Embed Size (px)
Citation preview
Unit L4 - Advanced Linux
CIS-116
SUNY Ulster
Karl Wick
Handout
Command Description Example
pwd Print current 'working' directory pwdcd Change to different directory cd /home/studentmkdir Make a new directory mkdir /home/student/lessonsrmdir Remove (erase) a directory rmdir /home/student/lessonsls List contents of a Directory ls ls /home also dir
touchCreate a new empty file or update timestamp of an existing file touch testfile
cp copy file to a new location or file name cp testfile testfile.backuprm Remove (delete) a file rm testfile.backupmv Rename a file and/or move to new location mv testfile testfile.copycat Display contents of a file to the screen cat /etc/printcapcat > filename Copy std input to a file. Note: Destructive cat > newfilecat >> filename Append std input to a files contents cat >> newfileless Display contents of a file page by page less /etc/termcapmore Display contents of a file page by page more newfilefile Display info about a file (filetype) file /sbin/lilozcat Display contents of a compressed file zcat /tmp/report.gz
Unix Commands for Managing Files and Directories
File Properties
• Several properties are associated with each file in Linux
• Recall the ls – l directory listing command
• The first piece of information about a file shows these properties.
• -rw-r--r-- There are ten ‘slots’
• Recall that Linux is a multiuser OS
File Properties (2)
• All files and directories are owned by the person (account) that created them.
• Each person may belong to a ‘workgroup’.• Other unrelated users may be on the network.• The owner of a file can set file permissions for
• the owner• the group• others
File Properties (3)
• Permissions fall into three categories• read• write• execute (does not apply to all files, of course)
• The permissions field• type, owner rwx, group rwx, others rwx• - type means a file d type means a directory• rwx means permitted, - means not permitted
File Properties (4)
• -rwxr-xr-- means:• This is a file• The owner can read, write and execute the file• Group members can read and execute the file• Other users can only read the file
• dwrx------ means:• This is a directory• Only the owner can read or write or execute
Changing Permissions
• The owner of a file can change permissions by using the chmod command.
• Root can chmod any file or directory on the system.
• chmod u|g|o|a +|-|= r|w|x filename• u user g group o others a all
• + add - remove = the only permission
• r read access w write access x execute access
• chmod u+rw roadtrip.txt
Another way
• You can call up chmod with integer values• r = 4• w = 2• x = 1• - = 0
• chmod 644 weekend.txt is the same as• chmod u+rw weekend.txt; chmod g+rw
weekend.txt; chmod o+r weekend.txt• Try it and ls –l to see the new permissions
An example
• From the student account and directory /home/student• Create a text file (of any text) and save it• Type these lines:
chmod a –rwx newfile.txt (Remove all permissions)cat newfile.txt (you will get a message – “Permission Denied”)chmod u +rw newfile.txt (Restore permissions to the owner)cat newfile.txt
• Note: The restrictions do not apply to root• Permissions are a security feature• It is not a good idea to use 666 or 777 permissions
Common Settings
• -rw------- (600) Owner read & write permission• -rw-r--r-- (644) Owner read & write, group & others read only• -rwx------ (700) Owner has all permissions, group & others
none• -rwxr-xr-x (755) Owner has all permissions, group and others
read and execute• -rwx--x--x (711) Owner has all permissions, group & others exe• -rw-rw-rw (666) Everyone can read and write• -rwxrwxrwx (777) Everyone can read, write, and execute• drwx------ (700) Directory. Only owner can read and write• drwxr-xr-x (755) Directory. Owner can write, all can read• NOTE: execute for a directory means listing capability
Default Permissions
• For most Linux systems the default permissions of rw-r--r-- are used whenever you create a file.
• The default permission settings are contained in a file accessed at bootup by the umask command.
• Type umask and you will see the default permissions.
• umask REMOVES permissions
• Type umask +rw-rw-rw- or umask 000
• Type umask –w--w--w or umask 222 to remove write permissions.
Monitoring the System
Memory and Disk Usage
free, vmstat, ps
• free Displays the status of RAM and VRAM• Mem: refers to RAM• Swap: refers to virtual RAM (the swap file)• Too little RAM will cause ‘thrashing’ (constantly moving
information from RAM to VRAM)
• vmstat Provides detailed information about swap file usage. The output is cryptic. See man.• swap file, free, buffer size, cache size, swap in and out statistics,
cpu: user, system and idle processes.
• ps Lists all running processes by number and user.
Real Time System Status
• top Displays the most processor intensive processes in real time. Updates about every 5 seconds.
• Type top <enter> and watch the screen
• Type <j> a few times and watch the screen
• Type <q> to exit top
top Interactive Comands
<space> update now ^L redraw screen
k kill a process by ID i ignore idle
n, # number of processes to view
q quit many toggles for displays
N sort by PID A sort by age
P sort by CPU useage M sort by mem use
T sort by time W write to ~/.toprc
Checking HD usage• df Shows 1k blocks allocated, used, available for all mounted filesystems.• df –m Same but displayed in megabytes. Try –h too
• You can specify a single filesystem too: df /dev/hda5Filesystem 1M-blocks Used Available Use% Mounted on
/dev/hda6 5921 79 5542 2% /
/dev/hda1 38 4 32 10% /boot
/dev/hdb5 375 1 355 1% /tmp
/dev/hda5 1969 1479 390 80% /usr
Checking HD Usage
• du Summarizes disk usage by 512 byte blocks
• du –b size in bytes
• du –aall files not just directories
• du –h human readable
Stopping a Process
• Type ps <enter> to see all running processes• Type kill [processid#] or kill [processname]• If multiple instances of the same (name)
process are running, these commands may not work.
• Try kill –s kill [pid]• If you kill a process that the OS needs, the
system may crash.
LILO and configuring LILO
• LILO loads Linux at bootup. It can also load other OSs. LILO is a boot manager.
• LILO configuration options are stored in the file /etc/lilo.conf They can be changed with a text editor.
• After making changes, you MUST save lilo.conf and run lilo to write the changes to the MBR of the hard disk.
• lilo.conf can store more than one image and boot to a menu.
A Typical lilo.conf Fileboot=/dev/had Where LILO is installedmap=/boot/map optional line - defaultinstall=/boot/boot.b optional line - defaultprompt Prompt? (For multiple boot systems)timeout=50 In 1/10ths of a second to default imagemessage=/boot/message default is the first image found in
file
image=/boot/vmlinuz-2.4.2-2 default imagelabel=linux type linux to startroot=/dev/hda3read-onlypassword=passwrd
other=/dev/hda1 additional imagelabel=dos type dos to starttable=dev/hda
More Administrative Tasks
(admin chapter 8)
Managing Accounts
• Types of Accounts• root - The administrator / Superuser• Regular Users• Non-Regular Users - used by programs
• Account Groups• Each user belongs to a primary group• A user can belong to a secondary group• Groups can be assigned permissions
• Type more /etc/passwd to see all users including usernames created by programs.
• Root will be first, regular users will be last.
etc/passwd
• root:x:0:0:root:/root:/bin/bash
• Fields are separated by colonsAccount name : Password (x means in /etc/shadow file :User ID : Group ID : Real Name : Home Directory :Default shell
• It is possible to edit in a text editor but not advisable due to some security measures not allowing the changes.
Groups
/etc/group
• root : x : 0 : root
• bin : x : 1 : root,bin,daemon
• Fields are separated by colonsName of Group : Group Password (may be
blank, or x {stored elsewhere}) : Group ID :
group members separated by commas.
Security
• In early versions of Linux the user passwords were stored in /etc/passwd.
• This file is available to most users.
• /etc/shadow is where passwords are now stored and is accessible only to root.
Passwords
• Changing• Run passwd
• Recovery• mount root partition,
• edit /etc/passwd file to remove the root password
• edit /etc/shadow file, if used
• reboot
passwd Options for root
• -l -u lock and unlock the account (root may access) by adding ! to the beginning of the pw.
• -S status of account password.
• These work with some versions of Linux• -n set min # days between pw changes
• -x set max # days pw remains valid
• -w set #days before warning PW about to expire
• -I set #days after pw expires before acct. is locked.
/etc/shadow
• Again, the entries are delimited by colons.root:$1$uBxqh7wl$oklXHuoBjHH7JmiVdk/fQ :
10815 : 0 : 99999 : 7 : : :
Account name that MUST correspond with a user account in /etc/passwd. : Encrypted password :
password security information follows.
• New users have !! in the password field
(Tackett & Burnett 5th Que p290)
Checking passwd & shadow
• pwck will check on the consistency & validity of the /etc/passwd and /etc/shadow files.
• pwck also warns of any account that does not have a password.
• grpck will check on the consistency & validity of the /etc/group and /etc/gshadow files.
Creating New User Accounts
• Log in as root• Type useradd username <enter>• If required, run chfn username to add personal info
and update finger information.• useradd –D will show the default settings• These are stored in /etc/default/useradd• There are many options that may be used with the
useradd command.• (See /etc/login.defs and man for detailed info.)
-c Full Name or Comment useradd –c “Karl Wick” kwick
-d Home Directory useradd –d /usr/home kwick
-e Acct. Expiration Date useradd –r 03/25/02 kwick
-f Days until acct disabled if Password expires
user add –f 7 kwick
-g Primary Group useradd –g ops kwick OR –g GID# kwick
-G Additional Groups useradd –G teamlead,party,cis kwick
-m Forces creation of home directory useradd –m kwick (even if no default set)
-M Does not create a home directory useradd –M kwick (even if default is set)
-n Disables Private Group Feature useradd –n kwick
-s Sets user’s login shell useradd –s /bin/zsh kwick
-u Force a specific User ID number useradd –u 252 kwick
Removing Users
1. Remove login capability (temporary. Maybe user is away on vacation): Edit /etc/passwd or /etc/shadow and put a * at the beginning of the PW field. The account stays intact.
2. Remove user but keep files: Edit /etc/passwd and /etc/shadow files by removing user name. OR run userdel username. Change file ownership and location with chown and mv
3. Remove user and home files: userdel –r username OR a) a) Remove entry from password files.
b) b) erase all files in home directory find homedir –exec rm{}
c) c) Erase user’s home directory rmdir homedir
d) d) don’t forget other files such as e-mail alias files.
Notes about useradd options
1. If a name (ie option –c) contains a space you must enter it between double quotes so that Linux doesn’t think that it is two field variables
2. useradd –D options will change the defaults. All of the options on the previous slide are permitted useradd –D –s /bin/csh
3. You can combine options on one line.useradd –g sales –c “Phred The Wonder Dog” phred
4. You can edit /etc/default/useradd in a text editor.
Simple example
• useradd student2 –p cis116
• Adds the user named “student2” and specifies the password to be “cis116”
Creating New Groups
• Use the groupadd groupname command (preferred) or edit /etc/group in a text editor.
• The –g option will specify a particular group number for the new group.
• Do not assign two groups with the same number because Unix will consider them the same.
• ex: • groupadd –g 900 managers• groupadd students
Modifying User Accounts
• usermod options username
• usermod uses the same options as useradd• usermod –c “Liz Osowski” lizw
• usermod –l lizo –d /home/lizo lizw Changes home directory to look for. Make sure that the home directory actually exists!
Modifying Groups
• Use groupmod [-g GID] [-n group_name] group
• -g GID is numerical group number.
• -n group_name will change from group to this.
Deleting A Group
• Edit the /etc/group file by removing the pertinent line.
• Reassign all files with the old group ID to a new group ID.
• find / -gid group-id find users_home_dir –exec chgrp newgroup {} \;
Keeping track of users
• Simply typing <w> from the root account will provide a list of all users logged onto the system.
• It will tell you:• their login date or time
• their CPU usage
• their last command
Banner Messages
• Stored in the file /etc/motd
• Edit the file and save it or create the file with cat > /etc/motd if it does not exist.
• Reboot and the message will appear immediately after a successful login.
Bonus: GUI to Text and Back
• From text mode enter startx to activate the GUI.
• From the GUI type <CTRL-ALT-F2> to enter text mode. You may need to login the first time you do this.
• From text mode type <ALT-F7> to go back to the GUI.
• You can switch back and forth.
This page intentionally Left Almost Blank!
