JDPFu.com 2012

$ sudo apt-get update; sudo apt-get dist-upgrade

Backup Your Hard Disks

Backup, backup, backup. Eventually, you will thank me. Often, you need a phased solution for backups since pushing 2TB of data into the Cloud is a bad idea and will take months to complete.

• Local – Everything needs a local backup. Everything. The key is to make it automatic, versioned and recoverable. The backup needs to be on a different physical disk too. I like some simple tools for this.
  • Back-In-Time
  • rdiff-backup
• Remote – Critical files like KeePassX password databased and other highly critical data (wedding photos, births, Quicken data, etc.) need to be encrypted then pushed to a remote server.
  • Crashplan – a good option
  • Work out a deal with a friend to exchange truecrypt ’d backup volumes. Any backup that leaves your primary location must be encrypted.

Before I backup my systems or HOME directory, I’m certain to place some really important files in the HOME to make life easier later, during recovery. Files like my personal crontab and a list of all software installed on the system. Here’s how:

\# Capture some important information

\# installed packages

$ sudo dpkg —get-selections > ${HOME}/installed-software

\# my crontab

$ crontab -l > ${HOME}/crontab.${LOGNAME}

Here’s a link to a working HOME backup script using rdiff-backup, which has a usage very similar to rsync. With the list of software, restoring all those tools to a different system becomes trivial using the sudo dpkg —set-selections < ${HOME}/installed-software command.

Clean Up Temporary Files

On UNIX/Linux systems, people use the /tmp directory for temporary files. Just open any files for temporary needs in the editor of choice. Perhaps vim /tmp/t is a good example. If you came from Windows, nobody told you to do this, so start now. The area, /tmp, gets cleaned up automatically at reboot. If it does become filled over the months of uptime (and that is typical for Linux), the you can just delete the files under there. Sometimes special files will be placed there that you don’t want to remove, but I’ve never seen any real harm come from removing anything in /tmp.

There is no registry on Linux, so you don’t need a registry cleaner.

The cleanup for most other temporary files are handled automatically, but some editors (vim, nano, emacs, etc) may leave files ending with a ‘~’ character laying around. Cleaning these files up is a pretty simple find command. You can clean them up under your HOME as a normal user or, if you are root, you can do it for the entire system. Doing this can be extremely dangerous. Running it without the rm command first is a really good idea.

$ find $HOME -type f -name “*~” -print

After that appears to do what you want, add the -exec part. Be extremely careful or you’ll be using those backups for recovery. You’ve been warned. I speak from experience.

$ find $HOME -type f -name “*~” -print -exec rm {} \; 

Years ago, kernel crashes happened more often and wrote those core files under /var . You must be root to clean those files up, assuming you aren’t saving them for debugging or don’t have the necessary skills to do that.

$ sudo find /var -type f -name “core” -print

For other files that are temporary, but I don’t want to be placed into /tmp, I’ll schedule their removal in the future with at. For example, I often place files on a web server that are temporary and there for a specific person, but not password protected. Looking now, I see 3 at jobs scheduled for later this year. These will survive reboots and once run, never show up again. Learn more about at scheduling

Honestly, I spend more effort on cleaning up flash, macromedia permanent objects than temporary files. Here’s how:

$ rm -rf ${HOME}/.macromedia/* ${HOME}/.adobe/*

Simple. I run that command before my nightly automatic backups.

Uninstalling Programs

If you use the package manager to install software, then you should use the package manager to remove software. For APT-based systems, here’s how:

$ sudo apt-get purge [package]

Or if you don’t want to remove all your custom settings, but still want the remove the program, use:

$ sudo apt-get remove [package]

On a new system, I immediately remove nano (I hate that editor)

$ sudo apt-get purge nano

Defragment? No, but Run FSCK Occasionally

Defrag – Linux file systems do not have a need to be defragmented.

Full Hard Disks
However, if you let them get really full, like above 95% full, you will see some serious system slowdowns. If you let the really important file systems, like /var or / get full, you may crash the system. Being full comes in two ways on Linux.

1. Out of storage space – just like under Windows

   $ df

2. Out of inodes – which is just as bad, but not as quick for a new-to-Linux user to see. Check your inodes with:
   

   $ df -i

Usually, there will be plenty of inodes available, but if you are seeing out of disk space errors, check the inodes. Running out of inodes doesn’t happen too often anymore, but it can still happen. Just a few months ago, the file system on a virtual machine ran out of inodes while still having over 30% of the storage free. It turned out there were many, many, many tiny files being created by a process due to a configuration change that I’d made. Manually removing all those files brought the inode use back to 60% and the machine started behaving again.

fsck is a logical file system checker. There is a different version for each Linux/UNIX file system type, usually named as fsck.ext3 or fsck.jfs or fsck.xfs for examples. If the base fsck program can’t determine the type of file system, you can either tell it which type with the -t option or manually call the correct program yourself. If you call the wrong program, hopefully it will refuse to run, but since this is Linux/UNIX, you can force it and completely destroy the underlying file system if you chose the incorrect type. You need to unmount the file system before you can run fsck and make any corrections.

First, you need to determine the mounted device – usually something like /dev/sda8. Use df to see the mounted file systems.

$ df

Filesystem           1K-blocks      Used Available Use% Mounted on

/dev/hda2              4161216   2660112   1291392  68% /

varrun                  524396        60    524336   1% /var/run

varlock                 524396         0    524396   0% /var/lock

udev                    524396        16    524380   1% /dev

devshm                  524396         0    524396   0% /dev/shm

That raises an issue. / is the only file system mounted on this machine. I can’t umount (yes, that is the correct spelling) it while the system is running, but I can force an fsck at the next reboot. How?

$ sudo touch /forcefsck

$ sudo shutdown -r now

Let’s suppose that /dev/sdb8 was mounted on /backups in the example above. Umounting /backups and running fsck can be done by

$ sudo umount /backups

$ sudo fsck -y /dev/sdb8

You’ll want to do this on all the different mounted file systems.

I should mention that fsck will automatically be run every X reboots. The actual count between automatic fsck runs is a tunable parameter in the file system when it is created or you can run tune2fs. tune2fs is an advanced tool for ext2/3/4 file systems and not for casual Linux users. If you leave your system running 24/7, you may find that no fsck has been run in over a year. This isn’t necessarily bad, but neither is forcing a check. I force one about every 6 months immediately after a kernel reboot has been required. Just for extreme clarity, that’s 2 different reboots.

1. new kernel, reboot
2. touch /forcefsck, reboot

Don’t do both at the same time, please. If something bad happens, it will be easier to troubleshoot 1 big change.

More advanced file systems like ZFS validate the file system, the data written and read from the drive hardware. Some day, EXT4 and later versions may get these capabilities, but for now, we have fsck.

Once you get a non-root file system unmounted (/home, /export, /backups), you still want to run fsck with:

$ sudo fsck -y /dev/sda8

where sda8 is the device that gets mounted. I suppose you could do this with the UUID, but I never have and don’t know if that works. You can check /etc/fstab for the mount point to UUID/device mapping or look in /dev/disk/by-uuid or simply use df to find the device.

On some systems, you’ll find ntfsfix and fsck.vfat. Those could be helpful is you have issues with your Windows hard disks, when Windows can’t solve the issue. Why isn’t ntfsfix named fsck.ntfs? I don’t know, but there’s probably a good reason.

Clean Your Registry

Linux often uses dot files for settings. They are named that way because any file that begins with a [period] will not be displayed in normal directory listings. A .vimrc is common in your HOME directory, but here are lots of others like the .bashrc and settings for almost every program that you use on Linux. Directories that begin with a . are also hidden. Some examples are .adobe, .cache, .cpan, .freemind, but anything is common.

Regularly Reinstall to Clean up Cruft?

This is not needed. If you use the package manager to install and remove software, you won’t have any left over cruft like in other operating systems. If you install using some other method, there is probably a de-install tool included. If not, you can 99.9% just delete the files that were installed. Be careful just deleting files that were installed with a package manager. Doing that can cause problems later.

Update Antivirus?

Sure, you can run an antivirus tool, but it will look for MS-Windows virus signatures. By doing this, you are being a better netizen, but not really helping your Linux PC much. If you have any MS-Windows PCs on your network, this is still a really good idea. ClamAV is the standard AV for Linux systems.

The best thing you can do to deal with Linux viruses is to stay patched and not use the root account all the time. Using a non-privileged account is a security technique.

Reboots Needed After All Patches?

The only time you need to reboot is after a kernel update and maybe after a libc update. Most people using other operating systems have been trained to reboot to clean up system memory or reset things. It seems to work on those other operating systems, but it almost completely unnecessary under Linux. Any program or system patches should automatically restart the program that needs restarting for you or automatically restart the daemon for you. If that doesn’t happen, you can usually run a restart command manually, like

$ sudo /etc/init.d/mysql restart

or

$ sudo /etc/init.d/apache restart

Rebooting your Linux System without a good reason is just a waste of time. Certainly if you are putting new hardware internally, a reboot will be necessary, but most external hardware will be discovered on a running system. This applies to USB devices, but others, like eSATA may also be hot-plugged too.

Newer Linux versions are migrating away from the init.d scripting that has worked well for 30+ yrs to a program called upstart which is supposed to have advanced features, be quicker and make life easier. Call me an optimistic skeptic. Unlearning 20 yrs of habit isn’t going to be easy for old-timers like me.

Firewall Checkups

If you have a computer, any computer, you need to be running a firewall on it. Linux has iptables built-in, but the CLI interface can be daunting for newer Linux users. ufw is a CLI interface to iptables, while still being much easier to use. If you want to block all inbound requests, except ssh, here’s what you need to type.

$ sudo -s

\# ufw reset

\# ufw default deny incoming

\# ufw allow ssh

\# ufw enable

That should result in

# ufw status

Status: active

To                         Action      From

-                      - -      -  - -

22                         ALLOW       Anywhere

If you telnet to any open port on the system (e.g. telnet localhost 80), you should see a [UFW BLOCK] message in the syslog (tail -f /var/log/syslog). The connection is blocked before a listener has a chance to respond.

If you aren’t running ufw, you can always check iptables directly with

$ sudo iptables -L

If you are running fail2ban to protect your ssh connection, which is a really good idea, ufw doesn’t appear to harm that tool in any way. It still works. fail2ban rocks. Highly recommended.

Graphics Driver Updates

If your graphics drivers are working for you, then it is probably a good idea to leave them alone unless there is a real reason to update. Notice that I didn’t say upgrade. My experience is with nVidia proprietary drivers and calling some of their released drivers stable would be a lie. Still, the non-proprietary drivers may be slower and just as buggy. So, if you do decide to update your graphics drivers, be prepared to do some maintenance afterwards.

• Rebuild the kernel
• Relink the graphics drivers into the kernel
• Re-setup your dual or multi-monitor setup

Don’t forget that every time there is a new kernel, you may need to re-install the proprietary graphics drivers to re-link or rebuild the modules for the new kernel.

A few other articles here about graphics drivers and/or dual monitors:

• nVidia GT 430 Install
• Dual Monitors on Ubuntu
• Dual Monitors on Ubuntu with nVidia Driver

Summary

That just about covers it. If you just perform the first two, you’ll be pretty safe. Those were

1. Install patches and update your apps
2. Backups

Simple. Now go and do at least these 2 thing on your Linux PCs.

You may notice that I didn’t tell you where to point and click inside any GUI programs. Why not? To me, GUI instructions are full of error opportunities, while giving you a command line example lets you take those commands, modify them for your specific needs, place them into a script to be run periodically, as needed. With a GUI, you’d have to start and stop 15 different programs and spend much more time pointing and clicking every time you wanted to clean up your system. To me, that’s inefficient. I like for computers to work FOR ME, not have me work them.