Linux Project (Final)
Linux Project (Final)
Linux Project (Final)
Open-Source Software
Rajat Goyal
Acknowledgement
I’d like to thank the pioneers of our industry
for blazing the trail and mapping the path to success,
vision, courage, perseverance and guide us to
perceive the future of Computing
through an Operating System which we call it as
“LINUX”
Also,
I’d like to dedicate this to
my Parents and Teachers for providing
a model of solid values and
hard work for me to the path of Computing.
-- Rajat Goyal
2
Table of Contents
1. Linux : Overview……………………………………………………………………………………….4 - 10
Introduction to Linux
Why we use Linux
Features of Linux
Linux v/s Windows
Linux Flavors
2. History of Linux……………………………………………………………………………………….11 - 18
Founders : Overview
Generation & Development
Linux Desktop
4. Linux Architecture…………………………………………………………………………………..24 - 56
3
Linux : Overview
Introduction to Linux
Linux is a generic term referring to “Unix-Like”
computer operating system based on Linux kernel. Linux is
a freely distributed operating system that runs on multiple
hardware platforms, which means that it is free and open-
source software in which all the underlying source code can
be used, freely modified, and redistributable by anyone
under the terms of the GNU/GPL and other free licenses.
Linux is a complete multitasking and multiuser operating system
based on Linux kernel. The Linux kernel was originally developed for the Intel
80386 with multitasking operations which is one of its best features. The
kernel is the code that controls the interface between user programme and
hardware devices.
A Linux-based system is a modular Unix-like operating system. It
derives much of its basic design from principles established in UNIX during
the 1970s and 1980s. Such a system uses a monolithic kernel, the Linux
kernel, which handles process control, networking, and peripheral and file
system access. Device drivers are integrated directly with the kernel.
Separate projects that interface with the kernel provide much of the
system's higher-level functionality. The GNU user land is an important part of
most Linux-based systems, providing the most common implementation of
the C library, a popular shell, and many of the common UNIX tools which
carry out many basic operating system tasks. The graphical user interface (or
GUI) used by most Linux systems is based on the X Window System.
4
Why we Use Linux
This Unix-like open source software is widely used for the following
many reasons:
Linux utilizes your memory, CPU, and other hardware to the fullest.
5
Features of Linux
The Basic features of Linux which defines this software in a more
fruitful manner which are as follows:
True multitasking.
6
After installation you can create logins for different users.
Each user may login by his/her own login and password – own login area.
Linux/UNIX has powerful text processing tools which are highly suited to
working with sequence data
7
‘Linux’ v/s ‘Windows’
Windows Linux
Windows is considered a Single-User, Multi- Linux is considered a Multi-User,
Tasking OS. Multi-Tasking OS.
It enables one user to perform multiple It allows multiple different users to
tasks at once, but does not allow perform tasks simultaneously, and
multiple different users. ensures they do not interfere with each
other
Windows supports the FAT and NTFS file Linux supports a wide variety of file
systems. systems, including FAT, NTFS, ext/3/4,
ReiserFS, XFS, JFS, and many others.
Some ability to expand support via new Adding support for new ones is as easy as
drivers. a kernel recompile.
MSRP for Windows Vista Home Basic is MSRP for most Linux distributions is
$199.95 $free.
MSRP for Windows Server 08 Std is $999 However, most of the time support is not
for five access licenses. Additional access free and must be paid for.
licenses are $199 for 5.
Open Source Development Model and so It is not an open source and hence
the programmer can redesign the OS. cannot be redesigned by the
programmer.
Linux is robust and very much secure from Windows gets affected by virus very
virus. easily.
The Linux server has surpassed windows Security is the main issue which has made
server operating system in security. windows to think to survive.
There are 250000+ developers behind Linux Compared to Linux, a window is
for open source deployment. developed by few thousands of people.
8
Linux Flavors
Fedora Linux
Caldera Linux
Mandrake Linux
9
Turbo Linux
Ubuntu Linux
AsiaNux Linux
10
History of Linux
Founders: Overview
The UNIX operating system was conceived and implemented in the
1960s and first released in 1970. Its wide availability and portability meant
that it was widely adopted, copied and modified by academic institutions and
businesses, with its design being influential on authors of other systems.
The GNU Project, started in 1984 by Richard Stallman, had the goal
of creating a "complete Unix-compatible software system”, composed
entirely of free software. The next year Stallman created the Free Software
Foundation and wrote the GNU General Public License (GNU GPL) in 1989.
Linus Torvalds has said that if the GNU kernel had been available at the time
(1991), he would not have decided to write his own.
In 1991 while attending the University of Helsinki, Torvalds began to
work on a non-commercial replacement for MINIX, which would eventually
become the Linux kernel.
11
project coordinator.
Inspired by Minix (a kernel and operating system developed by
Andrew Tanenbaum), he felt the need for a capable UNIX operating system
that he could run on his home PC. Torvalds did the original development of
the Linux kernel primarily in his own time and on his equipment.
The Linux operating system (OS) was first coded by a Finnish
computer programmer called Linus Benedict Torvalds in 1991, when he was
just 21! He had got a new 386, and he found the existing DOS and UNIX too
expensive and inadequate.
In those days, a UNIX-like tiny, free OS called Minix was extensively
used for academic purposes. Since its source code was available, Linus
decided to take Minix as a model.
12
against both software patents and what he sees as excessive extension of
copyright laws. Stallman has also developed a number of pieces of widely-
used software, including the original Emacs, the GNU Compiler Collection,
and the GNU Debugger. He co-founded the League for Programming
Freedom in 1989.
13
Generation & Development
A Linux-based system is a modular Unix-like operating system. It
derives much of its basic design from principles established in UNIX during
the 1970s and 1980s. Such a system uses a monolithic kernel, the Linux
kernel, which handles process control, networking, and peripheral and file
system access. Device drivers are integrated directly with the kernel.
Separate projects that interface with the kernel provide much of the
system's higher-level functionality. The GNU user land is an important part of
most Linux-based systems, providing the most common implementation of
the C library, a popular shell, and many of the common Unix tools which
carry out many basic operating system tasks. The graphical user interface (or
GUI) used by most Linux systems is based on the X Window System.
UNIX
Unix (officially trademarked as UNIX, sometimes also written as
UNIX with small caps) is a computer operating system originally developed in
1969 by a group of AT&T employees at Bell Labs, including Ken Thompson,
Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna. Today's
UNIX systems are split into various branches, developed over time by AT&T
as well as various commercial vendors and non-profit organizations.
As of 2007, the owner of the trademark is The Open Group, an
industry standards consortium. Only systems fully compliant with and
certified according to the Single UNIX Specification are qualified to use the
trademark; others are called "Unix system-like" or "Unix-like".
14
UNIX operating systems are widely used in both servers and
workstations. UNIX was designed to be portable, multi-tasking and multi-
user in a time-sharing configuration. In 1983, Richard Stallman announced
the GNU project, an ambitious effort to create a free software Unix-like
system; "free" in that everyone who received a copy would be free to use,
study, modify, and redistribute it. The GNU project's own kernel
development project, GNU Hurd, had not produced a working kernel, but in
1992 Linus Torvalds released the Linux kernel as free software under the
GNU General Public License. In addition to their use in the Linux operating
system, many GNU packages — such as the GNU Compiler Collection (and
the rest of the GNU toolchain), the GNU C library and the GNU core utilities
— have gone on to play central roles in other free Unix systems as well.
MINIX
MINIX is a Unix-like computer operating system based on
microkernel architecture. Andrew S. Tanenbaum wrote the operating
system to be used for educational purposes; MINIX also inspired the creation
of the Linux kernel. Its name is a portmanteau of the words minimal and
UNIX. Minix has been free and open source software since it was released
under the BSD license in April 2000.
Andrew S. Tanenbaum created MINIX at Vrije Universiteit in
Amsterdam to exemplify the principles conveyed in his textbook, Operating
Systems Design and Implementation (1987). An abridged 12,000 lines of the C
source code of the kernel, memory manager, and file system of MINIX 1.0
are printed in the book. Prentice-Hall also released MINIX source code and
binaries on floppy disk with a reference manual. MINIX 1 was system-call
compatible with Seventh Edition Unix.
15
LINUX
A Linux-based system is a modular Unix-like operating system. It
derives much of its basic design from principles established in UNIX during
the 1970s and 1980s. Such a system uses a monolithic kernel, the Linux
kernel, which handles process control, networking, and peripheral and file
system access. Device drivers are integrated directly with the kernel.
Separate projects that interface with the kernel provide much of the
system's higher-level functionality. The GNU userland is an important part of
most Linux-based systems, providing the most common implementation of
the C library, a popular shell, and many of the common Unix tools which
carry out many basic operating system tasks. The graphical user interface (or
GUI) used by most Linux systems is based on the X Window System.
Linux distributions, comprising Linux and large collections of
compatible software have become popular both with individual users and in
business. Popular distributions include Red Hat Enterprise Linux, Fedora,
SUSE Linux Enterprise, openSUSE, Debian GNU/Linux, Ubuntu, Mandriva
Linux, Slackware Linux and Gentoo.
Linux Desktops
Desktops
GNOME KDE
16
GNOME
GNOME is a desktop environment—a
graphical user interface which runs on top of a
computer operating system—composed entirely of
free software. It is an international project that
includes creating software development frameworks,
selecting application software for the desktop, and working on the
programs which manage application launching, file handling, and window
and task management.
GNOME is part of the GNU Project and can be used with various
Unix-like operating systems, most notably those built on top of the Linux
kernel and the GNU userland, and as part of Java Desktop System in Solaris.
KDE
KDE is a free software project based around its
flagship product, a desktop environment mainly for
Unix-like systems. The goal of the project is to provide
basic desktop functions and applications for daily needs as well as tools and
documentation for developers to write stand-alone applications for the
system. In this regard, the KDE project serves as an umbrella project for
many standalone applications and smaller projects that are based on KDE
technology. These include KOffice, KDevelop, Amarok, K3b and many others.
KDE software is based on the Qt toolkit. The original GPL version of this
toolkit only existed for the X11 platform, but with the release of Qt 4, GPL
versions are available for all platforms. This allows KDE software based on Qt
4 to also be distributed to Microsoft Windows and Mac OS X.
17
Desktops
GNOME KDE
18
Open Source Software
Development
Standards Based
19
Open Source Software
In 1979, AT&T introduces their Unix License, which is actually even by
today is pretty much expensive. For educational institutions, you can get one
CPU license for 7500 Dollars (Rs. 3,75,000) per CPU and if you want a full
commercial license, it will cost you around 60,000 Dollars (Rs. 30,00,000) per
CPU.
Richard Matthew Stallman, an American Software freedom activist, a
hacker and software developer, started the Free Software Foundation and
the GNU Project. He pioneered and created GPL (General Public License) for
the GNU Project, which is a widely used free software license and is the most
popular and well-known example of Copyleft license. Stallman’s goal was to
produce one license that could be used for any project, thus making it
possible for many projects to share code. This Software Foundation is
designed to promote Free and Open source software or software which is
liberally licensed to grant the right of users to study, change, and improve its
design through the availability of its source code.
Open Source is a term, developed in 1997, to represent free software
that is distributed with the source files. End users can modify and recompile
the software to meet their needs. For instance:-
for x:= 0 to 100 do
{
if x == 50
print “halfway done”
else
print x
}
20
Closed Source means any software that is distributed without the
source files. End users cannot modify and recompile the software according
to their needs. For instance:-
00011101010111110000100011111000011100111110000000111111010101
010101100110010101010101011111001110101011111111000001111110000
1111000011111110010101010100101110011001010111010000001011010
01010101010101101010001111100100000000001111000011100001001
01010111010101011001111000011100011111000111110000011111000011
11111000111100011010101010100011111001010101010111100001010101
010010001001110101010001001011010101010101010101010101010101
21
Developer/Licensor
Any Developer/Licensor can draft an agreement that conforms to the
Open Source Development, though most licensors use existing agreements
22
Examples of Open Source Software
Linux (Operating system kernel-substitutes for proprietary UNIX)
Apache Web Server (Web Server for UNIX systems)
MySQL (Structured Query Language – competes with Oracle)
Cloudspace, Eclipse (IBM contributions)
OpenOffice (Open source implementation of Sun’s StarOffice)
Stability.
No forced upgrades.
Migration cost.
23
Linux Architecture
Particulars
I. Component Facts. 25
VII. Services. 43
IX. Networking. 47
X. Security. 52
XI. Troubleshooting. 53
24
I. Component Facts
The Linux operating system is a modular system, which means that the
components can function without affecting one another. Because of its modular
nature, you can create a highly customized Linux operating system based on your
individual requirements. The table below lists the modules typical to Linux. Each
component (or set of components) is generally developed independently, and
each component offers functionality while minimally affecting the other
components.
25
Window A Windows emulator is an implementation of KDE (Kommon Desktop Environment),
Manager/Desktop the Microsoft Windows API. which uses the K Window Manager
Environment The emulator lets you run Windows applications (kwm) and comes with the Qt toolkit
on Linux without running the Windows for C++.
operating system. GNOME (GNU Object Model
Environment) does not specify a
window manager because its design
allows use of any window manager.
However, it does use Metacity as a
default window manager in the absence
of a window manager. GNOME requires
the use of the GIMP Toolkit (GTK) to
render the full GNOME desktop.
Boot Loader A boot loader runs after the system executes LILO (LInux LOader) is the most
the BIOS ROM and POST functions. common bootloader.
It loads the Linux kernel from the boot partition
GRUB (GRand Unified Bootloader) is a
on the hard disk. new bootloader that offers extra
It is also used to boot other operating systems functionality.
present on the computer.
Daemons Daemons are programs that run in the File/Print Services SMB/Samba
(Services) background, providing additional functionality NFS
to a system.
The Windows equivalent of a daemon is a Print services LPR
service. CUPS
Web Server Apache
Tomcat
Domain Name Service BIND
(DNS)
E-mail Sendmail
Postfix
Firewall ipchains
Smoothwall
Astaro Security
Linux
Proxy Server Squid
26
II. Directory Contents
The unified file system uses a single root directory that contains various other
directories. File systems from other hard drive partitions mount to directories beneath
the root directory, providing access to a single directory structure.
Directory Description
/ The / character represents the root directory of the Linux system. All directories are below the / (root
directory) of the system.
/bin The /bin directory contains binary commands that are available to all users.
/boot The /boot directory contains the kernel and boot loader files.
/dev The /dev directory contains device files.
/etc The /etc directory contains configuration files specific to the system.
/home The /home directory contains by default the user home directories.
/initrd The /initrd directory is used during the boot process to hold the initial RAM drive image.
/lib The /lib directory contains shared program libraries and kernel modules.
/media The /media directory contains the /cdrom and /floppy directories. It is the point where CD-ROM and
floppy drives can be mounted according to the FHS (Filesystem Hierarchy Standard) v2.3.
/mnt The /mnt directory is an empty directory. This was the mount point for CD-ROM and floppy drives prior to
FHS v2.3.
/opt The /opt directory contains the additional programs.
/proc The /proc directory contains information about the system state and processes.
/root The /root directory is the root user's home directory. Do not confuse /root with the root of the system (/).
/sbin The /sbin directory contains system binary commands.
/srv The /srv directory contains files for services like the FTP and Web servers.
/sys The /sys directory is new with release 2.6. It takes some of the system state date that was previously
contained in /proc.
/tmp The /tmp directory contains temporary files created by programs during system use.
/usr The /usr directory contains system commands and utilities. /usr holds the following directories:
/usr/bin
/usr/lib
/usr/local
/usr/sbin
/usr/X11R6 (for the X Window system)
Depending on the implementation, the /usr directory might also include the /usr/doc subdirectory (or
/usr/share/doc subdirectory) to hold documentation accessible to all users.
/var The /var directory contains data files that change constantly. Standard subdirectories include:
/var/mail (holds e-mail in boxes)
/var/spool (holds files waiting for processing, such as print jobs or scheduled jobs)
/var/www (holds www or proxy cache files)
27
III. Computer Roles
Before you install Linux, you should know how you'll use the system. The
way the system is used will determine what kinds of components you should
select to install. The table below lists common deployments for Linux systems and
the components those deployments should include.
28
IV. Installation Facts
Depending on your organization and how you will deploy Linux, you have
several choices of how to access the Linux source files to complete the
installation. Listed below are several different methods you can use. (Before
performing any installation, check the hardware compatibility list (HCL) for the
Linux version you've selected to make sure your system components are
supported.)
When you start the install program, you can often choose how to interact
with the installation program. The following table compares various methods.
29
Installatio Description
n Method
GUI install With the GUI method, you make installation choices using the mouse and keyboard from graphical
installation screen.
The GUI install is the default install for most distributions.
Text install A text install bypasses the GUI screens, giving you basic text screens instead.
Use the text install if the system has video card problems or low video support.
Scripted In a scripted installation, you answer all installation questions ahead of time. Your responses are
stored in a file that is then read by the install program. The installation progresses without
interaction.
Use this system for a fully automated install and to quickly install on multiple systems.
1. Identify network requirements, select a distribution, identify the computer role, and verify that all
hardware meets system requirements
2. Select an installation file location and installation method
3. Start the installation
4. Choose the installation language and the system keyboard and mouse
5. Partition the hard disk
6. Configure the boot loader
7. Configure the network and firewall
8. Choose a system language and time zone
9. Create user accounts and configure authentication
10. Select components and services to install
11. Configure the video hardware
12. Install components and create boot disks
13. Select monitor and X Windows settings
During installation, the super user account, called the root user, is created.
Following installation, you can log on to Linux by typing root as the username and then
supplying the password you entered during installation.
Red Hat Linux provides you with the redhat-config-language command that runs with
an active X server occurrence to change the default language on your system after
installation.
Linux systems can determine the date and time in three ways:
30
Set the system clock to GMT (Greenwich-Meridian time) and then use the
correct time zone to interpolate the local time.
Set the system clock to the local time.
NTP (network time protocol) to automatically synchronize the system date
and time with time servers on the network/Internet.
When you work with users and groups, you will use a friendly name (such as
mary or sales) to refer to the user or group. However, the system uses ID
numbers to identify users and groups.
The user ID (UID) and the group ID (GID) are typically automatically assigned by the
system (although in some cases you can modify the ID number if you like).
The root user has a UID of 0.
Users you create are assigned UIDs 500 and above.
Primary group (also called the private group). By default, when you create a user, a
corresponding group is also created. The user is the only member of this group. When
you create files and directories, the primary group is automatically made the owner of
those files.
Secondary groups. Secondary groups are groups you create. You assign members to
those groups, and then use permissions to control access to files.
Note: The primary group is just a group like any other group. The only difference is
that the user account specifically identifies the primary group for each user.
The user and group databases are stored in the following files:
31
File Description
/etc/passwd Holds user account information including the user name, UID, primary group membership, and the
home directory location.
/etc/shadow Holds passwords and password expiration information for user accounts. Using a separate file
increases the security of the user passwords.
/etc/group Holds group information including the group name, GID, and group membership information.
/etc/gshadow Holds passwords for groups.
User account information is stored in two different files. The table below
describes these files and their sample content.
File Contents
/etc/passwd Each line identifies a user account.
Each line contains multiple fields, with each field separated by a colon.
Shown below is a sample line from the passwd file:
pclark:x:501:501:Petunia Clark:/home/pclark:/bin/bash
pclark:$ab7Y56gu9bs:12567:0:99999:7:::
32
3. Last change. The date of the most recent password change, measured in the number of days
since 1 January 1970.
4. Minimum password age. The minimum number of days the user must wait before changing
the password.
5. Maximum password age. The maximum number of days between password changes.
6. Password change warning. The number of days a user is warned before the password must be
changed.
7. Grace logins. The number of days the user can log in without changing the password.
8. Disable time. The number of days since 1 January 1970, after which the account will be
disabled.
Although it is possible to edit the passwd and shadow files manually to manage user accounts, doing
so can disable your system. Instead, use a GUI utility or the following commands to manage user accounts.
33
Group Commands & Files
Group information is stored in two different files. The table below describes these files
and their sample content.
File Contents
/etc/group Each line identifies a group.
Each line contains multiple fields, with each field separated by a colon.
Shown below is a sample line from the passwd file:
sales:x:510:pclark,mmckay,hsamson
sales:!:pclark:pclark,mmckay,hsamson
34
Use... To... Example
groupadd name Create a group. groupadd sales creates the sales group
groupmod -n Change the name of a group. groupmod -n sales2 sales renames the sales group to sales2
newname name
groupdel name Delete a group. groupdel mktg deletes the mktg group
gpasswd name Change a group password (use Typing gpasswd sales prompts you to type the group
the -r option to remove a group password
password).
newgrp name Log in to a new group. You must Typing newgrp sales prompts you for the password for the
have the group password to sales group so you can log in
complete this command.
usermod -g Assign a user to a primary useradd -g pmaxwell pmaxwell assigns primary group
group user group. membership for user pmaxwell to the pmaxwell group
usermod -G Assign a user to a secondary usermod -G sales,mktg pmorril removes all existing group
group1,group2 group (or groups). Follow the assignments for pmorril and makes the user account a
user command with a comma- member of the sales and mktg groups. (You can remove a user
separated list of groups. from all secondary groups by using the command usermod -G
"" user.)
Note: When you assign a user to one or more secondary groups, all existing secondary group membership is removed
before assigning the user account to the listed groups.
Permission Facts
Every file has an inode (information node) that stores information about the file,
including when the file was last modified, file size, data block location, permissions, and
ownership (remember, directories are also files in the Linux system). The portion of the inode
that stores permission information is called the mode. The mode has three sections:
User (owner) permissions
Group (group owner) permissions
Other (everyone on the Linux system) permissions
There are three types of permissions contained in the mode, each of which is
described in the table below.
35
Permission Letter Octal Value Allowed Actions on Files Allowed Actions on Directories
Abbreviation
Read r 100 (binary) Open and read the file List directory contents if the
4 (decimal) execute permission is also present
Write w 10 (binary) Open, read, and edit the file Add, delete, and rename files if
2 (decimal) the execute permission is also
present
Execute x 1 (binary & Execute the file (if it's a Enter the directory and work with
decimal) program file) or the shell script its contents
When you identify permissions, you can either use the letter abbreviation (r, w, x), or
the octal number that corresponds to the permission. The following graphic shows a detailed
depiction of how permissions are displayed and how they can be referenced.
A d preceding the permissions indicates that the object is a directory. A - identifies a file
(the example above is for a file).
Permissions are grouped according to user, group, or other permissions.
If a permission has not been assigned, a - takes its place in order.
When using numbers to represent permissions, add the decimal numbers together
within each permission group. Then string the numbers together. For example, the
permissions in the graphic above can be represented by the number 764.
The root user has all permissions to files and directories regardless of what the mode
indicates.
36
Default Permissions and Umask
You can customize the default permission assignments by setting a umask. The umask
identifies which permissions are removed from the default permissions when files and
directories are created. The following table shows what happens when you set a umask value
of 022.
Files Directories
Default 666 777
Permission rw-rw-rw- rwxrwxrwx
Umask 022
Result 644 755
rw-r--r-- rwxr-xr-x
In the example above, when you create a file, the umask value (022) is subtracted from
the default permissions for new files (666). This gives you permissions of 666 - 022 = 644 or
rw-r--r--.
Note: When subtracting permissions using the umask, use binary math (not decimal math) to
identify the exact permissions removed. Be sure to remove permissions from the system
defaults, not from all permissions (777 for both files and directories).
A umask of 066 results in file permissions of rw-------- (600) and directory permissions of
rwx--x--x (711).
A umask of 033 results in file permissions of rw-r--r-- (644) and directory permissions of
rwxr--r-- (744). Notice that the file permissions are not 633 as you would get if you
performed decimal math using the umask setting.
A umask of 011 results in no changes to file permissions (the x permission is already
removed by default) and directory permissions of rwxrw-rw- (766).
37
Ownership Facts
When a user creates a file (or directory), the user and the user's primary group
receive ownership for the file (or directory). File ownership determines which users are
allowed to change the file's ownership and permissions. Only a file owner and the root user
can change file ownership or permissions.
The three permission settings in the table below comprise a "fourth group" that also
affects file ownership. You need to understand how to work with these settings in
conjunction with permissions.
Each fourth group setting precedes the standard octal representation of a set of permissions. For example:
4421 sets the SUID
2421 sets the SGID
1421 sets the sticky bit
6421 sets both the SUID and SGID
7421 sets all three
38
Permission Commands
The table below lists the most common commands for managing file permissions.
Ownership Commands
The table below lists the most common commands for managing file ownership.
39
chown user filename Change the ownership of a file (or chown pmorril /sales/report makes pmorril the
directory). Only the root user or owner of user owner of the /sales/report file
the file can execute this command.
chown -R user Change the ownership of the file recursively
chown -R pmorril /sales makes pmorril the
filename throughout the directory tree. owner of all files in the /sales directory (and
below)
chown user:group Change the user and group ownership of chown pmaxwell:sales /sales/report makes
filename the file. pmaxwell the user owner and sales the group
owner of the file
chown :group Change the group owner of a file. chown :sales -R /sales makes the sales group
filename the owner of all files in the /sales directory
chgrp group chgrp sales /sales/report makes the sales
filename group the group owner of the file
The table below lists the most common file management commands.
40
ln filename Create a hard link between files. A ln /home/jsmith/projects/home/edunford/projects
filename hard link creates an exact copy of a creates an exact copy of /home/jsmith/projects in
file. You can create an unlimited /home/edunford/projects.
number of hard links to a file, but
they all have to be on the same file
system. Using the -s option allows
you to create a symbolic link to a file.
A symbolic link is a shortcut to the
original file.
mkdir directory Create a directory. mkdir projects creates a projects directory in the current
name working directory.
mkdir -p path Create a directory tree structure. mkdir -p completed/projects creates the
completed/projects subdirectory in the current working
directory.
mv source Move a file to a new location. This is mv ongoing/projects/proj completed/projects/proj
destination also the command used to rename an moves the proj file from /ongoing/projects to
existing file using a new name. When /completed/projects.
you move a file, permissions stay the
same (although you need the
permissions to move the file).
rm filename Delete a file. rm proj removes the proj file the system.
rm -f filename Delete a file without a warning rm -f proj immediately removes the proj file from the
prompt. system without prompting.
rmdir directory Delete a directory (the directory rmdir /projects -- Removes the projects directory from
must be empty). the system.
rm -r directory Delete a directory and its contents rm -rf completed/ removes the directory structure
(use the -rf switches together to beginning with the /completed directory.
delete without prompting). Take care rm -rf * removes all files without prompting (do not use
with this command because rm -rf* this command).
deletes all files in the system.
touch filename Change a file's timestamp. touch proj changes the access and modification times of
the proj file to the current time.
du path List files and file sizes in and below du -c /home/badams lists all files and directories in
Common the specified directory. badams' home directory along with a file size and a total
switches amount of space taken up by the directory.
include: du -c -s /home/badams shows the total amount of space
-c list a total taken up in badams' home directory.
number for
the size
-h display the
output in
41
Human
readable
format
(bytes, KB,
MB, GB)
-s list only
the total,
not each file
df path List the free space in the partition df /home lists the free space on the partition that holds
holding the specified directory. (Use the /home directory.
the -h option to get human readable
output.)
You should also know the following facts about working with files:
Hidden files (files not shown by the ls command) are files that start with a period.
To show hidden files with the ls command, use the -a option.
Commonly used commands often use aliases (an alias is a shortcut to a command). Two
common aliases are
o ll = ls -l
o la = ls -a
You can set up command aliases of your own in .bash_profile file in your home directory. This
is one of several files that set the system configuration. .bash_profile executes after the
systemwide profile file, /etc/profile.
To execute programs:
o Enter the executable name to run a program directly. (This only works for files that are
on your path.)
o Enter ./filename to run an executable when you are in a directory that is not on your
path.
o Enter the full pathname to the file to run an executable from anywhere.
42
VII. Services.
Managing most services is done by executing a shell script that corresponds to
the service. Shell scripts are typically located in /etc/rc.d/init.d, although a symbolic link
pointing to this directory might also exist at /etc/init.d. Shell scripts contain a series of
actions to start, stop, and otherwise manage the service. The table below lists the most
common commands for managing services.
Use... To... Example
/etc/rc.d/init.d/servicename Run the shell script associated /etc/rc.d/init.d atd start
option with the service. The options
available depend on the shell /etc/rc.d/init.d atd restart
script. Most scripts include
the following options:
start
stop
status
restart
reload
* (shows a list of
available options)
service --status-all View the status of all services
Use this command as shown to get a list of service
status.
service servicename option Use the service command line service atd start
tool to manage services
(eliminates the need to type service atd restart
the service's full path).
A package manager is a software application that installs and maintains software. The package
manager maintains a database of software information that you can query to view installed software.
However, package managers don't allow users to compile the software as part of the installation process.
43
Package Manager Commands
The table below lists the most common rpm commands.
44
VIII. Boot & Shutdown
A boot loader manages the loading of the operating system and allows you to
have multiple operating systems on a single system. Popular Linux boot loader utilities are:
1. At startup, the BIOS verifies system hardware, then looks for a master boot record (MBR) on a valid
booting disk. Once located, it loads the first program in the MBR (this is the boot loader file).
2. The boot loader loads a small piece of code, then looks for the remaining boot loader code. This is the
first stage of the boot load process.
3. For LILO, the boot loader looks in the MBR for the additional boot information. With GRUB, it can look
on the /boot volume for additional boot information. The additional information includes a list of
possible operating systems recognized by the boot loader. This is the second stage of the boot load
process.
4. After the user has chosen the OS to boot to (or if only one is found), the boot loader locates and
begins loading the corresponding kernel. It also loads the initial RAM disk image (initrd) into memory
so the kernel can locate drivers needed to load the kernel.
5. With the kernel and initrd loaded, the boot loader passes control to the kernel.
LILO has a long history of stable operation, and it seems unlikely to be completely replaced by
GRUB. However, listed below are some reasons why GRUB has increased in popularity.
GRUB provides an interactive command line during boot up that allows you to do the operations
below:
o View hardware configuration
o Find and view files
o Alter the GRUB configuration
o Boot a selected operating system
GRUB offers a complete support system, including the following components:
o Web site
o Manual
o FAQ
o Bug tracker
o Developer mailing list
GRUB can read the ext2 and ext3 filesystems (and not just the MBR), so it can read its configuration
file from the /boot partition instead of having to store such information on the MBR as LILO does.
45
Shutdown Command and Facts.
Turning off the power without executing the proper shutdown procedure to a
computer can result in data loss and filesystem corruption. Linux provides several
different shutdown options. The table below shows common commands for shutting
down the system.
Use... To...
shutdown -h Shut the system down immediately.
now
halt or
init 0
shutdown –r Shut the system down immediately and reboot.
now
reboot or
init 6
shutdown -h Shut the system down in the designated amount of time. Examples:
time shutdown -h +5 shuts the system down in five minutes.
shutdown –r shutdown -h 22:00 shuts the system down at 10:00 pm.
time shutdown -r +15 reboots the system in 15 minutes.
shutdown -r 24:00 reboots the system at midnight.
shutdown -c Terminate the shutdown process. (You can also press Ctrl + c on the keyboard.)
shutdown -rf Reboots the system and skips the fsck utility on reboot (the -f parameter stands for fast). Example:
time shutdown -r +15 reboots the system in 15 minutes and skips fsck.
shutdown -k Sends a warning message, but doesn't really shut down. If used in combination with -h or -r, it will
terminate the shutdown process after the message is sent.
shutdown -a The system uses the /etc/shutdown.allow file to verify who can shut down the system. The most
common use of this switch is to edit the /etc/inittab file and add the -a switch to the CTRL-ALT-DELETE
section. When the switch is present, if the shutdown.allow file exists, shutdown checks to see if a
listed user or root is logged on.
If so, the system shuts down.
If not, shutdown is not allowed.
If the file does not exist, there are no restrictions on who can shut down the system.
When you use the shutdown command to power the computer off, the system does the following:
46
IX. Networking.
Many of the network services you run on Linux are administered by xinetd, a
service known as a super server. A super server listens on behalf of other services to
start and stop them as necessary. Xinetd starts when the system boots up. Its
configuration file is /etc/xinetd.conf, and most of the daemons it manages are located
in the /etc/xinetd.d directory.
Xinetd has come to replace inetd in modern Linux distributions in large part
because it is more secure than inetd. For example, unlike inetd which depended on
tcpd to access hosts.allow and hosts.deny, xinetd does not to rely on external
programs to manage its security; it can access hosts.allow and hosts.deny directly.
Using xinetd, you can also place limits on incoming connections.
There are two ways you can enable services to be managed by the xinetd super
server. You can either add a section to the /etc/xinetd.conf file describing the service, or
you can create a file containing the service description in the /etc/xinetd.d directory.
47
FTP Used to transfer files ftpd ftp from the /etc/ftpaccess
across networks. command line
Web browsers
GUI clients
NFS Network file service allows nfsd mount /etc/exports
Linux systems to share files command to exportfs -r command to export the share
across a network access data on to the network users
storage
devices
NIS A centralized user database ypserv ypbindNIS uses multiple files. For username and
for local network yppasswdd password information, it builds a special
authentication. ypxfrd database from your passwd and shadow
files. When you change your Linux users,
you must re-export them to NIS.
The /var/yp directory holds the NIS user
database files.
SMB/Samba Samba is the open source smbd and smb4k utility The /etc/samba directory stores samba
server message block nmbd to browse configuration files
(SMB) service. Windows computers smb.conf (main configuration
uses SMB, so Samba allows and shares file)
integration of Linux and smbpasswd (stores samba user
Windows file sharing. information)
smbmount to mount the smbfs file
system
smbpasswd -a name to associate Samba
users with established user accounts and
change user passwords.
Squid proxy Allows networked squid Generally a /etc/squid/squid.conf is the main
server computers to share one Web browser configuration file.
Internet connection /var/www holds proxy cache files.
SSH Secure shell provides opensshd ssh (remote /etc/ssh directory stores configuration
encrypted communication shell) files
(replaces telnet) scp (secure
copy)
sftp (secure
FTP)
RADIUS Provides centralized radiusd Clients /etc/radiusd
authentication and accessing the
accounting for remote server
access (dial-in) services. remotely
48
SendMail Provides e-mail sendmail Multiple e-mail clients, /etc/sendmail.cf or /etc/mail/sendmail.cf
services. often integrated with a configures the server.
Web browser. /etc/aliases maps mail names to user names.
The .forward file in the user home directory
redirects incoming mail messages to other e-mail
addresses.
The /var/mail directory holds user mailbox files
(this might be a symbolic link to another
location).
Note: You can manage each service independently, or use the linuxconf tool. Linuxconf is a graphical tool
that lets you view and manage many different networking services in a single tool.
NIS Facts
A common way to allow centralized logins is to set up an NIS server. An NIS server
allows you to coordinate common configuration files like /etc/passwd and /etc/shadow across
several Linux machines.
Use ypserv.rpm to install the NIS service. This packet installs the following daemons,
which are the core services to run an NIS server:
ypserv
yppasswdd
ypxfrd
After you've installed the ypserv.rpm, use the following steps to configure the NIS
server:
49
After setting up the NIS server and creating the yp database, you need to configure
client computers to use the NIS server for authentication. Use the following steps:
Not only can you have multiple users logged on to a computer at a time, you
can also log in to a computer over the network. This is useful in case you want to copy
files or manage the remote computer. Listed below are common tools that let you
connect to remote systems.
When using Telnet to connect to a remote computer, you cannot log in as the
root user. Instead, log in as another user, then use the su command to switch to the
root user within the Telnet session.
The /etc/ftpusers file contains the names of users who do not have ftp login privileges.
50
Networking Commands and Files
Linux uses the following files for network configuration information.
File or Directory Description
/etc/init.d/network Script file that loads and unloads networking services.
/etc/sysconfig/network- Network configuration file directory. In this directory, you'll find individual device
scripts configuration files by locating files named ifcfg-device_name (e.g., ifcfg-eth0). You can edit
these individual files to modify the following settings:
Boot protocol (static, DHCP, or BootP)
Autoconfiguration information
IP Address, mask, and gateway (for static configurations)
/etc/hosts IP address-to-host name files used for name resolution. (A host name is also called a fully
/etc/resolv.conf qualified domain name or FQDN.) Entries in the /etc/hosts file need only two fields - the IP
address followed by the host name. Any entries after these two entries are either aliases,
or if preceded by a # sign, a comment about the entry.
/etc/hostname Holds the variables that define the host and domain names.
The table below shows common commands for configuring network settings.
51
Use the following commands to view network configuration information:
Use ifconfig to view configuration information for network interfaces.
Use route to view the routing table and the default gateway.
Use arp to view the ARP cache (MAC address-to-IP address mappings).
X. Security
User Account Security
Linux includes several tools that help you manage network security. The
following table lists several tool types with Linux examples.
52
Tool Type Linux Tool Description
Firewall ipchains (kernel
A firewall is a set of features that prevents or allows packets based on specific
2.2 and earlier)
traffic characteristics. For example, you can restrict traffic based on IP addresses or
iptables (kernel
TCP protocol. To protect a server or your network, you should only allow traffic that
2.4 and later) is necessary for the services on your network.
Port nmap A port scanner checks for open or closed ports on a computer. Network services
Scanner use ports to identify services running on a computer. To protect a server, make sure
that only the necessary ports are opened. For example, if the server is only being
used for e-mail, you should shut down ports that correspond to FTP, DNS, and HTTP
(among others).
Protocol Ethereal A protocol analyzer captures network packets and lets you examine their contents.
Analyzer You can capture all packets or only packets that match specific criteria. A protocol
analyzer helps you to understand traffic coming to and from a device.
Intrusion snort An intrusion detection system (IDS) is a set of features that is constantly monitoring
Detection PortSentry the system looking for attacks.
System RootKit Hunter Like a combined protocol analyzer and port scanner, snort is constantly monitoring
(IDS) Analysis network traffic, comparing it to a database of known problem traffic patterns.
Console When a problem is found, it can take specific actions or create a log of suspicious
activity.
PortSentry runs as a daemon on the host system, listening to TCP/UDP ports and
preventing scanning systems from connecting to the host system.
In addition to backdoors and local exports, Rootkit Hunter can identify any rootkit
packages have been loaded on your system.
Analysis Console can analyze logs files (standard or custom) and databases to
detect signs of intrusion.
Another way that you can control network services access is by editing the
following two files and identifying networking services by daemon name and network
hosts by IP addresses or aliases.
XI. Troubleshooting
Configuration Files and Directories
A big part of Linux administration is editing configuration files viewing other files
to gather system information. The following table lists many of the files and directories
you've learned about in this course.
53
File or Directory Contents/Purpose
/etc/inittab System initialization file that controls the runlevel and the services started at boot.
/etc/rc.d Directories that hold files related to daemons that are started by the inittab file.
/etc/rc.d/init.d init.d holds script files that launch services.
/etc/rc.d/rc0.d rc0.d corresponds to a runlevel and holds links to scripts to start and stop services upon
entering the runlevel.
/etc/shutdown.allow File that identifies users who can shut down the system.
/etc/fstab Files that identify volume mounts. fstab identifies volumes to mount at boot. mtab
/etc/mtab identifies currently-mounted volumes.
/mnt Directories that are used to create mount points to volumes.
/media
/dev Directory that holds device files that are used to configure and access system resources.
/etc/crontab Files that identify scheduled tasks. The main crontab file launches the other files listed.
/etc/cron.daily
/etc/cron.hourly
/etc/cron.weekly
/etc/cron.monthly
/etc/passwd User and group database and password files.
/etc/shadow
/etc/group
/etc/gshadow
/etc/X11/XF86Config XWindows configuration files.
/etc/X11/xorg.conf
/etc/lilo.conf LILO boot loader configuration file. After editing this file, be sure to run the lilo command
to write changes to the appropriate location.
/etc/grub.conf GRUB boot loader configuration files. The location of the file depends on your distribution.
/boot/grub/grub.conf
/boot Directory that holds files needed for the boot process. Most notably, the compiled kernel
is usually in this directory.
/etc/modules.conf Files that identify kernel modules loaded at system startup. The file used depends on the
/etc/conf.modules distribution.
/etc/modprobe.conf
/etc/profile System-wide profile script that runs for all users immediately after login.
/etc/bashrc System-wide script that is used for aliases and functions. Runs after the /etc/profile script.
/etc/sysconfig/network- Directory that holds files for network configuration.
scripts
/etc/hosts Local files used for name resolution.
/etc/resolv.conf
/etc/inetd.conf Main network configuration file. This file controls starting and stopping networking
/etc/xinetd.conf services. Which file is used on your system depends on the distribution.
54
/etc/hosts.allow Files that identify users who can or cannot use network services.
/etc/hosts.deny
/proc Virtual file system that holds information about the current system state. View (and in
some cases edit) files in this directory to view and modify the current system state.
/var/log Directory that holds system messages and events.
/var/log/dmesg Common files that record the majority of system messages.
/var/log/messages
/var/log/boot.log
/var/log/boot.messages
/tmp/install.log
/root/install.log
/var/spool Directory that holds spool files used for printing, mail, cron, and other jobs.
Network Troubleshooting
The following table compares some of the tools you can use to troubleshoot
network communication problems.
Use... To...
ifconfig Show status of each network adapter:
MAC address
IP address and mask
Broadcast address
Transmit and receive statistics
ping Test connectivity between two devices ping will keep going, must manually stop it
traceroute Test connectivity between devices, show the path between the two devices
netstat Incoming and outgoing connections. Sessions, ports, and sockets. Who is connected. (Used with
the -a option, netstat also shows all listening and non-listening ports.
netstat –r Show the routing table, which includes the default gateway.
route
nslookup Resolve IP address from the host name. dig shows expanded output.
dig
service network Restarts all networking services on the computer.
restart
ifup interface Start or stop a network interface. Use the ifconfig -a command to get the IP configuration (IP
ifdown interface addressing information) for the network interface.
host Retrieve the IP address and other information for a FQDN/host name from a DNS server.
55
When a network problem happens, the first step is to identify the affected
users or computers. If the problem is isolated to a single computer, the problem is with
the computer configuration, the network connection, or user error.
Try to ping other computers to see if the computer has connectivity to any other computer.
If ping to any other host fails, check the link light on the NIC. If the light is on, the computer
has electrical connectivity to the network.
Use ifconfig to verify the IP configuration information
If ping works, but the user can't access servers on the network, the problem might be user
error in login. Verify the correct user name and password is used. Make sure CAPS lock isn't on
(passwords are case sensitive).
If ping works, try contacting the computer by hostname. If nslookup or dig fails, troubleshoot
name resolution services.
Try it with your own user account. If you can connect, troubleshoot user error or examine
resource permissions.
If multiple users on the same network are having the same problem, narrow
the scope of the problem.
Is the problem with accessing a single host or server? If so, troubleshoot the destination
device.
Is the problem with accessing any outside network? If so, check the routers connecting you to
other networks.
Is the problem with accessing specific destination networks? If so, run traceroute to identify
the spot in the path where the problem starts.
If all users are having troubles connecting to a specific service (such as a file server):
56