Hints and Tips For SysOps Running Linux By Janis Kracht 1:261/38 (janis@filegate.net)
Though many of us have converted our Operating Systems, bbs software, echomail tossers, and mailers to new ones many times, changing one's setup to run under Linux can be perhaps more challenging than anything else ever experienced <smile>.
Hopefully this article will be of some help if you have just switched to Linux, or if you are about to do so. I'll show you some comparisons between DOS and Linux so that you can see that Linux isn't as foreign as it might at first seem, and then I'll provide some scripts that I've written to perform various functions on my bbs system. Lastly, I'll also include a few notes regarding some things you should _make sure_ do when you install linux. Security under Linux is a very large topic however, so I will cover that in more detail in a later article.
First off, let's look at some commands that you might commonly use under DOS, and their Linux counterparts. As you'll see, there are some commands that do not have an equivalent under DOS (i.e., I'm not counting DOS GNU utilities, etc. since these are not generally part of the standard DOS distribution.)
Tip: It would probably be a good idea to type 'man command', or 'info command', or 'command --help' without the quotes to see all the options of these Linux commands.
DOS Linux Description
Directory Management
DOS Linux Description Some Linux examples:
ls -d .* Show only "." directories. (these are often configuration files, etc. for various programs). The -d indicates that only the directory name should be shown, not the contents. ls -ltr Sort by date, reverse order. ls --color=auto Turn on color for file types in directory list ls -1 -1 (minus one) shows file names in column list with no other info.
File Management
DOS Linux Description cp
mv
touch
rm -f
cat
chown
chgrp
chmod
dd
lnSome Linux examples:
mv firstdoc.txt seconddoc.txt rename firstdoc.txt
mv /janis/*.txt /afiles move /janis/*.txt to directory /afiles.
Tip: When moving groups of files with the same filename, such as mv *.tic *.bad, you must specify a different directory. To move files such as *.bad to *.tic, you can use the script in this article, mvbad2tic.
Aliases
You can tell the system to use aliases of the commands you use.Enter these in your /etc/profile to make them global (all users on your system) or ~/.bash_profile to make them local (just your logins).
alias del='rm'
alias copy='cp'
alias move='mv'
alias ren='mv'
alias type='cat'
alias rd='rmdir'
alias md='mkdir'
alias help='man'You can also enter them on the command line, just for that session. If you type:
alias md='mkdir'You can then use md instead of mkdir.
Searching and Sorting
Some Linux examples:
DOS Linux Description Tip: ctime option in the find command will show status of a file that was last changed n*24 hours ago. daystart measure times (for -ctime, and other options for find) from the beginning of today rather than from 24 hours ago.
[bbs@filegate ]$find /home/ftp/pub -daystart -ctime 00 _
/home/ftp/pub/gamesnet/g_cons/descript.ion
/home/ftp/pub/gamesnet/g_cons/CC0CPC10.ZIP
/home/ftp/pub/gamesnet/g_cons/C19WKWK7.ZIP
/home/ftp/pub/gamesnet/g_cons/C50STR14.ZIP
/home/ftp/pub/gamesnet/g_cons/CABPRT20.ZIP
/home/ftp/pub/gamesnet/g_cons/CBCGRB02.ZIP
[bbs@filegate ]$ _
Disk Management
Some examples of Linux commands:
DOS Linux Description
The mount command with no parameters specified shows you the devices currently mounted.[bbs@filegate ]$ mount
/dev/hda1 on / type ext2 (rw)
none on /proc type proc (rw)
/dev/hdb1 on /export type ext2 (rw)
none on /dev/pts type devpts (rw,mode=0622)
[bbs@filegate ~]$_
Getting Help with Commands:
DOS LINUX Description help
n/a
n/a
n/a
n/aman
apropos
whatis
makewhatis
fileGet help on a command
Get help on a general topic
Search the whatis database
Make the whatis database
Classify a file
To use man, just type man command, for instance, man ls
Editing and Printing
DOS LINUX Description pico
vi
lpr
sed
joe
emacs
edEditor for novices
Editor for advanced users
Print a file
Stream editor
Wordstar compatible editor
Programming environment and editor
non-visual editorTo use joe, just type joe filename, and either the file will be loaded if it exists, or it will be created. ^K^X exits joe saving the text file, and ^C exits without saving.
The help screen is brought up and down with ^K^K
Backup, Compression, and Archival
DOS Linux Description
n/a bzip2 A block sorting file compressor, using Burrows-Wheeler block sorting text compression algorithm, and Huffman coding bzcat Decompresses files to stdout bunzip2 A block-sorting file compressor, bzip2recover recovers data from damaged bzip2 files. pkzip zip Create a zip file pkunzip unzip Extract files from a zip file n/a gzip Compress or decompress files via GNU zip n/a tar Tape archiver n/a compress Lempel-Ziv compression program
Archivers: What's available:
Archivers which you may have used under DOS are available:name: date of last update for Linux: ===== ============================== zip 10/13/98 unzip 11/30/98 lha 6/28/99 unarj 6/22/99 pkzip251 4/15/99 arc 5/29/99 rar 6/21/00
Viewing multiple Archives:
As you probably know, under DOS unzip -v filename.zip will list the contents of one archive. To list the contents of multiple zip or rar archives, enclose the argument in quotes:unzip -v "*.zip"
ex.: [bbs@filegate bbbs]$ unzip -v "*.zip"
Archive: nodelist.zip
Length Method Size Ratio Date Time CRC-32 Name
1706292 Defl:N 560625 67% 09-14-99 15:57 a18214bc NODELIST.253-------- ------- --- ------- 1706292 560625 67% 1 fileArchive: ppphowto.zip
Length Method Size Ratio Date Time CRC-32 Name
158718 Defl:N 48642 69% 10-16-99 20:32 b4ad98a9 PPP-HOWTO-------- ------- --- ------- 158718 48642 69% 1 file2 archives were successfully processed.
tar/gzip:
Tar and gzip are used commonly on Linux. Often you'll see archives with tgz extensions, .gz, or no extension at all. You can use the file command to see how the file is archived/stored if there is no extension or if you are just curious:[bbs@filegate bbbs]$ file ZPMF025D.TGZ
ZPMF025D.TGZ: gzip compressed data, deflated, last modified: Thu Jun 8 04:55:16 1995, max compression, os: UnixSo you'd need to un-gzip this file first, then un-tar it.
gzip -d ZPMF025D.TGZ
This results in the file ZPMF025.tar
To list the contents of the tar file, type tar tf filename.tar To extract the tar, type tar xf filename.tar
There are options to "keep old files" with both gzip and tar which you may also want to include on the command line. The default action is to remove the original tar. See tar --help, and gzip --h for more info.
This shortcut extract both the tar and gzip files in one command:
tar xvzf filename.tar.gz
The "z" flag says "un-gzip before un-tarring". The same flag works in reverse when tarring.
Some BASH Scripts
One of the neatest things about *nix systems is that any file can be made executible by simply changing the attributes of the file. Of course, if the text file doesn't have any useful commands in it, it won't "do" anything <smile>.
Here are some scripts I've written for my bbs - none of these contain any startling ideas, and I don't doubt a number of them could be done better, but you can feel free to modify them as you like or need. info bash will show you the system's man pages for these scripting keywords. To use these scripts, save them to a file and then make them executible with 'chmod a+x filename' without the quotes. To call them you can type 'sh filename' without the quotes, where filename is the name of the script. Again, scripting is a very broad subject ... looks like I will be writing yet another article concerning that subject later :)
=============mvbad2tic==================== #!/bin/sh
# the above must be the first line in the script. # the # symbol specifies a comment line mylist="`ls -1 *.bad`"for file in $mylist
dof=`basename $file .bad`.tic mv $file $fdone
============end mvbad2tic============================================make_zic====================== #!/bin/sh
# make_zik takes a file and it's accompanying # tic and puts them both in one zip archive aka # Allfix's zic option
dir -1 -I*.tic -I*.sh -Iticlist -Iarchives >> archives dir -1 *.tic >> /home/bbbs/binkd/work/ticlist for file in `cat archives` do
for tics in `cat ticlist`
do
if
test=`grep $file $tics`
thenf=`basename $tics .tic` zip -jm0 $f.zic $file $ticsfi
done
done
mv *.zic /home/bbs/binkd/barry
chown bbs.bbs /home/bbbs/binkd/barry/*
chmod /home/bbbs/binkd/barry/*
============end make_zic===================Next, mvfile2in.sh uses another file you must create named dirlist. dirlist contains the names of your users' home directories which will most likely be the same as the username.
You can create this file with the command: dir /home/* -1 > dirlist
Edit it to remove other entries you don't want, like ftp, etc. which may be in the /home directory.=======mvfile2in.sh====================== #!/bin/sh
cd /home/bbbs
# move files from a users' inbound to the bbs' inbound # tests to see if user is online before moving anything. cd /home/bbbs
for f in `cat /home/bbbs/dirlist`
do
if ps aux | grep ^$fthen
echo "===user $f online==="
elif test -e /home/$f/*/*.bsy
thenecho "$f bsy-flag exists"
else
echo "===safe to move files from $f===" mv /home/$f/in/* /home/bbbs/inbound
fi
done
====end mvfile2in.sh==================get_desc can be used to import file descriptions to a files.bbs or descript.ion type file list.
===========get_desc==================
#!/bin/sh
# import file_id.diz to files.bbs or descript.ion type file dir -1 *.zip > dirlist
for f in `cat dirlist`
do
unzip -pC $f file_id.diz >> FILE_ID.DIZ if [ -f FILE_ID.DIZ ] ;
# this script uses an abbreviation for the the test command, [ and ]. # I believe Pertti Heikkinen posted this in the bbbs.english echo. thentr '\n\r' ' ' <FILE_ID.DIZ >tmp.ff echo $f `cat tmp.ff` >> descript.txt rm -f FILE_ID.DIZ tmp.fffi
done
=========end get_desc=======================
Some Install Concerns for the SysOp Installing Linux
The first concern is pretty simple. When you log into your system it will be very tempting to login as root, or the superuser, because user root has no limitations, can run any program, read/write any file...and ... also can delete every single file on your system <g>. Issuing a command like rm -r from the / directory as user root will surely go through the entire directory tree and do just what you told it to do (rm -r deletes recursively... <ouch>. )Of course there will be times when you must log on as root to do things such as install your apache web server, configure your ppp connection, etc., but that is really the only time you should log in as root. Likewise, you should never log in as root in XWindows as user root, except as above. XWindows can destroy your data if you are user root and are playing with commands.
_Big_ Tip:
Use the adduser command to create other users on your system which you can use on a daily basis. To add a user, as root, typeadduser username
where username is the name you have selected, 8 characters or less. Linux will let you use longer names for the users, but will truncate them. The adduser command adds the user to the passwd file in /etc/passwd, and unless you specify otherwise, creates a directory off /home which is that user's 'home' directory. These limited-access users can only harm the files they own in their home directory. Next you assign that user a password with the passwd command by typing
passwd username
The passwd command prompts you for this users' password, 8 characters or less since again it will be truncated if it's over 8 characters. The password you choose should be a combination of upper and lower case alpha characters and numbers.
Tip: Try to make the password something that means something to you, then use the letters of the words to make up your password. Here's an example of what I mean ...
I love Chocolate cake I'll take two thanks = IlccIt2t
The last section of this article is pretty important. With the number of systems online 24/7, these issues cannot be ignored. If you think your system is safe from those who would test and probe your system for ways of gaining illegal entry, think again.
Tip: After installing linux, the very first thing you should do is pull up your favorite text editor, and edit the inetd.conf file which lives in /etc (/etc/inetd.conf). _Comment out_ every single line in that file except for the one that refers to ftp if you figure to use ftp. If you think this sounds drastic, well, it is. And it's necessary. If you leave the file as is, you are leaving an incredible number of ports and services open to trouble-makers who will (most likely) be port-scanning your system over and over again looking for weak points. You probably won't need any of the services you are commenting out - and some of them, like rlogin, are incredibly famous for having holes where hackers can gain access to your system.
Tip: Use ssh, (Secure Shell) instead of telnet. Comment telnet out from inetd.conf. If you think are going to need telnet so that you can telnet into your system remotely, DON'T. Use Secure Shell instead. If Secure Shell isn't already on your system, go to http://rpmfind.net/ and download and install it.
Tip: If your distribution of linux installs wu-ftpd, install a different ftp daemon, such as Bero-ftpd, or Proftpd. Why the switch? Well, Wu-ftpd has been known over the years to have holes where creeps can gain illegal access to your system. Technically speaking these holes are plugged with new releases, but ... in general it is a good idea to install one of the other daemon's mentioned.
Tip: All of the above is good, but don't rest easy yet.. Another thing you must do is contantly stay aware of upgrades to the software you use. If, for example, a new version of bero-ftpd is released, install it. Upgrades under linux are not always done to make the software prettier or sexy <g>. The site that maintains the software you use will always post what type of upgrade the software is and whether it is a security upgrade.
The following articles may be helpful - they contain some of the same information as above, but some additional information as well.
Back to Zone 1 Home Page
Regions
Terms
How-To-Join
Nodelist
Echomail
Archives
Links
FidoNews
FTSC