Published on

all about linux

Published in: Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. LINUX Reference Guide By Pramod Parajuli
  2. 2. Linux Guide by: Pramod Parajuli December, 2002 1. General Ideas (Partitions (Primary, Extended), partition conventions (hda, hdb etc.) in Linux) Partitions: The combination of corresponding tracks in a hard-disk on all of the ‘platters’ is called a ‘cylinder’. Partitions are created by dividing all the cylinders into two or more parts. There can not be more than 4 primary partitions in one system and there should be only one extended partition in one system. In Linux: In Microsoft® Windows, the partitions are treated as C: D: E: etc. In NT systems, the partitions are treated as multi(0)disk(0)rdisk(0)partition(5). Anyway, on Microsft® Windows family, partitions or drives are referred by drive letters. In Linux world, the partitions or drives or any other hardware devices are referred by a file. The file is linked to the particular hardware device. Whenever we have to access the hardware device, we access the file rather than direct hardware access. It’s the responsibility of operating system to do the actual work. So, the Linux treats IDE-drives (CD-ROM, HDD) as follows: IDE M/S Linux Primary Master hda Primary Slave hdb Secondary Master hdc Secondary Slave hdd The partition table is used as follows: 1 = First Primary Partition 2 = Extended partition (if any) 3 = Third Primary partition 4 = Fourth Primary partition 5 onwards = Logical partitions in the extended partition Now, if you have a hard-disk on primary slave (hdb) as following configuration. (fig – 1) Page 2
  3. 3. Linux Guide by: Pramod Parajuli December, 2002 The D: drive here will be addressed as hdb5. The E: drive will be addressed as hdb6. (Master Boot Record, Boot Record) (fig-2) Given is a hard-disk with two partitions (Red and Sky blue). The very first (initial) track, green portion, is called Master Boot Record (MBR). The MBR contains information about how many partitions are there in the hard-disk, how many operating systems are installed, and an OS loader. Whenever computer boots, the system first reads the MBR. On the partitions, the very first track of the partitions is called Boot Record (BR). This portion contains information about loading an operating system on that partition, which files to load to run the operating system etc. Page 3
  4. 4. Linux Guide by: Pramod Parajuli December, 2002 (Boot Sequence) When computer is booted following steps occur: i. Power on. ii. CPU points to POST (This is done by CPU and motherboard manufacturer). iii. POST is loaded and executed. iv. BIOS is loaded into memory. v. The BIOS contains information about where to search for OS loader. vi. OS loaded, and control is handled to OS. (Boot loader -issues with cylinders) A boot loader is a program that reads OS from storage media and loads operating system into memory. Boot loaders reside either on MBR or in BR. All operating systems have their own boot loader. Some boot loader can load only one type of operating system whereas; some can load other operating systems also. For example, the boot loader of win’98 is not familiar with Linux, so can’t load Linux. But the boot loaders of NT, 2000, & XP support multi-OS, so can boot Linux on other partition. The boot-loader for Linux (like - lilo) can load any operating system on the system. When a boot loader searches for an operating system, it addresses the location of operating system according to the no. of cylinders. Some old boot loaders can not load operating systems that are installed far beyond 1024 cylinders. So, if you have such boot loader then the operating system must be installed on the partition that comes into the boundary of 1024 cylinders. New boot loaders do not have such problems up to 4096 cylinders. (Partitions for Linux -root, swap, user etc, benefits of multiple partitions) Linux could be installed on any partition or a file! It is recommended that you install Linux on partition. If Linux is installed on file then the performance will be very low. If you choose to install Linux on separate partition, then at least two partitions are required. One for Linux root system and one for swap. The Linux root system includes program files, user files, temporary files, boot files etc. The swap partition is used as swap space during OS run. If you planned to install two Linux operating system then you could share same swap partition also. You could visualize the situation as: (fig-3) Page 4
  5. 5. Linux Guide by: Pramod Parajuli December, 2002 Another way could be like this; you could create multiple partitions for different kind of purpose. One partition for user files. One partition for program files. One partition for Linux kernel etc. There is one major advantage of doing so. Whenever you reinstall Linux, it formats the drive where the Linux is going to be installed. If you installed Linux according to this configuration, then while reinstalling, only the partitions for program files need to be formatted. The partition for user files will remain untouched. This saves user files even if you reinstall Linux. (fig-4) (Kernel) Kernel is the main part of an operating system that accepts calls from applications and executes those instructions by controlling the underlying hardware. (fig-5) 2. Installation Before installing Linux, you must have a good installation plan. Plan about: 1. Partitions (how you are going to organize partitions) 2. Network Card (IP address and domain name) 3. Graphic Card settings (video RAM space, name of graphics card, maximum resolution supported and color depth), monitor settings (horizontal and vertical scanning rates, maximum supported resolution). Remember, different or invalid settings might destroy graphics card and monitor. 4. Settings for mouse and keyboards. 5. Packages or servers you want to install. You must be familiar with packages and servers before installing them. Page 5
  6. 6. Linux Guide by: Pramod Parajuli December, 2002 Instructions: 1. Some Linux installers ask you for recommended or expert mode of installation. If you choose recommended then it might arrange the partitions as it knows is best and doing this, you might loose the data. So, always select in expert mode. 2. Be careful while partitioning hard-drive. Do not delete existing partitions unless you don’t need that. While making partitions, be careful not to overlap the partitions. You can check this by looking at the starting and ending cylinder for that partition. Do not leave any blank portion on hard-drive. 3. Make boot disk. It will be very much useful if the system could not boot later on. Run levels (0,1,2,3,4,5,6) The Linux operating system have 7 run-levels starting from 0 to 6. These run levels have their own meanings. Linux will be in one run level at a given time. Whenever the state of Linux is changed, the run level is changed. Run-level 0: When Linux is switched to this run-level, all the programs and processes are killed (shutdown) and the system is halted.. Run-level 1: When Linux is switched to this level, only one user i.e. root can log onto the system. No other user can log onto the system. This is done to repair or solve problems in the system. Run-level 2: This run level allows multiple users and supports networking but doesn’t support NFS. Run-level 3: This is default level. All services (except X11) are enabled in this run level. Run-level 4: This run level supports all the services as supported by run-level 5. But, we can customize the settings for this runlevel. Run-level 5: This supports graphical user interface. Default for all of the new Linux variants. Run-level 6: When switched to this run-level, the system is rebooted. Commands (reboot, halt, shutdown) reboot: Reboots the Linux system. i.e. the run-level is switched to run-level 6. halt: Halts (shut down) the Linux system. shutdown: This command accepts lots of parameters. -r : reboots the system -h : halts the system -t : no. of seconds after which you want to reboot e.g. shutdown –t 5 : shut down after 5 seconds shutdown –r now : reboot the system right now File system (/root, /usr, /home, /proc, /etc) The Linux system contains lots of files and folders. The main or parent directory of the whole system is called a ‘system root’ denoted by ‘/’. All the files, programs, folders, devices (everything) in the system are kept as child of the system root. Page 6
  7. 7. Linux Guide by: Pramod Parajuli December, 2002 The root file system contains following directories: (fig-6) /bin: contains commands or programs used by /for system level. /boot: contains files needed to load Linux /etc: most of the configuration and setting files resides here. /home: all the user files are stored here. /lib: all libraries used by program files are stored here. /mount: all the mounted media are mapped into this directory. We will cover them later. /opt: options /proc: Information about current processes are stored here. This directory actually is mapped from memory. /root: Root user’s files. /sbin: This directory contains the programs that are accessible only by the root user. /tmp: Temporary files /usr: All the user programs are stored here. /var: The files that are changed while Linux is running. Simple commands ls: list the contents of the current directory more: used with pipe to display one screenful contents joe: an editor with some keystroke commands pico: simplest editor rm: remove files and directory mkdir: create directory cp: copy files or directory pwd: show path less to display / type the contents file onto screen. Same as ‘type’ command in MS-DOS. See the ‘man’ and ‘info’ pages for these commands. Page 7
  8. 8. Linux Guide by: Pramod Parajuli December, 2002 Linux shell The kernel of Linux system supports many user interfaces. Two major varieties of user interfaces are CUI and GUI. The CUI for Linux are created to run in a shell and GUI run under X-window system. The default shell for Linux is bash-shell. This shell provides lots of facilities. i. All the commands you typed are stored in a file called .bash_history. ii. If you want to see a list of commands then just press ‘tab’ key two times and all the available commands in the system will scroll up. iii. If you want to see commands starting from ‘p’ then just type ‘p’ and press ‘tab’ two times. The command will be listed. iv. If you want to see files starting from ‘p’ then just type ‘ls p’ and then press ‘tab’ two times, you will see all the files. Manual and info commands To view help on some command, we use manual or information commands. For example: If you want to look the syntax of ‘ls’ command then just use: ls - -help But, if you want to look a structured documentation about the command ‘ls’ then use: man ls This command will show a nice documentation about ‘ls’ command. The ‘info’ command is also same as ‘man’. Primer administrative commands (adduser, deluser, free, du, df, passwd, su, ) adduser: adds a new user. e.g. adduser asd will add a user with login name ‘asd’. userdel: deletes a user. e.g. userdel asd will delete ‘asd’ user. passwd: change password. If you just run ‘passwd’ without any parameter, then it will change the password of current user. i.e. if you are logged on as ‘asd’ user then the password for ‘asd’ will be changed. But if you are logged on as ‘root’ and want to change password of other user ie. ‘asd’ then just type: passwd asd Page 8
  9. 9. Linux Guide by: Pramod Parajuli December, 2002 the system will ask you for new password for the user ‘asd’. It’s like resetting password. su: If you are logged on as normal user and want to run some administrative command then you can change your status to ‘super user’ ie. ‘root’ by running the ‘su’ command. When you issue this command, the system will ask for root’s password. To exit from root, just type ‘exit’. free: Shows how much of system’s memory is used and how much is free. du: Shows disk usage by files or folders in current location. df: Shows how much of disk is free. 3. Playing around with KDE and GNOME (Whenever we say X in Linux, it's X-Windowing System i.e. graphics for Linux system). KDE KDE (K-Desktop Environment) is the most popular GUI in Linux world. It provides easy to use interface that is as easy as the GUI provided by Microsoft® Windows Series. KDE consumes more memory as compared to other desktop environments like GNOME, XFACE Categories: Amusements: Games and amusing programs Applications: Applications i. Accessibility Accebility as in Windows Desktop Pager: Shows pages for desktop. KDE screen ruler: Shows ruler to calculate the objects on the screen . Xmag: Magnifier. ii. Archieving Compression and decompression programs Archiever: Compressing and decompressing program. Requires zip package. iii. Communications Communication programs Bug buddy: To send the bug found in Linux to the program vendor. Fax viewer: Send and receive fax. J-pilot: A program to sync files and programs to Palmtops. iv. Development Software Developemnt programs and documentations Page 9
  10. 10. Linux Guide by: Pramod Parajuli December, 2002 Glade: A user interface designer. The source could be exported to many languages like C, C++ etc. IDLE: A python shell. KDevelop: An IDE for KDE software development. Contains documentations and software development environment. v. Editors Editors like vi, joe, gedit, emacs etc Binary editor: A HEX editor. Advanced editor: Text editor with color scheme for languages like C, C++, Perl etc. GEdit: Gnome Editor. A simple text editor. VI: VIm's editor. Most complex editor in the world. Most powerful also. You won't lose any data even if you system crashes or goes down while typing in this editor. Uses lots of shortcuts. Joe: Joe's editor. It has some shortcuts like VI. but is very much easier to use. Good for beginners. Emacs: Very much popular editor. It has language bindings like C, C++, Lisp etc. Vi. File tools Programs that are used to manipulate files in Linux system. File managers. vii. Monitoring These programs monitor i.e. give status of certain hardware or software or the whole Linux system. For example, you can view disk free, processes and CPU & RAM usage etc. viii.Publishing These programs are used to publish i.e. high quality printing or documenting. For example, PDF viewer, DVI viewer. ix. science Programs used for scientific purpose. x. Text tools Programs used for text purposes like character map and text file viewer. Remember, the file viewer and editor are different. Viewer can only read the file where as editor can read and write both. Configuration: The programs under this group are used to configure the Linux system. i. Boot & Init To change the Boot option and configure the services that are initialized during boot up. ii. Hardware Configure hardware / peripherals attached to your computer. iii. KDE You can change the setting of the KDE itself. You can see the information about your system like CPU, Memory, harddisks. Page 10
  11. 11. Linux Guide by: Pramod Parajuli December, 2002 You can change the look & feel i.e. color and windowing styles, desktop themes etc of KDE. Change DATE & time. Change sound schemes for KDE. Play around with these tools. These are very much of fun. iv. Networking Programs used to configure network. We will use these tools later. v. Other Other! Lots of control centers are here. We will use these also. vi. Packaging These software are used to install new packages or remove packages ie. programs from the Linux sytem. vii. Printing Configure your printers. Documentation: Here, you will find help for the whole Linux system. Multimedia: Programs for Graphics, Music, and VIDEO. Networking: These program contains, chat programs, dial up programs, browsers like Netscape, Mozilla etc, FTP, mail etc. Office: Programs that are used in Office. Office Packages like Word processors, Spreadsheet processors, presenters etc. Terminals: Terminal shells. CUI. Control Center: KDE control center. GNOME GNOME (GNU Network Object Model Environment) is also very much popular GUI. Here, you will see a new group called 'programs'. It also contains the same list of programs as in KDE menu. 4. File attributes, Permissions We can set permissions for the files or objects in Linux. A permission is a three bit value. ‘r’ - Read (1/0) ‘w’ – Write (1/0) ‘x’ – Execute (1/0) Page 11
  12. 12. Linux Guide by: Pramod Parajuli December, 2002 The first bit is used to set/unset Read permission. Denoted by 'r'. The second bit is used to set/unset Write permission. Denoted by 'w' The third bit is used to set/unset Execute permission. Denoted by 'x'. For example, you want to set only read permission then you have to set the first bit to 1. Doing so, the value will be 100 in binary and 4 in decimal To set Write only permission, we use 010, i.e. use 2 in decimal. To set Execute only permission, we use 001, i.e. use 1 in decimal. So if you want to apply read and execute permission but disables write permission then use 101 ie. 4 + 1 = 5. Now, type following command into bash shell. ls -al It will give up following output: total 1140 drwx------ 23 root root 4096 Dec 11 23:20 ./ drwxr-xr-x 19 root root 4096 Nov 26 04:30 ../ -rw-r--r-- 1 root root 505 Dec 11 05:44 .G-Force -rw------- 1 root root 189 Dec 11 23:12 .ICEauthority -rw------- 1 root root 32 Dec 11 21:50 .MCOP-random- seed -rw------- 1 root root 66 Dec 11 23:12 .Xauthority drwxr-xr-x 2 root root 4096 Sep 15 04:56 .gnome-desktop/ drwx------ 3 root root 4096 Sep 15 04:55 .gnome_private/ drwxr-xr-x 2 root root 4096 Sep 3 22:47 .gnupg/ drwxr-xr-x 4 root root 4096 Sep 6 07:34 .gqview/ drwxr-xr-x 4 root root 4096 Sep 4 05:38 .kde/ -r-------- 1 root root 22 Dec 11 21:50 .kxmlrpcd -rw-r--r-- 1 root games 180 Dec 6 06:43 .ltris.cfg -rw------- 1 root root 31 Dec 11 21:50 .mcoprc -rwxr-xr-x 1 root root 142860 Dec 11 05:38 ASD LINUX.pdf* -rwxrwxrwx 1 root root 17398 Dec 11 23:18 ASD Linux.txt* The left most column here is file attribute column. The third column shows the owner of the file. the fifth column shows the size of the file / folder in bytes. The Sixth column shows the date created and the last column is the name of file. The files or directories starting with a period i.e. '.' are hidden/system files. Let's look at the file attributes. Page 12
  13. 13. Linux Guide by: Pramod Parajuli December, 2002 The file attribute contains 4 different field Directory/file Owner Group Everybody [directory / file] [owner permission] [group permission] [ everybody permission] So, you saw, in one file, you can set permission for 3 different objects. Working of these fields is as follows: [directory/file]: This field will be blank '-' if the object is file and will be 'd' if the object is directory. [owner permission]: This field contains permission information for the owner of the file. [group permission]: Permission for the group. The group is similar to the group of the owner of the file. [everybody permission]: Permission for everybody that logs on to the system. -rwxr-xr-x 1 root root 142860 Dec 11 05:38 ASD.pdf* The given object is a file. The owner can read, write, and execute the file. The group can only read and execute the file and other users can execute only. Changing the permission: We use chmod command to change the permission of a file. Syntax: chmod <mode> <filename> The mode here can be set by using number or letters. e.g. let's change the property of the file so that the owner can only read and execute but can not write. chmod 500 ASD.pdf Now, the only the owner of the file can read and execute the file. Other users can not read, write, and execute the file. Let's change the permission so that everybody can read, write, and execute. chmod 777 ASD.pdf Another simpler way is to use characters for permission modes. If you want to set permission for user use 'u', for group use 'g', and for everybody use 'a'. and use 'r' for read Page 13
  14. 14. Linux Guide by: Pramod Parajuli December, 2002 permission, 'w' for write permission', 'x' for execute permission. Use '+' to add permission and '-' to remove the permission. e.g. chmod u-x ASD.pdf will remove the 'x' - execute permission for 'u' - user. chomod a+r ASD.pdf will add the ''r' - read permission for 'a' - everybody. Note: When the permssion of file is set to execute, the file becomes runnable and the bash shell will show it using Green color. Changing the owner of file: You can change the owner of a file. To change the owner we use chown. syntax: chown <new user id> <file> The new user id here could be the login name of the user or the UID. Let's consider the owner of file 'ASD.pdf' is 'root'. The command chown asd ASD.pdf will change the owner of the file 'ASD.pdf' to 'asd'. Changing the group of file: Use 'chgrp' same as the 'chown'. 5. Users, attributes, Permissions (Tip. for bash, while running X-programs, use '&' at the end of command, the program will run in X-window and you will get free command line for next command.) To see user configurator use, Page 14
  15. 15. Linux Guide by: Pramod Parajuli December, 2002 userconf & Using this tool, you can do lots of things. Or, you could use following commands groupadd : to add new group groupadd theGroup will create a new group called 'theGroup' usermod : to add a user to the group e.g. usermod -G theGroup asd will add the user 'asd' to group 'theGroup' groupdel : to delete existing group groupdel theGroup will delete the group 'theGroup'. User and group files: The information about users is saved in a file '/etc/passwd'. The information about groups is saved in a file '/etc/group'. The format of '/etc/passwd' file: <username>:<password>:<user ID>:<group ID>:<full name>:<home directory>:<default shell> The format of /etc/group' file: <group name>:<password>:<group id>:<inherited group name> 6. Mounts, file system The drives / devices on Linux system are mounted (linked) to certain directory. It means, the stream to the drive is referenced by the referenced directory. The drives / devices are actually files in Linux system. For example, floppy drive A: is a under /dev directory as fd0. Floppy drive B: is /dev/fd1 file. If CD-ROM is connected to Primary Slave IDE, then it is referenced as /dev/hdb. To mount i.e. work on the drives, they should be mounted to some directories. Most of the drives for user services are mounted to directories under /mnt. Page 15
  16. 16. Linux Guide by: Pramod Parajuli December, 2002 To view the drives that are currently mounted on the system, use the command ‘mount’. mount /dev/hdb3 on / type ext2 (rw) none on /proc type proc (rw) none on /dev/pts type devpts (rw,mode=0620) /mnt/cdrom on /mnt/cdrom type supermount (rw,fs=iso9660,dev=/dev/cdrom) /mnt/floppy on /mnt/floppy type supermount (rw,fs=vfat,dev=/dev/fd0) /dev/hdb1 on /mnt/win_c type vfat (ro,nosuid,nodev,umask=0, codepage=850, iocharset=iso8859-1) /dev/hdb5 on /mnt/win_d type vfat (ro,nosuid,nodev,umask=0,codepage=850, iocharset=iso8859-1) /dev/hdb6 on /mnt/win_e type vfat (ro,nosuid,nodev,umask=0,codepage=850,iocharset=iso8859-1) /proc/bus/usb on /proc/bus/usb type usbdevfs (rw,devmode=0664,devgid=43) The first column is the device name. The third column is the mount point, the fifth column shows the type of file system, options etc. To mount a device, we use command ‘mount’. The syntax is : mount <device to mount> <mount point > mount point = directory where the device is mounted e.g. If you want to mount a CD-ROM device that is connected to Secondary Master IDE, then, 1. Make a directory called ‘myCD’ under /mnt. 2. Insert the CD-ROM into CD-DRIVE. 3. Issue following command: mount /dev/hdc /mnt/myCD 4. Now, to read the files in the CD, go to /mnt/myCD directory. You will see all the files/directories on the CD-ROM. The mount process could also be customized by using options and file-system-type of the device. The file system type of devices is as follows: File system File type Linux native partitions or drives ext2 Windows FAT32 vfat Windows FAT16 fat CD-ROM (Standard) iso9660 NTFS ntfs / hpfs So, if you want to mount or use a Win’FAT32 file system then issue following command: Page 16
  17. 17. Linux Guide by: Pramod Parajuli December, 2002 mount -t vfat /dev/hda1 /mnt/Win_C the ‘-t’ here is to specify the file type, ‘vfat’ specifies that the partition ‘/dev/hda1’ is a Win’FAT32 file system. After issuing this command, the drive is mounted to /mnt/Win_C. If you want to mount a Software CD-ROM on CD-Drive that is connected to Secondary Slave IDE then issue following command: mount -t iso9660 /dev/hdd /mnt/MyCD The CD will be mounted to /mnt/MyCD. To mount a floppy that is FAT formatted , use following command: mount –t fat /dev/fd0 /mnt/floppy The file systems could also be mounted so that they become ‘readonly’ or write also etc. To use these options use ‘-o’ and then options. The options will be ro = read only rw = read and write async = immediately write to the file system exec = the files or programs can be executed user = allows normal users to mount and umount the file system. Note: Reading the contents from a mounted device is done as Read instruction is given. For example, if you want to copy files from CD-ROM to Hard-disk then it will copy immediately. But if you want to write onto mounted media, then the Linux system keeps that into queue. It may not write the files onto the mounted media immediately. So, you remove the media e.g. eject the floppy after issuing CP command, then the files might not be written onto it. To insure that the write process on the media is completed successfully, you have to use ‘umount’ command. After issuing ‘umount’ command the pending processes on the media are completed and you can safely remove the floppy. If you want to write the files immediately, then use ‘async’ option. Syntax: umount <device name / mount point name> Previously, we mounted a floppy drive to /mnt/floppy. Let’s unmount the floppy. umount /dev/fd0 Page 17
  18. 18. Linux Guide by: Pramod Parajuli December, 2002 Linux could be configured to load / mount file systems or partitions automatically For this purpose, a file called ‘/etc/fstab’ is used. This file have following configurations: /dev/hdb3 / ext2 defaults 11 none /dev/pts devpts mode=0620 00 /mnt/cdrom /mnt/cdrom supermount fs=iso9660,dev=/dev/cdrom 00 /mnt/floppy /mnt/floppy supermount fs=vfat,dev=/dev/fd0 00 /dev/hdb1 /mnt/win_c vfat user,ro,exec,umask=0,codepage=850, iocharset=iso8859-1 00 /dev/hdb5 /mnt/win_d vfat user,ro,exec,umask=0,codepage=850, iocharset=iso8859-1 00 /dev/hdb6 /mnt/win_e vfat user,ro,exec,umask=0,codepage=850,iocharset=iso8859-1 00 none /proc proc defaults 00 /dev/hdb4 swap swap defaults 00 The first column here is the name of device, the second column is the mount point, third point is the file type and fourth column shows options. If you want to add a new file system to be mounted automatically, then make entry into this file. Let’s say we want to mount a F: drive which have NTFS file system in Windows, to /mnt/win_f for read and write. Then add /dev/hdb7 /mnt/win_f hpfs user,rw,exec 0 0 and reboot the system, the drive will be mounted automatically. 7. Sound Card, Graphics Card To configure sound cards, we use ‘sndconfig’. sndconfig By default, the program tries to detect sound card and install driver for it. If it is unable to find, then it will ask for settings like DMA channels, IRQ lines etc. Provide appropriate one. If the soundcard is configured correctly, then it will automatically play a music. To configure graphics card, you can use Mandrake Control center or ‘xconfigurator’ or ‘xf86config’. Provide the appropriate resolutions, vertical / horizontal sync rates and amount of VGA memory. 8. Boot config Boot config here consists of two features: 1. The boot loader configuration Page 18
  19. 19. Linux Guide by: Pramod Parajuli December, 2002 2. The services to load at startup Boot loader configuration You can use configure boot loader by using Graphical Tool such as 'Mandrake Control Center' or configure the configuration file for boot loader 'lilo.conf'. There exists a tool that reads the lilo.conf file and then writes the settings onto the MBR or BR of the harddisk. It's 'lilo'. Whenever you run the 'lilo' command it writes / installs the lilo boot loader onto corresponding boot record. Let's see the contents of /etc/lilo.conf file: boot=/dev/hdb map=/boot/map install=/boot/boot.b vga=normal default=WinXP_&_98 keytable=/boot/us.klt lba32 prompt timeout=50 disk=/dev/hdb bios=0x80 message=/boot/message-graphic menu-scheme=wb:bw:wb:bw image=/boot/vmlinuz label=Mandrake_8.0 root=/dev/hdb3 append=quot; quietquot; vga=788 read-only image=/boot/vmlinuz label=linux-nonfb root=/dev/hdb3 read-only image=/boot/vmlinuz label=failsafe root=/dev/hdb3 append=quot; failsafequot; read-only other=/dev/hdb1 label=WinXP_&_98 table=/dev/hdb other=/dev/fd0 label=floppy unsafe Page 19
  20. 20. Linux Guide by: Pramod Parajuli December, 2002 Let's start from the top of the file. boot=/dev/hdb This line says that the boot drive i.e. the drive that contains the Linux system is /dev/hdb ie. primary slave. map=/boot/map Now, this line says that the map of the operating system is a file that resides under /boot directory and the file is /boot/map install=/boot/boot.b This line says to looad the boot information from /boot/boot.b file. vga=normal This option is used to define the graphics settings. The setting here is that vga be normal. If it is set normal, then it will display the settings in 80*25. You could change this to other values like 'extended'. If changed to 'extended' then it will display in 80*50. Other settings could also be applied by using 'ask'. If you set vga=ask then it will list all of the possible settings and you could choose them. default=WinXP_&_98 Deault operating system to be loaded. See the 'image' section below. keytable=/boot/us.klt Keyboard configuration, remember, we selected us-keyboard duing installation. lba32 This setting specifies to use 'large block address using 32 bit'. It means that the hard disk should be addressed using large blocks. So, supports large harddisks. prompt This specifies that wait for user input. So, the screen appears for OS selection. timeout=50 Time out to load default operating system. 10 equals 1 sec. disk=/dev/hdb bios=0x80 This settings specifies that the disk number read for /dev/hdb from bios is 0x80. This is same for all IDE hard-disks. message=/boot/message-graphic This says that use the /boot/message-graphics file to display. So, it displays a blue screen on during OS selection. Page 20
  21. 21. Linux Guide by: Pramod Parajuli December, 2002 menu-scheme=wb:bw:wb:bw It says how the menu is organized. Look into man pages using 'man lilo.conf' for more detail. Image section: Each and every section is started by using 'image = ....'. Here you can see 5-sections. image=/boot/vmlinuz label=Mandrake_8.0 root=/dev/hdb3 append=quot; quietquot; vga=788 read-only This section specifies that there is an OS that is defined by /boot/vmlinuz file. This OS is displayed by using a label 'Manrake_8.0'. This OS resides on /dev/hdb3. While booting this OS, use quiet mode ie. default mode. The append varaible here work as the parameter for Linux kernel. When you want to give or configure Linux boot then you can use this. For example, some older boot loader do not support RAM more than 64 MB. If you have RAM of size 128 MB then you can use append=quot; MEM 128quot;. The graphics used for this OS is defined by number 788. Load the operating system as read-only. image=/boot/vmlinuz label=linux-nonfb root=/dev/hdb3 read-only This section specifies that there is an OS that is defined by /boot/vmlinuz. Remember, it's the same as before. Display the label 'linux-nonfb'. Other settings are same. image=/boot/vmlinuz label=failsafe root=/dev/hdb3 append=quot; failsafequot; read-only This section specifies that there is an OS that is defined by the same /boot/vmlinuz file. Label used for this OS is 'failsafe'. Root is /dev/hdb3. The ‘append’ variable here specifies that the Linux to be load as failsafe ie. in safe mode. other=/dev/hdb1 label=WinXP_&_98 table=/dev/hdb Page 21
  22. 22. Linux Guide by: Pramod Parajuli December, 2002 This section specifies that there is a different OS than Linux images and that resides on /dev/hdb1. Show label 'WinXP_&_98' for this OS and read the OS table from MBR of /dev/hdb. other=/dev/fd0 label=floppy unsafe Guess what this could be. Let's try some change. Change the Label WinXP_&_98 to Windows and the timeout to 30 and then save the file. Now run the 'lilo' command from console. It will display like this: Added Mandrake_8.0 Added linux-nonfb Added failsafe Added Windows * Added floppy Look here, it says 'Added' i.e. these settings for these OSes are written to MBR. Look for an '*'. Windows got '*' after it. It says that the default OS is now Windows. Service Configuration: Every user programs or processes are clients. These clients request with certain service to do some work. For example, A media player requests with sound server to produce sound. A SQL program requess with certain database service. Without services, we can not run any clients. To configure clients you can use Linuxconf or Mandrake Control Center. Remember you can run both of these from console or GUI. Linuxconf: To run Linuxconf, issue 'linuxconf' command. It could run on console and GUI both. Select 'Control' tab. Now click on Control Panel. Now choose 'Control Service Activity'. You will see following settings: Name Enabled Running alsa Automatic Running Anacron Automatic Running atd Manual Page 22
  23. 23. Linux Guide by: Pramod Parajuli December, 2002 and so on. Click on any service, then you will see a window. Now you can restart, start, stop, change the setting for automatic or manual etc. You can also select the run -levels on which you want to run the service. Mandrake Control Center: Run 'setup'. Go to 'System' and them 'Services'. Here you will see following settings Service name, status (running or stopped), Info, automatic ie. onboot or manual, start, and stop. Configure as you want. If you run the 'setup' on console, then select 'Service Configuration'. Now you will see following settings: [*] alsa [*] Anacron [] atd Note the '*' here. It means it is automatic. If you want to toggle the automatic or manual then use 'spacebar' to change the settings. These configurations are for boot processes. If you want to do every thing manual then here is how to do. Every service programs reside on /etc/rd.d/init.d directory. Go to this directory and list the contents. You will see lots of files. These are the very service programs you saw using Linuxconf. To see the status of a service: servicename status e.g. ./atd status Then it will show: asd is stopped. Page 23
  24. 24. Linux Guide by: Pramod Parajuli December, 2002 If you want to start the service then use: servicename start To stop the service then use: service stop To restart a service, use: service restart to reload i.e. refresh the service, use: service reload Later we will cover what each and every service is used for. 9. Installing new packages You chose lots of packages during Linux installation. What if you want to install packages later? In Linux, new software could be installed in many different ways. 1. Using RPM (Redhat Package Manager) packages. These packages are precompiled packaged like setup.exe in Microsoft Windows Family. After installing, the files are copied to their respective locations. For example, executables are copied to /usr/bin, configuration files are copied to /etc and so on. Some packages make their own directory and install. RPM is defined by RedHat corporation and is the most popular and easy way to install and remove packages. These packages use '.rpm' extension. 2. Uncompressing archives. The files for a program or software are compressed by using tools like 'tar' and 'gunzip'. These files are uncompressed onto some location and software is installed. These packages use .zip, .gz, .tar etc extension. 3. Compiling source code. You could get source code of the software and compile yourself on your computer and get the executables. Mandrake Linux provides a useful tool 'software manager' for package installation and removal. Look into the tool. You can configure yourself. It's very much easy. One limitation of this tool is that you can not install other packages than provided by Mandrake. Use 'rpmdrake' to run the tool. You could use 'Packager'. Run 'kpackage' to run the tool. You will see lots of packages installed. If you want to view information about them, just click on the name of package, Page 24
  25. 25. Linux Guide by: Pramod Parajuli December, 2002 the right panel will give briefing. To install new packages, use file-> open and then locate the file. The GNOME windowing system provides another useful tool called GnoRPM. You could run this tool by running 'gnorpm'. It will show a tree of categories and right panel will show the packages. Right click on the package and click on query, it will display information about the package. To install new packages click on 'install' button and it will show available packages on the CD-ROM. You could install do RPM based installation from console also. To do so, we use 'rpm' command. See manual pages for 'rpm'. The syntax for rpm is : rpm [options] <package name> If you have a package called mypackage.rpm then use: rpm -i mypackage.rpm Options: -i : install the package -e : erase / remove the package rpm -e mypackage.rpm -U : upgrade from older version to newer version rpm -U newpackage.rpm -qa : query rpm -qa | fgrep X Note the '|' and fgrep here. The pipe sign is to pass arguments to the query and fgrep is a very much useful tool to search the sub-string of the argument. So, we are filtering only by the sub-string. Here, only those packages that contain 'X' in the package name are displayed. 10. Processes The programs in Linux system are called processes. Sometimes, a single thread of a particular program is also called process. Viewing processes (ps) To view currently running processes, use following command: ps It will display process name, process ID, parent ID (which process initialized the process), owner of the process, total running time, total CPU usage, and command path. Page 25
  26. 26. Linux Guide by: Pramod Parajuli December, 2002 Normally, the ‘ps’ command shows user processes only. ie. if you are logged on as root, then it will show those processes of which root is the owner. To view all of the processes running in the system use: ps –ef To filter certain process that contains a substring ‘X’ then use ps –ef | fgrep X Killing processes If you want to stop certain process, then use ‘kill’. To kill a process, you need the ‘PID’ of the process. Let’s consider, the PID of process ‘xmms’ is 1345 then to kill the process use: kill 1345 Note: If you killed a parent process, then all child processes will automatically killed. Nice: Sometimes, a single process uses almost all 95-99 % of the CPU. If it happens, then other process will starve for CPU cycles. There are two solutions for this kind of problem. One is to kill the process. Remember the process might be very critical. So, another solution is to renicing the process so that it uses less CPU cycles. To do so, we use ‘nice’. See man page for ‘nice’ and ‘renice’. 11. TCP/IP Configuration (Adapted from ‘Teach Your Self TCP/IP in 14 Days’, Second Edition.) Although TCP/IP works transparently for the user, occasionally communications seem to be slow and TCP/IP is suspected as the cause. Most users are impatient and expect things to happen right away, so delays for any reason lead to frustration. Rather than sit and wait, most users like to be able to verify that a connection to a remote machine is active and a delay is caused by network traffic instead of a system failure. At the least, most users would like to understand why a session is progressing slowly. TCP/IP has several utility programs that provide status information and performance statistics. Also available are several debugging programs and options to enable a developer or knowledgeable user to trace a problem. This chapter examines the basic set of these tools. Although TCP/IP is a standard, there are many different implementations of the protocol Page 26
  27. 27. Linux Guide by: Pramod Parajuli December, 2002 family. Most versions have the basic toolset discussed today, although some might alter names and output to their own liking. All network addresses and machine names in this chapter are chosen at random and do not represent any particular network. Because the network addresses used might correspond to a real network, you should not use them in any experimentation, or you might incur the wrath of a system administrator! Not all the commands shown in this chapter are available to regular users (as opposed to system administrators) on all systems, although some system administrators do enable some access to the utilities for checking connection and TCP/IP status. The commands are presented here to show the debugging and diagnostic capabilities available to the TCP/IP user and administrator. The commands are not covered in exhaustive detail but are intended to complete the TCP/IP picture for you. Many of these programs and utilities are seen again later in this book when I set up a sample TCP/IP network. Configuration Files Several files are involved in the complete specification of network addresses and configuration for TCP/IP. For illustrative purposes, a UNIX system is used as the standard here, although a few other operating systems are mentioned as appropriate. Other operating systems use different filenames, but the purpose of the files is usually the same. You might have to check with your operating system documentation to identify the files used for each purpose. UNIX allows comments on every line of these configuration files, as long as they are prefaced by a pound sign (#). If you see this character in your own system's configuration files, you should note that it is not part of an entry. With many operating systems, the default configuration files have many entries, most of which are commented out until the system administrator removes the comments. You might not be able to examine the files or run the utilities mentioned in this chapter because of security restrictions. If you edit the configuration files, make sure you do not make any unintentional changes! Make backups of all the files before you make any changes to your systems. Symbolic Machine Names: /etc/hosts Whenever a symbolic name is used as a target address by an application, there must be some method to resolve that name into a network address. An ASCII file is commonly used with the symbolic names matched to network addresses. This does not apply when the Yellow Pages (YP), Network Information Services (NIS), or the Domain Name Server (DNS) is used; they use their own configuration files. On UNIX systems, the file /etc/hosts is used to hold the network addresses, as well as one special connection called the loopback (which is examined later in this chapter in the section titled quot;The Loopback Driverquot;). The loopback connection address is usually listed as the machine name loopback or localhost. The file /etc/hosts consists of the network address in one column separated from the symbolic name in another. The network addresses can be specified in decimal, octal, or hexadecimal format (although decimal is the most common). More than one symbolic name can be specified on a line by separating the names with either space characters or tabs. The Page 27
  28. 28. Linux Guide by: Pramod Parajuli December, 2002 /etc/hosts file can be as long as necessary to contain all the symbolic names used on the local machine; they do not need to be presented in any order. A sample UNIX /etc/hosts file is as follows: # network host addresses localhost local tpci_server tpci_sco1 tpci_sco2 tpci_hpws1 tpci_server tpci_main tpci BNR bnr kitty_cat roy_maclean big_roy bobs_machine As you can see, the file is made up of two columns. The first column gives the IP address of a machine, and the second (separated by one or more whitespace characters) gives the machine's name. If several names can be used to identify the remote machine, they are listed on the same line, separated by whitespace. For example, the remote machine with IP address can be addressed as either roy_maclean or big_roy. Whenever either of those names is used in a command (such as an FTP or Telnet application), this file is used to match to the proper IP address. A system or network administrator can update the /etc/hosts file at any time, and changes are effective immediately (so the machine doesn't have to be rebooted to effect the changes). Whenever a symbolic name is specified by a user or an application, the /etc/hosts file is always searched first for a matching name, and the proper address is read from the same line. Most TCP/IP implementations on other platforms have a similar type of file to resolve IP addresses from symbolic names. NetManage ChameleonNFS running on a Windows 3.x machine, for example, uses a Host Table to match names and IP addresses. The Host Table, shown in Figure 7.1, is a graphical front-end to a file equivalent to /etc/hosts on a UNIX machine. Network Names: /etc/networks Networks can be addressed by a symbolic name, just as machines are. To resolve the network names, another file is used that contains the corresponding network address. Typically, this file isn't accessed often, because few users want to address an entire network within their application. The network name resolution file's most common use is to specify the local network's name. UNIX systems usually use the file /etc/networks to specify symbolic network names. The format of the file provides a network symbolic name, its network address, and any alias that might be used, in much the same format as the /etc/hosts table is used for specific machines. A sample /etc/networks file is shown here: # local network names Page 28
  29. 29. Linux Guide by: Pramod Parajuli December, 2002 tpci 146.1 tpci_network tpci_local bnr 47.80 BNR tmn 123.2.21 unique 89.123.23 UNIQUE sco 132.147 SCO loopback 127 localhost The /etc/networks file layout is a little different from /etc/hosts in that the usual network name is given in the first column, followed by the IP network address, then any aliases. The last entry in this example file gives the loopback name. The first entry specifies the local machine name, its network address, and any name variants. Using this file, an application that wanted to reach the network called UNIQUE could use that name and let the operating system resolve it to the IP network address 89.123.23. Many implementations of TCP/IP on other platforms don't bother with a network name resolution file like this. Part of the reason is that the /etc/networks file has little use on a UNIX platform, and many single-user operating systems don't require the type of versatility a multiuser operating system like UNIX must supply to an entire network. Network Protocols: /etc/protocols Protocol numbers are used to identify the transport protocol to the receiving machine to enable proper decoding of the information within the datagram. With TCP/IP, the protocol number is embedded in the Internet Protocol header. A configuration file is usually used to identify all the transport protocols available on the system and their respective protocol numbers. UNIX systems use the /etc/protocols file for this purpose. Usually, this file is not modified by the administrator but is maintained by the system and updated automatically as part of the installation procedure when new TCP/IP software or services are added. The /etc/protocols file contains the protocol name, its number, and any alias that might be used for that protocol. A sample /etc/protocols file is shown here: # # Internet (IP) protocols # ip 0 IP # internet protocol, pseudo protocol number icmp 1 ICMP # internet control message protocol igmp 2 IGMP # internet group management protocol ggp 3 GGP # gateway-gateway protocol tcp 6 TCP # transmission control protocol egp 8 EGP # Exterior-Gateway Protocol Page 29
  30. 30. Linux Guide by: Pramod Parajuli December, 2002 pup 12 PUP # PARC universal packet protocol udp 17 UDP # user datagram protocol hello 63 HELLO # HELLO Routing Protocol ospf 89 OSPF # Open Shortest Path First Routing Protocol In this /etc/protocols file, the IP protocol is assigned protocol 0, and TCP is protocol 6. The values in this table should not be changed from their default values except when special network conditions mandate a change. If new TCP/IP services are added to the UNIX system this file resides on, new entries are made to this file by the application installation routine. There are usually no equivalents of the /etc/protocols file on other operating systems because they assume that the standard transport number is used for each protocol. Network Services: /etc/services The final common configuration file used on most UNIX systems identifies the existing network services. As with the /etc/protocols file, this file is not usually modified by an administrator but is maintained by software as it is installed or configured. The UNIX network services file is /etc/services. The file is in ASCII format consisting of the service name, a port number, and the protocol type. The port number and protocol type are separated by a slash. The port numbers for TCP/IP usually follow the conventions mentioned in the previous chapters. Any optional service alias names follow after the port numbers. A short extract from a sample /etc/services file (the file is usually quite lengthy) is shown here: # network services echo 7/tcp echo 7/udp discard 9/tcp sink null discard 9/udp sink null ftp 21/tcp telnet 23/tcp smtp 25/tcp mail mailx tftp 69/udp # specific services login 513/tcp who 513/udp whod Setting the Host Name Page 30
  31. 31. Linux Guide by: Pramod Parajuli December, 2002 TCP/IP requires that each machine on the network have an IP address. Usually, each machine also has a unique symbolic name; otherwise, the IP address must be used for all connections to that machine. Most operating systems have a simple program that identifies the name of the local machine. UNIX systems have the utility hostname for this purpose, as well as the uname program, which can give the node name with the command uname -n. The uname utility is usually supported in System V and compatible operating systems only. The host name is sometimes saved in a separate file that is read when the operating system starts up, or it can be read from one of the configuration files mentioned previously. The hostname is used by most protocols on the system and by many TCP/IP applications, so it is important for proper system operation. The host name can sometimes be changed by editing the system file that contains the name and then rebooting the machine, although many operating systems provide a utility program to ensure that this process is performed correctly. On many UNIX systems, the hostname and uname commands echo back the local machine name, as the following sample session shows: $ hostname $ uname -n tpci_sco4 On the SCO UNIX system used in this example, the hostname command returns the fully qualified domain name, whereas the uname command provides the local machine name only. On a Hewlett-Packard workstation running HP-UX, both commands return only the local machine name. The exact behavior of the hostname and uname commands is therefore quite dependent on the implementation. On a Linux system, for example, the hostname command can be used to not only show the current host name setting but also to change it when used with the -S (for set) option. For example, the command hostname -S changes the local fully qualified domain name to Not all versions of Linux support the -S option of the hostname command. Most TCP/IP suites for other operating systems use a simpler method of setting the host name. For example, on a Windows 3.x machine the NetManage ChameleonNFS package uses the dialog shown in Figure 7.2 to quickly set the host name. Windows NT has TCP/IP services built into the basic distribution. On a Windows NT system, the host name is specified through the Network dialog opened from the Control Panel, as shown in Figure 7.3. Both the Windows NT and Windows 3.x systems enable a change in the host name to be made effective immediately, although a system reboot is recommended to clear all configuration information held in memory. A potential problem can occur when the local machine is multihomed, or based in several networks with a different name and IP address for each network. The single name in the configuration file in such an installation might not provide enough information to permit proper routing over all the connected networks. This problem is seldom encountered, but it does require the system administrator to set the hostname for each network carefully. Aside from the simple machine name query shown, the hostname system is a full protocol that enables access to the Network Information Center (NIC) tables to verify addresses and Page 31
  32. 32. Linux Guide by: Pramod Parajuli December, 2002 obtain information about the network, gateways, and hosts. It uses TCP port number 101 to connect to the NIC. This type of access is usually restricted to the network administrator. The Loopback Driver The loopback driver is probably the most fundamental and often-used diagnostic available to an administrator. A loopback driver acts as a virtual circuit, enabling outgoing information to be immediately rerouted back to an input. This enables testing of the machine's circuits by eliminating any external influences, such as the network itself, gateways, or remote machines. By convention, each machine uses the IP address for the loopback driver (also called the localhost IP address). Every system should have a loopback driver in place whether the machine is on a network or not. This is because some applications insist on having an IP address they can access to function properly. Many license servers on a UNIX machine have this requirement, for example. Although the need for a loopback driver isn't important for non-networked Windows and similar operating system machines, a loopback driver is always installed with a TCP/IP suite. By using a loopback driver, an administrator can be sure that the local machine is working properly and that any failures are from further out. Also, some applications insist on having a loopback driver IP address in order to function properly. Loopback drivers are usually embedded as part of the operating system kernel, or sometimes as an add-on utility program. Most multiuser systems employ an embedded loopback driver. UNIX is a good example: within the kernel is a device driver specifically designed to act as a loopback driver. The loopback driver is almost always added automatically when the operating system is installed, but a few UNIX-based operating systems, including several versions of Linux, don't perform this function, and the loopback driver must be added manually by the system administrator. As previously mentioned, several configuration files on the system contain the address of the loopback's connection, such as /etc/hosts. Using the loopback driver to reroute the output stream, the network interface card (usually an Ethernet card) is bypassed. The loopback driver is useful for testing TCP/IP software installations, because it immediately shows any problems with the local configuration. This can be done before the machine is physically connected to the network or even before the networking hardware and software are installed. For example, you can use the loopback driver to test your TCP/IP configuration before it is connected to a network by using the ping command with the localhost name or IP address, as the following example shows: # ping -c5 localhost PING localhost ( 56 data bytes 64 bytes from localhost ( icmp_seq=0 ttl=64 time=10 ms 64 bytes from localhost ( icmp_seq=1 ttl=64 time=0 ms 64 bytes from localhost ( icmp_seq=2 ttl=64 time=0 ms 64 bytes from localhost ( icmp_seq=3 ttl=64 time=0 ms Page 32
  33. 33. Linux Guide by: Pramod Parajuli December, 2002 64 bytes from localhost ( icmp_seq=4 ttl=64 time=0 ms --- localhost ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 0/2/10 ms # ping -c5 PING ( 56 data bytes 64 bytes from localhost ( icmp_seq=0 ttl=64 time=0 ms 64 bytes from localhost ( icmp_seq=1 ttl=64 time=0 ms 64 bytes from localhost ( icmp_seq=2 ttl=64 time=0 ms 64 bytes from localhost ( icmp_seq=3 ttl=64 time=0 ms 64 bytes from localhost ( icmp_seq=4 ttl=64 time=0 ms --- ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 0/0/0 ms In the preceding example I used the ping command with the -c option to specify five pings, first with the localhost name (which /etc/hosts resolves to the IP address and then with the IP address itself. If either command had failed, it would indicate a problem with either the /etc/hosts file (if the name localhost could not be resolved) or with the TCP/IP installation (if both commands failed). Managing ARP The arp program manages entries in the system's Address Resolution Protocol (ARP) tables. You may recall that ARP provides the link between the IP address and the underlying physical address. For more information, see Day 2, quot;TCP/IP and the Internet.quot; Using arp (or its equivalent in other operating systems), the administrator can create, modify, or delete entries in the ARP table. Typically, this has to be performed whenever a machine's network address changes (either because of a change in the network hardware or because of a physical move). The arp program differs considerably between implementations and is seldom used by users, so examples of its use are left to the operating system's configuration and administration documentation. Using ifconfig The ifconfig program, or one like it, enables an administrator to activate and deactivate network interfaces, as well as to configure them. Access to the ifconfig program is generally restricted to a superuser or network administrator. Changes to the configuration can usually be made only before the system is fully operational (such as in single-user mode on a UNIX system). When issued, ifconfig essentially instructs the network layer of the kernel to work Page 33
  34. 34. Linux Guide by: Pramod Parajuli December, 2002 with the specified network interface by assigning an IP address, then issuing a command to make the interface active on the system. Only when the interface is active can the operating system kernel send and receive data through the interface. The ifconfig program enables a network administrator to perform several useful functions on most operating systems: Activate or deactivate an interface Activate or deactivate ARP on an interface Activate or deactivate debugging mode on an interface Assign a broadcast address Assign a subnetwork mask Assign a routing method Examining all the options available to ifconfig would require several dozen pages. Because this material is rarely used and differs with each implementation, administrators are referred to their operating system documentation. As an example, the Linux version of the ifconfig command uses this general format: ifconfig interface_type IP_Address interface_type is the interface's device driver name (such as lo for loopback, ppp for PPP, and eth for Ethernet), and IP_Address is the IP address used by that interface. When used with only the name of an interface, ifconfig usually returns information about the current state of the interface, as shown in the following example. In this example, a query of both an Ethernet card (called ec0) and the loopback driver (called lo0) is performed. The status flags of the interface are followed by the Internet address, the broadcast address, and optionally a network mask, which defines the Internet address used for address comparison when routing. tpci_sco1-12> ifconfig ec0 ec0: flags=807<UP,BROADCAST,DEBUG,ARP> inet netmask fffff00 broadcast tpci_sco1-13> ifconfig lo0 lo0: flags=49<UP,LOOPBACK,RUNNING> inet netmask ff000000 The preceding example shows that the Ethernet connection ec0 is active (UP), able to transmit broadcasts (BROADCAST), and is in debugging mode (DEBUG). Also, the ARP protocol is active (ARP). You may recall that a broadcast message is sent to all machines on the local network by setting the host ID address to all 1s. Once the ifconfig command has been run and an interface is active, many operating systems require the route command to be issued to add or remove routes in the kernel's routing table. This is needed to enable the local machine to find other machines. The general format of the route command on a UNIX or Linux system is this: route add|del IP_Address Page 34
  35. 35. Linux Guide by: Pramod Parajuli December, 2002 Either add or del is specified to add or remove the route from the kernel's routing table, and IP_Address is the remote route being affected. The current contents of the kernel's routing table can be displayed on some systems by entering the command route by itself on the command line. For example, on a Linux system that is set up only with the loopback driver, you see an output like this: $ route Kernel Routing Table Destination Gateway Genmask Flags MSS Window Use Iface loopback * U 1936 0 16 lo The important columns are the destination name, which shows the name of the configured target (in this case only loopback), the mask to be used (Genmask), and the interface (Iface, in this case /dev/lo). You can force route to display the IP addresses instead of symbolic names by using the -n option: $ route -n Kernel Routing Table Destination Gateway Genmask Flags MSS Window Use Iface * U 1936 0 16 lo Not all UNIX and Linux versions show this type of output from the route command. The use of the ifconfig and route programs can be shown in the setup of a Slackware Linux system's Ethernet connection. To make the Ethernet interface active, the ifconfig command is issued with the Ethernet device name (eth0 on a Slackware Linux system) and the local IP address. For example, the command ifconfig eth0 sets up the local machine with the IP Address The interface is the Ethernet device /dev/eth0. The interface can then be checked with the ifconfig command using the interface name: $ ifconfig eth0 eth0 Link encap 10Mps: Ethernet Hwaddr inet addr Bcast Mask UP BROADCAST RUNNING MTU 1500 Metric 1 RX packets:0 errors:0 dropped:0 overruns:0 TX packets:0 errors:0 dropped:0 overruns:0 You may notice in the output that the broadcast address was set based on the local machine's IP address. This is used by TCP/IP to access all machines on the local area network at once. The Message Transfer Unit (MTU) size is usually set to the maximum value of 1500 (for Ethernet networks). Next, an entry is added to the kernel routing tables to let the kernel know about the local machine's network address. The IP address that is used with the route command is not your Page 35
  36. 36. Linux Guide by: Pramod Parajuli December, 2002 local machine's IP address, but that of the network as a whole without the local identifier. To set the entire local are network at once, the -net option of the route command is used. In the case of the IP addresses shown earlier, the command would be this: route add -net This adds all the machines on the network identified by the network address 147.123.20 to the kernel's list of accessible machines. An alternative method is to use the /etc/networks file. Once the route has been added to the kernel routing tables, it can be tested with the ping command. The inetd Daemon The inetd program is a holdover from the early days of TCP/IP UNIX development. When a UNIX machine was started, it would activate TCP/IP and immediately accept connections at its ports, spawning a process for each. This could result in many identical processes, one for each available port. To control the processes better, the inetd program was developed to handle the port connections itself, offloading that task from the server. The primary difference is that inetd creates a process for each connection that is established, whereas the server creates a process for each port (which leads to many unused processes). On many systems, some of the test programs and status information utilities are run through inetd. Typically, services like echo, discard, and time use inetd. The inetd program uses a configuration file usually called /etc/inetd.cfg, /etc/inetd.conf, or /etc/ on UNIX systems. An extract of a sample /etc/inetd.cfg file is shown in the following code: # @(#)inetd.conf 5.2 Lachman System V STREAMS TCP source # # System V STREAMS TCP - Release 4.0 ftp stream tcp nowait NOLUID /etc/ftpd ftpd telnet stream tcp nowait NOLUID /etc/telnetd telnetd shell stream tcp nowait NOLUID /etc/rshd rshd login stream tcp nowait NOLUID /etc/rlogind rlogind exec stream tcp nowait NOLUID /etc/rexecd rexecd finger stream tcp nowait nouser /etc/fingerd fingerd comsat dgram udp wait root /etc/comsat comsat ntalk dgram udp wait root /etc/talkd talkd echo stream tcp nowait root internal discard stream tcp nowait root internal chargen stream tcp nowait root internal Page 36
  37. 37. Linux Guide by: Pramod Parajuli December, 2002 daytime stream tcp nowait root internal time stream tcp nowait root internal echo dgram udp wait root internal discard dgram udp wait root internal chargen dgram udp wait root internal daytime dgram udp wait root internal time dgram udp wait root internal The columns show the service name (which corresponds to an entry in the services file, such as /etc/services), the socket type (stream, raw, or datagram), the protocol name, whether inetd can accept further connections at the same port immediately (nowait) or must wait for the server to finish (wait), the login that owns the service, the server program name, and any optional parameters needed for the server program. The configuration file is read when the server is booted and every time a hang-up signal is received from an application. This enables dynamic changes to the file, because any modifications would be read and register on the next file read. The netstat Command The netstat program or a similar utility provides comprehensive information about the local system and its TCP/IP implementation. This is the program most commonly used by administrators to quickly diagnose a problem with TCP/IP. The actual information and its format supplied by the netstat utility differs with the operating system implementation, but it usually supplies the following important summaries, each of which is covered in more detail later: Communications end points Network interface statistics Information on the data buffers Routing table information Protocol statistics On some systems, information about the interprocess communications and other protocol stacks might be appended. The information to be displayed can usually be toggled with a command-line option. The output from a typical UNIX installation that uses the netstat command is shown in the next few sections, which discuss netstat and its output in more detail. The output and meaning might be different with other operating systems, but the general purpose of the diagnostic tool remains the same. Communications End Points The netstat command with no options provides information on all active communications end points. To display all end points (active and passive), netstat uses the -a option. The output is formatted into columns showing the protocol (Proto), the amount of data in the receive and send queues (Recv-Q and Send-Q), the local and remote addresses, and the current state of the connection. A truncated sample output is shown here: $ netstat -a Page 37
  38. 38. Linux Guide by: Pramod Parajuli December, 2002 Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) ip 0 0 *.* *.* tcp 0 2124 tpci.login merlin.1034 ESTABL. tcp 0 0 tpci.1034 prudie.login ESTABL. tcp 11212 0 tpci.1035 treijs.1036 ESTABL. tcp 0 0 tpci.1021 reboc.1024 TIME_WAIT tcp 0 0 *.1028 *.* LISTEN tcp 0 0 *.* *.* CLOSED tcp 0 0 *.6000 *.* LISTEN tcp 0 0 *.listen *.* LISTEN tcp 0 0 *.1024 *.* LISTEN tcp 0 0 *.sunrpc *.* LISTEN tcp 0 0 *.smtp *.* LISTEN tcp 0 0 *.time *.* LISTEN tcp 0 0 *.echo *.* LISTEN tcp 0 0 *.finger *.* LISTEN tcp 0 0 *.exec *.* LISTEN tcp 0 0 *.telnet *.* LISTEN tcp 0 0 *.ftp *.* LISTEN tcp 0 0 *.* *.* CLOSED udp 0 0 *.60000 *.* udp 0 0 *.177 *.* udp 0 0 *.1039 *.* udp 0 0 *.1038 *.* udp 0 0 localhost.1036 localhost.syslog udp 0 0 *.1034 *.* udp 0 0 *.* *.* udp 0 0 *.1027 *.* Page 38