User account information is stored in /etc/passwd.
Each line in /etc/passwd contains a username, password, UID, GID, user's name, home directory, and default shell.
Group information is stored in /etc/group.
Each line in /etc/group contains a group name, group password, GID, and group member list.
passwd and group are world-readable.
The following commands are commonly used for manual user and group management :
user
Create the account user
.
user
Modify the user
account.
user
Delete the user
account.
group
Add group
.
group
Modify the parameters of group
.
group
Delete group
.
username
Interactively set the password for username
.
groupname
Interactively set the password for groupname
.
Convert a standard password file to a shadow configuration.
Revert from a shadow password configuration.
Convert a standard group file to a shadow configuration.
Revert from a shadow group configuration.
Modify password aging and expiration settings for user
.
The bash shell uses systemwide configuration scripts—such as /etc/profile and /etc/bashrc-- when it starts.
Commands in /etc/profile are executed at login time.
Commands in /etc/bashrc are executed for each invocation of bash.
Changes to these systemwide files affect all users on the system.
The syslog system displays and records messages describing system events.
Messages can be placed on the console, in log files, and on the text screens of users.
Syslog is configured by /etc/syslog.conf in the form facility
.
level action
:
facility
The creator of the message, selected from among auth, authpriv, cron, daemon, kern, lpr, mail, mark, news, syslog, user
, or local0
through local7
.
level
Specifies a severity threshold beyond which messages are logged and is one of (from lowest to highest severity) debug, info, notice, warning, err, crit, alert
, or emerg
. The special level none disables a facility.
action
The destination for messages that correspond to a given selector. It can be a filename, @
hostname, a comma-separated list of users, or an asterisk, meaning all logged-in users.
Together, facility.levels
comprise the message selector.
Most syslog messages go to /var/log/messages.
Most system log files are rotated to expire old information and prevent disks from filling.
logrotate accomplishes log rotation and is configured using /etc/logrotate.conf.
Files in /var/log (such as messages)and elsewhere can be examined using utilities such as tail, less, and grep.
Information in syslogd log files includes date, time, origin hostname, message sender, and descriptive text.
To debug problems using log file information, first look at the hostname and sender, then at the message text.
Both cron and at can be used to schedule jobs in the future.
Scheduled jobs can be any executable program or script.
The cron facility consists of crond, the cron daemon, and crontab files containing job-scheduling information.
cron is intended for the execution of commands on a periodic basis.
crond examines all crontab files every minute.
Each system user has access to cron through a personal crontab file.
The crontab command, shown here, allows the crontab file to be edited and viewed:
View, or with -e
, edit crontab files.
Entries in the crontab file are in the form of:
minute hour day month dayofweek command
Asterisks in any of the time fields match all possible values.
In addition to personal crontab files, the system has its own crontab files: /etc/crontab as well as files in /etc/cron.d.
System backup provides protection against disk failures, accidental file deletion, accidental file corruption, and disasters.
System backup provides access to historical data.
Differential backups save files modified or created since the last full backup.
Incremental backups save files modified or created since the last full or incremental backup.
A full backup will be coupled with either differential or incremental backups, but not both.
Backup media are rotated to assure high-quality backups.
Backup media must be verified to assure data integrity.
Backup is often performed using tar and mt, as follows:
files
Archive or restore files recursively, to tape or to a tarfile.
operation
Control a tape drive, including skipping over multiple archives on tape, rewinding, and ejecting. operation
s include fsf, bsf, rewind
, and offline
(see the manpage for a complete list).
Backup should include everything necessary to restore a system to operation in the event of a disaster. Examples include /etc, /home, /var/log, and /var/spool, though individual requirements vary.
See "Objective 6: Maintain System Time" in Chapter 18.