first defines an interface, and the second contains
only the parts of the definition that are different in a
“alias” (or alternative) interface. For example, the
network numbers might be different, but everything else
might be the same, so only the network numbers would be
in the alias file, but all the device information would
be in the base ifcfg file.

The items that can be defined in an ifcfg file depend on the
interface type. The really obvious ones I’m not going to
bother to define; you can figure out what “IPADDR” is, I
think… 🙂

Base items:
NAME=
Most important for PPP. Only used in front ends.
DEVICE=
IPADDR=
NETMASK=
GATEWAY=
ONBOOT=yesno
USERCTL=yesno
BOOTPROTO=nonebootpdhcp
MTU=
PEERDNS=yesno
modify /etc/resolv.conf if peer uses msdns extension (PPP only) or
DNS{1,2} are set, or if using pump or dhcpcd. default to “yes”.
DNS{1,2}=
provide DNS addresses that are dropped into the resolv.conf
file if PEERDNS is not set to “no”.
FIREWALL_MODS=yesno
modify firewall to attempt to allow DNS through. Defaults to ‘yes’.

If BOOTPROTO is not “none”, then the only other item that
must be set is the DEVICE item; all the rest will be determined
by the boot protocol. No “dummy” entries need to be created.

Base items being deprecated:
NETWORK=
BROADCAST=

IPv6-only items for real interfaces:
IPV6INIT=yesno
Enable or disable IPv6 configuration for this interface
IPV6FORWARDING=yesno
Enable or disable global forwarding of incoming IPv6 packets
Note! Obsolete in interface specification.
IPV6ADDR=/ specify primary static IPv6 address here
Example:
IPV6ADDR=”3ffe:400:100:f101::1/64″
IPV6ADDR_SECONDARIES= a list of secondary IPv6 addresses (perhaps useful for virtual hosting)
Example:
IPV6ADDR_SECONDARIES=”3ffe:400:100:f101::10/64 3ffe:400:100:f101::11/64″
IPV6_MTU=”” [optional]
Note: Must be greater or equal to 1280.
Optional, dedicated MTU of this link
Example:
IPV6_MTU=”1280″

Special configuration options for multi-homed hosts etc.
IPV6_ROUTER=yesno: controls IPv6 autoconfiguration
IPV6_AUTOCONF=yesno: controls IPv6 autoconfiguration
defaults:
global IPV6FORWARDING=yes: IPV6_AUTOCONF=no, IPV6_ROUTER=yes
global IPV6FORWARDING=no: IPV6_AUTOCONF=yes

Optional settings for a 6to4 tunnel
IPV6TO4INIT=yesno
Enable or disable 6to4 tunneling setup
IPV6TO4_RELAY=
IPv4 address of the remote 6to4 relay
IPV6TO4_IPV4ADDR= [OPTIONAL]
overwrite local IPv4 address which is accessable from the Internet
(optional, in case of NAT or other special scenarios)
IPV6TO4_ROUTING= [OPTIONAL]
a list of routing tokens to setup proper IPv6 routes on the LAN
Example:
IPV6TO4_ROUTING=”eth0-:f101::0/64 eth1-:f102::0/64″
Will create one route per eth0 and eth1, taking given SLA
IPV6TO4_CONTROL_RADVD=yesno [OPTIONAL]
Enable signalling radvd that the 6to4 prefix has been changed
IPV6TO4_RADVD_PIDFILE= [OPTIONAL]
location of PID file to get PID for sending signal
default is “/var/run/radvd/radvd.pid”
Example:
IPV6TO4_RADVD_PIDFILE=”/some/other/location/radvd.pid”

IPv6-only items for automatic tunnel interface:
Virtual interface name: sit0
IPV6INIT=yesno
Enable or disable IPv6 configuration for this interface
Obsolete now, see IPV6_AUTOTUNNEL in /etc/sysconfig/network

IPv6-only items for static unnumbered tunnel interface:
Virtual interface name: sit1..
IPV6INIT=yesno
Enable or disable IPv6 configuration for this interface
IPV6TUNNELIPV4=
specify IPv4 address of a foreign IPv6-in-IPv4 tunnel endpoint
Example:
IPV6TUNNELIPV4=”195.226.187.50″
IPV6ADDR=/ [OPTIONAL]
local IPv6 address of a numbered tunnel

Ethernet-only items:
{IPXNETNUM,IPXPRIMARY,IPXACTIVE}_{802_2,802_3,ETHERII,SNAP}
configuration matrix for IPX. Only used if IPX is active.
Managed from /etc/sysconfig/network-scripts/ifup-ipx
ARP=yesno (adds ‘arp’ flag to ifconfig, for use with the
ethertap device)
Deprecated:
PROMISC=yesno (enable or disable promiscuous mode)
ALLMULTI=yesno (enable or disable all-multicast mode)

To properly set these, use the packet socket interface.

PPP/SLIP items:
PERSIST=yesno
MODEMPORT=
LINESPEED=
DEFABORT=yesno (tells netcfg whether or not to put default
abort strings in when creating/editing the chat script and/or
dip script for this interface)
(meaningless with WVDIALSECT)

PPP-specific items
WVDIALSECT= If this variable is set, then the chat script (if it
exists) is ignored, and wvdial is used to open the
PPP connection.
DEFROUTE=yesno (set this interface as default route? yes is default)
DEBUG=yesno (defaults to yes)
turns on/off pppd and chat (if used) debugging.
ESCAPECHARS=yesno (simplified interface here doesn’t let people
specify which characters to escape; almost everyone can use
asyncmap 00000000 anyway, and they can set PPPOPTIONS to
asyncmap foobar if they want to set options perfectly)
HARDFLOWCTL=yesno (yes imples “modem crtscts” options)
PPPOPTIONS=
PAPNAME=<"name $PAPNAME" on pppd command line> (note that
the “remotename” option is always specified as the logical
ppp device name, like “ppp0” (which might perhaps be the
physical device ppp1 if some other ppp device was brought
up earlier…), which makes it easy to manage pap/chap
files — name/password pairs are associated with the
logical ppp device name so that they can be managed
together.
REMIP=
MTU=
MRU=
DISCONNECTTIMEOUT=
(time to wait before re-establishing the connection after
a successfully-connected session terminates before attempting
to establish a new connection.)
RETRYTIMEOUT=
(time to wait before re-attempting to establish a connection
after a previous attempt fails.)
RETRYCONNECT=yesno (defaults to yes)
If this is yes, then we will re-run pppd if it exits with a
“connect script failed” status. Otherwise, only one attempt
is made to bring up the connection. Note that some connect
scripts (for example, wvdial) might do their own retries (such
as BUSY or NO DIALTONE conditions).
MAXFAIL=
If this is set, this will cause ppp-watch to exit after
the specified number of attempts.
DEMAND=yesno
Switches on demand-dialing mode using pppd’s “demand” option.
IDLETIMEOUT=600
The amount of time the link needs to be inactive before pppd will
bring it down automatically.
BOOTTIMEOUT=30
The amount of time to wait at boot before giving up on the
connection.

IPPP-specific items (ISDN)
PROVIDER=
USER=
PASSWORD=
ENCAP=[syncppp]
DIALMODE=[manualauto]
SECURE=offon
MSN=<>
PHONE_IN=
AREACODE=<>
REGIONCODE=<>
PHONE_OUT=
BUNDLING=offon
HUPTIMEOUT=
DNS1=
DNS2=
DOMAIN=””
LAYER=[HDLC]
CALLBACK=offon
CHARGEHUP=
CHARGEINT=
CBHUP=
CBDELAY=
DIALMAX=
AUTH=[+pap] [-chap]
IHUP=<>
DELDEFAULTROUTE=[enableddisabled]
CBCP=offon
VJ=offon
VJCCOMP=offon
AC=offon
PC=offon
BSDCOMP=offon
CCP=offon
SLAVE_DEVICE=ippp[0-9]

ippp0 items being deprecated:
BOOT=[onoff] will be converted to ONBOOT=[yesno] by netconf
LOCAL_IP= will be converted to IPADDR by netconf
REMOTE_IP= will be converted to GATEWAY by netconf
/etc/sysconfig/network-scripts/chat-:
chat script for PPP or SLIP connection intended to establish
the connection. For SLIP devices, a DIP script is written
from the chat script; for PPP devices, the chat script is used
directly.
/etc/sysconfig/network-scripts/dip-
A write-only script created from the chat script by netcfg.
Do not modify this. In the future, this file may disappear
by default and created on-the-fly from the chat script if
it does not exist.
/etc/sysconfig/network-scripts/ifup-post
Called when any network device EXCEPT a SLIP device comes
up. Calls /etc/sysconfig/network-scripts/ifup-routes to
bring up static routes that depend on that device. Calls
/etc/sysconfig/network-scripts/ifup-aliases to bring up
aliases for that device. Sets the hostname if it is not
already set and a hostname can be found for the IP for that
device. Sends SIGIO to any programs that have requested
notification of network events.

Could be extended to fix up nameservice configuration, call
arbitrary scripts, etc, as needed.
/etc/sysconfig/network-scripts/ifup-routes
Set up static routes for a device.
/etc/sysconfig/network-scripts/ifup-aliases
Bring up aliases for a device.
/etc/sysconfig/network-scripts/ifdhcpc-done
Called by dhcpcd once dhcp configuration is complete; sets
up /etc/resolv.conf from the version dhcpcd dropped in
/etc/dhcpc/resolv.conf
9.6 File System Administration
1. Monitor Usage
o df – Report disk usage by file system.
o df -k # Show disk usage by file system in KB
o df -h # Show disk usage by file system in the largest unit possible
o
o du – Report disk usage.
o du /etc # Report the number of KB use in /etc and all of it’s subdirectories by file
o du -s /etc # Report the total number of KB used in /etc and all of it’s subdirectories
o du /etc sort -n -r # Display disk usage by directory in /etc and sort from largest to smallest
o du -a /etc sort -n -r # Same as before, only list each file and directory in the report
o
2. Cleanup Unused Files
tmpwatch – Ran by cron daily to clean out temporary directories (e.g. /tmp & /var/tmp). The default installation deletes all files older than 10 days.
3. File System Corruption
e2fsck must be ran on non-journaled file systems if they are not unmounted cleanly. This fixes any meta data that is not in the proper state.
e2fsck /dev/hda1

By default, the superblock is stored every 8192 blocks. If you have a corrupt superblock, this will cause e2fsck to fail unless you specify an alternate superblock to use:
e2fsck -b 8193 /dev/hda1

4. Journaled File Systems
o Journaled file systems write critical information about file system operations to a journal before actually modifying files. In the event of an unclean shutdown, the file system can be recovered more quickly by reading the journal instead of performing fsck.
o 3 Journaling Options available in ext3
1. data=ordered – This is the default mode. Only meta data is journaled.
2. data=journaled – Meta data and data are journaled.
3. data=writeback – Not as good as “data=ordered”, but allows for a quicker fsck than standard ext2.
o Converting from ext2 to ext3
Because of their close relation, it is fairly simple to upgrade from ext2 to ext3:
1. Modify file system type in /etc/fstab
2. Create the journal:
3. tune2fs -j /dev/hda1
4.
5. Verify that ext2 is either compiled into the kernel or create an initial ramdisk so it can be loaded as a module at boot time.
6. Verify that the file systems are indeed mounted as ext3 by checking /proc/mounts.
5. Monitor Permissions
o Keep a close watch on SUID and SGID files:
o find / -perm +6000 # Find all files that are either setuid or setgid
o find / -perm -2000 -o -perm -4000 # Same thing
o
o Find files that don’t have an owner or a group:
o find / -nouser -o -nogroup
o
o Find all files and directories that are world writable:
o find / ( -type f -o -type d ) -a -perm -0002
o find / ( -type f -o -type d ) -a -perm -2 # Same thing as above
o
o Tripwire
1. Provides a fingerprint from critical files.
2. Tripwire can monitor all of the following:
* File Size
* atime (Last Access Time)
* mtime (Last Modification Time)
* ctime (Timestamp on Inode)
* User
* Group
* Permissions
3. Configuration
* Edit twcfg.txt and twpol.txt in order to define the policy for your system.
* Run /etc/tripwire/twinstall.sh
* Execute tripwire –init to create the initial database (stored in /var/lib/tripwire/.twd).
* To check the system against the database, run tripwire –check
* To view an integrity check report, run twprint -m -r –twrfile
* To update the tripwire database according to the previously ran report, run tripwire –update –twrfile
9.7 System Logging
klogd handles kernel messages and syslogd handles messages sent from other sources such as system daemons.
1. Configuration
o /etc/syslog.conf – Primary Configuration file.
o Standard RH configuration creates these log files:
1. /var/log/secure – Logs authentication messages (e.g. xinetd services, failed ssh logins).
2. /var/log/xferlog – Logs FTP transactions.
3. /var/log/maillog – Logs mail transactions (SMTP, POP3, IMAP, etc.)
4. /var/log/messages – Logs most other system messages. This information usually includes:
* Date and time of the message logged.
* Name of the program or daemon that wrote the message.
* The action or event that occurred.
* The name of the host that this occurred on.
o /etc/syslog.conf – Primary Configuration file.
1. Format
2. # There must be at least one TAB separating the two entries below:
3. facility.priority log location
4.
5. Facilities
1. authpriv – Security & authorization messages
2. cron – clock daemons such as crond and atd
3. daemon – other daemon messages
4. kern – Kernel messages
5. lpr – Printing related messages
6. mail – Mail system messages
7. news – News system mesages
8. syslog – Syslog messages
9. user – Generic user level messages
10. local[0-7]- Facilities reserved for local use
6. Priorities
0. debug – Debugging information
1. info – Informational messages
2. notice – A normal condition occurred that should be noticed
3. warning – Warning messages
4. err – An error occurred
5. crit – A critical error occurred
6. alert – An error occurred that requires immediate attention
7. emerg – Usually indicates a service (or the system) is no longer available
7. Example Configuration
8. mail.info /var/log/mail # Log all mail messages of priority info or greater
9. daemon.=emerg /var/log/emerg # Log all daemon messages with a priority of emergency
10. lpr.=!notice /var/log/lpr # Log all lpr messages where the priority isn’t of notice level
11.
2. Log Rotation
o Log rotation is handled by /usr/sbin/logrotate which is part of the logrotate package.
o logrotate is executed daily by cron to check if any logs need rotating.
o Basic setup and log rotation of the default system logs are configured in /etc/logrotate.conf.
o Additional, package related, log rotation scripts are placed in /etc/logrotate.d.
3. Logwatch
o Runs daily.
o Primary configuration file is /etc/log.d/conf/logwatch.conf.
o Creates a daily report that is e-mail to the user specified (root by default).
4. Other System Logging
o /var/run/utmp – This file must always exist. It contains information about currently running processes. Used by many system utilities (e.g. who, w). You can prevent users from viewing who else is on the machine by removing permissions to this file.
o /var/log/wtmp – This file stores information about logins and logouts. It is used by init and login. To view information in this file, use the last command.
5. Process Control
o Nice Value – Affects the priority of a job. Can be altered using nice/renice commands.
1. nice – Can be used when launching a process to alter it’s priority.
2. renice – Can be used on existing processes to alter their priority.
3. Examples:
4. nice +10 find / -name xyz # Give find command a lower priority than normal
5. renice -10 `pidof X` # Give X server a higher priority
6.
o Jobs – Jobs excuted at the shell prompt normally run in the foreground. This prevents you from executing other commands from the same shell until the command returns. You can force jobs to run in the background by placing an “&” after the command.
Background jobs will not be terminated when a user logs out. However, any output from a background process that has not been redirected will be lost.
tar zxvf linux-2.2.20.tar.gz &
tar zxvf linux-2.2.20-ow2.tar.gz &
top

The two ‘tar’ commands will execute in the background and ‘top’ will be executed in the foreground.
Job Control Commands:
1. fg – Bring a specified background job into the foreground.
2. fg %1 # Bring background job number 1 into the foreground
3.
4. bg – Start a stopped background job.
5. bg %7 # Causes background job number 7 to resume execution
6.
7. jobs – List background jobs.
8. kill – You can also use job numbers with the kill command instead of process ids.
9. kill %4 # Kill background job number 4
10.
9.8 Creating a Swap File
If you don’t have a partition free to allocate additional swap space, you can create a swapfile on an existing file system.
The following example creates and enables a 16 MB swapfile called /var/swapfile:
dd if=/dev/zero of=/var/swapfile bs=1024 count=16384
mkswap /var/swapfile
swapon /var/swapfile

Download the Ensurepass Latest 2013 RHCE EX300 Practise Test PDF to pass RHCE EX300 exam.

Comments are closed.