Contents
Operating System
Purpose
Intro to Linux
Background Kernel
Introduction to Linux
Linux is a free distributed implementation of a Unix-like Kernel Developed by Linus Torvalds at the University of Helsinki with the help of programmers across the Internet. The first version of Linux kernel became available on the net in 1991.
Uniqueness of Linux
Linux is a cross platform OS that runs on many computer models. Linux & many Linux applications are distributed in source forms. Linux is free in two sense
You pay nothing to obtain it. Linux comes bundled with special documentation or application with technical support.
Background of Linux
Development of Unix
Features Versions
Development of Unix
Ken Thompson & Dennis Ritchie implemented a rudimentary OS on PDP 7 & named it Unics. Developed at Bell Labs by AT&T in 1970s Unix is a trademark administered by the Open Group, and it refers to a computer OS that conforms to a particular specification i.e. Posix (Portable OS Interface) specifications.
Versions of Unix
Sun OS by Sunmicrosystems owned by Bill Joy. System V by AT & T in 1984.
BSD(Berkeley System Division) Unix Written at the University of California, Berkeley in 1978.
Linux Background
AT & T claimed Unix as its intellectual property and began charging hefty license fee who wanted to use Unix. Others followed the suite. In 1983, Richard Stallman, scientist at MIT, launched GNU project which aimed at creating a free Unix- like OS. Like early Unix, it was distributed free in source form.
Linux Background
Stallman used Internet as a means of communication. He founded FSF(Free Software Foundation), a non-profit corporation that seeks to promote free software and eliminate restrictions on the copying, redistributing, understanding and modification of software.
Linux Background
By the early 90s, the FSF had obtained or written all major components of the GNU except the KERNEL. Linus Torvalds working with MINIX, a Unix-like OS written by Andrew Tannenbaum was disappointed with its performance and believed he could do better.
Birth of Linux
He shared his work with others on Internet news groups. Soon other programmers joined to extend & improve his Kernel which he called Linux. Released on Oct 1,1991, Linux grew rapidly. Linux has been integrated with other GNU software to produce a fully functional OS
Copyright to Copyleft
FSF guarantees freedom to users through a special term GNU Public License which gives everyone the right to use, modify & redistribute the software, but only if the redistribution terms are unchanged. According to FSF, Proprietary software developers use copyright to take away the users freedom, we use copyright to guarantee their freedom. Thats why we reverse the name, changing it to copyleft.
Intro to Kernel
Focal point of any OS is kernel. It is a core program that runs programs & manage hardware devices, such as disks and printers. It acts like a bridge between hardware & other user & system programs & applications.
Features
Multitasking -several processes running at the same time independent of each other Multiuser -several users work with the system at the same time Multiplatform -runs on different CPUs, not just Intel.
Features Contd
Multiprocessing -distribute several applications across several processors Multithreading -with kernel support multiple independent threads are controlled within a single process memory space. Architectural Independence -Linux runs on almost all platforms
Features Contd
Demand Loads Executables -reads from disk only those parts of a program that are actually used Virtual Memory Using Paging -pages not there in physical memory but needs to be accessed are loaded Unified Memory Pool -for user programs and disk cache
Features Contd
Shared Libraries -static and dynamic link libraries Core Dumps for Post-Mortem Analysis -Allow use of debugger on a program Support for POSIX 1003.1 Standard Source Code Available -including kernel, drivers, the development tools and all user programs
Features Contd
Various formats for Executable Files -through an iBCS2(standard) compliant emulation module, mostly compatible with SCO Unix, SVR3 & SVR4 at the binary level Memory Protected Mode -has memory protection between processes, so that one program cant bring the whole system down
Features Contd
Support for National Keyboards & Fonts -support for many national or customized keyboards Multiple Virtual Console -several independent login sessions through the console Different File Systems -support several common file systems, including Minix, Xenix and all common System V file systems -has its own advanced file system i.e. ext2 which offers file systems of upto 4TB and names upto 255 characters long.
Features Contd
TCP/IP, SLIP & PPP SUPPORT -Linux can be integrated into local Unix networks. All network services such as NFS, Remote Login can be used Embedded LINUX -The embedded applications such as industrial controllers, outers, entertainment electronics and palmtops
Linux Distribution
Various organizations & individuals package Linux, often combining it with free or proprietary applications. Such a package that includes all the software needed to install and run Linux is called a Linux Distribution. Some Popular Distribution Caldera OpenLinux Slackware Linux Red Hat Linux SUSE Linux Debian Linux Distributions can be obtained from: FTP Servers, E-mail systems, public-domain distributors and some bookshops
386 PC Low
486 PC Higher
Pentium Highest
Very low
As low as 30 min./week
Very low
Performance
High
Comparable to Linux
Excellent
Modest
Yes Available
Highest
Lowest
Medium
Yes
No
No
Millions
Millions
Hundreds of thousands
Similarities
Both share many common applications such as: -GUI, file, and windows managers (KDE, Gnome) -Shells (ksh, csh, bash) -Various office applications -Development tools (perl, php, c, c++) -Posix interface
Relationship
Linux is a UNIX Clone Linux Is Just a Kernel License and cost User-Friendly Security Backup and Recovery File Systems Administration Tools Startup Scripts End User Perspective
Linux/Unix
Comparison
What is it?
Linux is an example of Open Source software development and Free Operating System (OS). Linux is developed by Open Source development i.e. through sharing and collaboration of code and features through forums etc and it is distributed by various vendors such as Debian, Red Hat, SUSE, Ubuntu, GentuX etc. It is based on UNIX and eventually after adding many features of GUI, Drivers etc, Linus Torvalds developed the framework of the OS that became LINUX in 1992. The LINUX kernel was released on 17th September, 1991
Unix is an operating system that is very popular in universities, companies, big enterprises etc. Unix systems are divided into various other flavors, mostly developed by AT&T as well as various commercial vendors and non-profit organizations.
Inception
In 1969, it was developed by a group of AT&T employees at Bell Labs and Dennis Ritchie. It was written in C language and was designed to be a portable, multi-tasking and multi-user system in a time-sharing configuration.
GUI:
Linux typically provides two GUIs, KDE and Gnome. But Linux GUI is optional. In case of Linux, threat detection and solution is very fast, as Linux is mainly community driven and whenever any Linux user posts any kind of threat, several developers start working on it from different parts of the world
Initially Unix was a command based OS, but later a GUI, popularly known as X Window was created for UNIX. In case of Unix, user has to wait for a while, to get the proper bug fixing patch.
Cost
Linux can be freely Different flavors of Unix distributed, downloaded have different cost freely, distributed through structures magazines, Books etc. There are priced versions for Linux also, but they are normally cheaper than Windows. Linux has had about 60100 viruses listed till date A rough estimate of unix viruses is between 85 -120 viruses reported till date.
Security:
User
Linux, like all Unix variants, Unix operating systems is designed to handle were developed mainly for multiple concurrent users. mainframes, servers and workstations. The Unix environment and the client-server program model were essential elements in the development of the Internet
Unix Architecture
The image cannot be displayed. Your computer may not hav e enough memory to open the image, or the image may hav e been corrupted. Restart your computer, and then open the file again. If the red x still appears, y ou may hav e to delete the image and then insert it again.
UNIX ARCHITECTURE
HARDWRE:The physical component of the computer system is called hardware. UNIX SHELL: The shell or the command interpreter is the mediator which interprets the commands we give and then conveys them to the Kernel which ultimately executes them. It provides the user interface to the Kernel. KERNEL: It is that part of the operating system that carries out the basic functions such as accessing files, allocating memory and handling communications. Its main function is to manage the resources of the computers hardware such as CPU, memory, I/O devices and network communication. USERS: The human beings that use the computer system are called the users.
Micro/Mono
The kernel internally contains many components, such as a memory manager, scheduler, numerous device drivers, a file system, and so on. Monolithic kernel--All of the components mentioned above, and many others, are all lumped into a single operating system file. Microkernel--Only the bare minimum is put into the kernel file, and every thing else is put into separate programs, which the microkernel loads and runs at boot time.
This provides the system call interface that connects to the kernel and provides the mechanism to transition between the user-space application and the kernel.
KERNEL
Linux uses a monolithic kernel, the Linux kernel, which handles process control, networking, and peripheral and file system access. Device drivers are integrated directly with the kernel.
Kernel Layers
The Linux kernel is the core of a large and complex operating system, and while it's huge, it is well organized in terms of subsystems and layers. It can be divided into three gross levels. Level 1 SCI which implements the basic functions such as read and write. Level 2 Kernel code which is common to all architectures supported by Linux. Level 3 Architecture-dependent code which forms BSP (Board Support Package). This code serves as the processor and platform specific code for the given architecture.
Process Management
In the kernel, these are called threads and represent an individual virtualization of the processor (thread code, data, stack, and CPU registers). In user space, the term process is typically used, though the Linux implementation does not separate the two concepts (processes and threads). The kernel provides an application program interface (API) through the SCI to create a new process (fork, exec, POSIX functions), stop a process (kill, exit), and communicate and synchronize between them (signal, or POSIX mechanisms). Share the CPU between the active threads: The kernel implements a novel scheduling algorithm that operates in constant time, regardless of the number of threads vying for the CPU. This is called the O(1) scheduler, denoting that the same amount of time is taken to schedule one thread as it is to schedule many.
Memory management
memory is managed in pages (4KB in size for most architecture). Linux provides abstractions over 4KB buffers, such as the slab allocator. Memory management scheme uses 4KB buffers as its base, but then allocates structures from within, keeping track of which pages are full, partially used, and empty. This allows the scheme to dynamically grow and shrink based on the needs of the greater system. Supporting multiple users of memory, there are times when the available memory can be exhausted. For this reason, pages can be moved out of memory and onto the disk. This process is called swapping because the pages are swapped from memory onto the hard disk. You can find the memory management sources in ./linux/mm
Slab Allocator
Processes generally request memory on the order of bytes, not on the order of pages. To support the allocation of smaller memory requests made through calls to functions like kmalloc(), the kernel implements the slab allocator, which is a layer of the memory manager that acts on acquired pages. The slab allocator seeks to reduce the cost incurred by allocating, initializing, destroying, and freeing memory areas by maintaining a ready cache of commonly used memory areas. This cache maintains the memory areas allocated, initialized, and ready to deploy. When the requesting process no longer needs the memory areas, they are simply returned to the cache.
Network stack
The network stack, by design, follows a layered architecture modeled after the protocols themselves. The sockets layer is the standard API to the networking subsystem and provides a user interface to a variety of networking protocols. From raw frame access to IP protocol data units (PDUs) and up to TCP and the UDP, the sockets layer provides a standardized way to manage connections and move data between endpoints. You can find the networking sources in the kernel at ./linux/net.
Device drivers
The vast majority of the source code in the Linux kernel exists in device drivers that make a particular hardware device usable. The Linux source tree provides a drivers subdirectory that is further divided by the various devices that are supported, such as Bluetooth, I2C, serial, and so on. You can find the device driver sources in ./linux/drivers.
Architecture-Dependent code
While much of Linux is independent of the architecture on which it runs, there are elements that must consider the architecture for normal operation and for efficiency. The ./linux/arch subdirectory defines the architecturedependent portion of the kernel source contained in a number of subdirectories that are specific to the architecture (collectively forming the BSP). For a typical desktop, the i386 directory is used. Each architecture subdirectory contains a number of other subdirectories that focus on a particular aspect of the kernel, such as boot, kernel, memory management, and others. You can find the architecture-dependent code in ./linux/arch.
Booting sequence
1. 2. 3. 4. 5. 6. Turn on CPU jump to address of BIOS (0xFFFF0) BIOS runs POST (Power-On Self Test) Find bootale devices Loads and execute boot sector form MBR Load OS
Boot loader
GRUB and LILO are the most popular Linux boot loader.
Other boot loader (Several OS) bootman NTLDR XOSL BootX loadlin Gujin Boot Camp Syslinux GAG
5.
Booting
Once the kernel is found and loaded by the boot loader, the default boot process is identical across all architectures. The BIOS The Boot Loader -GRUB -LILO
Booting
Once the second stage boot loader has determined which kernel to boot, it locates the corresponding kernel binary in the /boot/ directory. The boot loader then places the appropriate initial RAM disk image, called an initrd, into memory. The initrd is used by the kernel to load drivers necessary to boot the system. This is particularly important if SCSI hard drives are present or if the systems uses the ext3 file system
Booting
Once the kernel and the initrd image are loaded into memory, the boot loader hands control of the boot process to the kernel. The Kernel When the kernel is loaded, it immediately initializes and configures the computer's memory and various hardware attached to the system, including all processors, I/O subsystems, and storage devices. It then looks for the compressed initrd image in a predetermined location in memory, decompresses it, mounts it, and loads all necessary drivers.
Booting
Next, it initializes virtual devices related to the file system, such as LVM or software RAID before unmounting the initrd disk image and freeing up all the memory the disk image once occupied. The kernel then creates a root device, mounts the root partition read-only, and frees any unused memory. At this point, the kernel is loaded into memory and operational.
Init process
The first thing the kernel does is to execute init program Init is the root/parent of all processes executing on Linux The first processes that init starts is a script /etc/rc.d/rc.sysinit Based on the appropriate run-level, scripts are executed to start various processes to run the system and make it functional
Runlevels
A runlevel is a software configuration of the system which allows only a selected group of processes to exist The processes spawned by init for each of these runlevels are defined in the /etc/inittab file Init can be in one of eight runlevels: 0-6
Runlevels
Runleve Scripts l Directory (Red Hat/Fedora Core)
0 1 2 3 4 5 6 s or S M /etc/rc.d/rc0.d/ /etc/rc.d/rc1.d/ /etc/rc.d/rc2.d/ /etc/rc.d/rc3.d/ /etc/rc.d/rc4.d/ /etc/rc.d/rc5.d/ /etc/rc.d/rc6.d/
State
shutdown/halt system Single user mode Multiuser with no network services exported Default text/console only start. Full multiuser Reserved for local use. Also X-windows (Slackware/BSD) XDM X-windows GUI mode (Redhat/System V) Reboot Single user/Maintenance mode (Slackware) Multiuser mode (Slackware)
Summary
Much like Linux itself, the Linux boot process is highly flexible, supporting a huge number of processors and hardware platforms. In the beginning, the loading boot loader provided a simple way to boot Linux without any frills. The LILO boot loader expanded the boot capabilities, but lacked any file system awareness. The latest generation of boot loaders, such as GRUB, permits Linux to boot from a range of file systems (from Minix to Reiser).
Load hardware information from BIOS Read MBRs Kernel Loader (master boot record)
For Linux, goto boot (kernel with /boot/vmlinuz-xxxx For DOS, goto boot.ini
Load Linux kernel Execute init program (/sbin/init)to get run-level details (contains in /etc/inittab)
There are 6 levels
init execute /etc/rc.d/rc.sysinit Start kernel external model (/etc/modules.conf) init execute run-levels scripts files init execute /etc/rc.d/rc.local files execute /bin/login program After successful login, shell take over the machine
Daemons
Process that are continuously operational. Linux daemon is a background process. One can query its status any time. Daemon starts at bootup, right after kernel initializes Daemons are responsible to sort out the incoming stream of data, matching parameters and determining priority each command receives.
Daemons
Daemons monitor the system -Cron Daemon works periodically to manage automatic processes.
System-Specific Daemon
Inetd is a daemon that controls and manages several other daemons. It calls those daemons that are needed by the system to perform various duties. Inetd requires root access to run, hence, it is extremely powerful and can call certain processes into life and kill them as well. Inetd relies on configuration file /etc/inetd.conf for spawning any process.
TCP_WRAPPERS
Inetd maintain control over the ports and monitor what services are started through a program named Tcp_Wrappers. Tcp_wrappers allow better access control and logging of network daemons. Tcp_wrappers uses the tcpd daemon which acts a filter on a particular port until the appropriate call is made.
The normal options used while configuring these daemons are status, start, stop, or restart.
Start Up Scripts
Rc files control daemons. Two basic locations for bootup scripts:- /etc/rc.d directory (global) start deamon when run level changes - users own directory certain programs start automatically at login
Start/stop deamon
Admin can issue the command and either start, stop, status, restart or reload option i.e. to stop the web server:
cd /etc/rc.d/init.d/ (or /etc/init.d/ for S.u.s.e. and Debian) httpd stop
Security
Administering Passwords
Examining Basic Security
Attacks from your own system users. Growth of Internet has multiplied potential targets exponentially Many crackers use drift-net methods for locating, identifying and ensnarling vulnerable machines. Recognize & become familiar with the weakness of your Linux Distribution
Subscribe to BugTraq or any other vulnerability mailing lists
Managing Connections
Security that should be taken care of when sharing server with other users.
Sniffing Packets
Packet Sniffer A program that captures and views the packets as they are transmitted on your machine. Its power can be abused in the wrong hands. A Keyboard Logger A program that track the key pressed during your period of connectivity can also be a potential threat. This means passwords can be transmitted insecurely to the system & can be viewed when in transit as well.
Precautions
Run ps command periodically to identify both the process and the user Determine the users connection by executing either a w or who command. Determining a packet sniffer on monitoring your connections, change all passwords immediately. Run the last command to see who had logged in during that period. Cancel that persons account who is found sniffing packets.
Security...
Logging into other systems using ssh Must install or configure ssh to run on the client and sshd or the ssh daemon to run on the server. Securely Copying Files across Machines Use the scp command to copy over the data files remotely. The scp program is a part of ssh package. A status bar appears that show in percentages the amount of data successfully transferred.
Translation are available as Patches that you can apply to the kernel. With NAT you can provide non-routable IP addresses to machines within your internal & have those then route out through your gateway/ firewall. This allows a nearly limitless number of unique addresses for internal boxes without purchasing expensive routable IP addresses
Another program is netfilter which accomplishes both packet filtering and static NATing on the server level.
Patches
Available Targets Under Ipchains
ACCEPT DENY REJECT MASQ REDIRECT RETURN Allow a packet to come through Drops the packet silently Notifies the sender that the packet is dropped. Masquerades the packet. Sends the packet to a port on the firewall or the routing Linux machine. Transfers the packet to the end of the current chain
/
This is referred to as the root directory. It's the baseline for the directory structure, which is important when navigating from one directory tree to another.
/bin
Contains essential programs for the operating system in executable form.
/boot
This directory, as the name suggests, contains the boot information for Linux, including the kernel.
/dev
In Linux, devices are treated in the same way as files, so they can be read from and written to in the same way. So, when a device is attached, it will show up in this folder. Bear in mind that this includes every device in the system, including internal motherboard devices and more.
/etc The default configuration files for Linux applications are stored in this directory. These are text files can be easily edited, but bear in mind that they can sometimes be overridden by copies of the files elsewhere on the system. /home This is where the computer's users files are kept, so in a way it is Linux's equivalent to Windows' "My Documents". Each user gets their own named directory, and security permissions can be set so that users can view and edit, view only, or if required not even see the contents of other users' home directories. /lib This directory contains shared libraries for use by applications running on Linux, similar to Windows' DLL files. /lost+found This is Linux's rescue directory, so that in the event of a crash or other serious event files are stashed here to enable recovery.
/mnt
In Linux, every storage device is treated as just another directory. This includes floppy disks, hard drives, CD/DVD ROMs and USB card devices. Since it is very unlikely to ever concern you with a dedicated server it is not covered here, but just know that this is the directory in which storage devices are "mounted."
/proc
This "virtual" directory contains a lot of fluid data about the status of the kernel and its running environment. Since Linux treats everything as files, you can view this data using text viewing software, and though even editing these files is sometimes possible,.
/root
Rather than being part of the /home directory, the superuser (or root user)'s directory is placed here. Remember that this is not the same thing as the root directory of the system (/).
/sbin
This is where system administration software is stored. Unlike applications in the /bin folder, the root user is usually the only user who can run these.
/tmp
Applications store their temporary files in this directory.
/usr
This directory is where users' applications are stored, including the executables, and also sometimes the source code, along with any images and documentation.
/var
Similar to /proc, this directory contains data concerning the status of running application, including many log files. This is worth knowing, because these can be viewed in the event of a system error to help in diagnosing the problem.
SUPER BLOCK
GROUP DESCRIPTOR
BLOCK BITMAP
INODE BITMAP
INODE TABLE
DATA BLOCKS
Some definitions
Boot sector Block which may contain the stage 1 boot loader and which points to the stage 1.5 or stage 2 boot loader Superblock The filesystem header, identifies and represents the filesystem and provides relevant information about the fs. It must be present at block 1 if a boot sector is present, otherwise at block 0 FS/Group descriptor Pointers to the bitmaps and table in the block group It contains a group descriptor data structure for every block group. The group descriptor stores the address of block bitmap and inode bitmap for the block group.
Some definitions
Block bitmap Block usage information, tells which blocks in the block group are empty(0) or used(1) Inode Bitmap Inode usage information i.e allocation status of the inodes in the group. Inode table Table of the inodes. Each inode provides necessary and relevant information about each file.
Inodes
Each inode corresponds to one file, and it stores files primary metadata, such as files size, ownership, and temporal information. Inode is typically 128 bytes in size and is allocated to each file and directory Data blocks blocks where the data is stored!
Inode
inode definition An inode is a data structure on a traditional Unix-style file system such as UFS or ext3. An inode stores basic information about a regular file, directory, or other file system object. Use ls -i command to see inode number of file $ ls -i /etc/passwd
Metadata Concepts
Block Bitmap Super Block Group Desc Table Group 0 Inode Bitmap Inode Table
Inode Bitmap
Inode Table
Metadata Concepts
Superblock:
The Ext2 superblock is located 1024 bytes from the start of the file system and is 1024 bytes in size Back up copies are typically stored in the first file data block of each block group It contains basic information of the file system, such as the block size, the total number of blocks, etc.
Blocks : Number of free blocks in the system Inodes : Number of free Inodes in the system Inode : The first Inode in an EXT2 root file system
excludes the blocks reserved for root excludes inodes reserved for root would be the directory entry for the '/' directory.
Metadata Concepts
Inode Structure
Inodes
The inode holds specific information about the file such as: The permission mode assigned to that file The number of links in place for the file The file owners UID number The group GID number The file size represented in bytes The address of the datablocks (or major and minor device numbers) The time the file was last modified The time that file was last accessed The time any part of the inode was changed When an inode resides on the disk it is called a disk inode, however when a file is opened, the kernel puts the inode onto a generic inode table and the inode is called a generic inode.
Metadata Concepts
Inode Allocation:
If a new inode is for a non-directory file, Ext2 allocates an inode in the same block group as the parent directory. If that group has no free inode or block, Ext2 uses a quadratic search (add powers of 2 to the current group) If quadratic search fails, Ext2 uses linear search.
Metadata Concepts
Inode Allocation:
If a new inode is for a directory, Ext2 tries to place it in a group that has not been used much. Using total number of free inodes and blocks in the superblock, Ext2 calculates the average free inodes and blocks per group. Ext2 searches each of the group and uses the first one whose free inodes and blocks are less than the average. If the pervious search fails, the group with the smallest number of directories is used.
When Ext2 wants to delete a directory entry, it just increase the record length of the previous entry to the end to deleted entry.
Ext3 Filesystem
Ext2 and Ext3 are the default Linux file system. Ext3 is the new version of Ext2 and adds journaling mechanism, but the basic structures are the same. The metadata is stored throughout the file system, and the metadata which is associated with a file are stored near it.
Journaling
A file system journaling records updates to the file system can be recovered after a crash. There are two modes of journaling:
Only metadata updates are recorded All updates are recorded
Journaling in Ext3 is done at block level The first block in the journal is journal superblock, and it contains the first logging data address and its sequence number.
Journaled file system records information in a log area on a disk during each write. Once the log is updated the system then writes the actual data to the appropriate areas of the filesystem and marks an entry in the log to say the data is committed. Updates are done in transactions, and each transaction has a sequence number. Each transaction starts with a descriptor block that contains the transaction sequence number and a list of what blocks are being updated. Following the descriptor block are the updated blocks. When the updates have been written to disk, a commit block is written with the same sequence number.
Journaling
Transaction Sequence
A transaction sequence is made up of the following components: Descriptor block: Every transaction initiates with a block that describes the beginning of the transaction Metadata block: There can be one or many metadata blocks for each transaction, this blocks are where the changes are recorded Commit block: Depending on the journal mode, basically this block indicates the end of a successful transaction. Revoke block: If there is an error during the operation a revoke block is created and holds a list of the file system block that needs to restore during a consistency check.
Journaling
Advantages of Ext3
Availability
The amount of time that the e2fsck program takes is determined primarily by the size of the file system, and for today's relatively large file systems, this takes a long time. The time to recover an ext3 file system depend on the size of the file system or the number of files Using the ext3 file system can provide stronger guarantees about data integrity in case of an unclean system shutdown as choose the type and level of protection that your data receives. Despite writing some data more than once, ext3 is often faster (higher throughput) than ext2 because ext3's journaling optimizes hard drive head motion. You can choose from three journaling modes to optimize speed
Data Integrity
Speed
Easy Transition
It is easy to change from ext2 to ext3 and gain the benefits of a robust journaling file system, without reformatting.
ordered
Only logs changes to file system metadata (inodes), but flushes file data updates to disk before making changes to associated file system metadata, keeping the journal synchronized with data writes. This is the default Ext3 journaling mode.
Utilities of FS Check
tune2fs : The frequency of the checks at system reboot can be changed with tune2fs. This utility can also be used to change the mount count, which will prevent the system from having to check all filesystems at the 20th reboot dumpe2fs:The dumpe2fs utility will provide important information regarding hard disk operating parameters found in the superblock i.e. prints the super block and blocks group information for the filesystem present on device. Badblocks: badblocks is used to check a filesystem for bad blocks. debugfs :remove areas grown bad on the disk can be
Names in the Linux file hierarchy are case sensitive. Each shell and process on the system has a designated current or working directory. Two dots (..) refer to the parent directory of any particular directory whereas One dot (.) refers to the current directory. Files and directories whose names begin with a dot (.) are hidden, that is, they are not displayed by default in file-name listings. A user's path is a list of directories that are searched for commands typed at the command line.
Mounting/Unmounting
floppies, CDs, hard disk partitions, and other storage devices must be attached to some existing directory on your system before they can be accessed. This attaching is called mounting, and the directory where the device is attached is called a mount point. The mount point must be a directory that already exists on your system. When you're done and want to remove the floppy or CD or other device, you need to detach, unmount, it before removing it.
How to mount
For example, to mount your floppy: $ mount /dev/fd0 /mnt/floppy /dev/fd0 is your floppy drive, and /mnt/floppy is the mount point. when you access /mnt/floppy, you'll actually access the files on your floppy. if /mnt/floppy is the default mount point for /dev/fd0 (or whatever your floppy drive is), this would mount your floppy: $ mount /mnt/floppy The default mount points for different devices are configured in a file called /etc/fstab. The root user can freely edit the mount points configured in that file.
How to unmount
Unmounting is done with the umount command When unmounting, you'll need to tell umount what mounted device to unmount, either by telling what's the device or the mount point. For example, if /dev/fd0 is mounted to /mnt/floppy, you'll unmount it with $ umount /mnt/floppy or $ umount /dev/fd0
Link Files
Hard Links Inodes are associated with precisely one directory entry at a time. However, with hard links it is possible to associate multiple directory entries with a single inode. To create a hard link use ln command as follows: # ln /root/file1 /root/file2
Link Files
Symbolic Link Symbolic links refer to a symbolic path indicating the abstract location of another file. To create symbolic link : $ ln -s /path/to/file1.txt /path/to/file2.txt
Named Pipes
A named pipe (FIFO) is a file that allow two processes to communicate with each other if the processes are on the same computer but are not related to each other. FIFO means, the order of bytes going in is the same coming out. The name of a named pipe is actually a file name within the file system. to create a named pipe with the name pipe1 give the command:
mkfifo pipe
Types of Users
Every file on Linux system including directories, is owned by a specific user and group. User: The username of the person who owns the file. Group: The usergroup that owns the file. Others: Everyone else who has an account on the system.
Superuser
A special user who has access to all files regardless of access privileges. The user Id of root is 0. Maintains total control over accounts and files. files such as those found in /usr/bin and /sbin are owned by the root or superuser, which has control over all system files. Root controls the creation of normal user accounts and assigning new passwords. Root has the power to change separate user passwords globally. Search and remove suspected files using locate and file command
Access Permissions
File permissions are three sets or groups of three bits: r, w and x. Each character is assigned a value.
R(read) is given an octal value of 4 W(write) is given an octal value of 2 X(execute) is given an octal value of 1
In Linux, it requires only the permission to be altered in order to execute scripts or programs.
Changing Permissions
Chmod command enables you to change a files attributes. The letters a,u,g,o along with the signs(+,-) are used to take or give away permissions. Another method of setting the permissions is by changing the octal value of a file or a directory. The same rules for setting the permissions on files apply to directories.
Changing Ownership
The command chown changes the user ownership of a certain file while chgrp changes the group ownership. To change these settings, you should either directly own the file or have a root permission to do so.
chmod +t data
Numeric representation
Octal digit Binary value Meaning 0 000 setuid, setgid, sticky bits are cleared 1 001 sticky bit is set 2 010 setgid bit is set 3 011 setgid and sticky bits are set 4 100 setuid bit is set 5 101 setuid and sticky bits are set 6 110 setuid and setgid bits are set 7 111 setuid, setgid, sticky bits are set
Establish AUP
AUP is a document that state what is allowable on the machine and the things for which a user would be held accountable. All users must be aware of the rules before granting them an account. Administrator cannot be held liable for any issue for which he or she does not have any power.
Find command
It is hard drive intensive as well incur a larger share of CPU cycles, but can detect nearly all files. You can search for files by name, owner, group, type, permissions, date, and other criteria. The search is recursive in that it will search all subdirectories too.
Locate command
Relies upon self generated database of files that either the user must initialize or the system must perform automatically on a regular basis. This database is highly configurable and desired directories can later be dismissed or used exclusively. Operates quicker and is less hard drive and CPUintensive, but if files are changed since the last database rotation, the command will not find the file in question.
Netstat command
A useful tool for displaying the status of all TCP/IP network services.
Protocol used, bytes in queues, the address of remote hosts and the socket state
Use a option to list all active sockets Use e to display current users using the socket Use n to display the IP address
Powers of Root
Adjust system resources and quotas Change the ownership of any file or directory Create directories and device files in any location including those that root does not specifically own Configure network interfaces Manage all configuration files Mount and unmount file systems Set the system clock Shut down the system cleanly
By su Will give you access to the same accounts normally granted to root.
By su- <username>
Will give you the same permissions, paths and default locations as that user is.
User daemon:
Most daemons have a low UID and are used to execute scripts or programs at the appropriate time with limited scope and functionality.
User fingerd:
the purpose of this daemon is to locate and identify unique users on each separate Linux system.
Encrypting Passwords
/etc/passwd file Has permission 644 /etc/shadow file Has permission 400 More secure due to MD5 hashing of password in /etc/passwd file and then encrypted with libcs crypt() function.
Methods
Textual (command line) GUI Tools
Possible Settings
Determine users home directory Set quotas Permit access to network interface Determine other variables of the users profile
Character Cell Mode GNOME-Linuxconf Web-based Default: depending on $DISPLAY variable, will normally start as GNOME-Linuxconf or as the character cell.