So you wanna be a Linux Systems Administrator?
Every now and again, I am asked to provide a bit of training for budding systems admins or people on the career path of becoming a qualified Linux Sysadmin or DevOps engineer (or at least the Ops part!). This slide deck can be used by yourself, but it is intended to be given in a classroom type environment. It includes a number of major areas that are significant need-to-know commands and ways to get around a Linux system. Each section is followed up by a number of practical sessions so that you can have your class try it out for themselves.
Top tip for the tutor: This has worked well for me with smaller classes (2-3 people). I ssh’d into an Ubuntu Server VM and ran tmux on it. I then asked each of the students to ssh in (as the same student user) and run ‘tmux attach’. That way they all shared the same terminal, and the tutor can also interact/see their terminals at the same time as running slides from their own laptop. I present the slides on a projector or TV.
The course outline includes:
- What is Linux, inc. very brief history.
- Distributions.
- The (Bourne again) shell.
- The UNIX filesystem.
- File-based commands/tools
- Bash builtin commands
- Redirection and Pipes
- User account management
- Permissions
- Disk tools
- Processes
- Networking
- Software Installation / Packages
- Logs / Log Management
NOTE: The following presentation is designed to be presented by a proficient presenter.
This slideshow could not be started. Try refreshing the page or viewing it in another browser.
Linux SysAdmin 101
A Beginners Guide to Administering A Linux Server
Who is this guide for?
- These slides are intended to be accompanied by a proficient presenter.
- Anyone interested in a career in being a Linux or Unix Professional
- Advancing your Linux skills from Desktop User to Power User
- People wanting to work more at the command line
- Learn commands that you might not be aware of
What is Linux?
For a quick overview of Linux itself, and its history, check out:
https://www.linuxnewbieguide.org
Briefly however, Linux is a UNIX based operating system made from the following core components:
- The Kernel
- The Shell (bash in the case of this tutorial)
- The basic GNU toolset
- And all the other apps, Firefox, ViM, etc.
Distributions
- There are a number of different flavours of Linux.
- Most of this differs by the way the system packages up software.
- The configuration between distributions can be slightly different.
- The most well known distributions are:
- Debian & Ubuntu
- Red Hat, CentOS and Fedora
- Other distributions like Linux Mint, openSuSE and elementary are often based on the above platforms.
The (Bourne Again) Shell
- Takes commands from the user
- Can be used as a scripting language (like a batch file)
- Can use regular expressions (eg A* matches anything starting with A).
- Regular expressions are covered in more advanced sessions.
The filesystem
Here’s an example. Everything starts at root ( / ):
/
|-- bin
| |-- bash
| |-- touch
|-- etc
| |-- service.conf
| `-- networking
| |-- eth0.conf
| `-- eth1.conf
|-- home
|-- var
File Tools
- cd (change directory, eg cd /home/ajross, cd ../.. )
- pwd (print working directory)
- ls (list directory, eg ls -l /home/ajross/Desktop)
- touch (create an empty file)
- tar (compress a file or directory, eg tar cvfpz file.tar *.txt)
- cat (show the contents of a file)
- less and more (shows a file page by page)
- cp (copy, eg cp file /home/ajross )
- mv (move or rename)
- mkdir (make a directory)
- rm (remove a file or files)
- rmdir (remove an empty directory)
Practical:
- Show the files in any directory
- Create an empty file called test.txt
- Show the contents of /etc/fstab and describe what it is you are seeing
- Rename test.txt to anothertest.txt
- Make a new folder called myfolder
- Move anothertest.txt to myfolder
File Tools (cont.)
- ln – symbolic link (eg ln -s /sourcefile /destination-alias-file)
- which (which version of a command will be executed), eg which -a vim
- whereis (based on path, gives the location of a file – eg whereis vim).
- whatis, file (what does a command do, file – what does the file do)
- find (eg find . -user ajross –max-depth=2)
- head, tail (show top and bottom of a file)
- join, split (eg join a.txt b.txt)
- sort (eg du -h /home | sort -h)
- du -h (show disk size utilisation, eg: du -h /home –max-depth=2)
- df -h (show how much space is free on a file system)
- uniq (eg: uniq files.txt or cat /var/log/error.log | uniq)
- wc, nl (word count, eg: cat /var/log/error.log | wc -l , nl foo.txt)
- grep (search for content inside a file, eg: grep -i foo /var/log/error.log)
- lsof (lists the open files on the system, eg lsof -n).
Practical:
- Find a file called sysctl.conf from the /etc folder
- Show the contents of a file a page at a time
- Show how much space the /var folder is taking up on the drive
- Explain what a symbolic link is
- Search the contents of /var/log/kern.log for the word usb
Bash builtins
- alias
- set / env (echo $PATH)
- exit / logout
- echo
- reboot / halt /shutdown / poweroff
- history (shows last commands executed)
- if, else, while etc..
Practical:
- Write the words “hello world” to the standard output.
- Show a list of the last commands executed.
Redirection and Pipes
- Standard output (stdout – 1):
- echo hello > myfile.txt
- echo there >> myfile.txt
- Standard Input (stdin):
- cat < myfile.txt > anotherfile.txt
- Standard Error (stderr – 2):
- if you do ls /crapola, you get an error (directory doesn’t exist)
- ls /crapola 2> out.txt (redirects the error to a file called out.txt)
- If you want standard out & standard error: stderr (2) outputs combined with (and &) stdout (1).
- ls /crapola > out.txt 2>&1
Redirection and Pipes (cont.)
- Pipe
- Puts the output of one command into the input of another. Very handy.
- Tee allows you to put the output to a file and the screen
Practical:
- Show the number of words in /var/log/kern.log by using a pipe
- Put the output of ls /var into a text file called ls.txt
- Append the output of ls /var/log into the same file (ie, don’t delete the stuff that’s already there).
User Management
- The account ‘root’ is the system superuser.
- Lots of config & system files can only be edited/viewed by root.
- Permissions are the key to protecting files
- They dictate which users (and groups of users) can work on files.
- Local users are stored in /etc/passwd, with the password file in /etc/shadow
- Groups are stored in /etc/groups
- It is recommended you log into a server as a normal user, then escalate to root with sudo (or su).
- passwd (to change a password)
- useradd
- userdel
Practical:
- Look at the password, shadow and group files
- Try and edit the shadow file as a normal user
- Figure out why you can’t edit it.
- Change your password.
- Create a user and remove a user.
Permissions
- Explain permissions: users, groups, others, attributes
- chmod (change the permissions of the file, eg chmod u+x file.sh)
- chown (change the ownership of a file, eg: chown user file.sh)
- chgrp (change the group ownership of a file, eg: chgrp groupname file.sh)
- umask (default permissions for a folder)
- setuid (root) – use with care! chmod u+s or g+s file
- immutable / sticky (chmod +i, chmod +t)
Practical:
- Create a file called test.sh with touch.
- Change the permissions to user=read, write, execute, group and others, no permissions
- Change the ownership instead of yourself to be root. Try and access the file now.
- Change the ownership back to yourself and edit the file (nano test.sh)
- Add #!/bin/bash to the first line
- and echo hello world to the second line
- Run the script – ./test.sh
- Remove the executable bit and try and run the script again.
Disk Tools
-
- e2fsck (file system check)
- fdisk / cfdisk / parted (partition editing)
-
- mkfs (make a new filesystem)
- lvm, lvdisplay, lvextend.. etc
- File system mount list: /etc/fstab
Practical:
- View the current partition table.
- View the filesystems that will be mounted by Linux
Processes
- Processes are just apps that are running. Linux (like MacOS and Windows) is a multi-threaded operating system
- On a single CPU system, all apps are generally ‘sleeping’ apart from the one timesliced ‘running’ app.
- Processes can be backgrounded or foregrounded.
- You can send signals to processes like SIGHUP, SIGKILL and so forth
- To see processes, use the ps command (eg: ps aux, ps auxfwww for a tree).
- You can see the owner, the status, the resource and other things using ps
- You can see the most CPU intensive processes by using the ‘top’ command. Iostat, vmstat show iops and virt mem.
- You can kill processess with kill, pkill (eg: kill -9 12345, pkill apache2)
Processes (cont.)
- Process niceness alters the priority a process has overall on the system (eg, renice, nice)
- The /proc filesystem holds all of the information about every process in a raw format (eg cat /proc/12345/status)
- Use Ctrl+Z to stop a process, bg to background, fg to foreground, “command &” auto-backgrounds
- jobs shows your current backgrounded processes. fg %4 will foreground the 4th backgrounded command.
- Processes that run permanently are called services or daemons
- To start a service, you either use the ‘service’ or the ‘systemctl’ command. Old systems use /etc/init.d.
Practical:
- Start a process, eg, cat (which will do nothing).
- Background the process.
- Find the PID for the process. NB: Be smart about it and filter the ps output by searching just for cat!
- Kill the process using the PID you got.
- Restart/stop/start a service, say rsyslogd.
Networking & Networking Tools
-
- ifconfig / ip
- /etc/sysconfig/network (redhat) , /etc/networking (debian)
-
- arp, ping, traceroute, netstat
- dhclient, dhcpd, bind
- ssh, scp, sftp, rsync
- nfs, samba (SMB/CIFS)
- Apache, Python SimpleHTTPServer
Practical:
- Show the ip addresses of the machine
- Explain what the lo interface is
- Say how you would restart
Software Packages, Installation
- Installing software in Linux is actually pretty easy. Even easier than in Windows.
- Red Hat and Debian both maintain large software ‘repositories’.
- Debian based distributions use deb files (but use apt to install them)
- Red Hat based distributions use rpm (but are installed by either yum or dnf)
- .tar/.tar.gz can contain any files, but can often contain source code, which needs to be compiled.
- ./configure ; make ; make install
Practical:
- Install the package cowsay with apt
- Run cowsay
Logs
- /var/log
- Some nasty applications log where they like. Grr, eg: /opt/app/log
- syslog/rsyslog
- dmesg / kern.log
- auth.log, lastlog, last, w
Practical:
- Grep the auth.log for a phrase, eg login
- Find out how many lines the phrase exists in the file
- Analyse the file a line at a time to see issues
- Do the same for messages/syslog