首页 php下载 php教程 电脑软件 手机软件 手机游戏 单机游戏 资讯文章 专题下载 标签合集

1.07: System Administration

时间:2007-04-03

来源:austin22

在手机上看
手机扫描阅读
Certification Objective 1.07: System Administration
认证目的 1.07: 系统管理

Most system administration tasks require root or superuser privileges.
大多数的系统管理任务需要根或超级使用者特权。

 You should already be familiar with a number of basic Linux system administration commands and files.
 你应该已经熟悉一些基本的 Linux 系统管理指令和文件。

 Standard user files are stored in /etc/skel.
 标准的使用者文件被储存在 /etc/skel。

 Daemons are processes that run in the background and run various Linux services.
 Internet中用于邮件收发的后台程序是在后台作业运行,而且提供各种不同的 Linux 服务的程序。

 cron is a special daemon that can run scripts when you want.
 当你想要的时候, cron 是能运行脚本的一个特别的新进程。

 It's especially useful for setting up backup jobs in the middle of the night.
 它对在夜晚中在预备的作业上面置位尤其有用。

 Logging is a key part of monitoring Linux and any services that you choose to run.
 砍伐原木是监听 Linux 和任何的服务一个主要部份你选择运行。

Superuser
超级使用者

Generally in Linux, a system administrator does everything possible as a normal user.
通常在 Linux ,一个系统系统管理师做当做一个正常的使用者是可能的每件事物。

 It's a good practice to use superuser privileges only when absolutely necessary.
 它是一个好实践使用超级使用者特权只有当完全必需的时候。

 But one time where it's appropriate is during the Red Hat exams.
 但是它很适当的一个次在红帽考试期间。

 Good administrators will return to being normal users when they're done with their tasks.
 当他们与他们的任务一起做的时候,好系统管理师将会回到身为正常的使用者。

 Mistakes as the root user can disable your Linux system.
 作为根使用者的错误能使你的 Linux 系统失去能力。

There are two basic ways to make this work:
有二个基本的方法要使这工作:

su The superuser command, su, prompts you for the root password before logging you in with root privileges.
su 超级使用者指令,su, 在登录你之前为根口令[字] 促使你在与根特权。

 A variation, su -c, sets up root privileges for one specific command.
 一种变化, su-c,为一个特定的指令建立根特权。

 Many Red Hat GUI utilities are set up to prompt for the root password before they can be started.
 在他们能被启动之前,许多红帽图形用户接口公用程式被建立为根口令[字] 促使。

 One more variation, su - root, sets up root privileges with the root user PATH.
 另外一个变化, su- 根,用根使用者路径建立根特权。

 (Remember to have a space on both sides of the dash in this command.)
 (记得去在这指令的划的两者边上有一个空间。)

sudo The sudo command allows users listed in /etc/sudoers to run administrative commands.
sudo sudo 指令允许使用者列出在 /etc/sudoers 运行管理的指令。

 You can configure /etc/sudoers to set limits on the root privileges given to a specific user.
 你能配置 /etc/sudoers 在给一个特定的使用者的根特权上设定限度。

However, Red Hat Enterprise Linux provides some features that make working as root somewhat safer.
然而,红帽企业 Linux 提供更安全地当做根略微制造工作的一些功能。

 For example, logins using the ftp and telnet commands to remote computers are disabled by default.
 举例来说,使用对遥远的计算机的 ftp 和远端登入指令的登录预先设定地被无效。

 Exam Watch  On the RHCE and RHCT exams, time is of the essence.
 考试在 RHCE 上看和 RHCT 考试, 时间是本质。

 In general, I recommend that you don't bother logging in as a regular user during these exams.
 大体上, 我推荐你不烦扰砍伐原木在当做一个一般的使用者在这些考试期间。

 It's faster to log in as the root user.
 登录如根使用者比较快速。

 You don't have to remember to invoke the su or sudo commands, and you gain the advantages of a more liberal PATH variable.
 你不一定要记得去启动 su 或者 sudo 指令,而且你得到比较自由主义路径变数的利益。

 While you just save a few seconds with each command, that time can add up.
 你仅仅用每个指令节省数秒,不过那次能有道理。

/etc/skel

Basic configuration files for individual users are available in the /etc/skel directory.
个别的使用者的基本配置文件在那 /etc/skel 目录中是可得的。

 This directory includes a number of hidden files.
 这一个目录包括一些隐藏的文件。

 For a full list, run the ls -a /etc/skel command.
 对于一个完整的列表,运行 ls -a /etc/skel 指令。

 If you want all future users to get specific files in their home directories, include them here.
 如果你想要所有的将来使用者在他们的家中拿特定的文件目录,在这里包括他们。

The next time you create a regular user, check that person's home directory.
下回,你产生一个一般的使用者, 检查人的家目录。

 For example, if you just created a user named elizabeth, run the ls -a /home/elizabeth command.
 举例来说,如果你刚刚创造了一个使用者命名了 elizabeth, 运行 ls -a /home/elizabeth 指令。

 Compare the results to the previous command on the /etc/skel directory.
 在那 /etc/skel 目录上比较结果和早先的指令。

Daemons
Internet中用于邮件收发的后台程序

A daemon is a process that runs in the background.
一个精灵是在后台作业运行的程序。

 It is resident in your computer's RAM and watches for signals before it goes into action.
 在它讨论行动之前,它在你计算机的随机存取储存器中是居留的和为讯号表。

 For example, a network daemon such as httpd, the Linux Web server known as Apache, waits for a request from a browser before it actually serves a Web page.
举例来说, 网络精灵,像是 httpd, Linux 在它实际上服务一个网页之前,知道如阿帕切族的网站伺服器, 等候来自一个浏览器的一个请求。

Daemons are often configured to start automatically when you start Linux.
Internet中用于邮件收发的后台程序时常配置成自动地启动当你启动 Linux 的时候。

 This process is documented at various runlevels in the /etc/rc.d directory.
 这一程序在那 /etc/ rc.d 目录中的各种不同的 runlevels 被证明。

 Alternatively, you can use a tool such as ntsysv to identify and manage the daemons that are started at various Linux runlevels.
 二者择一地, 你能使用一工具如此的当做 ntsysv 识别并且处理在各种不同的 Linux runlevels 被启动的精灵。

 This is discussed in more detail in Chapter 4.
 这在第 4 章更详细地被讨论。

Network Service Daemons
网络服务 Internet中用于邮件收发的后台程序

Networks don't always work.
网络不总是运作。

 Sometimes you need to restart a network daemon to implement a configuration change.
 有时你需要重新开始一个网络精灵实现一个配置变化。

 Red Hat Enterprise Linux provides an easy way to control network service daemons through the scripts in /etc/rc.d/init.d.
 红帽企业 Linux 提供一个容易的方法经过脚本控制网络服务精灵在 /etc/ rc.d/init.d。

 This directory includes scripts that can control installed Linux network services (and more) for everything from the Network File System (NFS) to sendmail.
 这一个目录包括能控制为来自发送邮件的网络文件系统 (NFS) 的每件事物安装 Linux 网络服务 (和更多) 的脚本。

 The actual daemon itself is usually located in the /sbin or /usr/sbin directory.
 真实的精灵本身通常位于那 /sbin 或 /usr/sbin 目录。

With these scripts, it's easy to start, stop, status, reload, or restart a network daemon.
藉由这些脚本,启动,停止很容易,状态,再装货, 或重新开始一个网络精灵。

 This is useful to implement or test changes that you make to a specific configuration file.
 这有用实现或者测试你制造一个特定的配置文件的变化。

 For example, if you make a change to the Apache Web server configuration file in /etc/httpd/conf/httpd.conf, you can implement the change right away with the /etc/rc.d/init.d/httpd reload command.

 举例来说, 如果你作一个变化给阿帕切族网站伺服器配置文件在 /etc/ httpd/conf/httpd.conf, 你能立刻以那 /etc/ rc.d/init.d/httpd 实现变化再装货指令。

 Other switches to these scripts allow you to stop, start, or status these services.
 其他的开关至这些脚本让你停止, 开始、或状态这些服务。

 Network service management is discussed in more detail in Chapter 9.
 网络服务管理在第 9 章更详细地被讨论。

 Exam Watch  In Red Hat Enterprise Linux, a simpler way to reload or restart a service in the /etc/rc.d/init.d directory is with the service command.
 考试在红帽企业看 Linux, 一个较简单的方法在那 /etc/rc.d/ init.d 目录中再装货或者重新开始一个服务与服务指令。

 For example, to restart the httpd service, you could run the service httpd restart command.
 举例来说, 重新开始 httpd 服务, 你可以提供服务 httpd 重始指令。

cron

Perhaps the most important daemon is cron, which can be used to execute a command or a series of commands in a script, on a schedule.
在一种时间表上,也许最重要的精灵是 cron,能被用在一个脚本中运行一个指令或一系列的指令。

 Red Hat Enterprise Linux already includes a series of scripts that are executed by cron on committed schedules in the /etc/cron.hourly, /etc/cron.daily, /etc/cron.weekly, and /etc/cron.monthly directories.
 红帽企业 Linux 已经包括在那 /etc/ cron.hourly 的犯时间表上被 cron 运行的一系列的脚本, /etc/ cron.daily, /etc/ cron.weekly, 和 /etc/ cron.monthly 目录。

System crontab

The easiest way to set up your own cron jobs is through the crontab file, which can be managed through the crontab command.
建立你自己的 cron 作业的最容易的方法经过 crontab 文件,能被处理过 crontab 指令。

 Users can edit their own crontab files with the crontab -e command;
 使用者能用 crontab-e 的指令编辑他们自己的 crontab 文件;

 the root user can configure the crontab for a specific user with the crontab -u username -e command.
 根使用者能配置有着 crontab-u 的使用者名称 -e 的指令的一个特定的使用者的 crontab 。

The general format for a crontab file can be found in the /etc/crontab script, which is used to run the scripts in the aforementioned schedule-related directories.
给 crontab 文件的一般格式能在那 /etc/crontab 脚本,被用在上述的时间表讲的目录中运行脚本中被发现。

 A typical crontab entry from that file is 42 4 1 * * root run-parts /etc/cron.monthly Five schedule fields appear on the left-hand side of each crontab entry: minute, hour, day of month, month, and day of week.
 来自那一个文件的一个典型的 crontab 项目是4241** 根运行-部份 /etc/ cron.monthly 五在每 crontab 项目的左手边上排程栏位出现: 分钟、小时,星期的月、月和日子的日子。

 The preceding line is executed at 4:42 A.M. on the first of every month, no matter what day of the week it is.
前述的线在早上 4:42 在第一个上被运行每个月, 没有物质星期几星期它是。

Backup and Restore
备份和复位

Hard drives include spinning disks and magnetic media.
硬式磁盘机包括纺织磁盘和磁性媒体。

 These are mechanical parts.
 这些是机械的部份。

 By definition, all mechanical hard drives will eventually fail.
 被定义,所有的机械硬式磁盘机将会最后失败。

 If you're administering a Linux system with multiple users, you do not want to have to hear the complaints of people who know that their data is more important than yours, because you'll know that they are right.
 如果你正在和多个使用者管理一个 Linux 系统,因为你将会知道他们是正确的,所以你不想要必须听到知道的人的诉苦那他们的数据比你的更重要。

 Configuring backups involves a number of strategic choices that go beyond Linux.
 配置备份包括超越 Linux 的一些策略的选择。

Using full backups, you can back up the entire drive;
使用完全的备份,你能备存整个的磁盘;

 using incremental backups, you back up just the data that has changed since the last backup.
 使用逐渐增加的备份, 你向后地在只是自从最后一个备份以后就已经改变的数据上面。

 A wide variety of media are available for backups, including tape drives, writable CD/DVDs, and other hard drives in various RAID configurations.
 各式各样的介质可用来备份,在各种不同的袭击配置中包括磁带机,可令状的 CD/数字化视频光和其他的硬式磁盘机。

 You can back up data locally or over a network.
 你能地方性地或在一个网络之上备存数据。

 Linux includes a number of quality tools for backups.
 Linux 为备份包括一些性质工具。

It's common to back up through a network to a dedicated backup server.
经过一个网络向后倒车是通常的对一个热衷的预备服务器。

 Since you're transferring at least substantial portions of a hard drive during a backup, backups can degrade network performance for other users.
 因为你正在硬式磁盘机在一个备份期间传递至少可观部分,备份能降低其他的使用者的网络绩效人格。

 So it is best to perform backups when few people are using your Linux system, which in most cases is during the middle of the night.
 因此当少数人正在使用你的 Linux 系统,在大部份的情形下在夜晚的中央期间的时候,执行备份最好。

 For this reason, it's a common practice to automate backups using the previously discussed cron daemon.
 对于这理由, 它有一个常见的做法使用先前讨论的 cron 精灵自动化备份。

Tape Backups
磁带备份

Using magnetic tape in Linux depends on the ftape system, using 'tarballs' to group directories into single compressed backup files.
在 Linux 使用磁带仰赖 ftape 系统,使用 'tarballs' 聚集目录进入独身者被压缩的备份申请。

 Once it is mounted, it's easy to test a tape drive; just use the mt -f /dev/tapedevice command to status, rewind, or eject the tape.
 一经它被安装,测试一个磁带机很容易; 仅仅使用 mt-f/dev/tapedevice 对状态,重绕的指令, 或逐放磁带。

 If it's a SCSI tape drive, use the st command instead.
 如果它是一个小型电脑标准介面磁带机,改为使用 st 指令。

Unlike when using regular media, you don't mount a tape; you can actually use switches with the tar command to write or restore directly from the tape device.
不像当使用一般的介质,你不安装一个磁带; 你能实际上和焦油指令一起使用开关写或者直接地从磁带装置修复。

 Just cite the appropriate /dev/tapedevice in the command.
 仅仅引证指令的适当的 /dev/tapedevice 。

 Just make sure you can also restore from the backup you've made.
 仅仅确定你也能从你已经做的备份修复。

CD Backups
CD 备份

Backups to CDs are made in a similar fashion, using 'iso' files instead of tarballs.
到 CD 的备份在一种相似的流行被做,使用 'iso' 文件而非 tarballs 。

 The mkisofs -J -r -T -o /tmp/backhome.iso /home command can consolidate regular users' home directories from /home onto a single file.
 mkisofs J-r-T-o/tmp/backhome.iso/家指令能联合一般的使用者的家目录从 /家在一个文件之上。

 You can then record this file onto the CD with a command such as:
 然后你能在 CD 之上以一个指令,像是 : 记录这一个文件

# cdrecord -v speed=2 dev=0,0,0 /tmp/backhome.iso

You can then store the CD and later restore the files from it just by mounting it as you would any regular CD.
然后你能储存 CD 而且稍后仅仅藉着装它修复来自它的文件当你会任何的一般 CD。

Hard Drive (RAID) Backups
硬式磁盘机 (冗余阵列磁盘机) 备份

Hard drive-based backups are based on the system known as the Redundant Array of Independent Disks, or RAID, which is covered in more detail in Chapter 5.
以硬式磁盘机为基础的备份以已知的系统为基础作为独立磁盘, 或袭击的多余行列,在第 5 章更详细地被复盖。

 There are several versions of RAID that can automatically restore data once you've replaced a broken hard disk.
 有一经你已经代替一个坏掉的硬式磁盘能自动地修复数据的袭击的一些版本。

tar

The tar command was originally developed for archiving data to tape drives.
焦油指令为文件对磁带机的数据本来被发展了。

 However, it's commonly used today for collecting a series of files, especially from a directory.
 然而,它普遍为收集一系列的文件今天用了, 尤其从一个目录。

 For example, the following command backs up the information from the /home directory in the home.tar.gz file:
 举例来说,下列的指令备存来自 home.tar.gz 文件的那 /家目录的信息:

# tar czvf home.tar.gz /home

This is one of the few commands that does not require a dash in front of the switch.
这是少数不在开关之前需要一个划的指令之一。

 This particular command creates (c) an archive, compresses (z) it, in verbose (v) mode, with the filename (f) that follows.
在冗长模式 (v) 模态中,藉由跟随的档名 (f),这个特别的指令产生 (c) 一个档案库,压缩 (z) 它。

 Alternatively, you can extract (x) from that file with the following command:

 二者择一地,你能从那一个文件以下列的指令吸取 (x):

# tar xzvf home.tar.gz /home

gzip and bzip2

The gzip and bzip2 commands are similar-they compress and decompress files, using different algorithms.
gzip 和 bzip 2个指令是相似的-他们压缩并且解压缩文件,使用不同的运算法则。

 If you wanted to compress a big picture file, you could do so with one of the following commands:
 如果你想要压缩一个大的照片文件,你可以以下列指令之一这么做:

# gzip big.jpg
# bzip2 big.jpg

It adds a .gz or a .bz2 extension. You can uncompress from these files with the -d switch:
它增加一。gz 或一。bz 2个扩充。 你能从这些文件解压缩与那 -d 开关:

# gzip -d big.jpg.gz
# bzip2 -d big.jpg.bz2

System Log File Management
系统日志文件管理

Log files are controlled by the syslogd daemon and organized in the /etc/syslog.conf file.
纪录文件被 syslogd 精灵控制而且在那 /etc/ syslog.conf 文件中被组织。

 It is important to use log files to understand the behavior of your Linux system; deviations may be a sign of problems with recently installed service or a security breach.
 使用纪录文件了解你的 Linux 系统的性态很重要; 偏向可能是最近被安装服务或一个安全[性] 违背的号讯的问题的。

 Basic log files are organized in the /var/log directory.
 基本的纪录文件在那 /var/log 目录中被组织。

 For more information on system logs, see Chapter 10.
 对于关于系统日志的较多资讯,见第 10 章。
相关阅读 更多

热门下载

更多