capturing Linux system configuration details
THE MOST IMPORTANT CONSIDERATION in a system configuration is protecting the USER data and files.
That means organizing user accounts in such a way that their files and configurations are easily backed up and archived.
The system configuration is not as critical as user data and files, as one can rebuild the system.
User configuration details are a little more trouble, but not show stoppers if lost.
Applications and their configuration is somewhat easy, but the customizations can be as critical as user data.
And finally the system configuration, it isn't as critical as the other layers, but needed to rebuild a system.
Baselining your configration and documenting it will help you build other systems more quickly and also help you tune them.
One can figure out the applications and OS configuration without too much time, by looking at other systems.
However, losing or corrupting user files and data is the worst thing that can happen. If you don't have a backup
system, then try to mirror systems and use rsync to keep them current. Or create tar files and move them to
another system or external drive.
One can reload the OS and applications from media, even restore user accounts from backups,
but losing unsaved user DATA is very, very bad. Before making any migration changes it is imperative to
back up user accounts and the key directories such as /etc, /var, /root and of course /home.
So, protect user files FIRST, then user account details, then application configurations, then begin to
gather the OS details. The OS will be the least challenging part of migration as it will conform to
the new hardware or configuration without challenge. Applications will likely install smoothly as well,
and the localized customizations will be easy to install, but protect that info as it likely took time to
"dial it in".
NOTE: the examples on this page are from several systems and key details have been altered.
- user details - /etc/passwd, /etc/group, /etc/shadow, /etc/skel, ~/.bashrc
- network configuration - /etc/hosts, /etc/resolv.conf, /etc/nsswitch.conf, /sbin/ifconfig -a, /sbin/route, netstat
- file system configuration - /etc/fstab
- current applications - /opt, /usr/local/bin
- current disk status - fdisk -l, du -sh, df -h
- hardware configuration - /proc, dmesg, hwinfo
- security settings - if using aparmor, selinux, firewalls, etc.
- web server configuration - /etc/apache2/default-server.conf or httpd.conf - YMMV
- kernel settings - /proc, dmesg
- current disk configurations, mount points, samba, NFS or SANS details
- crontab files - crontab -l
- system configuration details (/etc/sysconfig, /etc/init.d/, or related)
- system services details (/etc/init.d or /etc/systemd or related)
- log files - /var
- user home directories - /home
- any user files and directories /home/luser
- any symbolic links - lrwxrwxrwx
User configuration is found in entries in /etc/passwd, /etc/shadow, and sometimes /etc/group
File systems that are mounted are found in /etc/fstab
IP addresses are in the /etc/hosts
Nameservers are listed in /etc/resolv.conf
Service order for name resolution is found in /etc/nsswitch.conf
a few key files:
- /etc/passwd sample lines:
- sshd:x:496:493:SSH daemon:/var/lib/sshd:/bin/false
- luser:x:9000:100:local user:/home/luser:/bin/bash
- statd:x:492:65534:NFS statd daemon:/var/lib/nfs:/sbin/nologin
- /etc/shadow sample lines:
- sshd:!:16369::::::
- luser:$6gPcWNsp.uNITWITGit/7RCML2AtCi.2v95AOxgN0:16671:0:99999:7:::
- statd:!:16369::::::
- /etc/group sample lines:
- sshd:x:493:
- users:x:100:
- nogroup:x:65534:nobody
- /etc/hosts sample line:
- 127.0.0.1 localhost # this line MUST be present, it is the loopback
- 73.42.131.7 johnmeister.com johnmeister.com/bible johnmeister.com/tech johnmeister.com/jeep johnmeister.com johnmeister.com/linux
- # 75.146.49.225 johnmeister.com johnmeister.com/jeep/sj johnmeister.com/bible johnmeister.com/tech johnmeister.com/jeep johnmeister.com johnmeister.com/linux
- /etc/fstab
- UUID=1a58b8e9-06ff-e440-8143-0e43d7a9c91b swap swap defaults 0 0
- UUID=7c561b9b-f7e9-4828-89ef-34e026bc6aa2 / ext4 acl,user_xattr 1 1
- /dev/sdb1 /opt ext4 defaults 0 0
- /etc/resolv.conf
- search com net us
- nameserver 8.8.8.8 # google dns
- nameserver 192.168.0.1 # local nat/wireless router
- nameserver 8.8.4.4 # google dns
- /etc/nsswitch.conf sample line: hosts: files mdns_minimal [NOTFOUND=return] dns
- /etc/apache2/default-server.conf (and other configuration files, see also /etc/httpd )
- /var/log/zypp/history
the following directories should be examined for system details, and likely tarred up:
(the entire /etc directory is a good idea)
/etc/systemd
/etc/sysconfig
/etc/systemd
/etc/apache2 (or httpd)
/etc/init.d
/boot - look for grub.cfg, menu.lst, etc, but realize the new h/w will be different
/root
/var/log (also cron, mail, lp and www)
to see what files have been accessed recently, try using the time sort on ls:
--> ls -alt /etc | more
total 3280
drwxr-xr-x 24 root root 4096 Aug 21 00:29 ..
drwxr-xr-x 143 root root 12288 Aug 19 21:48 .
-rw-r--r-- 1 root root 932 Aug 19 21:48 group
-rw-r----- 1 root shadow 1270 Aug 19 21:48 shadow
-rw-r--r-- 1 root root 2454 Aug 19 21:48 passwd
consider capturing an existing pstree display and other system monitoring calls like iostat,
vmstat, netstat and ps -ef to discover applications, services and scripts.
application details
https://en.opensuse.org/images/3/30/Zypper-cheat-sheet-2.pdf
--> sudo zypper info -s * | grep Name:
Name: fox16-example-apps
Name: kdebase3-apps
Name: openobex-apps
Name: tomcat-admin-webapps
Name: tomcat-webapps
Name: fd0ssh
Name: ksshaskpass
Name: libnsssharedhelper0
Name: libssh-devel
Name: libssh2-1
Name: libssh4
Name: nagios-plugins-by_ssh
Name: nagios-plugins-ssh
Name: openssh
Name: openssh-askpass
Name: pam_ssh
Name: pam_ssh-32bit
Name: sshfs
Name: autossh
processes and memory
--> ps xawf -eo pid,user,cgroup,args
PID USER CGROUP COMMAND
2 root - [kthreadd]
3 root - \_ [ksoftirqd/0]
5 root - \_ [kworker/0:0H]
7 root - \_ [rcuc/0]
8 root - \_ [rcub/0]
9 root - \_ [rcu_preempt]
10 root - \_ [rcuop/0]
11 root - \_ [rcuop/1]
12 root - \_ [rcu_sched]
...
--> pstree
systemd─┬─ModemManager─┬─{gdbus}
│ └─{gmain}
├─Thunar───{gmain}
├─accounts-daemon─┬─{gdbus}
│ └─{gmain}
├─agetty
├─applet.py───{gmain}
├─at-spi-bus-laun─┬─dbus-daemon
│ ├─{dconf worker}
│ ├─{gdbus}
│ └─{gmain}
├─at-spi2-registr───{gdbus}
├─auditd───{auditd}
├─avahi-daemon
├─bluetoothd
....
------------------------------------------------
--> free
total used free shared buffers cached
Mem: 4952844 4502796 450048 108852 120352 2427096
-/+ buffers/cache: 1955348 2997496
Swap: 0 0 0
------------------------------------------------
--> vmstat
procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
r b swpd free buff cache si so bi bo in cs us sy id wa st
0 0 0 449760 120352 2427108 0 0 3798 3227 24 55 6 3 82 9 0
------------------------------------------------
--> uptime
22:33pm up 2 days 23:15, 4 users, load average: 0.02, 0.11, 0.56
------------------------------------------------
--> ps
PID TTY TIME CMD
2664 pts/0 00:00:00 bash
30785 pts/0 00:00:00 ps
--> ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Sep05 ? 00:00:31 /usr/lib/systemd/systemd --system --deserialize 18
root 2 0 0 Sep05 ? 00:00:00 [kthreadd]
root 3 2 0 Sep05 ? 00:00:23 [ksoftirqd/0]
root 5 2 0 Sep05 ? 00:00:00 [kworker/0:0H]
root 7 2 0 Sep05 ? 00:00:00 [rcuc/0]
root 8 2 0 Sep05 ? 00:00:00 [rcub/0]
...
luser 28993 2288 11 19:51 ? 00:19:17 /usr/lib64/firefox/firefox
root 29204 2 0 22:15 ? 00:00:00 [kworker/0:2]
root 30289 2 0 22:28 ? 00:00:00 [kworker/0:0]
root 30427 2 0 22:30 ? 00:00:00 [kworker/1:1]
root 30745 2 0 22:33 ? 00:00:00 [kworker/0:1]
luser 30857 2664 0 22:35 pts/0 00:00:00 ps -ef
luser 32668 2653 0 08:30 pts/2 00:00:00 -bash
--> top
top - 22:36:52 up 2 days, 23:19, 4 users, load average: 0.01, 0.07, 0.46
Tasks: 182 total, 1 running, 181 sleeping, 0 stopped, 0 zombie
%Cpu(s): 6.3 us, 2.7 sy, 0.0 ni, 81.6 id, 9.1 wa, 0.0 hi, 0.2 si, 0.0 st
KiB Mem: 4952844 total, 4515968 used, 436876 free, 120548 buffers
KiB Swap: 0 total, 0 used, 0 free. 2435264 cached Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2045 root 20 0 304028 62872 42396 S 6.250 1.269 47:01.59 X
31008 luser 20 0 15344 2640 2156 R 6.250 0.053 0:00.01 top
1 root 20 0 35776 5712 3568 S 0.000 0.115 0:31.85 systemd
2 root 20 0 0 0 0 S 0.000 0.000 0:00.08 kthreadd
3 root 20 0 0 0 0 S 0.000 0.000 0:23.82 ksoftirqd/0
5 root 0 -20 0 0 0 S 0.000 0.000 0:00.00 kworker/0:0H
7 root -2 0 0 0 0 S 0.000 0.000 0:00.00 rcuc/0
...
hardware details
hwinfo --short
cpu:
Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz, 2125 MHz
Intel(R) Core(TM)2 CPU 6400 @ 2.13GHz, 2125 MHz
keyboard:
/dev/input/event2 Microsoft Natural® Ergonomic Keyboard 4000
mouse:
/dev/input/mice Microsoft IntelliMouse Optical
graphics card:
Intel 965Q
Intel 82Q963/Q965 Integrated Graphics Controller
sound:
Dell OptiPlex 745
storage:
Dell OptiPlex 745
Dell OptiPlex 745
network:
lan0 Dell OptiPlex 745
network interface:
lan0 Ethernet network interface
lo Loopback network interface
disk:
/dev/sda ST2000DM001-1CH1
/dev/sdb ST4000DM000-1F21
partition:
/dev/sda1 Partition
/dev/sda2 Partition
/dev/sdb1 Partition
cdrom:
/dev/sr0 TSSTcorp DVD+-RW TS-H653A
usb controller:
Dell OptiPlex 745
Dell OptiPlex 745
Dell OptiPlex 745
Dell OptiPlex 745
Dell OptiPlex 745
Dell OptiPlex 745
Dell OptiPlex 745
bios:
BIOS
bridge:
Dell OptiPlex 745
Intel 82Q963/Q965 PCI Express Root Port
Dell OptiPlex 745
Dell OptiPlex 745
Intel 82801 PCI Bridge
Intel 82801HB/HR (ICH8/R) LPC Interface Controller
hub:
Linux 3.11.10-29-desktop uhci_hcd UHCI Host Controller
Linux 3.11.10-29-desktop uhci_hcd UHCI Host Controller
Linux 3.11.10-29-desktop uhci_hcd UHCI Host Controller
Linux 3.11.10-29-desktop uhci_hcd UHCI Host Controller
Linux 3.11.10-29-desktop uhci_hcd UHCI Host Controller
Linux 3.11.10-29-desktop ehci_hcd EHCI Host Controller
Linux 3.11.10-29-desktop ehci_hcd EHCI Host Controller
memory:
Main Memory
unknown:
FPU
DMA controller
PIC
Timer
Keyboard controller
/dev/lp0 Parallel controller
Dell OptiPlex 745
Serial controller
/dev/input/event3 Microsoft Natural® Ergonomic Keyboard 4000
if the Linux system is hosted on a VMware, see this page:
http://www.tomsitpro.com/articles/vmware-esx-esxi-troubleshooting,2-810.html
network info related to connections and services
--> ifconfig -a
eth0 Link encap:Ethernet HWaddr 00:23:18:1C:D0:75
inet addr:192.168.0.17 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:192615484 errors:0 dropped:97 overruns:0 frame:0
TX packets:99363459 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:289947522091 (276515.5 Mb) TX bytes:10252367945 (9777.4 Mb)
Interrupt:20 Memory:ffce0000-ffd00000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1304 (1.2 Kb) TX bytes:1304 (1.2 Kb)
wlp1s0 Link encap:Ethernet HWaddr 00:26:C6:55:2A:86
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
-->sudo route add default gw 192.168.0.1
--> route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
--> sudo netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:4000 0.0.0.0:* LISTEN 1532/nxd
tcp 0 0 127.0.0.1:12001 0.0.0.0:* LISTEN 2274/nxnode.bin
tcp 0 0 127.0.0.1:25001 0.0.0.0:* LISTEN 2304/nxclient.bin
tcp 0 0 127.0.0.1:21482 0.0.0.0:* LISTEN 1385/nxserver.bin
tcp 0 0 0.0.0.0:587 0.0.0.0:* LISTEN 1338/master
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1231/httpd2-prefork
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 1207/vsftpd: LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1235/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 2204/cupsd
tcp 0 0 127.0.0.1:7001 0.0.0.0:* LISTEN 2274/nxnode.bin
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1338/master
tcp 0 0 :::22 :::* LISTEN 1235/sshd
udp 0 0 0.0.0.0:51049 0.0.0.0:* 440/avahi-daemon: r
udp 0 0 192.168.0.38:123 0.0.0.0:* 1233/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 1233/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 1233/ntpd
udp 0 0 0.0.0.0:631 0.0.0.0:* 2204/cupsd
udp 213248 0 192.168.0.38:5353 0.0.0.0:* 1385/nxserver.bin
udp 0 0 0.0.0.0:5353 0.0.0.0:* 1385/nxserver.bin
udp 0 0 0.0.0.0:5353 0.0.0.0:* 440/avahi-daemon: r
udp 0 0 :::123 :::* 1233/ntpd
udp 0 0 :::52283 :::* 440/avahi-daemon: r
udp 0 0 :::5353 :::* 440/avahi-daemon: r
|
