Duties of a System Administrator

Linux involves much more than merely sitting down and turning on the machine. Linux is quite different from the most popular commercial operating systems in a number of ways, but it is no more difficult to learn.

Make no mistake: Every computer in the world has a system administrator. It may be — and probably is — that the majority of system administrators are probably those who decided what software and peripherals were bundled with the machine when it was shipped. By its very nature as a modern, multiuser operating system, Linux requires a degree of administration greater than that of less robust home market systems. By definition, the Linux system administrator is the person who has “root” access, which is to say the one who is the system’s “super user” (or root user). A standard Linux user is limited as to the things he or she can do with the underlying engine of the system.

Installing and Configuring Servers
In the Linux world, the word “server” has a meaning that is broader than you might be used to. For instance, the standard Red Hat Linux graphical user interface (GUI) requires a graphical layer called XFree86. This is a server. It runs even on a standalonemachine with one user account. It must be configured. (Fortunately, Red HatLinux has made this a simple and painless part of installation on all but the mostobscure combinations of video card and monitor; gone are the days of anguishconfiguring a graphical desktop.). Likewise, printing in Linux takes place only after you have configured a print server. Again, this has become so easy as to be nearly trivial. And Whenever a server is connected to machines outside your physical control, security issues arise. You want users to have easy access to the things they need, but you don’t want to open up the system you’re administering to the whole wide world.

Installing and Configuring Application Software
Since Linux is multiuser operating system. Each user has (or shares) an account on the system, be it on a separate machine or on a single machine with multiple accounts. While it is possible for individual users to install some applications in their home directories — drive space set aside for their own files and customizations — these applications are not available to other users without the intervention of the system administrator.

Creating and Maintaining User Accounts
An account must be created for each user and — you guessed it — no one but the system administrator may do this. That’s simple enough. But there’s more, and it involves decisions that either you or your company must make. To what may specific users have access? It might be that there are aspects of your business that make World Wide Web access desirable, but you don’t want everyone spending their working hours surfing the Web. What to do about old accounts? Perhaps someone has left the company. What happens to his or her account? You probably don’t want him or her to continue to have access to the company network. On the other hand, you don’t want to simply delete the account, perhaps to discover later that essential data resided nowhere else.

Backing Up and Restoring Files
There is a need to back up important files so that in the event of a failure of hardware, security, or administration, the system can be up and running again with minimal disruption. Only the system administrator may do this. Once you’ve decided what to back up, you need to decide how frequently you want to perform backups and whether you wish to maintain a series of incremental backups — adding only the files that have changed since the last backup — or multiple full backups, and when these backups are to be performed — do you trust an automated, unattended process?

Monitoring and Tuning Performance
System tuning is an ongoing process aided by a variety of diagnostic and monitoring tools. Some performance decisions are made at installation time, while others are added or tweaked later. A good example is the use of the hdparm utility, which can increase throughput in IDE drives considerably — but for some highspeed modes a check of system logs will show that faulty or inexpensive cables can, in combination with hdparm, produce an enormity of nondestructive but systemslowing errors.

Configuring a Secure System
For any machine that is connected to any other machine, security means hardening against attack and making certain that no one is using your machine as a platform for launching attacks against others. If you are running Web, ftp, or mail servers, it means giving access to those who are entitled to it while locking out everyone else. It means making sure that passwords are not easily guessed and not made available to unauthorized persons, that disgruntled former employees no longer have access to the system, and that no unauthorized person may copy files from your machine or machines.