A Linux Primer for Windows Administrators
Clueless about Linux? This guide to the essentials can help you get your bearings
October 25, 2004
Windows and Linux may be rivals in the marketplace, but in the data center they're more likely to coexist as complementary platforms. If you haven't yet encountered Linux in your career as a Windows administrator, you need to prepare for that eventuality by acquiring a basic understanding of Linux administration. This article jump-starts your Linux learning by explaining essential concepts of Linux user administration, file systems, networking, and software management. (To learn how to obtain more information about Linux commands, files, and programs, see the sidebar "Linux's Online Help," page 43, and the Learning Path box, page 45.) Although the topics I discuss pertain to all Linux distributions, the examples I provide are based on Red Hat Enterprise Server 3—RHES—and might not work for the Linux distribution that you use. Be sure to read your vendor documentation to obtain the correct commands and syntax for your Linux distribution.
Getting Started
Before we go further, let's get a few of the basics out of the way. Linux, like Windows, uses the concept of users and groups for authentication and authorization to resources. Each user must be a member of at least one group, and users can additionally be members of other groups. I discuss user and group administration in more detail later.
Like FAT and NTFS, the Linux file system is organized as a tree—meaning that the file system has a root directory and subdirectories under it. In Linux, the root directory is represented simply by a forward slash (/), whereas in Windows, the root directory is represented by a drive letter and a backslash (e.g., C:); Linux uses the forward slash instead of the backslash as directory separator. Unlike Windows, Linux doesn't have separate drives; all directories and mounted file systems (e.g., D: in Windows) are found at or under the root directory in Linux. (I explain the concept of mounting a bit later.) Finally, you'll notice that the sample commands I provide begin with the hash character (#)—the Linux shell prompt, which is analogous to using "C:" to begin a command example. Now let's delve into the specifics of real-world Linux administration.
User Administration
User administration in Linux is conceptually the same as Windows user administration. You define users and groups of users, configure their accounts, and specify their access rights. However, Linux provides administrative tools that are very different from those found on Windows systems. You use these tools to create, delete, and modify user accounts and user groups.
You define a user account by creating an entry in the /etc/passwd file; Table 1 shows the file's contents. By definition, any entry in the /etc/passwd file is a user account, even if it isn't active. As in Windows, software that you install under Linux might create additional user accounts. Each entry in /etc/passwd includes several fields, such as username, password, and home- directory. Here's a sample /etc/passwd entry:
dpuryear:x:500:500:Dustin Puryear:/home/dpuryear:/bin/bash
This entry specifies that the user, dpuryear, has a user ID of 500 and defaults to the group 500 (coincidentally, the same as the username), has the full name Dustin Puryear, is assigned to the home directory /home/dpuryear, and uses /bin/bash (Bourne Again Shell) as the logon shell. The user ID has the same function in Linux that the SID does in Windows. And in Windows, the command shell is cmd.exe; in Linux, the shell is typically /bin/bash.
You'll notice that the second field—the password field—contains an x. In our example, the Linux system uses shadow passwords (provided by the shadow-utils package, which is used on all modern Linux systems), which means that all passwords are actually in the file /etc/shadow. Linux uses the x merely as a placeholder; it doesn't represent a true password. (Actually, the true password isn't stored anywhere in the system. Instead, a hashed version of the password is stored, just as in Windows.)
To create a new user account, you run the adduser command (useradd on some systems) from the bash shell as the root user. Adduser creates a user entry and, if specified, a home directory in the /etc/passwd file. The syntax for adduser is
adduser username -option
where -option represents a command option, such as -u (user ID), -g (group), -d (home), or -s (shell). For example, to create a new account named jdoe for the employee John Doe, enter the command
# adduser jdoe
which creates the following entry in /etc/passwd:
jdoe:x:600:600::/home/jdoe:/bin/bash
You can specify options on the adduser command, for example:
# adduser jdoe -c "John Doe" -m
This command creates an entry in /etc/passwd for the user jdoe; the −c option sets the user's real name to "John Doe," and the -m option creates a home directory for jdoe. In Linux, you have to specify −m or the system won't create the home directory, and the home directory defaults to /home/username unless overridden with the −d option, which lets you specify a different location for the home directory. (On Windows systems, the home directory is created when the user first logs on.)
Unlike Windows, Linux doesn't prompt you for a password when you add a new user account. Instead, you must use a different command—/usr/bin/passwd—to specify an initial password for the user, like this:
# /usr/bin/passwd jdoe
After you enter the command, you'll see onscreen messages and prompts similar to these:
Changing password for user jdoe.
New password: password
Retype new password: password
passwd: all authentication tokens
updated successfully.
To delete an account, you use the userdel (user delete) command, like this:
# userdel jdoe
By default, userdel doesn't remove a user's home directory even when the user's account has been deleted. To remove a user's home directory, you must specify the -r (remove) option on the userdel command:
# userdel jdoe -r
As a Windows administrator, you're probably wondering how you manage users for an entire network when you have to manually add users on each Linux server. The solution is to use a UNIX or Linux network user-management system such as Network Information Service (NIS) or perhaps use Active Directory (AD) for authentication.
Using AD in Linux is typically accomplished by running either the open-source Samba software or Windows Services for UNIX (SFU). Samba provides the Winbind application, which essentially turns Linux into a domain member, complete with authentication and authorization against AD. SFU provides a NIS interface to an AD network.
As you've seen, I use command-line examples. Linux—and UNIX in general—can be completely administered from the command line. All Linux distributions also include GUI-based administration tools, but it's useful to be aware of the underlying command-line tools that the GUI applications rely on. For example, you might want to write a script that uses such commands to manage a large number of user accounts.
User Groups
In Linux and Windows, groups can greatly facilitate administration because they let you configure permissions for a set of users rather than many individual users. You define groups in Linux as you define users, within a single file—but for groups the file is /etc/group. Table 2 shows the contents of /etc/group. The format for an /etc/group entry is
group-name:password:GID:member1,member2,...
The following entry is commonly found in Linux etc/group files:
sys::3:root,bin,adm
In this listing, the group name is sys, the group ID (GID) is 3, and the users root, bin, and adm belong to the group. (Again, like Windows, Linux uses numbers internally to represent actual objects such as users and groups and lets users reference those objects by using symbolic names, such as sys.) Notice that the sample /etc/group entry has no password field. Most groups in the /etc/group file don't have a password. In general, you can ignore the password field; however, you must place a field separator character (a colon—or :) in the password position even if you're not specifying an actual password.
To add a new group, you use the groupadd command. For example, to create the students group, you'd enter
# groupadd students
which creates the following entry in /etc/group:
students:x:700:
After you add a group, you can add users to it as you would to any other group. To add users to a group, you can either manually edit /etc/group or run the usermod command with the case-sensitive −G option, like this:
# usermod jdoe -G students,users
After you've created groups, you should apply group ownership (i.e., use commands to restrict access to certain directories by group) to the directories that you want to control. You do this by using two commands—chgrp and chmod—which I discuss later.
Deleting a group is similar to deleting a user. To delete a group, you use the groupdel command and specify the group you want to delete. For example, to delete the newly defined students group, you'd enter
# groupdel students
Before you delete a group, you should determine whether the group is currently being used by the system or by regular accounts. If so, you must first make sure that all users in the group have updated their file-ownership information to another group, if necessary.
The Linux File System
Linux and Windows both abstract the file system interface between the kernel and hardware by using file system drivers. This abstraction lets the kernel provide a standardized interface that can easily be modified to support newer technologies. (Linux actually provides access to both old and new file systems, including the Linux ext2 and ext3 file systems and DOS FAT, among others.) In general, you don't need to worry about the mechanics of how Linux stores and retrieves data from disk. However, you do need to know how to mount file systems (that is, make them available to users) and how to check and repair damaged file systems. In addition, you should have a good understanding of how to apply permissions to directories and files.
When you mount a file system in Linux, you attach it to the root file system so that users and applications can access it. Until you mount the file system, you can't access the files that are located in it. This procedure differs from Windows in that when Windows detects a disk with a known file system type, it immediately makes the disk available as a lettered drive. (Windows Server 2003, Windows XP, and Windows 2000 Server also support mounting file systems, so that you can extend the size of a current lettered drive by mounting a new disk on a directory on that drive.)
To mount a file system, you use the mount command, for example:
# mount /dev/cdrom /mnt/cdrom
This command mounts the file system on the disk in the CD-ROM drive to the /mnt/cdrom directory (/dev/cdrom simply refers to the actual CD-ROM device). After the file system is mounted, you can access the CD-ROM through /mnt/cdrom.
When you're finished with the file system, you should unmount it. To do so, use the umount command, as follows:
# umount /mnt/cdrom
Linux also understands FAT and FAT32 file systems and supports NTFS, but the NTFS support isn't reliable. However, unreliable NTFS support isn't a big problem because most production servers aren't dual-boot and thus don't share NTFS file systems.
In Windows, you can map a remote Server Message Block/Common Internet File System (SMB/CIFS) file system to a local drive letter by running the command
C: net use x: \fileserverfiles
In Linux, you can mount an NFS file system similarly, by running the mount command:
# mount fileserver:/files /mnt/files
Most modern Linux distributions also let you easily mount an SMB/CIFS file system, which you do by running the command
# mount -t smbfs //fileserver/files/mnt/files
(The command wraps to two lines here because of space constraints.) This command mounts the SMB file-system type (-t smbfs) from the Windows server and the //fileserver/files share (which in Windows would be \fileserverfiles) on the local mount point /mnt/files.
You can automate much of the mount process, including having the system automatically mount a set of file systems at system startup. The /etc/fstab file contains information about devices, mount points, file-system types, and how to check for errors. By populating this file with the appropriate information, you can have the system do most file system mounts for you.
An entry in /etc/fstab looks similar to that in Figure 1. This entry specifies that /dev/cdrom should be mounted on /mnt/cdrom, Linux should determine the file system being used (auto), and the file system should be mounted as read-only (ro). The final two entries (0 and 2) are related to the dump system command and aren't important here—in general, just use the setting that Figure 1 shows.
You can now mount and unmount the CD-ROM by specifying only the directory, like this:
# mount /mnt/cdrom# umount /mnt/cdrom
Linux will now mount the CD-ROM when the system boots. As you add new disks to your Linux system, you'll first format them by running the command
mkfs.ext3
(which is similar to the DOS Format command), then place the device entry in /etc/fstab so that the file system is available when the system boots.
Repairing File Systems
Linux file systems can be damaged just as Windows file systems can (e.g., during a power failure). Newer file systems, such as ext3 and ReiserFS, have journaling capabilities. This means that they behave like NTFS when they aren't properly unmounted before the system is rebooted: Instead of requiring a long file system−check when the system boots up, the newer Linux file systems quickly correct themselves. Although journaling ensures file system integrity, it offers no guarantee that you won't lose user data if the server suddenly loses power.
Sometimes you might want to force a file system check. In Windows, you can use the Scandisk or Chkdsk command to do this; in Linux, you must use the fsck (file system check) command, like this:
# fsck -c /dev/hda2
The sample command runs a file system check on /dev/hda2. Generally, you don't want to run fsck on a mounted, writeable file system. You should either unmount the file system, then run fsck, or mount the file
system as read-only instead of writeable. If the file system in question is the boot volume (e.g., /dev/hda1 in an IDE-based system), you should run the fsck command on the file system only when the Linux system is in single-user mode. You can determine whether the system is in single-user mode (called runlevel in Linux) by running the command
# telinit 1
File System Permissions
Linux is file-centric, which means that most of what Linux offers to applications and users is done through a set of files. Security in Linux is also file-centric and is based almost entirely on the permissions placed on a file or directory. NTFS in Windows offers an advanced permission facility that's based on ACLs. In theory, Linux also supports ACLs, but often this support isn't enabled or even compiled into the Linux kernel. Because Linux's ACL support is inconsistent, I instead concentrate on the more traditional Linux permission model.
Linux provides three types of permissions that you can apply to a file: read, write, and execute (r, w, and x). In addition, you can set permissions for three types of users: owner, group, and world (u, g, and o). Owner is just that, the file's owner; group is the "group owner;" and world is the set of users that aren't the owner or in the group. World is basically a catch-all, similar to Everyone in Windows.
As I mentioned earlier, you use the chgrp and chmod commands to set group permissions. For example, to restrict control of the /files/students directory to only the users in the students group, you'd run the commands
# chgrp -R students /files/students# chmod -R u=rwx,g=rwx /files/students
The −R option specifies that chgrp and chmod should recursively apply the changes, and the u=rwx,g=rwx field translates to "the owner will have read, write, and execute permissions, and the group will also have read, write, and execute permissions."
To let only a file's owner access the file, you'd run chmod as follows:
# chmod u=rwx /user/file
In Windows, the equivalent command is Cacls:
C: cacls c:userfile /e /p bob:f
/e specifies that the Cacls command will edit an ACL instead of replacing it, and /p bob:f grants Bob full permissions to c:userfile.
To let both the owner and anyone in the group access the file, you'd enter
# chmod u=rwx,g=rwx /user/file
Again, remember that in Linux you can assign permissions only to one group, whereas with NTFS you can specify rights to multiple groups by using ACLs. (Some file systems in Linux support ACLs; they just aren't used by default.) You can find more information about chmod and chgrp by reading the commands' man pages. (For more information about man pages, see "Linux's Online Help.")
Networking
Networking is an integral part of Linux—so much so that, as in Windows, it's virtually impossible to remove the networking components without breaking the OS (but not nearly as difficult to remove the Web browser!). In Windows, when you want to manage networking, you must define and configure NICs by running the Network Connections Control Panel applet. You can also automate the process of configuring networking in Windows by using the Netsh command. Like Windows, Linux provides command-line and GUI tools to manage networking.
Let's walk through configuring a Linux system for networking. First, you must determine whether Linux knows about your NIC. The easiest method to accomplish this is to run the ifconfig command, which tells you whether the OS is providing access to the NIC:
# ifconfig eth0
The eth0 device is simply the first NIC that Linux sees. In Windows, this device is called "Local Area Connection" when you view it in the Network Configuration applet or via the Windows Ipconfig command. (The closest Windows equivalent of ifconfig is ipconfig /all.) After you run ifconfig, you'll see output on screen similar to that in Figure 2. Now that you know that the NIC is working, you can configure it—again by running ifconfig:
# ifconfig eth0 192.168.1.10netmask 255.255.255.0
(The command wraps to two lines here because of space constraints.) Running this command displays the eth0 interface (i.e., the first NIC on the system), which has the IP address 192.168.1.10 and a subnet mask of 255.255.255.0. Linux also automatically adds a network route to the routing table, so that you can now ping other hosts on the LAN, by running the command
# ping -c 1 192.168.1.1
The −c option specifies that the Ping command pings the remote server only once. The command then displays the output that Figure 3 shows (several lines in Figure 3 wrap because of space constraints). In Red Hat, you can automate the network configuration process I've just described—and ensure that the configuration is maintained after a reboot—simply by running the command
# netconfig
If you want to connect the system to the Internet, you must perform two more steps: Configure a default router, and configure your DNS servers. To configure the default router, use the route command (which is similar to the Windows route command):
# route add -net defaultgw 192.168.1.1
This command—which wraps to two lines here—specifies that we're adding a route to a network (rather than just to a host), that the network is "default" (the value that's used when specifying a default router), and that the default router (gw) is 192.168.1.1.
Finally, you add your DNS servers to the /etc/resolv.conf file, which configures the server's DNS resolver, by using the following syntax:
nameserver dns1.example.comnameserver dns2.example.com
As I mentioned, instead of performing the network configuration manually, you can automate this process by running the netconfig command. Netconfig lets you set up your networking to use either DHCP or a static IP address. It works the same as the Windows Add Network wizard. Although simply using netconfig is far easier than the process I just described, by learning exactly what netconfig is doing you have a better understanding of how Linux networking works. You'll probably find it helpful to investigate other Linux commands that are also available in Windows, such as netstat and nslookup.
Installing and Managing Software
Software management in Linux can often be at least as difficult as it is for Windows users. In Linux, software is distributed in various ways. Most distributions, such as Red Hat with Red Hat Package Manager (RPM), have their own package format. RPM packages are well supported across most Linux distributions and are the closest thing to a true package standard in the Linux world.
An actual RPM file is a single file archive that contains all the software and installation scripts needed to install an application, much like setup.exe or an .msi file in Windows. To install an RPM, you run the rpm command along with the RPM file as an argument:
# rpm -i program.rpm
The −i specifies that you want to install program.rpm. To remove the program you just installed from the Linux system, run the rpm command and specify the −e (extract) option with the program name:
# rpm -e program
To determine whether a program is installed, run the rpm command and specify the −q (query) option with the program name:
# rpm -q program
This procedure should feel similar to using the Windows Add or Remove Programs applet. Most Linux systems, such as RHES, provide a GUI front end for RPM, so the similarity is even closer.
Linux differs from Windows in that many distributed Linux applications don't use a standardized packaging format. Typically, these types of applications are distributed in source-code form, and you must compile and install them yourself. Fortunately, most applications that are installed from source code follow the same basic steps in their installation:
Extract the files from the archive by running the tar command (the tar command copies files to or restores files from an archive):
# tar xfz program.tgz
Change the current directory to the directory just created when tar extracted files from program.tgz:
# cd program/
Compile the application by running the following commands:
# ./configure# make# make install
At this point, you're finished installing the application. Because this application didn't use a package manager such as RPM, it might be difficult to remove the application. Typically, you'd first try to run the command
make uninstall
but this method fails more often than not. The only other option would be to manually delete the installed files or to use software that manages applications that are installed from source code.
Go Forth into Linux
Linux and Windows system administrators perform the same sorts of tasks: They manage users, install and remove software, troubleshoot bad network connections, and of course, try to take a break now and then. When you find yourself called on to manage a Linux system in your Windows environment, you'll have some familiarity with essential commands and procedures that you can use to get up to speed in Linux system administration.
About the Author
You May Also Like