SlideShare a Scribd company logo

Ch06 system administration

Download as PPT, PDF
R
Raja Waseem Akhtar

Managing system software involves maintaining operating systems, utilities, and applications through periodic installation of software packages and patches. The key challenges are the wide variety of package formats, management tools, and missing features in specific tool sets. Before installing software, administrators should understand hardware and software requirements, installation types and tools, disk layouts, and pre-installation steps.

Technology
1 of 30
Downloaded 25 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
Managing System Software   Chapter 6
Chapter Objectives Explore hardware and software requirements for application installation. Explore types of software installations. Explore software installation and maintenance tools. Explore disk layout, and pros/cons of partitioning. Explore steps required before an installation is attempted.
Managing System Software Operating systems, utilities and applications are continually being updated. User’s request new software package installations as their needs change or new packages become available. Vendors constantly offer new versions of operating systems, utilities and applications. Bugs are found and patches to correct them need to be applied. No matter the source or the reason, the system administrator will be called upon to manage the system's software on a routine basis. Software maintenance is the task of obtaining, installing and keeping track of these updates.
Software Maintenance Concepts Software maintenance is conceptually pretty straight-forward. As new features are added or bugs discovered, the provider of the operating system or applications bundles together the files needed to add the feature or correct the bug and makes them available. The bundle of files is then installed to add the feature or correct the problem and possibly some additional commands are run to adjust configuration information as needed by the newly installed files. Depending on the installation tools used, the bundle of files may also be checked for correct installation and authenticity as part of the installation process.
Software Maintenance Concepts These bundles of files are given various names. Packages refer to a bundle of files that contain the programs, configuration files and installation commands for a single facility such as a print spooler. Updates often refer to bundles that add additional features. Patches, service packs and hot fixes often refer to bundles that correct a problem.
Software Maintenance Concepts Some vendors group bundles together into larger groupings. For example, Sun calls the groupings of Solaris packages, clusters, while Red Hat names their groupings for the type of system (e.g. server, client, laptop, etc.). A configuration is the term often used to describe a particular suite of packages such as the suite of packages one might install on each of a group of similar systems or the complete suite required packages needed to set a system up as a web server or print server.
Software Maintenance Concepts The difficulty in performing software maintenance comes in four areas. First, there is not much agreement on the format for bundling files. Second, various bundling formats require specialized installation, removal and management tools. These tools are different between vendors, and offer differing feature sets. Third, updates, often overwrite configuration files, reset values to defaults, add users, turn on services, or perform other actions that causing working software to fail, or security to be compromised. Finally, there is the chore of keeping track of which updates have been installed and which of the available updates need to be installed.
Software Packaging Formats Bundles of software can be packaged in a wide variety of forms. It's not uncommon to use one format for the operating system software, another for an application program and third format for a tool or utility program. The self-extracting formats should be examined most carefully before using them. These formats have a history of being attacked via so-called Trojan Horse programs.   A careful system administrator will verify the authenticity of any patch or package before he installs it.
Software Maintenance Tools The wide variety of software packaging formats can be grouped together based on the features present in the tools used to manage them. There are three basic types of tools, simple archivers specialized multiple command package management suites all in one tools Additionally, many of these tools include additional graphical interfaces making them easier to learn and use. Individual package management tools are not hard to learn, it is the variety of differing feature sets and tools across operating systems that makes this task tougher then it ought to be.
Simple Archivers The simplest of the software package management tools are the simple archivers such as tar, zip and cpio. These common archiving tools are found on both UNIX and Windows and are used to create and install files from their corresponding archive formats. Macintosh users will be familiar with Stuff-It tool for archiving files on that platform. While tar, zip, cpio and other archive tools have the advantages of being cross platform, commonly used and readily available, they lack a number of features commonly found in tools specifically designed for software package management.
Simple Archivers Drawbacks of simple archival tools Tracking installed software is left up to the administrator. Simple archivers make no installation records. The system administrator must use some external means to record what has been installed via these tools. Any additional work required such as modifying configuration files or additional set up steps must be performed by hand. These tools provide no integrated way to verify the authorship of the archive. A simple archive does not contain the information needed to check for any dependencies the package may require. None of these tools provide a direct method for obtaining the archives over the Internet.  
Software Package Management Tools To address these deficiencies of simple archive tools for software package management, specialized installation tools were developed. Unlike the simple archivers whose packaging format is common across systems, these specialized tools use a wide variety of formats with limited cross platform availability. Worse still, the tools used to manage these packages are at least as varied as the packaging formats themselves. Finally, the features provided by these tools vary from tool to tool often leaving the system administrator to pick up the slack when a needed feature is missing.  
Software Package Management Tools A typical suite has commands to install or update packages, inquire about which packages are installed and remove packages. Dependency checking is an important feature for a package installation tool as many UNIX packages are modular, built on top of libraries found in other packages.   Verification is the act of checking that the package is installed correctly and the files in the package match those installed. This can be used to check for possible tampering that may have occurred due to a break-in or to check that file modes or ownerships have not been changed my mistake.
Software Package Management Tools Another aspect of assuring system security when installing packages is the determination of the authenticity of the package being installed. This is especially important when using packages and patches downloaded over the Internet. Listing the installed packages and removing packages are common features across all of the package installation tools.  
Software Package Management Tools Creating your own packages is one way a system administrator can deal with the installation and maintenance of locally developed software on a large number of systems. Advantages of home-grown installers: The created package can be distributed and installed using the same tools and procedures used for other packages. Any post installation configuration steps needed may be encapsulated in the package, assuring a consistent installation. Checking and verification of proper installation of a package can be used to verify that the locally developed software is installed correctly.  
Graphical Software Package Management Tools A typical software package management tools suite often tops off the command line tools with a graphical installation tool. In the case of Windows, graphical tools are the only way to install many software packages. These tools often offer the administrator fewer installation options, but handle the typical installations very well. While these graphical tools can make life easier when managing software on a single system, they suffer when put to use across many systems.
Graphical Software Package Management Tools When dealing with large numbers of systems, command line tools that can be run from scripting languages offer the flexibility needed to get package installations accomplished in a timely fashion. Graphical installers (generally) offer few installation options, by tending to oversimplify the installer for use by a novice user. Installations that make use of shared disk space for applications and other special situations will often require the use of options not found in a graphical installation tool. 
Dealing with missing features It would be terrific if every software package management tool or tool suite had all the features needed. Unfortunately, nearly every installation tool suites lack one or more features. This can be worked around by combining the installation tools with other commonly available tools.   The easiest (missing) feature to compensate for is Internet access. Most vendors provide access to software packages and patches via ftp, the web or both. Internet available packages and patches are often further packaged into one of the several common formats for download and will need to be unpacked from their distribution packaging before they can be installed.  
Authenticity & Integrity Verification that a software package is intact and was produced by the genuine author are two critical but lacking features of nearly every software package management suite. They are of special importance when using the Internet to obtain patches or other software. One method of checking integrity and authenticity is to use a public key cryptographic tool such as gpg. Another way to fill in for this missing feature is to perform checksum and MD5 cryptographic fingerprint checks on the files using the sum and md5sum commands. However, the vendor or other supplier of the patch or software package must publish a reference MD5 fingerprint or checksum value for comparison. Not all vendors do.
Catching Unintended Changes Despite the best intentions of the software vendor, installing a new package or patch sometime results in unintended changes to the operating system configuration files. These changes are not always easy to spot, but there are several things that can be done to prevent problems caused by package or patch installations. 1.      Make certain you have a good backup of the system to be patched. 2.      Install the package using an account other than root whenever possible .
Catching Unintended Changes 3.      Install the package or patch on a test system first. 4.      List and inspect the contents of the patch or package to be installed. 5.      Extract and examine the installation script(s) for setuid/setgid commands, or any chown, chmod, cp, rm, mv, or shell redirection commands to ensure that critical system files are not altered. 6.      Use a file modification monitor such as tripwire.
Finishing Touches Installing a package is often times not the end of the job for the system administrator. A wide variety of software packages require some degree of local customization, configuration, licensing or user level setup to complete the installation process and present the user with the fully functioning tool they expect. Since every package will have its own customization and configuration needs, the system administrator will need to read up on the specifics of the packages in use at his site.
Finishing Touches Configure once, and distribute the configuration. Even packages that are installed by a package installation tool often have configuration files that will need to be modified. These files can modified to suit local conditions and then distributed using a tool such as rdist. Wrap a short shell script around a package to set needed variables. Many packages require setting environment variables or adding elements to a shell’s execution path. Instead of having each user make the needed changes, one approach is to replace the program with a short shell script that sets the environment as required.
Finishing Touches For packages that contain several tools, all of which require special environmental variables or modifications to the user’s execution path consider adding the needed setup information to the skeleton files used to create the user’s accounts. Employ a specialized user environment configuration tool such as modules. The modules tool provides the means for the system administrator to package up the environment variables, PATH and other user environment changes into modulefiles that can be easily loaded by a user to configure their environment to suit a specific package. The modules tool performs complex tasks such as removing and reordering elements of the user’s execution PATH to allow even differing versions of the same package to be configured correctly.
Service Packs and other special situations Some patches and software packages cannot be installed using the usual software management tools. Special updates often require more time and a planning than the usual package installation. Following the precautions listed in the previous section on unintended changes are a must for special updates. Additional caution is recommended.
Service Packs and other special situations Keep the previous kernel version available and ready to use. On Linux this can easily be accomplished by adding an entry to /etc/lilo.conf or /etc/grub.conf. Other UNIX variants allow for a second kernel to be kept in the root or boot partition. Make an emergency boot disk. The procedure for this varies, but many operating systems allow you to make a floppy disk that the system can be booted from. Locate a bootable CD for the system being updated. Many operating systems allow you to boot from the installation CD and correct problems caused by updates.
Tracking and Distributing Packages and Patches Installing packages and patches on a large collection of systems is a challenging task. The system administrator will need to maintain records of the packages and patches installed, check for missing packages and patches, and perform multiple installations. Record keeping and checking for correct package and patch installation is rarely integrated into a software package management tool or suite of tools. A simple, external method of monitoring packages and patches is the keep records in a table such as a spreadsheet.
Tracking and Distributing Packages and Patches Another approach is to make use of the software package management tool’s ability to list the installed packages. Lists of packages from each system in a group can be gathered and compared to a master list or a master system. This makes missing patches easy to spot. The lists from each system can be stored and referred to later to determine which patches or packages need to be installed on a given system.
Tracking and Distributing Packages and Patches Package and patch distribution can be accomplished in a similar manner. One method which works well is to place the package and patch files in a network-accessible directory which is available to all the systems to be patched. Then connect to each system in turn and execute the appropriate package installation commands. Automating the actual installation of packages and patches is an area where UNIX and command line package installation tools really shine. Command line tools are readily automated by a variety of methods and are easily run remotely over a network connection such ssh.
Summary   Maintaining the software on a system involves the periodic installation of software packages and patches. While a straight-forward task in concept, the pitfalls are many. The wide variety of package formats, management tools and missing features in specific tool sets make the process of managing packages and patches more challenging then it ought to be. Before attempting a software installation, the administrator should: Explore hardware and software requirements for the application. Understand the types of software installations. Understand the software installation and maintenance tools. Understand the disk layout, and pros/cons of partitioning. Understand the steps required before the installation is attempted.

More Related Content

PPT
Ch06
Raja Waseem Akhtar
 
DOCX
Disabling windows file protection
Jhonathansmrt Smart
 
PPT
Ch04
Raja Waseem Akhtar
 
PPT
Ch1 2
Sumit Tambe
 
PPTX
System software lecture infs429
Edmund Sowah
 
PPTX
Software (application and utilities)
mawarbeduri97
 
PPT
Operating-System Structures
Cloudbells.com
 
PPTX
Security
Pooja Talreja
 
Ch06
Raja Waseem Akhtar
 
Disabling windows file protection
Jhonathansmrt Smart
 
Ch04
Raja Waseem Akhtar
 
Ch1 2
Sumit Tambe
 
System software lecture infs429
Edmund Sowah
 
Software (application and utilities)
mawarbeduri97
 
Operating-System Structures
Cloudbells.com
 
Security
Pooja Talreja
 

Viewers also liked (20)

PPT
Beat Anger
Raja Waseem Akhtar
 
PPT
Excel 2007 Unit C
Raja Waseem Akhtar
 
PPT
Ch16 system administration
Raja Waseem Akhtar
 
PPT
Ch23 system administration
Raja Waseem Akhtar
 
PPT
Chapter13 -- ensuring integrity and availability
Raja Waseem Akhtar
 
PPT
Ch18 system administration
Raja Waseem Akhtar
 
PPT
Chapter12 Managing And Implementing Backups And Disaster Recovery
Raja Waseem Akhtar
 
PPT
Drink Water To Your Health
Raja Waseem Akhtar
 
PPT
Ch20 system administration
Raja Waseem Akhtar
 
PPT
Ch14 system administration
Raja Waseem Akhtar
 
PPT
Ch10
Raja Waseem Akhtar
 
PPT
Ch04 system administration
Raja Waseem Akhtar
 
PPT
Ch24 system administration
Raja Waseem Akhtar
 
PPT
Ch12
Raja Waseem Akhtar
 
PPT
Ch08
Raja Waseem Akhtar
 
PPT
Ch11 system administration
Raja Waseem Akhtar
 
PPS
Namaz ka tareeqa
Raja Waseem Akhtar
 
PPT
Ch21 system administration
Raja Waseem Akhtar
 
PPT
Ch09 system administration
Raja Waseem Akhtar
 
PPT
Ramadan 2008
Raja Waseem Akhtar
 
Beat Anger
Raja Waseem Akhtar
 
Excel 2007 Unit C
Raja Waseem Akhtar
 
Ch16 system administration
Raja Waseem Akhtar
 
Ch23 system administration
Raja Waseem Akhtar
 
Chapter13 -- ensuring integrity and availability
Raja Waseem Akhtar
 
Ch18 system administration
Raja Waseem Akhtar
 
Chapter12 Managing And Implementing Backups And Disaster Recovery
Raja Waseem Akhtar
 
Drink Water To Your Health
Raja Waseem Akhtar
 
Ch20 system administration
Raja Waseem Akhtar
 
Ch14 system administration
Raja Waseem Akhtar
 
Ch10
Raja Waseem Akhtar
 
Ch04 system administration
Raja Waseem Akhtar
 
Ch24 system administration
Raja Waseem Akhtar
 
Ch12
Raja Waseem Akhtar
 
Ch08
Raja Waseem Akhtar
 
Ch11 system administration
Raja Waseem Akhtar
 
Namaz ka tareeqa
Raja Waseem Akhtar
 
Ch21 system administration
Raja Waseem Akhtar
 
Ch09 system administration
Raja Waseem Akhtar
 
Ramadan 2008
Raja Waseem Akhtar
 
Ad

Similar to Ch06 system administration (20)

PPTX
unit 3.pptx
DivyaKS12
 
PPT
unit 3.ppt
prakashvs7
 
PDF
Sa No Scan Paper
tafinley
 
PPTX
SOFTWARE PARADIGM
DrThenmozhiKarunanit
 
PPTX
L 10 computer software
Salman Hossain
 
PPTX
L 09 computer software
nahidhasan157
 
PDF
MSI Packaging Free eBook
Advanced Installer
 
PPTX
Computer system software
MozaSaid
 
DOCX
Window Desktop Application Testing
Trupti Jethva
 
PPTX
Software (4).ppt
rishirvk1995
 
PDF
software4-150511081405-lva1-app6892 2.pdf
sachin325314
 
PPTX
Software
adityakumar300696
 
PPT
Software Management Iltce2007b
guest804df32c5
 
DOCX
Desktop applicationtesting
Akss004
 
PPT
MSI / Windows Installer for NGN 'Dummies'
Roel van Bueren
 
PPTX
Acem computer software
Aastha Kohli
 
PDF
Description Of A Network Administrator
Gina Alfaro
 
PPT
Chapter 10
cclay3
 
PPT
Types of software
latifah2001
 
PPTX
IT ppt (Software concepts) and its types
DimpyJindal4
 
unit 3.pptx
DivyaKS12
 
unit 3.ppt
prakashvs7
 
Sa No Scan Paper
tafinley
 
SOFTWARE PARADIGM
DrThenmozhiKarunanit
 
L 10 computer software
Salman Hossain
 
L 09 computer software
nahidhasan157
 
MSI Packaging Free eBook
Advanced Installer
 
Computer system software
MozaSaid
 
Window Desktop Application Testing
Trupti Jethva
 
Software (4).ppt
rishirvk1995
 
software4-150511081405-lva1-app6892 2.pdf
sachin325314
 
Software
adityakumar300696
 
Software Management Iltce2007b
guest804df32c5
 
Desktop applicationtesting
Akss004
 
MSI / Windows Installer for NGN 'Dummies'
Roel van Bueren
 
Acem computer software
Aastha Kohli
 
Description Of A Network Administrator
Gina Alfaro
 
Chapter 10
cclay3
 
Types of software
latifah2001
 
IT ppt (Software concepts) and its types
DimpyJindal4
 
Ad

More from Raja Waseem Akhtar (20)

PPS
The prophet's wives
Raja Waseem Akhtar
 
PPS
God is Great
Raja Waseem Akhtar
 
PPS
Aayat ul qursi
Raja Waseem Akhtar
 
PPT
Indiansoldiers
Raja Waseem Akhtar
 
PPS
2ªwwii how did it fought
Raja Waseem Akhtar
 
PPT
Fun with EMC2
Raja Waseem Akhtar
 
PPS
Jerusalm at night.pps
Raja Waseem Akhtar
 
PPS
From the sky
Raja Waseem Akhtar
 
PPS
Discover the discovery
Raja Waseem Akhtar
 
PPT
Solaris servers sec
Raja Waseem Akhtar
 
PPT
The OSI - seven layers
Raja Waseem Akhtar
 
PPT
Chapter16 - the internet and its tools
Raja Waseem Akhtar
 
PPT
Chapter15 -- implementing and managing networks
Raja Waseem Akhtar
 
PPT
Chapter14 -- networking security
Raja Waseem Akhtar
 
PPT
Chapter12 -- troubleshooting networking problems
Raja Waseem Akhtar
 
PPT
Chapter11 -- networking with tcpip and the internet
Raja Waseem Akhtar
 
PPT
Chapter10 -- netware-based networking
Raja Waseem Akhtar
 
PPT
Chapter09 -- networking with unix and linux
Raja Waseem Akhtar
 
PPT
Chapter08 -- network operating systems and windows server 2003-based networking
Raja Waseem Akhtar
 
PPT
Chapter07 -- wa ns and remote connectivity
Raja Waseem Akhtar
 
The prophet's wives
Raja Waseem Akhtar
 
God is Great
Raja Waseem Akhtar
 
Aayat ul qursi
Raja Waseem Akhtar
 
Indiansoldiers
Raja Waseem Akhtar
 
2ªwwii how did it fought
Raja Waseem Akhtar
 
Fun with EMC2
Raja Waseem Akhtar
 
Jerusalm at night.pps
Raja Waseem Akhtar
 
From the sky
Raja Waseem Akhtar
 
Discover the discovery
Raja Waseem Akhtar
 
Solaris servers sec
Raja Waseem Akhtar
 
The OSI - seven layers
Raja Waseem Akhtar
 
Chapter16 - the internet and its tools
Raja Waseem Akhtar
 
Chapter15 -- implementing and managing networks
Raja Waseem Akhtar
 
Chapter14 -- networking security
Raja Waseem Akhtar
 
Chapter12 -- troubleshooting networking problems
Raja Waseem Akhtar
 
Chapter11 -- networking with tcpip and the internet
Raja Waseem Akhtar
 
Chapter10 -- netware-based networking
Raja Waseem Akhtar
 
Chapter09 -- networking with unix and linux
Raja Waseem Akhtar
 
Chapter08 -- network operating systems and windows server 2003-based networking
Raja Waseem Akhtar
 
Chapter07 -- wa ns and remote connectivity
Raja Waseem Akhtar
 

Recently uploaded (20)

PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
KodekX | Application Modernization Development
KodekX
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
cuic standard and advanced reporting.pdf
SimoneTitaniumTomase
 
Cloud computing and distributed systems.
kkkkkhan
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Teaching material agriculture food technology
LiaRayya
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 

Ch06 system administration

  • 2. Chapter Objectives Explore hardware and software requirements for application installation. Explore types of software installations. Explore software installation and maintenance tools. Explore disk layout, and pros/cons of partitioning. Explore steps required before an installation is attempted.
  • 3. Managing System Software Operating systems, utilities and applications are continually being updated. User’s request new software package installations as their needs change or new packages become available. Vendors constantly offer new versions of operating systems, utilities and applications. Bugs are found and patches to correct them need to be applied. No matter the source or the reason, the system administrator will be called upon to manage the system's software on a routine basis. Software maintenance is the task of obtaining, installing and keeping track of these updates.
  • 4. Software Maintenance Concepts Software maintenance is conceptually pretty straight-forward. As new features are added or bugs discovered, the provider of the operating system or applications bundles together the files needed to add the feature or correct the bug and makes them available. The bundle of files is then installed to add the feature or correct the problem and possibly some additional commands are run to adjust configuration information as needed by the newly installed files. Depending on the installation tools used, the bundle of files may also be checked for correct installation and authenticity as part of the installation process.
  • 5. Software Maintenance Concepts These bundles of files are given various names. Packages refer to a bundle of files that contain the programs, configuration files and installation commands for a single facility such as a print spooler. Updates often refer to bundles that add additional features. Patches, service packs and hot fixes often refer to bundles that correct a problem.
  • 6. Software Maintenance Concepts Some vendors group bundles together into larger groupings. For example, Sun calls the groupings of Solaris packages, clusters, while Red Hat names their groupings for the type of system (e.g. server, client, laptop, etc.). A configuration is the term often used to describe a particular suite of packages such as the suite of packages one might install on each of a group of similar systems or the complete suite required packages needed to set a system up as a web server or print server.
  • 7. Software Maintenance Concepts The difficulty in performing software maintenance comes in four areas. First, there is not much agreement on the format for bundling files. Second, various bundling formats require specialized installation, removal and management tools. These tools are different between vendors, and offer differing feature sets. Third, updates, often overwrite configuration files, reset values to defaults, add users, turn on services, or perform other actions that causing working software to fail, or security to be compromised. Finally, there is the chore of keeping track of which updates have been installed and which of the available updates need to be installed.
  • 8. Software Packaging Formats Bundles of software can be packaged in a wide variety of forms. It's not uncommon to use one format for the operating system software, another for an application program and third format for a tool or utility program. The self-extracting formats should be examined most carefully before using them. These formats have a history of being attacked via so-called Trojan Horse programs.   A careful system administrator will verify the authenticity of any patch or package before he installs it.
  • 9. Software Maintenance Tools The wide variety of software packaging formats can be grouped together based on the features present in the tools used to manage them. There are three basic types of tools, simple archivers specialized multiple command package management suites all in one tools Additionally, many of these tools include additional graphical interfaces making them easier to learn and use. Individual package management tools are not hard to learn, it is the variety of differing feature sets and tools across operating systems that makes this task tougher then it ought to be.
  • 10. Simple Archivers The simplest of the software package management tools are the simple archivers such as tar, zip and cpio. These common archiving tools are found on both UNIX and Windows and are used to create and install files from their corresponding archive formats. Macintosh users will be familiar with Stuff-It tool for archiving files on that platform. While tar, zip, cpio and other archive tools have the advantages of being cross platform, commonly used and readily available, they lack a number of features commonly found in tools specifically designed for software package management.
  • 11. Simple Archivers Drawbacks of simple archival tools Tracking installed software is left up to the administrator. Simple archivers make no installation records. The system administrator must use some external means to record what has been installed via these tools. Any additional work required such as modifying configuration files or additional set up steps must be performed by hand. These tools provide no integrated way to verify the authorship of the archive. A simple archive does not contain the information needed to check for any dependencies the package may require. None of these tools provide a direct method for obtaining the archives over the Internet.  
  • 12. Software Package Management Tools To address these deficiencies of simple archive tools for software package management, specialized installation tools were developed. Unlike the simple archivers whose packaging format is common across systems, these specialized tools use a wide variety of formats with limited cross platform availability. Worse still, the tools used to manage these packages are at least as varied as the packaging formats themselves. Finally, the features provided by these tools vary from tool to tool often leaving the system administrator to pick up the slack when a needed feature is missing.  
  • 13. Software Package Management Tools A typical suite has commands to install or update packages, inquire about which packages are installed and remove packages. Dependency checking is an important feature for a package installation tool as many UNIX packages are modular, built on top of libraries found in other packages.   Verification is the act of checking that the package is installed correctly and the files in the package match those installed. This can be used to check for possible tampering that may have occurred due to a break-in or to check that file modes or ownerships have not been changed my mistake.
  • 14. Software Package Management Tools Another aspect of assuring system security when installing packages is the determination of the authenticity of the package being installed. This is especially important when using packages and patches downloaded over the Internet. Listing the installed packages and removing packages are common features across all of the package installation tools.  
  • 15. Software Package Management Tools Creating your own packages is one way a system administrator can deal with the installation and maintenance of locally developed software on a large number of systems. Advantages of home-grown installers: The created package can be distributed and installed using the same tools and procedures used for other packages. Any post installation configuration steps needed may be encapsulated in the package, assuring a consistent installation. Checking and verification of proper installation of a package can be used to verify that the locally developed software is installed correctly.  
  • 16. Graphical Software Package Management Tools A typical software package management tools suite often tops off the command line tools with a graphical installation tool. In the case of Windows, graphical tools are the only way to install many software packages. These tools often offer the administrator fewer installation options, but handle the typical installations very well. While these graphical tools can make life easier when managing software on a single system, they suffer when put to use across many systems.
  • 17. Graphical Software Package Management Tools When dealing with large numbers of systems, command line tools that can be run from scripting languages offer the flexibility needed to get package installations accomplished in a timely fashion. Graphical installers (generally) offer few installation options, by tending to oversimplify the installer for use by a novice user. Installations that make use of shared disk space for applications and other special situations will often require the use of options not found in a graphical installation tool. 
  • 18. Dealing with missing features It would be terrific if every software package management tool or tool suite had all the features needed. Unfortunately, nearly every installation tool suites lack one or more features. This can be worked around by combining the installation tools with other commonly available tools.   The easiest (missing) feature to compensate for is Internet access. Most vendors provide access to software packages and patches via ftp, the web or both. Internet available packages and patches are often further packaged into one of the several common formats for download and will need to be unpacked from their distribution packaging before they can be installed.  
  • 19. Authenticity & Integrity Verification that a software package is intact and was produced by the genuine author are two critical but lacking features of nearly every software package management suite. They are of special importance when using the Internet to obtain patches or other software. One method of checking integrity and authenticity is to use a public key cryptographic tool such as gpg. Another way to fill in for this missing feature is to perform checksum and MD5 cryptographic fingerprint checks on the files using the sum and md5sum commands. However, the vendor or other supplier of the patch or software package must publish a reference MD5 fingerprint or checksum value for comparison. Not all vendors do.
  • 20. Catching Unintended Changes Despite the best intentions of the software vendor, installing a new package or patch sometime results in unintended changes to the operating system configuration files. These changes are not always easy to spot, but there are several things that can be done to prevent problems caused by package or patch installations. 1.      Make certain you have a good backup of the system to be patched. 2.      Install the package using an account other than root whenever possible .
  • 21. Catching Unintended Changes 3.      Install the package or patch on a test system first. 4.      List and inspect the contents of the patch or package to be installed. 5.      Extract and examine the installation script(s) for setuid/setgid commands, or any chown, chmod, cp, rm, mv, or shell redirection commands to ensure that critical system files are not altered. 6.      Use a file modification monitor such as tripwire.
  • 22. Finishing Touches Installing a package is often times not the end of the job for the system administrator. A wide variety of software packages require some degree of local customization, configuration, licensing or user level setup to complete the installation process and present the user with the fully functioning tool they expect. Since every package will have its own customization and configuration needs, the system administrator will need to read up on the specifics of the packages in use at his site.
  • 23. Finishing Touches Configure once, and distribute the configuration. Even packages that are installed by a package installation tool often have configuration files that will need to be modified. These files can modified to suit local conditions and then distributed using a tool such as rdist. Wrap a short shell script around a package to set needed variables. Many packages require setting environment variables or adding elements to a shell’s execution path. Instead of having each user make the needed changes, one approach is to replace the program with a short shell script that sets the environment as required.
  • 24. Finishing Touches For packages that contain several tools, all of which require special environmental variables or modifications to the user’s execution path consider adding the needed setup information to the skeleton files used to create the user’s accounts. Employ a specialized user environment configuration tool such as modules. The modules tool provides the means for the system administrator to package up the environment variables, PATH and other user environment changes into modulefiles that can be easily loaded by a user to configure their environment to suit a specific package. The modules tool performs complex tasks such as removing and reordering elements of the user’s execution PATH to allow even differing versions of the same package to be configured correctly.
  • 25. Service Packs and other special situations Some patches and software packages cannot be installed using the usual software management tools. Special updates often require more time and a planning than the usual package installation. Following the precautions listed in the previous section on unintended changes are a must for special updates. Additional caution is recommended.
  • 26. Service Packs and other special situations Keep the previous kernel version available and ready to use. On Linux this can easily be accomplished by adding an entry to /etc/lilo.conf or /etc/grub.conf. Other UNIX variants allow for a second kernel to be kept in the root or boot partition. Make an emergency boot disk. The procedure for this varies, but many operating systems allow you to make a floppy disk that the system can be booted from. Locate a bootable CD for the system being updated. Many operating systems allow you to boot from the installation CD and correct problems caused by updates.
  • 27. Tracking and Distributing Packages and Patches Installing packages and patches on a large collection of systems is a challenging task. The system administrator will need to maintain records of the packages and patches installed, check for missing packages and patches, and perform multiple installations. Record keeping and checking for correct package and patch installation is rarely integrated into a software package management tool or suite of tools. A simple, external method of monitoring packages and patches is the keep records in a table such as a spreadsheet.
  • 28. Tracking and Distributing Packages and Patches Another approach is to make use of the software package management tool’s ability to list the installed packages. Lists of packages from each system in a group can be gathered and compared to a master list or a master system. This makes missing patches easy to spot. The lists from each system can be stored and referred to later to determine which patches or packages need to be installed on a given system.
  • 29. Tracking and Distributing Packages and Patches Package and patch distribution can be accomplished in a similar manner. One method which works well is to place the package and patch files in a network-accessible directory which is available to all the systems to be patched. Then connect to each system in turn and execute the appropriate package installation commands. Automating the actual installation of packages and patches is an area where UNIX and command line package installation tools really shine. Command line tools are readily automated by a variety of methods and are easily run remotely over a network connection such ssh.
  • 30. Summary   Maintaining the software on a system involves the periodic installation of software packages and patches. While a straight-forward task in concept, the pitfalls are many. The wide variety of package formats, management tools and missing features in specific tool sets make the process of managing packages and patches more challenging then it ought to be. Before attempting a software installation, the administrator should: Explore hardware and software requirements for the application. Understand the types of software installations. Understand the software installation and maintenance tools. Understand the disk layout, and pros/cons of partitioning. Understand the steps required before the installation is attempted.