Linux for Windows systems administrators
Administer Linux with GNOME desktop tools
Can you point-and-click on Linux? Absolutely!
This content is part # of # in the series: Linux for Windows systems administrators
This content is part of the series:Linux for Windows systems administrators
Stay tuned for additional content in this series.
In this article, learn about these concepts with Linux on the desktop:
- Working with user and group accounts
- Managing files and folders
- Working with services
- Monitoring the system
- Reviewing log files
To get the most from the articles in this series, you should have knowledge of managing user and group accounts, files, folders, and reviewing log files in a Windows server environment. A basic understanding of logging in and navigating a Linux desktop environment such as LXDE, GNOME, or KDE is expected. Additionally, it's beneficial to have a working Linux computer to explore the concepts and examples in the article.
Working with user and group accounts
When you consider server management from a desktop environment, a user and group management tool is a must have. For the latest release of GNOME 3.2, that tool is located in the GNOME Control Center. The GNOME Control Center is a central location to manage various aspects of your Linux computer—not unlike the Windows Control Panel. Still widely used today is the GNOME System Tools (GST). GST provides useful tools for Linux administrators, including a tool to manage user and group accounts. Some popular Linux distributions provide the system-users-config tool as the default user manager. So, no matter your Linux distribution, you should have access to manage local user accounts out of the box, usually under the users and groups label.
Linux has no registry. So the GUI tools you use are just front-end tools to write data to a file on the file system. For the task of managing users and groups, you manage the underlying /etc/passwd and /etc/group files with those tools. The /etc/passwd file maintains user account information, while the /etc/group file stores group account information. User passwords are encrypted in the /etc/shadow file, while group passwords are stored in the /etc/gshadow file.
The GNOME user and group management tool provides a straightforward interface for account management, shown in Figure 1.
Figure 1. Creating a user
Provided you have the privileges, you can create and edit user and group accounts. In addition, you can manage detailed account settings such as location of the home directory, user ID, default login shell, password resets, and group membership assignment. Standard users typically have access to the tool for password management.
To create a new group, click on the Groups tab and enter the group name. As shown in Figure 2, after you create a group you can then manage the membership simply by selecting or clearing the check boxes next to users' names.
Figure 2. Creating a group
Managing files and folders
In Windows, Windows Explorer is the tool of choice for many to navigate the file system. The GNOME project has Nautilus. Nautilus is a file manager with a strong development team and wide user base. It has been in development since 2001.
If you use the GNOME desktop, chances are Nautilus is already installed. If you are not using GNOME, you can still download and install Nautilus, so check your distribution's documentation.
One of the primary tasks you perform with a file manager is navigating the file system. With Nautilus, you can even switch it to browser mode, which gives you more of a Windows Explorer feel. Remember, in Linux all folders are mounted as subfolders to the main root (/) directory. So if you have remote drives mounted to your Linux server, such as from a Windows or another Linux computer, you can navigate the file system from the root (/) directory just as you would a directory located on the local file system, as shown in Figure 3.
Figure 3. Navigating the file system
Navigating in Nautilus is similar to navigating in Windows Explorer. Click on a folder to drill down into the subfolders. Right-click on any folder or file to perform the usual tasks you've come to expect with a file manager, such as copy, rename, delete, open, compress, and manage the permissions.
For viewing preferences, you can set options such as detailed view, listed view, by name, and so on, as shown in Figure 4.
Figure 4. Managing file preferences
Read, write, and execute
When you right-click to manage the permissions of a folder or file, you can view or change the permissions (if your account has access to do so). In Nautilus, if a file or folder is not within the security permissions for your user account, a lock icon displays next to it. With Linux, each folder has three sets of permissions: user owner (u), group owner (g), and other (o). Within each set, you can assign the basic permissions of read, write, or execute.
Remember to assign execute permission to shell scripts or any other files users need to execute. Unlike Windows, in Linux you need to explicitly grant the file execute permission to the set of users that need to perform that action. See Figure 5 for an example.
Figure 5. Setting the permissions on a file
Table 1 summarizes the basic permission options for a typical Linux file. I include octal representation because many Linux-related installation and software documents reference the permissions in octal notation.
Table 1. Linux permissions
|Read and write||6|
|Read and execute||5|
|Full permission (read, write, and execute)||7|
When you create a new file using Nautilus, it uses the underlying Linux
umask, just like when you
create a file from the command line. The
determines the default permissions. Most Linux distributions default to
022. Files work from the 666 octal. You just
need to do some subtraction to understand how
umask works. If you create a new file and the
file's default permissions are 666 - 022, or 644. That's to say the user
owner has read and write permission, while the group owner and other have
The same concept applies when you create folders using Nautilus. Folders
work from the 777 octal. With the same
022, if you create a new folder its default
permissions are 777-022, or 755. This means the user owner has full
permission, and the group owner and other have read and execute
As in Windows Explorer, you can easily share a folder using Nautilus. To do so, right-click on the folder you want to share, and select the Sharing Options menu item. Next, select the Share this folder check box, as shown in Figure 6.
Figure 6. Sharing a folder
Additionally, you can select the Allow others to create and delete files in this folder check box if you want other people to be able to save documents in the folder. If you do, Nautilus will ask for confirmation from you to change the folder permissions.
If you have users from a mixed environment, you can select the Guest access check box to allow those users access to the folder without having a local Samba account for authentication. Use this option with care because it could introduce unnecessary security vulnerabilities to your Linux server.
If you want to share the folders with Windows users and authenticate them, you must first set up and configure Samba on your Linux server.
Working with services
With the GST installed, you can manage your server services and various other daemons (a Linux word for services) within the desktop environment, similar to using Windows services. This tool is usually labeled as Startup Preferences, and you can launch it from the System menu by clicking Preferences.
To date, the GST doesn't completely manage services such as login as, reload, restart, and so on. It can give you a basis for understanding what services are installed on your Linux computer and whether you want to run particular services upon system boot.
The green and red icons shown for the services in Figure 7 indicate whether the services are enabled or disabled to run upon system boot. These are similar to the Windows services automatic and manual options. A separate icon represents whether the services are running.
Figure 7. Viewing a running sendmail service in GST
Monitoring the system
Although not identical to the Windows Task Manager, GNOME System Monitor provides similar functionality. If you want a high-level view of your Linux computer's resource usage, GNOME System Monitor can provide a quick snapshot of the system. The four main tabs for monitoring are:
- File Systems
The System tab provides general operating system and hardware information (memory and processor), much like the System dialog in Windows that displays when you click Properties from the Window Manager desktop icon.
The Processes tab (Figure 8), displays all running processes (and there are many!). You can sort the processes by name, central processing unit (CPU) usage, and so on.
Figure 8. Killing a process
The Resources tab (Figure 9) is similar to the Windows Task Manager Performance tab. It provides historical graphing of CPU, memory/swap, and network bandwidth usage.
Figure 9. Monitoring system resources
The File Systems tab shows all mounted file systems and general information such as mount points for various partitions, free space, total space, and so on.
Reviewing log files
The GNOME System Log Viewer is comparable to the Event Viewer in Windows.
Under the hood, Linux typically uses the
rsyslog) mechanism to generate log files
for various applications, server services, and system messages. These
files usually reside in the /var/log directory on the Linux file system.
So when you first open the GNOME System Log Viewer, your distribution might
provide a way for the tool to automatically read the various logs in that
directory. If not, or if you choose to add additional log files in the
viewer, simply click File > Add, and navigate to the
desired log file.
Table 2 lists and describes some of the common Linux logs you might want to monitor with the log viewer.
Table 2. Linux log files
|boot.log||Hardware detection, mounting, and other system messages upon startup of the machine|
|secure||Security related messages|
|messages||Kernel and other general system message information|
|httpd||Web server logs directory containing access and error logs in separate files|
|cups||Directory containing log messages related to printing|
|cron||Log messages related to scheduled jobs|
|Xorg.0.log||Log messages related to the X-Window server|
|auth.log||Authentication success and failures|
|samba||Directory of access and error logs relating to the Samba server|
Table 2 is not an exhaustive list of the log files you can read with the log viewer. Even if you have commercial software installed on your server, you can use the log viewer to view those logs files as long they are in the proper log format. Explore your /var/log directory and add the log files that are appropriate for your needs.
One thing about the GNOME System Log Viewer that is considerably different from the Windows Event Viewer is that many of the log views are dependent upon the settings for the underlying system configuration. For example, the logs for the Apache web server can be configured to rotate daily. In that case, the httpd access.log only displays the current day's log messages, while the older log files are moved to archives. You can still configure the log viewer to view the archive logs by adding those as well.
When you view your logs, you can easily scroll through and read the various messages. Sometimes the volume of messages can make finding the interesting logs, such as errors or fatal messages, much like the proverbial search for the needle in the haystack. The GNOME System Log Viewer provides a filter feature that allows you to define various filters using regular expressions to highlight or show only specified log messages. For example, while troubleshooting an email issue for a particular user, you might want to filter and display only messages that contain that user's email address, as shown in Figure 10.
Figure 10. Displaying only messages based upon a filter
An more typical example for daily use is to create filters to highlight error messages in red while using another color, such as orange, for warning messages.
Figure 11 demonstrates a filter configuration that displays only root login attempts.
Figure 11. Highlighting log messages based upon a filter
With regular expressions, you can really use your imagination as the need arises to highlight or display only the messages you need.
Although Linux is known for its abundant command-line tools, you don't have to use it that way. Over the last several years, successful projects such as GNOME have made tremendous strides in providing good quality desktop tools for Linux system administration. If you are moving to Linux from a Windows environment, these tools can provide a more comfortable transition while allowing you to effectively manage your Linux servers.
- Read Windows-to-Linux roadmap: Part 3. Introduction to Webmin (Chris Walden, developerWorks, November 2003) to learn more about browser-based administrative tools for Linux.
- To learn more about Linux logging, check out Windows-to-Linux roadmap: Part 5. Linux logging (Chris Walden, developerWorks, November 2003).
- Learn more about the general features of the GST and perform a variety of administrative chores.
- Explore the GNOME System Log Viewer.
- In the developerWorks Linux zone, find hundreds of how-to articles and tutorials, as well as downloads, discussion forums, and a wealth of other resources for Linux developers and administrators.
- Follow developerWorks on Twitter.