Initial Server Configuration
Goals
Initial Host Configuration
We could do this for you, but it’s important to understand how some of this software work with the tools you will be installing this week.
Notes:
Commands preceded with “$” imply that you should execute the command as a general user - not as root.
Commands preceded with “#” imply that you should be working as root.
Commands with more specific command lines (e.g. “rtrX>” or “mysql>”) imply that you are executing commands on remote equipment, or within another program.
If a command line ends with “\” this indicates that the command continues on the next line and you should treat this as a single line.
Exercises
Update your software package repository
Connect to your virtual machine (oob.hostX.campusY.ws.nsrc.org) as the user sysadm and then from the command line:

$ sudo apt update
This might take a few moments if everyone in class is doing this at the same moment.

Install the “nano” editor package:
NOTE: Some packages may already be installed. This is OK. Just continue to the next step in the exercises.

$ sudo apt install nano
The nano editor package is simpler to use than vi. Try using the editor to create a new file in your sysadm home directory:

$ cd
$ nano newfile.txt
Type in some text for practice. You can type “ctrl-g” to see a list of nano editor commands, that is, press the ctrl key and the g key. You need to press “ctrl-x” to exit the help screen.

You can save and exit from the file by typing “ctrl-x”, then “y” and <ENTER> to accept the file name.

Setting time to UTC, checking time sync
In order to manage and monitor your network it is critical that all devices and servers maintain the same, consistent time. To achieve this, you should select the same display time zone on all machines (so that you can compare times easily), and ensure the clocks are synchronized using the Network Time Protocol (NTP).

First, let’s set your server’s clock to display UTC time (Coordinated Universal Time), which is a good choice if you are managing a network that spans multiple time zones. At the command line type:

$ sudo dpkg-reconfigure tzdata
Scroll to the bottom of the list and select “None of the above”
Scroll down the list and select “UTC”
Use the tab key to select “<Ok>” and press <ENTER>
Now your server is displaying UTC time. Check by running the command date:

$ date
Wed Sep 28 14:30:35 UTC 2022
                    ^^^
Now you want to check that your machine’s clock is synchronized. There are a couple of ways of doing this. Recent Linux distributions with systemd have time synchronization built in.

Check the status:

$ timedatectl status
               Local time: Wed 2022-09-28 14:31:28 UTC
           Universal time: Wed 2022-09-28 14:31:28 UTC
                 RTC time: n/a
                Time zone: Etc/UTC (UTC, +0000)
System clock synchronized: yes         <<< HERE
              NTP service: inactive
          RTC in local TZ: no
Since host1-host6 are containers, in fact they all share the same clock as the VM they are running on (srv1.campusX.ws.nsrc.org). To find out which NTP server(s) you are synced against, normally you could do timedatectl timesync-status, but this only works on the outer VM.

Note: in your production network, it’s strongly recommended that you run a full ntp daemon on at least two servers, and get all your other servers to sync against those (e.g. in /etc/systemd/timesyncd.conf). This minimises the amount of ntp traffic going over your Internet link, and the amount of jitter that your local machines see.

Install the postfix mailserver software and some mail utilities
At the command line type:

$ sudo apt install postfix mutt mailutils
This might take a moment to complete.

Several tools will use the postfix mailserver during the week. In addition, we will use a number of the mail utilities (such as mail) and you will use the mutt email reader later in the week.

For fun you can practice restarting a service by restarting the postfix mailserver. Note that the service was started as soon as installation was completed:

$ sudo systemctl restart postfix
You might do this if you changed a postfix configuration file.

To see the status of the running postfix service do:

$ sudo systemctl status postfix
You should see something like this:

● postfix.service - Postfix Mail Transport Agent
     Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor preset: enabled)
     Active: active (exited) since Wed 2022-09-28 14:51:08 UTC; 3s ago
       Docs: man:postfix(1)
    Process: 4193 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
   Main PID: 4193 (code=exited, status=0/SUCCESS)
        CPU: 1ms

Sep 28 14:51:08 host1 systemd[1]: Starting Postfix Mail Transport Agent...
Sep 28 14:51:08 host1 systemd[1]: Finished Postfix Mail Transport Agent.
With the last few lines that are log file notices for the postfix mail service.

Deliver an Email to Yourself
To verify that your mail server is working (at least locally) you can do the following:

$ echo "My first email" | mail -s "First email" sysadm@hostX.campusY.ws.nsrc.org
(Replace ‘X’ and ‘Y’ with your specific virtual machine information).

And, then to view your email type:

$ mutt
You may see the following:

/home/sysadm/Mail does not exist. Create it? ([yes]/no):
Press “y” to continue. You should now be in your inbox listing.

Press <ENTER> to view the email. To exit type “q” two times to quit - once to exist back to the inbox, and once to exit mutt.

If for some reason you do not see the mail you can try to do the following and then send the mail message again:

$ sudo touch /var/mail/sysadm
$ sudo chown sysadm:mail /var/mail/sysadm
It’s important that mail is working on your system as this will be used throughout the week by the network monitoring and management software that you install. If you did not get mail to work please let your instructor know so that the issue can be resolved right away.

Viewing log files in real time
Log files are critical to solve problems. They reside (largely) in the /var/log/ directory.

Some popular log files include:

/var/log/syslog
/var/log/apache2/access.log
/var/log/mail.log
and many more.

To view the last entry in a log file, such as the system log file, type:

$ tail /var/log/syslog
Some log files may require that you use “sudo tail logfilename” to view their contents.

What’s more effective is to watch a log file as you perform some action on your system. To do this open another ssh session to your server now, log in as user sysadm and in that other window type:

$ tail -f /var/log/syslog
Now in your other window try restarting the postfix service you recently installed:

$ sudo systemctl restart postfix
You should see quite a few log messages appear in your other ssh window. These are real-time messages coming from the postfix service. We’ll talk about logging more later in the week, but viewing your log files to debug issues is often the only way to solve a problem.

In the window where you typed “sudo tail -f /var/log/syslog” you can press ctrl-c to exit from the tail command.

Verifying status of a service
Remember we typed:

$ sudo systemctl status postfix
which will indicate if a service is running or stopped. If you are having problems with a service you can view the last few lines of the system log files associated with that service by typing:

$ sudo journalctl -eu postfix
Practice using the man command
to get help on command you can use the man command (“man” is short for manual). For instance, to learn more about the ssh command you could do:

$ man ssh
Now you can move around the help screen quickly by using some editing tricks. Note that these tricks work if you are using the less command as well.

Try doing the following:

Search for “ports” by typing “/ports” – press <ENTER>
Press “n” to go to the next occurrence of “ports” – do this several times.
Press “N” to search backwards.
Press “p” to go to the start.
Search on “/-p” and see what you find.
Press “h” for all the keyboard shortcuts.
Press “q” (twice in this case) to quit from the man page.