Top 10 Items in the Linux Admin Toolkit

Joe Barr writes "Joe 'Zonker' Brockmeier has listed his favorite top ten tools for Linux system administration in a story on Linux.com, one of Slashdot's sister sites." From the site: " Since I spend a lot of my time working with text files, either when I'm writing and editing or when I'm mucking with configuration files and shell scripts, I've become very attached to my editor of choice -- Vim. Over the years, I've tried a lot of other editors, but none of them has been sufficient to coax me away from Vim. Part of the reason for that is the fact that I no longer have to think about using Vi-style keybindings, and adjusting to anything else would seriously hinder my productivity."

Webmin

[lthown]

One of the most useful remote admin packages out there. Especially useful for those just getting into Linux/Unix. Want to install a Perl module? just select or enter the name. Wanna change a cron job for a user, it's in the Cron screen.

http://www.webmin.com/

Re:Mine

[Stephen+Williams]

Shame on those that only provide info, text, or worst, html documentation (or none)

For reading HTML docs over ssh or on an X11-less machine, might I recommend w3m? It's a very comfortable text-mode web browser. Unlike Lynx, it renders tables nicely, and even makes a brave attempt at frames.

-Stephen

Re:SSH

[fimbulvetr]

I'm actually suprised this guy used telnet. I find netcat (man nc) as a much better alternative. I can script it, I can do udp, and I can do port "testing".

Re:Mine

[mindriot]

While rsync is very nice for syncing files, I've found another, somewhat related tool much nicer for my purposes. I have a desktop and a laptop computer, and to a great extent I work on the same files on both. Syncing my home directories could be done using rsync to some degree, but it's rather painful if you have modified files on both sides.

This is where unison comes in handy. It keeps two directories synchronized nicely, adjusting changes in both directions automatically and querying the user in case of collisions. One of my favorite tools, and I'm sure I'm far from being the only one with a need for something like it.

Depends on the admin role I'm in

[jd]

For network administration, I'd probably have a top 10 of:

• hping3
• bing
• pchar
• ping
• traceroute
• ncat
• tcp dump
• webmin
• wget
• ngrep

Now, some of those are "well-known", but there are plenty there that few people (even on Slashdot) are likely to be overly familiar with.

great tools

[codepunk]

All the best tools are the great networking tools which allow me to track down and eradicate owned windows machines on the network.

nmap - hmmm what trojan do we have on the network today
tcpdump - great at finding worms scanners
iptraf - for finding weird clients p2p movie downloaders etc.
ethereal - great for grabbing pop and telnet passwords
aimsniff - just for amusement

With just those couple of tools I can keep the helpdesk busy for weeks by finding owned machines that need cleaning.

Re:Mine

[i.r.id10t]

Better thank lynx is links. Handles tables, frames, etc. no problem. Also, it can be compiled with various options to make it a graphical browser too, which is handy for X exported over SSH type things.

Maybe a few lesser-known

[toofast]

ethtool and mii-tool. The Cisco 2970 switch we use has the knack of initializing the interface in half-duplex mode if the port is set to "Auto". Easily fixed by setting the port to Full, but useful nonetheless.

strings. Good to check if executables are using /etc/hosts.allow and /etc/hosts.deny, or where pop3/imap are looking for PEM certificates to configure pop3s/imaps, etc...

vmstat. Think your system is paging, or a card is generating too many interrupts? /proc filesystem. Favorites include /proc/net/dev, and /proc/uptime, /proc/cpuinfo, /proc/loadavg. Good for aggregating individual server load data in a cluster.

awk and sed. Mentioned elsewhere, but priceless.

chmod. I think the Linux filesystem permissions are too ... permissive. Cut down on access to your logfiles and to config files in /etc.

*quota*. A must for restricting disk space use.

umask. When you need root, set your default umask fairly tight. I use 0077, but when you need to cpan some common perl modules, switch to the more common 0022.

jobs, fg and bg. Old-school unix commands to play with jobs that .. might take a while. When you forgot to & your command, use CTRL+Z then bg your job.

There may be more, but I can't think of any others right now...

Re:Other comments on GNU Screen?

[Wizarth]

Screen is very useful. I think of it as providing virtual terminals (you know, Ctrl-F1 to Ctrl-F6) but over remote login (usually ssh in my case)

My normal usage is like so:
ssh into the box
screen -r (resume session, that was created first time I went in after bootup, with screen -S)
Ctrl-A Ctrl-N (next virtual terminal) to flick through things i have running, usually centericq (text multi protocol chat client) and btdownloadcurses, or the results of a compile I left going.
Ctrl-A Ctrl-C (open new virtual terminal) which gives you another command prompt. Here I'll wget a tarball, extract it, start the compile, then Ctrl-A Ctrl-N back to centericq

I'll disconnect from the box (Ctrl-A Ctrl-D to disconnect from screen, then Ctrl-D to close the login shell), go home, reconnect from one of my other machines, go through the same process.

Also, I can stay connected, go to another machine, and use screen -x to have multiple connections to the same screen. In the case of a dropped connection, and screen thinks my old login is still valid, screen -rD will disconnect the old login.

Oh, and Ctrl-A ? will show all the in-screen escape sequences. Some of them I haven't used (there is one to do horiz split display, but it crashes btdownloadcurses), but look like they could be even more useful!

But really, the best part is not having programs killed on me because the internet connection dropped (as happens all too often around these parts).

Re:Clasis usability

[Macka]

I like vim for command line.....

You can't do a whole lot of typing on the command line then either. I've never bothered to learn to use the Emacs editor (tried about 15 years ago and hated it) so I always use the vi editor ... but when it comes to command line editing, "emacs mode" whoops "vi mode" totally. Being able to use the arrow keys to scroll back commands or navigate the command line, along with ^a (beginning of line) ^e (end of line) ^r (to search for strings in your command history) ... "esc." (that's "dot" not a full stop, to recall the last field in the previous command string, etc, etc, etc....

The only time I've had to use vi mode for command line editing is on HP-UX, where the lack of a modern shell by default and crap emacs mode support have forced me into it. The usability difference is horribly noticeable.

Re:Other comments on GNU Screen?

[jptxs]

Step 1. Begin compiling some huge thing (tm) during your screen session.
Step 2. Spend all day doing other things as compilation is off in some hidden window in screen.
Step 3. Check on compiling every now and then, you will be able to scroll back and forth as needed as if you'd been sitting with an xterm open the whole time.
Step 4. Leave work for home.
Step 5. Reattach to you screen session and check on your compiling some more.
Step 6. Realize inner peace knowing you need not worry about where you started some long process ever again by using screen.

Re:strace

[lky]

Dont forget these, any one will provide the needed/wanted tools for recovery.

Forensic and Incident Response Environment: http://fire.dmzs.com/
Linux Bootable Business Card: http://www.lnx-bbc.org/
Ultimate Boot CD: http://ubcd.sourceforge.net/
Knoppix Security Tools Distribution: http://www.knoppix-std.org/
SystemRescueCd: ahref=http://www.sysresccd.org/rel=url2html-26348h ttp://www.sysresccd.org/>

Instead of cdargs...

[Clueless+Moron]

I define these functions in my shell .rc:

mk() { eval ${1:-MKPWD}=\"`pwd`\"; }
rt() { eval cd \"\$${1:-MKPWD}\";pwd; }

You type "mk" (as in "mark") and "rt" (as in "return") to mark a directory and later go back to it.

Or you can give it a name: do "mk foo", and later on "rt foo" will move you back there.

But the Big Win? With the above, it gets set as a shell var: $foo is also set to the directory, so you can do things like "cp $foo/*.baz ." to good benefit. In addition, setting up this system is just a trivial matter of setting environment variables in your .profile.

PS: Trivia: the "mk" and "rt" names were inspired by troff, where those commands were used to keep mark and go back to vertical positions on a page... yeah I'm an oldie.

Re:SSH

[Pheersome]

I was actually going to say something very similar, and then I realized that I use telnet over netcat for certain purposes, because telnet notifies me when it actually connects. However, a couple minutes ago I realized I was being an idiot, because 'nc -v' does the same thing.

Also, if you haven't already, check out nmap-ncat.

Elinks rocks...

[arcadum]

Elinks has javascript support. I've deployed elinks to many systems as a last resort for the tech support crew when the ppp connect is hosed.

Oh yeah? (pr0n howto)

[identity0]

As this table shows, curl does not have "Recursive Downloads", which wget does. Which is the most useful feature of wget - you can point it at a pr0n link or gallery site like so:

wget -r -k -H --level=3

and it will follow all the pr0n links to three levels down, and retrieve all the pix/movies it links to. Saves you tens of hours of frustrated clicking and saving manually. Not that I personally use it for such vile things, of course :)