CS 468: Advanced UNIX
Class 3
Dr. Jesús Borrego
Regis University
1
scis.regis.edu ● scis@regis.edu
Topics
•
•
•
•
•
•
2
Update from last class
Unix File System
Systems Programming/File Management
Homework 2 solutions
Homework 3 Assignment
Q&A
Update from last class
• AVG for Linux
• Linux scan tools
• Linux LDAP tools
▫ Many for Linux, Windows, Mac
▫ Some provide Active Directory integration on
Linux and Mac
• Winaudit
▫ Demo
3
AVG for Linux
http://www.ihaveapc.com/wp-content/uploads/2011/07/AVG-for-Linux-001.png
4
Linux scan tools
• Portable Linux Auditing CD (PLAC):
http://plac.sourceforge.net/
• Linux Security Auditing Tool (LSAT):
http://usat.sourceforge.net/
• Tiger Security Auditing and Intrusion Detection
Tool: http://www.nongnu.org/tiger/
• OpenAudIT: http://www.open-audit.org/
5
Linux LDAP Explorer Tools
http://ldaptool.sourceforge.net/
6
JXplorer
http://jxplorer.org/
7
WinAudit
G:\CS 468\Mercury.html
8
UNIX System Calls
• File Management
▫ Files: open, close, write, read, Directory (getdents)
▫ Special
 Sockets: internet sockets, accept, bind, connect, listen
 mknod, ioctl, pipe
• Process Management
▫ Signals, nice, chdir, wait, exec, fork, exit, etc.
• Error Handling
▫ perror
• See figures 13.1-13.3 in UPU
9
Error Handling
•
•
•
•
•
Global variable errno stores cause of error (code)
Initial value is set to 0 when the process is called
If successful, variable is not changed
If unsuccessful, errno is overwritten with value
Subroutine perror translates into meaningful
message
• Must include <errno.h>
10
Errno.h
•
•
•
•
•
EPERM
ENOENT
ESRCH
EINTR
EIO
= 1  not owner
= 2  No such file or directory
=3  no such process
= 4  interrupted system call
= 5  I/O error
• Example of usage on pages 434-435 in UPU
11
File Manipulation
• Can access regular files, directories and special
files:
▫
▫
▫
▫
▫
▫
12
Disk-based files
DVD, CD-ROM
USB
Terminals
Printers
IPC facilities (sockets, pipes)
File management
• Open is used to open or create a file
• If file is opened ok, open () returns a file
descriptor
• The file descriptor is a pointer to the file stream
• Should close the file when no longer needed
• System file descriptors (predefined):
▫ 0 – standard input
▫ 1 – standard output
▫ 2 - standard error
13
File operations
•
•
•
•
•
•
14
Open – opens old or creates new file
Read – transfers bytes from file into buffer
Write - transfer bytes from buffer to file
Lseek – positions pointer to an offset in a file
Close – closed old file
Unlink – removes a file from the file system
Open parameters
• File name: Absolute or relative path name
• Mode: Bitwise OR of read/write flag








O_RDONLY – read only
O_WRONLY – write only (not used for input)
O-RDWR – read and write
O_APPEND – add after file pointer
O_CREAT – create if it does not exist
O_EXCL – fail if file exists
O_NONBLOCK – used for pipes
O_TRUNC – truncate to zero bytes if exists
• Permissions – umask (Ch. 4, p. 178-9)
15
File Operations examples
•
•
•
•
•
•
16
Create – p. 446
Read – pp. 446-447
Write – pp.447-448
Lseek – pp. 448-450
Close – p. 450
Unlink – p. 450
Monitor program
• Program code provided in the book
• If we want to keep track of changes to a file, we
can invoke the monitor program
• Will display information about files modified
since the last scan
• Example: pp. 451-452
• Displays additions, modifications, deletions in a
directory
• Status of files is stored in a stats table
17
Other file functions
•
•
•
•
•
•
•
•
•
18
getdents – gets information about a directory
chown and fchown – changes file owner
chmod, fchmod – changes file permissions
dup, dup2 – duplicates a file descriptor
fcntl – grants access to file characteristics
truncate, ftruncate – shortens a file
ioctl – controls a device
link – creates a hard link
mknod – makes a special file
UNIX special files
• Provides interfaces to files to make them look
like regular files
▫
▫
▫
▫
▫
▫
19
Directory files
Device files
Sockets
Pipes
Printers
Zip files
Streams
•
•
•
•
20
I/O facilities that expand the file system
Can be used to add device drivers to kernel
Can provide interfaces to the network drivers
We can create streams to view web page code,
for example
21
Input/Output Objects
• Regular file
• Directory File
• Special File
▫ Pipe
 Named Pipe and Unnamed pipe
▫ Socket
▫ Peripheral
 Buffered: tape, disk
 Unbuffered: tape, terminal
22
I/O Buffering
• Buffer pool – collection of buffers used to cache
• When a read is required, the data is moved to a
buffer and then to the process’ address space
• Subsequent reads obtain data from buffer
• Writes to items in buffer pool made without I/O
• When process ends, system uses delayed writes
23
Directory file I/O
• Directories are different than regular files
• Can only be created using mknod or mkdir
▫ mknod creates d irectory, named pipe, or special
file
• Can only be read using getdents
• Can be modified with use of link
▫ link adds a hard link into a directory
▫ Hard links are names that refer to the same file
 Retain same contents in both files
▫ Can make it difficult to track files
 Prefer to use symbolic (soft) links – like a shortcut
 Do no retain data
24
Disk Architecture
•
•
•
•
•
•
•
•
25
Platter – the plate
Tracks – concentric circles
Sectors – pie slices
Block – sector and track intersection
Read write head positioning
Cylinders
Disk transfer time
Interleave – p. 575
inodes
• For regular file or directories
▫ Location of disk blocks
• For special files
▫ Information to locate the peripheral
• Contains permission flags, owner, group,
modification time.
• Has fixed size and can contain pointers to
indirect pointers
26
Contents of inode
•
•
•
•
•
•
•
•
•
27
Type of file
File permissions
Owner and group ids
Hard link count
Last modification and access time
Location of the blocks
Major and minor device numbers
Symbolic link
Displayed when ls –l is executed
Large files
• If the file is small, it can be contained in the
inode (< 40K)
• If the file is more than 1- blocks, an indirect
block is used (p. 578)
• See file system layout on page 579
• Superblock contains information about the
entire file system (p. 580)
28
Superblock contents
•
•
•
•
•
•
Total number of blocks in the file system
Number of inodes in the inode free list
Size of blocks in bytes
Number of free blocks
Number of used blocks
List of bad blocks
▫ Contained in a single bad file
• In inode2 identifies the root directory blocks
29
To open a file
• Must retrieve the inode from the pathname
▫ If path is absolute, start from inode 2
▫ If path is relative, search from pwd
• Components of path are processed from left to
right
• Every component (except last) must be a
directory of symbolic link
30
Mounting files
• When UNIX starts, the directory hierarchy is
taken from the root device
• Can mount other file systems to the original
hierarchy
• The typical UNIX hierarchy consists of many
devices, each as a subtree of the total hierarchy
• To mount a subdirectory, use mount command
▫ $ mount /dev/flp /mnt
▫ Mounts /dev/flp under the /mnt subdirectory
• To detach, unmount
31
Special file I/O
• All peripherals have device drivers
• The peripheral device driver supplies the
peripheral’s interface
• Two types:
▫ Block oriented – I/O made using blocks of data
▫ Character oriented – I/O on a character by
character basis
• Typically, peripherals provide both types
32
Major/Minor numbers
• Used to locate the device driver associated with
the device
• Major number specifies particular device driver
• Minor specifies which of many will be used
• Used to index into switch tables to locate the
correct driver
• See page 618 (UPU) for sample switch table
33
Terminal I/O
• Similar to peripherals
• Terminal device drivers must support special
different kinds of pre-/post-processing of I/O
▫ Each kind is called a line discipline:
 Raw mode – no processing at all
 Cbreak mode – Control characters (S- and –Q for
flow control, -C to terminate)
 Cooked (canonical) mode – full processing available
(backspace, delete, etc., until Return is pressed)
34
Terminal Data Structures
• clists – linked lists of fixed size character arrays.
Used to buffer preprocessed input, post
processed input, and output associated with the
terminal
• tty structures – contain the state of the terminal,
pointers to clists, currently selected discipline,
list of characters to be processed, and options set
by ioctl. Only one tty structure per terminal
35
File System Maintenance
• fsck – check the integrity of the file system
• df – displays used and available disk space
• du – displays kbytes or 512-byte blocks allocated
to the filenames (total with –s)
• mkfs – creates a new file system
▫ Available to root
36
UNIX file system
Comprised of four components
• A named space – the hierarchy
• An API – used to manage, navigate and
manipulate objects
• A security model – protects, hides, shares
• An implementation – software to link logical
model to the actual hardware implementation
38
File systems
•
•
•
•
•
39
NFS & CIFS forward requests to another machine
Default: ext3 and ext4
Sun’s ZFS, Veritas’ VxFS, ReiserFS, IBM’s JFS
Microsoft’s FAT and NFS
ISO 9660 for CD ROMs
Pathnames
• The file system appears as a single unified
hierarchy starting at the root: /
• Windows separates into partitions and drives
• Absolute path – starting from the root
• Relative path – from current directory
• File names can have alpha characters and
numbers, but no slashes
▫ If spaces are present, enclose in quotation marks
40
Detaching file systems
• Unmount detaches a file system that is not in use
• To avoid errors, use fuser command to see if
processes are holding references to the file system
• For example:
▫ fuser –c /usr
▫ Prints the PID of every process using the file system
(file or directory), plus letter codes to show the
nature of the activity
41
File Tree Organization
• We can use various incompatible naming
conventions simultaneously
• UNIX file system is too disorganized
• The root file system includes root directory and
few files and subdirectories
• The OS kernel is somewhere else, distribution
dependent
43
File Types
• Seven types:
1.
2.
3.
4.
5.
6.
7.
•
46
Regular files
Directories
Character device files
Block device files
Local domain sockets
Named pipes (FIFO/FCFS)
Symbolic links
Command ls –ld shows the types
Character and block device files
• Device drives provide standard interface to
emulate a regular file
▫ When system receives a request, it forwards it to the
appropriate device driver
• Character device files allow associated drivers
perform their own I/O buffering
• Block device files are used to handle large
amounts of data and want the kernel to buffer for
them
48
Local domain sockets
• Sockets are like ports in a computer, and allow
communication among processes
• Local domain – accessible from local host
• Visible from the file system instead of network
• Created with socket system call and removed
with rm or unlink
49
Named pipes
• Similar to sockets – provide communication
between two processes on same host
• Not used frequently, since local domain sockets
perform the same functionality
• Created with mknod and removed with rm
50
Symbolic links
•
•
•
•
51
A symbolic link points to a file
Also called soft link
Can be created with ln –s and remove with rm
Can use either absolute or relative path
File Attributes
• All files contain a set of 9 permission bits to
control read, write, and execute the file
• Three other bits affect the operation of executable
programs (the mode)
• The 12 bits are organized into 3 4-bit groups:
owner, group, everyone (world)
• We use octal numbers to represent these bits
52
Default permissions
• Built in command umask sets default
permissions for new files
• The umask is specified in three digit octal
numbers to represents what to take away
55
Example
• Command umask 027:
▫ All permissions for owner
▫ No write for group
▫ No permissions for everyone else
56
Access Control Lists
• UNIX permissions are simple and predictable
• Non-UNIX systems use more complicated
process: ACLs
• ACLs are more powerful than UNIX
▫ But also more complex
• History and examples of ACLs in the book (USAH
pp. 160-172)
57
Homework
• Questions on Homework 2?
• Demo to other students (if you did not demo last
time)
• Homework 3 Assignment
▫ Download from the Web page
▫ Complete before week 4’s class
• Next class:
▫ 2 hour class
▫ 2 hour midterm
58
Midterm
• Topics:
▫ System Admin, booting and shutting down Linux
▫ Installing Unix and Managing Users
▫ Managing and programming the file system
• Textbooks:
▫ USAH: Ch 1-4, 6, 7, 12
▫ UPU: pp 431-471, 572-584, 606-622, 630-640
• 7 questions and 1 script
59
Questions?
60