In our ongoing Linux for Windows Server Administrators article series we’ve touched on Linux services and run levels, as well as Linux file system rights. Now that you know the basics, I’ve compiled a list of essential Linux administration tools that I use on a daily basis, as well as a few useful solutions that deserve a bit more exposure to a wider audience.
Linux administration is often described as a tool building environment where the Linux administrator crafts solutions using the built-in array of tools. Most of the tools an administrator uses on a day-to-day basis are already cooked into the operating system. Linux administration by its very nature is command-line orientated.
Wget is one of those commands that is so useful, that even Windows administrators keep ports of it available for Windows machines. Wget is invaluable when you want to download a file, especially on remote systems that don’t have browsers. Grabbing a file on a system you have a secure terminal on is easy enough. Downloading is as simple as using the command “wget http://www.mywebsite.com/install.iso.” What’s even better is that it supports the resume function, so any broken download connection can be recovered.
Linux as a tool building environment is very true when applied to sed. Sed is short for “stream editor.” Its simplicity belies the awesome power of sed. It can be used for a very simple find and replace on a single file using sed -e s/one/two myfile.txt that will do a find and replace on myfile.txt.
It can be as complex as you wish and even be a complete script in itself. To get the most from sed, a user should understand regular expressions. You can literally write sed scripts that will perform mass text manipulation to get the data into the format you want. It is a huge time saver. Combined with bash, there isn’t much you can’t do!
TCPDump is a Linux TCP packet analysis tool. (Image: Stuart Burns)
TCPDump isn’t an everyday use tool, but is invaluable for when you need to try and troubleshoot why your TCP packets aren’t doing what they should. TCPdump allows you to see real time data flowing out from the host to other machines. You can also save it for later examination and investigation. What is nice is that unlike using Wireshark and such, you can run it on the actual system in question rather than having to go to the trouble of port mirroring the port in question.
Top provides useful data on
applications, processes, and resource utilization. (Image: Stuart Burns)
Top is singularly, without doubt, the most important command on a Linux system. It gives uptime, performance statistics and information, such as what processes are running, how much resource they are consuming, and how hard the CPU is taxed.
Statistics such as %cpu ready are invaluable. A very useful and quick check on general system health is CPU averages. These are 1 minute, 5, and 15 minute averages. The general rule of thumb is that the load should not be more than the sum total of the CPUs, so for example a 2 CPU system running at 1.3 is fine and so on. A very simple check that can save you a lot time.
Nagios is a very advanced, but free product. It is used to monitor not just your Linux environment, but also Windows and just about any other infrastructure you could need. It doesn’t only monitor availability, but also items such as disk space and the availability of just about any service the infrastructure presents.
Although it does take some configuration to get it just right, it is such a valuable tool for monitoring infrastructure. When correctly configured it allows an administrator to spot the issues, sometimes before they even get to the alarm stage, using configured pre-defined alarm thresholds.
SCP (secure copy program) is one of the most essential utilities in the Linux world. It is used to copy files directly between two systems. So what? When setup correctly it can be used to automatically copy files between systems, automatically logging in. Using this feature is great if you need to automate file copies. The great thing is that you only need port 22 open (although external facing systems should perhaps use different port numbers due to the number of automated port scans that SSH on port 22 seems to attract, therefore reducing your exposure slightly.)
Webmin provides a GUI for some Linux administration tasks.
(Image: Stuart Burns)
Not everyone is totally comfortable with the command line. Webmin is a perl-based GUI tool that can be used to manage servers and services. I find it can be useful when configuring often used services that need lots of tweaking. It helps prevent errors from fat fingers. It can be used to manage SAMBA, printing, and other systems in a nice friendly front end.
Watch is a command that not everybody is aware of. It’s name gives away what it does. Some processes and programs don’t echo output to a console. An example is when using mdadm to create software raid setups. The process doesn’t output any useful information.
To view it, a sysadmin needs to cat the file and repeat the catting. Watch fixes this issue. It allows you to automate commands. So a user can see in effect a real time how the a process is running. The watch command can be customised to whatever frequency the user desires.
Another command that perhaps doesn’t get the appreciation it deserves is Visudo. This is the intelligent administrators way to edit the sudoers file. It is basically vi (the built-in editor on a lot of distros) with some intelligence added in, so that it checks the syntax and logic of the visudo file and won’t let you exit the file until you have corrected any logic errors. Again, it is a great saviour against admin fat fingers.