Aravindan Arun, JRF

Contents at a Glance
 Introduction of WEBMIN
 Installing WEBMIN
 Secure Your WEBMIN Server
 User and Groups
 Disk and Network File System
 NFS File Sharing
 Disk Quotas
 Partitions, RAID and LVM
 Bootup and Shutdown
 Scheduled Commands
 Process Management
 Software Packages
 System Logs
 File System Backup
 Network Configuration
• Webmin is a web-based system configuration tool for Open Solaris, Linux
and other Unix-like systems.

• Webmin running as its own process and web server. It defaults to TCP port
10000 for communicating.

• Webmin is a web-based interface for system administration for Unix.

• It is built around modules, which have an interface to the configuration files

and the Webmin server. This makes it easy to add new functionality without
much work.

• Webmin also allows for controlling many machines through a single

interface, or seamless login on other webmin hosts on the same subnet or
LAN.

• No compilation/compilers required.

• Platform Independent Architecture.

• Runs over multiple platforms.
INSTALLING WEBMIN

The Webmin configuration directory

The Webmin log directory
Your Operating system type
Web server port
Web server login and password
Web server hostname
Use SSL
Start Webmin at boot time
EXERCISE 1 - INSTALLING
WEBMIN
EXERCISE 1 - INSTALLING
WEBMIN
EXERCISE 1 - INSTALLING
WEBMIN
SECURE YOUR WEBMIN SERVER

Network Security
Unless you are running Webmin on a system that is never
connected to any other network, it is a wise idea to restrict which
client network addresses are allowed to log in. Because Webmin is
so powerful, anyone who manages to log in will have total control
over your system as though they had root shell access.

Even though a username and password is always required to log in,

it is always good to have an additional layer of security in case an
attacker guesses your password.

IP access control also protects you from any bugs in Webmin that
may show up in future that will allow an attacker to log in without a
password some older releases have had just this problem.
SECURE YOUR WEBMIN SERVER

SSL Encryption

If you are accessing your Webmin server over an untrusted

network such as the Internet, you should be aware that, by
default, an attacker can capture your login and password by
listening in on network traffic.

This is particularly easy if you are using a non-switched Ethernet

network shared by people that you do not fully trust, such as
those in offices or universities.
USERS AND GROUPS

• The Webmin module Users and Groups that is found under the
System category can be used to create, edit, and delete all the
LINUX users and groups on your system.

• You should always be careful when using this module to edit

existing system users like root and daemon because changing or
deleting them could stop your system from working.

• Some users have their home directory set to / (the root directory).

• Deleting such a user would cause all the files on your system to be
deleted!
EXERCISE 2 - CREATE USERS AND
GROUPS
EXERCISE 2 - CREATE USERS AND
GROUPS
EXERCISE 2 - CREATE USERS AND
GROUPS
DISK AND NETWORK FILESYSTEMS

• The set of files that is actually mounted at a mount point is called a

filesystem.

• Webmin directly modifies this file to manage filesystems that are

mounted at boot time, and calls the mount and unmount commands
to immediately activate and deactivate filesystems.

• The Disk and Network Filesystems Webmin module also manages

with virtual memory.
EXECRISE – 3 DISK AND
NETWORK
FILESYSTEMS
NFS FILE SHARING

NFS is the most common protocol for sharing files between UNIX
systems over a network.

NFS servers export directories from their local hard disks to NFS
clients, which mount them so that they can be accessed like any
other directory.

Unlike other file sharing protocols, such as Windows networking,

Netware, and AppleShare, NFS was designed to support client
systems that have multiple users.

This means that a client never logs into a server, and that the
server almost completely trusts the client to authenticate users.
DISK QUOTAS

• A Disk Quota is a limit set by a system administrator that restricts

certain aspects of file system usage on modern operating systems.

• An administrator can prevent one user from consuming an entire

file system's resources, or create a system of tiered access,
whereby users can have different levels of restriction.

• Disk quotas are typically implemented on a per-user or per-group

basis. That is, a system administrator defines.
EXERCISE 4 - DISK
QUOTAS
PARTITION, RAID AND LVM

All hard disks used by Linux and other operating systems on PC

hardware are divided into one or more non-overlapping regions
called partitions.

Sometimes an entire hard disk will be taken up by one partition,

but usually your system will have at least two partitions on the
primary disk—one for the root filesystem, and one for virtual
memory (also known as swap space).

Each partition can be used for either a single filesystem or for

virtual memory.

The Amount of free disk space will be displayed as well. If a

partition is being used for software RAID, the raid device that it is
part of will be shown. Similarly, if a partition is part of an LVM
volume group, the group name will be displayed under the Use
column.
EXERCISE 5 - PARTITION,
RAID AND LVM
EXERCISE 5 - PARTITION,
RAID AND LVM
EXERCISE 5 - PARTITION,
RAID AND LVM
BOOTUP AND SHUTDOWN

• This piece of code is called a boot loader, and is responsible for

displaying a menu of operating systems to the user and loading
one of them. There are several boot loaders available for Linux,
such as LILO and GRUB, but they all do basically the same thing.

• At shutdown time, a series of scripts is also run to shut down

servers and unmount filesystems.

• These scripts also have a fixed order so that the deactivation of

networking and other basic services happens last. If requested
and supported by the hardware, the last step in the shutdown
process will be the powering off of the system by the kernel.
EXECRISE 6 - BOOTUP AND
SHUTDOWN
EXECRISE 6 - BOOTUP AND
SHUTDOWN
EXECRISE 6 - BOOTUP AND
SHUTDOWN
EXECRISE 6 - BOOTUP AND
SHUTDOWN
EXECRISE 6 - BOOTUP AND
SHUTDOWN
EXECRISE 6 - BOOTUP AND
SHUTDOWN
SCHEDULED COMMANDS

• A Cron job is a UNIX term for a command that is run on a regular

schedule by the cron daemon.

• Cron jobs are very useful for performing regular system tasks,
such as cleaning up log files, synchronizing the system time,
backing up files, and so on.

• If multiple commands to execute are entered on separate lines,

some may fail due to extra newline characters being added to the
at job.

• Scheduled commands created from within Webmin will use

environment variables set by Webmin itself, which are not be the
same as the variables that would have been set if the command
was created by its owner at the shell prompt.
EXECRISE 7 - SCHEDULED
COMMANDS
EXECRISE 7 - SCHEDULED
COMMANDS
EXECRISE 7 - SCHEDULED
COMMANDS
EXECRISE 7 - SCHEDULED
COMMANDS
PROCESS MANAGEMENT

• Every program, server, or command running on a Linux system is a

process. At any time, there are dozens of processes running on
your system, some for programs that you are interacting with
graphically.

• Each process is identified by a unique ID known as the PID, or

process ID.

• Each is owned by a single user and is a member of multiple

groups, which determine the privileges that the process.

• A process will run until it chooses to exit, or until it is killed by a

signal from another process.
EXECRISE 8 - PROCESS
MANAGEMENT
EXECRISE 8 - PROCESS
MANAGEMENT
EXECRISE 8 - PROCESS
MANAGEMENT
EXECRISE 8 - PROCESS
MANAGEMENT
EXECRISE 8 - PROCESS
MANAGEMENT
EXECRISE 8 - PROCESS
MANAGEMENT
SOFTWARE PACKAGES

All Linux systems use some kind of software packaging system to

simplify the process of installing and removing programs.

A package is a collection of commands, configuration files, man

pages, shared libraries, and other files that are associated with a
single program, combined into a single package file.

When it is installed, the package system extracts all the component

files and places them in the correct locations on your system.
Because the system knows which package every file came from,
when you want to remove a package it knows exactly which files to
delete.
EXECRISE 9 - SOFTWARE
PACKAGES
EXECRISE 9 - SOFTWARE
PACKAGES
EXECRISE 9 - SOFTWARE
PACKAGES
EXECRISE 9 - SOFTWARE
PACKAGES
EXECRISE 9 - SOFTWARE
PACKAGES
EXECRISE 9 - SOFTWARE
PACKAGES
SYSTEM LOGS

• Linux servers generate log messages for errors, warnings,

requests, and diagnostic information.

• Logs can be written to a file, sent to another server, passed to

another program via a pipe, or even broadcast to all users logged
into the system.

• Normally logs are written to files in the /var/log directory.

• On most Linux distributions the file /var/log/messages contains

general information, error and warning messages, the file /var/log/
mail records incoming and outgoing mail, and /var/log/secure
records successful and failed logins.
FILE SYSTEM BACKUP

• All Unix and Linux Systems come with the tar Command, which can
backups multiple file and directories into a single file, with all
permissions and ownership information preserved.
• Tar is the most common Unix backup format, and although it was
originally designed for backups to tape (tar stands for tape
archive), it words just as well to local or remote files.
EXERCISE 10 - FILE SYSTEM
BACKUP
EXERCISE 10 - FILE SYSTEM
BACKUP
EXERCISE 10 - FILE SYSTEM
BACKUP
EXERCISE 10 - FILE SYSTEM
BACKUP
NETWORK CONFIGURATION

• A Linux system can be connected to a network or the Internet in

several different ways—for example, via an Ethernet network card, a
token ring card, or a PPP (Point-to-Point Protocol) connection over a
dial-up modem.

• Every Ethernet network card, PPP connection, wireless card, or other

device in your system that can be used for networking is known as
an interface.

• Interfaces are usually associated with a piece of hardware (like a

network card), but they can also be dynamically created (like PPP
connections).

• For an interface to be used, it must first have an IP address

assigned, which may be fixed and set from a configuration file on
your system or dynamically assigned by a server.
EXERCISE 11 - NETWORK
CONFIGURATION
EXERCISE 11 - NETWORK
CONFIGURATION
EXERCISE 11 - NETWORK
CONFIGURATION
EXERCISE 11 - NETWORK
CONFIGURATION
EXERCISE 11 - NETWORK
CONFIGURATION
REFERENCE

• Web:

http://www.webmin.com

• Books:

webmin - joe coper

webmin - jamiecameron
 THANK YOU
BY
BY
ARAVINDAN ARUN