Professional Documents
Culture Documents
The best systems administrators are set apart by their efficiency. And if an efficient systems administrator
can do a task in 10 minutes that would take another mortal two hours to complete, then the efficient
systems administrator should be rewarded (paid more) because the company is saving time, and time is
money, right?
The trick is to prove your efficiency to management. While I won't attempt to cover that trick in this article,
I will give you 10 essential gems from the lazy admin's bag of tricks. These tips will save you time—and
even if you don't get paid more money to be more efficient, you'll at least have more time to play Halo.
Trick 1: Unmounting the unresponsive DVD drive
The newbie states that when he pushes the Eject button on the DVD drive of a server running a certain
Redmond-based operating system, it will eject immediately. He then complains that, in most enterprise
Linux servers, if a process is running in that directory, then the ejection won't happen. For too long as a
Linux administrator, I would reboot the machine and get my disk on the bounce if I couldn't figure out what
was running and why it wouldn't release the DVD drive. But this is ineffective.
ere's how you find the process that holds your DVD drive and eject it to your heart's content: First, simulate
it. Stick a disk in your DVD drive, open up a terminal, and mount the DVD drive:
# mount /media/cdrom
# cd /media/cdrom
# while [ 1 ]; do echo "All your drives are belong to us!"; sleep 30; done
Now open up a second terminal and try to eject the DVD drive:
# eject
You'll get a message like:
umount: /media/cdrom: device is busy
Before you free it, let's find out who is using it.
# fuser /media/cdrom
You see the process was running and, indeed, it is our fault we can not eject the disk.
Now, if you are root, you can exercise your godlike powers and kill processes:
# fuser -k /media/cdrom
Boom! Just like that, freedom. Now solemnly unmount the drive:
# eject
fuser is good.
Next, select the kernel that will boot with the arrow keys, and type E to edit the kernel line. You'll then see
something like Figure 2:
Figure 2. Ready to edit the kernel line
Use the arrow key again to highlight the line that begins with kernel, and press E to edit the kernel
parameters. When you get to the screen shown in Figure 3, simply append the number 1to the arguments
as shown in Figure 3:
Figure 3. Append the argument with the number 1
Then press Enter, B, and the kernel will boot up to single-user mode. Once here you can run
the passwd command, changing password for user root:
sh-3.00# passwd
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully
Now you can reboot, and the machine will boot up with your new password.
1. Check that what you're doing is allowed, but make sure you ask the right people. Most people will
cringe that you're opening the firewall, but what they don't understand is that it is completely
encrypted. Furthermore, someone would need to hack your outside machine before getting into
your company. Instead, you may belong to the school of "ask-for-forgiveness-instead-of-
permission." Either way, use your judgment and don't blame me if this doesn't go your way.
2. SSH from ginger to blackbox.example.com with the -R flag. I'll assume that you're the root user on
ginger and that tech will need the root user ID to help you with the system. With the-R flag, you'll
forward instructions of port 2222 on blackbox to port 22 on ginger. This is how you set up an SSH
tunnel. Note that only SSH traffic can come into ginger: You're not putting ginger out on the
Internet naked.
3. Now instruct your friends at tech to SSH as thedude into blackbox without using any special SSH
flags. You'll have to give them your password:
4. Once tech is on the blackbox, they can SSH to ginger using the following command:
5. Tech will then be prompted for a password. They should enter the root password of ginger.
6. Now you and support from tech can work together and solve the problem. You may even want to
use screen together! (See Trick 4.)
Trick 6: Remote VNC session through an SSH tunnel
VNC or virtual network computing has been around a long time. I typically find myself needing to use it
when the remote server has some type of graphical program that is only available on that server.
For example, suppose in Trick 5, ginger is a storage server. Many storage devices come with a GUI program
to manage the storage controllers. Often these GUI management tools need a direct connection to the
storage through a network that is at times kept in a private subnet. Therefore, the only way to access this
GUI is to do it from ginger.
You can try SSH'ing to ginger with the -X option and launch it that way, but many times the bandwidth
required is too much and you'll get frustrated waiting. VNC is a much more network-friendly tool and is
readily available for nearly all operating systems.
Let's assume that the setup is the same as in Trick 5, but you want tech to be able to get VNC access
instead of SSH. In this case, you'll do something similar but forward VNC ports instead. Here's what you do:
1. Start a VNC server session on ginger. This is done by running something like:
2. SSH from ginger to blackbox.example.com forwarding the port 5999 on blackbox to ginger. This is
done from ginger by running the command:
3. From tech, you open a tunnel via SSH to forward your port 5999 to port 5999 on blackbox. This
would be done by running:
If this were set up, then tech could VNC to localhost:2 just as if tech were running the Linux operating
system.
If all the nodes, n001-n200, have the same memory size, then only one number will be displayed.
This is the size of memory as seen by each operating system.
If node memory size is different, you will see several memory size values.
Finally, if the SSH failed on a certain node, then you may see some error messages.
This command isn't perfect. If you find that a value of memory is different than what you expect, you won't
know on which node it was or how many nodes there were. Another command may need to be issued for
that.
What this trick does give you, though, is a fast way to check for something and quickly learn if something is
wrong. This is it's real value: Speed to do a quick-and-dirty check.
Work with others. Share screen sessions and watch how others work—you'll see new approaches to
doing things. You may need to swallow your pride and let other people drive, but often you can
learn a lot.
Read the man pages. Seriously; reading man pages, even on commands you know like the back of
your hand, can provide amazing insights. For example, did you know you can do network
programming with awk?
Solve problems. As the system administrator, you are always solving problems whether they are
created by you or by others. This is called experience, and experience makes you better and more
efficient.
I hope at least one of these tricks helped you learn something you didn't know. Essential tricks like these
make you more efficient and add to your experience, but most importantly, tricks give you more free time to
do more interesting things, like playing video games. And the best administrators are lazy because they
don't like to work. They find the fastest way to do a task and finish it quickly so they can continue in their
lazy pursuits.
Resources
Learn
Read the Linux Professional Institute exam prep series on developerWorks for a solid grounding in
the basics to complement these tricks.
See "Sharing computers on a Linux (or heterogeneous) network, Part 1" (developerWorks, Dec
2001) for more discussion of SSH and VNC.
In the developerWorks Linux zone, find more resources for Linux developers, and scan our most
popular articles and tutorials.
Order the SEK for Linux, a two-DVD set containing the latest IBM trial software for Linux from
DB2®, Lotus®, Rational®, Tivoli®, and WebSphere®.
With IBM trial software, available for download directly from developerWorks, build your next
development project on Linux.
Discuss
Get involved in the developerWorks community through blogs, forums, podcasts, and spaces.