Lecture 2

Server Administration
-System Component-
 Lecture 2 System Component

Goal: Assemble Component of a human

Computer Community
System Definition
Hardware Handling
Operating System
Filesystems
Process & Job Control
Ipv6 Networks
 What is the System

In System Administration:
Word System is used to refer both the operating system of a
computer and often, collectively the set of all computers that
cooperate in a network.
Human-computer system ?
An Organized Colaboration between humans and Computers
to solve a problem or provide service.
Network Infrastructure:
Human
Host Computer
Network Hardware
Layer 1,2,3 Devices
Human Computer System (depedencies)
 Hardware Handling

To be a system administrator it is important to have a

basic appreciation of the frailties and procedures
surrounding hardware
All electronic equipment should be treated as highly
fragile and easily damaged, regardless of how sturdy
it is. Today we are far too blas towards electronic
equipment.
 Hardware Handling

DO NOT! Insert / Remove Power Chords without ensuring it

switched off
Read Manuals
Interfaces & Connectors
Handling Components (Conductive wrist strap)
Disk (Common Disk Types)
SCSI (Small computer Software interfaces )
SCSI 1, SCSI 2, Wide SCSI, SAS (Hotplug), Etc
SCSI Controller Usually Connected to PCI BUS
IDE (Integrated Drive Electronics)
ATA ( Advance Technology Attachment )
 Hardware Handling

Memory
Different sizes, Different Speed
When Purchasing a Memory Please remember :
Physical Size of the Memory Plugins ( Choose the appropriate socket)
Capacities & Data Rates
ECC RAM Tolerant from external noises
RAM Slots Particulary Order
 Another Aspect of Hardware

Lightning
Fuse ? Transistor & CMOS Chips burn out much faster than any fuse
Electronic Spike/ Surge Protectors
Power
UPS
Heat
Metals Expand the Heat Significantly
Increased Temperature Increased Noise Level Reduce Network
Capacities
Cold
Sudden change from hot to cold Chip Damage
Humidity
Static Electricity builds up
 Operating Systems

OS Key Element
Technical Layer of Software
Driving Hardware in Computers
Filesystem
Provides a way for organizing files logically
User Interface
Enables users to run their own programs and manipulate their files in a
simple way
 Operating Systems

Core Software Systems

Kernel : Responsible to allocating and sharing resources
Assisted by Supporting Services (Paging, RPC, FTP, WWW,
Etc)
Distributed OS
Escaping the hardware boundaries
Network Operating Systems
 Operating Systems

Distinguish OS & GUI

Windowing System is GUI
OS Share resources and provides functionality
The Issue arises when
OS Can have any number of different Windowing Interfaces
 Operating Systems

Multiuser OS
Allow multiple users to share the resource in a single host
Protected by Unique Identity
Username
Private Login Area
Simulate Virtual Workstations for each users
 Operating System

The Legacy Of Insecure OS

Home computer revolutions Network revolution
Traditional OS not addressing security issues
No Limits on what a determined user can do
Slowly replaced by an OS designed with resource
sharing (including networking)
 Operating Systems

Securable OS
Unix and NT secure ?
By Its Nature security is not an achievable goal
Aspiration that includes accepted level of risk
Mechanism basic level preventive security possible
Why Windows, DOS, Macintosh are so susceptible to virus
attacks?
Properly configured and bug free Unix/NT (ownership,
permissions)
 Operating Systems

Shell or Command Interpreters

Todays common OS provide graphical window systems for all
kinds of tasks
Poorly suited to system administrations
Shells write simple programs called scripts or batch files, its
simplify repetitive administrative tasks
 Operating Systems

Logs And Audits

List of transactions which have taken place
Go back and see what happened in a given time
Full systems auditing vast amount of disk spaces
Auditing Issue in connection with security
Non-repudiation
 Operating Systems

Privileged accounts
Unix : root / super user
Windows : Administrator (doesnt have automatic access to
everything such does root)
Administrator & root accounts should never be used for normal
work (Too Much Power)
Behind every great powers, come a great responsibility
Unix Like and Windows Computer
Unix Like and Windows Computer
 Filesystem

Very heart of what system administrations about

Unix Filesystems
Hierarchical filesystem
Directories and subdir form a tree
Index node/ inode stored in special part of an OS
Inode contain an extensible system of pointers to the
actual disk block
Inode contains essential information needed to locate a
file on the disk
/
 Unix / Unix like file hierarchy

Hierarchical Filesystem /export (diskless clients)

/ /dev (devices nodes)
/bin (executable)
/home (separate login files)
/etc
/usr (application)
/root
/usr/bin (OS executable) /var (spooling & log)
/usr/sbin
/usr/local/ (user custom software)
/sbin (system binaries)
/sys (build the system kernel)
 Symbolic link & Hard link

Symbolic link
Alias to another file
(ex:unix ln -s fromfile /other/directory/tolink )
Hard link
Duplicate directory from an inode in filesystems
ex: unix
% date > hardfile ( create the file )
% ls -l -rwx-xr-x 1 john users 605 Nov 18 12:25 hardfile
% ln hardfile project/hardfile2
% ls -l projects/hardfile2 -rwx-xr-x 2 john users 605 Nov 18 12:25
hardfile
Ignored by filesystem designers

22
A. User A then decides whether or not other u ser s can r ead, wr ite or execu te the
le by setting the protection bits or the permission of the le u sing the command
chmod.
File access control
In addition to u ser identities, ther e ar e gr ou ps of u ser s. The idea of a gr ou p is
that sever al named u ser s might want to be able to r ead and wor k on a le, withou t
other u ser s being able to access it. Ever y u ser is a member of at least one gr ou p,
called the login group and each gr ou p has both a textu al name and a nu mber
Restrict
(group privilege
id). The uid and to gid
filesofoneach ser is r ecor ded in the le /etc/passwd (see
the usystem
chapter
Unix 6). Member
records ship of other
information ( whogr ou ps is &
create r ecor ded intothe
allowed le /etc/group or on
access)
some systems /etc/logingroup.
The
Username (uid),
following login
ou tpu name
t is fr om the(text string) ls -lag execu ted on a Su nOS type
command
machine.

lrwxrwxrwx 1 root wheel 7 Jun 1 1993 bin -> usr/bin

-r--r--r-- 1 root bin 103512 Jun 1 1993 boot
drwxr-sr-x 2 bin staff 11264 May 11 17:00 dev
drwxr-sr-x 10 bin staff 2560 Jul 8 02:06 etc
drwxr-sr-x 8 root wheel 512 Jun 1 1993 export
drwx------ 2 root daemon 512 Sep 26 1993 home
-rwxr-xr-x 1 root wheel 249079 Jun 1 1993 kadb
lrwxrwxrwx 1 root wheel 7 Jun 1 1993 lib -> usr/lib

23
 File access control

Restrict privilege to files on the system, create

Read, write dan execute
CHMOD (Change Mode)
CHOWN (Change Owner)

24
 File access control (cont)

CHMOD Change permissions or mode of file

chmod a+w myfile
chmod +x myfile
Chmod 755 *
Chown & chgrp Change user & group ownership
Ex : chown mark ~mark/testfile
Chgrp www ~mark/www/tmp/cgi.out
Chown mark.www ~mark/www/tmp/cgi.out
Umask change default permissions for files & directories (how to calculate
?- Simple)
Umask 022 default permission for file is 666-022 =644
Umask 022 default permission for directories is 777-022=755
Umask 077 file = 600
Umask 077 directories = 700

25
 Access Control List

Modern replacement for file mode & Permissions

 Windows file model

File system layout

DOS Legacy A: B: C: D:
NTFS (NT Filesystem) hirarkial file system file dan direktori
Direktori memiliki owner tapi tidak ada group membership
%SystemRoot% biasanya C:
Links dan shortcut
Access Control List

27
 Network Filesystem Models

NFS SUN Open standard Unix

How local storage accessed but over a network
ONC RPC (Open Network Computing Remote Procedure Call)
 to the mou nt command. This is not a perfect solu tion, bu t it work s.

2 .5 Processes and job control

Process & Job control

Unix process model
On a mu ltitask ing compu ter, all work on a ru nning program is performed by
an abstraction called a process. This is a collection of resou rces su ch as le
handles, allocated memory, program code and CPU registers that is associ-
ated with a speci c ru nning program. A cu rsory overview of variou s operat-
ing system models for ru nning programs follows. On modern operating sys-
tems, processes can contain many concu rrent threads which share program
resou rces.

Users start process

2 .5 .1 T he Unix process model
from a shell command line/ click icon in a
Unix starts new processes by copying old ones. Users start processes from a shell
windows manager command line interface program or by click ing on icons in a window manager.
Every Unix process has a process ID (PID) which can be u sed to refer to it, su spend
Every unix process
it or k have a PID (Process ID), PS Command
ill it entirely.
A back gr ou nd process is started from a shell u sing the special character & at
Background process (Start from a shell using the special char &)
the end of the command line.

find / -name *lib* -print >& output &

Child Process & The
Zombies
nal & at the end of this line means that the job will be ru n in the back grou nd.
Note that this will not be confu sed with the redirection operator >& since it mu st
When processbestart child of
the last non-whitespace the original
character of the command. The command above look s
for any les in the system containing the string lib and writes the list of les to a
Form a hierarchis
le called output.
If we want to see what processes are ru nning, we can u se the ps com-

When child killed

mand. ps withou t any argu ments lists you r cu rrent processes, i.e. all processes
owned thenby the ubecomes defunct/zombies
ser identity you logged in with that are connected to the shell
you are cu rrently u sing. ps tak es many options, for instance ps auxg will
list all u ser processes in detail on BSD-lik e systems, while ps -efl will pro-
vide a similar, if not entirely compatible, listing on System V-lik e systems.
Some Unix-lik e systems su pport both the BSD and System V ags to the ps
command.
Processes can be stopped and started, or k illed once and for all. The kill
command does this and more. In fact, it sends generalized signals to ru nning
processes, not only the k ill signal. There are two versions of the kill command.
One of them is bu ilt into the C-shell and the other is not. If you u se the C-shell
then you will never care abou t the difference u nless the process table is fu ll. We
shall nonetheless mention the special featu res of the C-shell bu ilt-ins below. The
k ill command tak es a nu mber called a signal as an argu ment and another nu mber
 to the mou nt command. This is not a perfect solu tion, bu t it work s.

2 .5 Processes and job control

Process & Job Control

On a mu ltitask ing compu ter, all work on a ru nning program is performed by
an abstraction called a process. This is a collection of resou rces su ch as le
handles, allocated memory, program code and CPU registers that is associ-
ated with a speci c ru nning program. A cu rsory overview of variou s operat-
ing system models for ru nning programs follows. On modern operating sys-
tems, processes can contain many concu rrent threads which share program

Environment Variables resou rces.

2 .5 .1 T he Unix process model

Text String Variables
Unix starts new processes by copying old ones. Users start processes from a shell

Set by users in shell

command line interface program or by click ing on icons in a window manager.
Every Unixenv process has a process ID (PID) which can be u sed to refer to it, su spend
it or k ill it entirely.
Configuration information to software
A back gr ou nd process
the end of the command line.
is started from a shell u sing the special character & at

find / -name *lib* -print >& output &

The nal & at the end of this line means that the job will be ru n in the back grou nd.
Note that this will not be confu sed with the redirection operator >& since it mu st
be the last non-whitespace character of the command. The command above look s
for any les in the system containing the string lib and writes the list of les to a
le called output.
If we want to see what processes are ru nning, we can u se the ps com-
mand. ps withou t any argu ments lists you r cu rrent processes, i.e. all processes
owned by the u ser identity you logged in with that are connected to the shell
you are cu rrently u sing. ps tak es many options, for instance ps auxg will
list all u ser processes in detail on BSD-lik e systems, while ps -efl will pro-
vide a similar, if not entirely compatible, listing on System V-lik e systems.
Some Unix-lik e systems su pport both the BSD and System V ags to the ps
command.
Processes can be stopped and started, or k illed once and for all. The kill
command does this and more. In fact, it sends generalized signals to ru nning
processes, not only the k ill signal. There are two versions of the kill command.
One of them is bu ilt into the C-shell and the other is not. If you u se the C-shell
then you will never care abou t the difference u nless the process table is fu ll. We
shall nonetheless mention the special featu res of the C-shell bu ilt-ins below. The
k ill command tak es a nu mber called a signal as an argu ment and another nu mber
 Network Environment

OSI Layer
IP Address
Subnet & Broadcast
Interface Settings
ARP
NAT
 IPv6

2001:0700:0700:0004:0290:27ff:fe93:6723
2001:700:700:4:290:27ff:fe93:6723
 Assignment

Silahkan Spesifikasi Server dengan minimum configuration sebagai berikut:

4 Server dengan Xeon 2.4 GHz
RAM ECC-DDR 3 Max 192 GB
Harddrive SCSI
Support Unix/Linux
Gigabit Ethernet
Sertakan harga, usahakan seminimum mungkin (cantumkan harganya dan dimana
belinya)
Full equipped misalkan max hard drive , max DDR 3 RAM
Rak dan UPS
Catatan:
Kumpulkan sampai tanggal 23 sept jam 23.59
Tugas kelompok
Subject: Tugas1AdserA_KOM_[NamaKetuaTim]
Dikumpulkan ke [email protected] atau [email protected]
 Thanks

Thanks and see you next week