Transcript Advanced Linux - Welcome To Saint Remy.net and The
Unit L4 - Advanced Linux
CIS-116 SUNY Ulster Karl Wick
Handout
Unix Commands for Managing Files and Directories
Command Description Example
pwd cd mkdir rmdir ls Print current 'working' directory Change to different directory Make a new directory Remove (erase) a directory touch cp rm mv cat List contents of a Directory Create a new empty file or update timestamp of an existing file copy file to a new location or file name Remove (delete) a file Rename a file and/or move to new location Display contents of a file to the screen cat >
filename
cat >>
filename
Copy std input to a file. Note: Destructive Append std input to a files contents less more file zcat Display contents of a file page by page Display contents of a file page by page Display info about a file (filetype) Display contents of a compressed file pwd cd /home/student mkdir /home/student/lessons rmdir /home/student/lessons ls ls /home also dir touch testfile cp testfile testfile.backup
rm testfile.backup
mv testfile testfile.copy
cat /etc/printcap cat > newfile cat >> newfile less /etc/termcap more newfile file /sbin/lilo zcat /tmp/report.gz
File Properties
• Several properties are associated with each file in Linux • • Recall the
ls – l
directory listing command • • The first piece of information about a file shows these properties.
-rw-r--r- There are ten ‘slots’ Recall that Linux is a multiuser OS
File Properties (2)
• • • • All files and directories are owned by the person (account) that created them.
Each person may belong to a ‘workgroup’.
Other unrelated users may be on the network.
The owner of a file can set file permissions for • the owner • • the group others
File Properties (3)
• • Permissions fall into three categories • read • write • execute (does not apply to all files, of course) The permissions field • type, owner rwx, group rwx, others rwx • • - type means a file d type means a directory rwx means permitted, - means not permitted
File Properties (4)
• • -rwxr-xr- • • • • This is a file means: The owner can read, write and execute the file Group members can read and execute the file Other users can only read the file dwrx----- • • means: This is a directory Only the owner can read or write or execute
Changing Permissions
• The owner of a file can change permissions by using the
chmod
command.
• Root can
chmod
any file or directory on the system.
• chmod u|g|o|a +|-|= r|w|x filename • • •
u user + add g group - remove o others a all = the only permission r read access w write access x execute access
•
chmod u+rw roadtrip.txt
Another way
• • • • You can call up chmod with integer values • r = 4 • w = 2 • • x = 1 - = 0 chmod 644 weekend.txt is the same as chmod u+rw weekend.txt; chmod g+rw weekend.txt; chmod o+r weekend.txt
Try it and ls –l to see the new permissions
An example
• • • • • • From the student account and directory /home/student Create a text file (of any text) and save it Type these lines:
chmod a –rwx newfile.txt
(Remove all permissions)
cat newfile.txt
(you will get a message – “Permission Denied”)
chmod u +rw newfile.txt
(Restore permissions to the owner)
cat newfile.txt
Note: The restrictions do not apply to root Permissions are a security feature It is not a good idea to use 666 or 777 permissions
Common Settings
• • • • • • • • • • -rw------ -rw-r--r- -rwx----- (600) Owner read & write permission (644) Owner read & write, group & others read only (700) Owner has all permissions, group & others none -rwxr-xr-x (755) Owner has all permissions, group and others read and execute -rwx--x--x (711) Owner has all permissions, group & others exe -rw-rw-rw (666) Everyone can read and write -rwxrwxrwx (777) Everyone can read, write, and execute drwx------ (700) Directory. Only owner can read and write drwxr-xr-x (755) Directory. Owner can write, all can read NOTE: execute for a directory means listing capability
Default Permissions
• • • • • • For most Linux systems the default permissions of rw-r- r-- are used whenever you create a file.
The default permission settings are contained in a file accessed at bootup by the
umask
command.
Type umask and you will see the default permissions.
umask REMOVES permissions Type umask +rw-rw-rw- or umask 000 Type umask –w--w--w or umask 222 to remove write permissions.
Monitoring the System
Memory and Disk Usage
free, vmstat, ps
• • •
free
• • • Displays the status of RAM and VRAM Mem: refers to RAM Swap: refers to virtual RAM (the swap file) Too little RAM will cause ‘thrashing’ (constantly moving information from RAM to VRAM)
vmstat
Provides detailed information about swap file usage. The output is cryptic. See
man
.
• swap file, free, buffer size, cache size, swap in and out statistics, cpu: user, system and idle processes.
ps
Lists all running processes by number and user.
Real Time System Status
•
top
Displays the most processor intensive processes in real time. Updates about every 5 seconds.
• • • Type
top
and watch the screen Type
to exit top
top
Interactive Comands
N P T
Checking HD usage
•
df
• df –m Filesystem /dev/hda6 /dev/hda1 /dev/hdb5 /dev/hda5 Shows 1k blocks allocated, used, available for all mounted filesystems.
Same but displayed in megabytes. Try –h too 1M-blocks 5921 38 375 1969 Used 79 4 1 1479 Available 5542 32 355 390 Use% Mounted on 2% / 10% /boot 1% /tmp 80% /usr • You can specify a single filesystem too:
df /dev/hda5
Checking HD Usage
•
du
• • • du –b du –a du –h Summarizes disk usage by 512 byte blocks size in bytes all files not just directories human readable
Stopping a Process
• • • • • Type ps
Try kill –s kill [pid] If you kill a process that the OS needs, the system may crash.
LILO and configuring LILO
• • • • LILO loads Linux at bootup. It can also load other OSs. LILO is a boot manager.
LILO configuration options are stored in the file /etc/lilo.conf They can be changed with a text editor.
After making changes, you MUST save lilo.conf and run lilo to write the changes to the MBR of the hard disk.
lilo.conf can store more than one image and boot to a menu.
A Typical lilo.conf File
boot=/dev/had map=/boot/map install=/boot/boot.b
prompt timeout=50 message=/boot/message image=/boot/vmlinuz-2.4.2-2 label=linux root=/dev/hda3 read-only password=passwrd other=/dev/hda1 label=dos table=dev/hda Where LILO is installed optional line - default optional line - default Prompt? (For multiple boot systems) In 1/10 ths of a second to default image default is the first image found in file default image type linux to start additional image type dos to start
More Administrative Tasks
(admin chapter 8)
Managing Accounts
• • • • Types of Accounts • root The administrator / Superuser • Regular Users • Non-Regular Users used by programs Account Groups • Each user belongs to a primary group • A user can belong to a secondary group • Groups can be assigned permissions Type
more /etc/passwd
to see all users including usernames created by programs. Root will be first, regular users will be last.
etc/passwd
• root:x:0:0:root:/root:/bin/bash • Fields are separated by colons Account name : Password (x means in /etc/shadow file : User ID : Group ID : Real Name : Home Directory : Default shell • It is possible to edit in a text editor but not advisable due to some security measures not allowing the changes.
G r o u p s
/etc/group
• • • root : x : 0 : root bin : x : 1 : root,bin,daemon Fields are separated by colons Name of Group : Group Password (may be blank, or x {stored elsewhere}) : Group ID : group members separated by commas.
Security
• In early versions of Linux the user passwords were stored in
/etc/passwd
. • • This file is available to most users.
/etc/shadow
is where passwords are now stored and is accessible only to
root.
Passwords
• • Changing • Run
passwd
Recovery • • • • mount root partition, edit /etc/passwd file to remove the root password edit /etc/shadow file, if used reboot
passwd
Options for root
• • • -l -u lock and unlock the account (root may access) by adding ! to the beginning of the pw.
-S status of account password.
These work with some versions of Linux • • • • -n -x -w -I set min # days between pw changes set max # days pw remains valid set #days before warning PW about to expire set #days after pw expires before acct. is locked.
/etc/shadow
• Again, the entries are delimited by colons.
root:$1$uBxqh7wl$oklXHuoBjHH7JmiVdk/fQ : 10815 : 0 : 99999 : 7 : : : Account name that MUST correspond with a user account in /etc/passwd. : Encrypted password : password security information follows. • New users have !! in the password field (Tackett & Burnett 5 th Que p290)
Checking passwd & shadow
• •
pwck
will check on the consistency & validity of the
/etc/passwd
and
/etc/shadow
files.
•
pwck
also warns of any account that does not have a password.
grpck
will check on the consistency & validity of the /
etc/group
and
/etc/gshadow
files.
Creating New User Accounts
• • • • • • • Log in as root Type
useradd username
chfn username
and update
finger
information.
to add personal info
useradd –D
will show the default settings These are stored in /etc/default/useradd There are many options that may be used with the
useradd
command.
(See /etc/login.defs and man for detailed info.)
-c -d -e -f -g -G -n -s -u Full Name or Comment Home Directory Acct. Expiration Date Days until acct disabled if Password expires Primary Group Additional Groups Disables Private Group Feature Sets user’s login shell Force a specific User ID number useradd –c “Karl Wick” kwick useradd –d /usr/home kwick useradd –r 03/25/02 kwick user add –f 7 kwick useradd –g ops kwick OR –g
GID
# kwick useradd –G teamlead,party,cis kwick -m Forces creation of home directory useradd –m kwick (even if no default set) -M Does not create a home directory useradd –M kwick (even if default is set) useradd –n kwick useradd –s /bin/zsh kwick useradd –u 252 kwick
Removing Users
1.
2.
3.
Remove login capability (temporary. Maybe user is away on vacation): Edit /etc/passwd or /etc/shadow and put a * at the beginning of the PW field. The account stays intact.
Remove user but keep files: Edit /etc/passwd and /etc/shadow files by removing user name. OR run
userdel
username
. Change file ownership and location with chown and mv a) b) c)
d)
Remove user and home files:
userdel –r username
a) Remove entry from password files. OR b) erase all files in home directory
find homedir –exec rm{}
c) Erase user’s home directory
rmdir homedir
d) don’t forget other files such as e-mail alias files.
Notes about
useradd
options
1.
If a name (ie option –c) contains a space you must enter it between double quotes so that Linux doesn’t think that it is two field variables 2.
3.
You can combine options on one line.
useradd –g sales –c “Phred The Wonder Dog” phred 4.
useradd –D
options
will change the defaults. All of the options on the previous slide are permitted
useradd –D –s /bin/csh
You can edit
/etc/default/useradd
in a text editor.
Simple example
•
useradd student2 –p cis116
• Adds the user named “student2” and specifies the password to be “cis116”
Creating New Groups
• • • • Use the
groupadd groupname
(preferred) or edit
/etc/group
command in a text editor.
The –g option will specify a particular group number for the new group.
Do not assign two groups with the same number because Unix will consider them the same.
ex: •
groupadd –g 900 managers
•
groupadd students
Modifying User Accounts
• •
usermod options username usermod
• • uses the same options as usermod –c “Liz Osowski” lizw
useradd
usermod –l lizo –d /home/lizo lizw Changes home directory to look for. Make sure that the home directory actually exists!
Modifying Groups
• Use
groupmod [-g GID] [-n group_name] group
• • -g GID is numerical group number.
-n group_name will change from group to this.
Deleting A Group
• • Edit the /etc/group file by removing the pertinent line.
• Reassign all files with the old group ID to a new group ID.
find / -gid group-id find users_home_dir – exec chgrp newgroup {} \;
Keeping track of users
•
Simply typing
from the root account will provide a list of all users logged onto the system.
•
It will tell you:
• • • their login date or time their CPU usage their last command
Banner Messages
• Stored in the file /etc/motd • Edit the file and save it or create the file with
cat > /etc/motd
if it does not exist.
• Reboot and the message will appear immediately after a successful login.
Bonus: GUI to Text and Back
• From text mode enter
startx
to activate the GUI.
• From the GUI type
• From text mode type
• You can switch back and forth.
This page intentionally Left Almost Blank!