1 |
rane 06/01/01 09:01:19 |
2 |
|
3 |
Added: xml/htdocs/doc/en/articles lpi-101-advanced-p4.xml |
4 |
lpi-101-intermediate-p3.xml |
5 |
Log: |
6 |
#115044, two new articles, xmlified by Damian Kuras (ShadoWW) |
7 |
|
8 |
Revision Changes Path |
9 |
1.1 xml/htdocs/doc/en/articles/lpi-101-advanced-p4.xml |
10 |
|
11 |
file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/lpi-101-advanced-p4.xml?rev=1.1&content-type=text/x-cvsweb-markup&cvsroot=gentoo |
12 |
plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/lpi-101-advanced-p4.xml?rev=1.1&content-type=text/plain&cvsroot=gentoo |
13 |
|
14 |
Index: lpi-101-advanced-p4.xml |
15 |
=================================================================== |
16 |
<?xml version="1.0" encoding="UTF-8"?> |
17 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
18 |
<!-- $Header: --> |
19 |
|
20 |
<guide link="/doc/en/articles/lpi-101-advanced-p4.xml" disclaimer="articles"> |
21 |
<title>LPI certification 101 (release 2) exam prep, Part 4</title> |
22 |
|
23 |
<author title="Author"> |
24 |
<mail link="drobbins@g.o">Daniel Robbins</mail> |
25 |
</author> |
26 |
<author title="Author"> |
27 |
<mail link="chouser@g.o">Chris Houser</mail> |
28 |
</author> |
29 |
<author title="Author"> |
30 |
<mail link="agriffis@g.o">Aron Griffis</mail> |
31 |
</author> |
32 |
|
33 |
<abstract> |
34 |
In this tutorial, we'll introduce all popular filesystem on Linux. We'll teach |
35 |
you how to mount and unmount devices. In next chapter you'll know how to boot |
36 |
the system and how to work with runlevels. In next section of this tutorial, |
37 |
we'll introduce filesystem quotas, we will teach you how to set them and how to |
38 |
configure them. By the end of this tutorial you'll know a system logs. |
39 |
</abstract> |
40 |
|
41 |
<!-- The original version of this article was first published on IBM |
42 |
developerWorks, and is property of Westtech Information Services. This |
43 |
document is an updated version of the original article, and contains |
44 |
various improvements made by the Gentoo Linux Documentation team --> |
45 |
|
46 |
<version>1.0</version> |
47 |
<date>2005-12-17</date> |
48 |
|
49 |
<chapter> |
50 |
<title>Before you start</title> |
51 |
<section> |
52 |
<title>About this tutorial</title> |
53 |
<body> |
54 |
|
55 |
<p> |
56 |
Welcome to "Advanced administration," the last of four tutorials designed to |
57 |
prepare you for the Linux Professional Institute's 101 (release 2) exam. In |
58 |
this tutorial (Part 4), we'll bolster your knowledge of advanced Linux |
59 |
administration skills by covering a variety of topics including Linux |
60 |
filesystems, the Linux boot process, runlevels, filesystem quotas, and system |
61 |
logs. |
62 |
</p> |
63 |
|
64 |
<p> |
65 |
This tutorial is particularly appropriate for someone who may be serving as the |
66 |
primary sysadmin for the first time, since we cover a lot of low-level issues |
67 |
that all system administrators should know. If you are new to Linux, we |
68 |
recommend that you start with <uri |
69 |
link="/doc/en/articles/lpi-101-fundamentals-p1.xml">Part 1</uri> and work |
70 |
through the series from there. For some, much of this material will be new, but |
71 |
more experienced Linux users may find this tutorial to be a great way of |
72 |
"rounding out" their foundational Linux system administration skills and |
73 |
preparing for the next LPI certification level. |
74 |
</p> |
75 |
|
76 |
<p> |
77 |
By the end of this series of tutorials (eight in all covering the LPI 101 and |
78 |
102 exams), you will have the knowledge you need to become a Linux Systems |
79 |
Administrator and will be ready to attain an LPIC Level 1 certification from |
80 |
the Linux Professional Institute if you so choose. |
81 |
</p> |
82 |
|
83 |
<p> |
84 |
For those who have taken the <uri |
85 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxlpi4-i.html">release |
86 |
1 version</uri> of this tutorial for reasons other than LPI exam preparation, |
87 |
you probably don't need to take this one. However, if you do plan to take the |
88 |
exams, you should strongly consider reading this revised tutorial. |
89 |
</p> |
90 |
|
91 |
<p> |
92 |
The LPI logo is a trademark of Linux Professional Institute. |
93 |
</p> |
94 |
|
95 |
</body> |
96 |
</section> |
97 |
<section> |
98 |
<title>About the authors</title> |
99 |
<body> |
100 |
|
101 |
<p> |
102 |
For technical questions about the content of this tutorial, contact the |
103 |
authors: |
104 |
</p> |
105 |
|
106 |
<ul> |
107 |
<li>Daniel Robbins, at <mail>drobbins@g.o</mail></li> |
108 |
<li>Chris Houser, at <mail>chouser@g.o</mail></li> |
109 |
<li>Aron Griffis, at <mail>agriffis@g.o</mail>.</li> |
110 |
</ul> |
111 |
|
112 |
<p> |
113 |
Daniel Robbins lives in Albuquerque, New Mexico, and is the Chief Architect of |
114 |
<uri link="http://www.gentoo.org">Gentoo Technologies, Inc.</uri>, the creator |
115 |
of Gentoo Linux, an advanced Linux for the PC, and the Portage system, a |
116 |
next-generation ports system for Linux. He has also served as a contributing |
117 |
author for the Macmillan books Caldera OpenLinux Unleashed, SuSE Linux |
118 |
Unleashed, and Samba Unleashed. Daniel has been involved with computers in some |
119 |
fashion since the second grade, when he was first exposed to the Logo |
120 |
programming language as well as a potentially dangerous dose of Pac Man. This |
121 |
probably explains why he has since served as a Lead Graphic Artist at SONY |
122 |
Electronic Publishing/Psygnosis. Daniel enjoys spending time with his wife, |
123 |
Mary, and their daughter, Hadassah. |
124 |
</p> |
125 |
|
126 |
<p> |
127 |
Chris Houser, known to his friends as "Chouser," has been a UNIX proponent |
128 |
since 1994 when joined the administration team for the computer science network |
129 |
at Taylor University in Indiana, where he earned his Bachelor's degree in |
130 |
Computer Science and Mathematics. Since then, he has gone on to work in Web |
131 |
application programming, user interface design, professional video software |
132 |
support, and now Tru64 UNIX device driver programming at <uri |
133 |
link="http://www.compaq.com/">Compaq</uri>. He has also contributed to various |
134 |
free software projects, most recently to <uri |
135 |
link="http://www.gentoo.org">Gentoo Linux</uri>. He lives with his wife and two |
136 |
cats in New Hampshire. |
137 |
</p> |
138 |
|
139 |
<p> |
140 |
Aron Griffis graduated from Taylor University with a degree in Computer Science |
141 |
and an award that proclaimed him the "Future Founder of a Utopian UNIX |
142 |
Commune". Working towards that goal, Aron is employed by <uri |
143 |
link="http://www.compaq.com/">Compaq</uri> writing network drivers for Tru64 |
144 |
UNIX, and spending his spare time plunking out tunes on the piano or developing |
145 |
<uri link="http://www.gentoo.org">Gentoo Linux</uri>. He lives with his wife |
146 |
Amy (also a UNIX engineer) in Nashua, NH. |
147 |
</p> |
148 |
|
149 |
</body> |
150 |
</section> |
151 |
</chapter> |
152 |
|
153 |
<chapter> |
154 |
<title>Filesystems, partitions, and block devices</title> |
155 |
<section> |
156 |
<title>Introduction to block devices</title> |
157 |
<body> |
158 |
|
159 |
<p> |
160 |
In this section, we'll take a good look at disk-oriented aspects of Linux, |
161 |
including Linux filesystems, partitions, and block devices. Once you're familar |
162 |
with the ins and outs of disks and filesystems, we'll guide you through the |
163 |
process of setting up partitions and filesystems on Linux. |
164 |
</p> |
165 |
|
166 |
<p> |
167 |
To begin, I'll introduce "block devices". The most famous block device is |
168 |
probably the one that represents the first IDE drive in a Linux system: |
169 |
</p> |
170 |
|
171 |
<pre caption="First IDE drive in Linux"> |
172 |
/dev/hda |
173 |
</pre> |
174 |
|
175 |
<p> |
176 |
If your system uses SCSI drives, then your first hard drive will be: |
177 |
</p> |
178 |
|
179 |
<pre caption="First SCSI drive in Linux"> |
180 |
/dev/sda |
181 |
</pre> |
182 |
|
183 |
</body> |
184 |
</section> |
185 |
<section> |
186 |
<title>Layers of abstraction</title> |
187 |
<body> |
188 |
|
189 |
<p> |
190 |
The block devices above represent an abstract interface to the disk. User |
191 |
programs can use these block devices to interact with your disk without |
192 |
worrying about whether your drivers are IDE, SCSI, or something else. The |
193 |
program can simply address the storage on the disk as a bunch of contiguous, |
194 |
randomly-accessible 512-byte blocks. |
195 |
</p> |
196 |
|
197 |
</body> |
198 |
</section> |
199 |
<section> |
200 |
<title>Partitions</title> |
201 |
<body> |
202 |
|
203 |
<p> |
204 |
Under Linux, we create filesystems by using a special command called |
205 |
<c>mkfs</c> (or <c>mke2fs</c>, <c>mkreiserfs</c>, etc.), specifying a |
206 |
particular block device as a command-line argument. |
207 |
</p> |
208 |
|
209 |
<p> |
210 |
However, although it is theoretically possible to use a "whole disk" block |
211 |
device (one that represents the entire disk) like <path>/dev/hda</path> or |
212 |
<path>/dev/sda</path> to house a single filesystem, this is almost never done |
213 |
in practice. Instead, full disk block devices are split up into smaller, more |
214 |
manageable block devices called partititons. Partitions are created using a |
215 |
tool called <c>fdisk</c>, which is used to create and edit the partition table |
216 |
that's stored on each disk. The partition table defines exactly how to split up |
217 |
the full disk. |
218 |
</p> |
219 |
|
220 |
</body> |
221 |
</section> |
222 |
<section> |
223 |
<title>Introducing fdisk</title> |
224 |
<body> |
225 |
|
226 |
<p> |
227 |
We can take a look at a disk's partition table by running <c>fdisk</c>, |
228 |
specifying a block device that represents a full disk as an argument. |
229 |
</p> |
230 |
|
231 |
<note> |
232 |
Alternate interfaces to the disk's partition table include <c>cfdisk</c>, |
233 |
<c>parted</c>, and <c>partimage</c>. I recommend that you avoid using |
234 |
<c>cfdisk</c> (despite what the fdisk manual page may say) because it sometimes |
235 |
calculates disk geometry incorrectly. |
236 |
</note> |
237 |
|
238 |
<pre caption="Using fdisk on IDE drive"> |
239 |
# <i>fdisk /dev/hda</i> |
240 |
</pre> |
241 |
|
242 |
<pre caption="Using fidks on SCSI drive"> |
243 |
# <i>fdisk /dev/sda</i> |
244 |
</pre> |
245 |
|
246 |
<impo> |
247 |
You should <e>not</e> save or make any changes to a disk's partition table if |
248 |
any of its partitions contain filesystems that are in use or contain important |
249 |
data. Doing so will generally cause data on the disk to be lost. |
250 |
</impo> |
251 |
|
252 |
</body> |
253 |
</section> |
254 |
<section> |
255 |
<title>Inside fdisk</title> |
256 |
<body> |
257 |
|
258 |
<p> |
259 |
Once in <c>fdisk</c>, you'll be greeted with a prompt that looks like this: |
260 |
</p> |
261 |
|
262 |
<pre caption="fidsk greeting prompt"> |
263 |
Command (m for help): |
264 |
</pre> |
265 |
|
266 |
<p> |
267 |
Type <c>p</c> to display your disk's current partition configuration: |
268 |
</p> |
269 |
|
270 |
<pre caption="Displaying current parition configuration"> |
271 |
Command (m for help): p |
272 |
|
273 |
Disk /dev/hda: 240 heads, 63 sectors, 2184 cylinders |
274 |
Units = cylinders of 15120 * 512 bytes |
275 |
|
276 |
Device Boot Start End Blocks Id System |
277 |
/dev/hda1 1 14 105808+ 83 Linux |
278 |
/dev/hda2 15 49 264600 82 Linux swap |
279 |
/dev/hda3 50 70 158760 83 Linux |
280 |
/dev/hda4 71 2184 15981840 5 Extended |
281 |
/dev/hda5 71 209 1050808+ 83 Linux |
282 |
/dev/hda6 210 348 1050808+ 83 Linux |
283 |
/dev/hda7 349 626 2101648+ 83 Linux |
284 |
/dev/hda8 627 904 2101648+ 83 Linux |
285 |
/dev/hda9 905 2184 9676768+ 83 Linux |
286 |
|
287 |
Command (m for help): |
288 |
</pre> |
289 |
|
290 |
<p> |
291 |
This particular disk is configured to house seven Linux filesystems (each with |
292 |
a corresponding partition listed as "Linux") as well as a swap partition |
293 |
(listed as "Linux swap"). |
294 |
</p> |
295 |
|
296 |
</body> |
297 |
</section> |
298 |
<section> |
299 |
<title>Block device and partitioning overview</title> |
300 |
<body> |
301 |
|
302 |
<p> |
303 |
Notice the name of the corresponding partition block devices on the left side, |
304 |
starting with <path>/dev/hda1</path> and going up to <path>/dev/hda9</path>. In |
305 |
the early days of the PC, partitioning software only allowed a maximum of four |
306 |
partitions (called primary partitions). This was too limiting, so a workaround |
307 |
called extended partitioning was created. An extended partition is very similar |
308 |
to a primary partition, and counts towards the primary partition limit of four. |
309 |
However, extended partitions can hold any number of so-called logical |
310 |
partitions inside them, providing an effective means of working around the four |
311 |
partition limit. |
312 |
</p> |
313 |
|
314 |
</body> |
315 |
</section> |
316 |
<section> |
317 |
<title>Partitioning overview, continued</title> |
318 |
<body> |
319 |
|
320 |
<p> |
321 |
All partitions hda5 and higher are logical partitions. The numbers 1 through 4 |
322 |
are reserved for primary or extended partitions. |
323 |
</p> |
324 |
|
325 |
<p> |
326 |
In our example, hda1 through hda3 are primary partitions. hda4 is an extended |
327 |
partition that contains logical partitions hda5 through hda9. You would never |
328 |
actually use <path>/dev/hda4</path> for storing any filesystems directly -- it |
329 |
simply acts as a container for partitions hda5 through hda9. |
330 |
</p> |
331 |
|
332 |
</body> |
333 |
</section> |
334 |
<section> |
335 |
<title>Partition types</title> |
336 |
<body> |
337 |
|
338 |
<p> |
339 |
Also, notice that each partition has an "Id," also called a partition type. |
340 |
Whenever you create a new partition, you should ensure that the partition type |
341 |
is set correctly. 83 is the correct partition type for partitions that will be |
342 |
housing Linux filesystems, and 82 is the correct partition type for Linux swap |
343 |
partitions. You set the partition type using the t option in <c>fdisk</c>. The |
344 |
Linux kernel uses the partition type setting to auto-detect fileystems and swap |
345 |
devices on the disk at boot-time. |
346 |
</p> |
347 |
|
348 |
</body> |
349 |
</section> |
350 |
<section> |
351 |
<title>Using fdisk to set up partitions</title> |
352 |
<body> |
353 |
|
354 |
<p> |
355 |
Now that you've had your introduction to the way disk partitioning is done |
356 |
under Linux, it's time to walk through the process of setting up disk |
357 |
partitions and filesystems for a new Linux installation. In this process, we |
358 |
will configure a disk with new partitions and then create filesystems on them. |
359 |
These steps will provide us with a completely clean disk with no data on it |
360 |
that can then be used as a basis for a new Linux installation. |
361 |
</p> |
362 |
|
363 |
<impo> |
364 |
To follow these steps, you need to have a hard drive that does not contain any |
365 |
important data, since these steps will <e>erase</e> the data on your disk. If |
366 |
this is all new to you, you may want to consider just reading the steps, or |
367 |
using a Linux boot disk on a test system so that no data will be at risk. |
368 |
</impo> |
369 |
|
370 |
</body> |
371 |
</section> |
372 |
<section> |
373 |
<title>What the partitioned disk will look like</title> |
374 |
<body> |
375 |
|
376 |
<p> |
377 |
After we walk through the process of creating partitions on your disk, your |
378 |
partition configuration will look like this: |
379 |
</p> |
380 |
|
381 |
<pre caption="Look of our disk after creating partitions"> |
382 |
Disk /dev/hda: 30.0 GB, 30005821440 bytes |
383 |
240 heads, 63 sectors/track, 3876 cylinders |
384 |
Units = cylinders of 15120 * 512 = 7741440 bytes |
385 |
|
386 |
Device Boot Start End Blocks Id System |
387 |
/dev/hda1 * 1 14 105808+ 83 Linux |
388 |
/dev/hda2 15 81 506520 82 Linux swap |
389 |
/dev/hda3 82 3876 28690200 83 Linux |
390 |
|
391 |
Command (m for help): |
392 |
</pre> |
393 |
|
394 |
</body> |
395 |
</section> |
396 |
<section> |
397 |
<title>Sample partition commentary</title> |
398 |
<body> |
399 |
|
400 |
<p> |
401 |
In our suggested "newbie" partition configuration, we have three partitions. |
402 |
The first one (<path>/dev/hda1</path>) at the beginning of the disk is a small |
403 |
partition called a boot partition. The boot partition's purpose is to hold all |
404 |
the critical data related to booting -- GRUB boot loader information (if you |
405 |
will be using GRUB) as well as your Linux kernel(s). The boot partition gives |
406 |
us a safe place to store everything related to booting Linux. During normal |
407 |
day-to-day Linux use, your boot partition should remain unmounted for safety. |
408 |
If you are setting up a SCSI system, your boot partition will likely end up |
409 |
being <path>/dev/sda1</path>. |
410 |
</p> |
411 |
|
412 |
<p> |
413 |
It's recommended to have boot partitions (containing everything necessary for |
414 |
the boot loader to work) at the beginning of the disk. While not necessarily |
415 |
required anymore, it is a useful tradition from the days when the LILO boot |
416 |
loader wasn't able to load kernels from filesystems that extended beyond disk |
417 |
cylinder 1024. |
418 |
</p> |
419 |
|
420 |
<p> |
421 |
The second partition (<path>/dev/hda2</path>) s used for swap space. The kernel |
422 |
uses swap space as virtual memory when RAM becomes low. This partition, |
423 |
relatively speaking, isn't very big either, typically somewhere around 512 MB. |
424 |
If you're setting up a SCSI system, this partition will likely end up being |
425 |
called <path>/dev/hda2</path>. |
426 |
</p> |
427 |
|
428 |
<p> |
429 |
The third partition (<path>/dev/hda3</path>) is quite large and takes up the |
430 |
rest of the disk. This partition is called our root partition and will be used |
431 |
to store your main filesystem that houses the main Linux filesystem. On a SCSI |
432 |
system, this partition would likely end up being <path>/dev/hda3</path>. |
433 |
</p> |
434 |
|
435 |
</body> |
436 |
</section> |
437 |
<section> |
438 |
<title>Getting started</title> |
439 |
<body> |
440 |
|
441 |
<p> |
442 |
Okay, now to create the partitions as in the example and table above. First, |
443 |
enter fdisk by typing <c>fdisk /dev/hda</c> or <c>fdisk /dev/sda</c>, depending |
444 |
on whether you're using IDE or SCSI. Then, type <c>p</c> to view your |
445 |
current partition configuration. Is there anything on the disk that you need to |
446 |
keep? If so, stop now. If you continue with these directions, all existing data |
447 |
on your disk will be erased. |
448 |
</p> |
449 |
|
450 |
<impo> |
451 |
Following the instructions below will cause all prior data on your disk to be |
452 |
erased! If there is anything on your drive, please be sure that it is |
453 |
non-critical information that you don't mind losing. Also make sure that you |
454 |
have selected the correct drive so that you don't mistakenly wipe data from the |
455 |
wrong drive. |
456 |
</impo> |
457 |
|
458 |
</body> |
459 |
</section> |
460 |
<section> |
461 |
<title>Zapping existing partitions</title> |
462 |
<body> |
463 |
|
464 |
<p> |
465 |
Now, it's time to delete any existing partitions. To do this, type d and hit |
466 |
enter. You will then be prompted for the partition number you would like to |
467 |
delete. To delete a pre-existing <path>/dev/hda1</path>, you would type: |
468 |
</p> |
469 |
|
470 |
<pre caption="Deleting pre-existing partition"> |
471 |
Command (m for help): <i>d</i> |
472 |
Partition number (1-4): <i>1</i> |
473 |
</pre> |
474 |
|
475 |
<p> |
476 |
The partition has been scheduled for deletion. It will no longer show up if you |
477 |
type <c>p</c>, but it will not be erased until your changes have been saved. If |
478 |
you made a mistake and want to abort without saving your changes, type <c>q</c> |
479 |
immediately and hit enter and your partition will not be deleted. |
480 |
</p> |
481 |
|
482 |
<p> |
483 |
Now, assuming that you do indeed want to wipe out all the partitions on your |
484 |
system, repeatedly type <c>p</c> to print out a partition listing and then type |
485 |
<c>d</c> and the number of the partition to delete it. Eventually, you'll end |
486 |
up with a partition table with nothing in it: |
487 |
</p> |
488 |
|
489 |
<pre caption="Drives look after cleaning it"> |
490 |
|
491 |
Disk /dev/hda: 30.0 GB, 30005821440 bytes |
492 |
240 heads, 63 sectors/track, 3876 cylinders |
493 |
Units = cylinders of 15120 * 512 = 7741440 bytes |
494 |
|
495 |
Device Boot Start End Blocks Id System |
496 |
|
497 |
Command (m for help): |
498 |
</pre> |
499 |
|
500 |
</body> |
501 |
</section> |
502 |
<section> |
503 |
<title>Creating a boot partition</title> |
504 |
<body> |
505 |
|
506 |
<p> |
507 |
Now that the in-memory partition table is empty, we're ready to create a boot |
508 |
partition. To do this, type <c>n</c> to create a new partition, then <c>p</c> |
509 |
to tell fdisk you want a primary partition. Then type <c>1</c> to create the |
510 |
first primary partition. When prompted for the first cylinder, hit enter. When |
511 |
prompted for the last cylinder, type <c>+100M</c> to create a partition 100MB |
512 |
in size. Here's the output from these steps: |
513 |
</p> |
514 |
|
515 |
<pre caption="Creating a boot partition"> |
516 |
Command (m for help): <i>n</i> |
517 |
Command action |
518 |
e extended |
519 |
p primary partition (1-4) |
520 |
<i>p</i> |
521 |
Partition number (1-4): <i>1</i> |
522 |
First cylinder (1-3876, default 1): |
523 |
Using default value 1 |
524 |
Last cylinder or +size or +sizeM or +sizeK (1-3876, default 3876): <i>+100M</i> |
525 |
</pre> |
526 |
|
527 |
<p> |
528 |
Now, when you type <c>p</c>, you should see the following partition printout: |
529 |
</p> |
530 |
|
531 |
<pre caption="Partition printout"> |
532 |
Command (m for help): <i>p</i> |
533 |
|
534 |
Disk /dev/hda: 30.0 GB, 30005821440 bytes |
535 |
240 heads, 63 sectors/track, 3876 cylinders |
536 |
Units = cylinders of 15120 * 512 = 7741440 bytes |
537 |
|
538 |
Device Boot Start End Blocks Id System |
539 |
/dev/hda1 1 14 105808+ 83 Linux |
540 |
</pre> |
541 |
|
542 |
</body> |
543 |
</section> |
544 |
<section> |
545 |
<title>Creating the swap partition</title> |
546 |
<body> |
547 |
|
548 |
<p> |
549 |
Next, let's create the swap partition. To do this, type <c>n</c> to create a |
550 |
new partition, then <c>p</c> to tell fdisk that you want a primary partition. |
551 |
Then type <c>2</c> to create the second primary partition, |
552 |
<path>/dev/hda2</path> in our case. When prompted for the first cylinder, hit |
553 |
enter. When prompted for the last cylinder, type <c>+512M</c> to create a |
554 |
partition 512MB in size. After you've done this, type <c>t</c> to set the |
555 |
partition type, and then type <c>82</c> to set the partition type to "Linux |
556 |
Swap." After completing these steps, typing <c>p</c> should display a partition |
557 |
table that looks similar to this: |
558 |
</p> |
559 |
|
560 |
<pre caption="Partition table"> |
561 |
Command (m for help): <i>p</i> |
562 |
|
563 |
Disk /dev/hda: 30.0 GB, 30005821440 bytes |
564 |
240 heads, 63 sectors/track, 3876 cylinders |
565 |
Units = cylinders of 15120 * 512 = 7741440 bytes |
566 |
|
567 |
Device Boot Start End Blocks Id System |
568 |
/dev/hda1 1 14 105808+ 83 Linux |
569 |
/dev/hda2 15 81 506520 82 Linux swap |
570 |
</pre> |
571 |
|
572 |
</body> |
573 |
</section> |
574 |
<section> |
575 |
<title>Making it bootable</title> |
576 |
<body> |
577 |
|
578 |
<p> |
579 |
Finally, we need to set the "bootable" flag on our boot partition and then |
580 |
write our changes to disk. To tag <path>/dev/hda1</path> as a "bootable" |
581 |
partition, type <c>a</c> at the menu and then type 1 for the partition number. |
582 |
If you type <c>p</c> now, you'll now see that <path>/dev/hda1</path> has an "*" |
583 |
in the "Boot" column. Now, let's write our changes to disk. To do this, type |
584 |
<c>w</c> and hit enter. Your disk partitions are now properly configured for |
585 |
the installation of Linux. |
586 |
</p> |
587 |
|
588 |
<note> |
589 |
If fdisk instructs you to do so, please reboot to allow your system to detect |
590 |
the new partition configuration. |
591 |
</note> |
592 |
|
593 |
</body> |
594 |
</section> |
595 |
<section> |
596 |
<title>Extended and logical partitioning</title> |
597 |
<body> |
598 |
|
599 |
<p> |
600 |
In the above example, we created a single primary partition that will contain a |
601 |
filesystem used to store all our data. This means that after installing Linux, |
602 |
this main filesystem will get mounted at "<path>/</path>" and will contain a |
603 |
tree of directories that contain all our files. |
604 |
</p> |
605 |
|
606 |
<p> |
607 |
While this is a common way to set up a Linux system, there is another approach |
608 |
that you should be familiar with. This approach uses multiple partitions that |
609 |
house multiple filesystems and are then "linked" together to form a cohesive |
610 |
filesystem tree. For example, it is common to put <path>/home</path> and |
611 |
<path>/var</path> on their own filesystems. |
612 |
</p> |
613 |
|
614 |
<p> |
615 |
We could have made hda2 into an extended rather than a primary partition. Then, |
616 |
we could have created the hda5, hda6, and hda7 logical partitions (which would |
617 |
technically be contained "inside" hda2), which would house the <path>/</path>, |
618 |
<path>/home</path>, and <path>/var</path> filesystems respectively. |
619 |
</p> |
620 |
|
621 |
<p> |
622 |
You can learn more about these types of multi-filesystem configurations by |
623 |
studying the resources listed on the next page. |
624 |
</p> |
625 |
|
626 |
</body> |
627 |
</section> |
628 |
<section> |
629 |
<title>Partitioning resources</title> |
630 |
<body> |
631 |
|
632 |
<p> |
633 |
For more information on partitioning, take a look at the following partitioning |
634 |
tips: |
635 |
</p> |
636 |
|
637 |
<ul> |
638 |
<li> |
639 |
<uri link="/doc/en/articles/partition-planning-tips.xml">Partition planning |
640 |
tips</uri> |
641 |
</li> |
642 |
<li> |
643 |
<uri link="/doc/en/articles/partitioning-p2.xml">Partitioning in action: |
644 |
consolidating data</uri> |
645 |
</li> |
646 |
<li> |
647 |
<uri link="/doc/en/articles/partitioning-p1.xml">Partitioning in action: |
648 |
moving /home</uri>. |
649 |
</li> |
650 |
</ul> |
651 |
|
652 |
</body> |
653 |
</section> |
654 |
<section> |
655 |
<title>Creating filesystems</title> |
656 |
<body> |
657 |
|
658 |
<p> |
659 |
Now that the partitions have been created, it's time to set up filesystems on |
660 |
the boot and root partitions so that they can be mounted and used to store |
661 |
data. We will also configure the swap partition to serve as swap storage. |
662 |
</p> |
663 |
|
664 |
<p> |
665 |
Linux supports a variety of different types of filesystems; each type has its |
666 |
strengths and weaknesses and its own set of performance characteristics. We |
667 |
will cover the creation of ext2, ext3, XFS, JFS, and ReiserFS filesystems in |
668 |
this tutorial. Before we create filesystems on our example system, let's |
669 |
briefly review the various filesystems available under Linux. We'll go into |
670 |
more detail on the filesystems later in the tutorial. |
671 |
</p> |
672 |
|
673 |
</body> |
674 |
</section> |
675 |
<section> |
676 |
<title>The ext2 filesystem</title> |
677 |
<body> |
678 |
|
679 |
<p> |
680 |
ext2 is the tried-and-true Linux filesystem, but it doesn't have metadata |
681 |
journaling, which means that routine ext2 filesystem checks at startup time can |
682 |
be quite time-consuming. There is now quite a selection of newer-generation |
683 |
journaled filesystems that can be checked for consistency very quickly and are |
684 |
thus generally preferred over their non-journaled counterparts. Journaled |
685 |
filesystems prevent long delays when you boot your system and your filesystem |
686 |
happens to be in an inconsistent state. |
687 |
</p> |
688 |
|
689 |
</body> |
690 |
</section> |
691 |
<section> |
692 |
<title>The ext3 filesystem</title> |
693 |
<body> |
694 |
|
695 |
<p> |
696 |
ext3 is the journaled version of the ext2 filesystem, providing metadata |
697 |
journaling for fast recovery in addition to other enhanced journaling modes, |
698 |
such as full data and ordered data journaling. ext3 is a very good and reliable |
699 |
filesystem. It offers generally decent performance under most conditions. |
700 |
Because it does not extensively employ the use of "trees" in its internal |
701 |
design, it doesn't scale very well, meaning that it is not an ideal choice for |
702 |
very large filesystems or situations where you will be handling very large |
703 |
files or large quantities of files in a single directory. But when used within |
704 |
its design parameters, ext3 is an excellent filesystem. |
705 |
</p> |
706 |
|
707 |
<p> |
708 |
One of the nice things about ext3 is that an existing ext2 filesystem can be |
709 |
upgraded "in-place" to ext3 quite easily. This allows for a seamless upgrade |
710 |
path for existing Linux systems that are already using ext2. |
711 |
</p> |
712 |
|
713 |
</body> |
714 |
</section> |
715 |
<section> |
716 |
<title>The ReiserFS filesystem</title> |
717 |
<body> |
718 |
|
719 |
<p> |
720 |
ReiserFS is a B-tree-based filesystem that has very good overall performance |
721 |
and greatly outperforms both ext2 and ext3 when dealing with small files (files |
722 |
less than 4k), often by a factor of 10x-15x. ReiserFS also scales extremely |
723 |
well and has metadata journaling. As of kernel 2.4.18+, ReiserFS is now |
724 |
rock-solid and highly recommended for use both as a general-purpose filesystem |
725 |
and for extreme cases such as the creation of large filesystems, the use of |
726 |
many small files, very large files, and directories containing tens of |
727 |
thousands of files. ReiserFS is the filesystem we recommend by default for all |
728 |
non-boot partitions. |
729 |
</p> |
730 |
|
731 |
</body> |
732 |
</section> |
733 |
<section> |
734 |
<title>The XFS filesystem</title> |
735 |
<body> |
736 |
|
737 |
<p> |
738 |
XFS is a filesystem with metadata journaling. It comes with a robust |
739 |
feature-set and is optimized for scalability. We only recommend using this |
740 |
filesystem on Linux systems with high-end SCSI and/or fibre channel storage and |
741 |
a uninterruptible power supply. Because XFS aggressively caches in-transit data |
742 |
in RAM, improperly designed programs (those that don't take proper precautions |
743 |
when writing files to disk (and there are quite a few of them) can lose a good |
744 |
deal of data if the system goes down unexpectedly. |
745 |
</p> |
746 |
|
747 |
</body> |
748 |
</section> |
749 |
<section> |
750 |
<title>The JFS filesystem</title> |
751 |
<body> |
752 |
|
753 |
<p> |
754 |
JFS is IBM's own high performance journaling filesystem. It has recently become |
755 |
production-ready, and we would like to see a longer track record before |
756 |
commenting either positively nor negatively on its general stability at this |
757 |
point. |
758 |
</p> |
759 |
|
760 |
</body> |
761 |
</section> |
762 |
<section> |
763 |
<title>Filesystem recommendations</title> |
764 |
<body> |
765 |
|
766 |
<p> |
767 |
If you're looking for the most rugged journaling filesystem, use ext3. If |
768 |
you're looking for a good general-purpose high-performance filesystem with |
769 |
journaling support, use ReiserFS; both ext3 and ReiserFS are mature, refined |
770 |
and recommended for general use. |
771 |
</p> |
772 |
|
773 |
<p> |
774 |
Based on our example above, we will use the following commands to initialize |
775 |
all our partitions for use: |
776 |
</p> |
777 |
|
778 |
<pre caption="Initlizing partitions"> |
779 |
# <i>mke2fs -j /dev/hda1</i> |
780 |
# <i>mkswap /dev/hda2</i> |
781 |
# <i>mkreiserfs /dev/hda3</i> |
782 |
</pre> |
783 |
|
784 |
<p> |
785 |
We choose ext3 for our <path>/dev/hda1</path> boot partition because it is a |
786 |
robust journaling filesystem supported by all major boot loaders. We used |
787 |
<c>mkswap</c> for our <path>/dev/hda2</path> swap partition -- the choice is |
788 |
obvious here. And for our main root filesystem on <path>/dev/hda3</path> we |
789 |
choose ReiserFS, since it is a solid journaling filesystem offering excellent |
790 |
performance. Now, go ahead and initialize your partitions. |
791 |
</p> |
792 |
|
793 |
</body> |
794 |
</section> |
795 |
<section> |
796 |
<title>Making swap</title> |
797 |
<body> |
798 |
|
799 |
<p> |
800 |
<c>mkswap</c> is the command that used to initialize swap partitions: |
801 |
</p> |
802 |
|
803 |
<pre caption="Initalizing swap partition"> |
804 |
# <i>mkswap /dev/hda2</i> |
805 |
</pre> |
806 |
|
807 |
<p> |
808 |
Unlike regular filesystems, swap partitions aren't mounted. Instead, they are |
809 |
enabled using the <c>swapon</c> command: |
810 |
</p> |
811 |
|
812 |
<pre caption="Enabling swap partition"> |
813 |
# <i>swapon /dev/hdc6</i> |
814 |
</pre> |
815 |
|
816 |
<p> |
817 |
Your Linux system's startup scripts will take care of automatically enabling |
818 |
your swap partitions. Therefore, the <c>swapon</c> command is generally only |
819 |
needed when you need to immediately add some swap that you just created. To |
820 |
view the swap devices currently enabled, type <c>cat /proc/swaps</c>. |
821 |
</p> |
822 |
|
823 |
</body> |
824 |
</section> |
825 |
<section> |
826 |
<title>Creating ext2, ext3, and ReiserFS filesystems</title> |
827 |
<body> |
828 |
|
829 |
<p> |
830 |
You can use the <c>mke2fs</c> command to create ext2 filesystems: |
831 |
</p> |
832 |
|
833 |
<pre caption="Creating ext2 filesystem"> |
834 |
# <i>mke2fs /dev/hda1</i> |
835 |
</pre> |
836 |
|
837 |
<p> |
838 |
If you would like to use ext3, you can create ext3 filesystems using <c>mke2fs |
839 |
-j</c>: |
840 |
</p> |
841 |
|
842 |
<pre caption="Creating ext3 filesystem"> |
843 |
# <i>mke2fs /dev/hda3</i> |
844 |
</pre> |
845 |
|
846 |
<note> |
847 |
You can find out more about using ext3 under Linux 2.4 on <uri |
848 |
link="http://www.zip.com.au/~akpm/linux/ext3/ext3-usage.html">this site</uri> |
849 |
maintained by Andrew Morton. |
850 |
</note> |
851 |
|
852 |
<p> |
853 |
To create ReiserFS filesystems, use the <c>mkreiserfs</c> command: |
854 |
</p> |
855 |
|
856 |
<pre caption="Creating ReiserFS filesystem"> |
857 |
# <i>mkreiserfs /dev/hda3</i> |
858 |
</pre> |
859 |
|
860 |
</body> |
861 |
</section> |
862 |
<section> |
863 |
<title>Creating XFS and JFS filesystems</title> |
864 |
<body> |
865 |
|
866 |
<p> |
867 |
To create an XFS filesystem, use the <c>mkfs.xfs</c> command: |
868 |
</p> |
869 |
|
870 |
<pre caption="Creating XFS filesystem"> |
871 |
# <i>mkfs.xfs /dev/hda3</i> |
872 |
</pre> |
873 |
|
874 |
<note> |
875 |
You may want to add a couple of additional flags to the mkfs.xfs command: <c>-d |
876 |
agcount=3 -l size=32m</c>. The <c>-d agcount=3</c> command will lower the |
877 |
number of allocation groups. XFS will insist on using at least one |
878 |
allocation group per 4GB of your partition, so, for example, if you have a 20GB |
879 |
partition you will need a minimum agcount of 5. The <c>l size=32m</c> command |
880 |
increases the journal size to 32MB, increasing performance. |
881 |
</note> |
882 |
|
883 |
<p> |
884 |
To create JFS filesystems, use the <c>mkfs.jfs</c> command: |
885 |
</p> |
886 |
|
887 |
<pre caption="Creating JFS filesystem"> |
888 |
# <i>mkfs.jfs /dev/hda3</i> |
889 |
</pre> |
890 |
|
891 |
</body> |
892 |
</section> |
893 |
<section> |
894 |
<title>Mounting filesystems</title> |
895 |
<body> |
896 |
|
897 |
<p> |
898 |
Once the filesystem is created, we can mount it using the <c>mount</c> command: |
899 |
</p> |
900 |
|
901 |
<pre caption="Mounting filesystem"> |
902 |
# <i>mount /dev/hda3 /mnt</i> |
903 |
</pre> |
904 |
|
905 |
<p> |
906 |
To mount a filesystem, specify the partition block device as a first argument |
907 |
and a "mountpoint" as a second argument. The new filesystem will be "grafted |
908 |
in" at the mountpoint. This also has the effect of "hiding" any files that were |
909 |
in the <path>/mnt</path> directory on the parent filesystem. Later, when the |
910 |
filesystem is unmounted, these files will reappear. After executing the mount |
911 |
command, any files created or copied inside <path>/mnt</path> will be stored on |
912 |
the new ReiserFS filesystem you mounted. |
913 |
</p> |
914 |
|
915 |
<p> |
916 |
Let's say we wanted to mount our boot partition inside <path>/mnt</path>. We |
917 |
could do this by performing the following steps: |
918 |
</p> |
919 |
|
920 |
<pre caption="Mounting boot partition in /mnt"> |
921 |
# <i>mkdir /mnt/boot</i> |
922 |
# <i>mount /dev/hda1 /mnt/boot</i> |
923 |
</pre> |
924 |
|
925 |
<p> |
926 |
Now, our boot filesystem is available inside /mnt/boot. If we create files |
927 |
inside <path>/mnt/boot</path>, they will be stored on our ext3 filesystem that |
928 |
physically resides on <path>/dev/hda1</path>. If we create file inside |
929 |
<path>/mnt</path> but not <path>/mnt/boot</path>, then they will be stored on |
930 |
our ReiserFS filesystem that resides on <path>/dev/hda3</path>. And if we |
931 |
create files outside of <path>/mnt</path>, they will not be stored on either |
932 |
filesystem but on the filesystem of our current Linux system or boot disk. |
933 |
</p> |
934 |
|
935 |
<p> |
936 |
To see what filesystems are mounted, type <c>mount</c> by itself. Here is the |
937 |
output of <c>mount</c> on one of our currently-running Linux system, which has |
938 |
partitions configured identically to those in the example above: |
939 |
</p> |
940 |
|
941 |
<pre caption="Output of mount command"> |
942 |
/dev/root on / type reiserfs (rw,noatime) |
943 |
none on /dev type devfs (rw) |
944 |
proc on /proc type proc (rw) |
945 |
tmpfs on /dev/shm type tmpfs (rw) |
946 |
usbdevfs on /proc/bus/usb type usbdevfs (rw) |
947 |
/dev/hde1 on /boot type ext3 (rw,noatime) |
948 |
</pre> |
949 |
|
950 |
<p> |
951 |
You can also view similar information by typing cat <path>/proc/mounts</path>. |
952 |
The "root" filesystem, <path>/dev/hda3</path> gets mounted automatically by the |
953 |
kernel at boot-time, and gets the symbolic name <path>/dev/hda3</path>. On our |
954 |
system, both <path>/dev/hda3</path> and <path>/dev/root</path> point to the |
955 |
same underlying block device using a symbolic link: |
956 |
</p> |
957 |
|
958 |
<pre caption="Symbolic links"> |
959 |
# <i>ls -l /dev/root</i> |
960 |
lr-xr-xr-x 1 root root 33 Mar 26 20:39 /dev/root -> ide/host0/bus0/target0/lun0/part3 |
961 |
|
962 |
# <i>ls -l /dev/hda3</i> |
963 |
lr-xr-xr-x 1 root root 33 Mar 26 20:39 /dev/hde3 -> ide/host0/bus0/target0/lun0/part3 |
964 |
</pre> |
965 |
|
966 |
</body> |
967 |
</section> |
968 |
<section> |
969 |
<title>Even more mounting stuff</title> |
970 |
<body> |
971 |
|
972 |
<p> |
973 |
So, what is this "<path>/dev/ide/host0</path>...." file? Systems like mine that |
974 |
use the devfs device-management filesystem for <path>/dev</path> have longer |
975 |
official names for the partition and disk block devices than Linux used to have |
976 |
in the past. For example, <path>/dev/ide/host0/bus1/target0/lun0/part7</path> |
977 |
is the official name for <path>/dev/hdc7</path>, and <path>/dev/hdc7</path> |
978 |
itself is just a symlink pointing to the official block device. You can |
979 |
determine if your system is using devfs by checking to see if the |
980 |
<path>/dev/.devfsd</path> file exists; if so, then devfs is active. |
981 |
</p> |
982 |
|
983 |
<p> |
984 |
When using the mount command to mount filesystems, it attempts to auto-detect |
985 |
the filesystem type. Sometimes, this may not work and you will need to specify |
986 |
the to-be-mounted filesystem type manually using the -t option, as follows: |
987 |
</p> |
988 |
|
989 |
<pre caption="Mounting ext3 filesystem manually with -t option"> |
990 |
# <i>mount /dev/hda1 /mnt/boot -t ext3</i> |
991 |
</pre> |
992 |
|
993 |
<p>or</p> |
994 |
|
995 |
<pre caption="Mouting reiserfs filesystem manually with -t option"> |
996 |
# <i>mount /dev/hda3 /mnt -t reiserfs</i> |
997 |
</pre> |
998 |
|
999 |
</body> |
1000 |
</section> |
1001 |
<section> |
1002 |
<title>Mount options</title> |
1003 |
<body> |
1004 |
|
1005 |
<p> |
1006 |
It's also possible to customize various attributes of the to-be-mounted |
1007 |
filesystem by specifying mount options. For example, you can mount a filesystem |
1008 |
as "read-only" by using the "ro" option: |
1009 |
</p> |
1010 |
|
1011 |
<pre caption="Mouting filesystem as read-only"> |
1012 |
# <i>mount /dev/hdc6 /mnt -o ro</i> |
1013 |
</pre> |
1014 |
|
1015 |
<p> |
1016 |
With <path>/dev/hdc6</path> mounted read-only, no files can be modified in |
1017 |
<path>/mnt</path> -- only read. If your filesystem is already mounted |
1018 |
"read/write" and you want to switch it to read-only mode, you can use the |
1019 |
"remount" option to avoid having to unmount and remount the filesystem again: |
1020 |
</p> |
1021 |
|
1022 |
<pre caption="Using remount option"> |
1023 |
# <i>mount /mnt -o remount,ro</i> |
1024 |
</pre> |
1025 |
|
1026 |
<p> |
1027 |
Notice that we didn't need to specify the partition block device because the |
1028 |
filesystem is already mounted and <c>mount</c> knows that <path>/mnt</path> is |
1029 |
associated with <path>/dev/hdc6</path>. To make the filesystem writeable again, |
1030 |
we can remount it as read-write: |
1031 |
</p> |
1032 |
|
1033 |
<pre caption="Remounting filesystem as read-write"> |
1034 |
# <i>mount /mnt -o remount,rw</i> |
1035 |
</pre> |
1036 |
|
1037 |
<p> |
1038 |
Note that these remount commands will not complete successfully if any process |
1039 |
has opened any files or directories in <path>/mnt</path>. To familiarize |
1040 |
yourself with all the mount options available under Linux, type <c>man |
1041 |
mount</c>. |
1042 |
</p> |
1043 |
|
1044 |
</body> |
1045 |
</section> |
1046 |
<section> |
1047 |
<title>Introducing fstab</title> |
1048 |
<body> |
1049 |
|
1050 |
<p> |
1051 |
So far, we've seen how partition an example disk and mount filesystems manually |
1052 |
from a boot disk. But once we get a Linux system installed, how do we configure |
1053 |
that Linux system to mount the right filesystems at the right time? For |
1054 |
example, Let's say that we installed Gentoo Linux on our current example |
1055 |
filesystem configuration. How would our system know how to to find the root |
1056 |
filesystem on <path>/dev/hda3</path>? And if any other filesystems -- like swap |
1057 |
-- needed to be mounted at boot time, how would it know which ones? |
1058 |
</p> |
1059 |
|
1060 |
<p> |
1061 |
Well, the Linux kernel is told what root filesystem to use by the boot loader, |
1062 |
and we'll take a look at the linux boot loaders later in this tutorial. But for |
1063 |
everything else, your Linux system has a file called <path>/etc/fstab</path> |
1064 |
that tells it about what filesystems are available for mounting. Let's take a |
1065 |
look at it. |
1066 |
</p> |
1067 |
|
1068 |
</body> |
1069 |
</section> |
1070 |
<section> |
1071 |
<title>A sample fstab</title> |
1072 |
<body> |
1073 |
|
1074 |
<p> |
1075 |
Let's take a look at a sample <path>/etc/fstab</path> file: |
1076 |
</p> |
1077 |
|
1078 |
<pre caption="Sample /etc/fstab file"> |
1079 |
<fs> <mountpoint> <type> <opts> <dump/pass> |
1080 |
|
1081 |
/dev/hda1 /boot ext3 noauto,noatime 1 1 |
1082 |
/dev/hda3 / reiserfs noatime 0 0 |
1083 |
/dev/hda2 none swap sw 0 0 |
1084 |
/dev/cdrom /mnt/cdrom iso9660 noauto,ro,user 0 0 |
1085 |
# /proc should always be enabled |
1086 |
proc /proc proc defaults 0 0 |
1087 |
</pre> |
1088 |
|
1089 |
<p> |
1090 |
Above, each non-commented line in <path>/etc/fstab</path> specifies a partition |
1091 |
block device, a mountpoint, a filesystem type, the filesystem options to use |
1092 |
when mounting the filesystem, and two numeric fields. The first numeric field |
1093 |
is used to tell the <c>dump</c> backup command the filesystems that should be |
1094 |
backed up. Of course, if you are not planning to use <c>dump</c> on your |
1095 |
system, then you can safely ignore this field. The last field is used by the |
1096 |
<c>fsck</c> filesystem integrity checking program, and tells it the order in |
1097 |
which your filesystems should be checked at boot. We'll touch on <c>fsck</c> |
1098 |
again in a few panels. |
1099 |
</p> |
1100 |
|
1101 |
<p> |
1102 |
Look at the <path>/dev/hda1</path> line; you'll see that <path>/dev/hda1</path> |
1103 |
is an ext3 filesystem that should be mounted at the <path>/boot</path> |
1104 |
mountpoint. Now, look at <path>/dev/hda1</path>'s mount options in the opts |
1105 |
column. The noauto option tells the system to not mount <path>/dev/hda1</path> |
1106 |
automatically at boot time; without this option, <path>/dev/hda1</path> would |
1107 |
be automatically mounted to <path>/boot</path> at system boot time. |
1108 |
</p> |
1109 |
|
1110 |
<p> |
1111 |
Also note the noatime option, which turns off the recording of atime (last |
1112 |
access time) information on the disk. This information is generally not needed, |
1113 |
and turning off atime updates has a positive effect on filesystem performance. |
1114 |
</p> |
1115 |
|
1116 |
<p> |
1117 |
Now, take a look at the <path>/proc</path> line and notice the defaults option. |
1118 |
Use defaults whenever you want a filesystem to be mounted with just the |
1119 |
standard mount options. Since <path>/etc/fstab</path> has multiple fields, we |
1120 |
can't simply leave the option field blank. |
1121 |
</p> |
1122 |
|
1123 |
<p> |
1124 |
Also notice the <path>/etc/fstab</path> line for <path>/dev/hda2</path>. This |
1125 |
line defines <path>/dev/hda2</path> as a swap device. Since swap devices aren't |
1126 |
mounted like filesystems, none is specified in the mountpoint field. Thanks to |
1127 |
this <path>/etc/fstab</path> entry, our <path>/dev/hda2</path> swap device will |
1128 |
be enabled automatically when the system starts up. |
1129 |
</p> |
1130 |
|
1131 |
<p> |
1132 |
With an <path>/etc/fstab</path> entry for <path>/dev/cdrom</path> like the one |
1133 |
above, mounting the CD-ROM drive becomes easier. Instead of typing: |
1134 |
</p> |
1135 |
|
1136 |
<pre caption="Mounting CD-ROM without entry in fstab"> |
1137 |
# <i>mount -t iso9660 /dev/cdrom /mnt/cdrom -o ro</i> |
1138 |
</pre> |
1139 |
|
1140 |
<p> |
1141 |
We can now type: |
1142 |
</p> |
1143 |
|
1144 |
<pre caption="Mounting CD-ROM with entry in fstab"> |
1145 |
# <i>mount /dev/cdrom</i> |
1146 |
</pre> |
1147 |
|
1148 |
<p> |
1149 |
In fact, using <path>/etc/fstab</path> allows us to take advantage of the user |
1150 |
option. The user mount option tells the system to allow this particular |
1151 |
filesystem to be mounted by any user. This comes in handy for removable media |
1152 |
devices like CD-ROM drives. Without this fstab mount option, only the root user |
1153 |
would be able to use the CD-ROM drive. |
1154 |
</p> |
1155 |
|
1156 |
</body> |
1157 |
</section> |
1158 |
<section> |
1159 |
<title>Unmounting filesystems</title> |
1160 |
<body> |
1161 |
|
1162 |
<p> |
1163 |
Generally, all mounted filesystems are unmounted automatically by the system |
1164 |
when it is rebooted or shut down. When a filesystem is unmounted, any cached |
1165 |
filesystem data in memory is flushed to the disk. |
1166 |
</p> |
1167 |
|
1168 |
<p> |
1169 |
However, it's also possible to unmount filesystems manually. Before a |
1170 |
filesystem can be unmounted, you first need to ensure that there are no |
1171 |
processes running that have open files on the filesystem in question. Then, use |
1172 |
the <c>umount</c> command, specifying either the device name or mount point as |
1173 |
an argument: |
1174 |
</p> |
1175 |
|
1176 |
<pre caption="Using umount command"> |
1177 |
# <i>umount /mnt</i> |
1178 |
</pre> |
1179 |
|
1180 |
<p> |
1181 |
or |
1182 |
</p> |
1183 |
|
1184 |
<pre caption="Using umount command"> |
1185 |
# <i>umount /dev/hda3</i> |
1186 |
</pre> |
1187 |
|
1188 |
<p> |
1189 |
Once unmounted, any files in <path>/mnt</path> that were "covered" by the |
1190 |
previously-mounted filesystem will now reappear. |
1191 |
</p> |
1192 |
|
1193 |
</body> |
1194 |
</section> |
1195 |
<section> |
1196 |
<title>Introducing fsck</title> |
1197 |
<body> |
1198 |
|
1199 |
<p> |
1200 |
If your system crashes or locks up for some reason, the system won't have an |
1201 |
opportunity to cleanly unmount your filesystems. When this happens, the |
1202 |
filesystems are left in an inconsistent (unpredictable) state. When the system |
1203 |
reboots, the <c>fsck</c> program will detect that the filesystems were not |
1204 |
cleanly unmounted and will want to perform a consistency check of filesystems |
1205 |
listed in <path>/etc/fstab</path>. |
1206 |
</p> |
1207 |
|
1208 |
<impo> |
1209 |
For a filesystem to be checked by <c>fsck</c> it must have a non-zero number in |
1210 |
the "pass" field (the last field) in <path>/etc/fstab</path>. Typically, the |
1211 |
root filesystem is set to a passno of 1, specifying that it should be checked |
1212 |
first. All other filesystems that should be checked at startup time should have |
1213 |
a passno of 2 or higher. For some journaling filesystems like ReiserFS, it is |
1214 |
safe to have a passno of 0 since the journaling code (and not an external |
1215 |
<c>fsck</c>) takes care of making the filesystem consistent again. |
1216 |
</impo> |
1217 |
|
1218 |
<p> |
1219 |
Sometimes, you may find that after a reboot <c>fsck</c> is unable to fully |
1220 |
repair a partially damaged filesystem. In these instances, all you need to do |
1221 |
is to bring your system down to single-user mode and run <c>fsck</c> manually, |
1222 |
supplying the partition block device as an argument. As <c>fsck</c> performs |
1223 |
its filesystem repairs, it may ask you whether to fix particular filesystem |
1224 |
defects. In general, you should say <c>y</c> (yes) to all these questions and |
1225 |
allow <c>fsck</c> to do its thing. |
1226 |
</p> |
1227 |
|
1228 |
</body> |
1229 |
</section> |
1230 |
<section> |
1231 |
<title>Problems with fsck</title> |
1232 |
<body> |
1233 |
|
1234 |
<p> |
1235 |
One of the problems with <c>fsck</c> scans is that they can take quite a while |
1236 |
to complete, since the entirety of a filesystem's metadata (internal data |
1237 |
structure) needs to be scanned in order to ensure that it's consistent. With |
1238 |
extremely large filesystems, it is not unusual for an exhaustive fsck to take |
1239 |
more than an hour. |
1240 |
</p> |
1241 |
|
1242 |
<p> |
1243 |
In order to solve this problem, a new type of filesystem was designed, called a |
1244 |
journaling filesystem. Journaling filesystems record an on-disk log of recent |
1245 |
changes to the filesystem metadata. In the event of a crash, the filesystem |
1246 |
driver inspects the log. Because the log contains an accurate account of recent |
1247 |
changes on disk, only these parts of the filesystem metadata need to be checked |
1248 |
for errors. Thanks to this important design difference, checking a journalled |
1249 |
filesystem for consistency typically takes just a matter of seconds, regardless |
1250 |
of filesystem size. For this reason, journaling filesystems are gaining |
1251 |
popularity in the Linux community. For more information on journaling |
1252 |
filesystems, see the <uri |
1253 |
link="http://www-106.ibm.com/developerworks/library/l-fs.html">Advanced |
1254 |
filesystem implementor's guide, part 1: Journaling and ReiserFS</uri>. |
1255 |
</p> |
1256 |
|
1257 |
<p> |
1258 |
Let's cover the major filesystems available for Linux, along with their |
1259 |
associated commands and options. |
1260 |
</p> |
1261 |
|
1262 |
</body> |
1263 |
</section> |
1264 |
<section> |
1265 |
<title>The ext2 filesystem</title> |
1266 |
<body> |
1267 |
|
1268 |
<p> |
1269 |
The ext2 filesystem has been the standard Linux filesystem for many years. It |
1270 |
has generally good performance for most applications, but it does not offer any |
1271 |
journaling capability. This makes it unsuitable for very large filesystems, |
1272 |
since <c>fsck</c> can take an extremely long time. In addition, ext2 has some |
1273 |
built-in limitations due to the fact that every ext2 filesystem has a fixed |
1274 |
number of inodes that it can hold. That being said, ext2 is generally |
1275 |
considered to be an extremely robust and efficient non-journalled filesystem. |
1276 |
</p> |
1277 |
|
1278 |
<ul> |
1279 |
<li>In kernels: 2.0+</li> |
1280 |
<li>journaling: no</li> |
1281 |
<li>mkfs command: mke2fs</li> |
1282 |
<li>mkfs example: mke2fs /dev/hdc7</li> |
1283 |
<li>related commands: debugfs, tune2fs, chattr</li> |
1284 |
<li>performance-related mount options: noatime.</li> |
1285 |
</ul> |
1286 |
|
1287 |
</body> |
1288 |
</section> |
1289 |
<section> |
1290 |
<title>The ext3 filesystem</title> |
1291 |
<body> |
1292 |
|
1293 |
<p> |
1294 |
The ext3 filesystem uses the same on-disk format as ext2, but adds journaling |
1295 |
capabilities. In fact, of all the Linux filesystems, ext3 has the most |
1296 |
extensive journaling support, supporting not only metadata journaling but also |
1297 |
ordered journaling (the default) and full metadata+data journaling. These |
1298 |
"special" journaling modes help to ensure data integrity, not just short fscks |
1299 |
like other journaling implementations. For this reason, ext3 is the best |
1300 |
filesystem to use if data integrity is an absolute first priority. However, |
1301 |
these data integrity features do impact performance somewhat. In addition, |
1302 |
because ext3 uses the same on-disk format as ext2, it still suffers from the |
1303 |
same scalability limitations as its non-journalled cousin. Ext3 is a good |
1304 |
choice if you're looking for a good general-purpose journalled filesystem that |
1305 |
is also very robust. |
1306 |
</p> |
1307 |
|
1308 |
<ul> |
1309 |
<li>In kernels: 2.4.16+</li> |
1310 |
<li>journaling: metadata, ordered data writes, full metadata+data</li> |
1311 |
<li>mkfs command: mke2fs -j</li> |
1312 |
<li>mkfs example: mke2fs -j /dev/hdc7</li> |
1313 |
<li>related commands: debugfs, tune2fs, chattr</li> |
1314 |
<li>performance-related mount options: noatime</li> |
1315 |
<li> |
1316 |
other mount options: |
1317 |
<ul> |
1318 |
<li>data=writeback (disable journaling)</li> |
1319 |
<li> |
1320 |
data=ordered (the default, metadata journaling and data is written out |
1321 |
to disk with metadata) |
1322 |
</li> |
1323 |
<li> |
1324 |
data=journal (full data journaling for data and metadata integrity. Halves |
1325 |
write performance.) |
1326 |
</li> |
1327 |
</ul> |
1328 |
</li> |
1329 |
<li> |
1330 |
ext3 resources: |
1331 |
<ul> |
1332 |
<li> |
1333 |
<uri |
1334 |
link="http://www.zip.com.au/~akpm/linux/ext3/">Andrew Morton's ext3 |
1335 |
page</uri> |
1336 |
</li> |
1337 |
<li> |
1338 |
<uri |
1339 |
link="http://www.zip.com.au/~akpm/linux/ext3/ext3-usage.html">Andrew |
1340 |
Morton's excellent ext3 usage documentation (recommended)</uri> |
1341 |
</li> |
1342 |
<li> |
1343 |
<uri |
1344 |
link="http://www-106.ibm.com/developerworks/linux/library/l-fs7/"># |
1345 |
Advanced filesystem implementor's guide, part 7: Introducing ext3</uri> |
1346 |
</li> |
1347 |
<li> |
1348 |
<uri |
1349 |
link="http://www.gentoo.org/doc/en/articles/l-afig-p8.xml">Advanced |
1350 |
filesystem implementor's guide, part 8: Surprises in ext3.</uri> |
1351 |
</li> |
1352 |
</ul> |
1353 |
</li> |
1354 |
</ul> |
1355 |
|
1356 |
</body> |
1357 |
</section> |
1358 |
<section> |
1359 |
<title>The ReiserFS filesystem</title> |
1360 |
<body> |
1361 |
|
1362 |
<p> |
1363 |
ReiserFS is a relatively new filesystem that has been designed with the goal of |
1364 |
providing very good small file performance, very good general performance and |
1365 |
being very scalable. In general, ReiserFS offers very good performance in most |
1366 |
all situations. ReiserFS is preferred by many for its speed and scalability. |
1367 |
</p> |
1368 |
|
1369 |
<ul> |
1370 |
<li>In kernels: 2.4.0+ (2.4.18+ strongly recommended)</li> |
1371 |
<li>journaling: metadata</li> |
1372 |
<li>mkfs command: mkreiserfs</li> |
1373 |
<li>mkfs example: mkreiserfs /dev/hdc7</li> |
1374 |
<li>performance-related mount options: noatime, notail</li> |
1375 |
<li> |
1376 |
ReiserFS Resources: |
1377 |
<ul> |
1378 |
<li><uri link="http://www.namesys.com/">The home of ReiserFS</uri></li> |
1379 |
<li> |
1380 |
<uri |
1381 |
link="http://www-106.ibm.com/developerworks/library/l-fs.html">Advanced |
1382 |
filesystem implementor's guide, part 1: Journaling and ReiserFS</uri> |
1383 |
</li> |
1384 |
<li> |
1385 |
<uri |
1386 |
link="http://www-106.ibm.com/developerworks/library/l-fs2.html">Advanced |
1387 |
filesystem implementor's guide, part 2: Using ReiserFS and Linux |
1388 |
2.4.</uri> |
1389 |
</li> |
1390 |
</ul> |
1391 |
</li> |
1392 |
</ul> |
1393 |
|
1394 |
</body> |
1395 |
</section> |
1396 |
<section> |
1397 |
<title>The XFS filesystem</title> |
1398 |
<body> |
1399 |
|
1400 |
<p> |
1401 |
The XFS filesystem is an enterprise-class journaling filesystem being ported to |
1402 |
Linux by SGI. XFS is a full-featured, scalable, journaled file-system that is a |
1403 |
good match for high-end, reliable hardware (since it relies heavily on caching |
1404 |
data in RAM.) but not a good match for low-end hardware. |
1405 |
</p> |
1406 |
|
1407 |
<ul> |
1408 |
<li>In kernels: 2.5.34+ only, requires patch for 2.4 series</li> |
1409 |
<li>journaling: metadata</li> |
1410 |
<li>mkfs command: mkfs.xfs</li> |
1411 |
<li>mkfs example: mkfs.xfs /dev/hdc7</li> |
1412 |
<li>performance-related mount options: noatime</li> |
1413 |
<li> |
1414 |
XFS Resources: |
1415 |
<ul> |
1416 |
<li> |
1417 |
<uri |
1418 |
link="http://oss.sgi.com/projects/xfs/">The home of XFS (sgi.com)</uri> |
1419 |
</li> |
1420 |
<li> |
1421 |
<uri |
1422 |
link="http://www-106.ibm.com/developerworks/library/l-fs9.html">Advanced |
1423 |
filesystem implementor's guide, part 9: Introducing XFS</uri> |
1424 |
</li> |
1425 |
<li> |
1426 |
<uri |
1427 |
link="http://www-106.ibm.com/developerworks/library/l-fs10.html">Advanced |
1428 |
filesystem implementor's guide, part 10: Deploying XFS.</uri> |
1429 |
</li> |
1430 |
</ul> |
1431 |
</li> |
1432 |
</ul> |
1433 |
|
1434 |
</body> |
1435 |
</section> |
1436 |
<section> |
1437 |
<title>The JFS filesystem</title> |
1438 |
<body> |
1439 |
|
1440 |
<p> |
1441 |
JFS is a high-performance journaling filesystem ported to Linux by IBM. JFS is |
1442 |
used by IBM enterprise servers and is designed for high-performance |
1443 |
applications. You can learn more about JFS at <uri |
1444 |
link="http://www-124.ibm.com/developerworks/oss/jfs/index.html">the JFS project |
1445 |
Web site</uri>. |
1446 |
</p> |
1447 |
|
1448 |
<ul> |
1449 |
<li>In kernels: 2.4.20+</li> |
1450 |
<li>journaling: metadata</li> |
1451 |
<li>mkfs command: mkfs.jfs</li> |
1452 |
<li>mkfs example: mkfs.jfs /dev/hdc7</li> |
1453 |
<li>performance-related mount options: noatime</li> |
1454 |
<li> |
1455 |
JFS Resources: <uri |
1456 |
link="http://www-124.ibm.com/developerworks/oss/jfs/index.html">the JFS |
1457 |
project Web site (IBM).</uri> |
1458 |
</li> |
1459 |
</ul> |
1460 |
|
1461 |
</body> |
1462 |
</section> |
1463 |
<section> |
1464 |
<title>VFAT</title> |
1465 |
<body> |
1466 |
|
1467 |
<p> |
1468 |
The VFAT filesystem isn't really a filesystem that you would choose for storing |
1469 |
Linux files. Instead, it's a DOS-compatible filesystem driver that allows you |
1470 |
to mount and exchange data with DOS and Windows FAT-based filesystems. The VFAT |
1471 |
filesystem driver is present in the standard Linux kernel. |
1472 |
</p> |
1473 |
|
1474 |
</body> |
1475 |
</section> |
1476 |
</chapter> |
1477 |
|
1478 |
<chapter> |
1479 |
<title>Booting the system</title> |
1480 |
<section> |
1481 |
<title>About this section</title> |
1482 |
<body> |
1483 |
|
1484 |
<p> |
1485 |
This section introduces the Linux boot procedure. We'll cover the concept of a |
1486 |
boot loader, how to set kernel options at boot, and how to examine the boot log |
1487 |
for errors. |
1488 |
</p> |
1489 |
|
1490 |
</body> |
1491 |
</section> |
1492 |
<section> |
1493 |
<title>The MBR</title> |
1494 |
<body> |
1495 |
|
1496 |
<p> |
1497 |
The boot process is similar for all machines, regardless of which distribution |
1498 |
is installed. Consider the following example hard disk: |
1499 |
</p> |
1500 |
|
1501 |
<pre caption="Structure of a hard disk"> |
1502 |
+----------------+ |
1503 |
| MBR | |
1504 |
+----------------+ |
1505 |
| Partition 1: | |
1506 |
| Linux root (/) | |
1507 |
| containing | |
1508 |
| kernel and | |
1509 |
| system. | |
1510 |
+----------------+ |
1511 |
| Partition 2: | |
1512 |
| Linux swap | |
1513 |
+----------------+ |
1514 |
| Partition 3: | |
1515 |
| Windows 3.0 | |
1516 |
| (last booted | |
1517 |
| in 1992) | |
1518 |
+----------------+ |
1519 |
</pre> |
1520 |
|
1521 |
<p> |
1522 |
First, the computer's BIOS reads the first few sectors of your hard disk. These |
1523 |
sectors contain a very small program, called the "Master Boot Record," or |
1524 |
"MBR." The MBR has stored the location of the Linux kernel on the hard disk |
1525 |
(partition 1 in the example above), so it loads the kernel into memory and |
1526 |
starts it. |
1527 |
</p> |
1528 |
|
1529 |
</body> |
1530 |
</section> |
1531 |
<section> |
1532 |
<title>The kernel boot process</title> |
1533 |
<body> |
1534 |
|
1535 |
<p> |
1536 |
The next thing you see (although it probably flashes by quickly) is a line |
1537 |
similar to the following: |
1538 |
</p> |
1539 |
|
1540 |
<pre caption="Boot process line"> |
1541 |
Linux version 2.4.16 (root@×××××××××××××.org) (gcc version 2.95.3 20010315 (release)) #1 Sat Jan 12 19:23:04 EST 2002 |
1542 |
</pre> |
1543 |
|
1544 |
<p> |
1545 |
This is the first line printed by the kernel when it starts running. The first |
1546 |
part is the kernel version, followed by the identification of the user that |
1547 |
built the kernel (usually root), the compiler that built it, and the timestamp |
1548 |
when it was built. |
1549 |
</p> |
1550 |
|
1551 |
<p> |
1552 |
Following that line is a whole slew of output from the kernel regarding the |
1553 |
hardware in your system: the processor, PCI bus, disk controller, disks, serial |
1554 |
ports, floppy drive, USB devices, network adapters, sound cards, and possibly |
1555 |
others will each in turn report their status. |
1556 |
</p> |
1557 |
|
1558 |
</body> |
1559 |
</section> |
1560 |
<section> |
1561 |
<title>/sbin/init</title> |
1562 |
<body> |
1563 |
|
1564 |
<p> |
1565 |
When the kernel finishes loading, it starts a program called <c>init</c>. This |
1566 |
program remains running until the system is shut down. It is always assigned |
1567 |
process ID 1, as you can see: |
1568 |
</p> |
1569 |
|
1570 |
<pre caption="init process ID"> |
1571 |
$ <i>ps --pid 1</i> |
1572 |
PID TTY TIME CMD |
1573 |
1 ? 00:00:04 init.system |
1574 |
</pre> |
1575 |
|
1576 |
<p> |
1577 |
The <c>init</c> program boots the rest of your distribution by running a series |
1578 |
of scripts. These scripts typically live in <path>/etc/rc.d/init.d</path> or |
1579 |
<path>/etc/init.d</path>, and they perform services such as setting the |
1580 |
system's hostname, checking the filesystem for errors, mounting additional |
1581 |
filesystems, enabling networking, starting print services, etc. When the |
1582 |
scripts complete, <c>init</c> starts a program called <c>getty</c> which |
1583 |
displays the login prompt, and you're good to go! |
1584 |
</p> |
1585 |
|
1586 |
</body> |
1587 |
</section> |
1588 |
<section> |
1589 |
<title>Digging in: LILO</title> |
1590 |
<body> |
1591 |
|
1592 |
<p> |
1593 |
Now that we've taken a quick tour through the booting process, let's look more |
1594 |
closely at the first part: the MBR and loading the kernel. The maintenance of |
1595 |
the MBR is the responsibility of the "boot loader." The two most popular boot |
1596 |
loaders for x86-based Linux are "LILO" (LInux LOader) and "GRUB" (GRand Unified |
1597 |
Bootloader). |
1598 |
</p> |
1599 |
|
1600 |
<p> |
1601 |
Of the two, LILO is the older and more common boot loader. LILO's presence on |
1602 |
your system is reported at boot, with the short "LILO boot:" prompt. Note that |
1603 |
you may need to hold down the shift key during boot to get the prompt, since |
1604 |
often a system is configured to whiz straight through without stopping. |
1605 |
</p> |
1606 |
|
1607 |
<p> |
1608 |
There's not much fanfare at the LILO prompt, but if you press the <tab> |
1609 |
key, you'll be presented with a list of potential kernels (or other operating |
1610 |
systems) to boot. Often there's only one in the list. You can boot one of them |
1611 |
by typing it and pressing <enter>. Alternatively you can simply press |
1612 |
<enter> and the first item on the list will boot by default. |
1613 |
</p> |
1614 |
|
1615 |
</body> |
1616 |
</section> |
1617 |
<section> |
1618 |
<title>Using LILO</title> |
1619 |
<body> |
1620 |
|
1621 |
<p> |
1622 |
Occasionally you may want to pass an option to the kernel at boot time. Some of |
1623 |
the more common options are <c>root=</c> to specify an alternative root |
1624 |
filesystem, <c>init=</c> to specify an alternative init program (such as |
1625 |
<c>init=/bin/sh</c> to rescue a misconfigured system), and <c>mem=</c> to |
1626 |
specify the amount of memory in the system (for example <c>mem=512M</c> in the |
1627 |
case that Linux only autodetects 128M). You could pass these to the kernel at |
1628 |
the LILO boot prompt: |
1629 |
</p> |
1630 |
|
1631 |
<pre caption="LILO boot prompt"> |
1632 |
LILO boot: linux root=/dev/hdb2 init=/bin/sh mem=512M |
1633 |
</pre> |
1634 |
|
1635 |
<p> |
1636 |
If you need to regularly specify command-line options, you might consider |
1637 |
adding them to <path>/etc/lilo.conf</path>. The format of that file is |
1638 |
described in the <path>lilo.conf</path>(5) man-page. |
1639 |
</p> |
1640 |
|
1641 |
</body> |
1642 |
</section> |
1643 |
<section> |
1644 |
<title>An important LILO gotcha</title> |
1645 |
<body> |
1646 |
|
1647 |
<p> |
1648 |
Before moving on to GRUB, there is an important gotcha to LILO. Whenever you |
1649 |
make changes to <path>/etc/lilo.conf</path>, or whenever you install a new |
1650 |
kernel, you must run <c>lilo</c>. The <c>lilo</c> program rewrites the MBR to |
1651 |
reflect the changes you made, including recording the absolute disk location of |
1652 |
the kernel. The example here makes use of the -v flag for verboseness: |
1653 |
</p> |
1654 |
|
1655 |
<pre caption="Using lilo command with -v flag"> |
1656 |
# <i>lilo -v</i> |
1657 |
LILO version 21.4-4, Copyright (C) 1992-1998 Werner Almesberger |
1658 |
'lba32' extensions Copyright (C) 1999,2000 John Coffman |
1659 |
|
1660 |
Reading boot sector from /dev/hda |
1661 |
Merging with /boot/boot.b |
1662 |
Mapping message file /boot/message |
1663 |
Boot image: /boot/vmlinuz-2.2.16-22 |
1664 |
Added linux * |
1665 |
/boot/boot.0300 exists - no backup copy made. |
1666 |
Writing boot sector. |
1667 |
</pre> |
1668 |
|
1669 |
</body> |
1670 |
</section> |
1671 |
<section> |
1672 |
<title>Digging in: GRUB</title> |
1673 |
<body> |
1674 |
|
1675 |
<p> |
1676 |
The GRUB boot loader could be considered the next generation of boot loader, |
1677 |
following LILO. Most visibly to users, it provides a menu interface instead of |
1678 |
LILO's primitive prompt. For system administrators, the changes are more |
1679 |
significant. GRUB supports more operating systems than LILO, provides some |
1680 |
password-based security in the boot menu, and is easier to administer. |
1681 |
</p> |
1682 |
|
1683 |
<p> |
1684 |
GRUB is usually installed with the <c>grub-install</c> command. Once installed, |
1685 |
GRUB's menu is administrated by editing the file |
1686 |
<path>/boot/grub/grub.conf</path>. Both of these tasks are beyond the scope of |
1687 |
this document; you should read the GRUB info pages before attempting to install |
1688 |
or administrate GRUB. |
1689 |
</p> |
1690 |
|
1691 |
</body> |
1692 |
</section> |
1693 |
<section> |
1694 |
<title>Using GRUB</title> |
1695 |
<body> |
1696 |
|
1697 |
<p> |
1698 |
To give parameters to the kernel, you can press <c>e</c> at the boot menu. This |
1699 |
provides you with the opportunity to edit (by again pressing <c>e</c>) either |
1700 |
the name of the kernel to load or the parameters passed to it. When you're |
1701 |
finished editing, press <enter> then <c>b</c> to boot with your changes. |
1702 |
</p> |
1703 |
|
1704 |
</body> |
1705 |
</section> |
1706 |
<section> |
1707 |
<title>dmesg</title> |
1708 |
<body> |
1709 |
|
1710 |
<p> |
1711 |
The boot messages from the kernel and init scripts typically scroll by quickly. |
1712 |
You might notice an error, but it's gone before you can properly read it. In |
1713 |
that case, there are two places you can look after the system boots to see what |
1714 |
went wrong (and hopefully get an idea how to fix it). |
1715 |
</p> |
1716 |
|
1717 |
<p> |
1718 |
If the error occurred while the kernel was loading or probing hardware devices, |
1719 |
you can retrieve a copy of the kernel's log using the <c>dmesg</c> command: |
1720 |
</p> |
1721 |
|
1722 |
<pre caption="Retrieving kernel's log using dmesg command"> |
1723 |
Linux version 2.4.16 (root@×××××××××××××.org) (gcc version 2.95.3 20010315 (release)) #1 Sat Jan 12 19:23:04 EST 2002 |
1724 |
</pre> |
1725 |
|
1726 |
<p> |
1727 |
Hey, we recognize that line! It's the first line the kernel prints when it |
1728 |
loads. Indeed, if you pipe the output of <c>dmesg</c> into a pager, you can |
1729 |
view all of the messages the kernel printed on boot, plus any messages the |
1730 |
kernel has printed to the console in the meantime. |
1731 |
</p> |
1732 |
|
1733 |
</body> |
1734 |
</section> |
1735 |
<section> |
1736 |
<title>/var/log/messages</title> |
1737 |
<body> |
1738 |
|
1739 |
<p> |
1740 |
The second place to look for information is in the |
1741 |
<path>/var/log/messages</path> file. This file is recorded by the syslog |
1742 |
daemon, which accepts input from libraries, daemons, and the kernel. Each line |
1743 |
in the messages file is timestamped. This file is a good place to look for |
1744 |
errors that occurred during the init scripts stage of booting. For example, to |
1745 |
see the last few messages from the nameserver: |
1746 |
</p> |
1747 |
|
1748 |
<pre caption="greping /var/log/messages file"> |
1749 |
# <i>grep named /var/log/messages | tail -3</i> |
1750 |
Jan 12 20:17:41 time /usr/sbin/named[350]: listening on IPv4 interface lo, 127.0.0.1#53 |
1751 |
Jan 12 20:17:41 time /usr/sbin/named[350]: listening on IPv4 interface eth0, 10.0.0.1#53 |
1752 |
Jan 12 20:17:41 time /usr/sbin/named[350]: running |
1753 |
</pre> |
1754 |
|
1755 |
</body> |
1756 |
</section> |
1757 |
<section> |
1758 |
<title>Additional information</title> |
1759 |
<body> |
1760 |
|
1761 |
<p> |
1762 |
Additional information related to this section can be found here: |
1763 |
</p> |
1764 |
|
1765 |
<ul> |
1766 |
<li> |
1767 |
Tutorial: <uri |
1768 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxgrub-i.html">Getting |
1769 |
to know GRUB</uri> |
1770 |
</li> |
1771 |
<li><uri link="http://en.tldp.org/HOWTO/LILO.html">LILO Mini-HOWTO</uri></li> |
1772 |
<li><uri link="http://www.gnu.org/software/grub/">GRUB home</uri></li> |
1773 |
<li> |
1774 |
Kernel command-line options in |
1775 |
<path>/usr/src/linux/Documentation/kernel-parameters.txt</path>. |
1776 |
</li> |
1777 |
</ul> |
1778 |
|
1779 |
</body> |
1780 |
</section> |
1781 |
</chapter> |
1782 |
|
1783 |
<chapter> |
1784 |
<title>Runlevels</title> |
1785 |
<section> |
1786 |
<title>Single-user mode</title> |
1787 |
<body> |
1788 |
|
1789 |
<p> |
1790 |
Recall from the section regarding boot loaders that it's possible to pass |
1791 |
parameters to the kernel when it boots. One of the most often used parameters |
1792 |
is <c>s</c>, which causes the system to start in "single-user" mode. This mode |
1793 |
usually mounts only the root filesystem, starts a minimal subset of the init |
1794 |
scripts, and starts a shell rather than providing a login prompt. |
1795 |
Additionally, networking is not configured, so there is no chance of external |
1796 |
factors affecting your work. |
1797 |
</p> |
1798 |
|
1799 |
</body> |
1800 |
</section> |
1801 |
<section> |
1802 |
<title>Understanding single-user mode</title> |
1803 |
<body> |
1804 |
|
1805 |
<p> |
1806 |
So what "work" can be done with the system in such a state? To answer this |
1807 |
question, we have to realize a vast difference between Linux and Windows. |
1808 |
Windows is designed to normally be used by one person at a time, sitting at the |
1809 |
console. It is effectively always in "single-user" mode. Linux, on the other |
1810 |
hand, is used more often to serve network applications, or provide shell or X |
1811 |
sessions to remote users on the network. These additional variables are not |
1812 |
desirable when you want to perform maintenance operations such as restoring |
1813 |
from backup, creating or modifying filesystems, upgrading the system from CD, |
1814 |
etc. In these cases you should use single-user mode. |
1815 |
</p> |
1816 |
|
1817 |
</body> |
1818 |
</section> |
1819 |
<section> |
1820 |
<title>Runlevels</title> |
1821 |
<body> |
1822 |
|
1823 |
<p> |
1824 |
In fact, it's not actually necessary to reboot in order to reach single-user |
1825 |
mode. The <c>init</c> program manages the current mode, or "runlevel," for the |
1826 |
system. The standard runlevels for a Linux system are defined as follows: |
1827 |
</p> |
1828 |
|
1829 |
<ul> |
1830 |
<li>0: Halt the computer</li> |
1831 |
<li>1 or s: Single-user mode</li> |
1832 |
<li>2: Multi-user, no network</li> |
1833 |
<li>3: Multi-user, text console</li> |
1834 |
<li>4: Multi-user, graphical console</li> |
1835 |
<li>5: same as 4</li> |
1836 |
<li>6: Reboot the computer.</li> |
1837 |
</ul> |
1838 |
|
1839 |
<p> |
1840 |
These runlevels vary between distributions, so be sure to consult your distro's |
1841 |
documentation. |
1842 |
</p> |
1843 |
|
1844 |
</body> |
1845 |
</section> |
1846 |
<section> |
1847 |
<title>telinit</title> |
1848 |
<body> |
1849 |
|
1850 |
<p> |
1851 |
To change to single-user mode, use the <c>telinit</c> command, which instructs |
1852 |
<c>init</c> to change runlevels: |
1853 |
</p> |
1854 |
|
1855 |
<pre caption="Using telinit command"> |
1856 |
# <i>telinit 1</i> |
1857 |
</pre> |
1858 |
|
1859 |
<p> |
1860 |
You can see from the table above that you can also shutdown or reboot the |
1861 |
system in this manner. <c>telinit 0</c> will halt the computer; <c>telinit |
1862 |
6</c> will reboot the computer. When you issue the <c>telinit</c> command to |
1863 |
change runlevels, a subset of the <c>init</c> scripts will run to either shut |
1864 |
down or start up system services. |
1865 |
</p> |
1866 |
|
1867 |
</body> |
1868 |
</section> |
1869 |
<section> |
1870 |
<title>Runlevel etiquette</title> |
1871 |
<body> |
1872 |
|
1873 |
<p> |
1874 |
However, note that this is rather rude if there are users on the system at the |
1875 |
time (who may be quite angry with you). The <c>shutdown</c> command provides a |
1876 |
method for changing runlevels in a way that treats users reasonably. Similarly |
1877 |
to the <c>kill</c> command's ability to send a variety of signals to a process, |
1878 |
<c>shutdown</c> can be used to halt, reboot, or change to single-user mode. For |
1879 |
example, to change to single-user mode in 5 minutes: |
1880 |
</p> |
1881 |
|
1882 |
<pre caption="Changing to single-user mode with 5 minutes delay"> |
1883 |
# <i>shutdown 5</i> |
1884 |
Broadcast message from root (pts/2) (Tue Jan 15 19:40:02 2002): |
1885 |
The system is going DOWN to maintenance mode in 5 minutes! |
1886 |
</pre> |
1887 |
|
1888 |
<p> |
1889 |
If you press <control-c> at this point, you can cancel the pending switch |
1890 |
to single-user mode. The message above would appear on all terminals on the |
1891 |
system, so users have a reasonable amount of time to save their work and log |
1892 |
off. (Some might argue whether or not 5 minutes is "reasonable") |
1893 |
</p> |
1894 |
|
1895 |
</body> |
1896 |
</section> |
1897 |
<section> |
1898 |
<title>"Now" and halt</title> |
1899 |
<body> |
1900 |
|
1901 |
<p> |
1902 |
If you're the only person on the system, you can use "now" instead of an |
1903 |
argument in minutes. For example, to reboot the system right now: |
1904 |
</p> |
1905 |
|
1906 |
<pre caption="Using shutdown command with now option"> |
1907 |
# <i>shutdown -r now</i> |
1908 |
</pre> |
1909 |
|
1910 |
<p> |
1911 |
No chance to hit <control-c> in this case; the system is already on its |
1912 |
way down. Finally, the -h option halts the system: |
1913 |
</p> |
1914 |
|
1915 |
<pre caption="Halting the system"> |
1916 |
# <i>shutdown -h 1</i> |
1917 |
Broadcast message from root (pts/2) (Tue Jan 15 19:50:58 2002): |
1918 |
The system is going DOWN for system halt in 1 minute! |
1919 |
</pre> |
1920 |
|
1921 |
</body> |
1922 |
</section> |
1923 |
<section> |
1924 |
<title>The default runlevel</title> |
1925 |
<body> |
1926 |
|
1927 |
<p> |
1928 |
You've probably gathered at this point that the <c>init</c> program is quite |
1929 |
important on a Linux system. You can configure <c>init</c> by editing the file |
1930 |
<path>/etc/initttab</path>, which is described in the inittab(5) man-page. |
1931 |
We'll just touch on one key line in this file: |
1932 |
</p> |
1933 |
|
1934 |
<pre caption="Editing init configuration file"> |
1935 |
# <i>grep ^id: /etc/inittab</i> |
1936 |
id:3:initdefault: |
1937 |
</pre> |
1938 |
|
1939 |
<p> |
1940 |
On my system, runlevel 3 is the default runlevel. It can be useful to change |
1941 |
this value if you prefer your system to boot immediately into a graphical login |
1942 |
(usually runlevel 4 or 5). To do so, simply edit the file and change the value |
1943 |
on that line. But be careful! If you change it to something invalid, you'll |
1944 |
probably have to employ the <c>init=/bin/sh</c> trick we mentioned earlier. |
1945 |
</p> |
1946 |
|
1947 |
</body> |
1948 |
</section> |
1949 |
<section> |
1950 |
<title>Additional information</title> |
1951 |
<body> |
1952 |
|
1953 |
<p> |
1954 |
Additional information related to this section can be found at: |
1955 |
</p> |
1956 |
|
1957 |
<ul> |
1958 |
<li> |
1959 |
<uri |
1960 |
link="http://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/ref-guide/s1-init-boot-shutdown-init.html"> |
1961 |
Sysvinit docs at Red Hat</uri> |
1962 |
</li> |
1963 |
<li> |
1964 |
<uri link="http://www.linuxdoc.org/LDP/sag/init.html">Linux System |
1965 |
Administrator's Guide section on init</uri>. |
1966 |
</li> |
1967 |
</ul> |
1968 |
|
1969 |
</body> |
1970 |
</section> |
1971 |
</chapter> |
1972 |
|
1973 |
<chapter> |
1974 |
<title>Filesystem quotas</title> |
1975 |
<section> |
1976 |
<title>Introducing quotas</title> |
1977 |
<body> |
1978 |
|
1979 |
<p> |
1980 |
Quotas are a feature of Linux that let you track disk usage by user or by |
1981 |
group. They're useful for preventing any single user or group from using an |
1982 |
unfair portion of a filesystem, or from filling it up altogether. Quotas can |
1983 |
only be enabled and managed by the root user. In this section, I'll describe |
1984 |
how to set up quotas on your Linux system and manage them effectively. |
1985 |
</p> |
1986 |
|
1987 |
</body> |
1988 |
</section> |
1989 |
<section> |
1990 |
<title>Kernel support</title> |
1991 |
<body> |
1992 |
|
1993 |
<p> |
1994 |
Quotas are a feature of the filesystem; therefore, they require kernel support. |
1995 |
The first thing you'll need to do is verify that you have quota support in your |
1996 |
kernel. You can do this using grep: |
1997 |
</p> |
1998 |
|
1999 |
<pre caption="Checking kernel configuration for quota support"> |
2000 |
# <i>cd /usr/src/linux</i> |
2001 |
# <i>grep -i quota .config</i> |
2002 |
CONFIG_QUOTA=y |
2003 |
CONFIG_XFS_QUOTA=y |
2004 |
</pre> |
2005 |
|
2006 |
<p> |
2007 |
If this command returns something less conclusive (such as CONFIG_QUOTA is not |
2008 |
set) then you should rebuild your kernel to include quota support. This is not |
2009 |
a difficult process, but is outside of the scope of this section of the |
2010 |
tutorial. If you're unfamiliar with the steps to build and install a new |
2011 |
kernel, you might consider referencing this <uri |
2012 |
link="/doc/en/articles/linux-kernel-compiling.xml">tutorial</uri>. |
2013 |
</p> |
2014 |
|
2015 |
</body> |
2016 |
</section> |
2017 |
<section> |
2018 |
<title>Filesystem support</title> |
2019 |
<body> |
2020 |
|
2021 |
<p> |
2022 |
Before diving into the administration of quotas, please note that quota support |
2023 |
on Linux as of the 2.4.x kernel series is not complete. There are currently |
2024 |
problems with quotas in the ext2 and ext3 filesystems, and ReiserFS does not |
2025 |
appear to support quotas at all. This tutorial bases its examples on XFS, which |
2026 |
seems to properly <uri |
2027 |
link="http://oss.sgi.com/projects/xfs/faq.html#quotaswork">support |
2028 |
quotas</uri>. |
2029 |
</p> |
2030 |
|
2031 |
</body> |
2032 |
</section> |
2033 |
<section> |
2034 |
<title>Configuring quotas</title> |
2035 |
<body> |
2036 |
|
2037 |
<p> |
2038 |
To begin configuring quotas on your system, you should edit |
2039 |
<path>/etc/fstab</path> to mount the affected filesystems with quotas enabled. |
2040 |
For our example, we use an XFS filesystem mounted with user and group quotas |
2041 |
enabled: |
2042 |
</p> |
2043 |
|
2044 |
<pre caption="Configuring quotas"> |
2045 |
# <i>grep quota /etc/fstab</i> |
2046 |
/usr/users /mnt/hdc1 xfs usrquota,grpquota,noauto 0 0 |
2047 |
# <i>mount /usr/users</i> |
2048 |
</pre> |
2049 |
|
2050 |
<p> |
2051 |
Note that the usrquota and grpquota options don't necessarily enable quotas on |
2052 |
a filesystem. You can make sure quotas are enabled using the <c>quotaon</c> |
2053 |
command: |
2054 |
</p> |
2055 |
|
2056 |
<pre caption="Enabling quotas"> |
2057 |
# <i>quotaon /usr/users</i> |
2058 |
</pre> |
2059 |
|
2060 |
<p> |
2061 |
There is a corresponding <c>quotaoff</c> command should you desire to disable |
2062 |
quotas in the future: |
2063 |
</p> |
2064 |
|
2065 |
<pre caption="Disabling quotas"> |
2066 |
# <i>quotaoff /usr/users</i> |
2067 |
</pre> |
2068 |
|
2069 |
<p> |
2070 |
But for the moment, if you're trying some of the examples in this tutorial, be |
2071 |
sure to have quotas enabled. |
2072 |
</p> |
2073 |
|
2074 |
</body> |
2075 |
</section> |
2076 |
<section> |
2077 |
<title>The quota command</title> |
2078 |
<body> |
2079 |
|
2080 |
<p> |
2081 |
The <c>quota</c> command displays a user's disk usage and limits for all of the |
2082 |
filesystems currently mounted. The -v option includes in the list filesystems |
2083 |
where quotas are enabled, but no storage is currently allocated to the user. |
2084 |
</p> |
2085 |
|
2086 |
<pre caption="Using quota command"> |
2087 |
# <i>quota -v</i> |
2088 |
|
2089 |
Disk quotas for user root (uid 0): |
2090 |
Filesystem blocks quota limit grace files quota limit grace |
2091 |
/dev/hdc1 0 0 0 3 0 0 |
2092 |
</pre> |
2093 |
|
2094 |
<p> |
2095 |
The first column, blocks, shows how much disk space the root user is currently |
2096 |
using on each filesystem listed. The following columns, quota and limit, refer |
2097 |
to the limits currently in place for disk space. We will explain the difference |
2098 |
between quota and limit, and the meaning of the grace column later on. The |
2099 |
files column shows how many files the root user owns on the particular |
2100 |
filesystem. The following quota and limit columns refer to the limits for |
2101 |
files. |
2102 |
</p> |
2103 |
|
2104 |
</body> |
2105 |
</section> |
2106 |
<section> |
2107 |
<title>Viewing quota</title> |
2108 |
<body> |
2109 |
|
2110 |
<p> |
2111 |
Any user can use the <c>quota</c> command to view their own quota report as |
2112 |
shown in the previous example. However only the root user can look at the |
2113 |
quotas for other users and groups. For example, say we have a filesystem, |
2114 |
<path>/dev/hdc1</path> mounted on <path>/usr/users</path>, with two users: jane |
2115 |
and john. First, let's look at jane's disk usage and limits. |
2116 |
</p> |
2117 |
|
2118 |
<pre caption="Viewing quota for user"> |
2119 |
# <i>quota -v jane</i> |
2120 |
|
2121 |
Disk quotas for user jane (uid 1003): |
2122 |
Filesystem blocks quota limit grace files quota limit grace |
2123 |
/dev/hdc1 4100 0 0 6 0 0 |
2124 |
</pre> |
2125 |
|
2126 |
<p> |
2127 |
In this example, we see that jane's quotas are set to zero, which indicates no |
2128 |
limit. |
2129 |
</p> |
2130 |
|
2131 |
</body> |
2132 |
</section> |
2133 |
<section> |
2134 |
<title>edquota</title> |
2135 |
<body> |
2136 |
|
2137 |
<p> |
2138 |
Now let's say we want to give the user jane a quota. We do this with the |
2139 |
<c>edquota</c> command. Before we start editing quotas, let's see how much |
2140 |
space we have available on <path>/usr/users</path>: |
2141 |
</p> |
2142 |
|
2143 |
<pre caption="Checking available space on /usr/users"> |
2144 |
# <i>df /usr/users</i> |
2145 |
|
2146 |
Filesystem 1k-blocks Used Available Use% Mounted on |
2147 |
/dev/hdc1 610048 4276 605772 1% /usr/users |
2148 |
</pre> |
2149 |
|
2150 |
<p> |
2151 |
This isn't a particularly large filesystem, only 600MB or so. It seems prudent |
2152 |
to give jane a quota so that she can't use more than her fair share. When you |
2153 |
run <c>edquota</c>, a temporary file is created for each user or group you |
2154 |
specify on the command line. |
2155 |
</p> |
2156 |
|
2157 |
<p> |
2158 |
The <c>edquota</c> command puts you in an editor, which enables you to add |
2159 |
and/or modify quotas via this temporary file. |
2160 |
</p> |
2161 |
|
2162 |
<pre caption="Modifying quota"> |
2163 |
# <i>edquota jane</i> |
2164 |
|
2165 |
Disk quotas for user jane (uid 1003): |
2166 |
Filesystem blocks soft hard inodes soft hard |
2167 |
/dev/hdc1 4100 0 0 6 0 0 |
2168 |
</pre> |
2169 |
|
2170 |
<p> |
2171 |
Similar to the output from the <c>quota</c> command above, the blocks and |
2172 |
inodes columns in this temporary file refer to the disk space and number of |
2173 |
files jane is currently using. You cannot modify the number of blocks or |
2174 |
inodes; any attempt to do so will be summarily discarded by the system. The |
2175 |
soft and hard columns show jane's quota, which we can see is currently |
2176 |
unlimited (again, zero indicates no quota). |
2177 |
</p> |
2178 |
|
2179 |
</body> |
2180 |
</section> |
2181 |
<section> |
2182 |
<title>Understanding edquota</title> |
2183 |
<body> |
2184 |
|
2185 |
<p> |
2186 |
The soft limit is the maximum amount of disk usage that jane has allocated to |
2187 |
her on the filesystem (in other words, her quota). If jane uses more disk |
2188 |
space than is allocated in her soft limit, she will be issued warnings about |
2189 |
her quota violation via e-mail. The hard limit indicates the absolute limit on |
2190 |
disk usage, which a user can't exceed. If jane tries to use more disk space |
2191 |
than is specified in the hard limit, she will get a "Disk quota exceeded" |
2192 |
error and will not be able to complete the operation. |
2193 |
</p> |
2194 |
|
2195 |
</body> |
2196 |
</section> |
2197 |
<section> |
2198 |
<title>Making changes</title> |
2199 |
<body> |
2200 |
|
2201 |
<p> |
2202 |
So here we change jane's soft and hard limits and save the file: |
2203 |
</p> |
2204 |
|
2205 |
<pre caption="Changed soft and hard limits"> |
2206 |
|
2207 |
Disk quotas for user jane (uid 1003): |
2208 |
Filesystem blocks soft hard inodes soft hard |
2209 |
/dev/hdc1 4100 10000 11500 6 2000 2500 |
2210 |
</pre> |
2211 |
|
2212 |
<p> |
2213 |
Running the <c>quota</c> command, we can inspect our modifications: |
2214 |
</p> |
2215 |
|
2216 |
<pre caption="Checking quota for user jane"> |
2217 |
# <i>quota jane</i> |
2218 |
|
2219 |
Disk quotas for user jane (uid 1003): |
2220 |
Filesystem blocks quota limit grace files quota limit grace |
2221 |
/dev/hdc1 4100 10000 11500 6 2000 2500 |
2222 |
</pre> |
2223 |
|
2224 |
</body> |
2225 |
</section> |
2226 |
<section> |
2227 |
<title>Copying quotas</title> |
2228 |
<body> |
2229 |
|
2230 |
<p> |
2231 |
You'll remember that we also have another user, john, on this filesystem. If |
2232 |
we want to give john the same quota as jane, we can use the -p option to |
2233 |
<c>edquota</c>, which uses jane's quotas as a prototype for all following users |
2234 |
on the command line. This is an easy way to set up quotas for groups of users. |
2235 |
</p> |
2236 |
|
2237 |
<pre caption="Coping quotas"> |
2238 |
# <i>edquota -p jane john</i> |
2239 |
# <i>quota john</i> |
2240 |
|
2241 |
Disk quotas for user john (uid 1003): |
2242 |
Filesystem blocks quota limit grace files quota limit grace |
2243 |
/dev/hdc1 0 10000 11500 1 2000 2500 |
2244 |
</pre> |
2245 |
|
2246 |
</body> |
2247 |
</section> |
2248 |
<section> |
2249 |
<title>Group restrictions</title> |
2250 |
<body> |
2251 |
|
2252 |
<p> |
2253 |
We can also use <c>edquota</c> to restrict the allocation of disk space based |
2254 |
on the group ownership of files. For example, to edit the quotas for the users |
2255 |
group: |
2256 |
</p> |
2257 |
|
2258 |
<pre caption="Editing quotas for the users group"> |
2259 |
# <i>edquota -g users</i> |
2260 |
Disk quotas for group users (gid 100): Filesystem blocks soft hard inodes soft hard /dev/hdc1 4100 500000 510000 7 100000 125000 |
2261 |
</pre> |
2262 |
|
2263 |
<p> |
2264 |
Then to view the modified quotas for the users group: |
2265 |
</p> |
2266 |
|
2267 |
<pre caption="Viewing modified quotas"> |
2268 |
# <i>quota -g users</i> |
2269 |
Disk quotas for group users (gid 100): Filesystem blocks quota limit grace files quota limit grace /dev/hdc1 4100 500000 510000 7 100000 125000 |
2270 |
</pre> |
2271 |
|
2272 |
</body> |
2273 |
</section> |
2274 |
<section> |
2275 |
<title>The repquota command</title> |
2276 |
<body> |
2277 |
|
2278 |
<p> |
2279 |
Looking at each users' quotas using the <c>quota</c> command can be tedious if |
2280 |
you have many users on a filesytem. The <c>repquota</c> command summarizes the |
2281 |
quotas for a filesystem into a nice report. For example, to see the quotas for |
2282 |
all users and groups on <path>/usr/users</path>: |
2283 |
</p> |
2284 |
|
2285 |
<pre caption="Summarizing quotas"> |
2286 |
# <i>repquota -ug /usr/users</i> |
2287 |
*** Report for user quotas on device /dev/hdc1 |
2288 |
Block grace time: 7days; Inode grace time: 7days |
2289 |
Block limits File limits |
2290 |
User used soft hard grace used soft hard grace |
2291 |
---------------------------------------------------------------------- |
2292 |
root -- 0 0 0 3 0 0 |
2293 |
john -- 0 10000 11500 1 2000 2500 |
2294 |
jane -- 4100 10000 11500 6 2000 2500 |
2295 |
|
2296 |
*** Report for group quotas on device /dev/hdc1 |
2297 |
Block grace time: 7days; Inode grace time: 7days |
2298 |
Block limits File limits |
2299 |
Group used soft hard grace used soft hard grace |
2300 |
---------------------------------------------------------------------- |
2301 |
root -- 0 0 0 3 0 0 |
2302 |
users -- 4100 500000 510000 7 100000 125000 |
2303 |
</pre> |
2304 |
|
2305 |
</body> |
2306 |
</section> |
2307 |
<section> |
2308 |
<title>Repquota options</title> |
2309 |
<body> |
2310 |
|
2311 |
<p> |
2312 |
There are a couple of other options to repquota that are worth mentioning. |
2313 |
<c>repquota -a</c> will report on all currently mounted read-write filesystems |
2314 |
that have quotas enabled. <c>repquota -n</c> will not resolve uids and gids to |
2315 |
names. This can speed up the output for large lists. |
2316 |
</p> |
2317 |
|
2318 |
</body> |
2319 |
</section> |
2320 |
<section> |
2321 |
<title>Monitoring quotas</title> |
2322 |
<body> |
2323 |
|
2324 |
<p> |
2325 |
If you are a system administrator, you will want to have a way to monitor |
2326 |
quotas to ensure that they are not being exceeded. An easy way to do this is |
2327 |
to use <c>warnquota</c>. The <c>warnquota</c> command sends e-mail to users who |
2328 |
have exceeded their soft limit. Typically <c>warnquota</c> is run as a |
2329 |
cron-job. |
2330 |
</p> |
2331 |
|
2332 |
<p> |
2333 |
When a user exceeds his or her soft limit, the grace column in the output from |
2334 |
the <c>quota</c> command will indicate the grace period -- how long before the |
2335 |
soft limit is enforced for that filesystem. |
2336 |
</p> |
2337 |
|
2338 |
<pre caption="Checking grace period"> |
2339 |
Disk quotas for user jane (uid 1003): |
2340 |
Filesystem blocks quota limit grace files quota limit grace |
2341 |
/dev/hdc1 10800* 10000 11500 7days 7 2000 2500 |
2342 |
</pre> |
2343 |
|
2344 |
<p> |
2345 |
By default, the grace period for blocks and inodes is seven days. |
2346 |
</p> |
2347 |
|
2348 |
</body> |
2349 |
</section> |
2350 |
<section> |
2351 |
<title>Modifying the grace period</title> |
2352 |
<body> |
2353 |
|
2354 |
<p> |
2355 |
You can modify the grace period for filesystems using <c>equota</c>: |
2356 |
</p> |
2357 |
|
2358 |
<pre caption="Modyfing grace period"> |
2359 |
# <i>edquota -t</i> |
2360 |
</pre> |
2361 |
|
2362 |
<p> |
2363 |
This puts you in an editor of a temporary file that looks like this: |
2364 |
</p> |
2365 |
|
2366 |
<pre caption="Looks of a grace editor"> |
2367 |
Grace period before enforcing soft limits for users: |
2368 |
Time units may be: days, hours, minutes, or seconds |
2369 |
Filesystem Block grace period Inode grace period |
2370 |
/dev/hdc1 7days 7days |
2371 |
</pre> |
2372 |
|
2373 |
<p> |
2374 |
The text in the file is nicely explanatory. Be sure to leave your users enough |
2375 |
time to receive their warning e-mail and find some files to delete! |
2376 |
</p> |
2377 |
|
2378 |
</body> |
2379 |
</section> |
2380 |
<section> |
2381 |
<title>Checking quotas on boot</title> |
2382 |
<body> |
2383 |
|
2384 |
<p> |
2385 |
You may also want to check quotas on boot. You can do this using a script to |
2386 |
run the <c>quotacheck</c> command; there is an example script in the <uri |
2387 |
link="http://en.tldp.org/HOWTO/Quota.html">Quota Mini HOWTO</uri>. The |
2388 |
<c>quotacheck</c> command also has the ability to repair damaged quota files; |
2389 |
familiarize yourself with it by reading the quotacheck(8) man-page. |
2390 |
</p> |
2391 |
|
2392 |
<p> |
2393 |
Also remember what we mentioned previously regarding <c>quotaon</c> and |
2394 |
<c>quotaoff</c>. You should incorporate <c>quotaon</c> into your boot script so |
2395 |
that quotas are enabled. To enable quotas on all filesystems where quotas are |
2396 |
supported, use the -a option: |
2397 |
</p> |
2398 |
|
2399 |
<pre caption="Using -a option"> |
2400 |
# <i>quotaon -a</i> |
2401 |
</pre> |
2402 |
|
2403 |
</body> |
2404 |
</section> |
2405 |
</chapter> |
2406 |
|
2407 |
<chapter> |
2408 |
<title>System logs</title> |
2409 |
<section> |
2410 |
<title>Introducing syslogd</title> |
2411 |
<body> |
2412 |
|
2413 |
<p> |
2414 |
The syslog daemon provides a mature client-server mechanism for logging |
2415 |
messages from programs running on the system. Syslog receives a message from a |
2416 |
daemon or program, categorizes the message by priority and type, then logs it |
2417 |
according to administrator-configurable rules. The result is a robust and |
2418 |
unified approach to managing logs. |
2419 |
</p> |
2420 |
|
2421 |
</body> |
2422 |
</section> |
2423 |
<section> |
2424 |
<title>Reading logs</title> |
2425 |
<body> |
2426 |
|
2427 |
<p> |
2428 |
Let's jump right in and look at the contents of a syslog-recorded log file. |
2429 |
Afterward, we can come back to syslog configuration. The FHS (see <uri |
2430 |
link="/doc/en/articles/lpi-101-administration-p2.xml">Part 2</uri> of this |
2431 |
tutorial series) mandates that log files be placed in <path>/var/log</path>. |
2432 |
Here we use the <c>tail</c> command to display the last 10 lines in the |
2433 |
"messages" file: |
2434 |
</p> |
2435 |
|
2436 |
<pre caption="Reading logs"> |
2437 |
# <i>cd /var/log</i> |
2438 |
# <i>tail messages</i> |
2439 |
Jan 12 20:17:39 bilbo init: Entering runlevel: 3 |
2440 |
Jan 12 20:17:40 bilbo /usr/sbin/named[337]: starting BIND 9.1.3 |
2441 |
Jan 12 20:17:40 bilbo /usr/sbin/named[337]: using 1 CPU |
2442 |
Jan 12 20:17:41 bilbo /usr/sbin/named[350]: loading configuration from '/etc/bind/named.conf' |
2443 |
Jan 12 20:17:41 bilbo /usr/sbin/named[350]: no IPv6 interfaces found |
2444 |
Jan 12 20:17:41 bilbo /usr/sbin/named[350]: listening on IPv4 interface lo, 127.0.0.1#53 |
2445 |
Jan 12 20:17:41 bilbo /usr/sbin/named[350]: listening on IPv4 interface eth0, 10.0.0.1#53 |
2446 |
Jan 12 20:17:41 bilbo /usr/sbin/named[350]: running |
2447 |
Jan 12 20:41:58 bilbo gnome-name-server[11288]: starting |
2448 |
Jan 12 20:41:58 bilbo gnome-name-server[11288]: name server starting |
2449 |
</pre> |
2450 |
|
2451 |
<p> |
2452 |
You may remember from the text-processing whirlwind that the <c>tail</c> |
2453 |
command displays the last lines in a file. In this case, we can see that the |
2454 |
nameserver named was recently started on this system, which is named bilbo. If |
2455 |
we were deploying IPv6, we might notice that named found no IPv6 interfaces, |
2456 |
indicating a potential problem. Additionally, we can see that a user may have |
2457 |
recently started GNOME, indicated by the presence of gnome-name-server. |
2458 |
</p> |
2459 |
|
2460 |
</body> |
2461 |
</section> |
2462 |
<section> |
2463 |
<title>Tailing log files</title> |
2464 |
<body> |
2465 |
|
2466 |
<p> |
2467 |
An experienced system administrator might use <c>tail -f</c> to follow the |
2468 |
output to a log file as it occurs: |
2469 |
</p> |
2470 |
|
2471 |
<pre caption="Using tail -f command"> |
2472 |
# <i>tail -f /var/log/messages</i> |
2473 |
</pre> |
2474 |
|
2475 |
<p> |
2476 |
For example, in the case of debugging our theoretical IPv6 problem, running the |
2477 |
above command in one terminal while stopping and starting named would |
2478 |
immediately display the messages from that daemon. This can be a useful |
2479 |
technique when debugging. Some administrators even like to keep a constantly |
2480 |
running <c>tail -f</c> messages in a terminal where they can keep an eye on |
2481 |
system events. |
2482 |
</p> |
2483 |
|
2484 |
</body> |
2485 |
</section> |
2486 |
<section> |
2487 |
<title>Grepping logs</title> |
2488 |
<body> |
2489 |
|
2490 |
<p> |
2491 |
Another useful technique is to search a log file using the <c>grep</c> utility, |
2492 |
described in <uri link="/doc/en/articles/lpi-101-administration-p2.xml">Part |
2493 |
2</uri> of this tutorial series. In the above case, we might use grep to find |
2494 |
where "named" behavior has changed: |
2495 |
</p> |
2496 |
|
2497 |
<pre caption="Grepping logs"> |
2498 |
# <i>grep named /var/log/messages</i> |
2499 |
</pre> |
2500 |
|
2501 |
</body> |
2502 |
</section> |
2503 |
<section> |
2504 |
<title>Log overview</title> |
2505 |
<body> |
2506 |
|
2507 |
<p> |
2508 |
The following summarizes the log files typically found in <path>/var/log</path> |
2509 |
and maintained by syslog: |
2510 |
</p> |
2511 |
|
2512 |
<ul> |
2513 |
<li> |
2514 |
<path>messages</path>: Informational and error messages from general system |
2515 |
programs and daemons |
2516 |
</li> |
2517 |
<li> |
2518 |
<path>secure</path>: Authentication messages and errors, kept separate from |
2519 |
<path>messages</path> for extra security |
2520 |
</li> |
2521 |
<li><path>maillog</path>: Mail-related messages and errors</li> |
2522 |
<li><path>cron</path>: Cron-related messages and errors</li> |
2523 |
<li><path>spooler</path>: UUCP and news-related messages and errors.</li> |
2524 |
</ul> |
2525 |
|
2526 |
</body> |
2527 |
</section> |
2528 |
<section> |
2529 |
<title>syslog.conf</title> |
2530 |
<body> |
2531 |
|
2532 |
<p> |
2533 |
As a matter of fact, now would be a good time to investigate the syslog |
2534 |
configuration file, <path>/etc/syslog.conf</path>. (Note: If you don't have |
2535 |
<path>syslog.conf</path>, keep reading for the sake of information, but you may |
2536 |
be using an alternative syslog daemon.) Browsing that file, we see there are |
2537 |
entries for each of the common log files mentioned above, plus possibly some |
2538 |
other entries. The file has the format facility.priority action, where those |
2539 |
fields are defined as follows: |
2540 |
</p> |
2541 |
|
2542 |
<p> |
2543 |
facility: Specifies the subsystem that produced the message. The valid keywords |
2544 |
for facility are auth, authpriv, cron, daemon, kern, lpr, mail, news, syslog, |
2545 |
user, uucp and local0 through local7. |
2546 |
</p> |
2547 |
|
2548 |
<p> |
2549 |
priority: Specifies the minimum severity of the message, meaning that messages |
2550 |
of this priority and higher will be matched by this rule. The valid keywords |
2551 |
for priority are debug, info, notice, warning, err, crit, alert, and emerg. |
2552 |
</p> |
2553 |
|
2554 |
<p> |
2555 |
action: The action field should be either a filename, tty (such as |
2556 |
<path>/dev/console</path>), remote machine prefixed by @ , comma-separated list |
2557 |
of users, or to send the message to everybody logged on. The most common action |
2558 |
is a simple filename. |
2559 |
</p> |
2560 |
|
2561 |
</body> |
2562 |
</section> |
2563 |
<section> |
2564 |
<title>Reloading and additional information</title> |
2565 |
<body> |
2566 |
|
2567 |
<p> |
2568 |
Hopefully this overview of the configuration file helps you to get a feel for |
2569 |
the strength of the syslog system. You should read the syslog.conf(5) man-page |
2570 |
for more information prior to making changes. Additionally the syslogd(8) |
2571 |
man-page supplies lots more detailed information. |
2572 |
</p> |
2573 |
|
2574 |
<p> |
2575 |
Note that you need to inform the syslog daemon of changes to the configuration |
2576 |
file before they are put into effect. Sending it a SIGHUP is the right method, |
2577 |
and you can use the <c>killall</c> command to do this easily: |
2578 |
</p> |
2579 |
|
2580 |
<pre caption="Using killall command"> |
2581 |
# <i>killall -HUP syslogd</i> |
2582 |
</pre> |
2583 |
|
2584 |
</body> |
2585 |
</section> |
2586 |
<section> |
2587 |
<title>A security note</title> |
2588 |
<body> |
2589 |
|
2590 |
<p> |
2591 |
You should beware that the log files written to by syslogd will be created by |
2592 |
the program if they don't exist. Regardless of your current umask setting, the |
2593 |
files will be created world-readable. If you're concerned about the security, |
2594 |
you should chmod the files to be read-write by root only. Additionally, the |
2595 |
<c>logrotate</c> program (described below) can be configured to create new log |
2596 |
files with the appropriate permissions. The syslog daemon always preserves the |
2597 |
current attributes of an existing log file, so you don't need to worry about it |
2598 |
once the file is created. |
2599 |
</p> |
2600 |
|
2601 |
</body> |
2602 |
</section> |
2603 |
<section> |
2604 |
<title>logrotate</title> |
2605 |
<body> |
2606 |
|
2607 |
<p> |
2608 |
The log files in <path>/var/log</path> will grow over time, and potentially |
2609 |
could fill the filesystem. It is advisable to employ a program such as |
2610 |
<c>logrotate</c> to manage the automatic archiving of the logs. The |
2611 |
<c>logrotate</c> program usually runs as a daily cron job, and can be |
2612 |
configured to rotate, compress, remove, or mail the log files. |
2613 |
</p> |
2614 |
|
2615 |
<p> |
2616 |
For example, a default configuration of logrotate might rotate the logs weekly, |
2617 |
keeping 4 weeks worth of backlogs (by appending a sequence number to the |
2618 |
filename), and compress the backlogs to save space. Additionally, the program |
2619 |
can be configured to deliver a SIGHUP to syslogd so that the daemon will notice |
2620 |
the now-empty log files and append to them appropriately. |
2621 |
</p> |
2622 |
|
2623 |
<p> |
2624 |
For more information on <c>logrotate</c>, see the logrotate(8) man page, which |
2625 |
contains a description of the program and the syntax of the configuration file. |
2626 |
</p> |
2627 |
|
2628 |
</body> |
2629 |
</section> |
2630 |
<section> |
2631 |
<title>Advanced topic -- klogd</title> |
2632 |
<body> |
2633 |
|
2634 |
<p> |
2635 |
Before moving away from syslog, I'd like to note a couple of advanced topics |
2636 |
for ambitious readers. These tips may save you some grief when trying to |
2637 |
understand syslog-related topics. |
2638 |
</p> |
2639 |
|
2640 |
<p> |
2641 |
First, the syslog daemon is actually part of the sysklogd package, which |
2642 |
contains a second daemon called klogd. It's klogd's job to receive information |
2643 |
and error messages from the kernel, and pass them on to syslogd for |
2644 |
categorization and logging. The messages received by klogd are exactly the same |
2645 |
as those you can retrieve using the <c>dmesg</c> command. The difference is |
2646 |
that <c>dmesg</c> prints the current contents of a ring buffer in the kernel, |
2647 |
whereas klogd is passing the messages to syslogd so that they won't be lost |
2648 |
when the ring wraps around. |
2649 |
</p> |
2650 |
|
2651 |
</body> |
2652 |
</section> |
2653 |
<section> |
2654 |
<title>Advanced topic -- alternate loggers</title> |
2655 |
<body> |
2656 |
|
2657 |
<p> |
2658 |
Second, there are alternatives to the standard sysklogd package. The |
2659 |
alternatives attempt to be more efficient, easier to configure, and possibly |
2660 |
more featureful than sysklogd. <uri |
2661 |
link="http://www.balabit.hu/en/downloads/syslog-ng/">Syslog-ng</uri> and <uri |
2662 |
link="http://metalog.sourceforge.net/">Metalog</uri> seem to be some of the |
2663 |
more popular alternatives; you might investigate them if you find sysklogd |
2664 |
doesn't provide the level of power you need. |
2665 |
</p> |
2666 |
|
2667 |
<p> |
2668 |
Third, you can log messages in your scripts using the logger command. See the |
2669 |
logger(1) man page for more information. |
2670 |
</p> |
2671 |
|
2672 |
</body> |
2673 |
</section> |
2674 |
</chapter> |
2675 |
|
2676 |
<chapter> |
2677 |
<title>Summary and resources</title> |
2678 |
<section> |
2679 |
<title>Summary</title> |
2680 |
<body> |
2681 |
|
2682 |
<p> |
2683 |
Congratulations, you've reached the end of this tutorial! Well, almost. There |
2684 |
were a couple of topics that we were unable to include in our first four |
2685 |
tutorials due to space limitations. Fortunately, we have a couple of good |
2686 |
resources that will help you get up to speed on these topics in no time. Be |
2687 |
sure to cover these particular tutorials if you are planning to get your LPIC |
2688 |
level 1 certification. |
2689 |
</p> |
2690 |
|
2691 |
<p> |
2692 |
We didn't have quite enough room to cover the important topic of system backups |
2693 |
in this tutorial. Fortunately, IBM developerWorks already has a tutorial on |
2694 |
this subject, called <uri |
2695 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxbu-i.html">Backing up |
2696 |
your Linux machines</uri>. In this tutorial, you'll learn how to back up Linux |
2697 |
systems using a <c>tar</c> variant called star. You'll also learn how to use |
2698 |
the <c>mt</c> command to control tape functions. |
2699 |
</p> |
2700 |
|
2701 |
<p> |
2702 |
The second topic that we weren't quite able to fit in was periodic scheduling. |
2703 |
Fortunately, there's some good <uri |
2704 |
link="http://www.ussg.iu.edu/usail/automation/cron.html">cron |
2705 |
documentation</uri> available at Indiana University. <c>cron</c> is used to |
2706 |
schedule jobs to be executed at a specific time, and is an important tool for |
2707 |
any system administrator. |
2708 |
</p> |
2709 |
|
2710 |
<p> |
2711 |
On the next page, you'll find a number of resources that you will find helpful |
2712 |
in learning more about the subjects presented in this tutorial. |
2713 |
</p> |
2714 |
|
2715 |
</body> |
2716 |
</section> |
2717 |
<section> |
2718 |
<title>Resources</title> |
2719 |
<body> |
2720 |
|
2721 |
<p> |
2722 |
To find out more about quota support under Linux, be sure to check out the <uri |
2723 |
link="http://en.tldp.org/HOWTO/Quota.html">Linux Quota mini-HOWTO</uri>. Also |
2724 |
be sure to consult the quota(1), edquota(8), repquota(8), quotacheck(8), and |
2725 |
quotaon(8) man pages on your system. |
2726 |
</p> |
2727 |
|
2728 |
<p> |
2729 |
Additional information to the system boot process and boot loaders can be found |
2730 |
at: |
2731 |
</p> |
2732 |
|
2733 |
<ul> |
2734 |
<li> |
2735 |
IBM developerWorks' <uri |
2736 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxgrub-i.html">Getting |
2737 |
to know GRUB</uri> tutorial |
2738 |
</li> |
2739 |
<li><uri link="http://en.tldp.org/HOWTO/LILO.html">LILO Mini-HOWTO</uri></li> |
2740 |
<li><uri link="http://www.gnu.org/software/grub/">GRUB home</uri></li> |
2741 |
<li> |
2742 |
Kernel command-line options in |
2743 |
<path>/usr/src/linux/Documentation/kernel-parameters.txt</path> |
2744 |
</li> |
2745 |
<li> |
2746 |
<uri |
2747 |
link="http://www.redhat.com/docs/manuals/linux/RHL-7.2-Manual/ref-guide/s1-init-boot-shutdown-init.html">Sysvinit |
2748 |
docs at Redhat</uri>. |
2749 |
</li> |
2750 |
</ul> |
2751 |
|
2752 |
<p> |
2753 |
To learn more about Linux filesystems, read the multi-part advanced filesystem |
2754 |
implementor's guide on the IBM developerWorks Linux zone, covering: |
2755 |
</p> |
2756 |
|
2757 |
<ul> |
2758 |
<li> |
2759 |
<uri link="http://www-106.ibm.com/developerworks/library/l-fs.html">The |
2760 |
benefits of journalling and ReiserFS (Part 1)</uri> |
2761 |
</li> |
2762 |
<li> |
2763 |
<uri |
2764 |
link="http://www-106.ibm.com/developerworks/library/l-fs2.html">Setting up |
2765 |
a ReiserFS system (Part 2)</uri> |
2766 |
</li> |
2767 |
<li> |
2768 |
<uri link="http://www-106.ibm.com/developerworks/library/l-fs3.html">Using |
2769 |
the tmpfs virtual memory filesystem and bind mounts (Part 3)</uri> |
2770 |
</li> |
2771 |
<li> |
2772 |
<uri link="http://www-106.ibm.com/developerworks/library/l-fs4.html">The |
2773 |
benefits of devfs, the device management filesystem (Part 4)</uri> |
2774 |
</li> |
2775 |
<li> |
2776 |
<uri |
2777 |
link="http://www-106.ibm.com/developerworks/library/l-fs5.html">Beginning |
2778 |
the conversion to devfs (Part 5)</uri> |
2779 |
</li> |
2780 |
<li> |
2781 |
<uri |
2782 |
link="http://www-106.ibm.com/developerworks/linux/library/l-fs6/">Completing |
2783 |
the conversion to devfs using an init wrapper (Part 6)</uri> |
2784 |
</li> |
2785 |
<li> |
2786 |
<uri |
2787 |
link="/doc/en/articles/afig-ct-ext3-intro.xml">The |
2788 |
benefits of the ext3 filesystem (Part 7)</uri> |
2789 |
</li> |
2790 |
<li> |
2791 |
<uri link="/doc/en/articles/l-afig-p8.xml">An in-depth |
2792 |
look at ext3 and the latest kernel updates (Part 8)</uri> |
2793 |
</li> |
2794 |
<li> |
2795 |
<uri |
2796 |
link="http://www-106.ibm.com/developerworks/linux/library/l-fs9.html">An |
2797 |
introduction to XFS (Part 9)</uri>. |
2798 |
</li> |
2799 |
</ul> |
2800 |
|
2801 |
<p> |
2802 |
For more information on partitioning, take a look at the following partitioning |
2803 |
tips on the IBM developerWorks Linux zone: |
2804 |
</p> |
2805 |
|
2806 |
<ul> |
2807 |
<li> |
2808 |
<uri link="/doc/en/articles/partition-planning-tips.xml">Partition planning |
2809 |
tips</uri> |
2810 |
</li> |
2811 |
<li> |
2812 |
<uri link="/doc/en/articles/partitioning-p1.xml">Partitioning in action, |
2813 |
Part 1</uri> |
2814 |
</li> |
2815 |
<li> |
2816 |
<uri link="/doc/en/articles/partitioning-p2.xml">Partitioning in action, |
2817 |
Part 2</uri>. |
2818 |
</li> |
2819 |
</ul> |
2820 |
|
2821 |
<p> |
2822 |
ReiserFS Resources: |
2823 |
</p> |
2824 |
|
2825 |
<ul> |
2826 |
<li><uri link="http://www.namesys.com/">The home of ReiserFS</uri></li> |
2827 |
<li> |
2828 |
<uri |
2829 |
link="http://www-106.ibm.com/developerworks/library/l-fs.html">Advanced |
2830 |
filesystem implementor's guide, Part 1: Journalling and ReiserFS on |
2831 |
developerWorks</uri> |
2832 |
</li> |
2833 |
<li> |
2834 |
<uri |
2835 |
link="http://www-106.ibm.com/developerworks/library/l-fs2.html">Advanced |
2836 |
filesystem implementor's guide, Part 2: Using ReiserFS and Linux 2.4 on |
2837 |
developerWorks</uri>. |
2838 |
</li> |
2839 |
</ul> |
2840 |
|
2841 |
<p> |
2842 |
ext3 resources: |
2843 |
</p> |
2844 |
|
2845 |
<ul> |
2846 |
<li> |
2847 |
<uri link="http://www.zip.com.au/~akpm/linux/ext3/">Andrew Morton's ext3 |
2848 |
page</uri> |
2849 |
</li> |
2850 |
<li> |
2851 |
<uri link="http://www.zip.com.au/~akpm/linux/ext3/ext3-usage.html">Andrew |
2852 |
Morton's excellent ext3 usage documentation (recommended).</uri> |
2853 |
</li> |
2854 |
</ul> |
2855 |
|
2856 |
<p> |
2857 |
XFS and JFS resources: |
2858 |
</p> |
2859 |
|
2860 |
<ul> |
2861 |
<li> |
2862 |
<uri link="http://oss.sgi.com/projects/xfs">SGI XFS projects page</uri> |
2863 |
</li> |
2864 |
<li> |
2865 |
The IBM <uri |
2866 |
link="http://www-124.ibm.com/developerworks/oss/jfs/index.html">JFS project |
2867 |
Web site</uri>. |
2868 |
</li> |
2869 |
</ul> |
2870 |
|
2871 |
<p> |
2872 |
Don't forget <uri link="http://en.tldp.org/">linuxdoc.org</uri>. You'll find |
2873 |
linuxdoc's collection of guides, HOWTOs, FAQs, and man pages to be invaluable. |
2874 |
Be sure to check out <uri link="http://en.tldp.org/LDP/LG/current/">Linux |
2875 |
Gazette</uri> and <uri |
2876 |
link="http://en.tldp.org/linuxfocus/index.html">LinuxFocus</uri> as well. |
2877 |
</p> |
2878 |
|
2879 |
<p> |
2880 |
The Linux System Administrators guide, available from <uri |
2881 |
link="http://en.tldp.org/guides.html">Linuxdoc.org's "Guides" section</uri>, is |
2882 |
a good complement to this series of tutorials -- give it a read! You may also |
2883 |
find Eric S. Raymond's <uri |
2884 |
link="http://en.tldp.org/HOWTO/Unix-and-Internet-Fundamentals-HOWTO/">Unix and |
2885 |
Internet Fundamentals HOWTO</uri> to be helpful. |
2886 |
</p> |
2887 |
|
2888 |
<p> |
2889 |
In the Bash by example article series on developerWorks, Daniel shows you how |
2890 |
to use bash programming constructs to write your own bash scripts. This bash |
2891 |
series (particularly Parts 1 and 2) will be excellent additional preparation |
2892 |
for the LPIC Level 1 exam: |
2893 |
</p> |
2894 |
|
2895 |
<ul> |
2896 |
<li> |
2897 |
<uri |
2898 |
link="http://www.gentoo.org/doc/en/articles/bash-by-example-p1.xml">Bash by |
2899 |
example, part 1: Fundamental programming in the Bourne-again shell</uri> |
2900 |
</li> |
2901 |
<li> |
2902 |
<uri |
2903 |
link="http://www.gentoo.org/doc/en/articles/bash-by-example-p2.xml">Bash by |
2904 |
example, part 2: More bash programming fundamentals</uri> |
2905 |
</li> |
2906 |
<li> |
2907 |
<uri |
2908 |
link="http://www.gentoo.org/doc/en/articles/bash-by-example-p3.xml">Bash by |
2909 |
example, part 3: Exploring the ebuild system.</uri> |
2910 |
</li> |
2911 |
</ul> |
2912 |
|
2913 |
<p> |
2914 |
We highly recommend the <uri |
2915 |
link="http://www-106.ibm.com/developerworks/linux/library/l-faq/">Technical FAQ |
2916 |
by Linux Users</uri> by Mark Chapman, a 50-page in-depth list of |
2917 |
frequently-asked Linux questions, along with detailed answers. The FAQ itself |
2918 |
is in PDF (Adobe Acrobat) format. If you're a beginning or intermediate Linux |
2919 |
user, you really owe it to yourself to check this FAQ out. We also recommend |
2920 |
the <uri |
2921 |
link="http://www-106.ibm.com/developerworks/linux/library/l-gloss/index.html">Linux |
2922 |
glossary for Linux users</uri>, also from Mark. |
2923 |
</p> |
2924 |
|
2925 |
<p> |
2926 |
If you're not familiar with the vi editor, we strongly recommend that you check |
2927 |
out Daniel's <uri |
2928 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxvi-i.html">Vi intro |
2929 |
-- the cheat sheet method tutorial</uri>. This tutorial will give you a gentle |
2930 |
yet fast-paced introduction to this powerful text editor. Consider this |
2931 |
must-read material if you don't know how to use vi. |
2932 |
</p> |
2933 |
|
2934 |
</body> |
2935 |
</section> |
2936 |
<section> |
2937 |
<title>Feedback</title> |
2938 |
<body> |
2939 |
|
2940 |
<p> |
2941 |
Please send any tutorial feedback you may have to the authors: |
2942 |
</p> |
2943 |
|
2944 |
<ul> |
2945 |
<li>Daniel Robbins, at <mail>drobbins@g.o</mail></li> |
2946 |
<li>Chris Houser, at <mail>chouser@g.o</mail></li> |
2947 |
<li>Aron Griffis, at <mail>agriffis@g.o</mail>.</li> |
2948 |
</ul> |
2949 |
|
2950 |
</body> |
2951 |
</section> |
2952 |
</chapter> |
2953 |
</guide> |
2954 |
|
2955 |
|
2956 |
|
2957 |
1.1 xml/htdocs/doc/en/articles/lpi-101-intermediate-p3.xml |
2958 |
|
2959 |
file : http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/lpi-101-intermediate-p3.xml?rev=1.1&content-type=text/x-cvsweb-markup&cvsroot=gentoo |
2960 |
plain: http://www.gentoo.org/cgi-bin/viewcvs.cgi/xml/htdocs/doc/en/articles/lpi-101-intermediate-p3.xml?rev=1.1&content-type=text/plain&cvsroot=gentoo |
2961 |
|
2962 |
Index: lpi-101-intermediate-p3.xml |
2963 |
=================================================================== |
2964 |
<?xml version="1.0" encoding="UTF-8"?> |
2965 |
<!DOCTYPE guide SYSTEM "/dtd/guide.dtd"> |
2966 |
<!-- $Header: /var/cvsroot/gentoo/xml/htdocs/doc/en/articles/lpi-101-intermediate-p3.xml,v 1.1 2006/01/01 09:01:19 rane Exp $ --> |
2967 |
|
2968 |
<guide link="/doc/en/articles/lpi-101-intermediate-p3.xml" disclaimer="articles"> |
2969 |
<title>LPI certification 101 (release 2) exam prep, Part 2</title> |
2970 |
|
2971 |
<author title="Author"> |
2972 |
<mail link="drobbins@g.o">Daniel Robbins</mail> |
2973 |
</author> |
2974 |
<author title="Author"> |
2975 |
<mail link="chouser@g.o">Chris Houser</mail> |
2976 |
</author> |
2977 |
<author title="Author"> |
2978 |
<mail link="agriffis@g.o">Aron Griffis</mail> |
2979 |
</author> |
2980 |
|
2981 |
<abstract> |
2982 |
In this tutorial we'll introduce you the Linux system documentation. We will |
2983 |
teach you how to change permissions and how to manage with Linux accounts. At |
2984 |
the end you'll learn how to tune your enviroment. |
2985 |
</abstract> |
2986 |
|
2987 |
<!-- The original version of this article was first published on IBM |
2988 |
developerWorks, and is property of Westtech Information Services. This |
2989 |
document is an updated version of the original article, and contains |
2990 |
various improvements made by the Gentoo Linux Documentation team --> |
2991 |
|
2992 |
<version>1.0</version> |
2993 |
<date>2005-12-11</date> |
2994 |
|
2995 |
<chapter> |
2996 |
<title>Befor You Start</title> |
2997 |
<section> |
2998 |
<title>About this tutorial</title> |
2999 |
<body> |
3000 |
|
3001 |
<p> |
3002 |
Welcome to "Intermediate administration," the third of four tutorials designed |
3003 |
to prepare you for the Linux Professional Institute's 101 (release 2) exam. |
3004 |
This tutorial (Part 3) is ideal for those who want to improve their knowledge |
3005 |
of fundamental Linux administration skills. We'll cover a variety of topics, |
3006 |
including system and Internet documentation, the Linux permissions model, user |
3007 |
account management, and login environment tuning. |
3008 |
</p> |
3009 |
|
3010 |
<p> |
3011 |
If you are new to Linux, we recommend that you start with <uri |
3012 |
link="/doc/en/articles/lpi-101-fundamentals-p1.xml">Part 1</uri> and <uri |
3013 |
link="/doc/en/articles/lpi-101-administration-p2.xml">Part 2</uri>. For some, |
3014 |
much of this material will be new, but more experienced Linux users may |
3015 |
find this tutorial to be a great way of "rounding out" their foundational Linux |
3016 |
system administration skills. |
3017 |
</p> |
3018 |
|
3019 |
<p> |
3020 |
By the end of this series of tutorials (eight in all covering the LPI 101 and |
3021 |
102 exams), you will have the knowledge you need to become a Linux Systems |
3022 |
Administrator and will be ready to attain an LPIC Level 1 certification from |
3023 |
the Linux Professional Institute if you so choose. |
3024 |
</p> |
3025 |
|
3026 |
<p> |
3027 |
For those who have taken the <uri |
3028 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxlpi3-i.html">release |
3029 |
1 version</uri> of this tutorial for reasons other than LPI exam preparation, |
3030 |
you probably don't need to take this one. However, if you do plan to take the |
3031 |
exams, you should strongly consider reading this revised tutorial. |
3032 |
</p> |
3033 |
|
3034 |
</body> |
3035 |
</section> |
3036 |
<section> |
3037 |
<title>About the authors</title> |
3038 |
<body> |
3039 |
|
3040 |
<p> |
3041 |
For technical questions about the content of this tutorial, contact the |
3042 |
authors: |
3043 |
</p> |
3044 |
|
3045 |
<ul> |
3046 |
<li>Daniel Robbins, at <mail>drobbins@g.o</mail></li> |
3047 |
<li>Chris Houser, at <mail>chouser@g.o</mail></li> |
3048 |
<li>Aron Griffis, at<mail>agriffis@g.o</mail>.</li> |
3049 |
</ul> |
3050 |
|
3051 |
<p> |
3052 |
Residing in Albuquerque, New Mexico, Daniel Robbins is the Chief Architect of |
3053 |
<uri link="http://www.gentoo.org/">Gentoo Linux</uri> an advanced ports-based |
3054 |
Linux metadistribution. Besides writing articles, tutorials, and tips for the |
3055 |
developerWorks Linux zone and Intel Developer Services, he has also served as a |
3056 |
contributing author for several books, including Samba Unleashed and SuSE Linux |
3057 |
Unleashed. Daniel enjoys spending time with his wife, Mary, and his daughter, |
3058 |
Hadassah. You can contact Daniel at <mail>drobbins@g.o</mail>. |
3059 |
</p> |
3060 |
|
3061 |
<p> |
3062 |
Chris Houser, known to his friends as "Chouser," has been a UNIX proponent |
3063 |
since 1994 when he joined the administration team for the computer science |
3064 |
network at Taylor University in Indiana, where he earned his Bachelor's degree |
3065 |
in Computer Science and Mathematics. Since then, he has gone on to work in Web |
3066 |
application programming, user interface design, professional video software |
3067 |
support, and now Tru64 UNIX device driver programming at <uri |
3068 |
link="http://www.compaq.com/">Compaq</uri>. He has also contributed to various |
3069 |
free software projects, most recently to <uri |
3070 |
link="http://www.gentoo.org/">Gentoo Linux</uri>). He lives with his wife and |
3071 |
two cats in New Hampshire. You can contact Chris at |
3072 |
<mail>chouser@g.o</mail>. |
3073 |
</p> |
3074 |
|
3075 |
<p> |
3076 |
Aron Griffis graduated from Taylor University with a degree in Computer Science |
3077 |
and an award that proclaimed, "Future Founder of a Utopian UNIX Commune." |
3078 |
Working towards that goal, Aron is employed by <uri |
3079 |
link="http://www.compaq.com/">Compaq</uri> writing network drivers for Tru64 |
3080 |
UNIX, and spending his spare time plunking out tunes on the piano or developing |
3081 |
<uri link="http://www.gentoo.org/">Gentoo Linux</uri>. He lives with his wife |
3082 |
Amy (also a UNIX engineer) in Nashua, New Hampshire. |
3083 |
</p> |
3084 |
|
3085 |
</body> |
3086 |
</section> |
3087 |
</chapter> |
3088 |
|
3089 |
<chapter> |
3090 |
<title>System and network documentation</title> |
3091 |
<section> |
3092 |
<title>Types of Linux system documentation</title> |
3093 |
<body> |
3094 |
|
3095 |
<p> |
3096 |
There are essentially three sources of documentation on a Linux system: manual |
3097 |
pages, info pages, and application-bundled documentation in |
3098 |
<path>/usr/share/doc</path>. In this section, we'll explore each of these |
3099 |
sources before looking "outside the box" for more information. |
3100 |
</p> |
3101 |
|
3102 |
</body> |
3103 |
</section> |
3104 |
<section> |
3105 |
<title>Manual pages</title> |
3106 |
<body> |
3107 |
|
3108 |
<p> |
3109 |
Manual pages, or "man pages", are the classic form of UNIX and Linux reference |
3110 |
documentation. Ideally, you can look up the man page for any command, |
3111 |
configuration file, or library routine. In practice, Linux is free software, |
3112 |
and some pages haven't been written or are showing their age. Nonetheless, man |
3113 |
pages are the first place to look when you need help. |
3114 |
</p> |
3115 |
|
3116 |
<p> |
3117 |
To access a man page, simply type <c>man</c> followed by your topic of inquiry. |
3118 |
A pager will be started, so you will need to press <c>q</c> when you're done |
3119 |
reading. For example, to look up information about the <c>ls</c> command, you |
3120 |
would type: |
3121 |
</p> |
3122 |
|
3123 |
<pre caption="Searching in man page"> |
3124 |
$ <i>man ls</i> |
3125 |
</pre> |
3126 |
|
3127 |
<p> |
3128 |
Knowing the layout of a man page can be helpful to jump quickly to the |
3129 |
information you need. In general, you will find the following sections in a |
3130 |
<c>man</c> page: |
3131 |
</p> |
3132 |
|
3133 |
<table> |
3134 |
<tr> |
3135 |
<ti>NAME</ti> |
3136 |
<ti>Name and one-line description of the command</ti> |
3137 |
</tr> |
3138 |
<tr> |
3139 |
<ti>SYNOPSIS</ti> |
3140 |
<ti>How to use the command</ti> |
3141 |
</tr> |
3142 |
<tr> |
3143 |
<ti>DESCRIPTION</ti> |
3144 |
<ti>In-depth discussion on the functionality of the command</ti> |
3145 |
</tr> |
3146 |
<tr> |
3147 |
<ti>EXAMPLES</ti> |
3148 |
<ti>Suggestions for how to use the command</ti> |
3149 |
</tr> |
3150 |
<tr> |
3151 |
<ti>SEE ALSO</ti> |
3152 |
<ti>Related topics (usually man pages)</ti> |
3153 |
</tr> |
3154 |
</table> |
3155 |
|
3156 |
</body> |
3157 |
</section> |
3158 |
<section> |
3159 |
<title>man page sections</title> |
3160 |
<body> |
3161 |
|
3162 |
<p> |
3163 |
The files that comprise manual pages are stored in <path>/usr/share/man</path> |
3164 |
(or in <path>/usr/man</path> on some older systems). Inside that directory, you |
3165 |
will find that the manual pages are organized into the following sections: |
3166 |
</p> |
3167 |
|
3168 |
<table> |
3169 |
<tr> |
3170 |
<ti>man1</ti> |
3171 |
<ti>User programs</ti> |
3172 |
</tr> |
3173 |
<tr> |
3174 |
<ti>man2</ti> |
3175 |
<ti>System calls</ti> |
3176 |
</tr> |
3177 |
<tr> |
3178 |
<ti>man3</ti> |
3179 |
<ti>Library functions</ti> |
3180 |
</tr> |
3181 |
<tr> |
3182 |
<ti>man4</ti> |
3183 |
<ti>Special files</ti> |
3184 |
</tr> |
3185 |
<tr> |
3186 |
<ti>man5</ti> |
3187 |
<ti>File formats</ti> |
3188 |
</tr> |
3189 |
<tr> |
3190 |
<ti>man6</ti> |
3191 |
<ti>Games</ti> |
3192 |
</tr> |
3193 |
<tr> |
3194 |
<ti>man7</ti> |
3195 |
<ti>Miscellaneous</ti> |
3196 |
</tr> |
3197 |
</table> |
3198 |
|
3199 |
</body> |
3200 |
</section> |
3201 |
<section> |
3202 |
<title>Multiple man pages</title> |
3203 |
<body> |
3204 |
|
3205 |
<p> |
3206 |
Some topics exist in more than one section. To demonstrate this, let's use the |
3207 |
<c>whatis</c> command, which shows all the available man pages for a topic: |
3208 |
</p> |
3209 |
|
3210 |
<pre caption="Using whatis command"> |
3211 |
$ <i>whatis printf</i> |
3212 |
printf (1) - format and print data |
3213 |
printf (3) - formatted output conversion |
3214 |
</pre> |
3215 |
|
3216 |
<p> |
3217 |
In this case, <c>man printf</c> would default to the page in section 1 ("User |
3218 |
Programs"). If we were writing a C program, we might be more interested in the |
3219 |
page from section 3 ("Library functions"). You can call up a man page from a |
3220 |
certain section by specifying it on the command line, so to ask for |
3221 |
<e>printf(3)</e>, we would type: |
3222 |
</p> |
3223 |
|
3224 |
<pre caption="Specifying section in man command"> |
3225 |
$ <i>man 3 printf</i> |
3226 |
</pre> |
3227 |
|
3228 |
</body> |
3229 |
</section> |
3230 |
<section> |
3231 |
<title>Finding the right man page</title> |
3232 |
<body> |
3233 |
|
3234 |
<p> |
3235 |
Sometimes it's hard to find the right man page for a given topic. In that case, |
3236 |
you might try using <c>man -k</c> to search the NAME section of the man pages. |
3237 |
Be warned that it's a substring search, so running something like <c>man -k |
3238 |
ls</c> will give you a lot of output! Here's an example using a more specific |
3239 |
query: |
3240 |
</p> |
3241 |
|
3242 |
<pre caption="Searching man using man -k command"> |
3243 |
$ <i>man -k whatis</i> |
3244 |
apropos (1) - search the whatis database for strings |
3245 |
makewhatis (8) - Create the whatis database |
3246 |
whatis (1) - search the whatis database for complete words |
3247 |
</pre> |
3248 |
|
3249 |
</body> |
3250 |
</section> |
3251 |
<section> |
3252 |
<title>All about apropos</title> |
3253 |
<body> |
3254 |
|
3255 |
<p> |
3256 |
The example on the previous panel brings up a few more points. First, the |
3257 |
<c>apropos</c> command is exactly equivalent to <c>man -k</c>. (In fact, I'll |
3258 |
let you in on a little secret. When you run <c>man -k</c>, it actually runs |
3259 |
<c>apropos</c> behind the scenes.) The second point is the <c>makewhatis</c> |
3260 |
command, which scans all the man pages on your Linux system and builds the |
3261 |
database for <c>whatis</c> and <c>apropos</c>. Usually this is run periodically |
3262 |
by root to keep the database updated: |
3263 |
</p> |
3264 |
|
3265 |
<pre caption="Building whatis and apropos database"> |
3266 |
# <i>makewhatis</i> |
3267 |
</pre> |
3268 |
|
3269 |
<p> |
3270 |
For more information on "man" and friends, you should start with its man page: |
3271 |
</p> |
3272 |
|
3273 |
<pre caption="Starting man page for man"> |
3274 |
$ <i>man man</i> |
3275 |
</pre> |
3276 |
|
3277 |
</body> |
3278 |
</section> |
3279 |
<section> |
3280 |
<title>The MANPATH</title> |
3281 |
<body> |
3282 |
|
3283 |
<p> |
3284 |
By default, the <c>man</c> program will look for man pages in |
3285 |
<path>/usr/share/man</path>, <path>/usr/local/man</path>, |
3286 |
<path>/usr/X11R6/man</path>, and possibly <path>/opt/man</path>. Sometimes, you |
3287 |
may find that you need to add an additional item to this search path. If so, |
3288 |
simply edit <path>/etc/man.conf</path> in a text editor and add a line that |
3289 |
looks like this: |
3290 |
</p> |
3291 |
|
3292 |
<pre caption="/etc/man.conf"> |
3293 |
MANPATH /opt/man |
3294 |
</pre> |
3295 |
|
3296 |
<p> |
3297 |
>From that point forward, any man pages in the <path>/opt/man/man*</path> |
3298 |
directories will be found. Remember that you'll need to rerun <c>makewhatis</c> |
3299 |
to add these new man pages to the whatis database. |
3300 |
</p> |
3301 |
|
3302 |
</body> |
3303 |
</section> |
3304 |
<section> |
3305 |
<title>GNU info</title> |
3306 |
<body> |
3307 |
|
3308 |
<p> |
3309 |
One shortcoming of man pages is that they don't support hypertext, so you can't |
3310 |
jump easily from one to another. The GNU folks recognized this shortcoming, so |
3311 |
they invented another documentation format: "info" pages. Many of the GNU |
3312 |
programs come with extensive documentation in the form of info pages. You can |
3313 |
start reading info pages with the <c>info</c> command: |
3314 |
</p> |
3315 |
|
3316 |
<pre caption="Using info command"> |
3317 |
$ <i>info</i> |
3318 |
</pre> |
3319 |
|
3320 |
<p> |
3321 |
Calling <c>info</c> in this way will bring up an index of the available pages |
3322 |
on the system. You can move around with the arrow keys, follow links (indicated |
3323 |
with a star) using the Enter key, and quit by pressing <c>q</c>. The keys are |
3324 |
based on Emacs, so you should be able to navigate easily if you're familiar |
3325 |
with that editor. For an intro to the Emacs editor, see the developerWorks |
3326 |
tutorial, <uri |
3327 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxemacs-i.html">Living |
3328 |
in Emacs</uri>. |
3329 |
</p> |
3330 |
|
3331 |
<p> |
3332 |
You can also specify an info page on the command line: |
3333 |
</p> |
3334 |
|
3335 |
<pre caption="Specifying info command"> |
3336 |
$ <i>info diff</i> |
3337 |
</pre> |
3338 |
|
3339 |
<p> |
3340 |
For more information on using the <c>info</c> reader, try reading its info |
3341 |
page. You should be able to navigate primitively using the few keys I've |
3342 |
already mentioned: |
3343 |
</p> |
3344 |
|
3345 |
<pre caption="Reading info info page"> |
3346 |
$ <i>info info</i> |
3347 |
</pre> |
3348 |
|
3349 |
</body> |
3350 |
</section> |
3351 |
<section> |
3352 |
<title>/usr/share/doc</title> |
3353 |
<body> |
3354 |
|
3355 |
<p> |
3356 |
There is a final source for help within your Linux system. Many programs are |
3357 |
shipped with additional documentation in other formats: text, PDF, PostScript, |
3358 |
HTML, to name a few. Take a look in <path>usr/share/doc</path> (or |
3359 |
<path>/usr/doc</path> on older systems). You'll find a long list of |
3360 |
directories, each of which came with a certain application on your system. |
3361 |
Searching through this documentation can often reveal some gems that aren't |
3362 |
available as man pages or info pages, such as tutorials or additional technical |
3363 |
documentation. A quick check reveals there's a lot of reading material |
3364 |
available: |
3365 |
</p> |
3366 |
|
3367 |
<pre caption="/usr/share/doc/"> |
3368 |
$ <i>cd /usr/share/doc</i> |
3369 |
$ <i>find . -type f | wc -l</i> |
3370 |
7582 |
3371 |
</pre> |
3372 |
|
3373 |
<p> |
3374 |
Whew! Your homework this evening is to read just half (3791) of those |
3375 |
documents. Expect a quiz tomorrow. ;-) |
3376 |
</p> |
3377 |
|
3378 |
</body> |
3379 |
</section> |
3380 |
<section> |
3381 |
<title>The Linux Documentation Project</title> |
3382 |
<body> |
3383 |
|
3384 |
<p> |
3385 |
In addition to system documentation, there are a number of excellent Linux |
3386 |
resources on the Internet. The <uri link="http://www.tldp.org/">Linux |
3387 |
Documentation Project</uri> is a group of volunteers who are working on putting |
3388 |
together the complete set of free Linux documentation. This project exists to |
3389 |
consolidate various pieces of Linux documentation into a location that is easy |
3390 |
to search and use. |
3391 |
</p> |
3392 |
|
3393 |
</body> |
3394 |
</section> |
3395 |
<section> |
3396 |
<title>An LDP overview</title> |
3397 |
<body> |
3398 |
|
3399 |
<p> |
3400 |
The LDP is made up of the following areas: |
3401 |
</p> |
3402 |
|
3403 |
<ul> |
3404 |
<li> |
3405 |
Guides - longer, more in-depth books, such as <uri |
3406 |
link="http://www.tldp.org/LDP/lpg/index.html">The Linux Programmer's |
3407 |
Guide</uri> |
3408 |
</li> |
3409 |
<li> |
3410 |
HOWTOs - subject-specific help, such as the <uri |
3411 |
link="http://www.tldp.org/HOWTO/DSL-HOWTO/index.html">DSL HOWTO</uri> |
3412 |
</li> |
3413 |
<li> |
3414 |
FAQs - Frequently Asked Questions with answers, such as the <uri |
3415 |
link="http://www.tldp.org/FAQ/faqs/BLFAQ">Brief Linux FAQ</uri> |
3416 |
</li> |
3417 |
<li> |
3418 |
Man pages - help on individual commands (these are the same manual pages |
3419 |
you get on your Linux system when you use the <c>man</c> command). |
3420 |
</li> |
3421 |
</ul> |
3422 |
|
3423 |
<p> |
3424 |
If you aren't sure which section to peruse, you can take advantage of the |
3425 |
search box, which allows you to find things by topic. |
3426 |
</p> |
3427 |
|
3428 |
<p> |
3429 |
The LDP additionally provides a list of Links and Resources such as <uri |
3430 |
link="http://www.tldp.org/LDP/LG/current/">Linux Gazette</uri> (see links in |
3431 |
<uri link="#resources">Resources</uri>) and <uri |
3432 |
link="http://www.tldp.org/linuxfocus/index.html">LinuxFocus</uri>, as well |
3433 |
links to mailing lists and news archives. |
3434 |
</p> |
3435 |
|
3436 |
</body> |
3437 |
</section> |
3438 |
<section> |
3439 |
<title>Mailing lists</title> |
3440 |
<body> |
3441 |
|
3442 |
<p> |
3443 |
Mailing lists provide probably the most important point of collaboration for |
3444 |
Linux developers. Often projects are developed by contributors who live far |
3445 |
apart, possibly even on opposite sides of the globe. Mailing lists provide a |
3446 |
method for each developer on a project to contact all the others, and to hold |
3447 |
group discussions via e-mail. One of the most famous development mailing lists |
3448 |
is the <uri link="http://www.tux.org/lkml/">Linux Kernel Mailing List</uri>. |
3449 |
</p> |
3450 |
|
3451 |
</body> |
3452 |
</section> |
3453 |
<section> |
3454 |
<title>More about mailing lists</title> |
3455 |
<body> |
3456 |
|
3457 |
<p> |
3458 |
In addition to development, mailing lists can provide a method for asking |
3459 |
questions and receiving answers from knowledgeable developers, or even other |
3460 |
users. For example, individual distributions often provide mailing lists for |
3461 |
newcomers. You can check your distribution's Web site for information on the |
3462 |
mailing lists it provides. |
3463 |
</p> |
3464 |
|
3465 |
<p> |
3466 |
If you took the time to read the LKML FAQ at the link on the previous panel, |
3467 |
you might have noticed that mailing list subscribers often don't take kindly to |
3468 |
questions being asked repeatedly. It's always wise to search the archives for a |
3469 |
given mailing list before writing your question. Chances are, it will save you |
3470 |
time, too! |
3471 |
</p> |
3472 |
|
3473 |
</body> |
3474 |
</section> |
3475 |
<section> |
3476 |
<title>Newsgroups</title> |
3477 |
<body> |
3478 |
|
3479 |
<p> |
3480 |
Internet "newsgroups" are similar to mailing lists, but are based on a protocol |
3481 |
called NNTP ("Network News Transfer Protocol") instead of e-mail. To |
3482 |
participate, you need to use an NNTP client such as <c>slrn</c> or <c>pan</c>. |
3483 |
The primary advantage is that you only take part in the discussion when you |
3484 |
want, instead of having it continually arrive in your inbox. :-) |
3485 |
</p> |
3486 |
|
3487 |
<p> |
3488 |
The newsgroups of primary interest start with comp.os.linux. You can browse the |
3489 |
<uri link="http://www.tldp.org/links/#ng">list on the LDP site</uri>. |
3490 |
</p> |
3491 |
|
3492 |
<p> |
3493 |
As with mailing lists, newsgroup discussion is often archived. A popular |
3494 |
newsgroup archiving site is <uri |
3495 |
link="http://groups.google.com/googlegroups/deja_announcement.html">Deja |
3496 |
News</uri>. |
3497 |
</p> |
3498 |
|
3499 |
</body> |
3500 |
</section> |
3501 |
<section> |
3502 |
<title>Vendor and third-party Web sites</title> |
3503 |
<body> |
3504 |
|
3505 |
<p> |
3506 |
Web sites for the various Linux distributions often provide updated |
3507 |
documentation, installation instructions, hardware |
3508 |
compatibility/incompatibility statements, and other support such as a knowledge |
3509 |
base search tool. For example: |
3510 |
</p> |
3511 |
|
3512 |
<ul> |
3513 |
<li><uri link="http://www.redhat.com/">Redhat Linux</uri></li> |
3514 |
<li><uri link="http://www.debian.org/">Debian Linux</uri></li> |
3515 |
<li><uri link="http://www.gentoo.org/">Gentoo Linux</uri></li> |
3516 |
<li><uri link="http://www.suse.com/">SuSE Linux</uri></li> |
3517 |
<li><uri link="http://www.caldera.com/">Caldera</uri></li> |
3518 |
<li><uri link="http://www.turbolinux.com/">Turbolinux</uri></li> |
3519 |
</ul> |
3520 |
|
3521 |
</body> |
3522 |
</section> |
3523 |
<section> |
3524 |
<title>Hardware and software vendors</title> |
3525 |
<body> |
3526 |
|
3527 |
<p> |
3528 |
Many hardware and software vendors have added Linux support to their products |
3529 |
in recent years. At their sites, you can find information about which hardware |
3530 |
supports Linux, software development tools, released sources, downloads of |
3531 |
Linux drivers for specific hardware, and other special Linux projects. For |
3532 |
example: |
3533 |
</p> |
3534 |
|
3535 |
<ul> |
3536 |
<li><uri link="http://www.ibm.com/linux/">IBM and Linux</uri></li> |
3537 |
<li> |
3538 |
<uri link="http://www.compaq.com/products/software/linux/">Compaq and |
3539 |
Linux</uri> |
3540 |
</li> |
3541 |
<li> |
3542 |
<uri link="http://www.sgi.com/developers/technology/linux/">SGI and |
3543 |
Linux</uri> |
3544 |
</li> |
3545 |
<li><uri link="http://www.hp.com/products1/linux/">HP and Linux</uri></li> |
3546 |
<li><uri link="http://www.sun.com/linux/">Sun and Linux</uri></li> |
3547 |
<li> |
3548 |
<uri link="http://technet.oracle.com/tech/linux/content.html">Oracle and |
3549 |
Linux</uri>. |
3550 |
</li> |
3551 |
</ul> |
3552 |
|
3553 |
</body> |
3554 |
</section> |
3555 |
<section> |
3556 |
<title>Developer resources</title> |
3557 |
<body> |
3558 |
|
3559 |
<p> |
3560 |
In addition, many hardware and software vendors have developed wonderful |
3561 |
resources for Linux developers and administrators. At the risk of sounding |
3562 |
self-promoting, one of the most valuable Linux resources run by a |
3563 |
hardware/software vendor is the <uri |
3564 |
link="http://www.ibm.com/developerworks/linux/">IBM developerWorks Linux |
3565 |
zone</uri>. |
3566 |
</p> |
3567 |
|
3568 |
</body> |
3569 |
</section> |
3570 |
</chapter> |
3571 |
|
3572 |
<chapter> |
3573 |
<title>The Linux permissions model</title> |
3574 |
<section> |
3575 |
<title>One user, one group</title> |
3576 |
<body> |
3577 |
|
3578 |
<p> |
3579 |
In this section, we'll take a look at the Linux permissions and ownership |
3580 |
model. We've already seen that every file is owned by one user and one group. |
3581 |
This is the very core of the permissions model in Linux. You can view the user |
3582 |
and group of a file in a <c>ls -l</c> listing: |
3583 |
</p> |
3584 |
|
3585 |
<pre caption="Listing files"> |
3586 |
$ <i>ls -l /bin/bash</i> |
3587 |
-rwxr-xr-x 1 root wheel 430540 Dec 23 18:27 /bin/bash |
3588 |
</pre> |
3589 |
|
3590 |
<p> |
3591 |
In this particular example, the <path>/bin/bash</path> executable is owned by |
3592 |
root and is in the wheel group. The Linux permissions model works by allowing |
3593 |
three independent levels of permission to be set for each filesystem object -- |
3594 |
those for the file's owner, the file's group, and all other users. |
3595 |
</p> |
3596 |
|
3597 |
</body> |
3598 |
</section> |
3599 |
<section> |
3600 |
<title>Understanding "ls -l"</title> |
3601 |
<body> |
3602 |
|
3603 |
<p> |
3604 |
Let's take a look at our <c>ls -l</c> output and inspect the first column of |
3605 |
the listing: |
3606 |
</p> |
3607 |
|
3608 |
<pre caption="Inspecting ls -l command"> |
3609 |
$ <i>ls -l /bin/bash</i> |
3610 |
-rwxr-xr-x 1 root wheel 430540 Dec 23 18:27 /bin/bash |
3611 |
</pre> |
3612 |
|
3613 |
<p> |
3614 |
This first field <e>-rwxr-xr-</e> contains a symbolic representation of this |
3615 |
particular files' permissions. The first character (-) in this field specifies |
3616 |
the type of this file, which in this case is a regular file. Other possible |
3617 |
first characters: |
3618 |
</p> |
3619 |
|
3620 |
<pre caption="First characters"> |
3621 |
'd' directory |
3622 |
'l' symbolic link |
3623 |
'c' character special device |
3624 |
'b' block special device |
3625 |
'p' fifo |
3626 |
's' socket |
3627 |
</pre> |
3628 |
|
3629 |
</body> |
3630 |
</section> |
3631 |
<section> |
3632 |
<title>Three triplets</title> |
3633 |
<body> |
3634 |
|
3635 |
<pre caption="ls -l /bin/bash"> |
3636 |
$ <i>ls -l /bin/bash</i> |
3637 |
-rwxr-xr-x 1 root wheel 430540 Dec 23 18:27 /bin/bash |
3638 |
</pre> |
3639 |
|
3640 |
<p> |
3641 |
The rest of the field consists of three character triplets. The first triplet |
3642 |
represents permissions for the owner of the file, the second represents |
3643 |
permissions for the file's group, and the third represents permissions for all |
3644 |
other users: |
3645 |
</p> |
3646 |
|
3647 |
<pre caption="Triplets in ls -l command"> |
3648 |
"rwx" |
3649 |
"r-x" |
3650 |
"r-x" |
3651 |
</pre> |
3652 |
|
3653 |
<p> |
3654 |
Above, the r means that reading (looking at the data in the file) is allowed, |
3655 |
the w means that writing (modifying the file, as well as deletion) is allowed, |
3656 |
and the x means that "execute" (running the program) is allowed. Putting |
3657 |
together all this information, we can see that everyone is able to read the |
3658 |
contents of and execute this file, but only the owner (root) is allowed to |
3659 |
modify this file in any way. So, while normal users can copy this file, only |
3660 |
root is allowed to update it or delete it. |
3661 |
</p> |
3662 |
|
3663 |
<p> |
3664 |
Above, the r means that reading (looking at the data in the file) is allowed, |
3665 |
the w means that writing (modifying the file, as well as deletion) is allowed, |
3666 |
and the x means that "execute" (running the program) is allowed. Putting |
3667 |
together all this information, we can see that everyone is able to read the |
3668 |
contents of and execute this file, but only the owner (root) is allowed to |
3669 |
modify this file in any way. So, while normal users can copy this file, only |
3670 |
root is allowed to update it or delete it. |
3671 |
</p> |
3672 |
|
3673 |
</body> |
3674 |
</section> |
3675 |
<section> |
3676 |
<title>Who am I?</title> |
3677 |
<body> |
3678 |
|
3679 |
<p> |
3680 |
Before we take a look at how to change the user and group ownership of a file, |
3681 |
let's first take a look at how to learn your current user id and group |
3682 |
membership. Unless you've used the <c>su</c> command recently, your current |
3683 |
user id is the one you used to log in to the system. If you use <c>su</c> |
3684 |
frequently, however, you may not remember your current effective user id. To |
3685 |
view it, type <c>whoami</c>: |
3686 |
</p> |
3687 |
|
3688 |
<pre caption="Using whoami command"> |
3689 |
# <i>whoami</i> |
3690 |
root |
3691 |
# <i>su drobbins</i> |
3692 |
$ <i>whoami</i> |
3693 |
drobbins |
3694 |
</pre> |
3695 |
|
3696 |
</body> |
3697 |
</section> |
3698 |
<section> |
3699 |
<title>What groups am I in?</title> |
3700 |
<body> |
3701 |
|
3702 |
<p> |
3703 |
To see what groups you belong to, use the <c>groups</c> command: |
3704 |
</p> |
3705 |
|
3706 |
<pre caption="Using groups command"> |
3707 |
$ <i>groups</i> |
3708 |
drobbins wheel audio |
3709 |
</pre> |
3710 |
|
3711 |
<p> |
3712 |
In the above example, I'm a member of the drobbins, wheel, and audio groups. |
3713 |
If you want to see what groups other user(s) are in, specify their usernames as |
3714 |
arguments: |
3715 |
</p> |
3716 |
|
3717 |
<pre caption="Specifying user argument"> |
3718 |
$ <i>groups root daemon</i> |
3719 |
root : root bin daemon sys adm disk wheel floppy dialout tape video |
3720 |
daemon : daemon bin adm |
3721 |
</pre> |
3722 |
|
3723 |
</body> |
3724 |
</section> |
3725 |
<section> |
3726 |
<title>Changing user and group ownership</title> |
3727 |
<body> |
3728 |
|
3729 |
<p> |
3730 |
To change the owner or group of a file or other filesystem object, use |
3731 |
<c>chown</c> or <c>chgrp</c>, respectively. Each of these commands takes a name |
3732 |
followed by one or more filenames. |
3733 |
</p> |
3734 |
|
3735 |
<pre caption="Using chown and chgrp commands"> |
3736 |
# <i>chown root /etc/passwd</i> |
3737 |
# <i>chgrp wheel /etc/passwd</i> |
3738 |
</pre> |
3739 |
|
3740 |
<p> |
3741 |
You can also set the owner and group simultaneously with an alternate form of |
3742 |
the <c>chown</c> command: |
3743 |
</p> |
3744 |
|
3745 |
<pre caption="Setting owner and group simultaneously"> |
3746 |
# <i>chown root:wheel /etc/passwd</i> |
3747 |
</pre> |
3748 |
|
3749 |
<p> |
3750 |
You may not use <c>chown</c> unless you are the superuser, but <c>chgrp</c> can |
3751 |
be used by anyone to change the group ownership of a file to a group to which |
3752 |
they belong. |
3753 |
</p> |
3754 |
|
3755 |
</body> |
3756 |
</section> |
3757 |
<section> |
3758 |
<title>Recursive ownership changes</title> |
3759 |
<body> |
3760 |
|
3761 |
<p> |
3762 |
Both <c>chown</c> and <c>chgrp</c> have a -R option that can be used to tell |
3763 |
them to recursively apply ownership and group changes to an entire directory |
3764 |
tree. For example: |
3765 |
</p> |
3766 |
|
3767 |
<pre caption="Using chown and chgrp with -R option"> |
3768 |
# <i>chown -R drobbins /home/drobbins</i> |
3769 |
</pre> |
3770 |
|
3771 |
</body> |
3772 |
</section> |
3773 |
<section> |
3774 |
<title>Introducing chmod</title> |
3775 |
<body> |
3776 |
|
3777 |
<p> |
3778 |
<c>chown</c> and <c>chgrp</c> can be used to change the owner and group of a |
3779 |
filesystem object, but another program -- called <c>chmod</c> -- is used to |
3780 |
change the rwx permissions that we can see in an <c>ls -l</c> listing. |
3781 |
<c>chmod</c> takes two or more arguments: a "mode", describing how the |
3782 |
permissions should be changed, followed by a file or list of files that should |
3783 |
be affected: |
3784 |
</p> |
3785 |
|
3786 |
<pre caption="Adding x permission with chmod"> |
3787 |
$ <i>chmod +x scriptfile.sh</i> |
3788 |
</pre> |
3789 |
|
3790 |
<p> |
3791 |
In the above example, our "mode" is +x. As you might guess, a +x mode tells |
3792 |
<c>chmod</c> to make this particular file executable for both the user and |
3793 |
group and for anyone else. |
3794 |
</p> |
3795 |
|
3796 |
<p> |
3797 |
If we wanted to remove all execute permissions of a file, we'd do this: |
3798 |
</p> |
3799 |
|
3800 |
<pre caption="Removing x permission with chmod"> |
3801 |
$ <i>chmod -x scriptfile.sh</i> |
3802 |
</pre> |
3803 |
|
3804 |
</body> |
3805 |
</section> |
3806 |
<section> |
3807 |
<title>User/group/other granularity</title> |
3808 |
<body> |
3809 |
|
3810 |
<p> |
3811 |
So far, our <c>chmod</c> examples have affected permissions for all three |
3812 |
triplets -- the user, the group, and all others. Often, it's handy to modify |
3813 |
only one or two triplets at a time. To do this, simply specify the symbolic |
3814 |
character for the particular triplets you'd like to modify before the + or - |
3815 |
sign. Use u for the "user" triplet, g for the "group" triplet, and o for the |
3816 |
"other/everyone" triplet: |
3817 |
</p> |
3818 |
|
3819 |
<pre caption="Using triplets"> |
3820 |
$ <i>chmod go-w scriptfile.sh</i> |
3821 |
</pre> |
3822 |
|
3823 |
<p> |
3824 |
We just removed write permissions for the group and all other users, but left |
3825 |
"owner" permissions untouched. |
3826 |
</p> |
3827 |
|
3828 |
</body> |
3829 |
</section> |
3830 |
<section> |
3831 |
<title>Resetting permissions</title> |
3832 |
<body> |
3833 |
|
3834 |
<p> |
3835 |
In addition to flipping permission bits on and off, we can also reset them |
3836 |
altogether. By using the = operator, we can tell <c>chmod</c> that we want the |
3837 |
specified permissions and no others: |
3838 |
</p> |
3839 |
|
3840 |
<pre caption="Flipping permission bits"> |
3841 |
$ <i>chmod =rx scriptfile.sh</i> |
3842 |
</pre> |
3843 |
|
3844 |
<p> |
3845 |
Above, we just set all "read" and "execute" bits, and unset all "write" bits. |
3846 |
If you just want to reset a particular triplet, you can specify the symbolic |
3847 |
name for the triplet before the = as follows: |
3848 |
</p> |
3849 |
|
3850 |
<pre caption="Reseting triplet"> |
3851 |
$ <i>chmod u=rx scriptfile.sh</i> |
3852 |
</pre> |
3853 |
|
3854 |
</body> |
3855 |
</section> |
3856 |
<section> |
3857 |
<title>Numeric modes</title> |
3858 |
<body> |
3859 |
|
3860 |
<p> |
3861 |
Up until now, we've used what are called symbolic modes to specify permission |
3862 |
changes to <c>chmod</c>. However, there's another common way of specifying |
3863 |
permissions: using a 4-digit octal number. Using this syntax, called numeric |
3864 |
permissions syntax, each digit represents a permissions triplet. For example, |
3865 |
in 1777, the 777 sets the "owner", "group", and "other" flags that we've been |
3866 |
discussing in this section. The 1 is used to set the special permissions bits, |
3867 |
which we'll cover later (see "<uri |
3868 |
link="https://www6.software.ibm.com/developerworks/education/l-lpir23/l-lpir23-3-23.html">The |
3869 |
elusive first digit</uri>" at the end of this section). This chart shows how |
3870 |
the second through fourth digits (777) are interpreted: |
3871 |
</p> |
3872 |
|
3873 |
<table> |
3874 |
<tr> |
3875 |
<th>Mode</th> |
3876 |
<th>Digit</th> |
3877 |
</tr> |
3878 |
<tr> |
3879 |
<ti>rwx</ti> |
3880 |
<ti>7</ti> |
3881 |
</tr> |
3882 |
<tr> |
3883 |
<ti>rw-</ti> |
3884 |
<ti>6</ti> |
3885 |
</tr> |
3886 |
<tr> |
3887 |
<ti>r-x</ti> |
3888 |
<ti>5</ti> |
3889 |
</tr> |
3890 |
<tr> |
3891 |
<ti>r--</ti> |
3892 |
<ti>4</ti> |
3893 |
</tr> |
3894 |
<tr> |
3895 |
<ti>-wx</ti> |
3896 |
<ti>3</ti> |
3897 |
</tr> |
3898 |
<tr> |
3899 |
<ti>-w-</ti> |
3900 |
<ti>2</ti> |
3901 |
</tr> |
3902 |
<tr> |
3903 |
<ti>--x</ti> |
3904 |
<ti>1</ti> |
3905 |
</tr> |
3906 |
<tr> |
3907 |
<ti>---</ti> |
3908 |
<ti>0</ti> |
3909 |
</tr> |
3910 |
</table> |
3911 |
|
3912 |
</body> |
3913 |
</section> |
3914 |
<section> |
3915 |
<title>Numeric permission syntax</title> |
3916 |
<body> |
3917 |
|
3918 |
<p> |
3919 |
Numeric permission syntax is especially useful when you need to specify all |
3920 |
permissions for a file, such as in the following example: |
3921 |
</p> |
3922 |
|
3923 |
<pre caption="Adding numeric permission"> |
3924 |
$ <i>chmod 0755 scriptfile.sh</i> |
3925 |
$ <i>ls -l scriptfile.sh</i> |
3926 |
-rwxr-xr-x 1 drobbins drobbins 0 Jan 9 17:44 scriptfile.sh |
3927 |
</pre> |
3928 |
|
3929 |
<p> |
3930 |
In this example, we used a mode of 0755, which expands to a complete |
3931 |
permissions setting of -rwxr-xr-x. |
3932 |
</p> |
3933 |
|
3934 |
</body> |
3935 |
</section> |
3936 |
<section> |
3937 |
<title>The umask</title> |
3938 |
<body> |
3939 |
|
3940 |
<p> |
3941 |
When a process creates a new file, it specifies the permissions that it would |
3942 |
like the new file to have. Often, the mode requested is 0666 (readable and |
3943 |
writable by everyone), which is more permissive that we would like. |
3944 |
Fortunately, Linux consults something called a "umask" whenever a new file is |
3945 |
created. The system uses the umask value to reduce the originally specified |
3946 |
permissions to something more reasonable and secure. You can view your current |
3947 |
umask setting by typing umask at the command line: |
3948 |
</p> |
3949 |
|
3950 |
<pre caption="Viewing current umask"> |
3951 |
$ <i>umask</i> |
3952 |
0022 |
3953 |
</pre> |
3954 |
|
3955 |
<p> |
3956 |
On Linux systems, the umask normally defaults to 0022, which allows others to |
3957 |
read your new files (if they can get to them) but not modify them. |
3958 |
</p> |
3959 |
|
3960 |
<p> |
3961 |
To make new files more secure by default, you can change the umask setting: |
3962 |
</p> |
3963 |
|
3964 |
<pre caption="Changing umask setting"> |
3965 |
$ <i>umask 0077</i> |
3966 |
</pre> |
3967 |
|
3968 |
<p> |
3969 |
This umask will make sure that the group and others will have absolutely no |
3970 |
permissions for any newly created files. So, how does the umask work? Unlike |
3971 |
"regular" permissions on files, the umask specifies which permissions should be |
3972 |
turned off. Let's consult our mode-to-digit mapping table so that we can |
3973 |
understand what a umask of 0077 means: |
3974 |
</p> |
3975 |
|
3976 |
<table> |
3977 |
<tr> |
3978 |
<th>Mode</th> |
3979 |
<th>Digit</th> |
3980 |
</tr> |
3981 |
<tr> |
3982 |
<ti>rwx</ti> |
3983 |
<ti>7</ti> |
3984 |
</tr> |
3985 |
<tr> |
3986 |
<ti>rw-</ti> |
3987 |
<ti>6</ti> |
3988 |
</tr> |
3989 |
<tr> |
3990 |
<ti>r-x</ti> |
3991 |
<ti>5</ti> |
3992 |
</tr> |
3993 |
<tr> |
3994 |
<ti>r--</ti> |
3995 |
<ti>4</ti> |
3996 |
</tr> |
3997 |
<tr> |
3998 |
<ti>-wx</ti> |
3999 |
<ti>3</ti> |
4000 |
</tr> |
4001 |
<tr> |
4002 |
<ti>-w-</ti> |
4003 |
<ti>2</ti> |
4004 |
</tr> |
4005 |
<tr> |
4006 |
<ti>--x</ti> |
4007 |
<ti>1</ti> |
4008 |
</tr> |
4009 |
<tr> |
4010 |
<ti>---</ti> |
4011 |
<ti>0</ti> |
4012 |
</tr> |
4013 |
</table> |
4014 |
|
4015 |
<p> |
4016 |
Using our table, the last three digits of 0077 expand to ---rwxrwx. Now, |
4017 |
remember that the <c>umask</c> tells the system which permissions to disable. |
4018 |
Putting two and two together, we can see that all "group" and "other" |
4019 |
permissions will be turned off, while "user" permissions will remain untouched. |
4020 |
</p> |
4021 |
|
4022 |
</body> |
4023 |
</section> |
4024 |
<section> |
4025 |
<title>Introducing suid and sgid</title> |
4026 |
<body> |
4027 |
|
4028 |
<p> |
4029 |
When you initially log in, a new shell process is started. You already know |
4030 |
that, but you may not know that this new shell process (typically bash) runs |
4031 |
using your user id. As such, the bash program can access all files and |
4032 |
directories that you own. In fact, we as users are totally dependent on other |
4033 |
programs to perform operations on our behalf. Because the programs you start |
4034 |
inherit your user id, they cannot access any filesystem objects for which you |
4035 |
haven't been granted access. |
4036 |
</p> |
4037 |
|
4038 |
<p> |
4039 |
For example, the passwd file cannot be changed by normal users directly, |
4040 |
because the "write" flag is off for every user except root: |
4041 |
</p> |
4042 |
|
4043 |
<pre caption="ls -l /etc/passwd"> |
4044 |
$ <i>ls -l /etc/passwd</i> |
4045 |
-rw-r--r-- 1 root wheel 1355 Nov 1 21:16 /etc/passwd |
4046 |
</pre> |
4047 |
|
4048 |
<p> |
4049 |
However, normal users do need to be able to modify /etc/passwd (at least |
4050 |
indirectly) whenever they need to change their password. But, if the user is |
4051 |
unable to modify this file, how exactly does this work? |
4052 |
</p> |
4053 |
|
4054 |
</body> |
4055 |
</section> |
4056 |
<section> |
4057 |
<title>suid</title> |
4058 |
<body> |
4059 |
|
4060 |
<p> |
4061 |
Thankfully, the Linux permissions model has two special bits called <c>suid</c> |
4062 |
and <c>sgid</c>. When an executable program has the <c>suid</c> bit set, it |
4063 |
will run on behalf of the owner of the executable, rather than on behalf of the |
4064 |
person who started the program. |
4065 |
</p> |
4066 |
|
4067 |
<p> |
4068 |
Now, back to the <path>/etc/passwd</path> problem. If we take a look at the |
4069 |
<c>passwd</c> executable, we can see that it's owned by root: |
4070 |
</p> |
4071 |
|
4072 |
<pre caption="Checking owner of /usr/bin/passwd file"> |
4073 |
$ <i>ls -l /usr/bin/passwd</i> |
4074 |
-rwsr-xr-x 1 root wheel 17588 Sep 24 00:53 /usr/bin/passwd |
4075 |
</pre> |
4076 |
|
4077 |
<p> |
4078 |
You'll also note that in place of an x in the user's permission triplet, |
4079 |
there's an s. This indicates that, for this particular program, the <c>suid</c> |
4080 |
and executable bits are set. Because of this, when <c>passwd</c> runs, it will |
4081 |
execute on behalf of the root user (with full superuser access) rather than |
4082 |
that of the user who ran it. And because <c>passwd</c> runs with root access, |
4083 |
it's able to modify the <path>/etc/passwd</path> file with no problem. |
4084 |
</p> |
4085 |
|
4086 |
</body> |
4087 |
</section> |
4088 |
<section> |
4089 |
<title>suid/sgid caveats</title> |
4090 |
<body> |
4091 |
|
4092 |
<p> |
4093 |
We've seen how <c>suid</c> works, and <c>sgid</c> works in a similar way. It |
4094 |
allows programs to inherit the group ownership of the program rather than that |
4095 |
of the current user. |
4096 |
</p> |
4097 |
|
4098 |
<impo> |
4099 |
Here's some miscellaneous yet important information about <c>suid</c> and |
4100 |
<c>sgid</c>. First, <c>suid</c> and <c>sgid</c> bits occupy the same space as |
4101 |
the x bits in a ls -l listing. If the x bit is also set, the respective bits |
4102 |
will show up as s (lowercase). However, if the x bit is not set, it will show |
4103 |
up as a S (uppercase). |
4104 |
</impo> |
4105 |
|
4106 |
<impo> |
4107 |
Another important note: suid and sgid come in handy in many circumstances, but |
4108 |
improper use of these bits can allow the security of a system to be breached. |
4109 |
It's best to have as few suid programs as possible. The passwd command is one |
4110 |
of the few that must be suid. |
4111 |
</impo> |
4112 |
|
4113 |
</body> |
4114 |
</section> |
4115 |
<section> |
4116 |
<title>Changing suid and sgid</title> |
4117 |
<body> |
4118 |
|
4119 |
<p> |
4120 |
Setting and removing the <c>suid</c> and <c>sgid</c> bits is fairly |
4121 |
straightforward. Here, we set the suid bit: |
4122 |
</p> |
4123 |
|
4124 |
<pre caption="Setting suid bit"> |
4125 |
# <i>chmod u+s /usr/bin/myapp</i> |
4126 |
</pre> |
4127 |
|
4128 |
<p> |
4129 |
And here, we remove the <c>sgid</c> bit from a directory. We'll see how the |
4130 |
<c>sgid</c> bit affects directories in just a few panels: |
4131 |
</p> |
4132 |
|
4133 |
<pre caption="Removing sgid bit"> |
4134 |
# <i>chmod g-s /home/drobbins</i> |
4135 |
</pre> |
4136 |
|
4137 |
</body> |
4138 |
</section> |
4139 |
<section> |
4140 |
<title>Permissions and directories</title> |
4141 |
<body> |
4142 |
|
4143 |
<p> |
4144 |
So far, we've been looking at permissions from the perspective of regular |
4145 |
files. When it comes to directories, things are a bit different. Directories |
4146 |
use the same permissions flags, but they are interpreted to mean slightly |
4147 |
different things. |
4148 |
</p> |
4149 |
|
4150 |
<p> |
4151 |
For a directory, if the "read" flag is set, you may list the contents of the |
4152 |
directory; "write" means you may create files in the directory; and "execute" |
4153 |
means you may enter the directory and access any sub-directories inside. |
4154 |
Without the "execute" flag, the filesystem objects inside a directory aren't |
4155 |
accessible. Without a "read" flag, the filesystem objects inside a directory |
4156 |
aren't viewable, but objects inside the directory can still be accessed as long |
4157 |
as someone knows the full path to the object on disk. |
4158 |
</p> |
4159 |
|
4160 |
</body> |
4161 |
</section> |
4162 |
<section> |
4163 |
<title>Directories and sgid</title> |
4164 |
<body> |
4165 |
|
4166 |
<p> |
4167 |
And, if a directory has the "sgid" flag enabled, any filesystem objects created |
4168 |
inside it will inherit the group of the directory. This particular feature |
4169 |
comes in handy when you need to create a directory tree to be used by a group |
4170 |
of people that all belong to the same group. Simply do this: |
4171 |
</p> |
4172 |
|
4173 |
<pre caption="Creating directory for a group of people"> |
4174 |
# <i>mkdir /home/groupspace</i> |
4175 |
# <i>chgrp mygroup /home/groupspace</i> |
4176 |
# <i>chmod g+s /home/groupspace</i> |
4177 |
</pre> |
4178 |
|
4179 |
<p> |
4180 |
Now, any users in the group mygroup can create files or directories inside |
4181 |
<path>/home/groupspace</path>, and they will be automatically assigned a group |
4182 |
ownership of mygroup as well. Depending on the users' umask setting, new |
4183 |
filesystem objects may or may not be readable, writable, or executable by other |
4184 |
members of the mygroup group. |
4185 |
</p> |
4186 |
|
4187 |
</body> |
4188 |
</section> |
4189 |
<section> |
4190 |
<title>Directories and deletion</title> |
4191 |
<body> |
4192 |
|
4193 |
<p> |
4194 |
By default, Linux directories behave in a way that may not be ideal in all |
4195 |
situations. Normally, anyone can rename or delete a file inside a directory, as |
4196 |
long as they have write access to that directory. For directories used by |
4197 |
individual users, this behavior is usually just fine. |
4198 |
</p> |
4199 |
|
4200 |
<p> |
4201 |
However, for directories that are used by many users, especially |
4202 |
<path>/tmp</path> and <path>/var/tmp</path>, this behavior can be bad news. |
4203 |
Since anyone can write to these directories, anyone can delete or rename anyone |
4204 |
else's files -- even if they don't own them! Obviously, it's hard to use |
4205 |
<path>/tmp</path> for anything meaningful when any other user can type <c>rm |
4206 |
-rf /tmp/*</c> at any time and destroy everyone's files. |
4207 |
</p> |
4208 |
|
4209 |
<p> |
4210 |
Thankfully, Linux has something called the sticky bit. When <path>/tmp</path> |
4211 |
has the sticky bit set (with a <c>chmod +t</c>), the only people who are able |
4212 |
to delete or rename files in <path>/tmp</path> are the directory's owner |
4213 |
(typically root), the file's owner, or root. Virtually all Linux distributions |
4214 |
enable <path>/tmp</path>'s sticky bit by default, but you may find that the |
4215 |
sticky bit comes in handy in other situations. |
4216 |
</p> |
4217 |
|
4218 |
</body> |
4219 |
</section> |
4220 |
<section> |
4221 |
<title>The elusive first digit</title> |
4222 |
<body> |
4223 |
|
4224 |
<p> |
4225 |
And to conclude this section, we finally take a look at the elusive first digit |
4226 |
of a numeric mode. As you can see, this first digit is used for setting the |
4227 |
sticky, <c>suid</c>, and <c>sgid</c> bits: |
4228 |
</p> |
4229 |
|
4230 |
<table> |
4231 |
<tr> |
4232 |
<th>suid</th> |
4233 |
<th>sgid</th> |
4234 |
<th>sticky</th> |
4235 |
<th>mode digit</th> |
4236 |
</tr> |
4237 |
<tr> |
4238 |
<ti>on</ti> |
4239 |
<ti>on</ti> |
4240 |
<ti>on</ti> |
4241 |
<ti>7</ti> |
4242 |
</tr> |
4243 |
<tr> |
4244 |
<ti>on</ti> |
4245 |
<ti>on</ti> |
4246 |
<ti>off</ti> |
4247 |
<ti>6</ti> |
4248 |
</tr> |
4249 |
<tr> |
4250 |
<ti>on</ti> |
4251 |
<ti>off</ti> |
4252 |
<ti>on</ti> |
4253 |
<ti>5</ti> |
4254 |
</tr> |
4255 |
<tr> |
4256 |
<ti>on</ti> |
4257 |
<ti>off</ti> |
4258 |
<ti>off</ti> |
4259 |
<ti>4</ti> |
4260 |
</tr> |
4261 |
<tr> |
4262 |
<ti>off</ti> |
4263 |
<ti>on</ti> |
4264 |
<ti>on</ti> |
4265 |
<ti>3</ti> |
4266 |
</tr> |
4267 |
<tr> |
4268 |
<ti>off</ti> |
4269 |
<ti>on</ti> |
4270 |
<ti>off</ti> |
4271 |
<ti>2</ti> |
4272 |
</tr> |
4273 |
<tr> |
4274 |
<ti>off</ti> |
4275 |
<ti>off</ti> |
4276 |
<ti>on</ti> |
4277 |
<ti>1</ti> |
4278 |
</tr> |
4279 |
<tr> |
4280 |
<ti>off</ti> |
4281 |
<ti>off</ti> |
4282 |
<ti>off</ti> |
4283 |
<ti>0</ti> |
4284 |
</tr> |
4285 |
</table> |
4286 |
|
4287 |
<p> |
4288 |
Here's an example of how to use a 4-digit numeric mode to set permissions for a |
4289 |
directory that will be used by a workgroup: |
4290 |
</p> |
4291 |
|
4292 |
<pre caption="Setting numeric permissions"> |
4293 |
# <i>chmod 1775 /home/groupfiles</i> |
4294 |
</pre> |
4295 |
|
4296 |
<p> |
4297 |
As homework, figure out the meaning of the 1755 numeric permissions setting. :) |
4298 |
</p> |
4299 |
|
4300 |
</body> |
4301 |
</section> |
4302 |
</chapter> |
4303 |
|
4304 |
<chapter> |
4305 |
<title>Linux account managment</title> |
4306 |
<section> |
4307 |
<title>Introducing /etc/passwd</title> |
4308 |
<body> |
4309 |
|
4310 |
<p> |
4311 |
In this section, we'll look at the Linux account management mechanism, starting |
4312 |
with the <path>/etc/passwd</path> file, which defines all the users that exist |
4313 |
on a Linux system. You can view your own <path>/etc/passwd</path> file by |
4314 |
typing less <path>/etc/passwd</path>. |
4315 |
</p> |
4316 |
|
4317 |
<p> |
4318 |
Each line in <path>/etc/passwd</path> defines a user account. Here's an example |
4319 |
line from my <path>/etc/passwd</path> file: |
4320 |
</p> |
4321 |
|
4322 |
<pre caption="/etc/passwd"> |
4323 |
drobbins:x:1000:1000:Daniel Robbins:/home/drobbins:/bin/bash |
4324 |
</pre> |
4325 |
|
4326 |
<p> |
4327 |
As you can see, there is quite a bit of information on this line. In fact, each |
4328 |
<path>/etc/passwd</path> line consists of multiple fields, each separated by a |
4329 |
:. |
4330 |
</p> |
4331 |
|
4332 |
<p> |
4333 |
The first field defines the username (drobbins)), and the second field contains |
4334 |
an x. On ancient Linux systems, this field contained an encrypted password to |
4335 |
be used for authentication, but virtually all Linux systems now store this |
4336 |
password information in another file. |
4337 |
</p> |
4338 |
|
4339 |
<p> |
4340 |
The third field (1000) defines the numeric user id associated with this |
4341 |
particular user, and the fourth field (1000) associates this user with a |
4342 |
particular group; in a few panels, we'll see where group 1000 is defined. |
4343 |
</p> |
4344 |
|
4345 |
<p> |
4346 |
The fifth field contains a textual description of this account -- in this case, |
4347 |
the user's name. The sixth field defines this user's home directory, and the |
4348 |
seventh field specifies the user's default shell -- the one that will be |
4349 |
automatically started when this user logs in. |
4350 |
</p> |
4351 |
|
4352 |
</body> |
4353 |
</section> |
4354 |
<section> |
4355 |
<title>/etc/passwd tips and tricks</title> |
4356 |
<body> |
4357 |
|
4358 |
<p> |
4359 |
You've probably noticed that there are many more user accounts defined in |
4360 |
<path>/etc/passwd</path> than actually log in to your system. This is because |
4361 |
various Linux components use user accounts to enhance security. Typically, |
4362 |
these system accounts have a user id ("uid") of under 100, and many of them |
4363 |
will have something like /bin/false listed as a default shell. Since the |
4364 |
<path>/bin/false</path> program does nothing but exit with an error code, this |
4365 |
effectively prevents these accounts from being used as login accounts -- they |
4366 |
are for internal use only. |
4367 |
</p> |
4368 |
|
4369 |
</body> |
4370 |
</section> |
4371 |
<section> |
4372 |
<title>/etc/shadow</title> |
4373 |
<body> |
4374 |
|
4375 |
<p> |
4376 |
So, user accounts themselves are defined in <path>/etc/passwd</path>. Linux |
4377 |
systems contain a companion file to <path>/etc/passwd</path> that's called |
4378 |
<path>/etc/shadow</path>. This file, unlike <path>/etc/passwd</path>, is |
4379 |
readable only by root and contains encrypted password information. Let's look |
4380 |
at a sample line from <path>/etc/shadow</path>: |
4381 |
</p> |
4382 |
|
4383 |
<pre caption="/etc/shadow"> |
4384 |
drobbins:$1$1234567890123456789012345678901:11664:0:-1:-1:-1:-1:0 |
4385 |
</pre> |
4386 |
|
4387 |
<p> |
4388 |
Each line defines password information for a particular account, and again, |
4389 |
each field is separated by a :. The first field defines the particular user |
4390 |
account with which this shadow entry is associated. The second field contains |
4391 |
an encrypted password. The remaining fields are described in the following |
4392 |
table: |
4393 |
</p> |
4394 |
|
4395 |
<table> |
4396 |
<tr> |
4397 |
<ti>field 3</ti> |
4398 |
<ti># of days since 1/1/1970 that the password was modified</ti> |
4399 |
</tr> |
4400 |
<tr> |
4401 |
<ti>field 4</ti> |
4402 |
<ti> |
4403 |
# of days before password will be allowed to be changed (0 for "change |
4404 |
anytime") |
4405 |
</ti> |
4406 |
</tr> |
4407 |
<tr> |
4408 |
<ti>field 5</ti> |
4409 |
<ti> |
4410 |
# of days before system will force user to change to a new password (-1 |
4411 |
for "never") |
4412 |
</ti> |
4413 |
</tr> |
4414 |
<tr> |
4415 |
<ti>field 6</ti> |
4416 |
<ti> |
4417 |
# of days before password expires that user will be warned about |
4418 |
expiration (-1 for "no warning") |
4419 |
</ti> |
4420 |
</tr> |
4421 |
<tr> |
4422 |
<ti>field 7</ti> |
4423 |
<ti> |
4424 |
# of days after password expiration that this account is automatically |
4425 |
# disabled by the system (-1 for "never disable") |
4426 |
</ti> |
4427 |
</tr> |
4428 |
<tr> |
4429 |
<ti>field 8</ti> |
4430 |
<ti> |
4431 |
# of days that this account has been disabled (-1 for "this account is |
4432 |
enabled") |
4433 |
</ti> |
4434 |
</tr> |
4435 |
<tr> |
4436 |
<ti>field 9</ti> |
4437 |
<ti>Reserved for future use</ti> |
4438 |
</tr> |
4439 |
</table> |
4440 |
|
4441 |
</body> |
4442 |
</section> |
4443 |
<section> |
4444 |
<title>/etc/group</title> |
4445 |
<body> |
4446 |
|
4447 |
<p> |
4448 |
Next, we take a look at the <path>/etc/group</path> file, which defines all the |
4449 |
groups on a Linux system. Here's a sample line: |
4450 |
</p> |
4451 |
|
4452 |
<pre caption="/etc/group"> |
4453 |
drobbins:x:1000: |
4454 |
</pre> |
4455 |
|
4456 |
<p> |
4457 |
The <path>/etc/group</path> field format is as follows. The first field defines |
4458 |
the name of the group; the second field is a vestigial password field that now |
4459 |
simply holds an x, and the third field defines the numeric group id of this |
4460 |
particular group. The fourth field (empty in the above example) defines any |
4461 |
users that are members of this group. |
4462 |
</p> |
4463 |
|
4464 |
<p> |
4465 |
You'll recall that our sample <path>/etc/passwd</path> line referenced a group |
4466 |
id of 1000. This has the effect of placing the drobbins user in the drobbins |
4467 |
group, even though the drobbins username isn't listed in the fourth field of |
4468 |
<path>/etc/group</path>. |
4469 |
</p> |
4470 |
|
4471 |
</body> |
4472 |
</section> |
4473 |
<section> |
4474 |
<title>Group notes</title> |
4475 |
<body> |
4476 |
|
4477 |
<p> |
4478 |
A note about associating users with groups: on some systems, you'll find that |
4479 |
every new login account is associated with an identically named (and usually |
4480 |
identically numbered) group. On other systems, all login accounts will belong |
4481 |
to a single users group. The approach that you use on the system(s) you |
4482 |
administrate is up to you. Creating matching groups for each user has the |
4483 |
advantage of allowing users to more easily control access to their own files by |
4484 |
placing trusted friends in their personal group. |
4485 |
</p> |
4486 |
|
4487 |
</body> |
4488 |
</section> |
4489 |
<section> |
4490 |
<title>Adding a user and group by hand</title> |
4491 |
<body> |
4492 |
|
4493 |
<p> |
4494 |
Now, I'll show you how to create your own user and group account. The best way |
4495 |
to learn how to do this is to add a new user to the system manually. To begin, |
4496 |
first make sure that your EDITOR environment variable is set to your favorite |
4497 |
text editor: |
4498 |
</p> |
4499 |
|
4500 |
<pre caption="Checking favorite text editor variable"> |
4501 |
# <i>echo $EDITOR</i> |
4502 |
vim |
4503 |
</pre> |
4504 |
|
4505 |
<p> |
4506 |
If it isn't, you can set EDITOR by typing something like: |
4507 |
</p> |
4508 |
|
4509 |
<pre caption="Setting EDITOR variable"> |
4510 |
# <i>export EDITOR=/usr/bin/emacs</i> |
4511 |
# <i>vipw</i> |
4512 |
</pre> |
4513 |
|
4514 |
<p> |
4515 |
You should now find yourself in your favorite text editor with the |
4516 |
<path>/etc/passwd</path> file loaded up on the screen. When modifying system |
4517 |
<path>passwd</path> and <path>group</path> files, it's very important to use |
4518 |
the <c>vipw</c> and <c>vigr</c> commands. They take extra precautions to ensure |
4519 |
that your critical <path>passwd</path> and <path>group</path> files are locked |
4520 |
properly so they don't become corrupted. |
4521 |
</p> |
4522 |
|
4523 |
</body> |
4524 |
</section> |
4525 |
<section> |
4526 |
<title>Editing /etc/passwd</title> |
4527 |
<body> |
4528 |
|
4529 |
<p> |
4530 |
Now that you have the <path>/etc/passwd</path> file up, go ahead and add the |
4531 |
following line: |
4532 |
</p> |
4533 |
|
4534 |
<pre caption="/etc/passwd"> |
4535 |
testuser:x:3000:3000:LPI tutorial test user:/home/testuser:/bin/false |
4536 |
</pre> |
4537 |
|
4538 |
<p> |
4539 |
We've just added a "testuser" user with a UID of 3000. We've added him to a |
4540 |
group with a GID of 3000, which we haven't created just yet. Alternatively, we |
4541 |
could have assigned this user to the GID of the users group if we wanted. This |
4542 |
new user has a comment that reads LPI tutorial test user; the user's home |
4543 |
directory is set to <path>/home/testuser</path>, and the user's shell is set to |
4544 |
<path>/bin/false</path> for security purposes. If we were creating an non-test |
4545 |
account, we would set the shell to <path>/bin/bash</path>. OK, go ahead and |
4546 |
save your changes and exit. |
4547 |
</p> |
4548 |
|
4549 |
</body> |
4550 |
</section> |
4551 |
<section> |
4552 |
<title>Editing /etc/shadow</title> |
4553 |
<body> |
4554 |
|
4555 |
<p> |
4556 |
Now, we need to add an entry in <path>/etc/shadow</path> for this particular |
4557 |
user. To do this, type <c>vipw -s</c>. You'll be greeted with your favorite |
4558 |
editor, which now contains the <path>/etc/shadow</path> file. Now, go ahead and |
4559 |
copy the line of an existing user account (one that has a password and is |
4560 |
longer than the standard system account entries): |
4561 |
</p> |
4562 |
|
4563 |
<pre caption="/etc/shadow"> |
4564 |
drobbins:$1$1234567890123456789012345678901:11664:0:-1:-1:-1:-1:0 |
4565 |
</pre> |
4566 |
|
4567 |
<p> |
4568 |
Now, change the username on the copied line to the name of your new user, and |
4569 |
ensure that all fields (particularly the password aging ones) are set to your |
4570 |
liking: |
4571 |
</p> |
4572 |
|
4573 |
<pre caption="Modifed /etc/shadow"> |
4574 |
testuser:$1$1234567890123456789012345678901:11664:0:-1:-1:-1:-1:0 |
4575 |
</pre> |
4576 |
|
4577 |
<p> |
4578 |
Now, save and exit. |
4579 |
</p> |
4580 |
|
4581 |
</body> |
4582 |
</section> |
4583 |
<section> |
4584 |
<title>Setting a password</title> |
4585 |
<body> |
4586 |
|
4587 |
<p> |
4588 |
You'll be back at the prompt. Now, it's time to set a password for your new |
4589 |
user: |
4590 |
</p> |
4591 |
|
4592 |
<pre caption="Setting password for new user"> |
4593 |
# <i>passwd testuser</i> |
4594 |
Enter new UNIX password: <comment>(enter a password for testuser)</comment> |
4595 |
Retype new UNIX password: <comment>(enter testuser's new password again)</comment> |
4596 |
</pre> |
4597 |
|
4598 |
</body> |
4599 |
</section> |
4600 |
<section> |
4601 |
<title>Editing /etc/group</title> |
4602 |
<body> |
4603 |
|
4604 |
<p> |
4605 |
Now that <path>/etc/passwd</path> and <path>/etc/shadow</path> are set up, it's |
4606 |
now time to get <path>/etc/group</path> configured properly. To do this, type: |
4607 |
</p> |
4608 |
|
4609 |
<pre caption="Configuring /etc/group"> |
4610 |
# <i>vigr</i> |
4611 |
</pre> |
4612 |
|
4613 |
<p> |
4614 |
Your <path>/etc/group</path> file will appear in front of you, ready for |
4615 |
editing. Now, if you chose to assign a default group of users for your |
4616 |
particular test user, you do not need to add any groups to |
4617 |
<path>/etc/groups</path>. However, if you chose to create a new group for this |
4618 |
user, go ahead and add the following line: |
4619 |
</p> |
4620 |
|
4621 |
<pre caption="Adding new group manually"> |
4622 |
testuser:x:3000: |
4623 |
</pre> |
4624 |
|
4625 |
<p> |
4626 |
Now save and exit. |
4627 |
</p> |
4628 |
|
4629 |
</body> |
4630 |
</section> |
4631 |
<section> |
4632 |
<title>Creating a home directory</title> |
4633 |
<body> |
4634 |
|
4635 |
<p> |
4636 |
We're nearly done. Type the following commands to create testuser's home |
4637 |
directory: |
4638 |
</p> |
4639 |
|
4640 |
<pre caption="Creating home directory"> |
4641 |
# <i>cd /home</i> |
4642 |
# <i>mkdir testuser</i> |
4643 |
# <i>chown testuser.testuser testuser</i> |
4644 |
# <i>chmod o-rwx testuser</i> |
4645 |
</pre> |
4646 |
|
4647 |
<p> |
4648 |
Our user's home directory is now in place and the account is ready for use. |
4649 |
Well, almost ready. If you'd like to use this account, you'll need to use vipw |
4650 |
to change testuser's default shell to <path>/bin/bash</path> so that the user |
4651 |
can log in. |
4652 |
</p> |
4653 |
|
4654 |
</body> |
4655 |
</section> |
4656 |
<section> |
4657 |
<title>Account admin utils</title> |
4658 |
<body> |
4659 |
|
4660 |
<p> |
4661 |
Now that you know how to add a new account and group by hand, let's review the |
4662 |
various time-saving account administration utilities available under Linux. Due |
4663 |
to space constraints, we won't cover a lot of detail describing these commands. |
4664 |
Remember that you can always get more information about a command by viewing |
4665 |
the command's man page. If you are planning to take the LPIC 101 exam, you |
4666 |
should spend some time getting familiar with each of these commands. |
4667 |
</p> |
4668 |
|
4669 |
<p> |
4670 |
newgrp |
4671 |
</p> |
4672 |
|
4673 |
<p> |
4674 |
By default, any files that a user creates are assigned to the user's group |
4675 |
specified in <path>/etc/passwd</path>. If the user belongs to other groups, he |
4676 |
or she can type newgrp thisgroup to set current default group membership to the |
4677 |
group thisgroup. Then, any new files created will inherit thisgroup membership. |
4678 |
</p> |
4679 |
|
4680 |
<table> |
4681 |
<tr> |
4682 |
<ti><c>chage</c></ti> |
4683 |
<ti> |
4684 |
The <c>chage</c> command is used to view and change the password aging |
4685 |
setting stored in <path>/etc/shadow</path>. |
4686 |
</ti> |
4687 |
</tr> |
4688 |
<tr> |
4689 |
<ti><c>gpasswd</c></ti> |
4690 |
<ti>A general-purpose group administration tool.</ti> |
4691 |
</tr> |
4692 |
<tr> |
4693 |
<ti><c>groupadd</c>/<c>groupdel</c>/<c>groupmod</c></ti> |
4694 |
<ti>Used to add/delete/modify groups in <path>/etc/group</path></ti> |
4695 |
</tr> |
4696 |
<tr> |
4697 |
<ti><c>useradd</c>/<c>userdel</c>/<c>usermod</c></ti> |
4698 |
<ti> |
4699 |
Used to add/delete/modify users in <path>/etc/passwd</path>. These commands |
4700 |
also perform various other convenience functions. See the man pages for |
4701 |
more information. |
4702 |
</ti> |
4703 |
</tr> |
4704 |
<tr> |
4705 |
<ti><c>pwconv</c>/<c>grpconv</c></ti> |
4706 |
<ti> |
4707 |
Used to convert <path>passwd</path> and <path>group</path> files to |
4708 |
"new-style" shadow passwords. Virtually all Linux systems already use |
4709 |
shadow passwords, so you should never need to use these commands. |
4710 |
</ti> |
4711 |
</tr> |
4712 |
</table> |
4713 |
|
4714 |
</body> |
4715 |
</section> |
4716 |
</chapter> |
4717 |
|
4718 |
<chapter> |
4719 |
<title>Tuning the user environment</title> |
4720 |
<section> |
4721 |
<title>Introducing "fortune"</title> |
4722 |
<body> |
4723 |
|
4724 |
<p> |
4725 |
Your shell has many useful options that you can set to fit your personal |
4726 |
preferences. So far, however, we haven't discussed any way to have these |
4727 |
settings set up automatically every time you log in, except for re-typing them |
4728 |
each time. In this section we will look at tuning your login environment by |
4729 |
modifying startup files. |
4730 |
</p> |
4731 |
|
4732 |
<p> |
4733 |
First, let's add a friendly message for when you first log in. To see an |
4734 |
example message, run <c>fortune</c>: |
4735 |
</p> |
4736 |
|
4737 |
<pre caption="Running fortune command"> |
4738 |
$ <i>fortune</i> |
4739 |
No amount of careful planning will ever replace dumb luck. |
4740 |
</pre> |
4741 |
|
4742 |
</body> |
4743 |
</section> |
4744 |
<section> |
4745 |
<title>.bash_profile</title> |
4746 |
<body> |
4747 |
|
4748 |
<p> |
4749 |
Now, let's set up <c>fortune</c> so that it gets run every time you log in. Use |
4750 |
your favorite text editor to edit a file named <path>.bash_profile</path> in |
4751 |
your home directory. If the file doesn't exist already, go ahead and create it. |
4752 |
Insert a line at the top: |
4753 |
</p> |
4754 |
|
4755 |
<pre caption="~/.bash_profile"> |
4756 |
fortune |
4757 |
</pre> |
4758 |
|
4759 |
<p> |
4760 |
Try logging out and back in. Unless you're running a display manager like xdm, |
4761 |
gdm, or kdm, you should be greeted cheerfully when you log in: |
4762 |
</p> |
4763 |
|
4764 |
<pre caption="Results of fortune command in .bash_profile file"> |
4765 |
mycroft.flatmonk.org login: chouser |
4766 |
Password: |
4767 |
Freedom from incrustations of grime is contiguous to rectitude. |
4768 |
$ |
4769 |
</pre> |
4770 |
|
4771 |
</body> |
4772 |
</section> |
4773 |
<section> |
4774 |
<title>The login shell</title> |
4775 |
<body> |
4776 |
|
4777 |
<p> |
4778 |
When bash started, it walked through the <path>.bash_profile</path> file in |
4779 |
your home directory, running each line as though it had been typed at a bash |
4780 |
prompt. This is called sourcing the file. |
4781 |
</p> |
4782 |
|
4783 |
<p> |
4784 |
Bash acts somewhat differently depending on how it is started. If it is started |
4785 |
as a login shell, it will act as it did above -- first sourcing the system-wide |
4786 |
<path>/etc/profile</path>, and then your personal <path>~/.bash_profile</path>. |
4787 |
</p> |
4788 |
|
4789 |
<p> |
4790 |
There are two ways to tell bash to run as a login shell. One way is used when |
4791 |
you first log in: bash is started with a process name of -bash. You can see |
4792 |
this in your process listing: |
4793 |
</p> |
4794 |
|
4795 |
<pre caption="Process listing"> |
4796 |
$ <i>ps u</i> |
4797 |
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND |
4798 |
chouser 404 0.0 0.0 2508 156 tty2 S 2001 0:00 -bash |
4799 |
</pre> |
4800 |
|
4801 |
<p> |
4802 |
You will probably see a much longer listing, but you should have at least one |
4803 |
COMMAND with a dash before the name of your shell, like -bash in the example |
4804 |
above. This dash is used by the shell to determine if it's being run as a login |
4805 |
shell. |
4806 |
</p> |
4807 |
|
4808 |
</body> |
4809 |
</section> |
4810 |
<section> |
4811 |
<title>Understanding --login</title> |
4812 |
<body> |
4813 |
|
4814 |
<p> |
4815 |
The second way to tell bash to run as a login shell is with the <c>--login</c> |
4816 |
command-line option. This is sometimes used by terminal emulators (like xterm) |
4817 |
to make their bash sessions act like initial login sessions. |
4818 |
</p> |
4819 |
|
4820 |
<p> |
4821 |
After you have logged in, more copies of your shell will be run. Unless they |
4822 |
are started with <c>--login</c> or have a dash in the process name, these |
4823 |
sessions will not be login shells. If they give you a prompt, however, they are |
4824 |
called interactive shells. If bash is started as interactive, but not login, it |
4825 |
will ignore <path>/etc/profile</path> and <path>~/.bash_profile</path> and will |
4826 |
instead source <path>~/.bashrc</path>. |
4827 |
</p> |
4828 |
|
4829 |
<table> |
4830 |
<tr> |
4831 |
<th>interactive</th> |
4832 |
<th>login</th> |
4833 |
<th>profile</th> |
4834 |
<th>rc</th> |
4835 |
</tr> |
4836 |
<tr> |
4837 |
<ti>yes</ti> |
4838 |
<ti>yes</ti> |
4839 |
<ti>source</ti> |
4840 |
<ti>ignore</ti> |
4841 |
</tr> |
4842 |
<tr> |
4843 |
<ti>yes</ti> |
4844 |
<ti>no</ti> |
4845 |
<ti>ignore</ti> |
4846 |
<ti>source</ti> |
4847 |
</tr> |
4848 |
<tr> |
4849 |
<ti>no</ti> |
4850 |
<ti>yes</ti> |
4851 |
<ti>source</ti> |
4852 |
<ti>ignore</ti> |
4853 |
</tr> |
4854 |
<tr> |
4855 |
<ti>no</ti> |
4856 |
<ti>no</ti> |
4857 |
<ti>ignore</ti> |
4858 |
<ti>ignore</ti> |
4859 |
</tr> |
4860 |
</table> |
4861 |
|
4862 |
</body> |
4863 |
</section> |
4864 |
<section> |
4865 |
<title>Testing for interactivity</title> |
4866 |
<body> |
4867 |
|
4868 |
<p> |
4869 |
Sometimes bash sources your <path>~/.bashrc</path>, even though it isn't really |
4870 |
interactive, such as when using commands like rsh and scp. This is important to |
4871 |
keep in mind because printing out text, like we did with the fortune command |
4872 |
earlier, can really mess up these non-interactive bash sessions. It's a good |
4873 |
idea to use the PS1 variable to detect whether the current shell is truly |
4874 |
interactive before printing text from a startup file: |
4875 |
</p> |
4876 |
|
4877 |
<pre caption="Testing PS1 varibale"> |
4878 |
if [ -n "$PS1" ]; then |
4879 |
fortune |
4880 |
fi |
4881 |
</pre> |
4882 |
|
4883 |
</body> |
4884 |
</section> |
4885 |
<section> |
4886 |
<title>/etc/profile and /etc/skel</title> |
4887 |
<body> |
4888 |
|
4889 |
<p> |
4890 |
As a system administrator, you are in charge of <path>/etc/profile</path>. |
4891 |
Since it is sourced by everyone when they first log in, it is important to keep |
4892 |
it in working order. It is also a powerful tool in making things work correctly |
4893 |
for new users as soon as they log into their new account. |
4894 |
</p> |
4895 |
|
4896 |
<p> |
4897 |
However, there are some settings that you may want new users to have as |
4898 |
defaults, but also allow them to change easily. This is where the |
4899 |
<path>/etc/skel</path> directory comes in. When you use the <c>useradd</c> |
4900 |
command to create a new user account, it copies all the files from |
4901 |
<path>/etc/skel</path> into the user's new home directory. That means you can |
4902 |
put helpful <path>.bash_profile</path> and <path>.bashrc</path> files in |
4903 |
<path>/etc/skel</path> to get new users off to a good start. |
4904 |
</p> |
4905 |
|
4906 |
</body> |
4907 |
</section> |
4908 |
<section> |
4909 |
<title>export</title> |
4910 |
<body> |
4911 |
|
4912 |
<p> |
4913 |
Variables in bash can be marked so that they are set the same in any new shells |
4914 |
that it starts; this is called being marked for export. You can have bash list |
4915 |
all of the variables that are currently marked for export in your shell |
4916 |
session: |
4917 |
</p> |
4918 |
|
4919 |
<pre caption="results of export command"> |
4920 |
$ <i>export</i> |
4921 |
declare -x EDITOR="vim" |
4922 |
declare -x HOME="/home/chouser" |
4923 |
declare -x MAIL="/var/spool/mail/chouser" |
4924 |
declare -x PAGER="/usr/bin/less" |
4925 |
declare -x PATH="/bin:/usr/bin:/usr/local/bin:/home/chouser/bin" |
4926 |
declare -x PWD="/home/chouser" |
4927 |
declare -x TERM="xterm" |
4928 |
declare -x USER="chouser" |
4929 |
</pre> |
4930 |
|
4931 |
</body> |
4932 |
</section> |
4933 |
<section> |
4934 |
<title>Marking variables for export</title> |
4935 |
<body> |
4936 |
|
4937 |
<p> |
4938 |
If a variable is not marked for export, any new shells that it starts will not |
4939 |
have that variable set. However, you can mark a variable for export by passing |
4940 |
it to the <c>export</c> built-in: |
4941 |
</p> |
4942 |
|
4943 |
<pre caption="Marking variable for export"> |
4944 |
$ <i>FOO=foo</i> |
4945 |
$ <i>BAR=bar</i> |
4946 |
$ <i>export BAR</i> |
4947 |
$ <i>echo $FOO $BAR</i> |
4948 |
foo bar |
4949 |
$ <i>bash</i> |
4950 |
$ <i>echo $FOO $BAR</i> |
4951 |
bar |
4952 |
</pre> |
4953 |
|
4954 |
<p> |
4955 |
In this example, the variables FOO and BAR were both set, but only BAR was |
4956 |
marked for export. When a new bash was started, it had lost the value for FOO. |
4957 |
If you exit this new bash, you can see that the original one still has values |
4958 |
for both FOO and BAR: |
4959 |
</p> |
4960 |
|
4961 |
<pre caption="Checking settings in original bash"> |
4962 |
$ <i>exit</i> |
4963 |
$ <i>echo $FOO $BAR</i> |
4964 |
foo bar |
4965 |
</pre> |
4966 |
|
4967 |
</body> |
4968 |
</section> |
4969 |
<section> |
4970 |
<title>Export and set -x</title> |
4971 |
<body> |
4972 |
|
4973 |
<p> |
4974 |
Because of this behavior, variables can be set in <path>~/.bash_profile</path> |
4975 |
or <path>/etc/profile</path> and marked for export, and then never need to be |
4976 |
set again. There are some options that cannot be exported, however, and so they |
4977 |
must be put in put in your <path>~/.bashrc</path> and your <e>profile</e> in |
4978 |
order to be set consistently. These options are adjusted with the set built-in: |
4979 |
</p> |
4980 |
|
4981 |
<pre caption="Using set command"> |
4982 |
$ <i>set -x</i> |
4983 |
</pre> |
4984 |
|
4985 |
<p> |
4986 |
The <c>-x</c> option causes bash to print out each command it is about to run: |
4987 |
</p> |
4988 |
|
4989 |
<pre caption="Checking results of -x option"> |
4990 |
$ <i>echo $FOO</i> |
4991 |
$ <i>echo foo</i> |
4992 |
foo |
4993 |
</pre> |
4994 |
|
4995 |
<p> |
4996 |
This can be very useful for understanding unexpected quoting behavior or |
4997 |
similar strangeness. To turn off the <c>-x</c> option, do <c>set +x</c>. See |
4998 |
the bash man page for all of the options to the set built-in. |
4999 |
</p> |
5000 |
|
5001 |
</body> |
5002 |
</section> |
5003 |
<section> |
5004 |
<title>Setting variables with "set"</title> |
5005 |
<body> |
5006 |
|
5007 |
<p> |
5008 |
The <c>set</c> built-in can also be used for setting variables, but when used |
5009 |
that way, it is optional. The bash command <c>set FOO=foo</c> means exactly the |
5010 |
same as <c>FOO=foo</c>. Un-setting a variable is done with the <c>unset</c> |
5011 |
built-in: |
5012 |
</p> |
5013 |
|
5014 |
<pre caption="Un-setting variable"> |
5015 |
$ <i>FOO=bar</i> |
5016 |
$ <i>echo $FOO</i> |
5017 |
bar |
5018 |
$ <i>unset FOO</i> |
5019 |
$ <i>echo $FOO</i> |
5020 |
</pre> |
5021 |
|
5022 |
</body> |
5023 |
</section> |
5024 |
<section> |
5025 |
<title>Unset vs. FOO=</title> |
5026 |
<body> |
5027 |
|
5028 |
<p> |
5029 |
This is <e>not</e> the same as setting a variable to nothing, although it is |
5030 |
sometimes hard to tell the difference. One way to tell is to use the <c>set</c> |
5031 |
built-in with no parameters to list all current variables: |
5032 |
</p> |
5033 |
|
5034 |
<pre caption="Comparison of unset and FOO="> |
5035 |
$ <i>FOO=bar</i> |
5036 |
$ <i>set | grep ^FOO</i> |
5037 |
FOO=bar |
5038 |
$ <i>FOO=</i> |
5039 |
$ <i>set | grep ^FOO</i> |
5040 |
FOO= |
5041 |
$ <i>unset FOO</i> |
5042 |
$ <i>set | grep ^FOO</i> |
5043 |
</pre> |
5044 |
|
5045 |
<p> |
5046 |
Using <c>set</c> with no parameters like this is similar to using the |
5047 |
<c>export</c> built-in, except that <c>set</c> lists all variables instead of |
5048 |
just those marked for export. |
5049 |
</p> |
5050 |
|
5051 |
</body> |
5052 |
</section> |
5053 |
<section> |
5054 |
<title>Exporting to change command behavior</title> |
5055 |
<body> |
5056 |
|
5057 |
<p> |
5058 |
Often, the behavior of commands can be altered by setting environment |
5059 |
variables. Just as with new bash sessions, other programs that are started from |
5060 |
your bash prompt will only be able to see variables that are marked for export. |
5061 |
For example, the command <c>man</c> checks the variable PAGER to see what |
5062 |
program to use to step through the text one page at a time. |
5063 |
</p> |
5064 |
|
5065 |
<pre caption="Exporting PAGER variable"> |
5066 |
$ <i>PAGER=less</i> |
5067 |
$ <i>export PAGER</i> |
5068 |
$ <i>man man</i> |
5069 |
</pre> |
5070 |
|
5071 |
<p> |
5072 |
With PAGER set to <c>less</c>, you will see one page at a time, and pressing |
5073 |
the space bar moves on to the next page. If you change PAGER to <c>cat</c>, the |
5074 |
text will be displayed all at once, without stopping. |
5075 |
</p> |
5076 |
|
5077 |
<pre caption="Setting PAGER variable to cat"> |
5078 |
$ <i>PAGER=cat</i> |
5079 |
$ <i>man man</i> |
5080 |
</pre> |
5081 |
|
5082 |
</body> |
5083 |
</section> |
5084 |
<section> |
5085 |
<title>Using "env"</title> |
5086 |
<body> |
5087 |
|
5088 |
<p> |
5089 |
Unfortunately, if you forget to set PAGER back to <c>less</c>, <c>man</c> (as |
5090 |
well as some other commands) will continue to display all their text without |
5091 |
stopping. If you wanted to have PAGER set to <c>cat</c> just once, you could |
5092 |
use the <c>env</c> command: |
5093 |
</p> |
5094 |
|
5095 |
<pre caption="Using env command to set variable"> |
5096 |
$ <i>PAGER=less</i> |
5097 |
$ <i>env PAGER=cat man man</i> |
5098 |
$ <i>echo $PAGER</i> |
5099 |
less |
5100 |
</pre> |
5101 |
|
5102 |
<p> |
5103 |
This time, PAGER was exported to <c>man</c> with a value of <c>cat</c>, but the |
5104 |
PAGER variable itself remained unchanged in the bash session. |
5105 |
</p> |
5106 |
|
5107 |
</body> |
5108 |
</section> |
5109 |
</chapter> |
5110 |
|
5111 |
<chapter> |
5112 |
<title>Summary and resources</title> |
5113 |
<section> |
5114 |
<title>Summary</title> |
5115 |
<body> |
5116 |
|
5117 |
<p> |
5118 |
Congratulations on finishing Part 3 of this tutorial series! At this point, you |
5119 |
should know how to locate information in system and Internet documentation, and |
5120 |
you should have a good grasp of the Linux permissions model, user account |
5121 |
management, and login environment tuning. |
5122 |
</p> |
5123 |
|
5124 |
</body> |
5125 |
</section> |
5126 |
<section id="resources"> |
5127 |
<title>Resources</title> |
5128 |
<body> |
5129 |
|
5130 |
<p> |
5131 |
Be sure to check out the various Linux documentation resources covered in this |
5132 |
tutorial -- particularly the <uri link="http://www.tldp.org/">Linux |
5133 |
Documentation Project</uri>. You'll find its collection of guides, HOWTOs, |
5134 |
FAQs, and man pages to be invaluable. Be sure to check out <uri |
5135 |
link="http://www.tldp.org/LDP/LG/current/">Linux Gazette</uri> and <uri |
5136 |
link="http://www.tldp.org/linuxfocus/index.html">LinuxFocus</uri> as well. |
5137 |
</p> |
5138 |
|
5139 |
<p> |
5140 |
The <uri link="http://www.tldp.org/guides.html">Linux System Administrators |
5141 |
guide</uri> (available from the "Guides" section at www.tldp.org) is a good |
5142 |
complement to this series of tutorials -- give it a read! You may also find |
5143 |
Eric S. Raymond's <uri |
5144 |
link="http://www.tldp.org/HOWTO/Unix-and-Internet-Fundamentals-HOWTO/">Unix and |
5145 |
Internet Fundamentals HOWTO</uri> to be helpful. |
5146 |
</p> |
5147 |
|
5148 |
<p> |
5149 |
You can read the GNU Project's online documentation for the GNU info system |
5150 |
(also called "texinfo") at <uri |
5151 |
link="http://www.gnu.org/manual/texinfo/index.html">GNU's texinfo documentation |
5152 |
page</uri>. |
5153 |
</p> |
5154 |
|
5155 |
<p> |
5156 |
Browse the <uri link="http://www.tldp.org/links/#ng">Linux newsgroup list</uri> |
5157 |
on the LDP site, and the newsgroup archives at <uri |
5158 |
link="http://groups.google.com/googlegroups/deja_announcement.html">Deja |
5159 |
News</uri>. |
5160 |
</p> |
5161 |
|
5162 |
<p> |
5163 |
In the Bash by example article series on developerWorks, Daniel shows you how |
5164 |
to use bash programming constructs to write your own bash scripts. This bash |
5165 |
series (particularly Parts 1 and 2) is good preparation for the LPIC Level 1 |
5166 |
exam and reinforces the concepts covered in this tutorial's "Tuning the user |
5167 |
environment" section: |
5168 |
</p> |
5169 |
|
5170 |
<ul> |
5171 |
<li> |
5172 |
<uri link="/doc/en/articles/bash-by-example-p1.xml">Bash by example, Part |
5173 |
1: Fundamental programming in the Bourne-again shell</uri> |
5174 |
</li> |
5175 |
<li> |
5176 |
<uri link="/doc/en/articles/bash-by-example-p2.xml">Bash by example, Part |
5177 |
2: More bash programming fundamentals</uri> |
5178 |
</li> |
5179 |
<li> |
5180 |
<uri link="/doc/en/articles/bash-by-example-p3.xml">Bash by example, Part |
5181 |
3: Exploring the ebuild system.</uri> |
5182 |
</li> |
5183 |
</ul> |
5184 |
|
5185 |
<p> |
5186 |
We highly recommend the <uri |
5187 |
link="http://www-106.ibm.com/developerworks/linux/library/l-faq/">Technical FAQ |
5188 |
by Linux Users</uri> by Mark Chapman, a 50-page in-depth list of |
5189 |
frequently-asked Linux questions, along with detailed answers. The FAQ itself |
5190 |
is in PDF (Adobe Acrobat) format. If you're a beginning or intermediate Linux |
5191 |
user, you really owe it to yourself to check this FAQ out. We also recommend |
5192 |
the <uri |
5193 |
link="http://www-106.ibm.com/developerworks/linux/library/l-gloss/index.html">Linux |
5194 |
glossary for Linux users</uri>, also from Mark. |
5195 |
</p> |
5196 |
|
5197 |
<p> |
5198 |
If you're not familiar with the vi editor, check out Daniel's <uri |
5199 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxvi-i.html">Vi intro |
5200 |
-- the cheat sheet method tutorial</uri>. This tutorial will give you a gentle |
5201 |
yet fast-paced introduction to this powerful text editor. Consider this |
5202 |
must-read material if you don't know how to use vi. |
5203 |
</p> |
5204 |
|
5205 |
<p> |
5206 |
For an intro to the Emacs editor, see the developerWorks tutorial, <uri |
5207 |
link="http://www-106.ibm.com/developerworks/edu/l-dw-linuxemacs-i.html">Living |
5208 |
in Emacs</uri>. |
5209 |
</p> |
5210 |
|
5211 |
</body> |
5212 |
</section> |
5213 |
<section> |
5214 |
<title>Feedback</title> |
5215 |
<body> |
5216 |
|
5217 |
<p> |
5218 |
Please let us know whether this tutorial was helpful to you and how we could |
5219 |
make it better. We'd also like to hear about other tutorial topics you'd like |
5220 |
to see covered in developerWorks tutorials. |
5221 |
</p> |
5222 |
|
5223 |
<p> |
5224 |
For questions about the content of this tutorial, contact the authors: |
5225 |
</p> |
5226 |
|
5227 |
<ul> |
5228 |
<li>Daniel Robbins, at <mail>drobbins@g.o</mail></li> |
5229 |
<li>Chris Houser, at <mail>chouser@g.o</mail></li> |
5230 |
<li>Aron Griffis, at <mail>agriffis@g.o</mail>.</li> |
5231 |
</ul> |
5232 |
|
5233 |
</body> |
5234 |
</section> |
5235 |
</chapter> |
5236 |
</guide> |
5237 |
|
5238 |
|
5239 |
|
5240 |
-- |
5241 |
gentoo-doc-cvs@g.o mailing list |