Top Ten Linux Configuration Tools? 651
jman251 asks: "I am presenting at a conference in September on a couple of Linux-centric topics. One of these is a collection of tips, tricks, and tools for configuring, securing, and maintaining a Linux-based server. I have a short list of tools I use, but would like some community input on the subject. What tools do you use that make your admin responsibilities easier or more automated on the Linux platform?"
They all start with "nano -wiR /etc/" (Score:3, Interesting)
Xconfigurator (Score:2, Interesting)
Webmin all the way (Score:5, Interesting)
Doom... (Score:4, Interesting)
http://www.cs.unm.edu/~dlchao/flake/doom/
In a word (Score:5, Interesting)
Perl is your friend
Re:Add tool name here - once. (Score:2, Interesting)
Re:Not The FP (Score:1, Interesting)
No Seriously.
CSSH (Score:2, Interesting)
Source Forge Page [sourceforge.net]
BIND (Score:3, Interesting)
Even better would be something that also tied into dhcpd (these are the ISC daemons Im talking about, folks), that would serve to configuring them both, even on working together in a ddns/dhcp setup.
Re:Shouldn't you be asking (Score:2, Interesting)
RCS and Bastille-Linux (Score:4, Interesting)
RCS to provide rollback and change control.
No professionally administered Linux box should be without it.
Hey, I could have started with, "One word: EMACS" (Score:2, Interesting)
But that's would be too easy. Seriously, I had to tell the truth (nano is awesome, so is vim, but then so is nano).
And I don't think anyone can fill a top ten list with configuration tools... people use rarely more than one, if any. I know I don't.
I've been using Ruby for little utilities... (Score:3, Interesting)
Nothing fancy, just twiddling configuration files (httpd.conf, etc), pushing data into a PostgreSQL database, automating StatCVS runs, etc. I keep them in CVS, of course, here [rubyforge.org].
The ultimate server admin tool (Score:3, Interesting)
Turn off all the services you don't need.
Re:Dave Lettermans Top 10 (Score:2, Interesting)
rm, su and bash don't seem to relate.
ls could, but thats a stretch
Dave Letterman's IT crew's Top 10
9) your distro's install disks
8) that other distro(that is better)install disks
7) fdisk
6) ???
5) Profit!
4) google.com or tldp.org (rtfw!)
3) lspci (plug and pray baby!)
2) man (it helps to know what your doing with it)
1) your text editor (vi|emacs|jed|nano|whatever)
0) man (rtfm!)
Re:Dave Lettermans Top 10 (Score:2, Interesting)
2) emacs or if FreeBSD, edit
3) PERL
4) IPTables, or if FreeBSD, ipfw
5) ssh
6) telnet
7) gzip/gunzip
8) any of the c compilers, plus gmake or make
9) If setting up a Unix/Linux server inside a private network, nfs
10) If a database is needed then postgreSQL, plus the DBI stuffies, plus DBD, etc. May as well include an Apache web server with mod_perl
Command line (Score:5, Interesting)
Whatever runs from the bash command line is good enough for me.
No bloated fancy GUI needed, can run remotely over a secure ssh connection, and has all the raw power you need.
I am not a luddite. For some tasks, I will use the GUI tool (e.g. Mandrake Control Center, or Webmin) to do things, when it is faster to do so. But the bulk of what I do is command line.
Re:Dave Lettermans Top 10 (Score:3, Interesting)
nohup emerge sync &
( or nohup make && make install & )
tail -f nohup.out
exit
This is the coolest thing in the world, because I can logout, the process keeps running, and I can check on the progress later from another location.
This is probably no suprise to the graybeards out there, but is sparkly to a n00b like me.
Re:Tripwire (Score:2, Interesting)
Re:More or Less ? (Score:1, Interesting)
Why would you substitute more for less ?
I've had computers/OS' with more (amiga, riscos, win, I think bbc micros & spectrums also had more) but not seen less until Linux came along.
Whats the diff, is less GNU ?
God, I give up, this question is impossible to phrase without sounding trollish or flamebait, maybe thats why I've never heard the answer to it hehe.
Re:Webmin all the way (Score:3, Interesting)
Re:Webmin is nice (Score:5, Interesting)
Webmin has lots of thoughtful touches, like the ability to block certain UIDs and GIDs so that a lesser sysop cannot change the root account (for example). Another bonus is that Webmin users don't have to be regular shell accounts. It's not perfect, but it's still the Swiss Army Knife of configuration utilities.
Re:CVS (or insert your favorite alternative here) (Score:5, Interesting)
Sure, ssh keys are convenient, but they don't always replace passwords.
Passwords suck. Oh, and I have a 10 character passphrase on my privatekey that sits on my password protected computer.
I would guestimate that the liklihood that a password has been found or guessed or shown up in a plain text file (my ISP used to have a world readable radius logfile that had passwords in it) or sniffed is much greater than someone logging into my laptop (I have no remote services running) or physically beating me up and getting my key and passphrase from me.
I love the classic:
sj (misstyped su)
followed by the root password in plaintext. Gotta love that!
Make a list as you go (Score:3, Interesting)
Oh yeah, learn regular expressions. The O'Reilly book is great. The time investment *will* pay off.
RPM (Score:3, Interesting)
This is saved into the RPM database in
You can use RPM as an IDS by backing up the database to a read-only media and then use, for example:
rpm -V coreutils procps net-tools --dbpath
To see if someone's installed a root kit (if someone has, they'll have to at least modify top, ps, and netstat, which are included in these packages).
Unlike tripwire, you're not forever having to update policy files.
Ahem (Score:3, Interesting)
I second cfengine (Score:3, Interesting)
I think that even with as few as 5 systems it is worth the effort... especially if the systems are largely similar.
AMEN! (Score:1, Interesting)
Linux will never go mainstream if arcane tools from the 70's are preferred.
Re:Dave Lettermans Top 10 (Score:2, Interesting)
you can even set it with LESS=X ; export LESS
That _is_ a consideration. (Score:2, Interesting)
And even if I did (let's say I was looking at a file with messages in multiple languages), nano won't munge the Unicode, it would just ignore it. I definitely wouldn't be using a terminal-based editor when entering text with extended character sets in a document.
Re:Dave Lettermans Top 10 (Score:3, Interesting)
bash completion [freshmeat.net]
is a good start.
Re:More or Less ? (Score:2, Interesting)
lanscan/ioscan?? (Score:1, Interesting)