Table of Contents
System Administration
Devices and disk access
With Linux disks and USB media are seen as devices. To access data on them, a device first must be mounted on a mount point (directory).
On SliTaz devices can be mounted using a program with a graphical user interface, like pcmanfm
or with a command from a terminal.
To mount the first partition of a local disk on /mnt/disk
:
# mkdir -p /mnt/disk # mount /dev/sda1 /mnt/disk
To mount an optical disk or an USB medium, mount points located in /media
should be used.
Note that for an optical disk, you just have to specify the device path. For a flash key, the mount point already exists:
# mount /dev/cdrom # mount /dev/sda1 /media/flash
NTFS filesystem
If read or write access to Windows ntfs filesystems is needed, a few additional packages from the repository must be installed.
The ntfs-3g
driver provides stable access to ntfs partitions and ntfsprogs
provides manipulation tools dependent on fuse.
Note that ntfs partitions can be formatted, moved or resized using Gparted, a GUI to parted.
NFS
NFS (Network File System) is the native UNIX and Linux method for sharing file systems. In this respect its function is similar to Samba.
The most popular version is still NFSv3, which is able to use UDP or TCP as the network protocol.
The older NFSv2 was only capable of using UDP.
On a LAN, UDP is still the fastest protocol; TCP is to be preferred when the machines are connected over a WAN.
NFSv3 has been superseded by NFS version4 which has notable improvements (security) over v3 but its configuration has become a lot more complex as a result.
An NFS server exports a part of it's file system; i.e. makes it available on the network. The server is configured with details about client ip addresses or host names and can restrict their access to the file system. Access can be read-only, read-write or no access at all. An NFS client simply mounts the exported file systems as if they were local devices.
The NFS software in Slitaz makes it possible to run both as a server or a client.
To start the NFS processes, you need to run the init script in /etc/init.d/
:
/etc/init.d/nfsd start|stop|restart
NFS Software Installation
To start using NFS, the following packages are required:
# tazpkg -l | grep nfs linux-nfsd 3.16.55 base-system nfs-utils 2.6.1 system-tools
Install them using:
# tazpkg -gi linux-nfsd # tazpkg -gi nfs-utils
/etc/exports
Here is a sample exports file:
# /etc/exports: the access control list for filesystems which may be exported # to NFS clients. See exports(5). # # Example for NFSv2 and NFSv3: # /srv/homes hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check) # # Example for NFSv4: # /srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check) # /srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check) # /usb1 192.168.1.0/24(rw,sync,no_subtree_check)
The server is only exporting one filesystem: usb1. Clients must be in the 192.168.1.0/24 network and they have read-write access.
To use nfs on the client; all you need to do is start nfsd and mount the share:
# /etc/init.d/nfsd start # mkdir /mnt/usbdrive1 # mount server:/usb1 /mnt/usbdrive1
Please note the specific format for nfs shares server
:mountpoint
.
Users, groups and passwords
To manage users and groups on a SliTaz system, the command line must be used, but file permissions can be changed with a GUI, PCmanFM for example.
Only the system administrator (root
) can add or remove users and groups. The system administrator can also change all user passwords;
a nonprivileged user can only change his or her own password.
To add or remove a user named linux:
# adduser linux # deluser linux
Manipulating users and group membership
Linux groups are a mechanism to manage a collection of computer system users.
All Linux users have a user name and a group name and a unique numerical identification number called a userid (UID) and a groupid (GID) respectively.
Groups can be assigned to logically tie users together for a common security, privilege and access purpose.
It is the foundation of Linux security and access.
Access to files and devices may be granted based on a userid or a groupid.
This mechanism is the same for all of linux but the way it is configured varies per distribution.
Sometimes additional or different commands are used, like for example usermod
, chgrp
, useradd
or groupadd
.
Below is an overview of how to handle users, groups and group membership on Slitaz.
The Slitaz way is using only four commands. Simple and Elegant.
# adduser <username> <= adds a user # deluser <username> <= deletes a user # addgroup <groupname> <= adds a group # delgroup <groupname> <= deletes a group # addgroup <username> <groupname> <= adds a user to a group # adduser -G <groupname> <username> <= adds the user to an additional group # delgroup <username> <groupname> <= deletes a user from a group
Any user can be member of any group and the combination of user and group permissions allows for granular access to system resources.
Passwd
To change the current user's password or change the password of a specific user, you must use the passwd command:
$ passwd # passwd <username>
Audio group
If you want a new user to be able to listen to music he must be in the group audio
.
To add an existing user to the group audio:
# adduser -G audio <username>
Language and keyboard layout
SliTaz saves the configuration of the default locale in /etc/locale.conf
which is read by /etc/profile
on each login
and the keyboard setting is stored in /etc/keymap.conf
.
These two files can be edited with your favorite editor or configured respectively with tazlocale
and tazkeymap
.
You can modify the settings you choose on the first boot by typing as system administrator:
# tazlocale Or: # tazkeymap
To check all available locales or the current configuration, the command locale
can be used:
$ locale -a $ locale
Custom Shell
SliTaz uses the shell provided by busybox linked to sh
. It is light, fast and standards compliant.
To change the default shell for a user, the corresponding field in the user's line in /etc/passwd
can be modified with a text editor.
After login, /etc/profile
is read first and then the user file ~/.profile
.
These files can be edited with a text editor to configure the language, any aliases, etc.
Example: ~/.profile
# ~/.profile: executed by Bourne-compatible login shells. # # Aliases. alias ls='ls -F' alias df='df -h' # Env variables. export EDITOR=nano
Bash Shell
If you wish to use the Bash (Bourne Again SHell), first as system administrator install bash.
Then the system administrator must edit /etc/passwd
to change the user's shell to /bin/bash
.
Finally copy ~/.profile
to ~/.bashrc
.
# tazpkg get-install bash # nano /etc/passwd ~ :/bin/bash hacker:~$ cp .profile .bashrc
The next time hacker
logs in, bash will be the default shell;
this can be confirmed by typing env
on the command line and inspecting the SHELL
variable.
Editors
Busybox supplies a clone of vi for normal text editing, but it does have its limitations. The full vim editor can be installed with:
# tazpkg get-install vim
Or alternatively if you prefer emacs:
# tazpkg get-install emacs
Sudo
The sudo command can be installed on SliTaz:
# tazpkg get-install sudo
Note that the configuration file /etc/sudoers
, should always be edited by the visudo
command which locks the file and checks for errors.
System Time
To check the current system time, you can simply type:
$ date
TimeZone
On SliTaz, the timezone configuration is saved in /etc/TZ
.
This file can be edited with a text editor or simply the echo command.
The available timezones are to be found in the /usr/share/zoneinfo
directory.
Here's an example using the timezone Europe/London:
# echo "Europe/London" > /etc/TZ
Rdate
To synchronize the system clock with a network time server, the system administrator can use the rdate -s
command:
# rdate -s tick.greyware.com
To display the time on the remote server, use the rdate -p
command:
$ rdate -p tick.greyware.com
Using NTP
NTP is a protocol to synchronize the time on many different systems via a network. NTP is a client-server application which uses UDP port 123. This section describes how to configure a system as an NTP client, deriving its time from the Internet. There are many servers available on the Internet which provide a NTP service.
Although Slitaz is a small distribution, it provides several NTP implementations.
Most notably:
1: busybox ntpd (included in the base installation). Using busybox ntpd from the command line:
# busybox ntpd -p nl.pool.ntp.org OR # ntpd -p nl.pool.ntp.org
2: ntp.tazpkg (install from packages repository). To install ntp.tazpkg:
# tazpkg get-install ntp
This package includes a decent set of ntp related binaries and the configuration file /etc/init.d/ntp
# tazpkg list-files ntp Installed files with: ntp ========================= /etc/init.d/ntp /etc/ntp.conf /usr/bin/calc_tickadj /usr/bin/ntp-keygen /usr/bin/ntp-wait /usr/bin/ntpd /usr/bin/ntpdate /usr/bin/ntpdc /usr/bin/ntpq /usr/bin/ntptime /usr/bin/ntptrace /usr/bin/sntp /usr/bin/tickadj /usr/bin/update-leap
Be aware that Slitaz has several NTP daemons available. We have busybox ntp but also the ntp package. Both provide virtually the same functionality. If you have limited resources, the busybox version can provide all you need. If you want all the diagnostic stuff as well, you should rather go for installing ntp.tazpkg.
Starting ntpd at boot
Probably the easiest way to start busybox ntpd at boot is to add an entry like above to /etc/init.d/local.sh
.
The explanation below focuses on ntp.tazpkg.
It is unclear which one was intended by the developers to be started by the Server Manager.
This can be somewhat confusing. The verified way to configure the NTP daemon is to use the command line as detailed below.
To start /usr/bin/ntpd
(from ntp.tazpkg) at boot:
1: Make sure to install the package as shown above .
2: Edit /etc/daemons.conf
as follows:
Add one line at the end: NTP_OPTIONS="-p xx.pool.ntp.org" (where xx = country.)
3: Edit /etc/rcS.conf
as follows:
On the line with daemons to start, add ntp to the list: RUN_DAEMONS="inetd dbus hald slim firewall httpd ntp"
Use the following to check if the daemon is running:
$ ps -ef | grep ntpd 1934 root 0:00 /usr/bin/ntpd -p nl.pool.ntp.org 2193 root 0:00 grep ntpd
In this example, the first line shows the process we want to see.
Verifying ntpd operation
The ntpq
command can be used to verify connections to NTP servers
# ntpq -p nl.pool.ntp.org remote refid st t when poll reach delay offset jitter ============================================================================== *ntp0.nl.uu.net .PPS. 1 u 632 1024 377 2.700 0.233 0.096 +ntp1.nl.uu.net .PPS. 1 u 504 1024 377 1.742 0.356 41.789 -chime1.surfnet. 194.171.167.130 2 u 298 1024 377 0.677 0.102 0.134 +chime4.surfnet. .PPS. 1 u 422 1024 367 9.652 -2.669 0.366 tt165.ripe.net .STEP. 16 u - 1024 0 0.000 0.000 0.000
The * at the start of a line indicates the server the system is currently synchronized to.
The column “st” shows the stratum or quality of the time source. 1 is best, 16 means unavailable.
Important to check are the columns “reach” and those behind. Reach should be 377, everything else means polls were missed. The NTP daemon should be running for a while to get reliable output.
Hwclock
The hwclock
command enables synchronisation of the time of the hardware clock to the system clock or vice versa.
Synchronise the system clock to the hardware clock ( --utc = universal time, -l = local time ):
# hwclock -w --utc
Synchronise the hardware clock to the system clock:
# hwclock -s --utc
hwclock -u, --utc | -l, --localtime
Indicates that the hardware clock is kept in Coordinated Universal Time or local time, respectively. It is the choice of the system administrator, whether to keep the clock in UTC or local time, but nothing in the clock tells which is choosen. So this option is how to give that information to the hardware clock. If the wrong one of these options is specified (or neither and a wrong default is taken), both setting and querying of the hardware clock will be messed up.
Synchronising the hardware clock with NTP
There are several ways to set the hardware clock to NTP time:
# busybox ntpd -dnqp nl.pool.ntp.org && hwclock -w -u
OR:
# ntpdate -u nl.pool.ntp.org && hwclock -w -u
Alternative three: (quite old, may not work on all servers)
# rdate -s nl.pool.ntp.org && hwclock -w -u
Note that in all examples the -u
option is used to set the hardware clock to UTC time.
Further reading: https://linux.die.net/man/8/hwclock
Execute scheduled commands
The daemon crond
allows to run commands automatically at a scheduled specific date or time.
This is very useful for routine tasks such as system administration.
The directory cron
uses is /var/spool/cron/crontabs
.
Each user can have his or her own tasks; they are defined in the file /var/spool/cron/crontabs/user
.
This file can be created to order modified by any user with the crontab -e
command, using the user's default text editor.
The crontab utility allows (amongst other things), to list the user's tasks:
# crontab -l <== To list the crontab for user root. OR: # crontab -l -u tux <== To list the crontab for another user. OR: tux:~$ crontab -l <== To list the crontab for user tux.
The syntax of the crontab files is as follows:
mm hh dd MMM DDD command > log
We will create a crontab file and test the daemon crond
with a task performed every minute - writing the date to a file /tmp/crond.test
.
$ crontab -e
Insert the line:
* * * * * date >> /tmp/crond.test
save and exit the editor.
When the system administrator has launched crond
using the startup script:
# /etc/init.d/crond start
after a few minutes the contents of the file: /tmp/crond.test
can be viewed:
$ cat /tmp/crond.test
To stop or restart the daemon crond
:
# /etc/init.d/crond stop Or : # /etc/init.d/crond restart
Invoke the daemon crond on every boot
To launch the daemon crond
each time the system is booted, just add it to the variable START_DAEMONS in the configuration file /etc/rcS.conf
,
either before or after the web server or SSH server.
Add commands to be executed at boot
During the boot process, various scripts are executed to configure services, such as the start of the web server, networking, etc.
On SliTaz there is a script /etc/init.d/local.sh
which allows to add commands to be launched at system startup.
Also new scripts can be created in /etc/init.d
.
# nano /etc/init.d/local.sh