Linux AdministrationPart 2

Chapter 3

1

Passwords and Permissions

The Linux system of permissions is much more difficult than that of Windows

System administrators are given more control with the use of three distinct permission categories of read, write, and execute.

2

Passwords and Permissions

Access type File Folder

Read If the file contents can be read

If the directory listing can be obtained

WriteIf user or process can write to the file (change its contents)

If user or process can change directory contents somehow: create new or delete existing files in the directory or rename files.

Execute If the file can be executedIf user or process can access the directory, that is, go to it (make it to be the current working directory)

4

3

Passwords and Permissions File and directory permissions in Linux are controlled

through the use of the chown and chmod commands.

The chown command is performed by all users to specify the user and group ownership of a file or directory:◦ chown username.group filename◦ For example: chown jdoe.executives

report_01 File and directory ownership is an important concept

in Linux because permissions are declared for both users and groups based on this ownership ◦ chmod mode filename◦ For example: chmod 700 report_01

4

File System Configuration Files There are two types of configuration files for the

Linux file system, User and System configuration files.

The user configuration files are stored as dot (.) files The user settings for the KDE interface are stored in

the .kde and .kderc files. These dot files are hidden and are ignored by most

Linux tools, They can be listed by the ls –a command.

5

File System Configuration Files

System configuration files control system functions after the system has been booted up.

These files control programs that run in the background, most often unnoticeable to the user.

Each program has a configuration file found in its corresponding subdirectory located in the /etc directory.

The /etc/fstab file provides access to disk partitions and removable media devices.

6

File System Configuration Files

The /etc/inittab file is responsible for controlling initial processes, which runs the startup scripts on a Linux system.

There are two types of lines that will be found in the /etc/inittab files: comment lines and control lines.

Comment lines are found in all scripts in any operating system.

These are the lines that are commented out using a pound sign (#).

Control lines are the lines that are read by the program.

7

VI Editor

Linux includes text editing tools that allows the creation of the configuration and script files as well as editing them.

They are vi Editor and Pico.

The vi editor is the most common one.

The three modes of operation in vi Editor are command, edit/entry, and last-line.

Enter "edit" mode by choosing the command i.

8

Scripts The Linux operating system can accommodate many

different scripting languages. The most common and basic of these is its built-in ’shell scripting’ abilities.

A shell script is a text file that contains any number of Linux commands listed successively.

Each command is executed in turn exactly as if it had been typed at the command prompt.

Shell scripts can also contain programming logic such as looping and conditional statements.

9

Benefits of Networking10

Benefits of Networking

File, print, and application services. Mail services Directory and name services The Internet Network administration

11

File, Print, and Application Services

The desire to share important information was one of the main reasons for the development of computer networks.

Networks enable multiple computers to connect together to share files and communicate via electronic mail(e-mail).

Network devices such as printers connect to the network so that multiple users can share one printer which allows for more efficient use of printers .

12

Mail Services

E-mail works as a “storage-and-retrieval” application.

Mail messages are stored on an e-mail server until the recipient retrieves the e-mail.

There will also be a post office box created for the users.

When e-mail messages are received, the e-mail server will redirect the messages to the users post office box where the messages remain until the user retrieves them.

13

Mail Services

The storage-and-retrieval nature of e-mail systems does not require that the recipient be connected when the e-mail is sent.

It can be picked up or retrieved at a later time.

14

Directory and Name Services

To enable users and systems on the network to find the services they require, computer networks make use of directories and name services.

The network assigns a name to users, services, and devices so that they can be identified and accessed.

Knowing the name of a service on the network enables users to contact that service without having to know its physical location.

15

Directory and Name Services

16

Directory and Name Services

People work easily with names for services than numeric addresses.

They can rely on network directory and name services to translate those names into the addresses used to communicate with the desired service. 17

The Internet

The Internet is a worldwide public network, interconnecting thousands of other networks to form one large "web" for communication.

This facilitates exchange between geographically separated users, organizations, and branches of companies.

These connections enable long distance access to network services for information and device sharing.

18

Network Administration

Computer networks need to be monitored and maintained to remain efficient.

They must also change and grow in response to new technologies and user requirements.

19

Network Administration

20

Daemons 21

Introduction to Linux Daemons

The functions that are called ‘services’ in Windows are referred to as Daemons in Linux.

Examples of Linux Daemons are FTPD and HTTPD. Daemons run as a background process and run

continuously without producing any visible output.

22

Introduction to Linux Daemons There are several common Linux Daemons:

◦ HTTPD: This daemon is responsible for web browser requests.

◦ Inetd: This daemon will wait for an incoming request to be made and then forwards that request to the appropriate Daemon.

◦ Crond: This daemon will run scripts at a specified time.

◦ Syslogd: This daemon will record information about currently running programs to the system log file.

Daemons can be loaded or unloaded into memory at any time.

They can also be restarted without having to restart the entire system.

23

Starting, Stopping, and Restarting Daemons

Sys V scripts can be used to start, stop, or restart Linux Daemons.

To execute these scripts they need to be followed by options such as start, stop, or restart.

To know the current state of a daemon use status.

24

HTTP The Linux NOS is not capable of providing the HTTP

daemon to users. Instead, a separate web-hosting program named

Apache is the common solution. Apache provides the same HTTP Daemons for Linux that

the Internet Information Services (IIS) tool does for Windows .

Users do not have to be running a Linux system to access the apache web server daemon because the apache web-server is accessed by the HTTP protocol, which is operating system independent.

25

FTP - File Transfer Protocol The Linux FTP service

(FTPD) needs no configuring.

This setting is found in the /etc/rc.d/init.d/xinetd.

If a system administrator wishes to disable the service, a pound sign (#) can be placed at the start of the line.

Otherwise, Linux automatically starts the FTP Daemon (FTPD) during the boot process, and users are able to remotely FTP to the machine at any time. 26

Telnet

Telnet allows a remote user to log in to a system for the purposes of issuing commands and accessing files using a CLI.

Telnet must be configured so that only authorized users are able to access the server.

When a server is listening for Telnet requests, a hacker can try to use brute force to break into a system.

The hacker may use a program that guesses the password, then he can log in to the system.

A more secure alternative to Telnet is SSH.

27

Server Message Block (SMB) Protocol

The Server Message Blocks (SMB) protocol is designed to be a file sharing protocol.

It has since been renamed to Common Internet File systems (CIFS) but is still used for file and printer sharing.

This protocol is used to allow non-Linux or UNIX systems to mount Linux file systems and printers over the network.

The SMB protocol allows a Windows client to do this the same way as if they were connecting to another Windows system.

28

NFS NFS is used as a means to share files between

multiple computer systems connected on a network.

NFS stands for Network File System. The xxx is the location of the share in the file

server.

29

Mail Client To set up the e-mail

Daemon on Linux, the administrator will need to set up a mail user agent, the mail transfer agent (MTA), and the transport protocol.

The mailer provides the user with an interface for reading and composing messages.

The mailer uses the MTA to transfer the mail from the sender to the recipient and back.

The two major MTAs are SMTP and Sendmail.

30

Printing in a Linux Environment

The main component of Linux printing is the print queue. It resides on a Linux print server to handles all of the

incoming print jobs directed to network printers. The LPRng software provides the server with the ability

to handle multiple printers and queues as well as provides the security that will be needed in a large network.

The /etc/printcap file is at the core of the LPRng printing software.

Linux uses it to knowswhich printers are onlineand available for printing.

31

Printing in a Linux Environment

Red Hat comes with a GUI tool that can be used to setup printers called printtool.

To use the tool, type printtool at a shell prompt, this will launch the GUI printer configuration tool.

This tool aids in configuring a client workstation to connect to a printer either locally or to a print server over the network. 32