Common UNIX administration tasks - PowerPoint PPT Presentation

1 / 40

About This Presentation

Title:

Common UNIX administration tasks

Description:

Used for creating mirror images of disks at a low level. 8. dump / ufsdump ... weekday (0, Sunday 6, Saturday) username. Command. 16 ...Cron (unix)... Example ... – PowerPoint PPT presentation

Number of Views:107

Avg rating:3.0/5.0

Slides: 41

Provided by: comp55

Category:

more less

Transcript and Presenter's Notes

Title: Common UNIX administration tasks

1
Common UNIX administration tasks
2
Backups

The correct management of backup policy is
possibly the most important role of a systems
administrator
It serves to provide
Archives of data and state, roll-back, comparison
Disaster recovery plan
System replication mechanism
Software deployment mechanism

28/09/2009
2
3
Backup Restore

Traditionally backup is to tape devices for
reasons of capacity and reliability
Backup may be to any other device depending on
factors such as
Capacity
Speed
Reliability
Facility
Cost
Cost

28/09/2009
3
4
tar

Oldest UNIX backup method, runs on all UNIX
variants
Supports appending of files to the end of the
tape
Very slow, not really suitable for full system
backups

28/09/2009
4
5
tar

To create an archive with everything in the
current directory (onto the device /dev/rmt/0m)
tar cvf /dev/rmt/0m .
To extract all file from the archive
tar xvf /dev/rmt/0m
To extract named files from an archive called
archive.tar
tar --extract --filearchive.tar myfile
To list the contents of an archive
tar --list --verbose --file/dev/rmt/0m

28/09/2009
5
6
cpio

Much faster than tar
Good for replicating directory trees
Supports incremental backup
Copy all files in the current directory and put
them into the file called archive
find . cpio o F archive
Extract files from the file called archive
cpio i F archive

28/09/2009
6
7
dd

Bit-for-bit copy
Does not copy files and ownerships, just copies
bits
Cannot select files and directories from a dd
tape
Used for creating mirror images of disks at a low
level

28/09/2009
7
8
dump / ufsdump

Used for creating full or incremental backups
Can specify levels for dumping which specify the
type of incremental backup
Level 0 full backup
Level 1 all files changed since last level 0
dump
Level 2 all files changed since last level 1
dump
Etc.

28/09/2009
8
9
Backup Types

Full
Backup everything on the system
Incremental
Backup only those files that have changed since
the last full backup
Differential
Backup only those files that have changed since
the last backup

28/09/2009
9
10
Grand Father - Father - Son Backup Scheme

Perform an initial Full System Backup
Perform daily backups, Monday, Tuesday,
Wednesday, Thursdayreuse these tapes each week
Perform weekly backups Friday1, Friday2,
Friday3reuse these tapes each month
Perform monthly backups Month1, Month2 etc.

28/09/2009
10
11
Grand Father - Father - Son Backup Scheme

Files can be restored to within 1 day, for files
archived within the last week
Files can be restored to within 1 week for files
archived within last month
Files can be restored to within 1 month for files
archived within last year

28/09/2009
11
12
Scheduling Backups

Cron is the UNIX scheduling daemon
The windows environment includes the Scheduler
service which can be accessed using the At command

28/09/2009
12
13
Cron (unix)

Depending on the system configuration, users may
schedule tasks to occur at specific times on a
UNIX system
The cron service searches the /var/spool/cron
directory for cron files
Cron files are named after usernames in
/etc/passwd
Files specify the time and the command to perform

28/09/2009
13
14
Cron (unix)

The cron service wakes up every minute and
examines all the cron files
Within each file it examines each line to
ascertain if a command needs to be executed
When the command is executed, any output is
mailed to the user who owns the file or the
username (if any) specified in the command

28/09/2009
14
15
Cron (unix)

Format of the crontab files
minute (0-59)
hour (0-23)
monthday (1-31)
month (1-12)
weekday (0, Sunday 6, Saturday)
username
Command

28/09/2009
15
16
Cron (unix)

Example
ls l /etc gt /home/rbradley/etclist.txt
0 2 6 full-backup
15 12 1-5 incremental-backup
0 3 0 find / -name core atime 7 gt /corelist
0,20,40 0,6 who gtgt /home/rbradley/wholog
0,10,20,30,40,50 1-5 w gtgt
/home/rbradley/wholog

28/09/2009
16
17
Cron (unix)

edited with crontab e
displayed with crontab l
deleted with crontab -r

28/09/2009
17
18
At (unix)

Used for single command execution at 900pm
atgt find / -name core exec rm \

28/09/2009
18
19
At (windows)

at \\computername time /interactive
/everydate,... /nextdate,... command
at 1527 wholog.bat
at 1700 /nextF collectCSAA.bat
at 0300 /everyM,T,W,Th incBackup.bat
at 0300 /everyF fullBackup.bat

28/09/2009
19
20
NFS

Network File System

21
Network File Systems

Network file systems allow us to share files
between users on different systems, often with
different operating systems
The Windows operating systems use CIFS (SMB)
network file system as implemented by the Samba
package on UNIX systems

22
NFS Service Profile

Type System-V managed service
Package nfs-utils
Daemons nfsd, lockd, rpciod, rpc.mountd
rpc.rquotad, rpc.statd
Scripts nfs, nfslock
Ports assigned by portmap (111)
Configuration /etc/exports

23
Packaging for Unix/Linux

Different packaging approaches
Solaris Pkg (pkginfo, pkgadd, pkgmake)
Linux rpm / rpmbuild
Uses digital signatures
Overall objectives and approaches are similar
Packages are created

24
NFS (Network File System)

Developed by Sun Microsystems
Uses the RPC (remote procedure call) service
Requires portmap
Directories shared through the /etc/exports file
Directories mounted through the mount command

25
NFS Server Components

portmap maps calls from other machines to the
correct RPC service
nfs kernel module translates NFS requests into
local file system requests
rpc,mountd file client used to mount and unmount
remote file systems

26
/etc/exports examples

/var/ftp/pub .dit.ie(ro,sync)
.comp.dit.ie(rw,sync)
/root/presentations rbradley.dit.ie(rw,sync)
/data 147.252.230.230(sync)
Note that whitespace makes a difference
server(options) applies the options to that
server
server1 (options) applies the options to
everything apart from the server

27
/etc/exports

Exported with root-squashing turned on, this
ensures that requests from the root user on a
client machine are denied root access to
root-owned files on a server machine
Such requests are mapped onto a uid such as 65534
Can be prevented with the no_root_squash option,
but this is not recommended

28
/etc/exports examples

More examples
/usr/local 192.168.0.1(ro) 192.168.0.2(ro)
/home 192.168.0.1(rw) 192.168.0.2(rw,
no_root_squash)
Also allow access to sets of computers
/usr/local 192.168.0.0/255.255.255.0(ro)
/home 192.168.0.0/255.255.255.0(rw)

29
Controlling access

Most services (anything controlled by inetd and
also nfs) support access control with
/etc/hosts.allow, /etc/hosts.deny
Format of files isservice name host or
network/netmask, host or network/netmask
E.g
portmap 192.168.0.1 , 192.168.0.2
mountd 192.168.0.1 , 192.168.0.2
All all

30
Controlling access

Any service using this approach will follow the
process
Check in hosts.allow if the requesting server is
in this file, allow the access and finish
Now check in hosts.deny, if the requesting server
is not in this file, allow the access and finish.
Allow access
For nfs, to allow/deny access ALL the services
need to be included in the file.
portmap, lockd, mountd, rquotad, statd

31
NFS Client

Client side NFS implemented as a kernel module
/etc/fstab used to specify network mounts.
NFS shares are mounted at boot time by
/etc/rc.d/init.d/netfs

32
NFS Client

Shares can be mounted manually by root, or
automatically at boot time.
The default /etc/fstab nfs entries in UML
Device mountpoint type options dump
fsckorder
/dev/ubd/0 / ext2 defaults
1 1
/proc /proc proc defaults
/dev/ubd/1 none swap sw
/etc/fstab nfs entry
Device mountpoint type options dump
fsckorder
Server1/var/ftp/pub /mnt/pub nfs defaults 0 0

33
NFS Mount Options

Options include
rsize8192 and wsize8192 will speed up transfers
considerably
soft processes return with an error on a failed
I/O attempt
hard will block a process that tries to access
an unreachable share.
nolock disables file locking and allows inter
operation with older NFS servers
nosuid stops suid enabled programmes executing
from the mounted file system.
noexec stops all programmes executing from the
mounted file system.
ro read only mount point

34
NFS autofs

autofs provides the ability to mount NFS shares
on demand and to unmount them when they are idle
autofs uses the files /etc/auto.master and
/etc/auto.misc for configuration
autofs is a kernel service, but must be enabled
by configuring autofs to run in the appropriate
run levels

35
NFS Services

exportfs r refreshes the servers share list
after modifying /etc/exports
-v displays a list of the shared directories and
options on a server
-a exports all shares listed in the /etc/exports
or a share named as an argument
-u unexports the share named as an argument or
all shares with no argument and a a
-e host shows the available shares on host

36
Trouble shooting nfs

Unable to see a mounted file system
cat /proc/mounts
mount f
Permission denied on mount attempt
Check that the fstab entry and exports have the
same access (i.e. ro, rw etc)
Check you havent attempted to export both a
parent and a child
i.e. /usr and /usr/local cant be both exported.

37
Trouble shooting nfs II

RPC Program not registered
On the server, use ps or rpcinfo p to check that
portmapper, nfs and mountd are running
On the client, use rpcinfo p server to check
that it can see the services
If the client gets No Remote programs registered,
check hosts.allow and hosts.deny

38
Trouble shooting nfs III

Permissions arent right
/export/dir hostname(rw,no_root_squash)
/export/dir hostname (rw,no_root_squash)
These statements arent the same. White space in
the second will mean that everybody apart from
hostname will get the privileges in the ().

39
NFS optimisation