Dear Lifehacker,

You've gone through Windows and Mac maintenance, but what about Linux users? I'm pretty new to Linux, and I'm familiar with Windows maintenance, but don't know if the same rules apply. What do I need to do to maintain an Ubuntu system?


Sincerely,

Still Learning Linux

Dear Learning,

Lucky for you, reader TheFu just wrote a great Linux maintenance guide over at his blog, in response to our Mac and Windows posts. We couldn't really say it any better ourselves, so we'll leave it to him to walk you through.


What kind of maintenance do you need to do on an Ubuntu/Debian/APT-based PC? Good question. It is pretty simple...for desktops. This article is for APT-based desktop system maintenance, NOT for Linux servers. Linux servers need just a little more love to stay happy. I haven't used RPM-based distros in many years, so I'm not comfortable providing commands to accomplish the things you need to do, but the ideas are the same.

Let's get started.

Install System and Application Patches/Updates

This will patch the OS and all your applications.

$ sudo apt-get update; sudo apt-get dist-upgrade

Done.

Backup Your Hard Disks

Backup, backup, backup. Eventually, you will thank me. Often, you need a phased solution for backups since pushing 2TB of data into the Cloud is a bad idea and will take months to complete.

Local – Everything needs a local backup. Everything. The key is to make it automatic, versioned and recoverable. The backup needs to be on a different physical disk too. I like some simple tools for this.

Back-In-Time

rdiff-backup

Remote – Critical files like KeePassX password databased and other highly critical data (wedding photos, births, Quicken data, etc.) need to be encrypted then pushed to a remote server.

Crashplan – a good option

Work out a deal with a friend to exchange truecrypt'd backup volumes. Any backup that leaves your primary location, must be encrypted.


Before I backup my systems or HOME directory, I'm certain to place some really important files in the HOME to make life easier later, during recovery. Files like my personal crontab and a list of all software installed on the system. Here's how:



# Capture some important information

# installed packages

$ sudo dpkg -get-selections > ${HOME}/installed-software

# my crontab

$ crontab -l > ${HOME}/crontab.${LOGNAME}




Clean Up Temporary Files

On UNIX/Linux systems, people use the /tmp directory for temporary files. If you came from Windows, nobody told you to do this, so start now. The area, /tmp, gets cleaned up automatically.


There is no registry on Linux, so you don't need a registry cleaner.

The cleanup for most other temporary files are handled automatically, but some editors may leave files ending with a ‘~' character laying around. Cleaning these files is a pretty simple find command. You can clean them up under your HOME as a normal user or, if you can be/are root, you can do it for the entire system, but that can be extremely dangerous. Running it without the rm command first is a really good idea.


$ find $HOME -type f -name "*~" -print

After that appears to do what you want, add the -exec part. Be extremely careful or you'll be using those backups for recovery. You've been warned. I speak from experience.


$ find $HOME -type f -name "*~" -print -exec rm {} \;

Years ago, kernel crashes happened more often and wrote those core files under /var . You must be root to clean those up, assuming you aren't saving them for debugging or don't have the necessary skills to do that.


$ sudo find /var -type f -name "core" -print

For other files that are temporary, but I don't want to be placed into /tmp, I'll schedule their removal in the future with at. For example, I often place files on a web server that are temporary, there for a specific person, but not password protected. Looking now, I see 3 at jobs scheduled for later this year. These will survive reboots and once run, never show up again.


Honestly, I spend more effort on cleaning up Flash, Macromedia permanent objects than temporary files. Here's how:

$ rm -rf ${HOME}/.macromedia/* ${HOME}/.adobe/*

Simple. I run that command before my nightly automatic backups.

Uninstalling Programs

If you use the package manager to install software, then you should use the package manager to remove software. For APT-based systems, here's how:

$ sudo apt-get purge [package]

Or if you don't want to remove all your custom settings, but still want the remove the program, use:

$ sudo apt-get remove [package]

Defragment? No, but Run FSCK Occasionally

Defrag – Nope. Linux file systems do not have a need to be defragmented.

Full Hard Disks

However, if you let them get really full, like above 95% full, you will see some serious system slowdowns. If you let the really important file systems, like /var or / get full, you may crash the system. Being full comes in two ways on Linux.


Out of storage space – just like under Windows Out of inodes – which is just as bad, but not as quick for a new-to-Linux user to see. Check your inodes with: $ df -i

fsck is a logical file system checker. There is a different version for each Linux/UNIX file system type, usually named as fsck.ext3 or fsck.jfs or fsck.xfs. If the base fsck program can't determine the type of file system, you can either tell it which type with the -t option or manually call the correct program yourself. If you call the wrong program, hopefully it will refuse to run, but since this is Linux/UNIX, you can force it and completely destroy the underlying file system if you force the incorrect type. You need to unmount the file system before you can run fsck and make any corrections. Do it this way:

First, you need to determine the mounted device – usually something like /dev/sda8. Use df to see the mounted file systems.


$ df

Filesystem 1K-blocks Used Available Use% Mounted on

/dev/hda2 4161216 2660112 1291392 68% /

varrun 524396 60 524336 1% /var/run

varlock 524396 0 524396 0% /var/lock

udev 524396 16 524380 1% /dev

devshm 524396 0 524396 0% /dev/shm

That raises an issue. / is the only file system mounted on this machine. I can't unmount it while the system is running, but I can force an fsck at the next reboot. How?




$ sudo touch /forcefsck

$ sudo shutdown -r now

I should mention that fsck will automatically be run every X reboots. The actual count between automatic fsck runs is a tunable parameter in the file system when it is created or you can run tune2fs. tune2fs is an advanced tool for ext2/3/4 file systems and not for casual Linux users. If you leave your system running 24/7, you may find that no fsck has been run in over a year. This isn't necessarily bad, but neither is forcing a check. I force one about every 6 months immediately after a kernel reboot has been required too. Just for extreme clarity, that's 2 different reboots.


new kernel, reboot touch /forcefsck, reboot

Don't do both at the same time, please.

More advanced file systems like ZFS validate the file system, the data written and read from the drive hardware. Some day, EXT4 and later versions may get these capabilities, but for now, we have fsck.


Once you get a non-root, /, file system unmounted, you still want to run fsck with:

$ sudo fsck -y /dev/sda8

where sda8 is the device that gets mounted. I suppose you could do this with the UUID, but I never have and don't know if that works. You can check /etc/fstab for the mount point to UUID/device mapping or look in /dev/disk/by-uuid or simply use df.


On some systems, you'll find ntfsfix and fsck.vfat. Those could be helpful if you have issues with your Windows hard disks, when Windows can't solve the issue. Why isn't ntfsfix named fsck.ntfs? I don't know, but there's probably a good reason.

Clean Your Registry?

Nope. Linux uses dot files. They are named that way because any file that begins with a [period] will not be displayed in normal directory listings. A .vimrc is common in your HOME directory.


Regularly Reinstall to Clean up Cruft?

Nope. If you use the package manager to install and remove sotware, you won't have any left over cruft like in Windows. If you install using some other method, there is probably a de-install tool included. If not, you can 99.99999% just delete the files that were installed. Be careful just deleting files that were installed with a package manager. Doing that can cause problems later.


Update Antivirus?

Nope. Sure, you can run an antivirus tool, but it will look for MS-Windows virus signatures. By doing this, you are being a better netizen, but not really helping your Linux PC much. If you have any MS-Windows PCs on your network, this is still a really good idea. ClamAV is the standard AV for Linux systems.


Reboots Needed After All Patches?

Nope. The only time you need to reboot is after a kernel update and maybe after a libc update. The rest of the time, any program or system patches should automatically restart the program that needs restarting for you. If that doesn't happen, you can usually run a restart command manually, like


$ sudo /etc/init.d/mysql restart

or

$ sudo /etc/init.d/apache restart

Don't reboot your Linux System without a good reason. Newer Linux versions are migrating away from the init.d scripting that has worked well for 30+ yrs to a program called upstart which is supposed to have advanced features and make life easier. Call me an optimistic skeptic. Unlearning 20 yrs of habit isn't going to be easy for me.


Firewall Checkups

If you have a computer, any computer, you need to be running a firewall on it. Linux has iptables built-in, but the CLI interface can be daunting for newer Linux users. ufw is a CLI interface to iptables, while still being much easier to use. If you want to block all inbound requests, except ssh, here's what you need to type.




$ sudo -s

# ufw reset

# ufw default deny incoming

# ufw allow ssh

# ufw enable

# ufw status

That should result in



# ufw status

Status: active To Action From

- - — - -

22 ALLOW Anywhere


If you telnet to any open port on the system (e.g. telnet localhost 80), you should see a [UFW BLOCK] message in the syslog. The connection is blocked before a listener has a chance to respond.

If you aren't running ufw, you can always check iptables directly with

$ sudo iptables -L

If you are running fail2ban to protect your ssh connection, this doesn't appear to modify that. It still works. fail2ban rocks.


Graphics Driver Updates

If your graphics drivers are working for you, then it is probably a good idea to leave them alone unless there is a real reason to update. Notice that I didn't say upgrade. My experience is with nVidia proprietary drivers and calling some of their released drivers stable would be a lie. Still, the non-proprietary drivers may be slower and just a buggy. So, if you do decide to update your graphics drivers, be prepared to do some maintenance afterwards.


Rebuild the kernel

Re-setup your dual or multi-monitor setup

Don't forget that every time there is a new kernel, you may need to re-install the proprietary graphics drivers to re-link to the new kernel.


Summary

That just about covers it. If you just perform the first two, you'll be pretty safe. Those were


Install patches and update your apps Backups

Simple. Now go and do at least these 2 thing on your Linux PCs.

TheFu is an enterprise technical architect, F/LOSS loving, cross-platform C/C++ developer, aerospace engineer and rocket scientist. He enjoys Shiner Bock, piña coladas, travel and hiking when not hacking perl or shell scripts. Follow him at http://identi.ca/thefu.