About This Book.................................................................................................................................................1

Chapter 2. Overview of a Linux System...........................................................................................................7

Chapter 4. Hardware, Devices, and Tools......................................................................................................22

Chapter 4. Hardware, Devices, and Tools

Chapter 5. Using Disks and Other Storage Media.........................................................................................25

Chapter 6. Memory Management...................................................................................................................52

Chapter 7. System Monitoring.........................................................................................................................58

Chapter 9. init....................................................................................................................................................70

Chapter 10. Logging In And Out

Chapter 11. Managing user accounts..............................................................................................................79

Chapter 12. Backups.........................................................................................................................................83

Chapter 14. Keeping Time...............................................................................................................................91

Chapter 15. System Logs −−To Be Added......................................................................................................98

Chapter 18. Finding Help

Appendix A. GNU Free Documentation License.........................................................................................105

Glossary (DRAFT, but not for long hopefully)............................................................................................111

Glossary (DRAFT, but not for long hopefully)

needed to get the system working. A word processor is an application; mount is a system program. The

When the system is shut down, it is init that is in charge of killing all other processes, unmounting all

Logins from terminals (via serial lines) and the console (when not running X) are provided by the getty

reads the username and runs the loginprogram, which reads the password. If the username and password are

because the username and password didn't match, init notices this and starts a new instance of getty. The

this is syslog . It can be configured to sort the messages to different files according to writer or degree of

wishes to execute and the times they should be executed. The cron daemon takes care of starting the

The at service is similar to cron, but it is once only: the command is executed at the given time, but it is not

bandwidth. It is therefore not possible to run a separate getty for each possible virtual connection. There are

recommended you use ssh rather than telnet or rlogin.

Network logins have, instead of a herd of gettys, a single daemon per way of logging in (telnet and ssh have

instance works similarly to getty.

and varied (mail user agent (MUA) , e.g., pine , or evolution . The mailboxes are usually stored in

Figure 3−1. Parts of a Unix directory tree. Dashed lines indicate partition limits.

limit can be passed with logical block addressing (LBA). See the lilo manual page for more details.

about each user. The format is documented in the passwd manual page.

by swapon −a . See Section 5.10.7 and the mount manual page for more information. Also fstab

Output by getty before the login prompt. Usually contains a short description or welcoming message

by the mount command. Used when a list of mounted filesystems is needed, e.g., by the df command.

Configuration file for the login command. The login.defs file usually has a manual page in

this file. ftpd, is the server process that provides FTP services for a machine, will check that the user's

usually uses a special program to send the files to be printed (usually lpr ). This program makes sure that only

exist, using ls or another suitable command. In the output of ls −l, the first column contains the type of the file

Floppies are formatted with fdformat . The floppy device file to use is given as the parameter. For example,

device with setfdprm first. To achieve the same effect as above, one would have to do the following:

or, if syslog is being used, to the file /var/log/messages. fdformat itself won't tell where the error is

The badblocks command can be used to search any disk or partition for bad blocks (including a floppy). It

The programs called by mkfs have slightly different command line interfaces. The common and most

The −c option is more convenient than a separate use of badblocks, but badblocks is necessary for checking

Table 5−1. Comparing Filesystem Features

Figure 5−3. Three separate filesystems.

behalf. Furthermore sudo can be configured to only allow users to execute certain commands. See the

Make the users use mtools, a package for manipulating MS−DOS filesystems, without mounting

mount. This allows e2fsck (the version of fsck for the ext2 filesystem) to avoid checking the filesystem if the

works every time you use e2fsck. It has to be explicitly bypassed with an option to e2fsck to be avoided. (See

the e2fsck man page for details on how.)

The automatic checking only works for the filesystems that are mounted automatically at boot time. Use fsck

fsck must only be run on unmounted filesystems, never on mounted filesystems (with the exception of the

If badblocks reports a block that was already used, e2fsck will try to move the block to another place. If the

catastrophes, for example if update or its helper process bdflush dies, or if you must turn off power now and

cousin apropos is also very useful when you don't know what the name of the command you want is.

debugfs is a filesystem debugger. It allows direct access to the filesystem data structures stored on disk and

can thus be used to repair a disk that is so broken that fsck can't fix it automatically. It has also been known to

it. Many floppies are used in a tape−drive emulating fashion, so that a tar (tape archive) or other file is written

the tar file format is the same on all systems, while filesystems are different on most systems. You will

is /dev/hda. To have iostat print this out for you, use the −x.

grep for the name of the filesystem to see who is using it.

Or like the df I can use the −h and get the same output in "human−readable" form.

Unless you specify a filename du will act recursively.

If you just want a summary of that directory you can use the −s option.

The easiest way to see who is on the system is to do a who or w. The −−> who is a simple tool that lists out

want to see what they are doing? We could to a ps −u aweeks and get the following output

runlevels

action

process

Different versions of getty are run differently. Consult your manual page, and make sure it is the correct

one for each terminal or dial−in line. For more details, see the manual pages init, inittab, and getty.

If a command fails when it starts, and init is configured to restart it, it will use a lot of system resources:

init starts it, it fails, init starts it, it fails, init starts it, it fails, and so on, ad infinitum. To prevent this, init will

A run level is a state of init and the whole system that defines what system services are operating. Run levels

Table 9−1. Run level numbers

You can ask init to go to a non−default run level at startup by giving the kernel a command line argument of

While the system is running, the telinit command can change the run level. When the run level is changed,

init runs the relevant command from /etc/inittab.

The /etc/inittab has some special features that allow init to react to special circumstances. These

Allows init to shut the system down, when the power fails. This assumes the use of a UPS, and

software that watches the UPS and informs init that the power is off.

Allows init to reboot the system, when the user presses ctrl−alt−del on the console keyboard. Note

for a few administrative tasks, such as running fsck on a /usr partition, since this requires that the partition

A running system can be taken to single user mode by using telinit to request run level 1. At bootup, it can be

command line to init as well, and init understands from that word that it shouldn't use the default run level.

Booting into single user mode is sometimes necessary so that one can run fsck by hand, before anything

starts a new getty for the terminal.

complicated to notice when a terminal becomes active. getty also adapts to the speed and other settings of the

There are several versions of getty and init in use, all with their good and bad points. It is a good idea to learn

to search them). If you don't have dial−ins, you probably don't have to worry about getty, but init is still

relatives. login checks for this file, and will refuse to accept a login if it exists. If it does exist, login outputs

cleaned regularly, for example by having a weekly cron job to clear it. The last command browses wtmp.

and have moved the passwords to /etc/shadow. Sites with many computers that share the accounts use NIS or

guessed. The crack program can be used to crack passwords; any password it can find is by definition not a

good one. While crack can be run by intruders, it can also be run by the system administrator to avoid bad

passwords. Good passwords can also be enforced by the passwd program; this is in fact more effective in

available. Two command line alternatives are adduser and useradd; there may be a GUI tool as well.

Note that tar always reads the backup volume sequentially, so for large volumes it is rather slow. It is not

tar doesn't handle deleted files properly. If you need to restore a filesystem from a full and an incremental

Figure 12−1. A sample multilevel backup schedule.

Table 12−1. Efficient backup scheme using many backup levels

dump has built−in support for backup levels. For tar and cpio it must be implemented with shell scripts.

The date command shows the current date and time. For example:

DST'' (which might be East European Daylight Savings Time). date can also show the universal time:

date is also used to set the kernel's software clock:

versions of cron can handle this correctly, but you should still be careful. Big jumps or backward jumps are

option, set the new time with date and clock (in that order), but be prepared to reboot, if some part of the

Another method would be to use either hwclock −w or hwclock −−systohc to sync the hardware clock to the

software clock. If you want to sync your software clock to your hardware clock then you would use hwclock

−s or hwclock −−hwtosys. For more information on this command read man hwclock.

Many people get the idea that instead of running the NTP daemon, they should just setup a cron job job to

periodically run the ntpdate command. There are 2 main disadvantages of using using this method.

The first is that ntpdate does a "brute force" method of changing the time. So if your computer's time is off

There are a number of utilities available to check if NTP is doing it's job. The ntpq −p command will print

The ntpdc −c loopinfo will display how far off the system time is in seconds, based upon the last time the

A slightly more different version of ntpdc −c kerninfo is ntptime

Sample Invariant Sections list

booting

emergency boot floppy

filesystem

full backup

geometry

high level formatting

iSCSI

kernel