1 Notes

2 Exercises: Initial Ubuntu System Administration

2.1 Find out what's installed

Log on to your machine using SSH as the user specified in class.

Once you are logged in, take a look at all the packages installed on your system:

$ dpkg --get-selections

All installed packages fly by on the screen. Let's slow that down:

$ dpkg --get-selections | less

The "less" command lets you quickly search text. Is the "openssh-server" server installed on your machines? (It should be if you are logged in :)

    Type "/openssh" and press <ENTER>

You should see something like:

    openssh-client                                 install
    openssh-server                                 install

with the "openssh" text highlighted. Press "q" to exit the less screen.

Another way to see packages is:

     dpkg --list | less

Try it!

What version of "openssh-server" is installed?

$ apt-cache policy openssh-server

Or, you could also say:

$ dpkg --list openssh-server

2.2 Find out if a package is available to be installed

You have a local cache of all packages available to be installed from the Ubuntu package repositories. You can search this cache using the "apt-cache" command. Before you can use apt-cache the first time you need to update your local cache. Let's do this now (we did this for you when setting up your machine):

$ sudo apt-get update

Once this completes we can search for available packages. Let's see if the "ipcalc" package is available in our Ubuntu repositories:

$ apt-cache search ipcalc 

It looks like there are three packages matching the name "ipcalc". Try typing:

$ sudo apt-get install ipcalc
[sudo] password for sysadm: .... <- your password

$ ipcalc 41.93.45.101/24

This is very useful! We'll talk more about what all this means later today or tomorrow.

2.3 Stopping and starting services

The scripts to run services on your machine are located in /etc/init.d/. By default, when Ubuntu installs a package the startup scripts for the package are run and the package is configured to automatically run at system startup.

Try viewing the status of the ssh server, stopping and starting the server and reloading the server's configuration file (/etc/ssh/sshd_config):

$ service ssh help

You are shown the commands you can perform on the ssh service.

Try to view the status of the ssh server:

$ sudo service ssh status

Since we are connected using ssh we cannot stop this service. If we did, then you would lose your connection and need to go to your machine's console to manually restart the service.

is a web server running?:

$ sudo service apache2 status

Yes? Let's look at the default page of your machine's web server:

$ lynx localhost

Type "q" to exit this text-based web browser (a very powerful tool).

Let's stop the Apache web server:

$ sudo service apache2 stop

Can you see the web server's default page any more?:

$ lynx localhost

Let's start the server again:

$ sudo service apache2 start

And, verify that you can see the page:

$ lynx localhost

Later today, or tomorrow we'll look at other ways to check for running services.

2.4 Turning a service off

If, for some reason, you decide that a currently running service should be turned off permanently, but that the software should not be removed, then you need to use the update-rc.d utility.

To stop the Apache web server permanently you would do:

$ sudo update-rc.d apache2 disable

Did you see something like this?

 Disabling system startup links for /etc/init.d/apache2 ...
 Removing any system startup links for /etc/init.d/apache2 ...
   /etc/rc0.d/K09apache2
   /etc/rc1.d/K09apache2
   /etc/rc2.d/S91apache2
   /etc/rc3.d/S91apache2
   /etc/rc4.d/S91apache2
   /etc/rc5.d/S91apache2
   /etc/rc6.d/K09apache2
 Adding system startup for /etc/init.d/apache2 ...
   /etc/rc0.d/K09apache2 -> ../init.d/apache2
   /etc/rc1.d/K09apache2 -> ../init.d/apache2
   /etc/rc6.d/K09apache2 -> ../init.d/apache2
   /etc/rc2.d/K09apache2 -> ../init.d/apache2
   /etc/rc3.d/K09apache2 -> ../init.d/apache2
   /etc/rc4.d/K09apache2 -> ../init.d/apache2
   /etc/rc5.d/K09apache2 -> ../init.d/apache2

these are logical links in the file system telling it to not run the Apache web server at any runlevel the next time the machine starts. If you really did not want the Apache web server to be running any more right now, then you would, also, need to manually stop the service.

Oops! But, we'll need the web server. Let's re-enable the server:

$ sudo update-rc.d apache2 enable

Type man update-rc.d for more details on how this works.

2.5 Reboot your system

To restart your system, you could use:

$ sudo shutdown -r TIME

... where time can be a day, hour, minute...

Or you could try and reboot your machine NOW:

$ sudo shutdown -r now

The "-r" means reboot. Another command for doing this is "reboot". Go ahead and reboot your machine. You will lose your ssh connection, have to wait a few moments and then be able to reconnect to your machine.

To stop a machine entirely you can do (don't do this now!):

# halt -p

or

# shutdown -h -P now

Be careful when using halt on remote systems! Don't do this in class. If you do let the instructor know and they'll restart your machine.

2.6 Figure out how your machine has been partitioned

You want to display free disk space, or "df":

$ df -h

Use:

$ man df

to understand what the "-h" option does.

Look in /etc/fstab. This is where file systems are mounted in Linux. Read the man page on this file:

$ cat /etc/fstab
$ man fstab

Notice that defined file systems are pointing to /dev/vda*. Have a look at these files:

$ ls -lah /dev/vda*
$ file /dev/vda*

What type of files are these?

2.7 Use the top command

The top command let's us see the status of our system at a quick glance. To use top simply do:

$ top

The item at the top of list of running processes is the process using the most CPU resources.

Open a new SSH connection to your PC. In that window type:

$ ls -lahR /

Now in the other window where top is running you should start to see the "ls" process listed using some amount of your total CPU.

At the top of the top window you'll see something like:

    top - 03:17:03 up  1:47,  2 users,  load average: 0.51, 0.19, 0.09
    Tasks:  79 total,   2 running,  77 sleeping,   0 stopped,   0 zombie
    Cpu(s):  4.9%us, 10.9%sy,  0.0%ni,  3.6%id, 79.6%wa,  1.0%hi,  0.0%si,  0.0%st  
    Mem:    508924k total,   491968k used,    16956k free,    59052k buffers
    Swap:   905208k total,     4584k used,   900624k free,   128712k cached

This is a good, quick way to see how much RAM, Virtual memory, CPU, total running processes, etc. that your machine has, and is using.

You can adjust the output of top as it is running. Exit from top by typing "q" and then do:

$ man top

Now run top again and change what it is displaying interactively.

All the information in top is part of a dynamic file system located in /proc. As an example do the following:

$ cd /proc
$ ls

The numbered directories correspond to actual Process IDs of processes that are running. Look at the file meminfo:

$ less meminfo

Remember: space bar to go to the next screen of output.

Note that it includes your total RAM. Top uses this file to get this information. Same for cpuinfo, loadavg, uptime, etc.

If you want to know what command was executed to start a number process you can type (for instance):

$ less /proc/1/cmdline

You'll see that the first process started on the system is init.

2.8 Viewing your log files in real time

Now that you have two ssh windows open to your machine do the following:

In one window type:

$ sudo tail -f /var/log/apache2/access.log

In the other window do

$ lynx localhost

The "q" to quit, then do:

$ lynx localhost/junk

Do you see the log messages indicating your access to the main page, and your attempt to access localhost/junk, which does not exist. Note the "404" on the output line of the message. The number 404 means "Not Found".

Now do:

$ cd /var/log/apache2
$ ls

Note there are several log files.

Look for "404" in the access.log log file:

$ sudo grep 404 access.log

Now let's make your web busy and watch this in the log file. Be sure you still have one ssh window with the tail command running:

$ sudo tail -f /var/log/apache2/access.log

In the other window do:

$  while :; do lynx -dump localhost; sleep 1; done

Note the timestamp column in the access.log update each second. When you are done go to the window where you are running the "while" loop and press ctrl-c to terminate the process.