- •About the Author
- •Credits
- •How This Book Is Organized
- •Part I: Linux Basics
- •Part II: Installation
- •Part III: Configuration
- •Part IV: Administration
- •Part V: Maintaining the Linux System
- •How Each Chapter Is Structured
- •How to Use This Book
- •Conventions Used in This Book
- •What is Linux?
- •The origin of UNIX
- •Who started Linux?
- •Understanding Open Source
- •Understanding Closed Source
- •Understanding Artistic License
- •Is Freeware really free?
- •Is Shareware never free?
- •A comparison and contrast of licensing methods
- •The Growth of Linux
- •Linux on a Personal Computer
- •Graphical installation
- •Hardware detection
- •Graphical user interface
- •Linux limitations on the PC
- •Linux succeeds on the PC
- •Linux on workstations
- •Linux on servers
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Linux Kernel
- •Kernel versions
- •Kernel availability
- •Linux Distributions
- •Beehive
- •BlueCat
- •Caldera OpenLinux
- •Debian
- •Corel
- •DragonLinux
- •Elfstone
- •Gentoo
- •Hard Hat Linux
- •KRUD
- •LinuxPPC
- •Mandrake
- •Phat Linux
- •Slackware
- •StormLinux
- •SuSE
- •TurboLinux
- •Yellow Dog Linux
- •Mini and Specialty Distributions
- •Astaro
- •KYZO
- •FlightLinux
- •NetMAX
- •Packages and Packaging Solutions
- •Red Hat Package Manager
- •Debian Package Management System
- •Tarball
- •Linux Resources
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Linux In the Real World
- •Word Processing
- •Spreadsheets and databases
- •Web browsing
- •File transfer
- •More, more, and more applications
- •The Server and DNS
- •A Linux Web server
- •Linux e-mail server
- •File servers
- •Proxy, news, and search servers
- •FTP servers
- •Firewalls
- •Determining Linux Roles and Services
- •Comparing Linux with other operating systems
- •Hardware compatibility
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Installing Linux
- •Final Preparations for Installation
- •Verification
- •Package selection
- •Final hardware verification
- •Pre-installation partitioning planning
- •Installing Linux
- •Text or GUI installation
- •Basic setup of Linux
- •Selecting the machine type
- •Partitioning the hard disk drive
- •Installing a boot manager
- •Creating the Boot Diskette
- •Networking
- •Additional installation information
- •Accounts and passwords
- •Additional packages to install
- •GUI installation
- •Obtaining video card information
- •Configuring the X windows system
- •Selecting the windows manager or desktop environment
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Answers to Assessment Questions
- •Scenarios
- •Alternative to the GUI Installation
- •Command Line installation
- •Install the Linux system
- •Network installations of Linux
- •Review of a Linux Installation
- •Installation media
- •Initial selections
- •Installation type or class
- •Disk partitioning and formatting
- •Installing LILO
- •Network configuration
- •User accounts
- •Authentication methods
- •Package selection and installation
- •A Dual-Boot Installation of Linux
- •Linux with Microsoft Windows
- •Linux with Microsoft Windows NT and 2000
- •Linux and Solaris
- •Linux and other operating systems
- •Installing Additional Software with gzip and tar
- •Installing Additional Software with RPM
- •Removing software with RPM
- •Upgrading software with RPM
- •Query the RPM software
- •Verify the RPM software
- •Verify the package files
- •Upgrading the Kernel
- •Upgrading a Linux Kernel
- •System Log Files
- •The Final Test of the Installation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •What is the X Window System?
- •The X Window System
- •X Client and Server communications
- •X Window Manager
- •Configuring X Window Systems
- •Custom X Window System Programs
- •Manual Configuration of the X Window System
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Basic Network Services
- •TCP/IP Protocol Suite
- •Connection protocols needed
- •Other network protocols
- •Configuring Basic Network Services
- •Host name
- •IP addressing
- •DHCP
- •Netmask
- •Hardware resources
- •Routing and gateways
- •PPP, SLIP and PLIP connections
- •Server Tasks with
- •IP aliases for virtual hosts
- •Apache Web Server
- •Samba File Server
- •Home directories
- •Disk shares
- •Configuring Client Services
- •SMB/CIFS
- •NIS client configuration
- •NFS client configuration
- •Configuring Internet Services
- •Web browser
- •POP and SMTP
- •TFTP
- •SNMP
- •Remote Access
- •Rlogin
- •Telnet
- •OpenSSH
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Adding Hardware
- •Memory
- •Swap
- •Adding a hard drive
- •Video and monitor
- •Printers
- •Configuration files
- •Setting environment variables
- •BASH
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Basic User and Group Administration
- •What are users and groups?
- •Creating users
- •Change user information
- •Deleting users
- •Creating groups
- •Getting Around Linux
- •Navigating Linux
- •Common file and directory commands
- •Setting File and Directory Permissions
- •Mounting and Managing File Systems
- •Mount
- •Umount
- •Mounted file systems
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Multi-User Environment
- •The creation of Virtual Consoles
- •The Linux Terminal Server Project
- •Configurations for remote systems
- •Monitoring remote connections
- •Common Shell Commands
- •Basic shell scripts
- •Caution using root access
- •Navigating the GUI interface
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Runlevels
- •init
- •Shutting down Linux
- •Managing Linux Services
- •Configuring Linux Printing
- •lpd daemon
- •/etc/printcap
- •Printing management
- •Using the vi Editor
- •vi operation modes
- •Editing text files
- •Using the
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Disk and File System Management
- •Repairing Partitions
- •System Automation and Scheduling
- •cron
- •Core Dumps
- •Analyzing core dumps
- •GNU Debugger
- •Managing Networking Interfaces
- •Installing System Packages and Patches
- •Compressed archive
- •Debian Package Installer
- •Slackware Package Installation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Processes
- •Core services versus non-critical services
- •Process administration
- •Process control
- •Monitoring Log Files
- •Maintaining Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Security
- •Securing the Environment
- •Location
- •Environment
- •System Security
- •System/user files
- •Permissions
- •Log auditing
- •Backups
- •Linux Security Best Practices
- •Network security
- •Firewall
- •System security
- •Securing a Web server
- •Securing an FTP server
- •FTP program version
- •FTP configuration files
- •Process security
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Disaster Recovery Planning
- •Types of data
- •Frequency and Scheduling
- •Storage and media types
- •Recovering data
- •Offsite storage
- •Linux Backup Tools and Commands
- •Third party tools
- •Tape devices
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Identifying the Problem
- •Methodology and Best Practices
- •Troubleshooting Resources
- •Documentation resources
- •Internet resources
- •System Log Files
- •Tools for Log Files
- •Output to another file
- •Locating files
- •Process Configuration and Management
- •Stopping, Starting, and Restarting Processes
- •Configuration Files
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Examining the Startup Process
- •Boot process steps
- •Analyzing Boot Process Errors
- •Common Boot Problems
- •Using System Status Tools
- •File System Check
- •System Resource Commands
- •Using the System Boot Disk
- •Types of boot disks
- •Creating a boot disk
- •Creating a rescue/utility disk
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Common User Problems
- •Login problems
- •File and directory permissions
- •Printing problems
- •Mail problems
- •Software Package Problems
- •Package dependencies
- •Software and version conflicts
- •Backup and Restore Errors
- •Backup hardware
- •Backup software
- •File restore errors
- •Application Failures
- •Log files
- •Process and daemon errors
- •Web server errors
- •Telnet
- •Mail services
- •Basic Networking Troubleshooting
- •Networking connectivity
- •Network hardware problems
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Mainboard Components
- •BIOS
- •System memory
- •System Resources
- •I/O addresses
- •Direct memory access
- •Laptop Considerations
- •PCMCIA
- •Linux Peripheral Configuration
- •Installing and Configuring SCSI Devices
- •SCSI definitions
- •SCSI technologies
- •SCSI cabling and termination
- •SCSI device configuration
- •Linux SCSI devices
- •ATA/IDE Devices
- •IDE drive configuration
- •Linux ATA/IDE Drive configuration
- •Linux Support for Other Devices
- •IEEE 1394 (Firewire)
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •What’s on the CD-ROM
- •System Requirements
- •Using the CD with Microsoft Windows
- •Using the CD with Linux
- •Microsoft Windows applications
- •Linux applications
- •Troubleshooting
- •Sample Exam
- •Exam Questions
- •Exam Answers
- •Taking a CompTIA Exam
- •How to register for an exam
- •What to expect at the testing center
- •Your exam results
- •If you don’t receive a passing score
- •About the Linux + Exam
- •Preparing for the Linux+ Exam
- •For More Information
- •Preamble
- •No Warranty
- •Glossary
- •Index
464 Part V Maintaining the Linux System
backup first, and then restore any necessary incremental or differential backups after that. If you restore your full backup after the incremental or differential backups, it may overwrite any newer versions of the files that you just restored.
Always test your restore procedure. Companies spend much time and money formalizing a backup process without ever properly testing restores. Testing a backup is pointless unless you also test a restore from that backup. Problems with the backup device or media may render the backup useless, even if it appears that the backup process worked.
Offsite storage
Offsite storage involves transporting your most current backup media to a safe, offsite location. A reputable records management company can perform this service for you; many of these companies specialize in the storage of magnetic backup media. Offsite storage of your backup media will protect your valuable data in the event of a physical disaster at your current site. Only the system administrator and key management personnel who might need access to the data should have security access to retrieve and send tapes offsite.
Realistically, you should send your most recent full backup of all systems and any archived data to your offsite location. Make two copies of your full backups — one to keep onsite for availability of restores, and one to keep offsite for protection from disaster.
Don’t send your only copy of a full backup offsite. If the tapes are lost in transit or at the offsite storage facility, you have nothing to fall back on. This is rare, but it can happen, so protect yourself by making duplicate copies.
Linux Backup Tools and Commands
5.10 Perform and verify backups and restores
To back up your system, you can utilize several tools and commands to perform the necessary tasks.
Third party tools
The best way to properly back up your system is to use third-party software to schedule backups and perform restores. These types of specialized software make the process of scheduling and performing backups much simpler than using basic command line tools. They also ease tape administration by allowing you to assign tape and volume labels, and support bar-coded labels as well.
Chapter 15 Backing Up Your Linux System 465
A simple point-and-click interface simplifies the process of file restoration because you can search down your directory trees and tape histories to find the exact file that you need. Third party backup programs also offer extensive reporting and management features that let you easily customize reports from backup logs in order to focus on the information that you need the most.
If you are performing simple file system dumps, you probably don’t need extensive backup software. If you are in an enterprise environment, however, you may need to back up several different systems, such as Linux, Unix, NT, and Netware, and third party tools give you a central, common interface to do so. The disadvantage of using third party tools is that they usually back up files by using a proprietary database. If you try to restore files by using a different program or command line tool, it may not work.
If you change the program that you use to back up files, you should retain the older version for at least one year — just in case a restore is needed of a file that was backed up by using the older system.
Most third party solutions also come with modules for specialized backup needs, such as databases or mail servers, which need different backup configurations than regular user files. Modules are also available to take care of open files during a backup. For example, if some users have left their computers on with files still open, the backup system can’t back them up. These specialized modules allow the files to be backed up, even if they are open.
The following are some of the most popular programs available for backing up Linux systems:
Arcserve for Linux: www.ca.com/arcserve/arcserve_linux.htm
Legato NetWorker for Linux: www.legato.com/products/protection/ networker
Veritas NetBackup for Linux: www.veritas.com/us/products/netbackup
Merlin PerfectBackUP+: www.merlinsoftech.com/products/backup.htm
Tape devices
In order to back up data, you need a device to send the data to, which can be another disk, a floppy, or a tape drive. Copying to another disk is a simple matter because you only need to refer to it by its pathname, such as /mnt/backup.
For other devices, such as tape and floppy, all devices in Linux are defined in the /dev directory. For example, the first SCSI tape drive is referred to as /dev/st0. The device name /dev/nst0 means that the tape is non-rewinding, so for each backup, it won’t overwrite the previous session. Table 15-1 shows an example of the device names that may be used for tape backup.
466 Part V Maintaining the Linux System
|
Table 15-1 |
Linux Backup Devices |
|
|
|
Device |
Device Name |
|
|
First SCSI Tape Drive |
/dev/st0 |
|
|
First “No-Rewind” SCSI Tape Drive |
/dev/nst0 |
|
|
Second SCSI Tape Drive |
/dev/st1 |
|
|
First ATAPI Tape Drive |
/dev/ht0 |
|
|
First “No-Rewind” ATAPI Tape Drive |
/dev/nht0 |
|
|
Second ATAPI Tape Drive |
/dev/ht1 |
|
|
Floppy Drive |
/dev/fd0 |
|
|
Commands
The following command examples utilize a default device of /dev/tape to avoid confusion.
Tape device commands
The tape device must be mounted before it can be used by any other backup command or tool. Technically, you are not mounting the tape drive as a file system; rather, you are using the mount command to direct the tape drive to fast-forward or rewind the tape to the proper position. The following commands work on the first tape device, but if you need to specify the device, use the -f option (for example,
mt -f /dev/tape status).
mt status: Tells status of tape drive
mt fsf 2: Fast-forwards the specified number of files on the tape
mt asf 2: Fast-forwards to the specified file number
mt rewind: Rewinds the tape to the beginning
tar
The tar command, short for tape archive, is one of the oldest Unix commands for creating archive files for storage on magnetic tape. The tar command isn’t limited for use on tape devices; it is commonly used to create any type of file archive and to save it to any type of device.
The tar command does not compress data; it only creates file archives. For backup use, you should use the hardware compression that’s built into your storage unit. If you want to compress files with tar, you can use it in conjunction with the compress or gzip commands.
Chapter 15 Backing Up Your Linux System 467
The format of the tar command is:
tar [options] (file1) (file2) ...
You can use several options and arguments with the tar command:
c: Tells tar to create a new archive file
v: Verbose mode; this will print each filename as it is archived
f: Lets you specify a filename for the archive
x: Tells tar to extract files from an archive
p: Tells tar to keep permissions on files when extracted from an archive
To back up the entire /home directory to a tape device, use the following command:
tar -cvf /dev/tape /home
To extract the same file into the current directory, use the following command:
tar -xvfp /dev/tape
To see the contents of a tar archive on tape, use the following command:
tar -tvf /dev/tape
To restore a single file from tape, use the following command:
tar -xvfp /dev/tape /home/file
Know how to create and extract from a tar archive file on tape.
cpio
The cpio command, which means “copy in, copy out,” is similar to the tar command in that it is used for copying files in and out of archives, including tar and its own binary format. The cpio command has three operating modes:
Copy-in mode: cpio copies files out of an archive or lists the archive contents. Only files in the archive whose names match one or more of those patterns are copied from the archive. If no patterns are given, all files are extracted.
Copy-out mode: cpio copies files into an archive. It reads a list of filenames, one per line, on the standard input and writes the archive onto the standard output. Typically, use the find command to generate the list of filenames.
Copy-pass mode: cpio copies files from one directory tree to another, combining the copy-out and copy-in steps without actually using an archive. It reads the list of files to copy from the standard input. The directory into which it will copy them is given as a non-option argument.
468 Part V Maintaining the Linux System
These are some command options that are often used when using the cpio command:
i: Copy-in mode, extract
o: Copy-out mode, create
t: Lists the contents of the input
p: Copy-pass mode
d: Create directories as required
To use the cpio command to list the contents of the archive, use the following command:
cpio -it < [archivefile]
To extract files from an archive, such as an entire /home directory, use the following command:
cpio -id “/home” < [archivefile]
Most often, the cpio command is used in conjunction with the find command to more precisely find the files that are needed in an archive:
find /home -print | cpio -p /dev/tape
dump and restore
Use the dump command to dump entire Linux file systems to the output device of your choice, which can be a disk file or a tape device.
Here are some of the command options that can be used with the dump command:
[0-9]: This option sets the dump level for the current operation. A dump level of 0 indicates a full backup. Any level higher than 0 indicates an incremental backup, so dump copies all new or modified files since the last dump of the same or lower level.
f: This option indicates the file or device that the command is writing to.
To dump the entire /home partition to a tape device, use the following command:
dump -f /dev/tape -0 /home
Use the restore command to restore files that were backed up by using the dump command. The dump command saves the directory structure of the files that were backed up, so when you invoke the restore command, you can navigate up and down the directory tree to choose the files to restore.