Chapter 12.

System Initialization, Message Logging, and System Tuning

System Initialization (init/systemd):

Configure the default runlevel or target for system boot.

1.View the current default target:

systemctl get-default

2.Change the default target:

sudo systemctl set-default multi-user.target

3.Verify the changes:

systemctl get-default

4.Additionally, we can reboot the system to ensure it boots into the newly configured
default target:

sudo reboot

Create a custom systemd service unit file for a specific application or task.

Create the Service Unit File:

1.using the nano editor:

sudo nano /etc/systemd/system/myapp.service

2.Define the Service Unit:

//Unit
Description=My Custom Service
After=network.target # Specify any dependencies here

//Service
Type=simple # Type of service (simple, forking, etc.)
ExecStart=/path/to/your/application # Command to start your application
WorkingDirectory=/path/to/your/application/directory # Working directory for your application
Restart=always # Restart the service if it exits
User=myuser # User to run the service as
Group=mygroup # Group to run the service as
Environment="ENV_VAR=value" # Optionally set environment variables

//Install
WantedBy=multi-user.target # Specify the target to install the service

3.Save and Close the File

4.Reload systemd and Enable the Service:

sudo systemctl daemon-reload

sudo systemctl enable myapp.service

5.Start or Restart the Service:

sudo systemctl start myapp.service

Or
sudo systemctl restart myapp.service

6.Check the Status and Logs:

sudo systemctl status myapp.service

sudo journalctl -u myapp.service

Set up automatic login for a specific user at system startup.

1.Edit the LightDM Configuration:

sudo touch /etc/lightdm/lightdm.conf

sudo nano /etc/lightdm/lightdm.conf

2. Add Autologin Configuration:

//SeatDefaults
autologin-user=your_username
autologin-user-timeout=0

3.Save and Close the File:

Save the changes to lightdm.conf and exit the text editor.

4. Restart LightDM:

sudo systemctl restart lightdm

Configure the system to run a script or command at boot time using systemd.

1.Create the Script

First, writing script (e.g., /path/to/my/startup.sh). Making sure the script has proper permissions to be
executed (by using chmod +x /path/to/my/startup.sh)
2.Create a systemd Service Unit File:

sudo nano /etc/systemd/system/my-startup-script.service

3. Add Service Unit Configuration:

//Unit
Description=My Startup Script

//Service
Type=oneshot # Run script once at boot
ExecStart=/path/to/my/startup.sh # Replace with your script path
User=your_username # Optional, specify user to run the script under

//Install
WantedBy=multi-user.target # Adjust based on your target needs

Message Logging (syslog/rsyslog):

Configure syslog/rsyslog to log messages to a remote server.
1.Edit the main rsyslog configuration file

sudo nano /etc/rsyslog.conf

2.Adding a line similar to the following, replacing <server_ip> with the IP address of your remote
syslog server and <facility>.<level> with the desired facility and log level to send

*.* @remote_server_ip:514

Filter and redirect specific log messages to separate log files.

1.Use facility and level selectors to filter messages:

authpriv.warn /var/log/auth.warn
local7.*

Or

Using rules in your syslog/rsyslog configuration file to specify which logs should be
redirected.

if $programname == 'your_program' then /path/to/your_log_file.log

Set up log rotation to manage log file sizes and ensure proper log file maintenance.
 1.Edit the logrotate configuration file:

sudo nano /etc/logrotate.conf

2.Create a configuration file for your log rotation in /etc/logrotate.d/.

/path/to/your_log_file.log {
size 100M
rotate 10
compress
missingok
notifempty
}

Customize syslog/rsyslog settings to include or exclude specific log messages.

1.Using the :msg selector to match specific messages by content:

kern:pipeline.* /var/log/kernel_pipeline.log

2.Negate selectors with ! to exclude messages:

!authpriv.* /var/log/messages

System Tuning:
Optimize network settings for better performance, such as adjusting TCP/IP stack parameters.

# Increase TCP window size

net.ipv4.tcp_window_scaling = 1
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216

Adjust file system parameters for improved disk I/O performance, such as adjusting the disk
scheduler or file system mount options.

echo deadline > /sys/block/sda/queue/scheduler

/dev/sda1 /mnt/data ext4 defaults,noatime 0 2

Configure kernel parameters to optimize memory usage, process scheduling, or other system
behaviors.

# Set swappiness to 10
vm.swappiness = 10

Monitor system performance using tools like top, vmstat, or sar, and make appropriate tuning
adjustments based on the observed metrics.
• Utilizing tools like top, vmstat, sar, iotop, nethogs, etc., to monitoring system performance metrics
such as CPU, memory, disk I/O, and network utilization.
• Analyzing the output of these tools to identify performance bottlenecks and areas for improvement.

Implement security-related tuning, such as hardening the system against various types of
attacks or vulnerabilities.

PermitRootLogin no
PasswordAuthentication no

Kernel Module Management:

Load/unload kernel modules manually.

To load a module:

sudo modprobe module_name

To unload a module:

sudo modprobe -r module_name

Configure kernel modules to load automatically at boot time.

Add a module to load at boot time:
1.Open /etc/modules file in a text editor with root privileges.
sudo nano /etc/modules

2.Add the name of the module you want to load at boot time on a new line.
3.Save the file and exit the text editor.

Blacklist kernel modules to prevent them from loading automatically.

1.Open /etc/modprobe.d/blacklist.conf file in a text editor with root privileges.

sudo nano /etc/modprobe.d/blacklist.conf

2.Add a line at the end of the file in the following format:

blacklist module_name

3. Save the file and exit the text editor.

Resource Management (CPU, Memory, I/O):

Set CPU affinity for specific processes or groups of processes.

taskset -cp <cpu_list> <pid>

pgrep -f <pattern> | xargs -I{} taskset -cp <cpu_list> {}
Configure memory limits using cgroups or other mechanisms to control memory usage
by specific processes.

# Create a cgroup
sudo cgcreate -g memory:mygroup

# Limit memory usage for a process

sudo cgexec -g memory:mygroup <command>

Tune I/O scheduler settings to optimize disk I/O performance for different workload
types.

# Check current scheduler

cat /sys/block/<device>/queue/scheduler
# Change scheduler (e.g., to deadline)
echo deadline > /sys/block/<device>/queue/scheduler

Network Tuning:
Adjust network buffer sizes to optimize network performance.

sudo sysctl -w net.core.rmem_default=<value>

sudo sysctl -w net.core.rmem_max=<value>
sudo sysctl -w net.core.wmem_default=<value>
sudo sysctl -w net.core.wmem_max=<value>

Configure TCP/IP stack parameters, such as TCP window size or congestion control
algorithms, to improve network throughput and latency.

Change TCP window size

sudo sysctl -w net.ipv4.tcp_window_scaling=1
sudo sysctl -w net.ipv4.tcp_wmem=<min> <default> <max>
sudo sysctl -w net.ipv4.tcp_rmem=<min> <default> <max>

Change TCP congestion control algorithm

sudo sysctl -w net.ipv4.tcp_congestion_control=<algorithm>

Implement Quality of Service (QoS) policies to prioritize network traffic for critical
applications or services.

sudo tc qdisc add dev <interface> root handle 1: htb default 12

sudo tc class add dev <interface> parent 1: classid 1:1 htb rate <rate>

sudo tc class add dev <interface> parent 1:1 classid 1:12 htb rate <rate>
 sudo tc class add dev <interface> parent 1:1 classid 1:11 htb rate <rate>

sudo tc filter add dev <interface> parent 1: protocol ip prio 1 u32 match ip dport <port>
0xffff flowid 1:11

Chapter 13. Basic Storage Partitioning

Identify the Disk:

Determine the disk you want to partition by using the lsblk or fdisk -l command.

Determine the disk you want to partition by using the lsblk or fdisk -l command.

lsblk-l
fdisk -l

Select a Partitioning Tool:

Linux provides several partitioning tools, including fdisk, parted, and gdisk. Choose the one
you're comfortable with.

Launch the Partitioning Tool:

Launch fdisk with the disk you want to partition.

Create Partitions (inside fdisk)

Once inside fdisk, use the following commands:
• Type n to create a new partition.
• Choose the partition type (primary, extended, logical).
• Specify the starting and ending sectors for the partition.
• Repeat this step if you want to create multiple partitions.

Set Partition Types

Format Partitions:
After partitioning, you need to format the partitions with a file system

Mount Partitions:
Finally, mount the formatted partitions to directories in the file system.

mkfs.ext4 /dev/sda3

Configure Automatic Mounting (Optional):

To ensure partitions are automatically mounted at boot, add entries to the /etc/fstab file. This file
contains information about partitions and their mount points.