A modular command-line tool for Linux system administration. Manages users, services, networks, filesystems, monitoring, and security updates through an interactive menu.
- User Management — Add, delete users with input validation (
adduser/deluser) - Service Management — Start, stop, restart, enable, disable systemd services
- Network Management — Ping hosts (validated), display network interfaces
- Filesystem Management — Format/mount disks with device validation, fstab backup, user confirmation
- System Monitoring — CPU, memory, and disk usage via
psutil - Security Management — Apply system security updates via
apt - Monolithic Mode — Standalone 4,000+ line single-file version (
linux-sys-adm-tools.py) with 125 functions across 15 categories
# Install dependencies
pip install -r requirements.txt
# Run (requires sudo for most operations)
sudo python3 main.py# Run interactively
docker-compose run app
# Run tests
docker-compose run test
# Run linter
docker-compose run lintsudo python3 main.pyPresents a menu:
=== Linux SysAdmin Tool ===
1. User Management
2. Service Management
3. Network Management
4. System Monitoring
5. Filesystem Management
6. Security Management
7. Display README
0. Exit
python3 main.py --version # Show version
python3 main.py --readme # Display READMEThe standalone single-file version includes all 15 feature categories:
sudo python3 linux-sys-adm-tools.pyFrom the main menu, select 1. User Management, then 1. Add User.
Select an option: 1
--- User Management ---
1. Add User
2. Delete User
0. Back to Main Menu
Select an option: 1
Enter username to add: jsmith
The username must be alphanumeric (letters and numbers only). The tool runs sudo adduser jsmith and prompts for the new user's password and details.
Select 1. User Management, then 2. Delete User.
Enter username to delete: jsmith
Are you sure you want to delete user 'jsmith'? (y/n): y
This removes the user account and their home directory (deluser --remove-home).
Select 2. Service Management and pick an action:
--- Service Management ---
1. Start Service
2. Stop Service
3. Restart Service
4. Enable Service
5. Disable Service
0. Back to Main Menu
Select an option: 1
Enter service name: nginx
Runs sudo systemctl <action> <service>. Service names are validated (no spaces or special characters).
Select 3. Network Management, then 1. Ping Host.
--- Network Management ---
1. Ping Host
2. Display Network Interfaces
0. Back to Main Menu
Select an option: 1
Enter host to ping: 8.8.8.8
Sends 4 ICMP packets. Hostnames and IPs are validated before execution.
Select 3. Network Management, then 2. Display Network Interfaces.
Runs ip addr and shows all interfaces with their IP addresses, MAC addresses, and status. No root required.
Select 4. System Monitoring from the main menu.
CPU Usage:
CPU Usage: 12.3%
Memory Usage:
Total: 15.64 GB
Used: 8.21 GB
Free: 4.38 GB
Memory Usage: 52.5%
CPU is sampled over a 1-second interval for accuracy.
Select 5. Filesystem Management from the main menu.
Enter device path: /dev/sdb1
WARNING: This will format /dev/sdb1 and erase all data!
Are you sure you want to continue? (yes/no): yes
The tool will:
- Validate the device path (must match
/dev/...) - Ask for explicit confirmation (type
yes) - Format with the configured filesystem (default: ext4)
- Create the mount point directory
- Mount the device
- Back up
/etc/fstabwith a timestamp - Add a persistent UUID-based mount entry to
/etc/fstab
Defaults are set in config.yaml (default_filesystem, default_mount_point).
Select 6. Security Management from the main menu.
Runs sudo apt update followed by sudo apt dist-upgrade -y. This may take several minutes depending on available updates.
├── main.py # Entry point, interactive menu, CLI args
├── core.py # Logging, config, input validators
├── utils.py # Input sanitization utilities
├── config.yaml # Default settings (filesystem, mount point, log level)
├── logging_setup.py # JSON structured logging with rotation (optional)
├── user_management.py # User add/delete with validation
├── service_management.py # systemctl wrapper
├── network_management.py # Ping, interface display
├── filesystem_management.py # Disk format/mount, fstab management
├── system_monitoring.py # CPU/memory/disk monitoring
├── security_management.py # apt update/upgrade
├── linux-sys-adm-tools.py # Monolithic standalone version
├── tests/ # pytest test suite (107 tests)
├── Dockerfile # Container build
├── docker-compose.yml # App, test, lint services
├── Makefile # Development task runner
├── setup.py # Package configuration
├── setup.cfg # flake8, pytest, coverage, mypy config
├── requirements.txt # Python dependencies
└── .pre-commit-config.yaml # Pre-commit hooks
Edit config.yaml:
default_filesystem: ext4
default_mount_point: /mnt/test
log_file: sysadmin_tool.logmake test # Run tests
make coverage # Tests with coverage report
make lint # flake8
make typecheck # mypy
make check # All of the above
make clean # Remove build artifactsOr without Make:
python3 -m pytest tests/ -v
flake8 . --max-line-length=120 --exclude=linux-sys-adm-tools.py,venv,__pycache__
mypy core.py utils.py main.py user_management.py service_management.py \
network_management.py filesystem_management.py system_monitoring.py \
security_management.py logging_setup.py- Create
your_module.pywith validation and error handling - Add it to the whitelist in
main.pyload_modules() - Add a menu entry in
main.py - Create
tests/test_your_module.py
- Never use
shell=Truewith user input - Validate all inputs via
core.pyvalidators before subprocess calls - Use
check=Trueonsubprocess.run() - Back up critical files (
/etc/fstab) before modification - Require user confirmation for destructive operations
| Package | Purpose |
|---|---|
pyyaml |
YAML config parsing |
psutil |
System resource monitoring |
python-crontab |
Cron management (monolithic only) |
pytest |
Testing |
flake8 |
Linting |
mypy |
Type checking |
pytest-cov |
Coverage reporting |
Full security hardening, test coverage expansion, and development tooling.
Security
- Eliminated all
shell=Truecommand injection vulnerabilities in monolithic file (13 instances) - Added input validation functions:
validate_username,validate_service_name,validate_host,validate_device_path,validate_package_name - Applied validators to all critical functions in both modular and monolithic versions
- Added
sanitize_input()andsanitize_numeric()helpers
Testing
- Expanded test suite from 9 to 107 tests
- Added test files for all modules: core, user, service, network, filesystem, monitoring, security, logging, main, utils
- Added
conftest.pywith shared fixtures - 94-100% coverage on modular code
Architecture
- Switched module loader from blacklist to whitelist approach
- Removed unused
config_manager.py(duplicate ofcore.load_config()) - Fixed
display_readmeimport inmain.py - Fixed
psutil.cpu_percent()to useinterval=1for accurate readings - Added CLI argument parsing (
--version,--readme) - Added type hints and docstrings to all modules
Infrastructure
- Added Docker support (Dockerfile, docker-compose.yml with app/test/lint services)
- Added Makefile with test, lint, typecheck, coverage, clean targets
- Added
setup.pyandsetup.cfgfor packaging - Added
requirements.txtwith pinned minimum versions - Added
.pre-commit-config.yaml(flake8, mypy, trailing whitespace, pyupgrade) - Added
.gitignore - Added
logging_setup.pywith JSON structured logging, log rotation, and audit trail
Code Quality
- Zero flake8 errors across modular codebase
- Zero mypy errors
- Fixed grammatically incorrect log messages in service management
- Added constants for magic numbers (
BYTES_TO_GB,DEFAULT_PING_COUNT) - Automatic fstab backup with timestamps before filesystem modifications
- Initial implementation with modular architecture
- Basic user, service, network, filesystem, monitoring, and security modules
- Monolithic single-file version with 125 functions
- Core logging and configuration infrastructure
MIT