Lamp Chapter2 New

FOSS / LAMP

Revathi J Bharathidasan University Technology Park (BUTP) Bharathidasan University

Standard Files • Linux provides three I/O channels to processes. ▫ Standard input, Standard output & Standard error.

Standard Input Keyboard

Standard Output

Program Standard Error

Standard I/O and Pipes • Linux supports shell redirection operators allow standard I/O channels to be redirected to or from a file. • The following common redirection operators; ‘<’, ‘>’, ‘2>’, ‘|’.

Redirection Input : '<' command • Commands are usually accept a filename or standard input. • Many linux commands, like cat will take their input from a file if one is given as an argument. Examples $ cat test.txt $ cat < test.txt

• Some commands are operate on standard input, like tr command tr 'A-Z' 'a-z' < /sample.txt

Redirecting output Command • The "greater than" symbol '>' is used for save the output. Example : $ ls -l > outputfile • If you want to add or append the date to this output file, use the command: $ date >> outputfile • with two "greater than" symbols (>>) we will add or append to the file without erasing its contents.

Redirecting Standard Error

• The command 2> symbol is used for creating a file for an error message that you may get. • You can redirect the standard error into some file. Example $ find / -name resolv.conf 2> errorfile To display the contents of the errorfile, $ cat errorfile

Pipe | command • This symbol is like two vertical slashes, one on top of the other. • That means that the pipe will separate two commands so that they will be done one after the other. Example $ ls -l /proc $ ls -l /proc | more • Scroll down with the ENTER key $ ls -l /proc | less • Scroll with arrows/pgup/pgdown

Tee command • Lets you tee a pipe: redirect output to a file when still piping it to another program. Example $ set | tee set.out | less ▫ The output from set is written to file set.out while also piped to less

• Tee is useful to save the output at various stages from a long sequence of pipes. Example $ | tee file1.out | sort | tee file2.out

Cat Command • Contents of the files are displayed sequentially with no break. • Files display “concatenated”. Syntax $ cat [options] [file...] Example $ cat /etc/profile $ cat /etc/profile | /etc/passwd >> output.txt $ cat /etc/profile | tee out.txt

The Linux Security Model • Users and groups are used to control access to file and resources. • Users log in to the system by supplying their user name and password. • Every file on a Linux system is owned by a user and associated with a group. • Every process has an owner and group affiliation, and can only access the resources its owner or group can access

Users • Every person that logs into considered to be a user.

the computer is

• Every user has a unique User ID number (the uid) • User names and uids are stored in /etc/passwd file. • User have full access to their home directories. • Users can not change or even read each other's files without being given permission.

Groups • Users are assigned to groups with unique group ID numbers (the gid). All users in a group can share files that belongs to the group. • A user’s primary group is defined in the /etc/passwd file and secondary groups (gids) are defined in the /etc/group file. • Primary group can be changed using the newgrp command: ▫ # newgroup othergroup where othergroup is one of the user’s secondary groups.

Root User • The root user has special administrative account ▫ sometimes called the superuser ▫ root has complete control over the system ▫ To protect the system from accidental damage, it is important for system administrators to use a normal user account for as much work as possible.

Linux File Security •Every

file and directory has permissions set that determine who can access it. Permissions are set for : Owner of the file Group members All others

Permissions that are set are called Read, write and execute permissions.

Permission Types Four symbols permissions:

are

used

when

displaying

r

permission to be read a file or list a directory’s contents.

w

permission to be write a file or create & remove files from a directory.

x

permission to be execute a program or change into a directory and do a long listing of the directory.

-

no permission

Examining Permissions • File permissions may be viewed using ▫ $ ls -l /bin/login -rwxr-x-r-x

1

root

root

19080

Apr

1 18:30

/bin/login

• Directories permissions may be viewed using ▫ $ ls -l /bin drwxr-x-r-x

2

root

root

4096

Apr

15 18:30

/bin

• File type and file access permissions symbolized by a 10 character string

are

Interpreting Permissions drwxr-x-r-x

2

root

root

4096

Apr

15 18:30

/bin

The 1 Character is used to distinguishes directories (d) from regular fiels (-). - regular file, d – directory, l – symbolic link, b – block special file, c – character special file, p – named pipe, s - socket Characters 2,3 and 4 identify permissions for the owner(u). Characters 5,6 and 7 identify permissions for the group(g). Characters 8,9 and 10 identify permissions for all others(o).

Linux Process Security • When a process accesses a file, the user and group of the process are compared with the user and group of the file. ▫ If the user matches the user permission apply. ▫ If the group matches, but the user doesn't, the group permissions apply. ▫ If neither match, the other permissions apply.

Changing Permissions • The permission instruction can be issued either symbolically or numerically. • The chmod command changes permission of files and directories. Who may be chosen from

Operator may be chosen from

Permission may be chosen from

u g o a

+ Set permission - Unset permission = Assign a permission

r w x s

owner of the file group others all three categories

read write execute set user ID bit or group ID bit t sticky bit (for directory)

Symbolic Method • Examples # chmod u+w,go-w txtfile

// grants write access to owner but denies to group and others.

# chmod u=rw txtfile

// Sets user permissions to read and write, with execute turned off, regardless of the current permission.

# chmod +r txtfile

// Makes the file world-readable.

Numeric Method • To change the permission on a file the numeric method is easier than the symbolic method. • Uses a three digit mode number

first digit specifies owner permission  second digit specifies group permission  third digit specifies others permission 

• Permissions are calculated by adding: 4  2  1  0 

read write execute no permission

Numeric Method - Examples • # chmod 664 file // Read and write set for owner and group, read-only for others. • # chmod 660 file // Read and write set for owner and group, no permission for others. • # chmod 444 file // Read-only permission set for all. •With directory permissions: • # chmod 755 dir // Full permission set for owner, read and execute set for group and others. • # chmod 770 dir // Full permission set for owner and group, no permission others. • # chmod 555 dir // Read and execute permission set for all.

Advanced Topics in Users, Groups & Permissions

• All authentication is stored in plain text files: /etc/passwd /etc/shadow /etc/group

• The /etc/passwd file contains seven fields. User name, password, uid, gid, GECOS field, home directory, and shell to be run when a user logs in. • root:x:0:0:root:/root:/bin/bash

• The /etc/shadow file is referenced when someone logs in: the file contains a mapping of a user name to a password. • The /etc/shadow file contains user name, password encryption, days from linux started, minimum days, maximum days, warning days. •

root:!!:13326:0:99999:7::: !! - refers password lock.

• The /etc/group file contains four fields: ▫ group name, group password, gid, comma separated list of group members.

•

sysadmin:x:601:user1,user2

Changing your identity • The su command is used to change identities. • To start a new shell as a different user: # su <username> # su - <username> • Lets suppose jack has bob permission to read his email. He can temporarily assume jack user id: $ su – bob password: $ whoami bob

User Information Commands • The information commands information about the users. Example,  Find out who you are 



Find out what groups you belong to 



groups, id

Find out who is logged in 



whoami

users, who, w

Find login/reboot history 

last

provide

the

Default permissions and Umask Default permission for files is 666  Default permission for directories is 777 

umask is subtractor from default to determine new file/directory permissions 



non-privileged user’s umask is 002

files will have permissions of 664  directories will have permissions of 775 



root’s umask is 022

Special permissions • A fourth permission set (in addition to user/group/other) • Applicable in four cases: ▫ Set user ID or suid for an executable ▫ Set group ID or sgid for an executable ▫ Set group ID or sgid for a directory ▫ Sticky bit for a directory • Use the chmod command, preceding the usual three digits with a digit representing the special permission : ▫ 4 for suid, 2 for sgid, 1 for the sticky bit. • Example: # chmod 3775 groupdir

Special Permissions for Executables • The Set UID Permission • Suid : Command run with permissions of the owner of the command, not exexcutor of the command • In long listing, the suid permission is displayed as a lower case “s” where the “x” would otherwise be located for the user permission.

-r-s- -x- -x

$ chmod 4551 passwd $ ls -l passwd 1

root

root

15367

May

20

2007 passwd

Set gid command • sgid : command runs with group affiliation of the group of the command: $ chmod 2551 passwd $ ls -l passwd -r-xr-s- -x

1

root

john

30899

Aug

18

passwd

Special Permissions for Directories • Sticky Bit ▫ Files and directories with the sticky bit set can only be removed by the owner and root, regardless of the write permissions of the directory

$ chmod 1777 /tmp $ ls –ld /tmp drwxrwxrwt

30

root

root

7089

Mar 9 10:28

/tmp

• sgid : files created in directories with the sgid bit set have group affiliations of the group of the directory. • This is commonly used on group directories: $ chmod 2770 $ ls –l groupdir drwxrws- - -

2

john

eric

4089

Mar

9 10:20 groupdir

• Often both the sticky bit and the sgid permission will be set on a group directory

Vi Editor • vi : the 'visual editor', standard Linux and Unix editor. • Let's make a text file. Type: vi textfile • Three modes in vi editor,  Command mode Cursor movement Change, delete, yank, put and search  Insert mode Type in new text Return to command mode with <Esc>  Ex mode Configuring, exiting, saving Search and Replace ▫ To enter ex mode, type “:” while in command mode

Common vi editor command list For this Purpose To insert new text To save file

Use this vi Command Syntax ESC +i ESC +: +w

To save file with file nameESC +: +w  "filename" (save as) To quit without saving ESC +: +q! To save and quit vi editor

ESC +: +wq

To search for specified word inESC +/word forward direction To continue with search  n

Command list continued.... For this Purpose

Use this vi Command Syntax

To search for specified word in ESC +?word backward direction To copy the line where cursor is ESC +yy located ESC +4yy If want copyjust n lines (i.e.or4 ESC +p Toyou paste thetotext deleted lines) copied at the cursor To delete entire line where cursor is ESC +dd located ESC +4dd If want to from delete n lines (i.e. 4 ESC +dw Toyou delete word cursor position lines) To undo ESC +u To redo



Partitions and Filesystems • In Linux,hard disk drives are divided into partitions. • These partitions are formatted with filesystems, and these filesystems are allow user to store data and access files. • There are different Filesystem types are available, the default Filesystem is ext3. Other common filesystems are ext2,msdos and iso9660.

Symbolic (or Soft) links • A symbolic link points to another file • ls –l displays the link referenced file • To create a symbolic link

name

and

the

$ ln -s /etc/passwd password $ ls - li password /etc/passwd 30338 30376

-rw-r--r-1 root root 1729 Aug 24 11:43 /etc/passwd lrwxrwxrwx 1 ram ram 11 Aug 24 10:43 password  /etc/passwd

Hard links • One physical file on the filesystem • File is present in the filesystem as long as at least one link remains. • To create an hard link to an existing file, use the ln command: $ ln txtfile new $ ls -li txtfile new 24567

-rw-rw-rw- 1 ram ram 29 Aug 24 11:43 txtfile

24567

-rw-rw-rw- 1 ram ram 29 Aug 24 11:43 new

Checking free space • df – reports disk space usage

▫ Reports total kilobytes, kilobytes used, kilobytes free per file system ▫ - h displays sizes in easier to read units

• $ df /opt Filesytem /dev/hda7

1K-blocks Used Available Use% Mounted on 15685 51234 10244 20% /opt

• $ df -h /opt Filesytem Size Used Available Use% Mounted on /dev/hda7 16G 4.9G 11G 20% /opt

du command • du – reports disk space usage ▫ ▫ ▫ ▫

Reports kilobytes used per directory Includes subtotals for each subdirectory -s option only reports single directory summay Also takes -h option Example :

$ du -s /dev

11630

/dev

Removable media • “Mounting” means making a foreign filesystem look like part of the main tree • Before accessing, media must be mounted. • Before removing, media must be unmounted. • Mountpoints are usually under /media.

Mounting CDs and DVDs • When using X Window System, inserting a CD into the drive automatically mounts the CD and adds an icon to the desktop.

• Otherwise, must be manually mounted,  CD/DVD Reader $ mount /media/cdrom $ umount /media/cdrom  CD/DVD Writer $ mount /media/cdrecorder $ umount /media/cdrecorder • If you want to eject the CD out, you have to execute the eject command.

Mounting USB Media • When using X Window System, automatically mounted in Gnome/KDE and icon created in computer window. • USB disks are treated as SCSI devices, thus they are referenced as /dev/sda, /dev/sdb, etc. • If you want to mount manually, $ mount /media/ $ umount /media/

Archive Files • Archiving places many files into one target file. ▫ Easier to back up, store and transfer

• Tar – standard linux archiving command Example # tar c v f

-cvf /tmp/work.tar /tmp - create a new archive - produces verbose messages - archive_name is name of new file

# tar -tf /tmp/work.tar t - used to list the content inside the directory. # tar -xvf /tmp/work.tar x - extract the directory

Compression Utilities • gzip, gunzip

▫ Standard linux compression utility ▫ Up to 75% compression for text files # gzip –v file # gunzip file.gz

• bzip2, bunzip2

▫ newer Linux compression utility ▫ Generally archieves better compression than gzip. # bzip2 -v file # bunzip2 file.bz2

String Processing - head • The head command displays first few lines of the text in a file. (i.e) it display from top of the file. Example: # head –n 3 /etc/passwd root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin: daemon:x:2:2:daemon:/sbin: • -n or --lines specifies the number of lines to display.

tail • The tail command displays last few lines of the text in a file. (i.e) it display from bottom of the file. Example: # tail -n 2 /etc/passwd ntp:x:38:38: :/etc/ntp:/sbin/nologin gdm:x:42:42: :/var/gdm:/sbin/nologin • -n or --lines specifies the number of lines to display.

wc • wc - word count is used to count lines and characters. Example: # wc text.txt 20 200 1500 l - for line count w - for word count c - for character count

text.txt

grep • grep – general regular expression processor, displays the lines in a file that match a pattern. It can also process standard input. # grep ‘eric’ /etc/passwd eric:x:501:501:eric:/home/eric:/bin/bash # ls | grep d* # grep ‘[Dd]og’ testfile -it displays either the string “Dog” or the string “dog” from the file testfile.

find • Finds one or more files assuming that you know their approximate filenames. • Syntax: $ find -name Examples: $ find / -name 'myhome.html'

In the above command the system would search for any file named myhome.html in the current directory and any subdirectory

Investigating and Managing Processes • Process : It is an executing program with several components and properties.

• pstree shows the process ancestry for all process running on the system. # pstree • ps – displays processes information

Viewing Processes • ps – displays processes information • # ps -[option] ps ps ps ps ps ps ps

-a  processes by all users -x  processes from all terminals -u  show process owners -w  include command arguments -f  show process ancestry -l  long listing -A  to see all the process

Scheduling the process • Commands will be executed at the time indicated. The output is mailed to the user. • Syntax: # at • Example # at 8:30pm July 10 > ls –l

# atq # atrm [jobID] To see the job result, • # mail

// list the current at jobs pending. // used to remove pending at jobs // used to view the executed jobs

Scheduling Periodic Processes • cron • The cron mechanism allow processes to be invoked periodically. Syntax: # crontab [-u user] file # crontab [-l | -r | -e] [username] l - used to display the crontab file r - used to remove the crontab file e - used to edit the crontab file

• A user’s crontab may look like the following: # crontab -eu root #Min Hour DoM 0 4 * 0 0 31 */1 11 * *

: wq

Month * 10 *

DoW * * ls

For activate the crontab, # service crond restart # chkconfig crond on

Command find / -name passwd echo “Welcome to BUTP”

Installing Application • Most of the linux application that you want to install are available in RPM format. • To install an RPM archive file with the rpm command, use the following syntax; # rpm –i [option] package • The options:-v - to get more verbose feedback, along with some of the output. -h - Prints 50 hash marks(#) as the package is unpacked.

Querying packages Querying Packages • Using the query options (-q) of rpm, you can get information about RMP package. # rpm -qa list all the installed packages

Thank You

Command list continued .... For this Purpose

Use this vi command Syntax

Go to the first line in the file

ESC +g

Go to the last line in the file

ESC +G

Go to first line in file(any number can be given ESC +1G or H and cursor will jump to that line) Go to middle line on screen ESC +M Go to last line on screen

ESC +L

Go forward one full screen Go back one full screen Go down half a screen Go up half a screen



To Find all occurrence of given word and ESC +:$s/word-to-find/word-to-replace/g Replace then globally without confirmation  To Find all occurrence of given word and ESC +:$s/word-to-find/word-to-replace/cg Replace then globally with confirmation To run shell command like ls, cp or date etcESC +:!shell-command For e.g. :!pwd within vi

Inodes • An inode table contains a list of all files in an ext2 or ext3 filesystem. • An inode (index node) is an entry in the table, containing information about a file (the meta data), including : ▫ ▫ ▫ ▫

File type, permissions, link count, UID, GID The file's size and various time stamps Pointers to the file's data blocks on disk Other data about the file

Inode - example • $ ls -il 80777 59907 80787

-rw-r----- 1 ram ram 5120 Sep 11 12:50 txtfile drwxrw---- 2 ram ram 4098 Sep 11 12:50 data -rw-r----- 1 ram ram 1500 Sep 11 12:52 file

• The inode value is showed in the first column

cp and inode • When a file is copied to a new name in the same directory, the directory and the inode table get a new entry. Example: $ ls - li txtfile 24567

-rw-rw-r--

$ cp txtfile new 24567 -rw-rw-r-24568 -rw-rw-r--

1 ram

1 ram 1 ram

ram ram

ram

26 Sep 25

26 Sep 25 26 Sep 25

20:16

20:16 20:16

txtfile

txtfile new

mv and inode • When a file is moved, the inode number remains the same. • The data on the file system is not moved. Example: $ ls - li txtfile 24568

-rw-rw-r--

$ mv txtfile new

1 ram

ram

26 Sep 25

20:16

txtfile

ram

26 Sep 25

20:16

new

$ ls - li txtfile new 24568

-rw-rw-r--

1 ram

rm and inodes • The rm command : ▫ Decrements the link count, thus freeing the inode number to be reused ▫ Places data blocks on the free list ▫ Removes the directory entry

• Data is not removed, but will be overwritten when the data blocks are used by another file

cut • cut is used to “cut” fields or columns of text from a file and display it to standard output. Example: # cut -f3 -d: /etc/passwd Will display a list of uids from /etc/passwd, because uids are stored in field three and “:” is used as a delimiter. # cut -c2 -5 /etc/passwd It will display character starting from 2 ending with 5 character.

nd

th

and

paste • paste combines files “horizontally”. It takes a line from each file and “paste” them together to standard output, separated by a tab. • Use the –d option to change the output delimiter. # paste -d: test1 test2 > mergefile • It takes the line from each file (test1 and test2) and put it into the output file.

• The uniq “removes” duplicate lines from a file.

uniq

Example # vi

uniqfile Sunday Monday Tuesday Sunday Friday Monday

# uniq uniqfile Sunday Monday Tuesday Friday

Sort • Sorts text to stdout – original file unchanged • By default sort sorts the file in ascending order using the entire line as a sorting key. Syntax: # sort [option] filename -r reverses sort -n numeric sort -u unique (remove duplicate lines in output)

tr • tr is used to translate characters; that is given two ranges of characters, any time a character in range 1 is found, it is translated into the equivalent character in range 2. # tr ‘a-z’ ‘A-Z’ < testfile • The translated output is stored into testfile.

diff • Diff is used to compare the contents of two files for differences. # diff test1 test2 < This is test file ------> Welcome

// first file test1 // second file test2

Specll check • aspell is an interactive spell checker. It offers suggestions for corrections via a simple menudriven interface. # aspell check testfile • aspell -l will non-interactively list the misspelled words in a file read from standard input. # aspell -l < stdfile

look • A quick spelling dictionary lookup can be performed with look. • It comes in handy when you need the spelling of a word of which you know the first few letters. # look le Leave Letter Lead Least ….

Regular Expressions • Regular expressions are pattern matching engine • sed - stream editor. It will perform a search and replace on all lines in the file, sending the modified data to standard output; that is, it does not actually modity the existing file.

# sed [sting] Example: # sed ‘s/cat/dog/’ pets // cat being replaced by dog string. # sed ‘s/cat/dog/g’ pets // entire cat string being replaced by dog string.