Linux Admininstration Resources? 73
shadfc asks: "I'm starting a new job as the system administrator for a small company in Tampa. They currently have 10 Red Hat servers (they are open to distribution change) that have not been actively maintained for a few months. I'm a Junior in College with a decent amount of Linux experience, but this will be my first job in this kind of position and responsibility. I'm asking for resources that can help fill in the holes in my knowledge and help make me a better administrator. Quality books on the subject would be preferred, but any advice is welcome. Thanks!"
All Linux commands (Score:4, Informative)
Re:All Linux commands (Score:1)
Re:All Linux commands (Score:2)
The Practical Guide series. (Score:2, Informative)
You better patch them first (Score:4, Insightful)
Can you give us the IP addresses of these machines?
Seriously though, make sure those babies are patched and secure before you worry about learning anything.
Re:You better patch them first (Score:1, Interesting)
127.0.0.1/8
I'd recommend installing gentoo. It will take you some serious effort, but once you make it through it will seem easier the 2nd time. Install it about 4 or 5 times, and you will know a lot about linux. Then move on to another distro that doesn't take 3 days to compile the window manager like mandrake or debian (my personal favs in that order).
be warned however that you will get very frustrated if you try the gentoo thing. It will teach
Re:You better patch them first (Score:2, Interesting)
With Gentoo, you really don't have the opportunity to defer a lot of learning. You need it just to get up and running.
Of course a diligent sysadmin *will* do the learning, but *no comment* advocates Gentoo as a not-so-gentle prod.
Re:You better patch them first (Score:5, Insightful)
Without getting into a flame war (I won't reply to flames) -- I'd suggest thinking long and hard about installing Gentoo on 10 machines running an existing environment. By all means, install it on your home computer(s). It's quite flexible and is perhaps one of the coolest Linux distros that I've ever worked with.
Presumably, these Linux boxes are actually doing something useful, and they're important to the company that you're working for. I also presume that you'll be leaving the company in 18 months when you finish up your undergrad degree. Now, if you move to a semi-obscure distro like Gentoo, you will leave them with Gentoo. How many admins really know the ins and outs of Gentoo as well as they know some of the more popular distributions like RH, SUSE, Debian, etc? They may have a difficult time finding a competent SA to run those Gentoo boxes...they'll curse your name.
For many (and I'd say that these are the more forward-thinking competent SA's) a large part of systems administration is building an environment that's scalable, easily reproducable, and have everything documented so that he next guy can pick right up where you left off. Building very complex systems from the ground up is very cool...but IMO, is probably best for larger companies with money to toss into a proper staff. I always saw one of Gentoo's strongest points as being an easy way out for large companies who would want to roll their own. Unfortunately, you are one guy -- with ten systems (and I don't know how many users). Best bet for someone like you? Keep it simple.
I would suggest looking into a mainstream Linux distro that will be very easy for you to troubleshoot and maintain (I know that Gentoo is easy to maintain from an update perspective -- don't go there). There are a lot of good distributions out there, and I won't recommend any particular one.
Next step (and here's where I actually get into answering your question): Learn (bourne) shell scripting. Even if you already know shell scripting, your best bet is to learn how to do it in practical situations -- figure out which tedious tasks you tend to perform regularly and start there. The next step is to apply this knowledge to bigger jobs, that you might only perform once. While you're at shell scripting, regular expressions are of very high importance. Learn them. Finally, a higher-level language (like Perl) is very useful; especially when dealing with strings. In my earlier days of SA work, not knowing Perl was a big hinderance -- no sense writing 50 lines of shellcode when 15 lines of Perl could handle it (and faster taboot).
Anyway, that should get you started. Good luck at this gig -- and don't blow it. Good SA jobs can be tricky to come by.
Re:You better patch them first (Score:2)
Re:You better patch them first (Score:2)
I didn't say anything about stability.
Re:You better patch them first (Score:3, Insightful)
no no no no never install it on a production environment as a test. Find another machine and install it a few times, on that same machine. Don't format your production machines until you're confident in your skills.
Re:You better patch them first (Score:1)
> Learn (bourne) shell scripting.
I have a different suggestion here. If you were going to be administering a
bunch of older, proprietary Unix systems, this would be sound advice, for sure.
However, the OP seems to indicate that everything in question is at least
somewhat close to modern and open to the concept of upgrades. In that kind
of environment, you're not likely to run into a crochety old SunOS box that
can't be upgraded t
Re:You better patch them first (Score:1)
Re:You better patch them first (Score:1)
> for people wanting a good reference to bash scripting and shell scripting
> in general.
The documentation for bash is good, but the previous poster was talking about
plain vanilla traditional back-in-the-day-style bourne shell scripting, the
kind where you don't use any bash-specific features or other non-portable
stuff. bash is fine if you only have to support Linux systems, cygwin, and
the modern BSDs maybe, but it's not ubiqu
Re:You better patch them first (Score:4, Informative)
That said, I would never run it in a production environment. It's tendancy to encourage bleeding edge packages WILL come back to bite you at some point.
RedHat is an excelent choice for production systems, if for no other reason than easily available and proven support contracts. I know that it's 'leet' to be able to look up things in google, but if you get hit by a bus, it will let the company survive while they find your replacement.
Having a support contract is also wonderful for getting to REAL support. If you're dealing with something really esoteric, you will often be much better off with a support contract. Let them fight to find the answer out of some kernel developer in New Zealand. You have the rest of your job to do too.
For your desktop box, I would urge you to do at least a gentoo stage 1 build, if not a Linux From Scratch install. These will take you forever to finish, but your knowledge of the linux as an OS will skyrocket. And while you're learning, you won't be affecting the company's bottom line, which ultimately provides you with the paycheck.
As for books, the armadillo book from ORA is wonderful, as is the 'purple book' (the successor to the highly acclaimed 'red book'. King of unix system admin books). The purple book will run you about $60-70, but reading through it will help you learn a lot.
Let's see: General notes:
1) Run postfix rather than sendmail. More secure, and easier to deal with. Less hair loss is to be encouraged.
2) Ban telnet, and use ssh.
3) Learn firewalling. Become hyper anal.
3a) Learn DMZ's. Limit exposure. There are some people who have 1 firewall interface per application (my company is moving that way). It's great for fine grained access control.
4) You don't and can't know everything. Admit this often. It's part of the key to learning.
Re:You better patch them first (Score:3, Informative)
For your desktop box, I would urge you to do at least a gentoo stage 1 build, if not a Linux From Scratch install. These will take you forever to finish, but your knowledge of the linux as an OS will skyrocket.
Absolutely!
You don't and can't know everything. Admit this often. It's part of the key to learni
Re:You better patch them first (Score:2)
Re:You better patch them first (Score:2)
The gentoo install kernel just worked, so I worked with it.
I'm mostly distribution agnostic. I've played with all the big players. Some are better than others, but the best way is to be able to work with any of them.
Re:You better patch them first (Score:2)
http://toolbox.rutgers.edu/~amurphy/fai [rutgers.edu]
Re:You better patch them first (Score:1)
Yes, but *not* on the production systems! Install Gentoo on a workstation
or a spare system or something, for the learning experience, but keep the
production systems on a less bleeding-edge distribution. Seriously. I like
Gentoo, but it tends to pick up quite new versions of things before they've
been hammered on for very long.
Re:I'll just ask what everyone's thinking... (Score:3, Insightful)
My #1 resource for 5 years (Score:2, Informative)
Not a techincal reference (Score:5, Informative)
Re:Not a techincal reference (Score:2)
UNIX System Administration Handbook (Score:4, Informative)
The only link you'll ever need (Score:2)
Re:The only link you'll ever need (Score:1, Informative)
LINUX: Rute User's Tutorial and Exposition (Score:3, Informative)
From the Introduction:
This book covers GNU/LINUX system administration, for popular distributions like RedHat and Debian, as a tutorial for new users and a reference for advanced administrators. It aims to give concise, thorough explanations and practical examples of each aspect of a UNIX system. Anyone who wants a comprehensive text on (what is commercially called) ``LINUX'' need look no further--there is little that is not covered here.
choose debian (Score:1)
debian is very nice maintenance and security wise. there's very little like it.
Re:choose debian (Score:2)
Debian would work well AFTER he's sure everything else is working and patched and secure (and up to date) and AFTER he's had time to practice installing it on a test box.
Linux Administration Handbook (Score:5, Informative)
Also, check out the books in Sybex's Craig Hunt Linux Library series - he doesn't actually write all of them but most are pretty good. (Don't know how O'Reilly let him escape after writing the excellent "TCP/IP Network Administration".)
Nemeth (Score:4, Informative)
Linux Administration Handbook by Nemeth et al. Her Unix System Administration Handbook is a classic. This one is targetted at Linux. Very nice. Great artwork too.
How about... (Score:3, Informative)
Evi Nemeth's book.
Aeleen Frisch's book.
Mark Burgess' book.
http://www.sage.org/
Note that all are active in SAGE.
Skip the RPMs (Score:5, Insightful)
Whenever you install software, or perform an update, don't just jump into the RPMs. Build it from scratch on a dev box or something. Get really really familiar with the package. RPMs gloss over a lot of detail that a good sys admin should know or at least have written down somewhere. Aside from the minuta of the package you're bound to learn a thing or two about how to set up a system. Some packages require a lot of security prep-work before they will work. Others will not. After you've seen enough of both worlds you'll understand why they should and how to implement it. Last but not least, all the README files you'll go through will likely teach you some neat tricks that can be applied everywhere.
Second, embrace your distro. If you're going to stick with RedHat see if you can get up2date working properly. Or with debian, apt-get hourly from a local "approved" package mirror. These things make your life a lot easier if done right.
Books are fine and good but they're usually out of date. Understanding the system will enable you to handle the changes between the print date of the book and the release date of the software.
Try to get topic-specific books if you can. It's impossible to cram all aspects of the admin life into a great tomb - even a dozen of them. You'll certainly be lacking detail. Check out Safari (no link, sorry.) They have an enourmous library and their parent company makes some of the best techincal books ever.
Lastly, KISS. Use a real load balancer, get an SSL accelerator, get a hardware firewall. Yes yes, Linux can do all these things - but you'll spend much more time maintaining it than you would the Cisco box. (If that won't start a flamewar on here, nothing will.)
And, lest I forget, good luck!
Why up2date? (Score:2, Interesting)
I'm not a sysadmin, I just use my home box (FC1, soon FC2), but in my experience, up2date is a slow, buggy, unreliable piece of crap. Go with yum. Not only is it faster and more stable, but you get more data from it, it allows you to install and uninstall stuff semi-automagically, and you can script it if you want.
Note: NEVER script upgrades on a production machine. Useful stuff to script would be "yum check-upgrade",
Re:Skip the RPMs (Score:1)
Personally I have a nightly apt-get update -qq &
Re:Skip the RPMs (Score:2)
In theory what you'd want is some sort of "push" tech that forces packages upon the computers. In practice this is hard to implement securely and correctly. So an apt-get cron job will suffice nicely as a hack. Sure, if someone comprimises the apt-cache you're other ten
Re:Skip the RPMs (Score:2)
Well, I can't totally disagree with you on this, but just a few notes of my own:
1. If you're an all Linux shop and you're small enough to not have a single CISCO product, addiung one means that the admin needs to learn a totally new environment. If you're bored and mgmt doesn't care, sure go for something new.
2. Cisco's are easier to setup out of the box. I can't dispute that because Ciscos were desinged from the ground up for their purpose.
But (the
Roll your own RPMs, double benefits (Score:1)
Get a "playground" intranet box for experiments. (Score:4, Interesting)
Know your resources (Score:3, Interesting)
To learn Linux itself, do a very basic install of a simple distro like slackware, or just a basic install of redhat on a test box, goto each directory like
After a while you'll get the feel of Linux. You really dont have to know each command or how to use it.. man pages are available everywhere.
Try to compile your own kernel. That in itself teaches you alot about Linux and its capabilities. Beside that its the tools you have to know, such as apache, php, mysql, samba, nfs, ftpd, nmap, snort, sendmail/qmail/exim/postfix etc. Know the HOWTOs, guides, and man pages and youll never really need to buy books.
Any major problem you run into has already been fixed in the newsgroups. Goto groups.google.ca, and find your problem. Remember not to run Beta versions of services on your server for now... I'd even stay away from the 2.6 kernels until youve really tested the hardware on your side and are sure of it.
Re:Know your resources (Score:1)
BOFH (Score:4, Informative)
Read up on the true professionals
Re:BOFH (Score:1)
The Linux Documentation Project! (Score:2)
Painful, but true. (Score:1, Flamebait)
Re:Painful, but true. (Score:2)
Re:Painful, but true. (Score:3, Interesting)
Asking on slashdot is setting up a usable resource for finding many of the other resources you will probably never encounter otherwise. You could search Amazon, BN, and several Linux specific book resources, and never get an idea for how various books actually work out for the people who buy them. Ask on slashdot, and you will find out that author x in the second edition of book y, really couldn't find his ass
Re:Painful, but true. (Score:2)
Which is why some people actually use Red Hat Linux Enterprise or stuff like that.
The security fixes to the latest and greatest are backported to the older versions which are supplied by the Distro. So you get version numbers like 3.5p1-11 and so on.
Some people complain that they don't know whether they are up to date because it's not the latest etc. They don't ge
Re:Painful, but true. (Score:1)
Questions about...
Exercise?
Mental Health?
Social Skills?
Hygene?
Dating?
Financial Planning?
Sports?
Frankly, this is one of the few topics Slashdot can answer.
screen (Score:2, Informative)
It's easy to use, and it comes installed by default in most (all?) distros I've ever seen.
Ideal solution! (Score:4, Funny)
Google Groups (Score:2)
To start (Score:2, Interesting)
Nothing get's debuged on a production system. If it doesn't work it gets pulled off and fixed in the development environment.
Take root away from everybody and never give it out. Everyone has to learn this the hard way. Maybe you won't have to.
Standardize your OS installations and push back on mass customization. The users complain, but in the end they're more appreciative of a consistent working environment, then anything else.
Following these guidelines
O'Reilly has the answer (Score:1)
Patch (Score:2)
Download all the rpms for the RH versions they are using from update.redhat.com into a directory for each version.
Then move the conflicting versions of RPMs elsewhere (sometimes there are multiple versions of the same package conflicting - move the older version elsewhere). Then do:
date >> rpm.log
rpm -Fvh *.rpm >> rpm.log 2>&1 &
tail -f rpm.log
Any errors, you have the rpm.log and fix em.
UCG is for ME! (Score:1)
Essential System Administration (Score:2, Informative)
Btw, this and the other books listed in replies are on Canonical Tomes [canonicaltomes.org] in the System Administration section [canonicaltomes.org] which is confirmation that they are highly thought of.
Red Hat Manual (Score:2)
This is a subset of what you will need to know, but it's very useful to know how to do things "The Red Hat Way". I would *discourage* trying to immediately do everything manually (like, say, modifying your initscripts to directly start up dhcpcd or something similar). You'll get a bunch of configuration that doesn't play nicely or auto-upgrade cleanly to new versions. It's much easier to have things set up properly, and be able to examine a working sys
Same was for me (Score:1)
I was in a similar situation about 4 years ago! When I had not even started college.
I would firstly forget about the distro switch, this change is something too complicated for a start, especially if you are not used to those particular servers.
You should learn the internals of services running on the machines. Get a spare machine, install the same Red Hat release running on those servers and install the same services. Now try to make them work the same way they are on the servers. This is a shot in t
Linux From Scratch .org (Score:2)
Then I built three boxes from source, by hand. LinuxFromScratch.org is a book + source code. It's like buying a kit plane, but you get instructions to make the tools too.
Building my third box, I realized I had to start over again because of the lack of package management, so I built it using checkinstall ( google it ). The result? A redhat box. I just use Fedora/Workstation now, but....
You learn so much from the LFS, and more importa
Just a bit of advice (Score:2)
So don't go trying to switch distros on them, or install a different mail transport, or whatever. They may be in need of security updates and you should start rolling those out, a few/day until you catch up. But evidently what they have is working, so don't fsck with it unless you discover a problem. That approach may not be very "proactive", but until you've got some real-world experience in running someone else's shop, it's best to err on the side of conservatism. And
If you really want to learn... (Score:2)
Not to knock your intelligence but your little bit of Unix experience i
a few things (Score:2)
Get one (preferably two) test systems and install and prep them as if they were the machines you were using. Hell, get one of those 10 servers and make a backup of it and restore it to your test systems.
Essential System Administration by O'Reilly is pretty good (although it covers a lot of groun