Chapter 15 - System Administration

Quiz

1. Under what situations is it appropriate to shut down a UNIX system?

If you will be performing hardware maintenance or you know there will be an interruption in power or other environmental problem, you would shut down a UNIX system.

2. Why do most versions of UNIX now use a ìshadowî password file in addition to the normal /etc/passwd file?

Leaving even the encrypted passwords readable allows someone to attempt to reverse engineer passwords to accounts on the system (including root).

3. What does a ìgettyî process do?

The ìgettyî process waits for a user to start to login on a terminal and starts the login process.

4. Why is it better to use su to become the superuser than to simply login as ìroot?î

When you use su, the action is logged and you can easily return to your normal state when you have finished the task for which you needed the root privileges. If you logged in as root you would always be root even when it wasnít necessary, raising the odds of making some kind of mistake.

5. How can you put UNIX into single-user mode?

On some systems, the shutdown command will put the system in single-user mode, on others the command is ìinit ñsî.

6. When is the integrity of the file system checked?

The file system is checked each time the system boots by running the fsck command in one of the system boot files. The superuser can also run fsck manually.

7. Which files must be modified when you add a new user?

A new entry is required for the password file, /etc/passwd. A new entry in the group file, /etc/group, might be necessary if the new user belongs to a new group. A new directory must also be created for the new user. Other files might be modified depending on the local environment (e.g. mail aliases).

8. What does the ifconfig command do?

The ifconfig command configures, activates, and deactivates network interfaces.

9. Which UNIX subsystems generate accounting records?

Most UNIX subsystems generate accounting records, such as process management, networking, printer, and disk subsystems.

10. Which kernel parameters may be modified?

Kernel parameters listed in the kernel configuration file may be modified easily.

11. Describe the ìTrojan horseî technique for capturing a superuser password.

One might capture the super-user password via a ìTrojan Horseî technique by creating a shell script called ìsuî that prompted for the root password just like the real su command does and writes it to a file and exits. By placing it somewhere ahead of the real su in the superuserís PATH, they might execute your version instead.

Exercises

15.1 Try using cpio and tar to transfer some files to and from a floppy disk. Which of these utilities do you prefer? Why? [level: easy]

Again, the activity is the point, and the answer will be subjective.

15.2 Use du to examine your disk usage. Write a script that prints out the full pathnames of your files that are over a specified size. [level: medium]

You can use du to generate the list and awk to print lines where a file is greater than some specified value.

15.3 Obtain a floppy disk, format it, create a file system on it, mount it, and copy some files onto it. Youíll almost certainly need a system administrator to help you through this process. [level: medium]

This is another exercise where the point is the activity.

15.4 Fill in the functionality of the skeleton script you wrote in Project 1 of Chapter 6 so that it will perform the system administration tasks in your menu-driven interface. Useful tasks to automate include the following:

ï automatic deletion of core files

ï automatic warnings to those who use a lot of CPU time or disk space

ï automatic archiving

[level: medium]

Yet another exercise where the point is the activity.

Project

Ask your system administrator what he or she believes to be the strengths and weaknesses of UNIX from a system administratorís standpoint. Are these issues being addressed by current UNIX releases or in other operating systems? [level: medium]

This is especially subjective since it will depend on the opinion of the system administrator, but it will lead to some interesting discussions.