Slashdot Mirror

← Back to Stories (view on slashdot.org)

Top Ten Linux Configuration Tools?

Posted by Cliff on from the what-no-admin-should-be-without dept.

jman251 asks: "I am presenting at a conference in September on a couple of Linux-centric topics. One of these is a collection of tips, tricks, and tools for configuring, securing, and maintaining a Linux-based server. I have a short list of tools I use, but would like some community input on the subject. What tools do you use that make your admin responsibilities easier or more automated on the Linux platform?"

7 of 651 comments (clear)

  1. Tripwire by nharmon · · Score: 5, Informative

    Tripwire is a very easy to use intrustion detection system. If you follow the documentation, and implement it properly (storing the statically linked binary + database files on read-only media), it will make things very hard on a potential hacker.

  2. Cfengine: It's all you need by kognate · · Score: 5, Informative

    cfengine (http://www.cfengine.org) is
    the best automation tool for unix and unix-like
    environments. Hands down.

    It's a little hard to configure sometimes, but
    worth the effort.

  3. Dang! by itwerx · · Score: 5, Informative

    I can't believe with all these posts that the only one(s) that actually respond to the question are about Webmin!
    Don't get me wrong, Webmin is great, it's at the top of my list fer shure, but that's not the be-all and end-all of systems management!! What about actual convenient tools like MRTG, Novell's eDirectory, RedCarpet, etc. etc.?
    Heck, I'm reading this article hoping to pick up a few tips myself and all I'm seeing are scripting languages and text-editor flame wars, (all of which can/should be moderated Off-topic or Funny).
    So, anybody actually got anything useful to contribute besides Webmin?

  4. Re:Dave Lettermans Top 10 by hackstraw · · Score: 5, Informative

    su -- better sudo keeps your root password better kept, does more logging, etc

    more -- better less (Its not the 70s anymore people, you can search and go backwards in files since less first came about in the mid 80s. With the LESSOPEN varible set to something useful you can "browse" many, many filetypes too).

    bash -- better zsh My shell can do anything your shell can do, but better!

  5. Re:rm by Homology · · Score: 5, Informative
    I used

    $ chflags uchg /home/dude

    So now "rm -fr /" won't work even as root as it will properly give you :

    rm: /home/dude: Operation not permitted

    So there you are, you pesky root of all evil. Oh bummer, now I can't make any new files in /home/dude ....

  6. Re:Dave Lettermans Top 10 by hackstraw · · Score: 5, Informative

    what are the advatages of zsh over bash

    1) programable tab completion - yes folks there is more to tab completion besides beeping all the time. When I hit cd fooTAB the list of completions only shows _directories_ beginning with foo

    2) sane invocation - zsh is the only shell that has one file that is sourced _on all invocations of the shell_ so you can do stuff like have a consistant PATH and other env stuff

    3) global aliases - zsh provides an alias that works _anywhere on the commandline_ I have 'G' mapped to '| grep -i', I have 'L' mapped to '| less' and 'vi' mapped to 'vim' (why? So sudo vi FILE gives me vim if the system has vim), etc, etc

    4) the only shell that supports working 'vi' style history editing

    5) multiple commandline commands are not rewritten as commands with ';' in them (what I typed is what I get, see 4)

    6) too many features to name. Like I said, my shell can do anything your shell can do, but better.

  7. Single machine or multiple machines? by ComputerSlicer23 · · Score: 5, Informative
    I've always like the "redhat-config" series of tools on RedHat or RedHat derived products.

    • chkconfig and service are valuable for doing things.
    • yum, apt, autorpm are all nice tools.
    • logwatch is great.
    • PAM isn't an application, but using PAM and LDAP can make having users spread across machines is a snap.
    • tripwire is a great tool
    • kickstart does wonders if you have to install lots of machines. I use it to completely document every scriptable part of an install.
    • WebMin is great, but it worries me from a security perspective.
    • gq is a great LDAP editor that I use to edit LDAP entries for users.
    • Software like Bastielle Linux (a script that attempts to harden a machine)
    • iptables, iproute2 (including ip and tc) are wonderful for networking.
    • cron, sh, sed, awk, perl and python are used in conjunction quite a bit.
    • fuser and lsof are used frequently by to to figure out what is going on.
    • ethereal and tcpdump are tools of the gods.
    • ssh is a thing of beauty.
    • encrypted swap is fun.
    • Nagios, MRTG, and sar are very useful for profiling and monitoring of your machines.

    Who exactly is your target audience? People who've never seen UNIX, people who've worked on UNIX environment for years? What is it you are attempting to accomplish with them?

    Most of my list would be boring to people who know a lot about UNIX, however some of them are Linux specific.