Results 1 to 3 of 3

Thread: Linux LPI 101 - Part II

  1. #1
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424

    Linux LPI 101 - Part II

    Linux LPI 101 - Part II

    I'm assuming you have a fully functional Linux-system (with x installed). I'm playing around with RH8 right now, but most of this tutorial should be the same for the major Linux-distributions.

    This tutorial is based on the structure of the LPI-project.
    There's an attachment this time

    Part II. LPI 101

    2.1. Devices, partitions and filesystems.

    Devices.
    A Linux-system basically only consists of files and processes.
    Interaction between hardware and users takes place like this: hardware --> kernel-driver --> device file --> program. You can find those device files in /dev. To see all the present device-files, type:
    Code:
    [test@localhost test]$ls -la /dev
    /cut/
    crw-rw----    1 root     uucp     105,   0 Aug 31 01:31 ttyV0
    crw-rw-rw-    1 root     tty        3,  97 Aug 31 01:31 ttyv1
    crw-rw----    1 root     uucp     105,   1 Aug 31 01:31 ttyV1
    crw-rw----    1 root     uucp     105,  10 Aug 31 01:31 ttyV10
    /cut/
    [test@localhost test]$
    On RH 8.0, you'll see literally hundreds of devices.
    Some of them are of interest right now:
    - cua0: the first serial port
    - cua1: the second serial port
    - fd0: the first diskdrive
    - hda: the first IDE hard disk
    - hdb: the second IDE hard disk
    - hda1: the first partition on hda
    - null: a 'black hole' (more on that later)
    - random: a device that returns a random number
    - tty1: the first terminal
    - zero: a device that always returns '0'

    Advanced devices.
    There are three kinds of device files: block device, character device, FIFO/named pipe. Let's take a closer look:
    Code:
    crw-rw----    1 root     uucp       5,  64 Aug 31 01:31 cua1
    brw-rw----    1 neg      floppy     2,   0 Aug 31 01:31 fd0
    For cua0, it says c and for fd0 it says b (first character):
    b is for blocked device, meaning it is used for buffered communication. A program using a floppy disk driver probably wants to use a buffer, for it will increase reliability. Someone working on a terminal (cua1) doesn't need/want a buffer: a serial port is a character device, meaning it doesn't use a buffer.
    FIFO (First In First Out) is a special device driver: it is a file that can be used by two programs to communicate with eachother. Fifo is defined by a p.

    Major and minor.
    Now let's take a closer look at the fourth column of our listing (5, 64 and 2, 0). You'd expect to see the size of the file there... not for a device file. The first number is the major device number: it indicates what kernel driver correspondends with the device file. The second number is the minor device number: this number indicates what variant of the driver it is:
    Code:
    [test@localhost test]$ls -l /dev/hda; ls -l /dev/hda1; ls -l /dev/hda2
    brw-rw----    1 root     disk       3,   0 Aug 31 01:31 /dev/hda
    brw-rw----    1 root     disk       3,   1 Aug 31 01:31 /dev/hda1
    brw-rw----    1 root     disk       3,   2 Aug 31 01:31 /dev/hda2
    [test@localhost test]
    All partitions on the first hard disk use the same major device number, but they vary in their minor device number.

    mknod
    mknod allows you to make your own device files. The structure of the command is as follows: mknod name type major minor.
    Code:
    [test@localhost test]mknod /dev/fd0 b 3 0
    [test@localhost test]
    will create /dev/fd0.

    Hard disks.
    For LPI, you're supposed to know how a hard disk works, what IDE and SCSI are, and what partitions are. I'm assuming here you already know that...

    Partitions.
    fdisk is a utility to partition hard disk. It ressembles DOS's fdisk, but is much more extended (ie. you can create DOS-partitions with it, but you can't create Linux-partitions with DOS's fdisk).
    You can only run fdisk as root.

    Warning: fdisk is an extremely powerfull utility: use it with caution - or better yet: leave it alone unless you know exactly what you're doing...

    You start fdisk by typing fdisk, followed by the harddisk you want to partition (hda, hdb,...).

    Filesystems.
    Filesystem types:
    Code:
    [test@localhost test]man fs
    /cut/
    Linux  filesystem  types:  minix, ext, ext2, ext3, xia,
           msdos, umsdos, vfat, proc, nfs, iso9660, hpfs, sysv, smb, ncpfs
    /cut/
    [test@localhost test]
    The Linux filesystems are under constant development: Reisserfs, JFS, XFS, ext3,...

    ext2
    The 'second extended filesystem' is the standard on most Linux-systems. A file uses one or more so-called Inodes. An inode contains the name, the rights and a list of blocks that each contain a part of the file.

    msdos
    The msdos-filesystem is the method MS-DOS uses to store its data (doh). It's not very efficient, but it is a safe file-system.
    It uses File Allocation Tables: every time you save a file, the FAT is updated. Umsdos and vfat are derivates from the msdos-filesystem.

    ISO9660
    ISO9660 is a standard to write information on a cd-rom. Linux supports all the sub-standards as well.

    proc
    A 'weird' one: the filesystem does exist, but it doesn't know files on the hard disk. It rather is a method to communicate with data in the Linux-kernel.
    Code:
    [test@localhost test]cat /proc/filesystems
    odev   rootfs
    nodev   bdev
    nodev   proc
    nodev   sockfs
    nodev   tmpfs
    nodev   shm
    nodev   pipefs
            ext2
    nodev   ramfs
            iso9660
    nodev   devpts
            ext3
    nodev   usbdevfs
    nodev   usbfs
    nodev   autofs
    [test@localhost test]
    mkfs
    mkfs is a command to make filesystems. You'll need to know what partition you want to assign a filesystem to, and what device file comes with it (man mkfs!).

    Filesystems and integrity.
    An extfs2 filesystem does not constantly bring the disk-index up to date (in opposition to DOS).
    You can manually bring it up to date with the sync-command. If your system suddenly fails (power outage,...) though, there will be a difference between the data on your disk and the index that belongs to that disk.

    Checking the filesystem.
    The process to check the filesystem is called a filesystem check.
    The command is fsck. A filesystem check can only be performed on filesystems that are not in use. Since I haven't covered mount/unmount yet, I'm just gonna show you a possible output of the fsck-command.

    Warning: do not run fsck on a mounted drive! It may cause serious damage!
    For ext2-filesystems, there is also the e2fsck-program. This one shows better what's hapening:
    Code:
    [test@localhost test]e2fsck -f /dev/fd0
    e2fsck 1.27 (11-March-2002)for EXT2 FS 0.5b, 99/08/09
    Pass 1: Checking inodes, blocks and sizes
    Pass 2: Checking directory structure
    Pass 3: Checking directory connectivity
    Pass 4: Checking reference counts
    Pass 5: Checking group summary information
    /dev/fd0: 11/184 files (0.0% non-contiguous), 41/1440 blocks
    [test@localhost test]
    Now, what happens if data is found that seems not to be connected to a file? Every filesystem contains a directory called lost + found. All found blocks and inodes are placed in that directory, their name being the number in question. If it concerns a text-file, you might be able to recover some data.

    Checking capacity.
    df
    Code:
    [test@localhost test]df
    Filesystem           1K-blocks      Used Available Use% Mounted on
    /dev/hda7              8538852   1827716   6277384  23% /
    /dev/hda6               101089     14208     81662  15% /boot
    none                    127704         0    127704   0% /dev/shm
    [test@localhost test]
    You'll see an overview of the used partitions, the amount of 1 kilobyte-blocks on the partition, the amount of used 1k-blocks, the available blocks, percent used, and the directory belonging to the partition.

    Note: if you're interested in knowing what the last line means, check out this kernel.org link.

    Now here comes the tricky part: a partition may not have space anymore for files, yet not being full...
    This has to do with the amount of available inodes: every file uses at least one inode. Every partition has an amount of inodes, determined when the filesystem was made. You can see this with the next command:
    Code:
    [test@localhost test]df -i
    Filesystem            Inodes   IUsed   IFree IUse% Mounted on
    /dev/hda7            1084864  100091  984773   10% /
    /dev/hda6              26104      47   26057    1% /boot
    none                   31926       1   31925    1% /dev/shm
    Although we've used 23% of space on hda7, we've only used 10% of inodes on hda7...
    You could get the opposite (even 100% used inodes, still only 25% of space used) on a partition that contains lots of small files...
    (An interesting command to test this, is cat /dev/zero | cat -v |split -C1: it'll fill up your partition in no time. Warning: Do not try this on a working partition!).

    du
    du allows you to see what users are responsible for your shrinking harddisk-space. It'll show you an overview of kilobytes used per directory, and a total at the end.
    Code:
    [test@localhost home]du test
    12      test/.kde/Autostart
    16      test/.kde
    4       test/dir1
    4       test/.mc/tmp
    20      test/.mc
    80      test
    Mounting filesystems.
    This chapter is about the 'connection' between a filesystem and a directory on a Linux-system. Your Linux-system has been configured so it knows when it boots what partition will be / (root). Next, connections between filesystems and directories can be made. This process is known as "mounting".

    mount
    Code:
    [test@localhost test]mount
    /dev/hda7 on / type ext3 (rw)
    none on /proc type proc (rw)
    usbdevfs on /proc/bus/usb type usbdevfs (rw)
    /dev/hda6 on /boot type ext3 (rw)
    none on /dev/pts type devpts (rw,gid=5,mode=620)
    none on /dev/shm type tmpfs (rw)
    [test@localhost test]
    You'll see that the root filesystem is mounted on hda7.
    The general command to mount a filesystem is mount /dev/xxxx /directory where xxxx is the partition you want to mount.
    More on mounting later on...

    umount
    Logically, umount is used to unmount a filesystem.
    You can either use the name of the partition, or the directory:
    Code:
    [test@localhost home]umount /dev/hada5
    or
    Code:
    [test@localhost home]umount /test
    Make sure you're not in the directory you want to unmount...

    Systemstart
    While booting your system, one or more filesystems are being mounted. Responsible for this are start-up scripts. One of them is /etc/fstab:
    Code:
    [test@localhost home]cat /etc/fstab
    LABEL=/                 /                       ext3    defaults        1 1
    LABEL=/boot             /boot                   ext3    defaults        1 2
    none                    /dev/pts                devpts  gid=5,mode=620  0 0
    none                    /proc                   proc    defaults        0 0
    none                    /dev/shm                tmpfs   defaults        0 0
    /dev/hda8               swap                    swap    defaults        0 0
    /dev/cdrom              /mnt/cdrom              iso9660 noauto,owner,kudzu,ro 0
    0
    /dev/cdrom1             /mnt/cdrom1             iso9660 noauto,owner,kudzu,ro 0
    0
    [test@localhost test]
    2.2. Advanced file-management.

    Linux' security-system consists of the next parts:
    The owner: every file belongs to a user. The User ID (UID) is stored in the first inode of a certain file.
    The groups: every file belongs to a group of users. The Group ID (GID) is stored in the first inode of a certain file.
    Access Rights: every file has access rights. Those rights determine who can do what with the file. There are three parts: owner rights, group rights, and everyone else's rights.
    Commands: to set and change the user-rights, there are some commands.

    Rights

    chmod
    The most commonly used command to change rights, is chmod.
    Let's take a closer look at rights. Suppose you have a file called test in your directory:
    Code:
    [test@localhost test]ls -l test
    -rw-rw-r--    1 neg      neg            26 Feb  1 15:12 test
    [test@localhost test]
    The first 10 characters contain the access rights. The first character has been dealt with before... (d for directory, c for character device, b for block device).
    Next are three groups of three characters each. The first group represents the owner rights, the second group the group rights, and the third group the rights for others.
    Acces rights:
    Code:
    -	rwx	rwx	rwx
    	UID	GID	others
    R is for read, w is for write, and x is for execute.
    Code:
    [test@localhost test]ls -l test
    -rw-rw-r--    1 neg      neg            26 Feb  1 15:12 test
    [test@localhost test]chmod u+x test
    [test@localhost test]ls -l test
    -rwxrw-r--    1 neg      neg            26 Feb  1 15:12 test
    [test@localhost test]chmod g-rw test
    [test@localhost test]ls -l test
    -rwx---r--    1 neg      neg            26 Feb  1 15:12 test
    and so on and so on...
    This is known as the symbolic chmod.

    There's also the numeric method.
    - rwx rwx rwx
    421 421 421

    So, 4 is read, 2 is write and 1 is execute. 6 (4+2) would be read+write, 7 (4+2+1) is read+write+execute, 5 (4+1) is read+execute...
    An example:
    Code:
    [test@localhost test]ls -l test
    -rwx---r--    1 neg      neg            26 Feb  1 15:12 test
    [test@localhost test]chmod 644 test ; ls -l test
    -rw-rw-r--    1 neg      neg            26 Feb  1 15:12 test
    [test@localhost test]chmod 755 test : ls -l test
    -rwxr-xr-x    1 neg      neg            26 Feb  1 15:12 test
    [test@localhost test]
    er0k wrote a more extended tutorial about it. You can find it here.

    What is true for files, also works for directories. In that case, r means a user is allowed to take a look at the contents of the directory, w means a user is allowed to make files in the directory, and x means a user is allowed to access the directory.

    umask
    umask (user file-creation mask) is used to indicate what the file rights are when you first make a file.
    Code:
    [test@localhost test]umask -S
    u=rwx, g=rwx, o=rx
    [test@localhost test]
    SUID
    The SUID or Set User ID-bit allows you to set the effective UID of a process so that the UID is the UID of the program, and not that from the user who starts it.
    This is a very common method use to hack Linux-systems. A shellprogram (bash, ksh, csh) with the SUID-bit will give every user of the shell root-rights.
    You can set the SUID with chmod u+s or chmod 4000.

    SGID
    Same principle as SUID, only here the GID is used.
    You can set the SGID with chmod g+s or chmod 2000.

    Sticky bit
    If this bit is set (t), then the text image of a program is being saved the swap-device for faster access. For directories, this means that users are not allowed to delete files from that directory if they're not the owner of the directory (append only-directory).
    A common use is the /tmp-directory:
    Code:
    [test@localhost test]ls -ld /tmp
    drwxrwxrwt   20 root     root         4096 Feb  1 19:38 /tmp
    [test@localhost test]
    The command to set the sticky bit is chmod 0+t or chmod 1000.

    Ownership
    Code:
    [test@localhost neg]ls -l test
    -rwxr-xr-x    1 neg      neg            26 Feb  1 15:12 test
    [neg@localhost neg]
    In this example, 'test' is owned by 'neg', and the group also is 'neg'.
    To change the user and the group, there are two commands:

    chown
    chown is used to change the owner of a file. It can only be used as root.
    Code:
    [root@localhost neg]ls -l test
    -rwxr-xr-x    1 neg      neg            26 Feb  1 15:12 test
    [root@localhost test]chown test2 test ; ls -l test
    -rwxr-xr-x    1 test2    neg		26 Feb  1 15:12 test
    [root@localhost test]
    chgrp
    chgrp is used to change the group a file belongs to.
    Code:
    [root@localhost test]chgrp testers test ; list -l test
    -rwxr-xr-x    1 test2    testers         26 Feb 1 15:12 test
    [root@localhost test]
    Links.
    A file has a file-name.. but why not give it two or three names?
    That's what links are for.
    There's two types of links: hard links, and symbolic links.

    Symbolic link
    Code:
    [neg@localhost neg]ln -s test test6 ; ls -l test*
    -rwxr-xr-x    1 neg     neg            26 Feb  1 15:12 test
    lrwxrwxrwx    1 neg     neg            4 Feb  1 20:36 test6 -> test
    [neg@localhost neg]
    Not only will you see the symbolic link from test6 to test, but you'll also notice a change in the rights. The l of course stands for link.

    Hard link
    Code:
    [neg@localhost neg]ln test test7 ; ls -il test*
    730715 -rwxr-xr-x    2 neg     neg            26 Feb  1 15:12 test
     729906 lrwxrwxrwx    1 neg     neg            4 Feb  1 20:36 test6 -> test
     730715 -rwxr-xr-x    2 neg     neg            26 Feb  1 15:12 test7
    [neg@localhost neg]
    I did a ls -il to make ls show the inodes as well. You'll notice that test and test7 use the same inode, and test6 (the symbolic link) uses another. A symbolic link 'costs' an extra inode, a hard link doesn't.

    FHS - The Filesystem Hierarchy Standard.
    The FHS is divided into three parts:
    - The root-directory (/)
    - The /usr-hierarchy
    - The /var-hierarchy

    The Linux Filesystem is based on:
    - A hierarchic structure
    - A consistent use of system files
    - Protection of files and their data

    The matrix
    There are two ways to categorize Linux-systems:
    - Shareable vs. unshareable. Think about a /home directory that is being shared in a netwerk. Unshareable for example are files that indicate that a device is being used by a program.
    - Static vs. variable. Think about the /home directory that contains variable data (it'll need 'rw'). A /usr-directory for example is static (assumed that the variable part is in /var).

    Here's a matrix, containing some examples:
    Code:
    		Shareable		Unshareable
    Static		/usr/etc		/opt/boot
    Variable 	/var/mail/var/run	/var/spool/news/var/lock
    The rootfilesystem
    The contents of the rootdirectory should contain data that allows a system to be started and to be repaired, includind tools, configuration files, startup files,...
    Programs are not supposed to make a directory in the rootdirectory (there are enough alternatives).
    Here's an overview of standard root-subdirectories:

    / Root
    - /bin Essential commands
    - /boot Static boot loader files
    - /dev Device files
    - /etc Host specific config files
    - /home User's home directories
    - /lib Essential shared libs and kernel modules
    - /mnt Mount point for temporary filesystems
    - /opt Optional software packages
    - /root Root-users home directory
    - /sbin Essential system programs
    - /tmp Temporary files
    - /usr Second hierarchy
    - /var Variable datafiles

    What follows is an extended overview of those directories.

    /bin
    This directory contains programs that can be called by both admins and users, but are definitely necessary in single-user mode.
    /bin can not have subdirectories.
    Commands that are not essential enough for /bin, must be placed in /usr/bin.

    /boot
    This directory contains everything needed to boot your system, with the exception of configuration files. It contains files needed by the kernel before user-mode programs can be started.

    /dev
    This directory contains special- and devicefiles.

    /etc
    This directory contains configfiles and directories belonging to the system. No programs should be in this directory. The /etc-directory can have a /etc/X11-subdirectory containing X Window-system configurations.

    /home
    This directory contains the user's individual directories.

    /lib
    This directory contains shared systemlibraries, needed to boot the system and process the commands from the rootfilesystem.
    /lib contains the shared systemlibraries
    /lib/modules contains the shareable kernelmodules.

    /mnt
    This directory can be used to temporarily mount other filesystems.

    /opt
    This directory is meant for add-ons and extra softwarepackets. A convention is to use /opt/<packetname>. Programs from those packets started by users, should be in /opt/<packetname>/bin. Their manuals should be in /opt/<packetname>/man.

    /root
    The homedirectory of the rootuser.

    /sbin
    This directory contains files for system-management, just like /usr/sbin and /usr/local/sbin. Normally, /sbin only contains commands needed to start the system, next to the /bin-commands. All files started after the mount of /usr, should be placed in /usr/sbin.

    /tmp
    This directory is used to store all kinds of temporary files.

    /usr
    This directory is worth an extra chapter:

    /usr
    - /X11R6 X Windows, Version 11 release 6
    - /X386 X Windows, Version 11 release 5 for x86 platforms
    - /bin Most of the usercommands
    - /games Games and 'educational' programs
    - /include Header files for C programming
    - /lib Libraries
    - /local Local hierarchy
    - /sbin Non-vital system commands
    - /share Architecture-dependant datafiles
    - /src Source code

    That's it for this one... coming up: boot, runlevels, documentation, user management,...

    Just wanted to add something: I'm still learning all this stuff, and writing this tutorial helps me to study for my LPI... I might be completely off on some topics, and, if so, I'd like to hear it from you dudes and dudettes. I covered only what is necessary for the LPI, but feel free to add stuff...

  2. #2
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Good post, a few inaccuracies:

    - cua0: the first serial port
    The cu? devices are now deprecated in favour of /dev/tts/*

    http://www.ibiblio.org/mdw/HOWTO/Serial-HOWTO-12.html

    - random: a device that returns a random number
    Or rather an indefinite stream of random junk

    The /dev/ tutorial could also have used the devfs standards for device naming, which are beginning to supercede the "old" names for things. Simple devices (null, zero, random, full etc) stay the same - almost everything else is moved into a subdirectory of /dev

    An extfs2 filesystem does not constantly bring the disk-index up to date (in opposition to DOS).
    Not a feature fo the ext2fs, but rather any filesystem when mounted without the sync option under Linux. Also (confusingly) true of DOS filesystems mounted under Linux.

  3. #3
    Trumpet-Eared Gentoo Freak
    Join Date
    Jan 2003
    Posts
    992
    Neg,

    I already said , I was lookin' forward to it.
    Well , nice tut , I like the simple understandable way you explain things.

    Thnx Neg -> again.

    Greetz,
    Come and check out our wargame-site @ http://www.rootcontest.org
    We chat @ irc.smdc-network.org #lobby

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •