LPI Linux Certification in a Nutshell (74 page)
Read LPI Linux Certification in a Nutshell Online
Authors: Adam Haeder; Stephen Addison Schneiter; Bruno Gomes Pessanha; James Stanger
Tags: #Reference:Computers
System Files
User account information is stored in
/etc/passwd
.Each line in
/etc/passwd
contains a
username, password, UID, GID, user’s name, home directory, and
default shell.Group information is stored in
/etc/group
.Each line in
/etc/group
contains a
group name, group password, GID, and group member list.passwd
and
group
are world-readable.
To prevent users from obtaining encrypted passwords from
passwd
and
group
, shadow
files are implemented.Encrypted passwords are moved to a new file, which is
readable only by
root
.The shadow file for
/etc/passwd
is
/etc/shadow
.The shadow file for
/etc/group
is
/etc/gshadow
.
The following commands are commonly used for manual user and
group
management
:
- useradd
user Create the account
user.- usermod
user Modify the
useraccount.- userdel
user Delete the
useraccount.- groupadd
group Add
group.- groupmod
group Modify the parameters of
group.- groupdel
group Delete
group.- passwd
username Interactively set the password for
username.- chage user
Modify password aging and expiration settings for
user.
Scheduling
Jobs
Both
cron
and
at
can be used to schedule jobs in the
future.Scheduled jobs can be any executable program or script.
The
cron
facility consists of
crond
, the
cron
daemon, and
crontab
files containing
job-scheduling information.cron
is intended for the execution of
commands on a periodic basis.crond
examines all
crontab
files every minute.Each system user has access to
cron
through a personal
crontab
file.The
crontab
command allows the
crontab
file to be viewed and, with the
–e
option, edited.Entries in the
crontab
file are in the
form of:minute hour day month dayofweek commandAsterisks in any of the time fields match all possible
values.In addition to personal
crontab
files,
the system has its own
crontab
files in
/etc/crontab
, as well as files in
/etc/cron.d
.
The
at
facility, shown here, is
for setting up one-time future command
execution
:- at
time Enter an interactive session with
at
, where commands may be entered.timeis of the formhh:mm,midnight,noon, and so on.
- at
The
atd
daemon must be running in order
for
at
commands to be processed.
Access to
cron
can be controlled using
lists of users in
cron.allow
and
cron.deny
.Access to
at
can be controlled using
lists of users in
at.allow
and
at.deny
.
The suite of programs that comes with the Network Time
Protocol (NTP) allow you to keep your system and hardware clocks in
sync with accurate time servers over the Internet.ntpd –q
will update a system clock
against an NTP server and then exit.Hardware clocks are configured to reflect either local time or
Universal Coordinated Time (UTC) plus a time zone offset. The
command
hwclock
can be used to manipulate a
hardware clock from within Linux.The file
/etc/localtime
should be a
symbolic link to the time zone configuration file appropriate for
your locale. For example, in the central United States:#
ls –l /etc/localtimelrwxrwxrwx 1 root root 30 Sep 12 13:56 /etc/localtime \
-> /usr/share/zoneinfo/US/CentralThe command
tzselect
can be used to
change your system’s time zone.
Refer to the previous section on localization and
internationalization.
The syslog system displays and records messages
describing system events.The syslog program is made up of two processes:
syslogd
, which logs user-level events, and
klogd
, which logs kernel events.Messages can be placed on the console, in logfiles, and on
the text screens of users.Syslog is configured by
/etc/syslog.conf
in the formfacility.level:
actionfacilityThe creator of the message, selected from among
auth,authpriv,cron,daemon,kern,lpr,mail,mark,news,syslog,user, orlocal0throughlocal7.levelSpecifies a severity threshold beyond which messages
are logged and is one of (from lowest to highest severity)debug,info,notice,warning,err,crit,alert, oremerg. The special levelnonedisables a facility.actionThe destination for messages that correspond to a
given selector. It can be a filename,@hostname
, a
comma-separated list of users, or an asterisk (meaning all
logged-in users).
Together,
facility.levelscomprise the
message selector
.Most syslog messages go to
/var/log/messages
.
Most system logfiles are rotated to expire old information
and prevent disks from filling up.logrotate
accomplishes log rotation and
is configured using
/etc/logrotate.conf
.
Files in
/var/log
(such as
messages
) and elsewhere can be examined using
utilities such as
tail
,
less
, and
grep
.Information in
syslogd
logfiles
includes date, time, origin hostname, message sender, and
descriptive text.To debug problems using logfile information, first look at
the hostname and sender, and then at the message text.
The most common MTAs on Linux are sendmail, postfix,
qmail, and exim.sendmail, being the oldest MTA, has influenced current MTAs
greatly. The other three popular MTAs all have sendmail
“compatibility programs” to enable them to act as drop-in
replacements for sendmail.The file
/etc/aliases
stores aliases for
inbound mail addresses; it can redirect mail to one or more
users.Whenever
/etc/aliases
is modified,
newaliases
must be executed.Each user can forward his own mail using a
.forward
file, containing the forwarding email
address, in his home directory.Outbound mail that is trapped due to a network or other
problem will remain queued; it can be examined using the
mailq
command.
The Common Unix Printing System (CUPS) is the
current standard for printing on Linux.The
cupsd
daemon handles print
spooling. Configuration files are stored in
/etc/cups/
, and configuration usually
happens through a web interface accessed through
http://localhost:631/
.CUPS maintains backward compatibility with
lpd
.CUPS supports printer configuration in the file
/etc/printcap
for backward
compatibility
.
Printers are assigned to queues, which are managed
by
lpd
, the print daemon.
lpd
listens for inbound print requests,
forking a copy of itself for each active print queue.lpr
submits jobs to print
queues.lpq
queries and displays queue
status.lprm
allows jobs to be removed from
print queues.lpc
allows root to administer queues;
it has both interactive and command-line forms.Filters translate data formats into a printer definition
language.Spool directories hold spooled job data.
New printer definitions are added to
/etc/printcap
:lp|ljet:\
:sd=/var/spool/lpd/lp:\
:mx#0:\
:sh:\
:lp=/dev/lp0:\
:if=/var/spool/lpd/lp/filter:
:lf=/var/spool/lpd/lp/log:The lines in this example are defined as follows:
lp|ljet:\This parameter defines two alternate names for the
printer,
lp
or
ljet
.sd=spool_directoryThis parameter specifies the spool directory, under
/var/spool/lpd
.mx=max_sizeThe maximum size of a print job in blocks. Setting
this to#0indicates no
limit.shSuppress header pages. Placing this attribute in
printcap
sets it, eliminating the
headers.lp=printer_deviceThe local printer device, such as a parallel
port.if=input_filterThe input filter to be used. See
CUPS filters
for additional information.lf=log_fileThe file where error messages are logged.