Chapter 9. Linux System Administration
Prev   Next

Chapter 9. Linux System Administration

Table of Contents

9.1. Logfiles and configuration files
9.1.1. The /var/log/ directory
9.1.2. The /etc/syslog.conf file
9.2. Log Utilities
9.2.1. The logger command
9.2.2. local Settings
9.2.3. logrotate
9.3. Automatic Tasks
9.3.1. Using cron
9.3.2. Using anacron
9.3.3. Scheduling with at
9.4. Backups and Compressions
9.4.1. Backup strategies
9.4.2. Creating archives with tar
9.4.3. Extracting archives with tar
9.4.4. Compressions
9.4.5. The cpio utility
9.4.6. The dump and restore utilities
9.4.7. Backing up with dd
9.4.8. What to backup
9.5. Documentation
9.5.1. Manpages and the whatis database
9.5.2. info pages
9.5.3. Installed documents
9.5.4. HOWTOs and The Linux Documentation Project
9.5.5. Usenet News Groups
9.5.6. Notifying Users about the System
9.6. Exercises and Summary
9.6.1. Questions
9.6.2. Summary
9.6.3. Exercises

Prerequisites

Goals

Overview

We will concentrate on the main tasks of system administration such as monitoring log files, scheduling jobs using at and cron. This also includes an overview of the documentation available (manpages and online resources) as well as some backup concepts.

9.1. Logfiles and configuration files

9.1.1. The /var/log/ directory

This is the directory where most logfiles are kept. Some applications generate their own log files (such as squid or samba). Most of the system logs are managed by the syslogd daemon. Common system files are:

cron

keeps track of messages generated when cron executes

mail

messages relating to mail

messages

logs all messages except private authentication authpriv, cron, mail and news

secure

logs all failed authentications, users added/deleted etc

The most important log file is messages where most activities are logged.

9.1.2. The /etc/syslog.conf file

When syslogd is started it reads the /etc/syslog.conf configuration file by default. One can also start syslogd with -f and the path to an alternative config file. This file must contain a list of items followed by a priority, followed by the path to the log-file:

item1.priority1 ; item2.priority2    /path-to-log-file

Valid items are:

auth/authpriv

user general and private authentication

cron

cron daemon messages

kern

kernel messages

mail

mail system messages

news

Usenet news messages

user

user processes

uucp

messages regarding UUCP

Valid priorities are (from highest to lowest):

  • emerg

  • alert

  • crit

  • err

  • warning

  • notice

  • info

  • debug

  • * (ie all)

  • none

Priorities are minimal. All higher priorities will be logged too. To force a priority to be (for example) info only you need to use an "=" sign as in:

user.=info            /var/log/user_activity

Example 9.1. Listing of /etc/syslog.conf

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                   /dev/console
# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;news.none;authpriv.none /var/log/messages
 
# The authpriv file has restricted access.
authpriv.*                                /var/log/secure
 
# Log all the mail messages in one place.
mail.*                                    /var/log/maillog
 
# Log cron stuff
cron.*                                    /var/log/cron
 
# Everybody gets emergency messages, plus log them on 
# another machine.
*.emerg                                   *
*.emerg                                   @10.1.1.254
  
# Save boot messages also to boot.log
local7.*                            /var/log/boot.log

news.=crit                          /var/log/news/news.crit
news.=err                           /var/log/news/news.err
news.notice                         /var/log/news/news.notice
Prev   Next
8.5. Exercises and Summary Home 9.2. Log Utilities