Cover V07, I03
Article

mar98.tar


Questions and Answers

Bjorn Satdeva

This month, I'd like to mention some conferences coming up in 1998 that might be useful to system administrators. Here is a sampling:

IT Forum Conference
April 27-May 1, 1998
San Francisco, California
Sponsored by Miller Freeman, Inc.

Networld+Interop Conference
May 5-8, 1998
Las Vegas, Nevada
Sponsored by SOFTBANK Forums

System Administration, Networking & Security
(SANS) Conference
May 9-15, 1998
Monterey, California
Sponsored by the SANS Institute and co-sponsored by SAGE

Linux Expo
May 28-30, 1998
Duke University
Chapel Hill, North Carolina

Networks Expo
June 3-4, 1998
Boston, Massachusetts
Sponsored by Miller Freeman, Inc.

USENIX Annual Technical Conference
June 15-19, 1998
New Orleans, Louisiana

WEB.X Conference
June 15-18, 1998
New York City, New York
Sponsored by Miller Freeman, Inc.

Large Installation System Administration
of Windows NT Conference
August 5-7, 1998
Seattle, Washington
Paper submissions due: March 3, 1998

1st International System Administration and
Networking Conference (SANE '98)
November 18-20, 1998
Maastricht, The Netherlands
Organized by the NLUUG and Co-sponsored by
USENIX and Stichting NLnet
Extended abstracts due: April 17, 1998
Final papers due: September 4, 1998.

12th Systems Administration Conference (LISA '98)
December 6-11, 1998
Boston, Massachusetts
Extended abstracts and invited talk proposals due: June 23, 1998
Final Papers due: October 16, 1998

 Q I've been trying to find a tool/utility/package that will allow an administrator to remotely monitor, unattended, a Sun-based TCP/IP network connected to the Internet. I need something that can be configured to send alerts, alarms, etc. to the monitoring system as well as page the administrator - maybe something that can monitor HTTP processes and alert/restart when they go down. Do you know of anything like this?

 A It looks to me as if the tool you want is swatch. This tool looks for messages appearing in the syslog output and is able to take various actions, determined by a configuration file. swatch is described in the LISA VII proceedings. The paper is also included in the source.

ftp://ftp.sysadmin.com/pub/sysadmin/tools/host/swatch

You might also want to look at a paper by Carl Shipley and Chingyow Wang from the LISA V conference proceedings, "Monitoring Activity on a Large UNIX Network with Perl and sysogd."

Both of these are passive tools, so they cannot take any action, such as restarting a daemon. However, it is fairly trivial to write a small Perl program to do what you want. The simplest thing to implement is a program that does an exec of the daemon, and then waits for the child to exit. In Perl, the rudimentary version of what you want would look something like this (you will need to add checks for various failure modes, such as to frequent forks):

while ( 1 ) {
unless (fork) {
# This is the child process
exec ( YOUR_DAEMON_HERE ):
}
# Make the parent wait
wait;
sleep 5;
}

Or, you could write a Perl script that sends signal 0 (zero) to the process. If the process has gone away, this will cause a failure, and you can then restart the daemon. The advantage of the first solution is that you get an instant restart of the daemon, but at the cost of a second process.

 Q I now work as a VMS analyst but hope to be a UNIX/NT systems administrator very soon. I have a good working knowledge of UNIX, but there is still a lot I need to learn. Do you have any suggestions for books or software tools to master?

 A The number of UNIX system administration books seems to increase every month. However, the number of really good ones is still limited. The ones I really like and think would be useful to you are, first of all, Evi Nemeth's UNIX System Administration Handbook from Prentice Hall. This book covers many issues and will give you a good starting point. However, even with its almost 800 pages, it is too broad to go into much detail of the topics it covers.

There are other books that do provide detail, but which ones you should read depends on your situation. I've listed a few here, which, incidentally, are all from O'Reilly and Associates. DNS and BIND by Paul Albitz and Cricket Liu explains much of the working and configuration of the name server.

The Sendmail Book, by Bryan Costales with Eric Allman and Neil Rickert, gives a very good overview of sendmail - how it works, and how it can be configured. Don't worry too much about the sendmail configuration rules in the beginning; the M4 configuration macros described in Appendix E will suffice in nearly all cases. Focus on getting a general understanding of how sendmail works and where the security potholes are located (in addition to the the programming flaws of sendmail itself, of course).

Finally, TCP/IP Network Administration by Craig Hunt gives a very good introduction to how to administer TCP/IP networks. Unlike most other networking books, its focus is on the administration part of networking, and it more or less ignores the programming issues - exactly what is needed for an emerging TCP/IP administrator.

 Q I enjoy reading your column in Sys Admin magazine (I just started subscribing about 2 months ago), and I looked at the information on your home page. Can you tell me where I can get some of your old articles that were written in root and Login?

 Q Back issues of Sys Admin can be ordered from customer service at (800) 444-4881 or from our Web site at: www.samag.com. Back issues of its predecessor root are no longer available. A few of my articles published in root are available on my ftp server: ftp://ftp. sysadmin.com/pub/admin/papers/bjorn.

It is my plan to make them all available in my copious spare time. In the meantime, however, I suggest you check the library for copies of the old issues.

About the Author

Bjorn Satdeva is the president of /sys/admin, inc., a consulting firm which specializes in large installation system administration. Bjorn is also co-founder and former president of Bay-LISA, a San Francisco Bay Area user's group for system administrators of large sites. Bjorn can be contacted at /sys/admin, inc., 2787 Moorpark Ave., San Jose, CA 95128; electronically at bjorn@sysadmin.com; or by phone at (408) 241-3111.