Old Linux Course Modules

Linux Training Materials Project
GBdirect Limited 27 Park Drive Bradford, BD9 4DS West Yorkshire tel: +44 (0)1274 772277 linux@gbdirect.co.uk November 7, 2001
Contents
1 Apache Basics Objectives . . . . . . . . . . . . . 1.1 What is ? . . . . . . . . . 1.2 Installation . . . . . . . . . . . . . 1.3 How Apache Listens . . . . . . . 1.4 Conguration File(s) . . . . . . . 1.5 Key Conguration Directives . . . 1.6 ServerRoot, DocumentRoot . . . 1.7 ServerAdmin . . . . . . . . . . . 1.8 BindAddress, and Port . . . . . . 1.9 Listen . . . . . . . . . . . . . . . 1.10 User and Group . . . . . . . . . . 1.11 Apache Processes . . . . . . . . 1.12 Logging . . . . . . . . . . . . . . 1.13 Customizable Logging . . . . . . 1.14 CustomLog examples . . . . . . 1.15 Example Conguration . . . . . . 1.16 Basic Exercises . . . . . . . . . . 1.17 Solutions . . . . . . . . . . . . . 1.18 Two sites and more ... . . . . . . 1.19 Virtual Hosting Options . . . . . . 1.20 Name-based hosting . . . . . . . 1.21 Name-based hosting (continued) 1.22 Block Directives . . . . . . . . . . 1.23 Block Directives (continued) . . . 1.24 DirectoryMatch, et al. . . . . . . . 1.25 Access Control . . . . . . . . . . 1.26 Access Control (continued) . . . 1.27 Authorisation Files . . . . . . . . 1.28 Authorisation Files (continued) . 1.29 Other useful directives . . . . . . 1.30 Examples . . . . . . . . . . . . . 1.31 Exercises . . . . . . . . . . . . . 1.32 Solutions . . . . . . . . . . . . . 2 Key Conguration Files Objectives . . . . . . . . . 2.1 . . . . . . . 2.2 (continued) . 2.3 Editing . . . 2.4 Other Changes To 2.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 36 36 37 38 39 40 41
$ # " %!
. . . . . . . . .
. . . .
. . . .
. . . .
CONTENTS
ii
3 Dial Up and Remote Access Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.1 Dial-In/Out . . . . . . . . . . . . . . . . . . . . . . . . . . . 3.2 The Basics . . . . . . . . . . . . . . . . . . . . . . . . . . 3.3 Authentication . . . . . . . . . . . . . . . . . . . . . . . . . 3.4 Setting-up dial-out . . . . . . . . . . . . . . . . . . . . . . 3.5 One Dial-Out Setup . . . . . . . . . . . . . . . . . . . . . 3.6 Dial-Out Setup contd. . . . . . . . . . . . . . . . . . . . . 3.7 Dial-In Setup . . . . . . . . . . . . . . . . . . . . . . . . . 3.8 Other options . . . . . . . . . . . . . . . . . . . . . . . . . 3.9 Preferred Installation Architectures . . . . . . . . . . . . . 3.10 Preferred Setup 1 . . . . . . . . . . . . . . . . . . . . . . . 3.11 Preferred Setup 2 . . . . . . . . . . . . . . . . . . . . . . . 3.12 Appendix - sendmail conguration for non dial-on-demand 4 Email 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11 4.12 4.13 4.14 Objectives . . . . . . . . . . How email works . . . . . . Where does an email go? . Overview . . . . . . . . . . Email Protocols . . . . . . . Where the protocols go . . Basic Installation . . . . . . Sendmail behaviour . . . . Linuxconf & sendmail . . . . Conguration les ( Conguration les ( Explanation of examples . . Monitoring sendmail . . . . Monitoring sendmail (cont.) Example of . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . . and . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . .
. . . .
c GBdirect Ltd, 2000
1 6 754 7
2 81 ' 6 4 75 % 2 81 ' 9 ! 6 4 75 %
' # " %&
$ # " %% @ 1
6 754
( %
# 2 3'
# " # 1 " 0" ) ' $ ' # %"
"
2.6 2.7 2.8 2.9 2.10 2.11 2.12 2.13 2.14 2.15 2.16 2.17 2.18 2.19 2.20 2.21 2.22 2.23 2.24 2.25 2.26 2.27
Editing . . . . . . . . Important Note . . . . . . . . . . Shadow Passwords . . . . . . . . . . . . . . . . . . . Scheduling Jobs ( ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Module Conguration . . . . . . . Modules Conguration - Options Mounting Filesystems . . . . . . Runlevels . . . . . . . . . . . . . Single User Mode . . . . . . . . . Multi User Mode . . . . . . . . . Starting up and Shutting down . Changing runlevel . . . . . . . . Initscripts . . . . . . . . . . . . . . . . . . . . . . . . . . . . Initscripts - An example . . . . . Restarting Services . . . . . . . Exercises . . . . . . . . . . . . . Solutions . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 65 65 66 67 68 69 70 71 72 73 74 75 76 77 78 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
www.linuxtraining.co.uk
CONTENTS
iii
. . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . .
B 9 E 7 B C79
6 More on the Filesystem Objectives . . . . . . . . . . . . 6.1 Inodes in Depth . . . . . . . . . 6.2 Inodes (continued) . . . . . . . 6.3 Links . . . . . . . . . . . . . . . 6.4 Hard links . . . . . . . . . . . . 6.5 Soft links . . . . . . . . . . . . . 6.6 Non-native Filesystems . . . . 6.7 Disk Checking and Recovery ( 6.8 Check a Linux Ext2 lesystem ( 6.9 Disk Free Space ( ) . . . . . . 6.10 Disk Usage ( ) . . . . . . . . .
. . . . . . . . ) . . . . . . . . . . . . .
. . . . . . . ) .
4 %
5 Basic Filesystem Objectives . . . . . . . . . . . 5.1 Filesystem Overview . . . . . 5.2 Files . . . . . . . . . . . . . . 5.3 Directories . . . . . . . . . . . 5.4 Directory Hierarchy . . . . . . 5.5 Pathnames . . . . . . . . . . 5.6 Current Directory . . . . . . . 5.7 Dot (.) and DotDot(..) . . . . . 5.8 Moving and Copying Files . . 5.9 Removing Files . . . . . . . . 5.10 Operations on Directories . . 5.11 Inodes . . . . . . . . . . . . . 5.12 Inodes (continued) . . . . . . 5.13 Links . . . . . . . . . . . . . . 5.14 Hard links . . . . . . . . . . . 5.15 Soft links . . . . . . . . . . . . 5.16 Access Control and UID . . . 5.17 Categories of Access Control 5.18 Access Control - Example . . 5.19 Changing Access Permission: 5.20 symbolically . . . . . . 5.21 numerically . . . . . . . . . . . . . . . . . . . 5.22 5.23 Special Files . . . . . . 5.24 Special Files . . . . . 5.25 Filesystem Structure . . . . . 5.26 - Example . . . . 5.27 Mounting Additional Volumes 5.28 Mounting shared lesystems 5.29 Summary . . . . . . . . . . . 5.30 Filesystem Exercises . . . . . 5.31 Filesystem Solutions . . . . .
9
# "
D
!!6
( %C79
BC54 # 4% 4 % #
4.15 4.16 4.17 4.18 4.19 4.20 4.21
Talking the talk ... . . . . . . . . . Talking SMTP . . . . . . . . . . . Talking POP . . . . . . . . . . . . Managing Users under sendmail . . . . . . . . . . . Aliases - other uses . . . . . . . Sendmail Exercises . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
93 94 95 96 97 98 99 100 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 133 133 134 135 136 137 138 139 140 141 142 143
CONTENTS
iv
7 Shared File Systems Objectives . . . . . . . . . . 7.1 NFS (Network File System) 7.2 NFS Basics . . . continued . 7.3 Exporting File Systems . . . 7.4 Viewing exports . . . . . . . 7.5 Importing File Systems . . . 7.6 Samba . . . . . . . . . . . . 7.7 Samba Installation . . . . . 7.8 Samba Basics . . . . . . . . 7.9 Access to Files and Printers 7.10 Testing Samba . . . . . . . 7.11 Smbclient . . . . . . . . . . 7.12 Samba conguration File . . 7.13 Testing Samba . . . . . . . Notes on Testing Samba . . 7.14 Exercises . . . . . . . . . . 7.15 Solutions . . . . . . . . . .

8 Firewalling and Network Security Objectives . . . . . . . . . . . . 8.1 Concepts . . . . . . . . . . . . 8.2 What is Packet Filtering? . . . . 8.3 Controlling Access to Daemons 8.4 TCP Wrappers ( 8.5 TCP Wrapper Validation . . . . 8.6 Introduction to Packet Filtering 8.7 Basic Packet Filtering . . . . . 8.8 . . . . . . . . . . . . 8.9 Details . . . . . . . . 8.10 schematic . . . . . . 8.11 Options . . . . . . . . 8.12 Options For Rules . . . . . . . 8.13 - Examples . . . . . . 8.14 Removing Rules . . . . . . . . 8.15 Implementing ipchains . . . . . 8.16 Save and restore . . . . . . . . 8.17 setup script . . . . .
9 E B 74 B 6 C9
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
'
6 ( 0
"
$ !
B 6 C9 B 6 C9 ' ' '
6.11 6.12 6.13 6.14 6.15 6.16 6.17 6.18 6.19 6.20 6.21 6.22 6.23 6.24 6.25
Disk Partitioning Concepts . . . . . . . . A Partitioned Disk . . . . . . . . . . . . . Making and Changing Partitions . . . . How Many Partitions? . . . . . . . . . . What Size Partitions? . . . . . . . . . . BIOS Problems With LILO and Partitions Disk Partitioning Tools . . . . . . . . . . Using . . . . . . . . . . . . . . . . The Interface . . . . . . . . . . . Interactive Commands in . . . . Making Linux Filesystems ( ) . . . Block Devices . . . . . . . . . . . . . . . Character Devices . . . . . . . . . . . . More Filesystem Exercises . . . . . . . More Filesytem Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
144 145 146 147 148 149 150 151 152 153 154 155 156 157 159 162 162 163 164 165 166 167 168 169 170 171 172 173 174 175 175 176 177 179 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196
. . . . . . . . ). . . . . . . . . . . . . . . . . . . . . . . . . . .
' 656 ' 656 ' 656 6 56 6 56 6 56
CONTENTS
10 Overview Objectives . . . . . . . . . . . . . . . . . . 10.1 Generic Features of Unix . . . . . . . . . 10.2 Linux The Kernel of a System . . . . . 10.3 Fundamental Characteristics of Linux . . . 10.4 Multiuser Multitasking and Time-sharing . 10.5 Protected memory mode . . . . . . . . . . 10.6 Multiple Filesystem Types . . . . . . . . . 10.7 The Many Faces of a GNU/Linux System 10.8 The Filesystem . . . . . . . . . . . . . . . 10.9 Filenames . . . . . . . . . . . . . . . . . . 10.10 Filename Extensions and File Types . . . 10.11 Hidden Filenames . . . . . . . . . . . . . ) . . . . . . . . . . . . . . 10.12 The Shell ( 10.13 Key Features of the Bash Shell . . . . . . 10.14 Interacting with a Linux Terminal . . . . . 10.15 Software Tools: The UNIX Philosophy . . 10.16 Tasks/Processes . . . . . . . . . . . . . . 10.17 Process Communication . . . . . . . . . . 10.18 Re-directing I/O to and from Files . . . . .

9 Job Control Tools Objectives . . . . . . . . . . . . . . . . 9.1 Introduction . . . . . . . . . . . . . . . 9.2 Background Jobs . . . . . . . . . . . . 9.3 . . . . . . . . . . . . . . . . . . . 9.4 The Command . . . . . . . . . . 9.5 Hang Up ( ) . . . . . . . . . . . . 9.6 Execute programs at specied times ( 9.7 Options and commands related to . 9.8 Running commands regularly ( 9.9 Summary . . . . . . . . . . . . . . . . 9.10 Job Control Exercises . . . . . . . . . 9.11 Job Control Solutions . . . . . . . . .
( !
' # %"
%54
'
%54
'
'
%4
(
$ ' #
' %54 ' %54
%4
'
'
%6
'
1 1
%54 ' %54 6 5B '
8.18 8.19 8.20 8.21 8.22 8.23 8.24 8.25 8.26 8.27 8.28 8.29 8.30 8.31 8.32 8.33 8.34 8.35 8.36
Real World . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Port Scanning with Performance and Reliability Features . . . . . Target and Port Specication . . . . . . . . . Running . . . . . . . . . . . . . . . . . . . . . Reporting the State of Ports . . . . . . . . . . . . . Reporting Other Details with . . . . . . . . . . Scanning Modes: Vanilla TCP & SYN . . . . . . . Scanning Modes: IP Fragments & Reverse ident . Scanning Modes: TCP ftp proxy . . . . . . . . . . . Scanning Modes: UDP raw ICMP port unreachable Some other Scanning Modes . . . . . . . . . Documentation . . . . . . . . . . . . . . . . . Basic Howto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . principles . . . . . . . . . . . . . . . . . . . . . Use of . . . . . . . . . . . . . . . . . . . . . . . Exercises . . . . . . . . . . . . . . . . . . . . . . . Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ). . . ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 76
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
197 198 199 200 201 202 203 204 205 206 207 208 209 210 214 215 216 217 218 219 219 220 221 222 223 224 225 226 227 228 229 230 231 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249
CONTENTS
vi
10.19 10.20 10.21 10.22 10.23 10.24 10.25 10.26 10.27
Re-directing I/O to and from Files (continued) Pipes & Tools . . . . . . . . . . . . . . . . . . Linux as a Programming Environment . . . . Networking . . . . . . . . . . . . . . . . . . . TCP/IP . . . . . . . . . . . . . . . . . . . . . . Documentation . . . . . . . . . . . . . . . . . Using the man pages (On-Line Manual) . . . Overview Exercises . . . . . . . . . . . . . . Overview Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
250 251 252 253 254 255 256 257 260 263 263 264 265 266 267 268 269 270 271 272 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 295 296 296 297 298 299 300 301 302
11 Printing Services Objectives . . . . . . . . . . . . . . . . . 11.1 Linux Printing . . . . . . . . . . . . . . . 11.2 Printing documents . . . . . . . . . . . . 11.3 Main Printing Tools . . . . . . . . . . . . 11.4 Using . . . . . . . . . . . . . . . . . 11.5 Using . . . . . . . . . . . . . . . . . 11.6 Using . . . . . . . . . . . . . . . . 11.7 Samba Printing . . . . . . . . . . . . . . 11.8 Printing to a Windows Printer via Samba 12 Basic Shell Objectives . . . . . . . . . . . . . . . 12.1 Introduction . . . . . . . . . . . . . . 12.2 Getting around the command line . . 12.3 History . . . . . . . . . . . . . . . . . 12.4 Plumbing . . . . . . . . . . . . . . . 12.5 Plumbing (continued) . . . . . . . . . 12.6 Output Redirection . . . . . . . . . . 12.7 Input Redirection . . . . . . . . . . . 12.8 Combining Redirection . . . . . . . . 12.9 Pipelines . . . . . . . . . . . . . . . . 12.10 Background Processes . . . . . . . . 12.11 Background Processes (continued) . . 12.12 Background Processes and 12.13 Command Grouping and Sub-shells 12.14 Process Management . . . . . . . . 12.15 Signals . . . . . . . . . . . . . . . . . 12.16 Signals (continued) . . . . . . . . . . . . . . . 12.17 Background Processes: 12.18 Filename Generation . . . . . . . . . 12.19 Quoting Mechanisms . . . . . . . . . 12.20 Shell built-in commands . . . . . . . 12.21 Basic Shell Exercises . . . . . . . . 12.22 Basic Shell Solutions . . . . . . . . .
13 Shell Programming Objectives . . . . . . . . . . . . . . . . . 13.1 Introduction . . . . . . . . . . . . . . . . 13.2 Writing and Running Shell Scripts . . . . 13.3 Subshell or Subroutine? . . . . . . . . . 13.4 Processing Commands . . . . . . . . . 13.5 Command Substitution . . . . . . . . . . 13.6 Shell Variables and Variable Substitution
$ ' #
" 1 4 @ 1 " 1
. . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . .
CONTENTS
vii
14 Special Topics Objectives . . . . . . . . . . . . . . . . . 14.1 The Linux Bootloader (LILO) . . . . . . . 14.2 LILO conguration . . . . . . . . . . . . 14.3 Understanding . . . . . . . . 14.4 Red Hat Package Management Tool ( 14.5 Install, Upgrade and Uninstall with . 14.6 Query Options for . . . . . . . . . . 14.7 Verify Options for . . . . . . . . . . . 14.8 Output From the Verication Option 14.9 Building And Installing Applications . . . 14.10 . . . . . . . . . . . . . . . . . 14.11 Using . . . . . . . . . . . . 14.12 Options to congure . . . . . . . . . . . 14.13 Location of install . . . . . . . . . . . . . 14.14 Installation requirements . . . . . . . . . 14.15 Compilation roundup . . . . . . . . . . .
4 %
"
4 %
"
"
F
' 2 # !# G1 1 6
4 % " 4 % " 4 %
$ '
" $
"
65 1 6 5 %
6 9
' !#
' $
' %#
9
1 # " 79 6 1 # " 79 6 9 H2 ' %# # "
%% %% %% " B ( 1 0 6 $ "
9 6 C0 "
' 9 6
C
% " # 9C6 9 C6 $ 2 2
F
13.7 13.8 13.9 13.10 13.11 13.12 13.13 13.14 13.15 13.16 13.17 13.18 13.19 13.20 13.21 13.22 13.23 13.24 13.25 13.26 13.27 13.28 13.29 13.30 13.31 13.32 13.33 13.34 13.35 13.36 13.37 13.38 13.39 13.40 13.41 13.42
Shell Environment Variables . Examples . . . . . . . . . . . Examples (continued) . . . . . . . . . . . . . . . . . . . Quoting . . . . . . . . . . . . Examples . . . . . . . . . . . File . . . . . . . . . (continued) . . . . . Arguments . . . . . . . . . . . Shell Parameters . . . . . . . Blank Interpretation . . . . . . Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Exit Status or Return Code . . . . . . . . . . . . . . . File Status Tests . . . . . . . Relational Tests . . . . . . . . Loop . . . . . . . . . . . . . . . . . . . . . . . . . . (continued) . . . . . . . . . and . . . . . . . . and . . . . . . . and . . . . . . . . . . . . . . . . . . . (continued) . . . . . . . (continued) . . . . . . . Simple Conditionals . . . . . Here Documents . . . . . . . Use of commands . . . . . . . . . . . . . . . . . . . . Evaluate Expressions ( ) (continued) . . . . . . . Summary . . . . . . . . . . . Shell Programming Exercises Shell Programming Solutions
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ) . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 339 343 343 344 345 347 348 349 350 351 352 353 354 355 356 357 358 359
CONTENTS
viii
) . ) ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
15 Fundamentals of TCP/IP Objectives . . . . . . . . . . . . . . . . . . . 15.1 Fundamentals of TCP/IP Networking . . . . 15.2 History . . . . . . . . . . . . . . . . . . . . . 15.3 Recap of basic IP Concepts - Components 15.4 IP versions . . . . . . . . . . . . . . . . . . 15.5 Packets . . . . . . . . . . . . . . . . . . . . 15.6 Addresses . . . . . . . . . . . . . . . . . . . 15.7 Addresses (continued) . . . . . . . . . . . . 15.8 Netmasks and subnetting . . . . . . . . . . . . . . . . . . . . . . . . 15.9 Netmasks with 15.10 Transferring Data . . . . . . . . . . . . . . . 15.11 Hosts & Interfaces . . . . . . . . . . . . . . 15.12 Routing . . . . . . . . . . . . . . . . . . . . 15.13 Ports . . . . . . . . . . . . . . . . . . . . . . 15.14 Ports cont.. . . . . . . . . . . . . . . . . . . 15.15 Exercises . . . . . . . . . . . . . . . . . . . 15.16 Solutions . . . . . . . . . . . . . . . . . . . 16 Practical TCP/IP Objectives . . . . . . . . . . . . . . . . . 16.1 Ping Protocols . . . . . . . . . . . . . . 16.2 Network Statistics ( ) in Practice 16.3 (continued) . . . . . . . . . . . 16.4 - Further Examples . . . . . . . 16.5 Network Trafc ( ) in Practice . . 16.6 Options . . . . . . . . . . . . . 16.7 Examples . . . . . . . . . . . . 16.8 Firewalling . . . . . . . . . . . . . . . . . 16.9 Basic Theory . . . . . . . . . . . . . . . 16.10 Basic Theory (continued) . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . .
. . . . . . . . . . .
' "
" ' $ 7 C I " # D C I " # 4 I !D 7C " # I B C
' C " # PD6 C I ' ! " # C I #"
4 CC
" # 79 " # I "# " " # " # 6 ' # ! " ' # C " " # C6
14.16 14.17 14.18 14.19 14.20 14.21 14.22 14.23 14.24 14.25 14.26 14.27 14.28 14.29 14.30 14.31 14.32 14.33 14.34 14.35 14.36 14.37
The lesytem . . . . . . . . . . . . Process specic subdirectories . . . . . . Process Status . . . . . . . . . . . . . . . ) . . . . . Process Memory Usage ( Kernel data . . . . . . . . . . . . . . . . . Interrupts In Use . . . . . . . . . . . . . . IDE Devices ( ) . . . . . . . . . Networking ( ) . . . . . . . . . . Networking 2 ( ) . . . . . . . . . SCSI info ( ) . . . . . . . . . . Parallel Port ( ) . . . . . . . Kernel Parameters ( ) . . . . . . File system data ( ) . . . . . . . . Example: Increase Maximum Filehandles General Kernel Parameters ( Virtual Memory Subsystem ( Device Specic Parameters ( Remote Procedure Calls ( Networking ( ) . . . . . . . IPV4 settings ( ) . . . Special Topics Exercises . . . . . . . . . . Special Topics Solutions . . . . . . . . . .
%C
$ 4
'
F F
# "
. . . . . . . . . . . . . .
. . . . . . . . . . . . . .
. . . . . . . . . . . . . .
. . . . . . . . . . . . . . ) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 382 384 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 402 402 403 404 405 406 407 408 409 410 411 412
C ' C $ 4 $ 4 '
CONTENTS
ix

17 Basic Tools Objectives . . . . . . . . . . . . . . . . 17.1 Introduction . . . . . . . . . . . . . . . 17.2 Using Tools . . . . . . . . . . . . . . . ) . . . . . . . 17.3 The On-Line Manual ( 17.4 Finding Files the Long Way ( ) . . 17.5 Locate Files ( ). . . . . . . . . . ). . . 17.6 View and Concatenate Files ( 17.7 View Large Files & Output ( ) . . . 17.8 Viewing Parts of Files ( and ) 17.9 Listing File Information ( ) . . . . . . 17.10 File Classication ( ) . . . . . . . . 17.11 Count Words, Lines, Characters ( ) . 17.12 Differences Between Files ( ) . . . 17.13 Compare Binary Files ( ) . . . . . . 17.14 Regular Expression Searches ( ) . 17.15 examples . . . . . . . . . . . . . 17.16 Sort and Merge Files ( ) . . . . . . 17.17 Examples . . . . . . . . . . . . . 17.18 Display Unique Lines ( ) . . . . . . 17.19 Split Files ( ). . . . . . . . . . . . 17.20 Splitting Files by Context ( ) . . 17.21 Compression Utilities ( ) . . . . . . 17.22 Store and Retrieve Archives ( ). . . 17.23 Translating Characters ( ) . . . . . . 17.24 Examples of Usage . . . . . . . . . 17.25 Execute programs at specied times ( 17.26 Options and commands related to . 17.27 Running commands regularly ( 17.28 Evaluate expressions ( ). . . . . .
( !
6 7

Q6
' # %"
"

' 79 6
6
%
"
9 9 6

"

1
"
4 R
"
F
" #
'
" #
S
' $
54
1 79 6
%
!
'
'
6 76
6
# 1
6 9
"

' !#
) F 9 9 !7C6 I C

' ' '
6 56
6 56
16.11 16.12 16.13 16.14 16.15 16.16 16.17 16.18 16.19 16.20 16.21 16.22 16.23 16.24 16.25 16.26 16.27 16.28 16.29 16.30 16.31 16.32 16.33
. . . . . . . . . . . . . . . . . . Details . . . . . . . . . . . . . . Options . . . . . . . . . . . . . . Options For Rules . . . . . . . . . . . . . - Examples . . . . . . . . . . . . Removing Rules . . . . . . . . . . . . . . Implementing ipchains . . . . . . . . . . . Save and restore . . . . . . . . . . . . . . setup script . . . . . . . . . . . Real World . . . . . . . . . . . . Interface Conguration and Management Point-and-Click Interface Administration . . . . . . . . . . . . . . . . . . . . . Altering An Interface . . . . . . . . . . . . Adding an Interface . . . . . . . . . . . . . The Proper Way . . . . . . . . . . . . . . Drivers . . . . . . . . . . . . . . . . . . . . The Secure Shell in Practice ( ) . . . . Secure Copying in Practice ( ) . . . . . Summary . . . . . . . . . . . . . . . . . . Exercises . . . . . . . . . . . . . . . . . . Solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ). . . ) . . .
' 656 ' 656 6 56 % " #
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 436 437 438 439 440 441 442 443 444 445 446 447 448 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465
"
CONTENTS
19 Introduction to Editing With Objectives . . . . . . . . . . . . . . 19.1 Text editors under Linux . . . . . . 19.2 and your terminal . . . . . . . . screen layout . . . . . . . . . . 19.3 19.4 Opening les with . . . . . . . . 19.5 Modes . . . . . . . . . . . . . . 19.6 Saving, changing le and quitting . 19.7 Moving around in command mode 19.8 Numeric Prexes . . . . . . . . . . 19.9 Further Movement . . . . . . . . . 19.10 Further Movement - Example . . . 19.11 Movement by lines . . . . . . . . . 19.12 Movement by lines - Examples . . 19.13 Inserting text . . . . . . . . . . . . 19.14 command . . . . . . . . . . . . . 19.15 Multiple Insertion . . . . . . . . . . 19.16 Deleting Text . . . . . . . . . . . . 19.17 Changing Text . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
4 T!D
. . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . .
' 9 6 5
18 More Tools Objectives . . . . . . . . . . . . . . . . 18.1 Introduction . . . . . . . . . . . . . . . ). . 18.2 Displaying System Processes ( 18.3 Options and Interactive Commands for 18.4 Reporting process status ( ) . . . . . 18.5 Options for Reporting process status ( 18.6 Finding Files using specied criteria ( 18.7 Criteria used in expressions . . . ) . . . . . . . 18.8 Examples of using ( 18.9 Reporting virtual memory statistics ( 18.10 Output from . . . . . . . . . . . 18.11 free . . . . . . . . . . . . . . . . . . . . 18.12 ldd . . . . . . . . . . . . . . . . . . . . 18.13 uptime . . . . . . . . . . . . . . . . . . 18.14 xargs . . . . . . . . . . . . . . . . . . . 18.15 Options to . . . . . . . . . . . . 18.16 Positioning lenames with . . . 18.17 cpio . . . . . . . . . . . . . . . . . . . 18.18 . . . . . . . . . . . . . . . . . . . 18.19 Unzipping . . . . . . . . . . . . . . . . 18.20 tar . . . . . . . . . . . . . . . . . . . . 18.21 Raw devices and . . . . . . . . . . 18.22 Exercises . . . . . . . . . . . . . . . . 18.23 Solutions . . . . . . . . . . . . . . . .
"
5
F
6 5D
' 9 6
"
6 5D
' 9 6

4 CTCD
"
F
" 1 4 @ 1 " 1
17.29 17.30 17.31 17.32 17.33 17.34 17.35 17.36
Linux Printing . . . . . Printing documents . . Main Printing Tools . . . . . . . . . Using Using . . . . . . . Using . . . . . . Basic Tools Exercises Basic Tools Solutions .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
466 467 468 469 470 471 472 474 476 476 477 478 479 480 481 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518
. . . . . . . . . . . . . . . . . ) . . ) . . . . . . . . . ). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
65D 6 5D
6 5D
S 6
CONTENTS
xi
20 Basic X-Windows Objectives . . . . . . . . . . . . . . . . . . . . 20.1 What X-Windows Is . . . . . . . . . . . . . . . 20.2 X Needs Window Managers . . . . . . . . . . 20.3 Window Managers Are Applications . . . . . 20.4 Desktop Environments . . . . . . . . . . . . . 20.5 Starting X . . . . . . . . . . . . . . . . . . . . 20.6 Stopping X . . . . . . . . . . . . . . . . . . . 20.7 Running Shells (Xterms) Under X . . . . . . . . . . . . 20.8 Running Applications from an 20.9 Running Applications from a window manager 20.10 Conguring X . . . . . . . . . . . . . . . . . . 20.11 Basic X Hardware Conguration . . . . . . . 20.12 Basic X Software Conguration . . . . . . . . 20.13 Networked X - The Client-Server Relationship 20.14 Principles of Running Remote X Apps . . . . 20.15 How to Run Remote X Apps . . . . . . . . . . 20.16 Authentication . . . . . . . . . . . . . . . . . . 20.17 Better Authentication . . . . . . . . . . . . . . 20.18 Basic X Exercises . . . . . . . . . . . . . . .
" 4 F
65D 6 5D
19.18 19.19 19.20 19.21 19.22 19.23 19.24 19.25 19.26 19.27
Copy and Paste . . . . . . . . . . . Finding your place . . . . . . . . . Miscellaneous Commands . . . . . Search and replace . . . . . . . . . Regular Expressions . . . . . . . . Regular Expression Conventions . Regular Expression Examples . . . Regular Expression Replacement . Exercises . . . . . . . . . . . . Solutions . . . . . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
519 520 521 522 523 524 525 526 527 529 531 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549
Module 1
Apache Basics
Objectives On completion of this module you should be able to: Install and congure the Set up virtual hosts Use access controls Set up basic authentication
d b ` X V ecaYWU
webserver
Apache Basics
1.1
What is
d b ` X V YhgeWU
is the most widely-used web-server1
Listens for requests and hands something back Normally the contents of a le Possibly the result of a program Designed to be stable and congurable Not meant to be fast Probably fast enough . . .
59.99 % of all servers as of February 2001 (Netcraft - www.netcraft.com)

d b ` X V YhgYfU
Apache Basics
1.2
Installation Basic installation is easy You may be able to install from your distribution Most come with
d b ` X V ecgeWU fpU
Otherwise just follow the download instructions from the ofcial site
s v d b ` X V X v t t t s s q V i i aYhgeyxwfpufTrpffb
Normally just
d ` s gfcugTv d e YfX d
If you have problems check the docs Available at

g ` j s v d b ` X V X v t t t s s q V i i kgYecgeyTifpupxrpfpb
gc
Then follow the instructions in the
le
h h X i g pYyec
d e YfX d
Apache Basics
1.3
How Apache Listens Apache runs several processes at any one time Parent and several children Parent watches over the children Tracks how many are answering requests Spawns more if free processes drop below a certain point Kills spare processes if there are lots free Congure child numbers using MinSpareServers and MaxSpareServers directives Default is reasonable for a small business Tune it for busier sites
Apache Basics
1.4
Conguration File(s) If compiled from source,

d b ` X V X s h X ` h s g YcaYffkgWklys d b ` X V ecgeWU
installs in
Earlier versions installed under Your distribution may differ again . . . Conguration le is called Older versions use 3
` v j V i i yongpffb ` uov d g ` v j V i i yongpffb j V i i b s ` i d s h X ` h s g gpfffmyfWkWkeys
Controls what requests and how . . .
and the sample web pages Redhat installs cong les under and logs directories under 3 Some pre-packaged versions (Such as the RedHat RPM) also use separate les
w v s s u q r z y u x0xTx{8q w v s s u q t s r x0xTx85q
d b ` X V YcaYfU
` v g g d ` ` kuopppfgX
answers
Apache Basics
1.5
Key Conguration Directives Wide range of conguration directives For a very basic server you need at least the following: ServerRoot DocumentRoot ServerAdmin BindAddress Port Listen User Group
Apache Basics
1.6
ServerRoot, DocumentRoot Tells

d b ` X V YhgYfU
where its les live where its and

g YfWh
ServerRoot tells directories live
Not always necessary Good practice to have it DocumentRoot tells documents to serve up
d b ` X V YcaYfU
where to look for
Requested lenames are appended to this If you have

g ` j s t t t kglffys i } i ufeppyd d cg | `
then a request to
h d pfaapoi~aX d g5ipfyfxifpfb i b v s e v ` v j v t t t s s q V i i
points to the le
ku`
h d fppafgklfpus i b v s g ` j s t t t
d b ` X V YcaYfU
Apache Basics
1.7
ServerAdmin
d b ` X V YhgeWU
sometimes cant complete requests
In these cases it serves up an error page ServerAdmin is given as a contact address Usually set to something like
e v ` v p{r~YX d kfpeupX d fet j d i g d
You should of course ensure that it is a valid email address Possible to specify a different error page Doesnt have to use ServerAdmin
Apache Basics
1.8
BindAddress, and Port Tells

d b ` X V YhgYfU pfp pfp p
which requests to answer listens to every IP address on
By default your machine

g g d j j U j fpfkgc
But only to the port given by the Port directive

v v v 0nyGfu
tells anything that doesnt come in on

i
ignores all but the specied port
You can use more than one Port directive, e.g.

i i
If you dont specify a port then a default is used4 You can only use one BindAddress!
This is usually 80, but if you are using a binary package then bear in mind whoever compiled your package may have chosen a different value
A
c GBdirect Ltd, 2000 www.linuxtraining.co.uk
d b ` X V YhgYfU
v v v 0nyGfu
d b ` X V ecgeWU
to ignore
Apache Basics
10
1.9
Listen Listen is a replacement for BindAddress and Port Given IP:port or just port, e.g.
q v v v Wp00nyGfu pfp p
will answer requests on the IP address and port and no others To answer requests to all valid IP addresses, but only a certain port (e.g. ) use:
d i g yeu v v v G0nufu
Can use more than one Listen directive Should be used instead of BindAddress and Port in new servers
d i g yeu A
Apache Basics
11
1.10
User and Group should normally be started as root
User and Group directives say what user/group the children should run as Important security feature Should be set to something that has no real power on your system Most people use user and group
j eye
Web documents should be readable by this user Nothing should be writeable except log les
d b ` X V YhgeWU A
So it can change the user ID of the children These should not run as root
d b ` X V ecgeWU

) ) ) ) ) )

1 7$
# # # # # # ( ( ( ( ( (

)
' ' ' ' ' '
65( 65( 65( 65( 65( 6 5(
% % % % % %
1 1 1 1 1 1
! ! ! ! ! !
#" 1 #" 1 #" 1 #" 1 #" 1 # 1 "
$! $! $! $! $! $ !
G T G T G G G G G G E GG P
I I I I I I
#' #' #' #' #' # '

7'
1 # 1 " ! $ 6 0( % ! G
# # "
1.11
Apache Basics
Some elds from the
Gv
They do use memory, however
Spare processes dont use processor time
Looking at a process list5 you can see The parent
Watch carefully the more modules you add!
Negligible for a default
They are sleeping
The children
Apache Processes
output have been left out to aid clarity

12
Apache Basics
13
1.12
Logging can log information about accesses

h g g d ` ` X s g yWkWpppgpWYfWh
Use the TransferLog and ErrorLog directives will log all requests in the le If the lename starts with a then it is treated as a proper pathname, not appended to ServerRoot ErrorLog is similar but controls where error messages go Useful for debugging CGI scripts and miscongurations Check here rst if
d b ` X V YhgYfU h g g d ` ` X s g h s i } d yfffpfafWeyfYyfeeWd s d g X yYWgflyk
d b ` X V YhgeWU A
wont start
Apache Basics
14
1.13
Customizable Logging
Customizable logs available with CustomLog

i g i p~lgymfX d a
text % directives include:

d d Yf X d h
i g i ~eaumyX d a hfou3cc A
yY d lul i g
consists of % directives and/or
Bytes sent, excluding HTTP headers Filename The contents of headername: header in the request The process ID of the child that serviced the request First line of request Time, in common log format time format The time taken to serve the request, in seconds Remote username (may be bogus if return status (%s) is 401) The URL path requested The ServerName of the server answering the request
Apache Basics
15
1.14
CustomLog examples
d d d s g h s i } d WakWeyfYyfeeWd " " 9 9 " Q" " Q" " " 9 9 " % " % %# # 1 %# # 1
To log the referer information in the le

6 " " 9 !
% directives can be conditional on reply status Logs the refering page only on status 200,304,302 6 For full details consult the Apache documentation Gives list of all possible % directives
E P 8{E I ( # $ & 4
For full details consult the Apache documentation
"
"
9
%
I (
# $ & 4 A
i g d i uYWhku`
h i ` d b ` X V cgecaYyX i ~ j V i i gpffb d b ` X V YhgeWU
d b ` X V ecaYWU
h d s g h s d b ` X V X s h X ` h s g yfkkppWYfWkfYhgeyfWkWkeys
g ` j i b s d b ` X V X s h X ` h s g kggpyfecaYypkkfkefs d b ` X V X s h X ` h s g ecgeypkfefs
1.15
Apache Basics
We recommend starting with the default rather than from scratch
` v j V i i kuoafpfb
j lul j eye q v v v 5h0nyGfu e v ` v pp{rcaX d kpfeuX d fet j d i g d
~ d geWd j U d
i } i ufeppyd d cg | ` i } d yfeeWd
The default is well annotated
A sample conguration le could look like this :
Ignored by
Everything after a
Correctly congures many things for you
Example Conguration
can check the syntax of its conguration
character is a comment
www.linuxtraining.co.uk 16
fakp V pug d fg d i g yeu
Apache Basics
17
1.16
Basic Exercises
1. Apache Installation (a) Find out if Apache is installed on your machine . . . if not, install it. (b) Check Apache is running on your system. i. You should be able to point your web browser at check this ii. You might have to try (c) If Apache is not running, start it i. Run
(d) If Apache still doesnt appear to be running, nd its conguration and log les and try to x the error. 2. Basic conguration (a) Familiarise yourself with the
le.
(b) How would you change the directory where the log les are kept?. (c) How would you change the root for documents? (d) How would you enable symbolic links to be followed on the cgi-bin directory. (e) Make your site only accessible on Port 8080 (f) Now make it only accessible on the IP address 127.0.0.1, and port 80 (g) Make the changes and check them. (h) Place the following line in your
le:
3. Logging (a) Take a look at the access logs and familiarise yourself with the information they contain. (b) Set up a custom log to give the time of the request, the request, referer, and number of bytes sent, as well as the time taken to serve the request. (c) Alter your custom log to show the time taken and bytes sent only if a 200 status response occured.
$2 8# 2
C

where to browse
is the IP address of your machine. You should now be able
2 2 2 E
for information
to
1 1 ) ) 7' 1 # 1 " ! $ ! 0( ! 6 % C 9 # ' %# 2
0
$2 G# 2 2 B C m
E
3
3
Apache Basics
18
1.17
Solutions
1. Apache Installation
i. This should work for a default RedHat install, though the port number that Apache rst listens on changes in various different packaging so you should try both 80 and 8080. (c) You can start Apache one of two ways (Which may be the same on some machines!)
/etc/rc.d/init.d/httpd start somepath/apachectl start 7
(d) If you cant work out why Apache isnt running ask the tutor for assistance. 2. Basic conguration (a) You should make sure that you understand everything in the including those sections that are commented out.
(f) Add the following to your
(g) Restart the server and try to access it on both port 80 and 8080. Check that it only works as you expect and fetches documents from the correct place. (h) Check that you can browse
7
You may have to dig a little to nd where this script is
" %#
$2 8# 2 2 C 3
' !# 2
" #
(e) Add/Change the
directive in your
le to read
" #

2 2 2 ' T E 6 C ' %# 2
&
' ) 0( 6 6
" # " I C & ' !# F ' $ # # # " 54 (% 4 I I C ) 6 0( 6
' %#
(d) You can enable symbolic links by adding section for your , e.g.
to the
" C 6
# #
F
'
(c) The root for documents is specied by the
' $ # # ' # # $ # 54 % 74 ( I 4 $ # 54
'%# # !1 # # 1 " # # $ & 4 4 I %74 D 4 C %%" # 1 " # " # 1 " # " # " " I 74 D
6 5
#
" # " "
'
%#
(b) Alter the kept, e.g.
and
directives to change where the log les are
directive, e.g.
' %# 2
' C1
(b) There are several ways to check this. One is to machine and see if you get a response.
to port 80 of your
4 %
" 2
(a) If Apache is not installed you should be able to install it off a RedHat CD by mounting the CD and typing
!

%
# "
!
' 4
D 6
4 %
"
# $ & 4
65 6 5 " 6 5
Apache Basics
19
3. Logging (a) Make sure you understand what each of the columns in the access logs is for. Try ing the logs as you browse your webserver
(c) Change your LogFormat line to
1 #
%
' ex
1 #
E
%
1 # ' " # 1 # ' ! # # 1 # $ & % !54 9 % 4 C ' lx " " %% Q " # %# ( 6 9 54
1 #
( !E
" #
%
1 # 6
' " # 1 # ' ! # # 1 # $ & !54 9 % 4 C " " %% " # %# 9 54
'
(b) The following should create a le format.
54
%
6
which holds the desired log
d b ` X V ecaYWU
d i g fYy
1.18
Apache Basics
to make apache answer requests to address from
g ` j s i g d i v d t s t t t gkWpayperfeyefpus
v v v 00nufu
88~38
c3~3u~h8!Gu8y8chGuc~ ~h3uh8~CGy8uG ch
Ce3h8co~3 Ce3lh8uCf{h ~c~h8!Gu8y8GGf8~ 3{0l{ 8G3G G
d b ` X V YhgeWU
d b ` X V YhgeWU
If you dont know how to set up IP aliases ask the instructor
This is known as IP-based virtual hosting
Your machine must answer to this address8
Known as Virtual Hosting, e.g.
will make answer to all available addresses on port 80
Two sites and more ...
must be listening on the address
can serve multiple sites easily
Apache Basics
21
1.19
Virtual Hosting Options
IP-based Each site must have a unique, IP address Uses up valuable IP addresses Site accessible by all browsers Name-based Sites share an IP address Useful if short of available addresses Some browsers may have problems Most use IP-based hosting where possible Ensures maximum accessibility
88~38
3~3~u~cGy8chGuc~ ~cucuGuG ch
~c3cGy8GGf8~ !Y3ohfoc8G o~3 h!e3{cfoc8G3G G 88~38
3~3~u~hy8chGuc~ ~cuuG ch
~c3hy8GGf8~ !Y3ohfoc8oh h!e3{cfoceh o~3 8G3G G
lm3{5l{
8~838 oh
1.20
Apache Basics
Name-based hosting looks like:
Name-based hosting
Apache Basics
23
1.21
Name-based hosting (continued)

d b ` X V YhgeWU i g h X i yfeefud d X d b ` X V ecaYWU
tells can serve multiple hosts

i g h X i upYYpy
that an IP address
sections describe how documents for each site are served must be able to resolve the names in the <VirtualHost> directives to the IP address looks at the header to decide which documents to serve Not sent by all browsers Requests on other IP addresses will be processed as normal Can use both IP-based and name-based hosting
q i g iufe d b ` X V YhgeWU
b ` i X i X ` hfYyygas

s
v v pfv

v v pfv s
b ` i X i X ` hyeymfga v v pfv
i X ` yygas

v v pfv
i X ` ymfga
b ` i X g d h cmyYpW !

b ` i X g d h hfY
g d h pW !
v v fpv
g d h ! # "
| |
b ` i X i ` d hfYlcgku | s
b ` i X i ` d cmyYecay
v v fpv
i ` d lcau
| s
i ` d ecay
i g h X i ufekYfu
1.22
Apache Basics
Others are:
Limit enclosed directives to apply to a certain set of things
Enclosed directives apply only to that virtual host
Block Directives
has several block directives
is a block directive

! "

d b ` X V YhgeWU
Apache Basics
25
1.23

Block Directives (continued)

d
X d e i ` d lcgku | X d Y i X ` umykY d d Y X g d h pW
Limits the enclosed directives to apply to everything below the directory can be anywhere on the lesystem
d
X d Y
Independent of DocumentRoot is similar but is a URL path rather than a lesystem path limits directives to les called
d d e X
Path of the le is irrelevant Only checks the le name, not its location
d d e X
d
! "
A
Apache Basics
26
1.24
DirectoryMatch, et al. , and

b ` i X i X ` cmyYumykY
are similar Accept regular expressions as arguments, e.g.

` v & $ 'mho#%v
b ` i X g d h hfY v v ffv
More exible Need more thought to match only intended les
b ` i X g d h cmyYpW
!
b ` i X g d h cmyepW
b ` i X i ` d cmyYecay |
! "
A
V v b i X s b i X s ` s t t t pugkifpyfefpyfayglfpus
d g v b i X s b i X s ` s t t t feifpyfefpyfayglfpus
1.25
Apache Basics
Only the user , or a user in the group , may access les in this directory
V i g d fykkuYi
d g i g d WWlfuYi 3u8~
0 )c~)8~ 0 )c9GGh3~u8
3CGGh3~u8
u c8fAc @ 0 @ )Gh~Bc8fAc 7 0 8 3yGc 7 3y)f3 foh 0 ( ))
2 ( 5 3 u6coy42
~~h1
h ` X Wgxv
g g d ` ` X i b pppgefv
and
Validation is done on the les
Example:
Create a le in the directory to be protected
Usually Can be anything
Access Control
or
Apache Basics
28
1.26
Access Control (continued)
Access control is off by default Unnecessary for most sites Switched on by:
c 7 ohyy
identies which lename(s) constitute an Access Control File Every directory in the request path is checked for a relevant le says that Access Control les can override authorisation directives only
h ` X gTv d j d G t h h kuepeyuWpeU
( h8uCGuGu83{~cG ( hu{~c8 D 5 FfGcEc8u3C8u
Can have other values Change behaviours through your See

d b ` X V ecaYWU
d d X
d h W
g g d ` ` fpU
le
docs for further details
P H 0 uiI)c~uG
H 0 curI)Gh~~G~ H 0 uiI)c~)88y
~y Eu Q Py)u )y ~u
i g h d g yggfe
q d d efpukg X V
1.27
Apache Basics
Must create this le by hand
Listed users belong to that group
Group le is For example:
Authorisation les are very straightforward
Authorisation Files
3u8uu 3hu{a)oy~ 0 HXu8`G )){U 0 0 ( Y H 0 Xy{W8h u~8yGGhG3cu8 0 c8)
d b ` X V YhgeWU
j t g g X V i YfYpfb
7 T S U3u RuG H
j t g g X V j d i V ` d q fppYeffymyxd d YWWl X d g
1.28
Apache Basics
Create/edit this with
Format is For example:
User le is a little more complicated
Give it an authorisation le and a username
Part of the
Authorisation Files (continued)
distribution
Apache Basics
31
1.29
Other useful directives
There are around 200 Apache directives More if you add modules e.g.
h g g j fpk d
The previous ones are the essentials Some other useful directives are given below:
u s g v f e c xF%r%b u s g v f e c 05F%Fdb
Directive Redirect
Action Redirect Requests to
to with
RewriteRule
Rewrite requests, replace
AddEncoding type ext ForceType type HostNameLookups on|off|double ExpiresDefault
Serve up documents with extension ext with encoding type type Force all documents to be served up with MIME type type Whether to do DNS lookups for logging purposes Set the default expiry time of documents
c r s s g h txxFv
c r s s g vf i h 4xxrpr h
eFcdbsfpr h i
c r s s g h txxFv
c r s s g vf i h txxFpr h
e c bf i F%qpr h
y v s g t k h 54Ty g q f tprxroizvwGwixoxxsy5T{x4xs ov %tp wxxw5 b e v r t t g t e z s u q s r r p h x r c v v t)0s y z v b e v r t t g t s e b g y r s r c v v u h GwGwrTxxxqud4xwxxw5 y v s g t k j i h rdtg q h 55pTy 4f g
y y xy
v b y GxtTy
y v s g t k h 54Ty g q f v g e v q s r r h r4{x4xs ov h {y o p r t c v g e v j i h y v s g t k h Ftf dtg q h 55pTy 4f g
y v s g t k h 54Ty g q f nmvvnxwfm h v70t h txw w y w l y v s g t h 55pTy 4f g
k j i h rdtg
z s u w r e y z d b t s e 5TH5xG7Fq8q
z5sHt v vrg%cs0%b v%x00b xpr u h e q r e r s v c i h h v u r s v c i u h y r h h pxpr u sxxw5r t r c v w sxxw5r t r c v w s t r c v w xxw5r
q b y t s t r c v w i i i q q v s s 8%0xw4xxQ"0xTu xxw4pq s r 4ov s t r c v w h h g z c r y v y y e q b y t s t r c v w i i i q q v s s y v y y e q s t r c v w C{x80x4xxx0xTu wCoxx8xw4q z y t r c r g y i i i q q v s s 0x4%dxxxQ0TTu x4wp%%xo0708s 0q s r 4ov r c r f g y q r c s g r u s q r g z c r
h h
1.30
Apache Basics
Examples
r z g r s {dTy
u u u
Apache Basics
33
1.31
Exercises
1. IP based hosting (a) Start with the default installation le and add an IP based virtual host: i. Add an IP alias for your machine (Ensure it doesnt clash with any others on your network!) ii. Create a dummy index page so you will be able to tell the difference between your two sites. iii. Set up Apache to serve this site and check from a browser that everything works (for both sites) as you expected. 2. Name based hosting (a) Set up your apache so that it will serve the same sites but on a single IP address (Name-based virtual hosting). 3. Access control (a) Create two directories on one of your sites and set up access controls so that anyone can see the main index page, testuser can see the rst directory and anyone in group testgroup can see the second.
s e g b s c k Ty %Ftxwv q f ye4fx{rxtxx0{ex0xo4F5 h v h F%%x{xxx{8q py q g 4 h %c h t g q y q r g v v g c s r i q i i i q r z y u c r y g e c c c q y e q r v y4fy8x4r5T{x%0xxgF5 h v h F%s x8xx88q y g ox v g c r i q i i i q r zy u c y c c 0ttxwvx4Uxx4F5 b y s r c w r g v v g c r z g r c r e c h v h F%%s {%xtxt4r xTow50xxF5 v vF%cs x8xx88q Ty s 80qT{s t y q r g v r i q i i i q r zy u s y h h g h r z bt y b y t t xsxrxcwv4x4xor0xi h Auw txt4r w c r s g z r v z c r e c | ~ v | { v s e gl b s c k twxwy q %Fx0wv pf s e g b s c k Ty %Ftxwv q f ye4fx{rxtxx0{xoxxx{xxx{8q py q g 4 h %c h t g q y e q w c y e e r i q i i i q r z y u c r y g e c c c q y e q w c y e e r i q i i i q r zy u c y c c y4fy8x4r5T{xx{xxxx8xx88q y g ox b y t s t r c v w w c y e e r z g r c r e c xxxw4'xx{%xtxt4r xTow7{wxxexx8xx88q Ty s 80qT{s t y q c y e r i q i i i q r z y u s y h r z bt y yxxrxcwv4x4xor0xi h Auw txt4r b t s t w c r s g z r v z c r e c ~ v | { v s e gl b s c k twxwy q %Fx0wv pf
xw}xv h | ~ v | { ~ v | { 'xw}xv h
1.32
Apache Basics
1. IP based hosting
(a) The rst thing that you will have to do is set up an IP alias for your machine so that it has two distinct IP addresses. Yu might nd it easiest to use the Redhat control-panel for this. If you arent sure how to achieve this ask the instructor. A list of spare IP addresses will be made available. An example from a working multi-hosted Apache is given below
Solutions
rx0v s r s x0v
g g
$%"2 # $ $ " $ 2 $ $ % %# " C I
$ # " % %# ' 9 %# ' 9 " ' %# 6 5 6
$%#" " @ $ 6 1 % $ # " 6 1 " 6 ! 5q 4 I
$%#"2 $ " $2 $ % I
in both directories, the rst should be:
$ $ "# C 2
" $ % C %# ' 9 %# ' 9 " " Q 6 5 C 6 6
" $ " @ $ % 6 1 % $ # " 6 1 " 6 ! 5q 4 I
%
$ G# 2 2 " 2 ( 6
s e g b s c k Ty %Ftxwv q f ye4fx{txxx0{x0xo4F5 h v h F%%x{xxx{8q py q g 4 h %c h r t g q y e q r g v v g c s r i q i i i q r z y u c r y g e4cy8cx45T{x%0xxF5 h v h F%s x8xx88q y g ox y f c r q y e q r g v v g c r i q i i i q r zy u c y c c b y t s t r c v w r g v 0xwx4Uxx4F5 v g c r z g r c r e c h v h F%%s {%xtxt4r xtTyo50xxF5 v F%s x8xx88q Ty s 80qT{s w q r g v h hv g c r i q i i i q r zy u s y h r z bt y b y t s t r c v w c r s g z r xxxw4x4xor0xi h Auw txt4r v z c r e c b y t s t r c v w r g v v g c s e gl b s c k Txxw4Ux4r5 h v h F%s y q %Fx0wv pf s e g b s c k Ty %Ftxwv q f ye4fx{txxx0{xoxxx{xxx{8q py q g 4 h %c h r t g q y e q w c y e e r i q i i i q r z y u c r y g e4cy8x45T{xx{xxxx8xx88q y c y c c y f c c r q y e q w c y e e r i q i i i q r zy u g ox b y t s t r c v w w c y e e r z g r c r e c xxxw4'xx{%xtxt4r xTo7{xxxx8xx88q Ty s 80qT{s t y w q w c y e e r i q i i i q r z y u s y h r z bt y xxxw4x4xor0xi h Auw txt4r b y t s t r c v w c r s g z r v z c r e c b y t s t r c v w w c y e e s e gl b s c k %0xw4'Txxy q %Fx0wv pf
B $2 {# 2 " 2 %1 " # 1 ( 6
| ~ v | { v s e g b s c t}xwTy dFt0wv q
Apache Basics
3. Access Control
2. Name based hosting
(a) You should create a le called
(a) An equivalent example using name-based hosting would be:
and the second should be:
Note that the two names given
and should both resolve to 192.168.0.2
$ $ $ $ " $ $ $ $
"
' 6
'
6 7
"
r z g {%r
Module 2
Key Conguration Files

Objectives After completing this module, you should be able to congure the following: The password les The group le
ugy`
management
Kernel modules (
g i V d s ` i d eepfffs
Filesystem mounting ( )
System startup and shutdown scripts
36
t j X b g s ` i d kWYypmyps
g d h j pWl d v
X i g s ` i d yYyaffs
X i ` s ` i d yYpugygffs
j t g g X V s ` i d aufpeyyps
` s ` i d kuamyfs
V s ` i d pukgfyps
and
37
2.1
Stores information about users Password (on some systems) Id, and primary group Finger information Home directory Default shell
38
2.2
Colon-separated elds, e.g. First eld is the username Second is the encrypted password 1 Third and fourth elds give the user ID and the primary group ID respectively Finger information is a comma separated list of information about a user Typically stores full name, ofce room, ofce phone number and home phone number The sixth eld is the users home directory The users default shell is given by the last eld
( 7' 1 # 1 1 ' ' ! 1 6 ( G 54 G5o554 6 6 0x05GCI !6 9 s5G
On systems which support shadow passwords this will just be an , see 2.8 for an explanation
(continued)
39
2.3
Editing
You should never edit

j t g g X aufYV
Can lose information on multi-user systems Use the command

j t g g X YfYV
Normal users simply type
Prompted for old password Type new password twice (to avoid typos) Superuser can change anyones password Enters only the new password Dont have to know the old password Superuser may also disable/enable accounts account
d d eWWe X d g c j t g g X YppYV d d eWWe X d g h j t g g X YppYV d d efe X d g j t g g X aufYV
j t g g X V s ` i d aufYyffs
j t g g X V s ` i d appeymyps
directly
disables or locks an unlocks the account
b g b ulc`
b Wc`
){ e3h G 3Y
8fGof
Y Y G3'83c3)Y
g h h d b g i g h WfkYymygf
g h h d b g s ` i d Wpeupffs
h h d b pYyg 6 1 1 6 0
P E
P E 5
# # # ) pC
j t g g X V s ` i d YfYfffs
2.4
Note: Both and your password
Example:
allows you to change the nger information for a user e.g.
Other Changes To
Must be listed in
values
lets you change your default shell
will give a list of valid
require you to give
H Ru{h )of)3D
8u8V 8~{fG GyG{fG 8uG{fG 8{fG 8{fG GG{fG 8u8V
b g b yec`
g 9 ) p'
b g b ulc` 9
b kc`
41
2.5
Effective control of le access is one of the strengths of Linux/Unix One aspect of this is the concept of groups Users belong to one or more of these groups Access to les can be granted or denied on the basis of group privileges Group membership is controlled by the le
V s ` i d pugkfffs
V s ` i d pukgfyps
42
2.6
Editing Like
Tools can change it and ensure locking To create a group with ID gid and name gname:
X "
c j j X V fWYfykg
To change name of group gname to newname:

) XCI
~ j d fykg V j d fe d g
changes the groups a user belongs to, to groups :

t t pft V fugkV d ei d d d fWh
e.g. to add the user , and

8 Y rfu
i ` d cap#kgV
N.B. It also removes him from any groups not listed (excluding his primary group)
j t g g X V s ` i d aufYyffs j d fe d g
can also change the information in
Can only be run by the superuser
0 0 0 Gc~UoX{~h~X
V s ` i d fykgfmyps
shouldnt be edited directly
V
A
43
2.7
Important Note Changing user information shouldnt be undertaken lightly There are a number of restraints on changing usernames, IDs, and group IDs You shouldnt change name while a user is logged in You shouldnt change ID while user has processes running See and
j d fugk V yX d j d fe d g yX d
for others
Mostly common sense
44
2.8
Shadow Passwords shadow passwords are a security feature Normal users could get others passwords if encrypted versions were readable Some information in readable, but Passwords dont! Solution: Keep everything except passwords in Password eld contains just a single x Encrypted passwords are stored in Only readable by superuser
t j X b g s ` i d ukWYumyfs j t g g X V s ` i d YppYfmyfs j t g g X V s ` i d YppYfmyfs
needs to be
45
2.9
Mainly password expiry information Can force users to change their password Most important benet is increased security All modern systems should use shadow passwords
t j X b g s ` i d gYypyps t j X b g s ` i d geupffs
also stores other information
s #fe W
( GuUc
( Gf{U~c
cG
X i ` s ` i d yefugyaffs
ug
2.10
Cron jobs run when the current time/date entry matches a
X i fYfykf`
# 7' 1 # 1 " ! $ 6 774 0( % 6 1 2 ' # 3%" I 7 6 1$%# 3'%" " 2 #
# # "
) #" # # # "
" 0" ) ' $ " 0" ) ' $
'
6 0(
"
$ !
'
6 ( 0
"
$
# # " ' ' 6 5( 5 q 6 ( 7' ( 5( s 6
schedules jobs to run at times; specied in the le
X i ` s ` i d yefykyamyfs
Can also speciy steps, e.g.
Ranges can also be specied, e.g.
Commas separate sets of values within a eld
The rst 5 elds in
The rst section sets environment variables
Matches all possible values
Scheduling Jobs (
are
{
" 0" ) ' $
P E 5
ugy`
cfohof3~cu
Q Y 3cfA
Y oc
h aX d kWY~yWgWklys j s s h X ` h s g
X i ` s ` i d fYpukfgyps
2.11
Second line runs the command as at 4:02am every day
i ufg
h X j v ` s ` i d uY5iugygffs
g i X V eYcmp
( 0 Y 3ccGcGc3yGuF'3 ( 0 Y h~G!GcGc3yGuF'3
Gc`
Gc`y
X i ` s ` i d yYpugygffs
To run the command as at 10 minutes past and 40 minutes past the hour, between 9am and 6pm on weekdays:
runs as, e.g.
also species what user the job
P h{
i upk
48
2.12
is a script designed for use with
Runs all the programs in the specied directory Allows administrators to easily add jobs Simply place an executable script/program in the correct directory N.B. Not a standard cron feature
ykf`
g i X V eWYcmf
g i X V eYcmp A
I " # "
"
# " 1 ' %# I 4 # 1 1 # 1 " C D # " 1 ' %# I 4 # 1 " 4 ! D # " 11 ) " # # ' # # 4 r ) C %2 1 1 % C !1' ' 4 B # " # 1 $ % % 6 # ' %# ' " # ' %# ' # " # 1 # " 65 6 6 6 54 9 6 6 5% m C B " # 4 " # 1 #1"!# $ ' $ %# ' # $ ' % 4 69 I I 9 6 6 C0 4 4 " '%# #' 1 # "" 1 1 # 65 9 9 6 I 4 # ' # " " #" " 4 % " # # " # " # " %" ' m ! # " P 1 # # " %# BC(9 B P %B 1 I % B 1 1 # # I m B ' %# 2 # " # 1 ! 9
` v d i X i h s ` i d uoYyeugkyfyps d i X i Yyeugkyfh
d i X i Yyeugkyfh
2.13
Run by cron, which reads for conguration Example:
Log rotation is normally handled by
50
2.14
Module Conguration
The Linux kernel can be modular in nature Needs to know which devices use which drivers
g d h j p d v b i pyd ` pp'e
contains this information 2
Typical le may look like :

` V e d pm~We b i ffd b i Yffd g X h fgX g X h fgX
States that the device requires the module , and requires

` f'e ` V e d ~mfY
y t r e b w y z q t s r 0Uo547080q
Warning, on some systems this is
y h
b i affd
` s ` i d ygffs A
51
2.15
Modules Conguration - Options
Some modules allow you to specify options Mainly used for ISA peripherals, e.g. to provide I/O and IRQ information:
m#y d e d e b i Yffd ` s ` i d YWmyfs g i V eumpu A
Species that requires the module should be passed the argument

"u
Can also specify actions to be executed when loading unloading modules, e.g.
38 0 3yh%of{cc%au3yG 0 Y c33c~yu8uoc~0
d ` X gpfp` d mV `
Run loading the
before
module
d e
i X i Yyg
X fp` d my0rcm~Y0v ` V s j v i s j
b i Yffd
g X h fgX
which
52
2.16
Mounting Filesystems
Linux can store its les on multiple disks It decides what part of the lesystem each of these lives on using
Logical Volume /dev/hda1 /dev/hda5 /dev/hda7 /dev/hda6 /dev/hda8 /dev/fd0 /dev/cdrom kashmir c landlord:/var/admin landlord:/home/lee Mount Point / /home /tmp /usr swap /mnt/oppy /mnt/cdrom /mnt/kashmir /var/admin /home/lee/LANDLORD
X i g s ` i d yeuYmyps
FS type ext2 ext2 ext2 ext2 swap ext2 iso9660 smbfs nfs nfs
Options defaults defaults defaults defaults defaults noauto noauto,ro guest defaults defaults
Dump Check order 1 1 1 2 1 2 1 2 0 0 0 0 0 0 0 0 0 0 0 0
53
2.17
Runlevels
Linux has several modes of operation Referred to as runlevels Most common are: 0 Initial boot 1 Single User Mode 2 and above Multi-user mode Apply to most UNIX/Linux, but some allocate different numbers to graphical mode/login 3 Unfortunately, the app and daemons run automatically at each level vary greatly A good justication for the Linux Standard Base See your distribution documentation for details
Red Hat uses 5 for graphic mode, but others dont.

54
2.18
Single User Mode
Mainly used for diagnostic purposes Starts only a subset of the possible services, e.g. No networking No mail services No name lookup services Except No le-sharing services etc
g i g b s ` i d eyflymyps
55
2.19
Multi User Mode
The normal operating state All congured services are running Multiple users can log in shows the previous and current runlevel of your machine
h d d h s g eyfYcmyps
56
2.20
Starting up and Shutting down
Only the superuser can shutdown or reboot

i h X b s g eye~myps
Makes sure all processes are stopped Stops services cleanly Writes unsaved data to the disk Syncing
i d s g uflykYcmyps
i h X kYb A
will shut down the machine totally
For safety you should type
will shut down cleanly and reboot
57
2.21
Changing runlevel
It is sometimes necessary to change runlevel Rare, but useful to know You can instruct a system to change runlevel command using the Example:
i h d ~~kkYi i h d ~~gYi
Changes to runlevel 5 mode

i h d ~mckkYi A
takes the system down to single user
58
2.22
Initscripts
The precise behaviour of each of the runlevels is controlled by initscripts Control which services run in each runlevel Live in
j v i s ` i d 0rcm~Ymyfs i X i g d eu V i ulug
On Debian its in On Redhat its
Each le here is a script that can be called with , , or an argument,

i X i Yyg
j v i s j v ` s ` i d 5i~~ak5Yffs
j v i 5i~mc
59
2.23
The contents of the directories control which services start and stop in runlevel n The directories hold symbolic links to the les in The links are named informatively To start service abc you would create a link , to typically named The
j v i 5i~~
species the order to run the scripts, e.g. will be run before

faW
Links that stop a service are of the form
s j v i R5i~~
j v ` 5e

j v ` 0rce fYp
2.24
Unimportant information has been removed from the screen dump so do not be alarmed if this doesnt look like youd expect!
j h d d YYe
There are also a series of scripts which shut down the services in a sensible order
pff
We can see that the rst thing started is , followed by services, services, etc
g Y
e t i d lfye
' C 2 ' H2 2 4 5 6 6 ' 2 ' H2 2 6 6 6 2 ' H2 2 ) 6 4 CT5 6 6 ' 2 ' H2 2 4 6 6 " %# 2 ' 2 2 ) 4 C5! 6 6 ' # %" 2 ' H2 2 6 6 2 ' H2 2 6 6 %1 # 2 ' H2 2 ) I C 6 6 # ' % 2 " ' H2 2 ) 4 6 6 ' C 2 ' H2 2 9 7!79 6 6 " # ' ! 2 ' 2 2 ) B % 6 6 1 " 2 ' ' 2 2 ) B 6 6
) ' 4 5 ) ' 6 7 6 4 P !T5% ) ' P 4 " # %5C 4 P % ) ' # %" P ) P 1 # I C # ' " 4 E ) ' 9!79 5 "# ' 5 ' " B Q B 1
22 2 22 2 22 2 22 2 22 2 22 2 22 2 22 2 22 2 22 2 22 2 2 2 2
1 %)
1
" % 2 % " 1 % 8Gp E E E
" " " " " " " " " " " "
" " " " " " " " " " " "
F F F F F F F F F F F F
"%1 "%1 "%1 "%1 "%1 "%1 "%1 "%1 "%1 "%1 "%1 " %1
Consider the following: 4
Initscripts - An example
61
2.25
Restarting Services
Can be necessary to restart a particular service, e.g. so it can re-read a modied conguration le This can be done without a complete reboot It must, however, be done by the superuser To restart samba (
i X i g d eupk d xv g s j y` A d g
) we can do the following:
j v i s j v ` s ` i d 5i~~ak5Yffs
62
2.26
Exercises
1. Passwords (a) Find out whether your machine is using standard or shadow passwords? 2. Users ) and set them up with the correct Full Name, (a) Add a new user ( password, home directory. Set their default shell to 3. Groups (a) Create a new group and add your user to this group (b) Now remove both the user and the group. How would you ensure that all les belonging to that user have been removed? 4. Scheduling (a) Add a cron job to eject your CDROM drive at 5 minutes past every hour and put it back in at ten minutes past the hour 5. Mounting (a) Set up your
so that
6. Runlevels (a) Switch your machine between runlevels 3 and 5. What is happening? What happens if you change to runlevel 6? (b) Make sure your machine runs the same set of services in both runlevels 7. Stop, Start and Restart Services (a) Check you can stop, start, or restart services (b) Can you do this as a normal (ie non-root) user?
# "
'
will automatically mount your CD drive under
!

"
!
# "
( %79 !
D
' $ %#
# " # $ ' #
6
# "
!
' 4 4
# "
#" ) C D # " 4 ! D
# # " Cs # # " Cs

4. Scheduling
) 4
"
F
6
1 1
6 0!
1 "
%
$ ) Q
6 1 1 1
1 1
6 0! $ # " %
1 %
"1 ) " $ % ' 1 $ # " !
$%#" ' C) # " $ % 4 % $ # " % ' $ # " ! % ) #
6 6 1 1 6 0% 1
), if not you
1 1
6 0%
6
1 1
6 0%
1
# 54
" $ 4 %
# 54
1 1 7$
9 !%

2 1 1 1"# 6 60% 9 1 1 # $ 6 ' B 1 1
6
6 0!
2 ' 1 1 ! 1 1 1 " # 1 1 ' ' & 6 6 5% 9 6 1 1 1 7' ) 6 6 5% 6 5( 5 2 ' ' %# " # ' " ' 6 54 9 6 6 '%# " # ' " ' ' ' & 654 9 6 9 6 6 1 1 1 ) ' 6 0! 6 6 0 9 9 '%# ' $ 1 1 65!65 pG " # % ' G I " # % G 1" $"# " # ' ' & % 9 6 1 1 1 6 6 0! 1 1 1 " $ 6 0% % 6
2. Users
#
2.27
3. Groups
1. Passwords
(a) Your machine will have an password eld will be set to an x in
(a) The following would set the details for the user Lee Willis
(a)
6
6 0%
C
6. Runlevels
5. Mounting
(a) The following lines should acheive the desired effect
(b) To remove the group, the user and the users home directory
(a) The entry should look like
The home directory should be set up properly ( can change it with
There are a few important points here! Firstly there may still be les in the lesystem belonging to that user. To locate them all you should have done
prior to removing the user. You should also have located all les belonging to the group and re-parented and/or removed them before removing the group
Solutions
le if it is using shadow passwords. The .
D
' 79 6
64
(a) You can change runlevels by using and . All non-relevant services are stopped and the new ones started each time you change runlevel. Runlevel 6 reboots the machine! and (b) You should ensure that the directory listings for are the same. This should ensure that the same services are started/stopped when entering either runlevel. 7. Start, Stop and Restart services (a) (b) -
6
" % 2 % " 7
' 1 6
6
' 1 6
" % 2 % "
Module 3
Dial Up and Remote Access

Objectives On completion of this module, you should be able to: Understand the principles of point-to-point networking Understand and use the key protocols involved in dial-up networking Congure Linux as a dial-up server Congure Linux as a dial-up client
65
66
3.1
Dial-In/Out Linux can be used both as a dial-up client and a server A client system can be used to dial out to another system A server accepts dial-in There are a myriad of options for doing this We look at a very limited set to get you going The PPP Howto covers much more detail (try )
G
G C
pf pG s
G s ` j s g Cgkklys
67
3.2
The Basics The standard for point-to-point links such as dial-up is PPP This is the point-to-point-protocol; implemented in Linux through Very widely used indeed Supersedes the older and now retired SLIP (serial line IP) protocol Can dynamically negotiate local and remote addresses plus much more Standard for IP over leased lines and connections to ISPs etc. All normal distributions come with support Requires kernel support; modern distributions all provide the relevant support in the kernel they ship
j V V gpfV
68
3.3
Authentication PPP can use CHAP or PAP or nothing at all PAP is the standard login/password mechanism (Password Authentication Protocol) PAP is not the most secure CHAP involves regular challenges and responses Each side knows secrets that can be used to encrypt challenges and responses We leave reading up as an exercise The nothing at all option relies on just a login/password being used to authenticate the dialup login
69
3.4
Setting-up dial-out Vast and complicated range of options In essence, must arrange for a call to be placed started and Normally uses the command to place the call (talk to modem etc) Then starts
V V V fpWe j V V gpfV i X b fYh` j V V gpfV
to handle the link
or
Particular difculty if you have multiple ISPs nameservers but these differ for each ISP
V V V pfWe ` v h g d s ` i d kuorupppWmyfs
h X j egt
provide easier conguration
indicates your
handles this (amazing)
70
3.5
One Dial-Out Setup In /user/.ppprc

b ` X i d hgeyj d j d k d
Use system cong tools, e.g. RedHats control panel or SuSEs to add ppp0 interface
i g X ype
v v v aG0nufuGq
V X efkgV
g i ` g i ehkly` e ` kWh A
V V apfV
V s g fWhae~ups

j t g g X V d e aufpeffac d
j t g pfg
` j a)gpk"#a
rcff8rcy ydaeh d ffV V V q q p G fpffpfpffp | U G U j & j #&

f
} G U } G U } G U } G U } G U } G U
ic`gdkfc ` ~fa cfa ugYp j h X G pU | G
} } U fpW
}fGp} }
V V V i X b ` s g i V ` g e t i d s ` g g s ` i d apfcmyecaWep~lyklfyeyahkugeypmyps
3.6
To dial:
in
Dial-Out Setup contd.
(as root)

7'
6 ( 0
"
$
# ' ' ( B 6 !4 4 % Q6 8053!% B F F F ( B 6 4 j t g g X V s ` i d appeymyps E I I m %' ' " 6 ( 0 % 8854 P E E X i i s ` i d fYfcmcamyps " C
'
"

"
5% P x9

'
"

0qs
i i v i i d pfrfpyYv
` s ` i d kugmyps
3.7
in
in
in
Dial-In Setup
73
3.8
Other options worth checking the documentation on you want dial-on-demand

V V V fpWe j h X kfej h`
if
if possible, use to set up and manage your connections; similarity to win95 is strong and the model is good bear in mind that networking is a system, not a user feature: the Windows model that users can start networking is not appropriate for servers This is generally a tricky area to set up. Allocate a full day. May be able to do some debugging with
yej
Sorry if its not easy Even better option For remote dial-in, consider using ISDN and routers makes it laughably simple
i i s d j fpyYfWs
c` A
74
3.9
Preferred Installation Architectures There are any number of ways of setting up mail and web access Will usually use Linux system as an intermediary
h aX d ayWg j d
for mail exchange
possibly using rewalling to limit access to ports possibly using IP masquerading for specic services if no proxy available
j ug A
as proxy
75
3.10
Preferred Setup 1
As described above Internal network uses private addresses such as 192.168.10.0 External network uses further interface and private address Dial-on-demand router used for ISDN access to ISP DNS is run on Linux system with zone les for internal domains email 1 or used to connect to ISP occasionally for inbound mail
p~V h YX d hfg b ` i d h aX d gfWg j d
set up not to query DNS for local
192.168.0.0 Linux Router
192.168.1.0
The basics of this go deep into sendmail conguration. In essence, the option must be set for sendmail, the relay should be marked as expensive and one rule set must be commented out to prevent routine DNS lookups from causing outbound dial-up. The details are appended to this section.
t x
76
3.11
Preferred Setup 2
As described above If internal network addresses already illegal (i.e. allocated in real world) Double-proxy essential services with Squid, Sendmail etc Alternative is to use IP masquerading (but that has problems) 2 Inner Squid/Sendmail simply forward to outer Outer Sendmail delivers to inner In all congurations, router can equally be to leased line in which case can run Apache too
Outer Linux
192.168.0.0 Router
192.168.1.0 Inner Linux 2.0
Masquerading looks attractive but it fails with protocols that embed IP addresses (as some do). It is not a panacea and proxies may have to be used.
A
77
3.12
Appendix - sendmail conguration for non dial-on-demand
You must mark the relay mailer as expensive with the e ag: In the options section of insert
` gG P E sf P ' ` {v " h YX d gyfg j d 1 05 05 0po
To stop the machine attempting name lookups for local mail you should comment out a section in /etc/sendmail.cf

E ' # " q # ' # %' # " ' %6 4 %5 C 54 D %5 B 4
4 7
s&
I G 1
"
you must
Module 4
Email
Objectives By the end of this section you should : Understand how email works Be familiar with the basics of sendmail Be able to add new accounts and aliases
78
Email
79
4.1
How email works Messages in transit handled by Mail Transport Agents (MTAs) Sendmail Exim Qmail Resposible for passing a message from one machine to another Mail sent and read using Mail User Agents (MUAs) Outlook express Netscape Pine
Email
80
4.2
Where does an email go? Routing of messages is dependent on your domain Mail services for a given domain are advertised via the DNS service Mail Exchanger (MX) records May be more than one for a given domain
B 2 G# 2 $2 2 1 B 5( ( ( 2 G# 2 $2 2 81 B 5( ( 2 ' 2 2 1 % F 6 Q0 % E I 2 ' 2 2 1 % F 6 Q0 x% I
Tried in priority order (lower is better) 5->7->10->20 What happens after MX gets your message is setup dependent Simplest case, message sits on your server until you check May travel from company server to departmental server etc.
6 4 75 6754 " E "
s s s s

$2 8# 2 574 ( ( F G 2 2 2 2
2 2 2 2 $2 G# 2 B 5( ( $2 G# 2 B 5( ( $G# 2 2 B 5( ( $G# 2 2 B 5( ( s 2 2 2s 2 A
6 7
Email
81
4.3
Overview
MUA LOCAL * MTA INTERNET LOCAL MTA MUA
* NOT ALWAYS "LOCAL". OFTEN AT ISP SUCH AS DEMON OR FREESERVE.
Email
82
4.4
Email Protocols Number of protocols for transfer of email SMTP (Simple Mail Transfer Protocol) POP (Post Ofce Protocol) IMAP (Internet Message Access Protocol) SMTP used to communicate between MTAs Also ESMTP - Extended SMTP Delivery Status Notication 8-Bit MIME messages POP/IMAP communicate between mail servers and MUAs
Email
83
4.5
MUA
Where the protocols go

POP/ IMAP SMTP LOCAL MTA INTERNET SMTP LOCAL MTA POP/ IMAP SMTP SMTP MUA
SMTP
Email
84
4.6
Basic Installation Most common implementation is to run sendmail Installed by Redhat by default Exim becoming more popular Sendmail battle tested though conguration can be nasty Exim easier to congure Not yet battle-tested ... GUI cong tools know about sendmail Linuxconf
F"'#
Main conguration le Not pleasant
B. Costales (1997) Sendmail, London: OReilly. for around 750 more pages of detail
Email
85
4.7
Sendmail behaviour Commonly run in one of two setups Immediate send Queue then send Immediate send is useful with permanent net connections Send and receives email Runs permanently Queueing useful for dial-up connections Sendmail queues outgoing mail Sends every x minutes
1
Still have sendmail running permanently, to accept email and queue it
4Fp%p%Fw%txr%tp4
Redhat set this up in
#
#
Email
86
4.8
Linuxconf & sendmail
Cr"''#
w y x Fw
q 1 $ $ $ p u 1 t h 2q!#qw#&)p!fwD!!qw" 1 wT!#qqT4It}p q $ $ $ p s i h q49D&R!p!!pq2q!" 1 !!qwr&TtDgwt04It}p 8 8 q $ $ $ p e U i h ss#)#&)p!fq2q!" 1!#qq2}&Tt#g4&fIDt}p 8 8 5 8 e U @ 8' ' % 5 d #976w#DD3 I c &d#b}qTsaG`&p#!w!2&!qsD Y0q!!!&WVwDT I % 8 X 8 G % 8 X U @ 8' ' % 5 ' C D9S6wwRp#QPw!}&3 I 8 5 1 G 1 A C A D!&9H!#qwFED!&)B @ 8' ' % 5 4 #976w#!3 % 1 4&q0s2qp0 ' % $ $ )(&!!#" !qsw4It}ps
4.9
Email
Conguration les (
Cr '
On Redhat, running
t&Fwd%4Fp%p%FqAs%Frt44
Sendmail must be restarted after changing
Also contains numerous options such as
Most important bits are probably :
- Dont connect to expensive mailers
- Determine the level of logging
t
x
i h e
g f he
d
' @ #! (ww8 @ 8' ' D9S(w!#DtD @ 8' ' % 5 7wp# @ 8' ' 1 D972w ' 8 1 % 8 ' % 7wft)&fwT!sI2wqsqq4 P&V r"''#
4.10
Email
Conguration les ( )
'
and
Email
89
4.11
Explanation of examples
Anyone can talk to this server to deliver mail to users at:

n m p x x n m n m p x y
Machines on the network can use the server to send outbound email Outbound messages will appear to come from instead of etc. Messages we cant deal with (ie non-local emails) will be forwarded to
n m x x
i s
j v
Fv
n m p
n m p
g f hre
o ly
j r
j
u I
o hy
r
y y
k F "l
j o hy x o y
j
ERU
n pm
t j psm
t j psm
o hy j j q
td%d&tddwp%&pr EE2t xF%p47r w twd%%&AtdF&w%&ps EE2t xF%p4E7r w
C c c sD!(qw!}& y }| } }| } } c 1 % y }| } }| } } c 1 % @ 8' ' % 5 c &&~7D7D#qq~7D~PD!!qq(D9Pqp#Dss#w | { y e | y % % % y x| y }| { y 7DDD)EDD6##DDP&w!X&~~7zx w y ' }' y ' x y @ 8' ' % 5 ' c 1 e u d C c #Ra7~PDa7#P})q)p#724!sw#D!#qws7DD##ww ' ' } } } } } y x x ' } 2 (!DDD#D#DD~7!D { y } } y ' { }' ' s i' e c % y c } y c } c #&!D)#~7!~69D#P4D4EpD"SD#DR4hS#22D# x c 8 % ' 8 ' 8 @ 8 c S#DD#sqp(! (!q#D#Q7!q#!q#2}qw!qDw&!)w# | { y e | { y % % % } x| y }| { y 7DDD)EDD6##DDP&w!D~~7zx w
4.12
Email
Location can be changed in
Cr"''#
m m
x lx
y x
"
y x
Multiple lines per message, source and one or more destinations.
Mails in the queue commonly stored under
Logs the date, machine name, process ID, Queue ID
Details of emails sent and received
Most distributions log sendmail messages to
Destinations shows delay in delivering if any, delivery method (mailer) and status (stat) Also commonly logs POP/IMAP connections from local clients
Source shows size of message, Message-ID, protocol used
Monitoring sendmail
j s
j s
Email
91
4.13
Monitoring sendmail (cont.)
can be used to see what messages are awaiting delivery
Shows lots of information Time Queued Size of Message Source Address Destination Address Status ID in Queue

Alias for
dxpFEpp%x4 i i xi EE ED E 4px(sr% i i xi EE D E dxpFEpp%x4 i i xi E&EED E xsp%Fd(dA P4dE&%4dqx4F%4%Rxx Sqt4Fr%4%E7E&dFxErE EE 6 EE swtr&%d i xii D EP E& EEEE7pDFdF&d%xEEE(r(EEEE(%FEE7E(E wdFE%rF4F ED4Fr4%pD%xF
4.14
Email
Example of
Email
93
4.15
Talking the talk ...
SMTP, POP, and IMAP all human-readable protocols Can talk directly to servers Telnet to applicable port SMTP - 25 POP - 110 IMAP - 143
' 1 5 % w!s0!}4s @ 8' ' % 5 ' 5 y x }4s}qD9S6wp#Q7w)tsW&#x 8 tX 1 % % d } } } } { D!wwqq!q#qsww!DwfDD#DDrD#x ' 1% w!sqf&##w wD4fwT##t!u q) 5fwÌaB#)t (&f!wT!# 1 A ' A % { u DD#3 @ t ' ' ' } { }4)qwh#D7sD#x s | w TDe t u u @!!ssD!Pwwp!!DsD#x % C ' ' ' @ 8' ' % 5 } { @Pwwp!!Ds6d w D&#d 8' ' % 5 | t " i U } y y y | x| } y D}&}dDa7D7DTDDz w 4#" y (~'7~'7!~7~P0&%sCDuDd@D9'S6wp#Q7w)ts0D#x $ ' ' e C 8 ' % 5 ' 5 } x 'PY#!w!)s '2qww0#ws % ' ' ' y ' }' }' x y 1 #Da77~7D)4D#u { x DT2q2!9qwb
4.16
Email
Talking SMTP
' 1 5 % w!s0!}4s 1 !w!DC w u U E % % #wqqwDwd w y i z##3 ' !5 #5 !5 | 8 &#!C | 4 58 sq#sD2C @ 8' ' % 5 | Pwwp!!Ds 7qu 8Pq)pD#D##D!D2~7DDD#DD&#Dh6Dq!Dqd @ ' ' % 5 } { x ' } } } y y | % U @ 8' ' % 5 i | P}wp#!Dss`qlw#" } } y } }| | } y D0D~PD~7DTD#Y w qpDh7w!3 " | }Dy&D0D~7#~7DTDD)B w qpDSs!q } } }| | } y " DD#{DDÌI~77#~P~7B97}qp#T5 } x % ' ' $ ' ' G @ 8' ' % 5 1 I G | % 2sq#sw! 6#qqt | e 8 ssh#!&#!qt x !wDD w y t u zDD#t ' x DDy 5 &2sqq4!s!w2d w u C U !2i y 5 w!D4dg7!w2d w C C D#DDD`D#e Df%D!DhP#qswrp! w % tC sD! 1##DwwD!QD2q2e w e w % ' 'PY#!w!)s '2qww0#ws % ' ' ' y ' }' }' x y 1 #Da77~7D)4D#u } y y D2q2!9qwb
4.17
Email
Talking POP
tswFtx%tsqFtE%%r tsqFtd4%p thqFx&rddpFxsqFxpt%mtsqFtrd4Fr tsqFtEE(x tsqFtE(x
&xFpx
Eqt%F4 &ppF4Fr i i 4Fp%%EpdrwwtpptF% %wdF i rwxFF pF F&%pd i i xrwxdr p i i i ppr %wxdF i i &4pF xt%&p
4.18
Email
Mail for a certain address actually gets delivered to a different address
Sometimes desirable to have "aliases" for users
Users on a box "just work"
Or to more than one address!
Managing Users under sendmail
x%%% tsqFxFd&dpFrpx% E(x
vdt%p pr%4rr r(
4.19
#'
Email
MUST run newaliases before sendmail will notice changes E.g.
Controls email aliases
Human readable
"
4.20
Email
Logs the message to the end of the le and sends it to , ,
v p
y x
r&4wFdwt 444(wddt td%x4 p%VdA wdd%wttxx4rrqF
wdd%wt r&pwdd%wt r44twdd%wt vdpdp%%4tp4
Can also use the alias mechanism for logging information to a le Useful for company wide enquiries, e.g.
Aliases - other uses
m
j m
Email
99
4.21
Sendmail Exercises
1. Setup your system to use sendmail as daemon (a) Check that it starts correctly (b) Telnet to port 25 and check that it delivers mail to a local recipient. 2. Telnet to port 25 and try to use sendmail as a relay (a) Ensure that it correctly bars relaying (b) Switch on relaying for a particular domain and ensure that it works 3. Create suitable entries in
(a) So that mail addressed to one name is sent to another (b) So that mail addressed to that name is archived to a le (c) So that mail addressed to that name is piped into a shell script of your choice
$ 2q#p!$
Module 5
Basic Filesystem
Objectives After completing this section, you will be able to: Understand a typical Linux lesystem Navigate the le hierarchy Manipulate les and directories Handle access control Deal with special les and links
100
Basic Filesystem
101
5.1
Filesystem Overview Linux uses ext2 as its native lesystem Also supports many other types All data stored on a Linux system is a le Ext2 le names can be 1 to 255 characters long Only / and nul are disallowed Non-native lesystems have different features Ext2 sees only two basic types of les: directories les Other specialised types exist (FIFOs, and special les), these are covered later
Basic Filesystem
102
5.2
Files Linux imposes no structure on les All les are accessible at the byte level Individual les have a maximum size of around 2Gb (in an ext2 lesystem) They have a minimum size of 0 bytes Files can be extended after creation Filename extensions such as .exe and .bat are unnecessary Executable les are simply marked as such using le permissions (see later)
Basic Filesystem
103
5.3
Directories Directories are les that list other les Can be normal les or directories Enables a hierarchy to be built Each directory entry consists of two parts: a le name and an inode number
(An inode is roughly a pointer to a le, see below) Filename . .. bin basic_linux.tex Inode number 512 500 17324 24567
The topmost directory is always called Called the leystem root
Directory information can only be changed by Linux itself Ensures a proper structure is maintained
Basic Filesystem
104
5.4
Directory Hierarchy By tradition several directories have specialised rles

SP (7
executable commands executable commands regarding important system functions system conguration les shared libraries peripheral devices temporary les to mount external devices odds and ends, e.g. logs, status and lock les, spooling les system information further executable les further system-important executable les further libraries
User-installed programs typically go under the hierachy is not always present, it is merely a convenience to place all mounted devices under one place
l
(P6r7
(76r7
(6r7
vv7
7 7 ( 7v v( j m v7
Basic Filesystem
105
5.5
Pathnames /
home
lee
File1
File2
Files can be referred to by relative or absolute pathnames Absolute pathnames begin with

The absolute pathname refers to one le only A relative pathname does not begin with and describes the path from the current directory to nd a le, e.g.
lplu

k ) #

mike
k "#
lplu
j m j m
Basic Filesystem
106
5.6
Current Directory When you log in your shell is placed in your home directory Superuser typically has directory

u x px j
changes your current directory

u l
can be absolute or relative changes to your home

Without arguments directory
tells you the current directory
rF4&pF
Home directories are sometimes under systems
Typing to
u p u l
changes your current directory
j h#m
is a synonym for

j s#m
x
Typically
for a home
on some older
Basic Filesystem
107
5.7
Dot (.) and DotDot(..) Directories always contain two entries "." and ".." Current directory Parent directory
Used for relative pathnames and navigation Example:

Move to the parent directory Display space used by les in current directory and below Display space used by les in parent directory and below Execute the le in the current directory
7
This last row above shows forced execution of a particular le If we had simply typed then our PATH environment variable would be used to search for the le
lm pm x
It may execute another one we actually want
7D D
instead of the
5.8
Basic Filesystem
Full details of applicable options and usage can be found by typing or
'
"
""
""r
#X
e
""
u #Il
k j x
j vr` r
j qm j qm
x x

x x
Il Il
x v x
Cr
# C
x
k j x
j vr` r
j qm j qm
x x

x x
Il Il
x x

The
e.g.
The
e.g.
Moving and Copying Files
command is used to copy les:
command is used to move les:
v v

v v

Basic Filesystem
109
5.9
Removing Files Files are removed using the rm command:

"X j '
k k
e.g.
j
Most notable among the options are : Force removal, without conrmation Recursively delete les
j
e.g.
j # x
Again, full details are available by typing
Removing a le is not considered an operation on the le It is an operation on the directory Filenames are merely links (Explained below)
"#!#X " #!#X'I
"X
u l
lE u
u lE
u #Il

Il
x x j r
Cj
Cj
j r
j

j
j

j j
Basic Filesystem
110
5.10
j q n
Operations on Directories Create a new directory Remove a directory List the contents of a directory
arguments control what information is shown and how its sorted

# ' #
Some are explained later, consult full details

k j
v r j
r
"

Will create the directories and well as if they dont already exist
e x u r
as
k j
v r j

r
"
"
#
j n r
j n
j u
'j
These commands can take many arguments can be told to create the whole pathname of directories if they dont exist, e.g.
for
Basic Filesystem
111
5.11
Inodes
Each le is represented by an inode2 An inode contains information about: File type (ordinary, directory, FIFO, block device etc.) Owner ID (user the le belongs to) Size (in bytes) Access, creation, and modication times Group ID (group the le belongs to) File permissions Mapping of the le contents (data sectors) Inode layout and location varies with lesystem type
The term inode was invented by Dennis Ritchie of AT&T. He admits to forgetting why he chose that name.
r (
vr
SP
(r ( S
r `44 % %%%% GG 4 ` 8 E E CT` % % h G 14B8@B8` % 4 )$ UX g A A ` W r 44 % % %% GG 4 4 8 E E C`T` % %% h G 1B8`@B8` % 4 )$ UX g P'# g A ` U r (B8T4 % ` % %% h G C@DC` % 4 )$ X g Q ` % %%% GG 4 C ` 8 E U A ` % C ('$ ` y % xQ e %E%% Q ` ` r % vCXù br 8 % vCXu t2 q 2 q 2 ) C )% i g $ h w h` s r 3 3 p C E h ` F 8 ` d G% # c U ' ef Y ` U a AX b Y a ` A X
6 7 77
(s(v v(7r
s 7 7v6 ( v7 (
$ 8 ()$ 8 %& QQ &E 'C )$ G$EG 7)$ Q 4RQ & Q QQ 8 & E 8 & 4 F$E 8 7)$ DC
W W X BAT5 % ( $ 4 3 HA G 65 % ( $ 34 3 HA & 65 % ( $ 34 3 HAPI65 % ( $ 834 3 HA $ 65 % ( $ 34 3 BA@9765 % ( $ 8434 3
5.12
Basic Filesystem
prints the inode contents for les inc. permissions, size, links, access times etc.
Inodes (continued)
displays inode numbers of entries, e.g.
r
$% % UV (& 8 $ 2'0 Q ('$ GE%% 2'0 Q ('$ %&%% 2'S('$ 0 $%&%% 2'1)('$ 0 EGE%% 2'0 C ('$ GE%% 20 &%&%% '1)('$
#
Basic Filesystem
113
5.13
Links
More than one lename can refer to an inode These le names are links to the le creates links to les Creates hard links by default creates symbolic or soft links Erasing a le just removes its directory entry The le is only lost when all entries for it have been removed Crucially : A lename is not the le The inode is the le All names are simply links (references) to the inode Vague resemblance to Windows shortcuts
C C
Basic Filesystem
114
5.14
Hard links
A hard link is merely a directory entry with the relevant inode number Consider the following Start with:
P P r
We create a hard link:

P r P P Pr P
N.B. Hard links cannot cross lesystems Inode numbers are lesystem specic
428175
& 5ù4 $ X g 3q Rp) R6 C E 4 )$ 8 4 Q F U 8 3 3 3p 3 & A & 5u4 $ X g q Rp) 3R6 C E 4 )$ 8 4` Q F U 8 33 3 p 3 & 3 A

test h1 HARD DRIVE
P P P
& 5ù4 $ UX g 3q Rp) Rp6 3C E 4 )$ 8 & 4 Q F 8 3 3 3 3

P P P
P r
P P
P P
E B8uI4 $ X g #e 3 R6 6 3 E 4 )$ 8 ` Q F U C4 3 3p 3p & & D3 G 5ùI4 $ X g 8 2 ) 2 6 2 6 (E 4 )$ 8 4 Q F U p p p F & AidB8uI4 $ X g C 3 3R6 6 C E 4 )$ 8 C `Q F U 3 p 3p 3 & 3 $

P P 6 7 Pr7D r
7 r
P P
P P
& 54 $ X g 3 R6 p6 C E 4 )$ 8 4` Q F U 8 3 3 p 3 3 & F & D G 5`4 $ X g 2 ) 2 p6 2 p6 (E 4 )$ 8 3 4 Q F U 8 p & A & 54 $ X g R6 p6 3C E 4 )$ 8 4` Q F U 8 33 3 p 3 3 3

P P 6 7 P
5.15
Basic Filesystem
If we replace the le with another then the symbolic link still works, but the hard one still points to the old le!
This means they can cross lesystems Adding a soft link :
Soft links store the pathname of the linked le
Soft links
test
S1
428175
h1
428178
Hard Drive
Basic Filesystem
116
5.16
Access Control and UID
File access can be limited to specic users Super user(s) can override access control Access control is set by user and group ID Each user has a user-id (UID) and one or more group-ids(GIDs) Processes have an associated UID and GID Inherited from the user who created the process They can however can be changed: Processes are known as set-user ID (setuid) if they set their own user ID or set-group ID (setgid) if they set their own group ID
Basic Filesystem
117
5.17
Categories of Access Control
There are three categories of access

j
These may be specied for three sets of users: User Group Everyone
read write execute
P
SD
W X @ W7 2 D3 7 W 2 V p d2 p g
vS
pp p
4 3 3p 3p 3 R6 6 3 4 2)2626 p p p ppb43 3R6 6 3 p 3 p 3p 3

P P P P P P 6
5.18
Basic Filesystem
Access Control - Example
shows the access permissions, e.g.
"
Basic Filesystem
119
Only the owner of a le (or the super-user) may alter its access permissions (change mode) changes access permissions Works in two ways, symbolically or numerically Symbolically is easier to remember (for most)
u #v
x
u #v
5.19
Changing Access Permission:
Basic Filesystem
120
Select who you want to change permissions for Decide whether you want to
x j x j h
Take the permission that you want to change Example :

y
Adds write permission for user and group You can make several changes by separating the settings with commas, e.g.
'"X
j m
Removes write permission for all, then grants it for the user and group
o ui ko k p h # sr h qo h oi k j n i m i l # j h k k i
p
m l
j h p u
fif k j!
'"X
lm
i k j u
j vF
i k i j l" t h
j s
u " u #v u #v
j j m s m
5.20
symbolically
it

Basic Filesystem
121
Once you know this it is often quicker A number represents each permission type
4 2 1 read permission write permission execute permission
Add up the permission numbers you want for each user group (owner, group, all) and supply these to Example:
C""
x
grants all permissions to the owner (4+2+1), and read and execute (4+1) to group and all others
ww rxv
u "
u " u #v
5.21
numerically
Basic Filesystem
122
Files begin with a default access setting Specied by a users umask setting This only works numerically
u "
x
Unlike off
With a umask setting of 000 les are created with (666) permissions Default umask is 022 which means les are typically created (644) 3 e.g.
This is the case on Redhat systems where users typically belong to a group of their own, other distributions will probably use a default umask of 022
$ E 5` E 4 % 4 4
E 5` E 4 % 4 4
Y %
Y %
y y
j r j j
j j Irrj
4 q q 3 33 33 33 $ i 3 $ z# A $$ $ V 43 R6 6 3 3 3p 3p i 3 zA# $% % V
n #m
5.22
, specied permissions are turned
7r 7r P P
P P
Basic Filesystem
123
Files under typically represent devices attached to your computer Programs can open and close them and read from and write to them - as with regular les Kernel code handles exactly how these work Two types Block - Disk drives, tape drives, CDROMs Character - Printers, modems, etc.


5.23
Special Files
Basic Filesystem
124
It contains system status information For example:

Location /proc/[number] /proc/meminfo /proc/cpuinfo /proc/lesystems /proc/kcore /proc/net /proc/pci /proc/sys Information On specic running processes. See for details How much memory is in your system and how much is being used What CPU(s) you are currently using Filesystems your kernel supports An image of your physical memory Network status of your machine PCI devices found at initialization Details on kernel variables, e.g. Maximum number of les we can open (le-max) Number of les currently open (le-nr) The uptime of the system (uptime)
v 7
Table 5.1: System Information from
j q
The section of the lesystem called doesnt contain real les
ww2$
j q
5.24
Special Files -
Basic Filesystem
125
5.25
Filesystem Structure
Multi-Volume Filesystems The lesystem can be held on several devices Large disks can be divided into partitions This creates several logical devices A basic Linux system must be present on
Other parts of the fs may be mounted at any time The main ones are mounted at boot time This is controlled by the le which says which volumes are mounted where
Basic Filesystem
126
Logical Volume /dev/hda1 /dev/hda5 /dev/hda7 /dev/hda6 /dev/hda8 /dev/fd0 /dev/cdrom kashmir c landlord:/var/admin landlord:/home/lee
Mount Point / /home /tmp /usr swap /mnt/oppy /mnt/cdrom /mnt/kashmir /var/admin /home/lee/LANDLORD
5.26
- Example
FS type ext2 ext2 ext2 ext2 swap ext2 iso9660 smbfs nfs nfs Options defaults defaults defaults defaults defaults noauto noauto,ro guest defaults defaults Dump Check order 1 1 1 2 1 2 1 2 0 0 0 0 0 0 0 0 0 0 0 0
|{{
Basic Filesystem
127
5.27
Mounting Additional Volumes

lm x j l x x
changes directory to the root of the CDROMs lesystem To unmount use where name is either the lesystem name or the mount point:

lm x
N.B. - A lesystem can only be unmounted when it is no longer in use. In use includes : Having any le on that lesystem open Having a shell in a directory on that lesystem
Mounts the lesystem directory
x j p
j p
To mount a lesystem use

l
, e.g.
"m
j p
j p
j l'
j l'
lm
lm
pm x x
"m
"m
in the
Basic Filesystem
128
5.28
Mounting shared lesystems
NFS lesystems can be mounted with

pE m n ll x x do o Ilm l l x
Example:
#
v pm x
Share les from MS-Windows machines using SAMBA This is a free implementation of the Windows le-sharing protocols, e.g.
N.B. Linux does not use the drive letter concept at all Drives and shares integrate seamlessly into the lename tree
m n ll
sf ~
u l o
u
x do j
}
p x
~~ T#
r
x u
v v
pm pm x
Basic Filesystem
129
5.29
Summary
The primary Linux lesystem is Ext2 It has a tree-like hierarchy of directories Directories merely contain pointers to les (inodes) inodes contain all the information about a le Can have multiple links to the same le Read/Write access is controlled per le Creation/Deletion of les is controlled by permissions of the directory Several lesystems can be mounted to create the directory hierarchy
Basic Filesystem
130
5.30
Filesystem Exercises
% D w
1. Basic navigation (a) Log in and use to discover what the full path of your home directory is. and then and use . Use
(b) Change directory to time. (c) When in
type
to nd out where you end up.
(d) What is the parent directory of the root of the lesystem? Why is this so? (e) Move back to your home directory. Think of three ways you can do this. 2. Directories (a) Start in your home directory and create a directory called (b) Change to the directory and create a directory called
(c) Go to you home directory. Now create a directory under called There are two ways to do this what are they? (Hint: You dont have to change directories to solve this.) (d) Remove all the directories that youve just created, there are several ways to do this. (e) Create the same directory structure with one command. 3. Links in your home directory (Typing should (a) Create a le called do this). Now create a hard link to called and a symbolic link to test called (b) Find out the inode number of the les. Check you understand why they are what they are. (c) Remove the original le called original le? (d) What happens if you try between , and
. Can you still get at the contents of the . Make sure you understand the distinction
(e) Try to make a hard link to your home directory. Why does this fail? 4.
(a) Use the les in to nd out how much memory your system has and what processor it is running on. (b) Find out what PCI devices are attached to your machine. (c) Find out what environment variables are set for your currently running shell using the information in . Hint you can get the process-id of your shell using $$ (d) Whether or not your machine is doing IP forwarding is stored in the le . You can this le, a value of 1 means that IP forwarding is turned on. Find out whether or not your machine will forward IP. (e) Find out how many les are currently open on your system.
x y w0#
!w !2 w
q w
% #
!
2$ % #
w
q w q w
w
% q $ $ $ 1 $ D!#!)wD#)!w}!!w$
wD2$
' ' % D w
5 t$
to check you got there each
ww2$
q w2
q w
2$
s4!w
q2$
q q!Vwf#z}b q w2w}b
3. Links (a) This is achieved as follows:
$ $ %@ p!9!w})b % 2b
iii.
$ #9Y2b % 2b }4!w}$!2}w)V)p2b $ % % 2b % )p2b ' D' 2b % !)p2b % ' D' 2b % s4!)p2b % !92b $ % % 2b
s94!9!w})pb $ $ % @ %@ s4!)pb !92b $ %
% 2b !b %@ % 2b % @ b % 2b
4)!82$4w2$% % %
$ ' D' '
$ 2} 2$
5 t$
% D
4!&8 8$ 4!&4$
% D0b
5.31
Basic Filesystem
1. Basic Navigation
(a) You will probably see
(e) You can move back to your home directory by using any of the following:
(b) Check that the output of
(d) The parent of is itself. You can use for and are the same when you are in
(c) You should end up in
where
Filesystem Solutions
i. ii. iii.
l
2. Directories
(e)
(d) Any of the following will work :
(b)
(a)
(c)
then either :
ii.
ii.
i.
i.
is the name you log in with.
This is the root of the lesystem.
(Provided your home directory lives under /home)
is
and
to show that the inode numbers
Basic Filesystem
132
(c) After you created the hard link the original le had two names and . You have removed but until all names for a le have been removed it is still accessible. In this case you can do to see the contents of the le. message. (d) This should fail with a contained a pointer to the le not the inode number. There is no longer a le named so this cannot work. Hard links reference a le by its inode number, symbolic links reference it by its name (e) This is not allowed, as it could stop the lesystem being strictly hierarchical. 4.
(a) (b) (c)
should show you memory usage.
gives a list of all PCI devices.
will give a list of the environment of your current shell. Each variable is delimited with the nul character (decimal 0). The following will show the output with one variable per line :
(d) See The Exercise (e)
q w
q w!
w
{ w {
5 #! fS#D9 } } }
w 1#!wqp!p4)Vws % 8 q w2! w
{ w {
5 #!
#l
f}w 4
#}p!!w2`!2 $ $ 1 $ $
) #DD!q2!b $ b b $ $
}w4}DDDw2`!2 $ b b $ $ $ $ q42w2`!2 $ $ qw%4)w2`!2
q w w
(b)
should show that the inode number of the original le and are is another name for the original le. The inode number for identical will be different. It is a separate le that contains information about the location of the le it is a link to.
q w2
w`
q w
q2$
Module 6
More on the Filesystem

Objectives After completing this module you should be able to understand and utilise these features of the Linux lesystem: Inodes Non-native lesystem types Filesystem checking and recovery Disk usage utilities Disk partitioning utilities Filesystem creation Block, Character and Raw Devices
133
134
6.1
Inodes in Depth Every le/directory is specied by an inode

1
A single inode can have many lenames (links) An inode contains information about: File type (ordinary, directory, FIFO, block device etc.) Owner ID (user the le belongs to) Size (in bytes) Access, creation, and modication times Group ID (to which group does the le belong) File permissions Mapping of the le contents (data sectors) Knowing inode numbers can be very useful if you want to restore les on a disk with bad blocks Inode layout and location varies with fs type
The term inode was invented by Dennis Ritchie of AT&T. He admits to forgetting why he chose that name.
r (
vr
SP
(r ( S
r `44 % %%%% GG 4 ` 8 E E CT` % % h G 14B8@B8` % 4 )$ UX g A A ` W r 44 % % %% GG 4 4 8 E E C`T` % %% h G 1B8`@B8` % 4 )$ UX g P'# g A ` U r (B8T4 % ` % %% h G C@DC` % 4 )$ X g Q ` % %%% GG 4 C ` 8 E U A ` % C ('$ ` y % xQ e %E%% Q ` ` r % vCXù br 8 % vCXu t2 q 2 q 2 ) C )% i g $ h w h` s r 3 3 p C E h ` F 8 ` d G% # c U ' ef Y ` U a AX b Y a ` A X
6 7 77
(s(v v(7r
s 7 7v6 ( v7 (
$ 8 ()$ 8 %& QQ &E 'C )$ G$EG 7)$ Q 4RQ & Q QQ 8 & E 8 & 4 F$E 8 7)$ DC
W W X BAT5 % ( $ 4 3 HA G 65 % ( $ 34 3 HA & 65 % ( $ 34 3 HAPI65 % ( $ 834 3 HA $ 65 % ( $ 34 3 BA@9765 % ( $ 8434 3
6.2
prints the inode contents for les inc. permissions, size, links, access times etc.
Inodes (continued)
displays inode numbers of lenames, e.g.
r
$% % UV (& 8 $ 2'0 Q ('$ GE%% 2'0 Q ('$ %&%% 2'S('$ 0 $%&%% 2'1)('$ 0 EGE%% 2'0 C ('$ GE%% 20 &%&%% '1)('$
#
136
6.3
Links More than one lename may refer to an inode These le names are links to the le creates links to les Creates hard links by default creates symbolic or soft links Erasing a le simply removes its directory entry Only when all entries for a le have been removed is the le lost Crucially : A lename is not the le The inode is the le All names are simply links (references) to the inode Vague resemblance to Windows shotcuts
C C
137
6.4
Hard links A hard link is merely a directory entry with the relevant inode number. Consider the following We start with :
P P r
We create a hard link :

P r P P Pr P
N.B. Hard links cannot cross lesystems Inode numbers are lesystem specic
& 5ù4 $ X g 3q Rp) R6 C E 4 )$ 8 4 Q F U 8 3 3 3p 3 & A & 5u4 $ X g q Rp) 3R6 C E 4 )$ 8 4` Q F U 8 33 3 p 3 & 3 A

P P P
& 5ù4 $ UX g 3q Rp) Rp6 3C E 4 )$ 8 & 4 Q F 8 3 3 3 3

P P P
P r
P P
P P
E B8uI4 $ X g #e 3 R6 6 3 E 4 )$ 8 ` Q F U C4 3 3p 3p & & D3 G 5ùI4 $ X g 8 2 ) 2 6 2 6 (E 4 )$ 8 4 Q F U p p p F & AidB8uI4 $ X g C 3 3R6 6 C E 4 )$ 8 C `Q F U 3 p 3p 3 & 3 $

P P 6 7 Pr7D r
7 r
P P
P P
& 54 $ X g 3 R6 p6 C E 4 )$ 8 4` Q F U 8 3 3 p 3 3 & F & D G 5`4 $ X g 2 ) 2 p6 2 p6 (E 4 )$ 8 3 4 Q F U 8 p & A & 54 $ X g R6 p6 3C E 4 )$ 8 4` Q F U 8 33 3 p 3 3 3

P P 6 7 P
6.5
If we replace the le with another then the symbolic link still works, the hard one still points to the old le!
This means they can cross lesystems Adding a soft link :
Soft links store the pathname of the linked le
Soft links
139
6.6
Non-native Filesystems Besides Ext2, Linux supports most well-known lesystems, e.g. MS-DOS (FAT16), VFAT, FAT32 ISO9660 (CD-ROM) NTFS (Windows NT) SMB / CIFS (MS Windows le sharing) Most can be mounted, read & written Specic tools can create some non-native lesystems (e.g. DOS/CD-ROM) Some non-native lesystems can even be checked and repaired (e.g. Minix) Not wise to automate checking and repair on non-native systems
140
checks and repairs Linux lesystems

(
GENERIC SYNTAX: Actually, just a front-end for specic lesystem checkers , e.g. The lesystem-specic checker is searched for in these places in this order: and
n g
Common options: uses to ID and check all lesystems in one run

o
#(V6'V Rz 3 V(VD'erdV#R #
Directories in the PATH environment variable

skips the root lesystem when the option is operative
6.7
Disk Checking and Recovery (

n
141
SYNTAX
Main options:
nds bad blocks and marks them by adding them to the bad block inode Force checking even if the le system seems clean Usually opens lesystem read-only and answers no to all questions Note: if the options are also specied the lesystem will be opened read-write, to update bad-blocks list, but no other changes are made Automatically repair the lesystem without questions Verbose mode Answer of yes to all questions
V3
x 3 x ex 3
# $
Option Effect

rR"
Devices specied as
is the application called by ext2 lesystems
6.8
g
Check a Linux Ext2 lesystem (

n
to check
TrP(x 7rlV)

#3
U I3
, etc
142
shows free space on lesystems [lesystem list]
SYNTAX: Defaults to all currently mounted lesystems Displays in 1K blocks by default; environment variable POSIXLY_CORRECT sets 512-byte
"
GNU
cant show space on unmounted FSs
Main options:
Option Effect Include all, including pseudo-lesystems List inode usage instead of block usage 1K block output. Override POSIXLY_CORRECT POSIX output, i.e. every fs on a single line. Columns are often misaligned Display fstypes in output Limit output to specic fstypes. Multiple -t options poss Exclude specic fstypes Human-readable output

6.9
"
Disk Free Space (
d7ttX)
"
A I3 23 3 I3 #3 I3
143
reports disk space used by a directory (inc. its sub-directories) or a le Useful for summarizing le/directory sizes SYNTAX: GNU defaults to 1K blocks, unless set POSIXLY_CORRECT (512-byte)
Option Effect Display counts for all les, not just directories Cumulative totals after all arguments have been processed. Useful to calculate directory usage, with some les excluded Output in Kbs. Overrides POSIXLY_CORRECT Displays only totals for directory/le; ignoring sub-directories Human-readable output
m m
Xuq dn d7ttX)
6.10
Disk Usage (
I3
A I3
3 3 3
144
6.11
Disk Partitioning Concepts
Partitioning enables efcient use of large drives by dividing them into smaller sections A Partition table at the start of each disk points to the beginning/end of each partition Max 4 Primary Partitions on standard disks More possible inside Extended Partitions An Extended Partition has its own partition table; pointing to sub-divisions within it Sub-divisions called Logical partitions (drives)
145
6.12
A Partitioned Disk
DOS Extended
Linux native OS/2 HP FS
146
6.13
Making and Changing Partitions
Linux usually benets from putting parts of its lesystem on different drives or partitions e.g. access different parts simultaneously Issues: How many partitions? Size of partitions for specic directories Partitioning an empty drive Destructive re-partitioning Non-destructive re-partitioning
147
6.14
How Many Partitions?
How many partitions you need depends on: How you intend to use a system What resources you have (e.g. physical disks) A common single-disk server might have separate partitions for: Swapping The The The
x x lWo j m j s j m x u
lesystem/directory lesystem/directory lesystem/directory lesystem/directory lesystem/directory
The The The
lesystem/directory
148
6.15
What Size Partitions?
What size partitions you need depends entirely upon how you intend to use the system Filesystems needing large partitions are usually:

x u
for users le space for server les (news, web, mail, logs
etc) The following are usually made just big enough: the swap partition (rarely more than 127 Mb)
x x pdo
j h
(enough for a few alternative kernels)
149
6.16
BIOS Problems With LILO and Partitions
BIOSes on most Intel-type machines cant access data beyond cylinder 1023
To start Linux, LILO uses data in

x x pdo
The partition must always be located entirely below cylinder 1023
Multiple IDE drive machines always work if is on the rst primary controller
On mixed IDE/SCSI systems must be on the rst IDE primary controller or SCSI
On multiple SCSI drive systems or on

e
must be
x x lWo
x x ldo x x lWo
x x lWo
150
6.17
Disk Partitioning Tools
Common partitioning tools:
(r
P v
7(
7(
W Xg
e V e
X
r r(
Tool
Notes Standard on all Linux and much UNIX. Very exible. Tricky character-based interface. Fairly reliable Non-destructive re-sizing of partitions. Difcult CLI. Some distrust it. Red Hat install-time tool. Friendlier character-based interface. Set growable partitions. Set mount points Used in Caldera X-based installation. Allows non-destructive repartitioning on the y. Easy and reliable. Proprietory. Not always available As above, but the full commercial product and price
W Xg
151
basically writes partition tables
Very dangerous, but not that difcult SYNTAX: One useful CLI option:

lists available partition tables then exits
Usually superuser-only and needs explicit path 2 tips: Never use (write/save changes) unless you really know what you are doing
Use
(quit) to exit without saving changes
6'u6TrP(xPTqx) ddttV'
n
6.18
Using
7r
(7r ((
p V 2 2
(r (r
vv7 (rPr
g $ (6 3 F 4 Q
2 '0 c de Uc
v(
vv(r
U C x # 8 $ j
$& $G & (6G7)$ 4 Q $ C F 8 F 8 % % 84 C % % Q &'& 8 % 9C G 8 C $ C $ % 4 % % C $ Cd8 F 8 $ C C $ C $ F 6$ Q $ 8z8 $ 4 4 44 % y # 0 c Xz W U 4 $ C $ Q % D 8 Q F 8 F x A `

rS P
v r7v
F X A C A X $ X A X 4 A i e U # i s
v 6v v 6v v 6v v 6v 7r rS
A X
7v
P7 v
v 6v
V D
n
r (7
` r 1 h A D A X W s AW D I D (
7( S 6v v r v 7v2
6.19
The only helpful thing about screens is that they all prompt with ( for help)
The
n
Launched without arguments on IDE:
prints the partition table for current hard disk
Interface
X e

153
Tool Notes toggle partition as bootable Delete a partition. Needed before re-allocating disk space to other partitions List known partition types Help menu Create/add a new partition Print to screen current drive partition table Quit without saving changes Change a partitions lesystem type Write table to disk and exit Experts (i.e. total gurus) only

n
A selection of
interactive commands:
n
6.20
Interactive Commands in
154
Normally, you can only write a le to a device with a lesystem on it (formatted in DOS-speak) 2
SYNTAX:
Filesystems are made on unmounted devices
Lots of options, few widely used:

Option Effects Check for bad blocks before creating fs Specify the bytes/inode ratio. Defaults to 4096 bytes. Lower useful on oppies % of reserved blocks for super-user. Default 5%. 0% common on data oppies Quiet execution. Useful in scripts
Some Linux utilities, like
and
tj
If omitted,
auto-calculates fs size
can actually write to raw devices

Rruj Tjj
Utilities for other types:
, etc
rj
Native Linux lesystems are made using
tj
6.21
Making Linux Filesystems (
TrP(x 7rlV) tj 9 '
155
6.22
Block Devices
Typically, block devices are disks and tapes Strictly, I/O devices with these characteristics: Seen by kernel as a range of blocks 0 to n-1 Where n = number of blocks on the device Can have a lesystem mounted on it Ability to perform random access reads A specic block size Handling only one data block at a time Only accepts actions on whole data blocks Kernel buffers its I/O
156
6.23
Character Devices
Any device which is not a block device Typically: printers terminals modems Drivers determine how a program reads from and writes to it For example, a terminal device driver lets programs read typed info in two ways: In raw mode (i.e without driver interpretation) A line at a time with the driver removing erase and kill chars (typos and corrections), so: the program reads everything on a line the number of characters on a line can vary Kernel doesnt buffer character devices
157
6.24
More Filesystem Exercises
1. Inodes and Linking (a) Use to nd out the number of hard links to your
(b) Use the following to locate the les with inode numbers 1 and 3: (c) Create a le called in your home directory (Typing should do this). Now create a hard link to called and a symbolic link to test called (d) Find out the inode number of the les. Check you understand why they are what they are. (e) Remove the original le called original le? (f) What happens if you try between , and . Can you still get at the contents of the . Make sure you understand the destinction
(g) Try to make a hard link to your home directory. Why does this fail? 2. Creating Filesystems and Formatting (a) Identify and use the command string needed to create the following on a oppy disk: i. An Ext2 lesystem ii. A DOS lesystem iii. An IS09660 CD-ROM lesystem
(c) Mount the ISO9660 formatted disk under
(d) Identify and use the command string needed to do the following to a oppy disk: i. Low-level format the disk ii. Add a DOS fs to a low-level formatted disk
to write to a oppy disk without a lesystem on it (you may have to (e) Try using low-level format the disk to remove an existing fs). 3. Checking and Repairing Filesystems (a) Find the appropriate man pages and, hence, the commands to: i. Locate bad blocks on an Ext2 device ii. Find and mark the bad blocks on DOS/FAT oppies (b) Use
to force checking and automatically repair an Ext2 formatted oppy.
4. Creating, Modifying and Deleting Partitions It is not wise to practice disk partitioning on important lesystems. It can be done, but mistakes may be unrecoverable. So we ask you to do the following partitioning questions on a oppy. Most people wont be able to make mountable lesystems on a oppy (you need to make a block device le rst), but you should get some safe practice on . You may only be able to do these oppy-based questions using recent versions of . (a) Delete all existing partitions from your oppy

(b) To test your DOS lesystem, lename?
a long lename le to it. What happens to the to prove it is readable.
Bq BH
BlB BH B B B B BH||vf s B

directory.
| v|

|
158
(b) Create 2 new primary partitions: i. 1 with an Ext2 system ID ii. 1 with a Win95 FAT32 system ID (c) Save the new partition table and exit (d) Re-enter partitions
and check the oppys partition table contains the correct
(e) Delete the FAT32 partition and replace it with two FAT32 logical drives.

v|
159
6.25
More Filesytem Solutions
1. Inodes and Linking (a) The answer depends on your system. In recent Red Hat distributions number 2.
(b) The answer depends on your system. In recent Red Hat distributions inode number 1 is and number 3 is (c) This is achieved as follows:
(d)
should show that the inode number of the original le and are identical is another name for the original le. The inode number for will be different. It is a seperate le that contains information about the location of the le it is a link to
(e) After you created the hard link the original le had two names and . You have removed but until all names for a le have been removed it is still accessible. In this case you can do to see the contents of the le (f) This should fail with a message. contained a pointer to the le not the inode number. There is no longer a le named so this cannot work. Hard links reference a le by its inode number, symbolic links reference it by its name (g) This is not allowed, as it could stop the lesystem being strictly hierarchical 2. Creating Filesystems and Formatting (a) These are typical solutions, but there are others: i. ii. iii.
(b) The lename should be shortened to 8 chars, without warning . . . could be tricky! (c) Yes, you can mount a oppy drive on Linux with a CD-ROM format. Indeed, you can actually mount an ISO9660 formatted disk image (i.e. a single le) of an entire Linux directory tree. Trust me, it isnt as daft as it sounds!
(e) Use a command something like this: 3. Checking and Repairing Filesystems (a) should yield:
(b)
Assuming that your oppy is actually OK, you will hardly get any feedback on stdout
! | A 7 m5 | 2B8 6 6 A @98 7 6 6 ! " 0 ( n )& ||
i. ii. Add a DOS fs to a low-level formatted disk
i. ii.
!442 1! 53
(d) Something like this:
B B
BH
is inode
B B BH s B

@ 0)'&$%H"#!| !| n H s H P ( P ! | P
B B ! B BH Bs B@ HH B
P |PRt B|s
E 9 IA ! b
y x Uqp B w P R B|s
! | n |s
4. Creating, Modifying and Deleting Partitions
|
You probably cant do these oppy-based questions on old versions of
(a) Use
(b) Use the
! W | ! |s X 6 A R 7 P VEF Hl S Q H E 4 7 6 1 2 IA FD2 HH|q7 ||CG tE A s U E A R 7 P 9TF Hl S Q H | 1 E 2 IA FD2 HH|q7 ||CG tE 4 A 7 s 6 |

ii. i. interactive command followed by the followed by the followed by the
(e) Your screen should look something like this:
E 2 IA 34 b ! 34 B y 9 2 7 A 4 2 7 |S A ) @p7 5 B |C EA FD 7 || |C p ! B !9 2 34 U 9 ! v r u 2)2 v r !4 t 2s |f2 H ! ` h ! cFb |q6 2S9p 2iFgb U us a E !| f!e `d 9 EA YFD 7 | |C 9 ! H S d 9 ! 34 H v# v#s v B|R 2 7 S 2 34 H d E IA 2 E 9 734 7 6 | 34 c Ib A ! H B y 2 4 2 H|q G A 4 2 7 |S B |P |C EA FD 7 || |C E 7 cIA H6 | F4E D2A Hq| 7 | |CG 6 ! B !9 2 34 U 9 ! v r u 2)2v r !4 t 2s |f2 H ! ` ! 9cFb |6q 2S9p 2hibFgU us a E !| f!e `d EA YFD 7 | |C
interactive command
(d)
(c) Use the
interactive command twice, followed by:
interactive command
interactive command
Uy qp w 6 U p g B !9 2g Uy x qp B w 6 2 U p p ! B ! !g 2 34 ! B Bx|Pt p 2 !9 2 34 P R 9 ! v U r B|s u 2)2 v r !4 t 2s |f2 H ! ` h ! cFb |q6 2S9p 2iFgb U us a E !| f!e `d 9 EA YFD 7 | |C AUy x 7 6 qp wg B C 6 E A R 7 P VF Hl Q 1 g cE tAI FgE DA 2 H7 6 Hq| 7 || | CG AUy x 7 6 qp wp B C 6 E A R 7 P VF Hl Q 1 p cE tAI FgE DA 2 H7 6 Hq| 7 || | CG g B P R UU9 ppU !! g9 2g P | R 9 2 U p ! B ! 2 34 ! B ||Pt p 2 !9 2 34 P R 9 ! v U r B|s u 2)2 v r !4 t 2s |f2 H ! ` h ! cFb |q6 2S9p 2iFgb U us a E !| f!e `d 9 EA YFD 7 | |C 9 S E 9 IA ! b ! 2 @gH v# v#s! v B|Rd 9 7 H g S E g IA 2 b 2 ! 2 H@g B yd 9 7 A 4 2 7 |S A ) @p7 5 B |C EA FD 7 || |C g E 9 9 ! IA ! b ! 34 H v# v#s v B|R 2 7 S 2 34 H d
More on the Filesystem 161
Module 7
Shared File Systems

Objectives After completing this chapter you should be able to: Understand basic remote le and print sharing Appreciate the pros and cons of Samba and NFS Install Samba and NFS servers Congure basic Samba and NFS services Access remote resources using SMB and NFS
162
Shared File Systems
163
7.1
NFS (Network File System) NFS developed by Sun Microsystems (early 80s) Native method for le sharing between Unix/Linux systems Stateless protocol Means server keeps no state Renders server crashes easily recoverable Should be compatible with all Unix-like systems Best in trusted environment, not highly secure Best where all user/group IDs are same Often used with Network Information Services (NIS) to synchronise user/group IDs
Shared File Systems
164
7.2
NFS Basics . . . continued Systems are clients, servers or both Clients import shared lesystems Servers export shared lesystems Servers easy to implement via network daemons Clients require kernel modications Linux systems normally work as both already NFS is NOT Unix/Linux specic (e.g. PC-NFS)
g l g VYmfTj
v)DV d h g d h h g xj5P|5imYVjrh
g |jh t q e n l r w g uz8T{zyfaxB8v tfh
t sl r q l d g t sl r q l d g l d ujYp#pTfrn ukYp pToTn qmf gihg kYTjrVfTh xBdV

,
7.3
Shared File Systems
After changing
g d e cTou xBdV gihg kYcfrVjrh
|Y TaTYu r r l r r r r l r r |Y TaTYu
sdd qcffl e d qPTdffl noxlmekYTarTrl ~ } j j
gde cTf
For full detail on ags use
or
Important ags:
Exports read-only 1
Example:
Exported le systems listed in format is:
Must be running for NFS export to work
Exporting handled by daemons
Exporting File Systems
(read/write)
(read only)
(specify group ID to map to)
(specify user ID to map to)
to all systems belonging to domain
(map all uid/gid to something)
, restart NFS
and
} g d yV ajVy Tc } r r l g otc3{frn
l g yfVV l g yfVV
or
l g YcfkY f x o z f f o mdcoTn Tcouto l g g d e } n gde}n Tcouto

Viewing exports uses a to handle requests
7.4
Shared File Systems
Check that contains an entry to permit you access, e.g.
This must be running (and you must have access to it) to use
Use showmount:
Shared File Systems
167
7.5
Importing File Systems Mount a remotely exported directory Usually have to be superuser If successful, the export named on host hostname is mounted on your mountpoint Files accessed just as if local Remote host must be exporting the directory You must have access permission Your local mountpoint must exist Exactly like mounting a device
qlmjxYpoxh dln

g h r l r kYuxftYV|rh
Shared File Systems
168
7.6
Samba Implementation of Server Message Block protocol (SMB) Core of Microsofts le and print sharing Now re-invented as CIFS Developed in Australia by Andrew Tridgell et al
High performance competitive with NT Server is purely application code Not part of the OS Can by a client
Requires OS support Client module ( ) not part of Samba
s l w l } } VV{pT9TT}
Info, sources, distributions at
w jd
Shared File Systems
169
7.7
Samba Installation Will vary - may come preinstalled, may come as RPMs or similar
is the name services daemon; mostly t-and-forget is the samba server; listens for connections and then forks one copy per client
Conguration le is
Later versions come with the Samba Web Administration Tool ( ); listens on port 901
d w h g joy|dxkjrh g d r w cfYd
Other tools & utilities exist, e.g.
w |d
w td
Key components are
and
gl } jpo
w d w d
Shared File Systems
170
7.8
Samba Basics Most likely started as daemons in init scripts
Gives poor performance
Exclusively uses TCP/IP. Microsoft clients need to be congured for it they may use NETBEUI Permits: full le sharing, browsing and domain controller services full access to printers extensive customising
gd f
Can be run-on-demand via
, but unlikely
Shared File Systems
171
7.9
Access to Files and Printers Linux and Win/NT access controls dont match Various options can be set Attempts to match logged-on Windows Username to Linux user names and passwords Modern versions use encrypted passwords takes some setting up (see documentation) Has concept of guest users - may map to nobody on Linux
dl jx
d w joy|d
Take a look in your
le and read
d w jozy|d
3 333333 53I3 3I3 3v 5ID I 3 % 33 3 93 3z33 33 53I33533 5I9 ) 5I9 ) 5F 5I9 5I9 F% B 5ID IB %DD 5I9 I I 5I9 F z5I9 I)D )5 %5 %I# )D v 3 IF ) 3 ) I53% )3F 3 F53D I)D 3 3 33 333333 393 3z33 3 3 BIFI ofIB f5D5 Ff 3 )F )fIV kvzI o33f F 33ofDBo3FI3ffD 3 33o3D#D o %I59I 9I 5I I 3 lmw|laxkuj|Vfh h h e a c a
Check installed at from distribution (usually ) if you have problems
3 %
7.10
Shared File Systems
Use
g d r w Tjja|d
May need to provide a password
Testing Samba
(see screen dump below)
I % )F3 )
2 6 6 6 5 F R 7 Ax@ 5 o P 1 @ o X Q @ 2 6 6 6 5 9T 7 A 6 W9 P & @ Q F B @ F X 2 6 6 6 5V6 RTx U5 Q F F 5 o P ' @ 2 8 6 6 95 5 fQ 5 x@ U5 ' @ 5 2 o 6 6 6 5 F 5 7 Tx 5 @ F 2 6 6 6 5 Ax@ 5 5 & @ @ @ 2 6 6 6 5 8 5 Ax S @ @ 6 6 65 R 5 AF 5 6 ' B 8 F Q Q @ P If H 4 GxAx " 4 ' D4 2 F @ E 2 C o @ B B B B B AxxB 4 xA 95 x 4 B B @ 8 7 6 5 6 5 95 8 7 6 5 4 A@ t x I 3
Example:
2 ! # )7 10 ( ' 9 t % # $ " o o '
' & o # ! o o f
7.11
Shared File Systems
Numerous options:
Smbclient
Shared File Systems
174
7.12
Samba conguration File
global directories
printers, if enabled, will export the printers known in Far too much detail to go into here Lots of help in the HOWTO les Usually under , e.g.
Read the man pages Via the web and others
l c a l w l h h e b b pTTV|jtYfh w e d d Y l w l h h e Y|cToY`pTTV|jtYfh
l g d h g fVTfkfTh
d w xfzy
Three sections to
Shared File Systems
175
7.13
Testing Samba
is used before starting Samba to is ok check that reports status of Samba, all connected clients and le share modes Notes on Testing Samba Note that Samba is a server implementation only Cannot be used by Linux to import shared les, only export them Some Linuxes have import facilities too but requires kernel support ( module)
w j
eglgw cfmf|d
d w joy|d
lg YpTfTg lg Ymcoxg eglgw Tfpod
Use
and
Shared File Systems
176
7.14
1. NFS
Exercises
(a) Set up your local host so you can use (c) Set up your host to export
(b) Find other hosts on your network which list exports. (d) Go to some other system and mount the exported
(e) Play with le access on the mountpoint!, e.g. Try accessing les you normally wouldnt have access to, creating les and seeing what the ownership and permissions are on the local copy. 2. Samba (a) Locate the le DIAGNOSIS.txt (b) Read through it, then carefully work through all of its instructions to check your Samba installation. (c) Run the results. (d) Run on your current , pipe the output through
and explain to your neighbour what the results mean.
(e) Set up a share so that your .
directory is exported read-only and test it with
(f) Figure out how to export users home directories and get a colleague to test your work.
| W
to show exported directories.
d e6
56 B56 B
to see
6|H 5Wqe 6 6| W e B v v Ais e #e || H Bf6 e !vh d d d H 96 d B56 6 H 96 d 96 | P PP Pv6 d
is correct , : ,
|
7.15
Shared File Systems
1. NFS
(a) You should ensure that the
A 7 B h H |Pv dB e 6 9 d BB d H ff | Gg B d d | B6 B ed B v 6 H!d v6 d d B B HBH W B 6 |Pt E | W | W

Solutions
a hostname to query, e.g. and
2. Samba
(e) You should add the following to your :
(d) Check the various smb manpages ( output means
(b) You should carry out all the test given to reach a working samba system
(e) -
(d) -
(b) You can give
(a) The le should be in
(c) Check that your
(c) You should add the following to
services are running before using
, and restart samba with
to see what the
U d !! x E 2 6 ! g 2 E ! U 8x y w 9 x 9 d !! U E 2 6 g99U ! pE 4 p 8x 6y w p BvP DyR BBR !! x 4 ! g 2 E 4 E 52 g 2 y w ! ` !! x 22 6 ! g ! E 4 E 8x 6y w ! 9 5 ` ` d !! ! p 2 E v E 8x y w ! !2 1` 6 ddd !! g ! UE v E 58x y w %x U 2 1 42 6 2 !! U EU E ! p 2 v 6 ! y 1` ` !! ! E E ! 4 9 4 p 2 9 S g! | ` !! E E ! U 2 p g 2 v p 1 H d d !! 4 E p ! 4 E 4 U 2 2 9 p 2 1 2 !v5 W d !! 4 2 E 2 ! ! E 2 9 {4 p9U 1 d d !! ! x E v EU 5{4 e 42 9 1 H v|6| r | E | dd !! E 2 ! 2 p 4 E 2 v v U 2 1 6 ig d e s i Ad ! 6 |s h |xP d h i d uGx h e ` e s G y w t v E | W p p p e ! dpdpdp H d ! g 2 2 5xU 2 d u2B2 Hq 6 | p p d 9 d x e p 6 p ! d 9 rg d x e trsrp G d e6
, and
178
Shared File Systems
(f) You should ensure that the homes share is uncommented in restart samba if necessary. You can test this by using:
Module 8
Firewalling and Network Security

Objectives After completing this module you should be able to understand and utilise: Firewalling and Network Security principles Controlling access to daemons
Network/routing debugging procedures Interface conguration under Linux
NB: this is only an introduction. An in-depth treatment would take days.
179
n or
n oT
The secure shell (
dln m
,
Basic rewalling with
, and
180
8.1
Concepts Three important concepts: Controlling network trafc into / through your system (packet ltering) Controlling access to services / daemons
g dr fog
Avoid insecure services like with etc.
; replace
n or
181
8.2
What is Packet Filtering? Checks packet headers before acting on them Can ignore, reject or accept packets Makes decision based on source, destination, or packet type Or a combination
Older kernels used
2.4 kernel now uses early to trust
More detailed treatment later
xxjmc r wl g lxVj } dln m
Set up using
under kernel 2.2
- possibly a bit
182
8.3
Controlling Access to Daemons Access control for run-on-demand daemons done with
Flaw in
Best to drop the packets as soon as possible So use packet ltering too
gd j d g d h g xfjkfrh d g n h g Tjx5{frjkfrh } r l g n h g otcr3{frjkfrh gd f
would still let things through
183
OK if you trust your network TCP Wrappers invented to x this Standard with most installations
not itself insecure
Insecurity springs from how you use it Wrappers now integral with
gd fPi
gd f
the wrapper sits between server daemon
gd f
Raw
applies no access controls
ghd whe fpPoT|Vfh
8.4
TCP Wrappers (
and the
gd f
B S xF 5 xB
6 5
@ xA @ xA @ xA
8 7 6 95 x 5 9 H 8 7 6 95 x 5 ' 8 975 x 5 6 F H } r r l g n h g rT|38oTfVjrh
8.5
Uses
cc Qcc d g n h g Tjx5{frjkfrh } r r l g dl rT8orn fx } r r l g nh g tc8frfkfTh Tjx8frfkfTh d g n h g

TCP Wrapper Validation & :
Can base permissions on full/partial domains or addresses
Selectively enable trusted hosts in
Denies all services to everyone
Example
Well-documented, see
185
8.6
Introduction to Packet Filtering Allows you to protect your machine As well as machines behind them Checks packet headers before acting on them Can ignore, reject or accept packets Makes decision based on source, destination, or packet type Or a combination
2.4 kernel now uses early to trust
rwlg TtxfpT l} tpYx
Older kernels used
dln m
Set up using
under kernel 2.2 - possibly too
186
8.7
Basic Packet Filtering Two main considerations Port Filtering Host Filtering Block services you dont need Limit services you do need to specic machines/networks
187
All the ltering is done in the kernel
All packets entering and leaving are examined 1
Including loopback trafc which conceptually leaves the machine

dln m dln p
Not by
just sets up/modies the rules
dln p
Packet ltering set up using
dln p
8.8
188
Every packet goes through one or more chains A chain is a set of rules Rules can accept, reject, or deny a packet Can also send it to another chain Three default chains, input, output, forward If a packet passes through a default chain without matching: Fate is determined by the chains selected policy Can be Accept, deny, or reject If it reaches the end of a user dened chain Carries on where it left off
dln p
8.9
Details
189
IN
Checksum
Sanity
demasquerade?
If installed, see more detail
forward is for packets routed to other hosts Not covered here
r g n tT kT #mkuj|Vfh h d l n h h e
dln p
DENY
8.10
schematic
ACCEPT/ REDIRECT Input Chain Routing Decision
DENY loopback interface OUT ACCEPT
DENY/ REJECT
local process
Output Chain
Forward Chain
DENY/ REJECT
DENY/ REJECT
for much
190
Dealing with chains :
Dealing with rules : Append a rule to a chain Delete a single rule from a chain Insert a rule at some point in a chain
dln p

8.11
Options
Create a new chain Delete an empty chain Change the policy for a chain List the rules in a chain Flush (delete) all rules from a chain
191
8.12
Options For Rules
Use the following to specify packets to match Source address Destination address Protocol ( , , Jump to chain/action Source Port Destination Port
|` c| T
g kYkT g kYoT d 7xe
q R

8.13
In most cases default chains will be sufcient To block all requests to our machine:
| |s|b B 6 d v||2 Af!!2 d ! db | u e b g d d W 2 cF 4 f B 6 d E aE q p E d |d 7 d E 6 gkIA x 2 d ! 9g 2 9 x 2 { B@d 6 d 2 twu G vXB | |W E W |||| Avt B I)A vG t C C 7 n ` H C vtt ` D B v | ! ! d ! d ! d !# !s 5 l g X nR s 5 l scd vXB | |BW EI)AvWt C C ||||n Avt ` G H C 7 v tt ` gD B v | ! ! d ! d ! d ! s 5 l X R s 5 l s d
- Examples packets:
dln p
Very simple examples but they show the principle
To block outgoing
193
8.14
Removing Rules
Rules can be removed by number, e.g. to delete the rst rule in the input chain: or denition, e.g. delete the rst matching rule: To clear an entire chain use:
i b 5
If no
h g 3 %bFFI z FD33 )ooo D3D9 zI
2 !z
qmTp lddln z 1
is given, it clears all chains
194
8.15
Implementing ipchains
The rules are normally set up in the machines init scripts
Example in section 16.19 Ensure you ush existing rules rst (just in case):
Generally start with the DENY rules then add what you want Maximum security
g d 5
Typically by creating a script in just before networking starts
that is run

dln m
r e h g TtxkDykfTh
q
8.16
Can reinitialise your rewalling with and your cong le, e.g.
jVfTjoum g d l n gdln xYfTxfup
m g e g e s d Y pTcTTfVl ckl oTYxjV9l ckl m l } s d Y m g e d s d Y mncTT)l ckl e h TtrxV)yVgfTh j TRum Y l d l n xgcflp} ef Tl TtrxV crxoxf Tcf d e r l} eg Yldln aup
Usually done in a startup script
Often useful to create a rewalling cong le
Save and restore
outputs a text le you can store
y xy
) II ) x { e5IF Bz 5I { y y oFDI 5 x z 5IF x { { GI g 33) 5D #Fgg 3)3 93D #Fgg #Fg 3)3 93 u #Fgg g u #Fg { AjFI) II 3 F) { } Iz x { { GI I)) #Fx)IFzIF#Fg g g ~ g {GjF5I) 5III F) } I { 5 { { # |%I ) gg I)) #Fx)wi y yz u F 3H3 5F5 I vjIz!t I)) r jF5I) 5III3z99D z9 r g s Bg krr
8.17 A sample script may look like:
dln p
setup script
197
Connect out to a host but not in

i b
No-one can open a connection from Can still connect to it from here . . .
a b
)F )ffDo3 933 zI g
limits matching to packets with the SYN bit set
Used when establishing connections
dln p
8.18
Real World
198
determines:
Which hosts are up on a network What services each host offers
Multiple scanning modes for different protocols Supports performance and reliability features: Flexible target and port specication You will probably have to download it or install it Examples:

Refer to detailed documentation (later) for explanations
l jxtd
8.19
Port Scanning with
a b
ha tcx
a x
t R t
jxd l l jxd
l fd
199
Dynamic delay time calculations Packet timeout and re-transmission Parallel port scanning Detection of down hosts via parallel pings.
l fxtd
8.20
Performance and Reliability Features
200
Decoy scanning Determination of TCP sequence predictability characteristics Output to machine parseable or human readable log les.
l fxtd
8.21
Target and Port Specication
201
Should be run as root whenever possible Not setUID Some ordinary user functionality Lists key ports on scanned machine(s) Always gives the ports : "Well known" service name Number State Protocol
l jxtd
8.22
Running
202
8.23
Reporting the State of Ports
State is either: 1. Open Will accept() connections 2. Filtered A rewall/lter, or other network obstacle is covering the port, preventing nmap from determining whether it is open 3. Unltered Known to be closed, with no rewall/lter interference detected The normal case
203
OS in use TCP sequencability
Usernames running programs bound to ports DNS name Whether host is a smurf address 2
A smurf attack is a denial-of-service attack where the attacker sends ping requests to the broadcast address, having faked the source address of the victim. The victim receives a deluge of ping reply packets. This can be amplied across subnets if skill is used.
l fxtd
Depending on options,
may also report:
l fd
8.24
Reporting Other Details with
204
8.25
Scanning Modes: Vanilla TCP & SYN
Vanilla TCP connect() scanning (-t) Fast No privileges needed Easily detectable & lterable TCP SYN (half open) scanning (-s) SYN|ACK conrms listening port, RST sent to end connection Less detectable (few sites log it) Needs root
205
8.26
Scanning Modes: IP Fragments & Reverse ident
SYN/FIN scanning using IP fragments (-f) Splits TCP header over several packets Wont beat systems that queue IP fragment (e.g. Linuxs CONFIG_IP_ALWAYS_DEFRAG option), but lots cant afford its performance hit N.B. Has been known to segmentation fault sniffers! Reverse-ident scanning (-i) Exploits ident protocol (reveals username of process connected by TCP), e.g. to nd servers running as root Needs full TCP connection to target port (-t)
206
8.27
Scanning Modes: TCP ftp proxy
TCP ftp proxy (bounce attack) scanning Uses an ftp proxy to send les to a 3rd server Can be used to post virtually untraceable mail/news, provoke buffer overlows, ll up disks, etc Proxy can scan ports from inside its rewall then send arbitrary data to open ones Hard to trace Can bypass rewalls Slow Useless against FTP servers which disable the proxy "feature"
207
8.28
Scanning Modes: UDP raw ICMP port unreachable
More difcult than TCP scanning, because ports dont send acknowledgements to probes Most closed ports do, however, send ICMP_PORT_UNREACH Revealing which are open by exclusion Needs re-transmission of lost packets Because neither UDP packets nor ICMP errors are guaranteed to arrive Need conrmed closure to avoid false positives Slow because RFC1812 suggests limits to ICMP error message rates
208
ICMP scanning (ping-sweep) TCP FIN, Xmas, or NULL (stealth) scanning TCP ACK and Window scanning TCP Ping scanning Direct (non portmapper) RPC scanning Remote OS Identication by TCP/IP Fingerprinting, and
l fd
8.29
Some other
Scanning Modes
) '
h l d h s e d } } } h h g g mjxjYV9 xur#cTfT3TcTn
r g n s l d l ~ l d h l d h s e d } } } h h g g c{jpTfpfxtfpfxtfmVV{jut#TcoTycTTn l dl jxd jx
8.30
Background info on how nmap uses TCP/IP ngerprinting for remote OS detection:
The home page
The manual page
Most complete and up-to-date source An online HTML version:
Documentation
l fxtd
ART)DART)G)GTRDT)GTDxG DADGTsGDRGDGD RTRGeDxDT)DwbRTDRGADeDt TDTDRRDDeTDDeRRDDeDRGD T)RRRTRRRRRDRRReeDDRbRDD RRsxbG)T)RTRAeRRDDG GDRRTTRAD)GRDRGeDDT DTGDARGeRTGDRDG)R)DT DG)TDADeTTsDTDDR)DR)DG)RD TsDTeDAADT)AbG)DTRA))TTD)RGR TTTAsADT)GDAsGRTDxAsDD DsAGbGDA)ReT)RRsxbTDRRRTA DTDDG)TG)DRDeDTRwxR ADGTTeDGGDeD#RGT TeTsDTDeTDT)DGDR)TDGR RwRG)DxRAR)eReDDTA)DD RDxRGT)DDeTRDDA)DDRDTDDeDG RTGD)RTGTDAeDGRDT)RDDeReR DsT)RGsGDDA)DR)DDDD)D bDsGADRAe DTDRTRRDR)TTReRRRRDTs TTTTAw)TTRDRTsDD)TGA)DT RT)t)|#DRA))G)RDADADG TAeTRDG)TDeReTTT)GR)T ARDT DDRRAR GGGTDxDRTDDRRTD GTetDRTRDRRTAGGAteDRT sDDTAGttRGeTGAARsDAT TGeDDDbDbbT|uTGbR RDRRG)RTD)AbbRDxTRT RDReDsTRTGARAsRAsTRTTeADeTDRDs TRDARDRT)eTT#TDTG)AsTD)DR RD)DRDGsDGTRRR)DTD TDRR DRTR)DDTDeDeRTTTT DGsRADDDRt)GDsD)DDD)GsTGDRRTD t))RDsRDTRATTDGRbRx DeAGRRT)DRGDTRRReDD TRGTTtR DDD)G)AbDAR)DDT)TtR DeTGDGGebDRxGeRRTTtR DeTRTDDDAG)bTDTDsA)DDDR RRRRRRR RARkxDG bRDsDARTTsDTxAR G#DRADRbAsTR#RRDtsGDRDtR!sD bbDeDbRR bD#DRADRbAsTR#RRDtssD
8.31
Basic
l jxd
Howto
ATTGTRDRxsRAD)TDTwD)A TRRRDTDTTDsATDTDTADTTDTDD DDDeDARTtGDTRRTATR !RGDD RG))DDRARG)RbDD)uDTbG GDDRGeRAeRTTDARTDDeD)D RGDDDeDD)ATGDDR)DsGTDT TDDeDGGeRD)bRRTDRw#DDR DD)RRDRTRDDeR)DATAssADRRTeT RDDsADDTDTGG#DAReRA)ReR RATGADRkxDxTDTsADsD xRGTRDeTTRDTbGRRRRD DDRRTRDeDtATDsADDDDTRTT TRR)D)sDTR)G)DRT|bGeTeDDR DGRGRDTDDRRR)TDDeTD)sDTeDt D)TTTTTTDAGToTDT)TD AG)RDTTTDRT)DTRTxG RRTGeDR)DG)AsDRTDAs)DRAGDsGRR ReRTxxReAeADRDtkAD bRRTDsDTRATGGDeADReG xRTRDTG|DGDRD)DDs TR)DRDTDDART)AR)GeTGGRTD T)RTDRARTDRRtRDRRDRTRRT xDT)RTeGT)bDD)ATRDGeDDR)R TTTRDRTTDTRxDARTbTDTDDeDsT R)TADRAGeTT)DReTDsTDDTTAT DRRTeDTsDTARTeexTR!DR)T DbTsDT)DGDDADDA)TGRTR RR)RDTGARADGTeTeRTA bDTeDeD)DD)DTTDR DwbGRRRTuG)bDTR)GR)T RARD ADGDGDDRDDeRT DDA)T DeDeRTDTbG%DADADAeRDTDG GTGeDTbGDRAR)ADA)D TTDAeDxDDDRDTDATDsAGT DGTTGGR)RDTeADRRDsADbTRT TRRD)TDAsxsRTD)RTt TDRDRRtGDDDDDAeDTGDARADD xDR GTTReTeRDAGT)RDDGDTD T)GGeDx)ADTAsDARDxR)GeDeDT DDT)RARTDDeAGGDTsADARTDT bRsA)TTDRTARATRGDDD)RD ATDsTDDRGxDR)GTDT)RRRRGDs RRRTDGRDDeGGDTGDADsA ATDsTDDRGDRTRDReDTDTTTTe xRTTeATGTRRAGsD AeTGTkDRDeDDDRDRTReG)T
GxTDDAGTGRTRxA)RTRTDDTRA DDADRwxTRTDxADsDRR)TGGeT bG)RDDTDDRGReAD#TDeTA DA
GRTGRRDRRR GRRDReeDD A)TRRTTD)ADRTGDs R GDADGDDeRRAGRDDRDTT

DeTTDTATDRkbRTDeTRR)RA TTDRR)DRGDR)DRDRR !xRDx TsR)DRAD)D)ADR)RAD)AT)TeD TeDRDTRDGDTGDAADDRtRTAD)RDs TADRRDTDD)xTxDDADR TDTDeATRDTGATsADsuTDRTAT DwbTRTDTATsxRRD)DGDeATD GRRDRRDsARD)RTxTRTAs DtTsRDAD)DTAsDADRsRDTDTT)A R)TT AD)ADRRDATDDRDT #DDsA TRR)DDA)TGDADDRTGDDDDDDTDD RTTeATTDRDDADGT)D#DT DTAsDATRDDDe)RbTDGTTTxD TGDDxGDRDeDDReTTDDeG TDD)RTTTRRG)TRDDDTDD GR)D)RTTT)AGDDDDTDRA )ReDRTRDDRDDGDRATDDTDR D)TRGADD)DDGDTDR TDDDRRTRT)DR)DRRDRTeRRD TDDDTD TRRGRTeTeDTsADAADR AT)G #TADDD)TbDGDD)|xDRR RGAeTDADeDTDTDD)RDsGRGDs TADeDRDT uGDRGbDTGRDDDAT RRRRRDRAGsDDGDDRDARDT DDbRDDR xGTRARReAt)TT TGD)GAwAGDTRGAT)GA DDARRTDADRRD TTRDADT G)TDG DTDRxGTTRDDRbGDRR)RRGDs AGDRAD)RG)TDDDTRART GTDRTDRGGGDTTG TRTTRT)R)GDDADGARRTRGR ARRTGDDDDDDGTG)RRT)TDD TADDGDDADDTeRsexDA xRDRDGDeGT)TeRD AReTDDTDD TDRRRDeRDTeRATTATDDRDs RRDRDGTGDTRTD)ReTDR)T D)TRseARTDT)xDTAuDRDTRDDRT DGRTAoRDRRDTDAR)DDTRR TRADRDRkxTxDRT)D))RDARGD)TDRT ATeDbTRRDDGRGDGDDDRD
DR #DDsADD bAsGR#RRDtRDsTxT)R RA)RR)DDsADDeDRADsTRD TRGexR RGAG GsDRTGRT)xDR DDsADD bAsGRRRt ADRDtR RDRTRTTRDGDTDsTGs DGTD)TDTDGDRGeDRTDeD xRDDGRTDDDTDRtRDDe%GD)DDG DT bToDGTDDDDeATeRDD TGDDksRGRDRRATDRR)DRRGDD )RDDDADGTDTsADAADTAsAATRA RG)DG)AD)TTGR)GRR|!sRTT RARDGTTRD)TReATR)TTTReRDA uTDDAsAGAT )GxbTDeRDsDT)sG)T TDDDR)GDeDDR|#TDReGxsGDR ATRTDDeRRTDwuGG)R)D)RDeR ATG)RDDAReTTRT)RTeTDRDA TRRRe
214
For fuller description see "System Daemons" module
Older programs send passwords in plain text; disastrously easy to sniff
Can also encrypt trafc over arbitary ports Enables secure POP for example Very secure if set up correctly is the server part clients
n oT
Answers requests from
g dr n jog o
nhhn oTTm|xmoT
is a secure replacement for , etc.
8.32
n fr
n fr
215
Has various authentication methods
However it does ensure all trafc is encrypted Stops people snifng your password When you connect the server sends two things The hosts public key The servers public key Used as the basis for authentication challenges and encryption of the session
n } } }h h g g dorcToc3TTcn
Lots of documentation:
n o
Some not much better than
n oT
8.33
principles
, etc
216
Will even support remote use of X clients (inserts a proxy) Failure to use it is a severe mistake Clients are available for various host OS types Once set up is very easy and simple Examples:
TVtjYr R rdl Yl g g ciTBetrx|axauxYg j7 | l h g s w rdl w r n TVrujYr f7 Y or
g dr f|g
Should be used in preference to
n fr
etc.
8.34
Use of
217
8.35
1.
Exercises
2.
5
i. ii. iii. iv. v.
(a) Use ipchains to set up the following congurations. In each case you should rst set up the system by hand, check it. Then set it up so that the rewall rules are in place when the machine reboots. Block all incoming ICMP packets Block only incoming ICMP echo-request packets Block all incoming telnet connections Block all telnet connections Block all outgoing web requests (Port 80)
(a) Use nmap to scan another host in your training room using the following scanning modes one after another i. ii. iii. iv. v. vi. vii. viii. ix. x. xi. xii. Vanilla TCP TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning SYN/FIN scanning using IP fragments (bypasses some packet lters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep) TCP Ping scanning Direct (non portmapper) RPC scanning Remote OS Identication by TCP/IP Fingerprinting Reverse-ident scanning.
N.B. You may have to use the nmap man page to look up appropriate options for some of these scanning modes. (b) Arrange so that each member of your group tries to decoy scan every other machine in the group. Try to detect which of your colleagues lies behind each of the decoy addresses used against your machine.
8.36
1. (a) The following are the list of rules needed to satisfy each situation. You should ush the chains before each one ( ).
v g WWW At ` D S| | ! # n n 5 ! 5 tvt ` Dg AvBt s|Dg |H !q |#! |n! } n 5 ` ! l g D | | U d g x d 9 d tv5 t ` vtt ` R H s| 2 |2 2 ! d ! d 2 ! d v 22 mvn5 5 g H mvn55 5 v tt g X ` DnB v t | 5 5 v t D g y q 5 `
Solutions
i. ii. iii.
iv.
v.
Module 9
Job Control Tools

Objectives At the end of this section, you should be able to understand and use these facilities: Sending signals (inc termination) to processes Change the priority given to running jobs Run processes after detachment or logout Run programs at specied times Run programs when the system is lightly loaded Run programs at regularly specied times
219
Job Control Tools
220
9.1
Introduction The tools discussed in this section have the following uses: send signals to a process change scheduling priority run a job independently run a task at a specied time operate a job queue run a task on a regular basis
d of njmw gl g fl cTfd e n RTd r r TYu
s ftr
s YYl
s YYl
c jtucYT s r j dl jxr
Better Still
j fTxj| ocTkcV txrT q d d g e r w rtr cf dr g xjl d q sd ng rw } c s s dl YYl YYl jxr

j YjYr g gl dflrd Taxf fl cojo g d geg YYl YYl jxr s s dl q q
9.2
Job Control Tools
Background Job
Normal Shell Operation
Background Jobs
Job Control Tools
222
Sends signals to processes, e.g. termination Syntax:
Built-in to
signal may be either signal number or name. e.g.

c
N.B. this is a lower case L, would send the signal to all processes you own!

Process ID can be specied as either: Job number, e.g. can be used to forcibly kill a process
PID (listed by
r r cV
n l fTmw ~ rlds qarxRuju mT
gives a list of signal names/numbers

j
k TYu r r r r cV
|a rTYu r r r TYu
r r r V TYu
r r TV r r TYu
9.3
Job Control Tools
223
Changes the priority of a command
Syntax:
A user may lower a commands priority, by increasing its number Here is an example

j
Note that this increases the
Only the super-user may increase the priority of a job, by decreasing the number:
Legit
RTd Tf9 RaPf fxw RTd g e dj w s a
drdl d g Vxfr oRPTf RTd
numbers range from -20 to 20
RTd
w ~ g dl g fxpTjmkY|
aPd
RaPd
a
9.4
The
Command
RaPd T RTd
RTd
number
Job Control Tools
224
keeps a command running after detatchment or logout Usually, a detached job should be allowed to nish, even if the top level shell terminates is the mechanism to achieve this
Typing:

means that:
stdout and stderr are both appended to the le Thus, a job can continue, even after logout
e n Tcod
9.5
Hang Up (
w s e n oxPw cTfd
g e e n Tf9ycTfd
e n cTfd e n cTfd
! $ d ! @(& %7s# 6t6 s" d7ttX)
9.6
Job Control Tools
Execute programs at specied times (
g fl
Commands are executed in the current environment at the given time
' F @ TxB U' V F ' V 5 ' V Q ' V V 5 A 8 @ @ @ V 5B 5 5
Some more a examples of how to specify time and date:
2 & $ ' E ' X @@ 9 X F d g o
Syntax:
executes a shell script at a time you specify
is scanned for commands to execute, e.g.
and
g Taxf
are sent as mail
g e g Tfjo
X X X X X X X X X X
g fl
g fl
Job Control Tools
226
belongs to a family of utilities for managing time-specied commands
All of these individual commands can be run as options:

I H7 GHEFDBCA7 @ 1 7 9 47 8 "7 6 5
Option Purpose Display list of queued commands Remove queued commands Schedule jobs at low CPU loading Specify script le in command-line Send mail after running , whatever the or
6 5
UNIX NOTE: On System V, two les control the use of

xs 6 W q p a g W e d c W a Y X q yti5 `rih`fb`W w p c 5s 6 W q p a g W e d c W a Y X %vvc uti5 `rih`fb`W
) 0(
Command
Purpose Display list of queued commands Remove queued commands Schedule jobs at low CPU loading
g fl
9.7
Options and commands related to
) 0(
U U T ) V&9 4P
) 0(
) 0(
) 0R9 4P S Q )
3 2 ) 40(
X X
g fl
1
Q @ 7 Q 2 rr4RU r0( @ ( C8 %f0( @ t T 2 u u VVu VfS @ @ 8 8 Q T 2 Cf%s An ) 0&f8 Rt 1 t 3 Q Iu Q w48 V) 0iv0RU w0r0Vrv0RU 8 } T T |u Q w 8 9u Q 4" ( {v0RU w 8 U S u Q 0f0Q 3 v0RU
t 1 ) 4P | | VV|
2R") t 2 2R") t 2 2R") t 2 2 t 2 R")
P ( rt "2 Q t P 0( @ t 1 8 C8 U S o o o m m qpAn Prt 8 "2 C8 t U P S ) VRU ( Q t Q Q o o o m pqqm Q 0RU 2 0( @ ( V7 "VAn t Vm t An 8 w t) VR7 Q Q U n pqHAAH4n m o o n n x n m 8 I U Q " ( ~&@ n ) 0&f8 2 Vr%s & T 8 8 Q t P T r) U ( ir"U ) VRU q~n zy s 7 S Q Q o o y x t P T r) U ( ir"U ) VRU po zVx s 7 S Q Q m o y x t P T r) U ( ir"U ) VRU qpo zVm s 7 S Q Q o o y x t P T r) U ( ir"U ) VRU qppm s 7 S Q Q o o o o n ljiged hkfhf
( Q %) 0U 2
) 0R9 0P S Q )
`rFd 6 ru Y q p p
F%5 q a `X R Y X %5 q b c d x g q p a
5 q p a e `6 rhg 5 q p a e `6 rhg
5 q p a e 6 rhg
5 q p a e 6 rig
9.8
Job Control Tools
Command
Options, etc:
2 syntax formats:
lets you submit job lists at regular times daemon using the
Running commands regularly (
Purpose Install contents of myle ( if no le specied) in appropriate directory Remove the crontab for the current user List (on ) current users . (might be useful for editing a cron table) Delete your crontab le Run a text editor on your crontab le
) Ar9 4P
G D ( Q HE B %1 %) 0U 2
Examples of Crontab Entries
Table 9.1:
usage
( T&7 %) Q 2 1 0U ( Q 9 47 1 %) 0U 2 ( 8"7 %) Q 2 1 0U ( Q U 47 1 %) 0U 2
Job Control Tools
228
9.9
Summary
In this section we have examined: Detached jobs Altering Process Priorities ( Postponing Jobs ( Batch Processing Regularly Scheduled Jobs (
5 q p a e 6 ig 6 i5 vq g d
Job Control Tools
229
9.10
Job Control Exercises

in your home directory:
As you can probably tell this doesnt do anything useful apart from continually doing nothing! Run this process in the background and check its nice level by using should see something like the following:
The process is running at its default nice level of 0, try running the process with a lower scheduling priority, i.e. a higher nice value. Check that the nice level has changed using (As above.) 2. What happens if you try to higher the priority, ie by lowering the nice value. Why? 3. Start a shell and start the process alltrue in the background like above. Find out its process ID (The column in a ). You can kill this process by doing a . Now start the process using , and try and kill it. Also note its nice level. to run in 5 minutes time that will echo some text to a le. 4. Schedule a job using When 5 minutes has passed used to check that the le was created. 5. Repeat exercise 4 but using
and
y
dihfj y4yj k {k{ hk{ff{yyy yu ff
di hfj
1. Create the following shell-script called
lhjkifgek d ged hk
e g
i {j
g khe e ee e e g k l y f{
, you
Job Control Tools
230
9.11
1.
Job Control Solutions
3. 4.
where myle contains:
where hh mm is the hour and minutes that you want the job to run at, dd is the day of the month and MM is the month.
h h {k g ge d
2. Only the root user is allowed to raise the priority of a process. Trying to give a process a negative nice value (high priority) will give you a error message.
yy{ye ljiged h hkfk i yye {j ig eg i kfv {j
Module 10
Overview
Objectives Having completed this module, you will have an overview of a Linux system, including its: Underlying philosophy System layering - kernel vs. applications Core services Multiuser and timesharing facilities File System Network Services Desktop and X windowing system
231
Overview
232
10.1
Generic Features of Unix
Component-based systems Very popular with technically skilled Not solution oriented Building blocks not the building Highly network-aware Robust, powerful, reliable
Overview
233
10.2
Linux The Kernel of a System

S U T R 7 S96QP
Figure 10.1: kernel-layering
What is called Linux is actually a collection of components from many sources freely copiable, under open source licences Linux is, strictly, just the kernel which provides: A common interface between user process and hardware Minimal functions to user applications, i.e. system calls Scheduling
HHk
X a c C X Y WV
98$ 7
1 3 6 5 42 1 ) 0 (
Xa cb`
& $ " '%#!
C G E CC @ IIHFDBA

Overview
234
10.3
Fundamental Characteristics of Linux
Multi-tasking Multi-user access Multi-processor Architecture independence POSIX 1003.1 plus basic System V and BSD Protected memory mode Multiple lesystem types Comprehensive networking (TCP/IP and others) Multiple executable formats (MS-DOS, iBCS UNIX, SCO, etc)
Overview
235
10.4
Multiuser Multitasking and Time-sharing
Designed as a multi-user system Each users shells, apps and commands are separate processes Number of simultaneous users limited only by: CPU speed and available memory Min. response times required by users/apps Multi-tasking: Many jobs can be under way at the same time Jobs truly simultaneous on multi-cpu Time-sharing: A single cpu is shared by all processes Processes exec briey, passing cpu to others Process switches occur in miliseconds or less Kernel gives process a sense of total control
Overview
236
10.5
Protected memory mode
Uses the processors protection mechanisms Prevent access to memory already allocated to kernel or other processes Bad programs cant crash the system Theoretically
Overview
237
10.6
Multiple Filesystem Types
Native FS is ext2 (Second Extended File System) File names up to 255 chars More secure than conventional UNIX Others include: MS-DOS (FAT16), VFAT, FAT32 ISO9660 (CD-ROM) HPFS (OS/2) NTFS (Windows NT) UPS, SysV and other proprietory UNIX NFS (Unix network le system) SMB / CIFS (MS Windows le sharing)
Overview
238
10.7
The Many Faces of a GNU/Linux System
The user may see up to ve aspects of Linux: the lesystem processes the shell the X windowing system Inter-Process Communication (IPC) The system is very highly congurable Different users may experience totally different views of the same system Multiple simultaneous users are normal Linux is designed from the ground up as a multi-user system, NOT a personal system
Overview
239
10.8
The Filesystem
The lesystem contains all data in the system A name in the lesystem can refer to: a data le, which can be: a plain le a directory a device (disk, tape etc.) internal memory OS information (the proc system) Directories are groups of les Grouped in hierarchical trees Files are fully specied with their pathname An original Unix structure; copied by most OSs
Overview
240
10.9
Filenames
Maximum length depends on lesystem type Most allow up to 255 characters Can use almost any character in a lename, but avoid ambiguity by sticking to: (A-Z) Uppercase letters (a-z) Lowercase letters (0-9) Numbers (.) Full-stop (,) Comma (_) Underscore (-) Hyphen Should convey meaningful info about contents Type longer lenames using completion for: Filenames Pathnames Commands
Overview
241
10.10 Filename Extensions and File Types Filenames dont determine other attributes of le, i.e. do not, automatically, cause command interpreters to treat them in a particular way However: Extensions can enable meaningful naming and automatic le manipulation C compilers and some other programs do depend on specic le extensions to carry out particular tasks Common conventions for extensions:
Filename program.c program.o program.sh letter.txt letter.ps letter.ps.gz letter.tgz letter.tar.gz letter.Z Meaning of Extension C programming source le Object code Shell executable Text le of a letter Postscript version of same letter le compressed version of same archive of same compressed by Another, more common, way of naming Same le compressed with outdated
Table 10.1: Common conventions for lename extensions
P T I rP RUfsRAQ 2 e#dg) u o s e #d
( U %)
e fd
utility
Overview
242
10.11 Hidden Filenames Filenames beginning with a full-stop are hidden Typically used: To hide personal conguration les To avoid cluttering dirs with rarely used les Every dir contains 2 special hidden les: . The current directory le .. The parent directory le
Overview
243
10.12 The Shell (
A shell is a program that you interact with

User
Shell
Kernel
Can be any program, but is normally a command interpreter A command interpreter is usually started when you log in (but this is just one way) The standard Linux command interpreter is a 1 shell look-alike called The command line syntax provided by enables manipulation of les & processes
h i h i
The command-line frightens beginners but is the preferred home of the skilled
has more functions than true shells; incorporating most of the innovations added by the and shells. functions and ags differ between implementations of UNIX and Linux. The version of in current Linux releases tends to be the most fully functional shell around.
t s uYr
y x v BSwq
t s r uYBq
y x v BSwq
y cv
t s r uYYq
Y 5 e
Y 5 e
h i
Y 5 e
Fhp q a X
wh de {ki ifhkdf ifhkyd ki h g d i e i e gj i g fyhd g i i j g hhei kki hj e ehyhd yh kj j ig e g i l i d l g g 0 i d e i j ki g {kh i {ki { e jg {yh{h fd g d e i g d k j k{k{fi &{fi d e
Y 5 bg r
10.13 Key Features of the Bash Shell
Overview
Command line editing (
Command completion
Filename completion
Shell scripting
Command aliasing
Command history
and
Tilde directory notation Help function, e.g.
Directory stacking
Key Bindings
Job control
styles)
Overview
245
10.14 Interacting with a Linux Terminal Linux can support any number of terminal types nowadays, monitor/keyboard combinations previously, dumb terminals occasionally, printers (debugging servers) Most will use the console or a windowed terminal, but if not: Linux usually keeps a database of terminal 2 capabilities in If your terminal type is not recorded in , youll have problems running certain programs e.g. The environmental variable tells programs what terminal type you are using
f e FFd
cursor driven apps (
v o w j cm SkYig S4x g n y l g j h y s
AT&T avours of UNIX use mation and Linux can, if necessary.
to store the same infor-
q p Fg
X q d vRc
6 5 g a 6 W g i W p 6
6 5 g a 6 W g W
etc)
Overview
246
10.15 Software Tools: The UNIX Philosophy True UNIX-like systems treat programs as tools Each tool should: Do just one thing well Be generic (untied to specic applications) For new jobs, build new tools (Re-)combine, dont complicate old tools Linux can do this because it has: two simple objects: the le the process simple methods of connecting: processes to les processes to processes
FILE 1 PROCESS
PROCESS
FILE 2
Overview
247
10.16 Tasks/Processes A program is an executable object, stored in a le A process is an executing object, i.e. 3 an instance of a program currently being run Existing processes can fork to create other processes the only way to make new processes A user may run multiple copies of same program Multiple users may run single/multiple copies System tracks ownership and permission
Processes are often called tasks, as in multi-tasking

Overview
248
10.17 Process Communication Processes may need to co-operate by sharing les signalling events direct transfer of data pipelines (data streams) synchronising with each other Linux provides facilities for: signals shared memory pipes, both named and unnamed semaphores and others Processes may use network connections for communication, permitting client-server model Common for shared services like printing
Overview
249
10.18 Re-directing I/O to and from Files Most processes will take input from the keyboard and output to the screen Both input and output streams can be re-directed to/from les Output to a le (creating or overwriting): Appending output to a le:
6
p qp
ls
>
my system
ls
>> ----
p h `dw
6s Y %`6 rY v
p
6 Y ks %`6 `Y v
Y c
Overview
250
10.19 Re-directing I/O to and from Files (continued) Take input from one le, output to another:
x a p b`6 bvY s x v w
p
<
passwd sort
pwd sorted
>
x %vY 5 iW g i W 6 w Y
r
6 bvY a p
Overview
251
10.20 Pipes & Tools Linux tools act as lters: taking data from input streams, modifying it, sending it elsewhere expecting data to come from other tools producing output which any other tool can process, e.g. ASCII text One tools output is connected to anothers input: Indirectly, via a le created by the rst tool Directly, via a pipe or pipeline For example, to page through a reverse-sorted version of your password le on screen:
Y vY c
s
<
sort - r
x %Y 5 iW g W 6 w Y
r
6 bvY a p
password
Overview
252
10.21 Linux as a Programming Environment Hierarchical Filestore Extensive set of powerful tools for software production, admin and support A common system interface only one set of procedures to learn Processes interface with anonymous les programs output to les or devices identically Modular architecture provides for a completely customised OS, e.g. An OS dedicated solely to graphics rendering A general-purpose system on one oppy Flexible user interface allows for uniquely customised programming environments
Overview
253
10.22 Networking Linux is a network operating system. The Internet network protocols (TCP/IP) are implemented in the kernel Although other media are supported (e.g. radio, infra-red), links are usually across: Ethernet Serial Line (Point-to-point) Proprietory le/print serving protocols supported: Appletalk DECNET IPX / Novell Netware SMB / CIFS (MS Windows/NT)
Overview
254
10.23 TCP/IP A suite of Internet-standard protocols and apps for managing data transfers Depicted as a stack hardware and transport control protocols at the bottom user applications (e.g. browsers) at the top Client-server apps provide facilities for: Remote login File transfer Resource sharing (e.g. expensive peripherals) Remote command execution Email (internet/intranet/extranet) Web browsing
Overview
255
10.24 Documentation Copious, but fragmented and/or duplicated

yBkw u e { d x x v t e gj hy d
pages Programmers Manual The classic man pages, rst stop for skilled users, worth learning hypertext browsable texts, often identical or updated versions of man pages ascii/html docs installed with the named program Tutorials on Linux-related topics, available on-line if installed (usually in ) Recently-released programs are usually documented on authorised web sites, many (including older tools) are documented by third-party sites
www
Table 10.2: Sources of Linux Documentation
Linux man pages divided into sections:

1. User Commands 2. System calls 3. 4. 5. 6. 7. Subroutines (inc library routines) Devices (inc network interfaces) File Formats Games Miscellaneous
8. System Administration
The command word searches the description line in man pages. Thus:
U U &T ) fs P %0fs ( Q s Q U
will nd man pages relating to printers, e.g.

3 I Q U T%S0%S d f8rQVrs P U&T ) ArUfs %R8qT V) r@ P T Q T 0QiIT ( 9"CrV%s P &T U T 8 Q Q U P T 2 i4&T } T 9 U Q T } Q I T U 1 rr4iR~7 ) fs %f7 U T 8 ) fs %f7 U T 8
{ i { |
ke { d
Howtos
Y p p a vrhh 5
{ ~
IUf48 s 9fs48 s 48
g
b|
p Wqbbq q
X 6 Wq QF x g e 5 Y a c d
g%b%F
ibq%Qqq
P u VP C
3 f9gVI V3 I gu Q f0& P &%BV U T } 7 7 f4rT 3 Vk s 8 7 7 gff gf g ) ) ) U )0P T 0( f ) T P rk 9 7 7 U 0P T 0( fT 0( 0Vk 48 CP "%BiVAVk 9 ) 9 7 7 ( U T } S 7 7 2 S 7 7 ) ) ) AVk U 4P T 0( 9 P k U 4P T 0( p4 fk T 0( 9 ) 7 ) ) 9 9 7 S 7

ki ~ 4 Q z #gg
) 9 I ) 3 ) T I i ) f ( T 0( T 0P w P T r) T P &Q ) rfs T 0( 9 9 U U 7 )
{ ~
6 5 `x 5 q
10.25 Using the man pages (On-Line Manual)
Overview
Square brackets surround optional arguments
To view a page from a certain section use:
The result should be something like:
Use to see man pages on a named command, e.g
Shows page is in manual section 1
Y c
5 q
#b
5 q
Overview
257
10.26 Overview Exercises

1. Logging in (a) Practice logging in by typing your username and password in response to the and prompts, e.g. 4
Once you have logged in, the ready to take commands. (b) Log out, by typing at the at which you can login again. 2. Changing password
prompt ( ) is printed; indicating the shell is
prompt. You should get a new
(a) Set yourself a new password using the typing , followed by a . 3. Navigating Man Pages
command. Run the command by
(b) Press the (help) key, which opens a Summary of Less Commands, including all the keystrokes you need to navigate a man page (c) Make sure you can quit this page (by typing ) and quit the man page (by typing again). When you get back to the shell prompt, repeat the rst 2 steps to open the Summary of Less Commands from the man page. (d) Use the Summary of Less Commands to make sure you know how to do the following bits of navigation inside a man page: i. ii. iii. iv. v. vi. vii. viii. Move to the top and bottom of the man page Move up and down one screen of text Move up and down one line of text Search forward for a pattern (e.g. a word) Search backwards for a pattern Repeat a forward pattern search using one key Repeat a backward pattern search using one key Move to a specic line number man page,

4. Invoking the Right Man Pages
i. A list of man pages whose description lines contain details about the whatis database
is required after each input, to tell the shell that you have nished typing and it should A start processing your request. Note that the password is not displayed on the screen; to keep it secret
uuw
gj hy
(a) Using the following:
man page, nd the command string you need to use to get the
gj h
(e) With a partner, test each other on how well you can navigate the e.g. set each other target locations or words to go to.
gj hy
gj h
gj gj hyhy
(a) Type
to open the man page which details how to use the
g "ye
f{ j
j l
he j d l g hkw "y e {e j d g "ye i y k j
prompt,
command
Overview
258
ii. A list of man pages containing the string cdrom 5 iii. A list of man pages from a specic section (e.g. 1) of the manual, whose description lines contain print (b) Practice using these ags to nd and view man pages which deal with computer keywords your partner sets for you (and vice versa), e.g. i. bitmap formats like jpg, gif, xpm, bmp ii. communications concepts like modem, serial, telnet, pcmcia, ppp iii. lesystems like NFS, ext2, FAT, vfat, msdos, samba 5. Finding Out About Your System and Users (a) Type the following commands. Identify what each of them tells you about your system.
(b) Use the appropriate man page, to check that you have interpreted the screen output correctly 6. Creating New Files (a) Try creating a new empty le in your home directory using the e.g. (b) Get the le details on lename using this command: (c) Wait 1 minute, then repeat the previous two steps, i.e.
(d) Create a new les using re-direction

Actually running this sort of search can take a long time, given that many systems contain over 500 man pages, some of which are very long. 6 You should notice something very strange about the output from this string. The utility is perfectly functional, so whats wrong?
5
u0
e yhki
i. Which of the le details have changed? ii. What does this tell you about the purpose of you are unsure.
? Check the man page if
e yhfi
h y yi df g { h jfi gj hy w fh j w fh j k{j i e
x y x e y hki
y x x e y hki
d { e j j e
i. ii. iii. iv. v. vi. vii. viii. ix. x. xi. xii. xiii. xiv.
command,
Overview
259
i. Create a new le containing the output from the re-direction, e.g.
ii. Ask a partner to create new les, with appropriate lenames, containing output from the commands used in the questions on Finding Out About Your System and Users. 7. Appending information to les (a) With a partner, choose several of the system information commands whose outputs may have changed since you completed the previous question. Practice appending the updated information to the le which contains the earlier output. (b) Create a le containing output from , then append the output from i.e. time-stamp the output data. 8. Using Simple Pipes (a) Pipe the output from (b) Sort your ( ). through the
command to reverse its order.
le alphabetically and send the output to a new le
(c) Find out what does from its man page, then use it at the end of a pipe to analyse the output from other utlities. (d) Repeat the last step, limiting
to counting words only
i khj
command, using
id {e
i j i hk
id j khe { j i e
to it,
Overview
260
10.27 Overview Solutions

1. Logging in (a) N/A it works or it doesnt. (b) N/A it works or it doesnt. 2. Changing password (a) N/A Responses will vary from system to system, depending on whether or not good password practice is enforced. 3. Navigating Man Pages (a) N/A to display man (b) N/A It is possible that some Linux distributions wont use pages. If that is the case, try to nd out how you navigate under that setup and answer the same questions about it. (c) N/A (d) Keystrokes for basic man page navigation:
w g tt w k{ l k {f{ k k
Table 10.3: Keystrokes for basic man page navigation N.B. Several different keystrokes can be used for the same movement. This is common in UNIX tools designed to operate from any keyboard. always has a single key method. Multi-key methods are shown without spaces between them. 4. Invoking the Right Man Pages (a) i.
or, slightly differently: ii. iii. There is no easy way to do this yet. Later on you will learn about which will allow you to lter the output of to see only the information you require. (b) Practice using these ags to nd and view man pages which deal with computer keywords your partner sets for you (and vice versa), e.g.
u
i. e.g. ii. e.g.
d k
ig d fyf hy gj
Instruction Top of man page Bottom of man page Forward one screen Backward one screen Up one line Down one line pattern Search forward pattern Search backward Repeat pattern Search forward Repeat pattern Search backward Move to nth line
Keystroke(s)
gj hy ey hy gj
e kd i {j i {j
gj hy hy gj gj hy
Overview
261
iii. e.g.
5. Finding Out About Your System and Users (a) The listed command strings tell you about: Command string Output Your username Your username plus machine(s) and terminal you are on Usernames of currently logged on users Who is logged on, when and where Whos logged on, when, where, what process and what system resources they are using Current date and time, can set date/time Calendar for August 1999 Calendar for September 1752. Strange because 12 days were lost in the transition from Gregorian to Julian calendars Disk free, i.e. summarises disk usage Full le and path name for the executable le Much the same as Locates the executable and its man page Very brief help notes on the command. N.B. help only works on very few built-in commands The command puts itself to sleep for 2 seconds. The command then times the whole process and provides other data on the operation of the command
Table 10.4: Output from basic system information commands (b) See Table 10.4 6. Creating new les (a) Your output should be something like:
(c) Your output should now be something like:
i. The time stamp has changed ii. The real purpose of touch is to change time stamps, but it is handy for creating new empty les
9
(d)
i. Reading
should produce something like this:

i jg i yh{h
i jg i yh{h
i jg i yh{h
y4 kj kj d d d i ykhh i j g i jg i ykhh hki e 4w kj kj d d d i ykhh i j g i jg i ykhh hki e 4w kj kj d d d i j g i ykhh
(b) Your output should be something like:
gj hy
ghy j
y i
h{
i i k
i jg i ykhh
gj k hy
t
h y yi df g j { h yki ghj
e hki
fh j fh j i k{j
d { e j j He
k i ij ki { {h
{ k i ij W ki { {h i i y { d d j i ij ki{e ji{e W { {h d {e Xe id W
' U 6 (VwETSu9 P 9 Q9D#R6 D % C ww B uw 9 Q9w % C P I# E#u (ww B uw 9 Q9 F9I 0 P wEHG uww 0 uF9 cF9EmDw m % C 9ww B uw 7 A wu9@897 7 86 1 5 w3 4(1 3 2 0 00 ) w ' w0( &d&dwuuwH$' #"!u 6w 00w % wDi09w wwDi9u'uu wDi09w'
69 99 w u www wu u 9 ww9 6 wu u 6 u w uu u w9 uu u w wu u u u9w9w 990w u u0909 9 wDi0uu
Overview

7
7. Appending information to les
8. Using Simple Pipes
N.B.
(b) Your screen should look something like this:
(a) N/A
(d) E.g.
(b)
(a)
(c)
only counts whitespace-separated words
prints the number of lines, words, and bytes in les. To get these details for your le, you could do the following:
i.e. 275 lines, 488 words, and 7373 bytes 7
ii. N/A
Module 11
Printing Services
Objectives On completing this module, you should be able to: Understand the basic principles of the Linux printing sub-system
Y Y Y
Use printing commands (
Understand Samba printing Congure Samba to print from Windows hosts Congure Samba to print to Windows hosts
263
6 g i
%c a
a %c
rc
Printing Services
264
11.1
Linux Printing
Completely network-oriented Any printer can be made available to any client (machine and application) All print jobs are sent to a queue Queues can be viewed, edited, maintained from anywhere Subject to permission Formatted les can be sent straight to queues no i.e. no device drivers Printer conguration via text le see
h v e c t r p igfbyTqh x t dv w h v e c t r p h ` e c a dgfbusqigfdb`
Printing Services
265
11.2
Printing documents
Printing may be dumb Data dumped straight to printer You get BAD results if formatting is wrong Your setup may be smart Autodetect data formats and convert Older UNIX mainly dumb RedHat pretty smart - selects lters and transforms data streams if possible
Printing Services
266
11.3
p h
Main Printing Tools sends job to the queue for a named printer returns info about jobs in a queue removes unwanted jobs from a queue
w
enables system administrator to control the operation of the printing system

w
see
Desktop environments may offer drag n drop, visual facilities, etc
e h
t iv
e fh
h p h
for details
Printing Services
267
11.4
Using
Syntax:
b a G r t r c h iTgSbd p qh
Main Options: Flag Options Name of the printer to send the job to Print n copies of the document Send mail on completion
d g w
Example:
c m c a h k c b!lsbda G r j d c w p i g hhf p h e
p h
Table 11.1: Main
options
Printing Services
268
11.5
Using
Syntax:
t r c h gsnf h
Options: Flag Options Name of the printer/queue to interrogate Get info on each le within a job
o d
Example:
c w p i g hhf h e
h
Table 11.2:
options
Printing Services
269
Syntax:
t r c h iTgSbd w p h
Options: Flag Options Remove jobs from named printer/queue Remove all jobs belonging to yourself Remove all jobs belonging to user Remove job number n
t d s r q fTqp
Example:
a v gsdv g c w p i g u w p h e
11.6
Using
p h
Table 11.3:
options
Printing Services
270
11.7
Samba Printing
To congure a Windows machine to use a Linux printer: Locate the printer on your network, by browsing neighbourhood or directly naming Connect the printer to your system, as with windows network printers Sending a document from a windows host to a Linux printer is just as simple: Open the print dialogue box in the appropriate application Ensure the Linux printer is selected for use Choose available printing options Press enter All exactly as if you were using a Windows printer
ddf ni yugf
"dfdf yyfi yyf
ids"iuyfyuf
"iuyfyuf
uuyyu
dyydfyfufufuyuu
~ z x w z x w } } w | w | z x w } ~ w w | } } ~ } | z x y{y{{!{{!{dny{{{#!{!{#$!8n{yw
11.8
Printing Services
Requires the following steps: 1. Create a Linux printer in
h v e c t r p h ` e c a igyTqdnib`
There are only two good reasons for this:
5. Put something like this in each cong le:
4. ID each Windows printer in a cong le, e.g.
3. Create a spool directory for each Windows printer, with right permissions, e.g.
2. Copy sample smbprint lter to appropriate place, e.g. from:
e.g.
to:
You cant think of another use for your Windows PC
You have a Windows-only printer
Printing to a Windows Printer via Samba
, e.g.
Module 12
Basic Shell
Objectives On completion of this module, you should be able to understand and use the Linux shell to create and combine tools. Topics covered include: An overview of the command line The software tools model File names and types Shell programming Command scripts Job control I/O - pipes and redirection
272
Basic Shell
273
12.1
Introduction
The standard command line interpreter under ( or ) Linux is An enhanced version of the classic Bourne shell Shares most features of other shells ( , , etc) and has some more advanced features Plumbing - transparent redirection and pipes Background processes Process suspension, resumption, termination Filename completion and wildcard generation History
t nn d t yr i v d t yr i hv
Basic Shell
274
12.2
Getting around the command line
You can use the cursor keys to move around and edit the current line1 By default, uses -like keystrokes for navigation and editing. Here are 4 examples:
Keystroke
"qv w f hv
Action Move to the beginning of the line Move to the end of the line Delete to the end of the line Delete the previous word
man page gives details of all keystrokes
This may not work on badly-congured systems

nv
w f
To choose
i e e
or
r fv
nv
rfv w f
hv
-like keystrokes:
Basic Shell
275
12.3
History
Bash remembers used commands (in a history) Old commands are retrievable in different ways

Repeat the previous command by typing

t r us g
Typing repeats the last command beginning with To view your history command by command, use the and cursor keys
t r yT t hf
View your history at any time by typing
History is a very useful feature, if used well

hbb
Incrementally searchable using
Execute the nth previous command by typing
k nn
r gS
Basic Shell
276
12.4
Plumbing
Processes typically start with three les open: Name Standard input Standard output Standard error Descriptor 0 1 2
Later we see how to refer to their le descriptors These are normally connected to the keyboard and your command-line terminal
STANDARD INPUT
PROCESS
STANDARD OUTPUT
STANDARD ERROR
Basic Shell
277
12.5
Plumbing (continued)
Data can be redirected by the shell Transparently to the process concerned Any or all streams can be redirected You can redirect to/from a le or to/from another process Redirection to a process is known as piping
Basic Shell
278
12.6
Output Redirection
Redirection of output is done using For example:

bb g t iv w bw n e
Creates the le (or overwrites it if it already exists) and places the standard output from into it We can append to a le rather than overwriting it by using
d bb g t dv w w "
and
are actually shorthands for
1> COMMAND stdout 2>
error -out 2 >>
Error output can be redirected using

b "ub j g t iv w bw n e
and or
Basic Shell
279
12.7
Input Redirection redirects standard input from a le, e.g.

bb g iTbfn
0< COMMAND stdin
stdout
Consistent with
and
INPUT (FILE)
This could also be written as
dGbfn b
will now take the contents of the le as its input
Basic Shell
280
12.8
Combining Redirection
Redirect more than one descriptor by giving more than one redirection, e.g.
"ub bb j bb i j bbb bbb g g g iTbfn iTbfn iTbfn e e e
Send errors to the same place as the standard output ( ) The order of these is very important The redirections are evaluated left-to-right, e.g. the following differs from the previous example
Sg j
It sends error to the normal output and normal output to the le called
bb
bb
Output to the le called
Group redirections using the

Sg j
operator, e.g.
Basic Shell
281
12.9
Pipelines
You can output to another process with Known as the pipe symbol A pipe connects the output of one process to the input of another The data waiting to be transferred is buffered The processes run concurrently Linux ensures that the processes keep in step For example:
ug i iyuR
document
a b d d c
document sort
a b c d d
uniq
document mail
a b c d
Lees Mailbox
Basic Shell
282
12.10 Background Processes Most commands run to completion before you get your shell prompt back A background process continues while you get your prompt back immediately

To launch a process in the background place the end of the line, e.g.
bbb i b G i "sv "b e
at
Unless you use redirection (plumbing), output and error continue to appear on your terminal Input is disconnected, so typing goes to the shell, not to the background process If a process needs user input, and cant take it from a le, it is stopped It wont resume until brought to the foreground to receive input You should normally start background processes with their output and error redirected to a le, e.g.
bb hh"ub j bbb g "b e
Basic Shell
283
12.11 Background Processes (continued) Running processes can be put in the background Suspend the process by typing in the terminal that the process is running in Bring a process back to the foreground using
i
Put the process in the background using

and default

operate on the most recent process by
Change to a process, by job number or name displays current shell processes:

k i
fbb
g Vb
b i
Basic Shell
284
Sometimes it is necessary to start a process and leave it running when you log out If your shell is killed, any background processes will also be lost gets round this by detaching the process from the terminal
b ds
Always redirect output and error with

Sg j b n b ds e
If you dont redirect them then they will end up in and

b ds b { b ds
12.12 Background Processes and
, e.g.
Basic Shell
285
12.13 Command Grouping and Sub-shells

h e e
can execute multiple commands on a line

fuufRui g j g j dGb" iTn g g
Sequential commands are separated by

uR
Its possible to launch a sub-shell to execute a command or group of commands Put commands in parentheses, e.g.
iTbfn
Can also put a subshell in background, e.g.

dGb"
Basic Shell
286
12.14 Process Management (process status) prints info about a users processes :
y yyiR
uy
only prints info about processes belonging to the current shell

s i
postpones shell until process is nished
Usually given a process id as an argument If no argument is given it waits until all the shells processes have terminated
b
is used to send signals to processes
Can terminate background processes Some processes use signals to trigger tasks, e.g. log rotation, re-reading cong les, etc
yyn
f

" # !
g $
Basic Shell
287
12.15 Signals
b
There are a variety of signals :

SIGHUP 1 Hangup detected on controlling terminal or death of controlling process Interrupt from keyboard Quit from keyboard Kill signal Termination signal User-dened signal 1
can be given a signal name or number
SIGINT SIGQUIT SIGKILL SIGTERM SIGUSR1
SIGUSR2
2 3 9 15 30 10 16 31 12 17
User-dened signal 2
Basic Shell
288
12.16 Signals (continued) Unless specied, sends a SIGTERM which causes most processes to terminate If a process is unresponsive, it can be forcibly killed by sending it SIGKILL
f"f b
or

f"f
Can only signal your own processes Superuser can signal all

% n&
"

p pw spywxp 7h t kyxp p p w h t Ui ywxp q !( g 1xp yxp t p pw j i pw `Dk9pywxp yxp p e 7H yxp p pw e 77 g d hi a wxp g ip w h H h 9i yxp D w o d h gyxpd e e g fpd p w t d t r pw do g 5fyxp 1)3Di d ww a g a D1) xp g e 3rc p w 1Uyxp p pw (D3yxp 0 @ G X XY V 6 X( H`DI1)P
pu yvp vp p pu s p p qi 7DH1)r 4 t d d i ru yvp vp p pu t tb s7 1i a p p s p 7DHHr 4 p7a d a pu yvp vp p pu t t d i b s r p i 7D b 4 s u vp vp p pu s p p rc 7DHtHa 4 t d c a a q b ia u vp vp p pu t s7a p p l q a 4 i 1i d a iu vp vp p pu p7s d d 1i a aì a p p ki a 7DG9s a 4 i iu vp vp p pu ta r 1i ci s p p h i9t p Haa 4 t pu yvp vp p pu pa a i dd i s p p 7D rb 4 a q u vp vp p pu q r t Hr p p pc 7DHr a 4 a q a pa u yvp vp p pu pa t pd p i p p 7D t d a 4 t u pu vp p t d p s t i i t fHs fp p t r 4 t d Ht pc u yvpd vp p pu i a s d t p p s 7D Ht 4 ai tu yi vp p pu p sa b r a 9r b p si sc 7DHt @ I4 d t pu yvp vp p pu p p i D b D i 7D r d 5`4 p pu yvp vp p pu p p pa pa 7D a `4 sp pu yvp vp p pu s p p 7Di 4 q d i u u s rc q Hq srd p p 1i 8 s b b vp a vt p b hg e d c b a `9f7Ha X 6 X T 2 ' V T R( Q P G P 4 6 8 G F 4 4 4 HW77US)I7IH7ED8 7C54 9A9' 6 B( ( @ ( 8 8 6 4 2 0( 7531)'
12.17 Background Processes:
Basic Shell
Options:
Results can be sorted in various ways
See for full details, including command-line options
dT
Inside
N.B.
Typical output:
displays the processes running on a machine
is not available on all unices
use
for help on interactive options
Basic Shell
290
12.18 Filename Generation Some characters are special to the shell

Chars
su s
Meaning Matches any string, including the null string Matches any single character Matches any one of the enclosed characters. A pair of characters separated by a minus sign denotes a range. Any character lexically between those two characters, inclusive, is matched. If the rst character following the [ is a ! or a then any character not enclosed is matched. A - or ] may be matched by including it as the rst or last character in the set.
Table 12.1: Special characters under
To show les starting with , followed by a vowel:

r s
e
Special characters can be used to match lenames, e.g. to show les beginning with
r s
e
g 1Dl
p ò m
Basic Shell
291
12.19 Quoting Mechanisms Sometimes its necessary to ignore a characters special meaning Use a backslash ( ) to quote a special character, e.g. to list a le called
r s t r t
To quote a longer string, enclose it in quotes :

u
disable all interpretation disable lename generation and blank space interpretation
Basic Shell
292
12.20 Shell built-in commands Some commands must be built in to the shell, because they cant be executed independently , if executed independently would change its own directory, not that of your shell
$
hT sd g
, would change its umask, not the shells
Other commands are built in for speed e.g.

Tu g
kg"
Basic Shell
293
12.21 Basic Shell Exercises

1. Redirection (a) Try typing the following commands exactly as they appear here:
Make sure you understand what happens in each case, ask the tutor if you are note sure. 2. Filename expansion and Quoting (a) Do the following in the
i. List all lenames with exactly three characters. ii. List all lenames with exactly three characters in which the second character is a vowel. iii. List all lenames with a, b, c, or d as the last character. iv. Construct a command to print the number of lenames consisting of exactly three characters. v. Construct a command to print the total number of les with exactly two, three or four characters in their name. (You may nd the wc utility useful for more information.) here, check (b) Compare the effect of the following commands:
(c) Change back to your home directory and try to create a le with the name *. Was this a sensible thing to do? How would you delete it? (Be very careful!)
t t d
(d) Create a le called
. Try to remove this. Use the
3. Background processes and (a) Start the command
in the background in your current shell
(b) Bring it back to the foreground and terminate it by typing C (c) Start it again, and once more so that you have two copies running in the background
i}`x y ( x f) x i`x3h ( `h kh y a x i a }y`xfh D`h kh a i a fh ` x y`x fh ( DDh`hkh i y `x a h i y a3 `x 3hh h u h ( D`h kx 3h a h u h ( D`h kx 3h a

directory
Dy Dy
( 7 h g h
e
h (
6 XY D iF j h w j D 6 XHY`YF DiwF j hh 6 X j w ` j hh h j 6iF j hh XY w 6 XY iF w jj h 6 XY H`F w h

js{ z j js{ h z j z |{ jsz{ h D`h x D`h kxU D`h kxU D`h kU x D`h kU
~ jh w j h w j hh w w j w j w j w j w j w m
page to help you.
Basic Shell
294
(d) Bring them to the foreground and terminate them in the order you started them
y
(e) Start the same command in the background, and terminate it using 4. Grouped commands
Compare the following command sequences, and make sure you understand the differences :
(b)
(c) (d)
Check you can use your history to get at and repeat any of the commands you have typed.
y b h g b h g h h ~ y b Hh g b h g h h
t !`
(a)
D g v 9e` j ~ j g !t D qv g )e jj
Basic Shell
295
12.22 Basic Shell Solutions

1. N/A 2. Filename expansion and Quoting (a) These are solutions which will do the job, there may be other ways of acheiving the same thing i. ii. iii. iv. v. ls ??? ls ?[aeiou]? ls *[abcd] ls ??? | wc -l (ls ?? ; ls ??? ; ls ????) | wc -l
(b) When not quoted $HOME gives the name of your home directory. This is variable substitution. We can see that this substition still happens inside " expands to all the lenames in the quotes, but not inside quotes. current directory. This is lename generation and doesnt happen in either quotes. (c) It is not a wise choice to name anything with a lename containing special characters. You can delete the le safely using either:
(d) You can delete the le by using
3. Background processes and (a) (b) (c)
(e)
4. N/A
yE ( t UH h y t E ( 7 UH 7 h
(d)
t h h
h j h
e
w V t ( 7 h g h a T e w V t ( 7 h h i e g e H T w e H e 8 )i a e 8 g )l Ew p 1i d s a a y t E ( 7 pUsH gi w h c d a yE t ( 7 UH g w h e V w y t E ( 7 UH g h w
s s a d Wc a y t E ( 7a h
t t D`
U ( s s i w d UHa g w
Module 13
Shell Programming
Objectives By the end of this session you should know about: Shell variables and their use Conditionals and ow-control Basic scripting techniques Use of parameters The use of here documents Command substitution
g m
Use of tools like
and
296
Shell Programming
297
13.1
Introduction
The shell is not only a command interpreter It can also be used as a programming language Shell programs are often called shell scripts Or simply scripts By the end of the section, you should understand how to: Use the shell as a programming tool
Shell Programming
298
13.2
Writing and Running Shell Scripts
The standard Unix shell is the Bourne Shell1 Linux provides an advanced clone Bourne-Again shell (bash) Just like any other process It can execute subshells and have its input and output redirected You can put commands in a le and get the shell to read from that le Running a shell program: 2.
e fV
Named after its author, Steve Bourne
m"
1.
e
fs
"
Shell Programming
299
13.3
Subshell or Subroutine?
The previous examples launch a subshell to execute the code Changes to the process environment exist only in that subshell (e.g. ID of current directory) You can run a shell program as a subroutine of your current shell: This is the only way to change the environment of the current shell If the subroutine changes the current directory or other shell variables you will still see the effect after it has nished running
V e
Shell Programming
300
13.4
Processing Commands
The shell reads its input Input is split into command, arguments, and plumbing (I/O re-direction) It performs Command substitution Variable and parameter substitution Blank space interpretation Filename generation Plumbing
d
You can see what it is doing by using

fs m i e e
, e.g.
Shell Programming
301
13.5
Command Substitution
Used as part of a command line The standard output of a command is substituted into the command line Newlines become spaces, e.g.

becomes
"
Do this by using back-quotes (). Examples:
dq
k s
iT
u
k d
k d
k i
m fsd
Shell Programming
302
13.6
Shell Variables and Variable Substitution
Variables are items whose content (i.e. value) varies but are identied by a constant name The shell is a string-based language
v fsgVde fsg"sv
N.B. Variable names are case-sensitive Use when the value is concatenated (joined) with other characters, e.g.

Vbufe k bq k fVh s e e v VgVie
Using a variable before it is set gives a null string

k Vbufe s e
The value of
v fVn"sde
is given by
Variable assignment looks like

fsg"sv
or
k fsbhe
e q q
Shell Programming
303
13.7
Shell Environment Variables
Environment variables are shell variables whose values are exported i.e. passed down to all child processes of the current shell

This is done by using the
Changes dont pass back up to a parent process

i
See what is currently exported using
Some variable names have built-in meanings:

VARIABLE
#
MEANING A list of directories searched to nd executable commands: The users home directory Pathname of received mail Inter-eld separator, characters used to split a command line into words The shells usual prompt Prompt given on subsequent lines of a multi-line command.
uf
ffxy i
iifv
command
uf
" iu
yfy i i yfy y f u yfy iy
yfy
yfy uy
13.8
Shell Programming
Examples
x
f i
x
u
#uy xfi
yif
Adu g dyud
df
iifvf y
yuifyuffn g# yyu
#d # #y
fy ydfvy&i yy yn i
13.9
Shell Programming
Examples (continued)
uyy fy
u u
Shell Programming
306
, on its own, lists the values of environment variables Inside a shell program, , followed by a list of arguments places them in the variable called Example:
|
!
|u
fu i{i R ! R H
fu
i
13.10
i
i{iF
fu
!

Shell Programming
307
13.11 Quoting Characters with special meanings to the shell:

t
Special meanings can be ignored by quoting

t
Single characters are quoted with a preceding Strings are quoted by surrounding or
v u
N.B. There are two different quotes used by the shell; both have distinct meanings:
". . . " Dont expand shell special characters, do perform variable, command and parameter substitution Dont expand shell special characters or perform substitution
. . .
N.B. Dont confuse apostrophes with back ticks they are used for command substitution
dffdfi fdfi R fdfi giFf g@f f R
Fgg Fgg
!C C
gFf
g@f f
fiyffiFfy Fgg Fgg

C C
iiFyf f
iyffiFfy Fgg ff R
C
gFf
fdfiFfy
y!
by
yfy uy f
13.12 Examples
Shell Programming
ff
ff
y fy u fy u
Shell Programming
309
Each time you log in the Bourne shell executes in your home directory the le called It is executed as a subroutine, so it may alter the environment of your current shell You will typically use it to set your preferences your PATH variable is a classic, as is PS1 2
iq
The les

, , and/or are also read sometimes, according to context (See over)

d Vd
What your shell prompt looks like

iu
Vh
13.13
gu
File
ufff xfXiFyy ff f sgff f@f FfFu yf fQf i f G o p yiRf ifRd@f fuDy yf |if f@iuif
Sfy i fuxfTA iQdf y@ff f fQu f
SRfy
|difyxyfs
i
SRfy |gFduusAR Rfy iiyxyfs Dy Ry |iFdyxyfs SRfy iFduyd iQiuyRf @y# i
gu
13.14
Shell Programming
The logic for determining which les are run is as ) follows (taken from
iT
Source is a synonym for execute as a subroutine
3. Non-interactive shells:
2. Non-login interactive shells:
1. Login shells:
(continued)
Shell Programming
311
13.15 Arguments You can pass command line arguments to a shell by using either:
bb
or:
s s
r
is the name the program was called with ( in the examples above) Later we will see the command which gives access to arguments beyond 9
r
Arguments 1 to 9 are seen as

r
e Rb
|s
s
r
kI
r
e e
Shell Programming
312
13.16 Shell Parameters Shell parameters are read-only variables, i.e. dont normally change Hold information about the status of the shell Examples:
Shell Parameter
n

Meaning Exit Status of last executed command Number of command line arguments available A string containing all of the command line arguments A string containing all of the command line arguments The process-id of the current shell The process-id of the most recent background process
and
differ when quoted. Check
dG
r e m
Shell Programming
313
13.17 Blank Interpretation Command line is scanned for internal eld separators (dened by IFS variable) Command line is split into command and arguments Explicit empty arguments such as preserved or
u u v v
are
Null arguments resulting from command substitution are discarded If you want to preserve null arguments resulting from command substitution: Concatenate with an explicit empty argument: Implicit null arguments (e.g. substituting the value of an unset variable) are removed
WbV
u u m
Shell Programming
314
13.18 Comments
h
has one comment character, the #
A comment starts with the hash character and ends at the end of that line Here is an example:
i
N.B. Make meaningful comments
iRRih}bfuy
iQ@uyR
uyuy
Shell Programming
315
The command is another way of assigning values to variables Reads the next line of text entered from stdin When it is asked to read more than one variable, (e.g. read ) the rst word from the input is assigned to the rst variable, the second word to the second variable etc, and the rest of the line to the last variable Example:
k d g e g
dn
dn
k d
k d
"e
ge
13.19
e e e e
Shell Programming
316
The command lets you access arguments above $9 by shifting them down one place i.e. the theoretical $10 becomes $9 always stays the same, because it is the program If there is no argument to shift down the $9 variable becomes empty
e
is equivalent to executing
Example:
fuy
fu R
" " #"
H
13.20
fu
fu
fu
fu ivR
ivR
ivR
Df
" " #"
times
Shell Programming
317
13.21 Exit Status or Return Code Almost all commands give an exit status Identies whether the command had any problems running
h m m
can test these return codes
A value of zero is taken to mean success (or true) Non-zero return codes signify failure (false) The exit status of the last executed command is stored in the shell parameter $? Shell programs can set their return status using the command This terminates the program and gives the designated value as the return code, e.g.

Shell Programming
318
indicates whether a comparison was succesful or not It can test a number of different things : File status Numerical comparisons String comparisons Used with the ow-control constructs such as and (explained later)

13.22
V
Shell Programming
319
13.23 File Status Tests Used to check a le for certain properties

Command
d ud d d d d d dR d d d d d f f f f f f f f f f f f f i i i i i i i i i i i i
Meaning true if true if true if true if true if true if true if true if true if true if true if true if
exists is readable is writeable is executable is set-user-id is set-group-id has sticky bit set is a directory is a block special is a character special is a name pipe (fo) has something in it
ud
true if descriptor is a terminal (If ldes is not given then this checks standard output)
Shell Programming
320
13.24 Relational Tests Numerical tests

j k
true if the relationship valid for the numbers
String tests true if is non-null true if is zero length true if length of is not zero true if and are identical true if and are not equal
j j j V
The test
k de
will fail with an error message if either uninitialised.
or
are
relationships
m de
is and
V V V V V V
Shell Programming
321
13.25
Executes commands once for each word in a list Each time round the index variable is assigned the value of the next word Syntax is:
g nTFb j g nT g nG m g "
If we want to do something for each command line argument we can do

v e v
m g "
or
m g "
Filename, variable and command expansion are performed on the list, e.g.
r
"
would assign the names of all les beginning with an to the variable one by one

iTbfn
"
Loop
d g
b b b
b b
13.26
Shell Programming
Three basic forms:
1.
3.
2.
Shell Programming
323
13.27
Executes the test and takes the appropriate action

Example:
r
"
Everything following an or to the end of the line or a is executed as the test

k nn
There can be any number of
ge
ge
ge
ne
ge
ge
ge
Tu g
Tu
Tu
Tu
(continued)
is short for "else if" clauses
g g
Shell Programming
324
Return the appropriate exit status

V
Generally used for innite loops (" . . . ")

q V
returns 0
returns some non zero value, typically 1 but could be anything non-zero!
13.28
and
Shell Programming
325
The command repeats a group of commands as long as the test remains true The command repeats a group while the test remains false Example:
b v g d u sh
ib
b
13.29
and

db
s g d
Shell Programming
326
Used to alter the ow of loop structures loop breaks out of the th enclosing loop
s
breaks out of the immediately-enclosing

$
jumps back to the beginning of the enclosing loop jumps to the beginning of the th enclosing loop For example
r
e s dn
Tu V
Tu
13.30
and
dn
"
dn
g g
Shell Programming
327
The statement enables multiple comparisons based on pattern-matching A neater form of

b
Structure:
dGbfn u V T hg
Two semi-colons act as a single symbol in this context
dGbfn
"
13.31
bb
bb
bb
hg g u
qb
V v
Tu
sibe
sbd
vv
Tu f Tu
fTdbe
vv
sde
fTd s
Vd
"
v
hg
13.32
Shell Programming
Example:
Patterns are scanned in lexical order
The statement uses the same pattern matching as lename generation
(continued)
qb
hg
Shell Programming
329
Alternative matches are specied using the or character | The previous example could have had:

Only the rst matching pattern will be used: We only reach the invalid input line when the input doesnt match either of the rst two options
fTdbe
vv 99
sde
Tu
13.33
hg hg
(continued)
Shell Programming
330
13.34 Simple Conditionals The example in Section 13.32 provides a shorter construct form of the The line
$
b fTd g
The second command is executed only if the rst returns

V
The second short from is the

$
b fTd g
This is known as the
operator operator
means if the command to the left of the evaluates to false

Shell Programming
331
13.35 Here Documents Here documents are virtual input les A portion of the script le is sent to a command as if it were that commands normal Input is taken from the following text until the end delimiter is encountered Example
bb V g
The above is equivalent to typing on the command line then entering :

bb { V
g V
Shell Programming
332
13.36 Use of commands Can run anything you want from a script Common untilities in scripts are :
g
" m
Shell Programming
333
searches the lesystem in real time; making disks work hard Can nd les by name, type, size, dates, e.g
i g
To nd all les ending with current directory:

v
i lr
Can execute commands on the les it nds. The name of the le found is placed in {}
N.B. The latter spawns separate processes for each nd
To nd all lenames not ending in modied in the last 8 days

Tests can be combined with , for example:
and negated with or
ib
To nd all lenames ending in modied in the last 8 days below

i
lr
r v
fs
!lr
fs
fs
db
13.37

g g g g
under the
and
Shell Programming
334
Evaluation works out the result of some expression i.e. computes the value of the expression
m
is used to evaluate expressions
Takes arguments and operators Prints the result Returns zero or non zero depending on the result Scripts often test this result and act accordingly Watch out for special meaning to shell of characters like * and < or >, e.g..

y
df
13.38 Evaluate Expressions (

du
yy
ffu
fu
f#

m

gudRydDy
d y y

fu
u!
ufyRu uRui#
#
13.39
Shell Programming
Has some string manipulation facilities too
Often used for looping in scripts
(continued)
Shell Programming
336
13.40 Summary In this section we have covered the basics of how to create and use shell scripts. Substituting commands with back ticks. Shell variables and parameters. The exit status of commands.

The
The ow control constructs, and . Here documents.

V
The
command.
command.
Shell Programming
337
13.41 Shell Programming Exercises

1. (a) Write a shell script, which prints the number of users currently logged in. (b) Construct a script, which takes a username as an argument. It should print all lines of output from the command which concern that user. (c) Edit your to Print a personalised greeting when you log on Print the date Personalise your prompt Show how many mail messages are in your mailbox You should note that your mailbox is typically stored in /var/spool/mail/username, and that messages are delimited by lines that begin "From "
2. (a) Try typing several of the Linux commands you have learnt, followed by
For example you could try :
(b) Write a shell script gives out
(c) What would you expect if you typed
or
(d) Write a shell script to print out all 100 numbers from 00 to 99. 3. (a) Write a shell procedure, , which copies the les specied as arguments into the directory . Your procedure should create the directory if it does not already exist. (b) Write a shell procedure, , which takes a number of usernames as arguments. For each name, a message should be printed showing whether the user is logged in, exists in the password le, or does not exist
h H e 6 XY H j l `F w e 6 XY H j l iF w h 7`g
g h t e e ` e h | h yI h ` g h tt e v e e EHh h h g h e
3 e f h t h ` g h t e h g h e e w g j D1D 7) h h7D w j D1gHg 75 h W `)e È hg w g g j D1D 7) h h7D
e h h h i e d g h t e h3h Eh P h
h ( DdIu
w
j h
j h h j e h h e
j h h e
e
which when run like this
cc i&(9d G 7s1i fd 9w w g s h g t vd c h p b yvp a v1i g h C9 1 h t w v1i C9 iw s t b c g 1 h h
s h cc &(9d G 71i fd 9 c i s c c i c &(9d G 71i fd 9w h a Dd h 5t d
g h g vd g s h g t vd i c wv1i g h C9 5 h h d t w
W1
h t d t d h
h t d
Shell Programming
4. (a) Write a shell procedure,
provides a "user-friendly" version of the options are: Only print a line concerning date information. Only print a line concerning time information. The default action of is to print both lines. Examples
, with the following specication:
command. The available
P d ht 5 P w d ht 5 P w P P P
jh w h h w e g w h fh P h
d H DCj h
j a j Hw w h w h ( W j eg @ w jDg 75 h | h e 1g `) h h7 h ye i w j Hw h w g 1g 7j) h W h`9e `DI h ye wp g j w h w 7 h ye w w w w p w Hpw g SDl D l 7H(7DIvyvyw g g j D `) h h7
u g (
t d
h t h y7( 8d g D 3
t D
j `hH h
t
e h yy ( 7Ee D j h h t j t F e E g h f P j h h Y h E f e e h h Ci 4 ` w !Dde I' e h Wh t 4 h e 7y F j e ) yEhS9 Eh e ' h h
h ( DdIu i y{ e z w h H d 1 9Cj kg `93 g hg e
u #t h g d h g `9e (fj `! h z d g h hg
e j h fh P j h h
13.42 Shell Programming Solutions
Shell Programming
1. (a) To print the number of current users:
2. (a) You should nd that commands which work have an exit status of 0. Programs which do not work have some non-zero exit status. The grep command uses a common distinction that 1 means a command ran and failed, whereas 2 means it did not succeed in running. You should have seen something like this :
(b) A solution could be :
(b) The logon details of a user:
(c) A
le could look like:
` j h
u u |IIu
g `9f hg e
yx `f
j e H l
hg `9e t 5 w e a j 7h h g H h `)e h g h p Wo h g 9e f) j D Iw h Dh g g g h j p W1 `h j j e 6 XY H l iF w w a 1 7h j 6 XY iF w h Hh gy V j h h iw g h h e 6 XY 7 j l `F w t h e 6 XY H j l `F w Dh g
` `h jh 7w w h t q i p c Ihs Ud r a h b t q p c hIs hd r a i hh b
h t e u g h t e i g h Eh e P e e h g h t e w h h i h u g h t e r h Eh P e e h h h sI h ` g h t e w e fh h h i u t r e v e 3h y h e h ` g h h Eh P g t e e h h w
Shell Programming
3. (a) The save shell script:
(d)
(b)
(c) You should see something like this:
Note that this is a lot more cumbersome than the equivalent loops in most programming languages, but it is not the sort of work that the shell was designed for.
The three four on the rst command line is treated as one argument, and not split into two on the space because of the surrounding quotes (). The null argument in the second example is an explicit null argument and is thus retained. The third example shows how lename generation is applied by the shell when creating the argument list.
h `g 91 h I ` j w hg h w D w h `g h g179D h IpIo h | 5t w d h
One full solution to mydate is:
s Ir h i d j h w a w w w g h g f h 4 D6 P 0 w C) D P j h t d h w g h D6 f P h 4 w
h ig h h ` j `h g W Hh DHe1U h t e E U j e D Ig 4 h Ig 4D6 0 91 D 6 ( P i j w hg h w P 4D6 4 D6 0 h IpIo w d | 5t h h

4. (a) A simple solution to mydate is:
g 7h 7 h g
y
hg e hg `9Ekg i9e w C Hx j 75 W e 7 h i D1gHg 7H h `)e w h e e h g 7h g hg i9e w x h y{ e z hg i9e w h y
h 7
h hi9e w j h g h ig j h h ye j h h f
Shell Programming
g `h
HWs w
e If Hh DH1U h t i9t h r Ed w w w h
II a
e e f U j h w g h g &d j W H `hh g h h g h 7 h I g I 7 I Ur ` j g w hg h `g j h g `h H e j w g h W I t a j h W l t h h 0 h h I l h DDCj @ W h l Y t l gh I 9e e he 4G d I` I h ee Id Wf(9d X W ) G j h X d I He ` d e l h Id Id e 9 Id e I d ig d g g hH W ihiDhe Id ` Id e j h g i h h `g t h 9 P j h h
Ei Wt T T w WE d g w
Shell Programming
`
P j h 7)r i h 5r h a hh 7i Haa a h r h a h ì
t i `9s7Hi t p `9s5i t i9G c t i9tGt i9tGq i9tGs i9G t b i9G d t i9tGr i9G t a i9Gì t i9Gp j a w j` hg g `Dh 4 d s d b P d d d r P d a X d ì 4 d p
Module 14
Special Topics
Objectives After completing this module, you should be able to: Understand and congure the LILO boot loader Use and verify RPMs Build and install applications from sources
d uq
Understand and use key elements of the
fs
343
Special Topics
344
14.1
The Linux Bootloader (LILO)
Doesnt depend on any a specic lesystem Can boot Linux kernels off oppies, hard disks etc. Can act as boot manager for other OSs Can select from up to 16 images at boot time Parameters (e.g. boot device) set independently for each image Can replace the Master Boot Record (MBR)
The LI nux Boot LO ader ( beast
) is a versatile
uyfuf uyf uyvuf x
yiuffyi "uvfu

yf
d ugfffi{
x
yyiuffyi "uvfu yuf
i
d ugfffi{

fi$yf
x
yiuffyi "uvfu yf
H
i
d ugfffi{
gffi

i{i uuy
Sfyf iffi uyfuff
u"l
14.2
Special Topics
Conrm changes by running
Conguration lives in
An example:
LILO takes command line options
Machine may be unbootable without this
LILO conguration

"

" !
Sfyffu
Special Topics
Special Topics
347
14.3
Understanding
Line 1 tells LILO: which partition contains the boot sector or which device contains the MBR Line 2 identies the map le i.e. the le which tells LILO where to nd all the les needed to boot an OS Line 3: The boot loader itself, loads into the BIOS then loads the selected kernel Line 4: Ensures a prompt for OS selection, etc Line 5: Wait time before booting default kernel Line 6: Message le shown before prompt Lines 7-22: Detail specic bootable Linux kernels Line 7: Points to the default Linux kernel Lines 13,18: Point to alternative Linux kernels Lines 8,14,19: Commands to start each kernel Lines 9,15,20: Root partition for each kernel Lines 10,16,21: Files to load as initial ramdisks Lines 11,17,22: Mount root partition read-only so can run at boot time Lines 23-26: Detail a foreign OS Line 23: Points to the bootable partition or device Line 24: Names command to start foreign OS Line 25: Location of foreign OS partition table Line 26: Chain loader for booting OS kernel Defaults to rst hard disk partition

h"
Special Topics
348
is used by most Linux distributions to: Install, upgrade, and uninstall packages Query les within packages Assign and verify package signatures Maintain installed packages and database Set permissions on packaged les Build packages (Special Topics module)
Can operate via ftp or web Supports two kinds of package: Pre-compiled Source Graphic front-ends, of varying quality, e.g. (also handles
Other distributions will have something similar Debian has Stampede has
les
packages
" #!
14.4
Red Hat Package Management Tool (
8 6 94 75
H @ I5
8 6 G4 F5
D &A @ ECB(% 2 0 4 3% 0 ) 31 ) " ' & $! ($%
" $!
Special Topics
349
SYNTAX:
package-le may be lename or URL Common options:

Option Effect Install package Upgrade package Erase (uninstall) package Freshen (only upgrade if earlier version exists) Same as or (install even if packages/les replace already installed ones) or (let upgrade replace newer package). Dangerous Print percentages as les are unpacked; makes easier to run from other tools No dependency check. Dangerous Dont install, just check/report potential conicts Relocatable packages to newpath. Useful if packager sets innapropriate paths
y xT hV xy
" $!
14.5
Install, Upgrade and Uninstall with
xy y
y hx V hV xy
pv Y sr p id gf d ba `S Y W US xwut1qC1hBeU c3C$$XVTR
iphgoeImnl!htBf7E kj ih g ed hV y xy xy y y VC xy
y xV xy
" #Q
Tc yxy y y ty xy
P
Special Topics
350
SYNTAX:
package-le may be lename or URL Common options:

Option
ny By y ! n C T x CC n c } 9I!Cc xV
pv Y sr p id gf d ba `S Y W USr w vp ts r " x{ep3qc3GoeU zCE#ynGxQhuCR hq #Q
Effect Query all installed packages Show package owning le Show (uninstalled) package-le. May be a URL Show capabilities package provides Show package info, including name, version, description. Uses if specied Show packages required by this one List les in package Show le state (normal, not installed, replaced) Show shell scripts used for un/installation Dump le info as follows: . Must be with one of
y V9 T nxy
" #Q
14.6
Query Options for
xy y Cn Vc xy l I ~B| l!gcnCoe y g lI ~ | B} y y
CTTnyxy x yxy y
P Ty y
Special Topics
351
Compares info about installed les with original package info stored in rpm database Compares size, MD5 sum, permissions, type, owner, group, etc. Discrepencies are displayed Files not originally installed are ignored SYNTAX:
Common options:
Option
pv Y sr p id gf d ba `S Y W USr w sY vp xwut1qC1hBeU c3C$$XVGVuIR
Effect Ignore missing les Ignore MD5 checksum errors Ignore missing les
" #Q
14.7
Verify Options for
" q #Q
y T xy y xy y T xy
P
Special Topics
352
Format: 1. A string of 8 characters 2. A possible "c" denoting a conguration le 3. File name For example, verifying your package will usually report errors like these:
Each character shows result of a comparison of one le attribute with the value of that attribute recorded in the RPM database (full-stop) indicates the test passed The following characters denote failure of specied tests:
MD5 sum File size Symlink Mtime Device User Group Mode (includes permissions and le type) Couldnt complete check
D E94 H
" #!
14.8
Output From the
Verication Option
T T xV T C T V x T VC ( T V x ( T xV T
V V V V V V V
} xxx }xxxxx } xxx } xxx } xxx } xxx } xxx 5
Special Topics
353
14.9
Building And Installing Applications
Linux/Unix has often been called unfriendly Package management techniques and new GUI tools seek to remedy this Sometimes necessary to compile packages from source Common with security updates Code xes available before new packages Best to update as quickly as possible
Special Topics
354
14.10
Recent years have made compilation easier Tools called and
Set up by package author/maintainer Can determine your system type Check for presence of needed libraries Set everything up accordingly Provides nicer way to specify compile options For example, whether to include support for a particular format when building a graphics app
0 ' D 4 ) " E 0
& ' D Bh' 2 ( 0
& ' D Bh' 2 (

Special Topics
355
14.11 Using
For a lot of packages the following sequence will install the application
Lots of output is produced giving you valuable information
4 $cBh' 35 %A & 2
0 @E@ 0 D H A 4 ) " & 6 H H ' hEo0 P H 5 5 E5 P 0 4 " ) 5 5 E5 P 4 $cBh' 35 P %A & 2
Special Topics
356
14.12 Options to congure Some standard options to Determine things like: Place of install Location of libraries Turn on/off features Examples:
Sets up the build procedure to install the app 1 under rather than Full list of options
Options vary with application Commonly see options or
is the accepted default

4 @ & EE q $8 0 G4
0 ' @ Q2 E@ o#H
4 $cBh' 35 %A & 2
type
A q 4 4 E#@ 4 " ' 9 BQ4 3Eq 4 $cBh' 35 P %A & 2 q D E u CA 5 5 E5 @ q o4 Eq 4 $cBh' 35 P %A & 2 tfIIV 4 4 #@ 4 " ' 9
Special Topics
357
14.13 Location of install Most applications install under
If youre installing libraries you may have to set your variable Or run
to see the new libraries
0 ' @ Q2 E@ o#H
, e.g.
0 " 0 " 5B" A% {& h & B" % Cu8 A &A EE
%A & 2 Coh' 16 @ # EC!1$QP
0 ' @ Q2 $@ o#H 0 ' @ Q2 $@ o#H
Special Topics
358
14.14 Installation requirements Often need to have certain things installed to compile packages Most notably the C development libraries Also may need other header les
Can be installed from RPM or sources
Tells you if it cant nd what it needs Can also differentiate versions of libs/apps In some cases . . .
H CB@ q 4 " ($% 8A ' &
for compiling Gnome applications
4 $CoG' 2 %A &
will check for these
Special Topics
359
14.15 Compilation roundup Lack of an RPM isnt always a problem Often just as easy to compile from source More power over features N.B. RPMs that depend on libraries may not recognize them if they were installed from source!
Special Topics
360
14.16 The
Acts as an interface to internal data structures Use: To obtain information about the system To change certain kernel parameters at runtime Also contains one subdirectory for each process running on the system Named after the process id (PID) of the process Contents of kernel versions
Shouldnt write programs that rely on it
2 ' 3G
2 ' 3G
lesytem
can change with different
Special Topics
361
14.17 Process specic subdirectories Each process subdirectory has following entries:
6 4 (G4 & A & h' uG4 6 12 4 &A 6 " 1z@ (2 H D 0 D " D0 D D0 D Dh'' "4 H H H H 0 (9" "
Command line arguments Link to the current working directory Values of environment variables Link to the executable of this process Directory containing all open le descriptors Memory maps (what memory the process has mapped from les) Memory held by this process Link to the root directory of this process Process status Process memory status information Process status in human readable form
14.18 Process Status
Special Topics
Shows almost the same information as because gets its info from
2 ' z
H (
x x
To get the status of a process, just read :
x xq TC xxxxxq t# xxxxx xxxxx q (xc x (V x C (c !p x x x un x x x unQ x V x xx un I 9 !Vx 7 ( xx (! xV xx IhTc V H D 0 D H !2 3G '
Special Topics
363
14.19 Process Memory Usage ( The
le details process memory usage
Its values have the following meanings:
total program size size of in memory portions number of the pages that are shared number of pages that are code number of pages of data/stack number of pages of library number of dirty pages is only approximate
Ratio
" D0 DH
0 8A 0 6 H !$o B@ E0 D o$$z D
" D 0 DH 6 4 D & G4 6
D 6 H z @ H zE6 H z D 0 #(hH A H 4 4 3cA H
Special Topics
364
14.20 Kernel data The following subdirectories give info on the running kernel Not all present on every system depends on kernel cong and loaded modules
9I!xx c 9 99 x h # c $9 hn x CT nh V TTG x x hx h hn xT 9V C c !x V
Advanced power management info Kernel command line Info about the CPU Available devices (block and character) Used DMA channels Supported lesystems Interrupt usage I/O port usage Kernel core image Kernel messages Kernel symbol table Load average Kernel locks Memory info Miscellaneous List of loaded modules Mounted lesystems Table of partitions known to the system Real time clock Slab pool info Overall statistics Swap space utilization System uptime Kernel version
CV CV cx xV! xx c 9I! x x
G T I x xT T G T TTx x xTp# Tc
H D (EA !2 ' z9 4 D &
14.21 Interrupts In Use
Special Topics
For example:
See
Check what they are used for/by
Check which interrupts are currently in use
to:
I I V
Special Topics
366
14.22 IDE Devices (
Details all IDE devices known to the kernel One subdirectory for each device Each directory containing these les:
The cache Capacity of the medium Driver and version Physical and logical geometry Device identify block Media type Device identier Device setup IDE disk management thresholds IDE disk management values
4 6 A !2 ' z9
n c 9 xc 9 h 9V c G9 9xCn T V9 hV
Special Topics
367
14.23 Networking (
The les and their meanings:
Kernel ARP table Network devices with statistics Lists the Layer2 multicast groups a device is listening to (interface index, label, number of references, number of bound addresses). Network device status Firewall chain linkage Firewall chains Directory containing the masquerading tables Major masquerading table Network statistics Raw device statistics Kernel routing table Directory containing rpc info Routing cache SNMP data Socket statistics TCP sockets Token ring RIF routing table UDP sockets UNIX domain sockets Wireless interface data (Wavelan etc) IP multicast addresses, which this host joined Global packet scheduler parameters List of PF_NETLINK sockets List of multicast virtual interfaces List of multicast routing cache UDP sockets (IPv6) TCP sockets (IPv6) Raw device statistics (IPv6) IP multicast addresses, which this host joineed (IPv6) List of IPv6 interface addresses Kernel routing table for IPv6 global IPv6 routing tables statistics Socket statistics (IPv6) Snmp data (IPv6)
D4 G1& !2 ' z9
fpnI7 Vfp p7 t p t t n f f n F V I n fpnI7 pf 7 VF t t fpV t t fp p n 77 77 fp ft
pf ft ft FF
c
E E E E E Q E E E E 1a C G C E 7 aH P E E E E E E E E E E E C Q C E 7 P E E E E E E E E E E E C a C E 7 P E E E E E G E E E E %%Q C H C E 7 QQ P E E E E E H E E E E WIH C E C E 7 HG P GEQcG %7DVE E H U%17T"%"'A%%"'T"%"'T"%"'8%H%7c C E 7 HSHQaHQS SHESHF HRRFHF SHESHF SHESHF FcRGFcQ P E E E E E )%7%WE E E E I%%%a D7B GH EGFFEa GH EGFFE C !% e&%B u 1 ! 1 78&'% A'5@9" 1 1 ! 1 78'76'532 1 B &4 ( & &4 0)' %$ ! (& # ! "
For example: How much trafc is routed over them
D4 G(& !2 ' 3G
D4 G1& !2 ' z9
14.24 Networking 2 (
Special Topics
Use
The network devices available in your system
to see:
7 j V t Fy W h u p j Wd 7d I n 'p d k Fd F j Fd fp WWf y iw f j fe f ` F tt d d 7e W0 IIt ff X

One le for each adapter found in the system Info on controller, IRQ used, IO address range:
pf pw Wd ` f 0y20WY h d ' if ` f Wd ` f 0y2` 0WY pf pw fd DWd f pf pw Wd ` f 0y2` 0WY ed DWd f Wd ` f p0y20WY f pw iW r ` f
H 2 H A #BQ2 ' zG
14.25 SCSI info (
Special Topics
To see a list of all recognized SCSI devices in :
Y it f ` ix WW d g n7 V t n s p b 0yY tf ps d ` f ` d Wd ` r d ` qid h ge cI b p d ` f d ` Y D ` ix x ` xYdY ` d 0y ' t n WWyii' tf ps d Wd ` r2Wd ` qid h ge cI b p d ` f d ` Y D ` ix x ` xYdY ` d 0y ' t n WWyii' tf ps d Wd ` d ` pqid h ge cI b r d ` f d ` Y D ` ix ` xw vu ` ed i0y0y t n iv yWY tf ps dWd ` 2Wd ` qid `h ge cI b r d p d f d ` ` a fpF p Y I IIt ff X H 2 H A Qz!2 ' 3G
)
Special Topics
370
14.26 Parallel Port (
Info on parallel ports One subdirectory for each port named after the port number (0,1,2, . . . ) Contains four les:
Autoprobe results of this port Connected device modules Port type, io-port, DMA, IRQ, etc Used interrupt, if any
0 D ' !$1GQ2 ' zG
h C
C xV
Special Topics
371
14.27 Kernel Parameters (
Displays parameters within the kernel Allows you to change them Can tune and monitor kernel operation Be very careful, a reboot may be the only option after a mistake To change a value the new value into the le (see le handles example below) Superuser permission is required Can be automated via the init scripts Should check kernel documentation when upgrading kernel to check the information you use has not changed
2 ' 3G
H H ho!2 ' z9
' c2 4
Special Topics
372
14.28 File system data (
Info on le handles, inodes, dentry and quotas
currently contains these les:

Status of the directory cache Number of allocated and free disk quota entries Maximum number of cached disk quota entries Number of allocated, used and maximum number of le handles Maximum number of le handles that the Linux kernel will allocate Contains three actual numbers and four dummy values. Actual numbers are (inodes allocated), (free inodes), and (nonzero when the > and system needs to reduce inode list instead of allocating more) Contains the rst two items from Maximum number of inode handlers. Should be 3-4x > , since stdin, stdout, and network sockets also need an to handle them Number of currently allocated super block handlers Maximum number of super block handlers. Every mounted le system needs one, so more mounts need more of them
y V CC
C
C c
c c
C c
H Q2 ' 3G
y 9IC
V9tCC y
y CxT y 9I9 Tx y 9 Tx V y T VC H E(G!2 ' 3G H H y Vh CC 9ICC y y CC 9Iy hx y hx y V9ICxT
Special Topics
373
14.29 Example: Increase Maximum Filehandles Kernel allocates le handles dynamically, but doesnt free them while processes still run The default value maximum (
To change it, just write a new number into the le:
Useful for all customizable kernel parameters N.B. There is still a per process limit of open les (1024 by default) cant be easily changed 2
and in the directory To change it, edit the les . Change the denition of NR_OPEN and recompile the kernel.
u vp t " 4 @ A H 0 0q ## $H $HhQ2 ' zG D !2 l H 0"xq #@# EH $(GHQ2 ' 3G w vp t ' c2 4 l 4 A u r p n sqom
0 " 4 @ A xq #Q a x
) is 4096
0 " 4 @ A H H 0 q ## $H $hQ2 ' zG D !2 l an x
t 7 7tV
Special Topics
374
14.30 General Kernel Parameters ) ( There are many general prarameters here and they vary from system to system The most commonly utilised covers the behaviour of When = 0, is trapped and sent to handle a graceful restart to When > 0, Linux produces an immediate reboot, without syncing dirty buffers Occasionally wont reach the kernel (e.g. intercepted by ) Other les you might see, include:
"4 H ' 6
&G!A z 4( 6 & 0 4 D H ' ' H " & 4 0 ED H ' 6 & 0
@ 6 D 0 B4 Gq @ 9q @ D 2
6 D 0 @B4 Gq @ 9q @ @ 6 D 0 B4 hq @ 9q
H H @ 4 B1& 4 ) $hQ2 ' zG D2 @ D2
4 8 1h' zQ6 ' " o8 q cu8 q % H %A 2 q& 1 A 0 }~4 H0 $@o4 QH ' 4 " 4 h0 &E&CA 0" ' 6 2 2 D Ez0
{y DA & |CzCuA
Special Topics
375
14.31 Virtual Memory Subsystem ) ( Typically used to set rather than read parameters Used for low-level tuning of the kernels virtual memory (VM) subsystem Generally for wizards, i.e. supra-guru
" $hQ2 ' zG H H

!V9 y c C h C GnTc V

Only one read-only le on CD-ROM drives attached to the system, e.g.
14.32 Device Specic Parameters ) (
Special Topics
Example shows two drives, their features
Currently only support for CDROM drives
May not even exist on some systems
6 H H G4 $$hQ2 ' zG
A newish feature
and
2 6 1z
QH
q
h h hT9 x x 9nhcx n h ux V V (!
with
V V V V V V V V V
Special Topics
377
14.33 Remote Procedure Calls ) ( Contains four les, enabling or disabling debugging for the RPC functions: NFS NFS-daemon RPC NLM Default values are 0 Can be set to 1 to turn debugging on
2 & H H H u! E o$hQ2 ' zG
WiiWWiiWWiiWWiiWWiiWWiiWWiiWWiiWWiiWWiiWWWWiWWWWiWWWWiWWWWiW p p i p f tn th p i t t n Ip x i p pp t 7 r t x I7It 7 7 I Y 0 de I7It Wi0 d Wie I n I7 v k x i iyw I d 7 7tWtWWippWinWWYiiWWtWWnifWi iWWiiWWitFWittWWiWWWWiWWWWiW WiiW ii iW i ii i W i WWW WW
This table shows all possible subdirectories, some will not appear on every system:
D4 H H G(& E(ho!2 ' z9
14.34 Networking (
Special Topics
The interface to the networking parts of the kernel is located in
D 4 H H 91& $(GQ2 ' 3G
No time to discuss them all here
Contains literally hundreds of parameters which can be read or set
Special Topics
379
14.35 IPV4 settings ( ICMP settings:
Turn on (1) or off (0). First ignores of your host. Second ignores of your network. Can help tackle denial of service packet ooding attacks
Set limits for sending ICMP packets to specic targets, depending on icmp type, i.e. can stop packet ooding from your host There are dozens of other IP and TCP settings . . . too many to discuss here See for details
4 0 1D B 6 4 4 4 E(G4 4 0 1D o @ 4 ' c2
&' A D & D ED 5 2 ' z9 hQuD 0 E94 " 2 ' EECB@ !1#BQH &A 2 H
% & CA
D 4 $(GQ2 ' 3G H H m A 91& H A % & H D H0Q21#0 ' 6 @ E@

and
" qD o2 A (D o G' zBB#1 " 4 0 8 "0 0 A " 4 o2 A (D B cz0 4 ED H 4 6 4 0 2 &
8 4 $CA ' & % 0 4 $CA ' & %
C2 ' C2 '
" 4 B2 A " 4 B2 A B2 " " A B2 A
Special Topics
380
14.36 Special Topics Exercises

1. Conguring LILO (a) Put a copy of your existing Linux kernel on a oppy, then congure to boot your machine from it. N.B. Do NOT do the next question until you are sure your boot disk works! to boot your machine from a new Linux kernel on your hard (b) Congure drive. Ideally you should do this with a distinctively new kernel, such as the one made for the Kernel Internals module, but you could simply copy your current kernel with a new name. 2. Using RPMs (a) Use
from the command line to:
i. Install a package ii. Update a package iii. Uninstall a package (b) If you have a distribution CD available: i. Find the main directory containing RPMs. ii. Work out and use the command string to put a complete list of all the packages summary information and lenames into a le called (c) Verify your
RPM.
(d) With a colleague, draw up a list of other RPM packages containing les which have probably changed since installation. Verify them. (e) Imagine you suspect a system break-in has occurred. Use i. Whether such a break-in has occurred ii. How your les have been affected
to check:
(f) Depending on what you have on your system, nd out which packages are required to run or another window manager 3. Building And Installing Applications From Sources (a) Install an application from sources provided, or indicated, by your tutor 4. Using the
lesystem
(a) Print (to screen) simple info from i. memory usage ii. cpu usage (b) Use
on:
to get status info on the following processes:
i. The shell you are currently working in ii. iii. (c) Use i. IP forwarding
to enable/disable:
B! 7B
( 7
( 7 1
77 & &!B % 7y(
! 7B B
% " B& %7'"&
( 7
Special Topics
381
ii. ICMP packet ooding from your host iii. ICMP packet ooding of your network (d) Pass parameters to the running kernel to: i. Increase the maximum number of le handles available ii. Change your hostname N.B. Change back to your original hostname as soon as you have succeeded. Many other exercises on your course may depend on it.
Special Topics
382
14.37 Special Topics Solutions

1. Conguring LILO (a) Put a boot image on the oppy, then add something like the following to , before running and rebooting:
2. Using RPMs
(a) Use something like the following commands: i. ii. iii. (b) If you have a distribution CD available: i. On Red Hat distributions it will usually be ii. (c) (d) Potentially hundreds of correct answers to this one. Dependent on host setup. On any system, the following les should really have changed:
Find out which package these belong to using:
(e) (f)
3. Building And Installing Applications From Sources There are several possible methods, but the most popular procedure does the following in the source directory:
(( %%7 7 y"7U
! 7B B
(b) Put a boot image in the like the following to
& % "( 7 &!B ( B! % 7( 77'5( 7T
e 5'7 B H 5% P !B B %Ue B !B 7Ue %7F(! 1 D7B B ! % e 5'7 B E 1 % !B B U7 7B 1 B !B %)%7F(! 1 D7B B B! 7B ! W"5i"( 7 "( 7 iIe" '01 5( 7T W"i( 7T W"iVI( 7T ! W"iA%( 7T && 'P 7%B 'P B && % 7 && "%
directory of your hard disk, then add something , before running and rebooting:
B7IF B& ! 4 ( C && "% & "~ %7 4( F %7 "! 1

& P % 7 1 U! G I! &'5 E " ! ! & & P 7 1 U G %U '5V H UV & & '7"e%~ & 1 U!y7"~ 1 U0UU~ ! ( ( %
or lesystem to get the appropriate process IDs, then:
383
Special Topics
4. Using the
(d) E.g.
&PB && P e("7 "%%4 e5V0I e z" ( &PB & & P "7 5%774 '550)e75~UV ( & & acH P B ! 1 & 1 '55 1'S "V
Change: Undo:
(b) Use
(a)
(c)
On: Off ii. See tutor iii. See tutor
i. ii.
i. ii.
i.
Module 15
Fundamentals of TCP/IP
Objectives This module is intended as an introduction to the the basic concepts of IP networking. By the end of it you should understand: The history and uses of various protocols How subnetting and netmasks work About interfaces The use of ports
384
385
15.1
Fundamentals of TCP/IP Networking
Key concepts: Packets TCP vs UDP Services Subnetting inc /xx form Routing
386
15.2
History
Developed by ARPA for university & military research Robust, reliable, wide area network protocol, system-independent Will route trafc around network outages (if routing protocols used) Came into widespread use in mid-late 1970s Popularity hugely helped by free availability of the BSD Unix implementation i.e. the pre-Linux reference platform Now the standard protocol - the Internet based totally upon it
387
15.3
Recap of basic IP Concepts - Components
Properly, The Internet Protocol Suite (IP Suite) Usually erroneously referred to as TCP/IP Consists of numerous protocols IP is used to encapsulate: TCP (Transmission Control Protocol) UDP (User Datagram Protocol) ICMP (Internet Control Message Protocol) other routing & management protocols
388
15.4
IP versions
Currently at Version 4 (IPV4) Entire Internet based on IPV4 Quickly running out of spare numbers IPV6 well standardised Important improvements Currently in miniscule use Migration will occur eventually Support already in Linux
389
15.5
Packets
All data transferred in packets (datagrams) Each packet contains various ags & admin information Source address (32 bits) Destination address (32 bits) Addresses identify hosts Usually an interface on a host Addresses are the basis of packet routing Packets can be split reassembled, differentially routed, arrive out-of-order or just get lost Higher-level protocols (e.g. TCP) add sequencing reliability, ow control etc.
IP
TCP HTTP
390
15.6
Addresses
Addresses shown in dotted decimal - break into 4 bytes 192.168.0.129 Four address families Class A 0.x.x.x-127.x.x.x Class B 128.x.x.x-191.x.x.x Class C 192.x.x.x-223.x.x.x reserved 224.x.x.x Class A network 127 is special Refers to the current network (any network) Current host is always 127.0.0.1 loopback address
391
15.7
Addresses (continued)
Addresses identify: Network (used for routing between networks) Hosts on a particular network Class A 8 network bits, 24 host bits Class B 16 network bits, 16 host bits Class C 24 network bits, 8 host bits In all networks, host-parts of all zeros (0) and all ones (255) are reserved Host-part zero refers to the network itself Host-part all ones is broadcast address (all hosts)
Network Host
xxxxxxxxxxxxxxxxxxxxxxxx
Class A
xxxxxxxx
Network
Host
xxxxxxxxxxxxxxxx
Class B
xxxxxxxxxxxxxxxx
Network
Host
xxxxxxxx
Class C
xxxxxxxxxxxxxxxxxxxxxxxx
x yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy xxxxxxxxxxxxxxxxxxxxxxxxxxxxxy xxx F xxx xxxxx xxxxx nh yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy xxxxxxxxxxxxxxxxxxxxxxxxxxxxxy xxx F xxx x F xxxx xxxx xxxFxxxxxFxxxxx n 9TV x yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy xxxxxxxxxxxxxxxxxxxxxxxxxxxxxy xxxx xxx x F xxxx nh yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy xxxxxxxxxxxxxxxxxxxxxxxxxxxxxy xxx F xxx x F xxxx xxxx xxxFxxxxxFxxxxx n 9TV xx F xxxx xx x F
To work out the network part To work out the host part
F xxxx x nF
xxxx ExxxxFoxxxxxxFxxxxx T h xx x x n 9TV

Example: Says which machines can be reached directly
15.8
Netmasks split host and network part of address
Netmasks and subnetting
T h
393
15.9
Netmasks with
Sometimes see IP addresses given as :
is another form of netmask. Says that the left-most bits specify the network i.e. /24 means 24 1s, a netmask of: or
Was rare, but becoming more common Examples: 10.0.0.0 is network 10 192.168.5.0 is network 192.168.5 10.255.255.255 is broadcast on network 10 192.168.5.255 is broadcast on network 192.168.5
5 5 5 n n n n n n n sqssqsqn EEEE EEEE EEEEE

5 5 5 m p cu u n t r sp u
n qsu squ ssu
394
15.10 Transferring Data IP allows datagrams to be sent and routed between hosts Contains no application-level data Data part will be one of UDP, TCP, ICMP etc. TCP is session oriented data, used for long-lived connections UDP used for re-and-forget messages ICMP used for control & testing, not seen by most applications or users Examples: Email transferred using SMTP over TCP, (maybe many bytes, order important) Web pages use HTTP over TCP UDP more obscure, used for ICMP: utility, used to test visibility
% & CA
395
15.11 Hosts & Interfaces Hosts are individual computers/systems Each host has one or more interfaces Each interface is a point of connection to a network (often a NIC or modem) Many hosts have a single interface, so the address is the host May have more than one interface Interfaces could be on different networks Can act as routers, forwarding packets Each interface will have a single address
396
15.12 Routing Hosts receive packets on one or more interfaces Check to see if packet is for current host If so, deliver to the UDP/TCP etc mechanisms Otherwise If routing enabled 1 Forward packet to appropriate host Routing based on internal routing table Manipulated by Superuser only
Non-Routing Host OS NIC 10.0.0.1 192.168.0.10
Routing Host
10.0.0.1 NIC 192.168.0.1
Often referred to as IP forwarding

4 D 1h'
NIC
command
192.168.0.10
397
15.13 Ports Not enough just to deliver packets to hosts Deliver to correct applications on the host Hosts presumed to be multitasking UDP & TCP both include port numbers 16 bit numbers (0-65535) Each UDP/TCP packet contains source & destination port sourceport/sourceaddress & destinationport/destinationaddress uniquely identify a conversation
telnetd
23
sendmail/ exim
25
httpd
80
398
15.14 Ports cont.. Many well known ports published for client-server applications See
TCP/25 - SMTP mail TCP/23 - telnet (remote terminal access) TCP/80 - HTTP (web protocol) Unix-like systems reserve ports below 1024 for super-user Ordinary users cannot run special services without authorisation This cannot be trusted in other environments, such as Windows
H H 6c|s AD q
under Linux
399
15.15 Exercises
1. Using
2. Discover the IP addresses of some other machines on your network and check that you can ping them all. What (A, B or C) of network are they on? 3. From the man page for , discover how to set a regular ping running every ve seconds. Then investigate how you can send extra-long ping packets (try sending a ping longer than 2K bytes). 4. What ports and protocols are used to run the following services?
Telnet
SMTP
Printer
Talk
5. What happens if you
6. Use this fact to discover what mail system your machine runs, and see if it runs a webserver (Port 80)
%7
%
Uy
"' e5
, explore the interfaces available on your current system
to various ports? (Try 25 or 110)
57"7 7 557 $ ( 5TTy 7 ' 5 5%#% 5U'7"%7 D cc $ # D5 "" 77a 7 & c U%WI a %%% a %5"e 7 # 5U'7"%7%%! U% i7z7% IA D c c a c c i7z7% a IA 5 7% 7 c 7ca 7 5 5 D75"e7VD7"e %U %7%9 7 y7 '" a % 7 % % a e V% %78U%7 %%7"%%%%77 % % 7%T7 75 V 7 e 75"~ % 55 757 %%W)DD U'% %a "75
5. You should be able to talk directly to the daemon at the other end, e.g. Port 23 25 515 517 Service Telnet SMTP Printer Talk
7'% '7
to give a size in bytes
%%%7U
b
% T
DD"
a DDU%Uy "' e5
15.16 Solutions
3. To send a regular ping every 5 seconds use
2.
4. The following values are taken from
1.
will send pings to the interface provided routing is set up correctly. You should be able to nd out what class of network you are on from the IP address. See section 15.6 for details.
To alter the packet size you use the
by default shows a list of the currently congured interfaces including the IP addresses and netmasks.
%U
57"7 7 557 y%cD7 % 7 9 557 %U" D i% 97%%7% Uy )Die" 7 0Di7z7% a 7IA7 ) i 'D " a A %%) i' %") 75%~ %%) 7 9%%57 a 77i a U'% D 'a% 9b%7a
6. You can sometimes nd out what webserver a site is using by telnetting to port 80 and requesting the headers of the main page, e.g.
Module 16
Practical TCP/IP
Objectives After completing this module you should be able to understand and utilise: Firewalling principles Basic rewalling with
Network/routing debugging procedures Interface conguration under Linux The secure shell ( , , and
1 H
H 7 5 3 1 2 64 2
402
H 3 EH
8 H 93 H
Practical TCP/IP
403
16.1
Ping Protocols used to test network/host availability
A little about its implementation Uses ICMP protocol Send requests of type echo-request Receives answer echo-reply
@ 7 !41
7 7V % b 7V % b 7V % b 7V % b 7V % b 7V % b $ E 5G%7" I F7 b
bb DD a DDD DD %a 0 0 b b b b b b ) H a D H) a bbHa bba bba 0 ac 0 ac Ha a a ) 0H c i H) c Ha a a I) 0H c D%" a c b b b b b b a Ha a a ) 0H c D% "D %") c b b b b b b a a b b b b b b ) H D D Ha ba a DDD D H) c a a c 0 aa ' Ha ' a b b bDa b b 'U" 7 TU' C $ 7" 5'
7 4B
D5 GAD H D 7
16.2
Practical TCP/IP
Show network status; many options Most useful: and ags (show routes, numeric addresses only)
Note interface for 127.0.0.0 - loopback interface; the host itself Iface column shows which interface will be used Often see destination of 0.0.0.0 Note gateway above default route send all otherwise unrouteable packets to designated gateway route to networks 202.80.80.0, 192.100.100.0, 192.168.1.0 and 192.168.3.0 use gateway 192.168.0.1 192.168.0.1 is a gateway (router) which knows how to access those networks route to network 194.217.100.0 is via gateway at 192.168.0.143 Network Statistics ( ) in Practice
404
c %%%%7% b %%%%7% 0 %%%%7% 7%% %%%%7% %%%%7% %%%%7% 7

a
R $ % P R $ % P R $ % P R $ % P R $ % P R % $ P
U'" e"%U S "' 7%%Q0 "' %7% 7Ue 77% ' 5 $ P"7 5V6'7 "%( ~7( UI"'5
5 B
% 0 U Uy% % 7% 7 %R R 0 Hc U Uy% % 7% 7 %R R a U Uy% % 7% % R c c R7$ %R P % 7% 7 U Uy% R $ %7a U Uy% % 7% 7 %R R 0 c U Uy% 7 % R c 7 %RR % 7% U Uy% 7 R %$ 7 % % c R 7 '7F% 7 P7"e "~ 6'% eDUe"%H$ R "'5 T "' # )7 %U' "' "' 7U "' Ie"5'5 7 "'
D 5 96D H D 7
16.3
Practical TCP/IP
Also show information about connected sockets
shows no. of active connections (useful for seeing system load)
(continued)
D5 G6D H D 7
%7%%%% a %%7%%%% 7 "7 a % a % " $
77T7U% c "y7 % U "7 0b % %RRR % %7 U 0 %R "y7 '"U% a $ %7 aR %$ % % 7 'F T ' % ~7 'D U"VH$ R "5 U% DDU ")iDD" "e %a P#X ) $ a "e %a P#X %DDDU a ")iDD" ) $ "e %)a P# % a DDU $ X ")iDD" %7%
b "e`%7% ' 5 Ha '% ~7e 557( ~7(IC"5 $ 7U5e
1 4B
%" 7" a 7 Y b X b %bc z7 " V W 'T % 'T T%% 'T T T W T % T T7% e T UC5$ V T $ D5 qB G6D H D 7
D 5 96D H D 7
16.4
Practical TCP/IP
D5 G6D H D 7
Only supported in more recent versions
Congured interfaces
socket 1
Useful to kill processes hogging key ports
Includes PID
- Further Examples
shows processes listening on each
Practical TCP/IP
407
Used to monitor network trafc Need sufcient privilege to monitor devices Can show only particular information Trafc to/from a particular host Trafc on a certain port Certain types of trafc, e.g. TCP, ARP, UDP Very congurable Decide what you want to do Then look at manual page
16.5
Network Trafc (
1 d8 1 e c
) in Practice
Practical TCP/IP
408
Some options Says which network interface to show Print IP addresses not names Dont print domain name of address Dont print timestamp Show only minimal output (quiet) Verbose info (time-to-live etc.)
16.6
1 gf8 1 e c
Options
sB
pqB b 2B hiB 7 2B

b b 0 s 0 b "'tD%0"0 D " ~s'e3D7 7 c b c D0 0H"'tD%"0 b D " ~'e3D7 7 a Hc a D0 b c 0H"'tD%"0 b D " ~'e3D7 7Wc %c a D0 b c 0 0 s a 0H"'tD%"0 bb D " ~'e3D7 7 c H%cc aa D0 bb cc 0 0 s 0 s a 0 "'tD%0"0 D " ~s'e3D7 7 c 70 D0 0H"'tD%"0 b D " ~'e3D7 7 a%b c a D0 b c 0 0 0 s ca c b b H"'tD%"0 bb D " ~'e3D7 7 %Hcc aa D0 bb cc 7 %Uy "7q9 "e s 0 a D R 7%TI) H c 5"eV "'
P a a ~Uy "DW WW 7D))D H) zt0 ")iU)D H) 0 0 a Uy UH 7D))D H) ac zt0 a ")iU)D H) ac a 0 a 0 a P ~U y a Dya W 7D))D H) ac zt0 a ")iU)D H) ac a 0 0 a a a ~Uy ba Dy 7D))D H) ac zt0 a ")iU)D H) ac b 0 0 P a a a ~Uy bDA U x b 7D))D H) c zt0 a ")iU)D H) c 0 0 P b IyT UHa 7D))D H) ac zt0 a ")iU)D H) ac b % 0 a 0 a Uy a D a 0 0 D 7D))D H) ac zt0 a ")iU)D H) c aa aa UyA" "W%' ~aH 7D))D H) cc zt0 a ")iU)D H) ac "a % 0 a 0 a #"' #0 UU a D %I%ic wU 0 U a a Iy v 0u b c D0u cb 7D))b D a H) zt0 ")iU)D H) c 0 0 ""T"q97I)D c H) arU)D H) c c s a 0 0 a 0 a 0c a 7 '")D H) %AI) H a Ue%c ""T"q9H7I)D H) a rc U)D H) a s ac 0 0 ""T"q97I)D H) cc rU)D H) cc s 0 a 0 a 7 %Uy "7q9 "e 0 a "zU7%TI) H c 5"eV "' 1 gf8 1 e c
16.7
Practical TCP/IP
Examples
Practical TCP/IP
410
16.8
Firewalling
Allows you to protect your machine As well as machines behind them Checks packet headers before acting on them Can ignore, reject or accept packets Makes decision based on source, destination, or packet type Or a combination Set up using
e 8 1 5 g2
Older kernels used
H 7 5 3 1 (2 6i 2
under kernel 2.2
Practical TCP/IP
411
16.9
Basic Theory
Two main considerations Port Filtering Host Filtering Block services you dont need Limit services you do need to specic machines/networks
Practical TCP/IP
412
16.10 Basic Theory (continued) Firewalling can be done with

7 H b % 8 (H A3 !5 (H A3 H b 7 f 8 b72 s b s b s b b 7 8 2
Flaw in
Best to drop the packets as soon as possible Kernel-level ltering
b 7 8 4
would still let things through
Practical TCP/IP
413
16.11
Packet ltering set up using
All the ltering is done in the kernel Not by
just sets up/modies the rules
All packets entering and leaving are examined 2
Including loopback trafc which conceptually leaves the machine

H 7 5 3 1 2 A4 2
H 7 5 3 1 (2 6i 2 H 7 5 3 1 2 A4 2
H 7 5 3 1 2 A4 2
Practical TCP/IP
414
16.12
Every packet goes through one or more chains A chain is a set of rules Rules can accept, reject, or deny a packet Can also send it to another chain Three default chains, input, output, forward If a packet passes through a default chain without matching: Fate is determined by the chains policy Can be Accept, deny, or reject If it reaches the end of a user dened chain Carries on where it left off forward is for IP masquerading systems Not covered here
H 7 5 3 1 2 A4 2
Details
Practical TCP/IP
415
16.13
Dealing with chains : Create a new chain Delete an empty chain Change the policy for a chain List the rules in a chain Flush (delete) all rules from a chain
qB iB iB 2B h iB
Dealing with rules : Append a rule to a chain Delete a single rule from a chain Insert a rule at some point in a chain
!B 4B 4B
H 7 5 3 1 2 A4 2
Options
Practical TCP/IP
416
16.14 Options For Rules Use the following to specify packets to match Source address Destination address Protocol ( , , Jump to chain/action Source Port Destination Port
!fe d % b d 1 8 %B B bd 1qHQB%B n4lAjki hB m 1 2B 8 B
g d fg4
H !B
s 5""" e%
s %7 D"7"7"e A'Hq7%"0)' %AeD %7T%7"7"Uy 5U'7D7 7%% r 0 'q0' " D5 ""'7 7 v%Uy 7%"i8 D7 o%Uy 70 i )D H) c D5 ""'7 7 R $ 0 a 7 767U
b c a
%7 77 7%%%%z7 "% qR I5 e 7 i % 5 %%7 ~U 77 DTIe"I ' s q R V5"""87%" )7%7 o 7 FDD5z)7zU77 TIe"I %7 77 7%%%%z7 "% qR I5 e 7 i % "7 %%UzU %%%UDTIe"I ' s q R V5"""87%")7%7 o 7 p7DDD7z)U%%%U TIe"I
@ 7 21 @ 7 !41
s 5""" e%
H 7 5 3 1 2 A4 2
16.15
Practical TCP/IP
Very simple examples but they show the theory
To block outgoing
In most cases default chains will be sufcient To block all requests to our machine:
- Examples
packets:
Practical TCP/IP
418
16.16 Removing Rules Rules can be removed by number, e.g. to delete the rst rule in the input chain: or denition, e.g. delete the rst matching rule:
v#xxPy wqqqy#wx xu x~qw4kww`t v { } | {u z yx vu
To clear an entire chain use:

z { {u z y } | {u z yx vu dxkxikwx w~qw4kww`t
If no
e 7 7 5 3 q5 %4 A4
is given, it clears all chains
Practical TCP/IP
419
16.17 Implementing ipchains The rules are normally set up in the machines init scripts Typically by creating a script in just before networking starts Example in section 16.19 Ensure you ush existing rules rst (just in case):
qB b 7 8 24
that is run
Generally start with the DENY rules then add what you want Maximum security
H 7 5 3 1 (4 6i 4
H 1 b rc y4o q 92 64 2 b H B H 7 5 3 1
Can reinitialise your rewalling with and your cong le, e.g.
b H B H 7 5 3 1 92 A4 2
b c %b 1 c 8 5 6b c %49 1 7
b !7 5
H rc 4o 1 c H 5
b H B H 7 q 5 !92 H rc !5 q
5 Q92 H B H 7
16.18 Save and restore
Practical TCP/IP
Usually done in a startup script
Often useful to create a rewalling cong le
outputs a text le you can store
@ 7 !4 5 @ 7 !4 5 @!4 5 7 1 5634 2 1 c b 5 3 1 A4 2
P yQ%yw##qPD y #wy y a Px#xw ##xw #xw yxw yxw "yPx#xvW #w# a 4xwPPw#yxw ay#x#W # x#PP F4xwP#G vxxx#xxy ywC2 y#xw#wy #y
H 7 5 3 1 2 A4 2
16.19
Practical TCP/IP
A sample script may look like:
setup script
Practical TCP/IP
422
16.20 Real World
Connect out to a host but not in

v# v#Wq## wx
limits matching to packets with the SYN bit set Used when establishing connections
No-one can open a connection from Can still connect to it from here . . .
i gq %q
H 7 5 3 1 (4 A4 4
2B
Practical TCP/IP
423
16.21 Interface Conguration and Management An interface is a point of connection to a network Usually a single device Network card PPP link A device can have more than one interface Referred to as aliases Commonly used for virtual web sites
Practical TCP/IP
424
16.22 Point-and-Click Interface Administration Number of ways to add/edit interface details Linuxconf Redhat By hand!
7 5 2B 1
For most cases you can probably use one of the two graphical methods Useful to understand the conguration les behind it all
b o%7 g
Practical TCP/IP
425
16.23
Directory containing scripts and cong les 3 &

7 f8 i 1 c i
Argument species interface to act on, e.g.

3 b 7 f8 i
Should be numbered sequentially from 0

7 7 #
Files ending in aliases interface

3 t b B @ i
This applies to RedHat only, you should see section 16.27 for information on other distributions
H b 1 %4 !f 4A7 g q s H B b 7 @ H H b
activate/deactivate an interface
3 t b B @ b B @ r3 t% i
are cong les for each interface is the rst interface (where is a number) are
is the rst alias for the rst
d 7 ! e 7 7 "d"" H o h "d d gq %q !! ! h q g %%4 h ! k g %q 3 b d i
bB @ 3 t% i
426
16.24
Practical TCP/IP
Describes characteristics of a given interface
Whether it can be controlled by normal users ) (
What device it should be known as (
d 4
IP address, network, and netmask ( , )
%!4
Whether it is activated at boot time (
h dd
g !%

Example:
Practical TCP/IP
427
16.25 Altering An Interface It is perfectly allowable to alter interfaces while the system is running Requires only minimal disruption to network connectivity Not a reboot Two simple steps 1. Make alterations (by hand or through GUI) 2. Restart networking Networking is just another service
b d 5 b H
b d 5 g % 8 42 b H b 7 b 7 g % 8 42 8 v b 7 b 7
b s b s
# 3 b
# 3 c b B @
H b 1 H B kov%4 !f
% $ g %q !%%4 g h ! h q d gq %q !! 7 7 "d"" H o h "d d 7 ! e # 3 b d i b 7 @ H H 4A7 g q b s
16.26 Adding an Interface
Practical TCP/IP
Then execute
Example: Add the following to
Adding an alias is even easier!
2. Activate it
1. Add the alias
1 c i
`| z 5B 5B D C @ 9 (2k{ 8FE31B A1
gy T4b8AAFAA8B AA@ S P 5B a a @B a a @ a a { P P 2 G & {u '| qx} AHz kIH)xd(&
D @ 5B D CB @ 9 X P 2 G & {u '| 31B 8E31A1 Y4WqIHQx(&

{ V2 P 57 5 y 4u 0 { 2 x 0u & {u '| (IRF6U%3q14Qx(&
57 5 y S P D @B 5B D C @ 9 F6 T4R31FE31B A1
that it succeeded
| 2 y Qx}
PP AHz
2 G & {u '| kIH)xd(&
@ i f7 f i
D @B 5B D C @ 9 57 5 y 4u 0 { 2 x 0u & {u '| 31FE31B A1 861%314)xd(&

Add an alias : You can do everything manually
16.27 The Proper Way
Practical TCP/IP
Probably want to add a route to the entire network not just the host
Adding an interface is similar . . .
Removing an alias:
Setup routing to that interface:
Check with
Previous examples use scripts (not always provided)
Practical TCP/IP
430
16.28 Drivers Network drivers invariably handled by kernel modules

1 B 4
Kernel cannot tell which module should be used by which interface
Above says that interfaces and handled by module (NE2000 ISA)
Options line is module-specic; permits port/IRQ specication if not autodetected
b 3
c ! p c H q $ wd ! 7 7 (7 H b 3 7 3 H b H c 8 rff e f7 f
module loader uses lines from , e.g
PCI NE2000 card handled by
3 b
6%1 b 5 5 5 5 b s
Practical TCP/IP
431
16.29 The Secure Shell in Practice ( How you use
varies across systems
Some require stricter authentication than others For example, within a secure environment it may not require a password Works on trusted host concept Better than due to server key authentication Can often be used as a drop-in replacement for or Has numerous advantages . . . Sets up forwarding of X connections Can compress the data sent
b 7
H 3 EH
H 3 B
H 3 EH
H 3 B
Practical TCP/IP
432
16.30 Secure Copying in Practice ( Replacement for More secure
Encrypts all trafc Uses same authentication as Can copy local to remote, remote to local or remote to remote Example:
e wvwvyy d#vyvf wywvPP
1 H
H 3 EH
1
Practical TCP/IP
433
16.31 Summary Wide range of network utilities available Both maintenance and user-orientated Very exible system Can be hard to setup/maintain Pros outweigh cons Common jobs become second nature
Practical TCP/IP
434
16.32 Exercises
1. Network tools (a) Use to investigate the routes on your network. Explain each line of entry to a colleague. (b) Read the man page for . Use it to monitor trafc on your hosts network interface whilst other hosts are pinging each other. 2.
(a) Use ipchains to set up the following congurations. In each case you should rst set up the system by hand, check it. Then set it up so that the rewall rules are in place when the machine reboots. i. ii. iii. iv. v. Block all incoming ICMP packets Block only incoming ICMP echo-request packets Block all incoming telnet connections Block all telnet connections Block all outgoing web requests (Port 80)
3. Network conguration or etc.) add an alias (a) Using one of the admin tools ( on your network interface so that your host can masquerade as some other host. DO NOT DO THIS IF YOU ARE NOT SURE YOU ARE USING A SPARE IP ADDRESS. Investigate what and now report. Check that you can ping the alias from another host on the network. (b) If possible, t an extra network card to one of the hosts (host b) and congure it to be on a different network. Check it can be pinged from its own host. Go to another host (host a) on the original network and add a route to host bs new interface, using as a gateway host bs original network interface. Check that you can ping it and then use to see the path taken by packets. Host b will have to have IPV4 forwarding enabled for this to work. Ask the tutor about which machine will be set up for this.
U%% '%%U
7" 5'
"' e5
7
"e
7" 5'
UeUU
q R ' '%5 %55 "'U 77" % 7U "% z%%%7%z%77'VUIe "I Ie"I % "T%5%75z"'U77 Ie"I q R ' q5% R ' 0 a q"I %"%'")D H) Hc ""eIz%%%U Ie7 R q R "% 'DT%"%6)D 7a ""e Iz%%%U Ie"I q R ' s z)Iz%%%U Ie"I % 5a"eU%"y7%%z)Iz%%%U Ie"I qR % ' uU"U DDD"5T5V U' 78% "e "'
i. ii. iii. iv. v. manpage
16.33 Solutions
Practical TCP/IP
3. (a) -
2. (a) The following are the list of rules needed to satisfy each situation. You should ush the chains before each one ( ).
1. (a) If you dont understand the output check section 16.2 or the
(b)
(b) Ask the tutor for details.
should monitor all network trafc. If you want to see the trafc to a particular host use
Module 17
Basic Tools
Objectives At the end of this section, you will be able to: Use the most frequently used Linux tools to: Find les Get information about commands View le contents Get information about les Operate on le contents Do simple text manipulation Schedule jobs Combine tools to solve problems Understand and use the Linux printing subsystem
436
Basic Tools
437
17.1
Introduction
The basic Linux command-line utilities dealt with here, are: Finding les Getting info about commands Viewing le contents
Getting information about a le
Operating on le contents
Scheduling jobs
Table 17.1: Basic Linux utilities
b 5 !7
1 ob
Simple text manipulation
1 g 1 g 2h 2A@
b 2 qH 1
A H 5 b g5 3 8 H H E b f 5 7 5 e b 5d % 7 8 2A 5 b b4 H 1 pq7 c b d H 1 @ 1 2 e %i 8
b 5
Basic Tools
438
17.2
Using Tools
Typical Linux systems contain over 400 command-line tools Tools are combined (via pipes and redirection) to solve specic problems Most tools have a standard syntax:
Some arguments must be quoted
Standard input often read if no lename given Most tools can take several lename arguments Desktop/windowing environments may provide graphical wrappers to some tools Serious Linux administrators and users know the key command-lines well The terms command and tool are used interchangeably here
syw Axm
u v
s ktn m
i r(3 q pi
8 7 r!ig 5 e e
Basic Tools
439
17.3
The On-Line Manual (
Most commands have an associated man page Accessed by typing: Brings up a page of information usually detailing: command name, section number, description syntax options version information location of conguration les other related commands examples of usage known bugs (if any . . . )
H
7 re 5
n Eil
3i
i
7 re 5
Basic Tools
440
17.4
Finding Files the Long Way (
searches the lesystem in real time;
Makes disks work hard
Can nd les by name, type, size, dates, e.g

@ 1 h
To nd all les ending with current directory:
Tests can be combined with , for example:
and negated with or

B
Can execute commands on the les it nds. The name of the le found is placed in {} 1
This is not a resource friendly way of doing things.
e b e B b s @ 1 h
To nd all lenames not ending in modied in the last 8 days under

B
b s
may be better
@ 1 h
To nd all lenames ending in modied in the last 8 days below

e B B
7 8 4 B
e b
H cB iy k5 2B 8 4 @ 7 e 7
@1h !
@1h !d
@1h !d
e 7 k5 2B
e 7 q5 2B
e 7 k5 2B
b s
7 8 2
7 8 2
7 8 2
7 8 4
under the
and
7 g b 5 b @ 5 h q5 e H 1 b 8 !gd 7 7 fAc 4 @ % q H H 7
b 5 b
b 5 @ b
8 b 8 b 8 b 8 b 8 b 8 b b @ 5 b
b b 5 b @ % q b 5 f8 7 q b 5 b @ % q b 5 b @ % q b 5 b @ % q b 5 b @ % q b 5 b @ % q b 5 b @ % q 7 h H % 2 H c 7 re 7 5 e H c 5 @ b d 5
5 b d
b f 5
17.5
Basic Tools
searches a periodically-updated database of the lesystem(s)
Given the command , show all les containing string in their full pathname, e.g.
n 4m
Iq
s b f 5
h8
b f8 1 c 5
Locate Files (
Wont show les created since last database update
Wont be there on a fresh install
Usually updated nightly automatically
Very fast, but DB needs regular updating, e.g.
Not available on all systems
will
5 b d
Basic Tools
442
17.6
View and Concatenate Files (
Displays and/or joins (con cat enates) les Sends the content of named le(s) to standard output If no lename is given, it reads from standard input and writes to standard output Given more than one lename, it displays each les contents sequentially, i.e, joins them Example:
H !5 Axm I%m Axm b f yw yw yw u u u 5
b f 5
Basic Tools
443
17.7
View Large Files & Output (
displays the contents of le(s) in a controlled way on stdout
You can search for patterns in the le It allows you to move quickly to any point (backwards or forwards)
Action Keystokes Top of page Bottom of page Forward one screen Backward one screen Up one line Down one line pattern Search forward pattern Search backward Repeat pattern Search forward Repeat pattern Search backward Move to nth line !command Execute the shell command with $SHELL |Xcommand Pipe le between current pos & mark X to shell command v Edit the current le with $VISUAL or $EDITOR
Table 17.2: Commands within
4 T { { 3THA) 3THA)1& {%}I3p%~|k zrk d} { y d n x ` u rk rk wvk t SUqpIsrk ' } f e d q d pfYopnHe f i l im3k Id k jh0 } f e }fed g3IR 4
%7
Similar usage to
, and
7 !
Usually, one page at a time Like UNIX/DOS command
H H
:
H H Eo
, on steroids
Basic Tools
444
displays the rst few lines of a le
displays the last few lines of a le
You can specify how many lines are displayed To display only the rst 4 lines: often used to monitor growing les
17.8
3
Viewing Parts of Files (

8 g5
and
5 b
8 5
l n y w 2%m
u $
8 5
iB
5 b 5 b
Basic Tools
445
17.9
Listing File Information (
Without any options, directory
lists les in the current (dot) arent
By default all les starting with shown The most common options to
Flag Option Long (detailed) listing of le info, including: size, ownership, permissions and type Show all les, including hidden ones Highlight directories and executables with and respectively Recursively list subdirectories Sort list by last modication time Sort list by last access time (with ) Sort list by le eXtension Reverse order of listing Show directory information not directory contents
Table 17.3: Common options to
For example:
b d B
show les in reverse order based on their modication time
&
x}
include:
X p}
} z }
PT} GT} 1}
} 1}
w} w}
Basic Tools
446
displays the type of data contained in named le(s) Results not always correct Uses list of magic numbers and keywords in to determine le type 2 Classications include: executable, archive, C program, ASCII text, JPEG image . . . Syntax:
The magic numbers le can be
BBB Xu 0 } 0} x 'S} AA3R1(ft31m# fUfw1# p%(AU#
wxy#
17.10 File Classication (
A@
5 re
s b
X u 30
on some systems
Basic Tools
447
displays the number of lines, words,3 and characters in a le Flag Option Only displays the number of lines Only displays the number of words Only displays the number of characters
Table 17.4: Options to the
command
A word, in this context, is a character string surrounded by SPACEs, TABs, NEWLINEs, or a combination of them.
17.11 Count Words, Lines, Characters (
2B B
Basic Tools
448
17.12 Differences Between Files (

%k 8
displays the difference between two text les, line-by-line Output from
!i 8
can be confusing
For example, given the les text1 and text2: text1: This is a temprary test to check the diff utility text2: This is a temporary test to check the diff utility. 1. A simple line-by-line comparison:
b
%k 8
b H b
b H qob
f 5
d 5
1 e
b
1 e
!2 b c b B B %%B !2 b c b b 5 Q Q 3 H H B B %%B b 5 Q Q 3 H H !i 8 b
%i 8 bqHob d 5 1 e b Hb f 5 o1 e %!q %!q $ Y $ $ $ Y
b b
3 b
1 1 b
7 g 7 g
b %2 6b c b %2 6b c B i b 3 H H 5 ! ! 3 H H 5 ! ! 3 4B c B b b b b %%B B B !i 8 c B
c B
b H b
f 5
!i 8 1
b H qob
!i 8 d 5 1 1 1
%!q %!q
$ Y $ $ $ Y
Basic Tools
2. Using the context output format (
7 g 7 g
b !2 b c 3 b 4 b 3 H H e b 5 Q Q 3 B B B %!%B c B B %%B b !2 b c 3 b 4 b 3 H H e b 5 Q Q 3 %!% c %% %!%%!%!%%!%!%% b b %%B B B b b %% !i 8 b b B
3. Using the unied output format ( common)
): (Most
):
Basic Tools
450
17.13 Compare Binary Files (
Displays differences between 2 binary les Locates the byte and line number of the rst difference Can show all differences if required, e.g. suppresses output and returns exit status
if the les are identical

if the les differ if an error has occurred
Often used in shell scripts
1 e
yw 6Am
yw Axm
H !B
1 e 1 e
Basic Tools
451
Search for regular expressions in le(s)

i.e g lobally nd r egular e xpressions and p rint
Usage: Reads standard input if no lenames are given Matching lines are printed to standard output Popular options:
Flag Option Ignore case List only lenames containing the expression Reverse sense of test, i.e. nd non-matching lines Word search, i.e. match whole word Extended regular expression search (more complex patterns), similar Fixed string pattern search, same as
Table 17.5: Popular options
v G 4 4Yp0
17.14 Regular Expression Searches (
H o dv%b 5 4B 4 5 vH 7 6%1 7 b 1 3 H b
v G 4 4IT
u }
S U} X 3}
d1} V |}
w}
Pvx v|wwHf#ufP|xw v#w!xwHf#uq# vPvx Pvx QxDfufxwvx vWwwHf#ud#xx WwwHf#ud#xx u ww vv
q# #Wq# Wqyq# #Wqyq#
xyx##Pw#gwq# x#xx#fPw#gwq# xyx#Pw#gwvq# xyx#vPw#gwqF Pxvw#w#v #x## qw## 4q yx#Pv
17.15
Basic Tools
Search for a function in source code
Search for events in a log
Search for a user in the password le
examples
Basic Tools
453
17.16 Sort and Merge Files (

b d H
and/or merge les
Acts as a lter without le arguments Sorts entire lines lexically, by default Alternative sort orders: Flag Option Numerical order Reverse order
Table 17.6: Alternative
Other popular options:

Flag Option Blanks (TAB, SPACE) ignored Fold lowercase to upper before sorting Ignore non-printable characters Merge les, without checking if sorted Set eld delimiter in le as x Unique, outputs repeat lines once only Specify a eld in each line as a sorting key, starting at POS1 and ending at POS2 (or NEWLINE). Fields and character positions are numbered starting at 0 Alternative syntax for specifying sorting keys. Positions are numbered starting at 1
Table 17.7: Popular
options
b d H
` HA(v(( U}
} A(! # (!6
x} x} } u }
7 2B B
orders
01} ' U}
b d H
b a b y z z z z y b b a
H 1 8 kH 5
X X y | G 2 x G u P 2 7 z { X z }7 7 7 P G 2 V | | z v7 z { G A%i7 t H6w42(qgx6xkw%k h EA3Q1qDxqH

H 1 8 kH 5 b q
b d H
17.17
Basic Tools
Consider which typically contains lines in the following format:
To sort by real name within group ID:
b q
$ $
B B
7 2B
b 2B b 2B b 2B
H 1 8 kH 5 H 1 8 kH 5
b q b q
iB
To sort numerically by user ID:
To sort by username:
Examples
b d H b d H b d H
| q
Basic Tools
455
17.18 Display Unique Lines (
Removes all but one of successively repeated lines Acts on standard input, often piped from Most popular options:
x } b d H
Flag Option Count duplications and prepend number to each output line Duplicated lines only are displayed Unique lines only are displayed Ignore the rst n elds Ignore the rst n characters Specify the number of chars to compare
Table 17.8: Popular
options
Example:
b a b y z z z z y b b a
sort
p q7 c
s Hy%
3}
V |}
P (}
x}
uniq
z y b a
Basic Tools
456
17.19 Split Files (
Split a le into pieces Outputs sections to new les or standard output
Main
options:
Flag Option Put n lines of the input le into each output le Put n bytes of the input le into each output le Put as many complete lines of the input le as is possible into the output le, up to n bytes
Table 17.9: Main
"e"
Ado1
Creates les named ...

b 4 H 1
options
h A fo1 5
5 5 %A
b 4 H 1
5 o6 Ad
6(} f QU} ' X A3}
Basic Tools
457
17.20
Splitting Files by Context (
Splits le into sections determined by context (patterns or regular extressions) Syntax: Main
b 2 qH 1 U U U 7%97% fr'U"'~U %"'%UU "'5 ""%
arguments:
Table 17.10: Main
I!A v !|UUQI
Argument
Instruction Split the le at occurrence of regexp. The line after the optional offset (+ or - followed by a number) begins next bit of input Repeat the previous pattern split n times. Substitute an asterisk for n to repeat until the input is exausted Use string as prex of output lename Use string as sufx of output lename Use output lenames n digits long
arguments
b 4 qH 1
vA(3H%)3tQ| U pr!| !U pr!| 1
Basic Tools
458
Takes les or standard input and compress them to le(s) or standard output Uses lossless compression, so safe on any le
Flag
Table 17.11: Key
has better compression ratios but is not yet battle-tested or fully portable to non-Linux environments
UY A
Y
Key
options:
Option Recursive compression of subdirectories Decompress (same as ) Fast or best compression, where 1 is fastest and 9 is most intense compression
options
IE
Linux has many compression utilities; dominates thanks to integration with
IE
17.21 Compression Utilities (
Y
|( f ( (
Basic Tools
459
Originally designed to make tape archives Takes a group of les and creates one big le containing their contents and details Widely used for: Maintaining Linux le details (permissions, dates, ownership etc) on inferior lesystems Bundling le trees for distribution Key tar options:
Flag Option Create a new archive Append les to an existing archive Extract the contents from an archive Create/Open gzip compressed le(s) Filename of the le or device to hold the archive Pathnames are absolute

Table 17.12: Key options
To extract the le in the current directory:
A 9 B@8
The
compression option is not available on all UNIX versions of

( )
#
& '
%

# $
( )
" !
#
Y
To create a

compressed archive of
IE
Compression with

17.22 Store and Retrieve Archives (
& '
1 0

6 4 2 753
1 1 1 U ( p

Basic Tools
460
Translate characters in standard input into different characters in output Syntax: Characters in string1 are replaced by the corresponding character in string2
X b ` cU aX D D V R P WU1I 1@C H G E S R P I H G E TQ%1%FC D " #
Character position in both strings matters Both strings should be the same length 5
If string1 is shorter than string2, the extra characters at the end of string2 are ignored. If string1 is longer, GNU follows BSD in padding string2 to the length of string1, by repeating the last character. With the option it follows AT&T by truncating string1 to the length of string2.
8 hg
"
17.23 Translating Characters (
A 38
X Y
d & d b 'f)` d d Ue 1X t
Basic Tools
461
To replace all vowels in the input with spaces

i i i ! p
Using character ranges to translate all lower case letters into their upper case equivalents
i D t s C ei i D
Use the option (complement) to replace all characters in string1 which dont belong in a range
i D u ewi # y C i D x v t s C $qp q qi
N.B. This puts every word on a line by itself, by converting all non-alphanumeric characters to newlines, then squeezing repeated newlines (with ) into a single newline.
"
v ` u # C hi
Using the asterisk the letter same n

i D x v C $qwqi
17.24 Examples of
Usage
C 6rvqi t
U
1i t
" U
to replace all 10 digits with
"
G P H P Q%1I
17.25 Execute programs at specied times (
Basic Tools
Commands are executed in the current environment at the given time
f h T f zT g~e g h Qw s T l o u ~ e f z{5t T o u ~eg t h {5t T o u r {5t T | u ~e Tt g }o{5t T u 5t T Fr Tf zx T y w v u 5t t A t h h %s T ( T T h r h r r
Some more a examples of how to specify time and date:
i T T
Syntax:
executes a shell script at a specied time
is scanned for commands to execute, e.g.
G UfC
I YG D
E P I G r1UUC
and
d f
pqd o n m l k Qaj d hgF e e f Q
are sent as mail
! e
d r "
#1r d "
)
462
Basic Tools
463
belongs to a family of utilities for managing time-specied commands
Command
Purpose Display list of queued commands Remove queued commands Schedule jobs at low CPU loading
Option
Purpose Display list of queued commands Remove queued commands Schedule jobs at low CPU loading Specify script le in command-line Send mail after running , whatever the or
A 5F3
A @
UNIX NOTE: On System V these live in
& & W
74
#
The use of
d (
is controlled by

f AHe ~
All of these can be run as
options:

and
17.26 Options and commands related to
%Tt ~
f' q1 U (
g5 T h T T
Q
h 3
t v i h t HpU!Tqi t aeg~ Tat s r }r }Fr s i t ~ %U%z t TQ gU!Taqi t a1g~ {}Fr i t q gU!Taqi t a1g~ Tt }{{ f i ~ i v ~ A A t g i Fr Fr n r t v r r r i qi t F TYqIU!T u gt s r }{3rFrF3r5r f i u u r f i i U TYwi t i t h ieg t T t TI ~ U! Tt {r e| t |n h f t | TI ~ U! Tt z} f t | TI ~ U! Tt {} f t r T TI ~ U! Tt {}}e f
pf u T t i f i T t e t T t i g
D $"
#
D '
# $
%
U! " #
@C ! &
# #

# !
17.27 Running commands regularly (
Basic Tools
lets you submit job lists at regular times daemon using the
d f#
#
Command
Options, etc:
2 syntax formats:
Purpose Install contents of myle ( if no le specied) in appropriate directory Remove the crontab for the current user List (on ) current users . (might be useful for editing a cron table) Run a text editor on your crontab le
Table 17.13:
vhh
Examples of Crontab Entries
usage
B3
cF cF cF F
)
464
Basic Tools
465
is used to evaluate expressions
Takes arguments and operators on the command line Prints the result Returns zero or non zero depending on the result; can be tested with shell Watch out for special meaning to shell of characters like * and < or >, e.g
o r
Has some string manipulation facilities too

g g1g f geT f
Sometimes used in shell scripts for looping

i i f p t Ur o YAgf t FYf t g g1H } YATz!g q1 f d f fi u
t0

17.28 Evaluate expressions (
f g
ii Tp1H { f d %af ~ h ~
f
e YAgf ~ ~ TeYUjYAgf f
o 1r
~af t FIf d g f Tg Rd f YAT(
f ~ i qQf
t F f g
YAgf
YAgf
t0 ! I
f 1
e|
d d d
Basic Tools
466
17.29 Linux Printing Completely network-oriented Any printer can be made available to any client (machine and application) All print jobs are sent to a queue Queues can be viewed, edited, maintained from anywhere Subject to permission Formatted les can be sent straight to queues i.e. no device drivers

# 1t
Printer conguration via text le see
# 1"
e
# e
Basic Tools
467
17.30 Printing documents Printing may be dumb Data dumped straight to printer You get BAD results if formatting is wrong Your setup may be smart Autodetect data formats and convert Older UNIX mainly dumb Modern Linux pretty smart - selects lters and transforms data streams if possible
Basic Tools
468
17.31 Main Printing Tools sends job to the queue for a named printer returns info about jobs in a queue

enables system administrator to control the operation of the printing system

&
Desktop environments may offer drag n drop, visual facilities, etc
#
see
)& ")& r)& ")&
removes unwanted jobs from a queue
for details
Basic Tools
469
Syntax:
( ( ( &
Main Options: Flag Options Name of the printer to send the job to Print n copies of the document Send mail on completion
h
Table 17.14: Main
Example: 7
The multiple copies feature of was broken in several versions, you should check you have an up to date copy before relying on this feature
0
( "
&
")& d
D "
")&
#
options
17.32 Using
C
tQ&
P $ e
Basic Tools
470
Syntax:
D $" #
Options: Flag Options Name of the printer/queue to interrogate Get info on each le within a job

Table 17.15:
Example:
& '
r &
options
d
)

17.33 Using
C
r &
r & & ' e
Basic Tools
471
Syntax:
D " #
Options: Flag Options Remove jobs from named printer/queue Remove all jobs belonging to yourself Remove all jobs belonging to user Remove job number n
h
Table 17.16:
Example:
d
We d
")&

17.34 Using

options
C
")&
H E
")&
e P
Basic Tools
472
17.35 Basic Tools Exercises

1. Find and Locate Files Using or
(b) Display all the lenames under (d) Display all the les under 2. Display Parts of Files
begining with a lowercase .
(c) Repeat the previous question, but translate the output to uppercase.
which are over 5k in size in uppercase.
(a) Display the rst 10 lines of the le (b) Display the last 10 lines of (d) Display (c) Display the rst 25 lines of (e) While viewing
one screen at a time
page-by-page, search for html
3. Classify, Count and Compare Files
(a) Find out what le types you have in the following directories:
(b) Repeat the previous question, but this time: i. Re-direct listing to new le ii. Append the listing for to
(c) Build a tool (i.e. write a command) to nd out how many les are in the directory. (d) Create two new les from listings of 2 users home directories, then nd the differences between them.
4. Regular Expressions Using the
le that you created before, do the following:
(a) List all the lines that contain directory (b) List all the lines that dont contain directory. (c) Find out how many les are directories, then nd out how many arent. (d) Why does the following give an error message (try redirecting the output to so you can see the error).
5. Sorting
(a) Sort the le into reverse alphabetical order on the rst eld. You may notice that capital and lowercase letters are sorted independently, e.g. comes before .
xB 7
(e) If you are feeling adventurous, use the last question identical. (Check
Fx @ 7 x F7 87 x
F7 @87 FExx x Fxh
F7 @87
87 @87 x
i. ii.
and )
to make the two les created in
87 Br x 87 5Br x 8x Bf 8x Bf 87 r x
(a) Display all the lenames under
Basic Tools
473
(b) Repeat the rst sorting exercise but ignoring case differences (c) Sort the type).
(d) Find out how many
les are listed in the
Fx @ 7 x
F8vx F7 @87
les into alphabetical order on the second eld (the le le.
F7 87 x x
x x
7x7v 8x Bf hB
8x Bf Y8x 87 r x7c7 8x Bf 8x Bf 7
FxBY57 xYh F8h
FxB57 7 7 x 5xBF7 7 x h 7 x x h x h
(a) Either
17.36 Basic Tools Solutions
Basic Tools
1. Find and Locate Files
3. Classify, Count and Compare Files
2. Display Parts of Files
(a) Use these commands:
(a) Use
(b) Use these commands
(e) While in one of the above, type
(d) Use one of the following
(b) Use
(b) Either
(c) Either
or
(d)
(c) Use
or
or
or
i. ii.
i.
F7 @87 78 vx 7 F7 @8x x Y738

F7 @8x x x8 87 @87 x8
F7 @87 FhE7x 7 x
' F7 @87 Y7 7 Fx @ 7 x Y7 7 '87 @87 xY7h 7 F7 @87 Y7 7 F7 @87 Y7 7 87 @87 xY7h 7
x 87 3x F
x @ hx 77
Fx @hx7 Fx @hxYF7 5 xF7 3 xxcx

option to , and the
Fx F7 3 hx F7 h hrhY F7 3 YxhhhY
' Fx @ 7 x Yxx
475
Basic Tools
(e) This solution uses the
x7
5. Sorting
4. Regular Expressions
(d) Without escaping the space between ASCII and text the shell assumes the pattern has ended and takes text as a lename to look for; hence the error about a non-existing le. continues, however, showing lines that match "ASCII" in the les it can nd. What you probably wanted was:
(d)
(b) Use
(a) Use
(b) Use
(d) Something like this:
(a) Use
(c) Presuming the second column starts at character position 25
(c) Use either
ii. (c) The easiest solution is
then
You could substitute the
stream editor to pipe everything through one line.
line-editor.
Module 18
More Tools
Objectives Having completed this module you should be able use the following tools appropriately:
"
Y I 0
d # f1
"
d d $&

"
476
More Tools
477
18.1
Introduction
Tools covered in this module have these functions: Command Function display top CPU processes display process status nd les in a directory hierarchy display virtual memory statistics display free and used memory display shared library dependencies display system uptime build and exec commands from stdin copy les to and from archives create and extract archive les create and extract archive les
Table 18.1: More tools and their functions
(
"
YE 6 0
" % d # fQ
d d '&
" E
!
43' ' '2 0 '2 B43' ' '2 7 43' ( 2 h 53' ' '2 B 43' '2 h @43' ' '2 h 43' ' '2 7 x 43' 2 h 53' '2 x%@43' & 2 5D& 7 h 43' ' '2 ) '2 43' &2 83 % 2 h53' ) '2 43' ' '2 43' " " " 7x$7
d F x x v F v r v d
' 4' ) 4' ' 4' ' 5' 5' 5' ' 4' ' ' 4' % 4& ' 4' 1 43 ' 4' ' 4' ' 4' ' " " 7#!
' 6' ' 1 & 0 & ' ' ( 7E) ' 6' ' & 7 1 1 & E 0 ' ' 0 ' 7#) ' 6' ' ' 0 1 1 0 ) A ' % 77# ' 6' ' 1 & 0 % 7# ( ' ' ) 1 7# ' 6' ' 1 0 & 7 $ & & ' ' ( 7# ' 6' ' ' 0 7A % ' ' 0 7%@# ' 6' ' 1 1 ) 7 A & 0 ' ' ' B7hYx ' 6' ' 7( ' A & 0 ' ' % ) 7# ' 6' ' ( 7 ( 7) #) & 1 ' ' ' ) 7# ' 6' ' 1 & ' 1 ' ' A ' ' 1 7Y& ' 6' ' 1 1 & ' 1 0 1 0 & 7C#B' ' 1 ) 77#1 ' 6' ' 1 0 ' ' % 0 7#1 ' 6' ' & ' 1 0 ) ' 0 7A@) 0 1 79& ' 6' ' 7 $' ' ' 7Y) ' 6' ' 7 $' ' ' ' ' 7Y ' 6' ' 0 ( 0 % & & 5 ' ' 7 1 ' 0 7 0 ) ( #( 0 ) ' ' & % Y#77 7 777x77 BB 7
"
18.2
More Tools
Displaying System Processes (
Shows processes for all users, unlike
N.B.
No-idle Mode, ignores idle or zombie processes Typical output may be:
Has several modes:
Displays ongoing processor activity in real time 1
Cummulative Mode, shows time for a process and its dead children
Secure Mode, disables potentially dangerous interactive commands
is not available on all UNIX
58
More Tools
479
Option
Function delay between screen updates (seconds) Refresh without any delay. Species cumulative mode Secure mode Non-idle mode Show full command line instead of command name
Table 18.2: Command line options for
The key interactive commands are:

Command Function Update display add and remove elds Change order of displayed elds Help on interactive commands Toggle cumulative mode Toggle display of idle proceses Toggle display of command name/line Toggle display of load average Toggle display of memory information Toggle display of summary information Kill a task (with any signal) Renice a task Sort by CPU usage Sort by resident memory usage Sort by time / cumulative time Show only a specic user Set the number of process to show Write conguration le /.toprc Quit
Table 18.3: Interctive commands for
or
or
Signicant command-line options for

IPg G Hg F g
include:

18.3
Options and Interactive Commands for

W V U S R X@TT@I
wg wg
a @
` Y Q
g 4
I G
A 8
b f

F 8F F 8
B T5 x x ' x " " " " " 7x$7!A
' 0 ' ( 0 % x@71 h & 0 1 & $ 0 % ' ' 0 x 7h hYBx9
2 @ ' 7A 0 0 % ' '2 4' 7# 0 0 ) " 7B7x7
F 8 F F 88 F F F F 8 F F
77
x 4' ' '2 Bx ' ' 2 " " " 777B
@ @
' 0 ) 7# #7Yx77# % ( 0 % ' 0 ) 0 0 ) 0 ) )7A 77x7#7A 0 % 0 % 0 0 % 0 0 % ) 0 % #7 A
x 4' ' '2 x ' ' 2 " " " #77$97B
0 )2 & 4 1 & 0 '2 % 4' @ 0 0 7777x7Y7
x 4' ' '2 Bx 5' % 2 " " " 777B77
hx# ( % 1 x9 ) 0 777
1 & # 0 ( ' 0 0 ' ' ' @##(

7
' ' '
BB
~ p 7w F t q%~ w7w i F p U @f ww i ~ h r w Hf x 7w h ~ p p
v t uv yk
"
18.4
More Tools
Reporting process status (
Various display formats:
Unlike which only prints info about processes belonging to the current shell
Jobs format ( ), e.g.
0 ' #( ' 4' xx7 ' 0 0 ) '#'(5 4' 7#x7 ' ' 0 0 % " " x# 7 7
!
'
0 ) 0 0 ) x7Yx@ ) % 0 0 % #707#@ A &
"
y y y m
x v l l t ywp }ul y
Virtual Memory format ( ), e.g.
User format ( ), e.g.
Long format ( ), e.g.
prints info about a users processes :
' ' ' ' ' A '

h9x
s a r v $q s Qq | q p q p "
r l sl
g 9#7
x7hBg97"H xg9"#77%'45'62x x 77g9x B 4' ' '2 ) 0 % x " " " #77$97B77xA
F 8F F 8
B 7' ' 1 & 1 % ( #77' % ( 7 x @) ' & h& ' 1 & 1 & 9 " " 7x$7 Ax7 7 7$
"
"
18.5
More Tools
Options for Reporting process status (
More options to
You can get et a full print-out of the sorting options by giving the erroneous command string
6 "
h a Pg
fE T e d ' '2 6' @# 1 0 % 7h7 x &2 ) # 1 0 0 % B ) 2 ' 7# 0 0 % x h 7 T B 77x h '2 76) # & 0 0 % 6' ' '2 x ) 0 % h hx x x 7 x 6' ' '2 7x 0 % " " " x7$7AB777
v 8 F F F 8 Fv F 8

x
7#0)@@# ( ' ) 0 1 & 0 A 7# 0 0 % 0 (9& x( 7 7 x 0 0 ) 7 x BCx H77 " "
Sort
Show environment after command line:
Show family tree ( ) for processes, e.g.
Show memory info ( )
results by specic elds: 2
)
481
More Tools
482
Option
Table 18.4: CLI options for sorting
or
6 a Pg
I a Pg a Pg A a BPg m a @Pg kPg a a Pg e 8aPg a Pg
Function user uid pppid session stime cstime start_time vsize pcpu
Option
Function cmd pid tty utime cutime priority rss size share
results
U a Pg n a EPg a Pg g lXPg a j a EPg a Pg REPg a i a HPg
a Pg
More Tools
483
searches your lesystem for les matching certain criteria Can match on name, owner, size, modication/access time, name and many others Can execute commands on les it nds Commonly used to archive sets of les, or clear out old les
d # f1
d # rQ
18.6
Finding Files using specied criteria (
More Tools
484
Basic syntax:
The values to match are very exible, e.g. to nd all les below that were last modied less than 36 3 hours ago:
( ` %
Find all les below current directory greater than 1000k in size and with permissions ( )
{ y z sy
& " & 0
1.5 multiplied by 24 hours

t r usr
t r upr
Y
-name string -mtime value -user UID/username -size size -perm -/+ mode -type t
Filename matches string (Shell metacharacters included) Modication time matches value Owner matches UID or username Size of the le matches size Permissions of the le match mode File is of type (f - normal le, x - executable le etc. See man page for full details)
Y
o q
d # f1 U"
x v v v qp`
18.7
Criteria used in
expressions
&
$
%e
I d
&
e e
"
v w
o pU"
d # f1 ( Q Q Q
d # f1
d # f1
More Tools
485
Execute commands on les found. For example, to nd then gzip-compress tar les:
{ y z sy
N.B. searches the lesystem in real time; making disks work hard
d # rQ
A 9 FB
F w
Piping the proach
results to
(section 18.14 ) is a more efcent ap-
z sy
i.e. found lenames substitute for
above 4
} ~
%
To nd all lenames not ending in modied in the last 8 days

IE
# Q
Combine tests with
and negate with , e.g: or
} ~
(
Find lenames ending in the last 8 days below

u
! | (
(
Find all les ending in

u
d # fQ
18.8
Examples of using (
(
under current dir:
|
u
# Q
%
# Q # Q
(
d # rQ
( ( 4 Y
d # f1 d # f1 d # f1
and modied in
More Tools
486
18.9
Reporting virtual memory statistics ) ( is used to identify system bottlenecks
Reports on processes, memory, paging, block IO, interrupts (traps), and cpu activity SYNTAX:
D D G P UC D D " %
If no reboot
d
specied gives averages since last
Otherwise updates every delay seconds Shows averages since last report count is the number of updates to give causes header display only once 5
! p
Allegedly! Some versions do not implement this correctly

# Q
Option
#
If no
is specied, just keeps on running
C
FC
# QFC
!
& !
"
"
More Tools
487
Output has cryptic headings :

Section Head
A 3@R
Field
A
Description no. of runnable processes no. of processes sleeping no. of processes swapped out but otherwise runnable virtual memory used (kb) idle memory (kb) memory used as buffers (kb) memory swapped in from disk (kb/s) memory swapped out to disk (kb/s) Blocks sent to a block device (blocks/s) Blocks received from a block device (blocks/s) interrupts per second, inc the clock context switches per second user time (as % of total CPU time) system time (as % of total CPU time) idle time (as % of total CPU time)
Table 18.5: Field descriptions for
h f

output
18.10 Output from
" %
Y Y A Y F 6
4 4 w
m H4 4
m A d f
8 m d FI 6 9 I
i R @U
More Tools
488
18.11 free Another tool to examine memory status Displays in kilobytes by default Output in kilobytes Output in megabytes Output in bytes Poll every x seconds Display a total line not available
x
Quick check on overall memory usage
May be useful if
!
Simpler alternative to
" %
" %
"
Y


fP## hx F 77 ' ' ' ' ' ' ' ' 'd g f ' ' ' 0 ' ' ' & 'd 0 g 0 P#4 45 @ f ' ' ' ) ' ' ' & 'd g P## F
18.12 ldd
More Tools
Also needed for setting up restricted ( environments
Q # p" F 8 F F F F f v 8 F v v 7
Very useful debugging tool
prints out library dependencies for a given executable
requires three libraries to run correctly
d)
d d $&
More Tools
490
18.13 uptime prints out basic information about performace of system

' ' ) ' ) ' 2 5A5p hxxx

Shows :
Current Time Time since last reboot (Days, Hours:Minutes) Number of logged-in connections Load average past minute, past 5 minutes and past fteen minutes
% ) 2 ) 0 0 2 ~w 3Ww77A8 & Bv8
More Tools
491
18.14 xargs Constructs and executes command-lines from information given on standard input Commonly used in conjunction with nd Syntax:
d # re
This is preferred to
{ y z sy

as it spawns less processes, therefore easing the load on the machine

"
0
Example: Delete all les named modied in the past 8 days

%
0

N.B. Data is normally piped to
"
%
# Q
# Q
e
"
d # f1
d # f1
0
not
More Tools
492
Interactive mode Verbose mode Limit arguments used to command
Verbose mode will print out the commands it executes Interactive mode prints out the command-line and awaits conrmation before executing tells to use at most arguments to the command you are running with Example:
"
h 1
U U
a1 t Y Tt H e t Y1!Tqi t a1H~ 1 f t f i h a1 t Yeg Hh t e t Yaqah t 1 f f f g f ffif g h ao 3 3Wu1 t ( h 1mYU! v f h h f f
0
U!
0
18.15 Options to
"
"
0
! #
# Q
I I
# 1
More Tools
493
By default places the lenames at the end of the command you give If they need to be somewhere else you can use Put at the point that you want the lenames inserted Example:
f &
Ih
{u
f if (sq pTe(A ~
0
18.16 Positioning lenames with

"
"
fh h i z3 3 Tt a1
0
z py
YU!
More Tools
494
18.17 cpio Similar to
Creates archives of les Operates in copy-in or copy-out mode Copy-out mode writes archives Copy-in extracts from them Takes lelist on standard input Not given on the command line Copy-in mode Copy-out mode Append to an archive Use instead of standard input/output Use archive format
&
&

s 1
More Tools
495
Lossless compression Safe on any le
Various compression levels, 1-9 1 - Fast, less compression 9 - Slower, more compression
Replaces original le
Leaves original le intact
d f
Can write compressed data to

t t t t at bai t ~ t t t d t A U t t ~ bai t at
! p
"
&
By default takes
t t t ~ at bai t t U t t att bai ~ & #
and turns it into
# Q r d
Compresses data taken from
"
%
Y
or a le
%
18.18
More Tools
496
18.19 Unzipping To unzip a le there are two methods

dp IE IE# d p !
Really just aliases Uncompress all les in the current directory
uses Lempel-Ziv coding
"
IE
Can also unpack les created with and

x r
" "

( u
Y Y
More Tools
497
18.20 tar creates archives of les
Used for transferring les between machines Or from place to place Options: Extract from an archive Create archive List les in an archive Be verbose Compress/decompress archive with Find differences between archive and the lesystem Operate on a le not a tape
0 Q
Check which les were included
Extract them again

( 0
A 9 B8
Integrated gzipping is not available on all versions of
( (
all les ending in archive called

0 ( 0
&& )
Y
&& QW
&& QW
&& QW
WU 0
W1

U d p e
I

Y
Q
into a gzipped 6
More Tools
498
Originally designed to talk to magnetic tapes Can still write to raw devices Useful to maximize space Fit 1.44Mb of data on a oppy Dont need any space for lesystem information
Extract it again
j

18.21 Raw devices and
f %gp1H
d q aq ~ i f i
f %H1H
Y ! Qs Q ps Q
More Tools
499
18.22 Exercises
1. Use 2. Make
3. Try killing a process, a good example would be your top process itself! 4. Use
5. Find a full list of every process on your machine and their full command name using . 6. Get the same view but tell 7. Request that
sort its output by system time used
9. Display all the lenames under 10. Display all the les under 11. Set
begining with a lowercase .
which are over 5k in size in uppercase.
running in a spare terminal updating every 5 seconds. in another window doing the same thing.
(a) (b) (c)
14. Practice using by nding sets of les and performing simple (Non-destructive!) operations on them e.g. (a) Find all les in the les system modied in the last 24 hours and make copies of them in a directory called in your home directory (b) Find all les over 5000k and make copies of them in the (c) Find all les ending in and compress them using need to use the option to for this. Why?
15. Use and to create an archive of the les youve copied in to the directory. Which do you think is easier to use? Learn one . . . forget the other! 16. Write an archive of
to a oppy as a raw archive
v Fx
8 Fx F
F 7x F88Bx vv
13. Use
7hx
12. Set up
to nd out what libraries some common applications use:
directory
. NOTE: You will
8. Display all the lenames under
using
to show the processes running on your machine. sort the list by memory usage.
to re-nice a process so that it gets more, or less CPU time.
to display the output in family tree mode.
' 97h xh FCF h x hh

x9
dt
7 x
8 F
v 87 7 87 x8F7 7h xF F vEFF7 @B Fx x 7Fh#hh F8 ' ' ' Fx! xF B 7xx 8F8Bx x vvx 87 x h f x7 7 hCh v 7 7 B 7 7
$ xh $
xh
(b) (b) (c) (c) to the rst command line should sort the output by system time works this will not produce the desired effect then would produce command lines like
18.23 Solutions
More Tools
1. Simply starting
2. Hitting M will sort the list by memory usage
3. Find your top process in the list (It will probably be near the head of a CPU-sorted list. Press k. You will be prompted for a process number, give the number from the PID column adjacent to your top process. You are then prompted for a signal to send the process. The default (15) should kill and return you to your shell prompt
4. Again nd your top process, then press r. You are prompted for the PID and a nice value. Unless you are super-user you can only lower the process priority (Give it a higher nice value).
5.
Shows a full list of processes and doesnt truncate the command-line to t on one output line
xh
6.
7. Adding
16.
14. (a)
13. (a)
12.
11.
10.
15. The command lines would be
9.
8.
or
Due to the way
If we didnt use
Identical to the above but show the family-tree view
from the command line will show all processes
Module 19
Objectives In this section, you will learn how to:
move round in les replace, insert and change text search les
the
Use the
editor to view, create and edit les
screen layout
501
Introduction to Editing With
19.1
Text editors under Linux
There are a number of text-editors available is on virtually every Linux distribution
Also comes with 99% of Unix systems Everyone should have a basic understanding is like Linux Has some very complex and powerful functions that can make your life easier However, you dont have to know everything; you get by knowing the basics Shares key bindings with many utilities Well just cover the basics here, cover everything! is too big to
502
is fundamentally text-based
Needs to know your terminals capabilities
May not function if your terminal is miscongured Check your TERM enviornment variable Terminal capabilities are listed in Generally not an issue
Graphical adaptations are available (
19.2
and your terminal
503
Lines containing simply a show that you are past the end of the le and there is nothing here. The terminals bottom line is the status line Shows status messages Where you type some commands (The ed/ex command set, explained later)
FW7h xhx Fx 7 FBh Y x
(( F7%d#w
19.3
screen layout
504
opens a specic le
If you dont have write permission on a le the status line will tell you :
~ f
If there is no such le status line will say something like :

u f f i
H F g
s r 5eQ
a ~ f
1Yi
s Fr
i a e t
With no arguments and empty buffer

%
e f
f u$h
~ f uaq~
Tqq fi
Launch
by typing its name on command line starts with an un-named

19.4
Opening les with
505
Ii
&
h t F f ~

f @
Unlike many editors does not always insert what you type into the le Has several modes Only one is responsible for inserting text into the current le has 3 modes: 1
command mode Moving the cursor, searching and manipulating existing text insert mode Entering new text : (ed) mode File manipulation, advanced searching and substitution
starts in command mode
Return to command mode at any time by hitting <ESC>
Some people refer to "ex" instead of "ed". They are the same thing
19.5
Modes
506
19.6
Saving, changing le and quitting
When you open a le, a copy of it is opened into memory Any changes you make apply to this copy only File on disk only changes if you explicitly say so To save (or write) a le you must be in command-mode, then type Can save your le under a new name, e.g.
%
normally prompts you if you have unsaved work

B
To quit without saving your work type will save your work and then quit
t t
To quit
type
#
&
507
e #
19.7
Moving around in command mode
Many ways to move around a document You must be in command mode for the following : On friendly terminals you can use arrow keys Arrow keys are sometimes unavailable on some terminals so has some alternatives k h l j Although awkward at rst, these make your life easier Always work, regardless of system type Fingers stay on the home keys
508
19.8
Numeric Prexes
Key concept: numeric prexes or multipliers Vastly improves the usefulness of many commands To supply a prex simply type the number before the command will then perform the command the specied number of times. Note: In subsequent examples a small box indicates the position of the cursor Starting with
#

& f
and pressing
$

509
x U
x U
!
!
!&
!&
q 0 0
will result in
19.9
Further Movement
also allows movements by units other than characters. Moving by pages : Key Result Forward one screenful Back one screenful Forward half a screenful Back half a screenful Moving by words : Key Result Go to beginning of next word Go to end of next word Go to start of previous word For these commands punctuation is not counted as part of a word The commands , and act the same but do include punctuation in words

d
The upper and lower case versions of commands are usually related
NOTE: Case is important to are different commands!
commands,
510
and
# # # # # # "
" "
" " " " " "
q!" q
"
" " "
q" q" q" q"
& %
& % 0 & % 0 & % 0 & % 0 &% 0 0
d p d p d e" d e" de" " d e
# # # # # # "
"
" " " " " "

" "
"
" "
q" q" q" q"
& %
& % 0 & % 0 & % 0 & % 0 &% 0 0
"
d p d p d e" d " de" " d e
& %
0

# "
d p
"
19.10 Further Movement - Example
Its not necessary to know these, but they make life a lot easier when you get used to them!
From the original start-point :
As with virtually all commands these may be given a numeric prex
From
Key Result
Key Result

{"
19.11 Movement by lines What if we want to get to the beginning of the next line2? Commands to move to line start/end: Key
v
Result Move to the end of the current line Move to start of current line Move to rst character of line
Moving to start of a previous or subsequent line Key

Result Move to beginning of the next line Move to beginning of the previous line
A line is the set of characters contained between newline characters, not necessarily what appears on one line in your terminal
512
& %
& %
& %
& %
0 1 Q # # " " % d e" " 0 "1}" Q # # " " d e" " 0 "1}" Q # # " " % de" " 0 "#1q" # "

d e
"
" %
"
}"
"
& %
0

d e
# 1
"
"
" {"
19.12 Movement by lines - Examples
"
Q #
"
From:
Key
Result
19.13 Inserting text You probably want more from a text editor than the ability to move a cursor! At the bare minimum you need to be able to insert text into a le
As with everything else, though, theres more than one way Again, while this may seem confusing you only need to know the bare minimum But, the more you know, the easier your life becomes!
Dont worry,
514
does this with ease
Anything you type now is treated as text to insert into the le rather than as a command
W
You leave insert mode by typing This is insertion at its simplest!
Also :
Key
p t
Result Append at the end of the line Insert at the beginning of the line Create blank line below cursor for insertion Create blank line above cursor for insertion
If your cursor keys work then you may move around the line while in insert mode You can delete characters from the current insertion using backspace
To insert text after the cursor we use the (append) command
This places
The
19.14
command command inserts text before the cursor into insert mode
515
19.15 Multiple Insertion Insertion commands can take numeric prexes The result may be surprising! Consider the following sequence of keypresses (from command mode) in an empty document
{
The result will be :

{
"
# { UT
"
# {
"
# { UT
516
"
# {
"
"
# U # U
19.16 Deleting Text has a vast array of commands for deleting text
0
The odd-one-out is which deletes the character under cursor The rest of the deletion commands are based-around the easy to remember command on its own does nothing
d d
You have to tell it how much to delete The amount to delete is given by the keys you used when studying movement Example:
Key
u
Result Delete to the beginning of the next word Delete 3 words Delete to the end of the word Delete everything before cursor to the beginning of the word Delete to the end of the line Delete to the beginning of the line
Two more special cases :

Key Result Delete the entire line Delete to the end of the line
517
f 1
19.17 Changing Text Now we know everything we need to know to delete text, insert new text and save changes however likes to give us choices!
If we nd a word that is wrong, we can delete it and insert the replacement Were actually changing the word has a family of commands for just this, all starting with Similar to deletion, i.e. you can use to change a word, to change to the end of the line, or to change three words What actually happens is that the designated amount is deleted and you are placed in insert mode
Key
u qb
Result Change a word Change 3 words Change to the end of the line Change to the beginning of the line
518
19.18 Copy and Paste Were still missing the ability to copy a piece of text and paste it somewhere else does support this, but it calls it yanking and putting

and yank a whole line and the rest of a line, respectively
pastes text after the cursor
Uppercase
pastes it before
Deleted text is also considered to be yanked will transpose two characters
Paste text using
or
'b
All yanking commands are prexed with a follow the same rules as before, i.e. , ,

519
0
and
19.19 Finding your place You can search through a le using You will get a

If found your search string it will move the screen to a relevant place and highlight it will skip to the next occurence;
Search backwards by using
instead of
and press
0
To search for the string

520
as a prompt on your status line type
0
to the previous
19.20 Miscellaneous Commands has a number of commands that dont really t anywhere else
toggles the case of character under cursor

(
repeats the last action undoes the last action Standard
Join the current and following line
Linux
521
supports multilevel undo does not
19.21 Search and replace can also replace the words it nds
p " U"
Basic form is:
By default it only changes one occurence per line, and only checks the current line If we tag the modier on the end it will replace all matches on the current line If we use a range3 we can search and replace a specied part of a document, e.g. To search and replace from lines 10 to 15 inclusive: To search and replace on the whole document
Not explained here, this is an advanced topic

d
f % &
U

"
U"
522
p`
v `
19.22 Regular Expressions Sometimes its desireable to search for a word fuzzily You may know the start of a word, or the end Or both, but not the bit in the middle! Regular expressions can come in useful here Can be used in normal searches or search and replace commands
523
19.23 Regular Expression Conventions Lots of things in Linux use regular expressions Not all exactly the same 95% similar though Denes certain special characters
Character Result Match any character Match any character in the range a to z Match the preceeding character zero or more times Match the beginning of a line Match the end of a line Match the beginning of a word Match the end of a word
Strictly speaking * can apply to more than one character We wont cover that here
524
d q
19.24 Regular Expression Examples Suppose we want to nd all words ending in
We could read the entire document to check for by hand
Takes far too long Wed probably still miss some Easier to get the computer to do it
Unfortunately that would also match words beginning with or with in the middle will jump to the next word that ends with
#
We could do a search using
#
#
525
y #
# #
19.25 Regular Expression Replacement We can also use regular expressions in the search section of search and replace commands, e.g.
will replace all occurences of beginning of a word with

526
U
"
at the
(c) What can you tell about the le from this screen?
(b) Practise the basic movement commands on the le (d) Check the other movement commands work as expected
(c) Open the le again and check it still contains your name (d) Next add some more names to the le, one on each line
(e) Go to a name roughly half way down your list. Check you can insert a name on the line above, and on the line below (f) Check you can append to the end of lines and insert at the beginning of lines 4. Movement and Multipliers (a) Check you can move through your le using combinations of the movement keys and numeric prexes. For example i. Move 3 lines down at a time ii. Move 2 words along iii. Move to the beginning of the second line below your cursor
(a) Try deleting various entities (Words, lines, characters) from your le (b) Check that these work with the numeric prexes (c) You should be able to achieve all of the following i. ii. iii. iv. v. vi. Delete a word Delete to the end of the line Delete to the beginning of the line Delete the whole line Delete 2 lines at once Delete 2 words at once (Either including or excluding punctuation)
(a) Repeat the exercises given for delete but do changes instead of deletions
6. Changes with
5. Deleting with
(b) Insert your name into the le and then save it and leave
H9$$@
(a) Start
with the lename
3. Creating with
. This should be a new le
H$H
(c) Check you can use both the cursors and
9HHE#
(a) Start
with the the le
2. Getting used to
again to move around
HE
(b) Exit
and then start it again with the le
(a) Start up
1. Recognizing
19.26
Exercises
with no lename to see what it looks like
527
7. Yanking and Pasting (a) Copy the rst line of your le and paste it so that it becomes the last line (b) Paste it back at the top of the le (c) Place the cursor at the very beginning of the le and try the following keystrokes i. ii.
(d) What was the difference and can you suggest why this may be? (e) Check that text deleted can be pasted back 8. Miscellaneous (a) Place the cursor at the beginning of the le and try the following command sequence: Explain the result (b) Place the cursor over a letter on the middle of a word. What happens when you type ? (c) Join all the lines of your le into one long line. Check that the movement commands regarding lines work on actual lines rather than the lines as seen on your screen
528
#$ ##
##
(b) You should be fairly comfortable with the various navigation methods such as moving left, right, up and down, to the end or beginning of the line and moving up and down by intervals of pages and half pages.
(b) To insert my_name simply type :
There are several ways to save and exit :
(c)
and check that the text you entered is there. If not try again.
(d) There are several ways to do this : i. When inserting using you may type RETURN to insert a newline character. it is possible therefore to start with the cursor at the beginning of the le and type : and so on ii. Typing or will open a new line for insertion
(f) Appending to the end of a line can be done using either:
Inserting at the beginning can be done using any of:
4. Movement and Multipliers (a) You should practice moving around using the movement characters with the numerical prexes
#9H$EAH9HA $$@H9$H $$@H9$
i. ii. iii.
#9$H#$#9H# $9$H#9$
i. ii.
(e) You should check that you understand which of which below the current line
#$#EAHH@HH$@@H
H$@E #
i. ii. iii.
followed by
$9@AHHP
H$@E
(a)
. The status line should tell you that it is a new le and each line on the main screen should begin with a indicating lack of content
3. Creating with
HE$#CE
(a)
2. Getting used to
(c)
should tell you that this le is read only. This is because you dont have sufcient permissions to change the le. should also tell you how many lines and characters are in the le.
#HHP#
#HHP#@ @
(b)
should exit <ESC> rst.
. If you want to make sure youre in command mode press will start with opened
and
inserts above, and
(a) Check you understand where the status line is, and what the
1. Recognizing
19.27
Solutions
$
characters mean
529
(a) You should make sure that the various deleting methods work as you expected. If they surprise you, try to work out how they do work. (b) Again check you understand the various possibilities. (c) The following represent only possible solutions: i. ii. iii. iv. v. vi.
7. Yanking and Pasting
(c) Check you can tell the difference between the two commands. (d) The Yank buffer only holds the contents of one yank operation. Both sets of keypresses yank the line we start on and the line below. However the rst does this as two seperate operations and the yank buffer only remembers the most recent. The second example yanks two lines at once, therefore placing both in the yank buffer.
8. Miscellaneous
(c) Starting at the top of your le pressing will join the following line to the current line. Repeat this until the entire le is on one line. Pressing one of the down a line keys (Such as , or should have no effect despite the illusion that there is more than one line.
H#$
(b) The
(a)
repeats the last action. In this case it is a paste operation. It could equally well have been an insert, change word or delete operation. command pair is useful for transposing letters.
(e) You should try
and check that the text appears after being deleted.
(b) Move back to the top line of the le and type current line.
(a) Move to the rst line of the le and type type
, then move to the end of the le and which will paste it above the
(a) The answers for this are the same as for delete except substituting each case.
6. Changing with
5. Deleting with
$9
H9 $
# # #
i. ii. iii.
, , or , or , or
$
for in
530
# 9 $
Module 20
Basic X-Windows
Objectives On completion, you should be able to: Understand the basic concepts behind networked X windowing start and stop X run shells and user applications under X set preferences for X change window managers and desktops use X over a network
531
Basic X-Windows
532
20.1
What X-Windows Is
X is a windowing system Provides the basic graphic functions for Linux Designed to provide windowing to any workstation across a network, regardless of OS Operates on a client-server model Is an application, i.e. not a part of the OS
pp
The standard Linux X server is commercial alternatives include: Metro-X Accelerated-X
Basic X-Windows
533
20.2
X Needs Window Managers
Window managers provide the controls which allow you manipulate all graphic apps, e.g. move, size and stick open and close maximize, minimize, iconize title bars Determine the look and feel of X, e.g. Win95 Motif Next Step Can provide virtual desktops
Basic X-Windows
534
20.3
Window Managers Are Applications
Linux distributions contain many window managers, e.g.

Manager Description Motif-like look Win95-like conguration for , Red Hat default Bare-bones Tab WM Open Look (Sun) Virtual Screen Open Look Next Step look, fast and lean Gnome-compatible WM, powerful, rich, buggy Ultra-lean
Window managers are X applications, thus: change manager without re-starting X change X behaviour without re-start
& & 1!0 & ) ' (&#$%"#!
Basic X-Windows
535
20.4
Desktop Environments
X + WM alone dont provide everything expected of modern desktops, e.g. completely integrated drag and drop universal access to a clip board Desktop Environments bring these facilities to Linux, bundling: desktop-capable window manager URL-based le manager facilities to share clipboard and other data between optimized apps (inc. object linking) Linux currently has 3 main desktop environments: CDE . . . the original commercial UNIX standard KDE GNOME
Basic X-Windows
536
20.5
Starting X
Many possibilities
5 3 42
You may be using the graphical does it for you

2 8
tool which
or login to command prompt then type

8 D E
C 2 BA
if
Y T U I Y d G f!Hecb
a Y X U I U #`WHWVT
F R P I G #SQHF
C 2
9 8 @7 6 6
is not setup:
Basic X-Windows
537
20.6
Stopping X
Use the window managers menus

C 2
If you started via startup xterm:

8
2
If all these fail, switch to another virtual terminal using the following keys, then kill X from the command prompt:
u g A A qSA u H g u p s v g u s r p h 4wti4tqqig
u h v y h v x 4SSq4qSSg 8
u p s v @wSig
Stopping:
u s r p h 4tqqig 6
, type the following in the
Basic X-Windows
538
20.7
Running Shells (Xterms) Under X
Even under X, the most productive way to work is often via the command line (i.e. a shell) The standard way to access a shell prompt under 1 X is via a terminal emulator called an An shell behaves like a non-X shell, except that you can cut and paste between it and X applications Any number of xterms can be open at the same time Using or the can provide shells to any number of other hosts
5 2 7 5 8 2 7 #S7 8
C q#t
To start an
8 6
From an already open xterm: From a window manager menu (invariably top-level)
5 2
Linux provides other terminal emulators for specialised hosts, but they are rarely necessary. There is also another category of emulators that provide advanced features such as transparent terminals etc.
5 8
Basic X-Windows
539
Character-based apps: Run exactly as they would outside X, unless the xterm itself has been miscongured X applications: Type the programs le name at the prompt: 2
Y T U I Y d G Q!b 6
The ampersand allows the application to run independently of the shell

20.8
Running Applications from an
Basic X-Windows
540
20.9
Running Applications from a window manager
Every window manager provides simple menubased access to applications Application Menus are usually accessible by clicking on: Buttons set into a task bar The desktop background (root window)
C # 8 q8 x
#E
Basic X-Windows
541
20.10 Conguring X Default installations of Linux provide a fully functional setup for using graphic X apps 2 different types of X conguration that system administrators or users may need to change: Basic conguration of screen, mouse, keyboard behaviour, fonts Could be a course in itself (classic OReilly manual lls a bookshelf) Conguration les best edited via cong tools (see next Section 20.11) Behaviour of desktop objects (windows, icons, taskbars, ) Window manager dependent Best congured via window manager preferences
7 5 8 2
Basic X-Windows
542
20.11 Basic X Hardware Conguration Basic conguration for hardware is dened in the 3 le, located in is easier to edit using the following tools:
Se~D 8
s
a character-based application which prompts for the same settings . . . Red Hat tool sets monitor, card, screen mode, colour depth and resolution with probing . . . Red Hat tool sets the mouse type with probing. Useful for setting 2-button mice to emulate 3-button types by simultaneous clicking on both buttons
On some older systems you may nd the X conguration in , or
o xv t o } } {o r zywuw~(||o
} } { o xv t o } } { o rq p } } {o xv t o rq p ~(zyw~~s%Bo ~(|zywus%Bo
) ' m' i l "
n ) 0 l & #i
) l
j!! & i h g f e !d C W # p g f k d
C W # h p
. . . an X application which edits most basic hardware preferences (Mouse, Keyboard, Card, Monitor, Graphic Modes)
Basic X-Windows
543
20.12 Basic X Software Conguration Under X, the user can congure every conceivable aspect of graphic display Users may need to change: Screen font sizes, styles, familes Pointer behaviour Screen colours Window manager All desktop environments and many window managers provide graphic tools for changing these congurations They can be set, on a system-wide or per-user basis, in the following two les:
D E 2 8
to set the default window manager and style to be used by the command
9 8 @7 7 8 H 9 3 A
for fonts, pointers, colours, etc
C 2 BA
Basic X-Windows
544
20.13 Networked X - The Client-Server Relationship X works in a client-server relationship The client is a user application (e.g. netscape) which needs X services to display itself on a given screen The server is the application which provides these services, e.g. On a single-user Linux system, both apps reside on the same system On a networked Linux system the user can run an X application which is installed on a remote system but see it displayed on the local monitor, i.e.
ps
ss
The client application (e.g. remote and the X server (e.g.

qC
7 E8
) is ) is local
Basic X-Windows
545
20.14 Principles of Running Remote X Apps The most common use for networked X is to run client apps which are installed on remote hosts Reasons for running X apps on remote hosts: No local installation of the app Local processing or memory are insufcient No local access to data
Basic X-Windows
546
20.15 How to Run Remote X Apps Start the local x server: Enable (dangerous) lack of authentication Open a telnet connection to the remote host: Set the your environment variable on the remote host so that applications re-direct their graphic output to your local monitor:
mq i9 v s qq 8

i6 v s qq Y T U I R Y R T Y f!H!Q!wf(a
2 8
C q
8 8 #7
9 8 E#7 2 2 8 6 6 6
Basic X-Windows
547
20.16 Authentication Xservers only allow authenticated hosts to connect

2
On a trusted LAN you might use xterm Or edit

8 9 D 9 6 7 8 E7
q
(0 refers to display 0):
This is dangerous Allows hosts to grab your mouse and keyboard Only use in a trusted environment
8 7
in an
7 8 E7
~D
s ~iD
w 8
p p
9 3 3 Sw4C
8 #7 9 w7
H5
9 w7
Basic X-Windows
548
20.17 Better Authentication Can use cookie-based authentication

A q8 q8 9 5 3 42
Done for you if using Clients look in to server
for cookies to feed
Server must be started with appropriate argument

w
Server only looks when started Too late to change once running Both server and clients must use the same cookies
w
Documentation is not very penetrable
5 3 42
Hard to manage - most resort to
HA
Involves merging
q8 9 2
q8
q8
Reads its
S8
S8
le
les using
Basic X-Windows
549
20.18 Basic X Exercises

1. Figure out how to get an X session running
3. In an xterm window type
what happens?
4. Start up another xterm. (a) Type: You should get hello echoed. text so that it highlights - do this by clicking the rst (b) Select thet mouse button and dragging. (c) Move the mouse to another xterm window; click into it to make it active if necessary. (d) You should be able to paste the selected text by clicking the middle mouse button (3 button mouse) or simultaneously clicking both buttons on a 2 button mouse. Try it and see. 5. Find another machine on the same network. Use to tell it to accept connections from your machine. Start an xterm on your machine but tell it (using the variable) to display on the remote machine.
BH#
9y4
2. In an xterm window type
- what happens?
y##EfyH$ 9HHB 9HHB

y#$@
Basic X-Windows
550
and any others that you like the idea of.
9B5H
6. Go to the
directory. Try these commands:
s HAwA99 $B $ s9


Old Linux Course Modules

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Old Linux Course Modules

Încărcat de

Drepturi de autor:

Formate disponibile

Linux Training Materials Project

$ # " %!                    

c GBdirect Ltd, 2000

2 81 '   6 4 75 % 2 81 ' 9 ! 6 4 75 %

' # " %&

# " # 1   " 0" ) ' $    ' # %"  

c GBdirect Ltd, 2000

4.15 4.16 4.17 4.18 4.19 4.20 4.21

c GBdirect Ltd, 2000

B  6  C9 B  6  C9     ' ' '

'  656 '  656 ' 656 6 56 6 56 6 56

        ' %54 ' %54

%54 ' %54 6 5B '

10.19 10.20 10.21 10.22 10.23 10.24 10.25 10.26 10.27

c GBdirect Ltd, 2000

1 # " 79 6 1 # " 79 6 9 H2 ' %# # " 

 %%  %%  %% " B  ( 1 0 6 $ " 

 % " # 9C6 9 C6 $ 2 2

' C " # PD6  C   I ' ! " #   C  I #"

C    '     C $ 4   $  4  '

c GBdirect Ltd, 2000

' ' '

'  656 ' 656 6 56  % " #

17.29 17.30 17.31 17.32 17.33 17.34 17.35 17.36

c GBdirect Ltd, 2000

is the most widely-used web-server1

59.99 % of all servers as of February 2001 (Netcraft - www.netcraft.com)

c GBdirect Ltd, 2000

If you have problems check the docs Available at

c GBdirect Ltd, 2000

Then follow the instructions in the

c GBdirect Ltd, 2000

Conguration File(s) If compiled from source,

Controls what requests and how . . .

c GBdirect Ltd, 2000

ServerRoot, DocumentRoot Tells

where its les live where its and

ServerRoot tells directories live

where to look for

Requested lenames are appended to this If you have

c GBdirect Ltd, 2000

sometimes cant complete requests

c GBdirect Ltd, 2000

BindAddress, and Port Tells

which requests to answer listens to every IP address on

By default your machine

But only to the port given by the Port directive

tells anything that doesnt come in on

ignores all but the specied port

You can use more than one Port directive, e.g.

c GBdirect Ltd, 2000

User and Group should normally be started as root

c GBdirect Ltd, 2000

            

                    )

' ' ' ' ' '

65( 65( 65( 65( 65( 6 5(

% % % % % %

#" 1 #" 1 #" 1 #" 1 #" 1 # 1 "

G T G T G G G G G G E GG P

#' #' #' #' #' # '

Some elds from the

c GBdirect Ltd, 2000

They do use memory, however

$ # " %!

2 81 ' 6 4 75 % 2 81 ' 9 ! 6 4 75 %

' # " %&

# " # 1 " 0" ) ' $ ' # %"

B 6 C9 B 6 C9 ' ' '

' 656 ' 656 ' 656 6 56 6 56 6 56

' %54 ' %54

1 # " 79 6 1 # " 79 6 9 H2 ' %# # "

%% %% %% " B ( 1 0 6 $ "

% " # 9C6 9 C6 $ 2 2

' C " # PD6 C I ' ! " # C I #"

C ' C $ 4 $ 4 '

' 656 ' 656 6 56 % " #

)

' ' ' ' ' '

% % % % % %

#" 1 #" 1 #" 1 #" 1 #" 1 # 1 "

G T G T G G G G G G E GG P

#' #' #' #' #' # '

j lul j eye q v v v 5h0nyGfu e v ` v pp{rcaX d kpfeuX d fet j d i g d

1 1 ) ) 7' 1 # 1 " ! $ ! 0( ! 6 % C 9 # ' %# 2

$2 G# 2 2 B C m

$2 8# 2 2 C 3

2 2 2 ' T E 6 C ' %# 2

" # " I C & ' !# F ' $ # # # " 54 (% 4 I I C ) 6 0( 6

" # " "