Linux Administration Odds and Ends Cron, YUM repo, and DHCP
Cron Cron daemon – controls periodic processes in the Linux system Reads one or more configuration files containing lists of command lines and times they are to run. crontab aka “cron table” – cron configuration file Cron wakes and sleeps every minute to check all configuration files, reloads any files that have changed, and executes any that are scheduled.
Cron locations Each user in the system can store their own cron file in /var/spool/cron System maintenance files located /etc/cron.d and /etc/crontab Generally /etc/crontab is the file sys admins change by hand /etc/cron.d is the location software packages can install crontab entires
Cron File Format # designates comments minute hour day month weekday [username] command First 6 fields separated by whitespace Username found only in /etc/crontab and /etc/cron.d
Cron details Each of the time-related fields may contain: A star, which matches everything A single integer, which matches exactly Two integers separated by a dash, matching a range of values A range followed by a slash and a step value, e.g., 1-10/2 (Linux only) A comma-separated list of integers or ranges, matching any value
Cron Examples 45 10 * * 1-5 Means to run every Monday through Friday at 10:45am 55 23 * * 0-3, 6 /staff/trent/bin/checkservers Means to run checkservers command everday at 11:55pm except Thursdays and Fridays
Crontab Management crontab filename installs filename as your crontab replacing any previous version. crontab arguments: e checks out a copy of your crontab for editing l lists crontab contents r removes crontab u username (used by root to edit or view a users crontab file) /etc/cron.allow and /etc/cron.deny If netiher file exists only root can submit crontabs
Common Uses for Cron Why would this be useful? Automated system backups Automated cleaning of tmp files or log files Automated system usage reports Automated reports of failed logins
Setup YUM Repo Mount the local media like CD, DVD, USB stick or ISO image that contains CentOS 7 / RHEL 7 / SL 7 / OL 7 to your PC. [root@localhost ~]# cd / [root@localhost /]# mkdir localrepo [root@localhost /]# cp -rv /media/* /localrepo/ (copy repos from disk image) [root@techbrown ~]# rm -rf /etc/yum.repos.d/* (this removes online repo)
Setup YUM Repo cont’d [root@localhost ~]# vim /etc/yum.repos.d/local.repo (add the following below to the local.repo file) [centos7] name=centos7 baseurl=file:///localrepo/ enabled=1 gpgcheck=0
Setup YUM Repo cont’d [root@localhost ~]# createrepo /localrepo/ [root@localhost ~]# yum clean all [root@localhost ~]# yum repolist all [root@localhost ~]# yum update
The Network File System Chapter 18 The Network File System
NFS NFS – not a video game! The Network File System (NFS) is a network protocol which allows one machine to access files stored on a second system.
NFS An NFS server system exports certain directory hierarchies from its local disc partitions. An NFS client system can then mount directories from that hierarchy as if they were filesystems stored on local disc. This requires a certain amount of cooperation between the two systems which are involved. An NFS client system inherits file ownerships and permissions from its server. If a particular user needs to access files on an NFS server, the UID and GID information for that user needs to be consistent on the two machines.
NFS NFS is designed to work across many different types of platforms. It is possible to export a directory from one type of Linux system and mount it on a second machine which is running an entirely different kind of Linux. Network filesystems should provide users with a seamless experience. Intended to be more or less transparent across networks.
NFS Daemons NFS client and server systems need to be running various system daemons before NFS will work reliably. NFS is an RPC based service, consequently the RPC portmapper must be running. They should also run the lockd and statd daemons for file locking to work reliably. File locking is used to guarantee exclusive access to a file.
Server Side NFS Running NFS sever on CentOS sudo service nfs start sudo service nfs status To add directories that the NFS server should allow others to mount over the network modify /etc/exports and then run /usr/sbin/exportfs -a
More on the exports file
And More
Server side NFS For example, the /etc/exports configuration /directory1 server.example.com(options) /directory2 192.168.1.0/24(options)
Client side NFS Before an NFS file system can be mounted, it must be properly exported on the server side. To verify that a server has properly exported its filesystems from the client’s perspective, use the client’s showmount command E.g. showmount –e <NFS server> Dash “e” tells the server to display its export list
Client Side NFS cont’ To mount filesystem: $ sudo mount -t nfs4 -o rw,hard,intr,bg host_name:mount location/ /(local mount point)
Client Side NFS cont’ You can check NFS mount with the df command You can also remove the mounted file system with the unmount –f command Add mounts that are part of a system’s permanent configuration in /etc/fstab automatically at boot time.
/etc/fstab The device name or other means of locating the partition or data source. The mount point, where the data is to be attached to the filesystem. The filesystem type, or the algorithm used to interpret the filesystem. Options, including if the filesystem should be mounted at boot. dump-freq adjusts the archiving schedule for the partition (used by dump). pass-num Controls the order in which fsck checks the device/partition for errors at boot time
nfsstat Dumps the output of statistics maintained by the nfs system Usage: nfsstat –[s/c] (s option is for server operations) (c is for client operations)
Dedicated NFS servers Stand alone hw that tends to be $$$ but has the following advantages: As storage requirements grow, they can scale smoothly to support terabytes of storage and hundreds of users. They are more reliable than stand-alone boxes thanks to their simplified software, redundant hardware, and use of disk mirroring. They usually provide file service for both Linux and Windows clients. Most even contain integrated web, FTP, and SFTP servers. They are often easier to administer than Linux file servers. They often include backup and checkpoint facilities that are superior to those found on vanilla Linux systems.
Automatic Mounting Configuring /etc/fstab for many hosts in a large system is tedious Many clients trying to access a NFS server can cause problems if the server crashes Automount daemon to mount filesystems when they are referenced and to unmount them when they are no longer being used.
Automatic Mounting cont’ Also limit the number of mount points Transparent to the user Automount understands three different kinds of configuration files. (referred to as “maps”): direct maps, indirect maps, and master maps Direct and indirect maps provide information about the filesystems to be automounted. A master map lists the direct and indirect maps that automount should pay attention to.
Automount cont’ The default master map file is /etc/auto.master (example below) # Directory Map /harp /etc/auto.harp /- /etc/auto.direct
Important things we did not cover Email postfix sendmail procmail Sharing Network Files Kerberos LDAP NIS Hardening/Security http://web.nvd.nist.gov/view/ncp/repository