Previous Page | Next Page

  1. Introduction
  2. About Linux
  3. Installation and getting started
  4. Logging in and out
  5. Basic Linux Commands
  6. Linux Files and File Permissions
  7. Linux Directory Structure
  8. Finding Files
  9. Linux Help
  10. Setting Time
  11. Devices
  12. Tips
  13. Accessing Other Filesystems
  14. Accessing Removable Media
  15. Making and Managing Filesystems
  16. Emergency Filesystems and Procedures
  17. LILO and Runlevels
  18. Init
  19. Environment, Shell Selection, and Startu
  20. Linux Kernel
  21. Package Installation and Printing
  22. Configuration, Logging and CRON
  23. Keys and Terminal Configuration
  24. Sound Configuration
  25. Managing Users
  26. Passwords
  27. Process Control
  28. Configuration and Diagnostic Tools
  29. Overall Configuration
  30. Using PAM
  31. Basic Network Setup
  32. Tools and Terms
  33. Novell and Printing
  34. Inetd Services
  35. Xinetd Services
  36. Other Network Services
  37. FTP and Telnet
  38. Samba
  39. Identd (auth)
  40. X Configuration
  41. X Use
  42. Using X Remotely
  43. X Documentation
  44. DNS
  45. DHCP and BOOTP
  46. Apache
  47. NFS
  48. PPP
  49. Mail
  50. Routing
  51. IP Masquerading
  52. Proxy Servers and ipchains
  53. UUCP
  54. News
  55. NIS
  56. Network Security
  57. Secure Shell
  58. Text Processing
  59. Shell Programming
  60. Emacs
  61. VI
  62. Recommended Reading
  63. Credits

Configuration, Logging, and CRON

Linux System Configuration

In the subdirectory "/etc/sysconfig" are groups of files describing your system as follows:

  • mouse - Describes the type of mouse and whether a three button mouse is emulated.
  • keyboard - Describes the keyboard table.
  • network - Describes if this machine supports networking, IP forwarding, sets the host name, sets the gateway, and describes the network interface the gateway will be found on.
  • hwconf - Describes the hardware devices on your system in terms of vendor ID and device ID.
  • init - Defines many initialization items for the system.
  • static-routes - Defines the static routes if your machine is performing routing tasking. See the Networking Guide section on routing.
  • Subdirectories:
    • console - Defines your system keymapping. Normally contains the default.kmap file which is loaded when the system starts.
    • network-scripts - This directory contains files used to configure your ethernet card. such as ifcfg-eth0, ifcfg-eth1, etc. In this file you set your permanent device name, IP address, netmask and other parameters.

For more information on setting these files up and how they are formatted, read "How Linux Works".

The /proc filesystem and the sysctl utility

The /proc filesystem is used to store many system configuration parameters. It is a virtual filesystem that resides in the kernels memory. Some of the areas in this filesystem cannot be written to by the root user including /proc/sys.

To see how much memory linux is using type:
cat /proc/meminfo
or:
free
cat /proc/cpuinfoTo see information about your cpu
cat /proc/interruptsList interrupts in use
cat /proc/versionList Linux version
cat /proc/filesystemsList the types of filesystems in use
lsmodShow the kernel modules currently loaded


The "sysctl" program will list kernel parameters. Type "sysctl -a |more" to see a list of kernel parameters on your system.

For more in depth information on the proc filesystem, read "How Linux Works".

Linux System logging

The system daemon called syslogd is the program used to log system events such as kernel messages, login or logout messages, general system messages, etc. The /etc/syslog.conf file controls where logging information is recorded by syslogd. This file controls where your logfiles are kept. Typically these files are in the "var/log" directory.

My "/etc/syslog.conf" file"

	# Log all kernel messages to the console.
	# Logging much else clutters up the screen.
	#kern.*							/dev/console

	# Log anything (except mail, news and auth) of level info or higher.
	# Don't log private authentication messages!
	*.info;mail.none;news.none;authpriv.none		/var/log/messages

	# The authpriv file has restricted access.
	authpriv.*						/var/log/secure

	# Log all the mail messages in one place.
	mail.*							/var/log/maillog

	# Everybody gets emergency messages, plus log them on another
	# machine.
	*.emerg							*

	# Save mail and news errors of level err and higher in a
	# special file.
	uucp,news.crit						/var/log/spooler

	# Save boot messages also to boot.log
	local7.*						/var/log/boot.log

	#
	# INN
	#
	news.=crit                                        /var/log/news/news.crit
	news.=err                                         /var/log/news/news.err
	news.notice                                       /var/log/news/news.notice

The first field is a facility followed by a "." with the second field being the priority such as "uucp,news.crit" above where the facility is uucp and news and the priority is crit. The last part of each line specifies the name of the log file where that log will be kept. This file does not like spaces in it so use tabs between sections.
Facilities are:

  • authpriv, auth (depreciated) - Security authorization messages
  • cron - The clock daemon (cron and at)
  • daemon - Other system daemons
  • kern - Kernel messages
  • lpr - Line printer subsystem
  • mail - Mail subsystem.
  • mark - For internal use
  • news - Usenet news subsystem.
  • security (depreciated, same as authpriv) - should not be used anymore.
  • syslog - Messages generated internally by syslogd.
  • user - Generic user level messages
  • uucp - UUCP (Unix-Unix copy) subsystem.
  • local0 through local7

The ``authpriv'' facility should be separated from other log data, including attempts to switch users using /bin/su, login attempts, and other user accounting information.

Priority is one of the following with the least severity listed first:

  • debug - Debug level message
  • info - Informational message
  • notice - Normal but significant conditions
  • warning, warn (depreciated) - Warning conditions
  • err, error (depreciated) - Error conditions
  • crit - Critical conditions
  • alert - Action must be taken immediately
  • emerg, panic - System is unusable

An "*" stands for all facilities or all priorities. Many distributions default to only logging the most basic information. You may want to customize system logging for your environment.

Linux Logrotate

Going hand in hand with the system logging capability is the logrotate capability which is used to manage logfiles. The logrotate program is used to rotate, compress, and/or mail system log files. It is normally run from cron. It can be configured with the file "/etc/logrotate.conf" which is specified on the command line when logrotate is run.. The logrotate configuration file on my system is listed below:

	# see "man logrotate" for details
	# rotate log files weekly
	weekly

	# keep 4 weeks worth of backlogs
	rotate 4

	# send errors to root
	errors root

	# create new (empty) log files after rotating old ones
	create

	# uncomment this if you want your log files compressed
	#compress

	# RPM packages drop log rotation information into this directory
	include /etc/logrotate.d

	# no packages own lastlog or wtmp -- we'll rotate them here
	/var/log/wtmp {
	    monthly
	    create 0664 root utmp
	    rotate 1
	}

	/var/log/lastlog {
	    monthly
	    rotate 1
	}

	# system-specific logs may be configured here

Some of the logrotate configuration directives include:

  • daily - log files are rotated every day
  • weekly - log files are rotated once a week.
  • monthly - log files are rotated once a month
  • rotate - The number of times log files are rotated before being deleted or mailed to an address specified in a mail directive.
  • include - Includes a file in this file as though it were in line. If the file is a directory, the files under that directory are included. In my copy above, there are several files under the directory "/etc/logrotate.d" which are used for logging various daemons.
  • create - "create mode owner group". Creates the file with the specified mode, owner and group ids.
  • copytruncate - truncate the original file after creating a copy so programs appending data will not have a problem.
  • compress - Old versions of the log file are compressed with gzip.
  • nocompress - Old log files are not compressed.
  • errors - Any errors during logfile processing are mailed to the address "errors address".
  • mail - When a log is rotated out of existence, it is mailed to the specified address "mail address".

There are many other directives associated with the logrotate program. Type "man logrotate" for more information.

Other system tracking files:

/var/log/wtmp - Binary info on users that have been logged on. The last command uses this info.
/var/run/utmp - Binary info on users currently logged on. The commands who, w, and finger use this info.
/var/log/lastlog - Used by finger to tell when a user was last logged in

Scheduling tasks with CRON

Cron runs commands in the /etc/crontab file, the /etc/cron.d directory, and /var/spool/cron directory that has file names of authorized users in the /etc/passwd file. Cron commands are scheduled in three locations:

  • The directory "/var/spool/cron" with files named after accounts in "/etc/passwd". The format of files here is described in the crontab(1) manpage.
  • The directory "/etc/cron.d". The format of files here is described in the crontab(5) manpage.
  • The file called "/etc/crontab". The syntax of each line in this file is:

minute, hour, day of month, Month, day of week, (user name), command

Months are specified using the numbers 1 through 12. The user name is included it the file is a system crontab file. Some example entries are listed below:

Some example crontab entries are:

*/10 * * * * root /sbin/rmmod -asEvery 10 minutes all unused kernel modules are unloaded.
0 1 * * * find /tmp -atime 3 -exec ls -l {} \;Lists files in /tmp that are 3 or more days old, Run at 1:00
0 12 * * mon,tues,wed,thurs,fri ls -alLists files at noon on weekdays.

Redhat comes with the following entries:

01 * * * * root run-parts /etc/cron.hourlyHourly task list, runs at 1 minute after the hour
02 4 * * * root run-parts /etc/cron.dailyDaily task list, runs at 4:00AM, 2 minutes after the hour
22 4 * * 0 root run-parts /etc/cron.weeklyWeekly task list, runs at 4:00AM, Sunday 22 minutes after the hour
42 4 1 * * root run-parts /etc/cron.monthlyMonthly task list, runs at 4:00AM, On the first of the month, 42 minutes after the hour

Note that for weekly and monthly tasks the number of minutes after the hour is staggered so the system does not try to do all jobs at once. Redhat therefore has the following additional directories each containing files with tasking:

  • /etc/cron.hourly
  • /etc/cron.daily
  • /etc/cron.weekly
  • /etc/cron.monthly

These files are directories. Therefore you can place any executable program in one of these directories and it will be run as scheduled above.

There is a crontab program which can be used to install, de install, or list tables used to drive cron. It has the same name as the configuration file, but is a binary program. You will see this if you type "whereis crontab".

Cron runs the following on my system:

  • cron.hourly
    1. In the file "inn-cron-nntpsend" the command "/sbin/chkconfig innd && su - news -c /usr/bin/nntpsend" is run to support internet news service.
  • cron.daily
    1. In the file "inn-cron-expire" the command "/sbin/chkconfig innd && su - news -c "/usr/bin/news.daily delayrm" " is run.
    2. In the file "inn-cron-expire" the command "/sbin/chkconfig innd && /usr/bin/rnews -U" is run.
    3. In the file "logrotate" the command "/usr/sbin/logrotate /etc/logrotate.conf" is run.
    4. In the file "makewhateis.cron" a file "/var/lock/makewhatis.lock" is created to keep the cron scripts from stepping on each other. Do a man on makewhatis for more info.
    5. In the file "slocate.cron" the command "/usr/bin/slocate -u -f "nfs,smbfs,ncpfs,proc,devpts" -e "/tmp,/var/tmp,/usr/tmp,/afs,/net" " is run to update the file location database.
    6. In the file "lsrnpull-expire" the command. Do a "man slrnpull" for more info.
    7. In the file "tetex.cron" TeX formats not used for 10 days are removed. "man tmpwatch"
    8. In the file "tmpwatch"
  • cron.weekly
    1. In the file "makewhateis.cron" a file "/var/lock/makewhatis.lock" is created to keep the cron scripts from stepping on each other. The makewhatis command updates the apropos database which is the database used when the command "man -k" is used. For more information, type "man whatis" or "man apropos".
  • cron.monthly contains no files

The system administrator can schedule tasks by adding entries to the /etc/crontab (see crontab(5)) file or on Redhat Linux, by adding entries in one of the cron.hourly, cron.daily, cron.weekly, or cron.monthly files. Users may be able to schedule cron jobs if the system is configured to allow it. If neither of the /etc/cron.allow nor the /etc/cron.deny files exist, either all users will be able to run cron commands or no users will be able to do it. If /etc/cron.allow exists, the user must be listed there in order to use cron commands. If /etc/cron.deny exists, the user must not be listed here or they will be unable to use cron.

One useful entry you can put in the /etc/cron.weekly directory in a file named something like "cleanold.cron" is:

find /var/spool/myspools -mtime +33 -exec rm -f {} \;

This entry will remove all files in the /var/spool/myspools directory whose data was changed more than 33 days ago.

The user (if allowed) can schedule cron tasks by following the below procedure:

  1. Make a crontab file called for example "mycron".
  2. Use the crontab(1) command to submit the command(s) to cron by typing "crontab mycron".
  3. You can view what you have installed by typing "crontab -l".

crontab commands:

crontab -eStarts vi session by default to edit your crontab file. To use emacs as your editor, type "export VISUAL=emacs" before typing this command. When you exit the editor, the modified crontab is installed automatically.
crontab -rRemoves your crontab entry from the /var/spool/cron directory. Does not erase your original crontab file.
crontab -lLists all the user's cron tasks.

To use emacs, type "export VISUAL=emacs" before starting crontab.