Linux Administration Odds and Ends Logs and Cron
Logging System daemons, the kernel, and various utilities and services all emit data that is logged and eventually ends up on your finite-sized disks. Most of that data has a limited useful life and needs to be summarized, compressed, archived, and eventually thrown away. Access and audit data may need to be managed closely according to regulatory retention rules or site security policies.
Logging Plenty of applications, network daemons, startup scripts, and other vigilantes still write to their own ad hoc log files. This lawlessness has resulted in a complement of logs that varies significantly among flavors of UNIX and even among Linux distributions. Since most logs are text files, they can be viewed or parsed with standard tools such as cat, grep, tail, and Perl. Most modern systems also include log management tools that rotate, compress, and monitor log files on a daily or weekly basis
Logging Linux packages send their logging information to files in the /var/log directory. Log files are generally owned by root, although conventions for the ownership and mode of log files vary. we like to keep a separate partition for the noisiest and busiest log files. On Linux systems, /var or /var/log is a good choice
Logs
Files not to manage wtmp (sometimes wtmpx) contains a record of users’ logins and logouts as well as entries that record when the system was rebooted or shut down. It’s a fairly generic log file in that new entries are simply added to the end of the file. However, the wtmp file is maintained in a binary format. Use the last command to decode the information
Logs The kernel’s ongoing logging is handled by a daemon called klogd. The functions of klogd are actually a superset of those of dmesg; They are typically sent to /var/log/messages or /var/log/syslog.
LOGROTATE: MANAGE LOG FILES A logrotate configuration file consists of a series of specifications for groups oflog files to be managed. logrotate is normally run out of cron once a day. Its standard configuration file is /etc/logrotate.conf
Cron Cron daemon – controls periodic processes in the Linux system Reads one or more configuration files containing lists of command lines and times they are to run. crontab aka “cron table” – cron configuration file Cron wakes and sleeps every minute to check all configuration files, reloads any files that have changed, and executes any that are scheduled.
Cron locations Each user in the system can store their own cron file in /var/spool/cron System maintenance files located /etc/cron.d and /etc/crontab Generally /etc/crontab is the file sys admins change by hand /etc/cron.d is the location software packages can install crontab entires
Cron File Format # designates comments minute hour day month weekday [username] command First 6 fields separated by whitespace Username found only in /etc/crontab and /etc/cron.d
Cron details Each of the time-related fields may contain: A star, which matches everything A single integer, which matches exactly Two integers separated by a dash, matching a range of values A range followed by a slash and a step value, e.g., 1-10/2 (Linux only) A comma-separated list of integers or ranges, matching any value
Cron Examples 45 10 * * 1-5 Means to run every Monday through Friday at 10:45am 55 23 * * 0-3, 6 /staff/trent/bin/checkservers Means to run checkservers command everday at 11:55pm except Thursdays and Fridays 0 0 * * * /some/path/to/a/file.php > $HOME/`date +\%Y\%m\%d\%H\%M\%S`-cron.log 2>&1
Crontab Management crontab filename installs filename as your crontab replacing any previous version. crontab arguments: e checks out a copy of your crontab for editing l lists crontab contents r removes crontab u username (used by root to edit or view a users crontab file) /etc/cron.allow and /etc/cron.deny If netiher file exists only root can submit crontabs
Common Uses for Cron Why would this be useful? Automated system backups Automated cleaning of tmp files or log files Automated system usage reports Automated reports of failed logins
Review
Setup YUM Repo (server) yum install createrepo Mount the local media like CD, DVD, USB stick or ISO image that contains CentOS 7 / RHEL 7 / SL 7 / OL 7 to your PC. [root@localhost ~]# cd / [root@localhost /]# mkdir localrepo [root@localhost /]# cp -rv /media/* /localrepo/ (copy repos from disk image) [root@localhost ~]# rm -rf /etc/yum.repos.d/* (this removes online repo)
Setup YUM Repo cont’d [root@localhost ~]# vim /etc/yum.repos.d/local.repo (add the following below to the local.repo file) [centos7] name=centos7 baseurl=file:///localrepo/ enabled=1 gpgcheck=0
Setup YUM Repo cont’d [root@localhost ~]# createrepo /localrepo/ [root@localhost ~]# yum clean all [root@localhost ~]# yum repolist all [root@localhost ~]# yum update
Setup YUM client vi /etc/yum.repos.d/localrepo.repo add the following contents: [localrepo] name=Your Repository baseurl=ftp://192.168.1.101/pub/localrepo gpgcheck=0 enabled=1
Setup YUM client cont’d Now, list out the repositories using the following command: yum repolist Clean the Yum cache and update the repository lists: yum clean all yum update Disable or rename the existing repositories if you only want to install packages from the server local repository itself. Alternatively, you can install packages from the local repository by mentioning the repository as shown below. yum install --disablerepo="*" --enablerepo="localrepo" httpd
The Network File System Chapter 18 The Network File System
NFS NFS – not a video game! The Network File System (NFS) is a network protocol which allows one machine to access files stored on a second system.
NFS An NFS server system exports certain directory hierarchies from its local disc partitions. An NFS client system can then mount directories from that hierarchy as if they were filesystems stored on local disc. This requires a certain amount of cooperation between the two systems which are involved. An NFS client system inherits file ownerships and permissions from its server. If a particular user needs to access files on an NFS server, the UID and GID information for that user needs to be consistent on the two machines.
NFS NFS is designed to work across many different types of platforms. It is possible to export a directory from one type of Linux system and mount it on a second machine which is running an entirely different kind of Linux. Network filesystems should provide users with a seamless experience. Intended to be more or less transparent across networks.
NFS Daemons NFS client and server systems need to be running various system daemons before NFS will work reliably. NFS is an RPC based service, consequently the RPC portmapper must be running. They should also run the lockd and statd daemons for file locking to work reliably. File locking is used to guarantee exclusive access to a file.
Server Side NFS Running NFS sever on CentOS sudo service nfs start sudo service nfs status To add directories that the NFS server should allow others to mount over the network modify /etc/exports and then run /usr/sbin/exportfs -a
More on the exports file
And More
Server side NFS For example, the /etc/exports configuration /directory1 server.example.com(options) /directory2 192.168.1.0/24(options)
Client side NFS Before an NFS file system can be mounted, it must be properly exported on the server side. To verify that a server has properly exported its filesystems from the client’s perspective, use the client’s showmount command E.g. showmount –e <NFS server> Dash “e” tells the server to display its export list
Client Side NFS cont’ To mount filesystem: $ sudo mount -t nfs4 -o rw,hard,intr,bg host_name:mount location/ /(local mount point)
Client Side NFS cont’ You can check NFS mount with the df command You can also remove the mounted file system with the unmount –f command Add mounts that are part of a system’s permanent configuration in /etc/fstab automatically at boot time.
/etc/fstab The device name or other means of locating the partition or data source. The mount point, where the data is to be attached to the filesystem. The filesystem type, or the algorithm used to interpret the filesystem. Options, including if the filesystem should be mounted at boot. dump-freq adjusts the archiving schedule for the partition (used by dump). pass-num Controls the order in which fsck checks the device/partition for errors at boot time
nfsstat Dumps the output of statistics maintained by the nfs system Usage: nfsstat –[s/c] (s option is for server operations) (c is for client operations)
Dedicated NFS servers Stand alone hw that tends to be $$$ but has the following advantages: As storage requirements grow, they can scale smoothly to support terabytes of storage and hundreds of users. They are more reliable than stand-alone boxes thanks to their simplified software, redundant hardware, and use of disk mirroring. They usually provide file service for both Linux and Windows clients. Most even contain integrated web, FTP, and SFTP servers. They are often easier to administer than Linux file servers. They often include backup and checkpoint facilities that are superior to those found on vanilla Linux systems.
Important things we did not cover Email postfix sendmail procmail Sharing Network Files Kerberos LDAP NIS Hardening/Security http://web.nvd.nist.gov/view/ncp/repository