Unit L4 - Advanced Linux

CIS-116SUNY Ulster

Karl Wick

Handout

Command Description Example

pwd Print current 'working' directory pwdcd Change to different directory cd /home/studentmkdir Make a new directory mkdir /home/student/lessonsrmdir Remove (erase) a directory rmdir /home/student/lessonsls List contents of a Directory ls ls /home also dir

touchCreate a new empty file or update timestamp of an existing file touch testfile

cp copy file to a new location or file name cp testfile testfile.backuprm Remove (delete) a file rm testfile.backupmv Rename a file and/or move to new location mv testfile testfile.copycat Display contents of a file to the screen cat /etc/printcapcat > filename Copy std input to a file. Note: Destructive cat > newfilecat >> filename Append std input to a files contents cat >> newfileless Display contents of a file page by page less /etc/termcapmore Display contents of a file page by page more newfilefile Display info about a file (filetype) file /sbin/lilozcat Display contents of a compressed file zcat /tmp/report.gz

Unix Commands for Managing Files and Directories

File Properties

• Several properties are associated with each file in Linux

• Recall the ls – l directory listing command• The first piece of information about a file

shows these properties.• -rw-r--r-- There are ten ‘slots’• Recall that Linux is a multiuser OS

File Properties (2)

• All files and directories are owned by the person (account) that created them.

• Each person may belong to a ‘workgroup’.• Other unrelated users may be on the network.• The owner of a file can set file permissions for

• the owner• the group• others

File Properties (3)

• Permissions fall into three categories• read• write• execute (does not apply to all files, of course)

• The permissions field• type, owner rwx, group rwx, others rwx• - type means a file d type means a directory• rwx means permitted, - means not permitted

File Properties (4)

• -rwxr-xr-- means:• This is a file• The owner can read, write and execute the file• Group members can read and execute the file• Other users can only read the file

• dwrx------ means:• This is a directory• Only the owner can read or write or execute

Changing Permissions

• The owner of a file can change permissions by using the chmod command.

• Root can chmod any file or directory on the system.

• chmod u|g|o|a +|-|= r|w|x filename• u user g group o others a all• + add - remove = the only permission• r read access w write access x execute access

• chmod u+rw roadtrip.txt

Another way

• You can call up chmod with integer values• r = 4• w = 2• x = 1• - = 0

• chmod 644 weekend.txt is the same as• chmod u+rw weekend.txt; chmod g+rw

weekend.txt; chmod o+r weekend.txt• Try it and ls –l to see the new permissions

An example• From the student account and directory /home/student• Create a text file (of any text) and save it• Type these lines:

chmod a –rwx newfile.txt (Remove all permissions)cat newfile.txt (you will get a message – “Permission Denied”)chmod u +rw newfile.txt (Restore permissions to the owner)cat newfile.txt

• Note: The restrictions do not apply to root• Permissions are a security feature• It is not a good idea to use 666 or 777 permissions

Common Settings

• -rw------- (600) Owner read & write permission• -rw-r--r-- (644) Owner read & write, group & others read only• -rwx------ (700) Owner has all permissions, group & others none• -rwxr-xr-x (755) Owner has all permissions, group and others

read and execute• -rwx--x--x (711) Owner has all permissions, group & others exe• -rw-rw-rw (666) Everyone can read and write• -rwxrwxrwx (777) Everyone can read, write, and execute• drwx------ (700) Directory. Only owner can read and write• drwxr-xr-x (755) Directory. Owner can write, all can read• NOTE: execute for a directory means listing capability

Default Permissions

• For most Linux systems the default permissions of rw-r--r-- are used whenever you create a file.

• The default permission settings are contained in a file accessed at bootup by the umask command.

• Type umask and you will see the default permissions.• umask REMOVES permissions• Type umask +rw-rw-rw- or umask 000• Type umask –w--w--w or umask 222 to remove write

permissions.

Monitoring the System

Memory and Disk Usage

free, vmstat, ps

• free Displays the status of RAM and VRAM• Mem: refers to RAM• Swap: refers to virtual RAM (the swap file)• Too little RAM will cause ‘thrashing’ (constantly moving

information from RAM to VRAM)• vmstat Provides detailed information about swap file

usage. The output is cryptic. See man.• swap file, free, buffer size, cache size, swap in and out statistics,

cpu: user, system and idle processes.• ps Lists all running processes by number and user.

Real Time System Status

• top Displays the most processor intensive processes in real time. Updates about every 5 seconds.

• Type top <enter> and watch the screen• Type <j> a few times and watch the screen• Type <q> to exit top

top Interactive Comands

<space> update now ^L redraw screenk kill a process by ID i ignore idlen, # number of processes to viewq quit many toggles for displaysNsort by PID A sort by ageP sort by CPU useage M sort by mem useT sort by time W write to ~/.toprc

Checking HD usage• df Shows 1k blocks allocated, used, available for all mounted filesystems.• df –m Same but displayed in megabytes. Try –h too

• You can specify a single filesystem too: df /dev/hda5Filesystem 1M-blocks Used Available Use% Mounted on

/dev/hda6 5921 79 5542 2% /

/dev/hda1 38 4 32 10% /boot

/dev/hdb5 375 1 355 1% /tmp

/dev/hda5 1969 1479 390 80% /usr

Checking HD Usage

• du Summarizes disk usage by 512 byte blocks

• du –b size in bytes• du –aall files not just directories• du –h human readable

Stopping a Process

• Type ps <enter> to see all running processes• Type kill [processid#] or kill [processname]• If multiple instances of the same (name)

process are running, these commands may not work.

• Try kill –s kill [pid]• If you kill a process that the OS needs, the

system may crash.

LILO and configuring LILO

• LILO loads Linux at bootup. It can also load other OSs. LILO is a boot manager.

• LILO configuration options are stored in the file /etc/lilo.conf They can be changed with a text editor.

• After making changes, you MUST save lilo.conf and run lilo to write the changes to the MBR of the hard disk.

• lilo.conf can store more than one image and boot to a menu.

A Typical lilo.conf Fileboot=/dev/had Where LILO is installedmap=/boot/map optional line - defaultinstall=/boot/boot.b optional line - defaultprompt Prompt? (For multiple boot systems)timeout=50 In 1/10ths of a second to default imagemessage=/boot/message default is the first image found in file

image=/boot/vmlinuz-2.4.2-2 default imagelabel=linux type linux to startroot=/dev/hda3read-onlypassword=passwrd

other=/dev/hda1 additional imagelabel=dos type dos to starttable=dev/hda

More Administrative Tasks

(admin chapter 8)

Managing Accounts

• Types of Accounts• root - The administrator / Superuser• Regular Users• Non-Regular Users - used by programs

• Account Groups• Each user belongs to a primary group• A user can belong to a secondary group• Groups can be assigned permissions

• Type more /etc/passwd to see all users including usernames created by programs.

• Root will be first, regular users will be last.

etc/passwd

• root:x:0:0:root:/root:/bin/bash

• Fields are separated by colonsAccount name : Password (x means in /etc/shadow file :User ID : Group ID : Real Name : Home Directory :Default shell

• It is possible to edit in a text editor but not advisable due to some security measures not allowing the changes.

Groups

/etc/group

• root : x : 0 : root• bin : x : 1 : root,bin,daemon• Fields are separated by colons

Name of Group : Group Password (may be blank, or x {stored elsewhere}) : Group ID :

group members separated by commas.

Security

• In early versions of Linux the user passwords were stored in /etc/passwd.

• This file is available to most users.• /etc/shadow is where passwords are now

stored and is accessible only to root.

Passwords

• Changing• Run passwd

• Recovery• mount root partition, • edit /etc/passwd file to remove the root password• edit /etc/shadow file, if used • reboot

passwd Options for root

• -l -u lock and unlock the account (root may access) by adding ! to the beginning of the pw.

• -S status of account password.• These work with some versions of Linux

• -n set min # days between pw changes• -x set max # days pw remains valid• -w set #days before warning PW about to expire• -I set #days after pw expires before acct. is locked.

/etc/shadow

• Again, the entries are delimited by colons.root:$1$uBxqh7wl$oklXHuoBjHH7JmiVdk/fQ : 10815 : 0 : 99999 : 7 : : :Account name that MUST correspond with a user

account in /etc/passwd. : Encrypted password : password security information follows.

• New users have !! in the password field

(Tackett & Burnett 5th Que p290)

Checking passwd & shadow

• pwck will check on the consistency & validity of the /etc/passwd and /etc/shadow files.

• pwck also warns of any account that does not have a password.

• grpck will check on the consistency & validity of the /etc/group and /etc/gshadow files.

Creating New User Accounts

• Log in as root• Type useradd username <enter>• If required, run chfn username to add personal info

and update finger information.• useradd –D will show the default settings• These are stored in /etc/default/useradd• There are many options that may be used with the

useradd command.• (See /etc/login.defs and man for detailed info.)

-c Full Name or Comment useradd –c “Karl Wick” kwick

-d Home Directory useradd –d /usr/home kwick

-e Acct. Expiration Date useradd –r 03/25/02 kwick

-f Days until acct disabled if Password expires

user add –f 7 kwick

-g Primary Group useradd –g ops kwick OR –g GID# kwick

-G Additional Groups useradd –G teamlead,party,cis kwick

-m Forces creation of home directory useradd –m kwick (even if no default set)

-M Does not create a home directory useradd –M kwick (even if default is set)

-n Disables Private Group Feature useradd –n kwick

-s Sets user’s login shell useradd –s /bin/zsh kwick

-u Force a specific User ID number useradd –u 252 kwick

Removing Users1. Remove login capability (temporary. Maybe user is away

on vacation): Edit /etc/passwd or /etc/shadow and put a * at the beginning of the PW field. The account stays intact.

2. Remove user but keep files: Edit /etc/passwd and /etc/shadow files by removing user name. OR run userdel username. Change file ownership and location with chown and mv

3. Remove user and home files: userdel –r username OR a) a) Remove entry from password files. b) b) erase all files in home directory find homedir –exec rm{} c) c) Erase user’s home directory rmdir homedir d) d) don’t forget other files such as e-mail alias files.

Notes about useradd options

1. If a name (ie option –c) contains a space you must enter it between double quotes so that Linux doesn’t think that it is two field variables

2. useradd –D options will change the defaults. All of the options on the previous slide are permitted useradd –D –s /bin/csh

3. You can combine options on one line.useradd –g sales –c “Phred The Wonder Dog” phred

4. You can edit /etc/default/useradd in a text editor.

Simple example

• useradd student2 –p cis116

• Adds the user named “student2” and specifies the password to be “cis116”

Creating New Groups

• Use the groupadd groupname command (preferred) or edit /etc/group in a text editor.

• The –g option will specify a particular group number for the new group.

• Do not assign two groups with the same number because Unix will consider them the same.

• ex: • groupadd –g 900 managers• groupadd students

Modifying User Accounts

• usermod options username• usermod uses the same options as useradd

• usermod –c “Liz Osowski” lizw• usermod –l lizo –d /home/lizo lizw Changes

home directory to look for. Make sure that the home directory actually exists!

Modifying Groups

• Use groupmod [-g GID] [-n group_name] group

• -g GID is numerical group number.• -n group_name will change from group to this.

Deleting A Group

• Edit the /etc/group file by removing the pertinent line.

• Reassign all files with the old group ID to a new group ID.

• find / -gid group-id find users_home_dir –exec chgrp newgroup {} \;

Keeping track of users

• Simply typing <w> from the root account will provide a list of all users logged onto the system.

• It will tell you:• their login date or time• their CPU usage• their last command

Banner Messages

• Stored in the file /etc/motd

• Edit the file and save it or create the file with cat > /etc/motd if it does not exist.

• Reboot and the message will appear immediately after a successful login.

Bonus: GUI to Text and Back

• From text mode enter startx to activate the GUI.

• From the GUI type <CTRL-ALT-F2> to enter text mode. You may need to login the first time you do this.

• From text mode type <ALT-F7> to go back to the GUI.

• You can switch back and forth.

This page intentionally Left Almost Blank!