Learning More about Linux

Learning more about linux bevause that is what my server and most backend server run on today. I am only going to focus on some things in this textbook that I want to know more about, and I am probably just going to skim that content. This textbook, referenced belo, goes over OS concepts as well as Linux, and I only really want to know more about Linux right now.

Date Created:
Last Edited:

References

  • Linux with Operating Systems Concepts, Richard Fox

General

Wildcard

Explanation

*

Match anything (0 characters of more)

?

Match any one character

[chars]

Match any one of the characters in the list

[char1-char2]

Match any of the characters in the range from char1 to char2

{word1,word2,word3}

Match any of the words

[!chars]

Match any one character not in the list


Managing Processes

  • A process is a running program. Processes can be started from the GUI or the command line. Processes can start other processes. Whenever a process runs, Linux keeps track of it through a process ID (PID). After booting, the first process is an initialization process called init. It is given a PID of 1.

Terms

  • Background - processes which run when needed and when the CPU has time to run them. Because these processes are not running consistently as with multitasking processes, they cannot run interactively, so input and output must be done through files or offline
  • Batch processing - a form of process management whereby the operating system assigns a single process to the CPU to execute. Like background processes, batch processes do not run interactively so I/O must be done through files or offline
  • Child - a process spawned by another process. In Linux, all processes form a parent-child relationship with only one process, init, having no parent
  • Context switch - The CPU switching from one process to another by swapping process status information
  • Core dump - the result of an abnormally terminating program is a file which stores a memory dump of the process at the time the error arose. Core dumps can help programmers debug programs but are often large files
  • EUID - the effective user ID of the running process. Typically, a process runs under the UID of the user who started the process, but it is sometimes useful for a process to run under a different UID instead. In such a case, the EUID differs from the UID.
  • Exec - A system call to start a new process in place of the current process. The new process inherits the old process' PID and environment
  • FIFO -a simple scheduling strategy for ordering waiting processes (jobs) in a queue
  • Foreground - Processes which are being executed by the CPU (whether single tasking or multitasking) and currently have interactive access by the user.
  • Fork - A system call to start a new process which is a duplicate of the parent process
  • Interrupt - A signal received by the CPU (whether single tasking or multitasking) and currently have interactive access by the user
  • Interrupt handler - A part of the operating system kernel set up to handle a specific interrupting situation
  • IRQ - An interrupt request made by a hardware device. Each IRQ is assigned an interrupt handler
  • Multiprocessing - a form of the process management in which processes are divided up by the operating system to run on different processors. Although this was reserved for parallel processing computers in the past, today's multicore processors can accomplish this
  • Multiprogramming - in batch processing, if a process requires time-consuming I/O, the CPU idles during this time. In multiprogramming, the operating system causes a context switch so that the current process is moved to an I/O waiting queue while another process is selected to execute (or resume execution). This is also called cooperative multitasking
  • Multitasking -by adding a timer to count the elapsed clock cycles of an executing process, the operating system can force a context switch when the timer reaches 0 and raises an interrupt. In this way, we improve on multiprogramming so that no process can monopolize the CPU. This is also known as preemptive multitasking. Commonly, the processor maintains several running processes and switches off between them, visiting each in a round robin fashion
  • Multithreading - multitasking over threads as well as processes
  • Niceness - the value that indicates the priority level of a Linux process. The higher the niceness, the more willing the process will voluntarily give some of its cycles to other processes, thus lowering it's a priority. Niceness values range from -20 (least nice, highest priority) to +19 (most nice, lowest priority)
  • Orphan - An active process whose parent has terminated, As processes need to report before they terminate, any process requires a parent
  • PATH - an environment variable storing various directories. When issuing a command in a shell, the current directory and all directories in PATH are checked to find the executable program
  • PID - The process ID number, assigned when the process begins execution. PIDs are assigned sequentially so that with each new process, the PID increase by 1. PIDs are used in a variety of instructions including renice and kill.
  • Priority - a value used by a scheduler to determine when a process should execute. In Linux, priorities determine the amount of time the CPU will focus on the process before moving on to the next process
  • Process - a running program which includes code, data, status (values for its registers), and resources allocated to it
  • Process management - how the operating system manages running processes. Older operating systems permitted only two processes to be in memory running at a time, the user process and the operating system. Later operating systems began using multiprogramming and multitasking. Today, most operating systems are multithreading and possibly multiprocessing.
  • Process status - the collection of information that describes what a process is currently doing. This will be the important register values as well as allocated resources and locations in memory of such objects as the run-time stack and page table
  • Queue - a waiting line, used in operating systems to store processes waiting for access to the CPU or some device like a printer. Most queues store items in a FIFO manner but some use a priority scheme
  • Round robin - a scheduling algorithm where processes wait in a queue for service by the CPU which moves down the queue one process at a time until it reaches then end. It then resumes with the first process.
  • Scheduling - the task of an operating system to organize waiting processes and decide the order that the processes will gain access to the CPU
  • Signal - a value or message passed to a process indicating the level of seriousness of the command. This is used in the kill instruction to indicate to wheat level the operating system should end a process.
  • Single tasking - An old form of process management whereby the operating system only permits one process to be active and in memory at a time (aside from the operating system). In single tasking, the next process can only begin when the current process ends.
  • Sleeping - A process' status which has moved itself into a waiting state for some circumstance to arise. This may be a specified amount of time or for another process to complete its task
  • Sticky bit - An indicator, displayed in a directory's permissions, denoting that the directory is set up to allow other users to have write access to the directory but not to its contents.
  • Suspended process - Using CTRL+Z from the command line, the current process enters a suspended state so that the user can gain control of the command line. the user can also use this to move a process from foreground to background.
  • System monitor - A Linux GIU program that displays process status information, CPU, memory, swap space usage and network history for the last minute, and information about the file system
  • Threads - A variation of processes whereby a collection of therads share the same program code and possibly some of the same data but have their own unique data as well. A context switch between threads is faster than between processes so that multithreaded operating systems can be more efficient when running threads than a multitasking system
  • Time slice - the amount of time a process gets with the CPU until a context switch is forced
  • Zombie - a process which has terminated and freed up its resources but has not vacated the system because to report

Linux Commands

  • bg - to move a command-line process to the background
  • fg - to move a command-line issued process to the foreground
  • jobs - list the process that are suspended or running in the background in this terminal window
  • kill - to terminate a (or multiple) running process
  • killall - to terminate a collection of processes all owned by the same user or group or of a particular name
  • halt - when shutting down the Linux operating system, the shutdown command leaves the system in a text-based mode in which there are few commands available. Halt is used to stop the system whereas shutdown enters this particular mode
  • init - The first process run by the Linux operating system after kernel initialization so that init has PID of 1, and is used to start up the system and then become the parent of any orphaned process. The init process runs during the entire Linux session.
  • nice - To alter a process' default priority, the higher the niceness the lower its priority
  • ps - Print the process snapshot of all running processes in the current terminal window (or through options, all processes of this user or all users)
  • renice - Change the niceness of a running process
  • shutdown - Change the system to single user, text-based mode. From this state, the system administrator can issue a command of reboot, halt, or poweroff
  • top - A text-based program that displays process status and computer resource usage. It is interactive and updates itself every 3 seconds

Linux Applications

Encryption is a process of taking information in the form of a string of characters (whether ASCII, Unicode, binary, or other) and altering it by some code. The encoded message would make the information hard to understand if intercepted. Encryption and decryption are the translation processes of taking information and placing it into a coded form and taking a coded message and restoring the original form, respectively.
  • There are two general forms of encryption algorithms used today: symmetric key encryption (also known as private key encryption) and asymmetric key encryption (also known as public key encryption). The key is a mathematical means of encrypting or decrypting information. The encryption algorithms used today apply a numeric key that might be 80, 126, and 256 bits in length.
  • Various algorithms use different sized keys and apply them in different ways. Symmetric key encryption algorithms include advanced encryption standard (AES), the data encryption standard (DES, now out of date), and the tiple data encryption algorithm (triple DEA, which applies DEA in three ways). Asymmetric key encryption algorithms include RSA and the digital signature algorithm (DSA).

  • In symmetric key encryption, there is a single key that handles both encryption and decryption. Since this key is the only protection to ensure the security of the encrypted data, it is known as a private key, one that should be held securely so that the data cannot be examined. You might use symmetric key encryption to encrypt your data files on your computer or to transmit data to another person over the Internet who knows the key.
  • In asymmetric key encryption, the public key is used to encrypt messages but cannot be used to decrypt messages. The private key is used to decrypt messages as well as generate the public key. Therefore, the organization creates a private key and uses it to generate a public key. The private key is kept secure and the public key is provided to the customers.
Openssl is an open-source implementation of the SSL (secure socket layer) and TSL (transport layer security) protocols. With openssl, you can generate encryption keys (public and private), perform encryption operations (encrypt and decrypt messages or files), create certificates and digital signatures, and calculate message digests among other operations. Openssl works with a number of different encryption algorithms including ciphers AES, DES, IDEA, RC5, and triple DES, several cryptographic hash functions such as MD5, SHA1, SHA-2, and MDC-2, and public key cryptography algorithms such as DSA and RDA
# Obtain a list of ciphgers
$ openssl list-cipher-commands
$ openssl enc <cipher> -in <filename> -out <filename2>
  • You can generate a self-signed certificate with the openssl command, but normally, a certificate should be signed by a certificate authority to ensure its authenticity.


Terms

  • ARPAnet - original form of the Internet, developed in the late 1960s through the early 1980s
  • Asymmetric encryption - a form of encryption that uses two separate keys, a public key to encrypt messages and a private key to decrypt messages. This form of encryption is primarily used to support E-commerce and secure communications between different users or sites on the Internet
  • FTP - file transfer protocol, for transferring files between computers over the internet
  • HTTP/HTTPS - hypertext protocol transfer and the secure form, for transferring web pages from a web server to a web client
  • Insert mode - in vi, this mode inserts types characters into the document rather than interpreting the characters the as commands
  • Command mode - in vi, this mode interprets special-purpose keystrokes as commands to move the cursor, cut/copy/paste characters, perform file operations, or change from command to insert/replace mode
  • Computer network - a collection of computers and computer resources connected together by some medium to support resource sharing, document sharing, and electronic communication
  • Macro - a definition of keystrokes to be performed many times to save the user time, available in both vi and emacs
  • Private key - a key that can be used to encrypt and decrypt messages in symmetric (private key) encryption, or generate a pubic key and decrypt messages in asymmetric key encryption
  • Public key - a key made available to the public to encrypt messages but not decrypt messages, used to asymmetric (public key) encryption
  • R-utility - a suite of Linux network programs a user of one computer in a Linux network to access the other Linux computers without having to log in
  • Symmetric encryption - a form of encryption in which one key, the private key, is used to both encrypt and decrypt messages. Mostly used when there is only one user such as when encrypting and decrypting a file system
  • Text editor - a program to create and edit text files (as opposed to a word processor which also permits formatting of text)
  • WYSIWYG - an acronym for "what you see is what you get", a popular term expressing GUI-based software where you can see what the final product looks like before you print it. Early text-based word processors use embedded command so that the version of a file as seen during editing is not how the final product would look


Linux Commands

  • bibtex - generates a bibliography for a document
  • dig - to query a DNS server about IP address information
  • emacs - a text based text editor with many powerful features
  • ftp - a text based program to transfer files between computers
  • host - like dig, to query a DNS server about IP address information
  • ifconfig - to obtain or reconfigure the IP address of a computer
  • ip - a network tool that supersedes many network programs such as ifconfig
  • latex - to produce a .tx file and create a neutral, device-independent (dvi) file
  • mail - also mailx, the built-in text-based Linux mail client program
  • nc - the netcat program offering a suite of network operations, including the \ability to send HTTP requests to a web server without using a web browser
  • nslookup - like dig and host, but a more primitive DNS query tool
  • openssl - a collection of encryption algorithms that permit the user to generate public and private keys, encrypt and decrypt messages, and create digital certificates and signatures
  • ping - tests the availability and access of a networked resource
  • rlogin - one of the r-utilities, to remotely log into another Linux computer of the same network
  • rsh - one of the r-utilities, to open a shell on another Linux computer of the same network
  • rwho - one of the r-utilities, to execute who on another Linux computer of the same network
  • rcp - one of the r-utilities, to copy a file from another Linux computer of the same network to this computer
  • ssh - a secure form of telnet that uses public key encryption
  • telnet - a program to log into another computer across the Internet. Telnet is no longer used because messages, including passwords, are passed in an unencrypted form
  • traceroute - tests the route taken in communications between two networked computers
  • vi - a text-based text editor that comes with all Linux implementations
  • wget - a command line non interactive program to retrieve files from a web server without having to operate through a web browser

User Accounts

Creating Users and Groups

The user account is the mechanism by which the Linux operating system is able to handle the task of protection. Protection is needed to ensure that users do not maliciously or through accident destroy (delete), manipulate, or inspect resources that they should not have access to. In Linux, there are three forms of user accounts: root, user (human) accounts, and software accounts.
  • The root account has access to all system resources
  • Most software does not require its own account. However, if the software has its own files and directory space that the user should not directly access, then the software is often given its own account.
  • With each user account comes several different attributes:
    • a username
    • a user ID number (UID)
    • password
    • an entry in both /etc/passwd and /etc/shadow indicating user account and password information
    • A private group with a group ID number (GID), entered in /etc/group
    • An initial home directory, by default under the directory /home, with default files
    • A login shell, by default, Bash
  • Adding a user at minimum requires:
$ useradd -m <username>
  • There are many useradd options.
  • The groupadd instruction is far simpler than useradd:
$ groupadd <groupname>
  • There are some options for the groupadd command (for example, for specifying the group ID)


Managing Users and Groups

With users and groups created, we must manage them. Management will include making modifications to users' accounts (e.g., changing shells or home directories) and groups (e.g., adding users to a group). A useful program to inspect information is id. The id program returns the given user's UID, GID of the given user's private group, other groups that the user is a member of, and the user's SELinux context.

Command line commands for managing users and groups: usermod, userdel, groupmod, groupdel. Care should be taken when deleting a user or a group.


Passwords

Password management involves three general operations. First is the initial generation of passwords. Second is establishing and enforcing a policy requiring string passwords. Third is establishing and enforcing a policy whereby passwords must be modified in some timely fashion.


Terms

  • Epoch - the date January 1, 1970, used in some Linux commands and files to count the number of dates until an action should take place
  • GID - the ID number assigned to a group. This is an integer used for bookkeeping
  • Group - an account generated to permit a third level of access rights so that resource access can be established for a specific collection of users. In Linux, each user account is typically accompanies by a private group populated by only one user
  • PAM - pluggable authentication module allows a system administrator to tailor how a program or service will achieve authentication by calling upon any number of modules
  • Password - a means of implementing access control by pairing a username with a password known only to that user. Passwords, for security purposes, are stored in an encrypted manner
  • Private group - a group account generated for most user accounts whose name matches that of the user. The private group should contain only a single user, that of the owner. Files and directories created by a user default by this private group.
  • Strong Password - a set of restrictions for most user accounts whose name matches that of the user. The private group should contain only a single user, that of the owner. Files and directories created by a user default to being owned by this private group
  • UID - the ID number assigned to a user. This is an integer used for bookkeeping
  • User - a person who uses the computer to run processes
  • User Account - the account generated so that users can log into the computer and so the operating system can differentiate access to resources. In Linux, there are three types of accounts: root, normal users, and software
  • User Manager - the Linux GUI application used to create, modify, and delete user and group accounts.
  • User Policies - usage policies established by management in conjunction with the system administrator(s) and implemented by the system administrator to dictate such aspects of user capabilities such as software access, download capabilities, file space quotas, website and email usage, and password management


Linux Commands

  • apg - third-party software package to automatically generate random passwords
  • chage- control password expiration information
  • groupadd- create new group
  • groupdel- delete existing group
  • groupmod- modify existing group (use usermod to add users to a group)
  • newusers- program to generate new user accounts given a text file of user data. This is an alternative to developing your own script
  • pam- password authentication module to handle authentication responsibilities for most or all applications that require user authentication
  • passwd- used to modify user passwords but can also be used to control password expiration information similar to chage
  • sudo- allows a user to execute a program as another user. Most commonly used so that the system administrator can give access to some root programs to other users
  • tr- used to translate characters from one format to another. When coupled with /dev/urandom, we can take the randomly generated characters and convert them into readable ASCII characters to generate random passwords
  • ulimit- used to establish limits on resources in the shell session
  • umask- used to set default permissions when new files and directories are created
  • useradd- create a new user
  • userdel- delete an existing user
  • usermod- modify attributes of an existing user
  • vidudo - open the /etc/sudoers file in vi for editing and syntax checking


Linux Files

  • .bash_profile - script file laces in user home directories, executed whenever a user opens a new Bash session. Users can modify this file to add environment variables, aliases, and script code
  • .bashrc- script file places in user home directories, executed by .bash_profile. users can modify this file to add environment variables, aliases, and script code
  • /dev/urandom- software serving as a device that provides random number generation. Can be used to generate random passwords
  • /etc/bashrc- script file executed whenever a user starts a new Bash session. Controlled by the system administrator
  • /etc/group- file storing all of the groups defined for the system and the groups' members. This file is readable by the world.
  • /etc/login.defs- default values used by a number of different programs such as useradd
  • /etc/pam.d- directory of configuration files used by PAM
  • /etc/passwd- file storing all user account information. This file does not include passwords. The file is readable by the world, so any user can view account information about users
  • /etc/profile- script file executed when a user logs into the system. Controlled by the system administrator
  • /etc/shadow- file storing password information for all users and groups. All passwords are encrypted. Other information such as password expirations are listed here. This file is accessible only by root.
  • /etc/skel- directory controlled by the system administrator containing initial files and directories to duplicate when a new user is added to the system. Anything stored here is copied into the new user's home directory upon user account creation
  • /etc/sudoers - file storing sudo access rights. This file should only be opened using visduo

The Linux File System

  • In the Linux operating system, everything is treated as a file except for the process. The entities treated like files include directories, physical devices, named pipes, and file system links. Aside from physical devices, there are also some special purpose programs that are treated like files.
  • Many devices are treated as files in Linux. These devices are listed under the /dev directory.
  • Another file type is the link. There are two forms of links: hard links and soft (or symbolic) links. A hard link is stored in a directory to represent a file. It stores the file's name and the inode number. When creating a new hard link, it duplicates the original hard link, storing the new link in a different directory. The symbolic link instead merely creates a pointer to point at the original hard link.
  • A link is used so that you can refer to a file that is stored in some other location than the current directory. This can be useful when you do not want to add the file's location to your PATH variable.
  • You can determine a file's type by using ls -l

  • The inode is a data structure used to store file information like the type, permissions, owner and group, inode number, timestamp indicating when the inode was last modified, when the file was created, when the file was last accessed, a link count, the location of the file and pointers to the individual file blocks

The disk drive(s) making up your Linux storage space is(are) divided into partitions. Each partition will contain an independent file system unto itself. Multiple partitions may be placed on one physical device or a single partition could be distributed across multiple devices. The distribution of partitions to physical device(s) should be transparent to the user and, unless a device fails, it should be transparent to the system administrator as well.


Linux Top-Level Directories

  • The root directory (/) should only contain subdirectories, not files.
  • The root partition directories will include /bin, /sbin, /etc, and /root.
  • The /bin directory contains binary files (executable programs). It is the primary repository of system commands.
  • The /sbin directory contains other binary files. The difference between /bin and /sbin is that /sbin contains programs that are intended for system administration usage.
  • The /boot directory contains files needed for boot loading the operating system.
  • The /root directory is the home directory for root. It is like any user's home directory except for different permissions.
  • The /lib directory is in a way an extension to the /usr directory.
  • The /lib directory is in a way an extension to the /usr directory. /lib will store shared library files. These are files (usually executable code) that are to be used by multiple programs.
  • The /lost+found directory will hopefully always be empty. Its role is to store files that were found to be damaged in a system that di not go through the proper shutdown process.
  • The /tmp directory is a directory for temporary files created by running software.
  • The /mnt directory is a mount point that system administration can use to temporarily mount partitions.
  • The /opt directory is available to install third party software
  • The /dev, /proc, and /sys directories are virtual file systems. They exist in memory - not storage space.
  • The /dev directory stores the devices connected to the computer.
  • The /proc directory contains information generated by the Linux kernel about the running process.
  • The /sys directory stores information about devices and device drivers along with device configurations.
  • The /etc directory is the directory that system administrators are involved with most often.
    • This directory stores configuration files for tuning the operating system to you needs as well as other forms of data files such as /etc/passwd file storing user account information.
    • The /etc directory also has several subdirectories that contain further groups of configuration files.
The /home directory contains all of the users’ home directory space. This is where users by default will store their personal data files, scripts, multimedia files, and so forth. Group directories can also be established under /home.
  • The /usr directory stores application software and supporting files.
  • The /var directory contains system and software data. These data files will differ over time, hence the "var" name.


Terms

  • Block - fixed size unit of storage in the file space. Typically, files are broken into blocks and divided and distributed across the hard disk surfaces
  • Block device - type of device, denoted type 'b' in long listing, that performs input/output on blocks (rather than characters); most storage devices are block devices
  • Character device - type of device, denoted by type 'c' in long listing, that performs input/output on characters (rather than blocks); keyboard and mouse are examples of character devices
  • Directory - organizational unit to house files and subdirectories; denoted by 'd' in a long listing
  • Domain socket - a mechanism to support interprocess communication; denoted by 's' in long listing
  • ext (extended file system) - family of file systems supported by Linux; ext is not used but ext2, ext3, and ext4 are all common
  • FAT (file allocation table) - used in older Windows operating systems to store the disk block layout so that obtaining the ith block of a file can be easily determined without having to perform i-1 disk access
  • FIFO - first-in-first-out, an expression to describe how elements waiting in a queue are serviced; in Linux, a fifo is a named pipe
  • File space - the collection of devices used for storage; typically consisting of an internal hard disk, optical disks, and USB drives mounted as needed and possible externally connected hard drives or hard disk drives accessed remotely by a network
  • File system - the storage structure of a partition, including a specific type
  • File type - Linux denoted file types to differentiate between regular files, directories, symbolic links, block devices, character devices, named pipes, and domain sockets; the file type is indicated as the first letter of the permissions in a long listing and also be obtained using the stat command
  • Hard link - the name of the file and its inode number. Two files that are hard linked together permit access to the file via either link. Deleting one "file" deletes a hard link but not the file. Only if no other hard links exist will the deletion of the last remaining hard link cause the file to be deleted, returning the inode to the file system for reuse
  • Index - a means of indicating where a disk block is to be found; a mounting process is required to convert from a file's disk block to the location on disk of that block.
  • Indirect block - indoes come with several direct pointers to the first group of disk blocks for the file; the remainder of the disk blocks are pointed to by pointers in indirect blocks; the inode has pointers to indirect blocks, doubly indirect blocks and triply indirect blocks
  • inode - a data structure storing information about a specific file including pointers to its block s or indirect blocks, creation / modification/access information, permissions, ownership, file type, and device number; any Linux file system contains a set of inodes
  • Link - either a hard link or a symbolic link
  • Logical volume manager (LVM) - a software means of partition management so that partition sizes can be changed without requiring direct changes to the file system itself; this makes partition management safer and easier.
  • Mounting - making a partition available
  • Mount options - control access to the partition such as making it read-only (ro) or read/write (rw), synchronous (sync) or asynchronous (nosync) and permitting any one to mount the partition (user) or not (nouser), among others
  • Mount point - the logical location of a mounted partition, this will be some directory such as /opt, /mnt, or /usr/local/mountpoint
  • Named pipe - a mechanism to link the output of one process with the input to another, like a Bash pipe, but in this csse the named pipe persists as a file like object
  • Network file system (nfs) - a form of file system that permits the mounting of partitions over the network
  • Partition - a logical division of the file system to protect the contents from other partitions
  • Pointer - an indicator of where a disk block is located
  • Quota - a limit established by the system administrator on the number of blocks (or inodes) that a given user or group is permitted to use
  • Remote file system - a partition that is made available over the network
  • Symbolic (soft) link - a pointer to a hard link. The symbolic link takes up less space in a directory than a hard link as it stores a pointer and not the file's name. Deleting the original file will leave the symbolic link pointing to an inode of a nonexistent fo;e. Soft links are indicated in a long listing with the letter "l" as the file's type, its name listed differently, pointing the name and the actual location of the file, such as an entry like link->/usr/local/bin/someprogram
  • Top-level Linux directories - standardized directories that you would find in any Linux operating system
  • Unmounting - removing a partition form being accessible; you would do this if you had to work on the partition, for instance, to perform a backup or repair bad blocks


Linux Commands

  • badblocks -locate bad blocks within a particular device or partition
  • chroot - run the given application(s) within the specified file system as if the file system were the root level so that the application(s) cannot access outside of the file system
  • cpio - backup utility
  • df - report on the file system usage (amount available, amount used) for all or given partitions
  • du - report on disk usage for give file(s) or directory(ies)
  • dump - backup utility that can perform incremental backups, used in place of cpio in most cases
  • exportfs - permit specified file system to be mounted remotely
  • fsck - file system check; can locate bad blocks and repair files damaged by remaining open at the last system shutdown
  • lvm2 - a program to handle maintenance on partitions using an LVM
  • mount - mount specified partition at the specified mount point
  • nfs - service that permits mounting of remote partitions
  • parted - a utility to handle partitions for instance by resizing, renaming, and moving them
  • quotacheck - used to generate a database of users/groups for the given file system; this is the first strep in establishing quotas
  • repquota - used to display all quotas established for the users/groups of the given file system
  • setquota - used to establish quota values for a user or group from the command line
  • stat - display file statistics
  • tar - tape archive, historically used to perform backup to tape but today is most commonly used to create archives of files and directories
  • unmount - unmount a partition


Linux Files

  • aquota.user - the database of users/groups of a file system generated by the quotacheck instruction, stored at the root level of the given file system
  • /bin - location of common binary files (Linux commands and programs)
  • /boot - location of boot loader program and Linux kernel, required for booting Linux
  • /dev - directory storing interfaces to most of the available devices (both physical like hard disk, optical disk, modem and logical like windows (tty), programs like random and zero, and ramdisks)
  • /etc - stores system memory configuration files; system administrators will often use the files in this directory
  • /etc/mtab - the currently mounted partitions; kept up-to-date
  • /etc/fstab - the file system table, specifies mount operations at system initialization time
  • /home - the users' home directory space
  • /proc - stored in memory rather than on the file system, this directory stores information about all running processes
  • /root - the system administrator's home directory
  • /sbin - system administrator binary files
  • /usr - application software and other common programs that are not found under /bin and /sbin
  • /var - system data files that grow over time such as log files, email files, and print spooler files

System Initialization and Services

The Linux boot and initialization process is well established. It is largely automated requiring little to no system administrator interaction. However, there are reasons for learning the process. If something goes wrong, understanding the process will help you troubleshoot and resolve any issues. There are some aspects of system initialization that the system administrator may wish to tailor to the needs of the organization. Additionally, if the system is a dual booting one, understanding the boot process becomes critical.
  • Services are programs run by the operating system in the background to handle requests of various agents on demand. Services are configured by the administrator and the administrator is able to start or stop services as needed.
  • In Linux, a service is generally referred to as a daemon. A service is a piece of operating system code used to handle some type of request. The service runs in the background so that it does not take up processor time unless called upon. Services can handle requests that come from different sources: users, applications software, hardware, other operating system services, messages from the network. Services are configurable. Configuration is usually handled through configuration files, which are often stored in the /etc directory (or subdirectory). Services can be running or stopped and you can control which services are running / stopped and which services are started at system initialization time based on the runlevel.
  • Linux services can generally be divided into these categories:
    • Boot
    • file system
    • hardware
    • language support
    • logging
    • network, web/Internet
    • Power management
    • scheduling
    • system maintenance


Terms

  • Booting - the process of starting a computer. The boot process includes running a power on self-test, locating bootable devices, loading the operating system kernel, ad initializing it
  • Boot loader - a program that performs the portion of booting that locates and loads the operating system kernel
  • Configuration file - a file of directives or options that define how a service will execute. Changing the configuration file will later the service's behavior
  • CUPS - common Unix printer system, which is a service controlling access to system printers, including the ability to print, track print jobs, cancel print jobs, and alter printer configuration information
  • init - the first process run in Linux, its role is to initialize the operating system so that it is ready for user interaction
  • Master boot record - a reserved location on the heard disk storing a portion of the boot loader so that the boot loader can be found and bein executing during the boot process
  • Nonvolatile memory - a form of memory whose contents are retained even without power. ROM is a form of nonvolatile memory
  • Ramdisk - using memory to mimic the file system so that the operating system can access contents using file commands without the slower interaction with disk files. Linux uses ramdisks extensively
  • ROM - read-only memory, made up of nonvolatile memory. This type of memory has its contents permanently fixed in place so it can be read from but not written to. The primary use of ROM is to store the boot program (or a portion of it)
  • Rules file - some services use multiple configuration files, separating directives/options from rules that specify the types of tasks the service should handle
  • Runlevel - a number, 0 to 6, that indicates the services that are available (started/stopped). The common runlevels are 5 (GUI. multiuser, network) and 3 (text-based, multiser, network). The runlevel is established early in the init process execution using the file /etc/inittab.
  • Service - an operating system program that responds to service requests from any number of sources. Services are background processes, which only execute when called upon
  • Upstart - recent versions of Linux have modified the init process so that it now runs in an event-based way so that devices that take longer to respond have no impact on the init process continuing through its tasks
  • Volatile memory - a form of memory that requires a constant power input to retain its contents. Both SRAM (cache, registers and DRAM (main memory) are forms of volatile memory


Linux Commands

  • chkconfig - view or alter the runlevels that each service is started or stopped in
  • dmesg - display the kernel ring (messages generated during kernel initialization)
  • /sbin/init - first process run by the Linux kernel, responsible for bringing the rest of the operating system up to usage after kernel initialization
  • /sbin/srevice - command used to start/stop services
  • telinit - command to switch runlevels after init is running


Linux Files

  • /etc/inittab - file storing the startup runlevel (along with other behaviors)
  • /etc/init.d/ - directory storing scripts used to start and stop services
  • /etc/init.d/cups - subdirectory storing cups service configuration files and specific configuration files
  • /etc/init/rcS.conf - script that tests for an emergency situation upon startup and then executes other initialization scripts
  • /etc/init/rc.conf - script to provide the runlevel to the rc script
  • /etc/rc.d/rc - based on the runlevel, starts and stops services
  • /etc/rc.d/rc.sysinit - startup script that initializes hardware, loads modules, mounts partitions, defines environment variables and other tasks

Network Configuration

  • Without network access, you are limited to the software that comes with your computer and are unable to access any network resources (printers, file servers, web servers, etc.). To establish network access, you need todo the following:
    • Have a network interface that connects your computer to your network access point. In Linux, all computers have an interface called lo. lo is your loopback device, also known as your local network or local host.
    • Run your network services, There are numerous services related to the network. The most important is network.
    • Have access to a network-broadcast device. In a network, this would be a physical connection from your computer's network interface device to a hub, switch, or router (most likely a network switch or router).
  • The port is a 16-bit number that denotes a mapping of a message (or packet) to its protocol. The protocol in turn tells the computer how to interpret the message. In 16 bits, you can store a number between 0 and 65,535; thus, port numbers range between 0 and 65,535.

Terms

  • Address resolution - the process of converting an IP alias into an IP address using some resolver such as a DNS server, a DNS cache, or the entries stored in /etc/hosts
  • Computer network - a collection of computers and computing resources connected together to facilitate communication between resources
  • DHCP server - a device (usually a router or gateway but possible a computer) set up to issue IP addresses dynamically upon request to devices on its subnet
  • Doman name system - the collection of servers and resolution information that permits the use of IP aliases on the Internet rather than IP addresses. The DNS includes DNS servers, caches, and local resolving programs
  • Dynamic IP address - an IP address issued to your computer temporarily (for instance, for a few days)
  • Ethernet - a technology for local area networks
  • Firewall - software that helps enforce security. In some cases, a firewall is both hardware and software if an organization dedicates a computer to the server solely as a firewall
  • Gateway - a broadcast device responsible for connecting local area networks of different types together
  • Hub - a broadcast device operating on a subnetwork that, when it receives a message, broadcasts that message to all devices on that subnet
  • IP address - a unique address (number) assigned to a computing resource on the Internet. There are two types of IP addresses, version 4 (IPv4) and version 6 (IPv6)
  • IPv4 address - 32-bit address usually written as four octets of numbers between 0 and 255, separated by periods, as in 10.11.12.13
  • IPv6 address - a 128 bit address offering far greater range of addresses. Usually written as 32 hexadecimal digits. IPv6 is a protocol created to replace IPv4 because IPv4 is outmoded and because we have run out of most available IPv4 addresses. IPv6 includes features such as security and autoconfiguration that are not directly available in IPv4
  • IP alias - a name given to a computer to use in lieu of an IP address. The IP alias is a collection of usually short words separated by periods much like the IP address that is a series of numbers separated by periods. IP aliases are much easier to remember but since routers and gateways cannot use IP aliases, the use of IP aliases requires address resolution.
  • Loopback device - an interface in Linux machines that allows software to communicate to the computer as if the messages were coming over the network. The loopback device does not send messages onto a network.
  • MAC address - the media access control address given to devices such as Ethernet cards. This address is used at the lowest level of the TCP/IP protocol and is used by switches
  • Name server - a computer with the responsibility of performing address resolution. Typically, a name server is an authority for the domain of which it is a part of and not an authority for any other domain
  • Netmask - a binary number used to AND with an IP address to obtain the network address for the device
  • Octet - an 8-bit number, typically written as an integer between 0 and 255. Four octets are used to make up an IPv4 address
  • Point to point - a type of network connection in which two devices are directly connected together, rather than an Ethernet-style network. A point-to-point connection might exist between your computer and a printer if you have connected the printer directly to the computer.
  • Port - an address assigned to a type of communication protocol. This address is used to identify the proper protocol and application for a given message. It can also be used for security purposes to determine whether a message should be permitted through a firewall
  • Protocol - the formal definition is a set of rules used to describe how entities should interact and/or communicate. In networks, a protocol describes the activities that a device must take to prepare the message for transmission and how the recipient is to interpret the message. TCP/IP is a protocol stack in that it consists of several protocols/
  • Router - a broadcast device that examines a message's destination IP address and routes the message onto the proper network or subnetwork as the next link in the chain of communication
  • Static IP address - an IP address assigned to a computing resource permanently or at least for a long period of time. The static address is not expected to change. Changing it will require modifying DNS tables
  • Subnet - a subset of local area network where all computers on the subnet share the same broadcast device (e.g., switch or router) and share the same netmask and therefore the same network address
  • Switch - a broadcast device operating on a subnetwork; when it receives a message, it broadcasts that message to a dingle device on the subnetwork using an MAC address for addressing
  • TCP/IP - a commonly used network protocol that lets computers access the Internet. TCP/IP is known as a protocol stack, comprising several lesser protocols
  • Tunnel - a temporary dedicated network communication link between two resources that is persistent, longer than typical network communications
  • Zero-configuration service - a network service that can locate network resources such as a DHCP server


Commands

  • ifconfig - older network command to configure or obtain information such as IP address and router address
  • ip -newer network command that encapsulates the operations available in lesser programs such as ifconfig, route, and iptunnel
  • netstat -older network command to output statistics about network usage. Has been superseded with ss
  • ping-program to constantly send messages to another network-based resources to test for its availability
  • route - displays local router tables. Command replaced by ip.
  • ss -socket investigation program
  • traceroute -like ping, used to determine availability of network based resource. Differs because traceroute outputs the network address of routers and other devices that the request message(s) encounters on the way
  • xinetd (or inetd) -a superserver capable of invoking appropriate network services based on the ports of incoming messages


Files

  • certmonger - manages Internet digital certificates, replacing those that become outdated
  • dnsmasq - lightweight DNS server, primarily used as a DNS cache
  • netfs - used to permit remote access to local file systems
  • network - used to provide any form of network access/ Among its duties are to bring up network interfaces (e.g., eth0) and establish the /etc/resolv.conf file
  • nfs - used to permit access to remote file systems for mounting
  • portrelease - with portreserve, manages port addresses the need to be reserved for sage by an application
  • portreserve - reserves a port address for an application until portrelease releases the reserved port
  • sshd - service that permits ssh access into your computer
  • /etc/hosts - stores IP alias to IP address mapping information for resources that your computer will often communicate with
  • /etc/resolv.conf - stores IP addresses of your local name server(s)
  • /etc/sysconfig/ip6tables - stores the Linux IPv4 firewall rules
  • /etc/sysconfig/iptables-config-stores - stores the Linux IP4 firewall configuration directives
  • /etc/sysconfig/network-scipts/ifcfg-eth0 - data file for the Ethernet device including if a static IP address is being used

Comments

You must be logged in to post a comment!

Insert Math Markup

ESC
About Inserting Math Content
Display Style:

Embed News Content

ESC
About Embedding News Content

Embed Youtube Video

ESC
Embedding Youtube Videos

Embed TikTok Video

ESC
Embedding TikTok Videos

Embed X Post

ESC
Embedding X Posts

Embed Instagram Post

ESC
Embedding Instagram Posts

Insert Details Element

ESC

Example Output:

Summary Title
You will be able to insert content here after confirming the title of the <details> element.

Insert Table

ESC
Customization
Align:
Preview:

Insert Horizontal Rule

#000000

Preview:

Insert Chart

ESC

View Content At Different Sizes

ESC

Edit Style of Block Nodes

ESC

Edit the background color, default text color, margin, padding, and border of block nodes. Editable block nodes include paragraphs, headers, and lists.

#ffffff
#000000

Edit Selected Cells

Change the background color, vertical align, and borders of the cells in the current selection.

#ffffff
Vertical Align:
Border
#000000
Border Style:

Edit Table

ESC
Customization:
Align:

Upload Lexical State

ESC

Upload a .lexical file. If the file type matches the type of the current editor, then a preview will be shown below the file input.

Upload 3D Object

ESC

Upload Jupyter Notebook

ESC

Upload a Jupyter notebook and embed the resulting HTML in the text editor.

Insert Custom HTML

ESC

Edit Image Background Color

ESC
#ffffff

Insert Columns Layout

ESC
Column Type:

Select Code Language

ESC
Select Coding Language