Teaching System Administration with Linux
System administration is a vital necessity of any computer system. However, most universities don't teach system administration. So where do people learn how to become system administrators? Basically, they have to learn it on their own. The next logical question is: what enables someone to learn how to do system administration? Our answer: system administration requires a fundamental understanding of how operating systems (OS) and networks operate. However, unlike a traditional computer science operating system or networking course, which teaches low-level (i.e., programming) details, system administration requires only an understanding of theory and fundamentals. For example, you don't have to know about page table layouts to understand how to install and configure swap space.
Here at Grand Valley State University we've developed a course that teaches operating system and networking fundamentals while using system administration as an underlying theme. Our students are information systems majors who would otherwise never learn about the principles of OSes and networking. In the course we cover OS topics such as users, groups, file sharing and processes, along with networking topics such as application layer protocols, the transport layer and network device configuration.
The course has two components: traditional lecture where we teach the concepts and principles of OS and networking, and a lab where the students are able to apply the concepts learned in lecture to a “real-world” environment. Other papers of ours (see Resources) discuss the organization of the course. Our purpose here is to show how Linux is used to support the lab for the course.
The Exploratory Operating System (EOS) lab consists of 24 Pentium IIIs with 128MB RAM, 10GB HD, a floppy and a Zip disk. Each machine is running Red Hat 6.2. The lab is a production environment—it serves as the primary account of most CS and IS majors as well as several faculty. Thus, the lab is not a pure research lab. Real people use the lab every day. Because our lab isn't a dedicated research lab, giving root access to a group of 24 students every semester is out of the question. However, the students require superuser access to perform even the most basic system administration duties.
Our solution is to take advantage of the 100MB Zip disk on each machine to provide a dedicated Linux distribution to each student. Each student creates a boot floppy and a root file system on a Zip disk. With this setup, the student can insert both disks and reboot the machine. The student then has a working Linux distribution all to themselves, and one they are able to administer for themselves. In this environment the student can perform the experiments for the lab that day. When they're finished, they simply shut down the machine, remove their floppy and Zip disks and reboot. The system then comes up in the normal EOS lab configuration.
Currently, the floppy boot disk kernel is based on the 2.2.13 kernel, and no special kernel source modification is required. However, we do configure the kernel (using make xconfig) in two special ways. First, we configure the kernel with SCSI emulation (CONFIG_CHR_DEV_SG and CONFIG_SCSI are set to true). We have IDE Zip disks and run them under SCSI emulation because it seems that the IDE driver doesn't handle large files well.
Our second configuration modification is to disable all access to the hard disk. Remember, we normally run a standard, multiuser Red Hat system in the lab. If we didn't disable access to the hard disk, the student could boot their Zip disk, mount the hard disk and have carte-blanche to make changes (like changing root's password). We disable hard disk access by setting two configuration variables to false, CONFIG_BLK_DEV_IDE and CONFIG_BLK_DEV_HD_IDE.
Other kernel configuration options enable the network device, enable SysV init, etc. Once the kernel is configured, we simply compile it. See the Kernel how-to for more information.
Installing the kernel on a floppy disk is done by creating a new ext2 file system on the floppy (using mke2fs) and copying the kernel to the root of the floppy. The floppy disk also requires a boot block (cp /boot/boot.b /mnt/floppy) and a special LILO configuration shown below:
boot=/dev/fd0 map=/mnt/floppy/map install=/mnt/floppy/boot.b prompt compact timeout=50 image=/mnt/floppy/vmlinuz label=linux root=/dev/sda1 read-only
Our LILO configuration makes the floppy bootable and specifies the /dev/sda1 to be the root disk. Recall that we will be running SCSI emulation, so /dev/sda1 is the Zip disk.
We then run /sbin/lilo -C /mnt/floppy/lilo.conf to install the new LILO image.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- The Death of RoboVM
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide