Sunteți pe pagina 1din 12

Characteristics of Good Password:

1. It should be easy for you to remember. If you forget what your password is, no one, not even the system administrator, can look it up for you. The only thing the system administrator can do is to reset your password to a value. This wastes the administrator's time as well as yours. 2. It shouldn't be easy for anyone to figure out. Do not make it anyone's name or birth date, or your user name, or any of these spelled backwards. It is also wise to avoid something that appears in a dictionary. A good idea would be to include at least one nonalphabetic character (for example, a period or a dollar sign). 3. Make it a reasonable length. Some systems impose a minimum number of characters for a password. At least 5 characters is adequate. There isn't usually a limit as to the maximum number of characters, but only the first 8 are significant. The ninth character and after are ignored when checking to see whether you typed your password correctly. 4. Change your password once in a while. Some systems check the last time you changed your password. If a time limit has been reached, you will be notified that your password has expired as you log in. You will be prompted to change it immediately and won't be allowed to log in until you successfully get it changed. This time limit is system imposed. Changing your password every few months is reasonable. 5. Don't write it down or tell it to anyone. Don't write it on scraps of paper. Don't tell your mother. Don't write it in your calendar. Don't write it in your diary. Don't tell your priest. Don't put it in a dialup terminal configuration file. Nowhere. Nobody. Maybe in your safe deposit box.

Unix Features :
Portability: The system is written in high-level language making it easier to read, understand, change and, therefore move to other machines. The code can be changed and complied on a new machine. Customers can then choose from a wide variety of hardware vendors without being locked in with a particular vendor. Machine-independence: The System hides the machine architecture from the user, making it easier to write applications that can run on micros, mins and mainframes. Multi-Tasking: Unix is a powerful multi-tasking operating system; it means when a active task in in process, there can be a simultaneous background process working too. Unix handles these active and background threads efficiently and manages the system resources in a fair-share manner. Multi-User Operations: UNIX is a multi-user system designed to support a group of users simultaneously. The system allows for the sharing of processing power and peripheral resources, white at

the same time providing excellent security features. Hierarchical File System: UNIX uses a hierarchile file structure to store information. This structure has the maximum flexibility in grouping information in a way that reflects its natural state. It allows for easy maintenance and efficient implementation. UNIX shell: UNIX has a simple user interface called the shell that has the power to provide the services that the user wants. It protects the user from having to know the intricate hardware details. Pipes and Filters: UNIX has facilities called Pipes and Filters which permit the user to create complex programs from simple programs. Utilities: UNIX has over 200 utility programs for various functions. New utilities can be built effortlessly by combining existing utilities. Software Development Tools: UNIX offers an excellent variety of tools for software development for all phases, from program editing to maintenance of software,

Unix File System


A file system is a logical collection of files on a partition or disk. A partition is a container for information and can span an entire hard drive if desired. Your hard drive can have various partitions which usually contains only one file system, such as one file system housing the / file system or another containing the /home file system. One file system per partition allows for the logical maintenance and management of differing file systems. Everything in Unix is considered to be a file, including physical devices such as DVDROMs, USB devices, floppy drives, and so forth. Directory Structure: Unix uses a hierarchical file system structure, much like an upside-down tree, with root (/) at the base of the file system and all other directories spreading from there. A UNIX filesystem is a collection of files and directories that has the following properties:

It has a root directory (/) that contains other files and directories.

Each file or directory is uniquely identified by its name, the directory in which it resides, and a unique identifier, typically called an inode. By convention, the root directory has an inode number of 2 and the lost+found directory has an inode number of 3. Inode numbers 0 and 1 are not used. File inode numbers can be seen by specifying the -i option to ls command. It is self contained. There are no dependencies between one filesystem and any other.

The directories have specific purposes and generally hold the same types of information for easily locating files. Following are the directories that exist on the major versions of Unix: Directory / /bin /dev /etc Description This is the root directory which should contain only the directories needed at the top level of the file structure. This is where the executable files are located. They are available to all user. These are device drivers. Supervisor directory commands, configuration files, disk configuration files, valid user lists, groups, ethernet, hosts, where to send critical messages. Contains shared library files and sometimes other kernel-related files. Contains files for booting the system. Contains the home directory for users and other accounts. Used to mount other temporary file systems, such as cdrom and floppy for the CD-ROM drive and floppy diskette drive, respectively Contains all processes marked as a file by process number or other information that is dynamic to the system. Holds temporary files used between system boots Used for miscellaneous purposes, or can be used by many users. Includes administrative commands, shared files, library files, and others Typically contains variable-length files such as log and print files and any other type of file that may contain a variable amount of data Contains binary (executable) files, usually for system administration. For example fdisk and ifconfig utlities. Contains kernel files

/lib /boot /home /mnt /proc /tmp /usr /var /sbin /kernel

Unix Kernel :

In computing, the kernel is the main component of most computer operating systems; it is a bridge between applications and the actual data processing done at the hardware level. The kernel's responsibilities include managing the system's resources (the communication between hardware and softwarecomponents).[1] Usually as a basic component of an operating system, a kernel can provide the lowest-level abstraction layer for the resources (especiallyprocessors and I/O devices) that application software must control to perform its function. It typically makes these facilities available to application processesthrough inter-process communication mechanisms and system calls. Operating system tasks are done differently by different kernels, depending on their design and implementation. While monolithic kernels execute all the operating system code in the same address space to increase the performance of the system, microkernels run most of the operating system services inuser space as servers, aiming to improve maintainability and modularity of the operating system.[2] A range of possibilities exists between these two extremes.

Unix System calls


In computing, a system call is how a program requests a service from an operating system's kernel. This may include hardware related services (e.g. accessing the hard disk), creating and executing new processes, and communicating with integral kernel services (like scheduling). System calls provide the interface between a process and the operating system. On Unix, Unix-like and other POSIX-compatible operating systems, popular system calls are open, read, write, close, wait, execve, fork, exit, and kill. Many of today's operating systems have hundreds of system calls. For example, Linux has over 300 different calls, FreeBSD has over 500[1], while Plan 9 has 51. Tools such as strace and truss allow a process to execute from start and report all system calls the process invokes, or can attach to an already running process and intercept any system call made by said process if the operation does not violate the permissions of the user. This special ability of the program is usually also implemented with a system call, e.g. strace is implemented with ptrace or system calls on files in procfs.

Unix Daemons:
In Unix and other multitasking computer operating systems, a daemon ( / demn/ or /dimn/)[1] is a computer program that runs as a background process, rather than being under the direct control of an interactive user. Typically daemon names end with the letter d: for example, syslogd is the daemon that implements the system logging facility, or sshd, which services incoming SSHconnections.

Systems often start daemons at boot time: they often serve the function of responding to network requests, hardware activity, or other programs by performing some task. Daemons can also configure hardware (like udevd on some GNU/Linux systems), run scheduled tasks (like cron), and perform a variety of other tasks.

Awk Built-in Variables :


These are the AWK built-in variables : FS, OFS, RS, ORS, NR, NF, FILENAME, FNR

a. Awk FS variable is used to set the field separator for each record. Awk FS can be set to any single character or regular expression. b. Awk OFS is an output equivalent of awk FS variable. By default awk OFS is a single space character.

Awk RS defines a line. It is the Record Separator variable

c. Awk ORS is an Output equivalent of RS. Each record in the output will be printed with this delimiter. d. Awk NR gives you the total number of records being processed or line number. e. Awk NF gives you the total number of fields in a record. Awk NF will be very useful for validating whether all the fields are exist in a record. f. FILENAME variable gives the name of the file being read. Awk can accept number of input files to process. g. When awk reads from the multiple input file, awk NR variable will give the total number of records relative to all the input file. Awk FNR will give you number of records for each input file

What is AWK?
It is an excellent filter and report writer. Many UNIX utilities generates rows and columns of information. AWK is an excellent tool for processing these rows and columns, and is easier to use AWK than most conventional programming languages. It can be considered to be a pseudo-C interpretor, as it understands the same arithmatic operators as C. AWK also has string manipulation functions, so it can search for particular strings and modify the output. AWK also has associative arrays, which are incredible useful, and is a feature most computing languages lack. Associative arrays can make a complex problem a trivial exercise. The essential organization of an AWK program follows the form:

pattern { action } The pattern specifies when the action is performed. Like most UNIX utilities, AWK is line oriented. That is, the pattern specifies a test that is performed with each line read as input. If the condition is true, then the action is taken. The default pattern is something that matches every line. This is the blank or null pattern. Two other important patterns are specified by the keywords "BEGIN" and "END." As you might expect, these two words specify actions to be taken before any lines are read, and after the last line is read. The AWK program below: BEGIN { print "START" } { print } END { print "STOP" }

Unix Processes:
A process is an instance of running program. If, for example, three people are running the same program simultaneously, there are three processes there, not just one. In fact, we might have more than one process running even with only person executing the program. Every time you issue a command, Unix starts a new process, and suspends the current process (the C-shell) until the new process completes (except in the case of background processes, i.e Daemon threads. Unix identifies every process by a Process Identification Number (pid) which is assigned when the process is initiated. When we want to perform an operation on a process, we usually refer to it by its pid. Unix is a timesharing system, which means that the processes take turns running. Each turn is a called a timeslice; on most systems this is set at much less than one second. The reason this turns-taking approach is used is fairness: We dont want a 2-second job to have to wait for a 5-hour job to finish, which is what would happen if a job had the CPU to itself until it completed. Each unix process has two ID numbers assigned to it: Process ID (pid) and Parent process ID (ppid). Each user process in the system has a parent process. Most of the commands that we run have the shell as their parent. Alternatively we can run ps -f command where it lists both process ID and parent process ID. The ps -x command will list all your currently-running jobs. An example is: PID TT STAT TIME COMMAND 6799 co IW 0:01 -csh[rich] (csh) 6823 co IW 0:00 /bin/sh /usr/bin/X11/startx X The meaning of the column titles is as follows: PID process identification number TT controlling terminal of the process

STAT state of the job TIME amount of CPU time the process has acquired so far COMMAND name of the command that issued the process We can terminate a process by using the kill command. We simply find its pid (say by using ps), and then Type: kill -9 pid Stream Editor of Unix :
sed (stream editor) is a Unix utility that parses text and implements a programming language which can apply transformations to such text. It reads input line by line (sequentially), applying the operation which has been specified via the command line (or a sed script), and then outputs the line. It was developed Bell Labs,[1] and is available today for most operating systems.[2] sed is one of the very early Unix commands built for command line processing of data files. It evolved as the natural successor to the popular grep command.[3] Cousin to the later AWK, sed allows powerful and interesting data processing to be done by shell scripts. sed and AWK are often cited as the progenitors and inspiration for Perl. The following example shows a typical, and the most common, use of sed, where the -e option indicates that the sed expression follows: sed -e 's/oldstuff/newstuff/g' inputFileName > outputFileName

In many versions, the -e is not required to precede the expression. The s stands for substitute. The g stands for global, which means that all matching occurrences in the line would be replaced. Theregular expression (i.e. pattern) to be searched is placed after the first delimiting symbol (slash here) and the replacement follows the second symbol. Slash is the conventional symbol

Line Address and Context Address:


Context Address:
A context address is a regular expression supported by the ed command. The regular expression is placed between two delimiters; normally the delimiters are slashes. For example: sed -e '/pie/s/Apple/Cherry/' fruits searches for an input line that contains the pattern "pie." If "pie" is found, the pattern space is selected and all edit commands are applied

Line Address:
An address represents the number of a line in the buffer. ed maintains a current addresswhich is typically supplied to commands as the default address when none is specified. When a file is first read, the current address is set to the last line of the file. In general, the current address is set to the last line affected by a command.

A line address is constructed from one of the bases in the list below, optionally followed by a numeric offset. The offset may include any combination of digits, operators (i.e., +, - and^) and whitespace. Addresses are read from left to right, and their values are computed relative to the current address.

VI Modes:
VI typically functions in three different modes: Command mode Insert mode Last line mode Here's a quick description of each vi mode. VI Command Mode: When you first start editing a file with the vi editor you will be in vi command mode. In this mode you can issue many vi commands, including commands like insert, append, and delete, and other search and navigation commands that let you move around your file. Possibly the most important thing to know is that when you're in command mode you can't insert text immediately. You first need to issue an insert, append, or open command to insert text. These commands are actually fairly simple VI Insert mode Once you issue a vi insert, append, or open command, you will be in vi insert mode. If you're working with a modern vi or vim implementation, your vi editor is typically configured to show the current mode of operation, so when you go into insert mode, you'll see a text string like this on the last line of your vi editor window: -- INSERT -At this point you can (a) type text into your file and (b) use the arrow keys to navigate around your file just as you would do with any other text editor. (There may be some complications with older Unix systems, like HP-UX systems, but this statement is generally true.) A very important concept to know is that when you're in vi insert mode, but you want to switch back to vi command mode, you easily move back to command mode by pressing the [Esc] key. This command is so important, I'll show it again: [Esc] This command is very common, and I often see expert vi users press the [Esc] key several times in a row. They usually do this (a) to be sure they hit the key and they're really back in command mode, and (b) to hear the beep from the computer, which happens when you press the [Esc] key when you're already in vi command mode. This seems to serve as a form of feedback which assures them that they're in command mode.

VI Last Line mode: The last vi mode is known as vi last line mode. You can only get to last line mode from command mode, and you get into last line mode by pressing the colon key, like this: : After pressing this key, you'll see a colon character appear at the beginning of the last line of your vi editor window, and your cursor will be moved to that position. This indicates that vi is ready for you to type in a "last line command". From this vi command prompt you can do all sorts of really amazing things. You can do simple things, like quitting your vi session, like this: :q or :q! or :wq From last line mode you can also perform some amazing vi search commands or vim search and replace commands. Another cool thing is that you can issue Linux or Unix commands from within your vi editor session, like this simple ls command: :!ls It's really handy sometimes to be able to stay in your vi editing session but still be able to run Unix or Linux commands. And finally, you can also issue many vi configuration commands, such as this command that tells vi to show lines numbers in your current editor window: :set shownumber One last note about the vi last line mode: If you're in last line mode, and you want to switch back to command mode, there are several different ways to do this. For consistency, one way to do this is to press the [Esc] key twice, like this: [Esc][Esc] A second way is to press the [Backspace] key until anything you typed and the initial ":" character are gone. At this point you'll be back in command mode. Finally, if you haven't typed anything at all, and you're just looking at the ":" prompt on the last line, you can just press [Enter], and you'll be placed back in vi command mode.

Kernel Mode and User Mode:


Kernel Mode: Kernel mode, also referred to as system mode, is one of the two distinct modes of operation of the CPU (central processing unit) in unix. When the CPU is in kernel mode, it is assumed to be executing trusted software, and thus it can execute any instructions and reference any memory addresses (i.e., locations in memory). The kernel (which is the core of the operating system and has complete control over everything that occurs in the system) is trusted software, but all other programs are

considered untrusted software. a process running in kernel mode can be suspended in order to run a different process. This can be an important benefit for real time applications (i.e., systems which must respond to external events nearly simultaneously). In Unix, kernels are also reentrant, which means that several processes can be in kernel mode simultaneously. However, on a single-processor system, only one process, regardless of its mode, will be progressing in the CPU at any point in time, and the others will be temporarily blocked until their turns. User Mode: User mode is one of two distinct execution modes for the CPU (central processing unit) in Unix. It is a non-privileged mode in which each process (i.e., a running instance of a program) starts out. It is non-privileged in that it is forbidden for processes in this mode to access those portions of memory (i.e., RAM) that have been allocated to the kernel or to other programs. The kernel is not a process, but rather a controller of processes, and it alone has access to all resources on the system. When a user mode process (i.e., a process currently in user mode) wants to use a service that is provided by the kernel (i.e., access system resources other than the limited memory space that is allocated to the user program), it must switch temporarily into kernel mode, which has root (i.e., administrative) privileges, including root access permissions (i.e., permission to access any memory space or other resources on the system). When the kernel has satisfied the process's request, it restores the process to user mode. This change in mode is termed a mode switch, which should not be confused with a context switch (i.e., the switching of the CPU from one process to another). The standard procedure to switch from user mode to kernel mode is to call the 0x80 software interrupt. File Descriptor:
In computer programming, a file descriptor is an abstract indicator for accessing a file. Generally, a file descriptor is an index for an entry in a kernel-resident data structure containing the details of all open files. In POSIX this data structure is called a file descriptor table, and each process has its own file descriptor table. The user application passes the abstract key to the kernel through a system call, and the kernel will access the file on behalf of the application, based on the key. The application itself cannot read or write the file descriptor table directly. In Unix systems, file descriptors can refer to files, directories, block or character devices (also called "special files"), sockets, FIFOs (also called named pipes), or unnamed pipes.

There are 3 standard POSIX file descriptors which presumably every process (save perhaps a daemon) should expect to have: Integer value Name

Standard Input (stdin)

Standard Output (stdout)

Standard Error (stderr)

VNode :
A vnode is an object in kernel memory that speaks the UNIX file interface (open, read, write, close, readdir, etc.). Vnodes can represent files, directories, FIFOs, domain sockets, block devices, character devices. Each vnode has a set of methods which start with the string ``VOP_''. These methods include VOP_OPEN(), VOP_READ(), VOP_WRITE(), VOP_RENAME(), VOP_CLOSE(), and VOP_MKDIR(). Many of these methods correspond closely to the equivalent file system call - open(2), read(2), write(2), rename(2), etc. Each file system (FFS, NFS, etc.) provides implementations for these methods. The Virtual File System library (see vfs(9)) maintains a pool of vnodes. File systems cannot allocate their own vnodes; they must use the functions provided by the VFS to create and manage vnodes.

Semaphores:
A semaphore is a value in a designated place in operating system (or kernel) storage that each process can check and then change. Depending on the value that is found, the process can use the resource or will find that it is already in use and must wait for some period before trying again. Semaphores can be binary (0 or 1) or can have additional values. Typically, a process using semaphores checks the value and then, if it using the resource, changes the value to reflect this so that subsequent semaphore users will know to wait. Semaphores are commonly use for two purposes: to share a common memory space and to share access to files. Semaphores are one of the techniques for interprocess communication (IPC). The C programming language provides a set of interfaces or "functions" for managing semaphores.

Unix Security:

Unix security refers to the means of securing a Unix or Unix-like operating system. A secure environment is achieved not only by the design concepts of these operating systems, but also through vigilant user and administrative practices. User Security can be classified in sub topics as mentioned below: Design Concepts: 1. Permissions All files have permissions which can be set using chmod command and displayed using ls command 2. User Groups - Users under Unix style operating systems often belong to managed groups with specific access permissions. This enables users to be grouped by the level of access they have to this system. User and Adminstrative Techniques: 1. Password - Selecting a strong password and guarding it properly are probably the most important things a user can do to improve Unix security. In Unix systems, the essential information about users is stored under the file /etc/passwd. This file keeps track of the users registered in the system and their main definitions. Passwords, or more correctly, the hash of the password, can also be stored in the same place. The entries in /etc/passwd occupy exactly one line each 2. Users and Accounts - Administrators should delete old accounts promptly. 3. File System Security File system security is achieved by providing each file a different access permission with the help of 9bits. The first group describes the permissions of the file owner, the second group describes the permissions of a group associated with the file owner or the directory containing the file, and the third group describes the permissions associated with any process which does not have the same user ID as the file