squeak!
Syllabus Homepage
Course Overview
Course resources
Day 1
Day 2
Day 3
Day 4
Common errors
Internet Glossary
About Your Instructor
Credits: This site powered by the vi text editor, apache webserver, perl scripting, and Debian linux.
squeak!

Unix Admin Pt 1 - Day 4

Goals

In this session you will:
  • use cron jobs
  • use restricted shells
  • review the basics of security
  • install software with a package manager or manually
  • make hardware changes

Review

POST

use cron jobs

  • make sure your job runs outside of cron first, then install in the crontab
  • crontab -e
  • minute hour date month day command day is 0=sunday.
  • some distributions will allow things like: */5, for running every 5 units.

    Danger!    		 The cronjobs will run in an impoverished environment: assume that it will have no path or environmental information whatsoever.
  • By default, the STDOUT of any cronjob is emailed to the user

use restricted shells

  • limit users to apps or menus if desired
  • or use the .profile to move the user out of his native homedir into a subdir
  • limit the underlying shell with rbash, etc. and force their login dir to one under their normal home dir.
  • extra credit: chroot

Security

  • physical
  • social
  • inside issues
  • local logins and passes
  • groups!
  • only run necessary services from inetd.conf or startup. Do a ps -aux to see what's running on your box.
  • SATAN and tripwire, snort

Hardware changes

  • hard disk additions
    • power down, physically install (scsi #s)
    • watch for bootup sequence to find new drive; may give warnings about inaccessibility
    • format
    • partition with fdisk
    • check with fsck
    • create directory mountpoint and mount
    • edit your /etc/[v]fstab
    • set up quotas on partitions as desired
  • modem configuration
    • physically install dipswitch-settable modem plug/play may confuse
    • run script if possible; if not set up dialout /dev/cua0 and/or /dec/ttyd0 receive.
    • link /dec/cua0 to /dev/modem
    • ta dahhh - reseting a stuck serial port -
      • dead mouse - gpm -k and restart it
      • berserk terminal - stty sane, reset
      • confused modem - echo ATZ | /dev/modem
      • dead console (can't log in) - try killing the ttys one at a time
      • toggle runlevels
      • reboot (power down!)

    Software changes

    • package managers
    • binaries v. source
    • README
    • make; make , make dep, make test, make install (Makefile)

    Conclusion

    • take care of yourself and your resources
    • take care of your box
    • keep your head above water by reading news, and industry mags
    • keep your ears to the rail by reading your admin email
    • Go forth and conquer!

    Where to go from here

    • other coursework - sys admin coursework - sun certs
    • outside work - build a unix box!

    http://www.mousetrap.net/syllabus/admin_unix_pt1/day4.html
    $Id: day4.orb,v 1.4 2002/02/11 02:26:32 mouse Exp $

© 1994-2002 jason carr.
distributed under the terms of the GNU Free Documentation License.

jason carr

Reminders

  • Classroom temperature can be wildly variable. Dress lightly and bring layers.
  • your username is based on the class title and the last two digits of your workstation's hostname.
  • remember to take your work with you.