User:Hess0060: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
No edit summary
Line 1: Line 1:
==Advanced Storage Configuration==
Printer Administration
*You can choose from many different advanced storage technologies.
Common UNIX Printing System (CUPS) is a printing system used by Linux
*The book focuses on SCSI and RAID
computers. Information that will be sent to a printer is called a print job.
The lp command is used to specify and print the print job. To check the status
of a printer(s) the lpstat command is used. The cups daemon (cupsd) will
assign all print jobs a unique print job ID and put them in the print queue.
The print queue is a special temporary directory where the print jobs are
stored before being sent to the printer. The path of the queue is usually
/var/spool/cups on most Linux systems. If the printer is accepting print jobs,
the cupsd will put the print job in to the queue. This is called spooling or
queuing.
Adding the –t option shows all the printers and there statuses on the system.
kevin@kubuntu1:~$ lpstat -t
scheduler is running
system default destination: Samsung-ML-2152W
device for Samsung-ML-2152W: smb:///192.168.0.195
Samsung-ML-2152W accepting requests since Tue 17 Jan 2012 11:25:40 PM CST
printer Samsung-ML-2152W is idle. enabled since Tue 17 Jan 2012 11:25:40 PM
CST
kevin@kubuntu1:~$
To manipulate the status of a printer by using the cupsaccept, cupsreject,
cupsenable, or cupsdisable commands.
kevin@kubuntu1:~$ cupsaccept Samsung-ML-2152W
kevin@kubuntu1:~$ cupsdisable Samsung-ML-2152W
kevin@kubuntu1:~$ lpstat -t
scheduler is running
system default destination: Samsung-ML-2152W
device for Samsung-ML-2152W: smb:///192.168.0.195
Samsung-ML-2152W accepting requests since Fri 23 Mar 2012 11:35:18 AM CDT
printer Samsung-ML-2152W disabled since Fri 23 Mar 2012 11:35:18 AM CDT -
Paused
kevin@kubuntu1:~$
The –r option is used to give a reason why the printer’s status is set as
such.
kevin@kubuntu1:~$ cupsdisable Samsung-ML-2152W -r "OMG the printer is on fire"
Samsung-ML-2152W
kevin@kubuntu1:~$ lpstat -t
scheduler is running
system default destination: Samsung-ML-2152W
device for Samsung-ML-2152W: smb:///192.168.0.195
Samsung-ML-2152W accepting requests since Fri 23 Mar 2012 11:35:18 AM CDT
printer Samsung-ML-2152W disabled since Fri 23 Mar 2012 11:35:18 AM CDT -
OMG the printer is on fire
kevin@kubuntu1:/$
Use the lp command to print.
kevin@kubuntu1:/$ lp -d Samsung-ML-2152W /home/kevin/Documents/reports
request id is Samsung-ML-2152W-2 (1 file(s))
kevin@kubuntu1:/$
Other options can be added to the lp command as shown.
Option
Description
−d printername
Specifies the name of the printer to send the print job to
−i print job ID Specifies a certain print job ID to modify
−n number Prints a certain number of copies, where number can be any
          number
−m Mails you confirmation of print job completion
−o option Specifies certain printing options. Common printing
          options include the following:
          cpi=number—Specifies the number of characters per inch,
          where number is the number of characters
          landscape—Prints in landscape orientation
          number-up=number—Prints the number of pages on a single
            page, where number is 1, 2, or 4
          sides=string—Sets double-sided printing, where string is
            either ”two-sided-short-edge” or ”two-sided-long-edge”
To print a list of all users logged in, pipe the who command to the lp
command.
kevin@kubuntu1:/$ who | lp -d Samsung-ML-2152W
request id is Samsung-ML-2152W-4 (0 file(s))
kevin@kubuntu1:/$
To remove all print jobs from a specific user, add the –u <username> before
the cancel command. To remove all print jobs use the –a as shown.
kevin@kubuntu1:/$ cancel -a
kevin@kubuntu1:/$ lpstat
kevin@kubuntu1:/$
The Line Printer Daemon (LPD) is an alternative to CUPS, that is used by older
Linux systems. The LPD commands can be used in CUPS.
LPR command =
print documents
LPC command =
view printer status
LPQ command =
see jobs in the queue
LPRM command =
remove job form queue
You can find the cupsd configuration file in the /etc/cups/cupsd.conf
directory. The /etc/cups/printers.conf contains settings about the specific
printer.
The command system-config-printer will launch a GUI-based program; the Printer
Configuration tool. This program lets you add printers with Plug and Play
(PnP) or specify the Uniform Resource Identifier (URI). Hewlett-Packard
JetDirect, Internet Printing Protocol (IPP), Line Printer Daemon (LPD or
Windows (SAMBA) allows you to print to a printer across the network. From the
Printer Configuration tool you are also able to give users and groups
permission to print to specific printers.
You can use CUPS to administer and remotely administer printes through a web
browser. To open the CUPS web-based control panel, navigate to
http://servername:631.


===SCSI Hard Disk Configuration(Small Computer System Interface)===
==Log File Administration==
“designed as a way to connect multiple peripherals to the system in a scalable, high-speed manner.”
Other types of SCSI disk configurations and technologies available,
Parallel SCSI, Serial Attached SCSI, and iSCSI.


===Parallel SCSI Configuration===
*For identifying and troubleshooting problems on a Linux System
*The traditional SCSI technology
*Called  log files most Daemons record information and error messages to files stored on the file system.
*A device called a terminator is used to stop signals from bouncing back
*Typically stored in the /var/log directory
*Adopted as an industry defined standard in 1986 referred to as SCSI-1
::*'''Example:'''
::*used an 8-bit-wide data path
:::*/var/log/samba contains log files created by the samba file-sharing daemons
::*held up to seven devices
::*transfer speed of 5MB per second
*By 1994: SCSI-2 had evolved
::*16-bit-wide data path
::*hold up to 15 devices
::*20MB per second
*SCSI-3
::*speeds of over 160MB per second


'''Note: a.''' The SCSI ID of a SCSI hard disk can be configured using software on the SCSI controller or using jumper switches on the physical hard drive itself.
'''Common Linux log files found in /var/log'''
*boot.log
::*Contains basic information regarding daemon startup obtained during system initialization
*cron
::*Contains information and error messages generated by the cron and at daemons
*dmesg
::*Contains detected hardware information obtained during system startup
*maillog
::*Contains information and error messages generated by the sendmail daemon
*secure
::*Contains information and error messages regarding network access generated by daemons such as sshd and xinetd
*wtmp
::*Contains a history of all login sessions
*rpmpkgs yum.log
::*Contains a list of packages installed by the Red Hat Package Manager and related error messages
*xferlog
::*Contains information and error messages generated by the FTP daemon
*Xorg.0.log XFree86
::*Contains information and error messages generated by X Windows
*lastlog
::*Contains a list of users and their last login time; must be viewed using the lastlog command
*messages
::*Contains detailed information regarding daemon startup obtained at system initialization as well as important system messages produced after system initialization


'''b.''' Some SCSI devices act as a gateway to other devices; if this is the case, each device is associated with a unique Logical Unit Number (LUN).
===System Log Daemon===
*logging of most events is handled centrally in Linux in the System Log Deamon
*When the daemon is started on the system
::*Creates a socket /dev/log
:::*This is for other system processes to write to
:::*It then reads any information written to this socket and saves it to the appropriate log file according to /etc/rsyslog.conf
::*To view use cat /etc/rsyslog.conf


Parallel SCSI controllers support up to 15 devices and identify these devices with the numbers 0– 15  The highest priority device is given the number 7, followed by 6, 5, 4, 3, 2, 1, 0, 15, 14, 13, 12, 11, 10, 9, and 8
*Sample output showing the '''Facility,''' '''Priority''' and '''Location''' of the '''/etc/rsyslog.conf''' file
::*news.=crit /var/log/news/news.crit
:::*Facility: "news."
::::*The area of the system to listen to and log
:::*Priority: "=crit"
::::*The importance of the information being logged
:::*Location: /var/log/news/news.crit
::::*The location and path of the log file


[[File:Scis.jpg]]


'''Above: Two SCSI Configuration examples'''
'''Examples of kernel log facilities with differing priorities'''
*kern.warning  /var/log/logfile
::*logs warning messages and those with more serious priorities to the '''/var/log/logfile'''
*kern.=warning  /var/log/logfile
::*logs just the warning messages to the '''/var/log/logfile'''
*kern.* /var/log/logfile
::*logs all error messages to the '''/var/log/logfile'''
*kern.*;kern. !=warn  /var/log/logfile
::*logs all but the warning priority messages to /var/log/logfile
*\*.=warn;kern.none  /var/log/logfile
::*logs all warnings from all facilities except the kernel to the /var/log/logfile


[[File:SCSI2.jpg]]


'''Facilities used by the System Daemon Log'''
*auth or security
::*Specifies messages from the login system, such as the login program, the getty program, and the su command
*authpriv
::*Specifies messages from the login system when authenticating users across the network or to system databases
*cron
::*Specifies messages from the cron and at daemons
*daemon
::*Specifies messages from system daemons, such as the FTP daemon
*kern
::*Specifies messages from the Linux kernel
*lpr
::*Specifies messages from the printing system (lpd)
*mail
::*Specifies messages from the e-mail system (sendmail)
*mark
::*Specifies time stamps used by syslogd; used internally only
*news
::*Specifies messages from the Inter Network News daemon and other USENET daemons
*syslog
::*Specifies messages from the syslog daemon
*user
::*Specifies messages from user processes
*uucp
::*Specifies messages from the uucp (UNIX to UNIX copy) daemon
*local0-7
::*Specifies local messages; these are not used by default but can be defined for custom use


'''Priorities used by the System Daemon Log (listed in ascending order)'''
*debug
::*Indicates all information from a certain facility
*info
::*Indicates normal information messages as a result of system operations
*notice
::*Indicates information that should be noted for future reference, yet does not indicate a problem
*warning or warn
::*Indicates messages that might be the result of an error but are not critical to system operations
*error or err
::*Indicates all other error messages not described by other priorities
*crit
::*Indicates system critical errors such as hard disk failure
*alert
::*Indicates an error that should be rectified immediately, such as a corrupt system database
*emerg or panic
::*Indicates very serious system conditions that would normally be broadcast to all users


'''Above: Listing of Parallel SCSI Types as well as speed, connector type
The etc/rsyslog.conf file can also send logging information to another computer.
and number of devices supported per controller card.'''
*Facility.priority @hostname:portnumber
::*The remote computer
:::*Must have modules that listen to TCP or UDP protocol uncommented in the /etc/rsyslog.conf


===Serial Attached SCSI (SAS) Configuration===
*'''Commented'''
*recent SCSI technology
::*# Provides UDP syslog reception
*transfer data at up to 768MB/s
::*#$ModLoad imudp.so
Up to 65,535 Serial Attached SCSI hard disks can be connected to a single controller card
::*#$UDPServerRun 514
*Uses serial connectors (between 7 and 36 pins)
::*# Provides TCP syslog reception
 
::*#$ModLoad imtcp.so
===iSCSI Configuration Internet SCSI (iSCSI)===
::*#$InputTCPServerRun 514
*Recent SCSI technology
*Uses network cables to transfer data to and from remote hard disks
*The computer connected to a remote hard disk via iSCSI is referred to as an '''iSCSI initiator'''
*the remote hard disk is called the iSCSI target.
::*To connect the Linux computer to the remote iSCSI device (Prior to Install)
::*you must specify the configuration settings while installing Linux.
::*must understand the configuration settings used by your iSCSI device
::*ensure that your computer has an iSCSI-compliant
::*network card prior to install
*During installation
::*you need to select Specialized Storage Devices (instead of Basic Storage Devices)
 
'''Note:''' A single iSCSI target can be used by multiple computers, or iSCSI
initiators. The computers that use the same iSCSI target are said to
be part of the same Storage Area Network (SAN). iSCSI is often
referred to as a SAN technology as a result
 
 
 
 
===RAID Configuration===
*There are 7 basic RAID configurations (RAID 0 - 6)
[[File:RAIDSNIP.JPG]]
 
 
 
Below is an illustration of '''RAID Level 5''' parity bits, parity bits are the sum of the information on the other 2 disks. If one disk fails the remaining bits
[[File:Striperaidwp2.jpg]]
 
 
 
'''Side notes:''' RAID levels are often combined; RAID level 15 refers to a Stripe Set
with Parity (RAID level 5) that is mirrored (RAID level 1) to another
Stripe Set with Parity.
 
 
 
 
 
 
==Installation Methods==
There are 4 methods to installing Linux
*'''DVD Installation / CD Installation'''
:*Fedora 13 ISO will fit on 6 CDs and can be downloaded from the internet. To install from CD or DVD simply put the disk in the CD/DVD drive, set the bios to boot first from that drive.
 
*'''USB Flash Drive Installation'''
**Most modern computers have a BIOS that allows the computer to boot from a flash memory.
'''Steps:'' To install from USB
*'''Un-Commented'''
:*1. download the DVD Fedora 13 ISO image from http://fedoraproject.org
::*# Provides UDP syslog reception
:*2. use disk imaging software  to write the ISO image to the USB drive
::*$ModLoad imudp.so
If you already have an installed Linux system, you can instead use the dd command  to write the ISO image to your USB drive
::*$UDPServerRun 514
:*3. insert your USB flash memory drive into a free USB slot
::*# Provides TCP syslog reception
:*4. boot your computer from the flash memory drive
::*$ModLoad imtcp.so
 
::*$InputTCPServerRun 514
'''Hard Disk Installation'''
:::*This allows the system to accept incoming requests from another System Log Daemon on TCP and UDP port 514 (the default System Log Daemon port)
*ISO must reside on a disk formatted as  FAT, FAT32, ext2, ext3, or ext4 filesystem provided that you have free space outside the partition that contains the ISO image.
*Must boot from  a CD / DVD or USB prior to install to locate the ISO on the hard disk.
 
===Network-Based Installations===
*(less common than DVD, CD, USB flash memory drive, or hard disk installations)
:*With the network install the ISO image must reside on the server and use one of the following protocols can be installed to the target computer.
::*Network File System (NFS)
::*File Transfer Protocol (FTP)
::*Hypertext Transfer Protocol (HTTP)
[[File:Welcome.jpg]]
;Above: Specifying the location of the Fedora ISO image on an NFS server,
 
[[File:Tftp.jpg]]
 
;Above: Specifying the location of the Fedora ISO image on an HTTP server
 
 
Steps to installing over a network
:1. Assuming the ISO Image is already on the server
:2. boot the computer on which you plan to install Linux using a CD / DVD or USB drive
:3. When you reach the welcome screen, press Tab on the keyboard and add askmethod to the end of the boot options line
:4. choose an installation language (such as English), a keyboard layout (such as US), and
:5. select a network installation method
:a. Options should be
::i. Local CD/DVD
:::ii. Hard Drive
::::iii. NFS Directory
:::::iv. URL
:6. configure the IP settings on your computer’ s network adapter
:7. enter the address to the location of the ISO image and proceed with the rest of the install process
 
===Automated Installation===
 
*Instillation script is often called a Kickstart File
 
*Kickstart file is automatically made after normal instillation in “/root/anaconda-ks.cfg”
 
*To view use “Cat ks.cfg” in “/root/anaconda-ks.cfg”.
 
*Code in a Kick-start file that starts with “#” sing is disregarded and can be used as a comment .
 
*It is best practice to copy the template  Kickstart file and rename it ks.cfg and make changes to ks.cfg if need before mass instillation .
 
*It is best practice when creating the code for partition configuration to  use the # sing till configurations is complete and one is sure of the specifications of the partitions that will be created.
 
*It Is also advised that one  has “zerombr yes” command and “clearpart --all”  to make sure that the MBR is created and  all other partitions are destroyed before creating new ones.
*The kickstart file can also be created with a too called the “Kickstart Configurator”
 
*The Configurator can be installed using the “YUM install system-config-kickstart” command in terminal.
 
*The configurator can started by “system-config-kickstart” command If in a graphical desktop environment.
 
*To use the ks.cfg. whale booting form the cd or instillation image make confirm that install on new system or upgrade existing system  is selected then press.  A command line may show up  and you can designate  the Kick start files path by using  “ks=device:absolute path KS file”
 
*You will still need to use first boot wizard.
 
 
 
 
 
 
 
===Troubleshooting installation problems of high Probability===
 
*Problems starting instillation
:*Boot order in BIOS
 
:*Bad CMOS battery
 
*Problems during instillation
:*Video card incompatibility. use “install with basic video driver”
 
:*Instillation environment doesn't recognize mouse.  Press escape before graphic instillation appears.
 
:*If instillation locks up disable P&P in BIOS.
 
:*If fatal signal 11 is displayed  Then there may be something wrong with the ram. You may need to run memtest86 to test it. If the ram has no errors turn off CPU cache memory or set set more of it to wait state in the Bios.
 
:*Other problems ram motherboard speed miss-mach,improper voltage configuration  for CPU and ram.
Problems after instillation
===After instillation===
 
*If some somethings like a program is not working correctly or a Peace of hardware is not showing up. you should  look at the instillation log  found in  root/install.log.


*Use /proc to look at hardware settings  “ls -f /proc”


*To look up info use “cat /proc/cpuinfo” the same can be done with “/meminfo”  and modules


*Modules are used to insert drivers into the Linux kernel.


*To view hardware  outputs during boot up use the “Dmesg | tail”
===Managing Log Files===
Log files can contain a lot of important system information so it's a good idea to clear the contents of the log files from time to time.


*Review table  6-2  (other log or config files found in /proc directory )
'''DO NOT''' remove the log files, the permissions and ownership will be removed as well!!!


[[File:Prock.jpg]]
We're just going to clear out the contents of the log file.


*You can view other logs about services and processes in “/var/log/messages”
To do so the ''> redirect'' symbol can be used.


This function can be scheduled as well using the logrotate command to backup and clear logfiles stored in ''/etc/logrotate.conf'' file and files stored in ''/etc/logrotate.d'' directory


**The log rotate command renames (rotates) log files on a cyclic basis


===System Rescue===
**test.log becomes test.log.YYYYMMDD
*Instillation files have a bootable kernel of Linux.


*To used insert or mounted instillation image/ files and select rescue system in the instillation welcome-screen
**A new test.log file is created to accept system log info.


*A menu will prompt you to Mount your Linux instillation under  under “mnt/sysimage”
*Can be set to keep a certain number of log files
::*If configured to keep 2 log files, logrotate will only keep 2 copies. Then when it cycles logrotate will automatically remove the oldest copy.


*You will have a menu that will allow you to enter bash shell 
*Most rotation information within /etc/logrotate.conf is overridden from files stored in the ''/etc/logrotate.d directory.''


*You will also be able to run the fakd diagnostic
On most Linux systems, the logrotate utility is automatically scheduled to run daily via the file ''/etc/cron.daily/logrotate,'' however it can be run manually by typing ''logrotate /etc/logrotate.conf''  at a command prompt


*You can check witch root directory is the system that you are trying to rescue with the  “System Rescue command.
Over time the logrotate command generates several copies of each logfile /var/log to view this we type ''Ls /var/log''

Revision as of 07:14, 25 March 2012

Printer Administration Common UNIX Printing System (CUPS) is a printing system used by Linux computers. Information that will be sent to a printer is called a print job. The lp command is used to specify and print the print job. To check the status of a printer(s) the lpstat command is used. The cups daemon (cupsd) will assign all print jobs a unique print job ID and put them in the print queue. The print queue is a special temporary directory where the print jobs are stored before being sent to the printer. The path of the queue is usually /var/spool/cups on most Linux systems. If the printer is accepting print jobs, the cupsd will put the print job in to the queue. This is called spooling or queuing. Adding the –t option shows all the printers and there statuses on the system. kevin@kubuntu1:~$ lpstat -t scheduler is running system default destination: Samsung-ML-2152W device for Samsung-ML-2152W: smb:///192.168.0.195 Samsung-ML-2152W accepting requests since Tue 17 Jan 2012 11:25:40 PM CST printer Samsung-ML-2152W is idle. enabled since Tue 17 Jan 2012 11:25:40 PM CST kevin@kubuntu1:~$ To manipulate the status of a printer by using the cupsaccept, cupsreject, cupsenable, or cupsdisable commands. kevin@kubuntu1:~$ cupsaccept Samsung-ML-2152W kevin@kubuntu1:~$ cupsdisable Samsung-ML-2152W kevin@kubuntu1:~$ lpstat -t scheduler is running system default destination: Samsung-ML-2152W device for Samsung-ML-2152W: smb:///192.168.0.195 Samsung-ML-2152W accepting requests since Fri 23 Mar 2012 11:35:18 AM CDT printer Samsung-ML-2152W disabled since Fri 23 Mar 2012 11:35:18 AM CDT - Paused kevin@kubuntu1:~$ The –r option is used to give a reason why the printer’s status is set as such. kevin@kubuntu1:~$ cupsdisable Samsung-ML-2152W -r "OMG the printer is on fire" Samsung-ML-2152W kevin@kubuntu1:~$ lpstat -t scheduler is running system default destination: Samsung-ML-2152W device for Samsung-ML-2152W: smb:///192.168.0.195 Samsung-ML-2152W accepting requests since Fri 23 Mar 2012 11:35:18 AM CDT printer Samsung-ML-2152W disabled since Fri 23 Mar 2012 11:35:18 AM CDT - OMG the printer is on fire kevin@kubuntu1:/$ Use the lp command to print. kevin@kubuntu1:/$ lp -d Samsung-ML-2152W /home/kevin/Documents/reports request id is Samsung-ML-2152W-2 (1 file(s)) kevin@kubuntu1:/$ Other options can be added to the lp command as shown. Option Description −d printername Specifies the name of the printer to send the print job to −i print job ID Specifies a certain print job ID to modify −n number Prints a certain number of copies, where number can be any 

          number

−m Mails you confirmation of print job completion −o option Specifies certain printing options. Common printing 

          options include the following:
         cpi=number—Specifies the number of characters per inch,
          where number is the number of characters
         landscape—Prints in landscape orientation
          number-up=number—Prints the number of pages on a single
           page, where number is 1, 2, or 4
          sides=string—Sets double-sided printing, where string is
           either ”two-sided-short-edge” or ”two-sided-long-edge”

To print a list of all users logged in, pipe the who command to the lp command. kevin@kubuntu1:/$ who | lp -d Samsung-ML-2152W request id is Samsung-ML-2152W-4 (0 file(s)) kevin@kubuntu1:/$ To remove all print jobs from a specific user, add the –u <username> before the cancel command. To remove all print jobs use the –a as shown. kevin@kubuntu1:/$ cancel -a kevin@kubuntu1:/$ lpstat kevin@kubuntu1:/$ The Line Printer Daemon (LPD) is an alternative to CUPS, that is used by older Linux systems. The LPD commands can be used in CUPS. LPR command = print documents LPC command = view printer status LPQ command = see jobs in the queue LPRM command = remove job form queue You can find the cupsd configuration file in the /etc/cups/cupsd.conf directory. The /etc/cups/printers.conf contains settings about the specific printer. The command system-config-printer will launch a GUI-based program; the Printer Configuration tool. This program lets you add printers with Plug and Play (PnP) or specify the Uniform Resource Identifier (URI). Hewlett-Packard JetDirect, Internet Printing Protocol (IPP), Line Printer Daemon (LPD or Windows (SAMBA) allows you to print to a printer across the network. From the Printer Configuration tool you are also able to give users and groups permission to print to specific printers. You can use CUPS to administer and remotely administer printes through a web browser. To open the CUPS web-based control panel, navigate to http://servername:631.

Log File Administration

  • For identifying and troubleshooting problems on a Linux System
  • Called log files most Daemons record information and error messages to files stored on the file system.
  • Typically stored in the /var/log directory
  • Example:
  • /var/log/samba contains log files created by the samba file-sharing daemons

Common Linux log files found in /var/log

  • boot.log
  • Contains basic information regarding daemon startup obtained during system initialization
  • cron
  • Contains information and error messages generated by the cron and at daemons
  • dmesg
  • Contains detected hardware information obtained during system startup
  • maillog
  • Contains information and error messages generated by the sendmail daemon
  • secure
  • Contains information and error messages regarding network access generated by daemons such as sshd and xinetd
  • wtmp
  • Contains a history of all login sessions
  • rpmpkgs yum.log
  • Contains a list of packages installed by the Red Hat Package Manager and related error messages
  • xferlog
  • Contains information and error messages generated by the FTP daemon
  • Xorg.0.log XFree86
  • Contains information and error messages generated by X Windows
  • lastlog
  • Contains a list of users and their last login time; must be viewed using the lastlog command
  • messages
  • Contains detailed information regarding daemon startup obtained at system initialization as well as important system messages produced after system initialization

System Log Daemon

  • logging of most events is handled centrally in Linux in the System Log Deamon
  • When the daemon is started on the system
  • Creates a socket /dev/log
  • This is for other system processes to write to
  • It then reads any information written to this socket and saves it to the appropriate log file according to /etc/rsyslog.conf
  • To view use cat /etc/rsyslog.conf
  • Sample output showing the Facility, Priority and Location of the /etc/rsyslog.conf file
  • news.=crit /var/log/news/news.crit
  • Facility: "news."
  • The area of the system to listen to and log
  • Priority: "=crit"
  • The importance of the information being logged
  • Location: /var/log/news/news.crit
  • The location and path of the log file


Examples of kernel log facilities with differing priorities

  • kern.warning /var/log/logfile
  • logs warning messages and those with more serious priorities to the /var/log/logfile
  • kern.=warning /var/log/logfile
  • logs just the warning messages to the /var/log/logfile
  • kern.* /var/log/logfile
  • logs all error messages to the /var/log/logfile
  • kern.*;kern. !=warn /var/log/logfile
  • logs all but the warning priority messages to /var/log/logfile
  • \*.=warn;kern.none /var/log/logfile
  • logs all warnings from all facilities except the kernel to the /var/log/logfile


Facilities used by the System Daemon Log

  • auth or security
  • Specifies messages from the login system, such as the login program, the getty program, and the su command
  • authpriv
  • Specifies messages from the login system when authenticating users across the network or to system databases
  • cron
  • Specifies messages from the cron and at daemons
  • daemon
  • Specifies messages from system daemons, such as the FTP daemon
  • kern
  • Specifies messages from the Linux kernel
  • lpr
  • Specifies messages from the printing system (lpd)
  • mail
  • Specifies messages from the e-mail system (sendmail)
  • mark
  • Specifies time stamps used by syslogd; used internally only
  • news
  • Specifies messages from the Inter Network News daemon and other USENET daemons
  • syslog
  • Specifies messages from the syslog daemon
  • user
  • Specifies messages from user processes
  • uucp
  • Specifies messages from the uucp (UNIX to UNIX copy) daemon
  • local0-7
  • Specifies local messages; these are not used by default but can be defined for custom use

Priorities used by the System Daemon Log (listed in ascending order)

  • debug
  • Indicates all information from a certain facility
  • info
  • Indicates normal information messages as a result of system operations
  • notice
  • Indicates information that should be noted for future reference, yet does not indicate a problem
  • warning or warn
  • Indicates messages that might be the result of an error but are not critical to system operations
  • error or err
  • Indicates all other error messages not described by other priorities
  • crit
  • Indicates system critical errors such as hard disk failure
  • alert
  • Indicates an error that should be rectified immediately, such as a corrupt system database
  • emerg or panic
  • Indicates very serious system conditions that would normally be broadcast to all users


The etc/rsyslog.conf file can also send logging information to another computer.

  • Facility.priority @hostname:portnumber
  • The remote computer
  • Must have modules that listen to TCP or UDP protocol uncommented in the /etc/rsyslog.conf
  • Commented
    1. Provides UDP syslog reception
    2. $ModLoad imudp.so
    3. $UDPServerRun 514
    4. Provides TCP syslog reception
    5. $ModLoad imtcp.so
    6. $InputTCPServerRun 514
  • Un-Commented
    1. Provides UDP syslog reception
  • $ModLoad imudp.so
  • $UDPServerRun 514
    1. Provides TCP syslog reception
  • $ModLoad imtcp.so
  • $InputTCPServerRun 514
  • This allows the system to accept incoming requests from another System Log Daemon on TCP and UDP port 514 (the default System Log Daemon port)



Managing Log Files

Log files can contain a lot of important system information so it's a good idea to clear the contents of the log files from time to time.

DO NOT remove the log files, the permissions and ownership will be removed as well!!!

We're just going to clear out the contents of the log file.

To do so the > redirect symbol can be used.

This function can be scheduled as well using the logrotate command to backup and clear logfiles stored in /etc/logrotate.conf file and files stored in /etc/logrotate.d directory

    • The log rotate command renames (rotates) log files on a cyclic basis
    • test.log becomes test.log.YYYYMMDD
    • A new test.log file is created to accept system log info.
  • Can be set to keep a certain number of log files
  • If configured to keep 2 log files, logrotate will only keep 2 copies. Then when it cycles logrotate will automatically remove the oldest copy.
  • Most rotation information within /etc/logrotate.conf is overridden from files stored in the /etc/logrotate.d directory.

On most Linux systems, the logrotate utility is automatically scheduled to run daily via the file /etc/cron.daily/logrotate, however it can be run manually by typing logrotate /etc/logrotate.conf at a command prompt

Over time the logrotate command generates several copies of each logfile /var/log to view this we type Ls /var/log

Retrieved from "https://wiki.ihitc.net/mediawiki/index.php?title=User:Hess0060&oldid=5384"