Untitled Document

Chapter - 17 System Administrator

We have seen Linux /UNIX commands its structure and usage now , its time to make a visit to the world of system administration .This task is usually assign to a single person - the System Administrator also known as a superuser or root user .The administrator has vast powers , having access to practically everything .The stability of any UNIX / Linux installation depends, in grreat measure , on the effectiveness of the system administrator . Today a user must know some of the important administrative functions that a user may need to run at any time .

The system administrator involves in the management of the entire system - ranging from maintaining user accounts,security and managing disk space to performing backups . The Job is not so difficult as UNIX / Linux is more easily maintained and well documented operating system .


System Administrator's Login - 

The UNIX / Linux system has a special login name for the system administrator called as root . This accound doesn't need to be separately created but comes with every system. Its password is generally set at the time of installation of the system.

 login: root
 password: ******** [Enter]
 # _

On successfull login you will see # prompt , unlike $ or % used by nonprivileged users . Once you login as root , you are placed in root's home directory . Depending on the system , this directory could be / or /root .

On modern systems , most administrative commands are resident in /sbin and /usr/sbin , but if you are using an older system , you could find them in /etc . root's PATH lists is also different from the one used by other users :


Since the superuser has to constantly navigate the file system , it's possible that he might inadverently execute progras and scripts written by other users . That's why the PATH for a superuser doesn't include the current directory .

su: Acquiring Superuser Status -

Any user can login as superuser with su command if he / she knows the root passowrd . For example , the user sharma ( with the home directory /home/sharma ) becomes a superuser in this way :

   $ su
     password: *********     root's password
   # pwd
     /home/sharma            Prompt Changes but directory doesn't

Though the current directory doesn't change , the # prompt indicates that sharma now has power of a superuser . To be in root's home directory on superuser login , use su -l

Creating a User's Environment - Users often rush to the administrator with the complaint that a program has stopped running . The administrtaor first tries running it in a simulated environment . su , when used with a - , recreates the user's environment without taking the login - passowrd route :

su - sharma --------- No password required .

This sequence executes sharma's .profile ( or relevant startup scripts ) and temporarily creates sharma's environment . su runs a separate sub - shell , so this mode is terminated by hitting [ctrl-d] or using exit .

The Administrator's Privileges -

The superuser has enormous powers , and any command invoked by im has a great chance of success than when issued by others . The command may also behave differenty or be reserved for is exclusive use . Here are some of the powers of superuser listed below .

  • Change the contents or attributes of any file like its permissions and ownership . He can delete any file even if the directory is write protected !
  • Initiate or kill any process . The administrator can directly kill all processes except the ones essential for running the system .
  • Change any user's password without knowing the existing one .
  • Set system clock with date
  • Address all users concurrently with wall
  • Limit the maximum size of files that users are permitted to create with ulimit
  • Control user's access to the scheduling sevices like at and cron .
  • Control user's access to many networking services like FTP ,SSH etc .

The administrator has to use these powers with utmost caution . Any unplugged loophole can cause disaster if that knowledge is acquired by a mischiveous person . Lets see how admiistrator exercise these powers listed above .


date : Setting the System Date -

We have used date command to display the system date and time on terminal . The administartor uses same command with numeric arguments to set system date .The argument is usually an eight-character string of form MMDDhhmm , optionally followed by two or four digit year string :

   # date 05110815 
     Wed May 11 08:15:00 IST 2016

UNIX / Linux system will continue to understand the century for some time . Make sure that the date is reasonably accurate as the cron and autosys scheduler uses the clock time to run jobs .

wall : Communicating with users  

The wall command addresses all users simultaneously . Most UNIX system don't permit users to run this command ( Linux Excepted ) , and reserve it for the sole use of the administartor :

   # wall
     The machine will be shut down today 
     at 13:30 hrs . The backup will be at 12:30 hrs

This command is regularly executed by administrator to publish such messages - All users currenlty logged in will receive this message on their terminal .

ulimit : Setting Limits on File Size -

Faulty programs or negiligence can eat up disk space in no time . The ulimit command imposes a restriction on the maximum size of a file that a user is permitted to create . The superuser can increase its limit :

   ulimit 30971510     measured in 512-byte-block 

We can place this statement in /etc/profile so that every user has to work within these restrctions. When used by itself , ulimit dispalys the current setting . Solaris and Linux show unlimited as the default output , but it could be different on your system .

Controlling Use of at and cron -

The access to the use of at and batch is restricted and controlled by the files at.allow and at.deny in /etc/cron.d ( /etc linux ) . If at.allow is present , only users listed in the file are permitted to use at and batch . If it is not ptresent , the system checks at.deny for users who are barred from using these commands . If neither file is present , only the system admnistrator is permitted to invoke at and batch .

The cron scheduler is used by the administrator to make commands like find and du compile useful information about the system or for autoamting the backup operation .Like at and batch . the authorization to use it is contolled in identical manner by two files , cron.allow and cron.deny in /etc/cron.d ( /etc in Linux)

Security Constraints -

Security in computer system on files and directories is the most important part becuase a malicious user can exploit system if we have a faulty file permissions . As administrator we have to ensure that the system directories ( /bin, /usr/bin ,/etc ,/sbin etc ) and the files in them are not writable by others . Lets see some important security features of Linux / UNIX system.

passwd : Changing Password -

passwd prompts for existing password when the command is used by a nonprivileged user . However , when the supeuser uses the command , the system behaves in a more lenient manner :

   # passwd 
     Changing password for root 
     Enter New passowrd ( minimun of 5 characters , maximum of 8 characters )
     Please use a combination of upper and lower case letters and numbers .
     New Passowrd : **********
     Re-Enter password : **********
     Passowrd Changed .

Note that the system doesn't prompt for the old password this time . UNIX / linux also allows the administrator the privilege of changing anybody's password without knowing it :

   passwd sharma

Once again , the old password is not prompted for ; the new one has only to be entered twice . The passwd command offers feature that forces user to change their password after a specific time .

User Management -

The term user in UNIX / Linux is not meant to be only a person ; it can represent a project or an application as well . A group of users performing similar functions may use the same username to use the system . Its thus quite common to have usernames like testqa , appdev , prodsupport and so on . For the creation and maintenance of user accounts , UNIX / Linux provides three commands - useradd , usermod and userdel .

When opening a user account , you have to associate the user with a group . A group usually has more than one member with a different set of privileges . People working on a common project should be able to read one another's files, which is possible only if they belong to the same group .

Creaing users involves defining the following parameters .

  • A user identification number ( UID) and username
  • A group identification number ( GID ) and group name
  • The Home Directory
  • The login shell
  • The mailbox in /var/mail
  • The passowrd .

Most of these parameters are found in a single line line identifying the user in /etc/passwd. We will now create a group for a user and then add that user to the system .

groupadd: Adding a Group

If the user is to be placed in a new group , an entry for the group has to be created first in /etc/group . A user always has one primary group an may also have one or more supplemetry groups . This file contains all of the named groups of the system , and few lines of this file reveal the structure :


Each line contains colon-delimited fields. Let's focus our attention on the group named users shown in the frst field . This is the same name you see in the group ownership column of the listing . The second field once represented the group password but is hardly used today ; it is either blank or ab x. The third field shows the user's GID ( here , 100 ) . The last field contains a list of comma-delimited usernames ( henry,oracle,image,enquiry) for whom this is the supplementry group . A blank at this position doesn't mean that no one is amember of this group ; it's just that it's not the supplementry group for any user . Note that primary group for a user is shown in /etc/passwd .

To create a new group ,dba,with a GID of 241, you have to use the groupadd command :

   groupadd -g 241 dba         241 is the GID for dba 

The command places this entry in /etc/group which you can also insert manually .


Once an entry for the group has been made , you are now ready to add a user of thsi group to the system .

useradd: Adding a User

The useradd command adds new users to the system . All parameters related to the user have to be provided in the command line itself :

   # useradd -u 210 -g dba -c "THE RDBMS" -d /home/oracle -s /bin/ksh -m oracle 
   # _

This quietly creates the user oracle with a UID of 210 and group name dba . The home directory is /home/oracle and user will use the korn shell . The -m option ensures tthat the home directory is created if it doesn't already exist and copies a sample .profile and .kshrc to the user's home directory . The line useradd creates in /etc/passwd is hsown below :

   oracle:x:210:241:THE RDBMS:/home/oracle:/bin/ksh

useradd also sets up the user's mailbox and sets the MAIL variable to point to taht location ( in /var/mail or /var/spool/mail ). You now have to set the new user's password with the command passwd oracle . Once all this is done , the oracle user account is ready for use .

/etc/passwd and /etc/shadow: User Profiles

All user information except the password encryption is now stored in /etc/passwd. The file contained the password once , the reason why it continues to be known by that name . The encryption for password is now stored in /etc/shadow . This is now the control file used by passwd to ascertain the legitimacy of user's passowrd

Let's take the line from file /etc/passwd for user oracle . There are seven fields here and their significance is noted below ( in the order they appear in /etc/passwd )

  • Username - The name you use to log on to UNIX / Linux system ( sharma )
  • Password - No Longer stores the password encryption but contains an x
  • UID - The user's numerical identification ( 212 ) . No two users should have the same UID . ls prints the owner's name by matching the UID obtained from the inode with this field .
  • GID - The user's numerical group identification ( 251 ) . This number is also the third field in /etc/group .
  • Comment or GCOS - User Details , e.g his / her name , address and so on . This name is used at the front of the email address for this user . Any email sent from this user account will show the sender as "The RDBMS" <oracle@heaven.com> - assuming that the user belongs to the doamin shown .
  • Home Directory - The directory where the user ends up on logging in ( /home/oracle ) . The login program reads this field to set the variable HOME .
  • Login Shell - The first program executed after logging in . This is usually the shell (/bin/ksh) login sets the variable SHELL by reading this entry and also fork-execs the shell process .

For every line in /etc/passwd , there is a corresponding entry in /etc/shadow . The relevant line in this file could look something like this :


The passowrd encryption is hsown in the second field . It's impossible to generate the passowrd from this encryption . However , an intellegent hacker can use an encryption algorithm to generate a sequence of encrypted patterns. It's quite possible that she might just find a match , so this file must be made unreadable to all but the superuser .

The last field in /etc/passwd is actually the command to be executed when a user logs in . This is usually the shell, but the administrator may choose a different program to restrict the user's actions.

usermod and userdel : Modifying and Removing Users -

usermod is used for modifying some of the parameters set with useradd . Lets consider that user wants to change their login shell , the following command line sets Bash as the login for the user sharma :

   usermod -s /bin/bash/ sharma

Users are removed from the system with userdel . The following command removes the user sharma from the system :

   userdel sharma                                                                     Doesn't delete user's files 

This removes all entries pertaining to user sharma from /etc/passwd , /etc/group and /etc/shadow . The user's home directory doesn't get deleted in the process and has to be removed separately if required .

Startup and Shutdown

Startup after a machine is powered on , the system look sfor all peripherals and then goes through series of steps that may take up to a few minutes to complete the boot cycle . The exact sequence is system - dependent , but the first major event is the loading of the kernel into memory . The kernel then spawns init which , in turn , spawns further processes . Some of these processes monitor all of the terminal lines , activate the network and printer . Eventually init becomes the parent of all shells .

A UNIX / Linux system boots to a specific state and this state is reprresented by a number or letter , called the run level . As of now we should know the following two states .

  • Single - User mode - This mode is important for the administrator , who uses it to perform his administrative tasks , like checking or backinup indiviual files systems . Other users are prevented from operating the system in single - user mode .
  • Multiuser - In this mode , individual file systems are mounted and system daemons are also started .

The who -r command displays the run level for your system :

   $ who -r 
     .       run-level  3  Jan  9  09:39    3   0  S

This machine is at run level 3 , a state which supports multiuser and network operations . We will have more to discuss about run levels and the role of init in our upcoming chapters .

Shutdown -

The administrator also has the duty of shutting down the machine at the end of the day . The shutdown command controls this sequence . shutdown usually performs the following activities -

  • Notifies users with wall about the system going down with a directive to log out . Users are then expected to close their files and log out. shutdown itself sleeps for a minute after mailing the first message and may issue a reminder too
  • Sends signal to all running processes so they can terminate normally
  • Logs user off and kills remaining processes .
  • Unmounts all secondary file systems .
  • Writes information about file system status to disk to preserve the integrity of the file system
  • Notifies users to reboot or switch off , or moves the system to singlle-user mode .

shutdown finally displays a message that could look something like this :

   Reboot the system now or turn power off 
   System Halted 

The machine can now be considered to have completed the shutdown sequence successfully . We can now turn the power off for machine .

The -g option to shutdown overrides the default waiting time of one minute . The command can be used in these ways :

   shutdown -g2             Powerd down the machine after 2 minutes 
   shutdown -y -g0          Immediate Shutdown 
   shutdown -y -g0 -i6      Shut down and reboot  

The Linux system has following features - Linux uses the -t option to override the default waiting time of one minute . shutdown can also be used in these ways :

   shutdown 17:30             Shut Down at 17:30 
   shutdown -r now            Shut Down immediately and reboot 
   shutdown -h now            Shut down immediately and halt 

Managing Disk Space

No matter how many disks are added to the system , there will always be a scamable for space . Users often forget to remove the files they no longer require .Files tend to accumalate during the day , thus slowig down the system . If this buildup is not checked , the entire disk space will eventually be eaten up . The administrator must regularly scn the disk and locate files that have outlived thier utility . He needs the df and du commands for this task as well as find that has already been discussed . All three commands can also be issued by any user .

df : Reporting Free Space -

The df ( disk free ) command reports the amount of free space available for each file system separately .

   $ df
   /             (/dev/dsk/c0t0d0s0) : 3491876   blocks   483932   files 

   /usr          (/dev/dsk/c0t0d0s4) : 2434820   blocks   458466   files
   /var          (/dev/dsk/c0t0d0s1) : 3881394   blocks   484212   files 

There are several file system on this machine , but we don't have control over all of them . The first column shows the directory where the file system is attached . The second column shows the device name of the file system . The last two columns shows the number of 512 byte blocks available and the number of files that you can create .

The first line in the list refers to the root file system ( / ) which has block of disk space free . It also has 483932 inodes free , which means that up to that many additional files can be created on thid file system . The system will continue to function until the free blocks or inodes are eaten away , whichever occurs earlier .

The -t ( total ) option includes the above output , as well as the total amount of disk space in the file system . We won't display its output , but we will consider the informative -k option that reports in units of KB . This time, let's obtain the statistics for the / and /usr file systems .

   $ df -k / /usr                     Repeats on / and /usr file systems 
   Filesystem            kbytes    used     avail    capacity     Mounted On
   /dev/dsk/c0t0d0s0    1986439   240501   1686345     13%          /
   /dev/dsk/c0t0d0s4    2025076   807666   1156658     42%          /usr

You probably won't need to know anything more than what this output offers . It shows the percentage utilization also . Once we have identified the file system that need to be investigated thoroughly you need te du command that is considered next .

The Linux default output itself is quite informative , it shows bot the total as well as the available space , but in a format that resembles the -k option used by UNIX . The -h option makes it even more readable by reporting in larger units ( like MB, GB )

   $ df -h / /download
   Filesystem      Size   Used   Avail   Use%    Mounted On 
   /dev/hda10      4.8G   2.6G   1.9G    57%       /
   /dev/hda13      5.6G   985M   43G     18%      /download

du : Disk Usage -

you will often need to find out the consumption of a specific directory tree rather than an entire file system . du ( disk usage ) is the command you need as it reports usage by arecursive examination of the directory tree . This is how du lists the usage of /home/sales/tml:

   # du /home/sales/tml
   11554     /home/sales/tml/forms
   12820     /home/sales/tml/data
   638       /home/sales/tml/database
   25170     /home/sales/tml                      Also reports a summary at end 

By default , du lists the usage of each subdirectory of its argument and finally produces a summary . The list can often be quite large and more often that not you may be intrested only in a summary . For this , the -s ( summary ) option is quite convenient :

   # du -s /home/sales/tml
   25170  /home/sales/tml

Accessing Space Consumed By Users : Most of the dynamic space in a system is consumed by users home directories and data files . You should use du -s to report on each user's home directory . The output is brief and yet informative :

   # du -s /home/*
   144208     /home/henry
    98290     /home/image 
   13834      /home/local
   28346      /home/sales

du can also report on each file in a directory ( -a option ) but the list would be too big to be of any use . You may instead look for some of the notorious disk eaters, and exceptional reporting is what you probably need . The find command can do this job .

Untitled Document Scroll To Top Untitled Document