Forum Moderators: bakedjake
I would cover these topics myself, but I am just a *nix beginner. So I am looking for folks who are willing to donate their knowhow. Any sign-ups?
It might be easier to go along with a topic-by-topic (or even step-by-step) series of questions. I have more than ten years of unix experience on various systems as a user and administrator, but this "tell me everything you know about x" approach makes it somewhat hard just to decide about where to begin...
Which level of insight did you think of? Introduction to the basic concepts? Know enough to be dangerous and need to know where to keep your fingers away? Productivity tips for everyday operation?
Bird, I was thinking more along the lines of "Productivity tips for everyday operation."
That kind of eliminates most of your topics from above.
Security and the directory structure are more of administrative interest, and ideally just don't interfere with productivity. Features and hardware compatibility change from day to day at least for the open source systems: check the compatibility lists.
For troubleshooting, the most basic advice is to try to understand the fundamental (and very simple!) principles of a unix system, the rest is details and a lot of hardware specific stuff... One of those fundamental principles is that (almost) everything on the system can be treated as a file. Takes some getting used to if you're coming from a Windows background, but can be incredibly useful. I'm sure we'll run into many examples to illustrate this.
Ok, one security tip. When connecting to other systems, use ssh instead of telnet wherever possible. I'm currently looking for a secure ftp replacement that works on my system. Ideally, the result will be almost identical in operation, but you're not exposing any unencrypted passwords to packet sniffers anymore.
The actual productivity happens in the shell and with the hundreds of standard utilities. Again, if you're coming from a WinDOS background, this may sound like an oxymoron, but most tasks can be handled much more efficiently on the command line than in the GUI. The problem with shells is, that there are to many different ones to chose from. Personally, I use tcsh, so that's what I can give examples in. The most popular is probably the bash, but that's just a matter of taste. The concepts are almost identical, you'll just have to look up the differing syntax by yourself.
I'm not going to do a brain dump of all my shell tricks right away. Most of it is done by my fingers without much thinking anyway. Expect bits and pieces as they cross my mind, or as someone asks for something. For now only one classic piece of advice:
"grep is your friend" ;)
Please post here if you are interested in taking on such a task.
1. System administration: Creating a stable point and click environment for the average user that is secure and easy to navigate. This part of the learning curve includes basic and advanced bash comand's. Installing and finding the right programs and placing them in the right file directory. Setting up firewall ip-chains or tables. Setting up a xwindow system. Setting up a network system that allows a windows partition to be used.
2. I will just call this part "Getting my work done". For the things that I have to accomplish in a day the command line is not going to be the most productive. I currently have 4 desktops.
a.)This one is set up for what ever my current web project is; html editor,ftp program,graphic program and a browser or two.
b.) This one is set up with a virtual machine with windows 98 loaded that I can use for those things that I haven't yet learned to do with Linux. Plus the fact remains that at least 90% of my site users will be using Windows and I need to test. Its my goal to soon not have Windows access the web at all. I can view projects on my local Apache server.
c.) This one is set up with my e-com site order info stuff, email program and brick and mortar financial stuff.
d.) This one is open for when the phone rings and I have get at something that is not already running.And where I keep a browser open pointed at Webmasterworld:)
The transition for me has been challenging. The multi-tasking abbilities that I am seeing with Linux are going to increase my productivity. My guess is that most of us here at Webmasterworld make our living in the "Getting My work done Part". Its the transition from system's admin that is the bear.
Still dont have it all working but every day gets a little closer.
As questions come up I will contribute where I can.
David
I'll put something together on bash scripting that's in that flavor, if that is the sort of thing you had in mind.
All right Air! Now we have two folks down for writing a little contribution.
I could also cover the "Shell" and "Shell Scripting" items also.
Sorry I didn't hop on sooner. We've moved and today I finally got the LAN at home fired up. Ironically, we're up, but now I have the flu (my head ith topped up und I thound funny when I talk).
I'll be more verbose when I feel better, in a few days.
Rob++
This is very cool. We have three highly skilled *nix folks willing to dedicate some time to this fledgling forum.
We have been building websites since 1995 and we were a bit strange then as we were an all Microsoft environment from design to hosting. Now, we use a great mix of technologies, but are still on the MS server platform. Recently, looking at the costs of implementing just the basic hosting platforms for .NET would mean the equivalent of our wages bill for 6 months!! This means we really have to look at Linux.
What would be so helpful would be an area that real newbies could post and/or some real simple instructions on:
There may be more items required in the above list, but just that list would go a long way to help webmasters used to Microsoft get a start.
Another area that freaks me is 'recompile the kernel'. I am told that this is easy, but I'm afraid the procedure still eludes me no matter how much documentation I read!
I think the idea for basic tutorials in this area is fantastic and I hope it takes off.
Finally, let me thank whoever is responsible for these fantastic forums and I am ashamed that I have only just found them.
Quick Crontab Reference
Crontab –e <- to edit
Crontab –l <- to list
field allowed values
----- --------------
minute 0-59
hour 0-23
day of month 1-31
month 1-12
day of week 0-6 (0 is Sun)
Use `*' to indicate "any".
: saturn; sudo crontab -l
Password:
[...]
10 3 * * 0 /usr/lib/newsyslog
20 * * * * /usr/lib/sendmail -q
1 1 * * 0 /usr/lib/makewhatis /usr/share/man
21 3,9,16,23 * * * /usr/bin/rdate dasher.warthog.com > /dev/null 2>&1
Heh, yeah, I posted that. :)
Rob++
The main reason I got into it is because my sites are hosted on Red Hat servers running Apachie, and I fancied at least learning the basic file structure of Linux systems. I can safely say that I am already getting my head round it all. I also feel that it is better to start from a working system, and then learn how to mess it up, rather than the other way round!
All the best to everyone for 2002,
GTG, Simpsons are on...
(Linux Backup Information)
tar -ztvf (filename) view tarbalsl
tar -ztvf (filename) >> filename (will create a file to view contents of tarball)
tar -ztvf ".tar.gz" ¦ grep "filename" (this will search the tarball)
tar -zxvf (.tar.gz only!) file.tar.gz /path (by default it will unzip to
you path) example $PWD (current path) /home/jplane> tar -zxvf cool.tar.gz
will do this /home/jplane/cool>
---------------------------------------------------------------------------
(Linux Commands)
wall "message" -- send a message to everybody's terminal (broadcasting a message to all)
dd if=ntbootdisk.img of=/dev/fd0 bs=512 (this will read the image ntbootdisk.img and copy it too the file)
dd if=/dev/hda1 of=/mnt/harddrive (this will take the drive /dev/hda1 and copy it to the image /mnt/harddrive)
kill or killall -9 process (will kill the process)
find / -name 'tacos' (will start from root / and search for file named tacos)
df -h (check disk space on all mounted harddrives)
fdisk / cfdisk (create and view partition tables)
date -s 'Sat Feb 10 02:59 PST 2001' (setting time on linux machine)
mount -t smbfs -o username=user,passwd=password //server/share /mnt
rm -rf (remove directory and files stored in directory)
elm -f (/var/mail/spool view and read emails)
uname -a (show current kernel version)
sendmail -bt -d0 (info on sendmail version and more)
whereis, locate, and find are all search commands
fg (fore ground) when running a task and using crtl-z to exit that task
run fg to move between applications.
jobs - list all jobs running in foreground
ps -aux ( show all processes that are being ran on this system)
ps -aux ¦ grep %file% (search for a process that is running)
## restarting sendmail hashes files as needed. (even aliases)
makemap hash mailertable < mailertable (run in the /etc/mail directory
this will refresh the .db table)
sendmail -bi (run this commands to refresh the /etc/mail/aliases and
/etc/mail/majordomo.aliases files)
sendmail -q (this command will process all files in the sendmail queue)
mount /dev/sdb1 /mnt/backup (this will mount the second SCSI drive that
contains all the backup files and folders"/data & /config"
tar -xvf extract .tar files
tar -cvf archive .tar files
tar -zxvf extract .tar.gz files
tar -zcvf compress .tar.gz files
tar -cvf %name% /directories
tar -cvf -X %name% /directories
who - show all users logged in
last - show the last users logged in ( use last - number to shorten)
talk - used to talk with other users on the system
chown - change the current ownership of a file or folder
chmod - change the file attributes on a system
chgrp - change group ownership of a file or folder
mkdir - make a directory
rm - remove a file
rmdir - remove a directory
ln -sf creates a symbolic link to a folder ln -sf test /home now you would be able to change to test and it would link to /home
ln -s filename youname (create a symbolic link to a file)
e2fsck ( use to fix problems with ext2 drives)
fdisk (use to partition a harddrive)
mkfs.ext2 ( use after creating a partition with fdisk)
(SAMBA)
Samba is used to allow Windows Clients to access stuff likes /home
directories and printers.
# here is a list of problems and resolutions that I've found with Samba
- IPC$ password is being requested on Windows clients -
check > smbpasswd -a %username% (add user for samba, will need to also be in /passwd)
check > smbpasswd %username% (change the password for samba users)
check > security = share or user (set this to share)
- Cannot print even though it can connect and view properties.
check > permissions for spool directory (/etc/printcap)
check > spool path
check > restart lpd
- Password is being requested for printing
check >
[printers]
guest ok = yes
Samba contains 3 primary sections by default:
[global]
workgroup = (windows workgroup)
server string = (name)
printing = lprng
[homes]
comment = (windows comment)
path = /home
writable = yes
guest ok = yes
[printers]
comments =
path = (spool path)
printable = yes
browseable = yes
guest ok = yes
(VNCSERVER)
logon as the user you wish to start vncserver for:
[jplane@proxy jplane]$ vncserver (this will start the vncserver for
"jplane" and will assign you a number to your host. It will display this
number once you start the vncserver.
1> Before connected assign your Xserver a display. Simple just type
vncpasswd and then it will ask you for a password.
2> On the Windows Client you will enter the number as host:number.
Example I started the Vncserver and was assigned number 10. I would
connect to 64.64.222.4:10.
# You may only be able to connect as root. This can be fixed by adding
full permissions to /tmp/.X11-unix directory.
# Also it is recommend to connect to a VNCserver you have a connection of
10+ Mbps at least.
# you will also need to have the following path statement in .bash_profile
> PATH=/usr/local/bin:/usr/local/sbin:$PATH:$HOME/bin
# Changing you Session manager can be done by editing Xstartup file in
/home/user/.vnc/Xstartup
gnome-session
twm &
kde &
startkde &
(IPChains)
# utility that works ! [pointman.org...] PMFirewall !
# simple ip chains setup (remember to MASQ first then set "filters")
# MASQ aka NAT
Key:
A = append
D = delete
j = rule
s = source
d = destination
L = list
F = flush
R = replace
Z = zero counters to all chains
C = test this packet on chain
N = create a new user defined chain
X = delete a user defined chain
X = list current masquerading connections
p = proto by number or name
s = source
m = number to mark on matching packet
l = turn on logging
v = verbose mode
V = version
> eth0 (internal network) 192.168.1.0/24
> adds rule
! ipchains -A forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
> delete rule
! ipchains -D forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
or delete by using
! ipchains -R "output/input/or/forward" 1 (number goes here)
! ipchains -F input (flush all input commands)
! ipchains -F output (flush all output commands)
! ipchains -F forward (flush al forward commands)
# MASQ
! echo "1" > /proc/sys/net/ipv4/ip_forward
! ipchains -P forward DENY
! ipchains -A forward -j MASQ -s x.x.x.x/24 -d 0.0.0.0/0
# ipchains filters
# prevent all ipaddresses from 127.0.0.0/8 from entering machine.
! ipchains -A input -j DENY -p all -l -s 127.0.0.0/8 -i eth0 -d 0.0.0.0/0
! ipchains -A input -j DENY -p all -l -s 127.0.0.0/8 -i eth1 -d 0.0.0.0/0
# filter by ip address x is the ipaddress you want to block
! ipchains -A input -j DENY -p all -l -s x.x.x.x/x -d 0.0.0.0/0
# filter by port number deny access to port for y.y.y.y machines
! ipchains -A input -j DENY -p tcp -l -s 0.0.0.0/0 -d y.y.y.y/32 port
! ipchains -A input -j DENY -p tcp -l -s x.x.x.x/x -d y.y.y.y/32 10:100
# port redirection
! ipchains -A input -j REDIRECT 8080 -p tcp -s 0.0.0.0/0 -d 0.0.0.0/80
# ip accounting
! ipchains -L chain -v
! ipchains -N acctin
! ipchains -N acctout
! ipchains -N acctio
# adding routing on startup
> create a script that will start the above rules
> add the following lines to /etc/rc.d/rc.sysinit
if [ -f /sbin/ipchains ] ; then
/route/./start_route
echo Router is now starting.
fi
(Cron Daemon)
* Cron is a task schedule that looks in /etc/cron.hourly,daily,weekly,monthly.
* Crond is the daemon that runs in the background.
* /etc/crontab is the conf file that contains all the info to run jobs and when.
> crontab
- u username displays the users jobs running
- l displays the current job
- r remove a job
! format of a cron job
/etc/crontab
05 15 01 01 01 /sbin/shutdown -r now
05 = minute
15 = hour
01 = day of the month
01 = month
01 = day of the week
/sbin/shutdown -r now = command
** = everyday
if this file where used as jplane
crontab -u jplane jplane.ct
this would save the crontab as jplane.ct
( Sendmail )
sendmail -q will force sendmail to push all the information in the /var/spool/mqueue out!
Relaying
sendmail relaying is controlled with /etc/mail/access and through /etc/sendmail.cf
example of access file
localhost RELAY
nicepeople.com RELAY
Relaying denied? - check you access file and restart sendmail
Make sure you stop and start sendmail after this and also recreate the .db file (makemap hash access > access
Sendmail old and new filenew support
old filename new filename
/etc/bitdomain /etc/mail/bitdomain
/etc/domaintable /etc/mail/domaintable
/etc/genericstable /etc/mail/genericstable
/etc/uudomain /etc/mail/uudomain
/etc/virtusertable /etc/mail/virtusertable
/etc/userdb /etc/mail/userdb
/etc/aliaes /etc/mail/aliases
/etc/sendmail/aliases /etc/mail/aliases
/etc/ucbmail/aliases /etc/mail/aliases
/usr/admn/sendmail/aliases /etc/mail/aliases
/usr/lib/aliases /etc/mail/aliases
/usr/ucblib/aliases /etc/mail/aliases
/etc/sendmail.cw /etc/mail/local-host-names
/etc/mail/sendmail.cw /etc/mail/local-host-names
/etc/sendmail/sendmail.cw /etc/mail/local-host-names
/etc/sendmail.ct /etc/mail/trusted-users
/etc/sendmail.oE /etc/mail/error-header
/etc/sendmail.hf /etc/mail/helpfile
/etc/mail/sendmail.hf /etc/mail/helpfile
/usr/ucblib/sendmail.hf /etc/mail/helpfile
/etc/ucbmail/sendmail.hf /etc/mail/helpfile
/usr/lib/sendmail.hf /etc/mail/helpfile
/usr/share/lib/sendmail.hf /etc/mail/helpfile
/usr/share/misc/sendmail.hf /etc/mail/helpfile
/share/misc/sendmail.hf /etc/mail/helpfile
/etc/services.switch /etc/mail/service.switch
/etc/sendmail.st /etc/mail/statistics
/etc/mail/sendmail.st /etc/mail/statistics
/etc/mailer/sendmail.st /etc/mail/statistics
/etc/sendmail/sendmail.st /etc/mail/statistics
/usr/lib/sendmail.st /etc/mail/statistics
/usr/ucblib/sendmail.st /etc/mail/statistics
#Configure access to allow relaying for certain hosts.
access
access.db
# Contains all the aliases for usmicro.com
aliases
aliases.db
# not being used provided for domain name mappings. User of this should
really be limited to your own domains. It may be useful if you change
names.
domaintable
domaintable.db
# contain a list of domains which we hosts. Formally known as
/etc/sendmail.cw
local-host-names
# Files contains addresses for customer email addresses to local over
riding domains
mailertable
mailertable.db
# Used in addition to aliases
majordomo.aliases
majordomo.aliases.db
# sendmail configuration file
sendmail.mc
# using the same as mailertable (maps incoming users) maps all virtual address into real addresses
# add user@domain.com localhost here for routing
virtusertable
virtusertable.db
Info:
Remember to create DB you must use makemap hash file < file this will
generate a .db file that is binary format.
## New Domains with email!
1> Setup the proper configuration in /var/named/missing.com
2> Configure Users janedoe and johndoe
3> Add missing.com to /etc/mail/local-host-names (5.1 called sendmail.cw)
4> Add Johndoe and Janedoe to /etc/mail/aliases:
5> Add users to virtusertable (5.1 called maildomains)
jannie@missing.com jannie
johnny@missing.com johnny
then save and run makemap hash virtusertable < virtusertable
6> Also add the same above entries to mailertable save and run makemap
also (not necessarily, only need to add the virtusertable)
Once all these steps have been completed also restart sendmail with
sendmail -bi command or /etc/rc.d/init.d/./sendmail restart
(Apache)
Creating several websites to connect to one ip address.
Create the VirtualHost tabs in /etc/httpd/conf/httpd.conf and specify the
Apache Webserver that is running the ip address.
(NFS)
add hosts names to /etc/exports - restart system
/etc/exports
/ (mount point) 10.0.0.17/255.255.255.0(rw) (this will mount 10.0.0.17 and allow read/write access)
access drive from client by typing
mount -o wsize,rsize server:/ /mnt
(note: rpc and portmap both need to being running, check status using netstat -na)
"rm -r" is a recursive rm(1) (e.g. "get subdirs also")
"rm -f" means "don't pester you about RO file permissions"
"rm -rf" merely combines these two
"rm -rf" means "read mail, really fast" if you want to play mean tricks on new users. :)
"ln -s" makes a symlink (pointed to anything: file, dir, nothing)
"ln -f" forces it (removes the target and drops a symlink in there)
"ln -sf" just combines the actions of the above two
While the term isn't proper, you won't be shot if you use the phrase "soft links" when referring to symbolic links. Everyone still knows that you mean "links that aren't 'hard links'". :)
tar(1) almost requires its own topic, but not quite. Here's the rundown:
action flags (unique per use, one required)
-x -- extract ("untar" as it is commonly called)
-c -- create (make a tar file)
-t -- list table (take a peek at what's inside, without extracting)
modifier flags (purely optional)
-v -- verbose
-p -- preserve permissions/ownership
-z -- compress or uncompress
special situation (you always need this, unless you're working with actual backup tapes)
-f <tar_file> -- we're going to work with <tar_file>
The verbose "-v" option to tar(1) often drowns out error messages, so I rarely use it unless I'm using "-t".
Common uses then become:
tar -cf foo.tar foo bar baz (make tarfile foo.tar and include foo bar baz)
tar -tf foo.tar (show you list of files/dirs in foo.tar)
tar -tvf foo.tar (show you what's inside foo.tar, perms and all)
tar -xf foo.tar (untar foo.tar)
tar -zcf foo.tar.gz foo bar baz (make gzipped tarfile foo.tar.gz to include foo bar and baz)
tar -ztf foo.tar.gz (show you the list of files/dirs in foo.tar.gz)
tar -ztvf foo.tar.gz (show you what's inside foo.tar.gz, perms and all)
tar -zxf foo.tar.gz (untar foo.tar.gz)
tar -zxpf foo.tar.gz (untar foo.tar.gz, keep perms)
You can verify everything above in the relevant manpages. If you need manpages for any of these, I can send them to you.
Hope this helps.
Rob++ (Senior UNIX Sysadmin, at large)
[oac.uci.edu...]
This program converts man pages to html. Don't know why but they're always easier to me this way. :)
Most working UNIX (or UNIX-like) installations already have this capability without the need to add new software.
groff(1), the tool to convert man source to text, can also convert it to HTML.
Backing up a bit.. manpage sources are kept in /usr/share/man/man* or /usr/man/man*. You might see some /usr/share/man/cat* (or /usr/man/cat*), but those are already (text) formatted, and don't help much here.
When you type "man foo" and the 'foo' manpage needs to be formatted on-the-fly (i.e. it doesn't reside in /usr/share/man/cat*, but is in /usr/share/man/man*), man(1) does a:
groff -man -Tascii foo.1 ¦ less
In some cases, it does:
groff -mdoc -Tascii foo.1 ¦ less
If you want to generate HTML from manpage source, just type:
groff -man -Thtml foo.1 > /tmp/foo.1.html
Rob++
What! Didn't you play with that as a kid? ;)
