Notifying users on system-related issues (20)

Candidates should be able to notify the users about current issues related to the system.

6.3.1 Key Knowledge Areas

Automate communication with users through logon messages Inform active users of system maintenance

6.3.2 Terms and Utilities

• /etc/issue

• /etc/issue.net

• /etc/motd

• wall

• /sbin/shutdown

6.3.3 The

/etc/issue

/etc/issue.net

/etc/motd

These files are simply plain text files, used to communicate a simple, and usually very short message to the user. The file /etc/issueis displayed at the moment before authentication begins, whereas the file /etc/motd (Message of the Day) file is displayed once a user has been authenticated. Typically, the /etc/issue will contain something like a host identification, for example “Welcome to Production Server hostname, running O/S xxx, and Oracle version xxx”. In today’s ultra security aware production environments, where we try to help a potential hacker as little as possible, it has become the trend to simply issue some kind of warning, for example “Warning: Authorized users only”. The only difference between /etc/issue, and /etc/issue.netis that /etc/issue.net is displayed when the inbound connection has a remote source. It should be noted that these files are used only by authorisation techniques employing login, for example telnet, which in security aware environments is often restricted, in favour of ssh for example, which does not use the issue files.

As mentioned before, /etc/motd is displayed once authentication has been established. It can be used to remind users of a particular upcoming system event. For example “Server going down for maintenance at 6pm this evening.”. In medium and large environments, its use has become somewhat irrelevant, and this is particularly so where single sign on techniques are employed that employ login methods that may not even show the messsage anymore. It can create confusion when it is not updated properly and its phrasing is unprecise, like in our example above.

6.3.4 The wall command

wall is used to broadcast a message of at most 22 lines to all interactive terminals. By default the command can be used by any user, but often is reconfigured so only root can use it. A user not wishing to receive broadcast messages may use the mesg to write disable their terminals. The broadcaster may use the finger command to see which terminals are write disabled.

You can specify two options with the wall command: the -n option, which only works for the root user and the message itself.

The -n suppresses the standard broadcast banner and replaces it with a remote broadcast banner. This option has meaning only when wall is used over the rpc.walld daemon. The second argument, the message itself can also be typed on stdin, in which case it must be terminated with an EOF (end of file, in most cases Ctrl+D).

6.3.5 The shutdown command communication.

As its name suggests, the shutdown command is used to shutdown a server gracefully, stepping down through the run level kill scripts, and optionally halting, or rebooting the server. The shutdown command itself is not discussed here, and this small section explains only the communicative steps that shutdown takes before, and during the system shutdown.

The last argument to the shutdown may optionally be used to broadcast some custom message explaining the purpose of the shutdown, and when it is expected to be returned to production. For example:

# shutdown -H +10 Server halting in 10 minutes for change change number. Expected up at ←-00:00:00.

Shutdown can be used with the -k. This makes shutdown do a ’dry-run’: it emulates the shutdown, but does NOT shut down the system.

When you use the -k options you can append broadcast messages as part of the command line too, like in a “real” shutdown.

Note

Please note thatshutdown-kwill still temporarily disallow user logins as it will create the/etc/nologinfile. It will be removed after the ’dry run’ but your users will not be able to log in into the system as long as it is there.

In the event that a running shutdown needs to be cancelled, the shutdown may be called with the -c option, and again a broadcast message added to the command line to inform the users of the U-turn. As with all forms of message broadcasts, the receiving terminals must be write enabled.

6.4 Questions and answers

System Maintenance

1. Which GNU tar parameter supports processing a bzip2 compressed file?

The parameter j is used for processing bzip2 compressed files.Uncompress tarballs[126]

2. What is most often the reason for a configure command to exit prematurely?

In case a required dependency is missing. However, in case only an optional dependency is missing, it will just disable compilation of that particular dependency.Check for optional and mandatory dependencies[126]

3. According to GNU standards, an application will install by default into which directory?

Without optional arguments passed to the configure or the make install commands, the application will install into the /usr/local/directory.Default install directory[126]

4. In general you would rather back up more than less. Which filesystems are major exceptions and can be skipped all together?

The /proc and /sys filesystems contain information about the state of the kernel and can therefore be skipped. What not to back-up[129]

5. How often should you back up your system?

The frequency of your backup should be in pace with the amount of new data you create within a given timespan. If it is a lot, or very hard to recreate, consider a brief interval between backups.When to back-up?[129]

6. Why is network attached storage not preferred for long term backup and archives?

Long term backups are hardly ever used and, if so, no instant recovery is expected. Knowing this, power costs should be taken into consideration as these systems are always up and running.Networked storage as backup medium[131]

7. Why would rsync be a backup utility to be considered if bandwidth between the local and the remote destination is low?

rsync optimizes the use of bandwith by not only compressing traffic, but also to consider not copying files if not needed and to do this for parts of large files as well.Keeping required bandwith low[131]

8. Why would you use AMANDA (Advanced Maryland Automatic Network Disk Archiver) when backing up a large number of systems running different versions of Linux and Unix?

AMANDAuses native utilities and formats and will most likely support multiple versions of Linux and Unix and be able to allow moving backup files across systems.Backup solutions[132]

9. Does pinging a system furnish enough information in order to decide whether a system is on-line or not?

No, as a firewall might be blocking ICMP echo requests. The same could also be blocking the replies.Ping can be blocked [115]

10. When will a message within the file named /etc/issue be presented to the user?

Before authentication occurs in case the command login is used for logging in. Most clients for logging in will not use login in the end, telnet , however, does.Presenting /etc/issue[133]

Chapter 7