1 Notes

2 Exercises: Initial Ubuntu System Administration

2.1 Find out what's installed

Log on to your machine using SSH as the user specified in class.

Once you are logged in, take a look at all the packages installed on your system:

$ dpkg --get-selections

All installed packages fly by on the screen. Let's slow that down:

$ dpkg --get-selections | less

The "less" command lets you quickly search text. Is the "openssh-server" server installed on your machines? (It should be if you are logged in :)

    Type "/openssh" and press <ENTER>

You should see something like:

    openssh-client                                  install
    openssh-server                                  install
    openssh-sftp-server                             install
    openssl                                         install

with the "openssh" text highlighted. Press "q" to exit the less screen.

Another way to see packages is:

     dpkg --list | less

Try it!

What version of "openssh-server" is installed?

$ apt-cache policy openssh-server

Or, you could also say:

$ dpkg --list openssh-server

2.2 Find out if a package is available to be installed

You have a local cache of all packages available to be installed from the Ubuntu package repositories. You can search this cache using the "apt-cache" command. Before you can use apt-cache the first time you need to update your local cache. Let's do this now (we did this for you when setting up your machine):

$ sudo apt-get update

Once this completes we can search for available packages. Let's see if the "ipcalc" package is available in our Ubuntu repositories:

$ apt-cache search ipcalc 

It looks like there are three packages matching the name "ipcalc". Try typing:

$ sudo apt-get install ipcalc
[sudo] password for nsrc: .... <- your password

$ ipcalc 41.93.45.101/24

This is very useful! We'll talk more about what all this means later today or tomorrow.

2.3 Stopping and starting services

The scripts to run services on your machine are located in /etc/init.d/. By default, when Ubuntu installs a package the startup scripts for the package are run and the package is configured to automatically run at system startup.

Try viewing the status of the ssh server, stopping and starting the server and reloading the server's configuration file (/etc/ssh/sshd_config):

You can review the systemctl commands in the presentation.

Try to view the status of the ssh server:

$ sudo systemctl status ssh

Since we are connected using ssh we cannot stop this service. If we did, then you would lose your connection and need to go to your machine's console to manually restart the service. So, let's work with a different service using systemctl.

is a web server running?:

$ sudo systemctl status apache2

Yes? You should see something like:

● apache2.service - The Apache HTTP Server
   Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:
   Active: active (running) since Sun 2017-12-03 13:01:27 UTC; 4min 59s ago
  Process: 126 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCES
 Main PID: 157 (apache2)
    Tasks: 55 (limit: 4915)
   CGroup: /system.slice/apache2.service
           ├─157 /usr/sbin/apache2 -k start
           ├─160 /usr/sbin/apache2 -k start
           └─161 /usr/sbin/apache2 -k start

Let's look at the default page of your machine's web server:

$ lynx localhost

Type "q" to exit this text-based web browser (a very powerful tool).

Let's stop the Apache web server:

$ sudo systemctl stop apache2

Can you see the web server's default page any more?:

$ lynx localhost

Let's start the server again:

$ sudo systemctl start apache2

As this script gives no feedback if it works, let's see if Apache2 is running:

$ sudo systemctl status apache2

and you see...

● apache2.service - The Apache HTTP Server
   Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset:
   Active: active (running) since Sun 2017-12-03 13:09:39 UTC; 20s ago
   ... etc ...

And, verify that you can see the page:

$ lynx localhost

2.4 Turning a service off

If, for some reason, you decide that a currently running service should be turned off permanently, but that the software should not be removed, then you can use the systemctl facility as shown below.

To stop the Apache web server permanently you would do:

$ sudo systemctl disable apache2

Did you see something like this?

Synchronizing state of apache2.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install disable apache2
insserv: warning: current start runlevel(s) (empty) of script `apache2' overrides LSB defaults (2 3 4 5).
insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `apache2' overrides LSB defaults (0 1 6).

these are logical links in the file system telling it to not run the Apache web server at any runlevel the next time the machine starts. If you really did not want the Apache web server to be running any more right now, then you would, also, need to manually stop the service.

Oops! But, we'll need the web server. Let's re-enable the server:

$ sudo systemctl enable apache2

Type

$ man systemctl

2.5 Reboot your system

To restart your system, you could use:

$ sudo shutdown -r TIME

... where time can be a day, hour, minute...

Or you could try and reboot your machine NOW:

$ sudo shutdown -r now

The "-r" means reboot. Another command for doing this is "reboot". Go ahead and reboot your machine. You will lose your ssh connection, have to wait a few moments and then be able to reconnect to your machine.

To stop a machine entirely you can do (don't do this now!):

# halt -p

or

# shutdown -h -P now

Be careful when using halt on remote systems! Don't do this in class. If you do let the instructor know and they'll restart your machine.

2.6 Figure out how your machine has been partitioned

You want to display free disk space, or "df":

$ df -h

Use:

$ man df

to understand what the "-h" option does.

If you see anything that looks like "/dev/vda" you can look in the file /etc/fstab for some more information about your file partitions. Read:

$ man fstab

for more information.

If you see items like /dev/lxd, lxc or /dev/mapper, then you may be running in a vitual machine using logical volume management (lvm). You can ask your instructor to explain this in more detail, or if you are in a virtualization class this will be explained in during the week.

2.7 Use the top command

The top command let's us see the status of our system at a quick glance. To use top simply do:

$ top

The item at the top of list of running processes is the process using the most CPU resources.

Open a new SSH connection to your PC. In that window type:

$ for i in {1..20} ; do ls -lahR /; done;

(You can ask your instructor about how this is working. It showcases some of the power of the Linux/Unix command line.)

Now in the other window where top is running you should start to see the "ls" process listed using some amount of your total CPU.

At the top of the top window you'll see something like:

top - 12:38:34 up 17 min,  2 users,  load average: 0.58, 0.49, 0.35
Tasks:  18 total,   3 running,  15 sleeping,   0 stopped,   0 zombie
%Cpu(s):  3.2 us,  6.8 sy,  0.0 ni, 90.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
KiB Mem:  32833832 total,    56448 used, 32777384 free,        0 buffers
KiB Swap: 33439740 total,        0 used, 33439740 free.        0 cached Mem

  PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND
  357 nsrc      20   0   93116   3408   2396 R  20.3  0.0   0:45.92 sshd
 8469 nsrc      20   0   27872   2064   1680 R  20.0  0.0   0:00.60 ls
 8321 nsrc      20   0   23564   1964   1624 R   0.3  0.0   0:00.12 top

This is a good, quick way to see how much RAM, Virtual memory, CPU, total running processes, etc. that your machine has, and is using.

You can adjust the output of top as it is running. Exit from top by typing "q" and then do:

$ man top

Now run top again and change what it is displaying interactively.

All the information in top is part of a dynamic file system located in /proc. As an example do the following:

$ cd /proc
$ ls

The numbered directories correspond to actual Process IDs of processes that are running. Look at the file meminfo:

$ less meminfo

Remember: space bar to go to the next screen of output.

Note that it includes your total RAM (or the total RAM of your host machine if you are using a Linux/UNIX container or a jail). Top uses this file to get this information. Same for cpuinfo, loadavg, uptime, etc.

If you want to know what command was executed to start a number process you can type (for instance):

$ less /proc/1/cmdline

You'll see that the first process started on the system is init.

2.8 Viewing your log files in real time

Now that you have two ssh windows open to your machine do the following:

In one window type:

$ sudo tail -f /var/log/apache2/access.log

In the other window do

$ lynx localhost

The "q" to quit, then do:

$ lynx localhost/junk

Do you see the log messages indicating your access to the main page, and your attempt to access localhost/junk, which does not exist. Note the "404" on the output line of the message. The number 404 means "Not Found".

Now do (in the same window where you ran "lynx"):

$ sudo -s
# cd /var/log/apache2
# ls

Note there are several log files.

Look for "404" in the access.log log file:

# grep 404 access.log

Now, in the same window, do (note you are still root):

# tail -f /var/log/apache2/access.log

In the other window do:

$ while :; do lynx -dump localhost; sleep 1; done

Note the timestamp column in the access.log updates each second. When you are done go to the window where you are running the "while" loop and press ctrl-c to terminate the process.

2.9 Finishing

Feel free to revisit any of these exercises to practice more or to try different variations. If you have any questions please ask one of your classroom instructors.

You can simply type "exit" in each of your open ssh windows until the close when you are all done.

(Last update 4 December 2017)