Welcome to the World of Linux

Under Unix, log files are generated by both the system and by various application packages such as database and web servers. These log files can grow so large over time that they become difficult to work with, and also use a lot of system resources. The logrotate utility can help to keep these files more manageable. It renames the log file after a specified period, and creates an empty one. The renamed files can be either compressed, backed up or deleted. It also allows the administrator to limit the number and size of the log files. This program is usually run daily as a cron job.

A configuration file /etc/logrotate.conf allows the administrator to configure basic settings for logrotate. Further configuration settings for each individual log are then placed in the directory /etc/logrotate.d, and given the name of the process.

An example of a typical configuration script /etc/logrotate.d/myprog is shown below:

/var/log/myprog.log {
rotate 7
daily
errors root@localhost
missingok
postrotate
/ etc/init.d/myprog restart >dev/null
endscript
}

Notes:
/var/log/myprog.log - the name of the log file to be rotated
rotate 7 - causes it to keep 7 sets of rotation logs
daily - indicates that logs are to be rotated daily
errors root@localhost - causes errors to be mailed to root on the local machine
postrotate - contains a command to stop and restart the relevant service

This should be used in conjunction with an archiving strategy that backs up the log files to tape on a regular basis. In the above example, a weekly archive would be adequate, since we are keeping seven sets of log files on disk.

When reporting a fault to your operating system support center, you will often be asked for information about your system which you may not have readily to hand. It is therefore useful to know where to find the kind of information that they require. In this article we will look at a few commands that give information about the current system.

The hostname command can be used to display the hostname, domain name or IP address of the local computer. Used with no switches, it displays the hostname only. Additional information can be obtained using the following switches:

-d Display the name of the domain to which the machine belongs e.g. mydomain.com
-f Display the fully qualified host and domain name – admin.mydomain.com
-i Display the IP address for the current machine

The uname command displays information about the current operating environment. Switches include:

-a Display all information
-s Display the name of the operating system
-p Display the type of processor
-r Display the release number of the operating system

The uptime command displays how long the machine has been running since the last reboot.

The lsmod command displays a list of all kernel modules that are currently loaded.

The support center may also want to know if there were any abnormal messages when the system was booted. Since these messages flash past rather quickly on the screen, and you may not even have been present at the last reboot, it is useful to be able to access these messages. The dmesg command redisplays the messages from the last boot. There is also a file /boot.log that contains a log of the initiation processes.

The date sets or displays the date held in the system. Only root can set the date. To display the date and time, the command is

date

The date will be displayed as follows:
Mon Sep 3 18:38:21 GMT 2007

To set the system date, enter the new date in the format mmddyyyy. Fore example, to set the date August 15th 2007, the command is:

date 08152007

Optionally, a time can be entered as well in the format mmddhhmmyyyy e.g.
date 081516302007

The date command also has some useful options that allow you to calculate dates. Using the –d switch, you can calculate what the date will be in 3 weeks time, what the date will be next Monday, and what the date was 25 days ago. The syntax is

date –d directive

The directive is enclosed in single quotes, and can consist of either:

- a number followed by the option of ‘days’, ‘weeks’ or ‘months’, and optionally the word ‘ago’ to signify a date in the past or

- the word ‘next’ or ‘last’ followed by a day of the week.

Examples:

date -d ‘2 weeks’
shows what the date will be 2 weeks from now.

date -d ‘next Monday’
shows what the date will be next Monday

date -d ‘25 days ago’
shows what the date was 25 days ago

Another useful command is cal. This displays a calendar for a given month. Used with no arguments, it displays a calendar for the current month and year. It can also be given the month and the year as arguments.

cal 04 2008
displays a calendar for April 2008.

An alias can be used to give another name to a Unix command. This can be used for several reasons. Some Unix commands have names that are not very meaningful, so you may prefer to allocate your own name to the command. Some users are familiar with other operating systems, and may prefer to use the command names familiar to them. If you frequently use the same switches or arguments to a command, you may wish to define a new command name that runs the original Unix command with those options. Administrators may want to restrict users from using certain commands, or to force them to only use a command with a certain combination of switches. All of these things can be achieved with the alias command.

If we wanted to rename the cat command to type, can do this as follows:

alias type=’cat’

If we wanted to create a command named cdh to change to the directory /usr/home, the command would be:

alias cdh=’cd /usr/home’

If we always want to use the ps command with the e and f switches, we can alias it as follows:

alias ps=’ps –ef’

From then onwards, we only need to type ps without specifying the switches.

If we wanted to remove access to the kill command, we could redefine it as follows:

alias kill=’echo Command not found’

The alias is only effective for the duration of the current login session. To make the changes permanently, the alias commands must be put into the .profile. To make an alias effective for all users, the commands can be put into the /etc/profile, which is a common login script for all users.

To view a list of aliases in effect, type the alias command with no arguments.

To remove an alias for the duration of the current session, use the unalias command. This takes the aliased name as an argument. For example, to remove the aliased cdh command in a previous example, the command is:

unalias cdh

To permanently remove an alias, remove it from the .profile or /etc/profile file.

Each file in the UNIX system has an identifying entry known as an inode. Each inode has a unique number, and holds information such as the ownership and permissions, the date the file was created, and pointers to the location on disk where the data is actually stored. The inode specifies the type of file. File types include normal files, directories, and special files. Special files are actually not files as such; they are pointers to devices such as tape or disk drives.

The inode does not store a file name. Names are associated with inodes in directories. When a file is created in a directory, the inode is created, and the directory updated with the file name and the inode number.

It is possible to have more than one directory entry pointing to the same inode. This is then known as a linked file. The inode stores the number of directory entries that are linked to it.

There are many reasons why it may be convenient to create additional links to files. Some software packages may expect to find all of their files in their own directory. However, the administrator may wish to physically place them in other directories due to space or performance considerations. He can do this by moving the files to the desired location, then creating a link in the original directory. It may also be convenient to create links with meaningful names to files that have long and difficult names.

To create a link to an existing file, the ln command is used as follows:

ln < new_path_name>

for example, to create a link called myfile in the directory /usr/sam to an existing file hisfile in /usr/fred, given that the current directory is /usr/sam:

ln /usr/fred/hisfile myfile

When a file is deleted using the rm command, the directory entry will first be deleted. Then the number of links in the inode will be decremented by 1. If there are no further links to the file, the file itself will be deleted.

As we have seen, each run level has a set of services associated with it. The administrator can define which services are started and which services are stopped when Unix enters a particular run level.

Under the /etc directory, there are directories named rc?.d, where ? specifies a run level. Scripts in these directories will be run when Unix enters this run level. If the default run level is 3, then all scripts in rc3.d would be run as the last step when the system is booted. Since level 0 represents shutdown, scripts in rc0.d will be run when the system is shut down.

Scripts in these directories will be run in alphabetical order, so that the script S01startx would be run before S02starty. Additionally, all scripts beginning with the letter K will be run with the parameter stop whereas all scripts beginning with the letter S will be run with the parameter start. Let us suppose, therefore, that we have scripts K99stopx for stopping a server, and S99startx for starting a server. Effectively, then, the init process will invoke the following commands:

K99stopx stop
S99startx start

When the system is installed, start and stop scripts for services such as networking will automatically be placed in these directories. Many software packages also place entries there if they require any services to run in the background. The administrator can place additional services into these directories. A typical script to start and stop a server called Myserver might look like this:

case “$1″ in
start)
/usr/mydir/MyServer
;;
stop)
/usr/mydir/StopServer
;;
*)
echo “Usage: $0 { start | stop }”
exit 1
;;
esac

Unix theoretically has nine different run levels, each of which can have a different set of services running. In practice, only a few of these are used by most systems. The following is a typical usage by most Unix/Linux systems:

When the system is booted, the operator will be given the choice of entering normal run mode or system maintenance mode. System maintenance mode allows administrative tasks to be carried out, without danger of interference by other users.

When the system is running, it is possible for the superuser to change to another run level using the init command, for example:

Run levels are also known as init states. The administrator can configure exactly which services are running at each run level.

The /etc/inittab defines the default state. This is the state that will be initiated when the system is rebooted or restarted with init 6.

To determine the current run level, enter the following command:

who -r

Logging in to a remote server can be done in several ways. Unix provides the rlogin and ssh (Secure Shell) commands to log in to another machine in the network. The Telnet command is available with several different operating systems, including Windows and Unix. If security is an issue, ssh is a better option, since it uses encryption to ensure that hackers cannot intercept the communication. All of these commands require the host name or IP address of the remote system as an argument to the command e.g.

ssh 10.15.0.5

The connection is terminated when you exit from the remote system.

There are also several terminal emulator programs available on the market that provide additional features for remote login.

Transferring files to and from a remote system is commonly carried out using the ftp command. Like Telnet, ftp is available on most operating systems. To begin an ftp session, type in:

ftp hostname
or
ftp IP address

You will then be prompted for a user name and password for the remote machine. The ftp prompt will then appear:

ftp>

You are now ready to type in ftp commands.

Some useful ftp commands are as follows:

help
This displays a full list of ftp commands

cd
Change directory on the remote machine

lcd
Change directory on the local machine

ascii

Change to ascii mode. This mode is used for transferring text files. Windows text files are not fully compatible with Unix text files. When in ascii mode, ftp will determine which operating system is used on the local and remote systems, and make any conversions necessary.

bin
Change to binary mode. Other than text files, all files should be transferred in binary mode.

get
Get a file from the remote system. The file name can be given as an argument. If it is not, you will be prompted for the file name.

put
Put a file onto the remote system. Again, a filename must be specified.

mget
This is similar to get, but you can include wild cards in the file name to transfer several files with one command.

mput
This is similar to put, but wildcards are allowed.

quit
Exit ftp and return to the command prompt.

Settings for existing users can be changed using the usermod command. This command uses the same switches as useradd, plus some additional ones. The additional switches include:

-l new_login_name Specify a new login name for this user. All other settings remain unchanged, and his home directory and files are not affected.

-L Lock the user. He will not be able to log in unless his login is unlocked.

-U Unlock a locked user

The userdel command is used to remove a user from the system. This removes entries from the /etc/passwd, /etc/shadow and /etc/group file relating to this user. He will therefore be unable to log in. If used with the –r switch, userdel will also remove the user’s home directory and mail entries.

The groupadd command is used to add new user groups to the system. If used with the –g switch, you can specify a group ID for this group. Otherwise, it will be allocated the next free group ID

The groupmod command makes changes to groups. Switches available are:

-g Specify a new group ID
-n Specify a new group name.

The passwd command can be used to change passwords or password-related settings. With no arguments or switches, it changes the password of the current user. For users other than root, this is the only option that is allowed. Given a user name as an argument, it changes the password for that user. The following switches can also be used:

-d Set this user to have no password
-S Display the status of this user
-m Set the minimum days before the password can be changed
-x Set the maximum days for which this password is valid
-W Specify a number of days before the password expires when the user will be warned

In most cases, new users are created with similar settings. It is possible to define defaults, so that when you create a new user, you need only specify the things that are different to other users.

User defaults are held in the file /etc/default/useradd, which may look like this:
HOME=/home
INACTIVE=45
SHELL=/bin/bash
CREATE-MAIL-SPOOL=yes
SKEL=/etc/skel

The HOME entry specifies the directory under which user directories are created. If no directory is specified when a user is created, his home directory will be placed under this directory and given the same name as the user.

The SKEL entry specifies the name of a directory containing files that will be copied to the new user’s directory if the –m and –k switches are invoked when running useradd. This directory will be empty when Unix is installed; it is up to the administrator to place files into it. It is useful for setting up a default .profile file, so that you do not have to create one for every user. There may be other files specific to your installation that could be useful here. In a training institution, for example, you could put all the sample files needed by the students in this directory.

Other entries in the /etc/default/useradd file relate to the various user options, such as number of days to keep inactive accounts.

The useradd command can be run with the –D switch to either view or change these settings. Used with no other switches, this will display the default settings. Used with the –D –b switch, it allows you to specify a base directory for new user directories. Other switches such as –g, -f, -s etc that are normally used when creating a new user can be used in conjunction with the –D switch to set defaults for these options.