March 31, 2006

My sysadmin toolbox

Author: Tony Bandy

I'm continually astounded by the depth and variety of the tools available for Linux, particularly for system administrators or even those who run just a regular Linux workstation. While other administrators in my Windows shop struggle with costly Windows GUI-based programs to get their data, I just smile and go back to my toolbox. What follows are some useful programs that I use on a daily basis.


While not as widespread as some of the other compression and backup programs, such as tar, cpio, and others, afio is a great program that just works. I use afio and the mt tools I'll talk about next for backups on my servers and my workstation on a daily basis.

The biggest plus for this program is that when it's used in a backup situation, it compresses each file, rather than creating a single big backup. This enables you to easily retrieve files as needed. Afio has lots of options and is great in scripts as well. Its backup is mostly cpio-compatible (see the afio man page for more detail).

I have a one-liner script that backs up my personal workstation and writes it to my DDS tape drive:

find /home/my_name /etc | afio -o -v -Z -L /home/my_name/backup.log /dev/st0

Here I use the find command on my home directory and the etc directory, and pipe the output to afio to begin the process. The -o option tells afio to read standard in for pathnames, while the -v switch tells it to operate in verbose mode. The -L option writes to the log file specified on the command line, while the -Z switch is the best, compressing each file with the gzip option. The last argument on the command line, /dev/st0, tells afio to write the archive to my tape drive.

Control tape drives with mt

I love my DDS drive. What I don't love is a complicated app with lots of dependencies to control that drive. The mt utility makes it easy, especially when combined with afio.

Compress the job, get tape status, rewind, they're all there. With mt and a good bash script, complicated backups are a thing of the past. I especially love to show this off to Windows people stuck with some proprietary backup application that takes 30 mouse clicks to set up. With this program, load the tape, set your script in crontab, and go grab some coffee.

After running the afio script shown above, I run this one-liner after the backup is finished:

mt -f /dev/st0 eject

This way, after I finish the backup, I know the tape is finished and ready to be filed. While this is very basic, it gives you a sample of some of the options. Here is a sample with a bit more detail:

# mt -f /dev/st0 status
SCSI 2 tape drive:
File number=0, block number=0, partition=0.
Tape block size 512 bytes. Density code 0x25 (DDS-3).
Soft error count since last status=0
General status bits on (41010000):

In this instance, we can see the type of drive (DDS-3) and type of connection (SCSI 2), as well as information about the tape.


I'm a librarian by trade, and while this tool may be a little specialized for general sysadmin work, if you're a librarian who's ever had to deal with Machine-Readable Cataloging (MARC) records, then the MARC Record Translation Program (MRTP) is for you.

MRTP will take a file of MARC records and turn them into legible, readable records that are editable by hand or with Perl. Comparable in some respects to MarcEdit, this program is more of a scripting program than a GUI-based app. It's really only useful for a specialized market, but if you need it, you need it.


Who isn't worried about network security, and knowing who is connected to your machine? I often run netstat checks to see just who is connected to my system at any particular moment. netstat --inet -p give you what's currently connected out to the Internet, as well as what program is connecting. You can add the -n option to see the numerical addresses rather than hostnames. You can pipe the results to a file to examine further, or bundle it all together in a nice bash script that could be emailed to you at intervals you designate.


Whois is a great, small, GUI-less tool in my toolbox. I find myself running it in conjunction with my netstat checks just to see if everything is on the up and up with whomever is connecting to my system. It saves time over launching a browser just to find out who's trying to get past my SSH server.

While writing this column, I've been monitoring my /var/log/messages file, and ran across this:

Failed password for invalid user kendra from port 39002 ssh2

Great, someone was trying to get into my box. I ran a whois to see if I could find some more information about that IP address:

inetnum: -
netname:      CNCGROUP-SN
descr:        CNC Group Shannxi province network

This is just a small snippet of the information provided by whois. Depending on how much information is available, it can identify who owns an IP address or netblock.


Mirrordir has saved me many times. This program seamlessly copies any partition of your choosing, creating an exact mirror.

My workstation has two discs. I set Mirrordir up to mirror my home directory via an hourly cron job. This way, even if my nightly backup tape has gone bad, I've got another backup just in case.

Mirrordir is an invaluable tool, but be careful how you set it up. List the directory to be backed up first -- otherwise, your backup directory will overwrite your home directory!

Mirrordir has many options, including secure copying, file locking, and copying over the network, not just the local machine.


Having been an Ultraedit user while running Windows, I felt a bit lost when I first started using Linux because I wasn't sure which editor to use. Would it be Gedit, Vim, Emacs? There were too many options. That's when I stumbled upon Kate.

Kate is a great editor. In fact, along with Vim, it has become my editor of choice. As a librarian who dabbles in Perl, I find its usefulness in the split screen option to examine two or more files at once. Kate has spellcheck, the ability to pipe output to another program, and more.

Kate has a tabbed interface that allows you to easily view projects, open documents, and browse the file system. At the bottom of the interface, there are options to find text in any part of your mounted drives as well as a terminal option and syntax highlighting.


Cygwin might be considered more than a single tool, but I'll list it here anyway because it's so darn valuable. Cygwin is an almost complete Linux-like environment that lets you to run Linux apps in real-time on your Windows server.

Case in point: I needed to connect to my Windows server to work on it. By running Cygwin I can run an SSH server from the Windows box and connect seamlessly using my Linux box, without having to jump through any hoops or purchase proprietary software. Apache, Exim, Emacs, OpenSSH, and cpio are just a few of the programs that you can install using a Windows installer with Cygwin.

Let us know about your most valuable utilities and how you use them. There need not be 10 of them, nor do they need to be in order. If we publish your work, we'll pay you $100.

Click Here!