System Administration

Introduction
Thái Minh Tuấn - minhtuan@ctu.edu.vn
Slides are adapted from:
[1] Slides prepared by Prof. Brian D. Davison (http://www.cse.lehigh.edu/~brian/)
[2] The Practice of System and Network Administration, 3rd Ed., by Limoncelli, Hogan, and Chalup (Addison Wesley, 2017) 1
[3] Practical Linux System Administration: A Guide to Installation, Configuration, and Management, by Kenneth Hess (O'Reilly Media, 2023)
Who is this course for?
● Students interested in learning
○ Principles of Network and System Administration
○ The roles and responsibilities of a sysadmin
○ Linux system administration
■ How to configure & manage their own Linux systems
■ Setup and manage user accounts and groups
■ Manage the resources and security of a computer running Linux
■ Configure and manage services on a Linux system
■ How to diagnose and debug problems
○ Why they need to be nice to the sysadmin
● UNIX/Linux familiarity is helpful
2
What will it not cover?
● Networking in-depth
○ Take CT112/CT297 instead
● Network/Computer security in-depth
○ Take CT211/CT222 instead
● Windows administration
● Many hardware issues
● All the details needed for certification
○ Lots of certification courses available

3
What is ‘the system’?

4
What is an sysadmin?
● If you asked six system administrators to define their jobs, you would get
seven different answers.
● Companies give Sysadmins different titles
○ Network administrators, system architects, system engineers, system
programmers, etc.
● Definition of system administrator:
○ “One who manages computer and network systems on behalf of another, such
as an employer or a client.”
○ “Individuals responsible for the installation and maintenance of an
information system, providing effective information system utilization,
adequate security parameters, and sound implementation of established
Information Assurance policy and procedures” (NIST)
5
What does a sysadmin do?
● User account management
● Hardware management
● Perform file system backups, restores
● Install and configure new software and services
● Keep systems and services operating smoothly
○ Monitor system and network
○ Troubleshoot problems
● Maintain documentation
● Audit security
● Help users, performance tuning, and more!

6
User account management
● Creating / disabling / removing user
accounts
● Permissions, group memberships,
accounting and restrictions
● Communicating policies and procedures

7
Hardware management
● Capacity planning
● Inventory
● Hardware evaluation and purchase
● Adding and removing hardware
○ Configuration
○ Cabling, wiring, DIP switches, etc.
● Device driver installation
● System configuration and settings
● User notification and documentation

8
Data Backups
● Perhaps most important aspect!
● Disk and backup media capacity planning
● Performance, network and system impact
● Disaster recovery
○ Onsite/Offsite
○ Periodic testing
○ Multiple copies
● User communication
○ Schedules, restore guarantees and procedures,
loss tolerance

9
Software Installation/Maintenance
● Evaluation of software
● Downloading and building (compiling
and tweaking)
● Installation
● Maintenance of multiple versions
● Security
● Patches and updates
● User notification, documentation

10
System Monitoring
● Hardware and services functioning and operational
● Capacity
○ Disk, RAM, CPU, network
● Security
○ Passwords
○ Break-ins
● System logs
○ Examination
○ Periodic rotation and truncation
○ Archival storage (at least summaries)

11
Troubleshooting
● Problem discovery, diagnosis, and resolution
○ Root cause analysis
○ Often quite difficult!
● Often requires
○ Broad and thorough system knowledge
○ Outside experts
○ Luck
● Expediency

12
Local Documentation
● Administrative policies and procedures
○ Backup media locations
■ Hardware
■ Location
○ Description, configuration, connections
○ Software
■ Install media (or download location)
■ Installation, build, and configuration details
■ Patches installed
● Acceptable use policies

13
Security Concerns
● System logging and audit facilities
○ Evaluation and implementation
○ Monitoring and analysis
○ Traps, auditing and monitoring programs
● Unexpected or unauthorized use
detection
● Monitoring of security advisories
○ Security holes and weaknesses
○ Live exploits

14
User Assistance
● Time intensive!
● Techniques
○ Help desks
○ Trouble-ticket systems
● Software availability and usage
● Software configuration settings
● Hardware usage, maintenance, and
troubleshooting
● Writing FAQs

15
Administration Challenges
● Need
○ Broad knowledge of hardware and software
○ To balance conflicting requirements
■ Short-term vs. long-term needs
■ End-user vs. organizational requirements
■ Service provider vs. police model
○ To work well and efficiently under pressure
○ 24x7 availability
○ Flexibility, tolerance, and patience
○ Good communication skills
● People think of sysadmins only when things don't work!

16
Admins for Developers
● DevOps (development operations)
○ A methodology of software development, emphasizing communication, collaboration,
and integration between software developers and IT operations people (e.g., system
administrators)
● Automates, manages:
○ Release management
○ Quality testing
○ Configuration management
○ Developer tools (IDEs, issue trackers, etc.)
● Hugely important at companies like Facebook, Google

17
The Philosophy of System Administration
● Automate everything
● Document everything
● Communicate as much as possible
● Know your resources
● Know your users
● Know your business
● Security cannot be an afterthought
● Plan ahead
● Expect the unexpected

18
Automate everything
● Most system administrators are outnumbered
● Anything done more than once should be looked at as a possible
candidate for automation
● Here are some commonly automated tasks:
○ Free disk space checking and reporting
○ Backups
○ System performance data collection
○ User account maintenance (creation, deletion, etc.)
○ Business-specific functions (pushing new data to a Web server, running
monthly/quarterly/yearly reports, etc.)
● Automation gives your users the extra benefit of greater predictability and
consistency of service.
19
Automate everything

Keep in mind that if you have a task that should be automated, it is likely that you
are not the first to have that need. Here is where the benefits of open source
software really shine — you may be able to leverage someone else's work to
automate the very thing that is currently eating up your time. So always make sure
you search the Web before writing anything more complex than a small Perl script.

20
Document everything
● Many SAs will put off doing the necessary documentation
● "I will get around to it later."
○ Unfortunately, this is usually not true
● "Why write it up? I will remember it."
○ Wasted time either trying to relearn what you had forgotten or fixing what you had
broken due to not knowing the whole story
● "If I keep it in my head, they will not fire me — I will have job security!"
○ May work for a while, invariably it leads to less — not more — job security
○ Your documentation may save the day by letting someone else resolve the problem in
your absence

21
Document everything
● Policies
○ Policies are written to formalize and clarify the relationship you have with your user
community.
■ Account management, Password policy, Email policy
● Procedures
○ Procedures are any step-by-step sequence of actions that must be taken to accomplish a
certain task.
■ Backup procedures, user account management procedures, problem reporting
procedures, etc.
○ Like automation, if a procedure is followed more than once, it is a good idea to document it.
● Changes
○ Changes on the system should be documented in some fashion.
○ 5Ws: Who, What, Where, When, Why
22
Communicate as much as possible
● The method by which you communicate with your users will vary
according to your organization
○ Email, internal website, instant messaging, bulletin board, etc.
● Tell your users what you are going to do
○ System Downtime Scheduled for Friday Night
● Tell your users what you are doing
○ System Downtime Scheduled for Tonight
● Tell your users what you have done
○ System Downtime Complete

23
Know Your Resources, Users, and Business
● System administration is mostly a matter of balancing available resources
against the people and programs that use those resources
○ SA will be a short and stress-filled one unless you fully understand the
resources you have at your disposal.
○ Processing, memory, disk space, network bandwidth; available money from
the IT budget; etc.
○ People (other admins), time, knowledge, etc.
● Whether you work for a large, multinational corporation or a small
community college, you must still understand the nature of the business
environment and its user

24
Security cannot be an afterthought
● Cannot take security for granted
○ All systems may be at risk
■ Even standalone systems not connected to the Internet
○ Internal malicious users vs. External attackers
● Consider the security implications of everything that you do
● Cyber/system security is not a goal but a well-planned, well-executed, and
never-ending journey

This does not mean that you should treat your coworkers as if they are
criminals. It just means that you should look at the type of work that each
person performs, and determine what types of security breaches a person in
that position could perpetrate, if they were so inclined.
25
Plan ahead and Expect the unexpected
● Certainly no one can predict the future with 100% accuracy. However,
with a bit of awareness it is easy to read the signs of many changes:
○ Signs of system failures
○ Signs of network failures
○ Requirements of scalability
○ Further security requirements
● Being able to read these signs (and to respond effectively to them) will
make life easier for sysadmins and users
● Trying to anticipate problems before they occur
○ Respond more quickly and effectively

26
Which OS to learn to admin?

27
Brief history of UNIX
● Originated as a research project in 1969 at AT&T Bell Labs
○ Made available to universities (free) in 1976
● Berkeley UNIX started in 1977 when UCB licensed code from AT&T.
○ Berkeley Software Distribution started in 1977 with 1BSD, and ended in 1993 with 4.4BSD
○ Licensing costs from AT&T increased, so Berkeley attempted to remove AT&T code, but
ran out of funds before completion.
○ Final release of AT&T-free code called 4.4BSD-Lite.
■ Most current BSD distributions (FreeBSD, NetBSD, OpenBSD) are derived from
4.4BSD-Lite.
● Most commercial versions of UNIX (Solaris, HP-UX) are derived from the
AT&T code

28
What is Linux?
● Linux is a clone of the operating system Unix, written by developers
loosely collaborating across the Internet
● Like any modern full-fledged Unix, Linux includes:
○ true multitasking
○ proper memory management and virtual memory
○ shared libraries and shared copy-on-write executables
○ TCP/IP networking
● Linux really refers to the kernel
○ Most commands and apps are really separate programs, not specific to Linux, and often
are part of the Free Software Foundation's GNU project.
● Linux was first developed for 32-bit x86-based PCs (386 or higher). These
days it also runs on dozens of other processors.
29
Brief history of Linux
● Created as a personal project (and still
controlled) by Linus Torvalds, a Finnish
graduate student, in 1991
● Conceived as an offshoot of Minix (a model
OS)
○ Not derived from AT&T or BSD UNIX code
● Kernel v1.0 released 1994
○ Most recent (July 2024) kernel release is 6.10

30
UNIX History

31
Linux kernel vs. distribution
● The Linux kernel provides essential
services and manages system resources
○ Core interface between a computer’s hardware
and processes
● A Linux distribution is an operating
system composed of the Linux kernel,
GNU tools, additional software and a
package manager
○ May also include display server and desktop
environment

32
Why (Red Hat/CentOS) Linux?
● Need to use some OS to make ideas concrete
● Really only two choices:
○ Windows
○ UNIX (and UNIX-like OSes such as Linux)
● Both are useful and common in the real world
● Linux is popular, free, and usable on personal machines, but also handles
large-scale services
● Red Hat/CentOS is relatively polished, popular
○ There are, of course, many alternatives

33
Where to get answers?
● Linux/UNIX documentation can be found in many places
○ Manual pages (man pages, using man command)
○ Texinfo documents (read with info command)
○ HOWTOs – focused descriptions of a topic
○ Distribution-specific documentation
○ Your favorite Web search engine
● Will typically find online versions of the above
● Stackoverflow/AI chatbots/YouTube/…

34
Where to get answers

35