Linux System Administration
- Linux System Administration
This article provides a foundational overview of Linux system administration, geared towards newcomers to server management and the MediaWiki platform. Understanding these concepts is crucial for maintaining a stable and secure environment for your wiki. We will cover fundamental aspects, including user management, package management, networking, and basic security practices. This guide assumes a Debian/Ubuntu based distribution, though concepts are broadly applicable.
User and Group Management
Effective user and group management is paramount for security and organization. Linux utilizes a hierarchical user system.
Creating Users
The `useradd` command is used to create new user accounts. Important options include `-m` (create home directory), `-s` (specify shell), and `-G` (add to groups).
For example: `sudo useradd -m -s /bin/bash -G sudo newuser` creates a user named `newuser` with a home directory, Bash shell, and membership in the `sudo` group (allowing administrative privileges).
Managing Groups
The `groupadd` command creates new groups. `gpasswd` is used to manage group members. `usermod -a -G groupname username` adds a user to a supplementary group.
User Permissions
Linux employs a robust permission system based on user, group, and others. Permissions are represented by `rwx` for read, write, and execute. The `chmod` command modifies permissions. For example, `chmod 755 filename` grants the owner read, write, and execute permissions, while the group and others receive read and execute permissions. See File system permissions for more detail.
| Permission | Octal Value | Symbolic Representation |
|---|---|---|
| Read | 4 | r |
| Write | 2 | w |
| Execute | 1 | x |
| Read, Write, Execute | 7 | rwx |
Package Management
Package managers simplify software installation, updates, and removal. Debian-based systems utilize `apt`.
APT Commands
- `sudo apt update`: Updates the package lists. This should be run regularly.
- `sudo apt upgrade`: Upgrades installed packages to their latest versions.
- `sudo apt install package_name`: Installs a new package.
- `sudo apt remove package_name`: Removes a package, leaving configuration files.
- `sudo apt purge package_name`: Removes a package *and* its configuration files. See Software installation for further details.
Common Packages
| Package | Description |
|---|---|
| `apache2` | Web server (often used with MediaWiki) |
| `mysql-server` or `mariadb-server` | Database server (required for MediaWiki) |
| `php` | Server-side scripting language (required for MediaWiki) |
| `unattended-upgrades` | Automates security updates |
| `fail2ban` | Intrusion prevention framework |
Networking
Understanding networking is crucial for server administration.
Key Networking Tools
- `ifconfig` or `ip addr`: Displays network interface information. `ip addr` is the modern replacement for `ifconfig`.
- `ping`: Tests network connectivity.
- `netstat` or `ss`: Displays network connections and listening ports. `ss` is the modern replacement for `netstat`.
- `traceroute`: Traces the route packets take to reach a destination. See Network configuration for more information.
Firewall Configuration
`ufw` (Uncomplicated Firewall) is a user-friendly firewall management tool.
- `sudo ufw enable`: Enables the firewall.
- `sudo ufw allow port_number`: Allows traffic on a specific port (e.g., `sudo ufw allow 80` for HTTP).
- `sudo ufw deny port_number`: Denies traffic on a specific port.
- `sudo ufw status`: Displays the firewall status. Important to note that a firewall is vital for Server security.
Basic Security Practices
Security should be a primary concern.
SSH Hardening
- Disable root login: Edit `/etc/ssh/sshd_config` and set `PermitRootLogin no`.
- Change the default SSH port (22): Edit `/etc/ssh/sshd_config` and change `Port 22` to a different port number.
- Use key-based authentication: Disable password authentication in `/etc/ssh/sshd_config` (`PasswordAuthentication no`). See SSH access for more details.
Regular Updates
Keep your system updated with the latest security patches using `sudo apt update && sudo apt upgrade`. Automated updates using `unattended-upgrades` are highly recommended.
Monitoring Logs
Regularly monitor system logs (e.g., `/var/log/auth.log`, `/var/log/syslog`) for suspicious activity. Consider using a log analysis tool. See Log file analysis for more information.
System Monitoring
Monitoring system resources is crucial for identifying and resolving performance issues.
Common Monitoring Tools
- `top`: Displays real-time system resource usage.
- `htop`: An interactive process viewer (requires installation).
- `df -h`: Displays disk space usage.
- `free -m`: Displays memory usage.
System Resource Limits
| Resource | Description |
|---|---|
| CPU Usage | Percentage of CPU time used by processes. |
| Memory Usage | Amount of RAM used by processes. |
| Disk Space | Amount of storage space used. |
| Network Bandwidth | Amount of data transferred over the network. |
Further Resources
- Debian Administration Guide
- Ubuntu Server Guide
- System administration tasks
- Database administration
- Web server configuration
- MediaWiki installation
- Troubleshooting common issues
Intel-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Core i7-6700K/7700 Server | 64 GB DDR4, NVMe SSD 2 x 512 GB | CPU Benchmark: 8046 |
| Core i7-8700 Server | 64 GB DDR4, NVMe SSD 2x1 TB | CPU Benchmark: 13124 |
| Core i9-9900K Server | 128 GB DDR4, NVMe SSD 2 x 1 TB | CPU Benchmark: 49969 |
| Core i9-13900 Server (64GB) | 64 GB RAM, 2x2 TB NVMe SSD | |
| Core i9-13900 Server (128GB) | 128 GB RAM, 2x2 TB NVMe SSD | |
| Core i5-13500 Server (64GB) | 64 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Server (128GB) | 128 GB RAM, 2x500 GB NVMe SSD | |
| Core i5-13500 Workstation | 64 GB DDR5 RAM, 2 NVMe SSD, NVIDIA RTX 4000 |
AMD-Based Server Configurations
| Configuration | Specifications | Benchmark |
|---|---|---|
| Ryzen 5 3600 Server | 64 GB RAM, 2x480 GB NVMe | CPU Benchmark: 17849 |
| Ryzen 7 7700 Server | 64 GB DDR5 RAM, 2x1 TB NVMe | CPU Benchmark: 35224 |
| Ryzen 9 5950X Server | 128 GB RAM, 2x4 TB NVMe | CPU Benchmark: 46045 |
| Ryzen 9 7950X Server | 128 GB DDR5 ECC, 2x2 TB NVMe | CPU Benchmark: 63561 |
| EPYC 7502P Server (128GB/1TB) | 128 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/2TB) | 128 GB RAM, 2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (128GB/4TB) | 128 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/1TB) | 256 GB RAM, 1 TB NVMe | CPU Benchmark: 48021 |
| EPYC 7502P Server (256GB/4TB) | 256 GB RAM, 2x2 TB NVMe | CPU Benchmark: 48021 |
| EPYC 9454P Server | 256 GB RAM, 2x2 TB NVMe |
Order Your Dedicated Server
Configure and order your ideal server configuration
Need Assistance?
- Telegram: @powervps Servers at a discounted price
⚠️ *Note: All benchmark scores are approximate and may vary based on configuration. Server availability subject to stock.* ⚠️