No Longer Easy for Sys Admins
Until now, system administrators running Linux have had it fairly easy. But this won't last long. Why? Well, until now Linux has been basically a server OS. The GUI, and therefore window manager, was just a pretty option. But as Linux moves to the desktop, the Linux system administrator's life becomes much more complicated. Now, it's not just a matter of knowing how to configure sendmail, DNS and Apache, but being able to fix GUIs users have managed to break somehow. That means knowing, inside and out, KDE, GNOME, XFCE, TWM, FVWM, MWM, Blackbox, etc. Sure, your present company may dictate KDE and enforce the choice. But another company will push GNOME or any of a dozen other WMs. Then there's the rogue “power user” who knows enough to be dangerous and has installed a private copy of his or her favorite WM. I've looked at the KDE configuration files and I'm awed. My /opt/kde/share/config has more files than /etc. Guess I'll be figuring them out for a while. Then it's on to GNOME. Yes, I know there are GUI config tools for all this. And that's all well and fine when you're standing in front of the system. But when the broken system is on the other end of a 56k dial-up connection, vi is still my tool of choice.
If you must maintain a system with the latest and greatest that's out, then vcheck can be a lifesaver. I don't know of any distribution that will keep libraries and other files up to date except for security reasons. I find that my libraries must be the most current for new software to build. This utility makes it easy. The default configuration will check on your kernel, but adding entries is easy. A quick cron job and you always have the latest software ready for installation. Requires: Perl and Perl modules: LWP::UserAgent, Getopt::Long, File::Copy, HTTP::Request and File::Basename.
While I generally prefer the command line to check disk usage, this particular utility is very nice. What I like about it is that I can put a copy on all my systems, then use ssh's ability to run an application remotely and display it locally (if you have X11 forwarding configured). I can put half a dozen on the screen and keep an eye on all the systems at once. Requires: libgtk, libfdk, libgmodule, libdl, libglib, libXext, libX11, libm, glibc.
ettercap goes beyond the simple (though extremely useful) tcpdump and shows you more about what's happening on your LAN. It can show all traffic between two hosts or can show only web traffic, etc. It also can analyze encrypted traffic and works even on a switched LAN. It can, however, be a little hard on a LAN on startup as it uses an ARP storm to gain LAN information in a switched environment. Of course, there are always command-line options that can be used to override this behavior. Requires: libdl, libform, libncurses, libm, libssl, libcrypto, glibc.
I may be wrong (and often am), but I believe most administrators have at least a little knowledge of Perl. It's just that Perl is so darn useful and simple it's relatively easy to write in. And combined with a lot of powerful modules, so much can be done by those of us with little real programming knowledge. The Perltidy application can help you by making your Perl code a little easier to read. I personally don't always indent. And between writing sessions (write/test/rewrite) I find I occasionally do things differently. Perltidy attempts to clean up all that and more. It's not perfect, but it does make your code more readable. Requires: Perl and the Perl module IO::File.
The gocr program is an attempt to bring optical character recognition (OCR) capabilities to Linux. This program is designed to work with PNG files (faxes) to turn them into ASCII text. I tried a number of different documents and found that, while gocr does work, it is fairly sensitive to the font size and type used. If someone sends you a very fancy fax with italics and fonts in differing sizes, gocr probably won't help much. But a very plain fax using a courier font comes through fairly well. As usual, your mileage may vary. Requires: libpnm, libpgm, libppm, glibc.
This utility will show you bandwidth utilization on your network. Yes, you can use MRTG, but if you don't want to run SNMP and a web server, this will do you well. Most administrators need something to help justify increases in bandwidth or capacity for your LAN, or just to identify the bandwidth hogs. Requires: libpcap, glibc.
If you're running CUPS as your printer software, you might want to look at GtkLP for use in the X Window System. While CUPS comes with a web interface, it's not the quickest way around the CUPS system. GtkLP will get you around much more quickly. The utility is easy to use and allows you to do a number of things much more easily than with CUPS' web interface. Worth a look. Requires: libcups, libgtk, libgdk, libgmodule, libglib, libdl, libXext, libX11, libm, libssl, libcrypto, glibc.
Until next month.
David A. Bandel (firstname.lastname@example.org) is a Linux/UNIX consultant currently living in the Republic of Panama. He is coauthor of Que Special Edition: Using Caldera OpenLinux.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Devuan Beta Release
- May 2016 Issue of Linux Journal
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The US Government and Open-Source Software
- The Humble Hacker?
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide