admin tools Flashcards
What tool is used to install software?
rpm - Red hat package manager
what web site provides more details about rpm?
rpm.org
rpm option for applying upgrades
–upgrade
uninstall a software package
rpm –erase
find out what is installed
rpm -qa
find out where a software package is installed
get the full name of the package you are lookng for:
rpm –query –all |grep <searchtoken></searchtoken>
List all the files associated with the package install
rpm -ql rpm -q <name></name>
to get a complete listing of all apps installed
rpm –query –all
what command would provide a detailed list of all install applications?
rpm -qig Applications/System
- g show all groups for the provided string
- i show detailed information about each
what tells you the DHCP server being used by a linux workstation?
cat /var/lib/dhclient/dhclient-eth0.leases
what command will renew a DHCP lease?
dhclient -r
what authentication schemes are available?
using PAM (Pluggable Authentication Modules) the following can be used:
flat files
NIS
LDAP
Samba
Kerberos
What are the typical partitions on a linux server?
/ or root
/boot
/usr (program app files)
/home (user docs)
/var (system procs and logs)
/tmp
/swap (virtual memory)
how big should the swap partition be?
The swap file for virtual storage should be double the physical memory
what partition is /dev/sdb4 ?
the 4th partition on the disk with ID 2 (b)
what is used to install or remove applications?
Red Hat Package Manager RPM
how do you get a list of configuration files associated with an application?
rpm -qc <name></name>
rpm -qc bash
what command will show all apps installed with all details?
rpm -q -i –all
how do you get a list of installed shells?
rpm -qa –queryformat ‘%10{name} %20{GROUP}\n’ |grep -i shells
what is stored in the passwd file
login
encrypted password
UID
default GID
name
home directory
login shell
what appears in the passwd file if shadow passwords are being used?
an x appears in the encrypted password field in /etc/passwd
what command is used to change the system run level?
init { 0 1 2 3 4 5 6 }
0 — Halt
1 — Single-user text mode
2 — Multiuser but no NFS
3 — Full multi-user text mode
4 — Not used (user-definable)
5 — Full multi-user with X11
6 — Reboot
where are the default environment configuration template files stored?
/etc/skel
what file holds a list of available shells?
/etc/shells
what are the fields in the shadow file?
Login name
encrypted password
last passwd change
days until change allowed
days before change required
days warning for expire
days before account inactive
days before account disabled
reserved field
what are the fields in the group file?
group name
group password (optional: if set allows users to join group)
group ID
group members
(comma separated list)
what are the user management command line tools?
useradd
userdel
usermod
groupadd
groupdel
groupmod
what sh script command is used to process the files of a directory?
assuming the directory name is in the variable $SCRIPTS:
for file in ${SCRIPTS}/* do
echo ${file}
blah . . .
blah . . .
done
what sh command loads the current directory location value into a variable?
SCRIPTS=pwd;export SCRIPTS
what file configures dhcp daemon?
/etc/dhcpd.conf
and any other files which the “include” statement specifies
what command checks the dhcp configuration file?
/etc/rc.d/init.d/dhcpd configtest
what cisco command enables a DHCP helper to allow DHCP requests to pass to the next network?
ip helper-address 123.456.789.1
(the ip address of the DHCP server on the other network)
must be a config entry for the router interface facing the network where the DHCP server is located.
where does a DHCP server store information about clients?
/var/lib/dhcpd/dhcpd.leases
what does the service command actually do?
it executes the specified service init script from the /etc/init.d directory with the optional action parameter supplied. Such as:
service iscnamed status
what command will list all services?
service –status-all
where are the service init script stored?
/etc/init.d
what command will restart a service?
service <service_script_name> --full-restart</service_script_name>
OR
service <service_script_name> restart</service_script_name>
which will issue a stop and then start command to the service init script
what command will show the configured status of a service at each run level?
chkconfig –list
what command can change or manage how a service is started?
chkconfig –add <name></name>
chkconfig –del <name></name>
chkconfig <name> (returns true if the service is configured to start in the current runlevel)</name>
what is auditd?
a daemon that provides the Linux Auditing System.
It provides kernel-resident logging of system calls and user space tools to collect and view the Linux system logs.
what command will show a tree of processes and their children?
pstree -A
What command is used to add or remove modules from the kernel?
mobprobe
what command will show the modules present in the kernel?
lsmod
what command can be used to copy a file between two hosts?
rcp
what command can be used to change the current user’s login shell?
chsh
what command can be used to change a file attributes and do so recursively?
chattr -R
what command can be used to split a file into specific sizes?
csplit
what command can be used to show a file’s classification or type?
file
what command will show a hexidecimal format of a file?
hexdump -C <filename></filename>
what command can be used to view the contents of a log file as it grows?
tailf
where are the PAM modules stored?
/lib/security
where are the security files for PAM stored?
/etc/security
where are the configuration files stored for PAM?
/etc/pam.d
What is contained on each line of a PAM application config file?
module_type (auth, account, session or password)
control_flag (requisite, sufficient, optional)
module_path (usually /lib/security)
what are the module_type values for PAM?
auth: prompt for a password
account: determine access based on day, location, console, etc
session: what actions to perform before or after login
password: what module allows users to change passwords
what are the control_flag values for PAM?
required: the module must succeed to procede further
requisite: if this fails, nothing else is tried. immediate failure returned
sufficient: if this succeeds, return success if no other requireds
optional: continue checking other modules even if one has failed
how do you check the swap space?
swapon -s
will show:
[root@bacall ~]# swapon -s
Filename Type Size Used Priority
/dev/dm-1 partition 16744440 69620 -1
how do you prevent login for everyone but root?
the /etc/nologin file is present
The PAM configuration files are corrupt and no one can log in. How do you fix it?
reboot in single user mode
in /etc/pam.d/login put the following:
auth required pam_unix.so
account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
Causes PAM to use the /etc/passwd file
where does PAM record errors?
/var/log/messages
what determines where a machine verifies user authorization?
/etc/nsswitch.conf
passwd: files nis
shadow: files
group: files nis
etc. etc. etc.
what commands verify that the local machine is using NIS correctly?
rpcinfo -u localhost ypbind
ypcat passwd
what file sets the hostname of the machine?
/etc/sysconfig/network
HOSTNAME=<myname>.ox.com</myname>
and
/etc/hosts
129.77.226.77 viper.ox.com viper
where are most RPM package documents stored?
/usr/share/doc
what command will search the man pages for a particular topic?
man -f {yourSearchString}
when listing contents of the /dev directory, what indicates a block device?
the letter b in the ls -la listing
brw-rw—- 1 root cdrom 11, 0 Jul 2 08:24 sr0
what command is used to create a named pipe?
mknod
how do you change the user ownership as well as the group ownership in one command?
chown username.groupname file
use -R to do it recursively through the directories
how is chmod 700 different from chmod u+r u+w u+x ?
using binary notation 700 will replace all permissions.
using symbolic notation will only modify the permission specified
what permissions would allow a directory to be visable, but not the files?
chmod 711 <dirname></dirname>
owner can change anything
group members and world cannot see the files unless they already now the file name
what is the basic syntax for the ln command?
ln -s <filename> <newlinkname></newlinkname></filename>
What GID is reservied for nobody by the different flavors of LINUX?
RHEL and fedora 99
UBUNTO and SUSE 65534
what is the GECOS?
The long descriptive field in the /etc/passwd file normally used to keep the user’s long descriptive name.
where do you add commands you want to run after the server is completely booted up?
/etc/rc.d/rc.local
how do you re-size the swap partition?
Disable swap # swapoff -a
resize it # lvresize -L +1G /dev/vg0/swap
next, (re)setup swap memory : # mkswap /dev/vg0/swap
Now, You can re-enable swap like this: # swapon -a
what command will show the detailed information about a file system including all the superblock info?
dumpe2fs
as in
dumpe2fs /dev/sda1
what command will show the inodes of a file?
ls -lai filename
what command will show detailed information about all the mounts?
cat /dev/mounts
what command will show detailed information about the ethernet adapter settings?
for file in ls /proc/sys/net/ipv4; do echo $file:cat /proc/sys/net/ipv4/$file; done
what command will show all the detail about the CPU?
cat /proc/cpuinfo
what command will show the enhanced security settings for the kernel?
getsebool -a
to set a value use:
setsebool -P <label> <value></value></label>
-P make permanent for next reboot
what command will do a complete backup of a disk?
dd if=/dev/sda2 of=/disk2/backup-sda2.img
what tool can be used to test and diagnose problems with CameronFIX connections?
FIX Tester by Jettek (jettekfix.com)
Multiple simultaneous sessions supported.
Build any FIX message from a template or copy and paste.
Script messages and scenarios.
Reduce errors introduced in new production releases.
Recreate problem scenarios in development and QA environments.
what file configures the CameronFIX system
config.xml
what daemon does the CameronFIX interact with?
LMA or Local Management Agent daemon
where is the cameronFIX username and password set?
config.xml
<session><br></br> <persister><br></br> <replicatedfilepersister></replicatedfilepersister><br></br> </persister><br></br> <messagefactory><br></br> <usernameandpasswordmessagefactory></usernameandpasswordmessagefactory><br></br> </messagefactory><br></br> </session>
what nimsoft module monitors apps?
CA Nimsoft Monitor for Application Response Time
Monitor application response times to help determine if a problem affects your entire user community or only a subset.
Create and playback simulated end user behavior for each of your critical applications.
Automatically receive screenshots for any failed playback to provide which component of the application was unavailable
Alert and/or trend on:
Overall application response time
Transactions or steps that make up a response time test
Analyze and visualize the collected response time metrics
useful monitoring apps
top
vmstat - virt mem stats
htop - proc viewer
netstat - net connections routing int stats
tcpdump - show eth int stats
wireshark - network snooping
lsof - view open files
iotop -monitor disk io
iostat - storage io stats
things to check for a system not performing well
top
swap: should be 0
%sy lower than cpu core
%us user space
%wa: waiting for IO
adjust BIOS for disk write cache
free -m : cache used can add more to free mem
r key to re-nice priority on user PID
-20 thru 19 lower is higher priority
what is the boot process?
System BIOS checks system. Launches first stage boot loader on MBR
- 1st stage boot* loader loads GRUB into memory launches
- 2nd stage boot* loader from the /boot/ partition.
2nd stage boot loader loads kernel into memory, which in turn loads any necessary modules and mounts root partition read-only.
The kernel transfers control of boot process to init
The init program loads all services and user-space tools, mounts all partitions listed in /etc/fstab.
The user is presented with a login screen for the freshly booted Linux system.
what tools can be used to check the status of the ehternet connection?
ethtool eth0
ethtool -S eth0
(detailed display of errors or dropped packets)
mii-tool -v eth0
ifconfig -a
netstat -i
traceroute
Frame errros: defective ethernet device
Carrier Errors: Errors are caused by the NIC card losing its link connection to the hub or switch.
(check duplex)
how do you use arp?
arp -d hostname
remove entry from tables
arp -n or cat /proc/net/arp
list arp table entries
what port does ssh use?
22
use telnet <hostname> 22 to test connectivity on port 22</hostname>
what is the netstat command parameters for listing communication entries?
netstat -na
what file is used to tune kernel parameters and performance at runtime?
/etc/sysctl.conf
also use sysctl command to make command line changes to devices and kernel
sysctl -A will show all
values also found in /proc/sys/* and /proc/net/*
what are some generic sources for loss of network connectivity and performance?
NIC duplex and speed incompatibilities
Network congestion
Poor routing
Bad cabling
Electrical interference
An overloaded server at the remote end of the connection
Misconfigured DNS
what is a method of killing a daemon if you don’t know the PID and you don’t know if it is running?
kill cat /var/run/named/named.pid
what are the numbers for the sections in the man pages?
- 1 User tools
- 2 System calls
- 3 C library calls
- 4 Device driver information
- 5 Configuration files
- 6 Games
- 7 Packages
- 8 System tools
what command will show all the superblock information about a file?
stat <filename></filename>
what command will show all the hard links related to a file?
get the inode number with “ls -li <filename>"</filename>
find it
find / -inum <inodenum> -print</inodenum>
what are the numbers displayed by ls -la on a block file?
Major and Minor numbers
Major number: the device category
Minor Number: minor number shows the instance.
ls -l /dev/sda
brw-r—– 1 root disk 8, 0 2090-09-30 08:18 /dev/sda
Note the b at the beginning of the file’s permissions
8 is the major number,
0 is the minor number.
what does the “p” symbolize in a file item in a list of a directory?
A named pipe
created by mknod command
what command will list files in a single column display?
ls -1 *
what command will list files recursively through all subdirectories?
ls -R
what is an alternative to the -exec parameter for the find command?
pipe it into xargs as in:
find / -type f -name core | xargs rm
what are the possible states of a process and their symbols?
S - Sleeping
R - running (using cpu)
D - uninteruptible sleep (io related)
T - debugger trace or has been stopped
Z - zombie
This means either
(1) the parent process has not acknowledged the death of its child using the wait system call; or
(2) the parent was improperly killed, and until the parent is completely killed, the init process cannot kill the child itself. A zombied process usually indicates poorly written software.
< - high priority process
N - low priority task
L - pages in memory are locked
when you use ‘kill <pid>' what is being done?</pid>
kill sends a signal 15 REQUESTING a termination to the process.
kill -9 sends a terse kill command to the OS to completely and abruptly stop the process
what command will display the release version number of linux?
lsb_release -a
what does
sudo su - root
do?
sodu - check the sudoers file for permission
su - change to another user id
- run the specified user’s login script
root - become the user
what command will set the runlevels for a daemon?
in the /etc/init.d script for the daemon use;
chkconfig 35 99 01
‘35’ means chkconfig should create start and stop scripts for this daemon in runlevels 3 and 5 in
/etc/rc.d/rc3.d and /etc/rc.d/rc5.d
‘99’ means set the startup priority to 99
and ‘01’ set the stop priority to 01
how do you add a new init script to the startup?
create the script file and use the command:
chkconfig –add <mynewscript></mynewscript>
This will create all the symbolic links for you and place them in the correct directories under
/etc/init.d
what file determines the actions taken for checking the file system during boot up?
/.autofsck
the same actions are specified in the /etc/fstab
what steps can be taken to boot into single user mode from the grub menu?
edit the grub menu.lst and add the parameter “single” at the end of the kernel command line
What command is used to change the run level and what are the standard run levels?
init { 0 1 2 3 4 5 6 }
0 — Halt
1 — Single-user text mode
2 — Multiuser but no NFS
3 — Full multi-user text mode
4 — Not used (user-definable)
5 — Full multi-user with X11
6 — Reboot
what are the fields in the /etc/inittab file?
id:runlevels:action:process
as in
id:3:initdefault:
only used by the older init process
newer upstart model uses files in /etc/init
what determines your permissions to modify the cron jobs?
if the file exists and your user id is in /etc/cron.allow you are allowed to edit it
if the file exists and you are not present in the file, you are not allowed to edit crontab
if the file exists and your user id is not in /etc/cron.deny you are allowed to use it
if the file exists and your user id is present, you are not allowed to edit the crontab
what is the format of the lines in the crontab?
minute hour day month day_of_week command
for example:
0 0, 4, 8, 12, 16, 20 * * * /bin/ping -c 5 serverB
means run /bin/ping every four hours (0, 4, 8, 12, 16, 20)
what is the new system logging daemon and what are it’s major features?
rsyslog
It can act as a drop-in replacement for the more common and traditional sysklog daemon.
Some of the advanced features of rsyslogd include writing logs directly to a configured database (such as an SQL database server on another central machine) and allowing other extensive manipulation of log messages.
what config files determine the behavior of the ethernet interfaces?
ifcfg-eth<#>
located in
/etc/sysconfig/network-scripts
what is a command to listen for DHCP requests?
tcpdump -vnes0 -i eth0 port 67 or port 68
- v shows more information about the packet. You can use -vv or -vvv for even more.
- n disables name resolution so your not waiting on DNS responses to show the packet.
- e shows link layer information (MAC Address)
- s sets how much of the packet to see. 0 shows full packet
- i sets the interface to use
What is the dialog in a DHCP setup by a workstation and the DHCP server?
The 4 packets to a successful DHCP
DISCOVER: Client connects to the network and sends out a broadcast discovery looking for its DHCP information.
OFFER: The server offers the DHCP information to the client
REQUEST: The client requests verification of the DHCP information
ACK: The server acknowledges the DHCP request
what command will look up the host name given an ip?
dig +short -x {hostname}.{domain}.com
what command will look up the ip given the host name?
dig +short {hostname}.{domain}.com
what steps can you take to troubleshoot an SQL problem?
1) Can you connect?
SELECT * FROM sys.Databases
2) Who is active?
EXEC master.dbo.sp_whoisactive
3) What is in the SQL Error log?
EXEC xp_readerrorlog @1=1
@p2=1
4) Quick Assesment
access?
not available?
performance?
5) Check Windows Event Log
6) Run sp_whoisactive in loop to capture activity
7) run sys.dm_os_wait_stats to see waits since last restart
8) check performance counters
9) check main performance hardware
CPU, memory, network, disk
10) Identify recent changes
query, schema, index infra
what process can be used to analyze a java app problem?
Check stdout logs for the JVM
Look for stack trace pauses
Overall performance – top
Pstree –l -p -G
Jps –v then jstack <pid> to get thread states<br></br> Connection leaks to DB (exceeding limits?)<br></br> Look for SQL hang-ups<br></br> Check for hung threads ps –auxww<br></br> Check for messaging problems with corba or jms<br></br> Kill -3 <pid> for thread (-3 sigquit)</pid></pid>
what command will tell you the linux installation processor class?
getconf LONG_BIT
will echo either
64
or
32
what ls command will list files in human readable format?
ls -lh
what ls command will list files and subdirectories?
ls -R
what command will list files starting with the oldest first?
ls -ltr
what command will list files along with a symbol for their file type?
ls -F
what command will list all the details of the current user sessions running on a machine?
w
what command will show the ID numbers for the user currently logged in?
id
reports the history of successful user login attempts and system reboots and what file does it read?
the last command reads the /var/log/wtmp file. This file keeps a record of all login and logout activities including
login time
duration a user stayed logged in
tty where the user session took place.
what command shows the reboot history of a machine?
last reboot
what command lists more detailed information on recent logins and reboots and what file does it read?
utmpdump and is executed the following way:
utmpdump /var/log/wtmp
What command lists all unsuccessful login attempts, what detail does it show and what file does it read?
The lastb command reports the history of unsuccessful user login attempts by reading the /var/log/btmp file. This file keeps a record of all unsuccessful login attempt activities including
login name
time
the tty where the attempt was made.
