Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hp education services education.hp.com hp education services education.hp.com 1 HP World/Interex 2002 Linux System Maintenance Basics Chris Cooper (734)

Published bySheila Henry Modified over 9 years ago

Similar presentations

Presentation on theme: "Hp education services education.hp.com hp education services education.hp.com 1 HP World/Interex 2002 Linux System Maintenance Basics Chris Cooper (734)"— Presentation transcript:

1 hp education services education.hp.com hp education services education.hp.com 1 HP World/Interex 2002 Linux System Maintenance Basics Chris Cooper (734) 805-2172 chris_cooper@hp.com George Vish II (404) 648-6403 george_vish@hp.com

2 hp education services education.hp.com hp education services education.hp.com 2 Software Package Management RPM and DPKG Version A.00 U2794S Module 12 Slides

3 © 2002 Hewlett-Packard Company U2794S A.00 3 The Software Package Concept Steps for loading software: Manually load and relocate files and directories. Extract file structure from an archive. Relocate and configure files by hand. Run any provided scripts or utilities. Configure start-up scripts. OR Use a package manager to install the software.

4 © 2002 Hewlett-Packard Company U2794S A.00 4 Of Packages and Kings Package management is a method for storing a set of related files and directories in a single archive file, along with installation scripts. When the “package” is installed, its files will be relocated on the target system, the scripts run. There have been several package managers developed to date: RedHat Package Manager Debian Package Manager Slackware Package Manager Stampede Package Manager

5 © 2002 Hewlett-Packard Company U2794S A.00 5 Package Management The role of the package manager is to provide a consistent means to work with packaged software. Packages can be created as either a binary or a source package. The key actions of a package manager are to: Install Remove Upgrade | Freshen Query | List Verify Build The above actions must be performed while dealing with package-to-package dependencies, hardware, disk space, and security requirements. Once packaged, software can easily be transported and loaded onto target systems.

6 © 2002 Hewlett-Packard Company U2794S A.00 6 Install and Remove Install — Load a new package: # rpm -i name.version-release.architecture.rpm name name of software package version software version number, such as 2.1.13 or 1.0 release package release number architecture defines the hardware platform on which the bits will function Upgrade, Update an existing, or install a new package: # rpm -U name.version-release.architecture.rpm Freshen, Update an existing package only: # rpm -F name.version-release.architecture.rpm Remove, Remove an installed package: # rpm -e name

7 © 2002 Hewlett-Packard Company U2794S A.00 7 Query and Verify Query — list the packages currently present on the system: # rpm -qi Verify — examine the current status of installed packages and compare them to the original installation # rpm -V

8 © 2002 Hewlett-Packard Company U2794S A.00 8 Rebuilding a Package Binary packages can be rebuilt from source packages. The following command builds a new binary package, and stores it in the /usr/src/redhat/RPMS/i386/ directory: # rpm --rebuild name.version-release.architecture.src.rpm The following command will compile the code, and install the named package: # rpm --recompile name.version-release.architecture.src.rpm

9 © 2002 Hewlett-Packard Company U2794S A.00 9 Additional Tools and Utilities GnoRPM AutoROM Glitter Apt Gnome Apt Kpackage Alien

10 © 2002 Hewlett-Packard Company U2794S A.00 10 Debian Equivalent Commands dpkg rpm The rpm command line # rpm -i name.rpm # rpm -U name.rpm # rpm -e name.rpm # rpm -qi name.rpm # rpm -i name.src.rpm # rpm -bb The dpkg command line # dpkg -i name.deb # dpkg -r name.deb # dpkg -print-avail name.deb # dpkg-source -x name.dsc # dpkg-deb -b \ --build

11 hp education services education.hp.com hp education services education.hp.com 11 Securing Your Linux System Version A.00 U2794S Module 19 Slides

12 © 2002 Hewlett-Packard Company U2794S A.00 12 Pluggable Authentication Modules PAM is a set of library programs used to authenticate users. It provides for: –Authentication, such as asking for a password –Account checking — account is still valid, login time ok... –Password setting and changing –Session checking when user is authenticated –Are certain actions allowed for this user? Functions are implemented using library modules. –Can be stacked PAMs are controlled and configured for individual programs through the /etc/pam.d configuration directory. –Every controlled service is identified by a file. The file name is the program name.

13 © 2002 Hewlett-Packard Company U2794S A.00 13 PAM Service File A PAM service file contains configuration information for a restricted service. The file contains three fields. In some files, you may find a fourth field for optional arguments. The fields are: – Module type – Control flag – Module path – Arguments

14 © 2002 Hewlett-Packard Company U2794S A.00 14 Module Type The PAM standard defines four types of modules: –The auth type is establishes that users are who they claim to be. –The account type checks to see if a user is allowed to use a service. –The password type updates authentication tokens. –The session type performs certain actions when the user logs in or logs out.

15 © 2002 Hewlett-Packard Company U2794S A.00 15 Control Flag Requisite: if a service returns a failure, no other modules will be evaluated. Required: if a particular module fails, other modules of the same type will still execute. Sufficient: if no other module of this type has failed, then the success of the module is sufficient to guarantee that security requirements have been met. Optional: PAM ignores the module failure and continues processing the next module in sequence.

16 © 2002 Hewlett-Packard Company U2794S A.00 16 Module Path The compiled-in modules are located in the /lib/security directory. Modules interface with the file or device that gives the SUCCESS, FAILURE, or ignore to authentication. PAM then passes either SUCCESS or FAILURE to the service requesting the information. Modules can be stacked, requiring more than one type of authentication, or allowing any of several types.

17 © 2002 Hewlett-Packard Company U2794S A.00 17 Optional Arguments Some modules can receive specific options. It is up to the module to parse and interpret the options. This field can be used by the module to turn on debugging or to pass any module-specific parameters, such as a timeout value. System administrators can use the option field to fine tune the PAM modules.

18 © 2002 Hewlett-Packard Company U2794S A.00 18 Examples Example 1: Blocking Anyone to su to root except members of wheel Add the following two lines to the top of the su file: auth sufficient /lib/security/pam_wheel.so trust use_uid auth required /lib/security/pam_wheel.so use_uid Example 2: Setting Linux System Resource Limits Add the following line to the bottom of the login file and then edit the /etc/security/limits.conf file: session required /lib/security/pam_limits.so

19 © 2002 Hewlett-Packard Company U2794S A.00 19 TCP Wrappers Provides protection around TCP/IP service’s access control logging xinetd | inetd IP stack direct tcpwrappers /etc/hosts. allow DeniedAllowed logging ?

20 © 2002 Hewlett-Packard Company U2794S A.00 20 Linux’s ipchains - iptables IPCHAINS operation: Input Chain Routing Decision Forward Chain Output Chain Demasquerade Accept Deny/ Reject Local Process Using lo interface Accept/ Redirect Incoming traffic Checksum ok ? Deny Further checks Deny

21 hp education services education.hp.com hp education services education.hp.com 21 Recovering a Non-Bootable Linux System Version A.00 U2794S Module 20 Slides

22 © 2002 Hewlett-Packard Company U2794S A.00 22 Normal Boot Process... sbin boot etc / hda3 hda2 SWAP hda1 / vmlinuz Logical File/Disk Structure after boot hda1 / vmlinuz hda3... sbin boot etc / Physical File/Disk Structure

23 © 2002 Hewlett-Packard Company U2794S A.00 23 Kernel Corrupt or Missing The kernel is usually named /boot/vmlinuz (compressed). –If the kernel is uncompressed, its name is /boot/vmlinux. If the kernel is deleted by accident, boot from the rescue floppy created at installation time. After boot, mount /boot to a temporary location. # mount /dev/hda2 /mnt/broken_boot_fs Copy the kernel from the rescue floppy to /boot/vmlinuz (or other appropriate kernel name). Reboot with the restored kernel. Configure and recompile a new kernel, if necessary.

24 © 2002 Hewlett-Packard Company U2794S A.00 24 Third-Party Rescue Disks The rescue floppy won’t work if important parts of the system (like /etc or /usr ) are damaged. For more extensive repairs, you need a “tiny Linux distribution” that is customized for this purpose. These “repair kits” come with tools like fsck and network support. Examples: –MuLinux –Trinux – Tom’s Root Boot Some recent distributions provide “rescue disk” capabilities on their installation CD (ie. Red Hat 7.2)

25 © 2002 Hewlett-Packard Company U2794S A.00 25 Back Up Your Data! Backups are critical for the operation of your system, because of: –user error, administrative errors, hardware failure, software failure, destructive break-ins, theft, disaster, and archival needs. Backup: –user files, log files, important system directories, your RPM database Use consistent backup strategy: –Weekly or monthly full backup –Daily partial backup cycle Very common to use tar –Commercial products are available

26 © 2002 Hewlett-Packard Company U2794S A.00 26 Backup Strategies for /boot Backups are important! –Use reliable and supported media. –Schedule backups regularly and DO THEM! Backing up with tar: # tar --create --file /dev/st0 /usr/boot or # tar -cf /dev/st0 /usr/boot # tar -cMf /dev/fd0H1440 /usr/boot (for multiple floppy disk volumes) # tar --compare --verbose -f /dev/st0 /dev/boot or tar -cvf /dev/st0 /dev/boot (to compare the backup against the original data)

27 © 2002 Hewlett-Packard Company U2794S A.00 27 Restoring Files with tar Extract files from a tar backup archive: # tar --extract --same-permissions --verbose --file /dev/st0 or # tar -xpvf /dev/st0 List files in an archive: # tar --list --file /dev/st0 or # tar -lf /dev/st0 Extract specific files from an archive: # tar xpvf /dev/st0 \ usr/src/linux-1.2.10-includes/include/linux/hdreg.h \ usr/src/linux-1.2.10-includes/include/linux/hdreg.h

Download ppt "Hp education services education.hp.com hp education services education.hp.com 1 HP World/Interex 2002 Linux System Maintenance Basics Chris Cooper (734)"

Similar presentations

Va-scanCopyright 2002, Marchany Unit 8 – Solaris File Systems Randy Marchany VA Tech Computing Center.

Va-scanCopyright 2002, Marchany Unit 8 – Solaris File Systems Randy Marchany VA Tech Computing Center.
Lectures on File Management

Lectures on File Management
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
2000 Copyrights, Danielle S. Lahmani UNIX Tools G22.2245-001, Fall 2000 Danielle S. Lahmani Lecture 12.

2000 Copyrights, Danielle S. Lahmani UNIX Tools G , Fall 2000 Danielle S. Lahmani Lecture 12.
Software installation Chapter 7. Software installation Numerous software options Usually free Open source Several sources Installation CD Websites sourceforge.net.

Software installation Chapter 7. Software installation Numerous software options Usually free Open source Several sources Installation CD Websites sourceforge.net.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 12: Managing and Implementing Backups and Disaster Recovery.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Lesson 18: Configuring Application Restriction Policies

Lesson 18: Configuring Application Restriction Policies
Linux+ Guide to Linux Certification Chapter 12 Compression, System Backup, and Software Installation.

Linux+ Guide to Linux Certification Chapter 12 Compression, System Backup, and Software Installation.
CCNA 2 v3.1 Module 2.

CCNA 2 v3.1 Module 2.
Linux+ Guide to Linux Certification, Third Edition Chapter 11 Compression, System Backup, and Software Installation.

Linux+ Guide to Linux Certification, Third Edition Chapter 11 Compression, System Backup, and Software Installation.
®® Microsoft Windows 7 for Power Users Tutorial 10 Backing Up and Restoring Files.

®® Microsoft Windows 7 for Power Users Tutorial 10 Backing Up and Restoring Files.
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Guide to Linux Installation and Administration, 2e1 Chapter 13 Backing Up System Data.

Guide to Linux Installation and Administration, 2e1 Chapter 13 Backing Up System Data.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 12: Managing and Implementing Backups and Disaster Recovery.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.
1 Objectives Discuss the Windows Printer Model and how it is implemented in Windows Server 2008 Install the Print Services components of Windows Server.

1 Objectives Discuss the Windows Printer Model and how it is implemented in Windows Server 2008 Install the Print Services components of Windows Server.
Installing Windows Vista Lesson 2. Skills Matrix Technology SkillObjective DomainObjective # Performing a Clean Installation Set up Windows Vista as the.

Installing Windows Vista Lesson 2. Skills Matrix Technology SkillObjective DomainObjective # Performing a Clean Installation Set up Windows Vista as the.
Chapter 11 Compression, System Backup, and Software Installation.

Chapter 11 Compression, System Backup, and Software Installation.
Managing Software using RPM. ♦ Overview In Linux, Red Hat Package Manager referred as RPM is a tool used for managing software packages and its main function.

Managing Software using RPM. ♦ Overview In Linux, Red Hat Package Manager referred as RPM is a tool used for managing software packages and its main function.

Similar presentations

Ads by Google