Add to collection(s) Add to saved
  1. No category
Uploaded by pawan.raghav.indishell

RH124-RHEL7

advertisement 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Red Hat System
-
Administration I
Student Workbook
-
-
-
-
RH124-RHEL7-en-1-20140606
MAN-RH124SKE-R2
Comprehensive, hands-on training that solves real world problems
Red Hat System
Administration I
Student Workbook
©
2014 Red Hat, I n c .
R H 1 24- R H EL 7-en-1-201406 0 6
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
RED HAT SYSTEM
ADMINISTRATION I
-
RH124
Red Hat Enterprise Linux 7 RH124
Red Hat System Administration I
Edition 1
-
Authors:
Susan Lauber, Philip Sweany , Rudolf Kastl, George Hacker
Editor:
Steven Bonneville
Copyright©
-
2014 Red Hat. Inc.
The contents of this course and all its modules and related materials, including handouts to
audience members, are Copyright©
-
2014 Red Hat, Inc.
-
No part of this publication may be stored in a retrieval system, transmitted or reproduced in
any way, including, but not limited to, photocopy, photograph, magnetic, electronic or other
-
record, without the prior written permission of Red Hat, Inc.
This instructional program, including all material provided herein, is supplied without any
guarantees from Red Hat. Inc. Red Hat, Inc. assumes no liability for damages or legal action
-
arising from the use or misuse of contents or details contained herein.
If you believe Red Hat training materials are being used, copied, or otherwise improperly
distributed please e-mail training@redhat.com or phone toll-free (USA)
or
-
+1(866) 626-2994
+1(919)754-3700.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, Hibernate, Fedora, the
Infinity Logo, and RHCE are trademarks of Red Hat. Inc., registered in the United States and
other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other
countries.
Java® is a registered trademark of Oracle and/or its affiliates.
-
-
XFS® is a registered trademark of Silicon Graphics International Corp. or its subsidiaries in
the United States and/or other countries.
-
The OpenStack® Word Mark and OpenStack Logo are either registered trademarks/service
marks or trademarks/service marks of the OpenStack Foundation, in the United States
and other countries and are used with the OpenStack Foundation's permission. We are not
-
affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack
community.
-
All other trademarks are the property of their respective owners.
C o n t r i buto rs: Rob Locke, Bowe Stri c k l a n d , Scott M c B r i e n , Wa n d e r Boesse n ko o l , Fo rrest Tay l o r
-
Reviewers: M i c h a e l P h i l l i ps, D a v i d B u c k n e l l , A a ro n H i c ks, J a y R a m s u rr u n
-
-
-
-
-
-
D o c u m e n t C o nve n t i o n s
ix
N otes a n d Wa r n i n g s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i x
-
I ntro d u c t i o n
-
-
1.
-
-
-
27
The L i n u x F i l e System H i e ra rchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Practice: File Syste m H i e ra rchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Locat i n g Fi l es by N a m e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Practice: Locat i n g F i l e s and D i rectories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
M a n a g i n g F i l es U s i n g C o m m a n d - L i n e Too l s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Pract ice: Co m m a n d- L i n e F i l e M a n a g e m e n t . . .. . . . . . . . .. .. . . . . . . . . . . . . .. . . .. .. .. . . . .. . . . . . .. .. .. .. .. . . . . . . 46
M a tc h i n g F i l e N a mes U s i n g Pat h N a m e E x p a n s i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Pract ice: Pat h N a m e E x p a n s i o n .. .. .. .. . . . . . . .. . . . . . . . . .. . . . .. .. . . . . . . . . . . . . . . . . . . . .. . .. .. .. . . . . . . .. .. .. .. . . . . 52
Lab: M a n a g i n g F i l es with S h e l l Expa n s i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
M a n a g i n g F i l es Fro m t h e C o m m a n d L i n e
3.
Gett i n g He l p in R e d Hat E nt e r p r i s e L i n u x
-
-
-
-
-
61
Rea d i n g Docu m e ntation U s i n g m a n C o m m a n d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Practice: U s i n g t h e m a n C o m m a n d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Rea d i n g Docu m e ntation U s i n g pi nfo C o m m a n d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Practice: U s i n g the p i nto Co m m a n d . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Rea d i n g D o c u m e ntation in /u s r/s h a re/d o c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Practice: V i ew i n g Package D o c u m e n t at i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Gett i n g H e l p Fro m Red Hat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . 74
P ractice: C rea t i n g a n d View i n g a n SoS R e p o rt . .. . . . . .. . . . . . . . . . . .. .. .. .. .. . . . . . . . . . . .. .. .. . . . . . . . . .. . . . 79
L a b : V i ew i n g and Printing Help Doc u m e nt a t i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
4 . Creat i n g, V i e w i n g, a n d E d i t i n g Text F i l e s
87
Red i re c t i n g O u t p u t to a F i l e or Pro g r a m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
Practice: 1/0 Red i rection and P i pe l i n es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
E d i t i n g Text F i l es from t h e S h e l l Pro m p t . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 5
P ractice: E d it i n g F i l es with V i m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
Editing Text F i l es with a G ra p h i ca l Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Practice: Copy i n g Text Between W i n d ows . .. . . . . . . .. .. .. . .. .. . . . . . .. .. . . . . .. .. .. . . . .. .. . .. .. .. .. .. . . . . .. . 1 03
L a b : C reat i n g , V i e w i n g , a n d E d i t i n g Text F i l es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 0 5
-
-
1
Access i n g t h e C o m m a n d L i n e U s i n g t h e Loca l Conso l e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
P ractice: Loca l C o n s o l e Access Ter m s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Access i n g t h e C o m m a n d L i n e U s i n g t h e D e s ktop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
P ractice: The G N O M E 3 Desktop Envi ro n m e n t . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 3
Exe c u t i n g Com m a n d s U s i n g t h e Ba s h S h e l l . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 5
P ractice: Bash C o m m a n d s a n d Keyb o a rd S h o rtcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 9
L a b : Acces s i n g t h e Com m a n d L i n e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2
Acces s i n g t h e C o m m a nd L i n e
2.
-
-
xi
R e d H a t Syst e m A d m i n istra t i o n I . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x i
O r i e n t a t i o n to t h e C l assroom E n v i ro n m e n t . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x i i
I nternati o n a l i z a t i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x i i i
5.
113
U sers a n d G r o u p s
114
Practice: U s e r a n d G ro u p Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1 6
G a i n i n g S u p e r u s e r Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1 8
P ractice: R u n n i n g C o m m a n d s a s root . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 2
M a n a g i n g L o c a l U s e r Accou nts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 5
M a n a g i n g Loca l L i n u x Us e rs a n d Gro u p s
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
-
-
-
-
R H 1 24- R H E L7 -en -1-20140606
v
-
-
R H 1 24
Practice: C reat i n g U s e rs U s i n g Co m m a n d - l i n e Too l s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M a n a g i n g Loca l G ro u p Acco u nts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: M a n a g i n g G r o u p s U s i n g Co m m a n d - l i n e Too l s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M a n a g i n g U s e r Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Pra c t i ce: M a n a g i n g U s e r Pa ssword Aging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Lab: M a n a g i n g Loca l L i n u x Users and G ro u ps . . . .. . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6.
7.
C o n t ro l l i n g Access to F i l es w it h L i n u x F i l e Syst e m Pe r m i s s i o n s
L i n u x F i l e Syste m Pe r m i s s i o n s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: I nterpret i n g F i l e a n d D i rectory Pe r m i s s i o n s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M a n a g i n g F i l e Syst e m Perm i s s i o n s from the C o m m a n d L i n e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: M a n a g i n g F i l e Secu rity f r o m t h e C o m m a n d L i n e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M a n a g i n g Defa u l t P e r m i s s i o n s a n d F i l e Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Contro l l i n g N e w F i l e Pe r m i s s i o n s a n d O w n e rs h i p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Lab: C o n t ro l l i n g Access to Fi l es with L i n u x F i l e Syst e m Permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M o n itori n g a n d M a n a g i n g L i n u x Processes
Processes
Pra c t i ce: Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contro l l i n g J o b s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: B a c kg ro u n d and Fo re g ro u n d Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
K i l l i n g Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: K i l l i n g P rocesses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M o n i t o r i n g P rocess Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: M o n i t o r i n g P rocess Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Lab: M o n it o r i n g a n d M a na g i n g L i n u x Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
8.
C o n t ro l l i n g S e rv i c e s a n d D a e m o n s
9.
C o nfi g u r i n g a n d S ec u r i n g O p e n S S H S e r v i c e
I d e n t ify i n g Auto m a t ica l l y Started System Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: I d e ntify t h e S t a t u s o f sys t emd U n its . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Contro l l i n g Syst e m Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Using sys t emc t l to M a n a g e S e rvices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Lab: Contro l l i n g S e rvices a n d Daemons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
10.
128
130
132
134
137
139
143
144
148
150
1 53
155
1 59
1 61
165
166
170
172
175
177
1 81
1 83
1 87
189
195
196
200
202
205
2 07
211
Access i n g t h e R e m ote C o m m a n d L i n e w i t h S S H . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Practice: Access i n g t h e Remote Co m m a n d Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1 5
Conf i g u r i n g S S H Key-based A u t h e ntication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Pra c t i ce: U s i n g SSH Key-based A u t h e n t i c a t i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
Custo m i z i n g SSH Service Config u ra t i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2 0
Prac t i ce: Rest r i c t i n g S S H Log i n s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2 2
Lab: Confi g u ri n g a n d S e c u r i n g O p e n S S H Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 2 5
A n a l yz i n g a n d Sto r i n g L o g s
System Log Arch itect u re . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Syste m Log g i n g C o m p o n e nts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Rev i ew i n g Sys log F i l es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: F i n d i n g Log Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Review i n g syst e m d J o u r n a l Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: F i n d i n g Eve nts With j o u rn a l ct l . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Prese rvi n g the syst e m d J o u r n a l .. .. . . . . . .. .. .. . . . . . . .. . . . . . . . . . . . . . . . . .. . . .. . . . . . . . . . . .. . . . . . . . . . . . .. . . . . . .
Practice: Confi g u re a Persistent syste md J o u r n a l . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M a i n ta i n i n g Acc u rate T i m e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Prac t i ce: Adj u s t i n g System Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
229
230
232
234
238
239
242
243
245
246
250
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
vi
R H 1 24- R H E L7 - e n -1-20140606
-
-
-
-
L a b : A n a l y z i n g a n d Sto r i n g Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
-
11.
257
N etwo r k i n g Concepts
258
Practice: Netwo r k i n g C o n ce pts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263
Va l id a t i n g N etwo r k Confi g u ra t i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
Practice: Exa m i n i n g N etwork Config u rati o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269
Config u ri n g N etwo r k i n g w i t h nmcli . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
Practice: Config u r i n g Netwo r k i n g with nmcli . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
E d i t i n g N etwo rk Config u ra t i o n F i l es .. . . . . . . . . . . . . . . . . . . . . .. .. . . . . . . . .. . . . . . . . . . . . . . . . .. .. . . . . . . . . . . . . . .. .. 279
Practice: E d i t i n g N etwo r k Confi g u ra t i o n F i l es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Config u ri n g H ost N a mes and N a me Reso l ut i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Practice: Config u r i n g Host N a m es and N a m e Reso l ut i o n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 8 5
L a b : M a n a g i n g Red Hat E n t e r p rise L i n u x N etwo r k i n g . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 8 8
M a n a g i n g R e d H a t E nt e r p r i s e L i n u x N etwo r k i n g
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
-
-
-
12.
A r c h i v i n g a n d C o py i n g F i l e s Between Syst e m s
13.
I n sta l l i n g a n d Upd a t i n g S oftware Pa c ka g e s
14.
Acces s i n g Li n u x F i l e Syste m s
15.
Us i n g V i r t u a l ized Syste m s
-
-
-
-
-
-
-
-
-
-
M a n a g i n g C o m p ressed t a r A rc h ives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Backing Up and Restor i n g F i l es Fro m a t a r A r c h ive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Copy i n g F i l es Between Syst e m s S e c u re l y . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Copy i n g F i l es Over the N etwo r k W i t h s c p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
S y n c h ro n i z i n g Fi l es Betwee n Syste m s S e c u re l y . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Sy n c h ro n i z i n g Two D i recto ries S e c u re l y With r sync . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Lab: A rc h i v i n g and Copy i n g F i l es Betwee n Systems .. .. . . . .. . . . .. . . . . .. .. . . . . . . . . . . . . . . . . . . . . . . . . .. .
Atta c h i n g Syste m s to S u b s c r i p t i o n s for Software U pdates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Red H a t S u bs c r i p t i o n M a n a g e m e n t . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
R P M Softwa re Pa ckages and Yu m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: R P M Softwa re Pa c k a g e s . . . . . . .. .. . . . .. . . . . . .. .. .. .. .. . .. . . . .. .. . . . . .. . . . . . . . . . .. .. . . . .. . . . . . . .. ..
M a n a g i n g Softwa re U p d ates w i t h yum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Insta l l i n g a n d U pd a t i n g Softwa re with y um . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
E n a b l i n g yum Softwa re Repositories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: E n a b l i n g S oftwa re Repositories . . . .. . . . . . . . . . . . . . . . . . . . . .. . . . . . .. . . . . . .. . . . . . . . . . . . . . . . . . . . .. ..
E xa m i n i ng R P M Package F i l es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Wo r k i n g with R P M Package F i l es . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
L a b : I nsta l l i ng a n d U pd a t i n g S oftwa re Packages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
I d e ntifying F i l e Syste m s a n d Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: I d e ntifyi n g F i l e Syst e m s a n d Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M o u nt i n g a n d U n m o u n t i n g F i l e Syste ms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: M o u n t i n g and U n m o u nt i n g File Syste m s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
M a k i n g L i n ks Betwee n F i l e s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: Making L i n ks Betwee n F i l e s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Loca t i n g F i l es o n the Syste m . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. ..
Practice: Locat i n g F i l es o n the System . . . . . . . . . . .. . . . . . . . . . . . . .. . .. .. . .. .. .. . . . .. . . .. . . . . . . . . . . . . . . . . . . . .
Lab: Acces s i n g L i n u x F i l e Systems . . . . . . . . . . . . . . . . . . . . . . . .. .. . . . . . . .. . . . .. .. .. . . . . . .. .. . . . . . . . . . . .. . . . . . . . .
M a n a g i n g a Loca l V i rt u a l i z a t i o n H ost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Practice: M a n a g i n g a Loca l V i r t u a l izatio n H ost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
I n sta l l i n g a New V i rt u a l M a c h i n e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
P r a c t i c e : I nsta l l i n g a New V i rt u a l M a c h i n e . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
C h a pter Test: U s i n g V i rt u a l i z e d Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
291
292
297
298
300
301
304
306
311
312
318
320
323
325
332
336
339
341
345
347
351
352
355
357
360
362
364
365
372
37 4
379
380
386
388
397
399
-
-
-
R H 1 24- R H E L7-en-1-20140606
vii
-
-
R H 1 24
-
16.
403
Red H a t System A d m i n istra t i o n I C o m p re h e n s ive Review . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404
L a b : C o m p re h e n s i ve Review
408
C o m p re h e n s ive Review
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
viii
RH124 - R H E L7-en-1-20140606
-
-
-
Document Conventions
N otes a n d Wa r n i n g s
Note
" N otes" a re t i ps, s h o rtcuts or a l te r n a t ive a p p roaches to t h e t a s k at h a n d . I g n o r i n g a
note s h o u l d have no neg ative c o n seq u e n ces, but you m i g h t m i s s o u t o n a t r i c k t h a t
m a kes yo u r l ife e a s i e r.
'
Important
" I m porta n t " boxes deta i l t h i n g s t h a t a re e a s i l y m i ssed: confi g u ra t i o n c h a n g e s t h a t
o n l y a p p l y to t h e c u rrent sess i o n , o r s e r v i c e s t h a t need resta rt i n g befo re a n u pdate
w i l l a p p l y. I g n o r i n g a box l a b e l e d " I m porta n t " w i l l n ot cause data loss, but m a y cause
i r r i t a t i o n a n d f r u st ra t i o n .
Warning
" Wa r n i n g s " s h o u l d n ot be i g n o red. I g n o r i n g wa r n i n g s w i l l most l i k e l y c a u s e data l oss.
R
References
" Refere n ces" d e s c r i b e w here to f i n d exte r n a l d o c u m entation re l eva n t to a s u bject.
R H 1 24- R H E L 7 -en -1 -20140606
ix
-
-
-
-
-
-
-
-
-
Introduction
Red H at Syste m Ad m i n ist ra t i o n I
Red Hat System Administration I ( R H1 24) is d e s i g n e d for I T p rofess i o n a l s without prev i o u s
L i n u x system a d m i n i stration e x p e r i e n ce. T h e cours e i s i nt e n d e d to p rovide s t u d e n t s w i t h L i n u x
a d m i n istra t i o n " s u rviva l s k i l l s " by foc u s i n g o n core a d m i n istra t i o n tas ks. Red Hat System
Administration I a l so p rovides a fo u n d a t i o n fo r students p l a n n i n g to become fu l l -t i m e L i n u x
syste m a d m i n istrators by i n t ro d u c i n g key com m a n d - l i n e c o n c e pts a n d e nterprise- l evel too l s .
These con cepts a re f u r t h e r deve l o ped i n t h e fol l ow-on cou rse, Red Hat System Administration I I
( R H1 34).
C ourse o bjectives
•
•
G a i n s u ff i c i e nt s k i l l to pe rfo r m core syste m a d m i n is t rat i o n t a s ks on Red Hat Enterprise L i n u x .
B u i l d fo u n datio n a l s ki l l s needed by a n R H CSA-ce rtified R e d Hat Enterprise L i n u x system
a d m i n i st rator.
-
Audience
-
•
IT p rofessiona l s a c ross a broad ra n g e of d i s c i p l i n es w h o n e e d to p e rfo rm esse nti a l L i n u x
a d m i n istration tas ks, i n c l u d i n g i n s ta l l at i o n , esta b l is h i n g network c o n n ectivity, m a n a g i n g
physica l storage a n d b a s i c s e c u rity a d m i n istra t i o n .
-
P rere quisites
-
•
T h e re a re no fo rma l prere q u i s ites for t h i s course; however, p rev i o u s system a d m i n istrat i o n
e x p e r i e n c e on ot h e r o p e rat i n g syste ms wi l l be ve ry b e n e fi c i a l .
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-e n-1 -201 40606
xi
-
-
I nt ro d u c t i o n
-
O rie ntat i o n to t h e C l ass ro o m E nvi ro n m e n t
I n t h i s cou rse, students w i l l d o most h a n d s-on practice exercises a n d l a b work with two c o m p u t e r
syste ms, w h i c h w i l l be refe rred to a s d e s k t o p a n d s e rve r. These m a c h i n e s h a v e t h e h o s t
n a m es d e s ktop X.exa m p l e.com a n d se rverX.exa m p l e.com, w h e re t h e X i n t h e comp uters' host
n a m es w i l l be a n u m be r that w i l l vary from st u d e n t to stu d e n t . Both m a c h i n es have a sta n d a rd
u s e r accou nt. student, with t h e password student. T h e root password o n both system s is redhat.
I n a l ive i n st r uctor- l e d c l a s s room, s t u d e nts w i l l be a s s i g n e d a p hys i ca l computer ( " fo u n d a t i o nX"),
w h i c h wi l l b e used to access t h ese two m a c h i nes. The d e s k t o p a n d se rve r system s a re v i rtu a l
m a c h i nes r u n n i n g on t h a t host. S t u d e nts s h o u l d l o g into t h i s m a c h i n e a s u s e r kiosk w i t h t h e
pa ssword redhat.
O n fo u n d a t i o nX, a spec i a l co m m a n d ca l l e d r h t - vmc t l is used to work w i t h t h e d e s k t o p a n d
se rve r m a c h i nes. T h e co m m a n d s i n t h e fo l l ow i n g ta b l e s h o u l d be r u n a s t h e kiosk u s e r o n
fo u nd a t i o nx, a n d c a n be u s e d w i t h s e rver (a s i n t h e exa m p l es) o r d e s k t op.
rht - vmc t l
-
-
-
-
-
-
Commands
Action
Co m m a n d
Start se rve r m a ch i n e
r h t - vmc t l s t a r t se rve r
V i ew " p hysica l conso l e " to l o g i n a n d work
with se rve r m a c h i n e
r h t - vmc t l view se rver
Reset se rve r mach i n e to its prev i o u s state
a n d resta rt v i rt u a l m a c h i n e
r h t - vm c t l r e s e t server
-
-
A t t h e start o f a l a b exerc ise, if t h e i n st r u ct i o n " reset yo u r se rve r " a p p e a rs, t h a t mea n s t h e
c o m m a n d r h t - vm c t l r e s e t s e r ve r s h o u l d b e r u n i n a p ro m pt o n t h e f o u n d a t i o nX system a s
u s e r kiosk. L i kewi se, if t h e i n st r u c t i o n " reset you r desktop" a p p e a rs, t h a t m e a n s t h e co m m a n d
r h t - vmc t l reset d e s k t o p s h o u l d b e r u n on fou n d a t i o nX a s u s e r kiosk.
E a c h st u d e n t is on t h e 1 Pv4 network 172.25.X.0/24, w h e re t h e X matches t h e n u m b e r
o f t h e i r d e s ktopX a n d se rve r X syst e m s. T h e i n st r u ctor r u n s a c e n t ra l u t i l ity server,
c l a s s room .exa m p l e.co m , w h i c h acts a s a ro uter for t h e c l a s s ro o m n etworks a n d provides D N S,
D H C P, H T T P, a n d other content services.
Classroom Machines
Machine name
I P a d d resses
Role
d e s ktopX.exa m p l e.com
172.25.X.1 0
Stu d e nt " c l i e nt" c o m p u t e r
serverX.exa m p l e.com
172 .25.X.11
Student " s e rver" c o m p u t e r
c l a s s room .exa m p l e.com
172.25.254.254
C l a ss room u t i l ity s e rver
-
-
-
-
-
-
-
xii
R H 1 24- R H E L 7-e n-1-20140606
-
-
-
-
Inte r n a t i o n a l i z a t i o n
-
-
-
-
-
-
-
-
-
-
I nte rn a t i o n a I izat i o n
Language support
Red Hat Enterprise L i n u x 7 offi c i a l l y s u ppo rts 22 l a n g u a g es : E n g l i s h , Assa m ese, Ben g a l i , C h i n ese
( S i m p l ified), C h i n ese (Tra d it i o n a l), Fre n c h , G e r m a n , Guj a ra t i , H i n d i , I ta l ia n , J a p a n ese, Ka n n a d a ,
Kore a n , M a l a ya l a m , M a ra t h i , O d i a , Port u g u ese ( B ra z i l i a n), P u nj a b i , R u s s i a n , S p a n i s h , Ta m i l , a n d
Te l u g u .
Per-user language selection
U sers m a y p refe r to u s e a d ifferent l a n g u a g e for t h e i r d e s ktop e n v i ro n m e n t t h a n t h e syste m ­
wide defa u lt. They m a y a l so want to s e t t h e i r a c c o u nt to use a d iffe rent keyboa rd l ayout or i n p ut
method.
L a n g u a g e sett i n g s
I n the G N O M E d e s ktop enviro n m e nt , t h e u s e r m a y be p ro m pted t o s e t t h e i r prefe rred l a n g u a g e
a n d i n p ut method o n fi rst l o g i n . I f n ot. t h e n t h e e a s i est w a y for a n i n d i v i d u a l user to a dj u st t h e i r
prefe rred l a n g u a g e a n d i n p ut m e t h o d sett i n g s i s to use t h e R e g i o n & L a n g u a g e a p p l ication. R u n
t h e co m m a n d gnome - co n t rol - c e n t e r r e gion, or from t h e t o p b a r, s e l ect (User)> Sett i n g s .
I n the w i n d ow t h a t o p e n s , select R e g i o n & L a n g u a g e . The user ca n click t h e La n g u a g e box and
s e l ect their preferred l a n g u a g e from t h e l ist t h a t a p pea rs. T h i s wi l l a l so u pdate t h e Fo r m a t s
sett i n g to the defa u l t for that l a n g u age. T h e n ext time t h e user logs in, t h ese c h a n g e s w i l l t a ke
f u l l effect.
These sett i n g s affect the G N O M E d e s ktop e n v i ro n ment and any a p p l i c a t i o n s , i n c l u d i n g gnome ­
t e rminal, started i n s i d e it. H owever, t h ey d o n ot a p p l y to t h a t acco u nt if a ccessed t h ro u g h a n
s s h l o g i n from a remote system o r a l o c a l text c o n s o l e (s u c h a s t t y2).
Note
-
A u s e r c a n m a ke t h e i r s h e l l e n v i ro n m e nt u s e t h e s a m e LANG sett i n g as t h e i r g ra p h ic a l
e n v i ro n m e nt. eve n w h e n they l o g i n t h ro u g h a t e x t conso l e o r ove r s s h . O n e w a y to d o
t h i s i s to p l a c e code s i m i l a r to t h e fo l l ow i n g i n t h e u s e r ' s - / . bas h r c f i l e. T h i s exa m p l e
c o d e w i l l s e t t h e l a n g u a g e u s e d o n a text l o g i n to match t h e o n e c u rrent l y s e t f o r t h e
u s e r ' s G N O M E d e s ktop en vi ro n m e n t :
-
-
i=$ (grep ' Language = ' /var/lib/AccountService/users/${USER} \
I sed ' s/Language=// ' )
if [ "$i" ! = " " ] ; then
export LANG=$i
fi
-
-
J a p a n ese, Korea n , C h i n ese, o r ot h e r l a n g u a g es w i t h a non-Latin c h a racter set m a y not
d i s p l ay p ro p e r l y o n lo ca l text c o n s o l es.
-
-
I n d iv i d u a l c o m m a n d s c a n be m a d e to use a n o t h e r l a n g u a g e by sett i n g the LANG va r i a b l e o n the
com m a n d l i n e :
-
r
I
-
-
[user@host -]$
LANG=fr_FR . utf8 date
RH124- R H E L7-e n-1-20140606
xiii
·
-
-
I n t roduction
I
I
-
j eu . avril 24 17 : 55 : 01 CDT 2014
L-- ---�-- -·· -------
S u bs e q u e n t c o m m a n d s w i l l reve rt to u s i n g t h e syste m ' s defa u lt l a n g u a g e for o u t p u t . T h e locale
com m a n d ca n b e used to c h e c k the c u rrent va l u e of LANG and ot h e r re l ated e nv i ro n m e n t
va r i a b les.
-
-
I n p u t m e t h o d setti n g s
GNOME 3 i n Red Hat E n t e r p rise Linux 7 a uto m a t i c a l l y uses t h e I B u s i n p u t method s e l ection
system, which m a kes it easy to change keyboa rd layouts and i n put methods q u i c k l y.
The
Reg i o n & L a n g u a g e
a p p l ication c a n a l so be u s e d to e n a b l e a l te r n a t ive i n p u t m e t h o d s. I n t h e
a p p l ication's w i n d ow, t h e I n p u t S o u rces b o x s h ows w h a t i n put m e t h o d s a re
c u rre n t l y ava i l a b l e . By defa u lt, E n g l i s h (US) m a y be t h e o n l y ava i l a b l e m e t h o d . H i g h l i g h t E n g l i s h
(US) a n d c l i c k t h e key b o a rd i c o n to see t h e c u r re n t keyb o a rd l ayout.
Region & Language
To a d d a n o t h e r i n p ut method, c l i c k the + b utto n a t the bottom l eft of the I n p u t S o u rces w i n d ow.
An A d d a n I n p u t S o u rc e w i n d ow w i l l o p e n . S e l ect yo u r l a n g u a ge, a n d t h e n y o u r p referred i n put
method o r key b o a rd l ayout.
O n ce more t h a n o n e i n p u t method is confi g u re d , the u s e r c a n switch betwee n them q u ic k l y by
typ i n g Supe r +Space (so metimes ca l l ed Windows+Space). A status indicator w i l l a l so a p pe a r
i n t h e G N O M E top b a r, w h i c h has t w o f u n c t i o n s : I t i n d icates w h i c h i n put m e t h o d is a ct i ve, a n d
a c t s a s a m e n u t h a t c a n be u s e d to s w i t c h betwee n i n put m e t h o d s o r s e l ect a d va n ce d featu res of
more co m p l ex i n put methods.
Some of t h e m e t h o d s a re m a rked w i t h g e a rs, which i n d icate t h a t those m e t h o d s have a d va nced
confi g u ra t i o n options and c a p a b i l it ies. Fo r exa m p l e, the J a pa nese Ja p a n e s e (Ka n a Ka nji) i n put
method a l l ows the user to p re-edit text i n Lat i n and u s e Down A r r ow and U p A r r ow keys to
sel ect the correct c h a racters to use.
2:5�
US E n g l i s h s p e a kers may f i n d a l s o t h i s u s ef u l . Fo r exa m p l e, u n d e r E n g l i s h (United States) i s t h e
keyboard layout E n g l i s h (i n t e r n at i o n a l A l t Gr d e a d keys), w h i c h t r e a t s A l t G r ( o r t h e r i g h t Alt )
on a P C 1 04/1 0 5-key key b o a rd as a "seco n d a ry-s h ift " m o d i f i e r key a n d d e a d k e y act ivati o n key
for ty p i n g a d d i t i o n a l c h a racters. There a re a l so Dvora k a n d ot h e r a l te r n ative l ayouts ava i l a b l e.
�-
-
-
-
-
-
-
-
-
-
-
Note
Any U n i code c h a racter can be entered i n t h e G N O M E d es ktop e n v i ro n m e nt if t h e u s e r
knows t h e c h a racter's U n icode code point, by t y p i n g Ct r l+ S h if t + U , fol l owed by t h e
cod e poi nt. After C t r l+Shif t + U h a s b e e n typ e d , a n u n d e r l i ned u w i l l b e d i s p l ayed t o
i n d icate t h a t t h e system i s wa i t i n g for U n ic o d e code p o i n t ent ry.
For exa m p l e, t h e l owercase Greek l etter l a m bd a h a s t h e code p o i n t U + 0 3 B B, a n d c a n b e
entered by typi n g C t r l+Shift + U , t h e n 03bb, t h e n E n t e r .
-
-
-
System-wide default language settings
T h e syste m ' s defa u lt l a n g u a g e is set to U S E n g l i s h , u s i n g t h e U T F-8 encod i n g of U n icode as its
c h a racter set (e n_US . u t f8), but t h i s can be c h a n g e d d u r i n g o r after i nsta l l at i o n .
Fro m t h e co m m a n d l i n e, root can c h a n g e t h e syste m-wide l o c a l e sett i n g s w i t h t h e locale c t l
co m m a n d . I f localec t l i s r u n with n o a rg u m e nts, it w i l l d i s p l ay t h e c u rrent syste m - w i d e l o ca l e
sett i n g s.
xiv
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
-
-
-
L a n g u a g e packs
-
To set t h e syste m-wide l a n g u a g e , run t h e co m m a n d localec t l s e t - locale LANG=1oca1e,
w h e re locale i s t h e a p p ropriate $ LANG from t h e " L a n g u a g e Codes Refe re nce" ta b l e
i n t h i s c h a pt e r. T h e c h a n g e w i l l ta ke effect f o r u s e rs o n t h e i r next l o g i n , a n d is stored i n
/ e t c / locale . cont.
-
[ root@host -]#
-
localectl set - locale LANG=f r_FR . u tf8
In G N O M E, an a d m i n istrative u s e r ca n c h a n g e t h i s sett i n g from R e g i o n & L a n g u a g e a n d c l i c k i n g
t h e L o g i n Screen button at t h e u p per-right c o r n e r o f t h e w i n d ow. C h a n g i n g t h e L a n g u a g e
of t h e l o g i n s c reen w i l l a l so a dj u st t h e syste m-wide defa u lt l a n g u a g e sett i n g sto red i n t h e
/ e t c/locale . c o n f confi g u ra t i o n f i l e .
-
Important
-
Loca l text consoles s u c h a s t ty2 a re m o re l i m ited i n t h e fo nts t h a t t h ey c a n d i s p l ay
t h a n gnome - t e rminal a n d s s h sess i o n s. For exa m p l e, J a p a n ese, Kore a n , a n d C h i nese
c h a racters may not d is p l ay a s ex pected o n a loca l text conso l e. Fo r t h is reas o n , it may
m a ke sense to u s e E n g l i s h o r a n ot h e r l a n g u a g e w i t h a L a t i n c h a racter set for the
syste m ' s text conso l e.
-
-
L i kewise, l o c a l text c o n s o l e s a re m o re l i m ited i n t h e i n p u t m e t h o d s t h ey s u p p o rt, a n d
t h i s i s m a n a g e d s e p a rate l y from t h e g ra p h ic a l d e s ktop e n v i ro n m e nt. T h e ava i l a b l e
g l o b a l i n put sett i n g s c a n b e config u red t h ro u g h locale c t l f o r both loca l text v i rt u a l
c o n s o l e s a n d t h e X11 g ra ph i ca l e n v i ro n m e nt. S e e t h e localec t l(1), kbd(4), a n d
vconsole . conf(5) m a n pages f o r m o re i nform a t i o n .
-
-
Language packs
-
W h e n u s i n g n o n - E n g l i s h l a n g u a g es, you may want to i n sta l l a d d i t i o n a l " l a ng u a g e packs" to
p rovide a d d i t i o n a l t ra n s l at i o n s , d i c t i o n a ries, a n d so fort h . To v i ew t h e l i st of ava i l a b l e l a n g pa c ks,
run yum langavailable. To view the l ist of l a n g pa c ks c u r r e n t l y i n sta l l e d on the system,
r u n yum langlis t . To a d d a n a d d i t i o n a l l a n g pa c k to t h e syste m , r u n yum lan g i n s t all
code, w h e re code i s the code in s q u a re brac kets afte r the l a n g u a g e n a m e i n the o u t p u t of yum
langavailable.
-
-
R
-
-
References
locale(7), localec tl(1), kbd (4), locale . conf(5), vconsole . conf(5),
u nicode(7 ) , u t f - 8(7), and yum - langpacks(8) man pages
Conversions betwee n the n a m e s of t h e g ra p h i c a l d e s kt o p e n v i ro n m e nt ' s
X11 l ayouts a n d t h e i r n a m es i n locale c t l can b e fo u n d i n t h e fi l e
/ u s r / s ha re/X11/xkb/ r u le s / base . ls t .
-
-
-
-
-
R H 1 24- R H E L 7 -en-1-20 14 0606
xv
-
-
I nt rod u c t i o n
-
Language Codes Reference
-
Language Codes
Lanquaqe
$LANG value
E n g l i s h ( U S)
e n_ U S.utf8
Assamese
as_I N . utf8
Benga l i
bn_IN. utf8
C h i n ese (S i m p l ified)
zh_C N . utf8
C h i n ese ( Tra d i t i o n a l )
z h_TW. utf8
Fre n c h
f r_FR.utf8
German
de_D E.utf8
G uj a rati
g u_I N .utf8
Hindi
h i_I N . u tf8
Ita l i a n
it_ I T.utf8
J a pa nese
j a_J P.utf8
Kannada
k n_ I N .utf8
Kore a n
ko_K R.utf8
M a l aya l a m
m l_I N .utf8
M a ra t h i
m r_I N .utf8
Odia
o r_IN . utf8
Port u g u ese ( B ra z i l i a n)
pt_B R.utf8
P u nj a b i
pa_I N . utf8
Russian
r u_R U .utf8
Spanish
es_ES.utf8
Ta m i l
ta_IN.utf8
Te l u g u
te_IN .utf8
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
xvi
R H 1 24- R H E L 7-en-1-20140606
-
-
®
red hat
®
TRAINING
C H A PT E R 1
ACCESSING THE COMMAND
LINE
Overview
Goal
To log i n t o a Lin u x system a n d r u n s i m p l e c o m m a nds u s i n g
the shell.
Objectives
•
Use B a s h s h e l l syntax to enter c o m m a nds at a L i n ux
console.
•
•
L a u n c h a p p l i ca t i o n s i n a G N O M E desktop e n v i ro n me nt.
Use Bash features to run c o m m a nds from a s h e l l p ro m pt
u s i n g fewer keystrokes.
Sections
•
Acces s i n g t h e C o m m a nd Line U s i n g t h e Loc a l Console
(a nd P ra c t i ce)
•
Acces s i n g the C o m m a nd Line U s i n g the Desktop (a nd
Practice)
Lab
R H 1 24- R H E L7-en-1 -20140606
•
Exec u t i n g C o m m a nds U s i n g t h e Bash S h e l l (and Pract ice)
•
Acces s i n g t h e C o m m a nd L i ne
-
-
C h a pte r 1 . Acces s i n g t h e C o m m a n d L i n e
-
Access i n g t h e Co m m a n d L i n e U s i n g t h e Loca l
Conso l e
-
-
Objectives
After com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to l o g i nto a L i n u x system on a loca l text
console a n d run s i m p l e co m m a n d s u s i n g the s h e l l .
The bash shell
-
A command line i s a text-based i nt e rface which c a n b e used to i n put i n st r u c t i o n s to a com puter
syste m. The L i n u x co m m a n d line i s p rovided by a p ro g ra m c a l l e d t h e shell. Over t h e long h i story
of U N IX - l i ke syste ms, m a ny s h e l l s have been deve l o pe d . The defa u lt s h e l l for u s e rs in Red H a t
E n t e r p r i s e L i n u x is t h e G N U Bourn e-Ag a i n S h e l l (bash). B a s h is a n i m p roved vers i o n of o n e o f
t h e m ost s u ccess f u l s h e l l s used o n U N I X- l i ke syste m s , t h e B o u r n e S h e l l ( s h ) .
W h e n a s h e l l i s used i nteractive l y, it d i s p l ays a stri n g w h e n it i s wa iting for a c o m m a n d from t h e
user. This is ca l l ed t h e shell prompt. W h e n a reg u l a r u s e r s t a r t s a s h e l l , t h e defa u lt p ro m pt e n d s
with a $ c h a racter.
[ student@desktopX -]$
r-
l
-
-
-
-
-
T h e $ i s re p l a ced b y a # i f t h e sh e l l is r u n n i n g a s t h e s u pe r u s e r, root. T h i s m a kes it m o re obvious
t h a t it is a s u pe r u s e r s h e l l , which h e l ps to avo i d a c c i d e nts and m i sta kes i n t h e priv i l eg e d a ccou nt.
[ root@desktopX -]#
-
� - �����
I
i
I
L>=-SJ
-
U s i n g bash to execute co m m a n d s c a n be powerf u l . T h e bash s h e l l prov ides a s c r i pt i n g l a n g u a g e
t h a t can s u p port a ut o m a t i o n o f tas ks. The s h e l l h a s a d d i t i o n a l ca pa b i l ities t h a t c a n s i m p l ify o r
m a ke poss i b l e o p e rat i o n s t h a t a re h a rd to acco m p l i s h eff i c i e n t l y w i t h g ra p h i c a l too l s .
-�>,
Note
-
-
The bash s h e l l is s i m i l a r i n concept to t h e com m a n d l i n e interpreter fou n d i n recent
vers i o n s of M ic rosoft W i n d ows cmd . exe, a l t h o u g h bash h a s a m o re s o p h isticated
scri pti n g l a n g u a g e. It i s a l so s i m i l a r to W i n d ows Powe r S h e l l i n W i n d ows 7 and W i n dows
Server 2008 R2. Mac O S X a d m i n ist rators who u s e the M a c i ntos h ' s Te r m i n a l u t i l ity
may b e p l eased to note that bash is the d e fa u l t s h e l l in Mac OS X.
Virtual consoles
-
-
-
Users access t h e bash s h e l l t h ro u g h a terminal. A t e r m i n a l provides a key boa rd for u s e r i n put
a n d a d i s p l a y for output. O n text-based i n sta l l a t i o n s , this c a n b e t h e L i n u x m a c h i n e ' s physical
console, t h e h a rdware key b o a rd a n d d i s p l ay. Te r m i n a l access c a n a l so be config u red t h ro u g h
seria l ports.
-
Another way to a ccess a s h e l l is from a virtual console. A L i n u x m a c h i n e ' s phys i c a l conso l e
s u p po rts m u l t i p l e v i rt u a l consoles w h i c h act l i ke s e p a rate term i n a l s. Each v i rt u a l co n s o l e
s u p po rts a n i n d e p e n d e n t l o g i n sess i o n .
-
2
RH124- R H E L7-en-1 -20140606
-
-
-
-
Shel l basics
-
-
-
I f t h e g ra p h i c a l en vi ro n m e n t i s ava i l a b l e, it w i l l r u n on t h e first v i rt u a l conso l e i n Red H a t
E n te r p r i s e L i n u x 7. Five a d d i t i o n a l t e x t l o g i n p ro m pts a re a va i l a b l e o n conso l es t w o t h ro u g h s i x
(or o n e t h ro u g h f i v e if t h e g ra p h ica l e n v i ro n m e nt i s t u r n e d off). With a g ra p h ica l e n v i ro n m e n t
r u n n i n g , access a text l o g i n pro m pt o n a v i r t u a l conso l e by h o l d i ng Ct r l +Alt a n d p ress i n g a
f u n c t i o n key (F2 t h ro u g h F6). Press C t r l +Al t + F l to ret u r n to t h e fi rst virtua l conso l e a n d t h e
g ra p h i c a l d e s ktop.
Important
-
I n t h e p re-config u re d v i rt u a l i m a g es d e l ivered by Red H a t , l o g i n p ro m pts have b e e n
d i sa b l ed i n t h e v i rt u a l co n s o l es .
-
-
Note
I n Red H a t Enterprise L i n u x 5 a n d ea r l i e r, t h e f i rst six v i r t u a l c o n s o l e s a l ways p rovided
text login prom pts. When the g ra p h i ca l e n v i ro n m e nt was l a u n c h e d , it ran o n v i rt u a l
c o n s o l e seven (accessed t h ro u g h Ct r l +Al t + F 7 ) .
-
-
-
Shell basics
C o m m a n d s entered at t h e s h e l l p ro m pt have t h ree basic pa rts:
Command to run
•
-
•
Options to adjust the b e h a v i o r of t h e com m a n d
•
Arguments, w h i c h a re typica l l y t a rg ets o f t h e co m m a n d
-
-
T h e command is t h e n a m e o f t h e p ro g ra m t o r u n . I t may b e fo l l owed by o n e or m o re options,
w h i c h a dj u st t h e behavior of t h e c o m m a n d or w h a t it w i l l d o. O pt i o n s n o rm a l l y sta rt w i t h o n e o r
t w o d a s hes ( - a o r - - all, for exa m p l e) to d i st i n g u i s h t h e m from a rg u ments. Com m a n d s may a l so
b e fo l l owed by one or m o re arguments, w h i c h often i n d icate a t a rg et t h a t t h e co m m a n d s h o u l d
o p e rate o n .
-
-
-
Fo r exa m p l e, t h e com m a n d l i n e u s e r mod - L mo r gan h a s a com m a n d ( use rmod), a n option
( - L), and a n a rg u m e n t (mo r g an ) . T h e effect of t h i s com m a n d i s to l o c k t h e passwo rd o n user
m o rg a n ' s a ccount.
To u s e a com m a n d effect i ve l y, a user needs to k n ow w h a t options and a rg u ments it ta kes a n d
i n w h a t o rd e r i t expects t h e m (t h e syntax o f t h e com m a n d). M ost c o m m a n d s have a - - help
option. This causes t h e com m a n d to print a description of what it does, a " u sage state m e n t " t h a t
d e s c r i b e s t h e co m m a n d ' s sy n t a x , a n d a l i st o f t h e opt i o n s it a ccepts a n d w h at t hey d o .
-
U s a g e statements m a y seem c o m p l icated a n d d i ff i c u l t to rea d . T h e y b e c o m e m u c h s i m p l e r t o
u n d e rsta n d once a user beco m e s fa m i l i a r w i t h a few b a s i c convent i o n s :
-
•
S q u a re b ra c kets, [ ] , s u rro u n d o pt i o n a l ite m s .
•
Anyt h i n g fol lowed by ... represents a n a r b it ra ry- l e n g t h l i st o f items o f t h a t type.
•
M u lt i p l e items sepa rated by p i pes,
-
I. m e a n s o n l y one of t h e m ca n b e specified.
-
-
-
R H 1 24- R H E L 7-en-1-20140606
3
-
-
C h a pte r 1 . Access i n g t h e C o m m a n d L i n e
•
Text i n a n g l e b ra c kets, < > , represe n t s va r i a b l e data. Fo r exa m p l e, <filename> m e a n s " i n s e rt
t h e f i l e n a m e you w i s h to u s e h e re". S o m et i m es these va ria b l es a re s i m p l y written i n c a p ita l
l etters (e.g., F I L E N A M E).
C o n s i d e r t h e f i rst usage state m e n t for t h e da t e co m m a n d :
[student@desktopX -]$ date
date [OPTION] . . . [+FORMAT]
r·�
!
I
-
-
- - h elp
-
T h i s i n d icates t h a t d at e c a n take a n o pt i o n a l l i st of o p t i o n s ( [OPTION] . . . ), fo l l owed by a n
o pt i o n a l fo r m a t stri n g , prefixed w i t h a p l u s c h a racter, +, t h a t defines how t h e c u rrent date s h o u l d
b e d i s p l ayed ( [+FORMAT]). S i n ce b o t h o f these a re option a l , d a t e wi l l w o r k even if it i s n o t g i v e n
o p t i o n s o r a rg u me nts (it w i l l p r i n t t h e c u rrent date a n d t i m e u s i n g i t s defa u lt form at).
-
-
Note
T h e man page for a com m a n d h a s a SY N O P S I S sect i o n t h a t p rovi d e s i nfor m a t i o n a b o u t
t h e co m ma n d ' s s y n t a x . T h e man - pages(7) m a n pa g e d e s c r i b e s how to interpret a l l
t h e s q u a re b rac kets, vertica l ba rs, a n d s o forth t h at u s e rs see i n SY N O PS I S o r a u s a g e
message.
W h e n a u s e r is f i n ished u s i n g t h e s h e l l a n d wa nts to q u it. t h e re a re a c o u p l e of ways to e n d t h e
s e s s i o n . T h e e x i t com m a n d ter mi nates t h e c u rrent s h e l l s e s s i o n . A n o t h e r w a y t o f i n i s h a sess i o n
is by typ i n g C t r l+D.
-
-
-
References
R
in t r o(l), bash(l ) , console(4), p t s (4), a n d man - pages(7) m a n pages
-
Note: Some details of the console(4) man page, involving init(B) and inittab(S), are
outdated.
-
-
-
-
-
-
4
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Pract ice: Loca l Conso l e Access Te r m s
-
P ra ct i ce: Loca l Conso l e Access Te r m s
-
Quiz
-
-
-
-
M atch t h e fo l l ow i n g item s to t h e i r cou nterparts i n t h e t a b l e.
I
j
A rg u m e nt
P ro m pt
-
jI
18
I
!B I
Command
Shell
Te r m i n a l
Phys i ca l c o n s o l e
Vi r t u a l c o n s o l e
Description
-
-
-
Term
I
T h e i n t e r p rete r t h at exe c u tes co m m a n d s typed
a s st r i n g s.
T h e v i s u a l c u e t h a t i n d i cates a n i nt e ract ive s h e l l
i s wa i t i n g fo r t h e u s e r to type a co m m a n d .
-
-
-
T h e n a m e o f a p ro g ra m to r u n .
T h e pa rt o f t h e c o m m a n d l i n e t h a t a dj u sts t h e
b e h a v i o r o f a co m m a n d .
-
-
-
T h e p a rt o f t h e co m m a n d l i n e t h a t s pe c i f i e s t h e
ta rget t h a t t h e co m m a n d s h o u l d o p e rate o n .
T h e h a rd wa re d i s p l a y a n d keyboa rd u s e d t o
i nt e ract w i t h a syst e m .
-
-
O n e of m u lt i p l e l o g i ca l co n s o l es t h a t c a n e a c h
s u p po rt a n i n d e pe n d e n t l og i n sess i o n .
-
-
-
R H 1 24- R H E L 7-en-1-20140606
5
-
-
C h a pte r 1 . Access i n g t h e C o m m a n d L i n e
-
Description
Term
A n inte rfa ce t h a t p rovid es a dis p l a y f o r o u t p u t
a n d a key boa rd fo r in p u t to a s h e l l sessio n.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
6
RH124- R H E L 7 - e n -1-20140606
-
-
-
-
Solution
-
Solution
-
-
M atch t h e fo l l owi n g items to t h e i r cou nterparts i n t h e ta b l e.
Description
Term
T h e i nt e r p rete r t h a t executes com m a n ds ty p e d
a s st r i n g s .
Shell
T h e v i s u a l c u e t h a t i n d i cates a n i nt e ra ct ive s h e l l
is wa i t i n g for t h e u s e r to t y p e a co m m a nd .
Prom pt
T h e n a m e of a p rog ra m to r u n .
Co m m a n d
T h e p a rt of t h e c o m m a n d l i n e that a dj u sts t h e
b e h a v i o r of a co m m a n d .
Option
T h e pa rt of t h e c o m m a n d l i n e that s p e c i f i es t h e
ta rg et t h a t t h e c o m m a n d s h o u l d o p e rate o n .
A rg u m e nt
T h e h a rd wa re d i s p l ay a n d keybo a rd u s ed to
i nt e ra ct w i t h a syst e m .
Phys i ca l c o n s o l e
O n e of m u l t i p l e l o g i ca l c o n s o l es t h a t ca n e a c h
s u p p o rt a n i n d e p e n d e n t l og i n sess i o n .
V i rt u a l co n so l e
A n i nte rfa ce t h a t p rov i d es a d i s p l a y for o u t p u t
a n d a key boa rd for i n p u t to a s h e l l sess i o n .
Te r m i n a l
-
-
-
-
-
-
-
-
-
·-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-e n-1-20140606
7
-
C h a pter 1 . Accessi n g t h e C o m m a n d L i n e
-
Access i n g t h e Co m m a n d L i n e U s i n g t h e
D es kt o p
-
-
Objectives
Afte r com p l e t i n g t h i s sect i o n , students s h o u l d be a b l e to l o g i nto t h e L i n u x system u s i n g t h e
G N O M E 3 d es ktop enviro n m e n t to r u n c o m m a n d s f r o m a s h e l l p ro m pt i n a term i n a l p rog ra m .
-
The GNOME desktop environment
-
T h e desktop environment is t h e g ra p h ica l user i nterface on a L i n u x system. T h e defa u l t des ktop
e n v i ro n m e nt i n Red Hat Enterprise L i n u x 7 is provided by G N O M E 3. I t p rovides a n i ntegrated
d e s ktop for users and a u n ified deve l o p m e nt p l a tform o n top of a g ra p h i c a l framework p rovided
by the X W i n d o w System.
T h e GN O M E S h e l l provides the core user i nterface f u n ct i o n s for the G N O M E d esktop
e n v i ro n m e nt. The gnome - s hell a p p l ication i s h i g h l y custo m i z a b l e. By defa u lt, R H E L 7 u s e rs
u s e t h e " G N O M E C l assic" t h e m e for g nome - s hell, w h i c h i s s i m i l a r to t h e G N O M E 2 desktop
e n v i ro n m e nt. A n o t h e r ava i l a b l e o p t i o n i s t h e " m o d e r n " G N O M E 3 theme used by t h e u pstrea m
G N O M E p roj ect. E i t h e r t h e m e c a n b e s e l ected p e rs i ste n t l y at l o g i n by s e l e c t i n g the g e a r i c o n next
to the S i g n I n button when e n t e r i n g t h e user's password.
T h e f i rst time a new u s e r l o g s in, an i n i t i a l set u p program runs to h e l p them config u re b a s i c
acco u nt sett i n gs. The GN O M E He l p a p p l ication i s t h e n sta rted o n t h e Gett i n g Started w i t h
GN O M E screen. This screen i n c l u d e s v i d eos and documentation to help o r i e n t n ew u s e rs to the
G N O M E 3 e n v i ro n ment. GN O M E He l p c a n be q u i c k l y sta rted by t y p i n g F1 i n g nome - shell, by
selecting A p p l i c a t i o n s > D o c u m e n t a t i o n > He l p , o r by r u n n i n g t h e yelp com m a n d .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
8
R H 1 24- R H E L 7-en-1 -20140606
-
-
The GN O M E desktop e nvi ronment
._ Applications
Ptaces
en2
�») 2
Fri 08:43
Q
Student User
1/4
Figure 1.1: An empty GNOME 3 desktop
Pa rts of t h e G N O M E S h e l l
The v a r i o u s pa rts of t h e GN O M E S h e l l have s p e cific na mes a nd pu r poses. These pa rts inc l u d e t h e
fo l l ow i n g :
top bar: The bar t h a t r u n s a l o ng t h e top of t h e s c r e e n . The top ba r p rovides t h e A p p l icat i o n s
and Places menus, a nd cont ro l s for vo l u m e, netwo rking , c a l e nd a r a ccess, a nd selecting
between keybo a rd input methods (if t h e re are m ore t h a n o n e config u re d ) . U nd e r t h e m e n u for
t h e u s er's nam e are opti ons to a d just a c c o u nt sett i ngs, l o c k t h e screen, switch u sers, log out of
t h e syst e m , o r s h u t it d own.
Applications menu: T h i s menu on t h e t o p ba r p rovides a way to start a p p l ications, categorized
into s u bm enus. T h e Activities Overview c a n a lso be started fro m t h i s m e n u .
Places menu: T h i s menu to t h e r i g ht o f t h e A p p l icat i o n s menu p rov i d e s q u i c k a ccess t h r o u g h
a g ra p h i c a l f i l e m a n a g e r t o i m po rtant m enus i n t h e use r's home d i re cto ry, to I , a nd to exports
and file s h a res o n the n etwork.
window list: The ba r that runs a lo n g t h e bottom of t h e screen. The w i ndow l i st p rovides a n easy
way to a ccess, m i ni m ize, a nd rest o re a l l w i nd ows in t h e c u rrent workspace. On t h e right corne r
is an i nd icator to tell t h e user w h i c h workspace t h ey are on a n d how m a ny a re ava i l a ble.
message tray: The messa g e t ra y p rovides a way to review notifications sent by a p p l icati ons or
system c o m p o ne nts to GN O M E. If a notification occ u rs, no r m a l ly the notification f i rst a p pears
briefly a s a s i n g l e l i ne at t h e bottom of the s c re e n , a nd a persistent i nd i cator a p pe a rs i n the
l ower right c o r n e r to i nform t h e user of how m a ny notifications have bee n recent l y received.
RH124- R H E L7 -e n-1-20140606
9
C h a pter 1 . Acces s i n g t h e C o m m a n d L i n e
The m e s s a g e t ray c a n b e opened to review t h ese notifications by c l i c k i n g t h e i n d icator o r
typing Supe r+M. T h e m e s s a g e t ray c a n be c l osed by typ i n g either Esc o r Supe r+M a g a i n .
Activities Overview: T h i s i s a s p e c i a l m o d e t h a t h e l p s a user organ ize w i n d ows a n d start
a p p l ications. The Activit ies Overview c a n b e started by selecting A p p l i ca t i o n s> Activities
Overview. A faster way is to press the S u p e r key (somet i m es ca l led the Windows key), fou n d
n e a r t h e lowe r l eft c o r n e r of a n I B M PC 1 04/1 0 5- key keyboard. The t h ree m a i n areas o f t h e
A c t i v i t i e s Overview are t h e d a s h o n t h e l eft s i d e of t h e s c r e e n , t h e w i n dows overview i n t h e
center o f t h e s c reen , a n d t h e workspace selector o n t h e right side of t h e screen. T h e A ctivities
Overview c a n b e exited by p ressing t h e Esc key.
dash: T h is is a confi g u ra b l e l i st of icons of t h e u s e r ' s favorite a p p l i ca t i o n s, a p p l ications which
a re c u r rently r u n n i n g , a n d a g r i d button w h i c h c a n b e used to select a r b it ra ry a p p l i cations.
A p p l ications c a n b e started by clicking o n o n e of the icons o r by u s i n g t h e g r i d button to find a
less c o m m o n l y used a p p l ication. T h e d a s h is a l s o sometimes cal l ed t h e dock.
Figure 1 .2: The GNOME 3 Activities Overview
Wo rks pa ces
Workspaces a re s e p a rate d es ktop screen s w h i c h have d ifferent a p p l icat i o n w i n d ows. T h e s e c a n
be u s e d to organize t h e w o r k i n g enviro n m ent by g ro u p i n g o p e n a p p l ic a t i o n w i ndows by t a s k .
For exa m p l e, w i n d ows b e i n g u s e d to perform a p a rt i c u l a r syste m m a i nt e n a n ce activity (such
a s setti n g u p a n e w r e m ote server) c a n b e g ro u p ed i n o n e workspa ce, while e m a i l and other
c o m m u n i ca t i o n a p pl i c a t i o n s can b e g ro u p ed in a n ot h e r workspace.
10
R H 1 24- R H E L7-en-1-20140606
-
-
Sta rt i n g a t e r m i n a l
-
-
-
-
T h e re a re t h ree m e t h o d s for switc h i n g between workspa ces. O n e method is t o c l i c k t h e i n d icator
i n t h e r i g ht corner of t h e window l ist a nd s e l ect t h e d e s i re d works p a ce. A n o t h e r, p e r h a p s t h e
fastest, is t o type C t r l+Alt + U pA r r ow or Ct r l+Al t + DownAr row to switch betwe e n works paces
s e q u e n t i a l l y. A t h i rd i s to switch to the Act i v i t i e s Overview and c l i c k the desired workspace.
An advantage of u s i n g the A c t i v i t i e s Ove rview is t h a t w i n d ows ca n be c l i c ked a n d d ra g g e d
betwe e n t h e c u rrent workspace a n d o n e o f t h e others by u s i n g t h e w o r k s p a c e s e l e c t o r o n t h e
r i g h t s i d e o f t h e screen a n d t h e w i n d ows overview i n t h e c e n t e r o f t h e screen.
Starting a terminal
-
-
To get a s h e l l pro m pt in G N O M E, start a g ra p h i c a l term i n a l a p p l ica t i o n s u c h as G N O ME
T h e re a re severa l ways to do t h i s . H e re a re t h e t h re e most com m o n l y used methods:
•
•
-
•
-
-
-
S e l e ct
Te r m i n a l.
A p p l icat i o n s > Ut i l it i e s > Te r m i n a l.
O n a n e m pty des ktop, r i g ht-c l i c k , or press t h e Menu key, a n d s e l ect
context m e n u t h a t a p pears.
O p e n in Te r m i n a l
from t h e
Fro m t h e A c t i v i t i e s O v e r v i e w , s e l ect Te r m i n a l from the d a s h (e it h e r from t h e favorites a rea o r
b y f i n d i n g it w i t h e i t h e r t h e g r i d b u tton ( i n s i d e U t i l it i e s g ro u p i n g ) o r t h e search f i e l d a t t h e t o p
o f t h e w i n d ows overvi ew).
W h e n a te r m i n a l w i ndow is o p e n e d , a s he l l p ro m pt d i s p l ays for t h e user t h a t started t h e g ra p h ic a l
term i n a l p ro g ra m . T h e s h e l l p ro m pt a n d t h e term i n a l w i n d ow ' s t it l e b a r w i l l i n d icate t h e c u rrent
user n a m e, host n a me, and wo r k i n g d i recto ry.
Locking the screen or logging out
-
Loc k i n g t h e scree n , or l o g g i n g out e n t i re l y, can be d o n e from t h e m e n u for t h e u s e r ' s n a m e o n
t h e fa r r i g h t s i d e o f t h e t o p b a r.
-
To l o c k t h e scree n , s e l ect (Us e r)>
s ess i o n i s i d l e for a few m i n utes.
-
-
-
Lock
or type Ct r l+Al t + L. The screen w i l l l o c k if t h e g ra p h i c a l
A lock s c r e e n c u rta i n w i l l a p p e a r that shows the syst e m t i m e and the n a m e of the l o g g e d - i n
user. To u n l o c k t h e s c r e e n , press E n t e r or Space to ra ise t h e l oc k s c r e e n c u rta i n , t h e n enter t h e
u s e r ' s password o n t h e l o c k s c reen.
To log out and end the c u rrent g ra p h i c a l l o g i n sess ion, s e l ect (Us e r)> Log Out from the top b a r. A
d i a l o g w i n d ow w i l l a p pe a r, g i v i n g t h e o pt i o n to C a n c e l t h e l o g out w i t h i n 60 seco n d s , o r co nfi r m
the Log Out action.
Powering off or re booting the system
-
-
To s h ut down t h e syst e m , s e l ect (Us e r)> Power Off from t h e top b a r or type Ct r l+Al t +Del. I n
t h e d i a l o g t h a t a p pea rs, t h e u s e r c a n c h oose t o Power Off, Restart t h e m a c h i n e, o r C a n c e l t h e
o p e rat i o n . I f t h e u s e r d o e s n o t m a ke a choice i n t h i s d i a l o g , t h e syste m w i l l automatica l l y s h ut
down after 60 seco n d s .
-
-
-
-
R H124-R H E L 7-en-1 -20140606
11
-
-
C h a pter 1 . Acces s i n g t h e C o m m a n d L i n e
-
References
GNOME Help
yelp
·
-
G N O M E H e l p: Getting Started with GNOME
yelp help:gnome - help/ge t t ing - s t a r t ed
·
-
-
-
-
-·
-
-
-
-
-
12
R H 1 24- R H E L7 - e n -1 -20140606
-
-
-
Practice: The G N O M E 3 Desktop Enviro n m e nt
-
-
-
P ra ct i ce: T h e G N O M E 3 Des ktop E nvi ro n ment
Guided exercise
I n t h i s l a b , you w i l l l o g i n t h ro u g h t h e g ra p h i c a l d i s p l ay m a na g e r as a reg u l a r u s e r to become
fa m i l i a r w i t h t h e G N O M E C l assic d e s ktop e n v i ro n m e n t provided by G N O M E 3.
-
Outco m e :
A basic orientation to t h e G N O M E 3 d esktop e n v i ro n m e nt.
-
Before you begin ...
Access the g ra p h i c a l l o g i n screen of d e s k t opX . example . com.
-
Important
T h e re a re two v i rt u a l m a c h i n es ava i l a b l e for l a b exercises, a d e s ktop m a c h i n e
(g e n e rica l l y c a l l e d d e s k t o pX) a n d a s e rv e r (g e n e rica l l y ca l l ed s e rve rX).
-
Ta ke c a re to keep stra i g h t w h i c h v i rt u a l m a c h i n e a n exerc i se wants you to u se.
-
-
Do each of the fo l l o w i n g tasks on the d e s k t o pX m a c h i n e. M a r k each t a s k a s it is co m p l eted.
D
1.
L o g i n as s t u d e n t u s i n g t h e password s t u d e n t .
D 1 .1 .
-
D 1 .2. C l i c k
-
D 2.
-
o n ce the password has been typed i n .
0 2.1 . T h e s i m p l est a p proac h is t o o p e n
com m a n d at t h e s h e l l p ro m pt.
G N O M E Ter m i n a l
a n d u s e t h e pas swd
O n t h e e m pty desktop, press the Menu key o r rig ht-c l i c k with t h e mouse to open
t h e context m e n u .
D 2 . 2 . S e l ect
-
O p e n i n Term i n a l .
D 2 . 3 . I n t h e ter mi n a l w i n d o w t h a t a p pea rs, type pas swd a t t h e s h e l l prom pt. Fo l l ow
the i n structions p rovided by the progra m to c h a n g e the s t ud e n t password from
s t u de n t to 55Tu r n K3y.
-
D 3.
Log o u t .
D 3.1 .
-
-
Sign I n
C h a n g e t h e password f o r s t u d e n t f r o m passwo r d to 55Tu r n K3y.
-
-
A t t h e G N O M E l o g i n scree n , c l i c k t h e s t ude nt u s e r account. Enter s t udent
when p ro m pted for t h e password.
S e l ect t h e
0 3.2. C l i c k t h e
D 4.
student > Log O u t
Log Out
m e n u item.
button i n the confirmation w i n d ow that a p pears.
Log back in a s s t u d e n t with t h e new p a ssword of 55Tu r n K3y.
D 4.1 . A t t h e G N O M E l og i n scree n , c l i c k t h e s t u d e n t user a c c o u n t . E n t e r 55Tu r n K3y
w h e n p ro m pted for the password.
-
-
-
R H1 24- R H E L7 - en-1-20140606
13
-
-
C h a pter 1 . Access i n g t h e Co m m a n d L i n e
D 4.2. C l ic k
D 5.
-
S e l ect t h e
student > Lock
m e n u item.
U n l o c k t h e scre e n .
D 6.1 .
-
P ress E n t e r to l i ft t h e l o c k s c r e e n c u rt a i n .
D 6.2. I n the
Password
D 6.3. C l ic k the
D 7.
-
o nce t h e pa ssword h a s b e e n typed i n .
L o c k t h e scree n .
D 5.1 .
D 6.
Sign I n
Un l o c k
button. T h e G N O M E d esktop s h o u l d rea p p e a r.
Dete r m i n e how to s h u t down d e s k t opX from t h e g ra p h ica l i nte rface, b u t
o p e rat i o n w i t h o u t s h utt i n g down t h e syst e m .
D 7.1 .
S e lect t h e
D 7.2 . C l i c k t h e
s t u d e n t > Powe r Off
Cancel
-
fie l d , en ter 55Tu r n K3y a s t h e password.
-
C a n ce l
the
-
m e n u item.
button i n t h e confi r m a t i o n screen that a p p e a rs.
-
-
-
-
-
-
-
-
-
-
-
-
14
R H 1 24- R H E L 7 - e n -1-20140606
-
-
-
-
Executing Commands Using the Bash Shell
-
Exec ut i n g Co m m a n d s U s i n g t h e B a s h S h e l l
-
-
Objectives
After com p l et i n g t h i s section, students s h o u l d be a b l e to save t i m e r u n n i n g com m a n d s from a
s h e l l p ro m pt u s i n g B a s h s h o rtcuts.
-
-
-
-
-
-
-
Basic command syntax
The GN U B o u rne-A g a i n S h e l l (bash) is a p rog ra m t h a t i nt e r p rets co m m a n d s typed in by t h e
user. E a c h st r i n g typed i nto t h e s h e l l can h a v e u p to t h re e pa rts: t h e c o m m a n d , o pt i o n s (that
beg i n w i t h a - o r --), and a rg u m e nts. Each word typed i nto t h e s h e l l i s separated from each
ot h e r w i t h s paces. C o m m a n d s a re the n a m es of p ro g ra m s t h a t a re i n sta l l e d on t h e syst e m . Each
c o m m a n d h a s its own options and a rg u m e nts.
T h e E n t e r key is p ressed when a user is rea dy to execute a c o m m a n d . Each co m m a n d is typed
on a s e p a rate l i ne and the o u t p u t from each com m a n d d i s p l ays before the s he l l d i s p l ays a
p ro m pt. If a user wants to type m o re t h a n o n e com m a n d on a s i n g l e l i ne, a semico l o n , ; , can
b e used a s a com m a n d s epa rator. A semico l o n i s a member of a c l ass of c h a racters c a l l e d
metacharacters t h a t h a s spec i a l m e a n i ngs for ba sh .
Examples of simple commands
T h e d a t e c o m m a n d is u s e d to d i s p l ay t h e c u r re n t d a t e a n d t i m e. I t c a n a l so be u s e d by t h e
s u pe r u s e r t o set t h e system c l oc k . A n a rg u m e n t t h a t beg i n s w i t h a p l u s s i g n (+) specifies a
format st r i n g for t h e date com m a n d .
[student@desktopX -]$ date
Sat Apr 5 08 : 13 : 50 PDT 2014
[ student@desktopX -]$ date +%R
08 : 13
[student@desktopX -]$ date +%x
04/05/2014
-
-
-
-
The pas swd com m a n d c h a n g e s a user's own pa ssword. The o r ig i n a l password for the account
m u st b e s pecified before a change w i l l be a l l owed. By defa u lt , pas swd i s config u red to req u i re a
strong pa ssword, c o n s i st i n g of l owe rcase l etters, u p p e rcase l etters, n u m bers, a n d sy m b o l s , a n d
i s n o t based o n a d i ct i o n a ry word. T h e s u p e r u s e r c a n u s e t h e pas swd c o m m a n d t o c h a n g e ot h e r
u s e rs' pa sswords.
[student@desktopX -]$ pas swd
Changing password for user student .
Changing password for student .
(current ) UNIX password : old_password
New password : new_password
Retype new password : new_password
passwd : all authentication tokens updated successfully .
-
-
-
-
L i n u x does not req u i re f i l e n a m e exte n s i o n s to c l assify f i l es by type. T h e file com m a n d s ca n s
t h e b eg i n n i n g o f a f i l e ' s contents a n d d i s p l ays w h a t type it i s . T h e f i l e s t o be c l assified a re passed
a s a rg u m en ts to t h e co m m a n d .
I
I
-
-
[student@desktopX -]$
file /etc/passwd
R H 1 24- R H E L 7-en-1 -20140606
15
-
-
C h a pte r 1. Access i n g t h e C o m m a n d L i n e
/etc/passwd : ASCII text
[ student@desktopX -]$ file /bin/passwd
/bin/passwd : setuid ELF 64- bit LSB shared obj ect , x86- 64, version 1
(SYSV) , dynamically linked ( uses shared libs ) , for GNU/Linux 2 . 6 . 32,
BuildID [ sha1] =0x91a7160a019b7f5f754264d920e257522c5bce67, stripped
[ student@desktopX -]$ file /home
/home : directory
-
-
-
T h e head a n d t ail co m m a n d s d i s p l ay t h e beg i n n i n g a n d e n d of a f i l e res pective l y. By defa u lt ,
t h ese com m a n d s d i s p l a y 1 0 l i n es, b u t t h ey bot h have a - n o p t i o n t h a t a l l ows a d iffe rent n u m b e r
o f l i nes to be specified. T h e f i l e to d i s p l a y i s passed a s a n a rg u m e nt t o t h ese com m a nds.
[student@desktopX -]$ head /etc/passwd
root : x : 0 : 0 : root : /root : /bin/bash
bin : x : l : l : bin : /bin : /sbin/nologin
daemon : x : 2 : 2 : daemon : /sbin : /sbin/nologin
adm : x : 3 : 4 : adm : /var/adm : /sbin/nologin
lp : x : 4 : 7 : lp : /var/spool/lpd : /sbin/nologin
sync : x : 5 : 0 : sync : /sbin : /bin/sync
shutdown : x : 6 : 0 : shutdown : /sbin : /sbin/shutdown
halt : x : 7 : 0 : halt : /sbin : /sbin/halt
mail : x : 8 : 12 : mail : /var/spool/mail : /sbin/nologin
operator : x : 11 : 0 : operator : /root : /sbin/nologin
[ student@desktopX -]$ t ail -n 3 /et c/passwd
gdm : x : 42 : 42 : : /var/lib/gdm : /sbin/nologin
gnome-initial- setup : x : 993 : 991 : : /run/gnome-initial-setup/ : /sbin/nologin
tcpdump : x : 72 : 72 : : / : /sbin/nologin
-
-
,�--
-
-
-
-
�-------"----�----'
T h e we c o m m a n d counts l i nes, words, a n d c h a racters i n a f i l e. I t c a n ta ke a
to d i s p l a y o n l y t h e l i n es, w o r d s , o r c h a ra cte rs, res pective l y.
�-�student@desk
:�pX -]$
39 70 2005 /etc/passwd
[ student@desktopX -]$
39 /etc/passwd
[ student@desktopX -]$
843 /etc/group
227 /etc/hosts
1070 total
- 1, - w,
or - c o p t i o n
wc /etc/passwd
wc
-1
-
/etc/pas swd
-
wc -c /etc/group /etc/ho s t s
-
Tab com pletion
Tab completion a l l ows a u s e r to q u i c k l y c o m p l ete co m m a n d s or fi l e na mes once t h ey have typed
e n o u g h at the prompt to make it u n iq u e. I f t h e c h a racters typed a re not u n i q ue, press i n g the Tab
key twice d i s p lays a l l co m m a n d s that beg i n with t h e c h a racters a l ready typed.
[student@desktopX -]$ pas<Tab><Tab>
passwd
pasuspender
paste
[student@desktopX -]$ pass<Tab>
[ student@desktopX -]$ pas swd
Changing password for user student .
Changing password for student .
( current ) UNIX password :
-
-
-
-
Ta b com p l et i o n can be used to co m p l ete f i l e n a m e s w h e n ty p i n g t h e m as a rg u ments to
c o m m a n d s. W h e n Tab i s p ressed, i t w i l l com p l ete the f i l e n a m e a s m u c h a s i t can. P res s i n g Tab
a second t i m e c a u ses the s h e l l to l ist a l l of t h e f i l e s that a re m a t c h e d by the c u rrent patte r n .
16
-
R H 1 24- R H E L7-en-1-20140606
-
-
-
--
-
-
Co m m a n d h i story
-
Ty pe a d d it i o n a l c h a ra cters u n t i l t h e n a m e i s u n i q ue, t h e n use t a b c o m p l et i o n to f i n i s h off the
com m a n d l i n e.
-
-
-
-
[student@desktopX -]$
[student@desktopX -]$
passwd passwd -
ls /etc/pas<Tab>
ls /etc/passwd<Tab>
A rg u m e nts a n d o p t i o n s ca n be m a t c h e d w i t h t a b c o m p l e t i o n for m a n y co m m a n d s. T h e u s e r ad d
co m m a n d i s u s e d by t h e s u pe r u s e r, r oo t , to c reate a d d i t i o n a l users o n t h e syste m . I t h a s m a n y
o pt i o n s t h a t can b e u s e d t o control h o w t h a t c o m m a n d beh aves. Ta b c o m p l et i o n fo l l ow i n g a
pa rt i a l o p t i o n can be used to com p l ete t h e o p t i o n without a l ot of typ i n g .
[ root@desktopX ]# useradd - - <Tab><Tab>
- - base-dir
- -groups
- - no-log-init
- -comment
- -help
- - non- unique
- - no- user-group
- -create- home
- - home-dir
- -defaults
- -inactive
- -password
- - root
- - key
- -expiredate
- -gid
- -no-create-home - - selinux- user
[ root@desktopX -]# use radd - -
-
-
-
-
-
-
-
-
-
-
-
-
-
- - shell
- - skel
- - system
- - uid
- - user -group
Com mand history
The h i s t o r y com m a n d d i s p l ays a l i st of p revio u s l y executed com m a n d s p refixed w i t h a
com m a n d n u m be r.
The exc l a m a t i o n p o i n t c h a racter, ! , is a meta c h a racter t h a t is used to expa n d prev i o u s
com m a n d s w i t h o u t h a v i n g to rety pe t h e m . ! number expa n d s to t h e c o m m a n d matc h i n g the
n u m be r s p e c ified. ! s t ring expa n d s to t h e most recent com m a n d t h a t beg i n s w i t h t h e st r i n g
specified.
[ student@desktopX -]$ his t o ry
. . . Output omitted . . .
23 clear
24 who
25 pwd
26 ls /etc
27 uptime
28 ls - 1
29 date
30 history
[student@desktopX -]$ ! ls
ls - 1
total e
drwxr-xr - x . 2 student student 6 Mar 29 21 : 16 Desktop
. . . Output omitted . . .
[student@desktopX -]$ ! 26
ls /etc
pulse
hosts
ab rt
purple
hosts . allow
adj time
qemu-ga
aliases
hosts . deny
. . . Output omitted . . .
The a r row keys c a n be used to n a v i g ate t h ro u g h prev i o u s c o m m a n d l i n e s i n t h e s h e l l ' s h isto ry. U p
Ar row e d i t s t h e p rev i o u s com m a n d i n t h e h i story l i st. Down A r r ow e d i t s t h e n ext c o m m a n d i n
t h e h istory l ist. U s e t h i s key w h e n t h e U p Ar r ow has b e e n p ressed t o o m a ny t i m es. L e f t A r r ow
a n d Rig h t A r row m ove t h e c u rsor l eft a n d r i g h t i n t h e cu rrent c o m m a n d l i n e b e i n g e d ited.
-
-
-
R H1 24- R H E L 7 - en -1 -20140606
17
-
-
C h a pte r 1 . Access i n g t h e C o m m a n d L i n e
-
T h e Esc+ . k e y co m b i n at i o n causes t h e s h e l l to c o p y t h e l a st word o f t h e p revious c o m m a n d o n
t h e c u rrent c o m m a n d l i n e w h e re t h e c u rsor i s . I f u s e d repeate d l y, it wi l l cont i n u e to g o t h ro u g h
e a r l i e r c o m m a n ds.
Editing the com mand line
-
-
W h e n used i ntera ctive l y, bash h a s a com m a n d l i n e- e d i t i n g featu re. T h i s a l l ows t h e u s e r to use
text editor c o m m a n d s to move a ro u n d wit h i n and m o d i fy the c u rrent com m a n d bei n g typed.
U s i n g t h e a r row keys to m ove wit h i n the c u rre n t co m m a n d and to step t h ro u g h t h e com m a n d
h i story w a s i n t ro d u ce d e a r l i e r i n t h i s session. M o re powerfu l e d i t i n g com m a n d s a re i nt rod u ced i n
t h e fo l l ow i n g t a b l e.
-
-
Useful command line -editing shortcuts
S h o rtcut
Desc r i p t i o n
Ct rl+a
J u m p to the beg i n n i n g of the c o m m a n d l i ne.
Ct rl+e
J u m p to the end of the com m a n d l i n e.
Ct rl+u
C l e a r from t h e c u rs o r to t h e beg i n n i n g of the com m a n d l i ne.
Ct rl+k
C l e a r from t h e c u rs o r to t h e e n d of t h e com m a n d l i n e .
Ct rl+Left A r row
J u m p to t h e beg i n n i n g of t h e p rev ious word on t h e c o m m a n d l i ne.
Ct rl+Ri gh t Ar row
J u m p to t h e beg i n n i n g of t h e next word on t h e com m a n d l i ne.
Ct rl+ r
Searc h t h e h istory l i st o f co m m a n d s f o r a patte r n .
T h e re a re severa l ot h e r c o m m a n d l i ne-e d i t i n g c o m m a nds ava i l a b l e, but t h ese a re t h e m o s t usef u l
c o m m a n d s f o r beg i n n i n g users. T h e ot h e r com m a n d s can be fo u n d i n t h e bash(1 ) m a n page.
References
R
-
-
-
-
-
-
bash(1 ) , date(1 ) , file(1 ) , head(1 ), passwd( 1) , t ail(1 ), a n d wc (1 ) m a n p a g es
-
-
-
-
-
-
-
-
18
R H1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
P ractice: B a s h C o m m a n d s a n d Key b o a rd S h o rtcuts
-
-
P ra ct i ce: B a s h Co m m a n d s a n d Keyboa rd
S h o rtcuts
-
Quiz
-
M a t c h t h e fo l l ow i n g B a s h s h o rtcuts to t h e i r d e s c r i p t i o n s i n t h e ta b l e.
-
-
! number
Ct rl+k
-
-
IOI
I
l��I
! s t ring
C t r l+ L e f t A r r ow
I
C t r l+a
h i s t o ry
Descript ion
S h e l l com m a n d
-
-
-
-
J u m p to t h e beg i n n i n g of t h e prev i o u s wo rd o n
t h e com m a n d l i n e.
S e p a rate com m a n d s o n t h e s a m e l i n e.
C l e a r f ro m t h e c u rs o r to t h e e n d of t h e co m m a n d
l i ne.
-
-
-
Re-exe c u te a rec e n t co m m a n d by m a tc h i n g t h e
co m m a n d n a m e.
S h o rt c u t u s e d to com p l ete co m m a n d s , f i l e
n a m es , a n d o p t i o n s .
-
Re-execute a s p e c i f i c co m m a n d i n t h e h isto ry l ist.
-
-
J u m p to the beg i n n i n g fo r the co m m a n d l i n e.
-
-
-
R H1 24- R H E L 7-en-1-20140606
19
C h a pte r 1 . Acces s i n g t h e C o m m a n d L i n e
D es c r i pt i o n
Shell command
D i s p l a y t h e l i st o f p rev i o u s c o m m a n d s .
C o p y t h e l a st a rg u m e n t of p rev i o u s c o m m a n d s .
20
R H1 24- R H EL7-e n -1-20140606
-
-
Solution
-
Solution
-
-
-
-
-
-
Match t h e fo l l ow i n g B a s h s h o rtcuts to t h e i r d e s c r i pt i o n s i n t h e ta b l e.
D escr i p ti o n
S h e l l com m a n d
J u m p to t h e b eg i n n i n g of t h e p revi o u s word o n
t h e co m m a n d l i ne.
C t r l + L e f t A r row
S e p a rate co m m a n d s o n t h e s a m e l i n e.
.
I
C l e a r f r o m t h e c u rs o r to t h e e n d of t h e co m m a n d
l i ne.
Ct rl+k
Re-ex e c u t e a rec e n t co m m a n d by m a tc h i n g t h e
c o m m a n d n a m e.
! s t ring
S h o rt c u t u s e d to com p l ete c o m m a n d s, f i l e
n a m es , a n d o p t i o n s.
Tab
Re-ex e c u t e a s p e c i f i c co m m a n d i n t h e h i st o ry l ist.
! number
J u m p to t h e b eg i n n i n g for t h e co m m a n d l i n e.
Ct rl+a
D i s p l ay t h e l i st of p rev i o u s co m m a n d s .
h is t o ry
C o py t h e l a st a rg u m e n t of p rev i o u s co m m a n d s.
Esc+ .
-
...
-
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L7-en-1-20140606
21
-
-
C h a pte r 1 . Accessi n g t h e C o m m a n d L i n e
-
La b: Access i n g t h e Co m m a n d L i n e
-
Perfor mance checklist
-
I n t h i s l a b, you w i l l use t h e Bash s he l l to effic i e n t l y execute com m a n d s u s i n g s h e l l
meta c h a racters.
-
-
Outcomes:
Practice u s i n g s he l l com m a n d line e d i t i n g and h i story fu n c t i o n s to effi c i e n t l y execute
co m m a n d s with m i n o r c h a n g es.
-
•
C h a n g e the pa ssword of the s t u d e n t u s e r to T3s t 1ngT1me.
-
•
Execute co m m a n d s used to ident ify f i l e types a n d d i s p l ay parts of text f i l es .
•
-
Before you begin ...
Perform t h e fo l l o w i n g steps o n desktopX.
1.
Log i nto yo u r d e s k t opX syste m ' s g ra p h i c a l l o g i n screen a s s t ud e n t .
2.
O p e n a t e r m i n a l w i n dow that w i l l p rovide a bash prom pt.
3.
C h a n g e s t uden t ' s password to T3 s t ln gT1me.
4.
D i s p l ay t h e c u rre nt t i m e a n d date.
5.
D i s p l a y the c u rrent t i m e in t h e fo l l ow i n g fo r m a t : H H : M M : S S A/PM. H i nt: The format stri ng
that d i s p l ays t h a t output i s %r.
-
-
-
-
6.
What k i n d of f i l e i s / u s r /bin/clean - binary - files? Is i t rea d a b l e by h u m a ns?
7.
U se t h e we com m a n d a n d bash s h o rtcuts to d i s p l ay t h e size of
/ u s r /bin/clean - binary - files.
-
8.
D i s p l a y the fi rst 1 0 l i nes of / u s r /bin/clean - binary - files.
-
9.
D i s p l a y t h e l a st 10 l i nes at the botto m of t h e / u s r /bin/clean - binary - files f i l e.
10.
Repeat the p rev i o u s com m a n d , b u t u s e the - n 20 opt i o n to d i s p l ay the l a st 20 l i nes in the
f i l e. U s e co m m a n d l i n e e d i t i n g to accom p l i s h this w i t h a m i n i m a l a m o u nt of keyst rokes.
11.
Execute the date c o m m a n d w i t h o u t any a rg u m e nts to d i s p l ay the c u r re n t date and t i me.
12.
Use bash h i story to d i s p l ay j u st the t i me.
13.
F i n i s h yo u r sess i o n with t h e bash s h e l l .
-
-
-
-
-
22
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
Sol ution
-
Solution
-
-
I n t h i s l a b, you w i l l use t h e B a s h s h e l l to effic i e n t l y execute co m m a n d s u s i n g s h e l l
m eta c h a ra cters.
-
O utcomes:
Practice using s h e l l c o m m a n d l i n e editing and h istory f u n c t i o n s to effic i e n t l y execute
co m m a n d s w i t h m i n o r c h a n g es.
-
•
-
•
C h a n g e t h e password of t h e s t u d e n t user to T3s t 1 n gT1me.
•
Execute com m a n d s used to i d e n t i fy file types and d is p l a y pa rts of text f i l es.
-
Before you begin ...
Perform the fo l lo w i n g steps o n d e s ktopX.
-
-
1.
Log i nto you r d e s k t opX syste m ' s g ra p h i c a l l o g i n screen as st u d e n t .
2.
O p e n a termi n a l w i n d ow t h a t wi l l prov i d e a bash p ro m pt.
S e l ect
-
3.
A p p l i c a t i o n s > Ut i l it i e s > Te r m i n a l .
C h a n g e s t ud e n t 's pa sswo rd to T3s t 1 ngT1me.
Use the pas swd c o m m a n d to c h a nge the password. Be s u re to p rov i d e the o r i g i n a l
pa ssword, s t u d e n t , fi rst.
-
[student@desktopX - ] $ passwd
Changing password for user student .
Changing password for student .
( current ) UNIX password : st udent
New password : T3s t lngT1me
Retype new password : T3s t ln gT1me
passwd : all authentication tokens updated successfully .
-
-
- -
-
4.
--------- -----�
D i s p l ay t h e current t i m e a n d date.
[student@desktopX - ] $ date
Thu Apr 3 10 : 13 : 04 PDT 2014
�----� ---�-- ----- - ·--- �--�
-
5.
-
D i s p l a y the c u rrent time in the fo l l ow i n g fo rmat: H H : M M : S S A/PM . H i nt: The fo r m a t st r i n g
t h a t d i s p l ays t h a t o u t p u t i s %r.
[ student@desktopX
10 : 14 : 07 AM
,_.
-
----��-
S pecify t h e +%r argument to date.
-
-
----�------
6.
- ] $ d a t e +%r
W h a t kind of file i s / u s r / bin/clean - binary - files? I s it rea d a b l e by h u m a n s?
R H124- R H E L7 -e n -1-20140606
23
-
-
C h a pter 1 . Accessi n g t h e C o m m a n d L i n e
-
.I
Use t h e file co m m a n d to dete r m i n e i t s f i l e type.
7.
[student@desktopX - ] $ file / u s r/bin/clean - binary - files
/usr/bin/clean- binary-files : POSIX shell script , ASCII text executable
-
-
U s e t h e we com m a n d a n d bash s h o rtcuts to d i s p l ay t h e s i z e of
/ u s r / bin/clean - binary - files.
The eas iest s h o rtcut to use is Esc+ . to re use the a rg u m e n t from t h e p revious co m ma n d.
[student@desktopX - ] $ w c <Esc> .
[student@desktopX - ] $ wc / u s r/bin/clean - binary - files
594 1780 13220 /usr/bin/clean - binary-files
-
-
-
8.
D i s p l a y t h e fi rst 1 0 l i nes of / u s r / bin/clean - binary - files.
The head com m a n d d i s p l ays the beg i n n i n g of the f i l e. Did you use t h e bash s h o rtcut a g a i n?
[student@desktopx - ] $ head <Esc> .
[student@desktopX - ] $ head / u s r/bin/clean - binary - files
# ! /bin/sh
#
# Script to clean binary files .
#
# JPackage Proj ect <http : //www . j package . org/>
#
# $Id : clean-binary-files, v 1 . 1 2006/09/19 19 : 39 : 37 fnasser Exp
# Import j ava functions
[ -r "/usr/share/j ava- utils/j ava-functions" ] \
9.
-
-
-
$
-
-
D i s p l ay t h e l a st 1 0 l i n es at t h e bottom of t h e / u s r /bin/clean - binary - files fi l e.
U s e t h e t ail com m a n d .
[ student@desktopX - ] $
[student@desktopX - ] $
. . Output omitted . . .
tail <Esc> .
tail / u s r/bin/clean - binary - files
-
.
-
1 0.
Repeat t h e p revi o us co m m a n d , b u t use t h e - n 20 o p t i o n to d i s p l ay t h e l a s t 20 l i n es i n t h e
f i l e. U s e c o m m a n d l i n e e d i t i n g to accom p l i s h t h i s w i t h a m i n i m a l a m o u nt o f keystrokes.
U p Ar row d i s p l ays the p revio u s co m m a n d . Ct r l +a m a kes the c u rsor j u m p to the beg i n n i n g
o f t h e l i ne. C t r l+Right Ar row j u m ps t o t h e next word, t h e n add t h e - n 2 0 o pt i o n a n d h i t
E n t e r t o execute t h e co m m a n d .
[student@desktopX - ] $
. . . Output omitted . . .
11.
24
-
-
t ail - n 20 / u s r/bin/clean - binary - files
-
E x e c u t e t h e d at e c o m m a n d w i t h o u t any a rg u m e nts to d i s p l ay t h e c u rrent date a n d t i m e.
I [ student@desktopX - ] $ date
-
-
R H1 24- R H E L 7-en-1-20140606
-
-
-
-
I Thu Apr 3 10 : 48 : 30 PDT 2014
-
-
Solution
i
12.
U s e b as h h istory t o d i s p l ay j u st t h e t i m e.
D i s p l a y t h e l ist o f p revious co m m a n d s w i t h t h e h i s t o r y com m a n d to i d e n t ify t h e specific
d a t e command to be executed. Execute t h e com m a n d w i t h t h e ! number h istory com m a n d .
-
-
[ student@desktopX ]$
date +%X
10 : 49 : 56 AM
-
-
-
-
-
13.
! 44
Fi n i s h yo u r session with t h e bash s h e l l .
U s e e i t h e r exit o r t h e Ct r l +d k e y c o m b i n at i o n t o c l ose t h e s h e l l .
I
[ student@desktopX ]$
-
exit
-
-
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1 -20140606
25
-
-
C h a pter 1 . Access i n g t h e C o m m a n d L i n e
-
S u m m a ry
-
Acces s i n g t h e Co m m a n d L i n e Using t h e Loca l Console
U s e t h e p hys i ca l console to view o u t p u t and i n put com m a n d s w i t h correct syntax u s i n g
t h e bash s h e l l .
Acces s i n g t h e Co m ma n d L i n e U s i n g t h e Des ktop
U s e the G N O M E g ra p h i c a l e n v i ro n m e nt to l a u nc h a p p l i cations, e s p e c i a l l y the g ra p h ica l
term i n a l prog ra m .
Exec u t i n g C o m m a n d s U s i n g t h e B a s h S h e l l
U s e t h e t a b co m p l et i o n , co m m a n d h i sto ry, a n d com m a n d l in e-ed i t i n g featu res o f t h e
B a s h s h e l l to execute co m m a n d s m o re effi c i e n t l y.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
26
R H1 24- R H E L 7-en-1-20140606
-
-
®
red h at
TRAINING
®
C H A PT E R 2
MANAGING FILES F ROM THE
COMMAND LINE
Overview
Goal
To copy, move, create, delete, and org a n ize files w h i l e
wo r k i n g from t h e B a s h s h e l l prompt.
Objectives
•
Identify t h e p u rpose fo r i m portant di rectories on a L i n ux
system.
•
•
Specify files u s i n g a b s o l ute and re lative path n a mes.
C reate, copy, move, and remove files and directories u s i n g
command- l i ne uti l it ies.
•
Match o n e or more f i l e n a mes using shell expa n s i o n as
a rg u m e nts to s h e l l com ma nds.
Sections
•
The L i n ux F i l e System H i e ra rchy (a nd Pra c t i ce)
•
Locat ing Files by N a m e (and Practice)
•
M a n a g i n g Files U s i n g C o m m a nd- L i n e Too l s (and P ra c t ice)
•
M atch i n g F i l e N a m e s U s i n g Pat h N am e Exp a n s i o n (and
Pract ice)
Lab
R H 1 24- R H E L7-en-1 -20140606
•
M a n a g i n g F iles with S h e l l Expa n s i o n
27
C h a pter 2. M a n a g i n g F i l es Fro m t h e C o m m a n d L i n e
-
T h e L i n u x F i l e Syste m H i e ra rc hy
-
Objectives
-
After com p l e t i n g t h i s sect i o n , st u d e n t s s h o u l d be a b l e to u n d e rsta n d f u n d a m e ntal f i l e system
l ayout, o rg a n i za t i o n , and the l ocat i o n of key f i l e types.
-
The file system hierarchy
A l l f i l es o n a L i n u x syste m a re stored o n f i l e systems w h i c h a re o rg a n i zed into a s i n g l e inverted
t ree of d i recto ries, k n o w n as a file system hierarchy. T h i s t re e is i nverted because t h e root of t h e
t ree i s s a i d t o be at t h e top o f t h e h i e ra rchy, a n d t h e b ra n c h e s of d i rectories a n d s u b d i rectories
st retc h below t h e root.
•
-
I
• • • • • • • • • • •
........
I .
I
• • •
•• . . . �
bin
b o ot
·.
dev
etc
home
. ..
root
ru n
. .
·...
I
....
, .. ...
.
.
a l ice
bob
eve
bin
loca l
..
va r
usr
tmp
sbin
I
tmp
sbin
7
T h e d i rectory I is t h e root d i rectory at t h e top of t h e f i l e syste m h i e ra rchy. T h e I c h a racter
i s a l so used a s a directory separator i n f i l e names. Fo r exa m p l e, i f e t c is a s u b d i rectory of the
I d i recto ry, we co u l d ca l l t h a t d i rectory /etc. L i kewise, i f t h e /etc d i rectory conta i n e d a file
n a m ed issue, we co u l d refe r to t h a t file a s /etc/issue.
S u b d i rectories of I a re used for sta n d a rd ized pu rposes to o rg a n ize f i l e s by type a n d p u r pose.
This m a kes it e a s i e r to find f i l es. Fo r exa m p le, i n the root d i recto ry, the s u b d i rectory /boot is
used for sto r i n g f i l es needed to boot the system.
Note
�
-
tmp .. ... .. . . .....
Figure 2. 1 : Significant file system directories in Red Hat Enterprise Linux
' ,......._ ,
-
-
-
-
T h e fo l l ow i n g t e r m s a re e n c o u ntered i n descri b i n g f i l e syste m d i rectory contents:
- static i s content that rema i n s u n c h a ng e d u n t i l ex p l i c i t l y e d ited o r reconfi g u re d .
- dynamic o r variable i s c o n t e n t typica l l y m o d i f i e d o r a p pe n d e d by active p rocesses.
- persistent i s content, partic u l a r l y confi g u ra t i o n sett i n g s, that re m a i n after a reboot.
- runtime i s p rocess- o r syste m-specific content o r att ri butes c l e a red d u r i n g reboot.
-
-
T h e f o l l o w i n g t a b l e l ists some of the most i m porta nt d i rectories o n t h e system by n a m e a n d
p u rpose.
-
-
28
R H 1 24- R H E L 7 - e n -1-20140606
-
-
-
-
T h e f i l e system h i e ra rc h y
-
Important Red H a t Enterprise Linux directories
-
Locat i o n
Pu r p o se
/usr
I n sta l l ed softwa re, s h a red l i b ra ries, i n c l u d e fi l es, a n d static rea d -o n l y pro g ra m
data. I m portant s u b d i rectories i n c l u d e :
- /u s r /bin: User commands.
- / u s r/sbin: System administration commands.
- / u s r /local: L ocally customized software.
/etc
Config u ration f i l e s s p e c i f i c to t h i s syste m .
/va r
Va r i a b l e data s p e c i f i c to t h i s system that s h o u l d p e rs ist betwee n boots. F i l e s
that d y n a m i ca l l y c h a n g e (e.g. databases, ca c h e d i rectories, log f i l es, p r i nters p o o l e d doc u m e nts, and webs ite content) may be fo u n d u n d e r /va r.
/run
R u nt i m e data f o r p rocesses sta rted s i n c e t h e last boot. T h i s i n c l udes process
ID files a n d lock f i l es, a m o n g ot h e r t h i ngs. The contents of this d i rectory a re
recreated o n reboot. ( T h i s d i rectory c o n s o l idates /va r / r u n a n d /va r /loc k
from o l d e r vers i o n s of Red H a t Enterprise L i n ux.)
/ home
Home directories w h e re reg u l a r users sto re t h e i r p e rs o n a l data a n d
confi g u ration f i l es.
/ root
Home d i rectory for t h e a d m i n istrative s u pe r u s e r, root.
/tmp
A wo r ld -writa b l e s pace for tem pora ry f i l es. F i l es w h i c h a re m o re t h a n 1 0
d a y s o l d a re d e l eted f r o m t h i s d i rectory a utomatica l l y. A n o t h e r tem pora ry
d i rectory exists, /var / t m p , i n w h i c h f i l es t h a t have n ot been accessed,
c h a n g e d , o r mod ified i n m o re than 3 0 days a re d e l eted a utomatica l l y.
/boot
Files needed i n order to sta rt t h e boot p rocess.
/dev
Conta i n s spec i a l device files which a re used by the syste m to access
h a rdwa re.
-
-
-
-
-
-
-
Important
-
-
-
-
I n Red H a t Enterprise L i n u x 7, f o u r o l d e r d i rectories i n I n ow have i d e ntica l contents a s
t h e i r cou nterparts l ocated i n / u s r :
-
/ b i n a n d / u s r /bin.
/sbin and / u s r /s bin.
/lib a n d / u s r/lib.
/lib64 and / u s r /lib64.
In o l d e r vers i o n s of Red H a t Enterprise L i n u x , these were d i s t i n c t d i rectories conta i n i n g
d iffe rent sets of f i l es . I n R H E L 7, t h e d i rector i es i n I a re sym b o l i c l i n ks to t h e matc h i n g
d i rectories i n / u s r .
-
-
-
-
-
R H1 24- R H E L 7-en-1 -20140606
29
-
C h a pter 2. M a n a g i n g F i l e s Fro m t h e C o m m a n d L i n e
-
.- _
,!, R
References
I
i
t!i__I
-
hie r (7 ) m a n page
F i l esyste m H i e ra rchy Sta n d a rd
htt p : //www. pa t h n a m e.com/fhs
-
-
-
-
-
-
-
-
-
-
-
-
30
R H1 24- R H E L7-en-1-20140606
-
-
-
-
P ract ice: F i l e System H i e ra rchy
-
P ra ct i ce: F i l e Syste m H i e ra rc hy
-
-
-
-
-
Quiz
Match t h e fo l l ow i n g items to t h e i r cou nte r p a rts i n t h e t a b l e.
DBEJ BGB B
I
I
B
/u s r/b i n
/u s r/s b i n
-
D i rectory p u r p o s e
L o ca t i o n
-
T h i s d i rectory c o n t a i n s sta t i c , p e rs i st e n t syst e m
c o n f i g u ra t i o n d a t a .
-
T h i s i s t h e syst e m ' s root d i recto ry.
-
U s e r h o m e d i recto r i es a re l o cated u n d e r t h i s d i recto ry.
-
T h i s i s t h e root a c co u n t ' s h o m e d i recto ry.
-
-
-
-
-
T h i s d i rectory c o n t a i n s d y n a m i c c o n f i g u ra t i o n d a ta ,
s u c h a s F T P a n d w e b s i tes.
Reg u l a r user c o m m a n d s a n d u t i l i t i e s a re l ocated h e re.
System a d m i n i st ra t i o n b i n a r i e s , fo r root u s e , a re h e re.
Te m po ra ry f i l e s a re sto red h e re.
-
-
-
R H124- R H E L7-en-1-20140606
31
-
-
C h a pter 2. M a n a g i n g F i l es From t h e C o m m a n d L i n e
-
Loca t i o n
D i rectory p u rpose
C o n ta i n s d y n a m i c , n o n - pe rs i st e n t a p p l i c a t i o n r u n t i m e
data.
-
-
-
C o n ta i n s i n sta l l e d softwa re p rog ra m s a n d l i b ra r i es .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
32
R H 1 24- R H E L7 -e n -1 -20140606
-
-
-
-
Solution
-
Solution
-
-
Ma tc h t h e fo l l ow i n g items to t h e i r c o u nte r p a rts i n t h e t a b l e.
Di recto r y p u rpose
Location
-
-
-
T h i s d i rectory conta i n s sta t i c , p e r s i s t e n t syst e m
co n fi g u ra t i o n d a t a .
T h i s i s t h e syst e m ' s root d i recto ry.
/etc
I
-
U s e r h o m e d i recto ries a re l o cated u n d e r t h i s d i recto ry.
-
T h i s i s t h e root acco u nt ' s h o m e d i recto ry.
/root
T h i s d i rectory conta i n s d y n a m i c c o n f i g u ra t i o n d a t a ,
s u c h a s F T P a n d websites.
/va r
-
/home
-
-
-
-
-
Re g u l a r u s e r co m m a n d s a n d u t i l i t i e s a re l ocated h e re.
/u s r/b i n
Syste m a d m i n i st ra t i o n b i n a r i e s , fo r root use, a re h e re.
/u s r/s b i n
Te m p o ra ry fi l es a re sto red h e re.
/t m p
C o n t a i n s d y n a m i c , n o n - p e rs i stent a p p l icat i o n r u n t i m e
data.
/ru n
C o n t a i n s i n sta l l e d softwa re p ro g ra m s a n d l i b ra r i es.
/u s r
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1-20140606
33
C h a pter 2. M a n a g i n g F i les Fro m the C o m m a n d L i n e
Locat i n g F i l es by N a m e
O bject ives
After c o m p l e t i n g t h i s secti o n , stu d e n t s s h o u l d b e a b le t o correct l y u s e a b s o l ute path n a mes,
c h a n g e a work i n g d i rectory, a n d use c o m m a n d s to d ete r m i n e d i rectory l o c a t i o n s and contents.
A b so l u t e pat h s a n d re l a t i ve pat h s
I
I
home
var
home
al e
ic
I
bob
eve
I
meslagel
l
...,
log -- 1mesfages
.
.
�
·
·
log
'"I
Figure 2.2: The common file browser view (left) is equivalent to the top-down view (right)
The path of a f i l e o r d i rectory specifies its u n i q u e f i l e system location. Fo l l o w i n g a f i l e path
traverses o n e o r more n a med s u b d i rectories, d e l i m ited by a fo rward s l a s h ( / ) , u nt i l the
dest i nation is reached . Sta n d a rd file behavior definitions apply to d i rectories (a lso ca l l ed folders)
t h e s a m e as other f i l e types.
I m p o rta nt
A l t h o u g h a Space is a n accepta b l e c h a racter i n L i n u x file n a mes, a s p a c e is t h e
d e l i miter used b y t h e comma n d s h e l l f o r c o m m a n d syntax interp retat i o n . New
a d m i n i strators a re a d vi sed to avo i d using s pa ces i n file n a mes, since file n a mes that
i n c l u d e s p a ces frequently res u l t i n u n de s i re d command execution behavior.
Absol ute p a t h s
A n absolute path i s a fully qualified n a me, beg i n n i n g at the root (!) d i rectory a n d specifying each
s u b d i rectory t raversed to reach a n d u n i q u ely re p resent a s i n g l e f i l e. Every f i l e i n a file system has
a u n i q u e a bsol ute path n a me, recog n ized w i t h a simple r u l e: A path name w i t h a fo rward s l a s h
( / ) a s t h e fi rst c h a ra cter is a n a bs o l ute p a t h n a me. For exa m p le, t h e a b s o l ute p a t h n a m e f o r t h e
system m e s s a g e l og f i l e i s /var /log/messages. Absol ute p a t h n a m es c a n b e long to type, s o
files may a l so b e l ocated relatively.
W h e n a u s e r logs in a n d opens a com m a n d w i n d ow, t h e i n i t i a l l ocation i s n o r m a l l y t h e user's
h o m e d i recto ry. System p rocesses also have an i n i t i a l d i recto ry. Users and p rocesses navigate to
other d i rectories as needed; the terms working directory o r current working directory refer to t h e i r
current location.
34
R H1 24- R H E L7-en-1-20140606
-
-
N a v i g a t i n g paths
-
R e l at i v e pat h s
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
L i ke a n a bsol ute p a t h , a relative path identifies a u n iq u e f i l e , s pecify i n g o n l y t h e p a t h n e cessa ry
to rea c h the f i l e from the wo r k i n g d i rectory. Recog n i z i n g re l a t ive path n a m e s fo l l ows a s i m p l e
r u l e: A p a t h n a m e w i t h anything other than a forwa rd s l a s h ( / ) as a fi rst c h a racter is a relat ive
path n a m e. A user i n the /var d i rectory co u l d refe r to the message log f i l e re l a t i ve l y a s
log/messages.
Fo r sta n d a rd L i n u x file systems, t h e path name of a file, i n c l u d i n g a l l I c h a racters, m a y b e n o
m o re t h a n 4 0 9 5 bytes l o n g . Each c o m p o n e n t of t h e path n a m e separated by I c h a racters may
b e no m o re t h a n 255 bytes l o n g . File n a mes c a n u s e a n y U T F-8 encoded U n icode c h a racter
except I and t h e NUL c h a racter. (ASC I I c h a racters req u i re one byte; ot h e r Latin, Greek, H e b rew,
or Cyri l l ic c h a racters take two bytes; re ma i n i n g c h a racters in t h e U n icode Basic M u l t i l i n g u a l
P l a n e take t h ree; a n d n o c h a racter w i l l take m o re t h a n fo u r bytes.)
L i n u x f i l e systems- i n c l u d i n g , but not l i m ited to, ext4, X FS , BTR FS, G FS2, and G l u st e r FS-are case­
sensit ive. C reat i n g FileCase . txt and filecas e . txt in the same d i rectory res u l t s in two
u n i q u e f i l es. A l t h o u g h m a n y n o n - L i n u x file syste m s a re s u p p o rted in L i n u x , each has u n i q u e
f i l e n a m i n g r u l es. Fo r exa m p l e, t h e u bi q u itous V FAT fi l e system i s n o t case-sensit ive a n d a l l ows
o n l y one of the two exa m p l e fi l es to be created. H oweve r, V FAT, a l o n g w i t h M i c rosoft 's N T FS a n d
A p p l e ' s H FS+, h a s case preserving behavior. A l t h o u g h t h ese f i l e systems a re not case-s e n s i t ive
(e nforced p r i m a r i l y to s u p port backwa rd compat i b i l ity), t h ey d o d i s p l a y f i l e n a m e s w i t h t h e
o r ig i n a l ca p ita l ization used w h e n t h e fi l e w a s c reated.
Navigating paths
The pwd com m a n d d i s p l ays t h e fu l l path n a m e of t h e c u rrent l ocati o n , w h i c h h e l ps d eterm i n e
a p p rop riate syntax f o r rea c h i n g f i l e s u s i n g re l a t ive p a t h n a m es. T h e ls com m a n d l ists d i rectory
contents for t h e s peci fi ed d i rectory o r, if n o d i rectory i s g iv e n , for t h e c u rrent d i recto ry.
rI /home/student
[student@desktopX -]$
[student@desktopX -]$ l
pwd
Desktop Documents Downloads Music Pictures Public Templates Videos
[student@desktopX -]$
s
U se t h e c d co m m a n d t o c h a n g e d i rectories. W i t h a wo r k i n g d i rectory o f / home/ s t u d e n t ,
relat ive p a t h syntax is s h o rtest to rea c h t h e Videos s u b d i recto ry. The Docume n t s s u b d i rectory
i s then rea c h e d u s i n g a b s o l ute path syntax.
[student@desktopX -]$ cd Videos
[student@desktopX Videos] $ pwd
/home/student/Videos
[student@desktopX Videos] $ cd /home/student /Docume n t s
[student@desktopX Documents]$ pwd
/home/student/Documents
[student@desktopX Documents]$ c d
[student@desktopX -]$ pwd
/home/student
[student@desktopX -]$
T h e s h e l l p rog ra m p ro m pt d i s p l ays, for brevity, o n l y t h e l a st component o f t h e c u r re n t d i rectory
path. For / home/ s t u d e n t /Video s, only Videos d i s p l ays. At any t i me, ret u r n to the u s e r ' s
h o m e d i rectory u s i n g c d without specify i n g a d e st i n a t i o n . T h e pro m pt d i s p l ays t h e tilde (-)
c h a racter when the u s e r ' s c u rrent d i rectory i s t h e i r h o m e d i rectory.
R H 1 24- R H E L7-e n-1-20140606
35
-
C h a pter 2. M a n a g i ng F i l es Fro m t h e C o m m a n d L i n e
T h e t o u c h c o m m a n d n o r m a l l y u pd ates a f i l e ' s t i mesta m p to t h e c u rre nt d a t e a n d t i m e w i t h o u t
o t h e rwise modifying it. T h i s i s usef u l for c reat i n g e m pty f i l es, w h i c h can b e used for p ra ct ice,
s i n ce "to u c h i n g " a f i l e n a m e that does not exist causes the f i l e to be created. U s i n g t o u c h ,
p ract ice f i l e s a re c reated i n t h e Docume n t s a n d Videos s u b d i rectories.
[student@desktopX
[student@desktopX
[student@desktopX
[ student@desktopX
[student@desktopX
-
-]$
-]$
-]$
-]$
-]$
touch
touch
touch
touch
Videos/blockbus t e r l . ogg
Videos/blockb u s t e r 2 . ogg
Documents/t hesis_ch ap t e r l . odf
Docume n t s / t hesis_chapt e r 2 . odf
-
T h e l s co m m a n d has m u lt i p l e o pt i o n s for d i s p l a y i n g att r i b utes o n f i l es. T h e m ost co m m o n a n d
usefu l a re - 1 ( l o n g l is t i n g format), - a (a l l f i l es, i n c l ud e s hidden f i l es), a n d - R (recursive, to i n c l u d e
t h e contents o f a l l s u b d i rectories).
[student@desktopX - ] $ ls
total 15
drwxr-xr - x . 2 student student
drwxr-xr - x . 2 student student
drwxr-xr - x . 3 student student
drwxr-xr - x . 2 student student
drwxr-xr - x . 2 student student
drwxr-xr - x . 2 student student
drwxr-xr - x . 2 student student
drwxr-xr - x . 2 student student
[student@desktopX - ] $ l s - a
total 15
d rwx - - - - - - . 16 student student
drwxr-xr - x . 6 root root
- rw- - - - - - - . 1 student student
- rw- r- - r- - . 1 student student
- rw- r- - r - - . 1 student student
- rw- r - - r- - . 1 student student
drwxr-xr - x . 4 student student
drwxr -xr - x . 8 student student
drwxr-xr - x . 2 student student
drwxr-xr - x . 2 student student
drwxr -xr-x . 3 student student
drwxr-xr-x . 11 student student
drwx- - - - - - . 2 student student
- rw- - - - - - - . 1 student student
drwxr-xr - x . 3 student student
drwxr-xr - x . 2 student student
drwxr-xr - x . 2 student student
d rwxr-xr-x . 2 student student
drwxr-xr-x . 2 student student
drwxr -xr-x . 2 student student
[student@desktopX - ] $
-1
4096
4096
4096
4096
4096
4096
4096
4096
Feb
Jan
Jan
Jan
Jan
Jan
Jan
Jan
4096
4096
22664
18
176
124
4096
4096
4096
4096
4096
4096
4096
15190
4096
4096
4096
4096
4096
4096
7
9
9
9
9
9
9
9
Feb
Feb
Feb
Jul
Jul
Jul
Jan
Feb
Feb
Jan
Jan
Feb
Jan
Feb
Jan
Jan
Jan
Jan
Jan
Jan
14 : 02
15 : 00
15 : 00
15 : 00
15 : 00
15 : 00
15 : 00
15 : 00
Desktop
Documents
Downloads
Music
Pictures
Public
Templates
Videos
8 16 : 15
8 16 : 13
8 00 : 37
9 2013
9 2013
9 2013
20 14 : 02
5 11 : 45
7 14 : 02
9 15 : 00
25 20 : 48
6 13 : 07
20 14 : 02
8 09 : 49
9 15 : 00
9 15 : 00
9 15 : 00
9 15 : 00
9 15 : 00
9 15 : 00
-·
-
-
-
-
. bash_history
. bash_logout
. bash_profile
. bashrc
. cache
. config
Desktop
Documents
Downloads
. gnome2
. gnome2_private
. ICEauthority
. local
Music
Pictures
Public
Templates
Videos
-
-
-
-
-
-
T h e two specia l d i rectories a t t h e top o f t h e l is t i n g refe r t o t h e c u rrent d i rectory ( . ) a n d t h e
parent d i rectory ( ) . T h e s e s p e c i a l d i rectories exist i n every d i rectory o n t h e syst e m . T h e i r
u s ef u l ness w i l l b e c o m e a p pa re n t w h e n f i l e m a n a g e m e n t c o m m a n d s a re practiced.
•
.
-
-
-
36
R H 1 24- R H E L 7 - e n -1-20140606
-
-
-
-
Navigating paths
-
-
-
A
T
Important
F i l e n a m es b eg i n n i n g w i t h a dot ( . ) i n d icate f i l es hidden from n o r m a l view u s i n g ls
and o t h e r commands. T h i s i s not a s e c u rity featu re. H id d e n files keep necessary u s e r
confi g u ra t i o n f i l es f r o m c l utte r i n g h o m e d i rectories. M a ny co m m a n d s process h i d d e n
f i l es o n l y with specific com m a n d - l i n e o p t i o n s , preve n t i n g o n e u s e r ' s confi g u ra t i o n f r o m
b e i n g accidenta l l y c o p i e d to o t h e r d i rectories o r u s e rs.
-
To p rotect file contents from i m p ro p e r viewing req u i res t h e u s e of file permissions.
-
-
-
-
-
-
-
-
-
-
-
-
-
[student@desktopX -]$ ls - R
Desktop Documents Downloads Music Pictures Public Templates Videos
. /Desktop :
. /Documents :
thesis_chapter1 . odf thesis_chapter2 . odf
. /Downloads :
. /Music :
. /Pictures :
. /Public :
. /Templates :
. /Videos :
blockbuster1 . ogg blockbuster2 . ogg
[student@desktopX -]$
T h e cd co m ma n d h a s m a ny o p t i o n s . A few a re so usef u l as t o be wort h pract i c i n g e a r l y a n d u s i n g
ofte n . T h e co m m a n d cd - c h a n g e s d i rectory to t h e d i rectory w h e re t h e u s e r w a s previous to t h e
c u rre nt d i recto ry. Watch as t h i s u s e r ta kes a d va ntage o f t h i s b e h a v i o r to a l ternate between two
d i rectories, u s ef u l when process i n g a series of s i m i l ar tasks.
[student@desktopX -]$ cd Videos
[student@desktopX Videos]$ pwd
/home/student/Videos
[student@desktopX Videos]$ cd /home/st u d e n t /Document s
[student@desktopX Documents]$ pwd
/home/student/Documents
[student@desktopX Documents]$ cd [student@desktopX Videos]$ pwd
/home/student/Videos
[student@desktopX Videos]$ cd [ student@desktopX Documents]$ pwd
/home/student/Documents
[student@desktopX Documents]$ cd [student@desktopX Videos]$ pwd
/home/student/Videos
[student@desktopX Videos]$ cd
[student@desktopX -]$
-
-
-
R H1 24- R H E L 7-en-1-20140606
37
-
-
C h a pter 2 . M a n a g i n g F i l e s Fro m t h e Co m m a n d L i n e
-
T h e cd . . com m a n d u s e s t h e . . h i d d e n d i rectory to move u p o n e l eve l to t h e parent d i recto ry,
without n e ed i n g to k n ow t h e exact parent n a m e. T h e other h i d d e n d i rectory ( . ) specifies t h e
current directory o n com m a n d s i n w h i c h t h e c u rrent l ocat i o n i s e i t h e r t h e s o u rce o r dest i n a t i o n
a rg u ment. avo i d i n g t h e need to type o u t t h e d i rectory's a b s o l ute path n a m e .
[student@desktopX Videos] $ pwd
/home/student/Videos
[student@desktopX Videos]$ cd
[student@desktopX Videos] $ pwd
/home/student/Videos
[student@desktopX Videos] $ c d
[student@desktopX -]$ pwd
/home/student
[student@desktopX -]$ cd
[ student@desktopX home]$ pwd
/home
[student@desktopX home]$ cd
[student@desktopX /]$ pwd
I
[student@desktopX /]$ cd
[student@desktopX -]$ pwd
/home/student
[student@desktopX -]$
-
-
.
-
-
. .
-
-
-
References
R
-
info libc ' file n ame resolu t ion ' (GNU C Library Reference Manual)
Section 11.2.2 F i l e n a m e reso l ut i o n
•
-
b a s h ( 1) , cd(1), ls(1), pwd (1 ) , u nicode(7 ) , a n d u t f - 8(7 ) m a n pages
-
U T F-8 and U n icode
http://www. u tf-8.com/
-
-
-
-
-
-
-
-
38
R H 1 24- R H E L 7-en-1 -20140606
-
-
-
-
Practice: Locat i n g F i l es a n d D i rectories
-
P ra ct i ce: Locat i n g Fi l es a n d D i recto ries
-
-
Quiz
Match t h e fo l l owi n g items to t h e i r cou nterparts i n t h e t a b l e.
-
-
-
-
Act i o n to a c co m p l i s h
Co m m a n d
-
-
-
-
-
-
L i st t h e c u r re n t u s e r ' s h o m e d i rectory ( l o n g fo r m at) i n
s i m p l est synta x , w h e n i t i s n ot t h e c u r re n t l ocat i o n .
Ret u r n to t h e c u r re n t u s e r ' s h o m e d i recto ry.
Dete r m i n e t h e a bs o l ute p a t h n a m e of t h e c u r r e n t locat i o n .
Ret u rn to t h e m ost p rev i o u s wo r k i n g d i recto ry.
M ove u p two l eve l s f ro m t h e c u r re n t l o cat i o n .
-
L i st t h e c u r re n t l oca t i o n ( l o n g fo r m a t ) w i t h h i d d e n f i l e s .
-
M ove to t h e b i n a r i e s l o cat i o n , from a ny c u r r e n t l ocat i o n .
-
M ove u p to t h e pa re nt of t h e cu r re n t l oc a t i o n .
-
M ove to t h e b i n a r i e s l ocat i o n , fro m t h e root d i rectory.
-
-
-
-
R H124- R H E L 7 - en -1 -20140606
39
-
-
C h a pter 2. M a n a g i n g F i l es Fro m t h e Co m m a n d L i n e
Solution
-
M a t c h t h e fo l l ow i n g items to t h e i r cou nterparts i n t h e tab l e.
Action to a ccomp l is h
Com m a n d
-
-
L i st t h e c u r re n t u s e r ' s h o m e d i rectory ( l o n g f o r m at) i n
s i m p l est sy n t a x , w h e n i t i s not t h e c u r re n t l ocat i o n .
Is -I �
Ret u r n to t h e c u r re n t u s e r ' s h o m e d i recto ry.
cd
-
Dete r m i n e t h e a bs o l ute p a t h n a m e of t h e c u r re n t l oca t i o n .
pwd
-
Ret u r n to t h e m ost p rev i o u s wo r k i n g d i recto ry.
cd -
M ove u p two l eve l s f r o m t h e c u r re n t l ocat i o n .
c d . . /. .
-
-
-
-
L i st t h e c u rrent l o c a t i o n ( l o n g format) w i t h h i d d e n f i l es.
Is -a l
-
M ove to t h e b i n a r i e s l ocat i o n , from a ny c u r re n t l ocat i o n .
cd / b i n
-
cd ..
M ove u p to t h e p a re n t of t h e c u rrent l ocat i o n .
-
M ove to t h e b i n a r i e s l o cat i o n , f ro m t h e root d i rectory.
cd b i n
-
-
-
-
-
-
40
R H 1 24- R H E L 7 - e n -1-20140606
-
-
M a n a g i n g F i l e s U s i n g C o m m a n d - L i n e Too l s
M a n a g i n g F i l es U s i n g C o m m a n d - L i n e Too l s
O bj ect ives
After c o m p leting t h i s sect i o n , students s h o u l d be a b l e to c reate, co py, l i n k , move, a n d remove
f i l es a n d s u b d i rectories in various d i rectories.
Co m m a n d - l i n e fi l e m a n a g e m e n t
F i l e m a na g e m e n t i nvolves c reat i n g , d e l e t i n g , copying, a n d moving f i l es. Add iti o n a l l y, d i rectories
c a n b e c reated, d e l eted, copied, and m oved to help o rg a n ize f i l es l o g i c a l ly. When wo r k i n g at the
co m m a n d line, file m a n a g e m e n t req u i res a wa re n ess of t h e c u rrent w o r k i n g d i rectory to choose
e i t h e r a bs o l ute o r re lat ive path syntax as most efficient for t h e i m m e d iate task.
File management commands
A c t i v i ty
S i ng l e s o u rce
Copy f i l e
cp f i l e1 f i l e 2
M ove f i l e
mv f i l e1 f i l e2
Re m ove f i l e
r m f i l e1
C reate d i re ctory
m kd i r d i r
<note)
M ove d i rectory
R e m ove d i rectory
N ote:
(note)
c p f i l e1 f i l e2 f i l e3 d i r
<5l
<4l
mv f i l e1 f i l e2 fi l e3 dir
<5l
rm -f f i l e 1 f i l e2 f i l e3
<6l
m kd i r -p p a r1 /p a r2 /d i r
<4l
c p -r d i r1 d i r2 d i r3 d i r4
<4l
mv d i r1 d i r2 d i r3 d i r4
<5l
rm -rf d i r1 d i r2 d i r3
<1l
<2l
c p - r d i r1 d i r2
<3l
mv d i r1 d i r2
Copy d i rectory
M u l t i p l e sou rce
<2l
r m -r d i r1
Ol
The res u l t i s a re n a me.
<2l
The " re c u rsive" option is req u i red to p rocess a s o u rce d i recto ry.
<3l
l f d i r2 exists, t h e res u l t is a m ove. If d i r2 doesn't exist , t h e res u l t is a
re n a m e.
<4l
T h e l a st a r g u m e n t m u st be a d i recto ry.
<5l
use c a u t i o n w i t h "force" o pt i o n ; you w i l l not be prom pted to confi r m
yo u r a ct i o n .
<6l
use c a u t i o n with " c reate parent" option; typing errors a re not c a u g h t .
C reate d i rectories
The mkdir c o m m a n d c reates o n e o r m o re d i rectories o r s u b d i recto ries, genera t i n g e r ro rs if
t h e file name a l ready exists o r w h e n atte m pt i n g to cre ate a d i rectory i n a parent d i rectory
t h at d o e s n ' t exist . The -p parent o p t i o n c reates m i s s i n g pa rent d i rectories for the re q u ested
desti n at i o n . Be cautious when u s i n g mkdir - p, s i n ce a c c i d e n t a l s p e l l i ng m ista kes c reate
u n i ntended d i rectories without g e n e ra t i n g error messages.
[ s t ud e n t@des ktopX -]$ mkdir Video/Watched
m k d i r : cannot c r e a t e d i r e c t o ry · video/Watc h ed ' : No s u c h file or d i r e c t o r y
The m kdir fa i l ed because Videos was m i s s p e l l e d . "Video" does n ot exist as a locat i o n i n w h i c h
to c reate t h e Wat ched s u b d i rectory. I f a p were u s e d , t h e user wou l d not have received a n e r r o r
m e s s a g e a nd n o w h a v e t w o d i rectories, Video a n d Videos.
-
[ s t u d e n t@des k t o pX - ] $ mkdir Videos/Watched
[ s t u d e n t@d e s k t opX - ] $ cd Docume n t s
R H 1 24 - R H E L 7-en-1-20140606
41
-
-
C h a pter 2 . M a n a g i ng F i l e s Fro m t h e C o m m a n d L i n e
[student@desktopX Documents]$ mkdir P roj ectX Proj ectY
[ student@desktopX Documents]$ mkdir -p Thesis/Chapt e r 1 Thesis/Chapt e r 2
[student@desktopX Documents]$ c d
[ student@desktopX -]$ ls - R Videos Docume n t s
Documents :
ProjectX P r oj ectY Thesis thesis_chapterl . odf thesis_chapter2 . odf
Documents/Proj ectX :
Documents/Proj ectY :
Documents/Thesis :
Chapter1 Chapter2 Chapter3
Documents/Thesis/Chapter1 :
Documents/Thesis/Chapter2 :
Documents/Thesis/Chapter3 :
Videos :
blockbuster1 . ogg blockbuster2 . ogg Watched
Videos/Watched :
[ student@desktopX -]$
-
Thesis/Chap t e r 3
-
-
-
-
-·
-
-
T h e l a st m k d i r c reated t h ree Cha pterN s u bd i rectories with o n e co m m a n d . T h e - p parent option
c reated t h e missing parent d i rectory Thesis.
-
Copy files
-
T h e c p c o m m a n d copies o n e o r m o re fi l es to become new, i n d e pe n d e n t f i l es. Syntax a l l ows
copy i n g an e x i st i n g f i l e to a new f i l e i n the cu rrent o r a nother d i recto ry, o r copying m u l t i p l e f i l e s
into a n o t h e r d i rectory. I n a ny dest i n a t i o n , new f i l e n a mes m u st be u n i q u e. I f t h e new f i l e n a m e i s
not u n i q u e, t h e copy co m m a n d w i l l ove rw rite t h e e x i s t i n g f i l e.
-
[student@desktopX -]$ cd Videos
[student@desktopX Videos] $ c p block b u s t e r1 . ogg bloc kbus t e r 3 . ogg
[student@desktopX Videos]$ ls
total 0
- rw- rw- r - - . 1 student student 0 Feb 8 16 : 23 blockbusterl . ogg
- rw- r w- r - - . 1 student student 0 Feb 8 16 : 24 blockbuster2 . ogg
- r w- rw- r - - . 1 student student 0 Feb 8 19 : 02 blockbuster3 . ogg
d r wx rwxr - x . 2 student student 4096 Feb 8 23 : 35 Watched
[ student@desktopX Videos]$
-
-1
W h e n copy i n g m u lt i p l e f i l es with o n e c o m m a n d , t h e l a st a rg u m e n t m u st b e a d i rectory. Copied
f i l es reta i n their ori g i n a l n a m es i n t h e n ew d i recto ry. Conf l i c t i n g fi l e n a m e s t h a t exist at a
dest i n a t i o n m a y be ove rwritte n. To p rotect users from accidenta l l y ove rwrit i n g d i rectories with
contents, m u l t i p l e f i l e c p com m a n d s i g n o re d i rectories specified as a sou rce. Copy i n g n o n - e m pty
d i rectories, with contents, req u i res the - r recursive option.
[ student@desktopX Videos]$ cd . . /Docume n t s
[ student@desktopX Documents]$ cp t h e sis_chap t e r 1 . odf
cp : omitting directory 'Thesis '
[student@desktopX Documents]$ cp - r Thesis Proj ectX
[ student@desktopX Documents]$ c p t he sis_chap t e r 2 . odf
[ student@desktopX Documents]$ ls - R
42
t h e sis_chapt e r 2 . odf Thesis Proj ectX
Thesis/Chap t e r 2 /
·-·
-
-
-
i
-
I
I
R H1 24- R H EL 7-e n-1-20140606
-
-
-
-
-
-
Com m a n d - l i n e f i l e m a n a g e m e n t
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Proj ectX Proj ectY Thesis thesis_chapter1 . odf thesis_chapter2 . odf
. /Proj ectX :
Thesis thesis_chapter1 . odf thesis_chapter2 . odf
. /Proj ectX/Thesis :
. /Proj ectY :
. /Thesis :
Chapter1 Chapter2 Chapter3
. /Thesis/Chapter1 :
. /Thesis/Chapter2 :
thesis_chapter2 . odf
. /Thesis/Chapter3 :
[student@desktopX Documents]$
I n t h e fi rst c p com m a n d , Thesis fa i l ed to copy, b u t t hesis_c hapt e r l . odf a n d
t hesis_chapt e r 2 . o d f succeeded. U s i n g t h e - r recursive option, copy i n g Thesis s u cceed ed.
M ove fi l e s
The mv command re n a m e s f i l e s i n t h e same d i rectory, o r re l ocates f i l e s to a new d i recto ry. F i l e
contents re m a i n u n c h a n g ed. F i l es m oved to a d iffe re nt f i l e system req u i re c rea t i n g a n e w f i l e by
copy i n g the s o u rce f i l e, t h e n d e l e t i n g the s o u rce f i l e. A l t h o u g h norma l l y t ra n s pa re n t to the user,
l a rge f i l e s may t a ke n o ti cea b l y l o n g e r to m ove.
[student@desktopX Videos]$ cd
[student@desktopX Documents]$
total 0
- rw- rw- r - - . 1 student student
- rw- rw- r - - . 1 student student
[student@desktopX Documents]$
[student@desktopX Documents]$
[student@desktopX Documents]$
..
total 16
drwxrwxr-x . 2 student student
drwxrwxr-x . 2 student student
drwxrwxr-x . 5 student student
- rw- rw- r - - . 1 student student
. /Proj ectX :
total 0
- rw- rw- r - - . 1 student student
- rw- rw- r - - . 1 student student
. /Proj ectX/Thesis :
total 0
. /Proj ectY :
total 0
. /Thesis :
total 12
drwxrwxr - x . 2 student student
drwxrwxr-x . 2 student student
drwxrwxr-x . 2 student student
. /Thesis/Chapter1 :
R H124- R H E L 7-e n -1-20140606
. . /Docume n t s
ls - 1
0 Feb 8 16 : 24 thesis_chapter1 . odf
0 Feb 8 16 : 24 thesis_chapter2 . odf
mv thesis_c h ap t e r 2 . odf t h esis_chapter2_reviewed . odf
mv t hesis_c hap t e r 1 . odf Thesis/Chap t e r 1
ls - lR
4096
4096
4096
0
Feb
Feb
Feb
Feb
11
11
11
11
11 : 58
11 : 55
11 : 56
11 : 54
Proj ectX
Proj ectY
Thesis
thesis_chapter2_reviewed . odf
0 Feb 11 11 : 58 thesis_chapter1 . odf
0 Feb 11 11 : 58 thesis_chapter2 . odf
4096 Feb 11 11 : 59 Chapter1
4096 Feb 11 11 : 56 Chapter2
4096 Feb 11 11 : 56 Chapter3
43
-
-
C h a pter 2. M a n a g i n g F i l es Fro m t h e C o m m a n d L i n e
total 0
- rw- rw- r- - . 1 student student e Feb 11 11 : 54 thesis_chapter1 . odf
. /Thesis/Chapter2 :
total e
- rw-rw- r- - . 1 student student 0 Feb 11 11 : 54 thesis_chapter2 . odf
. /Thesis/Chapter3 :
total 0
[student@desktopX Documents]$
-
-
-
-
T h e fi rst mv com m a n d i s a n exa m p l e o f rena m i n g a f i l e . T h e seco n d causes t h e f i l e t o b e
re l ocated t o a nother d i rectory.
-
R e m ove fi l es a n d d i re c t o r i e s
Defa u l t syntax for rm d e l etes fi les, but not d i rectories. D e l e t i n g a d i recto ry, and pote n t i a l l y m a n y
s u b d i rectories a n d fi l es b e l ow it, req u i res the - r recursive o pt i o n . There is n o com m a n d - l i n e
u n d e l ete fea t u re, n o r a t ra s h b i n from w h i c h to restore.
[student@desktopX Documents]$ pwd
/home/student/Documents
[ student@desktopX Documents]$ r m thesis_chap t e r 2_reviewed . odf
[ student@desktopX Documents]$ rm Thesis/Chap t e r l
rm : cannot remove ' Thesis/Chapter1 ' : Is a directory
[student@desktopX Documents]$ rm - r Thesis/Chapt e r l
[student@desktopX Documents]$ ls Thesis
total 8
drwxrwxr-x . 2 student student 4096 Feb 11 12 : 47 Chapter2
drwxrwxr-x . 2 student student 4096 Feb 11 12 : 48 Chapter3
[student@desktopX Documents]$ r m - ri Thesis
rm : descend into directory 'Thesis ' ? y
rm : descend into directory 'Thesis/Chapter2 ' ? y
rm : remove regular empty file 'Thesis/Chapter2/thesis_chapter2 . odf ' ?
rm : remove directory ' Thesis/Chapter2 ' ? y
rm : remove directory 'Thesis/Chapter3 ' ? y
rm : remove directory 'Thesis ' ? y
[student@desktopX Documents]$
-
-
-
-1
-
-
y
After r m fa i l ed t o d e l ete t h e Chap t e r 1 d i recto ry, t h e - r recursive o pt i o n s u cceed e d . T h e l a st
rm com m a n d pa rsed into e a c h s u b d i rectory f i rst, i n d iv id u a l l y d e l et i n g conta i n e d f i l es before
re moving each now-em pty d i recto ry. U s i n g - i w i l l i n t e ract ive l y p rompt for each d e l et i o n . This is
essentia l l y t h e o p posite of - f which will force t h e d e l et i o n w i t h o u t p ro m p t i n g t h e u s e r.
-
-
-
-
T h e rmd i r com m a n d d e l etes d i rectories o n l y if e m pty. Removed d i recto ries ca n not b e
u n d e l eted.
[student@desktopX Documents]$ pwd
/home/student/Documents
[student@desktopX Documents]$ rmdir P roj ectY
[ student@desktopX Documents]$ rmdir Proj ectX
rmdir : failed to remove ' Proj ectX ' : Directory not empty
[student@desktopX Documents]$ rm - r P roj ectX
[student@desktopX Documents]$ ls - lR
total e
[student@desktopX Documents]$
-
-
-
-
T h e rmd i r com m a n d fa i l e d t o d e l ete n o n - e m pty P r o j ec tx, b u t rm - r
s u cceed e d .
-
44
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
Command-line file ma nagement
-
-
References
cp(1), m k d i r (1 ) . mv(1 ) , rm(1 ) , a n d rmd i r (1 ) m a n pages
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
45
-
-
C h a pter 2. M a n a g i ng F i l e s Fro m t h e C o m m a n d L i n e
-
P ra ct i ce: Com m a n d - L i n e Fi l e M a n a g e ment
-
Guide d exercise
-
I n t h i s l a b , you w i l l practice efficient tec h n i q u e s for c rea t i n g a n d o rg a n i z i n g f i l e s u s i n g
d i rectories, f i l e copies, a n d l i n ks.
-
Outcomes:
S t u d e nts w i l l practice c reat i n g , rea rra n g i n g , and d e l et i n g f i l es.
-
Before you begin...
Log i nto yo u r student acco u n t on serverX. Beg i n i n yo u r home d i recto ry.
0 1.
I n yo u r h o m e d i recto ry, create sets o f e m pty practice fi l es to u s e f o r t h e re m a i n d e r of
t h i s l a b . If t h e i nt e n d e d co m m a n d is not i m med iate l y recog n i ze d , stude nts a re expected
to use the g u ided s o l u t i o n to see and practice how the t a s k is acco m p l i s he d . U s e the s h e l l
t a b c o m p l et i o n to l ocate a n d c o m p l ete p a t h n a mes m o re e a s i l y.
-
-
-
C reate s i x f i l es with n a m e s of t h e form songX . mp3.
C reate six f i l es with names of the form s napX . j pg.
-
C reate s i x f i l es with n a m e s of the form filmX . avi.
-
I n e a c h set, re p l a ce X with t h e n u m be rs 1 t h ro u g h 6.
[student@serverx
song6 . mp3
[ student@serverx
snap6 . j pg
[ student@serverX
film6 . avi
[student@serverx
0 2.
- ] $ t o u c h song1 . mp3 song2 . mp3 song3 . mp3 song4 . mp3 song5 . mp3
- ] $ t o u c h snapl . j pg snap2 . j pg snap3 . j pg s n ap4 . j pg snap5 . j pg
- ] $ t o u c h filml . avi film2 . avi film3 . avi film4 . avi film5 . avi
- ] $ ls
Fro m yo u r home d i rectory, move t h e s o n g f i l e s into you r Music s u b d i recto ry, t h e
s n a ps h ot f i l e s i nto yo u r Pic t u r e s s u b d i recto ry, a n d t h e movie f i l es i nto your Vid eos
s u b d i recto ry.
[student@serverX - ] $ m v
song6 . mp3 Music
[student@serverX - ] $ mv
snap6 . j pg Pic t u res
[ student@serverx - ] $ mv
film6 . avi Videos
[student@serverX - ] $ ls
46
-
-1
W h e n d i s t r i b u t i n g f i l e s fro m o n e l ocat i o n to m a ny l ocat i o n s , fi rst c h a n g e to t h e d i rectory
conta i n i n g the source f i l es. Use the s i m p l est path synta x , a bs o l ute o r re l at ive, to reac h
t h e d e st i n a t i o n f o r e a c h f i l e m a n a g e m e n t task.
D 3.
-
song1 . mp3 song2 . mp3 song3 . mp3 song4 . mp3 song5 . mp3
-
-
-
-
snapl . j pg snap2 . j pg snap3 . j pg snap4 . j pg snap5 . j pg
filml . avi film2 . avi film3 . avi film4 . avi film5 . avi
-1
-
M u s ic Pic t u res Videos
-
I n yo u r h o m e d i recto ry, create t h ree s u b d i rectories for o rg a n i z i n g yo u r f i l e s i nto p rojects.
Ca l l t hese d i rectories f r iends, family, and wo r k . C reate a l l t h re e with o n e com m a n d .
R H 1 24- R H E L7-e n-1-20140606
-
-
-
-
-
G u i d e d exercise
-
Yo u w i l l u s e t h ese d i rectories to rea rra n g e yo u r f i l es into p rojects.
[student@serverX -]$ mkdi r
[student@serverX -]$ ls
-
friends family wo rk
-1
-
D 4.
-
Copy f i l es (a l l types) conta i n i n g n u m b e rs 1 a n d 2 to t h e friends fo l d e r.
Copy f i l e s (a l l types) conta i n i n g n u m be rs 3 a n d 4 to t h e fa m i l y fo l d e r.
-
W h e n co l l e ct i n g fi les from m u lt i p l e l ocat i o n s i n to o n e l ocat i o n , c h a n g e to t h e d i rectory
that w i l l conta i n the destination f i l es. Use the s i m p l est path synta x , a b s o l ute o r re l a t i ve, to
reac h the s o u rce for each f i l e m a n a g e m e n t task.
-
[student@serverX -]$ cd f riends
[student@serverX friends]$ cp -/Music/song 1 . mp3 -/Music/song2 . mp3 -/Pic t u res/
snap1 . j pg -/Pic t u res/snap2 . j pg -/Videos/film1 . avi -/Videos/film2 . avi .
[student@serverX friends]$ ls
[student@serverX friends]$ c d . . /family
[student@serverX family]$ c p -/Music/song3 . mp3 -/Music/song4 . mp3 -/Pic t u res/
snap3 . j pg -/Pic t u res/s nap4 . j pg -/Videos/film3 . avi -/Videos/film4 . avi
[student@serverX family]$ ls
-
-1
-
-
-
Yo u w i l l co l l ect some of the new fi l es i nto t h e p roj ect d i rectories for fa m i l y and friends.
U s e a s m a n y c o m m a n d s as needed. Yo u d o not have to use o n l y o n e com m a n d as i n t h e
exa m p l e. For e a c h project, fi rst c h a n g e to t h e p roject d i rectory, t h e n c o p y t h e s o u rce f i l es
into t h i s d i recto ry. Yo u a re m a k i n g copies, s i n c e you wi l l keep t h e ori g i n a l s after g i v i n g
t h e s e proj ects to fa m i l y a n d friends.
-1
D 5.
-
Fo r yo u r w o r k p roj ect, you w i l l c reate a d d i t i o n a l copies.
[student@serverX family]$ cd . . /wo r k
[student@serverX work]$ c p -/Music/song5 . mp3 -/Music/song6 . mp3 -/Pic t u res/
snapS . j pg -/Pic t u res/snap6 . j pg -/Videos/film5 . avi -/Videos/film6 . avi
[student@serverX work]$ ls
-1
-
D 6.
Yo u r p rojects a re n o w d o n e. Time to c l e a n u p t h e p rojects.
C h a n g e to yo u r home d i recto ry. Atte m p t to de lete both the fa m i ly and f r i e n d s p rojects
with a s i n g l e rmdir com m a n d .
-
[student@serverX work]$ c d
[student@serverX -]$ rmdir family f riends
rmdi r : failed to remove ' family ' : Directory not empty
rmdir : failed to remove ' friends ' : Directory not empty
-
-
U s i n g the r md i r co m m a n d s h o u l d fa i l s i n ce both d i rectories a re n o n - e m pty.
-
-
D 7.
U s e a n o t h e r co m m a n d that w i l l s u cceed i n d e l e t i n g both t h e fa m i l y a n d f r i e n d s fo l d e rs.
[student@serverX -]$
[student@serverX -]$
rm - r family f riends
ls - 1
-
-
-
R H 1 24- R H E L 7-e n-1 -20140606
47
-
-
C h a pter 2. M a n a g i n g F i l e s Fro m t h e C o m m a n d L i n e
D 8.
D 9.
D e l ete a l l t h e files i n t h e work p roject. b u t d o not d e l ete t h e wo r k d i rectory.
[student@serverx -]$ cd
[student@serverX work]$
film6 . avi
[student@serverx work]$
wo rk
rm song5 . mp3 song6 . mp3 snap5 . j pg snap6 . j pg film5 . avi
ls
-
-
1
F i n a l l y, from yo u r h o m e d i rectory, use t h e r m d i r co m m a n d to d e l ete t h e w o r k d i rectory.
The c o m m a n d s h o u l d s ucceed n ow that it i s e m pty.
[student@serverx work]$ cd
[student@serverx -]$ rmdir
[student@serverx -]$ ls
-
-
-
wo rk
-1
-
-
-
-
-
-
-
-
-
-
-
-
-
-
48
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
M a tc h i n g F i l e N a m e s U s i n g Pat h N a m e E x p a n s i o n
-
-
M atc h i n g Fi l e N a m es U s i n g Pat h N a m e
E xp a n s i o n
-
Objectives
-
-
-
-
After c o m p l et i n g t h i s sect i o n , s t u d e n t s s h o u l d be a b l e to u s e m eta-cha racte rs a n d e x pa n s i o n
tec h n i q ues to i m p rove f i l e m a n a g e m e n t p rocess i n g eff i c i e n cy.
File globbing: path name ex pansion
T h e B a s h s h e l l has a path n a m e - m a t c h i n g capa b i l ity h isto rica l l y ca l l ed globbing, a b b reviated from
t h e "g l o b a l com m a n d " file path e x p a n s i o n p ro g ra m of early U N I X . T h e B a s h g l o b b i n g feat u re,
co m m o n l y c a l led pattern matching o r " w i l d ca rd s " , ma kes m a n a g i n g l a rg e n u m be rs of files e a s i e r.
U s i n g meta-characters that "expa n d " to match f i l e a n d path n a mes b e i n g soug ht, co m m a n d s
p e rfo r m o n a focused s e t o f fi l es at o n ce.
Patt e r n m a t c h i n g
-
-
-
-
-
-
-
G l o b b i n g is a shell c o m m a n d - p a rs i n g opera t i o n t h a t expa n d s a w i l d ca rd pattern i nto a l i st of
matc h i n g path n a m es. C o m m a n d- l i n e meta-cha racters a re re p l aced by t h e match l ist p r i o r to
com m a n d execut i o n . Patte rns, e s p e c i a l l y s q u a re- b rac keted c h a racter c l asses, t h at d o not ret u r n
matches d i s p l ay t h e orig i n a l patte r n requ est a s l itera l text. T h e fo l l ow i n g a re co m m o n m eta­
c h a racters and pattern c l asses.
Patte rn
M at c h e s
*
Any st r i n g of 0 or m o re c h a racte rs.
?
A n y s i n g l e c h a racter.
-
T h e cu rrent u s e r ' s h o m e d i recto ry.
- u s e r name
U s e r u s e rname ' s h o m e d i recto ry.
-+
The cu rrent worki n g d i recto ry.
--
T h e prev i o u s wo r k i n g d i rectory.
[abc . . . ]
A n y o n e c h a racter i n t h e e n c l osed c l ass.
[!abc . . . ]
Any o n e c h a racter not i n t h e e n c l osed c l ass.
["abc . . . ]
Any o n e c h a racter not i n t h e e n c l osed c l ass.
<n
A n y a l p h a betic c h a racter.
A n y l ower-case c h a racter.° )
[ [: a l p h a :] ]
-
-
-
[ [: l ower:] ]
A n y u p p e r-case c h a racter.
[ [: a l n u m :J J
A n y a l p h a betic c h a racter o r d i g it. m
[ [: p u nct:JJ
Any p r i n ta b l e c h a racter n ot a space o r a l p h a n u m e r i c .°
<1l
A n y d i g it, 0 - 9.
[ [: d i g it:] ]
[ [: s pace: ] ]
-
<n
[ [ : u p pe r : ] ]
N ote
)
A n y o n e w h itespace c h a racter; m a y i n c l u d e tabs, newl i ne, o r ca r r i a g e
ret u r n s , a n d f o r m f e e d s as we l l a s spa ce. <n
<1l
p re-set P O S I X c h a racter c l ass; a dj u sts fo r c u rrent loca l e.
-
-
-
R H 1 24- R H E L 7-en -1 -20140606
49
-
-
C h a pter 2. M a n a g i n g F i l e s Fro m t h e C o m m a n d L i n e
-
A s a m p l e s e t o f f i l es is u s e f u l to d e m o n st rate expa n s i o n .
[student@desktopX
[student@desktopX
[student@desktopX
able alfa baker
[student@desktopX
-]$ mkdir glob ; cd glob
glob] $ touch alfa b r avo charlie delta echo able
glob] $ ls
bravo cast charlie delta dog easy echo
glob] $
-
baker cast dog easy
Fi rst. s i m p l e pattern matches u s i n g * a n d ?.
-
-
[student@desktopX glob] $ ls a *
able alfa
[student@desktopX glob] $ ls * a *
able alfa baker bravo cast charlie delta easy
[student@desktopX glob] $ ls [ ac ] *
able alfa cast charlie
[student@desktopX glob]$ ls ????
able alfa cast easy echo
[student@desktopX glob] $ ls ?????
baker bravo delta
[student@desktopX glob] $
-
-
-
-
T i l d e ex p a n s i o n
T h e t i l d e c h a racter (-), w h e n fo l l owed by a s l a s h d e l i m iter, matches t h e c u rrent u s e r ' s h o m e
d i recto ry. W h e n fo l l owed by a stri n g o f c h a racters u p to a s l a s h , it w i l l b e i n t e r p reted as a
u s e r n a me, if o n e matches. I f n o u s e r n a m e matches, t h e n a n a ct u a l t i l d e fo l l owed by t h e string of
c h a racters w i l l be ret u r n e d .
[student@desktopX glob] $ ls -/glob
able alfa baker bravo cast charlie delta dog easy echo
[student@desktopX glob] $ e c h o -/glob
/home/student/glob
[student@desktopX glob]$
-
-
-
-
B ra c e ex p a n s i o n
B race ex p a n s i o n is u s e d to g e n e rate d i s c retio n a ry strings of c h a racters. B races conta i n a c o m m a ­
s e p a rated l ist of s t r i n g s , o r a seq u e n ce ex p ress i o n . The res u lt i n c l udes t h e t e x t preced i n g o r
fo l l owing t h e brace d e f i n i t i o n . Brace expa n s i o n s may be neste d , o n e i n s i d e a n ot h e r.
[student@desktopX glob] $ e c ho {Sunday , Monday , Tuesday , Wednesday} . log
Sunday . log Monday . log Tuesday . log Wednesday . log
[student@desktopX glob] $ echo file{ l . . 3} . txt
filel . txt file2 . txt file3 . txt
[ student@desktopX glob] $ echo file{ a . . c } . t x t
filea. txt fileb . txt filec . txt
[student@desktopX glob]$ e c h o file { a , b } { l , 2 } . txt
fileal . txt filea2 . txt filebl . txt fileb2 . txt
[student@desktopX glob] $ echo file{a{ l , 2 } , b , c } . tx t
fileal . txt filea2 . txt fileb . txt filec . txt
[student@desktopX glob] $
-
-
-
-
-
C o m m a n d s u bst i t u t i o n
Co m m a n d s u bst i t u t i o n a l l ows t h e o u t p u t of a co m m a n d to re p l ace t h e command itse l f. Co m m a n d
s u bst itution occ u rs w h e n a co m m a n d i s e n c losed w i t h a beg i n n i n g d o l l a r s i g n a n d p a re n t h es i s ,
$ ( command ) , o r with b a c k t i c k s , · command ' . T h e form with b a c kt i c ks i s o l d e r, a n d h a s t w o
50
R H 1 24-R H E L 7-en-1-20140606
-
--
-
-
-
-
F i l e g l o b b i n g : path n a m e expa n s i o n
-
d isadva ntages: 1 ) it ca n b e e a s y to v i s u a l l y c o n f u s e b a c kt i c ks with s i n g l e q u ote m a rks, a n d 2 )
backticks ca n not b e n ested i n s i d e b a c kt i c ks. T h e $ ( command ) f o r m c a n n e st m u lt i p l e com m a n d
expa n s i o n s i n s i d e e a c h other.
-
[student@desktopX glob]$ echo Today is
Today is Wednesday .
[student@desktopX glob]$ echo The time
The time is 26 minutes past 11AM .
[student@desktopX glob]$
-
-
' d ate +%A ' .
is $ ( date +%M } minutes past $ ( da t e +%1%p ) .
Prote c t i n g arg u m e n t s fro m expa n s i o n
-
M a n y c h a racters h a ve s pecia l m ea n i n g i n t h e B a s h s h e l l . To i g n ore m eta-c h a racter s p e c i a l
mea n i n g s , quoting a n d escaping a re u s e d to p rotect t h e m f r o m s h e l l e x p a n s i o n . T h e backs l as h
(\) is a n e s c a p e c h a racter i n Bash, p rotect i n g t h e s i n g l e fo l l ow i n g c h a racter fro m s p e c i a l
interpreta t i o n . To p rotect l o n g e r c h a racter st r i n g s, s i n g l e ( ' ) or d o u b l e q u otes ( " ) a re used to
e n c l ose st r i n g s.
-
-
Use d o u b l e q u ot a t i o n m a rks to s u p p ress g l o b b i n g a n d s h e l l expa n s i o n , but sti l l a l l o w com m a n d
a n d va ria b l e s u bs t i t u t i o n . Va r i a b l e s u bst i t u t i o n i s concept u a l l y identica l to com m a n d
s u bstitut i o n , b u t may u s e opt i o n a l b race syntax.
[student@desktopX glob]$ host=S ( host n ame ) ; e c h o Shost
desktopX
[student@desktopX glob]$ echo " * * * * * h o s t n ame is $ { h o s t } * * * * * "
hostname is desktopX
[student@desktopX glob]$ echo You r u s e rname variable is \$USER .
Your username variable is $USER .
[student@desktopX glob]$
-
-
* * * * *
-
U s e s i n g l e q u ot a t i o n m a rks t o i nterpret a// text l itera l l y. Obse rve t h e d i fferen ce, o n both screen
a n d keyboard, betwee n the s i n g l e q u ote ( ' ) and the c o m m a n d substitution ba c k t i c k ( ' ) . Besides
s u ppress i n g g l o b b i n g and s h e l l expa n s i o n , q u otat i o n s d i rect the s h e l l to a d d itio n a l l y s u p press
com m a n d and va r i a b l e s u bst i t u t i o n . The q u est i o n m a r k is a m eta-c h a racter that a l so needed
p rotect i o n from e x pa n s io n .
-
-
[student@desktopX glob]$ echo "Will var iable
Will variable desktopX evaluate to desktopX?
[student@desktopX glob]$ echo ' Will var iable
Will variable $host evaluate to $( hostname) ?
[student@desktopX glob]$
-
-
-
-
* * * * *
R
$ho s t evaluate to S ( host name } ? "
Shost evaluate to S ( host name } ? '
References
bash(1), cd(1), glob(7), isalpha(3), ls(1), pat h_resolu t ion(7) , a n d pwd(1) m a n
pages
-
-
-
-
-
R H1 24- R H E L 7 -en -1-20140606
51
-
-
C h a pter 2. M a n a g i n g F i l e s Fro m t h e C o m m a n d L i n e
P ract i ce: Pat h N a m e Expa n s i o n
-
Quiz
-
Match the fo l l owing items to their counterparts i n the tab l e.
* [ [:d i g i t : ] ] *
G�881
Req u ested m a t c h to f i n d
[ [: u p p e r: ] ] *
IG
Patte r n s
-
-
-
O n l y f i l e n a m e s b e g i n n i n g w i t h " b"
O n l y filena mes e n d i n g in " b"
O n l y f i l e n a m e s c o n ta i n i n g a " b "
-
O n l y f i l e n a m e s w h e re f i rst c h a ra cte r i s n ot " b "
-
O n l y f i l e n a m e s a t l east 3 c h a ra c t e rs i n l e n g t h
-
O n l y f i l e n a m e s t h a t conta i n a n u m b e r
-
O n l y f i l e n a mes t h a t b e g i n w i t h a n u p pe r-case l ette r
-
-
-
-
-
52
RH124- R H E L 7-e n-1-20140606
-
-
Sol ution
-
Solution
-
-
Match t h e fo l l ow i n g ite m s to t h e i r cou nterparts i n t h e ta b l e.
Req u ested m a t c h to fi n d
Pa tte r n s
O n l y f i l e n a m es beg i n n i n g w i t h " b "
b*
O n l y f i l e n a mes e n d i n g i n " b "
*b
O n l y f i l e n a m es c o n ta i n i n g a " b "
*b*
O n l y f i l e n a m es w h e re f i rst c h a ra c t e r i s not " b "
[ ! b] *
O n l y f i l e n a m es at l east 3 c h a racters i n l e n g t h
???*
O n l y f i l e n a m es t h a t conta i n a n u m be r
* [ [:digit:] ] *
O n l y f i l e n a m es t h a t beg i n w i t h a n u p p e r-case l ette r
[ [: u pper: ] ] *
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-e n-1-201 40606
53
-
-
C h a pter 2. M a n a g i n g F i l es Fro m t h e C o m m a n d L i n e
-
L a b : M a n a g i n g F i l es wit h S h e l l Expa n s i o n
-
Perfor mance checkl ist
-
I n t h i s l a b, you w i l l c reate, m ove, a n d re m ove f i l es a n d fo l d e rs u s i n g a variety of fi l e n a m e
matc h i n g s h o rtcuts.
-
Outcomes:
Fa m i l ia rity and p ractice with many fo r m s of w i l d c a rd s for l o ca t i n g and u s i n g f i l es.
-
Before you begin ...
Perform the fo l l ow i n g steps o n serverX u n l ess d i rected ot h e rw i se. Log in a s s t ud e n t a n d beg i n
t h e l a b i n t h e h o m e d i recto ry.
1.
To b e g i n , c reate sets o f e m pty p ractice f i l e s to u s e i n t h i s l a b. I f a n i n t e n d e d s h e l l e x pa n s i o n
s h o rtcut i s n ot i m m e d i a t e l y recog n ized, st u d ents a re e x p e c t e d to u s e t h e s o l u t i o n to l e a r n
a n d practi ce. Use s he l l t a b co m p l et i o n to l ocate f i l e pat h n a m e s e a s i l y.
-
C reate a tota l of 12 f i l e s with n a m e s tv_seasonX_episodeY . ogg. R e p l a ce X w i t h t h e
season n u m ber a n d Y w i t h t h a t season's e p i sode, f o r t w o s e a s o n s o f s i x e p i sodes e a c h .
2.
3.
A s t h e author of a s u ccessf u l series of myste ry nove l s , yo u r next bestse l l e r ' s
c h a pters a re bei n g ed ited f o r p u b l is h i n g . C reate a tota l of e i g h t f i l e s w i t h n a mes
mys t e ry_ch ap t e rX . odf. R e p l a c e X with t h e n u m be rs 1 t h ro u g h 8.
To o rg a n ize the TV e p isod es, c reate two s u b d i rectories n a m e d seasonl and season2 u n d e r
t h e exist i n g Videos d i recto ry. U s e o n e com m a n d .
4.
M ove t h e a p p ropriate TV episodes i nto t h e season s u b d i recto r i es. U s e o n l y two c o m m a n d s ,
specify i n g desti n a t i o n s u s i n g re l a t ive syntax.
5.
To o rg a n ize t h e mystery book c h a pters, c reate a two- level d i rectory h i e ra rc hy w i t h o n e
c o m m a n d . C reate my_b e s t s e lle r u nd e r t h e exist i n g Documen t s d i recto ry, a n d c h a p t e r s
b e n e a t h t h e n e w my_bes t selle r d i recto ry.
6.
U s i n g o n e c o m m a n d , c reate t h ree more s u b d i rectories d i re ct l y u n d e r t h e my_be st selle r
d i recto ry. N a m e these s u b d i rectories edi t o r , plot_ch a nge, a n d vaca t ion. The create
parent option is not n e e d e d s i n c e t h e my_b e s t selle r parent d i rectory a l ready exists.
7.
C h a n g e to t h e chap t e r s d i recto ry. U s i n g t h e h o m e d i rectory s h o rtcut to specify t h e
s o u rce f i l es, move a l l book c h a pters i nto t h e c h ap t e r s d i recto ry, w h i c h i s n o w yo u r c u rrent
d i recto ry. What i s t h e s i m p l est syntax to spec ify t h e dest i n at i o n d i rectory?
8.
The fi rst two c h a pters a re sent to the editor for revi ew. To re m e m b e r to not mod ify t hese
c h a pters d u ri n g t h e rev i ew, m ove t h ose two c h a pters o n l y to the e d i t o r d i rectory. Use
relative syntax sta r t i n g from the c h a p t e r s s u b d i rectory.
9.
10.
54
C h a pt e rs 7 a n d 8 w i l l be w ritten w h i l e o n vacat i o n . M ove t h e f i l es from chapt e r s to
vac a t ion. Use one com m a n d w i t h o u t w i l d c a rd c h a racte rs.
With one c o m m a n d , c h a n g e t h e w o r k i n g d i rectory to the s e a s o n 2 T V e p i sodes l ocat i o n , t h e n
copy t h e fi rst episode o f t h e s e a s o n to t h e vacat ion d i recto ry.
R H 1 24- R H E L 7-en-1 -20140606
-
-
-
-
-
-
-
-
-
-
-
-
-
Perfo r m a n c e check l i st
-
11.
W i t h o n e co m m a n d , change t h e work i n g d i rectory to vacation, then l ist its f i l es. Episode
2 i s a l so needed. Ret u r n to t h e season2 d i rectory using the previous working directory
s h o rtcut. T h i s w i l l s u cceed if t h e l a st d i rectory c h a n g e was acco m p l i shed w i t h o n e com m a n d .
C o p y t h e e p i s o d e 2 f i l e i nto vac ation. Ret u r n to vacat ion u s i n g t h e s h o rtcut a g a i n .
12.
C h a pters 5 a n d 6 may need a p l ot c h a n g e. To p revent t h ese c h a n g es f r o m m o d ify i n g orig i n a l
f i l es, copy both f i l es i n to plot_change. M ove u p o n e d i rectory to vacat i o n ' s p a rent
d i recto ry, then u s e o n e co m m a n d from t h e re.
-
-
-
-
13. To t ra c k c h a n g es, m a ke t h ree backups of c h a pter 5. C h a n g e to the plot_change d i recto ry.
Copy mys t e ry_c h ap t e r s . odf as a n e w f i l e n a m e to i n c l ude t h e f u l l date ( Ye a r- M o- Da).
M a ke a n o t h e r copy a p p e n d i n g the cu rrent t i m esta m p (as the n u m be r of seco n d s s i n ce
t h e epoch) to e n s u re a u n i q u e fi l e n a m e. A l s o m a ke a copy a p p e n d i n g t h e c u rrent user
($USER) to t h e file n a me. See t h e s o l u t i o n for t h e syntax of a n y you a re u n s u re of ( l i ke what
a rg u m e n t s to pass t h e date).
N ote, we cou l d a l so m a ke t h e same backups of t h e c h a pte r 6 files too.
-
-
-
-
14. The p l o t c h a n g es were not s u ccessfu l . D e l ete t h e plot_c hange d i recto ry. F i rst, d e l ete
a l l of the f i l e s in the plot_c hange d i recto ry. C h a n g e d i rectory up one l ev e l because t h e
d i rectory ca n n ot be d e l eted w h i l e it i s t h e w o r k i n g d i recto ry. Try to d e l ete t h e d i rectory u s i n g
t h e r m com m a n d without t h e recursive o pt i o n . T h i s att e m pt s h o u l d fa i l . Now u s e t h e rmd i r
co m m a n d , w h i c h w i l l succeed.
15.
When t h e vaca t i o n is over, t h e vac ation d i rectory is n o longer needed. D e l ete it using the
rm co m m a n d w i t h t h e recursive option.
W h e n f i n i s h e d , ret u r n to t h e h o m e d i recto ry.
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
55
-
-
C h a pter 2. M a n a g i n g F i l e s Fro m t h e Co m m a n d L i n e
Solution
-
I n t h i s l a b , you w i l l c reate, m ove, a n d re m ove f i l e s a n d fo l d e rs u s i n g a va r i ety of f i l e n a m e
matc h i n g s h o rtcuts.
-
Outcomes:
Fa m i l ia rity and p ractice w i t h many forms of w i l d ca rd s for l ocati n g a n d using fi l es.
-
Before you begin ...
Perform the fo l l ow i n g steps o n serverX u n l ess d i rected ot herwise. Log in a s s t ud e n t a n d beg i n
t h e l a b i n t h e h o m e d i rectory.
-
1.
-
To beg i n , c reate sets o f e m pty practice f i l e s t o u s e i n t h i s l a b. I f a n i n t e n d e d s h e l l e x p a n s i o n
s h o rtcut i s not i m m e d iately recog n ized, s t u d e n t s a re expected to u s e t h e s o l u t i o n to l e a r n
a n d practice. U s e s h e l l t a b co m p l e t i o n to l ocate f i l e path n a m es e a s i l y.
C reate a tota l of 1 2 fi l es with n a m es tv_seasonX_episodeY . ogg. R e p l a c e X w i t h t h e
season n u m be r a n d Y with t h a t sea s o n ' s e p i s o d e, f o r t w o seasons o f s i x e p i sodes e a c h .
-
I� student@serverX - ] $ touch tv_season { 1 . . 2 }_episode{ 1 . . 6 } . ogg
I [student@serverX - ] $ ls
-1
2.
As t h e a u t h o r o f a s u ccessfu l series o f mystery nove l s, you r next bestse l l e r ' s
c h a pters a re b e i n g ed ited f o r p u b l i s h i n g . C reate a tot a l o f e i g h t f i l es w i t h n a mes
mys t e ry_chapt e rx . odf. Replace X with t h e n u m be rs 1 t h ro u g h 8.
! [student@serverX
[student@serverX - �'"$
��--
3.
I
4.
..
[student@serverx
[student@serverx
[student@serverX
-
- ] $ mkdir Videos/seaso n { 1 . . 2 }
- ] $ ls - lR
-
-
- ] $ mv tv_season1* Videos/season1
- ] $ mv tv_seaso n 2 * Videos/season2
- ] $ ls - lR
-
To orga n ize t h e mystery book c h a pt e rs, c reate a two- l eve l d i rectory h i e ra rc h y w i t h o n e
com m a n d . C reate my_b e s t seller u nd e r t h e e x i s t i n g Docume n t s d i recto ry, a n d chapt e r s
beneath t h e n e w my_b e s t seller d i recto ry.
I
56
---�----
Move the a p p ro p riate T V episodes i nto t h e s e a s o n s u b d i rectories. Use o n l y two c o m m a n d s ,
specify i n g d e st i n a t i o n s u s i n g re l a t ive syntax.
lI.�[student@serverX
tudent@serverX
5.
- ] $ t ouch myst e ry_chap t e r { 1 . . 8} . odf
ls - 1
To o rg a n ize t h e TV e p i sodes, c reate two s u b d i rectories n a m e d season l a n d season2 u n d e r
t h e exist i n g Videos d i rectory. Use o n e co m m a n d .
[student@serverx
[student@serverx
-
- ] $ mkdir - p Docume n t s /my_best selle r/chapt e r s
- ] $ ls - lR
-
-
-
RH124- R H E L 7-en-1-20140606
-
-
-
-
Sol ution
-
6.
U s i n g o n e co m m a n d , create t h ree more s u b d i rectories d i rect l y u nd e r the my_bes t selle r
d i recto ry. N a m e these s u b d i rectories edit o r , plo t_c hange, a n d vacat ion. T h e create
parent option is n ot needed s i n ce t h e my_b e s t selle r p a rent d i rectory a l re a d y exists.
-·
[student@serverX -]$
ll � student@serverX -]$
-
1
l
-
7.
C h a n g e to t h e chapt e r s d i recto ry. U s i n g t h e h o m e d i rectory s h o rtcut to s p ecify t h e
s o u rce f i l es, move a l l book c h a pters i nto t h e chapt e r s d i recto ry, w h i c h is now y o u r c u rrent
d i recto ry. What i s the s i m p l est syntax to s p e c ify t h e d e s t i n a t i o n d i rectory?
I
L
8.
-
9.
[student@serverX chapters]$
[student@serverx chapters]$
[student@serverx chapters]$
mv mys t e ry_chap t e r l . odf mys t e ry_chapte r2 . odf . . /ed i t o r
ls - 1
ls - 1 . . /editor
C h a pters 7 a n d 8 w i l l be w ritten w h i l e on va cat i o n . M ove t h e f i l es from chap t e r s to
vacation. Use one com m a n d with out w i l d ca rd c h a racte rs.
!,.:' [ student@serverX chapters] $
�� tudent@serverx chapters] $
..
_
-·
mv mys te ry_chap t e r 7 . odf mys t e ry_chapterB . odf . . I vacation
ls - 1
ls - 1 . . /vacation
.
i
I
I
I
1 0. W i t h one co m m a n d , c h a n g e t h e work i n g d i rectory to t h e season 2 TV episodes l ocat i o n , t h e n
c o p y t h e f i rst e p isode o f t h e season to t h e vacation d i recto ry.
l
i
-
-
11.
-
�������- �����--'
I [student@serverX chapters]$
-
-
mv -/myste ry_chapte r * .
ls - 1
L - �����
-
-
[student@serverX chapters]$
[student@serverX chapters] $
T h e f i rst two c h a pters a re sent to t h e editor for review. To re m e m b e r to not mod ify t h ese
c h a pte rs d u ri n g t h e revi ew, move those two c h a pters only to t h e editor d i recto ry. U s e
re l a t ive s y n t a x sta r ti n g from t h e chapt e r s s u b d i recto ry.
;
II
-
-
�
1· [student@serverx -]$ cd Document s /my_be s t selle r/chapters
-
-
�
mkd r Docume n t s /my_bes t s lle r / { edit o r , plot_change , vacation}
ls - lR
[ student@serverx chapters]$ cd -/Videos/season2
[stud � nt@serverX season2]$ cp tv_season2_episode1 . og g
-/Document s/my_best selle r /
vacation
.
W i t h o n e co m m a n d , c h a n g e t h e work i n g d i rectory to vacation, t h e n l ist i t s f i l es. E p i s o d e
2 i s a l so n e e d e d . Ret u r n to t h e season2 d i rectory u s i n g t h e previous working directory
s h o rtcut. This w i l l s u cceed if t h e last d i rectory c h a n g e was acco m p l ished w i t h o n e co m m a n d .
C o py t h e episode 2 f i l e i nto vacation. Ret u r n t o vacation u s i n g t h e s h o rtcut a g a i n .
[student@serverX
[student@serverX
[student@serverX
[student@serverX
vacation
[student@serverx
[student@serverX
season2] $ cd -/Documents/my_be s t seller/vacation
vacation] $ ls
vacation] $ c d season2] $ cp tv_season2_episode2 . ogg -/Document s/my_best selle r/
vacation] $ cd vacation] $ ls - 1
-1
k- - ��������- -����- -���
-
-
-
R H 1 24- R H E L7-en-1-20140606
57
C h a pter 2. M a n a g i ng F i l e s Fro m t h e C o m m a n d L i n e
12.
C h a pt e rs 5 a n d 6 may need a p l ot c h a nge. To p revent t h e s e c h a n g e s f r o m modify i n g orig i n a l
fi les, copy both f i l e s i nto plo t_c h ange. M ove u p o n e d i rectory to vac a t io n ' s parent
d i recto ry, t h e n use o n e co m m a n d from t h e re.
[student@serverx
[ student@serverX
[student@serverx
[student@serverx
vacation] $ cd . .
my_bestseller]$ cp
my_bestseller]$ ls
my_bestseller]$ ls
chap t e r s/my s t e ry_c hapt e r [ 56 ] . odf plot_change
- 1 chapters
- 1 plot_change
-i
I
I
L_ ���������������������--�������������
13.
To track c h a n ges, m a ke t h re e b a c k u p s of c h a pter 5. C h a n g e to t h e plot_change d i recto ry.
Copy mys t e ry_c hap t e r s . odf as a new f i l e n a m e to i n c l u d e t h e f u l l date (Year-M o-Da).
M a ke a n ot h e r copy a p p e n d i n g the c u rrent t i m esta m p (as the n u m be r of seco n d s s i nce
t h e epoch) to e n s u re a u n i q u e file n a m e. A l s o m a ke a copy a p p e n d i n g t h e cu rrent user
($USER) to t h e f i l e n a m e. See t h e s o l ution for t h e syn t a x of a ny you a re u n s u re of ( l i ke what
a rg u m e nts to pass t h e date).
[student@serverx
[student@serverx
%F ) . odf
[student@serverx
%s ) . odf
[student@serverX
[student@serverx
my_bestseller]$ cd plot_change
plot_change] $ c p mys t e ry_c hap t e r 5 . odf
plot_change]$ c p myst e ry_chapt e r 5 . odf
plot_change] $ c p mys t e ry_chapt e r5 . odf
plot_change] $ ls
-
-
mys t e ry_chapter5_$ ( da t e +
mys t ery_chapter5_$ ( date +
mys t e ry_chapter5_$USER . odf
-1
N ote, we cou l d a l so m a ke t h e s a m e backups o f t h e cha pter 6 f i l es too.
14. The p l ot c h a n ges we re not s u ccessf u l . D e l ete the plot_c h ange d i recto ry. First, d e l ete
a l l of the f i l es i n t h e plot_change d i recto ry. C h a n g e d i rectory u p one level beca u s e t h e
d i rectory can not be d e l eted w h i l e it i s t h e w o r k i n g d i recto ry. Try to d e l ete t h e d i rectory u s i n g
t h e rm c o m m a n d without t h e recursive option. T h i s atte m pt s h o u l d fa i l . N o w u s e t h e rmdir
command, w h i c h wi l l succeed.
[student@serverx plot_change] $ rm myst e r y *
[student@serverX plot_change] $ cd . .
[student@serverx my_bestseller]$ rm plot_c hange
rm : cannot remove ' plot_change ' : Is a directory
[student@serverx my_bestseller]$ rmdir plot_change
[student@serverX my_bestseller]$ ls
-
-
-1
1 5.
-
W h e n t h e vacation is ove r, t h e vacat ion d i rectory is n o l o n g e r needed. D e l ete it u s i n g t h e
r m co m m a n d with t h e recursive o p t i o n .
-
W h e n f i n i s h e d , ret u r n to t h e h o m e d i rectory.
[student@serverX my_bestseller]$
[student@serverx my_bestseller]$
[student@serverX my_bestseller]$
rm - r vacation
ls - 1
cd
-
-
58
R H 1 24- R H E L 7-en-1-20140606
-
-
Solution
-
S u m m a ry
-
T h e L i n u x F i l e Syste m H i e ra rc h y
I d e ntify t h e p u rpose for top- l ev e l d i rectories i n t h e L i n u x h i e ra rc hy.
-
Locat i n g F i l e s by N a m e
I nterpret a n d a p pro priate l y u s e f u l l a n d partia l p a t h f i l e n a m e synta x .
M a n a g i n g F i l es U s i n g Co m m a n d - L i n e Too l s
Work from t h e com m a n d l i n e t o c reate, m ove, a n d d e l ete f i l es a n d d i rectories.
-
M a t c h i n g F i l e N a mes U s i n g Pat h N a m e E x p a n s i o n
Lear n how to s pecify m u lt i p l e fi l es u s i n g many w i l d ca rd tec h n i q ues.
-
-
-
--
-
-
-
-
-
-
-
-
R H124- R H E L 7-en-1-20140606
59
-
-
-1
--
--
-
-
I
--
-
-
®
red h at
®
TRAINING
C H A PT E R 3
GETTING HEL P IN RED HAT
E N TER P RISE LINUX
Overview
Goal
To resolve problems by u s i ng o n - l i n e h e l p syst e m s a n d Red
H a t su pport u t i l ities.
Objectives
•
Use the m a n L i n u x m a n u a l read e r.
•
Use t h e p i nto G N U I nfo read e r.
•
U se t h e Red Hat Pac k a g e M a n a g e r ( R PM ) package
d ocu mentation.
Sections
•
Use the red h a t - s u p p o rt-tool c o m m a n d .
•
Read i n g Documentation U s i n g m a n C o m m a nd (and
Practice)
•
Read i n g Documentation U s i n g p i nto C o m m a n d (a n d
Practice)
Lab
R H 1 24- R H E L7-e n-1-201 40606
•
Reading Documentation i n /us r/sha re/doc (a n d Practice)
•
Gett i n g H e l p From Red Hat (and Practice)
•
Viewing a n d Print i n g H e l p Doc u mentation
61
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat E nterp rise L i n u x
Rea d i n g Doc u m e ntat i o n U s i n g m a n Co m m a n d
Objectives
After com p l et i n g t h i s sect i o n , s t u d e n t s s h o u l d be a b l e to l ocate d o c u m e ntat i o n a n d research
a n swers a b o u t commands.
I ntroducing the man command
The h i storica l L i n u x P ro g ra m m e r ' s M a n u a l , fro m w h i c h m a n pages o r i g i nate, was l a rg e e n o u g h
to b e m u l t i p l e pri nted b o o ks. E a c h conta i ned i nfo rmat i o n f o r specific types o f fi l es, w h i c h h a ve
become t h e sections l i sted b e l ow. A r t i c l e s a re refe rred to a s topics, as pages n o l o n g e r a p p l ies.
Sections o f the Linux manual
Section
-
Content type
1
User com m a n d s (both executable and shell programs)
2
System ca l l s (kernel routines invoked from user space)
3
L i b ra ry f u n c t i o n s (provided by program libraries)
4
Specia l f i l e s (such as device files)
5
F i l e formats (for many configuration files and structures)
6
Games (historical section for amusing programs)
7
Conve n t i o n s . sta n d a rd s , a n d m i s ce l l a n e o u s (protocols, file systems)
8
System a d m i n istra t i o n a n d p r i v i l eg e d com m a n d s (maintenance tasks)
9
L i n u x ke r n e l A P I (internal kernel calls)
-
-
-
Note
M a n u a l section 9 is a recent a d d it i o n to L i n u x . N o t a l l m a n sect i o n l is t i n g s refere n c e it.
-
To d i st i n g u i s h i d e n t i c a l topic names i n d iffe rent sect i o ns, man page refe re nces i n c l u d e t h e
section n u m be r i n pa re n t h eses after t h e topic. For exa m p l e, passwd(l ) describes t h e c o m m a n d
to c h a n g e pa sswords, w h i l e passwd ( 5 ) ex p l a i n s t h e / e t c / p a s swd fi l e format f o r sto r i n g l oca l
u s e r accou nts.
-
To read specific m a n pages, use man topic. To p i c contents d i s p l ay one screen at a t i m e. U se
a r row keys for s i n g l e l i n e scro l l i n g o r t h e s pace b a r for t h e next scree n . T h e man com m a n d
s e a rches m a n u a l sect i o n s i n a config u red ord e r, d i s p l a y i n g po p u l a r sect i o n s f i rst. Fo r exa m p le,
man passwd d i s p l a ys pas swd(l ) by defa u lt. To d i s p l ay t h e man page topic from a specific
sect i o n , i n c l u d e t h e sect i o n n u m be r a rg u ment: man 5 pas swd d i s p l ays passwd(5).
-
-
62
R H 1 24- R H E L7-e n -1-20140606
-
-
-
-
I d e nt ify m a n pages by keyword
-
I dentify man pages by keyword
-
The a b i l ity to eff i c i e n t l y searc h for topics and navigate man pages i s a c r i t i c a l a d m i n istration s k i l l .
T h e fo l l o w i n g ta b l e l ists basic man n a v i g a t i o n c o m m a n d s :
-
Navigat ing
-
-
-
-
-
-
man
pages
Co m m a n d
Res u l t
Spac e b ar
S c ro l l fo rwa rd (d own) o n e s c r e e n
Page Down
S c ro l l forwa rd (d own) one screen
Page Up
S c ro l l b a c kwa rd (u p) o n e screen
DownA r row
S c ro l l forwa rd (d own) one l i n e
U pA r r ow
S c ro l l b a c k (u p) o n e l i n e
d
S c ro l l forward (d own) o n e h a l f-screen
u
S c ro l l backwa rd (up) o n e h a l f-screen
/s t ring
Search forwa rd (d own) fo r s t ri n g i n t h e m a n page
n
Repeat previous search fo rwa rd (d own) i n t h e m a n p a g e
N
R e p e a t p revi o u s search bac kwa rd ( u p ) i n t h e m a n page
g
G o to start of t h e m a n page.
G
Go to e n d of t h e man page.
q
E x i t man a n d ret u rn to t h e com m a n d s h e l l p ro m pt
-
Important
-
-
-
When p e rfo r m i n g searc h es, s t ri ng a l l ows regular expression syntax. W h i l e s i m p l e text
(s u c h a s p a s s wd ) works a s expected, reg u l a r express i o n s use m eta-c h a ra cters (s u c h
as $, * , . , a n d ") for more s o p h i st icated pattern matc h i n g . T h e refore, sea rc h i n g with
stri n g s which i n c l u d e program ex pressi o n m eta-ch a racters, such a s make $$$, m i g h t
y i e l d u n expected res u lts.
Reg u l a r express i o n s a n d synta x a re d is c u s s e d i n Red Hat System Administration II, and
i n the regex(7) man topic.
-
-
-
-
-
-
-
-
R H124- R H E L 7-en-1-20140606
63
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat Enterprise L i n u x
Searching for man pages by keyword
A keyword search of m a n pages is perfo r med u s i n g man - k keyword, w h i c h d i s p l ays a l i st of
keyword -m atc h i n g m a n page topics w i t h sect i o n n u m be rs.
[student@desktopX -]$ m a n - k pas swd
checkPasswdAccess ( 3 ) query the SELinux policy database i n the kernel .
chpasswd ( 8 )
update passwords in batch mode
ckpasswd ( 8 )
nnrpd password authenticator
fgetpwent_r ( 3 )
get passwd file entry reentrantly
getpwent_r ( 3 )
get passwd file entry reentrantly
passwd ( 1 )
- update user ' s authentication tokens
sslpasswd ( 1ssl)
compute password hashes
passwd ( 5 )
password file
passwd . nntp ( 5 )
- Passwords for connecting to remote NNTP servers
- RFS password encryption
passwd2des ( 3 )
Po p u l a r syste m a d m i n istration topics a re i n sect i o n s 1 (user c o m m a nds), 5 (fi l e fo r m ats), a n d 8
(ad m i n istrative c o m m a n d s). Ad m i n istrators u s i n g certa i n t ro u b l eshoot i n g too l s a l so use section
2 (system ca l l s) . The re m a i n i n g sect i o n s a re co m m o n l y for prog ra m m e r refe rence o r a d va n ced
a d m i n istra t i o n .
Note
-
-
-
-
-
-
-
Keyword s e a rc h e s re l y on a n i n dex g e n e rated by t h e mandb(8) com m a n d , w h i c h m u st
be r u n as root. T h e c o m m a n d r u n s d a i l y t h ro u g h c r o n . d aily, o r by anac r o n t a b
wit h i n a n h o u r of boot if out of date.
-
-
Important
T h e man com m a n d - K option performs a f u l l -text page searc h , not j u st t i t l es a n d
descr i p t i o n s l ike t h e - k . A fu l l-text search ca n u s e g reater systems resou rces a n d take
m o re t i me.
-
-
References
R
-
man(1 ), mandb(8), man - pages(7), less(1), i n t ro(1), int ro(2), i n t ro(5), i n t ro(7),
int ro(8) man pages
-
-
-
-
-
64
R H1 24- R H E L 7 - e n -1-20140606
-
-
-
-
Practice : U s i n g t h e m a n Co m m a n d
-
P ra ct i ce: U s i n g t h e m a n Co m m a n d
-
-
Guided exercise
I n t h i s l a b, you w i l l p ractice f i n d i n g re l eva nt i nfo r m a t i o n by u s i n g man options a n d a rg u ments.
O utcomes
-
Fa m i l i a rity w i t h t h e man L i n u x m a n u a l system and practice f i n d i n g usef u l i n fo r m a t i o n by
searc h i n g and b rows i n g .
Before you begin ...
Pe rfo rm t h e fo l l ow i n g steps o n serverX u n l ess d i rected o t h e rw ise.
D 1.
-
-
View the gedit(1) man page.
[student@serverX ] $
- -- --
-·--------
-
D 2.
ma n i g e d i t
_
_
I
------------�
-
____�
Research how to edit a specific fi l e using gedit from t h e co m m a n d l i n e.
gedit fil ename
D 3.
-
Research the gedit o pt i o n used to b eg i n a n e d i t i n g sess i o n with the c u rsor at the end of
the f i l e.
gedit + fil ename
D 4.
-
Research t h e su(1) m a n page.
[student@serverX -]$
����- - - · ---··---------------- ---
._
,
__
_ ----- - ··- - - · - ---
-
D 5.
man 1 su
-------
Research w h a t s u does w h e n t h e use rname a rg u m e n t is o m itted.
s u a s s u m es a use rname of root.
-
D 6.
-
Research how s u beh aves when a s i n g l e d a s h option is used.
s u starts a c h i l d login shell (creat i n g login e n v i ro n m e n t by s o u rc i n g login scri pts).
Without the s i n g l e d a s h , a n o n - l o g i n c h i l d s he l l i s created, matc h i n g the u s e r ' s c u rrent
en vi ro n m e nt.
-
D 7.
Cons u l t t h e pas swd(1) m a n page. Dete r m i n e t h e o pt i o n s t h a t w i l l l oc k a n d u n l o c k a u s e r
acco u n t w h e n t h i s co m m a n d is used by root.
[student@serverX -]$
-
-
pas swd
-
1
man 1 pas swd
username
pas swd - u use rname
-
D 8.
Locate t h e two p r i n c i p l es to re m e m b e r accord i n g to t h e pas swd man page a u t h o rs.
Searc h for the word " p r i n c i p l e".
-
-
-
R H 1 24- R H E L7-e n-1-20140606
65
-
-
C h a pter 3. Gett i n g H e l p i n Red H a t E n t e r p rise L i n u x
D 9.
•
Protect yo u r password .
•
C hoose a h a rd-to-g u ess password.
-
-
C o n s u l t t h e man page d oc u m e n t i n g t h e syntax of the / e t c / pas swd fi l e. What i s stored
i n t h e t h i rd fie l d of each l i n e?
-
The re l evant m a n p a g e is passwd(5), fo u n d w i t h man - f pas swd.
-
The U I D ( n u m e r i c u s e r I D) for e a c h acco u nt.
D 10.
Which c o m m a n d w i l l l i st d eta i l ed i n formation a bout a z i p a rc h i ve?
-
zipinfo(1) fo u n d w i t h man - k zip
D 11.
Which m a n page conta i n s a l ist of paramete rs t h at c a n b e passed to the ke r n e l at boot
t i m e?
boo t p a r am(7 ) fo u n d with man - k boot
D 12.
-
-
W h i c h comma n d i s used to t u n e ext4 f i l e syste m p a ra m ete rs?
-
t u ne2fs(8) fou n d w i t h man - k ext4
-
-
-
-
-
-
-
-
-
-
-
66
R H124- R H E L7-en+ 20140606
-
Rea d i n g Documentation U s i n g pinfo C o m m a n d
Rea d i n g D o c u m e nt a t i o n U s i n g p i nfo C o m m a n d
O bj ect ives
After c o m p l e t i n g t h i s section, students s h o u l d be a b l e t o research a n swers u s i n g G N U I nfo
d o c u m e nt a t i o n .
I nt ro d u c i n g G N U i nfo
M a n p a g es have a formal f o r m a t u s e f u l a s a c o m m a n d referen ce, b u t less usef u l a s
g e n e r a l d o c u mentation. For s u c h d o c u m e nts, t h e GNU Project deve l o ped a d ifferent o n l i n e
d o c u m e ntation system, k n ow n a s GN U i nfo. I nfo d o c u ments a re a n i m po rt a nt resou rce o n a R e d
Hat Enterp rise Lin u x system b e c a u s e m a ny f u n d a mental com pone nts a n d u t i l ities, s u c h as t h e
coreutils p a c ka g e a n d glibc sta n d a rd l i b ra ries, a re e i t h e r deve l oped by t h e GNU P roject o r u t i l ize
the i nfo d o c u ment system.
Node: Top
File: dir
This is the top of the
INFO
tree
This ( t h e Directory node ) gives a menu of maj o r t o p ic s .
Typing
"q"
exi t s ,
" ? " l i s t s a l l Info c o mm a n d s ,
"d"
returns h e re ,
" h " g ives a p rime r t o r f i rst - timers ,
" mEmacs<Return>" visits the Emacs t o p i c ,
In Ema c s ,
etc .
can c l i c k mou s e b u t t o n 2 o n a menu item or c ro s s r e f e r e n c e
you
to select i t .
*
Menu:
Archiving
•
Cpio :
•
Ta r :
( cpio) .
( ta r ) .
Basics
• Common
C o py - i n - c o p y - o u t a rc h i v er t o t a p e o r d i s k .
Making tape
o p t i on s :
{ 'oreuti.ls ) Common options .
(coreutils ) .
•
C o reutil s :
•
D a t e input f o rmats :
•
F ile p e rmi s s i o n s :
• Finding file s :
Common o p t i o n s .
C o re GNU
(file ,
text ,
( c o reutil s ) Date input formats .
( c o reutils ) File permissions .
( f ind ) .
( ed ) .
iewing line 25/2llfl2 ,
* ed:
( o r d i s k ) a rchive s .
1%
shel l )
utilities .
Access mode s .
Operating o n f i l e s m a t c h i n g c e rt a i n c ri t e r i a .
The GNU
Line Edito r .
Figure 3. 1 : pinto Info document viewer, top directory
I nfo d o c u m entation is struct u red as hyper l i n ke d i nfo nodes. T h i s fo rmat is more f l e x i b l e t h a n
m a n p a g e s , a l lowing t h o rou g h disc u s s i o n of c o m p l ex c o m m a n d s a n d c o n ce pts. Like m a n pages,
i nfo n odes a re read fro m t h e c o m m a n d l i ne, using either t h e info o r pinto c o m m a nd s .
S o m e c o m m a n d s a n d u t i l ities h a v e both m a n pages a n d i nfo d oc u m e ntation; u s u a l l y, t h e i nfo
d o c u m e n t a t i o n w i l l be m o re in-depth. C o m p a re the d iffe rences i n tar d o c u mentation u s i n g man
a n d pinfo:
[ s t u d e n t@d e s k topX - ] $ man tar
[ s t u d e n t@d e s k t o pX - ] $ pinto tar
The pinfo info read e r i s m o re a d v a n ced t h a n t h e orig i n a l info c o m m a n d . D e s i g n ed to match
the lynx text web b rowser keyst rokes, it a l so adds color. I nfo nodes for a p a rt i c u l a r topic are
browsed with pinfo topic. Enter only pinto for the i nfo topics d i recto ry. New docu mentation
nodes become ava i l a b l e i n pinto w h e n their co rrespondin g software p a c kages a re i nsta l l e d .
R H 1 24· R H EL 7 ·en-1-20140606
67
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p r i se L i n u x
-
GNU I nfo vs. man page navigation
The info co m m a n d uses d iffe rent n a v i g a t i o n keystrokes t h a n does man. T h e info c o m m a n d
wa s d e s i g n e d to match t h e keyst rokes of t h e hype rtext-awa re lynx web b rowser. C o m p a re t h e
k e y b i n d i n g s i n t h e fo l l owi n g t a b l e :
pinfo
and
man,
-
key binding comparison
pinto
man
S c ro l l forward (d own) o n e screen
PageDown o r Space
PageDown o r Space
S c ro l l b a c kwa rd (up) one screen
PageUp o r b
PageUp o r b
D i s p l ay t h e d i rectory of topics
d
-
S c ro l l forward (down) o n e h a l f-scre e n
-
d
D i s p l ay t h e p a r e n t n o d e o f a topic
u
-
HOME
1G
-
u
DownAr row
-
O p e n topic at c u rsor location
Enter
-
Scro l l forward (d own) o n e l i n e
-
DownA r r ow or E n t e r
U pA r r ow
-
-
UpAr row
/ s t ring
/ s t ri n g
n
-
Repeat prev i o u s search forwa rd (d own)
I then Enter
n
D i s p l ay p revi o u s n o d e (c ha pter) i n topic
p
-
Repeat p rev i o u s sea rc h bac kwa rd ( u p)
-
N
Q u i t t h e p ro g ra m
q
q
N av 1 g a t 1 on
D i s p l a y t h e top (up) of a topic
S c ro l l bac kwa rd (up) o n e h a l f-screen
Scro l l forwa rd (down) to next hype r l i n k
Scro l l b a c kwa rd (up) to p revious hype r l i n k
S c ro l l bac kwa rd (u p) o n e l i n e
Searc h f o r a pattern
D i s p l ay next node (c h a pter) i n topic
-
-
-
-
-
-
-
-
References
R
-
pinfo info (Info: An Introduction)
A l l Sect i o n s
-
pinfo pinfo (Documentation for 'pinto ')
A l l Sect i o n s
-
•
•
The G N U Project
http://www.g n u .o rg/g n u/t h e g n u p roject . h t m l
-
pinfo(1) a n d info(1 ) m a n pages
68
R H 1 24- R H E L 7-en-1 -20140606
-
Practice: U s i n g t h e p i nto Co m m a n d
-
P ra c t i ce: U s i n g t h e p i nto Co m m a n d
Guide d exercise
I n t h i s l a b , you w i l l b rowse G N U I nfo d o c u m e nta t i o n u s i n g c o m m a n d - l i n e too l s.
O utcomes
U nd e rsta n d p ro g ra m d o c u mentation i n t h e G N U I nfo node syste m .
Before you begin...
Perfo r m t h e fo l l ow i n g steps o n serverX u n l ess d i rected ot h e r w i se.
D
1.
-
D 2.
- ] $ pinfo
Navigate to the Common o p t ions to pic.
U s e U pAr row o r DownAr row u n t i l ( c o r e u t il s ) Common o p t ions i s h i g h l i g hted.
Press Enter to view this topic.
D 3.
-
B rowse t h ro u g h t h i s info topic. Lea r n if l o n g -sty l e options c a n be a b b reviated.
Use PageUp a n d PageDown to navigate t h ro u g h t h e topic. Yes, m a n y p rog ra m s a l low
l o n g options to b e a b b reviated.
D 4.
Dete r m i n e w h a t t h e sy m b o l s - - s i g n ify w h e n u s e d as a co m m a n d a rg u m e nt.
T h e sym b o l s - - s i g n ify the end of co m m a n d options and the start of co m m a n d
arguments i n com p l ex co m m a nds w h e re t h e s h e l l ' s c o m m a n d - l i n e pars e r m i g ht not
correct l y m a k e t h e d i s t i n c t i o n .
-
ii [student@serverx
I
-
-
I nvoke pinfo w i t h o u t a rg u m ents.
D 5.
Without e x i t i n g p i n f o , m ove u p t o t h e G N U Co r e u t ils n ode.
Press u to move u p to the top node of the topic.
-
D 6.
Press u a g a i n . O b s e rve that when positioned at the top of a topic node, moving u p
ret u r n s t o t h e d i rectory o f top ics. A lternate l y, p ress i n g d from a ny l eve l o r t o p i c w i l l m ove
d i rect l y to t h e d i rectory of topics.
..
M ove u p a g a i n , to the top topic.
D 7.
Searc h for t h e patte r n nano a n d s e l ect t h a t t o p i c .
Press I fo l l owed by t h e search patte r n " n a n o" . W i t h t h e topic h i g h l i g hted, p ress E n t e r .
-
D 8.
P ress E n t e r to s e l ect I n t r o d u c t ion, t h e n DownAr r ow a n d E n t e r to s e l ect Command
Line Options. Use the a r row keys to b rowse the topic.
-
I n t h e I n t rod u c t io n , l ocate a n d s e l e c t Command L i n e Options. B rowse t h e topic.
D 9.
M ove u p o n e l ev e l to ret u r n to I n t r od u c t ion. M ove to t h e next topic.
R H 1 24- R H E L7-en-1-20140606
69
-
-
C h a pter 3. Gett i n g H e l p i n Red H a t Enterprise L i n u x
-
P ress u t o move u p o n e leve l . The n e w location w i l l b e nano's t o p i c 1 I n t r od u c t ion.
N ow p ress n. Yo u w i l l h ave m oved to nano ' s topic 2 Editor Basics.
D 1 0.
-
Exit pinto.
Press q to q u i t pinto.
D 11.
I nvoke pinfo a g a i n , specify i n g nano a s the desti n a t i o n topic from t h e com m a n d l i n e.
!
j
!
D 12.
-
[student@serverx -]$
-
pinfo nano
-
S e l ect t h e Edit o r B a s i c s t o p i c .
Press DownA r r ow to h i g h l i g h t Editor Bas i c s , t h e n p ress En t e r to s e lect t h i s topic.
D 13.
Read t h e E n t e r i n g T e x t a n d Special F u n c t io n s s u btopi cs.
U s e a r row keys to h ig h l ig h t a topic, PageUp and PageDown to b rowse the text, t h e n press
u to m ove u p one leve l . Press q to q u it pinfo when you a re fi n i s hed.
-
-
-
-
-
-
-
-
-
-
-
-
-
70
R H 1 24- R H E L7 - e n -1 -20140606
-
-
-
-
Rea d i n g D o c u m e ntat i o n i n /u s r/s h a re/d o c
-
Rea d i n g Doc u m e ntat i o n i n /u s r/s h a re/d oc
-
-
Objectives
After com p l et i n g t h i s section, st u d e n t s s h o u l d be a b l e to researc h information u s i n g Red H a t
Packa g e M a n a g e r d o c u m e ntation.
Introducing package documentation
-
-
-
-
I n a d d i t i o n to man a n d pinfo, deve l o p e rs m a y a l so c h oose to i n c l u d e d o c u m e n ta t i o n i n t h e i r
a p p l icat i o n ' s R P M d istribution package. W h e n t h e p a c k a g e is i n sta l l e d , f i l e s recog n ized as
d o c u m e nt a t i o n a re moved to / u s r / s hare/doc/packagename. Software package b u i l d e rs
may i n c l u d e a nyt h i n g deemed h e l pf u l as a com p l e ment to, b u t not d u p l icat i n g , man pag es. G N U
packages a l so use / u s r /share/doc t o s u p p l e m e n t i nfo nodes.
M ost p a c k a g es i n c l u d e f i l es desc r i b i n g package d istribution l i c e n s i n g . Some packages i n c l u d e
exte nsive P D F- o r H T M L-based d o c u m entat i o n . Accord i n g l y, a usef u l package b rows i n g method i s
p o i n t i n g a b rows e r of c h o i ce to f i l e : / / / u s r / s h a r e / d o c a n d uti l i z i n g a m o u se.
I [student@desktopX -]$
;
!
-
-
-
-
- -- --- -
--�---�----�--�
firefox file : // / u s r / s ha re/doc
------��---
I
· __J
Some packages come with exte nsive exa m p l es, confi g u ration f i l e te m p l ates, scripts, tutori a l s ,
o r user g u ides. B rowse / u s r / s h a re/doc/vs f t pd - * as a n exa m p l e. S o m e d o c u m e ntation i s
s pa rse; t h e zip u t i l ity i n c l u d es t h e com p ress i o n a l g o r i t h m used a n d l itt l e e l se. O t h e r packages
i n c l udes l a rg e user m a n u a l s o r deve l o p e r g u ides, o r e l ectro n i c copies of related, p u b l i s h ed boo ks.
Note
Deve l op e rs may c hoose to b u n d l e exte n s ive doc u m e ntation i n a s e p a rate R P M . The
gnuplot p rog ra m h a s t h e extra gnuplot-doc package, which m ust b e i n sta l l e d s e p a rate l y.
O t h e r s i m i l a r packages to b rowse i n c l u d e bash-doc a n d samba-doc. Often , extra
packages a re fo u n d i n Red H a t E n t e r p r i s e L i n u x ' s Optional softwa re c h a n n e l .
-
-
M a ny packages a l s o i n c l u d e d eve l o p e r d o c u mentat i o n , s u c h a s a n A p p l icat i o n
Prog ra m m i n g I nte rface ( A P I ) s p e c ificat i o n , p rovided i n a pa c k a g e w i t h a n a m e e n d i n g
i n -devel o r s i m i l a r. Packages may i n c l u d e a d d i t i on a l fi l es, s u c h a s h e a d e rs ; u s ef u l
d o c u m e ntation u s u a l l y o n l y n e e d e d f o r softwa re deve l o p me n t o r com p i l i n g .
-
Note
-
-
T h e k e r n e l itse l f h a s a s i g n if i c a n t d o c u m entation package. T h e kernel-doc package is a
trea s u re of kern e l , d r ive r, t u n i n g , a n d a d v a n ced config u ration i n f o r m a t i o n . E x p e rienced
syst e m a d m i n istrators reg u l a r l y research kernel-doc f i l es.
-
-
-
R H124- R H EL 7 -en -1 -20140606
71
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat Enterp rise L i n u x
-
References
-
hie r (7 ) m a n page
•
D i s c u sses t h e h i e ra rchy of Linux d i rectories, i n c l u d i n g /usr / s h a re/doc.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
72
R H1 24- R H E L 7-en-1-20140606
-
-
-
-
P ra c t i ce: Viewing Pa c ka g e D o c u m entation
-
P ra ct i ce: V i ewi n g Pa c ka g e Docu m e ntat i o n
-
-
-
Guide d exercise
I n t h i s l a b, you wi l l research t h e docu mentat i o n u n d e r / u s r / s hare/doc to a n sw e r q u est ions.
U s e yo u r cho i ce of l e s s , ged i t , o r a b rowse r to view t h e d o c u mentation f i l e contents.
O u tcomes
-
M o re fa m i l i a rity, t h ro u g h practice, with t h e types of i n fo r m a t i o n that deve l o pers i n c l u d e with
t h e i r softwa re packages.
Before you begin ...
-
Pe rfo rm t h e fo l lo w i n g steps o n serverX u n l ess d i rected o t h e r w ise.
D 1.
W h e re can you f i n d t h e l atest n ews a b o u t the vim p roject?
[student@serverx -]$ cd / u s r/share/doc
[student@serverX doc]$ less vim - common - * / README . tx t
-
-
View t h e vim-common R E A D M E and search for " n ews".
-
D 2.
What is the wiki U R I for t h e yum packa g e?
i
I
-
[student@serverx doc]$
less yum - 3 * / README
Search for " w i k i " i n / u s r/s h a re/doc/yum - 3 * / README.
-
D 3.
What exa m p l e s a re prov i d e d for the com m a n d - l i n e be ca l c u l ator?
I
-
'
[student@serverX doc]$
ls
-1
bc - * /Examples
Fo u n d i n t h e d i rectory / u s r /share/doc/bc - * / Examples.
-
...
D 4.
i
D 5.
-
...
firefox g r u b 2 - t ools - * /g r u b . html
Use firefox to d i s p l ay / u s r /share/doc/g r u b 2 - t ools - * / g r u b . h t ml.
-
-
I [student@serverx doc]$
How wou l d you read the provided G R U B2 m a n u a l ?
What softwa re p rovi des its d o c u m e n t a s a s e p a rate package?
[student@serverx doc]$
[student@serverx doc]$
[student@serverx -]$
yum list * - doc *
cd
U s e yum t o d i s p l ay o n l y t h ose packages t h a t conta i n "-doc", "-docs", o r " - d oc u m e ntation"
i n t h e package n a me. When f i n is h e d , ret u r n to t h e home d i rectory.
-
...
-
R H 1 24- R H E L 7-en-1-20140606
73
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p rise L i n u x
-
G ett i n g H e l p Fro m Red H at
-
Objectives
Aft e r co m p l et i n g t h i s sect i o n , s t u d e nts s h o u l d be a b l e to view K n ow l ed g ebase i n fo r m a t i o n a n d
m a n a g e s u p po rt cases f r o m t h e c o m m a n d l i ne.
-
-
Red Hat Custome r Portal
Red H a t C u sto m e r Porta l ( h t t p s : / / a c c e s s . r e d h a t . c o m ) p rovides custo m e rs w i t h access
to eve ryt h i n g p rovided w i t h t h e i r s u b s c r i pt i o n t h r o u g h o n e conve n i e n t l ocat i o n . Custo m e rs
ca n search for s o l utions, FAQs, a n d a rt i c l es t h ro u g h K n ow l ed g e base. Access to offic i a l product
d o c u mentation is prov i d e d . S u pport t i c kets can be s u b m itted a n d managed. S u bs c r i p t i o n s
to Red Hat prod u cts c a n b e atta c h e d to a n d deta c h e d from reg i ste red systems, a n d software
d o w n loads, u pdates, and eva l u at i o n s c a n be obta i n ed . Pa rts of the site a re access i b l e to
everyone, w h i l e others a re exc l u s ive to custo m e rs with active s u bscriptions. H e l p with g ett i n g
access to Customer Porta l i s ava i l a b l e at h t t p s : I / a c c e s s . r e d h a t . c o m / h e l p / .
Customers c a n w o r k w i t h Red Hat C u stomer Porta l t h ro u g h a web b rows e r. T h i s sect i o n w i l l
i n t ro d u ce a c o m m a n d l i n e tool that c a n a l so b e used t o access R e d Hat C u sto m e r Porta l services,
redhat - s uppo r t - t ool.
Know l e d g e b a s e
-
-
-
-
-
SOLUTIO N S
ARTICLES
DO C U M EN TAT I O N
VIDEOS
R n d answers t o questions or issi;es you
Read technical articlPs and bP�I prac11ces
for your Red Hal products
Learn flow to msta.U configure and use
your Red Hat products
W:.1dl short Monals and presentauons fur
R� Hat products arn:l events
rn<1yeirpenence
Figure 3.2: Knowledgebase at the Red Hat Customer Portal
U sing redhat-su pport-tool to search K nowledge base
T h e Red H a t S u pport Too l u t i l ity r e d h at - su ppo r t - t ool p rovides a text console i nterface to
t h e s u b s c r i pt i o n - based Red H a t Access services. I nt e r n et access is req u i red to reac h t h e Red H a t
C u st o m e r Porta l . The redhat - s u p p o r t - t ool is text-based for use f r o m a n y ter m i n a l o r S S H
c o n n ecti o n ; n o g ra p h i c a l i nte rface i s p rovided.
T h e redhat - s u ppo r t - tool co m m a n d may be used as a n i n t e ra ctive s h e l l o r i nvoked a s
i n d iv i d u a l l y executed c o m m a n d s w i t h options a n d a rg u m e nts. T h e too l 's ava i l a b l e syntax is
i d e n t i ca l fo r both methods. By defa u lt. t h e pro g ra m l a u n c h e s i n s h e l l mode. Use t h e p rovided
help su b-co m m a n d to see a l l ava i l a b l e c o m m a n d s . S h e l l m o d e s u p ports t a b completion a n d t h e
a b i l it y t o ca l l p ro g ra m s i n t h e parent s h e l l .
I [student@desktopX -]$
I'-: We lcome to the Red Hat Support Tool .
Command (? for help ) :
-
-
-
-
-
-
-
-
redhat - su p po r t - tool
-
W h e n fi rst i nvoked, r e d h a t - s u p po r t - t ool prompts for req u i red Red Hat
Access s u bscri b e r l og i n i nformat i o n . To avoid re p et i t i v e l y s u p p l y i n g this
i nfo r m a t i o n , t h e tool a s k s to store account inform a t i o n i n t h e user's h o m e d i rectory
($HOME/ . redhat - s u p p o r t - t ool/ r ed hat - s u p po r t - tool . conf). I f a Red H a t Access
acco u nt i s s h a red by many u s e rs, the - - global o p t i o n ca n save acco u nt i nformat i o n to
-
-
74
R H1 24- R H E L 7-e n-1-201 40606
-
-
-
-
U s i n g red hat-s u p port-tool to search K n ow l ed g e b a s e
-
/ e t c / redhat - s u p p o r t - t ool . cont, a l o n g w i t h ot h e r syste mwide config u ra t i o n . T h e too l ' s
config c o m m a n d modifies t o o l confi g u rat i o n sett i ngs.
-
-
-
-
-
-
-
-
-
-
The redhat - su p po r t - tool a l l ows s u bs c r i b e rs to search and d i s p l ay t h e same K n o w l e d g e ba s e
c o n t e n t s e e n w h e n o n t h e Red H a t C u sto m e r Porta l . K n o w l e d g ebase p e r m its keyword searches,
s i m i l a r to t h e man c o m m a n d . U s e rs c a n enter e rro r codes, syntax from l o g fi les, o r a ny mix of
keyword s to p ro d u ce a l ist of re leva n t s o l u t i o n d o c u m e nts.
The fo l l o w i n g i s an i n it i a l config u ra t i o n and basic sea rc h d e m o n st rat i o n :
[student@desktopX -]$ redhat - s u p po r t - tool
Welcome to the Red Hat Support Tool .
Command ( ? for help ) : search How to manage system e n t i t leme n t s wit h subsc ription - manager
Please enter your RHN user ID : subscriber
Save the user ID in /home/student/ . redhat - support - tool/redhat - support- tool . conf (y/n ) : y
Please enter the password for subscriber : pas swo rd
Save the password for subscriber in /home/student/ . redhat -support - tool/redhat - support ­
tool . conf (y/n ) : y
After p ro m pt i n g t h e user for t h e req u i red u s e r confi g u rat i o n , t h e tool c o n t i n ues w i t h t h e o r i g i n a l
search req u est:
Type the number of the solution to view or ' e ' to return to the previous menu .
1 [ 253273 :VER] How to register and subscribe a system to Red Hat Network
( RHN ) using Red Hat Subscription Manager (RHSM )?
2 [ 17397 :VER] What are Flex Guest Entitlements in Red Hat Network?
3 [ 232863 :VER] How to register machines and manage subscriptions using Red
Hat Subscription Manager through an invisible HTTP proxy I Firewall?
3 of 43 solutions displayed . Type ' m ' to see more, ' r ' to start from the beginning
again, or ' ? ' for help with the codes displayed in the above output .
Select a Solution :
Specific sect i o n s of s o l ution d o c u m e n t s m a y be s e l ected for v i ew i n g .
-
-
-
-
Select a Solution : 1
Type the number of the section to view or ' e ' to return to the previous menu .
1 Title
2 Issue
3 Environment
4 Resolution
5 Display all sections
End of options .
Section : 1
Title
How to register and subscribe a system to Red Hat Network ( RHN ) using Red Hat
Subscription Manager (RHSM )?
URL :
https : //access . redhat . com/site/solutions/253273
( END) q
[student@desktopX -]$
== = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = == = = = = = = = = = = = = = = = = = == = = = = = = = = == = = = = = = = = = =
-
-
D i re c t l y a c c e s s K n o w l e d g e b a s e a r t i c l e s b y d o c u m e n t I D
-
Locate o n l i n e a r t i c l e s d i rect l y u s i n g t h e too l ' s k b com m a n d with t h e K n o w l edgebase d o c u m e n t
I D. Ret u r n e d d o c u m e n t s scro l l o n t h e s c r e e n w i t h o u t p a g i n a t i o n , a l l o w i n g a user to redi rect t h e
output u s i n g ot h e r l oca l com m a n d s. T h i s exa m p l e v i e w s t h e d o c u m e n t w i t h t h e less co m m a n d :
-
-
-
R H 1 24- R H E L7-en-1 -20140606
75
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p rise L i n u x
I [student@desktopX -)$
r----·�
L
-· --=,____ _ -- --·
��-
- -�--�,
redhat - support - tool kb 253273 I less
Title : How to register and subscribe a system to Red Hat Network ( RHN ) using Red Hat
Subscription Manager ( RHSM)?
ID :
253273
State : Verified : This solution has been verified to work by Red Hat Customers and
Support Engineers for the specified product version ( s ) .
URL :
https : //access . redhat . com/site/solutions/253273
: q
- ---------- -----�-
----
I
-
I
'
-
-
-
-
D o c u m e nt s ret rieved i n u n pa g i n ated format a re easy to s e n d to a p r i n t e r, convert to P D F o r
ot h e r d o c u m e n t f o r m a t , o r to red i rect to a data e n t ry p rog ra m for a n i n c i d e n t t rac k i n g o r c h a n g e
m a n a g e m e n t system, u s i n g o t h e r u t i l ities i nsta l l e d a n d ava i l a b l e i n R e d H a t Enterprise L i n u x.
Using redhat-support-tool to manage sup port cases
O n e benefit of a p ro d u ct s u bscript i o n is a c cess to tec h n ica l s u p port t h ro u g h
R e d Hat C u sto m e r Porta l . Depen d i n g o n t h e syst e m ' s s u bs c r i p t i o n s u p po rt
l eve l , Red H a t m a y be contacted t h ro u g h o n - l i n e too l s or by p h o n e. See
h t t p s : / / a c c e s s . r e d h a t . c o m / s i t e / s u p p o r t / p o l i c y / s u p p o r t _p r o c e s s
-
-
for l i n ks to
deta i l e d i nfo r m a t i o n a bout t h e s u p po rt p rocess.
-
Prepa r i n g a b u g report
Before contact i n g Red Hat S u pport, g a t h e r re l eva nt i nformat ion for a bug repo rt.
-
Define the problem. Be a b l e to c l e a r l y state t h e p ro b l e m and its sym pto m s . Be a s specific as
poss i b l e. Deta i l t h e steps w h i c h w i l l re p ro d u ce t h e p ro b l e m .
Gather background information. W h i c h p ro d u ct a n d version is affected? Be rea d y to p rovide
rel eva nt d i a g n ostic i nfor m a t i o n . T h i s ca n i n c l u d e o u t p u t of s o s r e po r t , d i s c u ssed later i n t h i s
s e c t i o n . Fo r ke r n e l pro b l e ms, t h i s cou l d i n c l u d e t h e syste m ' s kdump c ra s h d u m p or a d i g ita l photo
of the ke r n e l b a c kt race d i s p l ayed o n the m o n itor of a c rashed system.
Determine the severity level. Red H a t uses fo u r severity leve l s to c l a ssify i s s u e s . Urgent a n d High
severity p ro b l e m reports s h o u l d be fo l l owed by a p h o n e ca l l to t h e releva n t l oca l s u pport center
(see h t t p s : / / a c c e s s . r e d h a t . c o m / s i t e / s u p p o r t / c o n t a c t / t e c h n i c a l S u p p o r t ) .
Desc r i pt i o n
Urgent (Severity 1 )
A p ro b l e m t h a t seve re l y i m pacts you r u s e o f t h e software i n a
product i o n e n v i ro n m e nt (s u c h as loss of prod u c t i o n data o r i n w h i c h
you r pro d u c t i o n syst e m s a re not f u n ct io n i ng ) . T h e s i t u a t i o n ha lts yo u r
b u s i ness o p e rat i o n s a n d n o p roce d u ra l worka ro u n d exists.
Medium (Severity 3 )
76
-
-
-
Severity
High (Seve rity 2 )
-
A p ro b l e m w h e re t h e softwa re is f u n c t i o n i n g b u t yo u r use i n a
p roduct i o n e n v i ro n m e nt is severe l y red uced. T h e s i t u a t i o n is c a u s i n g a
h i g h i m pact to p o rt i o n s of yo u r b u s i n e s s o p e rat i o n s a n d n o p roce d u ra l
workaro u n d exists.
A pro b l e m t h a t i nvol ves partia l , n o n -critica l l oss of u s e o f t h e software
in a prod u c t i o n e n v i ro n m e n t or deve l op m e n t e n v i ro n ment. Fo r
p rod uction e n v i ro n m e nts, t h e re is a m e d i u m -to- l ow i m pact on yo u r
b u s i n ess, b u t yo u r b u s i n ess cont i n u e s t o f u n c t i o n , i n c l u d i n g b y u s i n g
a p roced u ra l workaro u n d . Fo r deve l o p m e n t e n v i ro n m e nts, w h e re t h e
s i t u a t i o n i s ca u s i n g yo u r p roject to n o l o n g e r c o nt i n u e or m i g rate i nto
p roduct i o n .
-
-
-
-
-
R H 1 24- R H E L7-e n -1-20140606
-
-
-
U s i n g red hat-s u p port-tool to m a n a g e s u p port cases
-
-
Seve rity
Desc ripti o n
L ow (Severity 4 )
A g e n e ra l usage q uest i o n , re p o rt i n g of a d o c u m entat i o n e r ro r, o r
reco m m e n d at i o n fo r a f u t u re p r o d u c t e n h a n c e m e nt o r m o d ificat i o n .
Fo r p rod u c t i o n e n v i ro n m e nts, t h e re is l ow-to- n o i m pact o n yo u r
b u s i n ess o r t h e p e rfo r m a nce o r f u n ct i o n a l ity o f your syst e m . For
deve l o p m e n t e n v i ro n m e nts, t h e re is a med i u m -to- l ow i m pact o n yo u r
b u s i ness, b ut yo u r b u s i ness c o nt i n ues t o f u n c t i o n , i n c l u d i n g by u s i n g a
p roce d u ra l worka ro u n d .
-
-
M a n a g i n g a b u g report w i t h
-
-
-
-
-
-
-
[student@desktopX -]$ redhat - su pport - t ool
Welcome to the Red Hat Support Tool .
Command (? for help ) : opencase
- - p roduc t = " Red Hat E n t e r p rise Linux" - - ve rsion=" 7 . 0 "
Please enter a summary (or ' q ' to exit ) : System fails to run without power
Please enter a description (Ctrl-D on an empty line when complete) :
When the server is unplugged, the operating system fails to continue .
1 Low
2 Normal
3 High
4 Urgent
Please select a severity (or ' q ' to exit ) : 4
Would you like to assign a case group to this case (y/N )? N
Would see if there is a solution to this problem before opening a support case? (y/N )
Support case 01034421 has successfully been opened .
�--�--------
-
-
-
-
-
-
redhat - s u p po r t - t ool
S u bs c r i b e rs may create, v iew, m o d i fy, and c l ose Red Hat S u p p o rt cases u s i n g redhat ­
s u p po r t - t ool. W h e n s u p p o rt cases a re o p e n e d o r m a i n ta i n ed , u s e rs may i n c l u d e fi l e s o r
d o c u me ntat i o n , s u c h a s d i a g n ostic reports (sosre p o rt). T h e tool u p l oa d s a n d atta c h e s f i l es
to o n l i n e cases. Case d eta i l s i n c l u d i n g product, version, summary, description, severity, a n d
case group may be a s s i g n ed w i t h c o m m a n d o pt i o n s or l et t i n g t h e t o o l p ro m pt f o r req u i red
i nfo r m a t i o n . In t h e fo l l o w i n g exa m p l e, the - - p r o d u c t and - - ve r sion o p t i o n s a re s pecified,
b u t redhat - s u p po r t - t ool wo u l d p rovi d e a l i st of c h oi ces fo r those options i f t h e opencase
command d i d not s p e c ify t h e m .
N
----- �---- _ _ _ _ __,.
I n c l u d i n g d i a g n o s t i c i nfo r m a t i o n by attac h i n g a S o s re p o r t a rc h ive
I n c l u d i n g d ia g n ostic i n f o r m a t i o n w h e n a s u p p o rt case is f i rst c reated c o n t r i b utes to q u icker
p ro b l e m reso l ut i o n . T h e sosreport com m a n d g e n e rates a compressed t a r arch ive of d i a g n ostic
i nfo r m a t i o n g a t h e re d f ro m the r u n n i n g syste m . T h e redhat - s uppo r t - tool p r o m pts to i n c l u d e
o n e if a n a rc h ive h a s b e e n created p rev i o u s l y :
Please attach a sos report to support case 01034421 . Create a sos report as
the root user and execute the following command to attach the sos report
directly to the case :
redhat - support- tool addattachment -c 01034421 pa t h to sos repo r t
Would you like to attach a file to 01034421 at this time? (y/N ) N
Command (? for help ) :
--
------ - - -- - ---
�
-�
- - - -- - �
�------
I f a c u rrent Sos re p o rt i s not a l ready prepared, a n a d m i n istrator c a n g e n e rate a n d attach o n e
l ater, u s i n g t h e too l ' s addat t achment co m m a n d a s a d v i sed prev i o u s l y. T h i s sect i o n ' s p ractice
exercise w i l l p rov i d e the steps for creat i n g and viewi n g a c u rrent Sos d i a g n ost i c report.
S u pport cases c a n a l so b e viewed, modified, and c l osed by you as t h e s u bscri ber:
-
-
-
R H1 24- R H E L7 - en -1 -20140606
77
-
C h a pter 3. Gett i n g H e l p i n Red Hat Enterprise L i n u x
Command (? for help ) : listcases
Type the number of the case to view or ' e ' to return to the previous menu .
1 [Waiting on Red Hat] System fails to run without power
No more cases to display
Select a case : 1
Type the number of the section to view or ' e ' to return to the previous menu .
1 Case Details
2 Modify Case
3 Description
4 Recommendations
5 Get Attachment
6 Add Attachment
7 Add Comment
End of options .
Option : q
Select a Case : q
Command (? for help ) : q
[ student@desktopX - ] $ redhat - su p po r t - t ool modifycase - - s t at us=Closed 01034421
Successfully updated case 01034421
[student@desktopX -]$
T h e Red Hat S u pport Too l h a s adva n ced a p p l icat i o n d i a g nostic a n d a n a l yt i c capa b i l it i es. U s i n g
ke r n e l cra s h d u m p co re f i l es, redhat - s u p po r t - tool ca n c reate a n d extract a backtrace, a
report of t h e active sta c k f ra m es at t h e point of a c ra s h d u m p, to p rov i d e o n s i t e d i a g nostics a n d
o p e n a s u p port case.
T h e tool a l so provides log f i l e a n a l ysis. U s i n g the too l 's analyze com m a n d , log fi l es of m a n y
types, i n c l u d i n g operat i n g syst e m , J Boss, Pyt h o n , To mcat, o V i r t . a n d ot h e rs, ca n b e p a rsed t o
reco g n ize p ro b l e m sym pt o m s , w h i c h ca n t h e n be v i e w e d a n d d i a g nosed i n d iv i d u a l l y. Prov i d i n g
preprocessed a n a l ys i s , a s o p posed to r a w d a t a s u c h a s c ra s h d u m p or log f i l es, a l l ows s u p p o rt
cases to be opened a n d m a d e ava i l a b l e to e n g i n ee rs m o re q u i c k l y.
] ; '�
; j f-
-,
References
i R i
!U__i
-
-
-
-
-
-
-
-
-
-
-
-
-
sos r e po r t 0 ) m a n p a g e
Red H a t Access: R e d H a t S u p po rt Too l
htt ps://access.redhat.com/s ite/a rt i c l es/445443
-
Red Hat S u p port Too l Fi rst U s e
https://a ccess. red h at.co m/s i te/videos/534293
-
Contacti n g Red H a t Tec h n i c a l S u p port
htt ps://access.red h at.co m/site/s u pport/p ol i cy/s u pport_p rocess/
.....
H e l p - Red H a t C u s t o m e r Porta l
https://a ccess. red h at.com/s ite/h e l p/
-
78
R H1 24- R H E L7 - e n -1-20140606
-
-
-
Practice: C reat i n g a n d View i n g a n Sos R e p o rt
-
P ra ct i ce: C reat i n g a n d View i n g a n Sos R e p o rt
-
-
-
Guided exercise
I n t h i s l a b, you w i l l use t h e sosre p o rt co m m a n d to g e n e rate a Sos report, t h e n view t h e contents
of t h a t d i a g n ostic a rc h ive.
Outcomes
-
A
co m p ressed tar a rc h ive of syste m w i d e d i a g n ostic i n fo r m a t i o n .
Before you begin ...
-
Perfo r m the fo l lowi n g steps o n serverX u n l ess d i rected othe rwise.
D 1.
I f c u r re n t l y w o r k i n g a s a n o n - root u s e r, switch to root.
[student@serverx -]$
Password : redhat
su
-
-
D 2.
-
-
-
-
-
-
-
-
-
-
-
-
-
R u n the sos report co m m a n d . T h i s may take m a ny m i n utes o n l a rg e r systems.
[ root@serverx -]# sosreport
sosreport (version 3 . 0 )
This command will collect system configuration and
diagnostic information from this Red Hat Enterprise Linux
system . An archive containing the collected information
will be generated in /var/tmp and may be provided to a Red
Hat support representative or used for local diagnostic or
recording purposes .
Any information provided to Red Hat will be treated in
strict confidence in accordance with the published support
policies at :
https : //access . redhat . com/support/
The generated archive may contain data considered
sensitive and its content should be reviewed by the
originating organization before being passed to any third party .
No changes will be made to system configuration .
Press ENTER to continue, or CTRL-C to quit . ENTER
Please enter your first initial and last name [serverX . example . com] : yourname
Please enter the case number that you are generating this report for : 0 1034421
P ress E n t e r . Provide t h e req u ested information. M a ke up a va l u e for t h e case n u m be r.
Running 17/74 : general . . .
Creating compressed archive . . .
Your sosreport has been generated and saved in :
/var/tmp/sosreport -yourname . 01034421-20140129000049 . tar . xz
R H1 24- R H E L 7-e n-1-20140606
l
79
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p r i se L i n u x
The checksum is : b2e78125290a4c791162e68da8534887
Please send this file to your support representative .
D 3.
D 4.
-
-
C h a n g e d i rectory to /var / t m p , and u n pa c k the arch ive.
[ root@serverX -]# cd /var/tmp
[ root@serverX tmp]# tar - xv J f
-
sos report - * . tar . xz
-
C h a n g e d i rectory to t h e res u l t i n g s u b d i rectory a n d b rowse t h e f i l e s fo u n d t h e re.
[ root@serverX -]# cd sosrepo r t - yourname . 81834421 - 26148129668649
[ root@serverx sosreport -yourname. e1e34421-2e14e129eeee49}# ls - lR
O p e n f i l es, l ist d i rectories, a n d cont i n u e to b rowse to become fa m i l ia r with t h e
i nfo r m a t i o n i n c l uded i n Sos re p o rts. I n t h e f o r m o f t h e o r i g i n a l arch ived a n d c o m p ressed
file, this is t h e d i a g n ostic i n fo r m a t i o n you wou l d be atta c h i n g to a redhat - s u p po r t ­
t ool s u p port case. When f i n i s h e d , rem ove t h e a rc h ive d i rectory a n d f i l es a n d ret u r n to
yo u r home d i rectory.
[ root@serverX sosreport-yourname. e1@34421-2@14@129eeee49]#
[ root@serverX tmp]# rm - rf sos repo r t *
[ root@serverx tmp]# exit
[student@serverx -]$
-
-
-
-
cd /var/tmp
-
-
-
-
-
-
-
-
-
-
80
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
L a b : V i e w i n g a n d P r i n t i n g H e l p Docu mentation
-
L a b : View i n g a n d Pri nt i n g H e l p Doc u m e ntat i o n
-
-
-
Perfor mance checklist
I n t h i s l a b, you wi l l p ractice research methods t y p i ca l l y used by syste m a d m i n i st rators to l e a r n
h o w to perfo r m n e ce s s a ry tasks.
Outcomes
•
-
•
Acco m p l i s h a g iven task; practice l ocat i n g re l eva nt c o m m a n d s by searc h i ng man pages a n d
pinfo n odes.
Learn new opt i o n s for com m o n l y used d o c u m e ntat i o n commands.
•
-
Recog n ize va r i o u s d o c u m e n t f i l e formats; u s e a p p ro p riate too l s to v i ew a n d print
d o c u m e ntation an d o t h e r n o n -text fo rm atted f i l es.
Before you begin ...
Perform the fo l l owi n g steps o n serverX u n l ess d i rected ot h e rwi se.
-
-
-
1.
Research man(1 ) to deter m i n e h o w t o p r e p a re a m a n p a g e f o r p r i n t i n g . W h a t format o r
re n d e r i n g l a n g u a g e is co m m o n l y used?
2.
C reate a formatted output f i l e of t h e pas swd m a n page. Dete r m i n e t h e f i l e c o n t e n t fo rmat.
3.
Research u s i n g man to l e a r n the co m m a n d (s) used for viewing o r p r i n t i n g Post s c r i pt f i l es.
4.
Research evin ce(1 ) u s i n g man to l e a r n how to use the viewer i n p review m o d e. A l so,
dete r m i n e how to open a d o c u m e n t start i n g o n a specific page.
5.
V i ew your Post s c r i pt f i l e u s i n g the va r i o u s evince o pt i o n s you resea rched. C l ose your
document file when you a re f i n i s hed.
6.
Using man, research lp(l ) to dete r m i n e how to p r i n t a n y document sta rti n g o n a s pecific
page. Without actua l l y entering a ny com m a n d s (s i n ce t h e re a re n o pri nters), w h a t wou l d be
t h e syntax, o n o n e com m a n d l i ne, to print o n l y pages 2 a n d 3 of yo u r Post s c ri pt f i l e?
-
-
-
O n e a n swer is lp pas swd . ps
-
-
-
k:::SJ
, ...., ,,
-
P 2 - 3.
Fro m lp(1 ) , learn t h a t t h e - P option specifies pages. The lp co m m a n d spoo l s to t h e default
p r i nter, send i n g o n l y t h e page ra nge sta rt i n g o n 2 a n d e n d i n g on 3.
Note
T h e re a re c u r re n t l y n o p r i nters confi g u red i n t h e c l a ssroom . H oweve r, you m a y
practice l at e r u s i n g p r i n t e r mod e l s c o n f i g u red i n you r own e n v i ro n m e nt . Fa m i l ia rity
with t h ese c o m m a n d s is often u s ef u l .
-
7.
U s i n g pinfo, l o o k for G N U i nfo a bout t h e evince viewer.
8.
A s a n o p p o rt u n ity to obse rve t h e a b u n d a n c e of G N U f u n d a m e nta l u t i l ities, u s e pinfo to
l ocate and b rowse a l l d o c u m e n t nodes for the coreutils c o m m a n d s and pro g ra m s.
-
-
R H 1 24- R H E L7 - en -1-20140606
-
81
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat Enterprise L i n u x
-
9.
1 0.
U s i n g firefox, o p e n t h e syste m ' s package d o c u m e n t a t i o n d i rectory a n d b rowse i nto t h e
man - d b package s u b d i recto ry. View the p rov i d e d m a n u a l (s).
U s i n g t h e o p e n F i r efox b rowser, l ocate a n d b rowse i n to t h e init s c r i p t s p a c k a g e
s u b d i recto ry. View t h e sysconfig . t x t f i l e , w h i c h describes i m po rta nt syst e m
confi g u ra t i o n opt i o n s sto red i n t h e /e t c/sysconfig d i recto ry.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
82
RH124- R H E L7-en-1-20140606
-
-
Sol ution
-
Solution
-
I n t h i s l a b, you w i l l p ractice resea rch methods typica l l y used by syst e m a d m i nistrators to l e a r n
how to p e r f o r m necessary tasks.
-
O ut c o m e s
-
•
•
•
Acco m p l is h a g iven task; practice locat i n g re l eva nt c o m m a n d s by s e a rc h i n g man pages a n d
pinfo nodes.
Lea r n new o pt i o n s fo r com m o n l y used d o c u m e ntat i o n co m m a n d s .
Recog n i z e va rious d o c u m e n t f i l e formats; use a p p ropriate t o o l s to view a n d p r i n t
docu m e ntation a n d ot h e r n o n -text formatted fi les.
-
Before you begin ...
-
1.
Pe rfo r m the fo l lo w i n g steps o n se rve rX u n l ess d i rected ot h e rw ise.
I [ student@serverx -]$ man man
-
Research man(1 ) to dete r m i n e how to p re p a re a man page for p r i n t i n g . What fo rmat or
re n d e r i n g l a n g u a g e is com m o n l y used?
man uses - t to p repa re a m a n page for p r i n t i n g , u s i n g Post s c r i pt.
2.
C reate a formatted o u t p u t f i l e of t h e pas swd m a n page. Dete r m i n e t h e f i l e c o n t e n t fo rmat.
[ student@serverX -]$ m a n - t pas swd >
[student@serverX - ] $ file passwd . ps
[ student@serverx - ] $ less passwd . ps
-
T h e f i l e is in Post s c r i pt format, l ea r n e d u s i n g t h e file c o m m a n d a n d confi rmed by view i n g
t h e f i l e contents. N ot ice t h e h e a d e r l i nes o f Post s c r i pt i nformat i o n .
3.
Research u s i n g m a n to l e a r n t h e co m m a n d (s) u s e d f o r v i e w i n g o r p r i n t i n g Post s c r i pt f i l es.
[ student@serverx - ]$ m a n
-
4.
-
[ student@serverx -]$
man evince
The -w (or - - p review) o pt i o n o p e n s evince in preview m o d e. The - i option i s used to
s p e c ify a start i n g page.
-
5.
...
k postsc ript viewe r
Research evince(1 ) u s i n g man to l e a r n how to use the v iewe r in p review mode. A l so,
dete r m i n e how to open a d o c u m ent sta rt i n g on a specific page.
I
-
-
-
U s i n g m u l t i p l e words w i t h t h e - k o p t i o n f i n d s m a n pages matc h i n g either word; t hose w i t h
" postsc r i p t " o r " v i ewer" i n t h e i r descriptions. N o t i c e t h e evince(1 ) a n d gho s t s c r ipt ( 1) (or
g s (1 ) ) c o m m a n d s in the o u t p ut.
-
-
passwd . p s
View yo u r Post s c r i pt file u s i n g t h e va r i o u s evince options you resea rched. C l ose yo u r
d o c u m e n t f i l e w h e n you a re f i n i s h e d .
R H 1 24- R H E L 7-en-1-20140606
83
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p rise L i n u x
[ student@serverx
[ student@serverx
I [ student@serverX
r
I
1
l
- ) $ evince pas swd . ps
- ) $ evince - w pas swd . ps
- ) $ evince - i 3 pas swd . ps
I
W h i l e n o r m a l evince mode a l l ows f u l l-screen a n d presentatio n-sty l e viewing, t h e evince
p review mode is usef u l for q u i c k b rows i n g and p r i n t i n g . N ot i c e the pri n t i c o n at the top.
6.
U s i n g man, research lp(1) to dete r m i n e how to print a n y d o c u m e n t start i n g on a specific
page. W i t h o u t actua l l y ente r i n g a n y commands (since t h e re a re n o p r i n t e rs), w h a t wo u l d b e
t h e sy ntax, o n o n e c o m m a n d l i ne, to p r i n t o n l y pages 2 a n d 3 of y o u r Posts c r i pt f i l e?
I
[student@serverx
-
-
-
-
-
- ) $ man lp
�������- ����
-
O n e a n swer is lp passwd . ps - P 2 - 3.
Fro m lp(1 ) , l e a r n that the - P o p t i o n specifies pag es. The lp com m a n d s p o o l s to the default
p r i n t e r, s e n d i n g o n l y t h e page ra n g e sta rt i n g on 2 a n d e n d i n g on 3.
-�----.... .
Note
-
-
T h e re a re c u r re n t l y no p r i nters confi g u red i n the c l assroom. H owever, you may
practice later using printer models confi g u red i n y o u r own e n v i ro n m e nt. Fa m i l ia rity
with t h ese com m a n d s is oft e n usef u l .
-
-
7.
U s i n g pinfo, look for G N U i nfo a bo u t t h e evince viewer.
r-[student@serverx
�
-
- ) $ pinfo evin e
N otice t h a t t h e evince(1 ) m a n p a g e d i s p l ays i n stead. The pinto d o c u m e n t viewer looks
for the rel eva nt man page when n o a p p ropriate GNU d o c u m e n t a t i o n node exists for t h e
requ ested topic. Press q to c l ose pinto.
-
-
8.
As an o p p o rt u n ity to observe the a b u n d a nce of GNU f u n d a m e nta l u t i l i t i es, use pinfo to
l ocate and b rowse a l l d o c u m e n t nodes for the coreutils co m m a n d s a n d p rogra m s.
I
r
[student@serverX
-
- ) $ pinfo
Fro m t h e d i rectory node, press DownAr r ow u n t i l the l i n k i s s e l ected for Coreut ils :
Co r e G N U ( file , t e x t , shell ) u t ilities . Press E n t e r to fo l l ow t h e l i n k to GNU
Co r e u t ils. N o t i c e t h e l o n g m e n u l is t i n g , w i t h I n t rod u c t ion c u r re n t l y sel ected. Press
E n t e r . At the top of the scree n , pay atte n t i o n to the h e a d e r, w h i c h d i s p l ays the p revious,
c u rrent, and n ext nodes. Browse t h e i nfo r m a t i o n , press n for t h e next node, a n d repeat.
B rowse e a c h scre e n , s i m p l y n ot i c i n g t h e c o m m a n d s and t h e i r d e s c r i p t i o n s . Cont i n u e u n t i l
n o d e 2 9 Opening t he Softwa r e Toolbox is rea c h e d . R e a d t h i s c h a pter i n i t s e n t i rety
u s i n g t h e navigation you have l e a r n e d . W h e n f i n i s hed, ret u r n the way you ca m e by u s i n g
only LeftAr row u n t i l t h e t o p d i rectory n o d e i s f i n a l l y rea c h e d . Press q to c l ose pinfo.
-
-
-
-
-
84
R H 1 24- R H E L7-e n-1-20140606
-
-
-
Solution
-
9.
-
-
-
-
-
-
U s i n g firefox, o p e n t h e syste m ' s package d o c u m entation d i rectory a n d b rowse i n to t h e
man - d b p a c k a g e s u b d i recto ry. V i ew t h e p rovided m a n u a l (s).
I [student@serverx -]$
!
fi refox /usr/share/doc
R e m e m b e r t h a t bookma rks c a n be m a d e for a n y d i rectories t h a t a re freq u e n t l y used.
Afte r b rows i n g to t h e man - d b d i recto ry, c l i c k to open a n d view t h e text vers i o n of the
m a n u a l , t h e n c l ose it. C l ic k to open t h e Post s c r i pt vers i o n . As obse rved ea r l i e r, evince is
t h e syst e m ' s defa u l t viewer for Post s c r i pt and PDF d o c u m e nts. Yo u may wish to retu r n to
these d o c u m e nts l a t e r to become more k n o w l e d g ea b l e a bout man. W h e n f i n i s h e d , c l ose t h e
evince viewer.
1 0. U s i n g t h e o p e n F i r efox b rowser, locate a n d b rowse i nto t h e init s c ript s package
s u b d i recto ry. View t h e sysconfig . t x t fi l e, which descri bes i m portant system
confi g u ra t i o n o pt i o n s stored i n the / e t c / sysconfig d i recto ry.
N otice how usefu l a b rowser is for locat i n g a n d view i n g l o c a l syste m d o c u m e n t a t i o n . C l ose
the d o c u m e n t w h e n f i n i s h e d , but l eave Fi refox o p e n .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H124- R H E L 7 - e n -1 -20140606
85
-
-
C h a pter 3. Gett i n g H e l p i n Red Hat Enterprise L i n u x
-
S u m m a ry
-
Read i n g Doc u m e nt a t i o n Using m a n C o m m a n d
A n ove rview of t h e L i n u x m a n u a l i n m a n p a g e f o r m a t , i n c l u d i n g eff i c i e nt n a v i g a t i o n a n d
searc h i n g .
-
Rea d i n g D o c u m e n t a t i o n U s i n g p i nto Com m a n d
A n ove rview o f t h e G N U I nfo d o c u m e n t a t i o n syst e m , i n c l u d i n g eff i c i e n t n a v i g a t i o n a n d
searc h i n g .
Rea d i n g Docu m e nt a t i o n i n /u s r/s h a re/doc
T h e practice of b u n d l i n g d o c u m e ntation w i t h RPM packages, which a re then stored
u n d e r t h e d i rectory /usr /s h ar e/doc.
-
-
Gett i n g H e l p Fro m Red Hat
U s e red hat-s u p p o rt-too l to l o o k u p Red H a t K n o w l e d g e base a rt i c l es a n d m a n a g e
s u pport cases.
-
-
-
-
-
-
-
-
-
-
-
86
R H 1 24- R H E L7 - e n -1-20140606
-
-
®
red h at
TRAINING
®
C HA PT E R 4
CREATI NG, VIEWI NG, AN D
EDITING TEXT FILES
Overview
Goal
To c reate, v iew, a n d edit text files from command output o r
i n a n e d itor.
Objectives
•
Redirect t h e text o u t p u t of a p ro g ra m to a file or to
a n ot h e r program.
•
Edit exist i n g text files and c reate new files from the s h e l l
prompt w i t h a text editor.
•
Copy text from a g ra p h i c a l window to a text file u s i n g a
text editor r u n n i n g i n t h e g ra p h i c a l enviro n m e nt .
Sections
Lab
R H1 24- R H E L7-en-1 -20140606
•
R e d i re c t i n g O u t p u t to a File or Program (and Pra c t ice)
•
E d i t i n g Text F i l es from t h e S h e l l P ro m pt (and Pract i ce)
•
E d i t i n g Text Fi les with a G ra p h i c a l Editor (and P ractice)
•
C reat i n g , Viewing, a n d E d i t i n g Text F i les
87
C h a pter 4. C re a t i n g , Viewing, a n d E d i t i n g Text F i l es
R e d i re ct i n g O u t p u t to a F i l e o r P ro g ra m
O bj e c t ives
After c o m p l e t i n g this section, students s h o u l d be a b l e to:
Describe the tec h n i c a l terms sta nd a rd i n put, sta n d a rd o ut p u t, and sta n d a rd error.
U s e red i rection c h a ra cters to control output to files.
U s e p i p i n g to control output to o t h e r programs.
Sta n d a rd i n p ut, sta n d a rd o u t p ut, a n d sta n d a rd e rro r
A p ro cess structure is constructed w i t h n u m be red c h a n ne l s (file descriptors) to m a n a g e o p e n
files. Processes c o n n e c t to files t o reach data content o r devices t h ese f i l es re p resent. Processes
are c reated with d efa u lt c o n n ections for c h a n n e l s 0, 1 , and 2 , k n o w n as standard input, standard
output, a n d standard error. Processes use c h a n n els 3 a n d a b ove to c o n ne ct to other f i l es.
std out
std i n
std err
..other files
...
.I
-�
��
,
.
Figure 4. 1 : Process 110 channels (file descriptors)
Channels ( File Descriptors)
N u m be r
Channel name
0
s t d in
1
Defa u l t connection
Usage
S t a n d a rd i n p u t
Keyboa rd
read o n l y
s tdou t
Sta n d a rd output
Te r m i n a l
w r ite o n l y
2
stde r r
Sta n d a rd error
Te r m i n a l
write o n l y
3+
filename
none
read a n d /o r write
Descri p t i o n
O t h e r f i l es
R e d i re ct i n g o u t p ut to a f i l e
C h a n n e l redirection r e p l a ces defa u l t c h a n n e l dest i n a t i o n s with f i l e n a m e s represe nting e i t h e r
o u t p u t f i l es o r d evices. U s i n g red i rect i o n , p rocess o u t p ut a n d error m e s s a g e s can b e c a p t u red a s
f i l e c o ntents, s e n t to a d ev i ce, o r d i sc a rd e d .
R e d i recting s tdou t s u p p resses p ro cess o u t p u t from a p pea r i n g o n t h e ter m i n a l . A s s e e n
i n t h e fol l o w i n g t a b l e, red i recting only s tdou t d o e s not s u p p ress s tde r r e rror messages
from d i s p l a y i n g o n t h e term i na l . The s p e c i a l file /dev/null q u ietly d i scards c h a n n e l o u t p u t
redi rected to it.
88
R H 1 24-RH E L7-en-1-20140606
R e d i recti n g o u t p u t to a f i l e
Output Redirection Operators
Usage
(note)
stdln
red i rect
> fi l e
s t do u t
to a file
<1 l
.,
':!'l.!,�
=
=
=
=
=
=
red i rect
stdout to a
» fi l e
f i l e, a p pend
to c u r rent f i l e
c o n t e n t (2)
stde r r
to a f i l e
(1)
& > fi l e
combine
s t do u t a n d
» fi l e 2 >&1
N ote:
s t de r r,
a p pe n d to
c u r re n t file
<2l <3l
content
-•
stderr
-
/
�
��
std In
•W ' "
�
stdln
process
�
process
.,
�
•
�
stderr
--
stdout
..
��
,ZW
rm
stdout
..
/dev/null
combine
s t do u t a n d
stde r r to
o n e f i l e (1)
__
•
std In
d i scard
messages by
red i recting to
process
.,
=-
s t de r r error
2> /dev/n u l l
1
stdout
�
red i rect
2 > fi l e
t
G
Visual aid
E x p l a nation
std err
.,
•
<�
t:J �
process
�
-
-
..
,--
/"? �'�
(1)
0verwrite existing file, c reate file i f new.
exist i n g f i l e, c reate f i l e if n ew.
(3l
The order of red i rection is i m p o rtant to avo i d u n expected c o m m a n d behavior.
2>&1 sends stde r r to t h e s a m e p l a c e as stdou t . For t h i s to work, s t do u t
needs to be red i rected fi rst, before a d d i ng stde r r to s t dou t . A l t h o u g h &>>
is an a lter nate way to a p p e n d b o t h s t do u t a n d stde r r to a f i l e, 2>&1 is t h e
m e t h o d n e e d e d to s e n d b o t h s tdou t a n d stde r r t h r o u g h a p i pe.
(2) A p p e n d
R H124- R H E L7 -e n-1-20140606
89
C h a pter 4. C reat i n g , V i ew i n g , a n d Edit i n g Text F i l e s
-
Exa m p les f o r o u t p u t re d i re c t i o n
-
M a ny ro u t i n e a d m i n istra t i o n tasks a re s i m p l ified by using red i rection. U s e t h e p rev i o u s table to
assist while c o n s i d e r i n g the fo l l ow i n g exa m p l es :
•
•
•
•
•
•
[student@desktopX - ] $
•
•
•
-
date > /tmp/saved - t imes t amp
Copy the l a st 100 l i n es from a log f i l e to a n ot h e r f i l e.
[ student@desktopX - ] $
-
t ail - n 100 /var/log/dmesg > /tmp/las t - 100 - boot - messages
-
Concatenate fo u r f i l es i nto o n e.
[student@desktopX - ] $
-
cat file1 file2 file3 file4 > / t mp/all - fou r - in - one
List the h o m e d i rectory ' s h id d e n and reg u l a r f i l e n a mes i nto a f i l e.
[student@desktopX - ] $
-
ls - a > / t mp/my - file - names
A p pend o u t p u t to an e x i st i n g f i l e.
[student@desktopX - ] $
[student@desktopX - ] $
echo " new line of informatio n " » /tmp/many - lines - o f - info rmation
diff previo u s - file c u r rent - file >> /tmp/t rackin g - change s - made
j
-
I n t h e next exa m p l es, e r rors are g e n e rated s i n ce n o r m a l users a re d e n i e d access to system
d i recto ries. R e d i rect e r ro rs to a f i l e w h i l e view i n g n o r m a l co m m a n d o u t p u t o n the term i n a l .
-
find /etc - name passwd 2> /tmp/er ro r s
-
[student@desktopX - ] $
•
-
Save a t i m esta m p f o r l a t e r refe rence.
I [ student@desktopX - ] $
Save process o u t p u t and error messages to s e p a rate fi l es.
find /etc - name passwd > /tmp/o u t p u t 2> /tmp/e r r o r s
I g n o re a n d d i s c a rd error messages.
[student@desktopX - ] $
f i n d /etc - name passwd > /t mp/o u t p u t 2> /dev/null
-
Store output a n d g e n e rated errors toget h e r.
[student@desktopX - ] $
-
find /etc - name passwd &> /tmp/save - bo t h
Append output and g e n e rated e r rors to a n e x i st i n g fi le.
[student@desktopX - ] $
find / e t c - name passwd >> /tmp/save - bo t h 2>&1
-
90
R H 1 24- R H E L7 - e n -1-20140606
-
Const r u c t i n g p i p e l i n e s
C o n st ruct i n g p i p e l i n es
Redirection contro l s c h a n ne l o u t p u t to or from files w h i l e piping sends c h a n n e l o u t p u t to a n o t h e r
process.
process
process
Figure 4.8: Process 110 piping
E x a m p les for p rocess p i p i n g red i rection
Pagi nate a comma n d ' s long o u t p ut.
[ s t u d e n t@d e s k t o p X -]$ ls - 1 /us r/bin I less
C o u nt t h e n u m be r of l i nes in an o u t p u t o r l i s t i n g .
[ s t u d e n t @d e s k t o p X
-
] $ ls I we - 1 > /tmp/how - many - files
G ra b the f i rst l i nes, last l i n es, or s e l ected l i nes of c o m m a n d output.
[ s t u d e n t@de s k topX - ] $ ls - t I head - n 10 > /tmp/ten - last - changed - files
process
Figure 4. 9: Process 110 piping with tee
E x a m p l es for using the t ee c o m m a n d for p i p i n g
The t e e c o m m a n d d i s p l ays o r red i re cts t h e i ntermediate res u l t n o r m a l l y s u p p ressed d u e t o
p i p i n g . I n t h e f i rst exa m p le, t h e ls l i sting is v i ewed o n a t e r m i n a l w h i l e s i m u ltaneously b e i n g
stored i n a fi le.
[ s t u d e n t@des ktopX - ] $ ls - 1 I tee /tmp/saved - ou t put
D ete r m i n e t h e term i n a l device for the current w i n d ow. Send t h e res u lts a s mail and view t h e
s a m e res u lts i n t h i s w i n d ow.
I
[ s t u d e n t@d e s k topX
/dev/pts/0
-
] $ tty
R H1 24- R H EL 7-en-1-20140606
91
-
-
C h a pter 4. C reat i n g , View i n g , a n d E d i t i n g Text F i l e s
[student@desktopX -]$
-
ls 1 I t e e /dev/pts/0
s t udent@desktopl . example . com
-
mail -s subject
-
References
R
-
info bash ( The GNU Bash Reference Manual)
S e c t i o n 3.2.2: P i pe l i n es
•
-
info bash ( The GNU Bash Reference Manual)
Section 3.6: Red i re ct i o n s
•
i n f o c o r e u t il s ' t ee invo c a t ion ' ( The G N U coreutils Manual)
Sect i o n 17.1: Red i rect o u t p u t to m u lt i p l e f i l es or processes
-
•
bas h (1 ) , cat(1), head(1 ) , les s ( 1 ) , mail(1 ) , t ee(1 ), t ty(1 ) , wc(1 ) man pages
-
-
-
-
-
-
-
-
-
-
-
-
-
92
R H 1 24- R H E L 7-e n-1-201 40606
-
-
-
-
P ractice: 1/0 R e d i re c t i o n a n d P i pe l i nes
-
Pra ct i ce: 1 /0 Red i rect i o n a n d P i pe l i n es
-
-
Quiz
Match t h e fo l l ow i n g items to t h e i r cou n te r pa rt s i n t h e t a b le.
-
&>/d ev/n u l l
-
»fi l e 2 > &1
EJ
> f i l e 2 >f i l e2
-
-
2 >/d ev/n u l l
I
I tee file
I
> f i l e 2 > /d ev/n u l l
Res u lt n ee d e d
Red irection synta x u sed
-
-
-
D i s p l ay com m a n d o u t p u t to ter m i n a l , i g n o re a l l
e r ro rs.
S e n d co m m a n d o u t p u t to fi l e; e r ro rs to d iffe re nt
f i l e.
-
-
-
S e n d o u t p u t a n d e r ro rs to t h e sa m e n ew, e m pty
f i l e.
S e n d o u t p u t a n d e r rors to t h e sa m e f i l e, b u t
p rese rve ex i st i n g f i l e content.
-
-
-
R u n a co m m a n d , b u t t h row away a l l p o ss i b l e
te r m i n a l d i s p l ays.
S e n d co m m a n d o u t p u t to b o t h t h e s c re e n a n d a
f i l e a t t h e sa m e t i m e.
-
-
R u n c o m m a n d , save o u t p u t i n a f i l e, d i sca rd e r r o r
messa g e s .
-
-
-
R H 1 24- R H E L7 - en -1 -20140606
93
C h a pter 4. C reat i n g , V i e w i n g , a n d Editing Text F i l e s
S o l ut i o n
Match t h e fo l l owi n g items to t h e i r cou nterparts i n t h e t a b l e.
Res u l t n e e d e d
D i s p l ay co m m a n d o u t p ut t o t e r m i n a l , i g n o re a l l
Re d i re c t i o n s y n t a x u s e d
2 >/d e v/n u l l
e r ro rs.
Send co m m a n d o u t p u t to file; e r rors t o d i ffere n t
>file 2>file2
f i l e.
&>f i l e
S e n d o u t p u t a n d e r rors to t h e s a m e n ew, e m pty
f i l e.
S e n d o u t p u t a n d e r ro r s to t h e s a m e f i l e, b u t
» f i l e 2 > &1
p reserve e x i st i n g f i l e c o n t e n t .
R u n a co m m a n d , b u t t h row a wa y a l l p o s s i b l e
&>/d ev/n u l l
te r m i n a l d i s p l a ys.
Send co m m a n d o u t p u t to both the sc re e n a n d a
file at the same t i me.
R u n co m m a n d , s ave o u t p u t i n a f i l e , d i s c a rd e r ro r
I
tee f i l e
> f i l e 2 > /d ev/n u l l
m e ssa g e s .
94
R H 1 24- R H E L7 - e n -1-20140606
E d i t i n g Text Fi les from t h e S h e l l P ro m pt
E d i t i n g Text F i l es f ro m t h e S h e l l P ro m pt
O bj e c t i ves
A f t e r c o m p l et i n g t h i s sect i o n , students s h o u l d be a b l e t o :
C reate new f i l e s a n d e d i t existing t e x t files from t h e s h e l l p ro mpt.
Navigate within a n e d itor to effectively acco m p l is h e d i t i n g tasks.
Ed i t i n g f i l es w i t h V i m
A key d e s i g n p r i n c i p l e of L i n u x is t h at i nfor m a t i o n is stored i n text-based f i l es. Text f i l es i n c l u d e
both flat files w i t h rows of s i m i l a r i nfo rmat i o n , s u c h a s c o n fi g u ra t i o n fi les i n / e t c , a n d Extensible
Markup Language (XML) f i l es, w h i c h define d ata struct u re t h ro u g h text tags, seen i n a p p l ication
confi g u ration files t h ro u g h o u t b o t h / e t c a n d / u s r . T h e a d va ntage of text files i s t h a t t h ey
c a n be m oved or s hared betwee n syste ms without req u i r i n g conversion, a n d can be v iewed a n d
e d i te d u s i n g a n y s i m p l e text e d itor.
V i m is a n i m p roved vers i o n of t h e vi editor d i stri b uted w i t h L i n u x a n d U N I X system s . V i m is h i g h ly
confi g u ra b l e a n d effic i e nt for p racticed users, i n c l u d i n g s u c h featu res as s p l i t screen e d i t i n g ,
c o l o r fo rmatt i n g , a n d h i g h l ig h t i n g fo r e d i t i n g text.
Figure 4. 10: Moving between Vim modes
W h e n f i rst opened, V i m starts i n command mode, used for navigation, cut a n d paste, a n d o t h e r
text m a n i p u lation. E n t e r e a c h o f t h e ot her m o d es w i t h s i n g l e c h a racter keyst rokes to a ccess
s p ecific e d i t i n g f u nc t i o n a l ity:
An i keyst roke enters insert mode, where a l l text typed becomes f i l e c o ntent. Press i n g Esc
retu r n s to c o m m a n d mode.
A v keyst roke e nters visual mode, w he re m u lt i p l e c h a racters may be s e l ected for text
m a n i p u l ation. Use v for m u lt i - l i n e and C t r l - v for b l o c k selection. The same keystro ke used to
enter visual m o d e (v, V o r C t r l - v) is used to exit.
R H 1 24- R H E L7-en-1 -20140606
95
-
-
C h a pter 4. C reat i n g , V i ew i n g , a n d E d i t i n g Text F i l es
-
T h e : keyst roke beg i n s extended command mode for tasks l i ke writ i n g t h e f i l e to save it. a n d
q u itti n g t h e V i m editor.
-
T h e m i n i m u m , b a s i c V i m w o r kflow
Vim h a s efficient. coord i nated keyst rokes for advanced e d i t i n g tas ks. A l t h o u g h con s i d e red usef u l
w i t h p ra c t i ce, V i m ' s capa b i l it i e s c a n ove rw h e l m n e w users. T h e fo l l owi n g workf l ow presents t h e
minimum keyst rokes every V i m u s e r m u st l e a r n t o acco m p l i s h any e d i t i n g task.
T h e i n st r u ctor will d e m o n s t rate a typica l f i l e editi n g session using only basic V i m keystrokes.
1.
2.
-
-
Open a file with vim fil ename.
Repeat t h i s text e n t ry cyc l e, a s m a n y t i m es a s t h e t a s k req u i res:
•
U s e a r row keys to position the c u rsor.
•
Press i to enter i n se rt mode.
•
E n t e r text.
•
Press Esc to ret u r n to com m a n d mode.
•
I f n e cessa ry, p ress u to u n d o m i staken edits on t h e c u rrent l i ne.
-
-
-
3.
Repeat this text d e l et i o n cyc le, a s m a ny times a s t h e t a s k req u i res:
•
U s e a r row keys to position the c u rsor.
•
Press x to d e l ete a s e l ection of text.
•
I f n e cessa ry, use u to u n d o m i st a k e n edits o n the c u rrent l i n e.
-
-
-
4.
To save or exit, c h oose o n e of t h e fo l l ow i n g to write or d i s c a rd fi l e ed its:
•
Enter : w to write (save) t h e file and re m a i n i n co m m a n d m o d e for m o re edit i n g .
•
E n t e r : w q t o write t h e f i l e a n d q u i t V i m .
•
E n t e r : q ! t o q u it V i m , but d i scard a l l f i l e c h a n g es s i n c e t h e l a st write.
-
-
R e a r ra n g i n g e x i st i n g text
In Vim, copy and paste is kn o wn a s yank and put, u s i n g com m a n d c h a racters y and p. B e g i n by
p o s it i o n i n g the c u rsor o n the first c h a racter to be s e l ected, t h e n enter v i s u a l mode. Use a r row
keys to ex pa n d the v i s u a l s e l ection. W h e n read y, press y to yank the s e l ect i o n into m e m o ry.
Pos i t i o n t h e c u rsor at t h e new l ocat i o n , t h e n press p to put t h e s e l e c t i o n at t h e c u rsor.
T h e i n st r u ctor w i l l d e m o n st rate "ya n k a n d put" u s i n g v i s u a l m o d e.
O p e n a f i l e w i t h vim fil ename.
2.
R e p e a t t h i s text s e l ecti o n cyc l e , a s m a ny t i m e s a s t h e t a s k req u i res:
96
U s e a r row keys to position the c u rsor to t h e fi rst c h a racter.
•
Press v to enter v i s u a l mode.
•
U s e a r row keys to position t h e c u rsor to t h e l a st c h a racter.
-
-
1.
•
-
-
-
-
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
E d i t i n g f i l e s with V i m
-
-
-
3.
-
-
-
�·:(
, · �,,
-
-
•
Press y to ya n k (co py) t h e s e l e c t i o n .
•
U s e a rrow keys to pos i t i o n t h e cursor a t t h e i n sert location.
•
Press p to p u t (pa ste) t h e s e l e c t i o n .
To s a v e o r exit, c h oose o n e of t h e fo l l owi n g to w r i t e o r d iscard f i l e ed its:
•
E nt e r : w to write (save) t h e file and re m a i n i n com m a n d mode for m o re e d i t i n g .
•
E n t e r : wq to w r i t e the f i l e a n d q u it V i m .
•
E n t e r : q ! to q u it V i m , but d i s c a rd a l l f i l e c h a nges s i n ce t h e l a st w r ite.
Note
Bewa re t h e a d v a n ced V i m u s e r offe r i n g s h o rtcuts a n d t r i c ks before t h e b a s i cs a re
m a stered. V i m req u i res practice to become efficient. It is reco m m e n d e d to conti n u e
l e a r n i n g n e w keystrokes to exte n d V i m ' s usefu l n ess. For t hose c u r i o u s h o w exte n s ive
t h i s can be, p e rform a n I nternet search for " V i m t i ps".
A n i n - d e pt h p resentation of Vim i s i n c l u d e d in t h e Red Hat Enterprise Linux
Administration II cou rse.
7
System
-
-
-
R
References
vim(1) m a n p a g e
Vim the editor
http://www.v i m .o rg /
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7 -en -1-20140606
97
-
-
C h a pter 4. C reat i n g , V i ew i n g , a n d Edit i n g Text F i l es
-
P ract i ce : Ed it i n g F i l es w i t h Vi m
-
Guide d exercise
-
I n t h i s l a b, you w i l l use a l oca l l y i n sta l l ed reso u rce to p ractice e nt ry-level vim e d it o r tec h n i q ues.
Outcomes:
E x p e r ie nce with vim, and kn o wledge about u s i n g vimt u t o r to g a i n c o m peten cy.
Before you begin ...
In this exercise, use the exist i n g Vim tuto r i a l b u n d l e d with the Vim editor. The i n sta l l ed vim­
enhanced p a c ka g e p rovides vimt u t o r . For e a c h exercise step, use t h e corres pond i n g l esson i n
v i m t utor to p ract i ce. Ret u r n h e re w h e n t h e l e s s o n step i s co m p l ete. Pe rfo r m t h e fo l l o w i n g steps
on serve r X u n l es s d i rected otherwise.
D 1.
I [student@serverx -]$
Open vimt u t o r . Read t h e We l c o m e screen and p e rfo r m Lesson 1 . 1 .
I n t h e l e c t u re, o n l y key boa rd a r row keys we re used for navigat i o n . I n vi's e a r l y yea rs,
users co u l d n ot re l y o n wo r k i n g keyboa rd m a p p i n g s for a r row keys. T h e refore, vi was
d e s i g n e d with c o m m a nds u s i n g o n l y sta n d a rd c h a ra cter keys, s u c h as the conve n i e n t l y
g ro u ped h , j , k, a n d 1. H e re is o n e w a y to re m e m b e r t h e m :
h a n g back, j u m p down, k i c k up, leap forward.
-
-
-
-
-
Ret u r n to t h e vimt u t o r w i n d ow. Perfo r m L esson 1 . 2.
T h i s e a r l y lesson teaches how to q u it w i t h o u t h a v i n g to keep a n u nwa nted f i l e c h a nge. A l l
c h a n ges a re l ost, b u t t h i s i s bett e r t h a n l e a v i n g a critica l f i l e i n a n i n c o r rect state.
D 3.
-
vim t u t o r
!
D 2.
-
-
-
Ret u r n to t h e vimt u t o r w i n d ow. Pe rfo r m Lesson 1 . 3.
V i m h a s faste r, m o re effic i e n t keystrokes to d e l ete a n exact a m o u n t of words, l i nes,
s e n t e n ces, and p a ra g ra p h s . H oweve r, a ny editing j o b can be acco m p l is h e d using only x
for s i n g l e - c h a racter d e l et i o n .
D 4.
Ret u r n to t h e vimt u t o r w i n d ow. Pe rfo r m Lesson 1.4.
T h e m i n i m u m req u i red keystrokes a re for e n t e r i n g and leaving e d it mode, a r row keys,
a n d d e l et i n g . For most edit t a s ks , the fi rst key pressed is i.
D 5.
(Optional) Ret u r n to the vimt u t o r w i n d ow. P e rform L esson 1 . 5.
I n t h e l ec t u re, o n l y t h e i (insert) co m m a n d was t a u g h t as t h e keyst roke to e n t e r edit
m o d e. T h i s vi mtutor l esson d e m o n st rates t h a t ot h e r keyst rokes a re a va i l a b l e to change
t h e c u rs o r p l a ce m e n t w h e n i nsert m o d e i s e n t e red. H oweve r, o n ce i n i n sert mode, a l l text
typed i s sti l l fi l e content.
D 6.
·-
-
·-
Retu r n to t h e vimt u t o r w i n d ow. Perfor m L esson 1 . 6.
-
Save the file by writ i n g a n d q u i tt i n g . This i s the l a st lesson for the m i n i m u m required
keyst rokes to be a b l e to acco m p l i s h a ny e d i t i n g task.
-
98
R H 1 24- R H E L 7 - e n -1-20140606
-
-
-
G u i d e d exercise
-
D 7.
-
Ret u r n to t h e vim t u t o r w i n d ow. F i n i s h by rea d i n g t h e Lesson 1 Summary.
T h e re a re s i x m o re m u l t i-step lessons i n vimt u t o r . N o n e a re assig ned as f u r t h e r l e s s o n s
f o r t h i s cou rse, b u t fee l f r e e to use vim t u t o r o n yo u r own to l e a r n m o re a b o u t Vim.
-
-
-
-
-
-
.....
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-e n-1-20140606
99
-
-
C h a pter 4. C reat i n g , View i n g , a n d E d i t i n g Text F i l es
-
Ed it i n g Text Fi l es w i t h a G ra p h i ca l Editor
-
Objectives
-
Aft e r com p l et i n g t h i s sect i o n , stu d e n t s s h o u l d be a b l e to:
-
•
Edit text f i l e s with gedit.
•
C o py text between g ra p h i c a l w i n dows.
-
Editing files with gedit
The gedit a p p l ication is a f u l l -fea t u red text editor for the G N O M E desktop e n v i ro n m e nt. L a u n c h
g e d i t by s e l ec t i n g A p p l i c a t i o n s > A c c e s s ories > g e d i t fro m t h e G N O M E m e n u . L i k e ot h e r
g ra p h i ca l a p p l ications, g e d i t can b e sta rted w i t h o u t navig a t i n g t h e m e n u . Press Alt + F 2 t o
o p e n t h e E nt e r a C o m m a n d d i a l og b o x . Ty pe gedit a n d press E n t e r .
-
-
U n saved D o c ument 1 - gedit
File
LJ
Edit
View
Q Open
Search
v
Tools
�, Save
-
Documents
U n s aved Document 1
-
-
-
-
-
Plain Text
v
Tab Width: 8
v
Ln 1, C o l 1
INS
Figure 4.11: gedit text editor
G N O M E H e l p i n c l udes a gedit h e l p g u ide, w h i c h may be fou n d by s e l e c t i n g A p p l i c at i o n s >
Favorites > He l p from t h e G N O M E m e n u . T h e n s e l ect Go > A l l D o c u m e n t s to v i ew t h e l ist of
g ra p h i c a l a p p l i cations. S c ro l l down to s e l ect t h e g e d i t Text E d i t o r hype r l i n k.
-
B a s i c g e d i t Keystro kes
Perform m a ny f i l e m a n a g e m e n t t a s k s u s i n g gedit ' s m e n u :
To c reate a new f i l e i n g e d it, c l i c k t h e b l a n k p a p e r too l b a r i c o n , o r sel ect
from t h e m e n u .
•
•
To save a f i l e , c l i c k t h e
menu.
-
d i s k - drive save
t o o l b a r i c o n , o r s e l ect
F i l e > Save
F i l e > N ew
(Ct rl - n)
(Ct r l - s) f r o m t h e
-
-
-
100
R H 1 24 - R H E L 7-en-1-20140606
-
-
Copying text between g ra p h i c a l w i n d ows
To o p e n an exist i n g fi le, c l i c k t h e Open t o o l b a r icon, or s e lect F i l e > O p e n (Ct r l - o) from t h e
m e n u . T h e O p e n F i les d i a log w i n d ow w i l l d i s p l a y from w h i c h users ca n l ocate a n d s e l ect t h e
file to o p e n .
M u l t i p l e f i l es may b e o p e n ed s i m u l t a n eo u s l y, e a c h with a u n i q u e t a b u nd e r t h e m e n u b a r. Ta b s
d i s p l a y a f i l e n a m e a f t e r being s a v e d t h e f i rst t i me.
Copyi n g t ext betwe e n g ra p h i ca l w i n d ows
Text c a n be copied between d o c u ments, text w i n d ows, and com m a n d w i n d ows i n t h e g ra p h ic a l
e nviro n m e nt. S e l ected text is d u p l i cated u s i n g copy a n d paste or m oved u s i n g c u t and paste.
Whether cut or c o p i e d , t h e text is h e l d in m e m ory for p a st i n g i nto a n o t h e r location.
To select text:
C l i c k and hold the l eft mouse b utton before the f i rst c h a racter d e s i re d .
D r a g t h e m o u s e o v e r a n d down u n t i l a l l req u i re d text is i n a s i n g l e h i g h l i g hted selection, t h e n
r e l e a s e t h e l eft b u t t o n . Do not c l i c k a g a i n w i t h t h e l eft b utto n , a s t h a t d e s e le cts t h e text.
To paste the select i o n , m u lt i p l e methods c a n a cc o m p l i s h the s a m e res u lt . In the fi rst method:
Click the r i g ht m o u s e b utton anywhere o n the text a rea j u st selected.
Fro m the res u lt i n g context m e n u , sel ect either cut o r copy.
Move the mouse to the w i n d ow or d o c u m e nt w h e re t h e text is to be p l a ced, c l i c k t h e l eft
mouse button to position w h e re t h e text s h o u ld go, a n d c l i c k the r i g ht m o u s e b utto n a g a i n ,
n o w c h o o s i n g paste.
H e re i s a s h orter mouse tec h n i q u e to practice:
Fi rst. s e l e ct t h e text.
Hover the mouse over the dest i n a t i o n w i n d ow and c l i c k the center m o u se button, j u st once, to
paste the text at t h e c u rsor.
This l ast method c a n o n l y copy, not cut. The o r i g i n a l text rem a i n s s e l ected a n d c a n be d el eted. A s
with other methods, t h e text rem a i n s i n m e mory a n d c a n b e repeate d l y p a sted .
•Unsaved Document 1
Tools
-) $ ls -l
e
d rwx r - x r -x . 2 student st udent
d Nxr · x r - x . 2 student student
dn·.�r .:r .
2 studer,t student
d n... , r :-1 r ' :' studPnt stuj,:.nt
d r .-.x r • r , L studPnt "tujPnt
f
( s t udent@desktopl
total
tJr,.,.•r � r '
rw•r
xr- •
2 ':5tuJ"'i t �tu:J'2nt
:_ student �tudent
D
d rwx.r - x r - x . 2 studen.._ student
[ s tudent@desktopl -]$
52 Feb 21
1 1 :52
Dl?Sktop
6 Feb 1 6 1 1 :29 Documem:s
6
;:;
�
".)
".)
Feb
Fi:>b
F._.tJ
FdJ
�"'b
1 6 1 1 ·29
�6
71
l'J
16
11
11
11
11
79
ii
2S
....9
Oo·wnloads
Music
Pi.ctures
Pub1ic
Templates
6 Feb 16 1 1 . 29 Videos
R H124- R H E L7-e n-1-20140606
Documents
*Unsaved Document·� \
ldrwxr-xr-x.
d rw>1 T - x r - x .
d rwx r - x r - x .
x
2
2
2
s t udent
student
student
6 Feb 1 6 1 1 :29 Downl oads
student
6
student student
d rax r - x r - x . 2 student stL.dent
d rwx r · x r - x .
I
- gedit
2 st ud ent student
Feb 16 1 1 : 29 Mus ic
6 Feb 2 1 1 1 : 33 Pictures
6 Feb 1 6 1 1 : 29 Public
6
Feb 1 6 1 1 :29 Templ ates
After text selection at left,
click middle mouse button here to paste.
1 01
-
-
C h a pter 4. C reat i n g , V i ew i n g , a n d E d i t i n g Text F i l es
-
Figure 4. 12: Select and paste using middle mouse button
T h e key b o a rd s h o rtcut method c a n a l so be used i n g ra p h i c a l a p p l ications:
F i rst, s e l ect t h e text.
-
•
•
U s e Ct rl - x to cut o r C t r l - c to copy the text.
•
C l i c k the l o c a t i o n w h e re the text is to be p l a ce d to position the c u rsor.
•
U s e Ct r l - v to paste.
A
-
-
Important
T
-
Ct rl - c a n d Ct r l - v w i l l not copy a n d paste w i t h i n a te r m i n a l w i n d ow. C t rl - c w i l l
act u a l l y t e r m i n ate t h e c u rrent r u n n i n g p rocess w i t h i n a te r m i n a l w i n d ow. To copy a n d
paste w i t h i n a t e r m i n a l w i n d ow, u s e Ct r l - shift - c a n d Ct r l - shift - v.
-
-
References
R
gedit(1) m a n p a g e
-
gedit Text Editor
yelp help : ge d i t
-
•
g e d it W i k i
https://w i k i . g n o me.org/A p ps/Ged i t
-
-
-
-
-
-
-
-
-
102
R H 1 24- R H E L 7-en-1 -20140606
-
-
Practice: Copying Text Between W i n d ows
P ra ct i ce: C o py i n g Text B etwe e n W i n d ows
G u i d e d exe rc i s e
I n t h i s l a b, you w i l l e d it a f i l e with g e d i t , selecting text a n d pasting i t into t h e ed itor.
O utcomes:
A n edited l ist of the configuration f i l es fou n d i n t h e user's h o m e d i recto ry.
Before you begin. . .
Pe rfo rm t h e fo l l ow i n g steps o n serverX u n l ess d i rected otherwise. Log i n as student a n d begin
i n student's home d i rectory.
D 1.
Red i rect a l o n g l i s t i n g o f a l l h o m e d i rectory files, i n c l u d i n g h i d d e n , into a f i l e n a med
gedit_la b.txt. Confirm t h a t t h e f i l e contains t h e l is t i n g .
[ s t udent@s e rv e rX - ] $ c d
[ s t u d e n t@s e rve rx - ] $ ls - al > gedit_lab . txt
[ s t u d e n t@s e rv e rX - ] $ cat gedit_lab . t xt
D 2.
Open the file with the gedit text editor. I n c l u d e the e n d i n g a m p e rsa nd so that the s h e l l
prompt c a n ret u r n w h i l e gedit is r u n n i n g .
[ s t udent@s e r v e r X - ] $ gedit gedit_lab . txt &
D 3.
I nsert the date at t h e top of yo u r f i l e d o c u ment.
D 3.1 .
I n t h e s h e l l c o m m a n d window, d i s p lay today's date w i t h day o f t h e week, month,
date, a n d yea r.
[ s t u d e n t@s e r v e r x - ] $ date +roA" ,
F r iday, F e b r u ary 21, 2014
D 3.2.
"%Y
Sel ect t h e text u s i n g t h e mouse.
t st udent@des k t o p l -] $
[ st udent@desktopl -] $ date +%A " ,
dli
i €JM@·lii@iiW.iWA;Jll
[ st udent@des k t o p l -] $
D 4.
"%B" "%d " ,
"%8 "
"%d " ,
"%Y
I
D 3.3.
I n sert t h e text at t h e top of t h e f i l e d o c u m e nt. Switch to t h e gedit w i n d ow. U s i n g
a rrow keys, p l ace t h e c u rsor at t h e u p p e r- l eft c o r n e r o f t h e docum ent. P ress t h e
m i d d l e m o use button to paste t h e text.
D 3.4.
Press En t e r one o r m o re times at t h e end of the inserted text to open b l a n k l i nes
a bove the f i l e l is t i n g .
I nsert a d e s c r i p t i o n for t h i s d o c u ment, i n c l u d i n g y o u r u s e r n a m e a n d h ost n a me, o n l i n e 2 .
D 4 .1 .
I n t h e s h e l l c o m m a n d window, c reate d e s c r i ptive text u s i n g s h e l l e x p a n s i o n
concepts to i n c l u d e t h e username a n d h ost n a me w h e re t h e f i l e l ist w a s
generated.
R H124- R H E L7 -en-1-201 40606
1 03
C h a pter 4. C reat i n g , View i n g , a n d Editi n g Text F i l e s
[ s t u d e n t@serverX - ] $ echo " $USER ' s configu ration files o n " $ ( hostname )
s t u d e n t ' s c o nfig u r a t io n files on s e r v e r X . e x ample . com
D
4.2. S e lect t h e text u s i n g the m ou se.
- [ student@desktopl -] $
- [ student@deskt o p l -] $ e c h o "$USER ' s c o n figu ration files o n " $ ( hostname)
m•m••·'"''·'''''·r"'4*·'·'·msm•1111r1.11w•
11.1
[ student@desktopl - ] $
D
4.3. I n sert t h e text on t h e second l i n e o f t h e f i l e d o c u ment. Switch t o t h e gedit
w i n d ow. U s i n g t h e a rrow keys, p l a ce the c u rs o r a t the second l i n e's leftmost
c h a racter. Press t h e m i d d l e m o u se b utton to paste the text.
D
D
D
5.
6.
4.4. Press Ent e r o r Delet e , a s n ecessa ry, to m a i n t a i n b l a n k l i n es a bove the f i l e
l isting.
Remove f i l e l i nes t h at are not h i d d en confi g u ration files o r d i rectories.
D
5.1.
D
5.2. Remove t h e two l i nes rep rese n t i n g t h e current d i rectory a n d t h e p a rent d i recto ry.
D
5.3. Remove l i nes for f i l e n a mes t hat do not start w i t h a dot. Do not edit or remove
l i n es for h i d d e n f i l es or d i rectories t h a t b e g i n w i t h a dot.
Rem ove t h e " tota l " l i n e a t the b eg i n n i ng of the l i sting.
T h e final f i l e document s h o u l d b e s i m i l a r to the fo l l o w i n g i ma g e. M a n u a l ly edit the f i l e to
m a ke co rrect i o ns. T h e asterisk i n t h e d o c u m ent t a b o r w i ndow header is a rem i n d e r of
ed its u n saved. Save the fi l e and exit gedit.
*gediLlab.txt (N) - ge dit
File
J[J
Edit
View
� Open
Search
Documents
jj\ Save J EJ
v
* gediUab.txt
F riday ,
Tools
x
,
� Undo �
-
\
� fW j C'.:t �
---'
1
4 , 2�
Feb rua 1-y 2 1��
0�
1�
st udent ' s c onfigu ration fil es on d e s k t o p l . exampl e . c om
- 1-w - - - - - - - .
- rw- r- - 1-- -
s t udent s t u d e n t
.
st udent s t u d e n t
- rw- r- - 1-- - .
- rw - r - - r - - .
d rwx - - - - - -
.
d rwx 1· - x r - x .
- 1-w - - - - - - - .
- rw- - - - - - -
.
d rwx - - - - - - .
d rwx - - - - - -
.
st udent
st udent
9 st udent
15
student
student
st udent
st udent st udent
st udent st udent
st udent st udent
Plain Text v
104
Feb 21
Aug
1 9 3 Aug
231 Aug
9
9
9
4096 F e b 2 1
st udent st udent 4096 Feb 21
1 st udent st udent
1
3
2
194
18
16
Feb
1 6 : 00
20 1 3
2013
2013
1 6 : 02
16 : 1 1
1 6 0 4 : 48
1 550 Feb 2 1 1 1 6 : 02
1 8 Feb
16
28 Feb 15
04 : 48
1 3 : 47
Tab Width: 8 v
. bash_his t o ry
. bash_l o gout
. bash_p rofile
. bash re
. c ache
. c on fig
. esd a u t h
. ICEaut h o 1·i t y
. l o c al
. ssh
Ln
1 2, Col 43
INS
R H1 24-RH EL 7-e n-1-20140606
-
-
L a b : C reat i n g , V i ew i n g , a n d E d i t i n g Text F i l es
-
L a b : C reat i n g , Viewi n g , a n d Ed it i n g Text Fi l es
-
-
-
Performance checklist
I n t h i s l a b, you w i l l e d i t a f i l e u s i n g V i m ' s v i s u a l mode to s i m p l ify re petitive edits.
Outcomes:
-
-
-
Fa m i l i a rity with the u t i l ities and tec h n iq u e s req u i re d to p e rform fi l e e d i t i n g . The f i n a l ed ited f i l e
w i l l be a l i st o f s e l ected f i l e s a n d ta b u l a r data.
Before you begin. . .
Perfo r m t h e fo l l o w i n g s teps o n s er verX u n l ess d i rected otherwise. Log i n a s s t u d e n t a nd beg i n
i n t h e st u d e n t ' s h o m e d i rectory.
1.
Red i rect a l o n g l is t i n g o f a l l c o n t e n t i n s t u d e n t ' s h o m e d i recto ry, i n c l u d i n g h i d d e n d i rectories
and f i l es, i nto a file named editing_final_lab . txt. Yo u r home d i rectory f i l es may
not exact l y match t hose shown in t h e exa m p l e g ra p h ics. Theis lab ed its a r b i t ra ry l i nes a n d
co l u m n s . T h e i m portant outco m e i s to practice t h e v i s u a l s e l e c t i o n p rocess.
2.
Edit the f i l e u s i n g Vim, to take a d va nt a g e of visual mode.
3.
Remove t h e fi rst t h ree l i nes, since those l i n e s a re not n o r m a l file n a mes. Enter l i ne-based
v i s u a l mode w i t h upper case V.
4.
R e m ove t h e p e r m ission co l u m n s for group and world o n t h e fi rst l i n e. In this step, enter
v i s u a l m o d e w i t h l ower case v, which a l l ows s e l e c t i n g c h a racters o n a s i n g l e l i ne o n l y.
5.
Remove t h e p e r m i ssion co l u m n s for g r o u p and world o n t h e re m a i n i n g l i nes. This step w i l l
u s e a m o re effi c i e n t b l o c k s e l e c t i o n v i s u a l m o d e t o avoid h a v i n g t o repeat t h e s i n g l e l i n e e d it
m u lt i p l e t i mes. T h i s t i me, enter v i s u a l m o d e with t h e control s e q u e n ce Ct r l - v, w h i c h a l l ows
s e l e c t i n g a b l o c k of c h a racters o n m u l t i p l e l i nes.
6.
Remove the group owner co l u m n , l e a v i n g o n l y one " st u d e n t " co l u m n o n a l l l i n es. Use t h e
s a m e b l o c k s e l ection tec h n i q u e a s t h e l a st step.
7.
R e m ove t h e t i m e co l u m n , but l eave t h e m o n t h a n d day o n a l l l i n es. A g a i n , use t h e b l ock
s e l ec t i o n v i s u a l mode.
8.
Remove the D e s k t o p and Pu blic rows. T h i s t i m e, enter v i s u a l m o d e with u p pe r case V,
w h i c h a utomatica l l y s e l ects fu l l l i nes.
9.
Save a n d exit. M a ke a backup, u s i n g t h e date ( i n seconds) to create a u n i q u e f i l e n a me.
-
-
-
-
-
-
-
-
10. M a i l the f i l e contents as the m essage, not an att a c h m e nt, to the user student.
-
-
11.
Append a d a s h e d line to t h e file to reco g n ize t h e beg i n n i n g of newe r content.
12.
Append a fu l l p rocess l i s t i n g , but only for p rocesses owned by t h e c u rrent u s e r s t ude nt a n d
r u n n i n g o n t h e c u rre n t l y u s e d termi n a l . V i e w t h e p rocess l i st i n g a n d s e n d t h e l i s t i n g to t h e
f i l e w i t h o n e co m m a n d l i ne.
-
-
-
R H1 24- R H E L 7-en-1 -20140606
105
-
-
C h a pter 4. Crea t i n g , V i e w i n g , a n d E d it i n g Text F i l es
-
13.
Conf i r m t h a t t h e p rocess l i sti n g i s a t t h e b o t t o m of t h e l a b f i l e.
-
-
-
-
-
-
-
-
,_,
-
-
-
106
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
Sol ution
-
Solution
-
I n t h i s l a b, you wi l l e d i t a f i l e u s i n g V i m ' s vis u a l m o d e to s i m p l ify re petitive edits.
-
-
Outcomes:
Fa m i l i a rity with t h e u t i l i ti es and tec h n iques req u i red to p e rform file e d i t i n g . The f i n a l e d ited f i l e
w i l l b e a l ist o f sel ected f i l es a n d ta b u l a r data.
Before you begin ...
-
-
Pe rfo r m t h e fo l l o w i n g steps o n s e rverX u n l ess d i rected o t h e r w ise. Log i n a s s t u d e n t and b e g i n
i n t h e student's h o m e d i recto ry.
1.
-
Red i rect a l o n g l ist i n g o f a l l content i n s t u d e n t ' s h o m e d i rectory, i n c l u d i ng h i d d e n d i rectories
and f i l es, i nto a f i l e n a m e d editing_final_lab . txt. Yo u r home d i rectory f i l es may
not exact l y match t h ose shown i n t h e exa m p l e g ra p h ics. Theis lab edits a r b it ra ry l i nes a n d
c o l u m ns. T h e i m portant outcome is to practice t h e v i s u a l s e l e c t i o n p rocess.
[student@serverx
[ student@serverX
...
2.
-
I [student@serverX
Edit t h e f i l e u s i n g V i m , to take a d vantage of visual mode.
I
-
3.
-
4.
-
- ] $ vim editing_final_lab . t xt
Remove t h e fi rst t h ree l i nes, since those l i nes a re n ot n o r m a l f i l e n a m es. E nt e r l i n e-based
v i s u a l mode with u p p e r case v .
U s e t h e a rrow keys to position t h e c u rsor at t h e fi rst c h a ra cter i n t h e fi rst row. E n t e r l i n e ­
based v i s u a l m o d e w i t h v . M ove down u s i n g t h e d o w n a rrow k e y t w i c e to s e l ect t h e fi rst
t h ree rows. D e l ete the rows w i t h x.
-
-
- ] $ cd
- ] $ ls - al > editing_final_lab . tx t
Remove t h e p e r m i s s i o n co l u m n s for g ro u p a n d w o r l d on the fi rst l i ne. In t h i s step, enter
visual mode w i t h lo wer case v, w h i c h a l l ows s e l e ct i n g c h a racters o n a s i n g l e line o n l y.
U s e t h e a rrow keys to posit i o n t h e c u rsor at t h e f i rst c h a ra cte r. Enter v i s u a l m o d e w ith v.
Use the a r row keys to pos i t i o n the c u rsor a t the l ast c h a ra cte r, a s shown in the screens hot.
D e l ete t h e s e l e c t i o n with x.
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1-20140606
1 07
-
-
C h a pter 4. C reat i n g , V i ew i n g , a n d E d i t i n g Text F i l es
student@deskt o p l : "'
File
Edit
View
1 - rw- - - - - - -I 1
1
i - rw - r - - r - - . 1
1 - rw- r - - r - - . 1
' d rwx - - - - - - . 12
, d rwx r - x r - x . 1 8
'
d rwx r - x r - x .
2
' - rw - r - - r - - .
d rwx r - x r - x .
d rwx r - x r - x .
d rwx r - x r - x .
d rwx r - x r - x .
d Nx r - x r - x .
d Nx - - - - - - .
d rwx r - x r - x .
d Nx r - x r - x .
- N- - - - - - - .
Search
Terminal
7691 M a r 5 1 0 : 56
18 J a n 29 05 : 45
193 Jan 29 05 : 45
2 3 1 J an 2 9 05 : 45
4096 Feb 22 1 3 : 23
4 0 9 6 F e b 2 1 1 1 : 33
6 Feb 2 1 20 : 06
4096 Feb 23 1 7 : 46
6 Feb 16 11 : 29
4096 F e b 23 14 : 136
6 F e b 23 1 6 : 23
6 F e b 1 6 1 1 : 29
24 Feb 22 1 5 : 33
6 Feb 16 1 1 : 29
4 <l 9 6 F e b 23 1 6 : 35
1026 F e b 2 1 2 1 : 14
s t u d e n t st u d e n t
s t udent s t u d e n t
s t udent
student
s t udent s t u d e n t
s t udent s t udent
s t udent s t udent
s t udent s t u d e n t
2 s t u d e n t s t udent
2
2
2
2
2
2
2
1
s t udent s t udent
s t udent s t ud e n t
s t udent
student
st udent st udent
s t udent s t u d e n t
s t udent s t u d e n t
s t udent s t u d e n t
st udent st udent
. bash h i s t o ry
. b ash l o gout
. b a s h p ro f i l e
. b ashrc
-
. c ac h e
. c on f i g
Desktop
Documents
Downl oads
Music
P i c t u re s
i
Publ ic
. s sh
l
Templ a t e s
I
""_J
Videos
. viminfo
[.
!_
!�-
5.
-
Help
VISUAL --
Remove the p e r m i s s i o n c o l u m n s for g ro u p and w o r l d o n the rema i n i n g l i nes. T h i s step w i l l
u s e a m o re effici e nt b l o c k s e l ection v i s u a l m o d e t o avoid h a v i n g t o repeat t h e s i n g l e l i n e e d i t
m u l t i p l e t i mes. T h i s t i me, enter v i s u a l mode w i t h t h e c o n t r o l s e q u e n ce Ct r l - v, w h i c h a l lows
s e l e c t i n g a block of c h a racters o n m u l t i p l e l i nes.
U s e t h e a rrow keys to position the c u rsor at t h e fi rst c h a racter. Enter v i s u a l mode w i t h the
control s e q u e nce Ct rl - v. U s e the a r row keys to p os i t i o n the c u rsor at t h e last c h a racter of
t h e co l u m n o n t h e l a st l i ne, a s s h o w n i n t h e scree n s hot. D e l ete t h e s e l ection w i t h x.
student@deskt o p l : N
i
File
, - rw -
Edit
View
Search
1 s t u d e n t s t udent
7691
Help
Ma r
- rw - r - - r - - .
1
- rw - r,- - r - - .
1 s t udent s t udent
- N - r - - r- - .
d rwx - - - - - - .
d Nx r - x r - x .
d rwx r - x r - x .
d rwx r � x i" - x .
d rwx r - x r - x .
, d rwx r - x r - x .
d Nx r - x r - x .
d rwx r- x r - x .
' d Nx - - - - - - .
' d ""x r - x r - x _
i d rwx r - x r - x .
l - ""- " - - - - -1
!·
1
s t udent s t udent
s t udent s t u d e n t
12 s t u d e n t s t u d e n t
18
2
s t ud e n t s t u d e n t
s t udent s t u d e n t
2 s t ud e n t s t u d e n t
2
2
2
2
s t udent s t u de n t
s t udent s t u d e n t
s t udent s t udent
s t ud e n t s t udent
2 s t udent s t udent
2
s t udent s t udent
5 lll : 56
18
193
231
4096
4096
6
4096
6
4096
6
6
24
6
4096
Jan
. bash
29 05 : 45
65 : 45
29 135 : 45
Jan 29
Jan
Feb 22 1 3 : 23
11 : 3 3
2 1 213 : 136
23 1 7 : 46
1 6 1 1 : 29
2 3 1 4 : 66
Feb 2 1
Feb
F eb
Feb
Feb
Feb
Feb
Feb
16 1 1 : 29
22 1 5 : 33
1 6 1 1 : 29
23 1 6 : 35
21 2 1 : 1 4
-
-
-
-
-
-
h i s t o ry
. b a s h l ogout
. b a s h p ro f i l e
-
. ba s hrc
. cache
. c on fi g
-
Desktop
Doc u m e n t s
Downl o a d s
M u sic
Feb 23 1 6 : 2 3 P i c t u res
2 s t udent s t udent
Feb
1 st udent s t udent 1 0 2 0 Feb
- - VISUAL BLOCK - -
6.
Terminal
-
-
Publ i c
. ssh
Templ a t es
Videos
. viminfo
-
16, ll
All
-
Remove t h e group owner col u m n , l e a v i n g o n l y o n e "st u d e n t " co l u m n on a l l l i n es . U s e t h e
s a m e b l o c k selection tec h n i q u e a s t h e l a st step.
-
Use t h e a r row keys to p o s i t i o n t h e c u rsor at t h e f i rst c h a ra cter o f t h e g ro u p o w n e r co l u m n .
E nter v i s u a l mode w i t h C t r l - v. U s e t h e a r row keys to p o s i t i o n t h e c u rsor at t h e l a st
c h a racter a n d row of t h e g ro u p o w n e r co l u m n , a s shown i n t h e scre e n s h ot. D e l ete t h e
s e l e c t ion w i t h x.
-
-
-
108
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Solution
stu dent@deskt o p l : •
'
-
File
i � ��
1 - rwl - rw-
-
View
Search
s t ud e n t
Terminal
s t udent
1 s t u de n t st udent
1 s t udent s t uden t
H elp
7691 Ma r
5 1 G : 56
1 8 Jan 2 9 05 : 4 5
1 9 3 J an 2 9 05 : 45
1 s t udent st udent
2 3 1 J a n 29 05 : 4 5
. bash_h i s t o ry
. b ash_l o g o u t
. ba s h p ro f il e
. b ash rc
' d rwx
12 s t udent s t udent 4<l96 F eb 22
1 3 : 23
. c ac h e
d rwx
1 8 s t u d en t
1 1 : 33
. c on f i g
d rwx
d rwx
-
Edit
4096 Feb 2 1
2
s t udent s t u d e n t
6 F e b 2 1 2 0 : 0 6 D e s k t op
4096 Feb 23
d rwx
2 s t udent s t udent
d rwx
2 s t udent student 4096 Feb 2 3
: d rwx
d rwx
-
st udent
2 s t u d e n t st udent
2
6 Feb 1 6
6 Feb
2 s t udent s t udent
2 s t udent s t udent
d rwx
2 s t udent s t udent
d rwx
2
- rw -
1
s t ud e n t st udent
s t u de n t st udenll
1 1 : 29 Downl o a d s
1 4 : 06 M u s i c
6 F e b 2 3 1 6 : 2 3 Pic t u res
s t udent st udent
d rwx
1 7 : 46 Doc ument s
16
1 1 : 29 Publ i c
24 Feb 2 2 1 5 : 3 3
. s sh
16 1 1 : 29 T e m pl a t e s
6 F eb
4 <l 9 6 F e b 2 3 1 6 : 35 Videos
1 02 0 F e b 21
21 : 14
. v i m i n fo
i
I
-
-
7.
-
I
. . V I S U A L BLOCK - -
1 6 , 23
Remove t h e t i m e co l u m n , b u t l eave t h e m o n t h a n d d a y on a l l l i n es. A g a i n , use t h e b l ock
s e l e c t i o n vis u a l mode.
U s e t h e a r row keys to posit i o n t h e c u rs o r at t h e f i rst c h a racter. E nter v i s u a l m o d e with
C t r l - v. Use t h e a r row keys to posit i o n the c u rsor a t t h e l a st c h a racter and row of t h e t i m e
co l u m n , a s s h o w n i n t h e scre e n s h ot. D e l ete t h e s e l e c t i o n w i t h x .
-
student@desktop l : •
:
File
j - rw -
-
-
-
Edit
View
1 s t udent
Search
7691
Terminal
Ma r
5
Help
10,: 56
18
J a n 2 9 05 ! 4 5
12 s t udent
4096
Feb 2 2 1 3 : 23
d rwx
18 s t udent
d rwx
2 student
4096 F e b 2 1
d rwx
2 s t udent
� - rw : - rw -
1 s t udent
- rw -
1 s t udent
d rwx
1 s t udent
1 9 3 J an 2 9 05 �45
2 3 1 J an 2 9 05 : 45
il : 3 3
. b ash h i s t o ry
. b a s h -l o g o u t
. bash
:Ji r o f i l e
. ba s h rc
. c a c he
. c on f i g
6 Feb 2 1 20 : 06 D e sk t op
4096 Feb 2 3 1 7 : 46 D o c ument s
6 Feb
16
d rwx
2 st udent
' d rwx
2 s t udent
' d rwx
2 s t udent
6 Feb 23
' d rwx
2 s t udent
6 F eb
:
1 1 2 9 Downl oads
4096 F e b 23 14 :06 Music
16
!6 ;23
Pi c t u res
i l.: 2 9 Publ i c
22 1s;j3
11 : 2 9
d rwx
2
d rwx
2 st udent
' d rwx
2 s t udent
4096 F e b 2 3 16 : 35 V i de o s
1 s t udent
1 0 20 F e b 2 1 21 : 1
-
- rw -
24 Feb
s t udent
6 Feb 1 6
m
. ssh
T e mpl a t es
. v imin fo
1-
i
, ,
I
-
V I SUAL BLOCK - -
-
8.
1 6 , 3 4____A l l
_
I
_,
R e m ove t h e D e s k t o p a n d P u b lic rows. T h i s t i me, enter v i s u a l m o d e w i t h u p p e r case V,
w h i c h a utomatica l l y se lects f u l l l i nes.
U s e the a r row keys to pos i t i o n the c u rs o r a t a ny c h a racter on the Desktop row. E nter v i s u a l
m o d e w i t h u pp e r c a s e v . T h e f u l l l i ne i s s e l ected, a s s h o w n i n t h e screen s h ot. D e l ete t h e
s e l e c t i o n w i t h x. Repeat f o r t h e Pu blic row.
-
-
-
-
-
R H 1 24- R H E L 7 -en -1 -20140606
109
-
-
C h a pter 4. C reat i n g , Viewi n g , a n d Editi n g Text F i l es
student@deskto p l : •
File
- rw -
1
! - rw 1
- rw 1
- rw 1
' d rwx 12
d
18
rwx
d rwx
d rwx
d rwx
! d rwx
ict rwx
i d rwx
1
d rwx
' d rwx
' d rwx
- rw-
View
Edit
Search
st udent
193 J a n 29
231 Jan 2 9
4096 Feb 2 2
4096 Feb 2 1
st udent
s t udent
s t udent
s t udent
6 Feb
4096 F e b
6 Feb
4096 Feb
6 Feb
6 Feb
24 Feb
6 Feb
4096 Feb
2 s t udent
2 s t udent
2 st udent
2 s t udent
2
2
2
2
2
Terminal
7 6 9 1 Ma r 5
1 8 J a n 29
s t udent
s t udent
s t udent
st udent
s t udent
s t udent
1 s t udent
21
23
H elp
b as h _ h ist o ry
. bash_l ogout
.
bash _p r o f il e
. bash re
. c ac h e
1
Doc u m e n t s
Downl oads
23
23
16
22
16
Music
1 020 F e b 21
-
. c on f i g
iies k t op
16
23
-
.
I
I
P i c t u res
Publ ic
l
. s sh
Templ a t e s
Videos
. viminfo
7,31
- - VISUAL LINE - -
9.
1 0.
_____
�-
I
-.
-
-
All
!
-�
-
Save a n d exit. M a ke a backup, u s i n g t h e date ( i n seco n d s) to c reate a u n i q u e f i l e n a m e.
[student@serverx -]$
cp editing_final_lab . txt editing_final_lab_$ ( date +%s ) . t xt
M a i l t h e f i l e contents a s t h e messa g e, n ot a n atta c h m e nt, to t h e u s e r s t u d e nt.
[student@serverx -]$
-
-
c a t editing_final_lab . tx t I mail - s " lab file " s t udent
-
11.
A p p e n d a d a s h e d l i n e to t h e f i l e to recog n ize t h e b eg i n n i n g o f n e w e r conte nt.
[student@serverX -]$
ec h o " - - - - - - - - - - - - - - - - editing_final_lab . txt
12.
-------
- -
-
----- --------"
>>
A p p e n d a f u l l process l is t i n g , but o n l y for p rocesses owned by t h e c u rrent user s t ude nt a n d
r u n n i n g o n t h e c u r re n t l y used ter m i n a l . V i e w t h e p rocess l i s t i n g a n d s e n d t h e l is t i n g t o t h e
f i l e w i t h o n e com m a n d l i n e.
[student@serverx -]$
-
-
-
ps - f I tee - a editing_final_lab . tx t
-
13.
Conf i r m t h a t t h e p rocess l i st i n g i s at t h e bott o m of t h e lab fi le.
[student@serverx
- rw- 1 student
- rw- 1 student
- rw- 1 student
- rw- 1 student
drwx 12 student
drwx 18 student
drwx 2 student
drwx 2 student
drwx 2 student
drwx 2 student
drwx 2 student
drwx 2 student
drwx 2 student
-]$ cat editing_final_lab . tx t
7691 Mar 5 . bash_history
18 Jan 29 . bash_logout
193 Jan 29 . bash_profile
231 Jan 29 . bashrc
4096 Feb 22 . cache
4096 Feb 21 . config
4096 Feb 23 Documents
6 Feb 16 Downloads
4096 Feb 23 Music
6 Feb 23 Pictures
24 Feb 22 . ssh
6 Feb 16 Templates
4096 Feb 23 Videos
-
-
-
-
-
110
R H 1 24- R H E L 7 - e n -1-20140606
-
-
-
S o l ut i o n
-
-·
-
rw 1 student 1020 Feb 21 . viminfo
-
UID
PID PPID C
student 2005 2001 0
student 26923 2005 0
student 26924 2005 0
STIME
16 : 01
19 : 14
19 : 14
TTY
pts/0
pts/0
pts/0
TIME
00 : 00 : 00
00 : 00 : 00
00 : 00 : 00
CMD
/bin/bash
ps -f
tee -a editing_final_lab . txt
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L7-en-1-20140606
111
-
-
C h a pter 4. Creat i n g , View i n g , a n d Ed i t i n g Text F i l es
-
S u m m a ry
-
Red i rect i n g O u t p u t to a F i l e o r Prog ra m
Desc r i b i n g h o w prog ra m o u t p u t is d is p l ayed, contro l l e d , a n d saved effect ive l y.
-
Edit i n g Text F i l es from t h e S h e l l Prompt
Edit f i l es u s i n g V i m , a text-based a d m i n istrator's e d i t i n g p rogra m .
-
Edit i n g Text F i l es w i t h a G ra p h i c a l Editor
U s i n g a n editor i n a g ra p h i c a l desktop e n v i ro n m e n t to c h a n g e file content and m ove
text between w i n d ows a n d fi l es.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
112
R H1 24- R H EL 7-en-1-20140606
-
-
®
red h at®
TRAINING
C H A PT E R 5
MANAGING LOCAL LI N UX
USERS AND G R OU PS
Overview
Goal
To m a n a g e l o c a l L i n u x users and g r o u p s a n d a d m i ni ster l o c a l
pas sword p o l ic ies.
Objectives
•
E x p l a i n t h e role of u sers a n d groups on a L i n u x system a n d
how t h e y a re u n derstood b y t h e c o m p uter.
•
R u n c o m m a n d s as the s u peruser to a d m i n ister a L i n u x
system.
•
C reate, m o d ify, lock, and d e l ete l o c a l l y defined user
a ccounts.
•
•
Create, m o di fy, a n d d e l ete loca l l y defined g r o u p accounts.
Lock a c co u nt s m a n u a l l y o r by sett i n g a password - a g i n g
policy i n t h e s hadow password f i l e .
Sections
Lab
R H124- R H E L7-en-1-20140606
•
U sers a n d Groups (and P ractice)
•
G a i n i n g S u peruser Access (and Practice)
•
M a n a g i n g Local U se r Accounts (and P ractice)
•
M a n a g i n g Local Group Accounts (a n d Practice)
•
M a n a g i n g U se r Passwords (and Pract ice)
•
M a n a g i n g L o c a l L i n u x U sers a n d Groups
113
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups
U s e rs a n d G ro u ps
-
Objectives
After com p l et i n g t h i s sect i o n , stu d e n t s s h o u l d be a b l e to e x p l a i n t h e ro l e of u sers a n d g ro u p s o n
a L i n u x syst e m a n d h o w t h e y a re u n d e rstood by t h e computer.
-.
What is a user?
Eve ry p rocess ( r u n n i n g prog ra m ) o n the syste m r u n s as a p a r t i c u l a r u s e r. Eve ry fi l e i s owned by
a partic u l a r u s e r. Access to f i l es and d i rectories a re restricted by u s e r. The u s e r associated with a
r u n n i n g p rocess d ete r m i n es t h e f i l e s a n d d i rectories a ccess i b l e to t hat p rocess.
The id co m m a n d is used to show i n f o r m a t i o n about the cu rrent l o g g e d - i n u s e r. Basic i nformat i o n
a bout a n o t h e r u s e r c a n a l so be req u ested b y p a s s i n g i n t h e u s e r n a m e of t h a t u s e r a s t h e fi rst
a rg u ment to t h e id c o m m a n d .
[ student@desktopX - ] $ id
uid=1000( student) gid=1000( student ) groups=1000( student ) , 10{wheel )
context=unconfined_u : unconfined_r : unconfined_t : s0-s0 : c0 . c1023
To v i ew the u s e r associated with a f i l e o r d i rectory, use the ls
s hows t h e u s e r n a m e :
�� d ent@serverX - ] $ ls
I ���x- - - - - - . 2 gdm gdm
1
I
drwx- - - - - - . 2
- rw- r - - r - - . 1
L___
-1
co m m a n d . The t h i rd co l u m n
/tmp
[ student@serverx - ] $ ps au
USER
PIO %CPU %MEM vsz
root
428 0 . 0 0 . 7 152768
root
511 0 . 0 0 . 0 110012
root
1805 0 . 0 0 . 1 116040
root
2109 0 . 0 0 . 1 178468
s t udent
2110 0 . 0 0 . 1 116168
s t udent
3690 0 . 0 0 . 0 123368
-
-
-
-
RSS
14400
812
2580
2200
2864
1300
TTY
tty1
ttyS0
pts/0
pts/0
pts/0
pts/0
STAT
Ss+
Ss+
Ss
START
Feb03
Feb03
Feb03
s
Feb03
s
Feb03
R+ 11 : 42
TIME
0 : 04
0 : 00
0 : 00
0 : 00
0 : 00
0 : 00
COMMAND
/usr/bin/Xorg
/sbin/agetty
- bash
- student
- bash
ps au
-
-
-
SU
The o u t p u t of the previ o us com m a n d s d i s p lays u s e rs by n a m e, but i n t e r n a l l y the o p e ra t i n g
system t ra c ks u s e rs by a UID number. T h e m a p p i n g of n a m es to n u m b e rs is d e f i n e d i n data bases
of acco u n t i nfo r m a t i o n . By defa u lt, syste m s u s e a s i m p l e "flat f i l e," t h e / e t c / pas swd file, to
sto re info r m a t i o n a bo u t loca l use rs. T h e format of / e t c / pas swd fo l l ows (seve n c o l o n-se p a rated
fie l d s):
C» username : Et password : E) u1o : C» G1o : C» GECOS : C> 1home/dir : C» shell
114
-
-
To view process i n fo r m a t i o n , use t h e ps com m a n d . T h e defa u l t is to s h ow o n l y p rocesses i n t h e
c u rrent s h e l l . A d d t h e a option t o view a l l processes with a te r m i n a l . To v i ew t h e u s e r a ssociated
with a process, i n c l u d e the u opt i o n . T h e f i rst co l u m n s hows the u s e r n a m e :
C»
-
-
4096 Jan 24 13 : 05 orbit-gdm
student 4096 Jan 25 20 : 40 orbit - student
root 23574 Jan 24 13 : 05 postconf
-1
s t udent
root
-
-
-
-
-
username i s a m a p p i n g of a U I D to a n a m e for t h e b e n efit of h u m a n u s e rs .
-
R H 1 24- R H E L7 - e n -1-20140606
-
-
-
-
W h a t is a g r o u p?
-
0
0
0
0
O
-
-
0
-
password is w h e re, h i storica l l y, passwords were kept i n a n e n c rypted format. Tod a y, t h ey a re
stored i n a sepa rate f i l e ca l l e d / e t c / s hadow.
UID is a u s e r I D, a n u m b e r t h a t identifies t h e u s e r a t t h e most f u n d a m e nta l leve l .
GID i s t h e u s e r ' s p r i m a ry g ro u p I D n u m b e r. Groups w i l l b e discussed i n a m o m e nt.
GECOS f i e l d i s a rb i t ra ry text, w h i c h u s u a l l y i n c l u d e s the user's rea l n a m e.
/homeldir is t h e l o c a t i o n of t h e user's p e rso n a l data a n d confi g u ration f i l e s .
shell is a prog ra m t h a t r u n s a s t h e user l o g s i n . Fo r a reg u l a r u s e r, t h is is n o r m a l l y t h e
prog ra m that p rovides t h e u s e r ' s com m a n d l i n e prom pt.
What is a group?
-
L i ke use rs, g ro u ps h a ve a n a m e a n d a n u m be r (G I D). Loca l g r o u ps a re defined in / e t c / g roup.
P ri m a ry g ro u ps
-
•
-
•
-
•
•
-
Every u s e r has exac t l y o n e primary group.
Fo r l oca l u s e rs, t h e p r i m a ry g ro u p is defi n e d by t h e G I D n u m be r of t h e g ro u p l isted i n t h e t h i rd
f i e l d of / e t c / pas swd.
N o r m a l l y, the p r i m a ry g ro u p owns new f i l es c reated by the u s e r.
N o r m a l l y, t h e p r i m a ry g ro u p of a newly created u s e r is a n e w l y c reated g ro u p w i t h t h e s a m e
n a m e a s t h e user. T h e u s e r i s t h e o n l y m e m b e r o f t h i s User Private Group ( U PG).
S u p p l e m enta ry g ro u p s
-
•
•
-
I
•
-
-
The u s e rs t h a t a re s u p p l em e n t a ry m e m b e rs of l o ca l g ro u p s a re l isted i n t h e l a st f i e l d of t h e
g ro u p ' s e n t ry i n / e t c / g roup. Fo r l o ca l g ro u ps, u s e r m e m be r s h i p is dete r m i n e d by a com m a ­
separated l i st of u s e rs fou n d i n t h e l a st f i e l d of t h e g ro u p ' s e ntry i n / e t c / g r o u p :
;
-
-
U sers m a y b e a m e m b e r o f z e ro o r more supplementary groups.
R
groupname : password : GID : list, of, users, in, this, group
S u p p l e m entary g ro u p m e m b e r s h i p is used to h e l p e n s u re t h a t u s e rs have access p e r m i s s i o n s
to f i l es a n d ot h e r resou rces o n t h e syste m .
References
id(1 ) , passwd ( 5 ) , a n d g ro u p ( 5 ) m a n pages
info libc (GNU C Library Reference Manual)
Section 29: U sers a n d g ro u p s
•
-
( N ote t h at t h e glibc-devel p a c k a g e m ust b e i n sta l l e d for t h is i nfo node to b e a va i l a b le.)
-
-
-
-
-
R H1 24- R H E L7-e n-1-20140606
115
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U se rs a n d Groups
P ra ct i ce: U s e r a n d G ro u p C o n c e pts
Quiz
-
-
M at c h t h e items below to t h e i r cou nterpa rts i n t h e ta b l e.
I
/etc/group
I
h o m e d i rectory
/ e t c / p a s swd
l og i n s h e l l
I��
-
p r i m a ry g ro u p
Description
Keyword
A n u m be r t h a t i d e nt i f i es t h e u s e r at t h e
m ost f u n d a m e nta l l eve l
-
-
T h e p rog ra m t h a t p rov i d e s t h e u s e r ' s
co m m a n d l i n e p ro m pt
Loca t i o n of l o ca l g ro u p i n fo r m a t i o n
-
Locat i o n of t h e u s e r ' s p e r so n a l f i l e s
-
A n u m be r t h a t i d e n t i f i es t h e g ro u p a t t h e
m ost f u n d a m e n t a l l ev e l
-
-
Locat i o n of l oca l u s e r acco u nt i nfo r m at i o n
-
T h e fo u rt h f i e l d of / e t c / p a s swd
-
-
-
116
R H124- R H E L 7 - e n -1-20140606
-
-
-
-
S o l ut i o n
-
Solution
-
-
-
-
-
Match t h e items b e l ow to t h e i r cou nterpa rts i n t h e ta b l e.
Desc r i p t i o n
Keywo rd
A n u m be r t h a t i d e n t ifies t h e u s e r a t t h e
most f u n d a m e nta l l eve l
UID
T h e p ro g ra m t h a t p rov i d es t h e u s e r ' s
co m m a n d l i n e p ro m pt
login shell
Loca t i o n of l oca l g ro u p i nfo r m a t i o n
/et c/group
Loca t i o n of t h e u s e r ' s p e rs o n a l f i l es
h o m e d i re c t o ry
A n u m b e r t h a t i d e nt i f ies t h e g ro u p a t t h e
most f u n d a m e nta l l eve l
GID
Loca t i o n of l o ca l u s e r acco u nt i nfo r m a t i o n
/ e t c / p a s swd
T h e fo u rt h fi e l d of / e t c / p a s swd
p r i m a ry g ro u p
-
-
-
-
-
-
-
-
-
-
-
-
-
R H124- R H E L7-en-1-20140606
117
-
-
C h a pte r 5. M a n a g i n g Loca l L i n u x U s e rs a n d Grou ps
-
G a i n i n g S u p e r u s e r Access
-
Objectives
After com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to r u n co m m a n d s as t h e s u p e r u s e r to
a d m i n ister a L i n u x syst e m .
The r o o t user
-
-
Most o p e ra t i n g syste m s have some sort of superuser, a u s e r t h a t has a l l power ove r t h e system .
This u s e r i n Red Hat Enterprise L i n u x i s t h e r o o t u s e r. This u s e r h a s t h e p o w e r t o ove r r i d e
n o r m a l p r i v i l e g e s o n t h e f i l e syste m , a n d i s used to m a n a g e a n d a d m i n i st e r t h e syst e m . I n
o rd e r to p e rform tasks s u c h a s i n sta l l i n g o r re m o v i n g softwa re a n d to m a n a g e syste m f i l e s a n d
d i rectories, a u s e r m u st esca l ate p r i v i l e g e s to t h e r o o t user.
M ost devices ca n o n l y be control l e d by root, b u t t h e re a re a few except i o n s . Fo r i n st a n ce,
re mova b l e devices, s u c h a s U S B devices, a re a l l owed to be contro l led by a n o r m a l u s e r. Thus, a
n o n - root u s e r is a l l owed to add a n d re m ove f i l e s a n d otherwise m a n a g e a remova b l e device, but
only root i s a l l owed to m a n a g e "fixe d " h a rd d rives by defa u lt.
This u n l i m ited pr i vi lege, however, comes w i t h res p o n s i b i l ity. root has u n l i m ited power to
d a m a g e the system: re m ove f i l es and d i rectories, re m ove user accounts, add backdoors, etc.
I f the root account i s com p romised, s o m e o n e e l se w o u l d have a d m i n i st ra t i ve control of t h e
system. T h r o u g h o u t t h i s cou rse, a d m i n i strators w i l l be e n c o u ra g e d to l o g i n a s a n o r m a l u s e r a n d
esca l ate p r ivi l eg e s to r o o t o n l y w h e n n e e d e d .
The ro o t a c c o u n t o n L i n u x is roug h l y e q u i va l e nt to t h e l o c a l A d m i n istrator account o n W i n d ows.
In L i n u x, most system a d m i n istrators l o g into an u n p ri v i leged user acco u n t and use va r i o u s too l s
t o t e m p o ra r i l y g a i n root privi l eges.
-
-
-
-
-
-
-
Warning
O n e c o m m o n p ractice o n W i ndows i n t h e past is for t h e l oca l A d m i n i s t rator u s e r
to l o g i n d i rect l y t o perform syst e m a d m i n i st rator d u ties. H owever, o n L i n u x , it i s
reco m m e n d e d t h a t system a d m i n i s t rators should not l o g i n d i rect l y a s root. I nste a d ,
syst e m a d m i n i s t rators s h o u l d l o g i n a s a n o n - root user, a n d use ot h e r m e c h a n i s m s ( s u ,
s ud o , o r P o l i c y K i t , f o r exa m p l e) to t e m p o ra r i l y g a i n s u pe r u s e r p r i v i l eges.
B y l o g g i n g i n a s t h e a d m i n istrative u s e r, the e n t i re d e s ktop e n v i ro n m e n t u n n ecessa r i l y
r u n s w i t h a d m i n i s t ra t i ve privi l eges. I n t h a t s it u a t i o n , a ny secu rity v u l n e ra b i l ity w h i c h
wo u l d n o r m a l l y o n l y compromise t h e u s e r a cc o u nt h a s t h e pote n t i a l to c o m p ro m i s e t h e
e n t i re syst e m .
-
-
-
-
I n r e c e n t vers i o n s of M i c rosoft W i ndows, A d m i n i strator d i s a b l ed by defa u lt , a n d
featu res s u c h a s U s e r Acco u n t Control ( U A C ) a re used to l i m i t a d m i n i st rat ive p r i v i l e g e s
fo r users u n t i l a c tu a l l y needed. I n L i n u x , t h e P o l i c y K i t system is t h e n e a rest e q u iva l e n t
t o UAC.
-
-
-
118
R H124-R H E L 7-en-1-20140606
-
-
-
-
-
Switc h i n g u s e rs with su
Switching users with s u
-
The s u c o m m a n d a l l ows a u s e r to switch to a d i fferent u s e r a ccount. I f a u se r n a m e i s n ot
s pecified, t h e root a c c o u n t is i m p l ied. W h e n i nvoked a s a reg u l a r u s e r, a p rompt w i l l d i s p l a y a s k i n g
f o r t h e password of t h e a cco u nt y o u a re switc h i n g t o ; w h e n i n voked a s root, t h e re is n o n e e d t o
e n t e r t h e account pa ssword.
s u [ - ] <username>
[student@desktopX -]$
Password : redhat
[ root@desktopx -]#
-
-
-
-
su
T h e co m m a n d s u use rname sta rts a non-login shell, w h i l e t h e co m m a n d s u - username
starts a login she l l . T h e m a i n d is t i n c t i o n is su - sets u p t h e s h e l l e n v i ro n m e nt as if t h i s we re a
c l e a n l o g i n as that u s e r, w h i l e s u j u st sta rts a s h e l l as t h a t u s e r with t h e c u rrent e n v i ro n m e n t
sett i ngs.
In most cases, a d m i n istrators wa n t to r u n s u
i nfo r m a t i o n , see t h e bash(1) m a n page.
-
to get t h e user's n o r m a l sett i n g s . Fo r m o re
-
Note
The s u com m a n d i s most freq u e n t l y used to get a c o m m a n d l i n e inte rface (s h e l l
prom pt) w h i c h i s r u n n i n g a s a n ot h e r u s e r, typica l l y r oo t . H owever, with t h e - c option,
it c a n be used l i ke t h e W i n d ows u t i l ity r u nas to run a n a rbitra ry p ro g ra m a s a n ot h e r
u s e r. S e e i n f o s u f o r d eta i l s.
-
-
R unning com mands as r o o t with s u d o
-
-
-
-
-
-
-
-
Fu n d a m e nta l l y, L i n u x i m p l e m e n t s a very coa rse- g ra i n e d p e r m issions m o d e l : root ca n d o
everyt h i n g , ot h e r u s e r s c a n d o n ot h i n g (systems-related). T h e com m o n s o l u t i o n p rev i o u s l y
d iscussed is to a l l ow sta n d a rd u s e rs to t e m p o ra r i l y " b e c o m e root" u s i n g t h e su c o m m a n d . T h e
d isadvantage is t h a t w h i l e act i n g a s root, a l l t h e p r i v i l e g e s (a n d res p o n s i b i l iti es) o f root a re
g ranted. Not o n l y ca n t h e u s e r restart t h e web server, b u t t h ey can a l so re m ove t h e e n t i re / e t c
d i recto ry. Additi o n a l l y, a l l u s e r s req u i r i n g s u p e r u s e r p r i v i l e g e i n t h i s m a n n e r m u st k n ow t h e root
p a sswo rd .
T h e s u d o co m m a n d a l l ows a u s e r to be perm itted to r u n a c o m m a n d a s root, o r a s a n ot h e r u s e r,
based on sett i n g s i n t h e / e t c / s u d o e r s f i l e. U n l ike ot h e r too l s s u c h as s u , s u d o req u i res u s e rs
to enter t h e i r own password for a u t h e nt i ca t i o n , not t h e password of t h e a ccou n t t h ey a re t r y i n g
to access. This a l l ows a n a d m i n istrator t o h a n d out f i n e - g ra i n ed p e r m i s s i o n s to users to d e l egate
system a d m i n istra t i o n tas ks, without havi n g to hand o u t the root password.
Fo r exa m p l e, w h e n sudo has b e e n config u red to a l l ow the user student to r u n t h e c o m m a n d
u s e rmod a s root, student cou l d r u n t h e fo l l owi n g co m m a n d to l o c k a u s e r a cco u nt:
[student@serverX -]$ sudo use rmod - L username
[sudo] password for student : password
r=
I
I
l
O n e a d d i t i o n a l b e n efit to u s i n g s u d o is that a l l c o m m a n d s executed u s i n g sudo a re l o g g e d by
defa u l t to /va r/log / s e c u re.
-
-
-
R H1 24- R H E L 7-en-1 -20140606
119
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups
' [ student@serverX -]$ sudo t ail /var/log/sec u r e
Feb 19 15 : 23 : 36 localhost sudo : student : TTY=pts/0 ; PWD=/home/student USER=root
COMMAND=/sbin/usermod - L student
Feb 19 15 : 23 : 36 localhost usermod [16325] : lock user ' student ' password
Feb 19 15 : 23 : 47 localhost sudo : student TTY=pts/0 ; PWD=/home/student USER= root
COMMAND=/bin/tail /var/log/secure
.---���
'
-
-
In Red H a t Enterprise L i n u x 7, a l l m e m b e rs of g r o u p wheel ca n u s e sudo to r u n com m a n d s a s
a ny u s e r, i n c l u d i n g root. T h e u s e r w i l l be prom pted for t h e i r own password. T h i s is a c h a n g e
f r o m R e d Hat Enterprise L i n u x 6 a n d e a r l i e r. U s e r s w h o were m e m bers o f g ro u p wheel d i d not
get this a d m i n istrative access by defa u l t in R H E L 6 and e a r l i e r.
To e n a b l e s i m i l a r b e h a v i o r o n e a r l i e r vers i o n s of Red Hat E n t e r p rise L i n u x , use vis u d o to edit
t h e confi g u ra t i o n f i l e and u nc o m m e n t t h e line a l l ow i n g t h e g r o u p wheel to run all c o m m a nds.
[ root@desktopX -]# cat /etc/sudoers
. . . Output omitted . . .
## Allows people in group wheel to run all commands
ALL
ALL=(ALL )
%wheel
## Same thing without a password
# %wheel ALL=(ALL )
NOPASSWD : ALL
. . . Output omitted . . .
-
Warning
R H E L 6 d i d n ot g ra n t g ro u p wheel a ny s p e c i a l p r i v i l e g e s by d efa u lt. S ites w h i c h h ave
been using t h i s g ro u p m a y b e s u rp r i sed w h e n R H E L 7 automatica l l y g ra nts a l l m e m b e rs
of wheel f u l l sudo p r i v i l eges. T h i s cou l d l e a d to u n a u t h o rized users gett i n g s u p e r u s e r
access to R H E L 7 syst e m s.
-
H i storica l l y, m e m b e rs h i p i n g ro u p wheel h a s b e e n u s e d by U n ix-l i ke systems to g ra n t
o r control s u p e r u s e r a ccess.
-
M ost system a d m i n i stration a p p l i ca t i o n s with a G U I use P o l i c y K i t to p ro m pt u s e rs for
a u t h e ntication and to m a n a g e root a ccess. In Red H a t E n t e r p r ise L i n u x 7, Po l ic y K i t
may a l so p ro m pt m e m b e rs of g ro u p wheel for their own passwo rd i n order to g et
root p r i v i l eges w h e n u s i n g g r a p h ica l too l s . T h i s is s i m i l a r to t h e way i n w h i c h t h ey c a n
use s u d o to get t h o s e pr i vi l e g es a t t h e s h e l l p r o m pt . P o l i c y K i t g ra nts t h ese p r i v i l eges
based o n i t s own confi g u ra t i o n sett i ngs, s e p a rate from sudo. Adva n ce d students
may be i nterested in t h e pkexec(1) a n d polki t ( 8 ) man pages for deta i l s o n how t h i s
system works, b u t it is beyo n d t h e scope o f t h is cou rse.
-
-
-
-
120
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
R u n n i n g c o m m a nds a s root with s u d o
-
-
References
R
s u (1 ) a n d s u do(8) m a n pa ges
info libc (GNU C Library Reference Manual)
Section 29.2: T h e Persona of a Process
•
( N ote t h a t t h e glibc-devel package m ust b e i nsta l l e d for t h i s i nfo n o d e to be a va i l a b l e. )
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
121
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups
P ract i ce: R u n n i n g Co m m a n d s as root
Guide d exercise
-
I n t h i s l a b , you w i l l practice r u n n i n g c o m m a n d s a s root.
-
Outcomes
U s e t h e s u with and without l o g i n s c r i pts to switch u s e rs. U s e s u d o to run c o m m a n d s with
p r i v i l ege.
Before you begin ...
Reset yo u r se rve r X syste m .
-
D 1.
L o g i nto t h e G N O M E desktop o n s e rverX a s s t udent with a password o f s t u d e n t .
D 2.
O p e n a w i n d ow with a Bash prom pt.
S e l ect
D 3.
-
A p p l i c a t i o n s > Ut i l i t i e s > Te r m i n a l .
E x p l o re c h a ra cteristics o f t h e c u r rent s t u d e n t l o g i n e n v i ro n m e nt.
D 3.1 .
V i ew t h e u s e r a n d g r o u p i nfo r m a t i o n a n d d i s p l ay t h e c u r re n t worki n g d i rectory.
[student@serverx - ] $ id
uid=1000( student ) gid=1000( student ) groups=1000( student } , 10(wheel )
context=unconfined_u : unconfined_r : unconfined_t : s0 - s0 : c0 . c1023
[student@serverx - ] $ pwd
/home/student
-
-
D 3 . 2 . V i ew t h e va r i a b l e s w h i c h specify t h e h o m e d i rectory a n d t h e locat i o n s searched
for executa b l e files.
[student@serverx - ] $ echo $HOME
/home/student
[student@serverx - ) $ echo SPATH
/usr/local/bin : /usr/local/sbin : /usr/bin : /usr/sbin : /bin : /sbin : /home/
student/ . local/bin : /home/student/bin
D 4.
Switch to root without t h e dash and ex p l o re c h a racteristics of the n e w e n v i ro n m e nt.
D 4.1 .
-
Become t h e root u s e r at t h e s h e l l p ro m pt.
[student@serverx ] $
Password : redhat
-
su
-
D 4.2. V i ew the u s e r a n d g r o u p i nfo r m a t i o n a n d d i s p l a y the c u rrent worki n g d i recto ry.
N ote t h e i d e n t ity c h a n g e d , b u t not t h e cu rrent w o r k i n g d i recto ry.
[ root@serverX student]# id
uid=0 ( root ) gid=0 ( root ) groups=0( root )
context=unconfined_u : unconfined_r : unconfined t : s0 - s0 : c0 . c1023
[ root@serverx student]# pwd
122
-
-
-
-
R H 1 24- R H E L7-en-1-20140606
-
-
-
I /home/student
-
G u i d ed exercise
I
-
D 4.3. V i ew t h e va r i a b l es w h i c h spec ify t h e h o m e d i rectory a n d t h e l ocat i o n s sea rched
for executa b l e f i l es. Look for refe rences to the st u d e n t and root accou nts.
[ root@serverX student]# echo $HOME
/root
[ root@serverX student]# e c h o $PATH
/usr/local/bin : /usr/local/sbin : /usr/bin : /usr/sbin : /bin : /sbin : /home/
student/ . local/bin : /home/student/bin
-
-
-
D 4.4. E x i t t h e s h e l l to ret u r n to t h e s t u d e n t u s e r.
[ root@serverx student]#
exit
-
-
D 5.
Switch to root w i t h t h e dash and ex p l o re c h a ra cteristics of t h e new e n v i ro n m e nt.
D 5.1 .
-
Beco m e t h e r o o t u s e r at t h e s h e l l prom pt. Be s u re a l l t h e l o g i n s c r i pts a re a l so
executed.
j Password :
I [ student@serverX -]$
-
exit
su
redhat
D 5.2. View the user a n d g ro u p i n fo r m a t i o n a n d d i s p l ay the c u rrent w o r k i n g d i recto ry.
[ root@serverx -]# id
uid=0 ( root ) gid=0( root ) groups = 0 ( root )
context=unconfined_u : unconfined r : unconfined_t : s0 - s0 : c0 . c1023
[ root@serverx -]# pwd
/root
-
-·
D 5.3. View the varia b l es which specify t h e home d i rectory and t h e locat i o n s searched
for executa b l e f i l es. Look for refe re n ces to t h e student a n d root accou nts.
[ root@serverx -]# e c h o $HOME
/root
[ root@serverx -]# e c h o $PATH
/usr/local/sbin : /usr/local/bin : /sbin : /bin : /usr/sbin : /usr/bin : /root/bin
-
-
D 5.4. Exit the s h e l l to ret u r n to t h e s t u d e n t u s e r.
-
I
!
-
-
D 6.
[ root@serverX -]#
logout
exit
R u n seve ra l c o m m a n d s a s s t u d e n t w h i c h req u i re root a ccess.
D 6.1 . V i e w t h e l a st 5 l i nes o f the /va r /log/me ssages.
-
[student@serverX -]$ tail - 5 /var/log/messages
tail : cannot open ' /var/log/messages ' for reading : Permission denied
-
-
-
R H 1 24- R H E L7-en-1-20140606
123
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d G ro u p s
[ student@serverx -]$ s u d o
Feb 3 15 : 07 : 22 localhost
Feb 3 15 : 10 : 01 localhost
Feb 3 15 : 10 : 01 localhost
Feb 3 15 : 12 : 05 localhost
Feb 3 15 : 14 : 47 localhost
su : ( to root ) root on pts/0
systemd : Starting Session 31 of user root .
systemd : Started Session 31 of user root .
su : ( to root ) root on pts/0
su : ( to student ) root on pts/0
-
t ail - 5 /var/log/messages
-
-
D 6.2. M a ke a b a c k u p of a confi g u ration f i l e in the /etc d i rectory.
[student@serverX -]$ cp /etc/motd /etc/motdOLD
cp : cannot create regular file ' /etc/motdOLD ' : Permission denied
[student@serverx -]$ sudo c p /etc/mo t d /etc/motdOLD
-
-
D 6.3. Remove the / e t c/motdOLD f i l e t h a t was j u st c reated.
[student@serverX -]$ rm /etc/motdOLD
rm : remove write-protected regular empty file ' /etc/motdOLD ' ? y
rm : cannot remove ' /etc/motdOLD ' : Permission denied
[student@serverx -]$ s u d o rm /etc/motdOLD
-
-
D 6.4. Edit a confi g u ra t i o n f i l e in the / e t c d i recto ry.
[student@serverx -]$ echo "Welcome to clas s "
-bash : /etc/motd : Permission denied
[student@serverX -]$ s u d o v i m /etc/motd
>> /et c/motd
-
-
-
·-
-
-
-
-
-
-
124
R H 1 24- R H E L 7 - e n -1-20140606
-
-
M a n a g i n g Loca l U s e r Acco u n t s
M a n a g i n g Loca l U se r Acco u nts
-
Objectives
Afte r c o m p l e t i n g t h i s sect i o n , s t u d e n t s s h o u l d be a b l e to c reate, m o d i fy, lock, a n d d e l ete l oca l l y
defined u s e r accou nts.
Managing local users
-
-
A n u m be r of com m a n d - l i n e too l s c a n be used to m a n a g e l o c a l u s e r accou nts.
u s e r ad d c reates u s e rs
•
•
-
•
u s e r ad d username sets reaso n a b l e defa u lts for a l l f i e l d s i n / e t c / pas swd w h e n r u n w i t h o u t
opt i o n s . T h e u s e radd com m a n d does not s e t a n y va l i d pa ssword by defa u lt, a n d t h e u s e r
can n ot l o g i n u n t i l a pa ssword i s set.
u s e r add - - help w i l l d i s p l a y the basic o p t i o n s that can be used to ove r r i d e the defa u lts. I n
most cases, t h e s a m e o pt i o n s c a n b e used w i t h t h e u s e rmod co m m a n d t o mod ify a n exist i n g
user.
S o m e defa u lts, s u c h as t h e ra n g e of va l i d U I D n u m bers a n d defa u l t password a g i n g r u l es, a re
read from t h e / e t c /login . defs f i l e. Va l u es i n t h i s f i l e a re o n l y used w h e n creat i n g new
users. A c h a n g e to this file w i l l n ot have a n effect on a n y exist i n g u s e rs.
u s e rmod m o d ifies ex ist i n g u s e rs
•
u s e r mod - - help wi l l d i s p l a y t h e basic o p t i o n s that c a n be used to m o d ify a n account. S o m e
co m m o n o p t i o n s i n c l ude:
u s e rmod options:
-
-c,
- - comme n t COMMENT
Add a va l u e, such a s a fu l l n a m e , to the GECOS fie l d .
-g,
- - gid GROUP
S pecify the p r i mary g r o u p for the user acco u nt.
-G,
- - g roups GROUPS
S p e c i fy a l i st of s u p p l e m e ntary g ro u ps for the user acco u nt.
-a,
- - append
Used with t h e -G option to a p p e n d t h e user to the
s u p p l e m e n t a l g ro u ps m e n t i o n e d w i t h o u t remov i n g t h e user
from other g ro u ps.
-d,
- - home HOME_D IR
S pecify a n ew h o m e d i rectory for t h e u s e r account.
-m,
- - move - home
M ove a u s e r home d i rectory to a new l ocat i o n . M u st be used
with t h e - d option.
-s,
- - shell SH E L L
S p e c i fy a n ew l o g i n s h e l l f o r t h e u s e r a ccount.
- L,
- - lo c k
Lock a u s e r accou nt.
-U,
- - unlock
U n l o c k a u s e r acco u n t .
-
-
u s e r d e l d e l etes u s e rs
u s e r d e l use rname removes t h e u s e r from /etc/ passwd, b u t l eaves t h e h o m e d i rectory
intact by d efa u lt.
-
·
-
u s e r d e l - r use rname removes t h e u s e r and t h e user's h o m e d i rectory.
R H 1 24- R H E L7-en-1-20140606
125
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups
Warning
-
W h e n a u s e r is re m oved w i t h u s e rdel w i t h o u t t h e - r o p t i o n s pe c i f i e d , t h e syst e m
w i l l have f i l e s t h a t a re owned by a n u n a s s i g n e d u s e r I D n u m be r. T h i s c a n a l so h a p p e n
w h e n f i l e s c reated by a d e l eted u s e r exist o u t s i d e t h e i r h o m e d i recto ry. T h i s s i t u a t i o n
c a n l e a d to i n fo r m a t i o n l e a k a g e a n d ot h e r secu rity i s s u e s .
-
I n Red H a t E n t e r p r i s e L i n u x 7 t h e u s e r ad d com m a n d a s s i g n s n e w u s e rs t h e f i rst
free U I D n u m be r ava i l a b l e in t h e ra n g e sta r t i n g from U I D 1 0 0 0 or a bove. (u n l ess o n e
i s e x p l i c i t l y specified w i t h t h e - u UID option). This i s how i n fo r m a t i o n l e a k a g e c a n
o c c u r : I f t h e f i rst f ree U I D n u m be r h a d b e e n p reviou s l y a s s i g n e d to a user account
which h a s s i n c e been removed from t h e syste m , t h e o l d u s e r ' s U I D n u m be r w i l l
g e t rea s s i g n e d t o t h e n e w u s e r, g i v i n g t h e n e w u s e r o w n e rs h i p o f t h e o l d u s e r ' s
re m a i n i n g f i l es. The fo l l ow i n g s c e n a r i o d e m o n st rates t h i s s i t u a t i o n :
[ root@serverx
[ root@serverx
drwx- - - - - - . 3
[ root@serverx
[ root@serverx
drwx- - - - - - . 3
[ root@serverx
[ root@serverX
drwx- - - - - - . 3
drwx- - - - - - . 3
-]# use radd prince
-]# ls 1 /home
prince prince 74
-]# userdel p r i n c e
-]# ls - 1 /home
1000 1000 74
-]# use radd b o b
-]# ls - 1 /home
74
bob
bob
74
bob
bob
-
Feb 4 15 : 22 prince
Feb 4 15 : 22 prince
Feb 4 15 : 23 bob
Feb 4 15 : 22 prince
N ot i c e that bob now owns a l l f i l es t h a t p rince once owned. D e p e n d i n g o n the
s i t u a t i o n , o n e solution to this p ro b l e m i s to rem ove a l l " u nowned " f i l es from the
syste m w h e n t h e u s e r that created them i s d e l eted. Another s o l u t i o n i s to m a n u a l l y
a s s i g n t h e " u n ow n e d " fi les to a d iffe rent u s e r. T h e root u s e r ca n f i n d " u n ow n e d " f i l e s
a n d d i rectories by r u n n i ng : find I - no u s e r - o - no g r o u p 2> /dev/nu ll.
-
id d i s p l a ys u s e r i n fo r m a t i o n
•
•
i d w i l l d i s p l ay u s e r i nfor m a t i o n , i n c l u d i n g t h e u s e r ' s U I D n u m be r a n d g r o u p m e m b e rs h i ps.
id use rname w i l l d i s p l ay user i n fo r m a t i o n for use rname, i n c l u d i n g the user's U I D n u m b e r
a n d g ro u p m e m bers h i ps.
pas swd sets pa sswords
•
•
-
-
pas swd use rname c a n be used to e i t h e r set the user's i n i t i a l pa ssword o r c h a n g e that u s e r ' s
pa sswo rd .
T h e root u s e r c a n set a password to a ny va l u e. A message w i l l be d i s p l ayed if t h e password
does not m e et the m i n i m u m reco m m e n d e d c rite r i a , but i s fo l l owed by a p ro m pt to retype t h e
new passwo rd a n d a l l toke n s a re u pdated su ccessfu l l y.
[ root@serverx -]# passwd student
Changing password for user student .
New password : redhat123
BAD PASSWORD : The password fails the dictionary check - it is based on a dictionary
word
126
R H 1 24- R H E L 7-en-1-20140606
--
-
-
-
-
-
M a n a g i n g l oca l u s e rs
Retype new password : redhat123
passwd : all authenticatio n to k e n s u p da t e d s u c_c es s_f u llY ·
_ _____________ __ ____
-
_
_____� - -
____
_
•
A reg u l a r u s e r m u st c h oose a password w h i c h is at l east 8 c h a racters in l e n g t h a n d i s not
based o n a d i c t i o n a ry word, t h e u s e r n a m e, or t h e p rev i o u s password.
-
J'
U I D ra n g es
Specific U I D n u m bers a n d ra n g e s of n u m be rs a re used for s pecific p u r poses by Red H a t
Enterp rise L i n u x.
-
-
-
•
UID
0
•
UID
1 -200
•
-
•
-
is a l ways a s s i g n e d to t h e s u pe r u s e r accou nt, roo t .
i s a ra n g e o f " syste m u s e rs" a ss i g n e d statica l l y t o system p rocesses by R e d Hat.
UID 201 -999 i s a ra n g e of " syste m users" used by syst e m p rocesses t h a t do n ot own f i l e s o n
t h e f i l e syste m . T h e y a re typica l l y a s s i g n e d d y n a m i ca l l y f r o m t h e ava i l a b l e p o o l w h e n t h e
softwa re t h a t n e e d s t h e m i s i n sta l l e d . Prog ra m s r u n a s t h e s e " u n p r i v i l e g e d " syst e m u se rs i n
o r d e r to l i m it t h e i r a ccess to j u st t h e resou rces t h ey n e e d to f u n c t i o n .
UID
1 000+
i s t h e ra n g e ava i l a b l e for ass i g n m e n t to reg u l a r users.
Note
-
P r i o r to Red H a t Enterprise L i n u x 7, t h e co nve n t i o n was that U I D 1 -499 was u s e d for
system u s e rs a n d U I D 500+ for reg u l a r u s e rs. Defa u lt ra nges used by u s e radd a n d
g rou padd c a n b e c h a n g ed i n t h e / e t c/login . d e f s f i l e.
-
-
R
References
u s e r add(8), u s e rmod(8), u s e rdel(8) m a n pages
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1 -20140606
127
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d G ro u ps
P ract ice: C reat i n g U se rs U s i n g Co m m a n d - l i n e
Too l s
-
Guided exercise
I n t h i s l a b , you w i l l c reate a n u m be r of u s e rs on you r s e rverX syste m , sett i n g a n d record i n g a n
i n it i a l password f o r e a c h u s e r.
O u tcomes
A system with a d d i t i o n a l user accounts.
-
Before you begin...
Reset you r se rve r X syst e m .
D 1.
L o g i nto t h e G N O M E desktop o n s e rverX a s s t u d e n t w i t h a password of s t u d e n t .
D 2.
O p e n a w i n d ow w i t h a B a s h prom pt.
S e l ect
D 3.
D 4.
-
Become the root user at the s h e l l pro m pt.
[student@serverX -]$
Password : redhat
su -
-
Add the u s e r juliet.
I
D 5.
A p p l icat i o n s > Uti l i t i e s > Term i n a l.
[ root@serverx
- ] # use radd j uliet
-
Confirm t h a t ju/iet has been added by exa m i n i n g the / e t c / pas swd f i l e.
[ root@serverx - ] # t ail - 2 /etc/pas swd
tcpdump : x : 72 : 72 : : / : /sbin/nologin
j uliet : x : 1001 : 1001 : : /home/j uliet : /bin/bash
D 6.
D 7.
-
U s e t h e passwd c o m m a n d to i n it i a l ize juliet's password.
[ root@serverx - ] # pas swd j uliet
Changing password for user j uliet .
New password : j uliet
BAD PASSWORD : The password is shorter than 8 characters
Retype new password : j uliet
passwd : all authentication tokens updated successfully .
-
-
Cont i n u e a d d i n g t h e re m a i n i n g users i n t h e steps b e l ow a n d set i n i t i a l passwords.
D 7.1 .
128
-
-
ro meo
I [ root@serverX - ] # use radd romeo
l
RH124- R H E L 7-en-1-20140606
-
-
-
-
G u i d e d exerc i s e
-
-
-
[ root@serverX -]# pas swd romeo
Changing password for user romeo .
New password : romeo
BAD PASSWORD : The password is shorter than 8 characters
Retype new password : romeo
passwd : all authentication tokens updated successfully .
D 7.2 . h a m let
-
[ root@serverx -]#
[ root@serverX -]#
use radd hamlet
passwd hamlet
-
D 7.3. reba
-
-
-
-
-
[ root@serverx -]#
[ root@serverX -]#
u se radd reba
passwd reba
D 7.4. d o l l y
[ root@serverx -]#
[ root@serverx -]#
u s e r add dolly
pas swd dolly
D 7.5. e l v i s
[ root@serverX -]#
[ root@serverx -]#
use radd elvis
passwd elvis
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
129
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups
-
M a n a g i n g Loca l G ro u p Acco u nts
-
Objectives
Aft e r co m p l et i n g t h i s sect i o n , students s h o u l d be a b l e to c reate, mod ify, a n d d e l ete l o ca l l y
d e f i n e d g ro u p a ccounts.
-
-
Managing supplementary groups
A g r o u p m u st e x i st before a user c a n be a d d e d to t h a t group. Seve ra l com m a n d - l i n e too l s a re
used to m a n a g e l o c a l g ro u p accou nts.
-
g ro u padd c reates g ro u ps
-
•
•
g roupadd groupname without o p t i o n s uses t h e n ext ava i l a b l e G I D from t h e ra n g e specified
i n t h e / e t c/login . defs f i l e.
The - g
GID
-
option is used to s pecify a specific G I D.
[student@serverx -]$
-
sudo g roupadd - g 5000 at eam
-
Note
G iv e n t h e a utomatic c reat i o n of u s e r p rivate g roups (G I D 1 000+), it is g e n e ra l ly
reco m m e n ded to set a s i d e a ra n g e of G I D n u m b e rs to be used for s u p p l ementa ry
g ro u ps. A h i g h e r ra n g e w i l l avoid a col l i s i o n with a system g ro u p (G I D 0-999).
-
-
•
T h e - r o p t i o n w i l l c reate a system g ro u p u s i n g a G I D from the ra n g e of va l i d system G I D
n u m be rs l isted i n t h e / e t c/login . defs f i l e.
I [ student@serverx -]$ sudo g roupadd
- r appus e r s
g r o u pmod m o d i fies ex ist i n g g ro u ps
•
T h e g r o u pmod com m a n d is used to c h a n g e a g r o u p n a m e to a G I D m a p p i n g . The - n option i s
used t o s pecify a new n a me.
I [student@serverx -]$ sudo g r oupmod
•
l [ student@serverx -]$
-
- n j avaapp appu s e r s
T h e - g option is used to s pecify a n e w G I D.
i
-
-
s u d o g r o upmod - g 6000 ateam
-
g r o u pdel d e l etes a g ro u p
•
T h e g r o u pdel com m a n d wi l l rem ove a g ro u p .
[ student@serverx -]$
-
s u d o g r oupdel j avaapp
-
130
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
M a n a g i n g s u p p l e m e nt a ry g ro u ps
•
A g ro u p m a y not be re m oved if it is the p r i m a ry g ro u p of a ny ex ist i n g user. As w i t h use rdel,
check a l l file syste m s to e n s u re t h a t no files re m a i n owned by t h e g ro u p.
-
u s e rmod a lt e rs g ro u p m e m b e rs h i p
•
-
The m e m b e rs h i p o f a g ro u p i s contro l l e d w i t h u s e r m a n a g ement. C h a n g e a u s e r ' s p r i m a ry
group with u s e rmod - g groupname.
-
•
-
Add a u s e r to a s u p p l e menta ry g ro u p with u s e rmod - aG groupname use rname.
[student@serverx -]$
sudo use rmod - aG wheel elvis
Important
T h e use of t h e - a o pt i o n m a kes u s e rmod f u n c t i o n i n "appe n d " mode. W i t h o u t it, t h e
u s e r wou l d b e re m oved f r o m a ll other s u p p l e m e n t a ry g ro u ps.
-
-
-
R
References
g roup(5), g rou padd(8), g r o u pdel(8), a n d u s e rmod(8) m a n pages
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-en-1-20140606
131
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U sers a n d Groups
-
P ract ice: M a n a g i n g G ro u ps U s i n g Com m a n d ­
l i n e Too l s
-
-
Guided exercise
-
I n t h i s l a b , you w i l l a d d u s e rs to n e w l y c reated s u p p l e m e nta ry g ro u ps.
-
Outcomes
T h e shakespeare g r o u p c o n s ists of j ulie t , romeo, and h amle t . The a r t i s t s g ro u p conta i n s
reba, dolly, a n d elvis .
-
Before you begin. . .
Perform t h e fo l l ow i n g steps o n s e r v e r X u n l ess d i rected ot h e rwise.
D 1.
-
Become t h e r o o t u s e r a t t h e s he l l prom pt.
[student@serverx -]$
Password : redhat
�--��-�--��� --�� .----�-� ------,
I
L.
D 2.
.
[I [ root@serverx -]# g roupadd
.
!
I
-
�-
-
-
-
- 5 /etc/group
-
Add the juliet user to the shakespeare g r o u p a s a s u p p l e m entary g ro u p .
I [ root@serverx -]# u sermod
-
-G shakespeare j uliet
Confirm that ju/iet h a s been a d d e d u s i n g t h e id c o m m a n d .
'
,-
132
I
_----�------ -----'
Confirm t h a t shakespeare a n d artists have b e e n a d d e d by exa m i n i n g the / e t c / g r o u p
f i l e.
r�
D 7.
--i
-
g roupadd a r t i s t s
,. dolly
reba : x : 1004 :
: x : 1005 :
elvis : x : 1006 :
1- artists
shakespeare : x : 30000 :
: x : 30001 :
D 6.
..
- g 30000 shakesp a r e
[ root@serverX -]#
-------����
l [ root@serverx -]# t ail
D 5.
�
.
C reate a s u p p l e m e ntary g ro u p c a l led a r t i s t s .
L
D 4.
___j
C reate a s u p p l e m e n t a ry g ro u p ca l l ed shakespeare w i t h a g ro u p ID of 30000.
__
D 3.
I
su -
[ root@serverx - ]# id j u liet
uid=1001{j uliet ) gid=1001(j uliet ) groups=1001{j uliet ) , 30000( shakespeare )
Cont i n u e a d d i n g t h e re m a i n i n g u s e rs to g ro u p s as fo l l ows:
-
-
-
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
G u i d e d exercise
-
D 7.1 .
-
-
-
Add romeo a n d hamlet to t h e shakespeare g ro u p.
[ root@serverX -]#
[ root@serverX -]#
u s ermod - G shakespeare romeo
usermod -G s hakespeare hamlet
D 7.2 . Add reba, dolly, a n d elvis to t h e artists g ro u p .
[ root@serverx -]#
[ root@serverx -]#
[ root@serverX -]#
u se rmod - G a r t i s t s reba
use rmod -G a r t i s t s dolly
use rmod -G a r t i s t s elvis
-
D 7.3. Ve rify t h e s u p p l e m e nta l group m e m be r s h i p s by exa m i n i n g the / e t c / g r o u p f i l e.
-
-
[ root@serverx -]# t ail - 5 /etc/group
reba : x : 1004 :
dolly : x : 1005 :
elvis : x : 1006 :
shakespeare : x : 30000 : j uliet, romeo, hamlet
artists : x : 30001 : reba, dolly, elvis
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-en-1-20140606
133
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups
-
M a n a g i n g U s e r Pa sswo rd s
-
Objectives
After com p l e t i n g t h i s sect i o n , stu d e n t s s h o u l d be a b l e to l o c k a ccou nts m a n u a l l y or by sett i n g a
pa ssword-a g i n g p o l icy i n t h e s h a d ow pa ssword f i l e.
Shadow passwords and password policy
I n t h e d ista n t past, e n c rypted passwords were stored i n the worl d - reada b l e /etc/passwd f i l e. T h i s
w a s t h o u g ht to be reaso n a b l y sec u re u n t i l d i c t i o n a ry attacks o n e n c rypted pa sswords b e c a m e
c o m m o n . At t h a t point, t h e e n c rypted passwords, o r " pa sswo rd h a s h es," w e re moved to t h e m o re
sec u re /etc/s h a d ow f i l e. This new f i l e a l s o a l lowed pa ssword a g i n g a n d ex p i ra t i o n featu res to be
implemented.
-
-
-
-
T h e re a re t h ree p i eces of i nform a t i o n stored i n a m o d e r n password h a s h :
-
$1$gCj La2/Z$6 Pu0EK0AzfCj xj v2ho LOB/
1.
1: The h a s h i n g a l g or i t h m . The n u m be r 1 i n d icates a n M D 5 h a s h . The n u m be r 6 a p p e a rs w h e n
a S H A-512 h a s h is u s e d .
2.
g C j La2/Z: The salt used t o e n c rypt t h e h a s h . T h i s is orig i n a l l y chosen at ra n d o m . T h e
s a l t a n d t h e u n e n c rypted password a re c o m b i n e d a n d e n c rypted to c reate t h e e n c ry pted
pa ssword h a s h . The use of a s a l t prevents two u s e rs with the s a m e password from h a v i n g
i d e n t ica l e n t ries i n t h e / e t c / s hadow f i l e.
3.
-
-
6Pu0 EK0AzfCj x j v2ho LOB/: The e n c rypted h a s h .
W h e n a u s e r tries t o log i n , t h e system lo o k s u p t h e e n t ry f o r t h e u s e r i n / e t c / s hadow,
c o m b i n e s t h e s a l t for t h e u s e r with t h e u ne n c ry pted password t h a t was typed i n , a n d e n c rypts
them u s i n g the h a s h i n g a l g o r i t h m s p e c i f i e d . I f the res u lt matches the e n c rypted hash, the user
typed i n t h e r i g h t password. I f t h e res u lt does n ' t match t h e e n c rypted hash, t h e user typed i n the
w ro n g pa ssword a n d t h e login att e m pt fa i l s. T h i s method a l l ows t h e syste m to d ete r m i n e if t h e
u s e r t y p e d i n t h e correct pa ssword w i t h o u t sto r i n g t h a t password i n a form u s a b l e for l o g g i n g i n .
-
-
-
Note
Red H a t E nterprise L i n u x 6 a n d 7 s u p port two n ew stro n g password h a s h i n g
a l g or it h m s , S H A-256 (a l g orit h m 5) a n d S H A-512 (a l g o r it h m 6 ) . Bot h t h e s a l t st r i n g
a n d t h e e n c rypted h a s h a re l o n g e r for t hese a l g o r it h m s. T h e defa u l t a l g or i t h m u s e d
f o r p assword h a s h e s c a n be c h a n g e d by t h e root user by r u n n i n g t h e c o m m a n d
aut hconfig - - passalgo w i t h o n e o f t h e a rg u m e nts m d 5 , sha256, o r sha512, a s
a p p ro p r i ate.
-
Red Hat Enterprise L i n u x 7 defa u l t s to u s i n g S H A-512 e n c ry pt i o n .
-
/ e t c / s h adow fo r m a t
T h e format of / e t c / s hadow fo l l ows ( n i n e c o l o n - s e p a rated f i e l d s):
L Oname : Opassword : 01astchange : Ominage : Omaxage : Owarning : Oinactive : Oexpire : Ob1ank I
-
134
-
R H 1 24- R H E L7-e n-1-20140606
-
-
-
-
Password a g i n g
-
-
O
O
T h e l o g i n name. T h i s m u st be a va l i d acco u n t n a m e o n t h e syste m .
The e n c rypted password. A password fie l d w h i c h starts with a exc l a m a t i o n m a r k m e a n s t h a t
t h e pa ssword i s l o c ked.
The date of t h e l a st password change, re p resented a s t h e n u m be r of days s i nce 1 970.01 .01 .
O
O
-
The minimum n u m be r of d a ys before a password m a y be c h a n g e d , w h e re
m i n i m u m a g e req u i re m e nt."
The maximum n u m be r of days before a p a ssword m u st be cha nged.
O
-
-
-
-
-
O
O
O
O
This blank f i e l d is reserved for future u se.
Password aging
The fo l l owi n g d i a g ra m re l ates t h e re l eva nt pa ssword-a g i n g pa ra meters, w h i c h ca n be adjusted
u s i n g chage to i m p l e m e n t a password-a g i n g p o l i cy.
max da y s ( - M )
min days
(-m)
-
-
-
time
.
.
.
.
.
'
'
'
'
'
'
.
'
'
'
'
'
'
last change
date (-d)
#
i nactive d a y s
(-1)
warn da y s
(-W)
-
password
expi rat ion
date
i n a ct ive
date
chage - m 0 - M 90 -W 7 - I 14 username
chage - d
-
-
means "no
The warning p e r i o d t h a t a pa ssword is a bo u t to ex p i re. Represented i n days, w h e re 0 m e a n s
" n o wa r n i n g g iven."
The n u m be r of d ays a n account re ma i n s a ctive after a passwo rd h a s expired. A u s e r may
sti l l l o g i nto the system and c h a nge t h e password d u ri n g t h i s period. After the s p e c ified
n u m be r of days, the acco u nt is l ocked, beco m i n g inactive.
The account expiration date, represented a s t h e n u m be r of days s i n ce 1970.01 .01 .
-
-
O
e
username w i l l force a password u pdate o n next l og i n .
chage
-1
use rname w i l l l i st a u s e r n a m e ' s c u rrent sett i n gs.
chage
-E
YYYY - MM - DD
wi l l e x p i re a n acco u nt o n a s pecific day.
Note
The date c o m m a n d can b e used to ca l c u l ate a date in the f u t u re.
-
[student@serverX -)$ d a t e - d
Sat Mar 22 11 : 47 : 06 EDT 2014
" +45 days "
-
-
-
-
R H1 24- R H E L7-en-1 -20140606
135
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Gro u p s
Restricting access
W i t h the chage com m a n d , a n acco u n t e x p i rat i o n c a n be set. O n c e that date is rea c h e d , t h e user
c a n not log i nto t h e syst e m i nteract ive l y. The u s e rmod com m a n d can " l oc k " a n account w i t h the
L option.
-
[student@serverX - ] $ sudo use rmod
[ student@serverX - ] $ s u - elvis
Password : elvis
su : Authentication failure
r - --··----��-- --
..
----
- ------ �-���
- -�- -�
-� -��
-
- ·-------------··�-�-
�
--
-
---�----�
-
nologin
-
-
s u d o use rmod - L - e 1 elvis
Loc k i n g t h e account p revents t h e user from a u t h e nt i c a t i n g with a password to t h e syste m . I t
is t h e reco m m e n d ed m e t h o d of p reve n t i n g access to a n accou nt b y a n e m p l oyee w h o h a s l eft
t h e compa ny. If t h e e m p l oyee ret u rns, t h e acco u n t c a n later be u n l o c ked w i t h u s e r mod U
USERNAME. I f t h e acco u n t was a l so e x p i red, be s u re to a l so c h a n g e t h e e x p i ra t i o n date.
T he
...
- L elvis
W h e n a user h a s l eft t h e c o m p a ny, t h e a d m i n istrator m a y l o c k a n d ex p i re a n acco u n t w i t h a
s i n g l e use rmod com m a n d . T h e date m u st be g iven a s t h e n u m be r of days s i n ce 1 970.01 .01 .
,-[� tud�nt@se�verX -]$
-
-
-
she l l
Sometimes a u s e r n e e d s a n acco u n t with a password t o a u t h e nt i cate t o a syste m , b u t does not
need a n intera ctive s h e l l o n t h e system. Fo r exa m p l e, a m a i l se rver may req u i re a n a c c o u n t to
store m a i l a n d a password for t h e user to a u t h e n t i cate w i t h a m a i l c l ient used to ret r i eve m a i l .
T h a t u s e r d o e s n ot n e e d to l o g d i rect l y i nto t h e syst e m .
-
A c o m m o n s o l u t i o n to t h i s s i t u a t i o n is to s e t t h e u s e r ' s l o g i n s h e l l to /sbin/nologin. I f t h e user
atte m pts to l o g i nto the system d i rect l y, t h e nologin " s h e l l " will simply c l ose t h e c o n n ection.
-
[ root@serverX -]# u s e rmod - s /sbin/nologin s t udent
[ root@serverx - ] # s u - s t udent
Last login : Tue Feb 4 18 : 40 : 30 EST 2014 on pts/0
j This account is currently not available .
-
-
L___
___
-
Important
Use of t h e nologin s h e l l preve nts i nteractive u s e of t h e system, but does n ot p reve nt
a l l access. A user m a y sti l l b e a b l e to a u t h e n ticate and u p l o a d o r ret rieve files t h ro u g h
a p p l i c a t i o n s s u c h a s w e b a p p l i ca t i o n s , f i l e t ra n sfer p rograms, or m a i l rea d e rs.
-
-
References
R
-
chage(1 ), u s e rmod(8), s h ad ow(5), c ry pt ( 3 ) m a n pages
-
-
-
136
RH124- R H E L7 - e n -1 -20140606
-
-
-
Practice: M a n a g i n g U s e r Password A g i n g
-
P ra ct i ce: M a n a g i n g U s e r Pa sswo rd Ag i n g
-
-
Guide d exercise
I n t h i s l a b , yo u w i l l set u n iq u e password p o l icies for users.
-
-
Outcomes
T h e pa ssword fo r romeo m u st b e c h a n g e d when t h e u s e r fi rst l o g s into t h e syst e m , eve ry 9 0 days
t h e reafter, and t h e acco u n t e x p i res i n 1 8 0 days.
Before you begin ...
-
Pe rfo r m the fo l l ow i n g steps o n serverX u n l ess d i rected othe rwise.
D 1.
E x p l o re l o c k i n g and u n l o c k i n g accou nts.
D 1.1 .
-
-
L o c k t h e romeo accou nt.
[student@serverX -]$
sudo use rmod
-
L romeo
D 1 .2 . Atte m pt to log in as romeo.
[ student@serverX -]$ su - romeo
Password : romeo
su : Authentication failure
-
-
D 1 .3.
-
U n l oc k the romeo account.
[student@serverX -]$
s u d o use rmod - U romeo
--- -- ---------
-
D 2.
C h a n g e t h e password p o l icy for romeo to req u i re a new password every 90 days.
[ student@serverX -]$ sudo c hage - M 90 romeo
[student@serverX -]$ sudo chage romeo
Last password change
Password expires
Password inactive
Account expires
Minimum number of days between password change
Maximum number of days between password change
Number of days of warning before password expires
-
-1
-
-
D 3.
A d d i t i o n a l l y, force a password c h a n g e o n t h e fi rst l o g i n for t h e r omeo a cco u nt.
!
!
!
-
D 4.
-
-
-
-
Feb 03, 2014
May 04, 2014
never
never
0
90
7
[ student@serverX -]$
sudo chage - d 0 romeo
Log in a s romeo a n d c h a n g e the pa sswo rd to f o r s o o t h 123.
'- '- �::������s �:�::x -]$ su - romeo
· You are required to change your password immediately ( root enforced )
r�--�----�-�----
R H 1 24- R H E L 7-en-1-20140606
-1
137
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups
Changing password for romeo .
{current ) UNIX password : romeo
New password : forsooth123
Retype new password : forsooth123
[ romeo@serverx -]$ exit
-
-
...
D 5.
E x p i re a ccounts in t h e futu re.
D 5.1 .
Dete r m i n e a date 1 8 0 d ays i n t h e f u t u re.
[ student@serverX -]$
-
date -d " +180 days "
Sa t Aug 2 1 7 : e5 : 2e EDT 2e14
-
D 5.2. Set accounts to ex p i re on t h a t d a te.
[ student@serverX -]$ sudo chage E 2914 - 98 - 82 romeo
[student@serverx -]$ sudo chage -1 romeo
Last password change
Password expires
Password inactive
Account expires
Minimum number of days between password change
Maximum number of days between password change
Number of days of warning before password expires
-
-
Feb 03, 2014
May 04, 2014
never
Aug 02, 2014
0
90
7
-
-
-
-
-
-
-
-
-
-
-
-
-
138
R H 1 24- R H E L7-en-1-20140606
-
-
-
L a b : M a n a g i n g Loca l L i n u x U s e rs a n d Groups
-
L a b : M a n a g i n g Loca l L i n ux U se rs a n d G ro u ps
-
-
-
Perfor mance checklist
I n t h i s l a b, you w i l l defi n e a defa u l t password p o l icy, c reate a s u p p l e m e nta ry g ro u p of t h ree new
users, and mod ify the passwo rd p o l icy of o n e u s e r.
Outcomes
-
•
A new g ro u p o n serverX ca l l ed c o n s u l t an t s , i n c l u d i n g t h ree new u s e r acco u nts for Sam
Spade, Betty Boop, and Dick Tra cy.
A l l new accounts s h o u l d req u i re t h a t passwords be c h a n g e d at fi rst l o g i n a n d every 30 days
t h e reafter.
-
•
-
The new c o n s u l t a n t accounts s h o u l d ex p i re at t h e e n d of t h e 90-day contract, a n d Betty Boop
m u st c h a n g e h e r password every 1 5 days.
Before you begin ...
-
Reset yo u r serverX syst e m .
1.
E n s u re t h a t n e w l y c reated u s e rs have passwords w h i c h m u st be c h a n g e d every 3 0 days.
2.
C reate a new g ro u p n a m e d c o n s u l t an t s w i t h a G I D of 40000.
3.
C reate t h ree new u s e rs: s s pade, bboop, a n d d t r acy, with a pa ssword of default and add
them to t h e s u p p l e m enta ry g ro u p con s u l t a n t s . The p r i m a ry group s ho u l d re m a i n a s the
user private g ro u p .
-
4.
Dete r m i n e t h e date 90 d ays in t h e f u t u re a n d set each of t h e t h ree new u s e r accounts to
expire on t h a t d ate.
-
5.
C h a n g e the password po l i cy fo r the bboop account to req u i re a new password every 15 d ays.
6.
Additi o n a l l y, force a l l users to c h a ng e t h e i r pa sswo rd o n fi rst l o g i n .
7.
W h e n you f i n i s h , r u n t h e lab localu s e r s g rade eva l u ation s c r i pt to c o n f i r m you have
done everyt h i n g c o r rect l y.
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
139
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U se rs a n d G ro u ps
-
Solution
I n t h i s l a b , you w i l l d e f i n e a defa u lt password p o l i cy, c reate a s u p p l e m enta ry g r o u p of t h ree new
u s e rs, and mod ify t h e password p o l icy of o n e u s e r.
-
Outcomes
•
•
•
-
A new g ro u p o n serve r X ca l l ed c o n s u l t an t s , i n c l u d i n g t h ree new u s e r accounts for S a m
S pa d e, Betty Boop, a n d D i c k Tra cy.
A l l new acco u nts s h o u l d req u i re that passwords be c h a n g e d at fi rst l o g i n a n d eve ry 3 0 days
t h e reafter.
-
-
T h e new c o n s u ltant a ccou nts s h o u l d e x p i re at t h e e n d of t h e 90-day contract, a n d Betty Boop
m u st c h a n g e her pa ssword every 15 days.
-
Before you begin ...
Reset yo u r serverX syst e m .
1.
2.
3.
-
E n s u re t h a t n e w l y c reated users h a v e passwo rds w h i c h m u st be c h a n g ed every 3 0 d a ys.
[student@serverX - ] $
[student@serverX - ] $
. . . Output omitted . . .
PASS_MAX_DAYS 30
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
. . . output omitted . . .
-
s u d o v i m /et c/login . defs
cat /etc/login . defs
-
-
C reate a new g ro u p n a m e d c o n s u l t a n t s w i t h a G I D o f 40000.
[student@serverx - ] $
[student@serverX - ] $
stapdev : x : 158 :
pesign : x : 989 :
tcpdump : x : 72 :
slocate : x : 21 :
consultants : x : 40000 :
-
s u d o g roupadd - g 4 0 0 0 0 consultan t s
t ail - 5 /etc/group
-
-
C reate t h re e new users: s s pade, bboop, and d t r acy, with a password of defaul t and add
them to the s u p p l e m e n t a ry g ro u p consu l t a n t s . T h e p r i m a ry g ro u p s h o u l d re m a i n a s t h e
user private g ro u p .
[student@serverx - ] $ sudo u s e r add - G c o n s u l t a n t s s spade
[student@serverx - ] $ sudo use radd -G c o n s u l t a n t s bboop
[student@serverx - ] $ sudo use radd -G c o n s u l t a n t s d t racy
[student@serverX - ] $ t ail -5 /etc/group
slocate : x : 21 :
consultants : x : 40000 : sspade, bboop, dtracy
sspade : x : 1001 :
bboop : x : 1002 :
dtracy : x : 1003 :
[student@serverx - ] $ sudo passwd s spade
Changing password for user sspade .
New password : default
BAD PASSWORD : The password is shorter than B characters
140
-
-
-
-
-
-
R H 1 24- R H E L7-en-1 -20140606
-
-
-
-
Solution
Retype new password : default
passwd : all authentication tokens updated successfully .
[ student@serverx - ] $ sudo pas swd bboop
[student@serverx - ) $ sudo passwd dt racy
-
-
-
4.
[ student@serverx - ] $ date -d " +90 days "
Mon May 5 11 : 49 : 24 EDT 2014
[ student@serverx - ] $ sudo chage -E 2014 - 0 5 - 05
[ student@serverX - ) $ sudo c hage -E 2014 - 05 - 05
[ student@serverX - ] $ sudo c h age -E 2014 - 0 5 - 05
-
-
-
5.
-
-
-
6.
-
-
-
-
Dete r m i n e t h e date 90 days in t h e f u t u re a n d set e a c h of t h e t h re e new u s e r accounts to
e x p i re o n that date.
7.
ss pade
bboop
dt racy
C h a n g e the pa ssword p o l i c y for the bboop acco u n t to req u i re a new password every 15 d a ys.
[ student@serverx - ) $ sudo c h age -M 15 bboop
[student@serverX - ) $ sudo chage -1 bboop
Last password change
Password expires
Password inactive
Account expires
Minimum number of days between password change
Maximum number of days between password change
Number of days of warning before password expires
Feb 04, 2014
Feb 19, 2014
never
May e s , 2014
e
15
7
A d d i t i o n a l ly, force a l l users to c h a n g e their pa ssword o n fi rst l o g i n .
[ student@serverx
[student@serverx
[ student@serverX
- ] $ sudo chage - d 0 sspade
- ) $ sudo c hage -d 0 bboop
- ] $ sudo chage -d 0 dt racy
W h e n you f i n i s h , r u n t h e lab localu s e r s g r ade eva l u at i o n s c r i pt to confi r m you have
done everyt h i n g correct l y.
[ student@serverx
- ) $ lab localu s e r s g r ade
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
141
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups
-
S u m m a ry
-
U s e rs and Groups
L i st the ro l e s of u s e rs and g ro u p s on a L i n u x system and v i ew the l oca l confi g u ration
f i l es.
Ga i n i n g S u peruser Access
Esca l ate privi l e g e to run c o m m a n d s a s the s u pe r u s e r.
-
-
M a n a g i n g Loca l U s e r Accounts
A d d , remove, and mod ify local u sers with co m m a n d- l i n e tools.
-
M a n a g i n g Loca l G ro u p Accou nts
-
M a n a g e loca l g ro u p s with c o m m a n d - l i n e too l s .
M a n a g i n g U s e r Passwords
M a n a g e password a g i n g p o l icies for u s e rs and m a n u a l l y lock, u n l o c k , and e x p i re
accou nts.
-
-
-
-
-
-
-
-
-
-
-
-
-
142
R H 1 24- R H E L 7-en-1-20140606
-
-
®
red hat
TRAINING
®
C H A PT E R 6
CONTR OLLING ACCESS TO
FI LES WITH LINUX FILE SYSTEM
PERMISSIONS
Overview
Goal
To set L i n u x f i l e system p e r m i s s i o n s on files a n d interpret
the security effects of d i fferent p e r m i s s i o n sett i n g s.
Objectives
•
•
E x p l a i n how t h e L i n u x f i l e p e r m i s s i o n s model works.
C h a n g e the p e r m i s s i o n s a n d owners h i p of files u s i n g
comm a n d - l i n e t o o l s .
•
Conf i g u re a d i rectory i n which newly c reated f i l es are
autom a t i c a l l y writa b l e by m e m be rs of the g ro u p w h i c h
o w n s t h e d i recto ry, u s i n g spec i a l p e r m i s s i o n s a n d defa u l t
u m a s k sett i n g s.
Sections
•
L i n u x F i l e System Per m i s s ions (a n d P ract ice)
•
M a n a g i n g F i l e System Perm i s s i o n s f rom t h e C o m m a n d
L i n e (and P ractice)
•
M a n a g i n g Defa u l t Per m i s sions a n d F i l e Access (and
Practice)
Lab
•
Contro l l in g Access to F i l es with L i n u x F i l e System
Perm i s s i o n s
R H1 24- R H E L7-e n-1 -201 40606
143
C h a pter 6. Contro l l i n g Access to F i l es w i t h L i n u x F i l e System Permissions
L i n u x F i l e Syste m Pe r m i s s i o n s
O bject ives
After com pl e t i n g t h i s section, students s h o u l d be a b l e t o e x p l a i n h o w t h e L i n u x f i l e p e r m issions
m o d e l works.
L i n u x f i l e syst e m p e r m i s s i o n s
Access t o files by users a re co ntro l l e d by file permissions. The L i n u x f i l e p e rm issions system is
s i m p l e but f l e x i b l e, w h i c h m a kes it easy to u nd e rstand a n d a p p ly, yet a b l e to h a n d l e m ost n o r m a l
p e r m i s s i o n c a s e s easi ly.
Files have j u st t h ree categories of user to w h ic h p e r m i ss i o n s a p p ly. The f i l e is owned by a user,
n o r m a l l y t h e o n e w h o created the f i l e . The file is a l s o owned by a s i n g l e group, u s u a l l y t h e
p r i m a ry g r o u p of t h e user w h o c reated t h e file, b u t t h i s can be c h a nged. D ifferent p e r m issions
can be set fo r t h e own i n g u s e r, the owning g ro u p , and for a l l other users o n t h e system t h at are
n ot the user o r a m e m b e r of the ow n i n g g roup.
The most specific permissions a p p ly. So, user p e r m i ssions override group p e r m i ssions, w h i c h
override other p e rm i s s i o ns.
In t h e g ra p h i c that follows, j o s h u a is a m e m b e r of the groups j o s h u a and web, w h i l e a l l ison i s
a member of a l l i s o n , w h e e l , a n d w e b . W h e n j o s h u a a n d a l l ison h ave the need to co l l a b o ra te,
the f i l es s h o u l d be associated with the g r o u p web a n d the g ro u p permissions s h o u l d a l low the
desired access.
joshua
a l lison
Figure 6. 1 : Group membership illustration
There a re a l s o just t h ree categories of permissions w h ich a p p ly: read, write, a n d execute. These
permissions affect a ccess to fi l es and d i rectories a s f o l l ows:
Effects of permissions on files and directories
Per m i ssion
Effect o n f i l e s
Effect o n d i rectories
r (read)
Contents of t h e f i l e can be read.
Contents of t h e d i rectory (fi l e n a mes)
can be l isted.
w (write)
Contents of t h e file can be c h a n g e d .
A ny f i l e i n t h e d i rectory m a y be c reated
or d e l eted.
x (exec)
F i l es ca n be executed as c o m m a n d s.
Contents of the d i rectory ca n be
accessed (d ependent o n t h e p e r m i ssions
of t h e files i n t h e d i rectory).
144
R H 1 24- R H E L7-e n-1-20140606
-
-
V i ew i n g f i l e/d i rectory p e r m i s s i o n s a n d ow n e rs h i p
-
N ote t h a t u s e rs n o r m a l ly have b o t h r ead a n d exec o n rea d - o n l y d i rectories, so t h a t t h ey c a n l ist
t h e d i rectory a n d a ccess its contents. I f a user o n l y has read a ccess o n a d i recto ry, the n a m es of
the f i l e s in it can b e l i sted, but n o ot h e r information, i n c l u d i n g p e r m i s s i o n s or t i m e sta m ps , a re
a va i l a b l e , n o r can they be a ccessed. I f a user o n l y has exec a ccess o n a d i recto ry, t h ey ca n n ot
l ist t h e n a mes of t h e f i l e s i n t h e d i rectory, b u t if t h ey a l re a d y k n ow t h e n a m e of a fi l e w h i c h t h ey
have p e r m i ssion to rea d , t h e n t h ey c a n access t h e contents of t h a t f i l e by ex p l i c i t l y specify i n g t h e
f i l e n a m e.
-
-
-
A f i l e m a y be removed by a nyo n e w h o h a s write p e r m i s s i o n to t h e d i rectory i n w h i c h t h e f i l e
res id e s , regardless o f t h e o w n e rs h i p o r p e r m i s s i o n s o n t h e fi l e itse l f. ( T h i s ca n be ove r r i d d e n w i t h
a s p e ci a l p e r m i s s i o n , t h e sticky bit, w h i c h w i l l be d i scussed a t t h e e n d o f t h e u n it.)
-
Viewing file/directory per missions and ownership
T h e - 1 o p t i o n of t h e ls com m a n d w i l l expa n d t h e f i l e l is t i n g to i n c l u d e both t h e p e r m i s s i o n s of a
f i l e a n d t h e owners h i p:
-
[student@desktopX -]$ ls - 1 t e s t
- rw- rw- r - - . 1 student student 0 Feb 8 17 : 36 test
-
The co m m a n d ls 1 d i r ec t o ryname w i l l show t h e expa n d ed l i s t i n g of a l l of t h e f i l e s t h a t
res i d e i n s i d e t h e d i recto ry. To p reve nt t h e d e s c e n t into t h e d i rectory a n d s e e t h e e x p a n d e d l i s t i n g
of t h e d i rectory itse l f, a d d t h e - d o p t i o n to I s :
-
-
[student@desktopX - ] $ ls - ld /home
drwxr-xr - x . 5 root root 4096 Jan 31 22 : 00 /home
-
· ��--...., ,>
-
-
-
�
Note
U n l i ke N T FS p e r m i s s i o n s , L i n u x p e r m i s s i o n s o n l y a p p l y to t h e d i rectory or f i l e t h a t
t h ey a re s e t o n . P e r m i ss i o n s o n a d i rectory a re not i n h e r ited a utomatica l ly by t h e
s u b d i rectories a n d fi les w it h i n i t . ( T h e p e r m issions o n a d i rectory may effect ive l y b l o c k
access to i t s contents, however.) A l l p e r m issions i n L i n u x a re s e t d i rect l y o n e a c h f i l e o r
d i rectory.
The
rea d
contents
-
-
-
p e r m i s s i o n on a d i rectory i n L i n u x i s rou g h l y e q u iva l e nt to
i n W i n d ows.
L i st fo l d e r
The write p e r m i s s i o n on a d i rectory in L i n u x is e q u i va l e nt to M o d ify i n W i n d ows; it
i m p l i es t h e a b i l ity to d e l ete fi l es a n d s u b d i recto ries. In L i n ux , i f w r i t e a n d t h e st i c ky b i t
a re both set o n a d i rectory, then only t h e u s e r t h a t o w n s a file o r s u b d irectory i n the
d i rectory m a y d e l ete it. which is c l ose to t h e b e h a v i o r of t h e W i n d ows Write p e r m i s s i o n .
R o o t h a s t h e e q u i va l e n t of t h e W i ndows Fu l l C o n t r o l p e r m i s s i o n o n a l l f i l es i n L i n u x.
H oweve r, root may sti l l h a ve a ccess rest r i cted by t h e system ' s S E L i n u x p o l icy a n d t h e
s e c u rity context of t h e process a n d f i l es i n q u est i o n . S E L i n u x w i l l b e d i scussed i n a l a t e r
cou rse.
-
-
-
-
-
E xam ples: Linux user, group, other conce pts
I Users and their groups :
R H 1 24- R H E L 7-en-1-20140606
145
-
C h a pter 6. C o n t ro l l i n g Access to F i l es w i t h L i n u x F i l e Syste m Pe r m i s s i o n s
lucy
lucy, ricardo
ricky ricky, ricardo
ethel ethel, mertz
fred
fred, mertz
File attributes ( permissions, user
drwxrwxr-x ricky ricardo
- rw- rw- r - - lucy lucy
- rw- r - - rw- lucy ricardo
- rw- rw- r - - ricky ricardo
- rw- r- - - - - ricky ricardo
-
-
& group ownership, name ) :
dir (which contains the following files)
lfilel
lfile2
rfilel
rf ile2
All o we d /denied be hav i o r
C ont ro l l ing pe r m i s s i on s
lucy is t h e only person w h o ca n c h a n g e the
contents of 1 filel.
lucy has write p e r m i s s i o n s o n t h e f i l e
1 filel a s the o w n e r. N o one is l i sted a s a
m e m be r of t h e g r o u p lu cy. The p e r m i s s i o n s
for other d o not i n c l u d e w rite p e r m i s s i o n s .
r i c ky c a n v i ew t h e c o n t e n t s of l f i l e 2, but
c a n n ot m o d ify t h e contents of 1file2.
r i c ky ca n d e l ete lfilel and lfile2.
e t hel ca n c h a n g e t h e contents of
1 file2.
lucy can c h a n g e t h e c o n t e n t s of rfilel.
r icky i s a m e m b e r of t h e g ro u p ricardo,
a n d t h a t group h a s read-o n l y p e r m i s s i o n s
o n lfile2. Eve n t h o u g h other h a s w r i t e
p e r m iss ions, g r o u p p e r m issions take
p receden ce.
r icky h a s write p e r m i s s i o n s on the d i rectory
conta i n i n g both f i l es, and a s s u c h , he c a n
d e l ete a n y f i l e i n t h a t d i recto ry.
S i n ce et hel i s not lucy, and is not a
m e m be r of t h e ricardo g ro u p, other
p e r m i s s i o n s a p p l y to h e r, a n d those i n c l u d e
w rite p e r m i s s i o n .
lucy is a m e m b e r of t h e ricardo g ro u p ,
a n d t h a t g r o u p h a s both r e a d a n d w rite
p e r m i s s i o n s o n rfilel.
r i c ky ca n v i ew a n d mod ify t h e contents of
rfile2.
r i c ky owns the file and h a s bot h rea d a n d
w rite access to rfile2.
lucy ca n view but not mod ify t h e contents of
rfile2.
lucy is a m e m b e r of t h e ricardo g ro u p , a n d
that g ro u p h a s read-o n l y a ccess to rfile2.
e t hel and f r ed do not have a n y a ccess to
t h e c o n t e n t s of rfile2.
other p e r m i s s i o n s a p p l y to e t hel and f r ed ,
and those p e r m i s s i o n s d o n ot i n c l u d e rea d or
w rite p e r m i s s i o n .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
146
R H 1 24 - R H E L 7-en-1-20140606
-
-
-
E xa m p l es : L i n u x u s e r, grou p, o t h e r concepts
References
ls(1) m a n p a g e
-
info c o r e u t ils (GNU Coreuti/s)
S e c t i o n 1 3 : C h a n g i n g f i l e att r i b utes
•
-
-
-
Jllllllf
-
-
R H1 24- R H E L7 - e n -1 -20140606
1 47
-
-
C h a pter 6. Contro l l i ng Access to F i l e s w i t h L i n u x F i l e System Per m i s s i o n s
-
P ract ice: I nt e r p ret i n g Fi l e a n d D i recto ry
Pe rm i ss i o n s
-
-
Quiz
U s i n g the d i rectory l i s t i n g presented, match t h e items t h a t fol l ow to t h e i r cou nterpa rts i n t h e
ta b l e.
Users and their groups :
wilma wilma, flintstone
fred
fred, flintstone
betty betty, rubble
barney barney, rubble
File att ributes ( permissions, user & group ownership, name ) :
drwxrwxr-x fred flintstone dir (which contains the following files )
lfilel
- rw- rw- r- - wilma wilma
- rw- r - - rw- wilma flintstone lfile2
- rw- rw- r- - fred flintstone rfilel
- rw- r - - - - - fred flintstone rfile2
-
-
-
-
-
-
-
Descri pt i o n
File name
-
Is o w n e d by f r e d a n d rea d a b l e by a l l u s e rs
Contents m a y be m o d i f i e d by t h e u s e r b e t t y
-
Ca n b e d e l eted by t h e u s e r f r e d
-
-
Ca n not be read by the user b a r ney
-
H a s a g ro u p ow n e rs h i p of wilma
-
C a n be d e l eted by t h e u s e r b a r ney
148
R H 1 24- R H E L7-en-1 -20140606
-
-
-
-
Sol ution
-
Solution
-
-
-
-
-
-
-
-
-
U s i n g t h e d i rectory l i s t i n g presented, match t h e items t h a t fo l l ow to t h e i r counterpa rts i n t h e
t a b l e.
Users and their groups :
wilma wilma, flintstone
fred, flintstone
fred
betty betty, rubble
barney barney, rubble
File attributes ( permissions, user & group ownership, name ) :
drwxrwxr-x fred flintstone dir (which contains the following files )
lfilel
- rw- rw- r - - wilma wilma
- rw- r - - rw- wilma flintstone lfile2
- rw- rw- r - - fred flintstone rfilel
- rw- r - - - - - fred flintstone rf ile2
Desc r i p t i o n
File name
Is o w n e d by f r e d a n d rea d a b l e by a l l u se rs
rfi l e1
C o n t e n t s m a y b e m o d i f i e d by t h e u s e r b e t t y
l f i l e2
Ca n b e d e l eted b y t h e u s e r f r e d
all
Ca n n ot be rea d by the user b a r n ey
rfi l e2
H a s a g ro u p ow n e rs h i p of wilma
l f i l e1
Ca n b e d e l eted by t h e u s e r b a r ney
none
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1-20140606
149
-
-
C h a pter 6. Co n tro l l i ng Access to F i l es w i t h L i n u x F i l e System Pe r m i s s i o n s
-
M a n a g i n g Fi l e Syste m Pe rm iss i o n s f ro m t h e
Co m m a n d L i n e
-
-
Objectives
Afte r com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to c h a n g e t h e p e r m i s s i o n s a n d o w n e rs h i p
o f f i l es u s i n g com m a n d - l i n e too ls.
-
Changing file/directory per missions
-
T h e com m a n d used to c h a n g e p e r m i s s i o n s from t h e co m m a n d l i n e is chmod, s h ort for " c h a n g e
m o d e " ( p e r m i s s i o n s a re a l so c a l l e d t h e mode o f a f i l e) . The c hmod com m a n d ta kes a p e r m i s s i o n
i n struction fo l l owed by a l i st of f i l e s o r d i rectories to c h a n g e. T h e p e r m i s s i o n i n st r u c t i o n c a n be
issued either sy m bo l i ca l l y (t h e sy m b o l i c method) o r n u m e r i ca l l y (t h e n u m e r i c method).
-
-
Sy m bo l i c method keywo rd s :
r chmod WhoWha tWhich file l di rec tory
•
Who is u, g , o, a (for user, group, other, all)
•
What is +, -, = (for add, remove, set exactly)
•
Which is r, w, x (for read, write, executable)
-
-
-
T h e symbolic method of c h a n g i n g f i l e p e r m i s s i o n s uses l etters to represent t h e d iffe rent g ro u p s
o f p e r m i s s i o n s : u f o r u s e r, g f o r g ro u p, o for ot h e r, a n d a for a l l .
W i t h t h e sym b o l i c met h o d , i t i s not n ecess a ry t o set a com p l ete new g r o u p o f p e r m i s s i o n s .
I n stead, it is possi b l e to c h a n g e o n e o r m o re of t h e existing p e r m issions. I n order to a cco m p l is h
t h i s, u s e t h ree sy m b o l s : + to a d d p e r m i s s i o n s to a set, - t o remove p e r m i s s i o n s f r o m a s e t , a n d =
to r e p l a c e t h e e n t i re set for a g ro u p of p e r m issions.
T h e permissions t h e m s e l ves a re re p resented by a s i n g l e l etter: r for read , w for write, and x for
execute.
...--- ·--�-���-----�--���--.
I
•
•
### file l direc tory
E a c h d i g it re p resents a n a ccess l eve l : u s e r, g ro u p, ot h e r.
#
-.
-
-
is s u m of r=4, w=2, a n d x = 1 .
U s i n g t h e numeric met h o d , p e r m i s s i o n s a re re p resented b y a t h ree-d i g i t ( o r four, w h e n sett i n g
a d v a n ced p e r m i ssions) octal n u m b e r. A s i n g l e octa l d i g i t c a n r e p resent t h e n u m bers 0 - 7 , exact l y
t h e n u m b e r o f pos s i bi l ities f o r a t h ree-bit n u m be r.
To co nve rt betwe e n sy m b o l i c a nd n u m e r i c representation of p e r m i s s i o n s, we need to k n ow how
the m a p p i n g i s d o ne. In the t h ree-d i g i t oct a l ( n u m e r i c) represe ntat i o n , each digit sta n d s for o n e
150
-
-
N u m e r i c met h o d :
l c hmod
-
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
-
-
-
C h a n g i n g f i l e/d i rectory user o r g ro u p ow n e rs h i p
-
g ro u p o f p e r m i s s i o n s , f r o m l eft t o r i g h t : u s e r, g ro u p , a n d ot h e r. I n e a c h of t h e s e g ro u p s , start w i t h
0. I f t h e rea d p e r m i s s i o n is present, a d d 4 . A d d 2 i f write i s p resent. a n d 1 f o r execute.
-
N u m e r i c p e r m i s s i o n s a re often used by a d va n ce d a d m i n istrators s i n c e t h ey a re s h o rter to type
and p ro n o u n ce, w h i l e st i l l g i v i n g fu l l control ove r a l l p e r m i ss i o n s.
-
-
-
-
Exa m i n e t h e p e r m i s s i o n s - rwx r - x - - - . Fo r t h e u s e r, rwx i s ca l c u l ated a s 4+2+1=7. Fo r t h e
g roup, r - x is ca l c u lated a s 4+0+1=5, a n d for o t h e r u s e rs, - - - is repres e n ted w i t h 0. Putt i n g
t hese t h re e toget h e r, t h e n u m e r i c repres e n t a t i o n of t h o s e p e r m i s s i o n s i s 750.
This ca l c u l at i o n c a n also be perfo r m ed i n t h e o pposite d i rect i o n . Look at t h e p e r m issions 640.
For t h e u s e r p e r m i s s i o n s, 6 represents read (4) a n d w rite (2), w h i c h d i s p l ays a s rw - . Fo r t h e
g ro u p pa rt. 4 o n l y i n c l u d es r e a d ( 4 ) a n d d i s p l ays a s r - - . T h e 0 f o r o t h e r p rovides n o p e r m i s s i o n s
( - - - ) a n d t h e f i n a l s e t of sym b o l i c p e r m i s s i o ns for t h i s f i l e i s - rw - r - - - - - .
Exa m p l es
•
Remove read a n d w rite p e r m i s s i o n for g r o u p a n d ot h e r on filel:
[student@desktopX -]$
-
c hmod go - rw filel
-
•
-
I [ student@desktopX -]$
Add execute p e r m i ss i o n for everyo n e o n file2:
L__���
'
-
•
-
-·-·· ��---�
chmod a+x file2
�
Set rea d , w r ite, a n d execute perm ission for u s e r, rea d , a n d execute for g roup, a n d n o
p e r m i s s i o n f o r ot h e r o n sampled i r :
1I [ student@desktopX -]$
·=1
-���
- �- -- -
-
-
-
-
-
chmod 750 sampledi r
Note
T h e c hmod com m a n d s s u p ports t h e - R o p t i o n for rec u rsively sett i n g p e r m i s s i o n s
o n a n e n t i re d i rectory t ree. W h e n u s i n g t h i s o pt i o n , b e s u re to u s e t h e X p e r m issions
i n stead of t h e x p e r m i s s i o n to i n d icate t h a t execute p e r m i s s i o n s should only b e set o n
d i rectories, a n d n o t reg u l a r f i l es. Fo r exa m p l e, t h e fo l l ow i n g com m a n d w i l l recu rsive l y
set r e a d a n d write a ccess o n d emodi r a n d a l l its c h i l d re n f o r t h e i r g ro u p o w n e r, but w i l l
o n l y a p p l y execute p e r m i s s i o n s to d i rectories, n o t reg u l a r f i l e s :
i
j
[ student@desktopX -]#
chmod - R g+ rwX demodir
L
-
Changing file/directory user or group ownership
-
A new l y c reated f i l e is owned by t h e user w h o c reates t h e f i l e. By defa u l t , t h e n e w f i l e has
a g ro u p o w n e rs h i p which is t h e p r i m a ry g r o u p of t h e u s e r c reat i n g t h e fi l e. S i n ce Red Hat
Enterprise L i n u x uses u s e r private g roups, this g r o u p is often a g ro u p w i t h only t h a t u s e r a s a
-
-
-
RH124-R H E L7-en-1-20140606
1 51
-
-
C h a pter 6. Con tro l l i n g Access to F i l e s w i t h L i n u x F i l e System Pe r m i s s i o n s
-
m e m be r. To g ra nt a c c e s s based on g ro u p m e m b e rs h i p, t h e own e r o r t h e g r o u p of a f i l e may n e e d
to b e c h a n g e d .
-
F i l e owners h i p ca n be c h a n g e d with t h e c hown c o m m a n d . For exa m p l e, to g ra nt o w n e rs h i p of
t h e f i l e foofile to s t u d e n t , t h e fo l l owi n g co m m a n d co u l d be used:
I [ root@desktopX -]#
i
I
-
c hown s t udent foofile
chown can be used w i t h t h e - R opt i o n to rec u rs i v e l y c h a n g e t h e ow n e rs h i p of a n e n t i re d i recto ry
t ree. The fo l l ow i n g co m m a n d wo u l d g ra nt ow n e rs h i p of foodi r and a l l f i l e s and s u b d i rectories
wit h i n it to s t u d e n t :
[ root@desktopX -]#
I
-
chown - R s t udent foodir
-
The c hown com m a n d ca n a l so be used to c h a n g e g ro u p own e r s h i p of a f i l e by p rece d i n g t h e
g r o u p n a m e w i t h a co l o n ( : ). Fo r exa m p l e, t h e fo l l o w i n g com m a n d w i l l c h a n g e t h e g r o u p foodir
to admins :
I
-
;
[ root@desktopX -]#
chown : admins foodir
-
The c hown co m m a n d c a n a l so be used to c h a n g e both owner a n d g ro u p at t h e s a m e t i m e by
u s i n g the synta x owne r : group. Fo r exa m p l e, to c h a n g e the owners h i p of foo d i r to vis i t o r
a n d t h e g r o u p to g u e s t s , u s e :
! [ root@desktopX -]#
I
-
c hown visitor : gu e s t s foodi r
-
-
O n l y root c a n c h a ng e t h e owners h i p of a f i le. G r o u p o w n e rs h i p, h owever, c a n be set by root
o r t h e fi l e ' s o w n e r. root c a n g rant ow n e rs h i p to a ny g ro u p, w h i l e n o n - root u s e rs ca n g ra nt
ow n e rs h i p o n l y to grou ps t h ey b e l o n g to.
-
-
Note
I nstead of u s i n g c hown, some u s e rs c h a n g e t h e g ro u p ow n e r s h i p by u s i n g t h e c h g r p
com m a n d ; t h i s co m m a n d works exact l y t h e s a m e a s c h a n g i n g ow n e rs h i p w i t h c hown,
i n c l u d i n g t h e use of - R to affect e n t i re d i rectory t rees.
-
-
J,i
R
References
I
·.__
-
ls(1 ), chmod(1), c h own(1 ) , a n d c h g r p(1) m a n p a g e s
-
-
-
-
152
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
Practice: M a n a g i n g F i l e S e c u rity from t h e C o m m a n d L i n e
-
-
P ra ct i ce: M a n a g i n g Fi l e S e c u rity fro m t h e
Co m m a n d L i n e
-
Guided exercise
-
-
-
I n t h i s l a b, you w i l l c reate a co l l a b o ra t ive d i rectory fo r pre-ex i s t i n g u s e rs.
Outcomes
A d i rectory a ccess i b l e by a l l m e m b e rs of t h e at eam g ro u p and a file c reated by Andy t h a t ca n b e
mod ified by A l ice.
Before you begin ...
Reset yo u r s e rverX system.
-
D 1.
L o g i n to t h e G N O M E d e s ktop on serverX a s s t u d e n t w i t h a pa ssword of passwo r d .
D 2.
O p e n a w i ndow with a B a s h p ro m pt.
-
S e l ect
-
D 3.
Become t h e root user at the sh e l l prom pt.
-
D 4.
-
[ root@serverX
D 5.
-
- ] # lab pe rmissions s e t u p
C reate a d i rectory i n / home called a t e am - text.
I [ root@serverX - ] # mkdir /home/ateam - t ext
i
D 6.
C h a n g e t h e g r o u p ow n e rs h i p of t h e ateam - t ext d i rectory to at eam.
[ root@serverX
-
D 7.
!
!
D 8.
- ] # chown : ateam /home/ateam - t ext
E n s u re the p e r m i s s i o n s of a t eam - t e x t a l l ows g ro u p m e m b e rs to c reate a n d d e l ete f i l es.
i
....
- ] $ su -
redhat
R u n lab pe rmissions s e t u p w h i c h w i l l c reate a s h a red g ro u p , ateam, w i t h two n e w
u s e rs, an d y a n d alice. T h e password for these accou nts i s passwo rd
-
-
[student@serverx
I, Password :
I
-
A p p l i c a t i o n s > Ut i l i t i e s > Term i n a l.
[ root@serverX
- ] # chmod g+w /home/ateam - t ext
E n s u re t h e p e r m i s s i o n s of a t eam - t e x t forbids ot h e rs from accessi n g its fi l es.
[ root@serverx - ] # chmod 770 /home/ateam - text
[ root@serverX - ] $ ls - ld /home/ateam - text
drwxrwx- - - . 1 root ateam 6 Jan 23 12 : 50 /home/ateam- text
-
-
-
R H 1 24- R H E L 7-en-1-20140606
1 53
-
-
C h a pter 6. Co n tro l l i n g Access to F i l es w i t h L i n u x F i l e System Pe r m i s s i o n s
-
D 9.
D 1 0.
D 11.
D 12.
Exit t h e root s he l l a n d s w i t c h to t h e u s e r a ndy with a pa ssword of passwo r d .
[ root@serverx -]# exit
[student@serverX -]$ su
Password : password
-
- andy
-
N av i g ate to t h e / home/at eam - t ext fo l d e r (reme m b e r to open a te r m i n a l w i n d ow f i rst).
I
[andy@serverX -]$
-
cd /home/ateam - text
-
C reate a n e m pty file ca l l e d andyfile3.
[andy@serverX ateam- text] $
-
touch andyfile3
Record t h e defa u lt u s e r and group ow n e rs h i p of t h e new fi l e and its permissions.
[andy@serverX ateam- text ] $ ls andyfile3
- rw- rw- r - - . 1 andy andy 0 Jan 23 12 : 59 andyfile3
-
-1
D 13.
-
C h a n g e the g r o u p ow n e rs h i p of the new fi l e to ateam and record the new o w n e rs h i p a n d
p e r m issions.
[andy@serverX ateam- text]$ chown : ateam andyfile3
[andy@serverX ateam- text ] $ ls -1 andyfile3
- rw- rw- r- - . 1 andy ateam 0 Jan 23 12 : 59 andyfile3
D 14.
D 1 5.
D 1 6.
-
Exit the s h e l l and switch to the user alice with a password of passwor d.
[ root@serverx -]# exit
[ student@serverX -]$ su
Password : passwo r d
-
-
- alice
-
N a v i g ate to t h e /home/at e am - t ext fo l d e r.
[alice@serverX -]$
-
cd /home/ateam - text
-
Dete r m i n e alic e ' s p r i v i l e g e s to a ccess a nd /o r mod ify andyfile3.
[alice@serverX ateam-text] $ e c h o " text " >>
[alice@serverX ateam-text ] $ cat andyfile3
text
-
andyfile3
-
-
-
154
R H 1 24- R H E L7-e n-1-20140606
-
-
-
-
M a n a g i n g Defa u lt P e r m i s s i o n s a n d F i l e Access
-
M a n a g i n g Defa u lt Pe r m i ss i o n s a n d F i l e Access
-
-
-
-
Objectives
Afte r com p l et i n g t h i s section, st u d e nts s h o u l d be a b l e to confi g u re a d i rectory i n w h i c h newly
c reated f i l e s a re a ut o m a t i ca l l y writa b l e by m e m b e rs of t h e g ro u p which owns t h e d i rectory, u s i n g
spec i a l p e r m i s s i o n s a n d defa u lt u m a s k sett i n g s.
Special per missions
The
(o r setg id) permission on a n executa b l e f i l e m e a n s t h a t t h e c o m m a n d w i l l r u n as t h e
( o r g ro u p) o f t h e f i l e, not a s t h e u s e r t h a t ra n t h e c o m m a n d . O n e exa m p l e is t h e passwd
com m a n d :
set u i d
user
-
[student@desktopX ] $ l s / u s r/bin/passwd
- rwsr -xr-x . 1 root root 35504 Jul 16 2010 /usr/bin/passwd
-1
-
-
-
The st i c ky bit fo r a d i rectory sets a speci a l rest riction on d e l etion of f i l e s : O n l y t h e owner of t h e
f i l e (a n d roo t ) c a n d e l ete f i l e s wit h i n t h e d i rectory. A n exa m p l e is / t m p :
[student@desktopX -]$ ls - ld /tmp
drwxrwxrwt . 39 root root 4096 Feb 8 20 : 52 /tmp
,-- ---- ---
-
-
. .- --- . - -- - - -� - · ·
----
Last l y, setg i d o n a d i rectory m e a n s that f i l e s created i n the d i rectory w i l l i n herit the g roup
affi l ia t i o n from t h e d i rectory, rat h e r than i n h e r i t i n g it from t h e crea t i n g u s e r. T h i s i s com m o n l y
u s e d o n g ro u p co l l a b o rat ive d i rectories to a ut o m a t i ca l l y c h a n g e a f i l e f r o m t h e defa u lt private
g ro u p to the s h a re d g roup.
Effects o f special permissions o n files and directories
-
Speci a l
permission
Effect o n f i l es
Effect on d i rectories
u+s (s u i d )
F i l e executes a s t h e u s e r t h a t o w n s
the f i l e , not the user t h at ra n the f i l e.
N o effect.
g+s (sg i d )
F i l e executes a s t h e g ro u p t h a t o w n s
the f i l e.
F i l es n e w l y created i n t h e d i rectory
have t h e i r g ro u p owner set to match t h e
g ro u p ow n e r o f t h e d i recto ry.
o+t (st i c ky)
No effect.
Users with write o n the d i rectory can
o n l y remove f i l e s that t h ey own; t h ey
ca n n ot rem ove o r force saves to f i l es
owned by ot h e r users.
-
-
-
-
Sett i n g s p e c i a l p e r m i s s i o n s
-
-
•
Sym b o l i c a l ly: s et u i d
•
N u m e r ica l l y (fo u rt h prece d i n g d i g it): set u i d = 4; setg id
=
u + s ; setg i d
=
g + s ; s t i c ky
=
o+t
=
2; sticky
=
1
Exa m p l es
•
Add t h e setg i d bit o n d i r e c t o ry:
-
-
-
R H1 24- R H E L 7-en-1 -20140606
155
-
-
C h a pter 6. C o n t ro l l i n g Access to F i l e s w i t h L i n u x F i l e System Pe r m i s s i o n s
[ root@desktopX
•
I
- ] # chmod g + s direc t o ry
���----1
Set the setg i d bit, a n d rea d/write/execute for u s e r a n d g r o u p o n d i r e c t o ry:
-
-
-
-
-
Default file permissions
The d efa u l t p e r m i s s i o n s for f i l es a re set by t h e p rocesses t h a t create t h e m . Fo r exa m p l e, text
edito rs c reate f i l e s so t h ey a re rea d a b l e and w ritea b l e, but not executa b l e, by eve ryo n e. The
same goes for s h e l l red i re ct i o n . Additi o n a l l y, b i n a ry executa b l es a re created executa b l e by the
co m p i l ers that c reate t h e m . The mk d i r com m a n d c reates new d i rectories with a l l p e r m i s s i o n s
set-read , w rite, a n d execute.
Experience s h ows that t h ese p e r m i s s i o n s a re not typica l l y set w h e n new f i l e s a n d d i rectories a re
c reated. T h i s is because some of t h e p e r m issio n s a re c l ea red by t h e u m a s k of t h e s h e l l p rocess.
The umas k co m m a n d w i t h o u t a rg u men ts w i l l d i s p l a y the c u rrent va l u e of the s h e l l ' s u ma s k :
[student@desktopX
0002
i
i
!
-
-
-
-
- ] $ umask
Eve ry process o n t h e syste m h a s a u m a s k , w h i c h i s a n octa l b i t m a s k t h a t is used to c l e a r t h e
p e r m i s s i o n s of new f i l e s a n d d i recto ries t h a t a re c reated by t h e p rocess. I f a bit is s e t i n t h e
u m a s k , t h e n t h e corres p o n d i n g p e r m i s s i o n is c l e a red i n n e w f i l es. Fo r exa m p l e, t h e p revi o u s
u m a s k , 0 0 0 2 , c l e a rs t h e w rite bit for o t h e r u s e rs. T h e l e a d i n g zeros i n d icate t h e s p e c i a l , u s e r, a n d
g r o u p p e r m i s s i o n s a re not c l e a red. A u m a s k of 0 7 7 c l e a rs a l l t h e g r o u p a n d ot h e r p e r m i s s i o n s o f
ne w l y created f i l es .
Use t h e umas k c o m m a n d w i t h a s i n g l e n u m e r i c a rg u m e nt to c h a n g e t h e u m a s k o f t h e c u rrent
s h e l l . The n u m e ri c a rg u me n t s h o u l d b e a n octa l va l u e corres p o n d i n g to the n e w u m a s k va l u e. I f it
is less t h a n 3 d i g its, l e a d i n g zeros a re a s s u m e d .
-
-
-
The system defa u lt u m a s k va l u es f o r B a s h sh e l l u s e rs a re defined i n t h e / e t c / p rofile a n d
/ e t c /bas h r c f i l es. U s e rs can ove r r i d e t h e system defa u lts i n t h e i r . bas h_p rofile a n d
. bas h r c f i l es.
-
In this exa m p l e, p l ease fo l l ow a l o n g w i t h the next steps w h i l e yo u r i n st r u ctor d e m o n st rates t h e
effects of umas k on new f i l e s a n d d i rectories.
1.
-
C reate a new file a nd d i rectory to see how the defa u l t umask a ffects p e r m i s s i o n s .
r
[student@desktopX - ] $ touch newfile1
[student@desktopX - ] $ ls newfile1
- rw- rw- r - - . 1 student student 0 May 9 01 : 54 newfile1
[student@desktopX - ] $ mkdir newdir1
[student@desktopX - ] $ ls - ld newdir1
drwxrwxr-x . 2 student student 0 May 9 01 : 54 newdir1
-
-1
156
-
R H 1 24- R H E L7-en-1 -20140606
-
-
-
-
Defa u lt f i l e p e r m i s s i o n s
-
2.
[student@desktopX - ] $ umask 0
[ student@desktopX ] $ t o u c h newfile2
[student@desktopX - ] $ ls newfile2
- rw- rw- rw- . 1 student student 0 May 9 01 : 54 newfile2
[ student@desktopX - ] $ mkdir newdir2
[ student@desktopX - ] $ ls - ld newdir2
drwxrwxrwx . 2 student student 0 May 9 01 : 54 newdir2
-
-
-
-
-
3.
-
-1
Set t h e umask va l u e to 0 07. This sett i n g w i l l mask a l l of t h e "ot h e r " p e r m i s s i o n s of new f i l es.
[student@desktopX - ] $ umask 007
[student@desktopX - ] $ touch newfile3
[student@desktopX - ] $ ls newfile3
- rw- rw- - - - . 1 student student 0 May 9 01 : 55 newfile3
[student@desktopX - ]$ mkdir newdir3
[student@desktopX - ] $ ls - ld newdir3
drwxrwx - - - . 2 student student 0 May 9 01 : 54 newdir3
-1
-
-
S e t t h e u m a s k va l u e t o 0. T h i s sett i n g w i l l n o t m a s k a n y of t h e p e r m i s s i o n s o f new f i l es.
C reate a new file and d i rectory to see how this new u m a s k affects permissions.
4.
S e t t h e u m a s k va l u e t o 027. T h i s sett i n g w i l l m a s k w r i t e a ccess f o r g roup m e m b e rs a n d a l l o f
t h e "ot h e r " p e r m i s s i o n s of new f i l es.
[student@desktopX ] $ umask 027
[student@desktopX - ] $ touch newfile4
[student@desktopX - ] $ ls newfile4
- rw- r - - - - - . 1 student student 0 May 9 01 : 55 newfile4
[ student@desktopX -]$ mkdir newdir4
[student@desktopX -]$ ls - ld newdir4
drwxr-x- - - . 2 student student 0 May 9 01 : 54 newdir4
-
-
-1
-
-
5.
-
-
-
-
-
-
-
Log i n a s root to change t h e defa u l t umask for u n p r i v i l eged u s e rs to pro h i b it a l l access for
u s e rs not i n t h e i r g ro u p.
M o d ify /etc/bas h r c a n d / e t c / p rofile to c h a n g e t h e defa u l t u m a s k for B a s h s h e l l
u s e rs. S i nce t h e defa u l t u m a s k f o r u n p ri v i l eged u s e rs is 0002, l o o k f o r t h e umas k com m a n d
i n these f i l es t h a t sets t h e u m a s k t o t h a t va l ue. C h a n g e t h e m to s e t t h e u m a s k to 007.
[ root@desktopX - ] # less /et c/bas h r c
# You could check uidgid reservation validity in
# /usr/share/doc/setup- */uidgid file
if [ $UID -gt 199 ] && [ '" id -gn ' " = " ' id - un ' " ] ; then
umask 002
else
umask 022
fi
# Only display echos from profile . d scripts if we are no login shell
[ root@desktopX - ] # vim /etc/bas h r c
[ root@desktopX - ] # less /etc/bashrc
# You could check uidgid reservation validity in
# /usr/share/doc/setup- */uidgid file
if [ $UID -gt 199 ] && [ " ' id -gn ' " = " ' id - un ' " ] ; then
umask 0 0 7
else
-
-
-
R H124- R H E L 7-e n -1-20140606
1 57
-
-
C h a pter 6. Contro l l i n g Access to F i l es w i t h L i n u x F i l e Syste m P e r m i s s i o n s
umask 022
fi
# Only display echos from profile . d scripts if we are no login shell
[ root@desktopX -)# less /etc/profile
# You could check uidgid reservation validity in
# /usr/share/doc/setup- */uidgid file
if [ $UID -gt 199 ] && [ " ' id -gn ' " " ' id - un ' " ] ; then
umask 002
else
umask 022
fi
for i in /etc/profile . d/* . sh ; do
[ root@desktopX -)# vim /etc/profile
[ root@desktopX -]# less /etc/profile
# You could check uidgid reservation validity in
# /usr/share/doc/setup- */uidgid file
if [ $UID -gt 199 ) && [ " ' id -gn ' " " ' id - un ' " ] ; then
umask 0 0 7
else
umask 022
fi
for i in /etc/profile . d/ * . sh ; do
-
-
-
=
-
-
-
=
6.
Log back i n a s s t u d e n t a n d confi r m that t h e umask c h a n g e s you m a d e a re persistent.
I [ student@desktopX -)$ umask
0001
I
L_ -- ��������-----'
Note
-
-
-
-
-
ot h e r s h e l l s , s u c h a s t c sh, m a y have different syste m d e fa u l t i n i t i a l i z a t i o n f i l e s i n
/ e t c a n d u sers' h o m e d i rectories.
-
References
I R
"
-
bash(l), ls(l), c hmod(l ), a n d umask(l) m a n pages
-
-
-
-
-
158
R H 1 24- R H E L7-e n -1-20140606
-
-
-
-
Practice: Contro l l i n g N ew F i l e P e r m i s s i o n s a n d O w n e rs h i p
-
-
P ra ct i ce: Cont ro l l i n g N ew Fi l e Pe r m iss i o n s a n d
Ow n e rs h i p
-
Guide d exercise
-
I n t h i s l a b, you w i l l control defa u lt p e r m i s s i o n s o n new f i l e s u s i n g t h e umas k com m a n d a n d
set gid p e r m i s s i o n .
-
Outcomes
•
E x p e r i m e n t with va r i o u s u m a s k sett i n g s .
-
-
C reate a s h a re d d i rectory w h e re new f i l es a re a utomatica l l y owned by t h e g ro u p ateam.
•
Adj ust d e fa u lt p e r m issions fo r s p e c ific u s e rs .
•
Confi r m you r adjustment is correct.
Before you begin ...
-
-
Reset yo u r s e rverX system. Run lab permissions s e t u p to c reate the alice a ccount. The
password for alice is passwo r d .
D 1.
L o g i n as alice on you r s e rve rX v i rt u a l m a c h i n e a n d o p e n a w i n d ow w i t h a Bash
prom pt. U s e t h e umas k com m a n d without a rg u ments to d i s p l a y A l ice's defa u l t u m a s k
va l u e.
[alice@serverX -]$ umask
0002
-
-
D 2.
-
C reate a new d i recto ry / t m p / s h a r e d a n d a new f i l e / t m p / s h a r ed/defau l t s to see
how the defa u l t u m a s k affects p e r m i s s i o n s .
[ alice@serverX -]$ mkdir /tmp/shared
[alice@serverX -]$ ls -ld /tmp/shared
drwxrwxr-x . 2 alice alice 6 Jan 26 18 : 43 /tmp/shared
[alice@serverX -]$ touch /tmp/shared/defaults
[alice@serverX -]$ ls /tmp/shared/defaults
- rw- rw- r - - . 1 alice alice 0 Jan 26 18 : 43 /tmp/shared/defaults
-
-
-
-
D 3.
-
Change t h e g ro u p ow n e rs h i p of / t mp/shared to at eam and record t h e n ew owners h i p
a n d p e r m issions.
[alice@serverx -]$ chown : ateam /tmp/shared
[ alice@serverX -]$ ls -ld /tmp/shared
drwxrwxr-x . 2 alice ateam 21 Jan 26 18 : 43 /tmp/shared
-
-
1
D 4.
C reate a new file i n / t mp/shared and record t h e ow n e rs h i p and p e r m issions.
[ alice@serverX -]$ touch /tmp/shared/alice3
[alice@serverX -]$ ls /tmp/shared/alice3
- rw- rw- r - - . 1 alice alice 0 Jan 26 18 : 46 /tmp/shared/alice3
-1
-
-
-
R H 1 24- R H E L7 - en -1 -20140606
1 59
-
-
C h a pter 6. C o n t ro l l i n g Access to F i l e s w i t h L i n u x F i l e System Pe r m i s s i o n s
-
D 5.
E n s u re t h e p e r m i s s i o n s o f / t m p / s h a r e d c a u s e f i l e s c reated i n t h a t d i rectory to i n herit
t h e g ro u p o w n e rs h i p of ateam.
[alice@serverx -]$ chmod g+s /tmp/shared
[alice@serverx -]$ ls -ld /tmp/shared
drwxrws r - x . 2 alice ateam 34 Jan 26 18 : 46 /tmp/shared
[alice@serverx -]$ touch /tmp/shared/alice4
[alice@serverx -]$ ls /tmp/shared/alice4
- rw- rw- r - - . 1 alice ateam 0 Jan 26 18 : 48 /tmp/shared/alice4
-
-
-1
D 6.
C h a n g e the u m a s k for alice s u c h that n e w f i l es a re c reated with rea d-on l y access for
the g ro u p a n d n o access for ot h e r u s e rs. C reate a new f i l e a nd rec o rd the o w n e rs h i p a n d
p e r m i s s i o n s.
[alice@serverX -]$ umask 027
[alice@serverx -]$ touch /tmp/shared/alice5
[alice@serverX -]$ ls /tmp/shared/alice5
- rw- r - - - - - . 1 alice ateam 0 Jan 26 18 : 48 /tmp/shared/alice5
-
-
-
-1
D 7.
D 8.
[
O p e n a n e w B a s h s h e l l as alice a n d view t h e u m a s k .
[alioo@mmx -]$ "'"''
0002
-
-
C h a n g e t h e defa u l t umask fo r alice to p ro h i b it a l l a ccess for u s e rs n ot i n their g ro u p.
[alice@serverx -]# echo "umask 007 " >> -/ . bashrc
[alice@serverx -]# cat -/ . bashrc
# . bashrc
# Source global definitions
if [ -f /etc/bashrc ] ; then
/etc/bashrc
fi
# Uncomment the following line if you don ' t like systemctl ' s auto- paging feature :
# export SYSTEMD_PAGER=
# User specific aliases and functions
umask 007
D 9.
-
Log o u t a n d b a c k i nto se rverX as alice a n d confirm t h a t t h e u m a s k c h a n g e s you m a d e
a re p e rs istent.
[alice@serverX -]$ umask
0007
-
-
-
-
-
-
-
-
1 60
R H 1 24- R H EL 7-e n-1-20140606
-
-
-
L a b : Contro l l i n g Access to F i l es with L i n u x F i l e Syst e m P e r m i s s i o n s
-
-
La b: Co n t ro l l i n g Access to F i l es wit h L i n u x F i l e
Syste m Pe rm i ss i o n s
-
Performance checklist
-
I n t h i s l a b, you w i l l config u re a system with d i rectories for u s e r co l l a b o rat ion.
Outcomes
-
-
•
•
•
A d i rectory on serve r X ca l l ed / home/ s t ooges w h e re t h ese t h ree u s e rs ca n work
co l l a borat ive l y o n f i l es.
O n l y t h e user and group access, c reate, and d e l ete fi l es i n / home/ s t ooges. F i l es c reated in
this d i rectory s h o u l d a utomatica l l y be a s s i g n e d a group o w n e rs h i p of s t ooges.
New files c reated by u s e rs w i l l not be a cces s i b l e outside of t h e g roup.
Before you begin . . .
-
....
-
-
I [student@serverX -]$ lab permissions setup
Reset yo u r se rve rX syst e m . Log into a n d set u p yo u r server syste m .
i
Yo u r serve r X m a c h i n e h a s t h ree accou nts, c u r ly, lar ry, a n d moe, w h o a re m e m b e rs of a g ro u p
c a l l e d s t ooges. T h e password f o r e a c h acco u n t i s passwo r d .
1.
O p e n a term i n a l w i n d ow a n d become root o n serverX.
2.
C reate t h e /home / s t ooges d i rectory.
3.
C h a n g e g ro u p p e r m i s s i o n s on the /hom e/stooges d i rectory so it b e l o n g s to the stooges
g ro u p.
4.
Set p e r m i s s i o n s o n the /home/ s t ooges d i rectory so it i s a set G I D bit d i rectory (2), t h e
o w n e r (7 ) a n d g ro u p ( 7 ) h a v e fu l l read/w r ite/execute p e r m issions, a n d ot h e r u s e rs h a v e n o
p e r m i s s i o n (0) to t h e d i rectory.
5.
C h eck that the p e r m i s s i o n s were set p r o p e r l y.
6.
M o d ify t h e g l o b a l l o g i n s c r i pts so that n o r m a l u s e rs have a u m a s k sett i n g w h i c h p reve nts
ot h e rs from viewing or m o d ify i n g new files and d i rectories.
7.
W h e n you f i n i s h , o p e n a t e r m i n a l w i n d ow o n serve r X a n d r u n lab permissions g r ade to
confi r m you have d o n e eve ryt h i n g correct l y.
-
-
...
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
1 61
-
-
C h a pter 6. Con tro l l i ng Access to F i l e s with L i n u x F i l e System P e r m i s s i o n s
-
Solution
-
I n t h i s l a b , you w i l l confi g u re a system with d i rectories for u s e r co l l a borat i o n .
Outcomes
•
-
A d i rectory o n serve r X ca l l ed /home/st ooges w h e re t h e s e t h re e users c a n work
co l l a borative l y on f i l es.
-
•
•
O n l y t h e user and g r o u p a ccess, c reate, and d e l ete f i l es in / home / s t ooges. F i l e s c reated in
t h i s d i rectory s h o u l d a ut o m a t i ca l l y b e a s s i g n e d a g r o u p o w n e rs h i p of s t ooges.
-
New files c reated by users w i l l not be acces s i b l e outside of the g roup.
Before you begin. . .
-
Reset yo u r serverX syst e m . Log into and set u p yo u r server syste m .
I
[ student@serverX -]$ lab permissions setup
-
Yo u r serverX m a c h i n e has t h re e a ccou nts, c u r ly, lar ry, and moe, w h o a re m e m b e rs of a g ro u p
ca l l ed s t ooges. The pa ssword f o r e a c h a ccount i s passwo r d .
1.
2.
[student@serverX -]$ su Password : redhat
[ root@serverX -]#
I
C reate t h e /home /s tooges d i recto ry.
j
I
3.
---1
O p e n a te r m i n a l w i n d ow a n d become root o n serverX.
!
-
[ root@serverx -]# mkdir /home/stooges
-
C h a n g e g ro u p p e r m i s s i o n s o n t h e /home/stooges d i rectory so it b e l o n g s to t h e stooges
g ro u p .
[ root@serverx -]# chown : stooges /home/stooges
�
Set p e r m i s s i o n s o n t h e /home / s t ooges d i rectory so it is a set G I D bit d i rectory (2), t h e
o w n e r (7 ) a n d g r o u p (7 ) h ave f u l l read/write/execute p e r m i s s i o n s, a n d o t h e r u s e rs h a ve no
permission (0) to t h e d i rectory.
[ root@serverX -]# chmod
5.
-
-
I
I
L_��--�---4.
-
2770
/home/stooges
-
-
-
-
C h e c k that the p e r m i s s i o n s were set p ro p e r l y.
[ root@serverX -]# ls -ld /home/stooges
drwxrws- - - . 2 root stooges 1024 Dec 9 1 : 38 /home/stooges
-
-
6.
1 62
M o d i fy the g l o b a l l o g i n s c r i pts so that n o r m a l u s e rs h a ve a u ma s k sett i n g w h i c h p reve nts
o t h e rs from view i n g o r m o d i fy i n g n ew files and d i rectories.
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
Sol ution
-
[ root@serverX -]# vim /etc/bashrc
[ root@serverx -]# vim /etc/profile
[ root@serverX -]# less /etc/bashrc
# You could check uidgid reservation validity in
# /usr/share/doc/setup- */uidgid file
if [ $UID -gt 199 ] && [ '" id -gn ' " = " ' id -un ' " ] ; then
umask 0 0 7
else
umask e 2 2
fi
for i in /etc/profile . d/ * . sh ; do
-
-
-
-
7.
-
W h e n you f i n i s h , open a term i n a l w i n dow o n serverX a n d r u n lab pe rmissions g r ad e to
confirm you h ave d o n e everyt h i n g correct l y.
[ student@serverX -]$ lab permissions grade
-
-
-
-
-
..
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
1 63
-
-
C h a pter 6. C o n t ro l l i n g Access to F i l es w i t h L i n u x F i l e System Pe r m i s s i o n s
-
S u m m a ry
-
L i n u x F i l e System Pe r m i s s i o n s
I nt e r p ret f i l e a n d d i rectory p e r m i s s i o n s a s d i s p l ayed with t h e l s co m m a n d .
-
M a n a g i n g F i l e System Pe r m i s s i o n s f r o m t h e C o m m a n d L i n e
M o d ify ow n e rs h i p a n d p e r m i s s i o n s of f i l e s a n d d i rectories u s i n g c hmod a n d chown.
-
M a n a g i n g Defa u l t Pe r m i s s i o n s and F i l e Access
E x p l a i n how d efa u l t p e r m i s s i o n s a re set by the system and u s e umas k and SGI D to
control a uto m a ti c a ccess to f i l es.
-
-
-
-
......
-
-
-
-
-
-
-
-
-
1 64
RH124- R H E L7-en-1-20140606
-
®
red h at
TRAINING
®
C HA PT E R 7
MONITORING AND MANAGING
LINUX P ROCESSES
Overview
Goal
To eva l u ate a n d control processes r u n n i ng on a Red Hat
E nterprise L i n u x syste m .
Objectives
•
List a n d i nterpret b a s i c i nformation a bout processes
r u n n i n g o n t h e system .
•
Control p rocesses i n t h e s h e l l ' s session u s i n g b a s h j o b
contro l .
•
•
Termi nate a n d control p rocesses using s i g n a l s.
Monitor resou rce u s a g e and system load d u e to process
activity.
Sections
Lab
R H124- R H E L7-e n-1 -20140606
•
Processes (a n d Practice)
•
Contro l l i n g Jobs (a n d P ra ctice)
•
K i l l i n g Processes (a n d Pract ice)
•
M o n it o r i n g Process Activity (and Practice)
•
M o n itoring a n d M a n a g i n g L i n u x Processes
165
-
-
C h a pter 7. M o n itoring a n d M a n a g i n g L i n u x Processes
-
P rocesses
-
Objectives
-
Afte r com p l e t i n g t h i s sect i o n , students s h o u l d be a b l e to:
•
Defi n e the l ife cyc l e of a p rocess.
•
Define p rocess states.
•
View and i n t e r p ret process l ist i n g s.
-
-
What is a process?
-
A process is a r u n n i n g i nsta n c e of a l a u n ched, executa b l e progra m . A p rocess c o n s i sts of:
an a d d ress space of a l l ocated m e m o ry,
•
•
secu rity p roperties i n c l u d i n g ow n e rs h i p crede n t i a l s a n d p r i v i l eges,
•
o n e o r m o re exec u t i o n t h re a d s of prog ra m code, a n d
•
t h e p rocess state.
-
-
-
The environment of a p rocess i n c l udes :
loca l a n d g l o ba l va ria b l es,
•
-
•
a c u rrent sched u l i n g context, and
•
a l l ocated system resou rces, such a s file descri pto rs and n etwork ports.
A n exist i n g (parent) process d u p l icates its own a d d ress space (fo r k) to c reate a new (child)
p rocess structu re. Eve ry new p rocess is a s s i g n e d a u n i q u e process ID ( P I O) for t ra c k i n g
a n d s e c u r ity. The P I O a n d t h e parent's process I D ( P P I D) a re e l e m e nts of t h e new p rocess
e n v i ro n m e nt. Any process m a y create a c h i l d p rocess. A l l p rocesses a re desce n d a nts of the f i rst
syst e m p rocess, w h i c h i s syst emd (1) o n a Red Hat Enterprise L i n u x 7 system.
process
fork
i parent
process
child
I
I parent
• I process
wait
i
I
1---�r-1.i process
-
-
-
--------
child
exec
process
process
Figure
7. 1 :
exit
�---L...._
.i
zombie
-
Process life cycle
T h ro u g h t h e fo r k rou t i n e, a c h i l d p rocess i n h erits secu rity i d e ntiti es, p revious a n d c u rrent f i l e
d e s c r i ptors, port a n d resou rce p r i v i l eges, enviro n m e n t va r i a b l es, a n d p ro g ra m code. A c h i l d
p rocess m a y t h e n exec i t s o w n prog ra m code. N o r m a l l y, a p a re n t p rocess sleeps w h i l e t h e c h i l d
process r u n s , sett i n g a req u est (wait ) t o be s i g n a l e d w h e n t h e c h i l d co m p l etes. U p o n exit. t h e
c h i l d p rocess h a s a l ready c l osed o r d i sc a rded i t s resou rces a n d e n v i ron ment; t h e re m a i n d e r i s
166
-
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Process states
refe rred to a s a zombie. The parent, s i g n a led awake when t h e c h i l d exited, c l e a n s t h e rem a i n i n g
structu re, t h e n c o n t i n u e s with i t s o w n pro g r a m code execut i o n .
P rocess states
I n a m u l t i t a s k i n g operating system, e a c h C P U ( o r C P U core) c a n b e w o r k i n g o n o n e p rocess at a
s i n g l e p o i n t i n t i m e. A s a p rocess r u n s , its i m m ed iate req u irements for C P U t i m e a n d reso u rce
a l location c h a ng e . Processes are a s s i g ned a state, which c h a n g es a s c i rc u m st a nces req u i re .
•
fork
reap
run
schedule
exit
preempt or
reschedule
event or
signal
Figure 7.2: Linux process states
The L i n u x p ro cess states a re i l l ustrated in t h e p revious d ia g ra m a n d described in t h e fo l l owi n g
t a b le.
Linux process states
Name
Flag
R u n n i ng
R
TASK_R U N N I N G: The p rocess i s either execu t i n g o n a C P U o r waiting to r u n .
Process c a n be exe c u t i n g user routines o r ker n e l rou t i nes (system c a l l s) , o r
be q u e u e d a n d r e a d y w h e n i n the Running ( o r Runnable) state.
s
TAS K_I N T E R R U PT I BL E : The p rocess i s waiti n g for some c o n d i t i o n : a
h a rdware request, system resou rce a ccess, or s i g n a l . W h e n a n event o r
s i g n a l satisfies t h e c o n d i t i o n , the process ret u r n s to Running.
D
TAS K_U N I N T E R R U PT I B L E : This p rocess is a l s o Sleeping, but u n l i ke s state,
w i l l not res p o n d to d e l ivered s i g n a l s . Used o n l y u n d e r specific conditions i n
w h i c h p rocess i nterruption may cause a n u n p re d i ct a b l e d evice state.
K
TAS K_K I L L A B L E : I d e n t i c a l to the u n i nterrupt i b l e D state, but modified to
a l l ow the w a i t i n g t a s k to res pond to a s i g n a l to be k i l l e d (exited c o m p l etely).
U t i l i t ies f re q u e n t l y d i s p l a y Killable p rocesses a s D state.
Sleeping
Kernel-defined state n a m e a n d description
R H1 24- R H E L7-en-1-20140606
167
-
-
C h a pte r ?. M o n it o r i n g a n d M a n a g i n g L i n u x Processes
-
Name
Flag
Ke r n e l -defined state n a m e a n d description
T
TAS K_STO P P E D : T h e p rocess h a s been Stopped (s u s p e n ded), u s u a l l y by
b e i n g s i g n a led by a u s e r o r a n ot h e r p rocess. The process can be cont i n u ed
(res u m e d ) by a n ot h e r s ig n a l to ret u r n to Running.
T
TAS K_ T R A C E D : A p rocess t h a t is b e i n g d e b u g g ed is a l so t e m p o ra r i l y
Stopped a n d s h a res t h e s a m e T state f l a g .
z
E X I T_ZO M B I E: A c h i l d p rocess s i g n a l s its pa re n t as it exits. A l l resou rces
except for the process i d e n t ity ( P l D) a re re l e a s e d .
-
x
E X I T _ D E A D : W h e n t h e parent c l ea n s u p (reaps) t h e re m a i n i n g c h i l d p rocess
structure, t h e process is now re leased com p l et e l y. T h i s state w i l l never be
observed in p rocess - l i s t i n g uti l ities.
-
Stopped
Zombie
-
-
-
Listing processes
The ps com m a n d is used fo r l i sti n g c u r re n t processes. The co m m a n d ca n p rovide d eta i l ed
p rocess i n fo r m a t i o n , i n c l u d i n g :
•
t h e u s e r i d e n t ificat i o n ( U I D) w h i c h d ete r m i n es p rocess p r i v i l eges,
•
t h e u n i q u e p rocess i d e n t ification ( P I D),
•
t h e C P U and rea l t i m e a l ready e x p e n d e d ,
•
how m u c h m e mory t h e p rocess h a s a l l ocated i n va rious l o c a t i o n s ,
•
t h e locat i o n of p rocess STDOUT, k n o w n a s t h e controlling terminal, a n d
•
t h e c u r re n t p rocess state.
-
-
-
-
-
Important
T h e L i n u x v e rs i o n of ps s u p p o rts t h re e o p t i o n formats, i n c l u d i n g :
U N I X ( PO S I X) options, w h i c h m a y b e g ro u p e d a nd m ust be p receded by a d a s h ,
-
•
•
B S D o p t i o n s, w h i c h may be g ro u p e d a n d m u st n ot be u s e d w i t h a d a s h , a n d
•
G N U l o n g o pt i o n s , w h i c h a re preceded by t w o d a s hes.
-
For exa m p l e, ps - aux is not the same a s ps aux.
A common d i s p l ay l i s t i n g (o ptions aux) d i s p l a ys a l l p rocesses, w i t h col u m n s i n which u s e rs w i l l
b e i nterested, a n d i n c l udes p rocesses w i t h o u t a c o n t ro l l i n g term i n a l . A l o n g l is t i n g (opt i o n s lax)
p rov i d es m o re tec h n i c a l deta i l , but may d i s p l a y faster by avo i d i n g the u s e r n a m e l o o k u p. The
s i m i l a r U N I X syntax uses t h e o pt i o n s - ef to d i s p l a y a l l processes.
[student@serverX -]$ ps aux
USER
PIO %CPU %MEM vsz RSS TTY
root
1 0 . 1 0 . 1 51648 7504 ?
root
2 0.0 0.0
0
0?
root
3 0.0 0.0
0
0?
root
5 0.0 0.0
0
0?
root
7 0.0 0.0
0
0?
-
-
168
o u t p u t t runca ted
-
-
-
·-� - �. ���--"'1�
STAT START TIME
Ss 17 : 45 0 : 03
s
17 : 45 0 : 00
s
17 : 45 0 : 00
S< 17 : 45 0 : 00
s
17 : 45 0 : 00
COMMAND
/usr/lib/systemd/syst
[ kthreadd]
[ksoftirqd/0]
[ kworker/0 : 0H]
[migration/0]
-
-
-
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
L i st i n g processes
[student@serverx -]$ ps lax
F UID PID PPID PR! NI VSZ RSS WCHAN STAT TTY
TIME COMMAND
4
0
1
0 20 0 51648 7504 ep_pol ss ?
0 : 03 /usr/lib/systemd/
1
0
0
0 kthrea S ?
2
0 20 0
0 : 00 [kthreadd]
1
0
3
0
2 20 0
0 smpboo S ?
0 : 00 [ksoftirqd/0]
1
0
0
0 worker S< ?
5
2 0 -20
0 : 00 [ kworker/0 : 0H]
1
0
7
0
0 smpboo S ?
2 -100
0 : 00 [migration/0]
o u t p u t t runca ted
[student@serverX -]$ ps -ef
UID
PID PPID C STIME TTY
TIME CMD
root
00 : 00 : 03 /usr/lib/systemd/systemd - -switched- ro
1
0 0 17 : 45 ?
root
0 0 17 : 45 ?
2
00 : 00 : 00 [ kthreadd]
root
3
00 : 00 : 00 [ ksoftirqd/0]
2 0 17 : 45 ?
root
5
2 0 17 : 45 ?
00 : 00 : 00 [ kworker/0 : 0H]
root
7
2 0 17 : 45 ?
00 : 00 : 00 [migration/0]
- - o u t p u t t runca ted -
-
-
-
-
-
-
-
By defa u lt, ps with n o options s e l ects a l l processes w i t h the s a m e effective user ID ( E U I D) a s the
c u rrent u s e r a n d associated w i t h t h e s a m e t e r m i n a l w h e re p s was i nvoked.
-
•
Processes in b ra ckets ( u s u a l l y at the top) a re sched u l ed kernel t h reads.
•
Zom b i e s s h ow u p i n a ps listing a s exiting o r defunct.
•
ps d i s p l ays once. U s e t op(1 ) for a re petitive u pd ate p rocess d i s p l ay.
•
ps c a n d i s p l a y i n t re e format to v iew pa rent/c h i l d re l a t i o n s h ips.
•
...
-
-
R
The defa u lt output i s u n so rted. D i s p l a y order m a t c h es that of the system process t a b l e,
w h i c h re uses ta b l e rows as processes d i e a n d new o n e s a re c reated. O u t p u t m a y a p pe a r
c h ro n o l og ica l , b u t is not g u a ra nteed u n l ess e x p l icit - 0 o r - - s o r t opt i o n s a re used .
References
info libc signal (GNU C Library Reference Manual)
Section 24: S i g n a l H a n d l i n g
•
info libc p rocesses (GNU C Library Reference Manual)
•
Section 26: P rocesses
-
ps(1) and signal(7 ) man pages
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
1 69
-
-
C h a pter 7. M o n itoring a n d M a n a g i n g L i n u x Processes
-
P ra ct i ce: P rocesses
-
Quiz
-
Match t h e fo l l ow i n g items to t h e i r counte rparts i n t h e ta b l e.
-
-
-
State
D e s c r i pt i o n
-
P rocess h a s b e e n sto p ped t e m p o ra r i l y.
-
P rocess h a s j u st b e e n t e r m i n a t e d .
-
P rocess i s s c h e d u l e d b u t i s n o t y e t o n a C P U .
-
P ro cess i s wa i t i n g fo r 1 /0.
-
P rocess i s u n i nte r r u pt i b l y wa i t i n g fo r a d e v i ce t o res p o n d .
P rocess i s a t a p ro m pt , n e e d i n g u s e r i n p u t .
-
-
-
P ro cess i s exec u t i n g a system ca l l .
-
-
-
-
170
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Solution
-
Solution
-
-
Match t h e fo l l ow i n g items to t h e i r c o u nterparts i n the ta b l e.
Desc r i p t i o n
State
Process h a s b e e n sto p p e d te m p o ra r i l y.
T
Process h a s j u st been te r m i n a t e d .
z
P rocess i s s c h e d u l ed b u t i s n ot yet o n a C P U .
R
Process i s wa i t i n g fo r 1 /0 .
s
Process i s u n i n te r r u pt i b l y wa it i n g fo r a d ev i ce to res p o n d .
D
Process i s at a p ro m pt , n e e d i n g u s e r i n p u t .
s
Process i s exe c u t i n g a syste m ca l l .
R
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-en-1-20140606
171
C h a pte r 7. M o n it o r i n g a n d M a n a g i n g L i n u x Processes
-
Cont ro l l i n g J o bs
-
Objectives
-
After com p l et i n g t h i s sect i o n , stu d e nts s h o u l d be a b l e to:
•
E x p l a i n the ter ms fore g ro u n d , b a c kg ro u n d , a n d c o n t ro l l i n g te r m i n a l .
•
U s e j o b c o n t ro l t o m a n a g e m u l t i p l e c o m m a n d - l i n e tasks.
-
Jobs and sessions
Job control i s a com m a n d s he l l fea t u re a l l o w i n g a s i n g l e s h e l l i n st a n ce to r u n a n d m a n a g e
m u lt i p l e com m a n ds. W i t h o u t job c o n t ro l , a p a r e n t s h e l l forks a c h i l d process to r u n a co m m a n d ,
s l e e p i n g u n t i l t h e c h i l d p rocess exits. W h e n t h e s h e l l prompt red i s p l ays, t h e pa rent s h e l l
h a s ret u r n e d . W i t h j o b contro l , co m m a n d s c a n b e s e l ective l y s u s p e n d e d , res u m ed, a n d r u n
a sy n c h ro n o u s l y, a l l o w i n g t h e s h e l l to ret u r n fo r a d d i t i o n a l co m m a n d s w h i l e c h i l d p rocesses r u n .
A foreground p rocess is a c o m m a n d r u n n i n g i n a t e r m i n a l w i n d ow. The term i n a l ' s device I D ( t ty)
is the process's controlling terminal. Fo reg ro u n d p rocesses receive keyboa rd-g e n e rated i n put a n d
s i g n a l s a n d a re a l l owed to read f r o m o r w rite to t h e term i n a l (e.g., via s t d i n a n d s t d o u t ) .
A p rocess session is c reated w h e n a te r m i n a l o r c o n s o l e f i rst o p e n s (e.g., a t l o g i n o r by invo k i n g a
new Terminal i n sta n ce). A l l p rocesses (e.g . , t h e fi rst com m a n d s h e l l , its c h i l d re n , a n d p i p e l i nes)
i n itiated from that te r m i n a l s h a re the s a m e session ID. Wit h i n a sess i o n , o n l y o n e p rocess can be
i n t h e foreg ro u n d at a t i m e.
A background p rocess is sta rted without a c o n t ro l l i n g term i n a l because it h a s n o need
for term i n a l i nteract i o n . In a ps l ist i n g , such processes (e.g., s e rvice daemons a n d kernel
p rocess t h reads) display a q u est i o n mark (?) i n t h e TTY co l u m n . B a c kg ro u n d p rocesses w h i c h
( i m p ro pe r l y) atte m pt to r e a d f r o m o r w rite to t h e te r m i n a l may b e s u s p e n d e d .
Running jobs in the background
Any co m m a n d c a n be started i n t h e b a c k g r o u n d by a p p e n d i n g a n a m p e rs a n d (&) to t h e co m m a n d
l i ne. T h e b a s h s h e l l d is p l a ys a job number (u n i q u e t o t h e session) a n d t h e P I O of t h e n e w c h i l d
p rocess. T h e c o m m a n d s h e l l does not w a i t f o r t h e c h i l d p rocess a n d red i s p l ays t h e s h e l l p ro m pt.
[ student@serverx -]$ sleep
[1] 5947
[ student@serverx -]$
-
....
-
-
10000 &
-
Note
-
A n a m p e rs a n d w i l l b a c kg ro u n d o n l y t h e l a st c o m m a n d i n a p i p e l i n e, u n l ess t h e
com m a n d set i s s u r ro u nded w i t h pa rentheses. T h e P I O ret u r n e d i s from t h e p i p e l i n e ' s
l a st p rocess. A l l p rocesses i n t h e p i p e l i n e a re now m e m b e rs o f t h e s a m e j o b.
1· [ student@serverX -]$ ( example_command I sort I mail -s "Sort output" )
[1] 5998
-
&
-
-
-
172
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
R u n n i n g jobs i n t h e b a c kg ro u n d
-
The b a s h co m m a n d s h e l l t ra c k s j o b s , per sess i o n , i n a t a b l e d i s p l ayed w i t h t h e j ob s co m m a n d .
[student@serverx -]$ jobs
[1] + Running
-
[ s t ud e n t@serverx - ] $
sleep 10C:JC:JC:J &
-
-
-
-
-
Backg ro u n d jobs c a n reco n n ect to t h e contro l l i n g term i n a l by b e i n g b ro u g h t to t h e fore g ro u n d
u s i n g t h e fg com m a n d w i t h t h e j o b I D (%j o b n umb e r ) .
I
[""''"'""""" -] · , . ..
sleep 1C:JC:JC:JC:J
The exa m p l e sleep c o m m a n d i s now r u n n i n g on the c o n t ro l l i n g term i n a l . The com m a n d s h e l l
i s a g a i n a s l eep, wait i n g f o r t h i s c h i l d p rocess to exit. To res e n d t o t h e backgro u n d , o r to s e n d
any co m m a n d i n w h i c h t h e t ra i l i n g a m persa n d was not o r i g i n a l l y i n c l u d e d , s e n d t h e keyboa rd­
g e n e rated suspend req u est (Ct r l - z ) to the p rocess.
sleep 1C:JC:JC:JC:J
"Z
[1]+ Stopped
[student@serverX -]$
sleep 1C:JC:JC:JC:J
-
-
-
-
-
The s u s p e n d takes effect i m m e d ia te l y. The job is p l aced in the backg ro u n d . Pe n d i n g o u t p u t a n d
keyboard typea h e a d a re d iscarded.
The ps option j d i s p l ays j o b i nformation, i n c l u d i n g the i n it i a l co m m a n d s h e l l of e a c h sess i o n .
S i nce t h e s l e e p exa m p l e co m m a n d i s c u r re n t l y s u s p e n d e d , t h e state f l a g d i s p l ayed i s T .
[student@serverx -]$ ps
PPID PIO PGID SID
2764 2768 2768 2768
2768 5947 5947 2768
2768 6377 6377 2768
[student@serverx -]$
j
TTY
pts/C:J
pts/C:J
pts/C:J
TPGID
6377
6377
6377
STAT
Ss
T
R+
UID
1C:JC:JC:J
1C:JC:JC:J
1C:JC:JC:J
TIME
C:J : C:JC:J
C:J : C:JC:J
C:J : C:JC:J
COMMAND
/bin/bash
sleep 1C:JC:JC:JC:J
ps j
To restart t h e process i n t h e background, use t h e bg co m m a n d with t h e s a m e j o b I D.
-
-
-
[student@serverx -]$
[1]+ sleep 1C:JC:JC:JC:J &
[student@serverX -]$
bg %1
The co m m a n d s h e l l w i l l wa r n a u s e r who atte m pts to exit a t e rm i n a l w i n dow (ses s i o n ) w i t h
s u s p e n d e d j o bs. I f t h e u s e r tr i es e x i t i n g a g a i n i m m ed i a t e l y, t h e s u s p e n d e d jobs a re k i l l e d .
-
-
-
-
-
R H 1 24- R H E L7-en-1-20140606
173
-
-
C h a pter 7. M o n itoring a n d M a n a g i n g L i n u x Processes
-
References
R
-
Addit i o n a l i nfor m a t i o n m a y be a va i l a b l e i n t h e c h a pt e r o n viewing syst e m processes
i n the Red Hat Enterprise Linux System Administrator's Guide for Red H a t E n t e r p r i s e
L i n u x 7, w h i c h ca n b e fo u n d a t
htt p://docs.red hat.com/
-
-
libc i nfo page (GNU C Library Reference Manual)
Sect i o n 24: Sig n a l H a n d l i n g
•
•
Sect i o n 26: Processes
-
bas h(l ) , builtins(1), ps(l), sleep(l) man pages
-
-
-
-
-
-
-
-
-
-
-
-
-
-
174
R H 1 24- R H E L 7-en-1 -20140606
-
-
-
-
Practice: B a c k g ro u n d a n d Fo re g ro u n d Processes
-
-
P ra ct i ce: B a c kg ro u n d a n d Fo reg ro u n d
P ro cesses
-
Guided exercise
-
-
-
-
I n t h i s l a b, st u d e nts w i l l start, s u s p e n d , a n d reco n n ect to m u l t i p l e p rocesses u s i n g j o b contro l .
Outcomes:
Practice s u s p e n d i n g and resta r t i n g u s e r p rocesses.
Before you begin ...
Log in a s student to serverX. Beg i n i n stu d e n t ' s home d i recto ry.
D 1.
O p e n t w o te r m i n a l w i n d ows, s i d e by s i d e, to be refe rred to a s left a n d right.
D 2.
In t h e l eft w i n d ow, sta rt a p rocess t h a t cont i n u o u s l y appends t h e word " ro c k " a n d a
space to t h e f i l e -/ou t file at o n e-second i nte rva l s . The c o m p l ete com m a n d set m u st
be conta i ned i n parenth eses f o r j o b control to i n t e r p ret t h e set as a s i n g l e job.
-
�s tudent@serverX -]$ (while true; do echo -n "rock "
-
done)
In the right w i n d ow, use t ail to c o n f i r m that the new process i s w r i t i n g to t h e f i l e .
D 4.
In t h e left w i n d ow, s u s p e n d the r u n n i n g p rocess. The s h e l l ret u r n s the job I D in s q u a re
b ra c kets. I n t h e right w i n d o w, confi r m t h a t t h e p rocess o u t p u t h a s sto p p e d .
[ student@serverx -]$ tail -f -/outfile
I
-
-
1;
D 3.
-
-
-/outfile; sleep
>>
D 5.
[ student@serverX -]$ Ctrl-z
I n t h e left w i n d ow, view t h e j obs l i st. The + de notes t h e current job. Restart t h e j o b i n t h e
b a c kg ro u n d . I n t h e r i g h t w i n d ow, c o n f i r m t h a t t h e p rocess o u t p u t is a g a i n active.
[student@serverx -]$ jobs
( while true; do
[1] + Stopped
echo -n " rock " >> -/outfile ; sleep 1;
done )
[student@serverx -]$ bg
[student@serverX -]$ jobs
-
-
-
D 6.
-
-
In the left w i n d ow, sta rt two m o re p rocesses to a p p e n d to the same o ut p u t f i l e. R e p l a c e
" ro c k " w i t h " p a p e r," a n d t h e n w i t h "scissors." To p r o p e r l y b a c k g r o u n d t h e p rocess, t h e
c o m p l ete c o m m a n d set m u st be conta i n e d i n parentheses a n d e n d e d with a n a m pe rsa n d .
[ student@serverX -]$ (while true ; do echo -n "paper " > > -/outfile; sleep 1 ;
done) &
[ student@serverX -]$ (while true; do echo -n "scissors >> -/outfile; sleep
done) &
"
1;
-
-
-
R H 1 24- R H E L 7-en-1-20140606
175
-
-
C h a pter 7. M o n it o r i n g a n d M a n a g i n g L i n u x Processes
-
D 7.
D 8.
I n t h e l eft w i n d ow, view j obs to see a l l t h ree p rocesses " R u n n i n g " . I n t h e right w i n d ow,
c o n f i r m t h a t a l l t h ree p rocesses a re a p p e n d i n g to t h e f i l e.
I
[student@serverx -]$ jobs
-
-
U s i n g o n l y com m a n d s p revio u s l y l e a r n e d , s u s p e n d the " rock" p rocess. In the l eft w i n d ow,
fore g ro u n d t h e job, u s i n g t h e j o b I D dete r m i n e d from t h e j obs l is t i n g , t h e n s u s p e n d it
u s i n g Ctrl-z. Confirm that the " ro c k " process is " Stopped " . In the r i g h t w i n d ow, confirm
t h a t " ro c k " output i s n o l o n g e r a c t ive.
[ student@serverx -]$ jobs
[ student@serverx -]$ fg %number
[ student@serverx -]$ C t rl - z
-
-
-
D 9.
E n d the " pa p e r " p rocess. I n t h e l eft w i n d ow, fore g ro u n d t h e job, t h e n t e r m i n ate it u s i n g
C t r l -c. C o n f i r m t h a t t h e " p a p e r " p rocess h a s d i sappea re d . I n t h e r i g h t w i n dow, confi rm
that " pa pe r " output is no l o n g e r act ive.
[ student@serverX -]$ jobs
[student@serverx -]$ fg %number
[ student@serverx -]$ Ct r l - c
D 1 0.
D 11.
-
I n t h e l eft wi n d ow, view t h e re m a i n i ng jobs u s i n g ps. T h e s u s p e n d e d j o b h a s state T. The
ot h e r backgro u n d j o b is s l e e p i n g (5), s i n ce ps is "on cpu" (R) w h i l e d i s p l a y i n g .
[student@serverx -]$ ps j
PPID PIO PGID SID TTY
4489 6223 6223 6223 pts/1
4489 6237 6237 6237 pts/2
6237 9782 9782 6237 pts/2
7360 9856 7360 6223 pts/1
7395 12916 7395 6223 pts/1
6223 12918 12918 6223 pts/1
TPGID STAT
12918 Ss
9782 Ss
9782 S+
12918 T
12918 s
12918 R+
UID
1000
1000
1000
1000
1000
1000
TIME
0 : 00
0 : 00
0 : 00
0 : 00
0 : 00
0 : 00
COMMAND
bash
bash
tail -f /home/student/a
sleep 1
sleep 1
ps j
Stop t h e re ma i n i n g two jobs. In t h e l eft w i n dow, fo re g ro u n d either job. Te r m i nate it u s i n g
C t r l - c . Re peat w i t h t h e re m a i n i n g job. T h e " Stopped" j o b t e m p o ra r i l y resta rts w h e n
fo re g ro u n d e d . C o n f i r m that n o jobs re m a i n a n d that o u t p u t h a s sto p p e d .
[ student@serverx
[ student@serverX
[ student@serverx
[ student@serverX
[ student@serverx
-
-]$ fg %number
-]$ Ct r l - c
-]$ fg %number
-]$ Ct r l - c
-]$ jobs
-
-
-
-
-
-
-
-
D 12.
In the right w i n d ow, stop t h e t ail com m a n d . C l ose extra t e rm i n a l w i n d ows.
[ student@serverx -]$
-
C t rl - c
-
176
R H 1 24- R H E L 7-en-1-20140606
-
-
K i l l i ng Processes
K i l l i n g P ro c esses
O bj ect ives
After c o m p l e t i n g t h i s s e c t i o n , students s h o u l d be a b l e to:
•
Use c o m m a n d s to k i l l and c o m m u n i cate with p ro cesses.
Def i n e the c h a racterist ics of a d a e m on p ro cess.
E n d user sess i o n s and p rocesses.
P rocess co n t ro l u s i n g s i g n a l s
A s i g n a l is a software i n te r ru pt d e l i vered to a p rocess. S ig n a l s report events to a n executing
p rogram. Eve nts t h a t g e n erate a s i g n a l can b e an error, external event (e. g . , 1/0 req u est o r e x p i red
t i mer), o r by explicit request (e.g., use of a s i g n a l-sen d i n g command o r by keyboard sequence).
The fo l l owing t a b l e l i sts t h e f u n d a m e ntal s i g n a l s used by system a d m i n i st rators for rou t i n e
p rocess m a n a g e m e nt. R e f e r to s i g n a l s b y e i t h e r t h e i r s h o rt ( H UP) o r p r o p e r (SIGHUP) n a me.
Fundamental process management signals
Signal
n um b e r
S h o rt
name
Definitio n
P u r pose
1
HUP
Hangup
U s e d to re p o rt term i n a t i o n of t h e control l i ng
p ro cess o f a terminal. A l s o u s e d to request p rocess
rei n i t i a l i za t i o n (confi g u ra t i o n rel o a d ) without
ter m i na t i o n .
2
I NT
Keyboa rd
i n terrupt
C a uses p ro g ra m ter m i na t i o n . C a n be b l o c ked o r
h a n d led. Sent by ty p i n g I NTR c h a racter (Ct r l - c) .
3
QUIT
Keyboard q u i t
S i m i l a r to SIGINT, but a l s o p rod uces a p rocess
d u m p at term i n ation. Sent b y ty p i n g QUIT
c h a racter (Ct rl- \).
9
KILL
K i l l, u n b lockable
C a uses a b r u pt program term i n a t i o n . C a n not be
b l o c ke d , i g n ored, o r h a n d led; a lways fat a l .
TERM
Te r m i n a te
C a u ses p ro g ra m term i n a t i o n . U n l ike SIGKI L L , c a n
be b l ocked, i g nored, or h a n d led. T h e p o lite way to
a s k a program to term i n ate; a l l ows self-c l ea n u p .
18
CONT
Continue
S e nt to a p ro cess t o res u m e if sto p p e d . C a n n ot
be b locked. Even if h a nd l e d , a lways res u mes t h e
p ro cess.
19
STOP
Stop, u n b lockable
S u s p e n d s t h e p rocess. C a n not be b l ocked o r
h a n d l ed.
20
TSTP
Key b o a rd stop
U n l i ke SIGSTOP, c a n be b locked, i g n o re d , o r
h a n d l ed . Sent by ty p i n g S U S P c h a racter (Ct r l - z).
15
default
R H1 24- R H E L7-e n-1-201 40606
177
-
-
C h a pte r 7. M o n itoring a n d M a n ag i n g L i n u x Processes
-
Note
-
S i g n a l n u m b e rs vary o n d iffe rent L i n u x h a rdwa re p l atfo r m s , but s i g n a l n a mes a n d
mea n i n g s a re sta n d a rd i zed. For c o m m a n d u s e, it i s a d v i s e d t o u s e s i g n a l n a m e s i n stead
of n u m be rs. The n u m b e rs d i sc u ssed i n this sect i o n a re for I nt e l x86 systems.
E a c h s ig n a l h a s a default action, u s u a l l y o n e of t h e fo l l owi n g :
-
-
Term - C a u s e a p ro g ra m to t e r m i n ate (ex it) a t o n ce.
Core - C a u se a p ro gr a m to save a m e m o ry i m a g e (core d u m p), then t e r m i nate.
Stop - Cause a p rog ra m to stop exec u t i n g (s u s p e n d ) and wait to cont i n u e ( res u m e).
P rog ra ms c a n b e prepa red for expected eve nt s i g n a l s by i m p l e m e n t i n g h a n d l e r rout i n es to
i g n o re, re p l a ce, o r ext e n d a s i g na l ' s defa u l t action.
-
-
C o m m a n d s f o r s e n d i n g s i g n a l s by ex p l i c i t re q u e st
U s e rs sig n a l t h e i r c u rrent fore g ro u n d p rocess by ty p i n g a key b o a rd control seq u e n ce to s u s p e n d
(Ct rl - z ) , k i l l (Ct rl - c ) , o r core d u m p (Ct rl - \) t h e p rocess. To s i g n a l a b a c kg rou n d p rocess o r
p rocesses i n a d iffe re nt session req u i res a s i g n a l-se n d i n g c o m m a n d .
S i g n a l s c a n be s p e c i f i e d e i t h e r b y n a m e (e.g., - H U P o r - SI G H U P ) o r by n u m be r (e.g., - 1) . U s e rs
may k i l l t h e i r own processes, but root p r i v i l eg e is req u i red to k i l l p rocesses owned by ot h e rs.
•
The kill c o m m a n d s e n d s a s i g n a l to a p rocess by I D. Despite its n a m e, the k i l l com m a n d can
b e used for s e n d i n g any s i g n a l , not j u st those for t e r m i n a t i n g p ro g ra ms.
[student@serverx -]$ kill PID
[student@serverx -]$ kill - signal
[ student@serverx -]$ kill
1 ) SIGHUP
2) SIGINT
3)
6) SIGABRT
8)
7 ) SIGBUS
11) SIGSEGV 12) SIGUSR2 13 )
I 16 ) SIGSTKFLT 17 ) SIGCHLD 18 )
-1
l._ - •
o u tp u t t runca ted - -
-
-
-
PID
SIGQUIT
SIGFPE
SIGPIPE
SIGCONT
4)
9)
14)
19)
SIGILL
SIG KILL
SIGALRM
SIGSTOP
5)
10 )
15 )
20)
SIGTRAP
SIGUSR1
SIGTERM
SIGTSTP
U s e killall to s e n d a s i g n a l to o n e or more p rocesses m a tc h i n g s e l e c t i o n criteria, s u c h a s a
c o m m a n d n a me, processes owned by a specific u s e r, or a l l syste m-wide processes.
r. [[student@serverX
student@serverx -]$ killall
-]$ killall
[ root@serverX -]# killall
-
command_pa t tern
- signal command_pa t tern
- signal - u username command_pa t tern
-
-
-
-
•
T h e pkill co m m a n d , l i ke killall, c a n s i g n a l m u lt i p l e processes. pkill u ses a d va n ced
s e l ection criteria, which c a n i n c l u d e c o m b i n a t i o n s of:
Command - P rocesses w i t h a pattern-matched c o m m a n d n a me.
UID - Processes owned by a L i n u x user acco u nt , effective or rea l .
GID - Processes o wn ed b y a L i n u x g ro u p account, effective o r rea l .
Parent - C h i l d processes o f a s pecific p a re n t p rocess.
Terminal - P rocesses r u n n i n g o n a s pecific c o n t ro l l i n g te r m i n a l .
[ student@serverX -]$ pkill command_pa t tern
[student@serverX -]$ pkill - signal command_pa t tern
[ root@serverX -]# pkill -G GID command_pa t tern
178
-
-
-
-
RH124- R H E L 7-en-1-20140606
-
-
-
Log g i n g u s e rs out a d m i n istrative l y
[ root@serverx -]#
[ root@serverx -] #
-
-
-
-
_
_
_
I
_J
________
Logging users out administratively
The w c o m m a n d views u s e rs c u r r e n t l y l o g g e d i nto the syste m a n d t h e i r c u m u l at i ve activities. U s e
t h e TTY a n d FROM co l u m n s to dete r m i n e t h e u s e r ' s l o c a t i o n .
A l l u s e rs h a ve a c o n t ro l l i n g t e r m i n a l , l isted a s p t s /N w h i l e w o r k i n g i n a g ra p h i c a l e n v i ro n m e n t
w i n d o w (pseudo-terminal) or t t yN o n a syste m console, a l ternate c o n s o l e, o r o t h e r d i re ct l y
c o n n ected ter m i n a l device. R e m ote u s e rs d i s p l ay t h e i r c o n n e c t i n g syst e m n a m e i n t h e FROM
co l u m n w h e n u s i n g the - f o pt i o n .
I'
I
....
-
pkill - P PPID command_pa t tern
·
uzo comma nd p a t t e rn
pkill �
-t t e rmi na 1_ name - u�
_
_
____ _____
___________ _ _
[student@serverx -]$ w -f
12 : 43 : 06 up 27 min, 5 users, load average : 0 . 03, 0 . 17,
USER
LOGIN@ IDLE JCPU
TTY
FROM
student : 0
12 : 20 ?xdm? 1 : 10
:0
student pts/0 : 0
12 : 20 2 . 00s 0 . 08s
12 : 26 14 : 58 0 . 04s
tty2
root
bob
12 : 28 14 : 42 0 . 02s
tty3
student pts/1 desktop2 . example . 12 : 41 1 : 07 0 . 03s
[student@serverx -]$
0 . 66
PCPU WHAT
0 . 16s gdm- session-wor
0 . 01s w -f
0 . 04s - bash
0 . 02s -bash
0 . 03s -bash
L__
Discove r how l o n g a user has b e e n o n t h e system by v i ew i n g t h e sess i o n l o g i n t i me. Fo r each
sess i o n , C P U reso u rces cons u m ed by c u r re n t jobs, included backg ro u n d t a s ks a n d c h i l d re n , a re
i n t h e JCPU c o l u m n . C u r rent fore g r o u n d p rocess C P U co n s u m pt i o n is i n t h e PCPU col u m n .
Users m a y be forced off a system f o r secu rity v i o l a t i o n s , resou rce ove ra l l ocat i o n , o r other
a d m i n i st rative need. U se rs a re expected to q u it u n n ecessary a p p l i c a t i o n s , c l ose u n used
co m m a n d s h e l ls, a n d exit l o g i n sess i o n s w h e n req u ested.
When s i t u a t i o n s occ u r i n w h i c h u s e rs ca n n ot b e contacted o r have u n res pons i ve sess ions,
r u n a wa y res o u rce cons u m pt i o n , o r i m proper system access, t h e i r sess i o n s may need to be
a d m i n i s t ra t i ve ly ter mi n ated u s i n g s i g n a l s .
'
Important
A l t h o u g h SIGTERM is t h e defa u lt s i g n a l , SIGKI L L is a com m o n l y m is used
a d m i n i s t rator favorite. S i n c e the SIGKI L L s i g n a l c a n n o t be h a n d l e d o r i g nored, it
i s a l ways fata l . H owever, it forces t e r m i n a t i o n without a l l ow i n g t h e k i l led p rocess to
r u n se l f-c l ea n u p rou t i n es . I t i s reco m m e n d ed to send SIGTERM fi rst, then ret ry w i t h
SIGKI L L o n l y i f a p rocess fa i l s to res p o n d .
P rocesses a n d sess i o n s c a n b e i n d iv i d u a l l y o r c o l l ective l y s i g n a l ed . To t e r m i n ate a l l p rocesses f o r
o n e u s e r, use t h e pkill co m m a n d . Beca u s e t h e i n it i a l p rocess i n a l o g i n sess i o n (session leader)
is d e s i g n e d to h a n d l e session t e r m i n at i o n req u ests a n d i g n o re u n i n te n d e d keyb o a rd s i g n a l s,
k i l l i n g a l l of a u s e r ' s p rocesses a n d l o g i n s h e l l s req u i res u s i n g t h e SIGKI L L s i g n a l .
[ root@serverx -]#
6964 bash
6998 sleep
6999 sleep
7000 sleep
[ root@serverx -]#
pgrep
-1
-u
bob
pkill - SIGKI L L - u
R H124-R H E L 7-en-1 -20140606
bob
179
-
C h a pter 7. M o n it o r i n g a n d M a n a g i n g L i n u x Processes
[ root@serverX -]# pgrep
[ root@serverx -]#
-1 -u
bob
-
-
W h e n processes req u i ri n g atte n ti o n a re i n t h e s a m e l o g i n sess i o n , i t m a y n ot be necessary
to k i l l a l l of a user's p rocesses. Dete r m i n e t h e contro l l i n g term i n a l for t h e session using t h e w
co m m a n d , t h e n k i l l o n l y p rocesses w h i c h reference t h e s a m e term i n a l I D. U n l ess SIGKI L L is
specified, t h e session leader ( h e re, t h e bash login s h e l l ) s u ccessf u l l y h a n d l e s a n d s u rvives t h e
t e r m i n a t i o n req u est. but a l l ot h e r session processes a re t e r m i nated.
[ root@serverx
7391 bash
7426 sleep
7427 sleep
7428 sleep
[ root@serverX
bob
tty3
[ root@serverx
[ root@serverX
7391 bash
[ root@serverx
[ root@serverX
[ root@serverx
-]# pgrep
- 1 -u
bob
-
-
-
-]#
-]#
-]#
-]#
-]#
-]#
-h - u bob
18 : 37 5 : 04 0 . 03s 0 . 03s - bash
pkill -t tty3
pgrep - 1 - u bob
pkill - SIGKI L L -t tty3
pgrep - 1 - u bob
w
-
-
-
T h e s a m e s e l ective p rocess t e r m i n a t i o n c a n be a p p l ied u s i n g pa rent a n d c h i l d p rocess
re l a t i o n s h i ps. Use the p s t ree co m m a n d to view a p rocess t ree for the syst e m or a s i n g l e user.
U s e t h e pa rent p rocess's P I D to k i l l a l l c h i l d re n t h ey have created. T h i s t i me, t h e parent bash
login s he l l s u rvives because t h e s ig n a l is d i rected only at its c h i l d p rocesses.
[ root@serverx -]# pstree -p bob
bash(8391)-r-sleep( 8425 )
�sleep ( 8426 )
Lsleep ( 8427 )
[ root@serverx -]# pkill - P 8391
[ root@serverx -]# pgrep -1 -u bob
bash(8391)
[ root@serverx -]# pkill - SIGKI L L - P 8391
[ root@serverx -]# pgrep -1 - u bob
bash(8391)
[ root@serverx -]#
-
-
-
-
-
References
I: R
L_j
info libc signal (GNU C Library Reference Manual)
S e c t i o n 24: S i g n a l H a n d l i n g
-
i n f o libc processes (GNU C Library Reference Manual)
S e ct i o n 26: Processes
-
•
•
kill(1 ) , killall(1 ) , pg rep(1 ) , p kill(1 ), p s t r ee(1), signal(7 ) , a n d w(1 ) man pages
-
-
-
180
R H 1 24- R H E L7 -en-1 -2 01 4 0 6 0 6
-
-
Practice: K i l l i n g Processes
-
P ra ct i ce: K i l l i n g P rocesses
Guided exercise
I n t h i s l a b, st u d e nts w i l l u se key board seq u e n ces a n d s i g n a l s to m a n a g e a n d stop p rocesses.
-
Outcomes:
Experience with observi n g the res u lts of sta rt i n g and sto p p i n g m u l t i p l e s h e l l p rocesses.
-
Before you begin ...
Log i n a s student to serverX. Start i n yo u r home d i recto ry.
-
0 1.
O p e n t w o term i n a l w i n d ows, s i d e by s i d e, to b e refe rred t o a s left a n d right.
0 2.
I n t h e l eft w i n d ow, start t h re e processes t h a t append text to a n output fi l e a t o n e-second
i nterva l s. To properly backgro u n d e a c h p rocess, the com p l ete c o m m a n d set m u st be
conta i n e d in pa rentheses and e n d e d with an a m p e rs a n d .
[student@serverx -]$ (while true; do echo -n 11game 1 1 -/outfile ; sleep 1; done) I
&
I
[student@serverX -]$ (while true; do echo -n "set >> -/outfile; sleep 1; done)
&
[student@serverX -]$ (while true; do echo -n "match " > > -/outfile; sleep 1;
done) &
-
»
"
-
0 3.
-
[student@serverx -]$
[student@serverx -]$
[1] Running
echo -n "game "
done ) &
[2] - Running
echo -n "set "
done ) &
[3]+ Running
echo -n "match "
done ) &
-
0 4.
-
>>
S u s p e n d t h e " g a m e " p rocess u s i n g s i g n a l s . Confirm t h a t t h e " g a m e " p rocess is
" Stopped " . In t h e right w i n d ow, confirm t h a t " g a m e " output i s n o longer active.
[ student@serverx -]$ kill
[student@serverx -]$ jobs
-
tail -f -/outfile
jobs
( while true ; do
-/outfile ; sleep 1;
( while true; do
-/outfile ; sleep 1 ;
( while true ; do
-/outfile ; sleep 1;
>>
>>
-
In t h e right w i n d ow, u s e t ail to c o n f i r m that a l l t h ree processes a re a p p e n d i n g to the
f i l e. In t h e l eft w i n d ow, view j obs to see a l l t h ree p rocesses " R u n n i n g " .
0 5.
-SIGSTOP %number
Te r m i n ate t h e "set" p rocess u s i n g s i g n a l s. C o n f i r m t h a t the "set" p rocess h a s
d i s a p pea red . I n t h e right w i n d ow, confi r m t h a t " s e t " o u t p u t is n o l o n g e r a ct i ve.
[ student@serverx -]$ kill
[student@serverx -]$ jobs
- SIGTERM %number
-
R H 1 24- R H E L 7-en-1-20140606
1 81
-
-
C h a pter 7. M o n it o r i n g a n d M a n a g i n g L i n u x P rocesses
D 6.
Res u m e the " g a m e " p rocess u s i n g s i g n a l s. Confirm that the " g a m e " p rocess i s " R u n n i ng " .
I n t h e r i g h t w i n d ow, confirm t h a t " g a m e " o u t p u t is a g a i n active.
[student@serverX -]$ kill
[student@serverx -]$ jobs
D 7.
-
- SIGCONT %number
Te r m i n ate t h e re m a i n i n g two jobs. Confirm t h a t n o j o b s re m a i n a n d t h a t o u t p u t h a s
sto pped. From t h e l eft w i n d ow, term i n ate t h e r i g h t w i n d ow ' s t ail co m m a n d .
-
-
C l ose extra term i n a l w i n d ows.
[ student@serverx
[ student@serverX
[student@serverx
[ student@serverx
[ student@serverx
-
-]$ kill - S I GTERM %number
-]$ kill - SIGTERM %number
-]$ jobs
-]$ pkill - SIGTERM t ail
-]$
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
182
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
M o n itor i n g Process Activity
-
M o n ito ri n g P rocess Act ivity
-
-
Objectives
Afte r c o m p l e t i n g t h i s section, st u d e nts s h o u l d be a b l e to:
-
-
-
-
•
I nt e r p ret u pt i m e and load avera g es.
•
M o n itor rea l -t i m e p rocesses.
Load average
The L i n u x k e r n e l ca l c u l ates a load average metric as a n exponential moving average of t h e load
number, a c u m u l at i ve C P U co un t of a ct ive system reso u rce req u ests.
•
•
-
•
-
•
-
Active requests a re cou nted from pe r-C P U q u e u e s for r u n n i n g t h re a d s and t h reads wa it i n g for
1/0, a s t h e ke r n e l t ra c ks process resou rce activity and corres po n d i n g p rocess state c h a nges.
Load number i s a ca l c u l at i o n ro u t i n e r u n every five seco n d s by defa u lt. w h i c h a cc u m u l ates a n d
avera g e s t h e active req u ests i n t o a s i n g l e n u m be r f o r a l l C P U s.
Exponential moving average is a m a t h e matica l form u l a to s m ooth out t re n d i n g data h i g h s a n d
lows, i n c rease c u rrent activity s i g n ifica n ce, a n d decrease a g i n g data q u a l ity.
Load average is t h e l o a d n u m be r c a l c u l at i o n rout i n e res u l t. Co l l ective l y, it refers to t h e t h ree
d i s p l ayed va l ues of system activity data avera g e d for t h e l a st 1 , 5, and 1 5 m i n utes.
U n d e rsta n d i n g t h e L i n u x l o a d a v e ra g e ca l c u l a t i o n
-
-
The l o a d average represents t h e pe rceived syste m load ove r a t i m e p e r i o d . Linux i m p l e m ents the
l o a d avera g e ca l c u l a t i o n a s a re p resentation of expected service wait t i m es, not only for C P U b u t
a l so for d i s k a n d network 1/0.
•
-
-
•
•
-
-
-
L i n u x cou nts not o n l y p rocesses, b u t t h re a d s i n d ivid u a l l y, as sepa rate tasks. C P U req u est
q u e u e s for r u n n i n g t h reads (nr_running) a n d t h reads wait i n g for 1/0 resources (nr_iowait)
rea s o n a b l y corres p o n d to process states R (Running) a n d D (Uninterruptable Sleeping). Wa i t i n g
fo r 1/0 i n c l udes t a s k s s l ee p i n g for expected d i s k a n d network res p o n ses.
The load n u m b e r is a g l o b a l c o u n t e r ca l c u l at i o n , w h i c h is s u m-tota l e d for a l l C P U s . S i nce t a s k s
ret u r n i n g f r o m s l ee p may resc h e d u l e to d iffe rent C P U s , a c c u rate per-C P U counts a re diff i c u lt.
but a n a c c u rate c u m u l ative c o u n t i s ass u red. D i s p l ayed l o a d avera g e s re present a l l C P U s.
L i n u x cou nts each phys i c a l C P U core a n d m i c ro p rocessor hypert h read as separate exec u t i o n
u n its, l o g ica l ly represented a n d referred to a s i n d iv i d u a l C P U s . E a c h C P U has i n d e p e n d e n t
req u est q u e ues. V i e w /p r o c / c p u info for t h e kern e l representat i o n of system C P U s.
[ student@serverX -]$ grep "model name" /proc/cpuinfo
M 520 @ 2 . 40GHz
model name Intel(R) Core(TM ) i5 CPU
M 520 @ 2 . 40GHz
model name : Intel ( R ) Core(TM ) i5 CPU
M 520 @ 2 . 40GHz
model name : Intel ( R ) Core(TM ) i5 CPU
M 520 @ 2 . 40GHz
model name : Intel(R) Core(TM ) i5 CPU
[student@serverX -]$ grep "model name" /proc/cpuinfo I
4
we
-1
-
-
-
R H 1 24- R H E L 7-en-1-20140606
183
-
-
C h a pte r 7. M o n it o r i n g a n d M a na g i n g L i n u x Processes
•
Some U N I X syste m s o n l y c o n s i d e re d CPU u t i l ization or run q u e u e l e n g t h to i n d icate system
l o a d . S i nce a system with i d l e C P U s can experience exte n s i ve wa i t i n g due to busy d i s k o r
n etwo r k resou rces, 1/0 c o n s i d e rat i o n is i n c l u d e d i n t h e L i n u x l o a d average. W h e n expe r i e n c i n g
h i g h l o a d avera g es with m i n i m a l C P U activity, exa m i n e t h e d i s k a n d network activity.
-
I nt e r pret i n g d i s p l ayed l o a d avera g e va l u e s
T h e t h ree va l u es represent the weighted va l u es over t h e l a st 1 , 5, and 15 m i n utes. A q u i c k
g l a n ce c a n i n d icate w h e t h e r syst e m l o a d a p p e a rs to be i n c rea s i n g o r d e c rea s i n g . C a l c u late t h e
a p p roximate per-CPU load va l u e to d ete r m i n e w h e t h e r t h e syste m is e x p e r i e n c i n g s i g n ificant
wa i t i n g .
•
--
� � :�dent@serverx -]$ uptime
top, u p t ime, w , a n d gnome - sy s t em - moni t o r d i s p lay l oa d ave ra g e va l u es.
� 29 : 03 up 14 min, 2 users, load average : 2 . 92, 4 . 48, 5 . 20
•
D i v i d e t h e d i s p l ayed load avera g e va l u es by t h e n u m be r of l o g ica l C P U s i n t h e system. A va l u e
b e l ow 1 i n d icates satisfactory resou rce u t i l i z a t i o n a n d m i n i m a l wait t i m es. A va l u e a bove 1
i n d icates reso u rce sat u ra t i o n a n d s o m e a m o u nt of service wa it i n g t i m es.
I
#
#
#
#
#
#
#
#
#
#
From /proc/cpuinfo, system has four logical CPUs, so divide by 4 :
load average : 2 . 92, 4 . 48, 5 . 20
divide by number of logical CPUs : 4
4
4
per -CPU load average : 0 . 73 1 . 12 1 . 30
This system ' s load average appears to be decreasing .
With a load average of 2 . 92 on four CPUs, all CPUs were in use -73% of the time .
During the last 5 minutes, the system was overloaded by -12%.
During the last 15 minutes, the system was overloaded by -30%.
L__ _
•
•
•
A n i d l e C P U q ue u e has a l o a d n u m be r of 0. E a c h rea d y a n d wa i t i n g t h read a d d s a count of 1.
W i t h a tota l q u e u e co u n t of 1 , t h e resou rce (C P U , d i s k , o r n etwork) is i n use, but n o req u ests
s p e n d t i m e wa i t i n g . Additi o n a l req u ests i n c re m e n t the c o u n t . but si nce m a ny req u ests ca n be
p rocessed w i t h i n the t i m e period, resou rce utilization i n c re a ses, but not wait times.
Processes s l ee p i n g for 1/0 d u e to a b u sy d i s k or network resou rce a re i n c l u d e d in t h e cou nt
and i n c rease the l oa d average. W h i l e n ot an i n d ication of C P U u t i l i z a t i o n , the q u e u e c o u n t sti l l
i n d icates t h a t users a n d prog ra m s a re wa it i n g for resou rce services.
U n t i l resou rce satu rat i o n , a l o a d average wi l l re m a i n below 1 , s i n c e tasks w i l l seldom be fo u n d
wa i t i n g i n q u e u e. L o a d avera g e o n l y i n c reases w h e n res o u rce s a t u ra t i o n c a u ses req u ests
to rem a i n q u e ued and cou nted by the load c a l c u l at i o n ro u t i n e. When resou rce u t i l ization
a p p roaches 1 00%, each a d d iti o n a l req uest starts experie n c i n g service wait t i me.
-
-
-
-
-
-
-
-
-
-
-
-
-
Real -time process monitoring
T h e top p ro g ra m is a d y n a m ic view of t h e syste m ' s p rocesses, d is p l a y i n g a s u m m a ry h e a d e r
fo l l owed by a p rocess o r t h read l ist s i m i l a r to p s i n fo r m a t i o n . U n l ike t h e s t a t i c ps o u t p u t .
t o p cont i n u o u s l y refres hes a t a confi g u ra b l e i nterva l , a n d p rovides capa b i l ities f o r co l u m n
reo rd e r i n g , sort i n g , a n d h i g h l i g h t i n g . U s e r confi g u ra t i o n s c a n b e saved a n d m a d e persistent.
Defa u l t output c o l u m n s a re recog n i za b l e from ot h e r reso u rce t o o l s :
T h e process I D (PID).
•
1 84
-
-
-
-
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Rea l - t i m e p rocess m o n it o r i n g
•
-
•
-
•
-
•
-
U s e r n a m e (USER) is t h e process o w n e r.
Virtu a l m e m o ry (VI RT) is a l l m e m o ry t h e p rocess is u s i n g , i n c l u d i n g t h e res i d e n t set. s h a red
l i b ra ries, a n d a ny m a pped o r swa pped m e m o ry pages. ( L a b e l e d vsz in the ps c o m m a nd.)
Res iden t m e m o ry (RES) is t h e physica l m e m o ry used by t h e p rocess, i n c l u d i n g a ny res ident
sha red o bj e cts. ( L a b e l e d RSS i n t h e ps co m m a n d . )
Process state ( S ) d i s p l ays a s :
•
D = U n i nt e r r u pta b l e S l e e p i n g
•
R = R u n n i ng o r R u n na b l e
·
S = S l ee p i n g
•
T = Stopped o r Tra ced
-
-
·
•
•
-
z
= Zo m bie
C P U time (TIME) is t h e tota l p roces s i n g time s i nce t h e p rocess sta rted. May b e tog g l ed to
i n c l u d e c u m u l ative t i m e of a l l prev i o u s c h i l d re n .
T h e p rocess co m m a n d n a m e (COMMAN D).
Fu ndamental keystrokes in top
Key
-
? or h
1,
-
Tog g l e s for l o a d , t h reads, a n d m e m o ry h e a d e r l i nes.
1
Tog g l e s h o w i n g i n d iv i d u a l C P U s o r a s u m m a ry fo r a l l C P U s i n h e a d e r.
5 (1)
b
Tog g l e reverse h i g h l i g ht i n g for Running p rocesses; defa u lt i s b o l d o n l y.
B
E n a b l e s use of b o l d in d i s p l a y, i n t h e h e a d e r, a n d fo r Running p rocesses.
H
Tog g l e t h rea ds ; s h ow process s u m m a ry o r i n d ivid u a l t h reads.
F i l t e r for any u s e r n a m e (effect ive, rea l ) .
M
Sorts p rocess l i s t i n g by m e m ory u s a g e, i n desce n d i n g order.
p
S o rts p rocess l i s t i n g by p rocesso r u t i l i z a t i o n , in desce n d i n g o rd e r.
k
-
C h a n g e the refresh (sc reen) rate, i n deci m a l seco n d s (e. g . , 0.5, 1, 5).
u, U
-
-
H e l p for i nteractive keyst rokes.
t, m
-
-
P u rpose
r
(1)
K i l l a p rocess. W h e n prompted, enter PI O, t h e n signal.
<1>
R e n i c e a p rocess. W h e n p ro m pted, enter P I O , t h e n nice_value.
w
Write (save) t h e c u rrent d i s p l ay config u ra t i o n fo r use at t h e next t o p restart.
q
Q u it.
N ote:
m
N o t avai l a b l e if top started i n sec u re m o d e. See top(1).
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
185
-
-
C h a pte r 7. M o n it o r i n g a n d M a n ag i n g L i n u x Processes
'
I
References
:;, R i
L_J
-
G N O M E System M o n it o r
•
yelp help : gnome - system - monit o r
-
ps(1 ) , t o p (1 ) , u p t ime(1 ) , a n d w(1) m a n pages
-
-
-
-
-
-
-
-
-
-
-
-
186
R H 1 24- R H EL 7 - e n -1 -20140606
-
-
-
P ract ice: M o n ito r i n g P rocess Activity
-
P ra c t i ce: M o n it o r i n g P rocess Act ivity
-
-
Guide d exercise
I n t h i s l a b, students w i l l use t h e t o p com m a n d to dyn a m i ca l l y view, sort, a n d stop p rocesses.
-
Outcomes
Practice w i t h m a n a g i n g p rocesses i n rea l t i m e.
-
Before you begin ...
Perfo r m the fo l l ow i n g tasks a s s t u d e n t o n the serverX m a c h i ne. Run lab process101 s e t u p
o n serverX t o prepa re f o r t h i s exercise.
-
-
[ student@serverx -]$ lab process101 setup
D 1.
Open two ter m i n a l w i n d ows, side by s i d e, to b e refe rred to a s left a n d right. In the r i g h t
ter m i n a l , r u n t h e t o p u t i l ity. S i ze t h e w i n d ow to be a s ta l l a s poss i b l e.
I [ student@serverx -]$ top
-
'
� - -- - �------�-�--�
-
D 2.
I n t h e left te r m i n a l , d ete r m i n e t h e n u m be r o f l o g ica l C P U s o n t h i s v i rt u a l m a c h i ne.
i [ student@serverX
ii 1
r ·
-
-
we
-1
II [ student@serverx -]$ process101
D 4.
I n t h e rig ht te r m i n a l , obse rve t h e t o p d i s p l ay. U s e t h e s i n g l e keyst rokes 1, t , a n d m to
tog g l e the l o a d , t h reads, a n d m e m o ry header l i nes. After observing this b e h a v i o r, e n s u re
t h a t a l l headers a re d i s p l a y i n g .
D 5.
N ote the process I D ( P I D) for p roces s 101. View t h e C P U p e rcentage for t h e process,
w h i c h is expected to hover a r o u n d 25% o r 30%.
-
I n the left term i n a l , r u n a s i n g l e i n st a n ce of the p roce ss101 executa b l e.
View t h e load averages. On a s i n g l e- C P U v i rt u a l m a c h i ne, for exa m p l e, the o n e- m i n ute
load avera g e is c u r re n t l y less than a va l u e of 1 . The va l u e o b s e rved may be a ffected by
reso u rce conte n ti o n fro m a n other virtu a l m a c h i n e o r t h e v i r t u a l h ost.
-
-
- ---- - -
D 3.
-
-
-] $ grep "model name" /proc/cpuinfo I
D 6.
i [student@serverx -]$ process101
I n the l eft te r m i n a l , r u n a second i n stance of p r o c e s s 101.
I
L- -----------�---�--�
-
D 7.
-
I n top, n ote t h e p rocess I D ( P I D) for t h e second p ro c e s s 1 0 1. View t h e C P U p e rce n t a g e
for t h e process, a l so e x p e c t e d to h o v e r a r o u n d 25% o r 30%.
View t h e o n e- m i n ute l o a d average again, w h i c h m a y sti l l be l ess than 1 . Wa it u p to one
m i n ute to a l low t h e ca l c u l a t i o n to adjust to t h e new w o r k l o a d .
-
-
-
R H1 24- R H E L 7-en-1-20140606
1 87
C h a pte r 7. M o nitoring a n d M a n a g i n g L i n u x Processes
D 8.
I [ student@serverX -]$
In t h e l eft te r m i n a l , r u n a t h i rd i n stance of p rocess101.
f
i
D 9.
-
process10 1
I n t o p , note t h e process I D ( P I D) for t h e t h i rd p ro ce ss101. View t h e C P U percentage for
the p rocess, again expected to hover a ro u n d 25% o r 30%.
V i ew t h e one- m i n ute l o a d ave ra g e a g a i n , which now i s expected to be a b ove 1 . Wa it u p to
one m i n ute to a l low the ca l c u l at i o n to a g a i n a dj u st to the new w o r k l o a d .
D 1 0.
Optional: I f t h i s v i rt u a l m a c h i n e h a s m o re t h a n o n e l og i c a l C P U , s l ow l y start a d d i t i o n a l
p ro c e s s 101 i n sta n ces u n t i l t h e one-m i n ute load ave ra g e e q u a l s o r exceeds t h e n u m be r
o f l o g i c a l C P U s. D i v i d e t h e l o a d average va l u e b y t h e n u m be r o f C P U s to dete r m i n e t h e
est i m ated l o a d avera g e p e r C PU .
D 11.
W h e n f i n ished observ i n g t h e l o a d avera g e va l u es, t e r m i nate each of t h e process101
processes from w i t h i n top.
-
D 1 1 .1 . P ress k . Observe t h e p r o m pt b e l ow t h e h e a d e rs a n d a bove t h e co l u m ns .
D 11.2. Type t h e P I D for o n e of t h e process101 i n sta n ces. P r e s s E n t e r .
-
D 11 .3. P ress E n t e r a g a i n to u s e t h e defa u l t SIGTERM s i g n a l 15.
Confi r m that t h e s e l ected p rocess i s no l o n g e r obse rved i n top. I f the PIO sti l l re m a i ns,
repeat t h ese term i n a t i n g steps, s u bst i t u t i n g SIGKI L L s i g n a l 9 when prompted.
D 12.
Repeat t h e p rev i o u s step fo r each rem a i n i n g p ro ce ss101 i nsta n ce. Confi r m that n o
p ro c e s s 101 i n st a n ces re m a i n i n t o p .
D 13.
In t h e r i g h t w i n d ow, p ress q to exit top. C l ose extra t e r m i n a l w i n d ows.
-
-
-
-
-
-
-
-
-
188
R H 1 24- R H E L7-en-1-20140606
-
-
-
L a b : M o n itoring a n d M a n a g i n g L i n u x Processes
-
La b: M o n it o r i n g a n d M a n a g i n g L i n u x P rocesses
-
Performance checklist
-
I n t h i s l a b, students w i l l l ocate a n d m a n a g e p rocesses t h a t a re u s i n g t h e most resou rces on a
syste m .
Outcomes
-
E x p e r i e n c e u s i n g top a s a p rocess m a n a g e m e nt too l .
Before you begin ...
-
-
-
-
-
Perfo r m the fo l l o w i n g t a s ks a s s t ud e n t o n the serverX m a c h i ne. Run lab p rocesses s e t u p
a s r o o t o n s e rverX to prepa re fo r t h is exe rcise.
I! [student@serverX -]$ lab processes setup
1.
In a te r m i n a l w i n d ow, ru n t h e t o p u t i l ity. S i z e t h e w i ndow to be a s ta l l as poss i b l e.
2.
Obse rve t h e t o p d i s p l ay. T h e defa u l t d i s p l a y sorts by C P U ut i l i z a t i o n , h i g h est fi rst. W h a t a re
t h e p rocesses u s i n g t h e most C P U t i m e?
3.
C h a n g e the d i s p l a y to sort by the a m o u nt of m e m o ry in use by each p rocess.
4.
W h a t a re the p rocesses w i t h the l a rgest m e m ory a l l ocat ions?
5.
Tu r n off the u s e of bold i n the d i s p lay. S a ve t h i s confi g u ration for reuse w h e n top is
resta rted.
6.
Exit t op, then rest a rt it a g a i n . Confirm that t h e n ew d i s p l ay uses the saved confi g u ration;
i.e., t h e d i s p l ay sta rts sorted by m e m o ry u t i l i z a t i o n a n d bold i s turned off.
7.
M o d ify t h e d is p l a y to aga i n sort by C P U u t i l i z a t i o n . Tu rn o n t h e use of b o l d . O bse rve t h a t
o n l y Running o r Runnable (state R ) p r o c e s s entries a re b o l d . S a v e t h i s conf i g u ra t i o n .
8.
Open a n oth e r t e r m i n a l w i n dow if necessa ry. A s roo t , s u s p e n d the hippo p rocess. In top,
obse rve that the p rocess state i s now T.
9.
The hippo p rocess q u i c k l y d i s a p pears from the d i s p l ay, since it i s no l o n g e r actively u s i n g
C P U res o u rces. L i st t h e p rocess i n fo r m a t i o n f r o m t h e comma n d l i n e to confi r m t h e p rocess
state.
-
-
-
-
-
1 0. Res u m e exe c u t i o n of t h e hippo processes.
-
11.
When f i n i s h e d observi n g the d i s p l ay, t e r m i nate the extra p rocesses u s i n g the co m ma n d l i n e.
Confi r m t h a t t h e p rocesses n o l o n g e r d i s p l a y i n t o p.
-
12.
C h e c k t h a t t h e c l e a n u p is s u ccessfu l by r u n n i n g t h e g ra d i n g s c r i pt. I f necessa ry, f i n d a n d
t e r m i nate p rocesses l isted by t h e g ra d i n g s c r i pt, a n d repeat g ra d i n g .
-
13.
Exit t h e t o p d i s p l ay. C l o s e ext ra term i n a l w i n d ows.
-
-
-
R H 1 24- R H E L 7-e n-1-20140606
189
-
-
C h a pter 7. M o n it o r i n g a n d M a n a g i n g L i n u x Processes
Solution
I n t h i s l a b, s tu de nts w i l l l ocate a n d m a n a g e processes t h a t a re u s i n g t h e most resou rces on a
system.
Outcomes
-
E x p e r i e n ce u s i n g top a s a p rocess m a n a g e m e n t too l .
Before you begin ...
-
Perform t h e fo l l ow i n g tasks a s student o n t h e serverX m a c h i ne. R u n lab p rocesses s e t u p
a s r o o t o n serverX to p r e p a re f o r t h i s exercise.
[student@serverX ] $ la b
r-- ·
!
.
.
. ·
-
1.
...
.. ..
-
.
..
processes s e t u p
In a term i n a l w i n d ow, run the t o p u t i l ity. S i z e t h e w i n d ow to be a s ta l l a s poss i b l e.
[student@serverX -]$ top
top - 12 : 47 : 46 up 2 : 82, 3 users, load average : 1 . 67, 1 . 25, 8 . 73
Tasks : 361 total, 6 running, 355 sleeping, 8 stopped, 8 zombie
%Cpu ( s ) : 98 . 5 us, 1 . 4 sy, 8 . 8 ni, 8 . 8 id, 8 . 8 wa, 8 . 8 hi, 8 . 1 si, 8 . 8 st
1748 buffers
KiB Mem : 2843424 total, 897112 used, 1146312 free,
8 used, 4879612 free . 296276 cached Me
KiB Swap : 4879612 total,
PIO USER
PR NI VIRT RES SHR S %CPU %MEM
TIME+ COMMAND
28 8 4156
4819 root
8 R 57 . 5 8 . 8 2 : 54 . 15 hippo
76
2492 student 28 8 1359588 168428 37492 s 16 . 8 8 . 2 3 : 55 . 58 gnome- shell
1938 root
28 8 189648 35972 7568 R 1 . 9 1 . 8 8 : 29 . 66 Xorg
2761 student 28 8 628192 19688 12296 s 8 . 4 1 . 8 8 : 84 . 48 gnome- termi+
o u t p u t t runca t e d
2.
.
:
O bse rve t h e t o p d i s p l ay. The defa u lt d i s p l a y sorts by C P U u t i l ization, h i g hest f i rst. W h a t a re
t h e processes u s i n g t h e most C P U t i m e?
I n a d d i t i o n to t h e defa u lt G N O M E s h e l l , f i n d t h e p rocess n a med hippo.
3.
-
C h a n g e the d i s p l a y to sort by the a m o u nt of m e m o ry in use by each process.
P ress M.
top - 12 : 57 : 38 up
Tasks : 368 total,
%Cpu ( s ) : 99 . 8 us,
KiB Mem : 2843424
KiB Swap : 4879612
PIO USER
PR
2492 student 28
4813 root
28
1938 root
28
2576 student 28
2428 student 28
2558 student 28
:--
ou tpu t t runca t e d
4.
-
2 : 11, 3 users, load average : 2 . 89, 1 . 78, 1. 19
5 running, 355 sleeping, 8 stopped, 8 zombie
8 . 2 sy, 8 . 8 ni, 8 . 8 id, 8 . 8 wa, 8 . 8 hi, 8 . 8 si, 8 . 8 st
total, 896952 used, 1146472 free,
1748 buffers
8 used, 4879612 free . 296288 cached Mem
total,
TIME+ COMMAND
NI VIRT RES SHR S %CPU %MEM
8 1359588 168428 37492 s 8 . 5 8 . 2 4 : 81 . 84 gnome- shell
8 55368 51288 152 s 8 . 8 2 . 5 8 : 88 . 43 elephant
8 189648 35972 7568 R 8 . 2 1 . 8 8 : 38 . 49 Xorg
8 533752 33684 27784 S 8 . 1 1 . 6 8 : 89 . 29 vmtoolsd
8 916268 25616 14484 s 8 . 8 1 . 3 8 : 88 . 61 gnome- setti+
8 1848284 23136 16868 S 8 . 8 1 . 1 8 : 88 . 46 nautilus
-
-
-
What a re t h e processes with t h e l a rg est m e m o r y a l l oc a t i o n s?
I n a d d i t i o n to t h e defa u lt G N O M E s h e l l a n d Xo r g , f i n d a p rocess n a m e d elephan t .
-
190
RH124- R H E L7 - e n -1-20140606
-
-
-
-
Sol ution
-
5.
Tu r n o f f t h e use of b o l d i n t h e d i s p l ay. S a v e t h i s confi g u ra t i o n for re use w h e n t o p is
resta rted.
-
Press the s i n g l e u p p e rcase keyst roke B to tog g l e bold u s e off.
P ress t h e s i n g l e u p p e rcase keyst roke W to save t h i s confi g u ra t i o n . The defa u l t config u ra t i o n
fi l e i s . t o p r c i n t h e c u rrent u s e r ' s h o m e d i recto ry.
6.
-
Exit top, t h e n resta rt it a g a i n . Confirm t h a t the new d i s p l ay uses the saved confi g u ra t i o n ;
i . e . , t h e d i s p l a y s t a r t s s o r t e d by m e m o ry u t i l ization a n d b o l d i s t u rned off.
I [student@serverx -]$ to;
Press q to q u i t t h e c u r rent d i s p l a y, t h e n r u n top a g a i n .
-
I
-
7.
-
M o d ify t h e d i s p l ay to a g a i n sort by C P U u t i l ization. Tu r n o n t h e use of b o l d . O b s e rve t h a t
o n l y Running o r Runnable (state R) p rocess e n t r i e s a re b o l d . S a v e t h i s config u ra t i o n .
P ress t h e s i n g l e u p p e rcase keyst roke P to s o r t b y C P U u t i l izat i o n .
Press t h e s i n g l e u p p e rcase keystroke B to tog g l e b o l d u s e on.
Press t h e single u p p e rcase keyst roke W to save t h i s confi g u ra t i o n .
-
8.
O p e n a n ot h e r te r m i n a l w i ndow i f necessa ry. As root , s u s pe n d t h e h i p p o p rocess. I n t o p ,
obse rve that t h e p rocess s t a t e i s n o w T .
[student@serverx -]$ su Password : redhat
[ root@serverX -]# pkill - SIGSTOP hippo
-
i
-
-
9.
I:
The hippo p rocess q u ic k l y d i s a p pea rs from the d i s p l ay, s i n ce it is n o l o n g e r act ive l y u s i n g
C P U resou rces. L i st t h e process i nfo r m a t i o n f r o m t h e c o m m a n d l i n e to confi r m t h e process
state.
I
-
i
-
[ root@serverx -]# ps
-f
$( pgrep hippo)
1 0. R e s u m e execution of t h e hippo p rocesses.
[ root@serverx -]# pkill
-
11.
-
-
- SIGCONT
hippo
W h e n f i n i shed o bs er vi n g t h e d i s p l ay, t e r m i nate t h e e x t r a processes u s i n g t h e co m m a n d l i n e.
Confirm that t h e processes n o l o n g e r d i s p l a y i n t o p.
[ r oo t @s er v e r x - ] # p kill e 1 ep h a n t
[ root@serverX -]# pkill hippo
����������������.JI
· ---___-___________�--____����
_
12.
-
C h e c k that t h e c l e a n u p i s s u ccessfu l by r u n n i n g t h e g ra d i n g s c r i pt. I f necessa ry, f i n d a n d
te r m i nate p rocesses l i sted by t h e g ra d i n g scri pt, a n d r e p e a t g r a d i n g .
I [ root@serverX -] # lab processes grade
-
13.
E x i t t h e t o p d i s p l ay. C l ose extra term i n a l w i n d ows.
-
-
-
R H 1 24- R H E L 7-en-1-20140606
1 91
-
-
C h a pter 7. M o n itoring a n d M a n a g i n g L i n u x Processes
-
P ress q to q u it .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
192
R H 1 24- R H E L7-e n -1-20140606
-
-
-
-
Solution
-
S u m m a ry
-
Processes
Define process compone nts and i n t e r p ret p rocess viewing co m m a n d s .
C o n t ro l l i n g J o b s
Practice exte n d e d p rocess m a n a g e m e n t tec h n i q u es, i n c l u d i n g sta rti n g , s u s p e n d i n g , a n d
c o n n e ct i n g to m u l t i p l e c o n c u rre n t tas ks.
K i l l i n g P rocesses
-
Use si g n a l s to stop, sta rt, and re l o a d p rocesses and p rocess config u ra t i o n s .
M o n it o r i n g P rocess Activity
M a n a g e syst e m wo r k l oa d by uti l i z i n g load averages a n d p rocess statistics.
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
193
-
-
'
-
-
-
-
-
-
-
-
1 94
-
I
®
red h at
TRAINING
®
C HA PT E R 8
CONT ROL LING SERVICES AND
DAEMONS
Overview
Goal
To control a n d m o n itor network services a n d syste m
d a e m o n s u s i n g systemd.
Objectives
•
L i st syste m d a e m o n s a n d network services started by t h e
systemd service a n d socket u n its.
•
Control system d a e m o n s and n etwo r k services u s i ng
syst emc t l .
Sections
•
I d entify i n g Automat i c a l l y Sta rted System Processes ( a n d
Practice)
Lab
R H1 24- R H E L7-en-1-20140606
•
Contro l l i ng System Services (a nd Pract ice)
•
Contro l l i n g Services a n d Daemons
195
-
-
C h a pter 8. Con tro l l i n g S e rvices a n d D a e m o n s
-
I d e nt ifyi n g A u to m a t i ca l l y Sta rted System
P rocesses
-
Objectives
Aft e r com p l et i n g t h i s sect i o n , st u d e nts s h o u l d be a b l e to l ist syst e m d a e m o n s a n d network
se rvices started by t h e syst emd service and soc ket u n its.
I ntroduction to sys t emd
-
-
System sta r t u p a n d server p rocesses a re m a n a g e d by t h e systemd System and Service Manager.
T h i s p rog ra m provides a method for activat i n g system resou rces, server d a e m o ns, a n d o t h e r
p rocesses, b o t h at boot t i m e a n d o n a r u n n i n g syste m .
Daemons a re p rocesses t h a t wa it o r r u n i n the backg ro u n d perfo r m i n g va r i o u s tasks. G e n e ra l l y,
d a e m o n s start a utomatica l l y at boot t i m e a n d cont i n u e to r u n u n t i l s h utdown or u n t i l t h ey a re
m a n u a l l y stopped. By conve n t i o n , t h e n a mes of m a ny d a e m o n progra m s e n d i n t h e l etter " d " .
To l i sten fo r con n e ct i o n s , a d a e m o n uses a socket. T h i s is t h e p r i m a ry com m u n ication c h a n n e l
w i t h l oca l o r remote c l ients. Soc kets m a y be c reated b y d a e m o n s o r m a y be separated from
t h e daemon and be created by another p rocess, s u c h a s syste m d . The socket is passed to the
d a e m o n when a connect i o n i s esta b l i s h e d by t h e c l i e nt.
A service ofte n refers to o n e o r more d a e m o n s, b u t sta rt i n g o r sto p p i n g a se rvice m a y i n stead
make a o n e -t i m e change to the state of t h e system, which does n ot i nvolve leaving a d a e m o n
p rocess r u n n i n g afterwa rd (ca l l ed oneshot).
-
-
-
-
A b i t of h i story
Fo r many years, p rocess ID 1 of L i n u x and U N I X syste m s has been t h e init p rocess. T h i s p rocess
was res p o n s i b l e fo r activat i n g ot h e r se rvices o n t h e system and i s t h e o r i g i n of t h e term "in it
syste m ." Fre q u e n t l y used d a e m o n s were started o n syste m s a t boot time with System V a n d
LSB i n it scri pts. These a re s h e l l s c r i pts, a n d m a y vary from o n e d i st r i b ut i o n to a not h e r. Less
freq u e n t l y used daemons we re started o n demand by another service, such a s initd or
xinetd, which l i stens for c l i e n t con n e c t i o n s. These syste m s have seve ra l l i m itat ions, which a re
a d d ressed with syste m d .
I n Red Hat Enterprise L i n u x 7, process I D 1 is s y s t e m d , t h e new i n it syst e m . A few of t h e n e w
featu res provided b y syste m d i n c l u d e :
•
Pa ra l l e l i zation capa b i l ities, w h i c h i n c rease t h e b o o t speed of a syste m .
•
O n - d e m a n d sta rt i n g of d a e m o n s w i t h o u t req u i r i n g a s e p a rate servi ce.
•
•
Automatic service d e p e n d e n cy m a n a g e m ent, w h i c h can p revent l o n g t i meo uts, s u c h a s by not
sta r t i n g a network service when t h e network is not ava i l a b l e.
-
-
-
-
-
A method of tracking re l ated p rocesses tog e t h e r by u s i n g L i n u x control g ro u ps.
196
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
I nt ro d u c t i o n to syst emd
-
-
--��-. .
"'..._
Note
/-
�
W i t h syste m d , s h e l l-based service s c r i pts a re used o n l y for a few l e g a cy s e rv i ces.
T h e refore, config u ration f i l e s with s h e l l va r i a b l es , such a s those fou n d i n
/ e t c / sysconfig, a re b e i n g r eplaced. Those st i l l i n u s e a re i n c l u d e d as syste m d
e n v i ro n m e n t f i l e s a n d r e a d a s N A M E = VA L U E pa i rs. T h e y a re n o l o n g e r sou rced a s a
s h e l l s c r i pt .
-
-
sys t e mc t l
-
-
Some com m o n u n it t y p e s a re l i sted b e l ow:
•
-
•
-
-
-
-
-
-
-
-
-
u nits
T h e sys t emc t l may a b b reviate or " e l l i ps i z e " u n it n a mes, p rocess t ree e n t ries, a n d
u n it d e s c r i pt i o n s u n l ess r u n w i t h t h e 1 o p t i o n .
•
-
syst emd
Important
-
-
and
The sys t em c t l c o m m a n d i s used to m a n a g e d i ffere n t types of syst e m d o bjects, ca l l ed units. A
l i st of ava i l a b l e u n it types ca n be d i s p l ayed w i t h sys temc t l - t help.
Service u n its have a .service exte n s i o n and re p resent system services. T h i s type of u n it i s used
to sta rt freq u e nt l y a ccessed daemons, such a s a web s e rver.
Soc ket u n its have a .socket exte n s i o n a n d re p resent i nter-process co m m u n i c a t i o n ( I PC)
soc kets. Control of the socket w i l l b e passed to a d a e m o n o r n ew l y sta rted s e rvice when a
c l i e n t c o n n ection is m a d e. Soc ket u n its a re u s e d to d e l ay t h e sta rt of a service at boot t i m e
a n d to s t a r t l e s s freq u e n t l y u s e d services o n d e m a n d . T h e s e a re s i m i l a r i n p r i n c i p l e to services
which u s e t h e xinetd s u p e rserver to start o n d e m a n d .
Pat h u n its h a v e a .path exte n s i o n a n d a re used to d e l a y t h e activa t i o n o f a service u n t i l
a specific f i l e syste m c h a n g e occu rs. T h i s i s c o m m o n l y u s e d f o r services w h i c h use spool
d i rectories, s u c h a s a printing syst e m .
Service states
The sta t u s of a service can be viewed with sys t emc t l s t a t u s name . type. I f the u n it type i s
not p rov i d e d , sys t e m c t l wi l l show t h e stat u s of a s e r v i c e u n it, if o n e exists.
[ root@serverx -]# systemc t l s t a t u s s s h d . s e rvice
sshd . service - OpenSSH server daemon
Loaded : loaded ( /usr/lib/systemd/system/sshd . service ; enabled )
Active : active ( running ) since Thu 2S14-S2-27 11 : 51 : 39 EST; 7h ago
Main PID : 1S73 ( sshd )
CGroup : /system
. slice/sshd . service
L...1 s73 /usr/sbin/sshd
-D
Feb 27 11 : 51 : 39 servers . example . com systemd [l] : Started OpenSSH server daemon .
Feb 27 11 : 51 : 39 servers . example . com sshd [1S73] : Could not load host key : /et . . . y
Feb 27 11 : 51 : 39 servers . example . com sshd [1S73] : Server listening on s . s . s . s . . . .
Feb 27 11 : 51 : 39 servers . example . com sshd [1S73] : Server listening on : : port 22 .
Feb 27 11 : 53 : 21 servers . example . com sshd [127S] : error : Could not load host k . . . y
Feb 27 11 : 53 : 22 servers . example . com sshd [127S] : Accepted password for root f . . . 2
Hint : Some lines were ellipsized, use - 1 to show in full .
Severa l keywords i n d i ca t i n g t h e state of t h e se rvice c a n be fo u n d i n t h e status output:
R H 1 24- R H E L7 -en -1 -20140606
1 97
-
C h a pter 8. C o n t ro l l in g S e rvices a n d D a e m o n s
-
Keywo rd :
Desc r i p t i o n :
loaded
U n it config u ra t i o n file h a s been p rocesse d .
active (ru n n i n g )
R u n n i n g w i t h o n e o r more cont i n u i n g p rocesses.
active (ex ited)
S u ccessfu l l y com p l eted a one-time confi g u ra t i o n .
a c t i v e (wa i t i n g )
R u n n i n g but wait i n g f o r a n eve nt.
i n a cti ve
N ot r u n n i n g .
enabled
W i l l b e started a t b o o t t i me.
d i sa b l ed
W i l l not be started at boot t i m e.
sta t i c
C a n not be e n a b le d , but may be s t a r t e d by a n e n a b l e d u n it
a u t o m a t i ca l l y.
-
-
Note
The sys t em c t l s t a t u s NAME c o m m a n d re p l a ces t h e se rvice
com m a n d u s e d i n p rev i o u s vers i o n s of Red H a t Enterprise L i n u x .
NAME
status
Listing unit files with sys t emc t l
I n t h i s exa m p l e, p l ease fo l l ow a l ong w i t h t h e next steps w h i l e yo u r i n st r u ctor d e m o n st rates
obta i n i n g sta t u s i nfo r m a t i o n of services.
-
Note
Notice t h a t t h e systemctl com m a n d w i l l a utomatica l ly p a g i nate t h e o u t p u t w i t h
less.
1.
Q u e ry t h e state of a l l u n its to verify a system sta rtup.
[ root@serverX -]#
systemc t l
-----· --
2.
Query t h e state of o n l y t h e service u n its.
i
3.
[ root@serverX -]#
systemc t l - - type=se rvice
I nvest igate any u n its w h i c h a re in a fa i l ed or m a i nten a n ce state. O p t io n a l l y, add the
o pt i o n to s h ow t h e f u l l output.
[ root@serverX -]#
-� ---
------ ·---- -
.
4.
-1
-
--�
systemc t l s t a t u s rngd . s ervice - 1
- --- --- · -
..
------
--
· ·----- ----- -
-----·--
.
----
-
·- · ·· -
The s t a t u s a rg u m e n t may a l so b e used to dete r m i n e if a parti c u l a r u n it i s active a n d show
if t h e u n i t is e n a b l e d to start at boot t i me. A lt e r n a te co m m a n d s ca n a l so e a s i l y s how t h e
active a n d e n a b l e d states:
[ root@serverX -]#
[ root@serverX -]#
---------- ---
--- �-------
198
-------'
--
-
-
··-·--- · �-
-· · - ----·· --- - ---
- ��--
-
systemc t l is - active s s h d
systemct l is - enabled sshd
--�
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
L i s t i n g u n it f i l e s w i t h syst emc t l
-
5.
[ root@serverx -]#
[ root@serverx -]#
-
-
6.
-
-
7.
-
-
List t h e active state o f a l l l o a d e d u n its. O p t i o n a l l y, l i m i t t h e type o f u n it. T h e
w i l l a d d i n a ct i ve u n its.
R
-
- all o p t i o n
syst emc t l list - units - - type=se rvice
sys temctl list - un i t s - - type=service - - all
V i ew the e n a b l ed a n d d i sa b l ed sett i n g s for a l l u n its. O p t i o n a l l y, l i m i t the type of u n it.
[ root@serverX -]#
systemc t l list - u nit - files - - type=service
View o n l y fa i l ed services.
[ root@serverX -]#
systemc t l - - failed - - type=se rvice
References
sys t emd(l ), syst emd . u n i t ( S ) , syst emd . service(S), syst emd . soc k e t ( S ) , a n d
sys t emct l(1 ) m a n pages
-
-
Additional information m a y b e ava i l a b l e i n t h e c h a pt e r o n m a n a g i n g services with
syst emd i n t h e Red Hat Enterprise Linux System Administrator's Guide for Red Hat
E n t e r prise L i n u x 7, which c a n b e fou n d a t
http://docs.re d h at.co m /
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1 -201 40606
199
-
-
C h a pter 8. C o n t ro l l i n g Services a n d D a e m o n s
P ra ct i ce: I d e nt i fy t h e Sta t u s of sys t emd U n its
Guide d exercise
-
-
I n t h i s l a b , you w i l l ide ntify i n sta l l ed a n d r u n n i n g services o n t h e syste m .
-
O utcomes:
A l i st of act ive and e n a b l e d s e rvices o n the system.
Before you begin
-
..•
Reset yo u r serverX syste m .
D 1.
D 2.
L i s t a l l service u n its o n t h e syst e m .
[ student@serverx
- ] $ s u d o systemctl list - u nit s - - type=service
-
L i s t a l l socket u n its, a ct ive a n d i n a ctive, o n t h e syst e m .
I
D 3.
-
[ student@serverx
-
- ] $ s u d o systemc t l lis t - unit s - - type=socket - - all
E x p l o re t h e status of t h e c h r o nyd service. T h i s service is used for network t i m e
syn c h ro n izat i o n ( N T P).
-
D 3.1 .
-
D i s p l a y t h e status o f t h e c h ronyd service. N ote t h e process I D o f a n y a ct ive
d a e m o ns.
I [student@serverX - ] $ s u d o systemc tl s t a t u s c h ronyd
-
i
D 3.2. Confirm t h a t t h e l i sted d a e m o n s a re r u n n i n g .
I
D 4.
[student@serverx
-
- ] $ ps - p PID
-
E x p l o re t h e stat u s of t h e s s h d serv ice. T h i s service i s used for s e c u re e n c rypted
com m u n ication betwe e n syste ms.
D 4.1 .
-
Dete r m i n e if t h e s s h d s e rvice is e n a b l e d t o sta rt at syste m boot.
[student@serverx
- ] $ sudo systemctl is - enabled sshd
D 4.2. Dete r m i n e i f the sshd service i s active w i t h o u t d i s p l a y i n g a l l of the sta t u s
i nfor m a t i o n .
[ [student@serverx
- ] $ s u d o systemct l is - act ive sshd
D 4.3. D i s p l a y the sta t u s of the sshd service.
[student@serverx
-
-
-
- ] $ sudo systemct l s t a t u s sshd
-
200
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
G u i d e d exercise
-
D 5.
-
List t h e e n a b l e d o r d i s a b l ed states of a l l s e rv i ce u n its.
[student@serverX -]$
sudo sys temctl list - unit - files - - type=se rvice
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L7 - e n -1-20140606
201
-
-
C h a pter 8. C o ntro l l i n g S e rvices a n d D a e m o n s
Cont ro l l i n g Syste m S e rv i ces
-
Objectives
-
After com p l e t i n g t h i s sect i o n , students s h o u l d be a b l e to control system d a e m o n s a n d network
services u s i n g syst emc t l.
-
Starting and stop ping system daemons on a running
-
system
C h a n ges to a confi g u ra t i o n f i l e or ot h e r u pdates to a s e rvice m a y req u i re t h a t t h e service be
resta rted. A s e rvice that i s n o l o n g e r used may b e sto pped before re m ov i n g the softwa re. A
service that is not freq u e n t l y used m a y be m a n u a l l y sta rted by a n a d m i n istrator o n l y w h e n it is
needed.
In this exa m p l e, p l ease fo l l ow a l o n g w i t h t h e next steps w h i l e yo u r i n structor d e m o n st rates
m a n a g i n g services o n a r u n n i n g system.
1.
I [ root@serverx -]#
-
View t h e s t a t u s of a se rvice.
.
--systemctl s t a t u s s s h d . se rvice
�-�
�--- -
�--- ----��- - - ---��--------�--�·
-
�-==-----i
-
;,___ ___�
2.
Verify t h a t t h e p rocess is r u n n i n g .
[ root@serverx -]#
r---- -
j
'
3.
4.
5.
6.
-
--------�
----- ---------- ------- --- ---
ps - up PIO
-
Stop the service and verify the status.
[ root@serverX -]#
[ root@serverX -]#
-
systemc t l s t o p sshd . se rvice
systemct l s t a t u s s s h d . se rvice
Start the s e rvice a n d view the status. The p rocess ID has c h a nged.
[ root@serverX -]#
[ root@serverX -]#
-
-
systemc t l s t a r t sshd . service
systemc t l s t a t u s s s h d . se rvice
Stop, t h e n sta rt, the service in a s i n g l e co m m a n d .
[ root@serverx -]#
[ root@serverx -]#
systemc t l r e s t a r t sshd . se rvice
systemc t l s t a t u s s s h d . se rvice
-
I ss u e i n s t r u c t i o n s for a service to rea d a n d re l o a d its config u ration f i l e w i t h o u t a com p l ete
stop and sta rt. The process ID wi l l n ot c h a n ge.
il,.-i [ root@:� rverx -]#
-
[ root@serverx -]#
-
systemc t l reload s s h d . s e rvice
systemc t l s t a t u s s s h d . se rvice
------- ------�
-
202
R H 1 24- R H E L 7-e n-1-20140606
-
-
-
...
E n a b l i n g system d a e m o n s to start o r stop at boot
-
Unit dependencies
-
-
S e rvices may be started a s d e p e n d e n cies of other services. I f a soc ket u n it is e n a b l e d a n d the
service u n it with t h e same name i s n ot, t h e service will a ut o m a t ica l l y be sta rted when a req u est
is made o n the n etwo r k socket. S e r v i ces m a y a l so be t r i g g e red by path u n its when a file system
condition is met. Fo r exa m p l e, a fi l e p l aced i nto t h e print spool d i rectory w i l l ca u s e t h e cups p r i n t
s e r v i c e to be started if it i s not r u n n i n g .
[ root@serverX -]# systemc t l s t o p cups . se rvice
Warning : Stopping cups , but it can still be activated by :
cups . path
cups . socket
-
-
-
-
-
To c o m p l et e l y stop p r i n t i n g s e rvices o n a syste m , stop a l l t h ree u n its. Disa b l i n g t h e service w i l l
d i sa b l e t h e d e p e n d e n c ies.
The syst emc t l lis t - dependencies UNIT c o m m a n d c a n be used to print out a t re e of w h a t
ot h e r u n its m u st b e started i f t h e s p e c ified u n it i s sta rted. D e p e n d i n g o n t h e e x a c t d e p e n d e n cy,
t h e ot h e r u n it may n e e d to be r u n n i n g before o r after t h e s p e c ified u n it sta rts. T h e - - r eve r s e
o p t i o n to t h i s com m a n d w i l l s h ow w h a t u n its need t o h a v e t h e specified u n it sta rted i n o rd e r t o
run.
M a s k i n g services
-
-
At t i m es, a system m a y have c o n f l i ct i n g services i n sta l l ed . Fo r exa m p l e, t h e re a re m u l t i p l e
methods t o m a n a g e networks ( n etwork a n d N etwork M a n a g e r) a n d fi rewa l l s (ipta b l es a n d
fi rewa l l d). To preve nt a n a d m i n istrator from a c c i d e nta l l y sta r t i n g a se rvice, that service m a y b e
masked. M a s k i n g w i l l c reate a l i n k i n t h e config u ra t i o n d i rectories s o t h a t i f t h e service is sta rted,
n ot h i n g will h a p p e n .
[ root@serverX -]# systemct l m a s k netwo r k
ln -s ' /dev/null ' ' /etc/systemd/system/network . service '
[ root@serverX -]# systemc t l unmask netwo r k
rm ' /etc/systemd/system/network . service '
-
-
Important
-
A d i s a b l e d service w i l l n ot be sta rted a utomatica l l y at boot or by other u n it f i l es ,
b u t c a n be s t a r t e d m a n u a l l y. A masked s e r v i c e c a n not b e started m a n ua l l y o r
a utomatica l l y.
-
-
-
-
-
Enabling syste m dae mons to start or stop at boot
Start i n g a service o n a r u n n i n g syst e m does not g u a ra ntee t h a t t h e service w i l l be started
when the system reboots. S i m i l a r l y, sto p p i n g a service o n a r u n n i n g system wi l l not keep it from
sta r t i n g again w h e n t h e syst e m reboots. Se rvices a re started a t boot t i m e w h e n l i n ks a re c reated
i n t h e a p p ropriate sys t emd confi g u ration d i recto ries. These l i n ks a re c reated and rem oved w i t h
syst emc t l co m m a n d s .
I n t h i s exa m p le, p l ease fo l l ow a l o n g with t h e n e x t s t e p s w h i l e yo u r i n st r u ctor d e m o n st rates
e n a b l i n g and d i sa b l i n g services.
1.
View t h e sta t u s of a service.
-
-
-
R H1 24- R H E L 7-en-1-20140606
203
C h a pter 8. Contro l l i n g Services a n d Daemons
[ r oot@serverX - ] # syst emct l s t a t u s sshd . service
2.
D is a b l e t h e service a n d verify t h e status. N ote t h a t d i s a b l i n g a service does not stop t h e
servi ce.
[ r oot@serverX - ] # systemctl disable sshd . service
[ r oot@se rverX - ] # systemct l status sshd . service
3.
E n a b l e the service and v e rify the status.
[ r oot@serverX - ] # systemctl enable sshd . service
[ r oot@ s e r v e r X - ] # systemctl is - enabled sshd . service
S u m m a ry of sys t emc t l com m a n d s
S ervices c a n b e started a n d sto pped o n a r u n n i n g system a n d e n a b l e d o r d i s a b led for automatic
start at boot t i me.
:1
Task:
Command:
V i ew deta i l ed i nfo rmation a bout a u n i t state.
systemc t l s t a t u s UNIT
Stop a s e rvice o n a ru n n i ng system.
systemc t l s top UNIT
Start a service o n a r u n n i ng syste m .
sys t emc t l s t a r t UNIT
Restart a s e rvice on a r u n n i n g syste m .
systemc t l r e s t a r t UNIT
R e load confi g u ra t i o n f i l e of a r u n n i n g service.
sys t emc t l reload UNIT
C o m p letely d i s a b l e a service f ro m b e i n g
sta rted, both m a n u a l l y a n d at boot.
sys t emc t l mask UNIT
M a ke a m a s ked service a va i l a bl e.
sys t emc t l unmask UNIT
Confi g u re a service to start at boot t i me.
s y s t emc t l enable UNIT
D i s a b l e a s e rvice from sta r t i n g at boot t i me.
sys t emc t l disable UNIT
L i st u n its w h i c h a re req u i red a n d wa nted by
t h e specified u n it.
sys t emc t l lis t - dependencies UNIT
'
fR I
Refe re n ces
sys t emd(1 ) , syst emd . uni t ( 5 ) , s y s temd . s e rvic e ( 5 ) , s y s t emd . socket ( 5 ) , a n d
syst emc t l(1) m a n pages
A d d i t i o n a l i nfo rmation may be ava i l a b l e in t h e c h a pter o n m a na g i n g serv i ces with
syst emd i n the Red Hat Enterprise Linux System Administrator's Guide for Red H a t
E n te r p rise L i n u x 7, w h i c h ca n be f o u nd a t
h ttp: //docs.re d h at.com /
•
204
R H1 24-R H E L7 e n -1 - 2 0 1 40606
-
-
-
Practice: U s i n g sys t e m c t l to M a n a g e Services
-
-
P ra ct i ce: U s i n g sys t emc t l to M a n a g e
S e rvi ces
-
Guide d exercise
-
I n t h i s l a b, you w i l l m a n a g e a service u n it t h a t is a l ready i nsta l l ed on t h e system.
Outcomes:
-
The c h r o nyd service i s d i s a b l ed and no l o n g e r r u n n i n g o n t h e syste m .
Before you begin. . .
-
Reset yo u r s e rverX syste m.
0 1.
O b s e rve t h e res u l ts o f sys t e mc t l r e s t a r t a n d sys t emc t l r eload c o m m a nds.
0 1 .1 .
-
-
[student@serverx -]$
[student@serverX -]$
-
0 1.3.
-
0 2.
-
0 3.
0 4.
I
[ student@serverX -]$
[ student@serverX -]$
[student@serverX -]$
sudo syst ernct l s t a t u s c h r onyd
sudo sys ternctl s t op c h ronyd
sudo syst ernct l s t a t u s c h ronyd
Dete r m i n e i f t h e ch ronyd service i s e n a b l e d to start at system boot.
j
!
0 5.
sudo systernctl reload sshd
sudo systernctl status sshd
Stop t h e c h r o nyd service a n d view t h e status.
!
-
s u d o systernc t l r e s t a r t sshd
sudo systernct l s t a t u s sshd
Verify that the c h r o nyd service i s r u n n i n g .
-
-
s u d o systernc t l s t a t u s sshd
Reload t h e sshd service and view t h e status. The p rocess ID of t h e daemon has
not c h a n g ed a n d c o n n ect i o n s have n ot been interru pted.
[student@serverx -]$
[student@serverx -]$
-
-
[ student@serverx -]$
0 1.2. Restart t h e s s h d service and view t h e stat us. The p rocess ID of t h e daemon has
changed.
-
-
D i s p l ay t h e status o f t h e s s h d s e rvice. N ote t h e process I D o f t h e d a e m o n .
[ student@serverx -]$
sudo systernct l is - enabled c h ronyd
Reboot t h e system, t h e n view t h e sta t u s of t h e c h ronyd servi ce.
[student@serverX -]$
sudo syst e rn c t l status c h ronyd
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
205
-
-
C h a pter 8. C o n t ro l l i n g Services a n d D a e m o n s
-
D 6.
Disa b l e t h e c h r o nyd service so t h a t it d o e s n ot s t a r t at system b o o t , t h e n v i ew t h e
sta t u s of t h e s e rv i ce.
[student@serverX -)$
[ student@serverx -]$
D 7.
sudo systemc t l disable c h ronyd
sudo syst emc t l s t a t u s c h ronyd
-
-
Reboot t h e syste m , t h e n view t h e sta t u s of t h e ch ronyd se rvice.
[ student@serverX -)$
-
sudo systemc t l status ch ronyd
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
206
R H124-R H EL 7-en-1-20140606
-
-
-
-
L a b : Contro l l i n g Services a n d D a e m o n s
-
La b: Co nt ro l l i n g Servi ces a n d D a e m o n s
-
-
Perfor mance checklist
I n t h i s l a b, you w i l l m a n a g e a service u n it t h a t is a l ready i n sta l l ed on t h e system.
-
-
Outcomes:
T h e psacct service i s e n a b l e d and r u n n i n g o n t h e syst e m , and t h e r syslog service i s d i s a b l e d
a n d n o l o n g e r ru n n i n g o n t h e syste m .
Before you begin
•..
Reset your serverX syste m .
-
-
-
-
1.
Sta rt t h e psacct s e rvice.
2.
Config u re t h e psacct s e rvice s o that it sta rts at syst e m boot.
3.
Stop t h e rsyslog s e rvice.
4.
Confi g u re t h e rsyslog s e rvice so that it does not sta rt at syste m boot.
5.
Reboot t h e syst e m , then run lab se rvice s g r ad e to verify t h e confi g u ra t i o n .
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-en-1 -20140606
2 07
-
-
C h a pter 8. Contro l l i n g S e rvices a n d D a e m o n s
-
Solution
-
I n t h i s l a b, you w i l l m a n a g e a service u n it that is a l ready i n sta l l e d on t h e system.
O ut c o m e s :
T h e psacct service i s e n a b l e d and r u n n i n g o n the system , and the r syslog service i s d i s a b l ed
a n d n o l o n g e r r u n n in g o n t h e syste m .
-
Before you begin ...
Reset you r serverX syst e m .
1.
2.
3.
4.
5.
-
S t a r t t h e p s ac c t service.
[ student@serverX
[student@serverX
- ] $ sudo systemc t l s t a r t psacct
- ] $ sudo systemc t l status ps acc t
-
-
Conf i g u re t h e psac c t service so t h a t it starts at system boot.
[student@serverX
[student@serverX
- ] $ s u d o systemctl enable psacct
- ] $ sudo systemct l status psacct
-
Stop the r syslog s e rv ice.
[student@serv erX
[student@serverX
L
.
-
- ] $ s u d o systemctl s t o p r syslog
- ] $ sudo systemctl s t a t u s rsyslog
Config u re t h e r syslog s e rvice so t h a t it does not start at system boot.
[student@serverX
[ student@serverx
-
- ] $ sudo systemct l disable rsy slog
- ] $ sudo systemc t l s t a t u s r syslog
-
Re boot the system, t h e n r u n lab s e rvices g r ade to verify the confi g u ra t i o n .
[student@serverX
-
- ] $ lab se rvices g rade
-
-
-
-
-
208
R H 1 24- R H E L7-en-1-20140606
-
-
-
Solution
-
S u m m a ry
-
I d e nt i fy i n g A u t o m a t i ca l l y Started Syst e m Processes
Determ i n e t h e stat u s of system d a e m o n s and n etwo r k services started by sys t emd.
-
C o n t ro l l i n g System Services
Start, stop, and e n a b l e se rvices u s i n g syst emc t l.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7 - en -1 -20140606
209
I
-
�
,...
.,
.
I
�
I
�
�
�
�
-
210
_....,
�
®
red h at®
TRAINING
C H A PT E R 9
CONFIG U RING AND SECU RING
OPENSSH SERVICE
Overview
Goal
To conf i g u re s e c u re c o m m a n d - l i n e access on remote
systems using O p e n S S H .
Objectives
•
Log i nto a remote system u s i n g ssh to run c o m m a n d s f ro m
a s h e l l p ro m pt.
•
Set u p ssh to a l low sec u re password-free l o g i n s by u s i n g a
p r ivate aut h e nticat i o n key file.
•
C u stomize s s h d confi g u ration to restrict d i rect logins a s
root or to d i s a b l e pa ssword-based authentication.
Sections
•
Acces s i n g t h e Remote C o m m a n d Line with S S H (and
Practice)
Lab
R H1 24- R H E L7-e n-1-20140606
•
Confi g u r i n g SSH Key-based Authentication (and Practice)
•
C usto m i z i n g S S H S e rvice Conf i g u ration (and Practice)
•
Conf i g u r i n g a n d S e c u r i n g O p e n S S H Service
211
-
-
C h a pter 9. Config u r i n g a n d Secu r i n g O p e n S S H Service
-
Access i n g t h e Re m ote Co m m a n d L i n e wit h
SS H
-
-
Objective
Aft e r c o m p l e t i n g t h i s sect i o n , st u d e nts s h o u l d be a b l e to l o g i n to a re mote system u s i n g s s h to
r u n com m a n d s from a s h e l l p ro m pt.
-
What is the Ope n SS H secure shell (SS H ) ?
T h e term O p e n S S H refers t o t h e softwa re i m p l e m e ntation o f t h e S e c u re S h e l l software used
i n t h e syste m . The O p e n S S H S e c u re S h e l l , ssh, is used to s e c u r e l y r u n a s h e l l o n a re mote
syste m . I f you have a u s e r account o n a re mote L i n u x syste m p rovi d i n g SSH services, ssh i s t h e
c o m m a n d n o r m a l l y used to remote l y l o g i nto t h a t syste m . T h e s s h com m a n d can a l s o b e used to
run an i n d i v i d u a l com m a n d o n a re mote system.
-
-
Secure Shell examples
-
H e re a re s o m e exa m p les of s s h com m a n d synta x for remote l o g i n a n d remote exe c u t i o n :
C reate a remote i n teractive s h e l l a s t h e cu rrent u s e r, t h e n ret u r n to yo u r prev i o u s s h e l l w h e n
d o n e with t h e exit co m m a n d .
-
[student@host - ] $ s s h remotehost
student@remotehost ' s password :
[ student@remotehost - ] $ exit
Connection to remotehost closed .
[ student@host - ] $
r ------------------- ------ -
-
-
C o n n ect t o a remote s h e l l a s a d iffe rent user ( remo t e u s e r ) o n a s e l ected host ( remo t ehos t ) :
[ student@host - ] $ s s h remoteu s er@remotehost
remoteuser@remotehost ' s password :
[ remoteuser@remotehost - ] $
-
L ____ _ _____,
•
Execute a s i n g l e co m m a n d (host name) on a re mote host ( r emot ehos t ) a n d as a remote u s e r
( r emot e u s e r ) i n a w a y t h a t ret u r n s t h e output to t h e loca l d i s p l ay:
i
[ student@host - ] $ s s h remoteuse r@remotehost
remoteuser@remotehost ' s password :
remotehost . example . com
[student@host - ] $
i
L_ _,_�--�
�
�
-
h o s t n ame
-
!
-�----1
-
-
T h e w com m a n d d i s p l ays a l i st of u s e rs c u rrent l y l o g g e d i n to t h e computer. T h i s is e s p e c i a l l y
u s ef u l t o show w h ich u s e rs a re l o g g e d i n u s i n g s s h from w h i c h remote locations, a n d w h a t they
a re d o i n g .
[ student@host
USER
TTY
student ttyl
tty6
root
212
-]$
FROM
:0
w
-f
LOGIN@ IDLE JCPU PCPU WHAT
Wed0B 2days 1 : 52m 0 . 07s pam : gdm-passwo
12 : 33 4 : 14m 16 . 27s 15 . 74s -bash
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
S S H host keys
student
student
student
visitor
-
-
pts/0
pts/1
pts/3
pts/6
:0.0
:0.0
:0.0
server2 . example .
Wed08 5 : 11
Wed08 43 : 44
Wed14 0 . 00s
09 : 22 3 : 14
1 . 63s
14 . 48s
0 . 06s
0 . 02s
1 . 60s /usr/bin/gnome13 . 81s vim hello . c
0 . 06s w
0 . 02s - bash
I n t h i s exa m p l e, u s e r student l o g g e d i n o n v i rt u a l conso l e 1 ( t t yl) t h ro u g h t h e g ra p h i c a l l og i n
( : 0) a t a bo u t 08:00 o n Wed nesday. U s e r student c u rre nt l y h a s t h re e p s e u d o-te r m i n a l s o p e n
( p t s / 0 , p t s/1, a n d p t s/3) sta rted by t h e g ra p h i c a l e n v i ro n m ent; t h es e a re a l m ost certa i n l y
term i n a l w i n d ows. I n o n e w i n d ow, student i s e d i t i n g hello . c. U s e r root i s l o g g e d i n o n v i rt u a l
c o n s o l e 6, sta rt i n g at 12:33 today. U s e r visitor l o g g e d i n o n pseu do-te r m i n a l 6 at 09:22 today
from the h ost se rver2.exa m p l e.com (n ote that the name h a s been t r u n cated), proba b l y u s i n g
ssh, a n d h a s been s i tt i n g i d l e a t a s h e l l p ro m p t for t h ree m i n utes a n d 1 4 seconds.
-
-
-
SS H host keys
-
S S H sec u re s com m u n ication t h ro u g h p u b l ic-key e n crypt i o n . W h e n a n s s h c l ient c o n n ects to a n
S S H server, before t h e c l ient l o g s i n , t h e server s e n d s i t a copy of its public key. T h i s i s u se d to
set u p the s e c u re e n c ryption for the com m u n i c a t i o n c h a n n e l and to a u t h e n t icate the se rve r to
the cl ient.
-
The fi rst t i m e a u s e r uses s s h to c o n nect to a particu l a r server, t h e s s h co m m a n d stores t h e
serve r ' s p u b l i c k e y i n t h e user's -/ . s s h / k nown_hos t s f i l e. Every t i m e t h e user c o n n ects after
that. the c l i e n t m a kes s u re it g ets the sa m e p u b l i c key from the server by compa r i n g the serve r ' s
e n t r y i n t h e - / . s s h / known_hos t s f i l e to t h e p u b l ic k e y t h e server s e n t . I f t h e keys do not
match, t h e c l i e nt a s s u m e s that t h e n etwo r k t raffic is b e i n g h ij a c ke d or t h a t t h e server has b e e n
c o m p r o m i s e d , a n d b r e a k s the c o n n e c t i o n .
-
-
-
T h i s m e a n s t h a t if a server's p u b l i c k e y is c h a n g e d ( b e c a u s e t h e k e y was l ost d u e to h a rd
d rive fa i l u re, or re p l aced for some l e g i t i m ate reason), users w i l l need to u pdate t h e i r
-I . s s h / k n own_hos t s f i l es a n d re m ove t h e o l d entry i n ord e r to l o g i n .
-
•
-
Host I Ds a re sto red i n -/ . s s h / kn own_hos t s o n yo u r l oca l c l ie n t syst e m :
I remotehost, 192 . 168 . 0 . 101 ssh- rsa AAAAB3Nzac . . .
I
$ cat -/ . ssh/known hosts
•
ssh_host_dsa_key
ssh_host_dsa_key . pub
-
-
-
Host keys a re stored i n /et c / s s h / s s h_ho s t_key * o n t h e S S H server.
$ ls /etc/ssh/* key*
.::: '·�:"";.
k::SJ
ssh_host_key
ssh_host_key . pub
ssh_host_rsa_key
ssh_host_rsa_key . pub
Note
A n even better a p p roac h i s to a d d e n t r i e s m a tc h i n g a s e rve r ' s
s s h_host_ * key . pub f i l es to u s e r -/ . s s h / known_h o s t s o r t h e system w i d e
/ e t c / s s h / s s h_known_hos t s i n a d va n ce w h e n t h e p u b l i c keys c h a nge. See s s h ­
copy - id(1) for a n adva nced way to m a n a g e S S H keys.
-
-
-
-
R H1 24- R H E L 7-en-1 -20140606
213
-
-
C h a pter 9. Confi g u ri n g a n d S e c u r i n g O p e n S S H Service
-
!1
References
R
lt_ _j
Addit i o n a l i nfo r m a t i o n may be a va i l a b l e i n t h e c h a pter on u s i n g t h e s s h u t i l ity i n t h e
Red Hat Enterprise Linux System Administrator's Guide f o r R e d H a t Enterprise L i n u x 7,
w h i c h c a n b e fo u n d at
http://d o c s . red h a t.com/
s s h (1 ) , w(1 ) , and hos t n ame(1 ) man pages
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
214
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
P ra c t i ce: Access i n g t h e Remote C o m m a n d L i n e
-
-
P ract i ce: Access i n g t h e Re m ote Com m a n d
Line
-
Guided exercise
-
I n t h i s l a b , st udents w i l l l o g into a rem ote system a s d i ffe rent users a n d execute co m m a nds.
Outcomes:
Students w i l l log into a re m ote syste m and execute co m m a n d s with t h e O p e n S S H sec u re s h e l l .
-
D
1.
D 2.
-
-
L o g i n as st u d e n t o n yo u r d esktopX m a c h i n e.
s s h to yo u r serverX m a c h i n e. Accept t h e host key if a s ked. The host key i s recorded o n
o u r l o c a l m a c h i n e t o i d e nt ify the remote m a c h i n e. T h e ssh co m m a n d w i l l fa i l to execute
p ro p e r l y if the re m ote s s h host a p p e a rs to have a d i fferent key than t h e record e d host
key. The host key reco rd s a re stored i n the known_h o s t s file i n t h e . ssh d i rectory i n the
user's h o m e d i rectory o n the l oca l syste m .
[student@desktopX -]$ s s h s tudent@se rve rX
The authenticity of host ' serverX ( 172 . 25 . X . 11 ) ' can ' t be established .
ECDSA key fingerprint is 47 : bf : 82 : cd : fa : 68 : 06 : ee : d8 : 83 : 03 : 1a : bb : 29 : 14 : a3 .
Are you sure you want to continue connecting ( yes/no )? yes
student@serverX ' s password : s t udent
-
-
D 3.
-
R u n t h e w co m m a n d . The o u t p ut of t h e w c l e a r l y i n d i cates we have logged in a s u s e r
student f r o m d e s ktopX.
[student@serverX -]$ - f
11 : 01 : 23 up 1 day, 19 : 10, 1 user, load average : 0, 0, 0
USER TTY FROM
LOGIN@ IDLE JCPU PCPU WHAT
student pts/1 desktopX 11 : 01 0 . 00s 0 . 12s 0 . 09s w
i-- -
w
-
-
!
'-----·---�--��
D 4.
I
j
D 5.
This t i me, ssh to yo u r serverX m a c h i n e a s user roo t .
D 6.
R u n t h e w com m a n d a g a i n . T h i s t i m e , the o u t p u t of t h e w s hows the active c o n n ec t i o n to
the root user a c c o u n t from d e s ktopX.
-
-
-
-
-
-
[student@serverX -] $ exit
[ student@desktopX -] $
:----- -!
-
-
Execute the exit com m a n d to te r m i n ate the s e c u re s h e l l connection.
[student@desktopX -]$ s s h root@serverX
root@serverX ' s password : redhat
[ root@serverx -]#
[ root@serverx -]# - f
11 : 01 : 23 up 1 day, 19 : 10, 1 user, load average : 0, 0, 0
USER TTY FROM
LOGIN@ IDLE JCPU PCPU
w
R H 1 24- R H E L 7-en-1-20140606
21 5
-
-
C h a pter 9. Confi g u r i n g a n d S e c u r i n g O p e n S S H S e rvice
root
D 7.
D 8.
pts/2 desktopX 11 : 09 0 . 00s 0 . 13s 0 . 08s w
D 10.
-
R u n t h e exit to t e r m i n ate t h e secure s h e l l c o n n e c t i o n .
[ root@serverx -]# exit
[student@desktopX -]$
-
There a re different rea sons w h y a remote host m i g ht have l e g i t i m a t e l y c h a n g e d its
host key. O n e co m m o n rea s o n i s w h e n t h e remote m a c h i n e is re p l aced beca u s e of
h a rdwa re fa i l u re, o r rei n sta l l ed. U s u a l l y, it i s a d v i s a b l e to o n l y remove the key e n t ry for
t h e partic u l a r host i n t h e known_ho s t s . In t h i s case, t h e re is o n l y one host e n t ry in the
known_hos t s , so i t can b e removed com p l et e l y. R e m ove t h e known_hos t s f i l e for the
user st u d e nt .
[student@desktopX -]$
D 9.
-
-
-
-
rm -/ . s s h/known_h o s t s
ssh to serverX a s root a g a i n . Accept t h e key, log i n , a n d t h e n exit the sessi o n .
[student@desktopX -]$ s s h root@serverx
The authenticity of host ' serverX ( : : 1 ) ' can ' t be established .
ECDSA key fingerprint is 47 : bf : 82 : cd : fa : 68 : 06 : ee : d8 : 83 : 03 : 1a : bb : 29 : 14 : a3 .
Are you sure you want to continue connecting ( yes/no )? yes
root@serverX ' s password : redhat
[ root@serverx -]# exit
[student@desktopX -]$
-
-
-
-
Use s s h n o n -i nteractive l y to r u n t h e hos t n ame com m a n d on serverX a s r o o t .
[student@desktopX -]$ s s h root@serverx
root@serverX ' s password : redhat
serverX . example . com
�
-
h o s t name
-
-
-
-
-
-
216
R H 1 24- R H E L7-en-1-20140606
-
-
-
Confi g u r i n g S S H Key-based A u t h e n t i c a t i o n
-
Confi g u ri n g SS H Key- based A u t h e nt i cat i o n
-
-
-
-
-
-
-
Objective
After c o m p l et i n g t h i s sect i o n , s t u d e n t s s h o u l d be a b l e to set up S S H to a l l ow s e c u re l o g i n s
w i t h o u t pa sswords b y u s i n g a p rivate a u t h e ntication key f i l e.
SS H key- based authe ntication
U sers c a n a u t h e nticate ssh l o g i n s w i t h o u t a pa ssword by u s i n g public key authentication. s s h
a l l ows u s e rs to a u t h e nt i cate u s i n g a p rivate-p u b l i c key s c h e m e. T h i s m ea n s t h a t t w o keys a re
g e n e rated, a p rivate key a n d a p u b l i c key. T h e p rivate key f i l e is used a s t h e a u t h e ntication
c red e n t i a l , and l i ke a password , m u st be kept s e c ret a n d secu re. T h e p u b l ic key is copied to
syst e m s the user wants to log i nto, a n d i s used to verify the private key. The p u b l i c key does not
need to b e secret. A n SSH server t h a t h a s the p u b l ic key can issue a c h a l l e n g e that can o n l y
b e a n swered b y a system h o l d i n g yo u r private key. As a res u lt, y o u c a n a u t h e nt i cate u s i n g t h e
p resence o f yo u r key. T h i s a l l ows you to a ccess syste ms i n a way t h a t d o e s n ' t req u i re ty p i n g a
password every t i me, but is sti l l s e c u re.
Key g e n e ra t i o n i s d o n e u s i n g the s s h - keygen co m m a n d . T h i s g e n e rates the p rivate key
- I . s s h / id_r s a a n d the p u b l ic key -/ . s s h / id_rs a . pub.
-
Note
D u r i n g key g e n e ra t i o n , t h e re is t h e o pt i o n to specify a pass p h ra s e w h i c h m ust b e
p rovi d e d i n o rd e r to a c c e s s yo u r private key. I n t h e eve n t t h e p rivate k e y i s sto l e n ,
it i s v e r y d i ff i c u l t f o r so m e o n e o t h e r t h a n t h e i s s u e r to u s e it w h e n p rotected w i t h a
p a ss p h rase. T h i s a d d s e n o u g h of a t i m e b u ffer to m a ke a new key p a i r a n d re m ove a l l
refe rences t o t h e o l d keys before t h e p rivate key c a n b e used b y a n attacker w h o h a s
crac ked it.
-
-
-
It i s a l ways wise to pass p h ra s e - p rotect the p rivate key s i n ce the key a l lows a ccess to
ot h e r m a c h i nes. H owever, t h i s m e a n s the p a s s p h rase m u st b e e n t e red w h e n ever the
key i s used, m a k i n g t h e a u t h e nt i c a t i o n p rocess n o l o n g e r password-l ess. This can be
a vo i d e d u s i n g s sh - ag e n t , w h i c h can b e g iven you r pass p h ra s e o n ce at t h e sta rt of the
sess i o n (using s s h - ad d ) , s o it c a n p rovi d e t h e pass p h rase a s needed w h i l e you stay
l o g g e d in.
-
-
For a d d i t io n a l information o n the s s h - agent com m a n d , co n s u l t t h e Red Hat System
Ad m i n istra t i o n G u ide, C h a pt e r 8.2.4.2.: Config u r i n g ssh-agent.
-
-
-
Once t h e S S H keys have bee n g e n e rated, t h ey a re stored by defa u lt i n t h e . ssh/ d i rectory of
you r home d i recto ry. Pe r m i s s i o n s s h o u l d be 600 on t h e private key and 644 o n t h e p u b l i c key.
Befo re key- based a u t h e nticat i o n ca n be u s e d , t h e p u b l i c key needs to be copied to t h e
dest i n a t i o n syst e m . T h i s ca n b e d o n e w i t h s s h - copy - id.
!
I
-
!
[student@desktopX -]$
ssh - copy - id root@desktopY
W h e n t h e key i s copied to a n ot h e r syste m u s i n g s s h - copy - id , it copies t h e
I s s h / id_r s a . p u b f i l e by defa u lt.
-
.
-
-
-
R H 1 24- R H E L 7-en-1-20140606
217
-
-
C h a pter 9. Config u ri n g a n d S e c u r i n g O p e n S S H Service
-
SSH key d e m o n st ra t i o n
•
U s e s s h - keygen to c reate a p u b l i c- p r i vate k e y p a i r.
[student@desktopX - ] $ s s h - keygen
Generating public/private rsa key pair .
Enter file in which to save the key (/home/student/ . ssh/id_rsa) : E n t e r
Created directory ' /home/student/ . ssh ' .
Enter passphrase ( empty for no passphrase) : redhat
Enter same passphrase again : redhat
Your identification has been saved in /home/student/ . ssh/id rsa .
Your public key has been saved in /home/student/ . ssh/id_rsa . pub .
The key fingerprint is :
a4 : 49 : cf : fb : ac : ab : c8 : ce : 45 : 33 : f2 : ad : 69 : 7b : d2 : 5a student@desktopX . example . com
The key ' s randomart image is :
+- - [ RSA 2048 ] - - - - +
I
I
I
I
I
I
I
I
I
.
I
I
I
I
I
I
I
I
I
++ .
o.E
o oo+oo
. = . * * ooo
+- - - - - - - - - - - - - - - - -+
* s
-
-
-
-
-
-
-
•
U s e s s h - c o py - id to copy the p u b l ic key to t h e co rrect location o n a remote system. Fo r
exa m p l e :
[student@desktopX
-
- ] $ ssh - copy - id - i -/ . s s h/id_rsa . pub root@serverX . example . com
-
References
R
Ad d i t i o n a l i nf o r m a t i o n may be a va i l a b l e i n t h e c h a pter o n u s i n g key-based
a u t h e nt i c a t i o n i n t h e Red Hat Enterprise Linux System Administrator's Guide for Red
Hat Enterprise L i n u x 7, which c a n b e fou n d a t
http://d o cs.re d hat.com/
-
-
s s h - keygen(1), s s h - copy - id (1 ) , s s h - agen t (1 ) , s s h - add(1) man pages
-
-
-
-
-
218
R H 1 24 - R H EL 7-en-1-20140606
-
-
P ractice: U s i n g S S H Key- based A u t h e ntication
-
P ra ct i ce: U s i n g S S H Key-based Aut h e n t i ca t i o n
-
-
Guide d exercise
I n t h i s l a b, you w i l l set u p S S H key-ba sed a u t h e nticati o n .
-
O u t c o m es :
Students w i l l set up SSH u s e r key-based a u t h e n t i c a t i o n to i n itiate SSH connections.
-
D
1.
C reate a n S S H key pa i r a s s t udent o n d e s ktopX using no pass p h rase.
[student@desktopX -]$ s s h - keygen
Generating public/private rsa key pair .
Enter file in which to save the key ( /home/student/ . ssh/id_rsa) :
Created directory ' /home/student/ . ssh ' .
Enter passphrase ( empty for no passphrase ) : E n t e r
Enter same passphrase again : E n t e r
Your identification has been saved in /home/student/ . ssh/id rsa .
Your public key has been saved in /home/student/ . ssh/id_rsa . pub .
-
-
-
-
D 2.
Send the S S H p u b l ic key to the s t u d e n t a cco u nt o n s e rverX.
-
-
-
i
-
-
-
D 3.
Enter
[ student@desktopX -]$ s s h - copy - id serverX
The authenticity of host ' serverX ( 172 . 25 . X . 11) ' can ' t be established .
ECDSA key fingerprint is 33 : fa : a1 : 3c : 98 : 30 : ff : f6 : d4 : 99 : 00 : 4e : 7f : 84 : 3e : c3 .
Are you sure you want to continue connecting (yes/no )? yes
/usr/bin/ssh -copy-id : INFO : attempting to log in with the new key ( s ) , to filter
out any that are already installed
/usr/bin/ssh - copy-id : INFO : 1 key ( s ) remain to be installed - - if you are
prompted now it is to install the new keys
student@serverX ' s password : student
Number of key ( s ) added : 1
Now try logging into the machine, with : "ssh ' student@serverX ' "
and check to make sure that only the key( s ) you wanted were added .
R u n the hos t n ame c o m m a n d by u s i n g s s h to d is p l a y the host n a m e of t h e
serverX.exa m p l e.com m a c h i n e without t h e n e e d to e n t e r a password.
[student@desktopX -]$
serverX . example . com
s s h serverX ' ho s t name '
·· ----�-------- -------·____j
-
-
-
-
-
-
R H1 24- R H E L7-en-1-20140606
219
-
-
C h a pter 9. Config u r i n g a n d S e c u r i n g O p e n S S H Service
-
C u sto m i z i n g SS H S e rvice Confi g u rat i o n
-
Objective
Aft e r com p l e t i n g t h i s sect i o n , st u d e nts s h o u l d be a b l e to customize sshd confi g u ra t i o n to rest rict
d i rect log i n s a s root o r to d i s a b l e password-based a u t h e nt i c a t i o n .
-
The OpenSSH server configuration file
W h i l e OpenSS H s e rver confi g u ra t i o n u s u a l l y does not req u i re mod ifica t i o n , a d d it i o na l s e c u rity
m e a s u res a re ava i l a b le.
Va rio u s a s pects of t h e O p e n S S H s e rver c a n be mod ified i n t h e confi g u rat i o n f i l e
/ e t c / s s h / s s hd_config.
Prohibit the root user fro m logging in using SS H
Fro m a secu rity sta n d point. it is a d v i s a b l e to p ro h i b it t h e root u s e r from d i re ct l y l o g g i n g i nto t h e
syste m with s s h .
•
•
T h e u s e r n a m e root exists o n every L i n u x system by defa u lt, so a pote n t i a l attacker o n l y h a s t o
g u ess t h e password , i n stead o f a va l i d u s e r n a m e a n d pa ssword c o m b i n a t i o n .
T h e root user has u n restricted p r i v i l eges.
I #PermitRootLogin yes
By e n a b l i n g t h e p rev i o u s o p t i o n i n t h e / e t c / s s h / s s h d_config config u ra t i o n fi l e a s fo l l ows,
the root user w i l l be u n a b l e to l o g i nto t h e syste m u s i n g the s s h com m a n d after the sshd service
h a s been resta rted:
PermitRootLogin no
I
I
-
-
-
-
-
T h e OpenSSH server h a s a n i ntern a l config u ra t i o n file sett i n g to pro h i b i t a system l o g i n a s user
root. which is comme nted o u t by defa u l t i n t h e / e t c / s s h / s s hd_config f i l e :
i
-
-
-
-
-
T h e sshd service has to be resta rted to p u t the c h a n g es i n to effect:
[ root@serverX
1
--- -�-�---·
I
L
.
-··--·�·---··
.
-
- ] # sys temctl res ta rt s s hd
Another opt i o n is to o n l y a l l o w key-based ssh l o g i n a s root w i t h :
I PermitRootLogin without-password
-
!
Prohibit password authentication using SS H
O n l y a l l o w i n g key-based l o g i n s to t h e remote c o m m a n d l i n e h a s va rious advantages:
S S H keys a re longer than a n average pa sswo rd, which adds s e c u rity.
-
-
•
•
Less effort to i n itiate remote s h e l l access after t h e i n it i a l set u p.
-
T h e re is a n o pt i o n i n t h e / e t c / s s h / s s hd_config confi g u ra t i o n f i l e w h i c h t u r n s o n password
a u t h entication by defa u l t :
220
RH124- R H E L 7-en-1 -20140606
-
-
-
-
P ro h i bit password a u t h e ntication u s i n g S S H
-
-
-
-
-
-
PasswordAuthentication yes
To preve nt password a ut h e n t i c a t i o n , the Pas swo rdAu t h e n t ication option has to be set to no
and the sshd service needs to b e resta rted:
I
PasswordAuthentication no
Keep in m i n d that w h e n ever you c h a n g e the / e t c / s s h / s s hd_config f i l e, the sshd s e rvice h a s
t o be resta rted:
[ root@serverX -]#
systemc t l r e s t a r t sshd
References
s s h(1), s s h d_config(5) m a n pages
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1 -20140606
221
-
-
C h a pter 9. Config u ri n g a n d S e c u r i n g O p e n S S H S e rvice
-
P ra ct i ce: Rest rict i n g SS H Log i n s
-
Guide d exercise
-
I n t h i s l a b , you w i l l e n a b l e a d d ition a l s e c u rity featu res i n O p e n S S H .
Outcomes:
-
Pro h i bit d i rect SSH l o g i n a s root o n serverX; p ro h i bit users from using passwords to l o g i n
t h ro u g h S S H to s e rverX; p u b l i c key a u t h e n t i c a t i o n s h o u l d sti l l b e a l l owed f o r reg u l a r u s e rs.
-
Before you begin ...
Reset t h e d e s ktopX and serverX syste ms.
R u n lab s s h setup o n both des kto p X a n d serverX. T h i s wi l l create a u s e r a ccount ca l l ed
vis i t o r with a password of pas swo r d .
I [student@desktopX -]$ lab s s h s e t u p
[student@serverx -]$
'----
I
������ ·
-
-
��������--'
-
lab ssh s e t u p
....__
D 1.
G e n e rate SSH keys o n desktopX, copy the p u b l i c key to the s t u d e n t account o n serverX,
and verify t h a t t h e keys a re w o r k i n g .
D 1 .1 .
-
G e n e rate t h e S S H keys o n desktopX.
[student@desktopX -]$ ssh - keygen
Generating public/private rsa key pair .
Enter file in which to save the key (/home/student/ . ssh/id_rsa) :
Created directory ' /home/student/ . ssh ' .
Enter passphrase (empty for no passphrase ) : E n t e r
Enter same passphrase again : E n t e r
Your identification has been saved in /home/student/ . ssh/id_rsa .
Your public key has been saved in /home/student/ . ssh/id_rsa. pub .
-
Enter
-
-
-
D 1 .2 .
D 1 .3.
222
Copy t h e S S H p u b l i c k e y to t h e s t u d e n t acco u n t o n serverX.
[student@desktopX -]$ s s h - copy - id serverx
The authenticity of host ' serverx ( 172 . 25 . X . 11) ' can ' t be established .
ECDSA key fingerprint is 33 : fa : a1 : 3c : 98 : 30 : ff : f6 : d4 : 99 : 00 : 4e : 7f : 84 : 3e : c3 .
Are you sure you want to continue connecting ( yes/no ) ? yes
/usr/bin/ssh-copy-id : INFO : attempting to log in with the new key( s ) , to
filter out any that are already installed
/usr/bin/ssh-copy-id : INFO : 1 key ( s ) remain to be installed - - if you are
prompted now it is to install the new keys
student@serverX ' s password : s t udent
Number of key ( s ) added : 1
Now try logging into the machine, with : " ssh ' student@serverX ' "
and check to make sure that only the key ( s ) you wanted were added .
-
-
-
-
-
Verify that key-based SSH a u t h e ntication i s w o r k i n g fo r user student o n serverX.
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
G u i d e d exercise
-
[student@desktopX -]$
[student@serverX -]$
-
D 2.
-
-
-
D 3.
Log i nto t h e s e rverX m a c h i n e a n d o bta i n s u pe r u s e r p r i v i l eg es.
[student@desktopX -]$ s s h
[student@serverX -]$ su Password : redhat
[ root@serverX -]#
As u s e r root, edit / e t c / s s h / s s hd_config o n serverX so t h a t
" Pe r m i t RootLog i n " is u nco m m e nted a n d s e t to " no."
I
-
student@serverX
Confi g u re S S H on serverX to preve nt root l o g i ns.
D 3.1 .
-
s s h s t u de n t @s e rverX
PermitRootLogin no
I [ root@serverx -]#
D 3.2. Resta rt the S S H service on the s e rverX m a c h i ne.
-
D 3.3. Confi r m that root c a n not l o g i n with S S H , b u t s t u d e n t is perm itted to log i n .
-
[ student@desktopX -]$ s s h root@se rverX
Password : redhat
Permission denied, please try again .
Password : redhat
Permission denied, please try again .
Password : redhat
Permission denied ( publickey, gssapi- keyex, gssapi-with-mic, password )
[ student@desktopX -]$ ssh s t udent@se rverX
[ student@serverX -]$
-
-
-
-
-
systemct l r e s t a r t sshd
D 4.
Confi g u re S S H on serverX to p reve nt password a u t h e ntication.
D 4.1 . Edit t h e confi g u ra t i o n f i l e / e t c / s s h / s shd_config as user root so t h a t t h e
" Password A u t h e ntication" e n t ry i s s e t to " no " :
PasswordAuthentication no
-
I [ root@serverX -]#
D 4.2 . Resta rt t h e S S H servi ce.
-
-
-
I
systemc t l r e s t a r t sshd
D 4.3. C o n f i r m t hat vis i t o r ca n not log in u s i n g a password, b u t s t u d e n t i s perm itted
to log in u s i n g the SSH keys c reated e a r l i e r.
[student@desktopX -]$ s s h visitor@serverX
Permission denied ( publickey, gssapi- keyex, gssapi-with -mic ) .
-
-
-
R H 1 24- R H E L 7-en-1-20140606
223
-
-
C h a pter 9. Confi g u r i n g a n d S e c u r i n g O p e n S S H Service
[student@desktopX -]$
[student@serverx -]$
-
s s h s tudent@serverx
-
-
-
-
. .-
-
-
-
-
·-
-
-
-
-
-.
224
RH124- R H E L7 - e n -1 -20140606
-
-
-
-
Lab: Confi g u ri n g a n d S e c u r i n g O p e n S S H Service
-
-
L a b : Confi g u ri n g a n d S ec u ri n g O p e n SS H
S e rvice
-
Perfor mance checklist
-
-
-
I n t h i s l a b, you wi l l a d d secu rity m e a s u res to t h e ssh service.
O utcomes:
Students w i l l set u p S S H keys, confi g u re and exc l u sive l y a l low u s e r key-ba sed a ut h e n t i c a t i o n , a n d
l o c k d o w n t h e O p e n S S H service to p revent t h e root u s e r f r o m l o g g i n g i nto t h e system b y u s i n g
SSH.
Before you begin ...
-
Reset the d e s ktopX and s e rverX systems.
R u n lab s s h setup a s t h e s t u d e n t u s e r o n both desktopX and serverX. T h i s wi l l c reate a user
acco u nt ca l l ed vis i t o r with a password of passwor d.
[student@desktopX -]$
-
[student@serverX
-
-
- ] $ lab s s h s e t u p
U n l ess specified, a l l steps are to b e perfo r m e d a s user vis i t o r .
1.
G e n e rate S S H keys o n d e s k t o p X f o r u s e r v i s i t o r a n d c o p y t h e p u b l ic k e y to t h e visit o r
a c c o u n t on se rve rX.
2.
D i s a b l e ssh l o g i n for t h e root u s e r a n d password-based S S H a u t h e ntication on se rve rX.
3.
Ve rify that user root is not a l l owed to l o g i n to se rve rX by u s i n g s s h , w h i l e user vis itor is w i t h
t h e p rivate key.
-
-
lab s s h s e t u p
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
225
-
-
C h a pter 9. Confi g u ri n g a n d S e c u r i n g O p e n S S H S e rvice
-
Solution
-
I n t h i s l a b , you w i l l add secu rity mea s u res to t h e s s h se rvice.
Outcomes:
-
S t u d e nts w i l l set u p SSH keys, confi g u re and exc l u s ive l y a l l ow u s e r key- based a ut h e n t i c a t i o n , a n d
l o c k down t h e O p e n S S H service to p reve nt t h e root u s e r from l o g g i n g i nto t h e syste m b y u s i n g
SSH.
-
Before you begin. . .
Reset t h e d e s ktopX a n d s e rverX syst e m s .
-
R u n l a b s s h s e t u p a s t h e s t u d e n t u s e r on both desktopX a n d s e r v e r X . T h i s w i l l c reate a user
account ca l l e d visit o r with a password of passwo r d .
[student@desktopx
[ student@serverx
-
- ] $ lab s s h s e t u p
-
- ] $ lab s s h s e t u p
-
U n l ess specified, a l l steps a re to be p e rformed a s user visi t o r .
1.
G e n e rate S S H keys o n d e s ktopX f o r u s e r v i s itor a n d copy t h e p u b l i c key t o t h e vis i t o r
acco u n t o n se rve rX.
1 .1 .
G e n e rate a S S H p u b l i c key o n d e s ktopX a s u s e r visitor.
�i sitor@desktopX
-
- ] $ s s h - keygen
-
1 .2 . I nsta l l the SSH p u b l i c key g e n e rated p rev i o u s l y o n d e s kto p X to t h e visit o r acco u n t o n
serve r X .
[visitor@desktopX - ] $ s s h - copy - id serverX
The authenticity of host ' serverx ( 172 . 25 . X . 11) ' can ' t be established .
ECDSA key fingerprint is xx : xx : xx : xx : xx : xx : xx : xx : xx : xx : xx : xx : xx : xx : xx : xx .
Are you sure you want to continue connecting ( yes/no )? yes
/usr/bin/ssh-copy-id : INFO : attempting to log in with the new key( s ) , to filter
out any that are already installed
/usr/bin/ssh -copy-id : INFO : 1 key ( s ) remain to be installed - - if you are
prompted now it is to install the new keys
visitor@serverX ' s password : passwo rd
Number of key ( s ) added : 1
Now try logging into the machine, with : " ssh ' visitor@serverX ' "
and check to make sure that only the key ( s ) you wanted were added .
2.
Disa b l e s s h l o g i n for t h e root u s e r a n d password-based S S H a ut h e nt i c a t i o n on serverX.
2 .1 . Log i nt o t h e s e rverX v i rt u a l m a c h i n e a s user root.
!
226
[visitor@desktopX
-
-
-
-
-
-
-
-
- ] $ ssh root@serverX
-
R H 1 24- R H E L 7-en-1-20140606
-
-
-
Solution
-
2 . 2 . Custo m i z e t h e s s h s e rvice o n serverX by d i sa b l i n g S S H c o n n e c t i o n s for t h e u s e r root
a n d o n l y a l l ow key- based l o g i n.
-
Set t h e n ecessa ry config f i l e para m et e rs i n / e t c / s s h / s s hd_config:
-
PermitRootLogin no
PasswordAuthentication no
-
2.3. Restart t h e s s h d service o n serve rX.
I
i
I
-
3.
-
-
-
-
-
-
-
-
[ root@serverx -]#
systemctl r e s t a r t sshd
Ve rify that user root i s n ot a l l owed to l o g i n to serverX by using s s h , w h i l e user v i s itor i s with
t h e p rivate key.
3.1 . O n a d iffe rent term i n a l w i n dow on d e s ktopX, va l idate that u s e r root ca n not con nect to
s e rverX w i t h t h e s s h com m a n d . I t s h o u l d fa i l beca use we d i s a b l e d root l o g i n s with t h e
ssh se rvice.
[visitor@desktopX - ] $ s s h root@serverx
Permission denied ( publickey, gssapi- keyex, gssapi-with-mic ) .
3.2. Try l o g g i n g i n a s user student to se rve r X from d e s ktopX by u s i n g ssh. I t s h o u l d fa i l
because we d i d n ot a d d t h e p u b l i c key from t h a t u s e r t o t h e student acco u nt o n t h e
serverX m a c h i ne.
[visitor@desktopX - ] $ s s h st udent@se rverx
Permission denied ( publickey, gssapi- keyex, gssapi-with-mic ) .
3.3. Ve rify t h e s s h service i s sti l l accept i n g key-based a ut h e ntication by su ccessf u l l y
connect i n g t o serve r X a s user visitor w i t h t h e s s h c o m m a n d .
[visitor@desktopX - ] $
[visitor@serverX - ] $
s s h visito r@serverX
-
-
-
-
-
-
-
-
RH124- R H E L 7-en-1 -20140606
227
-
-
C h a pter 9. Confi g u r i n g a n d S e c u r i n g O p e n S S H Service
-
S u m m a ry
-
Access i n g t h e Remote Co m m a n d Line with S S H
T h e O p e n S S H s e rvice i s t h e sta n d a rd software to s e c u r e l y access t h e re mote c o m m a n d
l i ne.
-
Config u r i n g S S H Key-based A u t h e ntication
U t i l i z i n g key- based S S H a u t h e ntication adds a d d i t i o n a l secu rity to re m ote syste m s
a d m i n i st ra t i o n .
Custo m i z i n g S S H S e rvice Confi g u ration
The confi g u ra t i o n of t h e OpenSSH s e rvice, sshd, c a n be c h a n g e d by editing t h e f i l e I
etc/ssh/s s h d_co nfig a n d resta rt i n g t h e service w i t h systemct l .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
228
R H 1 24- R H E L7 - e n -1-20140606
-
-
®
red h at
®
TRAINING
CHAPTER 10
ANALYZ ING AND STORI NG LOGS
Overview:
Goal
To l ocate a n d a c c u rately i nterp ret re levant system log f i l e s
for troubleshooting p u rposes.
Objectives
•
Describe the basic syslog arch itect u re in Red H a t
E nterprise L i n u x 7.
•
I nterpret e ntries i n re levant sys log files to tro u b l e s hoot
pro b l e m s or review system stat us.
•
F i n d a n d i nterpret l o g entries i n t h e systemd journal to
tro u b l e s h oot p ro b l e m s or review system status.
•
C o n f i g u re systemd-j o u r n a l d to store its j o u r n a l o n d i s k
rat h e r t h a n i n memo ry.
•
M a intain a c c u rate time synchronization a n d t i me zone
config u ra t i o n to e n s u re correct ti mesta m ps in system
logs.
Sections
Lab
R H1 24- R H E L7-e n-1-20140606
•
System Log A rchitectu re (and Practice)
•
Review i n g Syslog F i l e s (and P ractice)
•
Reviewi n g systemd J o u r n a l E ntries (and Practice)
•
Prese rving t h e systemd J o u r n a l (and Practice)
•
M a i nt a i n i n g Acc u rate Time (and Practice)
•
A n a l y z i n g a n d Sto r i n g Logs
229
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
-
Syst e m Log A rc h itect u re
-
Objectives
-
After co m p l e t i n g t h i s sect i o n , stu d e n t s s h o u l d be a b l e to describe t h e b a s i c sys l og a rc h itect u re i n
Red H a t E n t e r p r i s e L i n u x 7.
-
Syste m logging
Processes a n d t h e opera t i n g syst e m ke r n e l need to be a b l e to reco rd a l o g of eve nts t h a t h a p p e n .
T h e s e l o g s c a n be usef u l f o r a u d i t i n g t h e syst e m a n d t ro u b l es h o o t i n g p ro b l e ms. B y conve n t i o n ,
t h e /var / l o g d i rectory is w h e re t h e s e l o g s are persistent l y stored.
A sta n d a rd l o g g i n g system based o n the Sys l o g p rotocol i s b u i l t into Red Hat E nterprise L i n u x .
M a ny p ro g ra m s u s e t h i s system to record events a n d o rga n i ze t h e m i n t o l o g f i l es. I n R e d H a t
Enterprise L i n u x 7, sys l o g messages a re h a n d l e d b y t w o servi ces, syst emd - j o u r nald a n d
r syslog.
The systemd - j o u r n ald d a e m o n prov i d e s a n i m p roved log m a n a g e m e n t service that col l ects
messages from t h e ke r n e l , t h e ea r l y sta g e s of the boot process, sta n d a rd o u t p u t a n d error of
d a e m o n s as t h ey start up a n d r u n , a n d sys log. It w rites these messages to a structu red j o u r n a l
o f eve nts t hat, by defa u lt. d o e s n o t persist between reboots. T h i s a l l ows sys l o g messages a n d
eve nts w h i c h a re m issed by sys log to b e co l l ected i n o n e c e n t ra l d a t a b a se. T h e sys l o g messages
a re a l so forwa rded by syst emd - j o u r nald to r syslog for further process i n g .
-
-
-
-
-
-
The r syslog s e rvice t h e n sorts t h e sys l o g messages by t y p e ( o r fa c i l ity) a n d priority, a n d w r ites
them to persistent files i n the /va r /log d i rectory.
-
The /var /log d i rectory h o l d s va r i o u s system- a n d service-specific log f i l es m a inta i n e d by
r syslog:
-
Overview o f system log files
Log f i l e
P u rpose
/va r /log/mes s ages
M ost sys l o g messages a re l o g g e d h e re. T h e exce pt i o n s a re
messages rel ated to a ut h e nt i c a t i o n a n d e m a i l p rocess i n g , t h a t
period i ca l l y r u n j o b s , a n d t hose w h i c h a re p u r e l y d e b u g g i n g re lated.
/va r /log / s e c u r e
The l o g f i l e for secu rity a n d a u t h e n t i c a t i o n - re l ated m e s s a g e s a n d
e r rors.
/var/log/maillog
The log f i l e w i t h m a i l server-re l ated messages.
/va r/log/ c r o n
The l o g f i l e re l ated to p e r i o d i ca l l y executed t a s ks.
/va r /log/boot . log
Messages re l a ted to syst e m sta r t u p a re logged h e re.
-
-
-
-
-
-
-
230
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
System l o g g i n g
-
-
R
References
syst emd - j o u r nald . s e rvice(8), r syslogd(8), a n d r syslog . conf(5) m a n pages
-
A d d it i o n a l i nfo r m a t i o n may b e ava i l a b l e in the Red Hat Enterprise Linux System
Administrator's Guide for Red H a t Enterprise L i n u x 7, w h i c h c a n be fo u n d a t
http://d o c s . re d hat.com/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
231
-
-
C h a pte r 1 0. A n a l yz i ng a n d Sto r i n g Logs
-
P ract ice: Syste m Log g i n g Co m p o n e nts
-
Quiz
-
Match t h e fo l l o w i n g items to t h e i r cou nterparts i n t h e t a b l e.
I
/va r/ l o g
I
-
/va r/ l og/boot. l o g
/va r/l og/m e s s a g e s
/va r/ l o g /m a i l l o g
/va r/ l og /c ro n
-
/va r/l og/sec u re
-
P u rpose
Log fi l e
-
-
M ost sys l o g m e s s a g e s a re l og g e d h e re.
The exc e pt i o n s a re m es s a g e s re l ated to
a u t h e nt icat i o n , e m a i l p rocess i n g , a n d t h a t
p e r i o d i ca l l y r u n j o bs , o r t h ose w h i c h a re
p u re l y d e b u g g i n g - re l a t e d .
-
-
-
T h e l o g f i l e for s e c u rity a n d a ut h e nt i cat i o n re l a ted m e s s a g e s a n d e r rors.
-
T h e d i rect o ry to w h i c h r sy s l o g is w r i t i n g
a l l t h e l o g f i l es.
-
-
T h e l og fi l e w i t h m a i l s e rv e r - re l ated
m essa g e s .
-
T h e l o g f i l e re l a t e d to p e r i o d i ca l l y exe c u t e d
t a s ks.
-
-
M essages re l ated to syst e m sta rt u p a re
l og g e d h e re.
-
-
232
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
Sol ution
-
Solution
-
-
M a t c h t h e fo l l ow i n g ite m s to t h e i r c o u nte r p a rts i n t h e ta b l e.
Pu rpose
Log f i l e
M ost sys l o g messa g es a re l og g e d h e re.
T h e exce p t i o n s a re m e s s a g e s re l ated to
a u t h e n t i c at i o n , e m a i l p rocess i n g , a n d t h a t
p e r i o d i ca l l y r u n j o bs, o r t h os e w h i c h a re
p u re l y d e b u g g i n g - r e l a t e d .
/va r/I og/messages
T h e l o g f i l e for s e c u rity a n d a u t h e nt i ca t i o n re l at e d m essa ges a n d e r ro rs.
/va r/l og/s e c u re
T h e d i rectory to w h ic h r s y s lo g is w r i t i n g
a l l t h e l o g fi l es.
/va r/ l o g
T h e l o g f i l e w i t h m a i l se rve r - re l ated
messages.
/va r/ l o g /m a i l l o g
T h e l o g f i l e re l a te d to p e r i o d i ca l l y executed
t a s ks.
/va r/ l o g /c ro n
M es s a g e s re l ated to syst e m sta rt u p a re
l og g e d h e re.
/va r/ l o g /boot. l o g
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7·en-1-20140606
233
-
-
C h a pter 1 0. A n a l yz i n g a n d Sto r i n g Logs
-
Rev i ew i n g Sys l og F i l es
-
Objectives
-
Aft e r com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to i nt e r p ret e n t r i e s i n re l eva nt sys l o g f i l e s
to t r o u b l e s hoot prob l e m s o r review syst e m sta t u s .
-
Syslog files
M a n y p ro g ra m s use t h e sys/og p rotoc o l to log eve nts to t h e syst e m . Each l o g m essage is
categorized by a fa c i l ity (t h e type of m essage) a n d a priority (the seve rity of t h e messa g e). The
fac i l ities which a re ava i l a b l e a re d o c u m e nted by t h e r syslog . conf(5) man page.
-
-
T h e e i g h t p r i o rities a re a l so sta n d a rd i zed a n d ra n ked as fo l l ows:
Overview o f syslog priorit ies
-
Code
P r i o rity
Severity
0
e m e rg
Syst e m is u n us a b l e.
1
a l e rt
A c t i o n m u st be taken i m m e d iate l y.
2
crit
C r itica l condition.
3
err
N o n - c r i t i ca l e r ro r c o n d i t i o n .
4
wa r n i n g
Wa r n i n g c o n d i t i o n .
5
notice
N o r m a l but s i g n ifica nt eve nt.
6
i nfo
I nfo r m a t i o n a l event.
7
debug
D e b u g g i n g - l ev e l message.
-
-
-
-
T h e rsys l o g d service uses t h e fac i l ity and p r i ority of l og messages to d ete r m i n e how to
h a n d l e t h e m . This is config u red by the fi l e /et c / r syslog . conf a n d by * . conf f i l e s in
/et c / r syslog . d. P rog ra m s and a d m i n i s t rators can c h a n g e r syslogd config u ration i n a way
t h a t w i l l n ot be ove rwritten by u pdates to r syslog by putt i n g customized fi l es with a .conf s u ffix
i n t h e /et c / r syslog . d d i recto ry.
-
T h e #### RU LES #### sect i o n of / e t c / r syslog . conf conta i n s d i rectives t h a t defi n e w h e re
log messages a re saved. The l eft s i d e of e a c h l i n e i n d icates t h e fa c i l ity a n d severity of t h e l o g
m e s s a g e t h e d i rect ive matches. T h e rsys l o g .conf f i l e can conta i n t h e c h a racter * a s a w i l d ca rd
in t h e fa c i l ity a n d seve rity f i e l d , w h e re it e i t h e r sta n d s for a l l fa c i l ities or a l l severities. The r i g h t
s i d e of e a c h l i n e i n d i cates w h a t f i l e to s a v e t h e l o g message i n . Log m e s s a g es a re n o r m a l l y saved
in f i l e s in the /var /log d i rectory.
-
-
-
-
Note
Log f i l e s a re m a i nta i n e d by t h e r syslog servi ce, a n d t h e /var /log d i rectory conta i n s
a va riety o f l o g f i l e s specific to certa i n services. For exa m p l e, t h e A p a c h e W e b Server
or Samba w r ite their own log fi l es i nto a corres p o n d i n g s u b d i rectory of t h e /var /log
d i recto ry.
-
-
-
234
R H 1 24- R H E L7-en-1-201 40606
-
-
-
-
S a m p l e r u l es section of r syslog . conf
-
-
A messa g e h a n d l e d by r syslog c a n appear i n m u l t i p l e d iffe rent l o g f i l es. To p reve nt t hat, the
seve rity field c a n b e set to none, which means that none of t h e messages d i rected to t h is fac i l ity
a re a d d e d to the s pecified log f i l e.
-
I n stead of l o g g i n g sys l o g messages to a f i l e, t h e y c a n be p r i nted to t h e te r m i n a l s of a l l logged-in
users. In t h e defa u l t r syslog . conf f i l e, this i s d o n e for all messages t h a t have " e m e rg " p r i o rity.
Sample rules section of r syslog . conf
-
#### RULES ####
# Log all kernel messages to the console .
# Logging much else clutters up the screen .
#kern . *
# Log anything ( except mail) of level info or higher .
# Don ' t log private authentication messages !
* . info ; mail . none ; authpriv . none ; cron . none
# The authpriv file has restricted access .
authpriv . *
# Log all the mail messages in one place .
mail . *
-
-
-
-
-
-
-
i
-
-
-
�---
/dev/console
/var/log/messages
/var/log/secure
-/var/log/maillog
# Log cron stuff
cron . *
Ivar /log/cron
# Everybody gets emergency messages
* . emerg
: omusrmsg : *
# Save news errors of level crit and higher in a special file .
uucp, news . crit
/var/log/spooler
# save boot messages also to boot . log
local? . *
/var/log/boot . log
Note
The r syslog . conf file is d o c u m e nted by the r syslog . conf(5) man page and by
extensive H T M L d o c u mentation in / u s r I s h are/doc / r syslog - * /manual . h t ml
conta i n e d i n t h e rsyslog-doc, w h i c h i s ava i l a b l e from t h e Red H a t E n t e r p r i s e L i n u x 7
softwa re c h a n n e l , b u t not i n c l uded o n t h e i n sta l l at i o n m e d i u m .
-
-
-
Log file rotation
Logs are " rotate d " by t h e log r o t a t e u t i l ity to keep t h e m from fi l l i n g u p t h e fi l e system
conta i n i ng /var /log/. W h e n a l o g file is rot a t e d , it i s re n a m e d with a n exte n s i o n
i n d i cat i n g t h e d a t e o n w h i c h it w a s rotated: t h e o l d /var /log/me s s ag e s f i l e m a y become
/var /log/mes s ag e s - 20141030 if it is rotated o n Octo b e r 30, 2014. O n ce the old l o g fi l e i s
rotated, a new l o g fi l e i s c reated a n d the s e r v i c e t h at w rites to it is notified.
-
After a certa i n n u m be r of rota t i o n s , typica l l y after fo u r weeks, the o l d l o g fi l e i s d i scarded to free
d i s k spa ce. A cron job r u n s the l o g rotate p rog ra m d a i l y to see if a ny logs need to b e rotated. Most
-
-
-
R H 1 24- R H E L 7-en-1-20140606
235
C h a pte r 1 0. A n a l y z i n g a n d Sto r i n g Logs
l o g f i l es a re rotated w e e k l y, b u t log rotate rotates some fa ster, o r s l ower, o r when t h ey rea c h a
certa i n s ize.
Confi g u rat ion of l o g rotate is n ot cove red in t h i s cou rse. Fo r m o re i nfo rmat i o n , see t h e
log rotate(8) m a n page.
Analyze a syslog entry
The system l o g s written by r syslog sta rt with t h e o l d est message on top a n d t h e newest
message at the end of the l o g f i l e. A l l l o g entries in log files m a n a g ed by r syslog a re recorded
in a sta n d a rd format. T h e fo l l owing exa m p l e w i l l e x p l a i n t h e a n atomy of a l o g f i l e m e s s a g e in the
/va r/log/ sec u re log f i l e :
C» Feb
11 20 : 11 : 48 E> 1ocalhost
172 . 25 . 0 . 10 port 59344 ssh2
_
i --- - - -
ct
E>
sshd [1433] :
C>
Failed password for student from
-
--·---·--- ·-�,
-
The t i m e sta m p w h e n t h e log e n t ry was record e d .
E)
The host from w h i c h t h e log message was sent.
()
The act u a l message sent.
E)
-
-
The progra m or p rocess that sent t h e log message.
Monitor a log file with t ail
-
I t is especia l l y h e l pf u l for re p rod u c i n g p ro b l e m s a n d issues t o m o n itor o n e o r m ore l o g f i l e s for
events. The t ail - f /pat h / t o/file co m m a n d o u t puts the l a st 1 0 l i nes of the f i l e specified
a n d cont i n ues to o u t p u t new l i nes a s t h ey get w ritte n to t h e m o n itored file.
To monitor for fa i l e d login attem pts o n o n e term i n a l , r u n s s h a s user root w h i l e a u s e r tries to
log i n to t h e serverX m a c h i n e :
[ root@serverX -]$ t ail f /var/log/secure
Feb 10 09 : 01 : 13 localhost sshd [2712] : Accepted password for root from 172 . 25 . 254 . 254
port 56801 ssh2
Feb 10 09 : 01 : 13 localhost sshd [2712] : pam�unix( sshd : session ) : session opened for user
root by ( uid=0)
-
-
-
-
Send a syslog message with l o g g e r
-
-
The logge r co m m a n d c a n s e n d messages to t h e r syslog se rvice. By defa u l t . it s e n d s t h e
message to t h e fa c i l ity u s e r with severity notice ( u s e r . not ice) u n less specified o t h e r w i se w i t h
t h e - p opt i o n . I t i s especia l l y usefu l to test c h a n g es to t h e r syslog confi g u ra t i o n .
-
-
To send a m e s s a g e to r sy s logd t h a t g e t s recorded i n t h e / v a r /log/boot . l o g l o g f i l e,
execute:
i
[ root ; @serverX
- ] $ logger -p local7 . notice " Log e n t r y c reated on s e rverX"
-
-
236
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
S e n d a sys log message w i t h logge r
-
-
-
R
References
logge r (1), t ail(1 ), rsyslog . conf(5), a n d log r o t ate(8) m a n pages
r syslog M a n u a l
/ u s r /share/doc / r syslog - * /manual . h t m l p rov i d e d b y t h e rsys/og-doc
package
•
-
-
A d d i t i o n a l i n fo r m a t i o n m a y b e a va i l a b l e in t h e Red Hat Enterprise Linux System
Administrator's Guide fo r Red H a t Enterprise L i n u x 7, w h i c h c a n be fou nd a t
htt p://docs.re d h at.co m /
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
237
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
-
P ra ct i ce: Fi n d i n g Log E nt ries
-
Guided exercise
-
I n t h i s l a b, you w i l l reconfig u re r syslog to write specific messages to a new l og f i l e.
-
Outcomes:
The r syslog service writes a l l messages with prio rity debug to t h e
/var /log/messages - de bu g l o g f i l e f o r tem pora ry t rou b l es h o o t i n g p u rposes.
D 1.
Config u re rsyslog o n serverX to log a l l messages with severity d e b u g i n t h e n e w l y
c reated l o g f i l e /va r/log/messages - de bug b y a d d i n g t h e r syslog confi g u ra t i o n f i l e
/ e t c / r syslog . d/debug . c o n f . Ve rify t h a t a g e n e rated d e b u g l o g message w i t h t h e
logge r com m a n d a r rives i n t h e /va r/log/message s - d e b u g l o g f i l e.
-
D 1 .1 .
-
C h a n g e t h e r syslog config u ration t o l o g a l l m e s s a g es w i t h severity
d e b u g to /va r/log/me s s ages - de b u g o n serverX by a d d i n g t h e
/ e t c / r syslog . d / d e b u g . c o n f f i l e.
[ root@serverx
D 1 .2.
-
Restart t h e rsys log s e rvice on se rve rX.
i [ root@serverx - ] # systemctl r e s t a r t
�
--�- -----���-
rsyslog
- -·
----�-- ---
------- -�-�-----]
G e n e rate a d e b u g l o g message w i t h t h e logge r com m a n d a n d verify that t h e message
gets l o g g e d to t h e l o g f i l e /va r /log/me s s ages - de b u g w i t h t h e t ail co m m a n d o n
serverX.
D 2 .1 .
-
-
-
M onitor t h e /var /log/messages - debug w i t h t h e t ail c o m m a n d o n serverX.
l
I
l
[ root@serverx
-
- ] # t ail - f /var/log/message s - debug
D 2.2. O n a s epa rate term i n a l w i n dow, u s e t h e log g e r c o m m a n d to g e n e rate a d e b u g
message o n se rve rX .
,
i
[ root@serverx
.------�-----------··
!
··- -- ---
-------�
- ] # logger - p u s e r . debug " De b u g Message Tes t "
D 2.3. Switch b a c k to t h e t e rm i n a l st i l l r u n n i n g t h e t ail - f /var /log/messages ­
debug co m m a n d a n d verify t h e message sent w i t h t h e log g e r com m a n d s h ows
u p.
[ root@serverx - ] # t ail - f /var/log/message s - debug
Feb 13 10 : 37 : 44 localhost root : Debug Message Test
238
-
- ] # echo " * . debug /var/log/messages - debu g " >/et c / rsyslog . d/
debu g . conf
D 2.
-
R H 1 24-RH E L 7-e n-1-20140606
-
-
-
-
-
-
-
-
-
Rev i ew i n g syst e m d J o u r n a l Entries
-
Rev i ew i n g syst e m d J o u rn a l E nt ri es
-
-
O bjectives
After com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to f i n d a n d i nterpret l o g e n t r i e s in t h e
syste m d j o u r n a l to trou b l eshoot p ro b l e m s o r review syste m status.
-
-
Finding events with
j o u r n alc t l
The syst e m d j o u r n a l stores l o g g i n g data i n a s t r u c t u re d , i n d exed b i n a ry f i l e. T h i s data i n c l u d es
extra i nfo r m a t i o n a bo u t t h e l o g eve nt. For sys l o g eve nts, t h i s can i n c l u d e t h e fa c i l ity and p r i o rity
of the o r i g i n a l message, for exa m p l e.
-
Important
I n Red Hat E n t e r p r i s e L i n u x 7, t h e sys t e m d j o u r n a l is stored i n / r u n / log by d e fa u lt.
and its contents a re c l e a red after a re boot. This sett i n g can b e c h a n g e d by t h e syste m
a d m i n istra t o r a n d i s d i s c u ssed e l sew h e re i n t h i s cou rse.
-
-
-
The j ou rnalc t l com m a nd s hows the fu l l syst e m j o u r n a l , sta rti n g with the o l d e st log ent ry,
w h e n r u n as root us er :
-
[ root@serverx -)# j ou r nalc t l
Feb 13 10 : 01 : 01 server1 run -parts (/etc/cron . hourly} [8678] : starting 0yum- hourly . cron
Feb 13 10 : 01 : 01 server1 run -parts( /etc/cron . hourly} [8682] : finished 0yum- hourly . cron
Feb 13 10 : 10 : 01 server1 systemd [1] : Starting Session 725 of user root .
Feb 13 10 : 10 : 01 server1 systemd [1) : Started Session 725 of user root .
Feb 13 10 : 10 : 01 server1 CROND [8687] : ( root ) CMD ( /usr/lib64/sa/sa1 1 1}
-
The j ou r nalc t l co m m a n d h i g h l i ghts i n b o l d text messages o f prio rity notice o r wa r n i n g , a n d
messages o f p r i o rity error a n d h i g h e r a re h i g h l i g hted i n red.
-
-
-
The key to s u ccessf u l l y u s i n g t h e j o u r n a l for t ro u b l e s h o ot i n g a nd a u d i t i n g is to l i m it t h e jo u r n a l
searches t o o n l y s h ow re l eva n t output. I n t h e fo l l owi n g pa ra g ra p hs, va r i o u s d i fferent strategies
to red u c e t h e output of j o u rn a l q u e r ies w i l l be i nt ro d u c e d .
By defa u lt. j ou r nalc t l -n s h ows t h e l a st 1 0 l o g e n t ries. I t ta kes a n o pt i o n a l p a ra m eter for h o w
m a n y of t h e l a st l o g e n t r i e s s h o u l d b e d i s p l a y e d . To d i s p l ay t h e l a st 5 l og entri es, r u n :
I [ root@serverX
- )#
j ou rnalctl - n 5
I
-
-
W h e n trou b l es h o ot i n g p ro b l e m s , it is usef u l to fi l t e r t h e output of t h e j o u r n a l by p r i o rity of
t h e j o u r n a l e n t ries. T h e j ou r nalc t l - p takes e i t h e r t h e n a m e or t h e n u m be r of t h e known
prio rity leve l s and s h ows t h e g iven l evels and a l l h i g h e r - l evel e ntries. T h e p riority l eve l s known to
j ou rnalc t l a re d e b u g , i nfo, noti ce, wa r n i n g , e r r, crit. a l e rt. and e m e rg .
To fi lter t h e o u t p u t of t h e j ou r nalc t l co m m a n d to o n l y l i st a ny l o g e n t ry of p r i o rity err o r
a bove, r u n :
--
[ root@serverx -]#
j ou r nalct l - p e r r
-
-
-
R H1 24- R H E L7-e n-1-20140606
239
-
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
-
S i m i l a r to the t ail - f c o m m a n d , j ou r n alc t l - f outputs t h e l a st 1 0 l i nes of t h e j o u r n a l and
conti n u es to output new j o u r n a l entries a s t h ey get w ritten to t h e j o u r n a l .
[ root@serverX -]#
I
I
!
-
j ou r nalctl - f
-
W h e n l o o k i n g for specific events, it is usefu l to l i m i t t h e o u t p u t to a specific t i m e frame. T h e
j ou r nalc t l com m a n d h a s t w o options to l i m i t t h e o u t p u t to a s pecific t i m e ra nge, t h e - since a n d - - u n t il o pt i o n s. Both options take a t i m e para m eter i n t h e format YYYY - MM - DD
hh : mm : s s. I f t h e date is o m itted, t h e co m m a n d a s s u m es t h e date is today, a n d if t h e t i m e part is
o m itted, t h e whole d a y sta r t i n g at 00:00:00 is a s s u m e d . Both options take yes t e r d ay, today,
a n d t omo r row as va l i d p a ra m eters in a d d i t i o n to t h e d a te a n d t i m e f i e l d .
-
-
O u t p u t a l l j o u r n a l entries t h a t got record e d today:
[ root@serverx -]#
-
j ou rnalctl - - since today
-
O u t p u t t h e j o u r n a l entries from 1 0 t h Fe b r u a ry 2014 20:30:00 to 1 3 t h Fe b r u a ry 2014 1 2 : 00:00:
[ root@serverX -]#
I
l
-
j ou r nalc tl - - since " 2014 - 02 - 10 20 : 30 : 00 " - - un t il " 20 14 - 92 - 13 12 : 00 : 00 " I
--
-
-
j
-�
I n a d d i t i o n to t h e vis i b l e content of t h e j o u r n a l , t h e re a re f i e l d s a ttached to t h e log e n t ries that
can o n l y be seen w h e n verbose o u t p u t is t u rn e d o n . All of t h e d i s p l ayed extra fie l d s c a n be used
to f i l t e r t h e output of a j o u r n a l q u e ry. T h i s is usef u l to red uce t h e output of c o m p l ex searches for
cert a i n events i n t h e j o u r n a l .
[ root@serverx -]# j ou r nalctl - o verbose
Thu 2014-02-13 02 : 06 : 00 . 409345 EST [s=0b47abbf995149c191a8e539e18c3f9c ;
i=d2B ; b=lea26e84667848af9a4a2904a76ff9a5 ; m = 4d6878ff5a ; t=4f244525daa67 ;
x=880bc65783036719]
PRIORITY=6
UID=0
_GID=0
_BOOT_ID=1ea26e84667848af9a4a2904a76ff9a5
_MACHINE_ID=4513ad59a3b442ffa4b7ea88343fa55f
_CAP_EFFECTIVE=0000001fffffffff
_TRANSPORT=syslog
SYSLOG_FACILITY=10
SYSLOG_IDENTIFIER=sshd
_COMM=sshd
_EXE=/usr/sbin/sshd
_SYSTEMD_CGROUP=/system . slice/sshd . service
_SYSTEMD_UNIT=sshd . service
_SELINUX_CONTEXT=system_u : system_r : sshd_t : s0 - s0 : c0 . c1023
_HOSTNAME=serverx
_CMDLINE=sshd : root [priv]
SYSLOG_PID=6833
_PID=6833
MESSAGE=Failed password for root from 172 . 25 . X . 10 port 59371 ssh2
_SOURCE_REALTIME_TIMESTAMP=1392275160409345
!-� -�- -------�-
-
-
-
-
-
-
-
-
-
-
A m o n g t h e m o re usef u l o p t i o n s to searc h for l i n e s rel eva nt to a partic u l a r p rocess o r eve nt a re :
-
_CO M M T h e n a m e of t h e c o m m a n d
•
_EX E T h e path to t h e executa b l e for t h e process
240
-
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
F i n d i n g events w i t h j ou r nalc t l
-
-
•
_P I O T h e P I O o f t h e p rocess
•
_U I O The U I O of t h e user r u n n i n g the p rocess
_SYST E M O_U N I T T h e syste m d u n it that sta rted t h e process
-
M o re t h a n one of t h ese can be co m b i n ed. Fo r exa m p l e, the fo l l o w i n g q u ery sh ows a l l j o u r n a l
e n t r i e s re l ated to p rocesses sta rted by t h e syste m d u n it f i l e s s h d . s e rvice, w h i c h a l so h a ve P I O
1 1 82 :
-
[ root@serverX -]#
j ou r nalc t l _SYSTEMD_UNIT=sshd . se rvice _PID=1182
-
Note
-
For a l ist of co m m o n l y u s e d j o u r n a l f i e l d s , cons u l t t h e syste m d .j o u r n a l -f i e l d s(7) m a n
page.
-
-
-
R
References
j ou r nalc t l(1 ) a n d system d .j o u rn a l-fie l d s (7 ) m a n pages
Addi ti o n a l information m a y b e ava i l a b l e i n t h e Red Hat Enterprise Linux System
Administrator's Guide for Red H a t Enterprise L i n u x 7, w h i c h c a n be fou n d at
htt p://docs.redhat.com/
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
241
-
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g L o g s
-
P ra ct ice: Fi n d i n g Eve nts Wit h j o u rn a l ct l
-
Guide d exercise
-
I n t h i s l a b, you w i l l f i l t e r t h e syste m d j o u r n a l for specific c r i t e r i a .
-
Outcomes:
S t u d e nts w i l l p ractice d i s p l ay i n g the syst emd j o u r n a l output m a tc h i n g d ifferent crite r i a .
D 1.
O u t p u t o n l y s y s t e m d j ou r n a l m essages t h a t o r i g i n ate from t h e syst emd p rocess t h a t
a l ways r u n s with p rocess i d 1 o n se rve rX.
I [ root@serverx -]#
D 2.
-
j ou r nalc t l _PID=1
D i s p l a y a l l syst emd j o u r n a l messages t h a t o r i g i nate from a syste m se rvice sta rted with
u s e r i d 81 on serverX.
! [ root@serverx -]#
r----���� ·-������-�--��---.
j ou r nalc t l _UID=81
;
D 3.
Output t h e j o u r n a l m essages w i t h prio rity wa rning and a b ove o n se rverX.
[ root@serverX -]#
r-
!
L__ _���·
D 4.
-
-
-
j ou rnalc t l - p wa rning
-
C reate a j ou r nalc t l q u e ry to s h ow a l l log eve nts record e d i n t h e previous 1 0 m i n utes
o n s e rverX. The co m m a n d a s s u m e s a c u r rent t i m e of 9:1 5 : 0 0.
! [ root@serverx - ] # j ou r nalc t l
,-
D 5.
-
-
- ·-·-- - - -
- - since 9 : 05 : 00 - - u n t il 9 : 15 : 90
-------�
D i s p l a y only t h e eve nts o ri g i n a t i n g from t h e s s hd service with the system unit f i l e
s s h d . se rvice recorded s i n ce 9:00:00 t h i s m o r n i n g o n s e rverX.
I
[ root@serverx -]#
-
-
j ou r nalc t l - - since 9 : 00 : 00 _SYSTEMD_UN IT= " sshd . servic e "
-
-
-
-
-
-
242
R H 1 24- R H E L7 - e n -1-20140606
-
-
-
Preserv i n g t h e syste md J o u r n a l
-
P rese rvi n g t h e syste m d J o u rn a l
-
-
Objectives
Afte r com p l et i n g t h i s sect ion, students s h o u l d be a b l e to confi g u re syst emd - j ou r nald to store
its j o u r n a l o n disk rat h e r than i n m e m o ry.
-
Store the syste m journal per manently
-
-
-
-
By defa u lt, t h e syst e m d j o u r n a l is kept in / r u n /log/j ou r nal, w h i c h m e a n s it i s c l e a red w h e n
t h e system re boots. T h e j o u r n a l is a new m e c h a n i s m i n R e d Hat Enterprise L i n u x 7, a n d f o r most
i n sta l l at i o n s, a d eta i l e d j o u r n a l t h a t starts with the l a st boot is sufficient.
I f t h e d i rectory /va r / log/j o u r nal exists, the j o u r n a l w i l l l o g to t h a t d i rectory i n stea d . The
adva nt a g e of t h is is t h e h isto ric data w i l l be a va i l a b l e i m m e d iate l y a t boot. However, even w i t h
a persiste nt j o u r n a l , n ot a l l data w i l l be k e p t fo reve r. T h e j o u r n a l h a s a b u i l t - i n l o g rota t i o n
mec h a n i s m t h a t w i l l t r i g g e r m o nt h l y. I n a d d i t i o n , by defa u lt, t h e j o u r n a l w i l l not b e a l l owed to get
l a rg e r than 1 0% of the file system it is o n , o r l eave less than 1 5 % of t h e file system f ree. These
va l u e s c a n b e tuned i n /etc/syst emd/j ou r nald . conf, and the c u rre n t l i m its o n t h e size
of t h e j o u r n a l a re logged w h e n t h e syst emd - j o u r n ald process starts, a s ca n b e seen by t h e
fo l l o w i n g com m a n d , w h i c h s h ows t h e top two l i n e s of j ou r nalc t l o u t p u t :
[root@serverX -]# j ou r nalct l I head - 2
-- Logs begin at Wed 2014-03-05 15 : 13 : 37 CST, end at Thu 2014-03-06 21 : 57 : 54 CST .
Mar 05 15 : 13 : 37 serverX . example . com systemd -j ournal [94] : Runtime j ournal is using 8 . 0M
(max 277 . BM, leaving 416 . 7M of free 2 . 7G, current limit 277 . BM ) .
-
-
-
The syste m d j o u r n a l c a n be m a d e persistent by creat i n g t h e d i rectory /var/log/j ou r nal a s
user root:
-
I
-
-
-
-
-
-
I
[root@serverx -]#
mkdir /var/log/j o u r nal
E n s u re t h a t t h e /va r / log/j o u r nal d i rectory is owned by the root u s e r a n d g ro u p syste md­
j o u r n a l , and h a s t h e p e r m i s s i o n s 2755.
[root@serverx -]#
[root@serverx -]#
c hown root : syst emd - j o u rnal /var/log/j ou rnal
chmod 2755 /var/log/j ou rnal
E i t h e r a re boot of the system or s e n d i n g the s p e c i a l s i g n a l USRl a s user root to the syst emd ­
j ou r nald p rocess is req u i red.
I [root@serverx -]#
killall - USR1 systemd - j ou r nald
S i nce t h e systemd j o u r n a l is now persistent a c ross reboots, j ou r nalc t l - b c a n red u ce t h e
o u t p u t by o n l y s h o w i n g t h e l o g m e s s a g e s s i n c e t h e last b o o t of t h e syste m .
[root@serverX -]#
j ou r nalc tl - b
-
R H1 24- R H E L 7 - en -1 -20140606
-
243
-
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
-
Note
W h e n d e b u g g i n g a system c ra s h w i t h a p e rs i stent j o u r n a l , it is us u a l l y req u i re d to
l i m it the j o u r n a l q ue ry to the reboot before the c ra s h h a p pe n ed. The - b o p t i o n can
be acco m p a n ied by a n egative n u m be r i n d icat i n g to how many prior syst e m boots t h e
output s h o u l d b e l i m ited. Fo r exa m p l e, t h e j ou r nalc t l - b - 1 l i m it s t h e o u t p u t t o
the prev i o u s boot.
-
-
-
��-
References
R
-- __j
-
mkd i r (1 ) , syst emd - j o u r nald (1 ), a n d killall(1 ) m a n pages
Add i t i o n a l i nfo r m a t i o n may be ava i l a b l e i n the Red Hat Enterprise Linux System
Administrator's Guide for Red Hat Enterprise L i n u x 7, w h i c h c a n be fo u n d at
http://do cs . r edhat.com/
-
-
-
-
-
-
-
-
-
-
-
-
-
244
R H 1 24- R H E L7 - e n -1-20140606
-
-
-
-
P ractice: Config u re a Persistent systemd J o u r n a l
-
-
P ra ct i ce: Confi g u re a Pe rs i ste nt syste m d
J o u rn a l
-
Guided exercise
-
I n t h i s l a b, students w i l l m a ke t h e syste m d j o u r n a l persistent.
Outcomes:
-
-
The syst emd jou rna l i s writte n to d is k .
D 1.
Config u re t h e systemd j o u r n a l t o be p e rsistent a c ross reboots.
D 1 .1 .
Confi g u re t h e d i rectory /va r/log/j o u r n al on se rve rX.
[ root@serverx -]# m k d i r
[ root@serverx -]# chown
[ root@serverx -]# c hmod
-
/var/log/ j ou rnal
root : systemd - j ou r n al /var/log/j ou rnal
2755 /var/log/ j o u rnal
-
D 1.2.
-
I [ ro ;t@serverX -]#
S e n d the USRl s i g n a l to the syst emd - j ou r nald o r reboot serverX.
!
-
-
-
D 2.
killall - USR1 systemd - j o u rnald
To verify t h e syste md j o u r n a l is persistent, l o o k for a new d i rectory w i t h t h e syste m d
j o u r n a l l o g f i l e s t h a t h a ve b e e n written t o /va r/log / j ou r nal. (The exact f i l e s w h i c h
a p p e a r may va ry on yo u r syste m , but t h e d i rectory s h o u l d have s i m i l a r contents to t h e
fo l l owi ng exa m p l e.)
[ root@serverx -]# ls /var/log/j o u rnal/45 13ad59a3 b442ffa4b7ea88343fa55f
system . journal
user-1000 . journal
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-en-1-20140606
245
-
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
M a i nta i n i n g Acc u rate T i m e
-
O bjectives
Aft e r com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to m a i nt a i n a ccu rate t i m e syn c h ro n i z a t i o n
a n d t i m e z o n e co nfig u ra t i o n to e n s u re correct t i mesta m p s i n system l og s .
-
-
Set local clocks and time zone
C o r rect sy n c h ro n i zed system t i m e is very i m portant for log f i l e a n a l ysis a c ross m u l t i p l e systems.
T h e Network Time Protocol (NTP) i s a sta n d a rd way for m a c h i n es to p rov i d e and obta i n correct
t i m e i nfo r m a t i o n o n the I nt e r n et. A m a c h i n e may g et a c c u rate t i m e information from p u b l i c N T P
services o n t h e I nternet s u c h a s t h e N T P Pool Project. A h i g h-q u a l ity h a rdwa re c l o c k to s erve
a c c u rate t i m e to l ocal c l ients is a no t h e r option.
T h e t imedat e c t l co m m a n d s hows a n overview of t h e cu rrent t i m e-re l ated system sett i n g s,
i n c l u d i n g c u rrent t i me, t i m e z o n e, a n d N T P sy n c h ro n i za t i o n sett i n g s of t h e system.
[student@serverX -]$ t imedatectl
Local time : Thu 2014-02-13 02 : 16 : 15 EST
Universal time : Thu 2014-02-13 07 : 16 : 15 UTC
RTC time : Thu 2014-02-13 07 : 16 : 15
Timezone : America/New_York ( EST, -0500 )
NTP enabled : yes
NTP synchronized : no
RTC in local TZ : no
DST active : no
Last DST change : DST ended at
Sun 2013-11-03 01 : 59 : 59 EDT
Sun 2013-11-03 01 : 00 : 00 EST
Next DST change : DST begins ( the clock j umps one hour forward ) at
Sun 2014-03-09 01 : 59 : 59 EST
Sun 2014-03-09 03 : 00 : 00 EDT
-
-
-
-
-
-
-
-
A data ba s e with known t i m e zones i s a va i l a b l e and can be l i sted w i t h :
[student@serverX -]$
Africa/Abidj an
Africa/Accra
Africa/Addis_Ababa
Africa/Algiers
Africa/Asmara
Africa/Bamako
t imedatectl lis t - timezones
-
-
T i m e zone n a m e s a re based o n the p u b l i c "tz" (or " z o n e i nf o " ) t i m e zone database m a i n t a i n e d
b y I A N A. T i m e z o n e s a re n a m e d based o n cont i n e nt o r oce a n , t h e n typica l l y but not a l ways t h e
l a rg est c i t y with i n the t i m e z o n e reg i o n . Fo r exa m p l e, m ost of t h e U S M o u nta i n t i m e z o n e i s
"A m e rica/De nver."
S e l e c t i n g t h e correct n a m e c a n be n o n-i nt u it ive in cases w h e re loca l ities i n s i d e the t i m e z o n e
have d iffe rent d a y l ight s a v i n g t i m e r u l es. Fo r exa m p l e, i n t h e U SA , m u c h o f t h e state of A r i z o n a
( U S M o u n t a i n t i m e) does not h ave a d ay l i g ht s a v i n g t i m e a dj u s t m e n t a t a l l a n d i s i n t h e t i m e z o n e
"A m e rica/P h o e n i x."
246
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
-
-
....
Config u r i n g a n d m o n ito r i n g c h ro nyd
-
-
The com m a n d t z select is usefu l for i d e n t i f y i n g correct z o n e i nfo t i m e zone n a m es. It
intera c t i ve l y p ro m pts t h e user w i t h q u est i o n s a b o u t the syste m ' s l o c a t i o n , a n d o u t p uts the n a m e
of t h e correct t i m e z o n e. I t d o e s n o t m a ke a ny c h a nges t o t h e t i m e z o n e sett i n g o f t h e syste m .
The syste m sett i n g f o r t h e cu rre n t t i m e z o n e c a n be adjusted a s u s e r root:
-
-
-
-
[ root@serverX -]# t imedatectl set - timezone America/Phoenix
[root@serverX -]# t imedatectl
Local time : Thu 2014-02-13 00 : 23 : 54 MST
Universal time : Thu 2014-02-13 07 : 23 : 54 UTC
RTC time : Thu 2014-02-13 07 : 23 : 53
Timezone : America/Phoenix (MST, -0700 )
NTP enabled : yes
NTP synchronized : no
RTC in local TZ : no
DST active : n/a
To c h a n g e t h e c u rrent t i m e a n d d a t e sett i n g s w i t h t h e t imed a t e c t l com m a n d , t h e s e t - t ime
option is a va i l a b l e. The time is specified in the " YYYY- M M - D D h h : m m:ss" format, w h e re e i t h e r
d a t e o r t i m e c a n be o m itted. To c h a n g e t h e t i m e to 09:00:00, r u n :
-
-
-
-
-
-
-
-
-
[root@serverx -]$
[root@serverX -]$
Local time :
Universal time :
RTC time :
Timezone :
NTP enabled :
NTP synchronized :
RTC in local TZ :
DST active :
t imedatectl set - time 9 : 00 : 00
t imedatectl
Thu 2014-02-13 09 : 00 : 27 MST
Thu 2014-02-13 16 : 00 : 27 UTC
Thu 2014-02-13 16 : 00 : 28
America/Phoenix (MST, - 0700 )
yes
no
no
n/a
The set - n t p o pt i o n e n a b les o r d i sa b l es N T P sy n c h ro n i zation f o r a ut o m a t i c t i m e adjustme nt.
The option req u i res e i t h e r a t r ue o r false a rg u m e n t to turn it o n o r off. To t u r n o n NTP
sync h ro n iz a t i o n , r u n :
I [student@desktopX -]$
timedat e c t l set - nt p t r ue
Configuring and monitoring chronyd
The c h r o nyd service keeps t h e u s u a l ly-i n a c c u rate loca l h a rdwa re c l o c k ( RTC) on t ra c k by
sync h ro n i z i n g it to t h e confi g u red N T P se rvers, or if no network c o n n ectivity is ava i l a b l e,
to the ca l c u l ated RTC c l o c k d rift w h i c h is recorded in t h e d rift file s p e c ified i n t h e
/ e t c / c h rony . conf confi g u ra t i o n f i l e.
By defa u l t , c h r o nyd uses servers from t h e N T P Pool P roj ect for t h e t i m e syn c h ro n ization a n d
does n o t n e e d a d d i t i o n a l confi g u ra t i o n . I t m a y be usef u l t o c h a n g e t h e N T P servers w h e n t h e
m a c h i n e i n q u est i o n i s o n a n isolated netwo r k .
-
-
The q u a l ity of a n N T P t i m e s o u rce i s d ete r m i n e d by t h e s t rat um va l u e reported by t h e t i m e
s o u rce. T h e s t r a t u m d ete r m i n e s t h e n u m b e r of hops t h e m a c h i n e i s a w a y from a h i g h ­
perfo r m a n ce refere n c e c l ock. The refe rence c l o c k is a s t r a t u m a t i m e s o u rce. A n N T P server
d i rect l y att a c h e d to it i s a s t r a t u m 1, w h i l e a m a c h i n e syn c h ron i z i n g t i m e from the N T P server
i s a s t r a t u m 2 time s o u rce.
-
-
-
R H1 24- R H E L 7-en-1-20140606
247
-
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
There are two categ o r i es of t i m e so u rces t h a t c a n b e config u red i n t h e / e t c / c h rony . conf
confi g u ra t i o n file, s e rve r and pee r . T h e se rve r i s one stra t u m a bove the l oca l NTP s e rver, a n d
t h e p e e r is at t h e s a m e stra t u m l eve l . M o re t h a n o n e s e rve r a n d m o re t h a n o n e p e e r can be
s pecified, one per l i ne.
The fi rst a rg u m e n t of the se rve r l i n e i s the IP a d d ress or DNS name of the NTP server. Fo l l ow i n g
t h e se rve r I P a d d ress o r n a me, a s e r i e s of opt i o n s for t h e s e r v e r can b e l i sted. I t is reco m m e nded
to u s e the ibu r s t o pt i o n , beca use after t h e service sta rts, fo u r mea s u re m ents are t a k e n i n a
s h o rt t i m e period for a m o re accu rate i n it i a l c l o c k syn c h ro n ization.
To reconfi g u re t h e c h r o nyd server to sy n c h ro n i z e w i t h c l a ssroom .exa m p l e.com i n stead of t h e
defa u lt servers confi g u re d i n t h e / e t c / c h rony . conf, re m ove t h e ot h e r server entries a n d
re p l ace t h e m w i t h t h e fo l l owing confi g u ra t i o n f i l e e n t ry:
Use public servers from the pool . ntp . org project .
server classroom . example . com iburst
-
-
-
-
-
#
-
After p o i n t i n g c h ronyd t o t h e l oca l t i m e sou rce, c l a s s room.exa m p l e.co m , t h e service n e e d s t o b e
resta rted:
I
f
[ root@serverx -]#
systemc t l res ta rt c h ronyd
-
The c h r o nyc co m m a n d acts a s a c l ient to t h e c h r o nyd se rvice. After sett i n g u p N T P
sy n c h ro n i z a t i o n , it is u s ef u l to verify t h e N T P s e rver w a s u s e d t o sy n c h ro n i z e t h e system c l ock.
T h i s can b e a c h i eved with t h e c h ronyc sou r c e s co m m a n d o r, for more verbose o u t p u t with
a d d i t i o n a l ex p l a n a t i o n s about t h e output, ch ronyc sou r ces - v:
[ root@serverx ] $ c h ronyc sources - v
210 Number of sources 1
Source mode ' A ' server,
peer, ' # ' local clock.
I . - Source state ' * ' = current synced, ' + ' = combined , ' - ' = not combined ,
I I ' ? ' unreachable, ' x ' time may be in error ,
time too variable .
II
- xxxx [ yyyy ] +II
xxxx adj usted offset,
I I
I yyyy measured offset,
Log2( Polling interval) I I
\
estimated error .
I I
I
1 1
I
I
MS Name/IP address
St ratum Poll Reach LastRx Last sample
A * classroom . example . com
8 6 17 23 -497ns [ - 7000ns ] +/- 956us
-
-
-
=
' ='
=
=
=
=
=
'- '
-
=
=
zzzz
-
=
zzzz
=
-
= = = = = = = == = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = == = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
The * c h a racter i n t h e 5 (Sou rce state) fie l d i n d icates t h a t t h e c l a s s room .exa m p l e.com s e rver h a s
b e e n u s e d a s a t i m e s o u rce a n d i s t h e N T P s e r v e r t h e m a c h i n e is c u r re n t l y sy n c h ro n ized to.
��
.....
-
-
Note
-
Red H a t E n t e r p r i s e L i n u x 6 a n d e a r l i e r u s e n t pd a n d n t p q to m a n a g e t h e N T P
config u ra t i o n . Fu r t h e r i nfo r m a t i o n may b e fou n d i n t h e d o c u mentat i o n f o r R e d H a t
Enterprise L i n u x 6.
248
R H 1 24- R H E L7 - e n -1 -20140606
-
-
-
-
-
Confi g u r i n g a nd m o n i t o r i n g c h ro nyd
-
-
R
References
t imedatec t l(l), t z selec t (8), c h ronyd( 8) , ch rony . conf(5), a n d ch ronyc(l ) m a n
pages
-
-
-
-
A d d i t i o n a l i nfo r m a t i o n m a y b e avai l a b l e i n t h e Red Hat Enterprise Linux System
Administrator's Guide for Red H a t Enterprise L i n u x 7, w h i c h c a n be found at
http://docs.redhat.com/
N T P Pool Project
http://www. p oo l . ntp.org /
T i m e Zone Database
http://www. i a n a . o rg/t i m e-zones
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H124- R H E L 7-en-1-20140606
249
-
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
P ra ct i ce: Adj u st i n g Syste m Ti m e
-
Quiz
-
T h e steps to set u p t h e correct t i m e z o n e a n d a dj u st system c l ocks by u s i n g t imed a t e c t l a n d
c h ronyd fo l l ow. I n di cate t h e o rd e r i n w h i c h t h e steps s h o u l d b e taken.
-
a . I d e ntify t h e a p p ropriate time z o n e with t h e t imedat e c t l list - t imezones co m m a nd .
b. Ve rify t h e c l oc k w a s s y n c h r o n i z e d a g a inst t h e n e w l y s pecified N T P s o u rce w i t h t h e
c h ronyc sou rces c o m m a n d .
c . Po i n t c h ronyd to a new t i m e sou rce b y a dj u s t i n g / e t c / c h rony . conf.
-
-
d . Tu r n o n NTP sy n c h ro n ization.
-
e. Review c u rrent sett i n g s with t imedatectl.
f . S e t t h e correct t i m e z o n e w i t h t imedat e c t l s e t - t imezone.
-
g . Restart t h e c h ronyd serv ice.
-
-
-
-
-
-
-
-
-
-
-
250
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
S o l ut i o n
-
Solution
-
-
-
-
The steps to set u p t h e co rrect t i m e z o n e a n d a dj u st syste m c l ocks by u s i n g t imeda t e c t l a n d
c h ronyd fo l l ow. I n d icate t h e order i n w h i c h t h e steps s h o u l d be t a k e n .
2 a . I d e n t ify t h e a p p ro p riate t i m e zone w i t h t h e t imedat e ct l lis t - t imezones co m m a n d .
7 b. Verify t h e c l o c k w a s syn c h ro n ized a g a i nst t h e n e w l y specified N T P s o u rc e w i t h t h e
c h r onyc sou rces co m m a n d .
5 c. Po i n t c h ronyd t o a n e w t i m e s o u rce by a dj u s t i n g / e t c / c h rony . conf.
4 d . Tu r n o n N T P syn c h ro n i z a t i o n .
-
1 e. Rev iew c u rrent sett i n g s w i t h t imed a t e c t l.
3
-
f. Set t h e correct t i m e zone with t imed a t e c t l set - t imezone.
6 g . Restart t h e c h ronyd service.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
2 51
-
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
L a b : A n a l yz i n g a n d Sto ri n g Logs
-
Perfor mance checklist
·-
I n t h i s l a b , students w i l l c h a n g e t h e t i m e z o n e a n d l o g a l l a ut h e n t i ca t i o n fa i l u re l o g entries i nto a
sepa rate f i l e.
·-
Outcomes:
The time z o n e sett i n g o n t h e serverX m a c h i n e is a dj u sted; a l l syst emd j o u r n a l entries recorded
i n a given time fra m e a re d i s p l ayed; a l l sys l og messages with t h e a u t h p r i v fa c i l ity and seve rity
a l e rt a re l o g g e d i nto a s e p a rate log f i l e.
·-
Before you begin ...
Reset yo u r serverX syste m .
1.
Yo u r serverX m a c h i n e has bee n re l ocated t o J a m a ica. C h a n g e t h e t i m e z o n e o n t h e serverX
m a c h i n e to J a m a i c a and verify the time zone has been c h a n g e d p ro p e r l y.
2.
Display a l l syst emd j o u r n a l e n t r i es reco rded i n t h e last 3 0 m i n utes o n serverX.
3.
Confi g u re r syslogd by a d d i n g a r u l e to the n e w l y created confi g u ra t i o n f i l e
/et c / r syslog . d / au t h - e r ro r s . c o n f to l o g a l l security a n d a u t h e nt i c a t i o n messages
with t h e p r i o rity a l e rt a n d h i g h e r to t h e /var/log/au t h - e r ro r s f i l e a s we l l . Test t h e
newly a d d e d l o g d i rective with t h e logge r c o m m a n d .
·-
-
-
-
-
-
-
-
-
-
-
-
252
R H 1 24- R H E L7-e n-1-20140606
-
-
-
-
S o l ut i o n
-
Solution
-
-
-
I n t h i s l a b, students wi l l c h a n g e t h e t i m e z o n e a n d l o g a l l a u t h e nt i ca t i o n fa i l u re l o g e n t ries i nto a
sepa rate fi l e.
Outcomes:
The time z o n e sett i n g o n t h e serverX m a c h i n e is adjusted; a l l sys t emd j o u rn a l e n t ries recorded
i n a g iven time fra m e a re d i s p l ayed; a l l sys log messages w i t h t h e a u t h p r i v fac i l ity and seve rity
a l ert a re l o g g ed i nto a sepa rate l o g f i l e.
Before you begin ...
-
Reset yo u r serverX system.
1.
-
Yo u r se rve rX m a c h i n e h a s b e e n re located to J a m a ica. C h a nge t h e t i m e z o n e o n t h e s e rverX
m a c h i n e to J a m a i ca a n d verify t h e t i m e z o n e h a s b e e n c h a nged p ro p e r l y.
1 .1 .
I d e ntify t h e correct t i m e z o n e f o r J a m a i ca o n serverX.
[ root@serverx -]# t imedatectl
Africa/Abidj an
Africa/Accra
Africa/Addis_Ababa
Africa/Algiers
Africa/Asmara
America/Jamaica
-
-
-
-
1.2. C h a nge the t i m e z o n e to J a maica o n serverX.
I [ root@serverx -]#
-
i
t imedatectl set - t imezone Ame r ica/J amaica
1.3. Ve rify t h e t i m e z o n e h a s b e e n p rope r l y set o n serverX.
-
[ root@serverx -]#
Local time :
Universal time :
RTC time :
Timezone :
NTP enabled :
NTP synchronized :
RTC in local TZ :
DST active :
-
-
-
2.
-
Thu 2014-02-13 11 : 16 : 59 EST
Thu 2014-02-13 16 : 16 : 59 UTC
Thu 2014-02-13 16 : 17 : 00
America/Jamaica ( EST, -0500}
yes
no
no
n/a
t imedatectl
Display all syst emd j o u r n a l e n t ries reco rd ed i n t h e l a st 3 0 m i n utes o n serverX.
A s s u m i n g the c u rrent time i s 9:30:00, the fo l l ow i n g c o m m a n d wo u l d be used
I [ root@serverx -]#
-
3.
-
list - t imezon e s
j ou rnalc t l - - since 9 : 00 : 00 - - u n t i l 9 : 30 : 00
Config u re r syslogd by a d d i n g a rule to the n ew l y c reated confi g u ration fi l e
/et c / r syslog . d/au t h - e r r o r s . conf t o l o g a l l secu rity a n d a u t h e nt i c a t i o n messages
w i t h t h e priority a l e rt and h i g h e r to t h e /va r /log/au t h - e r ro r s fi l e a s we l l . Test the
n ew l y a dded l o g d i rective w i t h t h e logge r com m a n d .
-
-
-
R H 1 24- R H E L 7-en-1-201 40606
253
-
-
C h a pter 1 0. A n a l y z i n g a n d Sto r i n g Logs
-
3.1 . Add t h e d i rective to l o g a u t h p riv . ale r t sys l o g messages to t h e
/var /log/au t h - e r ro r s f i l e i n t h e / e t c / r syslog . d/au t h - e r ro r s . c o n f
confi g u ra t i o n f i l e.
[ root@serverX -]#
echo " au t h p riv . ale r t /var/log/au t h - e r ro r s " >/e t c / r syslog . d/
au t h - e r ro r s . conf
3.2. Restart the r syslog service o n serverX.
[ root@serverx -]#
-
-
sys t emc t l restart r syslog
-
3.3. M o n itor the n e w l y created log f i l e /var/log/au t h - e r r o r s o n s e rverX for c h a n g es i n
a d i fferent term i n a l w i n d ow.
[ root@serverx -]#
-
-
t ail - f /var/log/au t h - e r r o r s
-
3.4. U s e t h e log g e r to c reate a new log entry to t h e /va r / log/au t h - e r r o r s o n serverX.
[ root@serverx -]#
log g e r - p authpriv . ale r t " Logging t e s t au t h p r iv . ale r t "
3.5. Ve rify t h e message s e n t t o sys l o g with t h e logge r c o m m a n d a p pe a rs i n t h e
/var/log/au t h - e r ro r s o n se rve rX i n t h e term i n a l r u n n i n g t ail - f /va r / log/
au t h - e r ro r s .
[ root@serverx -]# t ail - f /var/log/aut h - e r r o r s
Feb 13 11 : 21 : 53 serverl root : Logging test authpriv . alert
-
-
-
-
-
-
-
-
-
-
-
-
254
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
Solution
-
S u m m a ry
-
-
Syste m Log A rc h itect u re
T h e l o g a rc h itect u re c o n s i sts of sys t emd - j ou r nald for co l l ec t i n g a n d r syslog to
s o rt and w r ite l og messages to the log f i l es.
Reviewi n g Sys l o g Fi l es
T h e syste m l o g f i l e s a re m a i n ta i n e d by r syslog.
-
-
-
Review i n g syst e m d J o u r n a l E n t ries
T h e syste m d j o u r n a l p rovides advanced capa b i l ities to q u e ry for eve nts.
Prese r v i n g the syst e m d J o u r n a l
Config u ri n g sys t emd - j o u r nald to p e r m a n e n t l y store t h e j o u r n a l o n d i s k .
M a i nta i n i n g A cc u rate T i m e
T i m e sy n c h ro n ization is i m porta n t for l o g f i l e a n a l ys i s .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
255
-
"""'I
'
-
-
-
--
-'
256
®
red h at
TRAINING
®
C H A PT E R 1 1
MANAGING RED HAT
E N TER P RISE LINUX
NETWOR KING
Overview
Goal
To conf i g u re b a s i c 1 Pv4 networking on Red H a t Enterprise
Linux systems.
Objectives
•
E x p l a i n f u n d a m e n t a l concepts of computer netwo r k i n g .
•
Test a n d review c u rrent n etwork configurat i o n w i t h b a s i c
uti lities.
•
M a nage network sett i n g s a n d devices with nmcli and
N etworkM a nag er.
Sections
•
M odify network set t i n g s by e d i t i n g t h e confi g u ration files.
•
Config u re a n d test system host name a n d n a m e res o l u t i o n .
•
N etwo r k i n g Concepts (and Pra c t i ce)
•
Va l id a t i n g N etwork Config urat i o n (and Practice)
•
Confi g u r i n g N etwo r k i n g w i t h nmcli (and Pract i ce)
•
E d i t i n g N etwork Confi g u ra t i o n Files (a n d Practice)
•
Confi g u r i n g H ost N a mes and N a m e Reso l u t i o n (and
Practice)
Lab
R H124- R H E L7-en-1-2 0140606
•
M a naging Red H a t Enterprise L i n u x Netwo r k i n g
2 57
-
-
C h a pter 11 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
N etwo r k i n g C o n c e pts
Objectives
After com p l e t i n g t h i s sect i o n , s t u d e n t s s h o u l d be a b l e to ex p l a i n f u n d a m e n t a l concepts of
c o m p u t e r netwo r k i n g .
-
1 Pv4 networking
TC P/ I P sta n d a rds fo l l ow a fou r-layer network m o d e l specified i n R FC1122.
•
Application
E a c h a p p l ication h a s s pecificat i o n s for com m u n i c a t i o n so t h at c l ients a n d servers m a y
com m u n icate a c ross p l atfo r m s . C o m m o n protoco l s i n c l u d e S S H (remote l o g i n ) , H T T P S (se c u re
web), N FS or C I FS (fi l e s h a ri n g ) , a n d S M T P (e l e c t r o n i c m a i l d e l i ve ry).
•
-
Transport
Tra nsport p rotoco l s a re TC P a n d U D P. TCP is a re l i a b l e c o n n e c t i o n-oriented com m u n ic a t i o n ,
w h i l e U D P is a connect i o n l ess datagram protoco l . A p p l ic a t i o n p rotoco l s u s e TCP o r U D P ports.
A l i st of we l l -k n own and reg i stered ports ca n be fo u n d i n the /e t c/se rvices f i l e.
W h e n a pac ket is sent o n t h e network, t h e com b i n a t i o n of t h e service port a n d I P a d d ress
forms a soc ket. Each pac ket h a s a s o u rce soc ket and a d e st i n a t i o n soc ket. This i n fo r m a t i o n can
b e used w h e n m o n i to r i n g and f i l t e r i n g .
•
-
-
-
Internet
-
·
T h e I nternet. or network l ayer, carries d ata from t h e s o u rce host to t h e dest i n at i o n host. Each
host has a n I P a d d ress and a p refix u s e d to dete r m i n e network a d d resses. Routers a re u s e d to
con nect networks.
-
I C M P i s a control p rotocol a t this l ayer. I n stead of po rts, it has types. T h e ping u t i l ity i s a n
exa m p l e o f u s i n g I C M P p a c kets t o test connectiv ity. ping s e n d s a n I C M P EC H O_R E O U EST
pac ket. A s u ccessfu l ping receives an I C M P E C H O_R E P LY a c k n ow l e d g m e nt. A n u n s u ccessf u l
p i n g m a y receive I C M P e rro r messages s u c h a s "dest i n a t i o n u n reacha b l e " o r m a y n ot receive
any res p o n se.
-
Link
The l i n k, o r m e d i a a ccess, layer p rovides the c o n n e c t i o n to physical m e d i a . The most c o m m o n
t y p e s o f n etworks a re w i red E t h e r n et (802.3) a n d w i re l e s s W L A N (802.11). E a c h p h ys i ca l d evice
h a s a h a rdware add ress ( M AC) which is used to i d e n t ify the d e st i n a t i o n of pac kets o n the loca l
network segment.
-
-
-
-
258
R H 1 24- R H E L 7-en-1-20140606
-
-
1 Pv4 netwo r k i n g
-
-
I P Add ress:
172 . 17 . 5 . 3 - 10101100 . 00010001 . 00000101 . 00000011
N et m a s k:
r-----"'\
255 . 255 . 0 . 0 - 11111111 . 11111111 . 00000000 . 00000000
P refix: / 1 6
-
-
-
-
"'-----""_____../
N etwork
-
-
-
-
-
-
H ost
I P Add ress:
192 . 168 . 5 . 3 - 11000000 . 10101000 . 00000101 . 00000011
Prefix: / 2 4
N e t m a s k:
255 . 255 . 255 . 0
-
-
"'------v---../
10101100 . 00010001 . 00000101 . 00000011
11111111 . 11111111 . 11111111 . 00000000
'---.,-../
1 1 0 0 0 0 0 0 . 1 0 1 0 1 0 0 0 . 0 0 0 0 0 10 1 . 0 0 0 0 0 0 1 1
Figure
11.1:
N etwork
/Pv4 addresses and netmasks
H ost
1 Pv4 a d d resses
A n 1 Pv4 a d d ress is a 32-bit n u m be r, n o r m a l l y e x p ressed i n d e c i m a l a s fo u r octets ra n g i n g in va l u e
from 0 to 255, s epa rated b y dots. T h e a d d ress i s divided i nto two pa rts: t h e network part a n d t h e
host part. A l l hosts o n t h e s a m e s u b n et, w h i c h c a n ta l k t o e a c h ot h e r d i rect l y w i t h o u t a ro uter,
have t h e s a m e n etwo r k pa rt; t h e network pa rt i d e ntifies t h e s u b net. N o two hosts o n t h e s a m e
s u b n et c a n h ave t h e s a m e host p a r t ; t h e h o s t p a r t identifies a particu l a r h o s t o n a s u b n et.
I n t h e m o d e r n I nter n et, t h e s i z e of a n 1 Pv4 s u b net is va ria b l e. To k n ow w h i c h pa rt of an 1 Pv4
a d d ress is t h e network p a rt a n d w h i c h is t h e host pa rt, an a d m i n istrator m u st know the netmask
w h i c h is a s s i g n e d to t h e s u b n et. T h e n et m a s k i n d icates how m a ny bits of t h e 1 Pv4 a d d ress b e l o n g
t o t h e s u b n et. The m o re b its t h a t a re ava i l a b l e fo r t h e host pa rt, t h e m o re hosts c a n be on t h e
s u b n et .
The l owest poss i b l e a d d ress o n a s u b net ( h ost part is a l l zeros i n b i n a ry) i s sometimes c a l l e d t h e
network address. The h i g hest poss i b l e a d d ress o n a s u b net ( h ost p a r t i s a l l o n e s i n b i n a ry) is used
for broad cast messages i n 1 Pv4, and i s ca l l ed t h e broadcast address.
N etwo r k m a s ks a re expressed i n two forms. T h e o l d e r sy ntax for a n et m a s k w h i c h u ses 24 bits for
t h e n etwo r k part wou l d read 255. 255. 255. 0. A newer syntax, ca l l ed C I D R n otat i o n , wou l d spec ify
a network prefix of 124. Both forms co nvey the s a m e i nfor m a t i o n ; n a m e l y, how m a ny l e a d i n g bits
i n t h e IP a d d ress cont r i b ute to its n etwo r k a d d ress.
The exa m p l e s w h i c h fo l l ow i l l u st rate how the IP a d d ress, p refi x ( n e t m a s k ) , n etwo r k part, and host
part a re re l a ted.
R H 1 24- R H E L 7 -en -1-20140606
259
C h a pt e r 1 1 . M a n a g i n g Red H a t Enterprise L i n u x Netwo r k i n g
Calculating the network address for
192.168.1.107/24
H ost a d d r
1 92 .168.1 .1 07
11000000 . 10101000 . 00000001 . 01101011
N etwork pref i x
/24 (255.255.255.0)
11111111 . 11111111 . 11111111 . 00000000
N etwork a d d r
1 92 .1 68.1 .0
11000000 . 10101000 . 00 0 0 0 0 0 1 . 00000000
Broadcast a d d r
192.1 68 .1 .255
11000000 . 10101000 . 00 0 0 0 0 0 1 . 11111111
Calculating the network address for
10.1.1.18/8
H ost a d d r
1 0.1 .1 .1 8
00001010 . 00000001 . 00 0 0 0 0 0 1 . 00010010
Network prefix
/8 (255.0.0.Q)
11111111 . 00000000 . 00000000 . 00000000
N etwo rk a d d r
1 0.0.0.0
00001010 . 00000000 . 00000000 . 00000000
B roadcast a d d r
1 0.255.255.255
00001010 . 11111111 . 11111111 . 11111111
Calculating the network address for
-
172.16.181.23/19
H ost a d d r
172.168.1 81 .23
10101100 . 10101000 . 10 1 1 0 10 1 . 00010111
N etwork prefix
/1 9 (255.255.224.0)
11111111 . 11111111 . 11100000 . 00000000
N etwo r k a d d r
172.1 68.1 60.0
10101100 . 10101000 . 10100000 . 00000000
B roadcast a d d r
172.168.191 .255
10101100 . 10101000 . 10111111 . 11111111
The spec i a l a d d ress 1 27.0.0.1 a l ways p o i n t s to t h e loca l system ( " l oc a l host " ) , and t h e network
1 27.0.0.0/8 b e l o n g s to t h e l oca l syst e m , so t h a t it c a n ta l k to itse l f using network protoco ls.
-
-
-
D N S Serve r
To t h e i nt e r n et
-
1 7 2 . 17 . 0 . 0 / 1 6
-
-
Defa u l t g ateway for
192 . 168 . 5 . 0/24
192 . 168 . 5 . 2 54
1 9 2 . 168 . 5 . 0/24
-
-
-
Figure
1 1 . 2:
Network routing and DNS concepts
1 Pv4 ro u t i n g
Whether u s i n g 1 Pv4 or 1 Pv6, netwo r k t raffic n e e d s to move from h ost to host a n d n etwo r k to
network. E a c h h ost h a s a routing table, w h i c h te l l s it how to route t raff i c for parti c u l a r networks.
-
-
-
260
R H1 24- R H E L 7 - e n -1-20140606
-
1 Pv4 netwo r k i n g
The ro uting table entries w i l l l i st a destination network, w h i c h i nterface t o send t h e t raffic o u t ,
a n d t h e I P a d d ress of a ny intermedi ate router t h a t is req u i red t o re lay t h e m e s s a g e to i t s f i n a l
d esti nation. T h e ro u t i n g t a b l e entry w h i c h matches t h e dest i nation o f t h e netwo rk t raffic i s used
to route it. I f two entries matc h , the one with t h e l o n gest p refix is used.
If t h e network t raff i c does not match a more s p e c i f i c route, the rou t i n g table u s u a l ly has a n entry
for a default route to t h e e n t i re 1 Pv4 I nternet , 0.0.0.0/0. T h i s defa u l t route points to a router on a
rea c h a b l e s u b net (that is, on a s u b net that h a s a m ore s pecific route in t h e host's routing t a b le).
I f a router receives t raff i c t h a t is not a d d ressed to it. i n stead of ignoring it l i ke a normal host,
it forwards t h e t raffic based o n its own ro uting t a b l e. This may send the t raffic d i rectly to the
destination host (if t h e router h a p p e n s to b e o n the d e s t i n a t i o n ' s s u b net), o r it may b e forwa rded
o n to a nother router. This process of forwa rd i n g cont i n u e s u n t i l the t raffic reac h e s its f i n a l
destination.
Example routing table
Desti nation
I nterface
1 92 .0.2.0/24
wlol
1 92 .1 68.5.0/24
enp3s0
0.0.0.0/0 (default)
enp3s0
Router ( i f needed)
192.1 68.5.254
In this exa m p l e, t raffic h e a d ed for the I P a d d ress 1 92 .0.2.1 02 from this host w i l l b e t r a n s m itted
d i rectly to t h a t dest i n a t i o n via the wlol wireless inte rfa ce, because it matches the 1 92 .0.2.0/24
route m ost c losely. Traffic for t h e I P a d d ress 192.168.5.3 w i l l be t ra n s m itted d i rectly to t h a t
d esti nation v i a t h e enp3s0 Ethernet inte rfa ce, because it m a t c h e s t h e 1 92 .168.5.0/24 route m ost
c l os e l y.
Traffic to t h e I P a d d ress 1 0.2.24.1 w i l l be t ra n s m itted o u t t h e enp3s0 Ethe rnet i nterface to a
router at 1 92 .1 68.5.254, w h i c h w i l l fo rwa rd t h a t t raffic on to its f i n a l destination. That t raffic
matches t h e 0.0.0.0 /0 ro ute most c l osely, as t h e re is n ot a m o re specific route i n the rout i n g
t a b l e o f t h i s h ost. The router w i l l u s e i t s o w n ro uting t a b l e t o d ete r m i n e where t o forwa rd t h a t
t raffic t o next.
Names and IP a d d resses
The IP p rotocol uses a d d resses to c o m m u n icate, but h u m a n b e i n g s would rat h e r work with
n a mes than l o n g a n d h a rd-to-re m e m ber st r i n g s of n u m be rs. DNS, t h e D o m a i n N a m e System, i s a
d i s t r i buted network of s e rvers t h a t m a ps host n a mes to I P a d d resses. I n o rder for n a m e s e rvice
to work, t h e host needs to b e p o i nted at a nameserver. This n a meserver does n ot n e e d to b e o n
t h e s a m e s u b net; it j ust needs to b e rea c h a b l e by t h e h ost.
D H C P or static network confi g u ra t i o n
M a ny systems are confi g u red to obtain netwo r k sett i n g s a utomat ic a l l y at boot t i m e. T h e l oc a l
c o n f i g u r a t i o n fi les i n d i cate t h a t D H C P s h o u l d b e used a n d a separate c l ient s e r v i c e q u e ries t h e
network f o r a server a n d o bta i n s a l e a s e f o r n etwork sett i ngs.
I f a D H C P server i s not ava i l a b l e, t h e system m ust use a static configuration w h e re t h e network
sett i n g s are read fro m a l oca l config u ration f i l e. The co rrect n etwork sett ings a re o b t a i n e d from
the network a d m i n istrator o r a rc h itect u re team to e n s u re t h e re a re n o conf l i cts with o t h e r
systems.
S i n ce D H C P uses t h e h a rdwa re a d d ress to tra c k assi g n m ents, o n l y o n e a d d ress m a y be a s s i g n ed
per i nterface with D H C P. M u lt i p le stat i c a d d resses may b e a s s i g n ed to a s i n g l e i nte rface. T h i s
R H 1 24- R H E L7-en-1-2 0140606
2 61
-
-
C h a pte r 11 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
p ra ctice i s c o m m o n i n syst e m s host i n g se rvices f o r m u l t i p l e c l i e nts, s u c h a s HTTP I P-based
host i n g . Red H a t Enterprise Linux i nte rfa ces ty pica l l y have a n 1 Pv4 a d d ress a n d a n 1 Pv 6 l o ca l - l i n k
a d d ress, b u t m a y have m o re a d d resses a s s i g n e d .
Network interface names
Tra d i t i o n a l l y, n etwo r k i nterfaces in L i n u x a re e n u m e rated as e t h0, e t h 1 , e t h2, and so o n .
H owever, t h e mecha n i s m w h i c h sets t h ese n a m es ca n c a u s e c h a n g es to w h i c h i nterface gets
w h i c h name a s devices a re a d d e d and removed. T h e defa u lt n a m i n g behavior i n Red Hat
E nterprise L i n u x 7 is to a s s i g n fixed n a mes based o n f i r mwa re, d evice topol ogy, and device type.
I nt e rface n a m es have t h e fo l l owi n g c h a ra cters:
•
•
•
•
Et h e r n et i nte rfa ces beg i n with en, W L A N i nterfaces b eg i n with w/, and WWAN i nt e rfaces b eg i n
w i t h WW.
T h e next c h a racte r(s) represents t h e type of a d a pt e r w i t h a n o for on-board, s for h ot p l u g s l ot,
and p for P C I geo gra p h i c l o c a t i o n . Not used by defa u l t b u t also avai l a b l e to a d m i n istrators, a n x
is u sed to i n co r p o rate a M A C a d d ress.
F i n a l l y, a n u m be r N i s used to re p resent a n i n d ex, I D, o r po rt.
I f the fixed name ca n n ot b e d ete r m i n ed , the t ra d i t i o n a l n a m es such a s ethN w i l l b e u s e d .
Fo r exa m p l e, t h e fi rst e m b e d d e d n e t w o r k i n terfa ce m a y be n a m e d eno1 a n d a P C I c a rd n etwork
i nterface m a y be named enp2s0. T h e new names m a ke it easier to d i st i n g u i s h t h e re l a t i o n s h i p
betwee n a p o r t a n d i t s n a m e if t h e u s e r k n ows bot h , b u t t h e t ra d e off is t h a t u s e rs ca n n ot
a s s u m e a system with o n e i nte rface ca l l s that i nte rfa ce e t h0.
Note
Network i nterface n a m i n g ca n be ove r r i d d e n . I f t h e a d m i n istrator h a s i n sta l l e d a n d
e n a b l ed t h e biosdevname package o r set customized u d ev device n a m i n g r u l es,
t hose sett i n g s w i l l ove r r i d e t h e defa u lt n a m i n g s c h e m e. D e p e n d i n g o n s u p p o rt for
biosdevname in t h e system B I OS, n a m es such a s em1, em2, etc. may b e used for o n ­
b o a rd n e t w o r k cards (corres p o n d i n g to t h e i r n a m es o n t h e c hassis). PC l (e) cards a re
represented w i t h p YpX (e.g., p4p1), w h e re Y i s t h e P C I s l ot n u m be r a n d X is t h e n u m be r
f o r t h e port on t h a t specific c a rd .
-
-
-
-
-
-
-
-
References
R
se rvices(5), ping(8), biosdevname(1 ), a n d u d ev(7) m a n pages
A d d i t i o n a l i n fo r m a t i o n m a y b e a va i l a b l e i n t h e c h a pters o n config u ri n g n etwo r k i n g a n d
co n s i stent n etwo r k d evice n a m i n g i n t h e Red Hat Enterprise Linux Networking Guide
for Red H a t Enterprise L i n u x 7, w h i c h ca n be fou n d a t
http://d ocs.red hat.com/
-
-
-
262
RH124- R H E L7-en-1 -20140606
-
-
Practice: N etwo r k i n g C o n cepts
P ra ct i ce: N etwo r k i n g Concepts
-
Quiz
Match t h e fo l l ow i n g items to t h e i r cou nterpa rts i n the t a b l e.
Gateway i s not o n t h e s a m e s u b n et.
I P a d d ress ca n n ot be a n etwo r k a d d ress.
N a m e reso l ut i o n i s not c o n f i g u re d .
-
--
IP address :
172 . 17 . 0 . 351/16
Gateway : 172 . 17 . 0 . 1
DNS server : 172 . 17 . 0 . 254
-�-
-
------ - -
- -
--
i
l
i
-
T h i s confi g u ra t i o n i s fea s i b le.
Correctn ess
N etwork settin g s
-
I nva l i d 1 Pv4 a d d ress
'
-- -
IP address : 10 . 1 . 2 . 3/24
Gateway : 10 . 1 . 2 . 1
DNS server : 172 . 17 . 4 . 53
- -
'
'
-
�
-
'
-
IP address : 192 . 168 . 7 . 0/24
Gateway : 192 . 168 . 7 . 1
DNS server : 192 . 168 . 0 . 254
�
-
--
!
;
-
IP address : 10 . 4 . 5 . 6/24
Gateway : 10 . 4 . 6 . 1
DNS server : 192 . 168 . 0 . 254
-- - - - -
-
'-
- -----
-
-
-- -
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
263
C h a pter 1 1 . M a n a g i n g Red H a t Enterprise L i n u x Networking
-
N etwo r k sett i n g s
C o r re ct n ess
IP address : 172 . 17 . 23 . 5/16
Gateway : 172 . 17 . 0 . 1
-
-
264
R H1 24- R H E L7 - e n -1 -20140606
-
-
Sol ution
-
Solution
-
Match t h e fo l l ow i n g items to t h e i r cou nterpa rts i n t h e ta b l e.
-
-
N etwork settin g s
IP address :
: 172 . 17 . 0 . 351/16
i Gateway : 172 . 17 . 8 . 1
i DNS server : 172 . 17 . 0 . 254
--� - - --- - - -
-
Correctn ess
---
--��
I nva l i d 1 Pv4 a d d ress
-
-
IP address : 10 . 1 . 2 . 3/24
Gateway : 10 . 1 . 2 . 1
DNS server : 172 . 17 . 4 . 53
.---- --��- -�-���1
-
-
IP address : 192 . 168 . 7 . 0/24 1
Gateway : 192 . 168 . 7 . 1
DNS server : 192 . 168 . 0 . 254
- -
-
----
-
� --- �--- --
-
-
I
-- -- -�-�
-��
-c
--
- -
I P a d d ress ca n n ot be a netwo rk a d d ress.
--- -
IP address : 10 . 4 . 5 . 6/24
Gateway : 10 . 4 . 6 . 1
DNS server : 192 . 168 . 0 . 254
-- -
T h i s confi g u ra t i o n i s feas i b l e.
- --��
Gateway i s n ot o n the same s u b n et.
I
; IP address : 172 . 17 . 23 . 5/16 j
, Gateway : 172 . 17 . 0 . 1
N a m e reso l ut i o n i s not conf i g u re d .
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
265
-
-
C h a pt e r 1 1 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
Va l id at i n g N etwo rk Confi g u rat i o n
-
Objectives
Afte r com p l e t i n g t h i s sect i o n , students s h o u l d be a b l e to test a n d rev iew c u rrent n etwork
confi g u ra t i o n w i t h basic u t i l i t i es.
Displaying I P ad dresses
T h e / s bin/ip com m a n d is u sed to s h ow device a n d a d d ress i nfo r m a t i o n .
[ student@desktopX -] $ ip addr show eth0
2 : eth0 : <BROADCAST, MULTICAST, C» uP, LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen
1000
«) link/ether 52 : 54 : 00 : 00 : 00 : 0a brd ff : ff : ff : ff : ff : ff
E> inet 172 . 25 . 0 . 10/24 brd C» 112 . 25 . 0 . 255 scope global eth0
valid_lft forever preferred_lft forever
C) inet6 fe80 : : 5054 : ff : fe00 : b/64 scope link
valid_lft forever preferred_lft forever
�-
I
C»
f)
The l i n k l i n e specifies t h e ha rdwa re ( M AC) a d d ress of t h e device.
C)
The broadcast a d d ress, scope, a n d device n a m e a re a l so o n t h i s l i ne.
E>
C)
-
-
-
An active i nterface h a s t h e stat u s of UP.
The i n et l i n e s h ows t h e 1 Pv4 a d d ress a n d p refi x .
-
The i n et6 l i n e s hows 1 Pv6 info r m a t i o n .
T h e ip com m a n d may a l s o b e used to s h ow statistics a bo u t n e t w o r k p e rfo r m a n ce. T h e received
(RX) and t ra n s m itted (TX) p a c kets, e r rors, and d ro p p e d cou n t e rs can be used to ident ify n etwo r k
i s s u e s caused b y co n g e st i o n , l ow m e m o ry, a n d ove r r u n s.
[student@desktopX -]$ ip - s link show ethe
2 : eth0 : <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52 : 54 : 00 : 00 : 00 : 0a brd ff : ff : ff : ff : ff : ff
RX : bytes packets errors dropped overrun mcast
269850
2931
0
0
0
0
TX : bytes packets errors dropped carrier collsns
300556
3250
0
0
0
0
Troubleshooting routing
-
-
T h e /sbin/ip com m a n d is a l so u s e d to s how ro u t i n g i n fo r m a t i o n .
[student@desktopX -]$ ip route
default via 172 . 25 . 0 . 254 dev eth0 proto static met ric 1024
172 . 25 .X. 0/24 dev eth0 proto kernel scope link src 172 . 25 .X. 10
10 . 0 . 0 . 0/8 dev eth1 proto kernel scope link src 10 . 0 . 0 . 11
A l l packets dest i n e d for t h e 1 0.0.0.0/8 network w i l l be sent d i re c t l y to t h e dest i n a t i o n t h ro u g h
t h e device eth1 . A l l pac kets d e st i n ed f o r t h e 172.25.X.0/24 n etwork wi l l be s e n t d i rect l y to t h e
dest i n a t i o n t h ro u g h t h e d e v i c e e t h O . A l l o t h e r pac kets w i l l b e s e n t to t h e defa u l t ro u t e r l ocated a t
172.25.X.254, a n d a l s o t h ro u g h device ethO.
266
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
Tro u b l es h o o t i n g ports a n d services
-
-
-
-
-
-
-
The ping co m m a n d is used to test c o n n ectivity. The co m m a n d w i l l cont i n u e to r u n until a
Con t r ol - C i s p ressed u n less o p t i o n s a re g i v e n to l i m it t h e n u m be r of p a c kets sent.
I [student@desktopX
I
- ) $ ping - c3 172 . 25 . X . 254
To t race t h e path to a remote host, u s e e i t h e r t r ace rou t e or t r acepath. Both com m a n d s ca n
be used to t race a path with U D P p a c kets; h owever, m a ny networks b l oc k U D P a n d I C M P t raffic.
The t r ace route co m m a n d h a s options to t race t h e path w i t h UDP (defa u lt), I C M P ( I ) o r TC P
( - T) p a c kets, but m a y not be i n sta l l e d by defa u lt .
-
[student@desktopX - ) $ t racepat h access . redhat . com
4 : 71-32-28-145 . rcmt . qwest . net
5 : dcp- brdr -04 . inet . qwest . net
6 : 206 . 111 . 0 . 153 . ptr . us . xo . net
7 : 207 . 88 . 14 . 162 . ptr . us . xo . net
8 : ae1d0 . cir1 . atlanta6-ga . us . xo . net
9 : 216 . 156 . 108 . 98 . ptr . us . xo . net
10 : bu-ether13 . atlngamq46w- bcr00 . tbone . rr . com
48 . 853ms
100 . 732ms
96 . 245ms
85 . 270ms
64 . 160ms
108 . 652ms
107 . 286ms
asymm
asymm
asymm
asymm
asymm
asymm
,
5
7
7
8
7
12
-
-
Each l i n e in the o u t p u t of t r acepat h re presents a ro uter o r hop that the pac ket passes t h ro u g h
betwe e n t h e s o u rce a n d t h e f i n a l d e st i n a t i o n . A d d i t io n a l i n fo r m a t i o n i s p rovided a s ava i l a b le,
i n c l u d i n g t h e ro u n d t r i p timing ( RTT) a n d a n y c h a n ges i n t h e m a x i m u m t ra n s m i s s i o n u n it ( M T U )
s i ze.
Troubleshooting ports and services
-
TC P services use soc kets as e n d p o i n t s for co m m u n ication a n d a re m a d e up of an I P a d d ress,
p rotoco l , and port n u m be r. Services typica l l y l i sten on sta n d a rd ports w h i l e c l i e nts use a ra n d o m
avai l a b l e port. We l l - k n o w n n a m es f o r sta n d a rd po rts a re l i sted i n t h e / e t c /se rvices f i l e .
-
The s s c o m m a n d i s used t o d i s p l a y soc ket statistics. I t is s i m i l a r to t h e ne t s t a t c o m m a n d ,
w h i c h is a l so ava i l a b l e but may not b e insta l l e d b y defa u lt.
-
-
-
-
-
-
[student@desktopX
Recv-Q
State
0
LISTEN
0
LISTEN
0
LISTEN
0
LISTEN
0
ESTAB
0
LISTEN
LISTEN
0
0
LISTEN
0
LISTEN
O
O
E)
-
-
-
Send-Q
128
128
100
128
0
128
128
100
128
-)$ ss - ta
Local Address : Port
* : sunrpc
O• : ssh
G 121 . 0 . 0 . 1 : smtp
* : 36889
E> 112 . 25 . X. 10 : ssh
: : : sunrpc
0 : : : ssh
0 : : 1 : smtp
: : : 34946
Peer Address. :. Port
.
*.*
•.*
...
172 . 25 . 254 . 254
. . I: *59392
. . .*
...
. . . **
T h e port used for S S H is l i ste n i n g on a l l 1 Pv4 add resses. The " * " is used to represent " a l l "
w h e n refere n c i n g 1 Pv4 a d d resses o r ports.
T h e port used for S M T P i s l i ste n i n g o n t h e 1 27.0.0.1 1 Pv4 l o o p b a c k i nt e rface.
T h e esta b l i s h e d S S H c o n n e c t i o n is o n t h e 172.25.X.1 0 i nterfa ce a n d o r i g i n ates from a syst e m
w i t h a n a d d ress o f 172.25.254.254.
R H1 24- R H EL 7 -en -1 -20140606
2 67
-
-
C h a pter 1 1 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
O
O
The port u s e d for S S H i s l i ste n i n g o n a l l 1 Pv 6 a d d resses. The " : : " syntax is u sed to represent
a l l 1 Pv 6 i nterfa ces.
The port u s e d for S M T P is l i ste n i n g o n t h e ::1 1 Pv6 loopback i nte rfa ce.
Options for
ss
and
-
n e t s t at
Option
Desc r i p t i o n
-n
S h ow n u m be rs i n stead of names for i nte rfaces and ports.
-t
S h ow TC P sockets.
-u
S h ow U D P soc kets.
-I
S h ow o n l y l iste n i n g sockets.
-a
S h ow a l l ( l iste n i n g and esta b l i s h e d ) s o c kets.
-p
S h ow the process using t h e soc kets.
-
References
R
ip - link(8), ip - add ress(8), i p - route(8), ip(8), ping(8), t racepath(8),
t race r ou t e(8), ss(8), a n d n e t s t at (8) man pages
A d d i ti o n a l i nfo r m a t i o n may b e ava i l a b l e in the c h a pter o n config u r i n g networki n g in
t h e Red Hat Enterprise Linux Networking Guide for Red H a t E n t e r p r ise L i n u x 7, w h i c h
ca n b e fo u n d at
h t t p ://d ocs. red ha t.com/
-
-
-
-
-
268
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Practice: Exa m i n i n g Network Config u ra t i o n
-
P ra ct i ce: E xa m i n i n g N etwo r k Confi g u ra t i o n
-
-
Guided exercise
I n t h i s l a b , you w i l l exa m i n e t h e network confi g u ra t i o n of t h e c u r re n t syste m .
Outcomes:
I d entify the c u rre n t network i nterfa ces and basic network a d d resses.
-
Before you begin ...
Reset yo u r s e rverX syst e m .
-
D 1.
D i s p l a y t h e c u rrent I P a d d ress a n d n et m a s k f o r a l l i nte rfaces.
D 2.
D i s p l a y the stat i s t i cs for the ethO i nte rfa ce.
D 3.
D i s p l a y the routi n g i nf o r m a t i o n .
D 4.
Ve rify t h a t t h e ro uter is access i b l e.
-
-
-
-
-
-
-
-
-
-
-
-
[student@serverX -]$ ip addr
1 : lo : <LOOPBAC K , UP, LOWER_UP> mtu 65536 qdisc noqueue state UN KNOWN
link/loopback 00 : 00 : 00 : 00 : 00 : 00 brd 00 : 00 : 00 : 00 : 00 : 00
inet 127 . 0 . 0 . 1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 : : 1/128 scope host
valid_lft forever preferred_lft forever
2 : eth0 : <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 52 : 54 : 00 : 00 : 00 : 0b brd ff : ff : ff : ff : ff : ff
inet 172.25.X.11/24 brd 172 . 25 .X. 255 scope global dynamic eth0
valid_lft 12704sec preferred_lft 12704sec
inet6 fe80 : : 5054 : ff : fe00 : b/64 scope link
valid_lft forever preferred_lft forever
[student@serverX -]$ ip -s link show e t h 0
2 : eth0 : <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast state UP
mode DEFAULT qlen 1000
link/ether 52 : 54 : 00 : 00 : 00 : 0b brd ff : ff : ff : ff : ff : ff
RX : bytes packets errors dropped overrun mcast
418398
4588
0
0
0
0
TX : bytes packets errors dropped carrier collsns
360733
1730
0
0
0
0
[student@serverx -]$ ip route
default via 172 . 25 .X . 254 dev eth0 proto static met ric 1024
172 . 25 .X. 0/24 dev eth0 proto kernel scope link src 172 . 25 .X. 11
[student@serverX -]$ ping - c3 172 . 25 . X . 254
PING 172 . 25 .X. 254 ( 172 . 25 .X . 254) 56( 84 ) bytes
64 bytes from 172 . 25 .X. 254 : icmp_seq=1 ttl=64
64 bytes from 172 . 25 . X. 254 : icmp_seq=2 ttl=64
64 bytes from 172 . 25 .X. 254 : icmp_seq=3 ttl=64
of data .
time=0 . 489 ms
time=0 . 510 ms
time=0 . 458 ms
-
-
-
RH124- R H E L 7-en-1 -20140606
269
-
-
C h a pte r 11 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
- - - 172 . 25 .X. 254 ping statistics - - 3 packets transmitted, 3 received, 0% packet loss , time 1999ms
rtt min/avg/max/mdev 0 . 458/0 . 485/0 . 510/0 . 033 ms
=
0 5.
-
Show a l l t h e h o ps between the l oca l system a n d c l a s s room .exa m p l e.co m .
[student@serverX ] $ t racepat h
1 : classroom . example . com
Resume : pmtu 65535
-
0 6.
-
class room . example . com
0 . 522ms ! H
-
-
D i s p l a y the liste n i n g TCP soc kets o n the loca l syste m .
[student@serverx -]$ s s - lt
State
Recv-Q Send -Q
Local Address : Port
LISTEN
* : 55630
0
128
LISTEN
* : sunrpc
0
128
LISTEN
* : ssh
0
128
LISTEN
0
100
127 . 0 . 0 . l : smtp
LISTEN
0
128
: : : sunrpc
LISTEN
0
128
: : : ssh
LISTEN
0
128
: : : 33079
LISTEN
0
100
: : 1 : smtp
Peer Address .: Port
* . **
*.
* *
. . .*
...*
-
-
-
-
-
-
-
-
--
-
-
-
-
-
-
270
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
Confi g u r i n g N etwo r k i n g w i t h nmcli
-
-
-
Co nfi g u ri n g N etwo r k i n g wit h nmc li
Objectives
After c o m p l et i n g t h i s sect i o n , st u d e nts s h o u l d be a b l e to m a n a g e network sett i n g s a n d devices
w i t h nmcli and N etwo r k M a n a g e r.
NetworkManager
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
N etwo r k M a n a g e r i s a d a e m o n t h a t m o n itors a n d m a n a g es network sett i n gs. In a d d i t i o n to t h e
d a e m o n , t h e re i s a G N O M E N o t i f i c a t i o n A rea a p p l et t h a t p rovi d es network sta t u s i nfo r m a t i o n .
Co m m a n d - l i n e a n d g ra p h i ca l too l s ta l k to N etwo r k M a n a g e r a n d s a v e confi g u ra t i o n f i l e s i n t h e
/ e t c / sysconfig/netwo r k - s c r i p t s d i recto ry.
A device is a n etwo r k interfa ce. A connection is a confi g u ra t i o n used for a device w h i c h is m a d e
u p o f a co l l ection o f sett i n gs. M u l t i p l e c o n n e c t i o n s m a y exist for a d ev i ce, but o n l y o n e may b e
a ctive a t a t i me. Fo r exa m p le, a syste m may n o r m a l ly be c o n n ected to a n etwo r k w i t h sett i n g s
p rov i d e d by D H C P. Occa sio n a l l y, t h a t syst e m needs t o be c o n n ected to a l a b or d a t a center
network, which only uses sta t i c netwo r k i n g . I n stead of c h a n g i n g t h e config u ra t i o n m a n u a l l y, e a c h
confi g u ra t i o n can be stored a s a s e p a rate co n n ect i o n .
Viewing network information with nmcli
To d i s p l ay a l i st o f a l l connect i o n s , u s e nmcli con show. To l i st o n l y t h e active connections, a d d
t h e - - ac t ive opt i o n .
[ root@desktopX -]# nmcli c o n s how
UUID
NAME
static -eth0 f3e8dd32-3c9d -48f6- 9066-551e5b6e612d
System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03
guest
f601ca8a-6647-4188- a431-dab48cc63bf4
[ root@desktopX -]# nmcli con s how - - act ive
UUID
NAME
static-eth0 f3e8dd32-3c9d -48f6-9066-551e5b6e612d
f601ca8a-6647 -4188-a431-dab48cc63bf4
guest
L_
TYPE
802-3-ethernet
802-3-ethernet
802-11-wireless
TYPE
802-3-ethernet
802-11-wireless
DEVICE
eth0
wlp3s0
DEVICE
eth0
wlp3s0
�������·--- -��
Specify a con nect i o n I D (na me) to s e e t h e deta i l s of t h a t c o n n e c t i o n . T h e l owercase sett i n g s
represe n t t h e config u ra t i o n of t h e c o n nect i o n . Sett ing a n d p ro p e rty n a m e s a re d e f i n e d i n t h e
nm - s e t t ings(5) m a n page. T h e u p percase sett i n g s a re act ive data.
[ root@desktopX -]# nmcli
ipv4 . method :
ipv4 . dns :
ipv4 . dns-search :
ipv4 . addresses :
ipv4 . routes :
ipv4 . ignore-auto- routes :
ipv4 . ignore-auto-dns :
ipv4 . dhcp-client-id :
ipv4 . dhcp- send- hostname :
ipv4 . dhcp-hostname :
ipv4 . never-default :
ipv4 . may-fail :
ipv6 . method :
con show " s t atic - e t h 0 "
R H 1 24- R H E L7-en-1-20140606
manual
172 . 25 . 254 . 254, 8 . 8 . 8 . 8
{ ip 172 . 25 . X. 10/24, gw 172 . 25 .X. 254 }
no
no
yes
no
yes
auto
=
=
271
-
-
C h a pte r 1 1 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
I ...
-
The nmcli com m a n d can a l so be used to s h ow d evice stat u s a n d d eta i l s.
[ root@desktopX -]# nmcli d e v s t a t u s
DEVICE TYPE
STATE
CONNECTION
eth0 ethernet connected static- eth0
wlp3s0 wifi
connected guest
loopback unmanaged
lo
[ root@desktopX -]# nmcli dev show ethe
eth0
GENERAL . DEVICE :
ethernet
GENERAL . TYPE :
52 : 54 : 00 : 00 : 00 : 0A
GENERAL . HWADDR :
1500
GENERAL . MTU :
100 ( connected )
GENERAL . STATE :
static -eth0
GENERAL . CONNECTION :
/org/freedesktop/NetworkManager/
GENERAL . CON-PATH :
Activeconnection/1
WIRED-PROPERTIES . CARRIER :
on
ip 172 . 25 .X. 10/24, gw 172 . 25 .X. 254
IP4 . ADDRESS [1] :
IP4 . DNS [1] :
172 . 25 . 254 . 254
IP6 .ADDRESS[1] :
ip fea0 : : 5054 : ff : fe00 : b/64, gw :
=
=
=
Creating network connections with nmc li
=
-
-
-
-
-
:
W h e n creat i n g a new con n ection w i t h nmcli, t h e o rd e r of t h e a rg u m e n t s i s i m portant. T h e
c o m m o n a rg u m e nts a p p e a r f i rst a n d m u st i n c l u d e t h e t y p e a n d interface. N ext, spec ify a ny type­
specific a rg u m e nts and f i n a l l y spec ify the IP a d d ress, p refix, and gateway i nformat i o n . M u l t i p l e I P
a d d resses m a y b e specified for a s i n g l e d evice. A d d it i o n a l sett i n g s s u c h a s a D N S server a re set
as modificat i o n s once the connection e x i sts.
-
-
-
E xa m p l e s of c reat i n g new c o n n ec t i o n s
Fo l l ow a l o n g w i t h t h e n e x t steps w h i l e yo u r i n st r u ctor d i scusses n m c l i sy n t a x .
1.
Defi n e a n e w connection n a m e d "defa u l t " w h i c h w i l l a utoco n n ect a s a n E t h e r n et c o n n ect i o n
o n t h e et h O device u s i n g D H C P.
[ root@desktopX -]#
2.
nmcli con add con - name " default " t ype e t h e r n e t ifname ethe
C reate a new co n nection named "static" and spec ify t h e IP a d d ress and g ateway. Do not
a utoco n n ect.
[ root@desktopX -]#
nmcli con a d d con - n ame " s tatic " ifname e t h e a u t oconnect no type
e t h e r n e t ip4 172 . 25 . X . 10/24 gw4 172 . 25 . X . 254
3.
The syste m w i l l a utoco n n ect with the D H C P co n n ect i o n a t boot. C h a n g e to t h e stat i c
con n e c t i o n .
[ root@desktopX -]#
4.
-
-
-
-
-
nmcli c o n u p " s t atic "
C h a n g e b a c k to t h e D H C P co n n e ct i o n .
[ root@desktopX -]#
-
-
nmcli c o n u p " default "
-
272
R H 1 24- R H E L7-e n-1-20140606
-
-
-
-
M o d ify i n g n etwo r k inte rfa ces with nmcli
-
Important
-
I f t h e static c o n n ection is l ost, t h e defa u l t c o n n e c t i o n w i l l atte m pt to a utoco n nect. To
a d m i n istrat i ve l y d is a b l e a n i n t e rface a n d p revent a ny a utoco n n e ct i o n , use nmcli dev
disconnect DEVICENAME.
-
-
-
Type o p t i o n s
Type o p t i o n s depend o n t h e type used. A n e t h e r n et-ty pe c o n n ection may o pt i o n a l l y s pecify a
M AC a d d ress for t h e c o n n ection. A wifi-type c o n n ection m u st specify t h e 5 5 1 0 a n d m a y s pecify
a d d it i o n a l options. M a ny ot h e r types a re ava i l a b l e, i n c l u d i n g bridge, bond, tea m , VPN, and V L A N .
To view a l l t h e o p t i o n s , use nmcli c o n a d d help.
[root@desktopX -]# nmcli con a d d help
Usage : nmcli connection add { ARGUMENTS I help }
ARGUMENTS COMMON_OPTIONS TYPE_SPECIFIC_OPTIONS IP_OPTIONS
COMMON_OPTIONS :
type <type>
ifname <interface name> I " * "
[con- name <connection name>
[autoconnect yes l no]
[ save yes l no]
TYPE_SPECIFIC_OPTIONS :
ethernet :
[mac <MAC address>
[cloned -mac <cloned MAC address>
[mtu <MTU>
-
: =
-
-
-
-
-
-
-
Modifying network interfaces with nmcli
A n exist i n g c o n n e ct i o n m a y b e mod ified w i t h nmcli c o n mod a rg u m e nts. T h e a rg u m e nts a re
sets of key/va l u e p a i rs. The key i n c l u d es a sett i n g n a m e a n d a p rope rty n a me. U s e nmcli con
s how " < ID> " to see a l ist of c u rrent va l u es for a c o n n e c t i o n . The nm - s e t t in g s ( 5 ) man page
documents t h e sett i n g and property n a m e s and u s a g e.
[root@desktopX -]# nmcli con
connection . id :
connection . uuid :
connection . interface- name :
connection . type :
connection . autoconnect :
connection . timestamp :
connection . read-only :
-
-
-
-
-
static
f3e8dd32- 3c9d -48f6-9066-551e5b6e612d
eth0
802-3-ethernet
yes
1394905322
no
show " st a t ic "
E xa m p l es of c o n n e c t i o n m o d ificat i o n s
Fo l l ow along w i t h t h e n ext ste ps w h i l e you r i ns t r u ctor d i s c u sses nmcli syntax.
1.
Tu r n off autoco n n ect.
[ root@desktopX -]# nmcli con
mod " static " connect ion . autoconnect no
-
-
-
R H1 24- R H E L 7-en-1-20140606
273
-
-
C h a pter 1 1 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
-
2.
Specify a D N S server.
I [ root@desktopX -]# nmcli con mod
----
--
----- - --���
i
3.
__ _ _
Some confi g u ra t i o n a rg u me nts m a y h ave va l u es a d d e d o r remove d . Add a +/- sy m b o l i n
front o f t h e a rg u m e nt. A d d a seco n d a ry D N S server.
[ root@desktopX -]#
I
4.
" static " ipv4 . dn s 172 . 25 . X . 254
J
nmcli con mod " s t a t ic " +ipv4 . dn s 8 . 8 . 8 . 8
Repl ace t h e stat i c I P a d d ress a n d gateway.
I
[ root@desktopX -]#
L- ------- ---- --��-- --------'
5.
-
nmcli con mod " s tatic " ipv4 . ad d r e s s e s " 17 2 . 25 . X . 10/24
112 . 25 . x . 254 "
!
-
-
r- --- -1
-
-
Add a seco n d a r y IP a d d ress w i t h o u t a gateway.
I [ root@desktopX -]# nmcli con mod
l.
-
" st a t i c " +ipv4 . ad d r e s s e s 10 . 10 . 10 . 10/16
_ _ _ _ _ _ __________
-
Important
T h e nmcli con mod w i l l save t h e sett i n g to t h e config u ra t i o n f i l es. To act ivate t h e
c h a nges, t h e c o n n e c t i o n n e e d s to b e activated o r react ivated.
[ root@desktopX -]#
-
nmcli con u p " s t atic "
Summary of nmcli commands
-
-
B a s i c device a n d con n e c t i o n com m a n d s for nmcli:
nmcli
-
commands
-
Command
Use
n m c l i dev status
L i st a l l d evices.
n m c l i con s h ow
L i st a l l c o n n e ct i o n s .
n m c l i con u p " < I D>"
Activate a c o n n e ct i o n .
n m c l i con d o w n " < I D > "
Deact ivate a c o n n e c t i o n . T h e con nect i o n w i l l resta rt i f
a utoco n n ect i s yes.
n m c l i dev d i s < D EV>
B r i n g down a n i nte rfa ce and tem pora r i l y d i s a b l e a utocon nect.
n m c l i net off
D i sa b l e a l l m a n a g e d i nte rfaces.
n m c l i con a d d . . .
Add a n e w c o n n e ct i o n .
n m c l i c o n m o d " < I D> " . . .
M o d ify a co n n e ct i o n .
nmcli con del "<I D>"
D e l ete a co n ne ct i o n .
-
-
-
-
-
-
274
R H 1 24- R H E L 7 - e n -1-20140606
-
-
-
-
S u m m a ry of nmcli com m a n d s
-
k?S-J
<
-
�'
Note
T h e nmcli c o m m a n d a l s o h a s a n i nt e ractive edit m o d e. For a g ra p h i c a l i nte rfa ce, use
n m - c o n n e c t io n - ed i t o r .
-
-
References
nmcli(1 ), nmcli - examples(S), a n d nm - s e t t in g s ( S ) m a n p a g es
-
-
A d d i t i o n a l i nfo r m a t i o n m a y be a v a i l a b l e i n t h e sect i o n o n u s i n g t h e N etwo r k M a n a g e r
c o m m a n d l i n e t o o l n m c l i i n t h e Red Hat Enterprise Linux Networking Guide for Red H a t
E nterprise L i n u x 7, w h i c h c a n b e fo u n d a t
http://docs.re d h a t.com/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en - 1 -20 1 40606
275
-
-
C h a pte r 1 1 . M a n a g i n g Red Hat Enterprise L i n u x N etwo r k i n g
P ra ct i ce: Config u ri n g N etwo r k i n g wit h nmcli
-
-
Guide d exercise
-
I n t h i s l a b , you w i l l confi g u re n etwo r k sett i n g s u s i n g nmcli.
Outcomes:
-
Convert a system from DHCP to static confi g u ra t i o n .
Before you begin. . .
-
R e s e t yo u r serverX system.
D 1.
View network sett i n g s using nmcli.
D 1 .1 .
D 1.2.
D 1 .3.
D 1 .4.
276
-
S h ow a l l connections.
[student@serverx -]$ nmcli c o n show
NAME
DEVICE
TYPE
UUID
System eth0 5fb06bd0-0bb0-7ffb-45f1-d6edd65f3e03 802-3-ethernet eth0
-
D i s p lay all confi g u ra t i o n sett i n g s for t h e active c o n n ec t i o n .
[student@serverx -]$ nmcli
connection . id :
connection . uuid :
d6edd65f3e03
connection . interface-name :
connection . type :
connection . autoconnect :
connection . timestamp :
connection . read-only :
connection . permissions :
IP4 . ADDRESS [1] :
172 . 25 .X. 254
IP4 . DNS[1] :
IP4 . DOMAIN [1] :
S how device status.
[student@serverX
DEVICE TYPE
eth0 ethernet
lo
loopback
-
System eth0
5fb06bd0-0bb0- 7ffb-45f1eth0
802-3-ethernet
yes
1394813303
no
con show " System e t h a "
ip 172 . 25 .X . 11/24, gw
172 . 25 . 254 . 254
example . com
=
-
-
=
-
-
-]$ n m c l i dev s t a t u s
CONNECTION
STATE
connected System eth0
unmanaged
-
-
D i s p l a y t h e sett i n g s for t h e et h O device.
[student@serverX -]$
GENERAL . DEVICE :
GENERAL . TYPE :
GENERAL . HWADDR :
GENERAL . MTU :
GENERAL . STATE :
nmcli dev show eth0
eth0
ethernet
52 : 54 : 00 : 00 : 00 : 06
1500
100 ( connected )
R H 1 24- R H E L7-en-1 -20140606
-
-
-
-
-
-
-
G u i d e d exercise
GENERAL . CONNECTION :
GENERAL . CON-PATH :
Activeconnection/1
WIRED- PROPERTIES . CARRIER :
IP4 . ADDRESS[1] :
172 . 25 .X. 254
IP4 . DNS [l] :
IP4 . DOMAIN [l] :
IP6 . ADDRESS [l] :
-
-
-
=
______.
D 2.
-
C reate a sta t i c con nect i o n with t h e same 1 Pv4 a d d ress, netwo r k prefix, and defa u l t
g ateway. N a m e t h e n e w co n n ection static-ethO.
[ student@serverX -]$ sudo nmcli con add con - name " s tatic - et h 0 " ifname eth0 type
ethernet ip4 172 . 25 . X . 11/24 gw4 172 . 25 . X . 254
Connection ' static-eth0 ' ( f3e8dd32- 3c9d -48f6- 9066-551e5b6e612d ) successfully
added .
-
D 3.
_.,
-
=
L_
-
-
System eth0
/org/freedesktop/NetworkManager/
on
ip 172 . 25 .X. 11/24, gw
172 . 25 . 254 . 254
example . com
ip fe80 : : 5054 : ff : fe00 : b/64, gw
D 4.
j [student@serverX -]$
M o d ify the new c o n n ecti o n to add t h e D N S sett i n g .
�----
s u d o nmcli con m o d " st a t ic - et h0 " ipv4 . dn s 172 . 25 . 254 . 254
D i s p l a y a n d a c t i vate t h e new c o n n e c t i o n .
D 4.1 . V i ew a l l c o n n e c t i o n s.
[student@serverX -]$ nmcli con show
UUID
DEVICE
NAME
TYPE
static-eth0 f3e8dd32-3c9d -48f6-9066-551e5b6e612d 802-3-ethernet
System eth0 5fb06bd0-0bb0- 7ffb-45fl-d6edd65f3e03 802-3-ethernet eth0
-
-
D 4 . 2 . V i ew t h e a c t i v e connection.
-
[ student@serverX -]$ nmcli c o n show - - ac t ive
System eth0 5fb06bd0-0bb0- 7ffb-45fl-d6edd65f3e03 802-3-ethernet eth0
-
D 4 . 3 . Activate t h e new c o n n e c t i o n .
[ student@serverX -]$ s u d o nmcli con u p " static - et h 0 "
Connection successfully activated ( D - Bus active path : /org/freedesktop/
NetworkManager/Activeconnection/3 )
-
-
D 4.4. View t h e active connection.
[student@serverX -]$ nmcli con show - - ac t ive
UUID
TYPE
DEVICE
NAME
static-eth0 f3e8dd32-3c9d -48f6-9066-551e5b6e612d 802-3-ethernet eth0
-
L_
-
__ ___��--
-
D 5.
Test the co n n ectivity u s i n g the new network a d d resses.
D 5.1 .
Ve rify t h e I P a d d ress.
-
-
-
R H1 24- R H E L7-en-1-20140606
277
-
-
C h a pter 1 1 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
[student@serverx - ] $ ip add r show ethG
2 : eth0 : <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast
UP qlen 1000
link/ether 52 : 54 : 00 : 00 : 00 : 0b brd ff : ff : ff : ff : ff : ff
inet 172 . 25 .X. 11/24 brd 172 . 25 .X. 255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80 : : 5054 : ff : fe00 : b/64 scope link
valid_lft forever preferred_lft forever
-
-
-
-
D 5.2. Ve rify t h e defa u l t g ateway.
[student@serverX - ] $ ip route
default via 172 . 25 .X. 254 dev eth0 proto static metric 1024
172 . 25 .X. 0/24 dev eth0 proto kernel scope link src 172 . 25 .X . 11
-
-
D 5.3. P i n g t h e D N S a d d ress.
[student@serverx - ] $ ping - c3 172 . 25 . 254 . 254
PING 172 . 25 . 254 . 254 ( 172 . 25 . 254 . 254} 56( 84} bytes of data .
64 bytes from 172 . 25 . 254 . 254 : icmp_seq=1 ttl=64 time=0 . 419 ms
64 bytes from 172 . 25 . 254 . 254 : icmp_seq=2 ttl=64 time=0 . 598 ms
64 bytes from 172 . 25 . 254 . 254 : icmp_seq=3 ttl=64 time=0 . 503 ms
- - - 172 . 25 . 254 . 254 ping statistics - - 3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0 . 419/0 . 506/0 . 598/0 . 077 ms
D 6.
-
-
Config u re the o ri g i n a l co n n ection so that it does n ot sta rt at boot a n d verify t h a t t h e
stat i c con nect i o n i s used w h e n t h e system reboots.
-
D 6.1 .
-
D i sa b l e t h e o r i g i n a l c o n n e c t i o n f r o m a u tosta rt i n g at boot.
[student@serverx - ] $ sudo nmcli
> connection . autoconnect no
con mod " System eth0" \
D 6.2. Re boot t h e system.
I
I
[ student@serverX
-
-
- ] $ reboot
-
D 6.3. V i ew t h e a ct ive c o n n e c t i o n .
[ student@serverx - ] $ nmcli con show - - ac t ive
NAME
DEVICE
TYPE
UUID
static- eth0 f3e8dd32-3c9d -4Bf6-9066-551e5b6e612d 802-3-ethernet eth0
-
-
-
-
-
27 8
RH124- R H E L 7 - e n -1-20140606
-
-
-
-
Edit i n g N etwork Confi g u ration F i l es
-
Ed it i n g N etwo rk Confi g u rat i o n F i l es
-
Objectives
-
After co m p l et i n g t h i s sect i o n , s t u d e nts s h o u l d be a b l e to m o d ify n etwork sett i n g s by e d i t i n g t h e
confi g u ra t i o n f i l es.
-
Modifying network configuration
It is a l so poss i b l e to confi g u re t h e n etwork by e d i t i n g i nterface config u ra t i o n f i l es. I nte rface
confi g u ra t i o n f i l es control the softwa re i nte rfaces for i n d iv id u a l n etwo rk devices. These files a re
u s u a l l y n a m ed /et c/sysconfig/netwo r k - sc r i p t s/ifc f g - < n ame>, w h e re < n a m e > refers
to the n a m e of the device o r c o n n ec t i o n t h a t t h e confi g u ra t i o n f i l e controls. The fo l l owing a re
sta n d a rd va r i a b l es fo u n d i n t h e f i l e used for static or d y n a m i c confi g u ra t i o n .
-
-
Configuration Options for
-
-
-
i fcfg
File
Static
Dynamic
Either
BOOTPROTO=none
BOOTPROTO=dhcp
DEVICE=eth0
I PADDR0=172 . 25 . X . 10
NAME= " System e t h0 "
PREF IX0=24
ON BOOT=yes
GATEWAY0=172 . 25 . X . 254
U U I D=f3e8dd32 - 3 . . .
D E FROUTE=yes
USERCT L=yes
DNS1=172 . 25 . 254 . 254
-
-
In the stat i c sett i n g s , va r i a b l es for I P a d d ress, p refi x , a n d g ateway have a n u m be r at t h e e n d . T h i s
a l l ows m u l t i p l e s e t s of va l u es to b e a s s i g n e d to t h e i nt e rface. The D N S va r i a b l e a l so h a s a n u m be r
w h i c h i s u s e d t o spec ify t h e o r d e r of l o o k u p w h e n m u l t i p l e se rvers a re s p e c ified.
-
Afte r m o d ify i n g t h e config u ra t i o n f i les, r u n nmcli con reload to m a ke Netwo r k M a n a g e r rea d
t h e config u ra ti o n c h a nges. T h e i nte rfa ce st i l l needs t o b e resta rted fo r c h a n g es t o ta ke effect.
( root@serverx -]#
[ root@serverX -]#
( root@serverX -]#
-
nmcli con reload
nmcli con down " System e t h a "
nmcli c o n u p "System eth0 "
-
R
-
-
References
nmcli(1) m a n page
A d d i t io n a l information m a y b e ava i l a b l e i n t h e c h a pt e r o n confi g u r i n g netwo r k i n g i n
t h e Red Hat Enterprise Linux Networking Guide f o r Red H a t E n t e r p r i s e L i n u x 7, w h i c h
c a n b e fou n d a t
http://d oc s . red h a t .com/
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
279
-
-
C h a pter 1 1 . M a n a g i n g Red Hat Enterprise L i n u x N etwo r k i n g
-
P ract i ce: Ed it i n g N etwo rk Confi g u ra t i o n Fi l es
-
Guide d exercise
-
I n t h i s l a b , you w i l l edit netwo r k config u ra t i o n f i l es.
-
Outcomes:
A n a d d i t i o n a l n etwo r k a d d ress added to each syst e m .
-
Before you begin. . .
R e s e t yo u r s e r v e r X a n d d e s ktopX syste ms.
D 1.
-
As t h e root user, edit t h e / e t c / sysconfig/netwo r k - s c ri p t s /ifcfg - et h 0 o n
s e rverX to a d d a n a d d i t i o n a l a d d ress o f 10 . 0 . X . 1/24.
D 1 .1 .
-
A p p e n d a n e n t ry to t h e f i l e to specify t h e 1 Pv4 a d d ress.
[ root@serverx
- ] # echo " I PADDR1=19 . 9 . X . 1 " >> /etc/sysconfig/netwo r k ­
scripts/ifcfg - e t h e
D 1.2.
-
A p p e n d a n e n t ry to t h e file to s pe c i fy t h e network p ref i x .
[root@serverx
-- - -· --� - � - ------ ·
- ] # echo " PREFIX1=24"
ifcfg - e t h a
D 2.
-
»
/etc/sysconfig/netwo r k - s c r i p t s /
-
Activate t h e new a d d ress.
D 2.1 .
-
R e l o a d t h e config u rat i o n c h a n ges.
I [ root@serverx - ] #
i
-
nmcli con reload
D 2.2. Resta rt t h e c o n n e c t i o n w i t h t h e new sett i n g s .
D 3.
I
[ root@serverx
-
- ] # nmcli· c o n u p " s y s te m e t h a "
_____ ______
_______________
___.
A s the root user, e d it the / e t c / sysconfig/netwo r k - sc ript s/ifcfg - e t h 0 on
desktopX to add an a d d it i o n a l a d d ress of 10 . 0 . X. 2/24 a n d l o a d t h e new confi g u ra t i o n .
D 3.1 .
-
-
M odify t h e f i l e t o a d d t h e 1 Pv4 a n d n etwork p refix.
[ root@desktopX - ] #
scripts/ifcfg - e t h e
[ root@desktopX - ] #
L
e c h o " I PADDR1=10 . 0 . X . 2 " >> /etc/sysconfig/netwo r k ­
e c h o " P REFIX1=24 " >> /etc/sysconfig/netwo r k - s c ripts/
ifcfg - et h e
-
-
______ .
D 3.2. Reload t h e config u ra t i o n c h a nges.
[ root@desktopX
-
- ] # nmcli con reload
-
280
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
G u i d e d exercise
-
D 3.3. B r i n g u p t h e connection w i t h t h e n ew sett i n g s .
I
-
-
D 4.
-
-
� ] # nmcli con up " System e t h 0 "
Test t h e c o n n ect ivity u s i n g t h e new network a d d resses.
D 4.1 .
-
[ root@desktopX
O n serverX, verify t h e I P a d d ress.
I
[ root@serverX
- ] # ip add r
D 4.2. O n serverX, p i n g t h e new a d d ress of d e s ktopX.
I
[ root@serverX
I
[ root@desktopX
- ] # ping 10 . 0 . x . 2
D 4.3. O n d es ktopX, verify t h e I P a d d ress.
-
-
-
- ] # ip add r
D 4.4. O n d e s ktopX, p i n g t h e n e w a d d ress o f serverX.
[ root@desktopX
-]# p i n g 10 . 0 . x . 1
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-en-1 -20140606
2 81
C h a pter 11. M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
Confi g u ri n g H ost N a mes a n d N a m e Reso l ut i o n
Objectives
After co m p l e t i n g t h i s sect i o n , students s h o u l d be a b l e to confi g u re a n d test system host n a m e
a n d n a m e reso l ut i o n .
Changing the syste m host name
The hos t n ame com m a n d d i s p l ays o r t e m p o ra r i l y m o d i fies t h e syste m ' s f u l l y q u a l ified host n a m e.
[ root@desktopX -]# host n ame
desktopX . example . com
A static h ost n a m e m a y be specified i n the / e t c / h o s t name f i l e. The hos t n amec t l c o m m a n d
i s used to mod ify t h i s f i l e a n d may be used t o view t h e sta t u s of t h e syst e m ' s f u l l y q u a l ified host
n a me. I f t h i s f i l e does not exist, the host n a m e i s set by a reverse DNS q u e r y o n ce the i nte rfa ce
has an IP a d d ress a ss i g n e d .
[ root@desktopX -]# host namec tl set - host name desktopX . example . com
[ root@desktopX -]# host namec tl s t a t u s
Static hostname : desktopX . example . com
Icon name : computer
Chassis : n/a
Machine ID : 9f6fb63045a845d79e5e870b914c61c9
Boot ID : aa6c3259825e4b8c92bd0f601089ddf7
Virtualization : kvm
Operating System : Red Hat Enterprise Linux Server 7 . 0 ( Maipo)
CPE OS Name : cpe : /o : redhat : enterprise_linux : 7 . 0 : beta : server
Kernel : Linux 3 . 10 . 0-97 . el7 . x86_64
Architecture : x86_64
[ root@desktopX -]# cat /etc/host name
desktopX . example . com
'
Important
The static host n a m e is stored i n / e t c / h o s t n ame. P revious vers i o n s
of Red H a t Ente r p r i s e L i n u x stored t h e h o s t n a m e a s a va r i a b l e i n t h e
/ etc / sysconfig/netwo r k f i l e.
Configuring name resolution
T h e stub resolver is u s e d to co nvert host n a m e s to I P a d d resses or t h e reverse. T h e contents of
t h e f i l e /etc/hos t s a re c h e c ked fi rst.
[ root@desktopX -]# cat /etc/ho s t s
127 . 0 . 0 . 1
localhost localhost . localdomain localhost4 localhost4 . localdomain4
: :1
localhost localhost . localdomain localhost6 localhost6 . localdomain6
172 . 25 . 254 . 254 classroom . example . com
172 . 25 . 254 . 254 content . example . com
282
R H 1 24- R H E L 7-e n-1-20140606
-
-
-
Confi g u r i n g n a m e reso l ut i o n
-
The g e t e n t hos t s hos tname c o m m a n d c a n be u s e d to t e s t host n a m e reso l ut i o n with t h e
/ e t c / ho s t s fi l e.
-
I f a n e n t ry is not fo u n d i n t h a t f i l e, t h e stub reso lver l o o ks for t h e i nfo rmation from a D N S
n a m ese rve r. T h e / e t c / resolv . c o n f f i l e contro l s h o w t h i s q u e ry is d o n e:
•
n amese rve r: t h e I P a d d ress of a n a m ese rver to q u e ry. U p to t h ree n a meserver d i rectives m a y
be g iven to provide b a c k u p s i f o n e i s d o w n .
•
sea r c h : a l ist o f d o m a i n n a m es to try with a s h o rt host n a m e. Both t h i s a n d domain s h o u l d
n o t b e s e t i n t h e s a m e f i l e ; i f t h ey a re, t h e l a st i n stance w i ns. S e e resolv . conf(5) f o r d eta i l s.
[ root@desktopX - ] # cat /etc/resolv . conf
Generated by NetworkManager
domain example . com
search example . com
nameserver 172 . 25 . 254 . 254
-
#
-
-
N etwo r k M a n a g e r w i l l u p d ate the / e t c / r esolv . conf f i l e u s i n g D N S sett i n g s in the c o n n e c t i o n
confi g u ra t i o n f i l es. U s e t h e n m c l i to mod ify t h e connections.
[ root@desktopX
I [ root@desktopX
I [ root@desktopX
[ root@desktopX
-
.-- ������
!
i
-
I
L
-
[ root@desktopx
-
-
The host
-
-
j
- ] # nmcli con mod ID +ipv4 . dn s IP
HOSTNAME
c o m m a n d c a n b e used to test D N S server c o n n ect i vity.
[ root@desktopX - ] # host class room . example . com
classroom . example . com has address 172 . 25 . 254 . 254
[ root@desktopX - ] # host 172 . 25 . 254 . 254
254 . 254 . 25 . 172 . in-addr . arpa domain name pointer classroom . example . com .
-
-
.������
nmcli con mod ID ipv4 . dn s IP
nmcli con down ID
nmcli con up ID
cat /etc/sysconfig/networ k - sc ript s/ifcfg - ID
The defa u l t behavior of nmcli con mod I D ipv4 . d n s I P i s to re p l ace any prev i o u s D N S
sett i n g s w i t h t h e n e w I P l i st prov i d e d . A +/- sy m bo l i n front o f t h e ipv4 . dns a rg u m e n t w i l l a d d
o r remove a n i n d i v id u a l ent ry.
-
-
;;�1"8. B B. B
-]#
-] #
-] #
-]#
9
Important
I f D H C P is i n use, / e t c / re solv . conf is a utomatica l l y rew ritten a s inte rfaces a re
sta rted, u n l ess you s pecify P E ERDNS=no i n t h e rel eva n t i nterface config u ra t i o n f i l es.
The c h a n g e can b e m a d e w i t h nmcli.
[ root@desktopX
- ] # nmcli con mod "System eth0 " ipv4 . ignore - au t o - d n s yes
-
-
-
R H1 24- R H E L 7-en-1-20140606
283
-
-
C h a pter 1 1 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
-
References
R
"'· -�·
nmcli(l ), host namec t l(l), hos t s ( 5 ) , g e t e n t (l ) , host(l), a n d r esolv . conf(5) m a n
pages
A d d i t i o n a l i nfo r m a t i o n may b e a va i l a b l e i n t h e c h a pter o n config u ri n g host n a mes in
t h e Red Hat Enterprise Linux Networking Guide for Red H a t Enterprise Linux 7, w h i c h
c a n b e fou n d a t
http ://d o cs.red h a t.com/
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
284
R H1 24- R H E L7-en-1-20140606
-
-
-
-
Practice: Confi g u r i n g Host N a m es a n d N a m e Reso l ut i o n
-
-
P ra ct i ce: Co nfi g u ri n g H ost N a mes a n d N a m e
Reso l ut i o n
-
Guide d exercise
-
I n t h i s l a b, you w i l l config u re t h e system host n a m e a n d n a m e reso l ut i o n .
O ut c o m e s :
C u sto m ized host n a m e and name reso l ut i o n sett i n g s.
Before you begin ...
-
Reset your serverX syst e m .
0 1.
View t h e c u rrent h o s t n a m e sett i n gs.
0 1 .1 .
-
D i s p l a y t h e cu rrent host n a me.
[student@serverx -]$
serverX. example . com
-
0 1 .2.
-
D i s p l a y t h e h ost name status.
[ student@serverx -]$ host name c t l s t a t u s
Static hostname : n/a
Transient hostname : serverX. example . com
Icon name : computer
Chassis : n/a
Machine I D : 9f6fb63045a845d79e5e870b914c61c9
Boot ID : d4ec3a2e8d3c48749aa82738c0ea946a
Operating System : Red Hat Enterprise Linux Server 7 . 0 ( Maipo )
CPE OS Name : cpe : /o : redhat : enterprise_linux : 7 . 0 : beta : server
Kernel : Linux 3 . 10 . 0-97 . el7 . x86_64
Architecture : x86_64
-
-
-
-
-
-
-
-
0 2.
host n ame
L
�������
Set a sta t i c h ost n a m e to match t h e c u r re n t t ra ns i e n t host n a me.
0 2.1 . C h a n g e t h e host n a m e a n d host n a m e config u ration f i l e. R e p l a c e t h e X w i t h your
stat i o n n u m be r a n d m atch t h e o u t p u t of t h e p rev i o u s step.
I [student@serverx -]$ s u d o h o s t namec tl set - host name se rve rX . example . com
I
0 2.2. V i ew t h e conf i g u ra t i o n f i l e prov i d i n g t h e h ost n a m e at network start.
L
[student@serverx -]$
serverX. example . com
cat /etc/host name
0 2.3. D i s p l a y the host n a m e sta t u s .
-
-
-
-
[student@serverX -]$ host namec tl s t a t u s
Static hostname : serverX. example . com
Icon name : computer
R H1 24- R H E L 7-en-1 -20140606
285
-
-
C h a pter 1 1 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
Chassis :
Machine ID :
Boot ID :
Operating System :
CPE OS Name :
Kernel :
Architecture :
D 3.
n/a
9f6fb63045a845d79e5e870b914c61c9
d4ec3a2e8d3c48749aa82738c0ea946a
Red Hat Enterprise Linux Server 7 . 0 { Maipo )
cpe : /o : redhat : enterprise_linux : 7 . 0 : beta : server
Linux 3 . 10 . 0-97 . el7 . x86_64
x86_64
Te m p o ra r i l y c h a n g e the host n a m e.
D 3.1 .
-
-
-
-
C h a n g e t h e h ost n a m e.
[student@serverx
r--·����---,
- ] $ sudo host name tes tname
D 3.2. D i s p l ay t h e c u rrent host n a m e.
[student@serverx
test name
1 [student@serverX
-
-
- ] $ host name
-
D 3.3. V i ew the confi g u ra t i o n f i l e p rov i d i n g the host n a m e at n etwo r k sta rt.
-
serverx. example . com
- ] $ cat /etc/ho s t n ame
L___·����--'
D 3.4. Re boot t h e syste m.
I [ student@serverX - ] $
-
reboot
-
D 3.5. D i s p l a y t h e c u rrent host n a m e.
[ student@serverx - ] $
serverX. example . com
D 4.
host name
-
Add a loca l n i c k n a m e for the c l a ss room server.
D 4.1 .
-
Look u p t h e I P a d d ress of t h e c l a s s ro o m .exa m p l e.com.
[ student@serverx - ] $ host clas s r oom . example . com
classroom . example . com has address 172 . 25 . 254 . 254
-
-
D 4.2. M o d ify / e t c /hos t s so t h a t the n a m e class has the I P a d d ress 172.25.254.254
a n d can b e used to com m u n i cate w i t h c l a s s room.exa m p l e.co m .
[ student@serverx - ] $ sudo v i /et c/host s
[ student@serverX - ] $ cat /etc/host s
127 . 0 . 0 . 1 localhost localhost . localdomain localhost4
localhost4 . localdomain4
: :1
localhost localhost . localdomain localhost6
localhost6 . localdomain6
172 . 25 . 254 . 254 classroom . example . com class
-
-
-
-
286
R H 1 24- R H EL 7-en-1-20140606
-
-
-
-
G u i d e d exercise
-
-
-
-
172 . 25 . 254 . 254 content . example . com
D 4.3. Look up the I P a d d ress of the c l ass.
[student@serverX - ] $ host class
Host class not found : 2 (SERVFAIL)
[student@serverX - ] $ getent hosts class
172 . 25 . 254 . 254 classroom . example . com class
l
D 4.4. Ping c l ass.
-
-
-
-
[student@serverX - ] $ p i n g - c3 class
PING classroom . example . com ( 172 . 25 . 254 . 254) 56( 84 ) bytes of data .
64 bytes from classroom . example . com ( 172 . 25 . 254 . 254 ) : icmp_seq=1 ttl =64
time=0 . 397 ms
64 bytes from classroom . example . com ( 172 . 25 . 254 . 254 ) : icmp_seq=2 ttl=64
time=0 . 447 ms
64 bytes from classroom . example . com ( 172 . 25 . 254 . 254 ) : icmp_seq=3 ttl=64
time=0 . 470 ms
- - - classroom . example . com ping statistics - - 3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0 . 397/0 . 438/0 . 470/0 . 030 ms
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-en-1 -20140606
2 87
-
-
C h a pt e r 1 1 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
-
L a b: M a n a g i n g Red H at E nt e r p r i se L i n ux
N etwo r k i n g
-
-
Performance checklist
I n t h i s l a b , you w i l l config u re b a s i c 1 Pv4 n etwo r k i n g on Red H a t Enterprise L i n u x systems.
-
Outcomes:
-
T h e p r i m a ry i nte rface h a s two sta t i c I Pv4 a d d resses confi g u re d .
Before you begin. . .
Reset you r desktopX syst e m .
1.
-
C reate a new connect i o n with a static n etwo rk c o n n e c t i o n u s i n g t h e sett i n g s i n t h e ta b l e. B e
s u re to re p l a ce t h e X w i t h t h e correct n u m be r for you r systems.
Para m eter
Sett i n g
Connection name
lab
I P a d d ress
172.25.X.1 0/24
Gateway a d d ress
172.25.X.254
D N S a d d ress
172 .25.254.254
-
-
2.
Conf i g u re t h e n e w c o n n e c t i o n to b e a u tostarted. O t h e r c o n n e c t i o n s s h o u l d n o t start
a ut o m a t i ca l l y.
3.
M o d i fy the new c o n n e c t i o n so that it a l so uses the a d d ress 1 0.0.X.1 /24.
4.
Confi g u re t h e hos t s f i l e so t h a t 1 0.0.X.1 can be refere nced as " pr i vate " .
5.
Reboot t h e system , t h e n r u n l a b netwo r k g r ad e to verify sett i n g s .
-
-
-
-
-
-
-
-
-
-
288
R H 1 24- R H E L7 - e n -1-20140606
-
-
Solution
Solution
I n t h i s l a b , you w i l l c o n f i g u re b a s i c 1 Pv4 n etwor k i n g o n Red H a t Enterprise L i n u x system s.
Outcomes:
The p r i m a ry i nterface h a s two stat i c 1 Pv4 a d d resses config u re d .
Before you begin ...
Reset you r d e s ktopX system.
1.
C reate a new con nection with a sta t i c n etwork c o n n ection u s i n g the sett i n g s in the t a b l e. Be
s u re to r e p l a ce the X with the correct n u m b e r for your systems.
Parameter
Setti n g
Con nection n a m e
lab
I P a d d ress
172.25.X.1 0/24
Gateway a d d ress
172.25.X.254
D N S a d d ress
172.25.254.254
[ r o o t@d e s k t o p X - ] # nmcli con add con - name lab ifname etho type ethe rnet ip4
172 . 25 . X . 10/24 gw4 172 . 25 . X . 254
[ r oot@d e s k t o p X - ] # nmcli con mod " la b " ipv4 . dns 172 . 25 . 254 . 254
2.
Confi g u re the new connection to be a utosta rted. Other connections s h ou l d not sta rt
a u t o m a t i ca l l y.
[ r o o t@d e s k t opX - ] # nmcli con mod " lab" connection . autoconnect yes
[ r oot@d e s k t o p X - ] # nmcli con mod "System ethO" connection . autoconnect no
3.
M od ify the new c o n nection so that it a l so uses the a d d ress 1 0.0.X.1 /24.
[ r oot@d e s k topX - ] # nmcli con mod " lab" +ipv4 . addresses 10 . 0 . X . 1/24
Or a ltern ately:
[ root@d e s k t o pX - ] # echo " I PADDR1=10 . 0 . X . 1 " » /etc/sysconfig/netwo r k - s c ripts/ifcfg ­
lab
[ r oot@d e s k t opX - ] # echo " PREFIX1=24" >> /etc/sysconfig/netwo r k - sc ripts/ifcfg- lab
4.
Confi g u re t h e host s file so t h at 1 0.0.X.1 ca n be refe renced as " p riva t e " .
[ r oot@d e s k t o p X - ] # echo " 10 . 0 . X . 1 privat e " > > /etc/hosts
5.
Re boot t h e system, then run lab ne two r k g rade to verify sett i ngs.
[ r o o t @d e s k t op X - ] # lab netwo r k g rade
R H1 24-RH EL 7-en-1-2 0140606
289
-
-
C h a pte r 11 . M a n a g i n g Red H a t Enterprise L i n u x N etwo r k i n g
-
S u m m a ry
-
N etwo r k i n g Concepts
L ist feat u res of computer netwo r k i n g .
-
Va l i d a t i n g N etwork Config u ra ti o n
U s e b a s i c u t i l ities to dete r m i n e c u rrent n etwork confi g u ra t i o n .
-
Confi g u r i n g N etwo r k i n g with nmcli
M a n a g e n etwo r k d evices w i t h com m a n d - l i n e u t i l ities.
Edit i n g N etwo r k Confi g u ra t i o n F i l e s
M od ify n e t w o r k confi g u rati o n f i l es.
-
Config u r i n g H ost N a mes and N a m e Reso l ut i o n
D i s p l ay a n d c h a n g e system host n a m e a n d n a m e res o l ution confi g u ra t i o n .
-
-
-
-
-
-
-
-
-
-
-
-
290
R H 1 24- R H E L7-en-1-20140606
-
®
red h at
TRAINING
®
C H A PT E R 1 2
ARCHIVI N G AND COPYI NG FI LES
BETWEEN SYSTEMS
Overview:
Goal
To a rch ive a n d copy files from o n e system to a n o t h e r.
Objectives
•
U se t a r to create new c o m p ressed a rc hive files a n d extract
files from e x i s t i n g arch ive fi les.
•
Copy files securely to o r from a remote system r u n n i n g
sshd.
•
Secure l y synchro n ize t h e contents of a l o c a l f i l e or
d i rectory with a remote copy.
Sections
•
M a n a g i n g Compressed t a r Arc h i ves (and P ra c t i ce)
•
Copying F i l es Between Systems Securely (a n d Pra ct ice)
•
Sync h ro n i z i n g Files Between Systems S e c u re l y (and
Pract ice)
Lab
R H 1 24 - R H E L7 -en-1-20140606
•
Archiving a n d Copy i n g F i l es Between Systems
2 91
-
-
C h a pt e r 1 2 . A rc h i v i n g a n d Copy i n g F i l es Betwe e n Syste ms
-
M a n a g i n g Co m p ressed ta r A rc h ives
-
Objective
Aft e r com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to u s e t a r to create new co m p ressed
a rc h ive f i l es and extract files from e x i st i n g a rc h ive f i l es.
-
-
What is tar?
A r c h i v i n g a n d com press i n g f i l es a re usefu l w h e n c reat i n g b a c k u p s a n d t ra n sfe r r i n g data a c ross a
network. O n e of t h e o l d est a n d most c o m m o n co m m a n d s for c rea t i n g a n d w o r k i n g w i t h b a c k u p
a rc h i ves is t h e t a r co m m a n d .
-
W i t h t a r , users can g a t h e r l a rg e s e t s o f f i l es i nto a s i n g l e f i l e (a rc h i ve). T h e a rc h ive ca n b e
c o m p ressed u s i n g gzip, bzip2, o r xz c o m pres s i o n .
-
T h e t a r c o m m a n d can l ist t h e c o n t e n t s of a rc h ives o r extra c t t h e i r f i l e s to t h e c u rrent syste m .
E xa m p l es o f h o w to use t h e t a r c o m m a n d a re i n c l u d e d i n t h i s sect i o n .
-
Operate the t a r com mand
-
To use the tar co m m a n d , one of the t h re e fo l l ow i n g a c t i o n s is req u i re d :
·
c (create a n a rc h i ve)
·
t ( l ist t h e conte nts of an a rc h ive)
•
x (extract an a rc h ive)
-
-
-
Co m m o n l y used options a re :
·
f fil e name (fi l e n a m e of t h e a rc h ive to operate o n )
·
v (ve rbos ity; u s e f u l to see w h i c h f i l e s g et a d d e d to o r extracted from t h e a rc h ive)
-
-
Note
A l e a d i n g - is not req u i re d for ta r o p t i o n s.
-
Archive files and directories with t a r
-
Before creat i n g a tar arch ive, verify t h a t t h e re is no ot h e r a rc h ive i n t h e d i rectory w i t h t h e s a m e
n a m e as t h e new a rch ive to be c reated. T h e t a r co m m a n d w i l l ove rwrite a n exist i n g a rc h ive
w i t h o u t a ny feed back.
T h e fi rst option to use when c reat i n g a new a rc h ive i s t h e c o pt i o n , fo l l owed by t h e f o pt i o n , t h e n
a s i n g l e spa ce, t h e n t h e f i l e n a m e of t h e a rc h ive to be c reated , a n d f i n a l l y t h e l i st o f f i l e s a n d
d i rectories t h a t s h o u l d g e t a d d e d to t h e a rc h ive. T h e a rc h i ve i s c reated i n t h e c u rrent d i rectory
u n l e s s specified otherwi se.
-
-
-
In the fo l l ow i n g exa m p l e, an a rchi ve n a m e d a rch ive . tar i s c reated with the contents of f i l e1 ,
f i l e 2 , a n d f i l e3 i n t h e u s e r ' s h o m e d i recto ry.
-
292
R H 1 24- R H E L7-en-1-20140606
-
-
-
List contents of a tar a rc h ive
-
-
-
-
[user@host - ] #
[user@host - ] #
archive . tar
t a r cf archive . t a r file1 file2 file3
ls archive . t a r
Note
W h e n a rc h i v i n g f i l e s by a bso l ute path n a m es, t h e l e a d i n g I of t h e p a t h is re m oved from
t h e f i l e n a m e by defa u lt. T h i s h e l ps avoid m i stakes w h i c h cou l d c a u s e i m p o rt a n t f i l es to
b e ove rwritten . F i l es are n o rm a l l y ext ra cted re l a t ive to the c u rrent work i n g d i recto ry of
t h e ta r c o m m a n d .
-
-
-
-
-
-
-
Fo r t a r to be a b l e to a rc h ive t h e s e l ected f i l es, it i s m a n datory t h a t t h e u s e r execut i n g t h e t a r
com m a n d i s a b l e to read the f i l e(s). Fo r exa m p l e, c reat i n g a n e w a r c h i ve o f t h e / e t c fo l d e r a n d
a l l o f i t s content req u i res root p r i v i l eges, beca u s e o n l y root i s a l lowed to read a l l o f t h e fi les
t h e re. A n u n privi l e g e d user cou l d c reate an a rc h ive of the /etc fo l d e r, b u t the a rc h ive wou l d o m i t
f i l es w h i c h d o not i n c l u d e rea d p e r m i s s i o n for t h e user a n d it wou l d o m i t d i recto ries w h i c h d o n o t
i n c l u d e both r e a d a n d execute p e r m i s s i o n for t h e user.
C reate t h e t a r a rc h ive / root/e t c . t a r w i t h t h e / e t c d i rectory as content as u s e r root:
[ root@host -]# t a r cf /root/etc . t a r /etc
tar : Removing leading ' / ' from member names
[ root@host - ] #
I mportant
W h i l e t a r sto res owners h i p a n d p e r m i s s i o n s of t h e f i l es, t h e re a re ot h e r att r i b utes that
a re n ot stored i n t h e t a r a r c h ive by defa u lt, s u c h a s t h e S E L i n u x co ntext and ACLs. To
store t h ose exte n d e d att r i butes i n t h e t a r a rc h ive, t h e - - xat t r s option is req u i red
when c reat i n g an a rc h i ve.
-
-
-
-
-
-
-
List contents of a tar archive
To l ist t h e content of a n a rch ive, t h e t a n d f o p t i o n s , acco m p a n ied by t h e a rc h ive to o p e rate, a re
req u i red.
L ist t h e content of t h e a rc h ive / root/e t c . t a r :
[ root@host - ] #
etc/
etc/f stab
etc/crypt tab
etc/mt ab
t a r t f /root/et c . t a r
Extract an archive created with tar
A t a r a rc h ive s h o u l d n o r m a l l y b e extracted i n a n e m pty d i rectory t o e n s u re i t d o e s not ove rwrite
a ny e x i st i n g f i l es. I f files a re extracted by root, tar attem pts to preserve the o r i g i n a l user a n d
g ro u p o w n e rs h i p of t h e f i l es. I f a reg u l a r u s e r extracts f i l es u s i n g t a r , t h e ext racted f i l e s a re
ow n e d by t h a t u s e r.
-
-
-
R H 1 24- R H E L 7-en-1-20140606
293
-
-
C h a pter 1 2 . A rc h i v i n g a n d Copy i n g F i l e s Betwe e n Systems
-
Extract t h e a rc h ive / root/e t c . t a r to t h e / ro o t / e t cbackup d i rectory:
[ root@host -]# mkdir / root/etcbackup
[ root@host -]# cd / root/etcbackup
[ root@host etcbackup]# tar xf /root/etc . ta r
-
-
By defa u l t . w h e n f i l es get extracted f r o m a n a rc h ive, t h e u m a s k i s s u b t racted from t h e
permissions of a rc h ive c o n t e n t . T h i s is a secu rity m e a s u re a n d prevents ext racted reg u l a r f i l es
from recei v i n g execute p e r m i s s i o n s by defa u lt. To p rese rve t h e p e r m i s s i o n s of an a rc h ived f i l e,
t h e p option i s to be used w h e n extract i n g a n a r c h i ve.
Extract the a rc h ive / ro o t /mysc rip t s . tar to the / r oot / s c r i p t s d i rectory w h i l e preserving
t h e p e r m i s s i o n s of t h e ext racted f i l es:
[ root@host -]# m k d i r /root /sc ripts
[ root@host -]# cd / root/scripts
[ root@host scripts]# t a r xpf / root/myscript s . t a r
-
-
-
-
Create a com pressed tar archive
There a re t h ree d iffe re nt c o m p ress i o n m e t h o d s s u p p o rted by t h e t a r co m m a n d . T h e g z i p
com p ress i o n i s t h e fa stest a n d o l dest one, a n d i s m o s t w i d e l y ava i l a b l e. T h e bz i p2 co m p ression
u s u a l l y leads to s ma l l e r a rc h ive files c o m p a red to gzip and i s less widely ava i l a b l e t h a n g z i p,
w h i l e t h e xz c o m p ression method is re l a t i v e l y new, b u t usua l l y offers t h e best c o m p ress ion rat i o
o f t h e met h o d s ava i l a b l e .
.
..... >.,
-
-
Note
�
-
The effectiveness of a ny com p ress i o n a l g o r i t h m d e p e n d s o n t h e exact n a t u re of t h e
d a t a b e i n g c o m p ressed. Data f i l e s t h a t a re a l re a d y c o m p ressed, s u c h a s c o m p ressed
pict u re formats o r r p m f i l es, u s u a l l y lead to a l o w com p ression ratio.
-
-
I t i s good practice to u s e a single top- l evel d i recto ry, w h ic h can conta i n o t h e r d i rectories and
fi l es, to s i m p l ify extracti o n of t h e f i l e s i n a n o rg a n ized way.
-
To c reate a co m p ressed t a r a rch ive, o n e of t h e fo l l o w i n g t a r options can be s pecified:
•
z for gzip co m p ression (fi l e n a me.t a r.gz o r f i l e n a m e.tgz)
·
j for b z ip 2 com pres s i o n (fi l e n a m e.ta r.bz2)
•
J for x z c o m p ression (fi l e n a m e.ta r.xz)
-
-
C reate (c option) a g z i p-com pressed (z option) t a r a rc h ive / roo t /e t c b ac k u p . t a r . g z of the
/ e t c di rectory o n serverX:
1
[ root@serverx
- ] $ t a r czf /root/etcbackup . ta r . gz / e t c
-
-
C reate (c option) a bzi p2-co m p ressed (j option) t a r a rc h ive / root /logbac k u p . t a r . b z 2 of the
/var /log d i rectory o n serverX:
[ root@serverx -]$
t a r c j f /root/logbac kup . t a r . bz 2 /var/log
-
294
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Extract a com p ressed t a r a rc h ive
-
C reate (c option) a xz-co m p ressed (J option) t a r a rch ive / ro o t / s s hconfig . t a r . b z 2 of t h e
/ e t c / s s h d i recto ry o n se rve rX:
-
-
-
-
-
[ root@serverX -]$
I
-
-
_
�J f -�r o�t / sshconfig . t a r . xz / e t c / s s h
_
E xtract a com pressed tar archive
_J
T h e fi rst step w h e n extract i n g a c o m p ressed t a r a rc h ive i s to dete r m i n e w h e re t h e a rc h ived f i l e s
s h o u l d be extracted t o , t h e n c reate a n d c h a n g e to t h e ta rget d i rectory. To s u ccessf u l l y extract
t h e a rc h ive, it is u s u a l l y n ot n e cessary to u s e the same c o m p ress i o n option used when creat i n g
t h e a rc h ive, a s t h e t a r com m a n d w i l l dete r m i n e w h i c h c o m p ression w a s used. I t i s va l i d to a d d
t h e d e c o m p ression m e t h o d to t h e t a r o p t i o n s a s fol l ows:
Extract (x option) t h e contents of a g z i p-co m p ressed (z o p t i o n ) ta r a r c h i ve named
/ r oo t / e t c backu p . t a r . gz to t h e d i rectory / t mp/et c backu p:
[ root@serverx -]$ mkdir /tmp/etcbackup
[ root@serverX -]$ cd /tmp/etcbackup
[ root@serverX etcbackup]$ t a r xzf /root/etcbacku p . t ar . gz
-
-
tar
E x t ra ct (x option) t h e contents of a bz i p2-com pressed (j o p t i o n ) t a r a rc h ive n a m e d
/ root /logbac ku p . t a r . bz2 to t h e d i rectory / t mp/logbac ku p :
1 [ root@serverX -]$
�-------- ------..
I
[root@serverX -]$
[root@serverX logbackup]#
-------
----- -
- - --�
mkdir / tmp/logbackup
cd /tmp/logbac kup
t a r xj f /root/logbacku p . t ar . bz 2
!'----------- ----- -
Extract (x option) t h e contents of a xz-co m p ressed (J o p t i o n ) t a r a rc h ive n a m e d
/ ro o t / s s hbacku p . t a r . xz to t h e d i rectory / t m p / s s h b a c k u p:
-
-
-
I
!
!
[ root@serverX -]$ mkdir /tmp/sshbackup
[ root@serverX -]$ cd /tmp/sshbackup
[ root@serverX sshbackup]# t a r xJf /root/sshbacku p . t ar . xz
- -- - - - - -- - -
�
- - -
�---- -------
.
Note
L i st i n g a co m p ressed t a r a rc h ive works i n t h e s a m e way as l isti n g a n u n c o m p ressed
tar a rc h ive.
-
-
-
-
-
Note
A d d i t i o n a l l y, gzip, bzip2, a n d xz c a n b e used i n d e pe n d e n t l y to com press s i n g l e f i l es.
For exa m p l e, g z i p e t c . tar res u l t s i n the com p ressed file e t c . t a r . g z , w h i l e bzip2
abc . t a r res u l t s in t h e co m p ressed file abc . t a r . bz2 and xz myarchive . t a r
res u lts i n t h e c o m p ressed fi l e mya r c h ive . t a r . x z .
T h e corres p o n d i n g deco m p ress co m m a n d s a re g u n z i p , b u n zip2, a n d u n x z . Fo r
exa m p l e, g u n z i p /tmp/e t c . t a r . gz res u lts i n t h e u n com p ressed tar f i l e e t c . t a r ,
w h i l e b u n z i p 2 abc . t a r . b z 2 res u l ts i n t h e u n c o m p ressed t a r f i l e abc . t a r a n d u nxz
mya r chive . t a r . xz res u l t s i n t h e u n co m pressed t a r f i l e myar c h ive . t a r .
-
-
-
R H1 24- R H E L7-en-1-20140606
295
-
-
C h a pt e r 1 2 . Archiving a n d Copy i n g F i l es Between Syste m s
Overview of t a r o ptions
-
The t a r co m m a n d has m a n y opt i o n s to u se. The fo l l owing ta b l e l i sts s o m e c o m m o n o p t i o n s a n d
t h e i r mea n i n g s.
Overview of
tar
-
options
Option
Meaning
c
C reate a n ew a rc h i ve.
x
Extract from a n ex i st i n g a rc h i ve.
t
List t h e contents of a n a rc h ive.
v
Ve rbose; s h ows w h i c h f i l e s get arch ived or extracted.
f
F i l e n a m e ; t h i s o pt i o n n e e d s to be fo l l owed by t h e f i l e n a m e of t h e a rc h i ve to
use/c reate.
p
Preserve t h e p e r m i s s i o n s of f i l es a n d d i rectories w h e n extra c t i n g a n a rc h ive,
without s u bt ra ct i n g the u m a s k .
-
-
z
U s e gzip c o m p ression ( . t a r . gz) .
j
U s e bzip2 c o m p re s s i o n ( . t ar . bz2). bzip2 typica l l y a c h i eves a bett e r
c o m p ress i o n rat i o t h a n gzip.
J
U s e xz c o m p ression ( . t a r . xz). xz ty p i ca l l y a c h i eves a better compress i o n rat i o
t h a n bzip2.
References
R
-
-
-
-
-
-
tar(1), gzip(1 ), g u n z ip(1 ), bzip2(1 ) , bunzip2(1 ) , xz(1 ) , u n x z (1 ) m a n pages
-
-
-
-
-
-
-
-
-
296
R H 1 24- R H E L 7-en-1-20140606
-
-
Pra c t i ce: B a c k i n g U p a n d Resto r i n g F i l es From a tar A rc h i ve
-
-
Pra ct i ce: B a c k i n g U p a n d Resto r i n g F i l es Fro m
a ta r A rc h ive
-
Guided exercise
-
I n t h i s l a b, students w i l l c reate a n d extract a r c h i ves w i t h t a r .
Outcomes:
-
-
Students w i l l b a c k u p a d i rectory t ree a n d extract t h e a rc h ive content to another l ocation.
D 1.
-
D 2.
-
� [student@desktopX -]$
C reate a n a rc h ive o f / e t c u s i n g g z i p com press i o n to back u p t h e confi g u ra t i o n f i l e
d i rectory / e t c . Save t h e f i l e a s / t mp/e t c . t a r . gz.
i
D 3.
Verify that the backup f i l e e t c . t a r . g z i s a va l i d a rc h ive by d e c o m p re s s i n g the f i l e to a
n e w l y created d i rectory n a m e d / b ac k u p t es t on se rverX.
D 3.1 .
-
s s h root@se rverX
I [ root@serverX -]# tar czf /tmp/etc . t a r . gz /etc
-
-
S i nce o n l y t h e root user ca n read a l l t h e contents o f t h e / e t c d i recto ry, we a re g o i n g to
b a c k u p t h e d i rectory and l o g i nto s e rverX as root.
I [ root@serverX -]#
C reate t h e target d i rectory / b ac k u p t e s t .
'
-
-
-
mkdir /backuptest
D 3.2. Switch to the /bac k u p t e s t d i rectory, w h e re we w i l l extract t h e f i l e s from t h e
e t c . t a r . gz a rc h i ve.
I [ root@serverX -]#
(
cd /bac kuptest
D 3.3. E x t ract t h e e t c . t a r . gz a rc h i ve to t h e /bac k u p t e s t d i recto ry.
[ root@serverX backuptest]#
t a r xzf /tmp/etc . ta r . gz
-
-
-
-
-
-
-
R H 1 24- R H E L 7 -en -1-20140606
297
-
-
C h a pte r 1 2 . A rc h i v i n g a n d Copy i n g Fi l es Between Syste ms
-
Copy i n g Fi l es Betwe e n Systems Sec u re l y
Objectives
After co m p l e t i n g t h i s sect i o n , stu d e nts s h o u l d be a b l e to copy f i l e s s e c u re l y to or from a remote
system r u n n i n g s s h d .
Copy files to or from a remote location with s c p
The ssh com m a n d i s usefu l fo r sec u re l y r u n n i n g s h e l l com m a n d s o n re mote systems. I t c a n a l s o
be u s e d to sec u re l y c o p y f i l e s from o n e m a c h i n e to a nother. T h e scp com m a n d t ra n sfers f i l e s
f r o m a remote h o s t to t h e l oca l system o r f r o m t h e l o c a l system to a remote host. I t u t i l izes t h e
S S H server for a u t h e n t i c a t i o n a n d e n c rypted data t ra n sfe r.
Remote f i l e syst e m l o c a t i o n s a re a l ways specified i n t h e format [ u se r @ ] h o s t : /pat h for e i t h e r
t h e s o u rce o r t a rg et l ocation of t h e f i l e s to be t ra n sfe rred. T h e u s e r@ port i o n i s o pt i o n a l a n d , if
it is m i s s i n g , the c u rrent l oca l user that i nvokes the s c p co m m a n d i s used. Before the t ra n sfer is
i n it i ated, the u s e r m u st a u t h e nticate w i t h t h e S S H s e rver by pa ssword o r SSH keys.
T h i s exa m p l e s h ows how to copy the loca l f i l e s o n d e s ktopX, / e t c /yum . conf a n d
/etc/hos t s, s e c u re l y to t h e acco u n t s t u d e n t o n t h e remote system serverX i n t o t h e d i rectory
/home/ s t u d e n t /:
j [student@desktopX -]$ scp /et c/yum . conf
I student@serverX ' s password : s tu dent
j yum . conf
I
I
hosts
-
-
-
-
-
-
/etc/host s se rverX : /home/student
100% 813
100% 227
0 . BKB/s 00 : 00
0 . 2KB/s 00 : 00
A user ca n copy a f i l e from a remote accou nt o n a re m ote m a c h i n e to t h e l o c a l f i l e syst e m with
scp. In this exa m p l e, copy t h e f i l e /e t c/host n ame from t h e accou nt student o n t h e serverX
machine to t h e l o c a l d i rectory /home/ s t u d e n t / .
[student@desktopX - ] $ s c p se rve rX : /etc/host name / home/s t u d e n t /
student@serverX ' s password : s t udent
100% 22
0 . 0KB/s 00 : 00
hostname
To copy a w h o l e d i rectory t ree rec u rs ive l y, t h e - r o p t i o n is ava i l a b l e. I n t h e fo l l o w i n g exa m p l e,
t h e remote d i rectory /va r /log o n s e rverX is c o p i e d rec u rs ive l y to t h e loca l d i rectory / t mp/ o n
d e s ktopX. To b e a b l e to r e a d a l l t h e c o n t e n t s of t h e / e t c d i recto ry, t h e root u s e r m u st con nect t o
t h e remote l o c a t i o n .
[student@desktopX -]$ scp - r root@s e rverX : /var/log
root@serverX ' s password : redhat
-
-
-
-
-
-
/tmp
Transfer fi les remote l y with s f t p
-
I f a n i nteractive tool i s p refe rred w h e n u p l o a d i n g o r d ow n l o a d i n g fi l es to a S S H server, t h e sft p
c o m m a n d c a n be us ed. A session w i t h s f t p is s i m i l a r to a c l a s s i c FTP sess i o n , but u ses t h e
sec u re a u t h e nt i c a t i o n m e c h a n i s m a n d e n c rypted d a t a t ra nsfer o f t h e S S H server.
To i n itiate a s f t p sess i o n , t h e sf t p expects a remote l ocat i o n i n t h e fo r m a t [ u se r @ ] hos t ,
w h e re t h e u s e r@ port i o n is o pt i o n a l a n d , i f i t i s m i s s i n g , t h e u s e r i nvo k i n g t h e s f t p co m m a n d
298
-
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
-
-
-
Tra nsfer f i l es remote l y with s f t p
-
i s u s e d . To esta b l i s h t h e s f t p sess i o n , a u t h e nticating w i t h a n y o f t h e methods t h e S S H server
accepts i s n e cessa ry.
[student@desktopX ] $ sftp serverx
student@serverX ' s password : student
Connected to serverx .
sftp>
-
-
-
-
The s f t p session accepts va r i o u s c o m m a n d s t h a t work t h e s a m e way on the re mote f i l e syst e m
a s t h ey d o i n t h e l oca l f i l e syst e m , s u c h a s ls, c d , m k d i r , r m d i r , a n d pwd. I n a d d i t i o n , t h e re a re
t h e p u t a n d get com m a n d s for u p l o a d i n g a n d d ow n l o a d i n g f i l es. T h e exit co m m a n d exits t h e
s f t p session.
-
U p l o a d t h e l oc a l f i l e / e t c/hos t s to t h e n e w l y c reated d i rectory
/home/ s t udent/host bac k u p o n t h e remote h ost serverX. The s f t p sessi o n a l ways ass u m es
t hat t h e put com m a n d i s fo l l owed by a fi l e o n t h e l oca l file system and sta rts i n t h e c o n n e ct i n g
u s e r ' s h o m e d i rectory; i n t h i s case, / home/ s t u d e n t :
-
sftp> mkdir hostbackup
sftp> cd hostbackup
sf tp> put /etc/hosts
Uploading /etc/hosts to /home/student/hostbackup/hosts
I
/ e tc / h o st s
1 0 0% 2 2
0 . 2K B / s 0 0 : 0
L_sftp>
_____ _ 0-·-����-__J'
_-___------�--�-��--�-�-�--7
_
-
-
·
_
-
__
To d ow n l oa d the remote f i l e /e t c/yum . conf from t h e re mote host to t h e c u r rent d i rectory o n
t h e loca l f i l e syste m , execute t h e c o m m a n d get /et c/yum . c o n f a n d e x i t the s f t p sess i o n
w i t h t h e e x i t co m m a n d .
-
sftp> get /etc/yum . conf
Fetching /etc/yum . conf to yum . conf
/etc/yum . conf
sftp> exit
[student@desktopX - ] $
-
-
-
__
_
R
100% 813
---------�- -----,
0 . BKB/s 00 : 00
I
References
s c p(l) a nd sft p(l) m a n pages
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
299
-
-
C h a pte r 1 2. A rc h i v i n g a n d Copy i n g F i l es Betwe e n Systems
-
P ra ct i ce: Co pyi n g F i l es Ove r t h e N etwo rk Wit h
scp
-
-
Guide d exercise
-
I n t h i s l a b , students w i l l copy f i l es from a remote syste m to a loca l d i rectory by u s i n g scp.
Outcomes:
-
Students w i l l copy fi les from a re m ote host to a d i rectory o n the local m a c h i ne.
D 1.
Rem ote l y copy t h e / e t c / s s h d i rectory o n t h e serverX m a c h i n e to the new l y c reated
d i rectory /home/s t u d e n t / s e rve rbac k u p o n desktopX by using scp.
D 1 .1 .
C reate t h e ta rget d i rectory /home/ s t u d e n t / s e rve r ba ck up on d e s kto p X .
!
i
i
D 1 .2 .
-
[student@desktopX -]$
-
mkdir /home/ s t u d e n t / s e rverbackup
Recurs i ve l y c o p y t h e d i rectory / e t c / s s h from s e rverX to t h e
/home / s t u d e n t / s e rve rbac k u p d i rectory o n d e s ktopX w i t h t h e s c p
c o m m a n d . N ote t h a t o n l y t h e root user can rea d a l l t h e c o n t e n t i n t h e / e t c / s s h
d i recto ry.
[ student@desktopX -]$
serve rbackup
s c p - r root@serverX : /e t c / ssh /home/student/
l
-
-
-
-
-
-
-
-
-
-
-
-
300
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
Sy n c h ro n i z i n g F i l es Betwe e n Syste m s Securely
-
Syn c h ro n i z i n g Fi l es B etwe e n Syste m s S ec u re l y
-
-
-
-
-
-
-
-
-
O bjectives
After c o m p l e t i n g t h i s sect i o n , st u d e nts s h o u l d be a b l e to effi c i e n t l y a n d secure l y sync h ro n i ze t h e
contents o f a l oca l f i l e o r d i rectory w i t h a remote co py.
Synchronize files and fol d ers with r sy n c
The rsy n c tool i s a n o t h e r way t o securely copy f i l e s from o n e system t o a n ot h e r. I t d iffers from
scp i n that if two f i l e s o r d i recto ries a re s i m i l a r betwe e n two systems, rsy n c o n l y needs to copy
t h e d i fferences betwee n t h e syste m s , w h i l e s c p wou l d need to copy eve ryt h i n g .
O n e o f t h e a d va ntages o f rsync i s t h a t it ca n c o p y f i l e s between a loca l system a n d a remote
system s e c u r e l y a n d effi c i e n t l y. W h i l e the i n it i a l sy n c h ro n ization of a d i rectory t a kes a bout t h e
s a m e t i m e a s copy i n g it, a ny s u bs e q u e n t syn c h ro n izat i o n o n l y req u i res t h e d iffe re nces to b e
copied ove r t h e network.
O n e of t h e most i m portant options of rsync i s t h e - n option to perform a d ry run. A d ry r u n i s a
s i m u l at i o n of w h a t h a p pens w h e n t h e com m a n d rea l l y gets exec uted. I t w i l l d i s p l a y t h e c h a n g e s
it w i l l p e rfo r m w h e n t h e com m a n d i s executed w i t h o u t t h e d ry r u n o p t i o n . I t i s reco m m e n d e d
to perfo r m a d ry r u n of a ny r sync o p e ra t i o n to e n s u re n o i m porta nt f i l es g e t ove rwritten o r
d e l eted.
The two most co m m o n options when sy n c h ro n i z i n g files and fo l d e rs w i t h r sync a re t h e -a and v opt i o n s . W h i le t h e - v option a d d s verbos ity to t h e o u t p u t as t h e sy n c h ro n i z a t i o n proceeds, t h e
- a o p t i o n sta n d s f o r " a rc h ive m o d e " a n d e n a b l e s t h e fo l l owing opt i o n s a l l i n o n e :
·
-
-
- r , sy n c h ro n ize rec u rs i ve l y t h e w h o l e d i rectory tree
·
- 1,
•
-
sy n c h ro n i z e sym b o l i c l i n ks
p, preserve p e r m i s s i o n s
·
- t , preserve t i m e sta mps
•
- g, prese rve g r o u p owners h i p
•
-
-
-
•
-
o p rese rve t h e o w n e r o f t h e f i l e s
,
- D, s y n c h r o n i z e d e v i c e f i l es
W h i l e t h e - a a l re a d y sy n c h r o n i zes symbo l i c l i n ks, t h e re a re a d d i t i o n a l o p t i o n s necessary to
p reserve h a rd l i n ks, a s t h ey a re t reated a s sepa rate f i l e s i n stead. The - H o p t i o n e n a b l e s t h e
h a n d l i n g of h a rd l i n ks, so t h e rsync com m a n d w i l l i d e n t ify t h e h a rd l i n ks p resent i n t h e sou rce
fo l d e r a n d l i n k t h e f i l e s accord i n g l y in the d e s t i n a t i o n fo l d e r i n stead of j u st copy i n g t h e m a s
s e p a rate f i l es.
-
-
-
-
R H 1 24- R H E L7-e n-1-20140606
301
-
-
C h a pter 1 2 . A rc h i v i n g a n d Copy i n g F i l es Betwe e n Systems
.:. ''41.:. '
Note
�
The - a o p t i o n does not syn c h ro n i z e a d va n ced f i l e permissions, s u c h a s A C L s o r
S E L i n u x f i l e contexts. To e n a b l e t h e sy n c h ro n i z a t i o n o f A C L s , t h e - A o p t i o n i s req u i red
i n addition to t h e - a option, while to sy n c h ro n i z e t h e S E L i n u x contexts from the s o u rce
f i l e s to t h e t a rget fi l es , t h e - X option is to b e a d d e d .
The b a s i c w a y of u s i n g r sync is to sy n c h ro n i z e t w o l o c a l fo l d e rs. I n t h e fo l l o w i n g exa m p l e, t h e
/ v a r/ lo g d i rectory g ets a sy n c h ro n ized c o p y i n t h e / t m p fo l d e r. The log d i rectory w i t h i t s
content i s c r e a t e d i n t h e / t m p d i rectory.
[student@desktopX -)$ su
Password : redhat
[ root@desktopX - ] # rsync
-
-
-
-
- av /var/log /tmp
To o n l y sy n c h ro n i ze the content of a fo l d e r w i t h o u t n e w l y c reat i n g the fo l d e r i n the ta rget
d i recto ry, a t ra i l i n g s l a s h n e e d s to be a d d e d a t t h e end of the s o u rce d i recto ry. In t h i s exa m p l e,
t h e log d i rectory is not created i n t h e / t m p fo l d e r. O n l y t h e content of t h e /va r/log/ d i rectory
i s synchronized i nto the /tmp fo l d e r.
[ root@desktopX
-
-
-
-
- ] # rsync - av /var/log/ /tmp
-
Important
W h e n e n t e r i n g t h e s o u rce d i rectory for rsy n c , it i s very i m p o rtant to re m e m b e r t h a t
w h et h e r a t ra i l i n g s l a s h i s present o n t h e d i rectory n a m e m atters. I t w i l l d ete r m i n e
w h et h e r t h e directory o r j ust t h e contents o f the directory a re syn c h ro n i z e d to t h e
target. N ote: Ta b-com p l et i o n w i l l a utomatica l l y a d d a t ra i l i n g s l a s h to t h e e n d of
d i rectory n a m es.
S i m i l a r to scp, t h e r sync com m a n d ex pects remote fi l e system locations to b e specified i n t h e
fo rmat [ u s e r @ ] h o s t : / p a t h . I n c a s e t h e o pt i o n a l u s e r@ portion is m i s s i n g , t h e u s e r invo k i n g
t h e r s y n c c o m m a n d i s used to c o n n e c t to t h e re m ote l ocat i o n . I t i s poss i b l e to use a remote
location a s e i t h e r sou rce o r ta rget. In the fo l l o w i n g exa m p le, the local fo l d e r /var /log gets
a sy nchronized copy i n t h e /tmp d i rectory on the serverX m a c h i ne. Fo r rsync to sy n c h ro n i ze
own e rs h i p of t h e t ra n sferred f i l es, t h e t a rget l o c a t i o n m u st be w r itten a s u s e r root, so c o n nect
to the rem ote system serverX as the root u s e r. The c o n n e c t i n g user root m ust t h e n a ut h e nticate
with t h e SSH server by any of t h e accepted methods; for exa m p l e, password o r SSH keys.
[ root@desktopX -)$ rsync
root@serverX ' s password :
-
-
-
-
-
-
- av /var/log serverX : /tmp
redhat
-
In the s a m e way, the remote fo l d e r /var /log on serverX can be syn c h ro n ized to t h e loca l
d i rectory / t m p o n d e s ktopX:
I [ root@desktopX -)$
302
-
rsync - av se rverX : /var/log /tmp
-
R H 1 24- R H E L 7-en-1-20140606
-
-
Sy n c h ro n i z e f i l es a n d fo l d e rs w i t h rsync
root@serverX ' s password :
redhat
References
-
r sync(1 ) m a n p a g e
-·
-
...
·-
R H 1 24- R H E L7-e n-1-20140606
-
303
-
C h a pter 1 2 . A rc h iv i n g a n d Copy i n g F i l es Betwe e n Systems
-
P ra ct i ce: Syn c h ro n i z i n g Two D i recto ries
S ec u re l y Wit h r sync
-
-
Guided exercise
I n t h i s l a b , st udents w i l l sy n c h ro n ize a fo l d e r w i t h a remote syst e m by u s i n g r sync.
Outcomes:
A d i rectory w i l l be sy n c h ro n i zed from a remote m a c h i n e to t h e loca l m a c h i n e. After files o n the
re mote m a c h i n e have c h a n g e d , it w i l l b e sy n c h ro n ized with t h e loca l m a c h i n e again and o n l y t h e
m o d ifica t i o n s w i l l b e t ra nsferred. Both systems w i l l e n d w i t h i d e ntica l content i n t h e d i rectories
sy n c h ro n ized w i t h rsy n c .
D 1.
S e c u r e l y c reate a n i n i t i a l c o p y of t h e / v a r / l o g d i rectory t ree o n serverX to a n e w l y
c reated d i rectory n a m ed / s e rve rlogs o n d e s ktopX w i t h t h e r s y n c com m a n d .
D 1 .1 .
I n order t o c reate t h e ta rget d i rectory /se r ve r logs, switch t o t h e root u s e r
account w i t h t h e s u co m ma n d .
!_
[student@desktopX -]$
Password : redhat
[ root@desktopX -]#
su -
j' [ root@desktopX -]# m k d i r /se rverlogs
D 2.
rsync - av root@serve rX : /var/log /serverlogs
As root o n serve r X , r u n log g e r " Log files syn c h ronized " t o g et a n ew e n t ry i n
t h e log f i l e /var /log/messages to ref lect w h e n t h e l a st sy n c h ro n ization took p l ace.
[ root@desktopX -]#
Password : redhat
[ root@desktopX -]#
-
-
-
-
U s e t h e rsync com m a n d to synchronize t h e /var /log d i rectory tree o n s e rverX
to the /s e rve rlogs d i rectory o n d e s ktopX. N ote t h a t only t h e root u s e r can
read a l l t h e content i n the /va r /log d i rectory o n s e rverX. All f i l es w i l l b e
t ra n sferred i n t h e i n it i a l s y n c h ro n i z a t i o n .
[ root@desktopX -]#
,-
-
D 1 .2. C reate t h e ta rget d i rectory /se rve r logs o n d e s ktopX w h e re the l o g f i l es of
se rve rX w i l l b e sy n c h ro n ized.
D 1.3.
-
s s h root@se rverx ' logger " Log f i l e s synch ronized " '
-
-
-
-
-
-
D 3.
Securely syn c h ro n i z e the /var /log d i rectory t ree o n s e rverX to the /server logs
d i rectory o n d e s kto p X with the r sync co m m a n d a g a i n . N ote that t h i s time o n l y t h e
c h a n g e d l og f i l e (s) w i l l be t ra n sfe rred.
i [ root@desktopX -]#
i-
304
rsync - av root@serverX : /var/log / s e rverlogs
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
G u i d e d exerc i s e
-
-
·-
-
-
-
-
-
R H124-R H E L 7 - e n -1 -20140606
305
-
-
C h a pter 1 2 . A rc h i v i n g a n d Copying F i l es Betwee n Systems
-
L a b : A rc h iv i n g a n d Co pyi n g F i l es Betwe e n
Syste m s
-
-
Perfor mance checklist
I n t h i s l a b, students w i l l u s e r sync, scp, a n d t a r to a rch ive a n d back u p fo l d e r contents.
Outcomes:
S t u d e nts w i l l sy n c h ro n ize a remote fo l d e r to a local d i rectory; a n arch ive i s then created w i t h the
syn c h ron ized fo l d e r a s content; t h e a rc h ive gets copied to t h e rem ote m a c h i n e and extra cted to
a newly c reated d i recto ry.
-
-
-
Before you begin ...
Reset yo u r serverX syste m .
1.
2.
3.
-
Syn c h ro n i z e t h e / e t c d i rectory t ree o n serverX t o t h e /configsync d i rectory o n
desktopX.
O n desktopX, c reate a n a rch ive n a m ed / r o o t / c o nfigfile - bac ku p - s e rve rx . t a r . gz
with the /configsync d i rectory as content. a n d copy the a rc h ive to the / root d i rectory on
serverX for backu p p u rposes with the scp c o m m a nd.
To p repa re the a rc h ived d i rectory t ree for c o m p a rison with the c u r re n t l y
active l y u s e d confi g u ra t i o n f i l e s o n serverX, extract t h e contents of t h e
/ root/configfile - backu p - se rverX . t a r . g z archive t o t h e / t mp / savedconfig/
d i rectory o n serverX.
-
-
-
-
-
-
-
-
-
-
-
-
306
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Solution
Solution
-
I n t h i s l a b, students w i l l use rsync, scp, a n d t a r to a rc h ive a n d b a c k u p fo l d e r contents.
-
-
-
-
Outcomes:
S t u d e nts w i l l syn c h ro n i z e a remote fo l d e r to a l o ca l d i rectory; a n a rc h ive i s then created with t h e
syn c h ro n i zed fo l d e r a s content; t h e a rch ive g e t s c o p i e d to t h e remote m a c h i n e a n d extracted t o
a n e w l y c reated d i recto ry.
Before you begin ...
Reset yo u r se rve rX syste m .
1.
S y n c h ro n ize t h e / e t c d i rectory t ree o n serverX to t h e /configsync d i rectory o n
desktopX.
1 .1 .
-
To be a b l e to c reate t h e t a rg et d i rectory I configsync, switch to t h e root u s e r a c c o u n t
u s i n g su.
j [ student@desktopX -]$
r
Password : redhat
[ root@desktopX -]#
-
-
su
1.2. C reate t h e t a rget d i rectory for t h e config u rat i o n f i l es o n d e s ktopX.
' [ root@desktopX -]# mkdir /configsync
-----����---
-
L_
-��--- �-�����--
-------�-
1 . 3 . Use t h e r sync co m m a n d to sy n c h ro n i z e t h e / e t c d i rectory t ree on serverX to t h e
/configsync d i rectory o n desktopX. Be awa re t h a t o n l y t h e root u s e r ca n read a l l t h e
content i n t h e I e t c d i rectory on serverX.
-
[ root@desktopX -]#
-
rsync - av root@se rve rX : /e t c /configsync
-
2.
-
O n d e s ktopX, create a n a rc h ive n a m e d / root /configfile - bac k u p - se rve rx . t a r . g z
w i t h t h e /configsync d i rectory as content. a n d copy t h e arch ive to the / root d i rectory o n
serverX f o r b a c k u p p u rposes w i t h t h e s c p c o m m a n d .
-
2 .1 . Sto re t h e /configsync d i rectory i n t h e
/ root/configfile - bac kup - se rverX . t a r . g z a rc h i ve.
-
-
-
I [ root@desktopX -]#
tar czf / root /configfile - backup - serverX . t ar . gz /configsync
2.2. C reate a b a c k u p copy of t h e / root/configfile - backu p - se rve rX . t a r . gz o n
serverX
[ root@desktopX configsync]#
root@serve rX : /root
Password : redhat
scp / r oot/configfile - bac kup - serverx . ta r . gz
-
-
-
R H124- R H EL 7-en-1 -20140606
307
-
-
C h a pter 1 2 . Archiving a n d Copy i n g F i l es Betwee n Systems
-
3.
To prepare t h e a rc h ived d i rectory t ree f o r c o m p a r i s o n w i t h t h e c u rre n t l y
active l y used confi g u ra t i o n f i l e s o n se rve rX, extract t h e contents o f t h e
/ root /configfile - backu p - se rverX . t a r . g z arch ive to t h e / t mp/savedconfig/
d i rectory o n serve r X .
-
3.1 . C o n n ect t o t h e s e rverX m a c h i n e a s root by u s i n g s s h .
[ root@desktopX configsync] #
Password : redhat
[ root@serverX -]#
-
s s h root@serverX
-
-
3.2. C reate t h e t a rget d i rectory / t mp/savedconfig/, w h e re t h e contents o f t h e
/ rootlconfigfile - bac ku p - se rve rX . t a r . g z a rc h ive w i l l b e extracted.
[ root@serverX -]# mkdir
-
/tmp/savedconfig
3.3. C h a n g e to the t a rg e t d i recto ry /tmp/savedconfig/ on serverX.
[ root@serverX -]# cd /tmp/savedconfig
[ root@serverx savedconfig] #
-
l
3.4. Extra ct the contents of t h e / root /configf ile - bac ku p - serve rX . t a r . gz a rc h ive
to the / t mp/savedconfig/ d i rectory o n serverX.
[ root@serverX savedconfig]#
t a r xzf /root/configfile - backu p - serverX . ta r . gz
-
-
-
-
-
-
-
-
-
-
-
-
308
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Sol ution
-
S u m m a ry
-
M a n a g i ng Co m p ressed t a r Arch ives
-
-
The tar co m m a n d p rovides a set of d iffe rent c o m p ress i o n methods to a rc h ive f i l e s a n d
restore t h e m from a n a rc h ive.
Copyi n g F i l e s Betwee n Syste m s S e c u r e l y
Besides p rovi d i n g a s e c u re remote s h e l l , the ssh s e r v i c e a l s o p rovides t h e scp a n d
s f t p a s s e c u re ways to t ra n sfer f i l es f r o m a n d to a remote syste m r u n n i n g t h e S S H
se rver.
-
Syn c h ro n i z i n g F i l e s Betwe e n Syste ms S e c u r e l y
T h e r s y n c com m a n d sec u re l y a n d eff i c i e n t l y sy n c h ron izes f i l es w i t h a rem ote locat i o n .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
309
-
-
-
-
-
-
-
-
-
·�
I
310
�
'
®
red h at
®
TRAINING
C H A PT E R 1 3
INSTALLING AND U PDATING
SOFTWARE PACKAGES
Overview
Goal
To down load, insta l l , u p d ate, a n d m a nage softwa re packages
from Red Hat and YUM p a c kage repositories.
Objectives
•
Register systems with yo u r Red H at account a n d e n t i t l e
them to software u pd ates f o r i n sta lled p roducts.
•
Explain what a n RPM p a c kage i s a n d how R P M packages
a re used to m a n a g e software on a Red Hat E nterprise
L i n u x system.
•
Find, i nsta l l , and u p d ate software packages using the yum
command.
•
E n a b l e a n d d is a b l e u s e of Red Hat or t h i rd-pa rty Y U M
re positories.
•
Sections
•
E x a m i n e and i nsta l l d o w n loaded software package files.
Att a c h i n g Systems to S u bsc riptions for Software U pdates
(and Pra c t ice)
Lab
RH124- R H EL 7-e n-1-20140606
•
R P M Software Packages and Y U M (a n d Pra c t ice)
•
M a n a g i n g Software U pd ates with yum (a n d P ract ice)
•
E n a b l i n g yum Software Repositories (and Pra c t ice)
•
E xa m i n i n g RPM Package F i l e s (a nd P ract i ce)
•
I nsta l l i n g a n d U pd a t i n g Software Packages
311
-
-
C h a pter 13. I nsta l l i ng a n d U pd a t i n g Softwa re Pa ckages
-
Atta c h i n g Syst e m s to S u bscri pt i o n s fo r
Softwa re U pd ates
-
-
Objectives
Reg ister syste m s with yo u r Red H a t accou nt a n d e n t i t l e t h e m to s oftwa re u pdates for i n sta l l ed
prod u cts.
-
Red Hat Su bscription Manage ment
-
Red Hat S u bscription M a n a g e m e n t p rovides too l s t h a t c a n be u s e d to e n t it l e m a c h i n es to
product s u bscriptions, a l l ow i n g a d m i n istrators to get u pdates to s oftwa re packages and track
i nfo r m a t i o n a bout s u p p o rt co n tracts a n d s u bscriptions used by t h e syste ms. Sta n d a rd too l s such
a s Pa c k a g e K i t a n d y u m c a n o b ta i n softwa re packages a n d u pd ates t h ro u g h a content d is t r i b u t i o n
netwo r k p rovided b y Red Hat.
-
-
T h e re are fou r basic tasks perfo r m e d w i t h Red Hat S u bs c r i p t i o n M a n a g e m e n t too l s :
•
•
•
•
a system to a ssociate t h a t system to a Red Hat accou nt. T h i s a l l ows S u bs c r i p t i o n
M a n a g e r to u n iq u e l y i nventory t h e system. W h e n n o l o n g e r i n u se, a system may be
u n registered.
Register
a system to e n t i t l e it to u p dates for s e l ected Red H a t p ro d u cts. S u bs c r i p t i o n s have
specific l eve l s of su pport, e x p i ra t i o n d ates, and defa u l t repositori es. The too l s can be used to
e i t h e r a uto-atta ch o r s e l ect a specific e n t i t l e m e nt. A s needs c h a nge, s u bscript i o n s may be
removed.
-
S u bscribe
to p rov ide softwa re packages. M u lt i p l e repos itories a re e n a b l e d by
d efa u l t with each s u bs c r i p t i o n , b u t ot h e r repositories such a s u pdates o r s o u rce code can be
enabled or disabled as needed.
Enable repositories
e n t it l e m e nts w h i c h a re ava i l a b l e o r co n s u m e d . Su bscript i o n i nfo r m a t i o n c a n
b e viewed l o ca l l y on a s p e c i f i c syste m o r, f o r a n a c c o u n t , i n e i t h e r t h e Red H a t Custo m e r Porta l
S u b s c r i pt i o n s page o r t h e S u bs c r i p t i o n Asset M a n a g e r (SA M ) .
-
-
-
Review and track
R e g i ster a system
To register a system w i t h the s u bs c r i p t i o n m a n a g e m e n t service, l a u n c h s u b s c r i p t ion ­
manage r - gu i by s e l e ct i n g A p p l i c a t i o n s > O t h e r > R e d H a t S u b s c r i p t i o n M a n a g e r from t h e m a i n
G N O M E m e n u . E nter t h e password f o r root w h e n prom pted to a u t h e nti cate. T h i s w i l l d i s p l a y t h e
fo l l o w ing S u b s c r i p t i o n M a n a g e r w i n d ow.
-
-
-
-
-
-
-
312
R H1 24- R H E L7-en-1-20140606
-
-
Red H a t S u bscription M a n a g e m e n t
Subscription Manager
System
.
My
H elp
I nstalled Products
Status:
Keep
your
My Subscriptions
j
�� ������������������������----,!
�
�
�
�
�
�
Product
I
R eg i ste
system up to date by registering.
Version
111••e•·l'@@!l.§i?7�:ft;lji.ft;@E
I
1
I
•
-
Red H a t Enterprise Linux 7
Public Beta
7 . 0 Beta
I
End Date
Start Date
Status
r
Unknown
I
!
I
Product's S u b s c ription Details
e rs
Status:
System is not registered.
Product:
Red H at E n t rp
Arch:
x86_64
i
e Linux 7 Server High
Touch
Beta
Figure 13. 1: The main window of Red Hat Subscription Manager
To reg iste r t h e system, c l ick t h e Register b u tton in t h e top-r i g h t corner of t h e S u bscription
Manager w i n dow. This will bring up the fo l l ow i n g d i a lo g :
System Regi stration
The s u b s u i p t i o n m a n a g e m e n t s e rvi c e yo u 1· e g i s t e r •.-vith w i ll p r o v i d e your
system
vv i th u p d a t e s and a l l mN a d d i ti o n a l m a n a g e m e n t .
I will register with:
n I v;iLL
/b.
[
[ l!•tUi1�11iM�'lli"�'"""-¥f•ii§J!-@
u s e an
If r e q u i r e d, p l e a s e c o n fi g u r e
your
J
A c tivation Key
p r oxy b efo r e m ov i n g fo r w a 1· d .
I
C o nfi g u 1· e P ro x
Cancel
R H124- R H EL 7-en-1 -20140606
Defa u l t
yj
N ex t
313
-
-
C h a pte r 1 3. I n sta l l i n g a n d U pd a t i n g Softwa re Pa c k a g e s
Figure
1 3. 2:
The service location dialog of Red Hat Subscription Manager
T h i s d i a l o g box registers a system w i t h a s u bs c r i p t i o n server. The d efa u l t
(s u bs c r i pt i o n . r h n . re d h at.com) wi l l reg ister t h e server t o Red H a t ' s " hoste d " content d i s t r i b u t i o n
network.
System Regi strati o n
Password:
I
demo-accoun
·
• • • • • •
u
-
-
Plea s e enter yo u r R ed H at a c c o u nt i n f o rm ati o n :
Login:
-
-
�
-
-
Tip : F o r g ot yo ur L o g in o r pa s sw o r d ? Lo o k it up
at ht t p ://redhat . c o m/f o rg o L pa s sword
-
Plea s e enter the follow i n g fo r th i s system :
System
-
d e mo . e x a m p l e . c o m
N ame:
·-.,
-
M a n u a l ly a tt a c h s u b s c r i pti o n s aft e r r e g i s trat i o n
-
Cancel
Register
-
Figure
1 3. 3:
The account information dialog of Red Hat Subscription Manager
C l i c k N e x t , t h e n a u t h e nt i cate u s i n g t h e Red H a t account to w h i c h t h e syst e m s h o u l d be
reg i stered.
By defa u lt , S u b s c r i p t i o n M a n a g e r w i l l try to find the best s u bscription for this system out of a l l
ava i l a b l e s u bscriptions. I f m o re t h a n o n e s u bs c r i p t i o n i s ava i l a b l e, o r a specific s u bscription is
req u i re d , c h e c k the M a n u a l l y atta c h s u b s c r i p t i o n s a ft e r re g i s t ra t i o n c h e c kbox. With this option
c h e c ked, S u b s c r i p t i o n M a n a g e r w i l l only reg ister t h e system and not a utomat ica l ly assign a ny
su bscript i o n s .
Click the
R e g i st e r
-
-
-
b u t t o n to com p l ete t h e reg istra t i o n .
A s s i g n i n g s u bs c r i pt i o n s
To a s s i g n s u bs c r i pt i o n s to a syst e m , n a v i g a te to t h e A l l Ava i l a b l e S u bs c r i p t i o n s t a b i n t h e m a i n
wi ndow of S u b s c r i p t i o n M a n a g e r , t h e n c l i c k t h e U p d ate b u t t o n to ret ri eve a l ist o f ava i l a b l e
su bscript i o n s .
-
-
-
314
R H 1 24-R H EL 7-en-1-20140606
-
-
Red H a t S u bscription M a nagement
Subscription ManagerSystem
Help
• My Installed Products
-
--
J My Subscriptions Jr.A ll Available Subsc riptions
Show subscriptions active on:
2014·02-14
t!J]
I
L
_
Update
2 applied
•
Red
Hat Employee Subscription
Red Hat E
m oy e
pl
e
Subscription
Filters
Click to Adjust OU:intity
Both
Unlimited
Both
Un li i ted
;
'
.
m
,
90 Day Self-Supported Red Hat Sat ellite 6 MDP-2
Subscription Details
Products:
Physical
q
ro duc
P
t
Red Hat Beta
Red
Hat Enterprise
Linux 7 Public Beta
Red Hat Enterprise Linux Server
Red
Hat Software Collections Beta (for RHEL Server)
Attach
Figure 13. 4: All Available Subscriptions tab of Red Hat Subscription Manager
Fro m t h i s l i st, select o n e or m o re s u bscriptions to a s s i g n to t h i s syst e m , then c l i c k t h e Attac h
button.
I f t h e re i s m ore t h a n one cont ract for a specific s u bs c r i p t i o n , a n ew d i a l o g will open u p, a s k i n g
y o u to s e l ect w h i c h c o n t ra ct to u s e. N ote t h a t t here a r e d iffe rent cont racts f o r Physical a n d
Virtual systems.
Contract Selection
Choose the
specific co ntract to use:
S ubscription:
Total Contracts:
30
Day Self-Supported Re d Hat E n t e r·prise Linux Server,
(2
sockets) (Up to
1
guest) Evaluation
4
• Click to
!
'
Contract
Type
U sed
I Total
Start Date
Adjust Qu;, ntity
E n d Date
Quantity
I
I
-
1 10365182
Virtual
0/1
0 1/19/2014
0 2/ 1 7/ 2 0 1 4
1
' 1 0 3 8 0689
Physical
0/1
0 2/10/20 14
0 3/ 1 1/2014
1
j 1 0 3 6 5 18 2
Physical
0/1
01/19/ 2 0 14
0 2/17/ 2 0 1 4
1
I
I
__ _
Cancel
11
Attach
'�-·--
Figure 13. 5: Contract selection dialog of Red Hat Subscription Manager
After a s u bscription h a s been a s s i g n e d , c lose t h e S u b s c r i p t i o n M a nager w i n d ow. T h e system i s
n o w p ro p e r l y s u bs c r i b e d a n d ready to receive u p d ates a n d /o r i nsta l l n e w softwa re f r o m Red Hat.
RH124- R H E L7-e n -1 -20140606
31 5
-
-
C h a pt e r 1 3 . I nsta l l i n g a n d U pd a t i n g Software Pa ckages
-
Auto mating registrations and subscriptions
U s e s u b s c r i p t ion - manag e r ( 8 ) to reg ister a syste m w i t h o u t u s i n g a g ra p h i c a l e n v i ro n m e nt.
T h e s u b s c r i p t ion - manag e r c o m m a n d can a u t o m a t ica l l y attach a system to t h e best-matched
c o m p at i b l e s u bscript i o n s for t h e system.
-
•
Reg i ster a system to a Red H a t account:
t [ root : @serverX
-
- ] # subsc ription - manager regis t e r - - u s e r n ame=yourusername
pas swo rd=yourpassword
•
[ root : @serverx
•
-4i>.: '
I [ root : @serverx
-
- ] # subsc ription - manager a t t ac h - - a u t o
-
U n re g i ster a syste m :
[ [ root :@serverx
-
- ] # subsc ription - manager list - - consumed
-]#
�
-
l
s u b s c ript on - manager u n regist e r
Note
�
-
View consumed s u b s c r i pt i o n s:
r
•
- ] # subsc ription - manager list - - available I less
A u to-attach a s u b s c r i pt i o n :
[ root : @serverX
•
-
View ava i l a b l e s u b s c r i p t i o n s :
s u b s c r i p t ion - manag e r c a n a l so b e used i n conj u n c t i o n w i t h activation keys,
a l l o w i n g reg istra t i o n a n d a ss i g n m e nt of predef i n e d s u b s c r i pt i o n s, without u s i n g a
u s e r n a m e o r password. T h i s method of reg istra t i o n ca n be very usef u l for a u t o m ated
i n sta l la t i o n s a n d d e p l oy m e nts. Activation keys a re u s u a l l y issued by a n o n - p re m ise
s u bs c r i pti o n m a n a g e m e n t se rvice, s u c h a s S u bs c r i p t i o n Asset M a n a g e r, and w i l l n o t b e
d i sc u ssed i n deta i l i n t h i s cou rse.
A n e n t i t l e m e n t is a s u b s c r i p t i o n t h a t ' s b e e n atta c h e d to a syst e m . O i g ita l certifi cates a re used
to sto re c u rrent i nfo r m a t i o n a bout e n t i t l e ments o n the loca l syste m . O n ce registere d , t h e
e n t i t l e m e n t certificates a re stored i n / e t c / p k i a n d i t s s u b d i rectories.
·
-
-
-
-
Entitle ment certificates
·
-
-
/ e t c/pki/ p r o d u c t conta i n s certificates w h i c h i n d icate Red Hat products i n sta l l ed on the
system .
-
/ e t c/pki/consume r conta i n s certificates w h i c h i n d icate t h e R e d Hat acco u nt to w h i c h t h e
system i s reg i stered.
-
-
31 6
RH124- R H E L 7-en-1-20140606
-
-
-
-
Entit l e m e n t certificates
·
/ e t c / p ki/en t i t lement conta i n s certifi cates which i n d icate w h i c h s u bscriptions a re
att a c h e d to t h e syste m .
-
The certificates c a n be i n s pected w i t h t h e r c t u t i l ity d i re c t l y, but n o r m a l l y t h e s u b s c r i p t ion ­
manag e r too l s a re a m o re u s e r-fri e n d l y way to exa m i n e t h e s u bs c r i p t i o n s that a re attached to
the syste m .
-
Important
-
O l d e r v e rs i o n s of Red H a t Enterprise L i n u x orig i n a l l y s u p ported a d i fferen t s u bscription
m a n a g e m e n t method, RHN Classic. R H N C l a ss i c i s not s u p p o rted by Red Hat
E n t e r p rise Linux 7.
-
T h e method covered i n t h i s section, Red Hat Subscription Management, i s t h e o n l y o n e
used by R H E L 7, a n d is t h e defa u lt m e t h o d used by R H E L 6 after R H E L 6 . 3 , a n d R H E L
5 after R H E L 5.9. R H E L 4 o n l y s u p p o rt s t h e o l d method. M o re i n f o r m a t i o n o n both
m e t h o d s i s a va i l a b l e i n the refe rences a t the e n d of this sect i o n .
-
-
-
-
R
References
s u b s c r i p t ion - manage r - g u i(8), s u b s c r i p t ion - manag e r (8), a n d r c t (8) m a n
pages
G e t started w i t h R e d H a t S u bscri p t i o n M a n a g e m e n t
https ://access.redhat.co m/s ite/a r t i c l es/433903
-
-
Red Hat S u bscription M a n a g e m e n t : M i g ra t i n g from R H N a n d Satel l ite
https://a ccess. red hat.com/s ite/d o c u m e n ta t i o n/en - U S/
Red_Hat_S u bscr i pt i o n_M a n a g e m e nt/1 /htm l -s i n g l e/ M i g rat i n g R H N /
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-e n-1-20140606
317
-
-
C h a pter 13. I n sta l l i ng a n d U pd a t i n g Softwa re Packages
-
P ract i ce: Red H at S u bsc ri pt i o n M a n a g e m e nt
Quiz
-
Match t h e fo l l o w i n g items to t h e i r c o u n t e r p a rts i n t h e t a b l e.
E n a b l e re p o s i t o r i e s
-
Reg i st e r
I
Review a n d t ra c k
I
-
S u bsc r i be
-
-
Descri pt i o n
Ta s k
-
Dete rm i n e t h e n u m be r of ava i l a b l e
s u bsc r i p t i o n s
-
-
E n a b l e a syste m to u s e s e l ected Red H a t
p rod u cts
-
Atta c h a syste m to a Red H a t a c co u n t
-
P rov i d e softwa re p a c ka g e s
-
-
-
-
-
-
-
318
R H124-R H EL 7-en-1-20140606
-
-
-
-
Sol ution
-
Solution
-
-
Match t h e fo l l ow i n g ite m s to t h e i r cou nterparts i n t h e t a b l e.
Desc r i p t i o n
Ta s k
Dete r m i n e t h e n u m be r of ava i l a b l e
s u bs c r i p t i o n s
Review a n d t ra c k
E n a b l e a syst e m to u s e s e l ected Red H a t
p ro d u cts
S u bs c r i b e
Atta c h a syst e m to a Red H a t acco u n t
Reg i st e r
Prov i d e softwa re p a c k a g es
E n a b l e re pos ito r i e s
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-e n-1-20140606
319
-
-
C h a pt e r 1 3 . I n sta l l i ng a n d U pd a t i n g Softwa re Pa ckages
-
R P M Softwa re Pa c ka g es a n d Yu m
-
Objectives
-
Afte r com p l et i n g t h i s sect i o n , stu d e nts s h o u l d be a b l e to e x p l a i n what an R P M package is a n d
how R P M packages a re u s e d to m a n a g e softwa re o n a R e d H a t E nterprise L i n u x syst e m .
-
Software packages and R PM
M a ny years ago, Red H a t d eve loped t h e R P M Pa c k a g e M a n a g e r , w h i c h provides a sta n d a rd
way to package softwa re for d ist r i b u t i o n . M a n a g i n g softwa re i n t h e form of RPM packages is
much s i m p l e r than w o r k i n g w i t h softwa re that h a s s i m p l y b e e n extracted i nto a file syst e m from
a n a rc h ive. I t l ets a d m i n i st rators t ra c k which f i l es were i n sta l l ed by t h e softwa re package a n d
w h i c h o n e s n e e d t o be removed if it is u n i nsta l l ed , a n d c h e c k to e n s u re s u pporting packages
a re p resent w h e n it i s i n sta l l ed. I nfo r m a t i o n a bout i n st a l le d p a c kages is stored i n a loca l R P M
database o n e a c h syst e m . A l l softwa re p rovided b y R e d H a t f o r R e d H a t Enterprise L i n u x i s
provided a s a n R P M package.
RPM package f i l es a re named using a combination of t h e p a c k a g e name - ve r sion ­
release . a r c h i t ec t u re:
-
-
-----
N A M E is o n e o r m o re words desc r i b i n g t h e contents ( httpd -too l s).
•
V E R S I O N i s t h e vers i o n n u m be r of t h e o r ig i n a l software (2.4.6).
•
•
-
-
�----- NAME
.------ VERSION
RELEASE
I
I
r- ARCH
,-1-, ,-1-, ,---1--,
httpd -tools -2 . 4 . 6-7 . el7 . x86_64 . rpm
•
-
- ------ --��-
---�--·__J
-
-
R E L E A S E is t h e re leas e n u m be r of t h e package based o n t h a t vers i o n , a n d is set by t h e
packager, w h o m i g ht n o t be t h e o r ig i n a l softwa re deve l o p e r (7.e l7).
ARCH i s t h e p rocessor a rc h itectu re t h e packa g e wa s co m p i l ed to r u n on. " n o a rc h " i n d icates
that this package's contents a re not a rc h itect u re-specific (x86_64).
-
W h e n i nsta l l i n g packages from re positories, o n l y t h e p a c k a g e n a m e is req u i red. The p a c k a g e with
t h e higher vers i o n wi l l b e i n sta l l ed. I f t h e re are m u lt i p l e fi l es w i t h t h e s a m e vers i o n , t h e package
w i t h t h e higher re l ease n u m be r w i l l be i n sta l l e d .
-
E a c h R P M package is a s p ec i a l arch ive m a d e u p o f t h re e c o m p o n e nts:
-
•
•
•
The fi l es i n sta l l e d by the package.
I nfo rmation a b o ut t h e package (metadata), s u c h as t h e n a me/ve rsion/re lease/arch; a s u m m a ry
a n d description of t h e package; w h e t h e r it req u i res other p a c kages to be i n sta l l ed ; l ic e n s i n g ; a
package c h a n g e l o g ; a n d other d eta i l s.
S c r i pts which may run when this package i s i n sta l l e d , u pd a t e d , or re moved, o r which a re
t r i g g e red w h e n ot h e r packages a re i nsta l l ed, u pdated, o r re m oved.
320
RH124- R H E L 7-e n-1-20140606
-
-
-
-
-
-
-
T h e y u m package m a n a g e r
-
-
-
-
-
-
-
-
-
-
-
-
-
R P M p a c ka g es c a n be d i g i ta l l y s i g n e d b y t h e o rg a n ization t h a t pa c k a g e d t h e m . A l l packages from
a partic u l a r s o u rce a re n o r m a l l y s i g n e d by t h e s a m e G P G p ri vate key. I f the pa ckage is a ltered o r
corrupted, t h e s i g n at u re w i l l n o l o n g e r be va l i d . This a l l ows t h e syste m to verify p a c k a g e i n t e g r ity
before i n sta l l i ng them. A l l R P M packages re l ea s e d by Red Hat a re d i g i ta l l y s i g n e d .
U pd a t e s a n d Patc h e s
When t h e u pstream s o u rce code fo r a softwa re packa g e i s patched by Red Hat, a co m p l ete
RPM p a c k a g e i s g e n e rated. I f a p a c k a g e i s n e w l y added to a syste m , o n l y the l a test vers i o n of
t h a t p a c k a g e is n e e d e d , n ot every vers i o n of t h e package s i n ce the fi rst re l ease. Fo r syste m s
t h a t n e e d u p d a t i n g , t h e o l d vers i o n of t h e package is actua l l y re m oved a n d t h e new vers ion is
i n sta l l e d . Config u ra t i o n f i l es a re u s u a l l y reta i n e d d u r i n g a n u p g ra d e, b u t t h e exact behavior for a
partic u l a r package is defined w h e n t h e new vers i o n of t h e package i s created.
In most cases, o n l y o n e vers i o n o r re lease of a package m a y be i n sta l l e d at a t i m e. Typ i ca l l y, t h e
R PM i n sta l l a t i o n process w i l l n ot a l l ow fi l e s to be ove rwritte n . I f a p a c k a g e i s b u i l t so t h a t t h e re
a re n o conf l i c t i n g f i l e n a mes, t h e n m u l t i p l e vers i o n s may be i n sta l l e d . T h i s is t h e case for t h e
k e r n e l p a c k a g e . S i nce a new ke r n e l c a n o n l y b e tested by boot i n g to t h a t kern e l , t h e package i s
specifica l l y d e s i g n e d so that m u lt i p l e vers i o n s m a y be i n sta l l e d at o n ce. I f t h e new ke r n e l fa i l s t o
boot, t h e o l d ke r n e l is sti l l ava i l a b l e.
The yum package manager
O n ce a system is i n sta l l e d , a d d i t i o n a l softwa re packages a n d u pdates a re n o r m a l l y i n sta l led from
a netwo r k package repository, most f req u e n t l y t h ro u g h t h e Red Hat s u bscription m a n a g e m e n t
service d i s c u ssed i n t h e prev i o u s sect i o n . T h e rpm com m a n d may b e u s e d to i n sta l l , u pdate,
remove, and q u e ry RPM packages. H oweve r, it does not res o l ve d e p e n d e n c i es a u t o m a t i ca l l y a n d
a l l packages m u st be l isted. Too l s s u c h a s Pa c ka g e K it a n d y u m a re front-e n d a p p l ications f o r r pm
a n d c a n be used to i n sta l l i n d i v i d u a l packages o r package collections (so metimes ca l l ed package
groups) .
The yum c o m m a n d searches n u m e ro u s repositories for packages a n d t h e i r d e p e n d e n c ies so t h ey
may be i n sta l l ed toget h e r in a n effo rt to a l l eviate d e p e n d e n c y issues. T h e m a i n confi g u ration
f il e for yum i s / e t c /yum . conf w i t h a d d it i o n a l repository config u ra t i o n f i l es l ocated i n t h e
/et c/yum . repos . d d i rectory. Repos itory confi g u ration f i l es i n c l u d e , at a m i n i m u m , a r e p o id ( i n
s q u a re b ra c kets), a n a m e a n d t h e U R L l o c a t i o n of t h e package re posito ry. The U R L can point to
a l oca l d i rectory (fi l e) o r remote n etwork s h a re ( http, ftp, etc.). If the U R L i s pasted i n a b rowse r,
t h e contents s h o u l d d i s p l ay t h e R P M packa g e s , possi b l y i n o n e or m o re s u b d i rectories, a n d a
repod a t a d i rectory with i nfo r m a t i o n a bo u t a va i l a b l e packag es.
The yum co m m a n d i s used to l i st repositories, p a c kages, and package g ro u ps:
-
-
-
-
-
-
-
[ root@serverx -]# yum repolist
Loaded plugins : langpacks
repo id
repo name
! rhel_dvd
Remote classroom copy of dvd
repolist : 4, 529
[root@serverX -]# yum list yum*
Loaded plugins : langpacks
Installed Packages
3 . 4 . 3-118 . 2 . el7
yum . noarch
0 . 4 . 2-3 . el7
yum-langpacks . noarch
1 . 1 . 4-10 . el7
yum-metadata- parser . x86_64
2 . 0 . 1-4 . el7
yum - rhn-plugin . noarch
1 . 1 . 31- 24 . el7
yum- utils . noarch
Available Packages
R H1 24- R H E L7-en-1-20140606
status
4, 529
@anaconda/7 . 0
@rhel_dvd
@anaconda/7 . 0
@rhel_dvd
@rhel_dvd
321
-
-
C h a pte r 1 3. I n sta l l i n g a n d U pd a t i n g Softwa re Packages
yum- plugin-aliases . noarch
yum- plugin- changelog . noarch
yum- plugin - tmprepo . noarch
yum- plugin -verify . noarch
yum-plugin-versionlock . noarch
[ root@serverx - ] # y u m l i s t installed
Loaded plugins : langpacks
Installed Packages
GConf2 . x86_64
ModemManager . x86_64
ModemManager - glib . x86_64
[ root@serverx - ] # yum grouplist
Installed groups :
Base
Desktop Debugging and Performance
Dial- up Networking Support
Fonts
Input Methods
{
1 . 1 . 31-24 . el7
1 . 1 . 31-24 . el7
1 . 1 . 31-24 . el7
1 . 1 . 31- 24 . el7
1 . 1 . 31-24 . el7
3 . 2 . 6-8 . el7
1 . 1 . 0- 6 . git20130913 . el7
1 . 1 . 0- 6 . git20130913 . el7
rhel_dvd
rhel_dvd
rhel_dvd
rhel_dvd
rhel_dvd
@rhel_dvd
@rhel_dvd
@rhel_dvd
-
-
-
-
-·
Tools
-
-
References
R
�· -
yum(8), yum . conf(5), r pm(8), r pm2cpio(8), a n d rpmkeys(8) m a n pages
-
-
-
-
-
-
-
-
-
-
-·
322
R H1 24- R H E L 7-en-1-20140606
-
-
-
Practice: R P M S oftwa re Packages
-
Pra ct i ce: R P M S oftwa re Pa c ka g es
-
-
Quiz
Match t h e fo l l ow i n g i t e m s to t h e i r cou nte rparts i n t h e t a b l e.
-
Arch itect u re
Repos itory
-
-
I
I
18
C h a n g e l og
G P G s i g n a t u re
Desc r i p t i o n
I
Release
Te r m
-
T h e u pst rea m s o u rce code vers i o n
-
L i st of rea s o n s fo r ea c h p a c ka g e b u i l d
-
T h e ve rs i o n of t h e p a c k a g e b u i l d
-
-
-
T h e p rocessor ty p e req u i red fo r a s p e c i f i c
p a c ka g e
A co l l ect i o n of R P M p a c ka g e s a n d p a c k a g e
g r o u ps
-
-
U s e d to v e r i fy t h e s o u rce a n d i nteg r ity of a
package
-
-
-
-
-
-
R H 1 24- R H E L 7 - en -1 -20140606
323
-
-
C h a pter 13. I n sta l l i ng a n d U pd a t i n g Softwa re Pa ckages
-
Solution
-
M a t c h t h e fo l l ow i n g items to t h e i r cou nterparts i n t h e ta b l e.
-
D e sc r i pt i o n
Te r m
-
T h e u pst rea m s o u rce code ve rs i o n
Ve rs i o n
-
L i st of rea s o n s fo r e a c h p a c k a g e b u i l d
Change log
-
T h e ve rs i o n of t h e p a c k a g e b u i l d
R e l ease
T h e p rocess o r ty p e req u i re d for a s p e c i f i c
p a c ka g e
A rc h i tect u re
-
-
-
A co l l ect i o n of R P M p a c ka g es a n d p a c ka g e
g ro u ps
R e p o s itory
U s e d to ve r i fy t h e s o u rce a n d i n teg r i ty of a
p a c ka g e
G PG s i g n a t u re
-
-
-
-
-
-
-
-
-
-
324
RH124- R H E L7 - e n -1-20140606
-
-
-
M a n a g i n g Software U pdates w i t h yum
-
-
-
....
-
-
-
M a n a g i n g Softwa re U pd ates wit h yum
Objectives
After c o m p l et i n g t h i s sect i o n , s t u d e n t s s h o u l d b e a b l e to f i n d , i nsta l l , a n d u pdate softwa re
packages u s i n g t h e yum com m a n d .
Working with yum
yum i s a powerf u l c o m m a n d - l i n e t o o l t h at c a n b e used t o m o re f l ex i b l y m a n a g e ( i nsta l l , u pd a te,
rem ove, and q u e ry) softwa re packages. Officia l Red Hat packages a re n o r ma l ly d ow n l oa d e d from
Red Hat's content distribution network. Registering a syst e m to t h e s u bscription m a n a g e m e n t
s e r v i c e a utomatica l l y confi g u res a c c e s s to software re positories b a s e d o n t h e atta c h e d
s u bs c r i pt i o n s.
F i n d i n g softwa re wit h yum
•
y u m h e l p w i l l d i s p l ay u s a g e i nformat i o n .
•
yum l i s t d i s p l ays i n sta l l ed a n d ava i l a b l e packages.
-
[ root@serverx - ] # yum l i s t ' ht t p * '
Loaded plugins : langpacks
Available Packages
httpcomponents-client . noarch
httpcomponents-core . noarch
httpd . x86_64
httpd -devel . x86_64
httpd -manual . noarch
httpd - tools . x86_64
-
-
•
-
yum s e a r c h
o n l y.
=============================
-
-
•
-
-
==============================
yum info PACKAGENAME g ives d eta i l e d i nformation a b o u t a p a c ka g e, i n c l u d i n g t h e d i s k
s p a c e n e e d e d f o r i n sta l l at i o n .
To get i nfo rmation o n the A p a c h e H T T P S e rver:
I
-
l i sts packages by keywords fou n d in t h e n a m e a n d s u m m a ry f i e l d s
[ root@serverx -]# yum search all ' web s e rve r '
Loaded plugins : langpacks
Matched : web server
freeradius . x86_64 : High-performance and highly configurable free RADIUS server
hsqldb . noarch : HyperSQL Database Engine
httpd . x86_64 : Apache HTTP Server
libcurl . i686 : A library for getting files from web servers
libcurl . x86_64 : A library for getting files from web servers
mod_revocator . x86_64 : CRL retrieval module for the Apache HTTP server
mod_security . x86_64 security module for the Apache HTTP Server
python-paste . noarch : Tools for using a Web Server Gateway Interface stack
-
-
rhel_dvd
rhel_dvd
rhel_dvd
rhel_dvd
rhel_dvd
rhel_dvd
To search for packages that have " w e b serve r " i n t h e i r n a m e, s u m m a ry, a n d description f i e l d s ,
use s e a r c h all:
-
-
KEYWORD
4 . 2 . 5-4 . el7
4 . 2 . 4-6 . el7
2 . 4 . 6-17 . el7
2 . 4 . 6-17 . el7
2 . 4 . 6-17 . el7
2 . 4 . 6-17 . el7
i
[ root@serverx -]#
yum info h t t pd
R H 1 24- R H E L 7-en-1-20140606
325
-
-
C h a pter 1 3. I n sta l l i n g a n d U pd a t i n g S oftwa re Packages
Loaded plugins : langpacks
Available Packages
httpd
Name
Arch
x86_64
Version
2.4.6
17 . el7
Release
Size
1.1 M
rhel_dvd
Re po
Apache HTTP Server
Summary
URL
http : //httpd . apache . org/
ASL 2 . 0
License
Description The Apache HTTP Server is a powerful, efficient , and extensible
web server .
•
yum p r ovides PA THNAME d i s p l ays packages t h a t match t h e pat h n a m e specified (w h i c h
often i n c l u d e w i l d ca rd c h a ra cters).
-
-
-
-
--
-
To find packages that p rov i d e the /var /www / h t ml d i recto ry, use:
[ root@serverx - ] # yum provides /var/www/ html
Loaded plugins : langpacks
httpd - 2 . 4 . 6-17 . el7 . x86_64 : Apache HTTP Server
rhel_dvd
Re po
Matched from :
Filename
/var/www/html
-
-
1 : php- pear -1 . 9 . 4-21 . el7 . noarch PHP Extension and Application Repository
framework
rhel_dvd
Re po
Matched from :
/var/www/html
Filename
I n sta l l i n g a n d re m ovi ng softwa re w i t h yum
•
yum i n s t all
d e p e n d e n c ies.
PACKAGENAME
o bta i n s a n d i n sta l l s a software package, i n c l u d i n g a ny
[ root@serverX - ] # y u m install h t t pd
Loaded plugins : langpacks
Resolving Dependencies
- -> Running transaction check
- - -> Package httpd . x86_64 0 : 2 . 4 . 6-17 . el7 will be installed
- -> Processing Dependency : httpd- tools 2 . 4 . 6-17 . el7 for package :
httpd -2 . 4 . 6-17 . el7 . x86_64
- -> Processing Dependency : /etc/mime . types for package : httpd -2 . 4 . 6-17 . el7 . x86_64
- -> Processing Dependency : libapr-1 . so . 0( ) ( 64bit ) for package :
httpd -2 . 4 . 6-17 . el7 . x86_64
- -> Processing Dependency : libaprutil-1 . so . 0( ) ( 64bit ) for package :
httpd -2 . 4 . 6-17 . el7 . x86_64
- -> Running transaction check
- - -> Package apr . x86_64 0 : 1 . 4 . 8- 3 . el7 will be installed
- - -> Package apr- util . x86_64 0 : 1 . 5 . 2-6 . el7 will be installed
- - -> Package httpd- tools . x86_64 0 : 2 . 4 . 6-17 . el7 will be installed
- - -> Package mailcap . noarch 0 : 2 . 1 . 41-2 . el7 will be installed
- -> Finished Dependency Resolution
Dependencies Resolved
-
-
-
-
-
-
=
-
-
-
-
-
326
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Wo r k i n g with yum
-
Version
Package
Arch
Installing :
2 . 4 . 6-17 . el7
httpd
x86 64
Installing for dependencies :
1 . 4 . 8- 3 . el7
apr
x86 64
1 . 5 . 2-6 . el7
apr -util
x86_64
2 . 4 . 6-17 . el7
httpd- tools
x86_64
2 . 1 . 41-2 . el7
mailcap
noarch
Transaction Summary
Install 1 Package ( +4 Dependent packages )
Total download size : 1 . 4 M
Installed size : 4 . 3 M
Is this ok [y/d/N] :
Repository
Size
================================================================================
rhel_dvd
rhel dvd
rhel_dvd
rhel_dvd
rhel dvd
1.1
180
90
76
31
M
k
k
k
k
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = == = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = =
-
-
-
================================================================================
-
-
-
•
yum u p d a t e PACKAGENAME obta i n s a n d i n s ta l l s a newe r version of t h e softwa re p a c kage,
i n c l u d i n g a ny d e p e n d e n c ies. G e n e ra l l y the p rocess tries to p reserve confi g u ra t i o n files i n p l a ce,
but in s o m e cases, t h ey may be r e n a m e d if t h e p a c ka g e r t h i n ks the o l d one w i l l n ot work after
t h e u pdate. W i t h n o PAC K AG E N A M E specified, it w i l l i n sta l l a l l rel eva nt u pdates.
i [ root@serverX - ]#
-
I
-
yum update
������-��-------,
i
S i nce a new ke r n e l c a n o n l y be tested by boot i n g to t h a t ke r n e l , t h e package i s s pecifica l l y
d e s i g n e d s o t h a t m u l t i p l e vers i o n s m a y be i n sta l l ed a t o n ce. I f t h e n e w ke r n e l fa i l s to boot. t h e
o l d ke r n e l i s sti l l ava i l a b l e. U s i n g yum u pdat e k e r nel wi l l act u a l l y install t h e n e w ke r n e l . The
co nfi g u ra ti o n f i l e s hold a l ist of packages to " a l ways i n sta l l " eve n if t h e a d m i n ist rato r req u ests
a n u pdate.
-
-
Note
-
U s e yum list k e r n e l to l ist a l l i n st a l l e d a n d a va i l a b l e k e r n e l s . To view t h e
c u r re n t l y r u n n i n g ke r n e l , use t h e u name c o m m a n d . The - r o p t i o n w i l l s h ow o n l y
t h e k e r n e l v e rs i o n a n d rel ease, a n d t h e - a o pt i o n w i l l show t h e k e r n e l r e l e a s e a n d
additional information.
-
[ root@serverX -]# yum list ke rnel
Loaded plugins : langpacks
Installed Packages
3 . 10 . 0-123 . 0 . 1 . el7
kernel . x86_64
@anaconda/7 . 0
3 . 10 . 0-84 . el7
kernel . x86_64
@rhel-7- server - htbrpms
[ root@serverx -)# u n ame - r
3 . 10 . 0-123 . el7 . x86_64
[ root@serverX -]# u n ame - a
Linux demo . example . com 3 . 10 . 0-123 . el7 . x86_64 #1 SMP Tue Nov 26 16 : 51 : 22 EST
2013 x86_64 x86_64 x86 64 GNU/Linux
-
-
-
-
•
y u m remove
packages.
PACKAGENAME
rem oves a n i n sta l l ed s oftwa re p a c k a g e , i n c l u d i n g a n y s u p po rted
-
-
-
RH124- R H E L 7-en-1 -20140606
327
-
-
C h a pter 13. I n sta l l i n g a n d U pd a t i n g Softwa re Packages
[ root@serverx
-
- ] # yum remove h t t pd
-
Warning
yum r emove w i l l re m ove t h e packag e(s) l isted and any package that requires the
package(s) being removed (a n d packa g e (s) w h i c h req u i re t h ose packages, a n d s o
on). T h i s can l e a d to u n ex pected remova l of packages, so c a refu l l y c h e c k t h e l ist o f
packages to b e re m oved.
-
-
-
I n sta l l i n g a n d re m ov i n g g ro u ps of softwa re wit h yum
•
yum a l so h a s t h e concept of groups, which a re co l l e c t i o n s of re lated softwa re i n sta l l e d toget h e r
f o r a particu l a r p u r pose. I n R e d H a t E nterprise L i n u x 7, t h e re a re two k i n d s o f g ro u ps. Reg u l a r
g ro u ps a re co l l e ct i o n s o f packages. Environment groups a re co l l ections o f ot h e r g ro u ps w h i c h
i n c l ude t h e i r own p a c ka g es. The packages o r g ro u p s prov i d e d by a g ro u p m a y be mandatory
( m u st be i nsta l l ed if t h e g ro u p is i n sta l l ed), default (a re n o r m a l l y i nsta l l ed if t h e g ro u p i s
i n sta l l e d ) , o r optional ( a r e n ot i n sta l l ed w h e n t h e g r o u p i s u n l ess a s k e d for s p e c i f i ca l l y) .
L i ke y u m lis t , t h e yum g roup list (o r yum g rouplis t ) c o m m a n d w i l l show t h e n a mes
of i n sta l l ed and ava i l a b l e g ro u ps. Some groups a re n o rm a l l y i n sta l l ed t h ro u g h e n v i ro n m e nt
g roups a n d a re h i d d e n by defa u lt. These h i d d e n g ro u p s ca n a l so be l i sted w i t h t h e yum g r o u p
list h i d d e n com m a n d . I f t h e ids o p t i o n is a d d e d , t h e g r o u p I D wi l l a l so b e s h o w n . G ro u ps
c a n be i n sta l l e d , u pd a t e d , re moved, a n d ot h e rw i s e q u e r i e d by n a m e or I D.
[ root@serverx - ] # yum g roup list
Loaded plugins : langpacks
Available environment groups :
Minimal install
Infrastructure Server
I
File and Print Server
Web Server
I
Virtualization Host
I
I
Server with GUI
I
Installed groups :
Base
Desktop Debugging and Performance Tools
Dial-up Networking Support
I Fonts
Input Methods
Internet Browser
I
PostgreSQL Database server
Printing client
X Window System
Available Groups :
Additional Development
I
Backup Client
I
Backup Server
I
-
-
-
-
.---· ·
I
I
-
'
-
I
-
-
I
-
I
-
L..,___
-
!
•
-
I nform at i o n a bout a g ro u p i s d i s p l ayed with yum g ro u p info (o r yum g ro u pinfo). I t
i n c l udes a l i st o f m a n d atory, defa u lt, a n d o pt i o n a l p a c k a g e n a mes or g ro u p I Ds. T h e p a c ka g e
n a mes o r g ro u p I Ds m a y h ave a m a rker i n f r o n t of t h e m .
-
-
328
RH124- R H E L 7-en-1-20140606
-
-
-
-
Wo r k i n g w i t h yum
-
-
-
M a rker
M ea n i n g
=
Pa c k a g e is i n sta l l e d , was i n sta l l ed as part of t h e group
+
Pa c k a g e i s n ' t i n sta l l e d , wi l l be if t h e g ro u p is i nsta l l ed o r u pdated
-
Pa c k a g e i s n ' t i n sta l l e d , w i l l not be if t h e g r o u p is i nsta l l ed o r u pdated
no marker
Pac k a g e is i n sta l l e d , b u t was n ot i n sta l l e d t h ro u g h t h e g ro u p .
[ root@serverX - ] # yum group info " Identity Management serve r "
Loaded plugins : langpacks
Group : Identity Management Server
Group - Id : identity-management - server
Description : centralized management of users, servers and authentication policies .
Default Packages :
+389-ds- base
+ipa-admintools
+ipa- server
+pki-ca
Optional Packages :
+ipa- server-trust -ad
+nuxwdog
+slapi-nis
-
-
-
-
-
I
___
-
-
-
-
•
The yum g r o u p i n s t all (or yum g ro u p i n s t all) co m m a n d w i l l i n sta l l a g ro u p w h i c h w i l l
i n sta l l its m a n d atory a n d defa u l t packages a n d t h e packages they d e p e n d on.
[ root@serverX - ] # y u m g r o u p i n s t all " I nfiniband
Transaction Summary
Install 17 Packages (+7 Dependent packages )
Total download size : 9 . 8 M
Installed size : 33 M
Is this ok [y/d/N] :
Suppo r t "
= = = = = = = = = =============== = = = = = = = = = = = = = = = == ========== = = = = = = = = = = = = = = ==== = = = = = = = ====
-��-
-
'
------j
-
-
-
-
-
-
-
-
R H124- R H E L 7-en-1-20140606
329
-
-
C h a pter 1 3. I n sta l l i n g a n d U pd a t i n g Softwa re Pa ckages
-
Important
-
T h e b e h a v i o r of yum g ro u ps h a s c h a n g e d i n Red Hat Enterprise L i n u x 7 from Red
H a t E n t e r p rise L i n u x 6 and e a r l i e r. In R H E L 7, g roups a re t reated a s objects, and a re
t ra c ked by t h e system. I f a n i nsta l l e d g r o u p is u pdated, a n d n ew m a n d atory o r defa u lt
packages have been added to t h e g ro u p by t h e yum re pository, t hose new packages w i l l
be i n sta l l e d o n u p d ate.
R H E L 6 a n d ea r l i e r c o n s i d e r a g ro u p to be i n sta l l ed if a l l its m a n d atory packages have
b e e n i nsta l l ed; or if it h a d no m a n d atory p a c kages, if a n y defa u l t o r o p t i o n a l packages
i n the group a re i n sta l l e d . In R H E L 7, a g ro u p i s c o n s i d e re d to be i n sta l l ed only if yum
g r o u p i n s t all was used to i n sta l l it. A new com m a n d i n R H E L 7, yum group mark
ins t all GROUPNAME can b e u s e d t o mark a g ro u p a s i n st a l l e d , and a ny m i s s i n g
p a c k a g e s a n d t h e i r d e p e n d e n c i e s w i l l be i n sta l l ed o n t h e n ext u p d a te.
-
-
-
Fi n a l l y, R H E L 6 a n d e a r l i e r d i d n ot h a ve the two-word form of the yum g ro u p
co m m a nds. I n ot h e r w o r d s , i n R H E L 6 t h e com m a n d yum g rouplist existed, but t h e
e q u iva l e n t R H E L 7 co m m a n d yum g ro u p list d i d n ot.
-
V i ew i n g t ra n sact i o n h i st o ry
•
A l l i nsta l l a n d remove t ra n s a c t i o n s a re l og g e d i n /var /log/yum . log.
[ root@serverX - ] # t ail - 5 /var/log/yum . log
Feb 16 14 : 10 : 41 Installed : libnes -1 . 1 . 3-5 . el7 . x86_64
Feb 16 14 : 10 : 42 Installed : libmthca-1 . 0 . 6-10 . el7 . x86 64
Feb 16 14 : 10 : 43 Installed : libmlx4-1 . 0 . 5- 7 . el7 . x86 64
Feb 16 14 : 10 : 43 Installed : libibcm-1 . 0 . 5- 8 . el7 . x86 64
Feb 16 14 : 10 : 45 Installed : rdma-7 . 0_3 . 13 rc8-3 . el7 . noarch
r--!
-
-
-
-
-
•
•
A s u m m a ry of i n sta l l a n d re m ove t ra ns a c t i o n s c a n be viewed with yum h i s t ory.
[ root@serverX - ] # yum history
Loaded plugins : langpacks
ID
I Login user
6 I Student User <student>
5 I Student User <student>
4 I System <unset>
3 I System <unset>
2 I System <unset>
1 I System <unset>
history list
I
Date and time
2014-02-16 14 : 09
2014-02-16 14 : 01
2014-02-08 22 : 33
2013-12-16 13 : 13
2013-12-16 13 : 13
2013-12-16 13 : 08
I
Action ( s )
Install
Install
Install
Erase
Erase
Install
I
Altered
25
1
1112 EE
4
1
266
330
-
-
-
-
A transaction can b e reve rsed w i t h the h i s t o r y undo options:
[ root@serverX - ] # yum history u n d o 6
Loaded plugins : langpacks
Undoing transaction 6, from Sun Feb 16 14 : 09 : 51 2014
dapl-2 . 0 . 39-2 . el7 . x86_64
Install
Dep- Install graphviz-2 . 30 . 1-18 . el7 . x86_64
Dep- Install graphviz-tcl-2 . 30 . 1-18 . el7 . x86_64
ibacm-1 . 0 . 8-4 . el7 . x86_64
Install
Install
ibutils - 1 . 5 . 7 -9 . el7 . x86 64
-
-
@rhel-7- server-htb- rpms
@rhel-7- server-htb- rpms
@rhel-7- server-htb- rpms
@rhel-7- server-htb- rpms
@rhel-7-server-htb- rpms
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
-
-
S u m m a ry of yum com m a n d s
Dep- Install ibutils-libs -1 . 5 . 7 -9 . el7 . x86_64
-
-----
Su m mary of yum com mands
i_
-
-
Pa ckages c a n be l o cated, i nsta l l e d , u pdated, and removed by n a m e o r by package g ro u ps.
-
-
-
-
-
-
@rhel-7-server-htb- rpms
R
Ta sk:
Co m m a nd :
List i n sta l l ed a n d ava i l a b l e packages b y n a m e
yum list [ NAME - PATTERN ]
List i n sta l l ed a n d a va i l a b l e g ro u p s
y u m g r o u plist
Search for a package by keyword
yum s e a r c h KEYWORD
S h ow deta i l s of a p a c k a g e
y u m info PACKAGENAME
I nsta l l a package
yum i n s t all PACKAGENAME
I nsta l l a package g ro u p
yum g rou pinst all " GROUPNAM E "
Update a l l packages
yum update
Remove a package
yum r emove PACKAGE NAME
D i s p l ay t ra n sact i o n h i story
yum h i s t o ry
References
yum(1 ) a n d yum . conf(5) m a n pages
-
A d d i t io n a l i nfo r m a t i o n o n yum may b e a va i l a b l e in the Red Hat Enterprise Linux System
Administrator's Guide fo r Red Hat E n t e r p r i s e L i n u x 7, w h i c h can be fo u n d a t
http://d o c s . r e d hat.com/
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1-20140606
331
-
-
C h a pter 13. I n sta l l i n g a n d U pd a t i n g Software Pa c k a g e s
-
P ract i ce: I nsta l l i n g a n d U pd a t i n g Softwa re w i t h
yum
-
-
Guided exercise
-
I n t h i s l a b , you w i l l i n sta l l a n d remove packages a n d p a c ka g e g ro u p s .
O u t c o mes:
-
E x p l o re i n sta l l i n g and re m ov i n g packages with d e p e n d e n cies.
Before you begin ...
Reset yo u r serverX syst e m .
D 1.
-
Searc h f o r a s pecific package.
D 1 .1 .
Attempt t o r u n t h e com m a n d g n u plo t . Yo u s h o u l d find t h a t it is n o t i n sta l l ed.
[ root@serverX - ] # gnuplot
bash : gnuplot : command not found . . .
-
D 1.2. S e a rc h for p l ott i n g packages.
[ root@serverX - ] # y u m s e a r c h plot
Loaded plugins : langpacks
N/S matched : plot
emacs-gnuplot . noarch : Emacs bindings for the gnuplot main application
gnuplot . x86_64 : A program for plotting mathematical expressions and data
gnuplot -common . x86_64 : The common gnuplot parts
python-matplotlib . x86_64 : Python 20 plotting library
texlive-pst - plot . noarch : Plot data using PSTricks
Name and summary matches only, use "search all" for everything .
==== ===================
D 1.3.
-
-
============= == ========
F i n d o u t m o re info r m a t i o n a bo u t t h e g n uplot package.
[ root@serverx - ] # yum
gnuplot
Name
x86_64
Arch
-
-
-
-
info gnuplot
-
-
D 2.
I n sta l l t h e g n u plot p a c ka g e.
[ root@serverX - ] # yum
Dependencies Resolved
-
i n s t all - y gnuplot
Package
Arch
Installing :
gnuplot
x86_64
Installing for dependencies :
gnuplot -common
x86_64
Version
Repository
Size
= = = = = = = = = = == = = = = = = = = = = = = = = = == = = = = = = = = = = = = = = = = = = = = = = = = = = = = = == = = = = = = = = = = = = = = = = =
= = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = == = = = ==
332
4 . 6 . 2- 3 . el7
4 . 6 . 2-3 . el7
rhel_dvd
rhel_dvd
645 k
595 k
R H1 24- R H EL 7-en-1-20140606
-
-
-
-
-
-
-
G u i d e d exercise
-
Transaction summary
Install 1 Package (+1 Dependent package )
=============================================================================
-
-
D 3.
R e m ove packages.
D 3.1 .
-
Attempt to re m ove t h e gnu plot packa g e, b u t s a y n o. H ow m a ny packages wou l d
be re moved?
[ root@serverx - ] # yum
Removing :
gnuplot
x86_64
Transaction Summary
-
-
l
remove gnuplot
4 . 6 . 2-3 . el7
@rhel_dvd
1.5 M
=======================================================================
Remove 1 Package
Installed size : 1 . 5 M
Is this ok [y/N] : n
-
-
D 3.2. Atte m pt to re m ove t h e gnu plot - common package, but say no. How m a n y
p a c k a g e s wo u l d b e removed?
-
[root@serverx - ] # yum remove
Removing :
x86_64
gnuplot -common
Removing for dependencies :
x86_64
gnuplot
Transaction Summary
-
-
-
-
-
-
1.4 M
1.5 M
Installed size : 2 . 9 M
Is this ok [y/N] : n
D 4.
G a t h e r i nfo r m a t i o n a bo u t the " C o m p at i b i l ity L i b ra ri e s " c o m p o n e n t group and i n sta l l it on
s e rverX.
D 4.1 . List a l l a va i l a b l e c o m p o n e n t g ro u ps.
I [ root@serverX - ] #
I
yum g rouplist
D 4.2. F i n d out more i n fo r m a t i o n a bout t h e Compatibility Libraries com p o n e n t g ro u p,
i n c l u d i n g a l ist of i n c l u d ed packages.
[ root@serverx - ] # yum g roupinfo
Loaded plugins : langpacks
Group : Compatibility Libraries
Group- Id : compat -libraries
-
-
@rhel_dvd
@rhel_dvd
Remove 1 Package (+1 Dependent package)
-
-
4 . 6 . 2-3 . el7
4 . 6 . 2 -3 . el7
========================================================================
-
-
gnuplot - common
R H 1 24- R H E L7-en-1-20140606
" Compatibility Libraries "
l
333
-
-
C h a pter 1 3. I n sta l l i n g a n d U pd a t i n g Software Packages
Description : Compatibility libraries for applications built on previous
versions of Red Hat Enterprise Linux .
Mandatory Packages :
+compat -db47
+compat -glibc
+compat -libcap1
+compat -libf2c- 34
+compat -libgfortran-41
+compat -libtiff3
+compat -openldap
+libpng12
+openssl098e
-
-
-.
-
-
D 4.3. I n sta l l the Compatibility Libraries c o m p o n e n t g ro u p.
[root@serverX - ] # yum g roupin s t all " Compatibility Libraries "
Loaded plugins : langpacks
Resolving Dependencies
- -> Running transaction check
- - -> Package compat -db47 . x86_64 0 : 4 . 7 . 25-27 . el7 will be installed
- -> Processing Dependency : compat -db-headers 4 . 7 . 25-27 . el7 for package :
compat -db47-4 . 7 . 25-27 . el7 . x86_64
Dependencies Resolved
-
-
=
Package
Arch
Version
Installing for group install "Compatibility Libraries" :
4 . 7 . 25-27 . el7
x86_64
compat -db47
libpng12
x86_64
1 . 2 . 50 - 6 . el7
Installing for dependencies :
noarch
4 . 7 . 25-27 . el7
compat -db- headers
Transaction Summary
Install 9 Packages {+3 Dependent packages )
Total download size : 5 . 5 M
Installed size : 21 M
, Is this ok [y/d/N] : y
Installed :
compat -db47 . x86_64 0 : 4 . 7 . 25-27 . el7
compat - glibc . x86_64 1 : 2 . 12-4 . el7
Repository
rhel_dvd
rhel_dvd
rhel_dvd
-
-
-
-
-
-
-
Dependency Installed :
compat -db-headers . noarch 0 : 4 . 7 . 25-27 . el7
compat -glibc- headers . x86_64 1 : 2 . 12-4 . el7
Complete !
-
-
-
D 5.
E x p l o re the h i story and u n d o o p t i o n s of yum.
D 5.1 .
334
-
D i s p l ay recent y u m h i sto ry.
[ root@serverX
- ] # yum history
-
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
G u i d e d exerc ise
-
-
-
-
-
-
-
-
-
-
-
Loaded plugins : langpacks
ID
I Login user
I Date and time
2014-06-05 09 : 33
3 root <root>
2014-06-05 09 : 30
2 I root <root>
1 I System <unset>
2014-06-02 20 : 27
history list
I Action ( s ) I Altered
Install
12
Install
2
Install
1112 EE
D 5.2. Confirm t h a t t h e l a st t ra a n s a c t i o n i s t h e g ro u p insta l l a t i o n .
[ root@serverx - ] # yum hi st o r y info 3
Loaded plugins : langpacks
Transaction ID 3
Thu Jun 5 09 : 33 : 19 2014
Begin time
1210 : 7c6b529424621773d5fe147315a53d55Bf726814
Begin rpmdb
09 : 33 : 40 2014 ( 21 seconds )
End time
1222 : c283bc776b18b9578b87cdec68853f49b31ca0cc
End rpmdb
root <root>
User
Success
Return-Code
Command Line
groupinstall Compatibility Libraries
Transaction performed with :
rpm-4 . 11 . 1-16 . el7 . x86_64 installed
Installed
yum- 3 . 4 . 3-117 . el7 . noarch installed
Installed
Packages Altered :
Dep- Install compat -db- headers -4 . 7 . 25-27 . el7 . noarch @rhel_dvd
@rhel_dvd
compat -db47-4 . 7 . 25-27 . el7 . x86_64
Install
history info
D 5.3. Use u n d o opt i o n s to remove the l a st set of p a c kages i n sta l l ed.
[ root@serverx
- ] # y u m hi st o r y u n d o 3
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
335
-
C h a pter 13. I n sta l l i n g a n d U pd a t i n g Softwa re Packages
-
E n a b l i n g yum Softwa re Re posito ries
-
Objectives
-
After com p l e t i n g t h i s section, stu dents s h o u l d be a b l e to e n a b l e a n d d i s a b l e t h e u s e of Red Hat
o r t h i rd-pa rty yum re posito r i es.
-
Enabling Red Hat software re positories
Regi steri n g a system to t h e s u bscription m a n a g e m e nt service automatica l l y confi g u res a ccess to
softwa re re positories based o n the attached s u bs c r i p t i o n s. To view a l l ava i l a b l e re positories:
I
[ root@serverX - ] # yum repolist
Loaded plugins : langpacks
repo id
rhel-7- public-beta-debug- rpms
rhel-7-public- beta- rpms
rhel-7- public-beta- source- rpms
repolist : 8, 520
all
repo name
Red Hat Enterprise Linux 7 Public
Red Hat Enterprise Linux 7 Public
Red Hat Enterprise Linux 7 Public
status
disabled
enabled : 8, 520
disabled
L__
_ _ _
-
-
-
E n a b l e and d i sa b l e repositories with yum - config - manag e r . This w i l l c h a n g e the enabled
parameter i n the /et c /yum . repos . d / redhat . repo f i l e.
-
I [ root @serverX - ] # yum - config - manager - - e�able rhel -� - pu b;ic - be t a - debu g - rpms
a
1 =� =� : � �=� : =: =� =::: � ��� o : rhel-7-public- beta-debug - rpms
I [ rhel-7-public- beta-debug- rpms]
j async True
,i·_ bandwidth 0
/var/lib/yum/repos/x86_64/7Server
I base_persistdir
baseurl https : //cdn . redhat . com/content/beta/rhel/everything/7/x86_64/debug
-
=
- -��---
-
======================
=
=
=
=
cache 0
cachedir /var/cache/yum/x86_64/7Server/rhel-7-public-beta-debug- rpms
cost 1000
deltarpm_percentage
enabled 1
=
-
=
=
=
-
=
Enabling third - party software re positories
T h i rd-pa rty re positories a re d i rectories of softwa re package f i l e s p rov i d e d by a n o n - R e d H a t
sou rce, w h i c h c a n be a ccessed b y y u m f r o m a website, FTP s e rver, o r loca l fi l e syst e m . Yu m
re positories a re u sed by n o n - Red H a t d i st r i b utors of softwa re, or for s m a l l co l l ec t i o n s of l o ca l
packages. ( Fo r exa m p l e, A d o b e prov ides some o f its free softwa re for L i n u x t h ro u g h a y u m
re pository.) T h e con t e n t . example . com c l a ssroom server actua l l y hosts y u m repositories for
t h i s c l ass.
Put a file i n the / e t c /yum . repos . d / d i rectory to e n a b l e s u pport for a new t h i rd-pa rty
reposito ry. Repository confi g u ration f i l e s m u st end in . repo. The re pository d e f i n i t i o n conta i n s
t h e U R L o f t h e re posito ry, a n a me, w h e t h e r to u s e G P G to c h e c k t h e p a c k a g e s i g n a t u res, a n d i f
s o , t h e U R L p o i n t i n g to t h e t r u sted G P G key.
Using
-
-
-
-
yum - config - manag e r
I f t h e U R L f o r a y u m repository i s k n o w n , a confi g u ra t i o n fi l e c a n be created w i t h yum - config ­
manag e r .
336
-
RH124- R H E L7-en-1-20140606
-
-
-
-
-
E n a b l i n g t h i rd-pa rty softwa re repos itories
-
-
-
-
-
-
-
[ root@serverX -]# yum - config - manager - - add - repo= " h t t p : //dl . fedoraproj ect . o r g/pub/epel/
Loaded plugins : langpacks
adding repo from : http : //dl . fedoraproj ect . org/pub/epel/beta/7/x86_64/
[dl . fedoraproj ect . org_pub_epel_beta_7_x86_64_]
name=added from : http : //dl . fedoraproj ect . org/pub/epel/beta/7/x86_64/
baseurl=http : //dl . fedoraproj ect . org/pub/epel/beta/7/x86_64/
enabled=1
beta/7/x86_64/ "
A f i l e was c reated i n t h e /et c /yu m . repos . d d i rectory w i t h t h e o u t p u t shown. T h i s f i l e c a n
n ow b e m o d ified to provide a c u s t o m i zed n a m e a n d t h e l o c a t i o n o f t h e GPG key. A d m i n ist rators
s h o u l d d ow n l oad the key to a loca l fi l e rat h e r than a l l ow i n g yum to ret rieve t h e key from a n
exte r n a l sou rce.
[EPEL]
name=EPEL 7 Beta
baseurl=http : //dl . fedoraproj ect . org/pub/epel/beta/7/x86_64/
enabled=1
gpgcheck=1
gpgkey=file : ///etc/pki/rpm-gpg/RPM-GPG- KEY-EPEL-7
-
R P M c o n fi g u ra t i o n p a c k a g e for t h e re pository
-
-
Some re pos itories p rov i d e t h is config u ra t i o n f i l e and GPG p u b l ic key a s pa rt of a n RPM pa c k a g e
t h a t c a n be down loaded a n d i n sta l l ed u s i n g yum local i n s t all. O n e exa m p l e of t h i s is t h e
vo l u nteer p roject E P E L ( E xtra Pa c k a g es f o r Enterprise L i n u x) , w h i c h p rovides softwa re not
s u ppo rted by Red H a t but co m pat i b l e with Red H a t Enterprise L i n u x .
I n sta l l i n g t h e R e d H a t Enterprise L i n u x 7 E P E L repo p a c k a g e :
-
[ root@serverX -]#
[ root@serverX - ] #
r p m - - impor t h t t p : //dl . fedoraproj e c t . o r g/pub/epel/RPM - GPG - KEY - EPEL - 7
yum install h t t p : //dl . fedoraproj ect . o r g/pu b/epel/beta/7/x86_64/epe l ­
release - 7 - 0 . 1 . noarch . rpm
-
-
-
-
-
-
-
-
-
-
Confi g u ra t i o n fi l es often l i st m u l t i p l e repository refere nces in a s i n g l e f i l e . Each re pository
refere nce b e g i n s with a s i n g l e-word n a m e i n s q u a re b ra c kets.
[ root@serverX -]# cat /etc/yum . repos . d/epel . repo
[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
#baseurl=http : //download . fedoraproject . org/pub/epel/7/$basearch
mirrorlist=https : //mirrors . fedoraproject . org/metalink?repo=epel- 7&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=8
gpgkey=file : ///etc/pki/rpm- gpg/RPM-GPG-KEY- EPEL-7
[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
#baseurl=http : //download . fedoraproj ect . org/pub/epel/7/$basearch/debug
mirrorlist=https : //mirrors . fedoraproj ect . org/metalink?repo=epel-debug -7&arch=$basearch
failovermethod=priority
enabled=8
gpgkey=file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
[epel- source]
R H 1 24- R H E L 7-en-1 -20140606
337
-
C h a pte r 1 3. I n sta l l i ng a n d U pd a t i n g Softwa re Pa ckages
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
#baseurl=http : //download . fedoraproj ect . org/pub/epel/7/SRPMS
mirrorlist=https : //mirrors . fedoraproj ect . org/metalink?repo=epel- source-7&arch=$basearch
failovermethod=priority
enabled=0
gpgkey=file : ///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL- 7
gpgcheck=l
T h e enabled=a para m eter c a n be i n c l u d e d so t h a t a repository i s d e f i n e d b u t not searc h e d by
defa u lt. Repositories can be e n a b l e d a n d d i s a b l e d persiste n t l y w i t h yum - config - manag e r or
t e m p o ra r i l y w i t h - - e nabl e r epo=PA TTERN and - - disable r e p o=PA TTERN options o n yum.
-
-
-
-
-
Warning
I nsta l l t h e R P M G P G key before i n st a l l i n g s i g n ed packages. T h i s w i l l verify t h a t t h e
packages b e l o n g to a k e y w h i c h h a s been i m ported. O t h e rw i se, y u m w i l l com p l a i n
a bo u t t h e m i s s i n g key. ( T h e - - no g p g c h e c k option c a n b e u s e d to i g n o re m i s s i n g G P G
keys, b u t t h i s cou l d c a u s e forg e d o r i n se c u re packages to b e i n sta l l ed o n t h e system ,
potent ia l l y com p ro m i s i n g i t s secu r ity. )
-
-
-
References
R
A d d it i o n a l i nfo r m a t i o n may b e a va i l a b l e i n t h e section o n config u ri n g y u m a n d y u m
repositories i n t h e Red Hat Enterprise Linux System Administrator's Guide f o r R e d H a t
Enterprise L i n u x 7, w h i c h can b e fo u n d a t
http://docs.re d h at.com/
-
-
yum(1 ) , yum . conf(5), and yum - config - manag e r (1 ) man pages
-
-
-
-
-
-
-
-
-
338
R H1 24-R H E L 7-en-1-20140606
-
-
-
-
Practice: E n a b l i n g Softwa re Repositories
-
P ra ct i ce: E n a b l i n g S oftwa re Repos ito r i es
-
-
-
Guide d exercise
I n t h i s l a b, yo u w i l l config u re yo u r se rver to u s e a sepa rate yum re pository to o bta i n u pdates, a n d
u pdate yo u r m a c h i n e.
Outcomes:
-
-
-
The syst e m w i l l b e confi g u red to obta i n softwa re u p dates from a c l a ssroom server and t h e
system w i l l b e r u n n i n g t h e l a test L i n u x ke r n e l .
Before you begin ...
Reset yo u r s e rverX syste m .
D 1.
-
Conf i g u re t h e system t o o bta i n softwa re from two c l a ss room repositories:
•
C l a ss roo m p a c kages provided a t http://conte nt.exa m p l e.com/r h e l7.0/x8 6_64/rht
•
U pdates p rovided at http://content.ex a m p l e.com/r h e l7.0/x 86_64/e r rata
D 1 .1 .
-
U s e yum - config - manag e r to a d d t h e c l a ss room packages reposito ry.
[ root@serverx -]#
Loaded plugins : langpacks
adding repo from : http : //content . example . com/rhel7 . 0/x86_64/rht
[content . example . com_rhel7 . 0_x86_64_rht]
name=added from : http : //content . example . com/rhel7 . 0/x86_64/rht
baseurl=http : //content . example . com/rhel7 . 0/x86_64/rht
enabled=l
yum - config - manager - - add - repo= " ht t p : //
content . example . com/rhel7 . G/x86_64/ rht "
-
-
D 1 . 2 . C reate t h e f i l e / e t c /yum . repos . d / e r r a t a . repo to e n a b l e t h e " U pdates"
re pository with t h e fo l l owi n g content:
[updates]
name=Red Hat Updates
baseurl = http : //content . example . com/rhel7 . 0/x86_64/errata
enabled=l
gpgcheck=0
-
-
-
D 2.
U s e yum - config - manag e r to d i sa b l e t h e c l a s s room packages reposito ry.
D 3.
U pdate a l l rel eva nt softwa re p rovi d e d u s i n g yum u pdate.
-
-
[ root@serverX -]# yum - config - manager - - disable
content . example . com_rhel7 . G_x86_64_rht
Loaded plugins : langpacks
================= repo : content . example . com_rhel7 . 0_x86_64_rht =================
[content . example . com_rhel7 . 0_x86_64_rht]
enabled = 0
-
-
-
-
R H1 24- R H E L 7-e n-1-20140606
339
-
-
C h a pt e r 1 3 . I n sta l l i n g a n d U pd a t i n g Softwa re Pa c k a g e s
[ root@serverX
D 4.
D 6.
- ] # yum update - y
Ve rify t h a t t h e re a re two vers i o n s of the ke r n e l i nsta l l e d . W h i c h vers i o n is c u r re n t l y i n
use?
[ root@serverx
[ root@serverX
D 5.
-
-
-
- ] # yum list kernel
- ] # uname - r
Reboot your serverX, then repeat the p rev i o u s step. W h i c h vers i o n i s c u rrent l y in use?
[ root@serverX
[ root@serverX
-
- ] # yum list kernel
-
- ] # u name - r
L i st, t h e n i n sta l l , the r h t - sys tem package.
[ root@serverX - ] # yum list rht *
Loaded plugins : langpacks
Available Packages
rht - system . noarch
[ root@serverX - ] # yum - y i n s t all
Loaded plugins : langpacks
Resolving Dependencies
1 . 0 . 0- 2 . el7
r h t - system
updates
-
-
-
-
-
-
-
-
340
R H1 24- R H E L 7 - e n -1-20140606
-
-
-
-
E xa m i n i n g R P M Pac k a g e F i l es
-
Exa m i n i n g R P M Pa c ka g e F i l es
-
Objectives
After c o m p l et i n g t h i s sectio n , s t u d e nts s h o u l d be a b l e to exa m i n e a n d i n sta l l down l oa d e d
p a c ka g e f i l es.
-
-
E xamining downloaded packages wit h r p m
The r p m u t i l ity i s a l ow - l evel t o o l t h a t can get i nfo r m a t i o n a bout t h e contents o f p a c ka g e
f i l e s a n d i n sta l l ed packages. I t g ets its info r m a t i o n f r o m a l o c a l data b a se o r t h e p a c k a g e f i l e s
t h e m s e l ves.
The g e n e ra l form of a q u e ry is:
-
-
-
•
rpm - q [ selec t - o p t io n s ]
[ q u e ry - opt ions ]
•
rpm - - q u e ry [ selec t - o p t io n s ] [ q u e r y - opt ion s ]
R P M q u e ries: S e l ect o p t i o n s
•
- q - a: a l l i n sta l l e d packages
•
-q
PACKA GENAME:
c u r re n t l y i n sta l l ed PAC K AG E N A M E
[ root@serverx - ] # rpm -q
yum-3 . 4 . 3-118 . el7 . noarch
-
•
-q - p
PACKAGEFILE .
yum
rpm: p a c k a g e f i l e n a med PAC K A G E F I L E . r p m
( root@serverx
-q
yum-utils-1 . 1 . 31-24 . el? . noarch . rpm
-
- ] # rpm
- p h t t p : //content . example . com/rhel7 . 0/x86_64/dvd/Packages/
yum - u tils - 1 . 1 . 31 - 24 . el7 . noarc h . rpm
-
•
-
-
-
-
-
-
-q -f
FIL ENAME:
w h a t p a c k a g e p rovides F I L E N A M E
[ root@serverX - ] # rpm -q
yum-3 . 4 . 3-118 . el? . noarch
- f / e t c /yum/repos . d
R P M q u e ries: I nfo r m a t i o n a bo u t content of p a c ka g es
•
- q: l i sts t h e package's n a m e a n d vers i o n ; c o m p a re to yum list
•
-q - i: package i nfor m a t i o n ; c o m p a re to yum info
•
-q
- 1:
l ist of f i l es i n sta l l ed by the specified package
( root@serverx - ] # r p m -q yum - rh n - plugin
/etc/yum/pluginconf . d/rhnplugin . conf
/usr/share/doc/yum- rhn -plugin - 2 . 0 . 1
/usr/share/doc/yum- rhn- plugin - 2 . 0 . 1/LICENSE
/usr/share/locale/aln/LC_MESSAGES/yum- rhn-plugin . mo
-1
-
-
-
R H124- R H E L 7-en-1 -20140606
341
-
C h a pte r 1 3. I n sta l l i n g a n d U pd a t i n g S oftware Packages
·
- q - c: l i st j u st t h e confi g u ra t i o n fi l es
[ root@serverx -]# rpm -q - c yum - r h n - plugin
/etc/yum/pluginconf . d/rhnplugin . conf
-
·
- q - d: l ist j u st the docu m e n t a t i o n f i l e s
[ root@serverX -]# r p m -q - d yum - rh n - plugin
/usr/share/doc/yum- rhn-plugin -2 . 8 . 1/LICENSE
/usr/share/man/man5/rhnplugin . conf . 5 . gz
/usr/share/man/man8/rhnplugin . 8 . gz
/usr/share/man/man8/yum- rhn- plugin . 8 . gz
·
-
- q - - sc r i p t s : l ist s h e l l scripts t h a t may r u n before or after t h e package is i n sta l l e d o r
re m oved
[ root@serverX -]# rpm -q - - s c r i p t s open s s h - server
preinstall scriptlet (using /bin/sh ) :
getent group sshd >/dev/null I I groupadd -g 74 - r sshd I I
getent passwd sshd >/dev/null I I \
useradd -c "Privilege- separated SSH" -u 74 -g sshd \
-s /sbin/nologin - r -d /var/empty/sshd sshd 2> /dev/null I I
postinstall scriptlet ( using /bin/sh ) :
if [ $1 -eq 1 ] ; then
# Initial installation
/usr/bin/systemctl preset sshd . service sshd . socket >/dev/null 2>&1 I I
fi
preuninstall scriptlet ( using /bin/sh ) :
if [ $1 -eq 8 ] ; then
# Package removal, not upgrade
/usr/bin/systemctl - - no- reload disable sshd . service sshd . socket > /dev/null
2>&1 1 1 :
/usr/bin/systemctl stop sshd . service sshd . socket > /dev/null 2>&1 I I :
fi
postuninstall scriptlet ( using /bin/sh ) :
/usr/bin/systemctl daemon - reload >/dev/null 2>&1 I I
if [ $1 -ge 1 ] ; then
# Package upgrade, not uninstall
/usr/bin/systemctl try- restart sshd . service >/dev/null 2>&1 I I
fi
·
- q - - c hangelog: l ist c h a n g e information for t h e package
[ root@serverX -]#
Thu Oct 83 2813
resolves : #828495
* Thu Aug 29 2813
resolves : #991856
*
I [ root@serverX -]#
r p m -q - - c hangelog audit
Steve Grubb <sgrubb@redhat . com> 2 . 3 . 2-3
- semanage port should generate an audit event
Steve Grubb <sgrubb@redhat . com> 2 . 3 . 2-2
- ausearch ignores USER events with - ua option
-
-
-
-
-
-
-
Querying a nd i nsta l l i n g package f i l es :
342
-
wget h t t p : //class room/pub/mate r ials/wonde rwidge t s - 1 . 0 - 4 . x86_64 . rpm
R H 1 24- R H E L7-en-1-20140606
-
-
-
U s i n g yum to i n sta l l loca l package f i l es
[ root@serverX - ] # rpm -q - p wonde rwidget s - 1 . 0 - 4 . x86_64 . rpm
/etc/wonderwidgets . conf
/usr/bin/wonderwidgets
/usr/share/doc/wonderwidgets-1 . 0
/usr/share/doc/wonderwidgets - 1 . 0/README . txt
-
-1
-
-
Note
T h e repoq u e ry c o m m a n d c a n a l so be u s e d to get i nformat i o n a bo u t packages a n d
t h e i r contents. I t d i ffers from r p m by l o o k i n g u p t h a t i nfo r m a t i o n i n y u m ' s re positories
i n stead of t h e loca l database of i n sta l l e d p a c kages.
-
-
-
-
-
Using yum to install local package files
yum local i n s t all PACKAGEFIL E . rpm c a n b e used to i n sta l l p a c ka g e f i l es d i rect l y.
I t au t o m a ti ca l l y d ow n l oa d s a n y d e p e n d e n c i e s t h e package has from a ny confi g u red yum
repos itories. Packages a re no r m a l l y d i g ita l l y s i g n e d to e n s u re they a re l e g i t i m a te ; i f the package
is not s i g n ed by a key t r u sted by yo u r syst e m , it w i l l be rejected. T h e - - nogpg c h e c k o pt i o n c a n
d i sa b l e t h e s i g n a t u re c h e c k if you a re certa i n t h e p a c k a g e i s l e g it i m ate if a pa c k a g e is i n sta l l ed
with yum i n s t all In Red H a t Enterprise L i n u x 7 the - - nogpgcheck option is not req u i red if a
package is i n sta l l e d w i t h yum localins t all
-
-
-
,
[ root@serverX - ] # yum localinst all wonde rwidget s - 1 . 0 - 4 . x86_64 . r pm
[ root@serverX - ] # rpm -q wonde rwidgets
wonderwidgets- 1 . 0-4 . x86_64
L
Note
r pm - ivh PA CKAGEFIL E . rpm can a l s o be used to i nsta l l package f i l es. H oweve r,
u s i n g yum h e l ps m a i n ta i n a t ra ns a ct i o n h istory kept by yum (see yum his t o ry).
-
-
-
-
Warning
Be ca ref u l w h e n i n sta l l i n g packages from t h i rd pa rties, not j u st beca u se of t h e softwa re
t h a t t h ey may i n sta l l , but beca u s e t h e R P M may r u n a r b i t ra ry s c r i pts a s root as pa rt of
t h e i n sta l la t i o n p rocess.
E xtracting files from R PM packages
F i l e s i n t h e R P M package can be extracted w i t h o u t i n sta l l i n g t h e package u s i n g c pio, a n
a rch i v i n g tool l i ke z i p o r t a r . P i p e t h e o u t p u t o f rpm2cpio PACKAG E F I L E . r pm i nto cpio id, a n d it w i l l extract a l l t h e f i l es stored i n t h e R P M package. S u b d i rectory t rees w i l l be c reated
a s needed, re l a t ive to the cu rrent w o r k i n g d i recto ry.
S e l ect f i l es c a n a l so be extracted by specify i n g t h e path of t h e f i l e :
-
[ root@serverx
11 blocks
[ root@serverx
- ] # rpm2cpio wonderwidget s - 1 . 0 - 4 . x8 6_64 . r pm I c pio - id " * tx t "
- ] # ls
-1
u s r/share/doc/wonde rwidge t s - 1 . 0/
-
-
-
R H 1 24- R H E L 7 -en -1-20140606
343
-
C h a pt e r 1 3 . I n sta l l i ng a n d U pd a t i n g Softwa re Packages
total 4
- rw- r- - r - - . 1 root root 76 Feb 13 19 : 27 README . txt
Summary of r pm query commands
_J
__
I nsta l l ed packages c a n b e q u e ried d i rect l y with r p m c o m m a n d . A d d a - p o p t i o n t o q u e ry a
package f i l e before i n sta l l a t i o n .
Ta sk:
Command:
D i s p l a y i nfo r m a t i o n a bo u t a package
r pm - q - i NAME
L i st a l l f i l e s i n c l u d e d i n a package
r pm - q
L i st confi g u ra t i o n f i l es i n c l uded in a package
r pm - q - c NAME
List doc u m e ntation f i l e s i n c l uded i n a package
r p m - q - d NAME
S h ow a s h o r t s u m m a ry of t h e reason for a
new package re l e a s e
r pm - q - - changelog NAME
D i s p l a y t h e s h e l l s c r i pts i n c l uded i n a package
r pm - q - - s c r i p t s NAME
-1
NAME
References
R
yum(8), r pm(8), repoque ry(1 ) , r pm2cpio(8), a n d c pio(1 ) m a n pages
-
-
-
-
-
344
R H 1 24- R H E L 7 - e n-1 -20140606
-
Pract i ce: Wo r k i n g with R P M Package F i l e s
-
P ra ct i ce: Wo rk i n g wit h R P M Pa c ka g e F i l es
Guided exercise
-
I n t h i s l a b, you w i l l g a t h e r i n fo r m a t i o n a bout a t h i rd-pa rty p a c ka g e, extract fi l es from it, a n d
i n sta l l it o n y o u r serverX syst e m .
O ut c o m e s :
A package not prov i d e d by a yum repository is i n sta l l e d o n t h e syste m .
Before you begin ...
-
Reset yo u r s e rverX syste m .
D 1.
Down l oa d wonderwidgets-1. 0-4.x86_64. rpm from http://classroom/publmaterials.
[ root@serverX -]#
- -2014-02-11 15 : 58 : 02 - - http : //classroom/pub/materials/
wonderwidgets-1 . 0- 4 . x86_64 . rpm
Resolving classroom ( classroom) . . . 172 . 25 . 0 . 254
Connecting to classroom ( classroom ) l 172 . 25 . 0 . 254 I : 80 . . . connected .
HTTP request sent, awaiting response . . . 200 OK
Length : 5000 ( 4 . 9K) [application/x- rpm]
Saving to : ' wonderwidgets - 1 . 0-4 . x86_64 . rpm '
100%[======================================>] 5, 000
- - . -K/s in 0s
2014-02-11 15 : 58 : 02 ( 381 MB/s ) - 'wonderwidgets-1 . 0- 4 . x86_64 . rpm ' saved
[5000/5000]
wget h t t p : //clas s r oom/pub/mate rials/
wonderwidge t s - 1 . 0 - 4 . x86_64 . rpm
-
I
-
I
-
D 2.
W h a t f i l e s does it conta i n?
[ root@serverX -]# rpm -q -p wonderwidget s - 1 . 0 - 4 . x86_64 . r pm
/etc/wonderwidgets . conf
/usr/bin/wonderwidgets
/usr/share/doc/wonderwidgets-1 . 0
/usr/share/doc/wonderwidgets- 1 . 0/README . txt
-1
-
D 3.
-
D 4.
-
-
-
W h at scripts d o e s it conta i n?
I [ root@serverX -]# rpm -q
How much d i s k s pace w i l l it u s e when i n sta l l ed?
[ root@serverX -]# r p m -q - p wonde rwidget s - 1 . 0 - 4 . x86_64 . r pm
wonderwidgets
Name
Version
1.0
Release
4
Architecture : x86 64
Install Date : ( not installed )
Group
GLS/Applications
Size : 4849
License
GPL
- -
R H 1 24 - R H E L 7 e n 1 -201 4 0606
-
- p wonde rwidget s - 1 . 0 - 4 . x86_64 . r pm - - sc ri p t s
-i
345
-
-
C h a pt e r 1 3 . I n sta l l i n g a n d U pd a t i n g Software Packages
( none )
Signature
Source RPM wonderwidgets-1. 0-4. src . rpm
Build Date Fri 03 Dec 2010 05 : 42 : 55 AM EST
Build Host station166 . rosemont . lan
Relocations ( not relocatable )
Red Hat, Inc .
Vendor
Demonstration package for use in GLS training .
summary
Description
A demonst ration package that installs an executable, and a config file .
D 5.
-
-
-
-
Use yum localin s t all to i n sta l l the package.
[ root@serverx -]# yum locali n s t all wonde rwidget s - 1 . 0 - 4 . x86_64 . r pm
Loaded plugins : langpacks
Examining wonderwidgets-1 . 0- 4 . x86_64 . rpm : wonderwidgets-1 . 0-4 . x86_64
Marking wonderwidgets- 1 . 0 - 4 . x86_64 . rpm to be installed
Resolving Dependencies
- -> Running transaction check
- - -> Package wonderwidgets . x86_64 0 : 1 . 0-4 will be installed
- -> Finished Dependency Resolution
Dependencies Resolved
Package
Repository
Version
Arch
Installing :
wonderwidgets
/wonderwidgets - 1 . 0-4 . x86_64
1 . 0-4
x86_64
Transaction Summary
Install 1 Package
Total size : 4 . 7 k
Installed size : 4 . 7 k
Is this ok [y/d/N] : y
Downloading packages :
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing wonderwidgets - 1 . 0- 4 . x86_64
Verifying : wonderwidgets - 1 . 0 -4 . x86_64
Installed :
wonderwidgets . x86_64 0 : 1 . 0-4
Complete !
-
-
-
Size
========================================= = ======================================
-
================================================================================
4.7 k
================================================================================
-
-
-
-
1/1
111
-
-
-
-
-
-
346
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
L a b : I n sta l l i n g a n d U pd a t i n g S oftware Packages
-
-
La b: I nsta l l i n g a n d U pd a t i n g Softwa re
Pa c ka g es
Perfor mance checklist
-
-
I n t h i s l a b, you w i l l i n sta l l a n d u pdate s e l ect softwa re packages.
Outcomes:
N ew and u p d ated packages a re i n sta l l ed o n t h e syste m .
Before you begin ...
-
Reset your s e rverX syste m.
1.
-
C reate t h e f i l e / e t c /yum . repos . d/e r r a t a . r e p o , to e n a b l e t h e " U pdates" repository
fo u n d o n t h e content m a c h i ne. I t s h o u l d access content fo u n d at the fo l l o w i n g U R L:
h t t p : / / c o n t e n t . e x a m p l e . c o m / r h e l 7 . 0 / x 8 6_6 4 / e r r a t a. D o not c h e c k G P G
s i g n a t u res.
-
2.
-
Config u re serverX to a d h e re to very s p e c ific softwa re req u i re m e nts. I t m u st have t h e l atest
vers i o n of the fo l l ow i n g packages i n sta l l e d . Do not i n sta l l a l l u p d ates. O n l y i n sta l l u pdates for
the packages l isted if t h ey a re a va i l a b l e.
2.1 . k e r nel (ex i st i n g pa cka ge w/ a n u pd a te)
2.2. xsane - gimp ( n ew p a c ka g e)
2.3. r h t - sys t em ( n ew package)
-
3.
Fo r secu rity rea sons, it s h o u l d not have the wvd ial package i n sta l l e d .
4.
W h e n you a re rea d y to c h e c k yo u r work, r u n lab software g rade on s e rverX.
-
-
-
-
-
R H 1 24- R H E L 7-e n-1-20140606
-
347
-
-
C h a pte r 1 3. I n sta l l i n g a n d U pd a t i n g Software Pac ka g e s
Solution
-
I n t h i s l a b, you w i l l i n sta l l a n d u pdate s e l ect softwa re packages.
Outcomes:
-
N ew a n d u pdated packages a re i n sta l l e d o n t h e syst e m .
Before you begin. . .
Reset you r serverX syste m .
1.
C reate t h e f i l e / e t c /yum . repos . d / e r r a t a . r e po, to e n a b l e t h e " U pd ates" repository
fo u n d o n the content m a c h i ne. I t s h o u l d a ccess content fo u n d a t the fo l l o w i n g U R L:
-
h t t p : / / c o n t e n t . e x a m p l e . c o m / r h e l 7 . 0 / x 8 6_64 / e r r a t a. D o not c h e c k G P G
s i g n a t u res.
C reate t h e file / e t c /yum . repos . d / e r r a t a . repo with t h e fo l l o w i n g content:
[updates]
name=Red Hat Updates
baseurl=http : //content . example . com/rhel7 . 0/x86_64/errata
enabled=1
gpgcheck=0
2.
-
-
Confi g u re serverX to a d h e re t o very specific softwa re req u i re m e nts. I t m u st h a ve t h e l atest
vers i o n of t h e fo l l o w i n g packages i n sta l l e d . D o not i n sta l l a l l u pdates. O n l y i nsta l l u p d ates for
the packages l isted i f they a re ava i l a b l e.
-
-
2.1 . k e r nel (ex i st i n g package w/ a n u pd ate)
yum u p d a t e k e r nel
2.2. xsane - gimp (new package)
-
yum i n s t all xsane - gimp
2.3. r h t - sys t em (new package)
yum i n s t all r h t - sys t em
3.
Fo r secu rity rea sons, it s h o u l d not have the wvdial package i n sta l l e d .
y u m r emove wvd ial
4.
W h e n you a re read y to check yo u r work, run lab softwa r e g r ade on serverX.
I
[student@serverx
-
- ] $ lab software grade
-
348
R H 1 24- R H E L7-en-1-20140606
-
-
Sol ution
-
S u m m a ry
-
Atta c h i n g Syste m s to S u bscriptions for Softwa re U pd ates
Reg iste r i n g system s a l l ows access to softwa re u pd ates for i n st a l l ed prod u cts.
-
R P M Softwa re Pa ckages and Yu m
R P M packages, g ro u ped i nto y u m repositories, prov i d e a u n ifo r m method of t ra c k i n g
softwa re i n sta l l a t i o n a n d u pdates.
M a n a g i n g Softwa re U pdates with yum
yum is used to i n sta l l a n d u pdate softwa re p a c k a g es.
E n a b l i n g yum Softwa re Repositories
-
-
Repositories fo r yum a re config u red i n the I e t c/yum . repos . d d i recto ry.
E xa m i n i n g R P M Pa ckage F i l es
Pa ckages down l oa d e d o u t s i d e of y u m repos itories c a n be q u e r ied a n d i n sta l l e d w i t h
rpm.
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
349
-
-
-
-
-
-
-
-
-
-
-
-
-
350
®
red h at
®
TRAINING
C H A PT E R 14
ACCESSING LI N UX FILE
SYSTEMS
Overview
Goal
To a ccess a n d i nspect existing f i l e systems on a Red Hat
E nterprise L i n u x system.
Objectives
Sections
Lab
R H1 24- R H E L7-e n-1-20140606
•
I dent i fy t h e f i l e system h i e ra rc hy.
•
Access t h e contents of f i l e systems.
•
U s e h a rd l i n ks a n d s y m l i n k s to m a ke m u lt i p l e na mes.
•
Searc h for fi les o n m o u nted file systems.
•
I dentify i n g F i l e Systems a n d Devices (and Practice)
•
M o u n t i n g and U n mo u n t i n g File System s (a n d Practice)
•
M a k i n g L i n ks Between F i l e s (a n d P ract ice)
•
Locat i n g F i l e s on the System (and Practice)
•
Acces s i n g L i n u x F i l e Syste ms
351
-
-
C h a pter 14. Access i n g L i n u x F i l e Systems
-
I d e nt ifyi ng F i l e Syst e m s a n d Devices
-
Objectives
After com p l e t i n g t h i s sect i o n , students s h o u l d be a b l e to i d e ntify a d i rectory i n t h e f i l e system
h i e ra rchy a n d w h a t stora g e device it i s sto red o n .
-
Storage management conce pts
A f i l e system is an o rg a n i zed st ructure of data-h o l d i n g f i l e s a n d d i rectories res i d i n g on a
storage device, s u c h as a phys i c a l d i s k o r p a rt i t i o n . T h e fi l e system h i e ra rc h y d i scussed e a r l i e r
a s s e m b l e s a l l t h e f i l e systems i nto o n e t ree o f d i rectories with a s i n g l e root, t h e I d i recto ry. T h e
advantage h e re i s t h a t t h e exist i n g h i e ra rchy c a n b e exte n d e d at a n y t i m e by a d d i n g a new d i s k
o r p a r t i t i o n conta i n i n g a s u p po rted f i l e syste m to a d d d i s k s pace a ny w h e re i n t h e f i l e system
t ree. The p rocess of a d d i n g a new file system to t h e ex isti n g d i recto ry t ree i s c a l l e d mounting.
The d i rectory w h e re t h e new f i l e syst e m is m o u nted is referred to as a mount point. T h i s is a
f u n d a m enta l l y d i ffere n t c o n cept t h a n t h a t used o n a M icrosoft W i n d ows syst e m , w h e re a new f i l e
system is re presented by a separate d rive l ette r.
H a rd d i s ks a n d storage devices a re n o rm a l l y d i v i d e d u p into s m a l l e r c h u n ks ca l l ed partitions. A
partition is a way to c o m p a rtm en ta l i ze a d i s k . D i fferent parts of it can be form atted w i t h d i ffere n t
fi l e syste m s o r used for d iffe rent pu rposes. Fo r exa m p l e, o n e partition cou l d conta i n u s e r h o m e
d i rectories w h i l e a n o t h e r c o u l d conta i n system data a n d l ogs. I f a user fi l l s u p t h e h o m e d i rectory
partition with d a t a , the system pa rtit i o n may st i l l have space ava i l a b l e. P l a c i n g data in two
sepa rate f i l e syste ms on two sepa rate p a r t i t i o n s h e l ps in p l a n n i n g data stora g e.
Storage devices a re re p resented by a s p e c i a l f i l e type ca l l ed block device. T h e b l o c k device is
stored i n t h e / d ev d i recto ry. In Red H a t Enterprise L i n u x , t h e fi rst SCS I , PATA/SATA, o r U S B
h a rd d rive detected i s /dev/sda, t h e seco n d i s / d ev/ sdb, a n d so o n . T h i s n a m e represents
t h e w h o l e d rive. T h e fi rst p r i m a ry p a r t i t i o n o n /dev/sda i s /dev/sda1, the second partition i s
/dev/sda2, a n d so o n .
A l o n g l i s t i n g of t h e /d ev/vda device f i l e o n serverX reve a l s i t s spec i a l fi l e t y p e a s b, w h i c h
sta n d s f o r b l o c k d evice:
[student@serverx -]$ ls - 1 /dev/vda
brw- rw- - - - . 1 root disk 253, 0 Mar 13 08 : 00 /dev/vda
-
-
-
-
-
-
-
-
-
-
Note
Except i o n s a re h a rd d rives i n v i r t u a l m a c h i n e s , w h i c h ty p i ca l l y s h ow u p a s
/dev/vd<l e t ter> o r /dev/xvd<l e t ter>.
-
Another way of o rg a n i z i n g d isks and p a r t i t i o n s i s w i t h logical volume management ( LV M ). With
LV M , o n e o r m o re block d evices c a n b e a g g regated i nto a stora g e p o o l ca l l ed a volume group.
D i s k space i s m a d e ava i l a b l e with o n e or m o re logical volumes. A l o g i c a l vo l u m e is t h e e q u iva l e nt
of a partit i o n res i d i n g o n a physica l d i s k. Both t h e vo l u me g ro u p a n d t h e l o g i c a l vo l u m e have
n a m e s a s s i g n e d upon c reat i o n . Fo r the vo l u m e g ro u p, a d i rectory with the s a m e n a m e a s t h e
vo l u m e g r o u p e x i sts i n t h e /dev d i recto ry. Be l ow t h a t d i recto ry, a sym b o l i c l i n k w i t h t h e s a m e
n a m e as t h e l o g ica l vo l u m e h a s been c reated. Fo r exa m p l e, t h e device f i l e represe n t i n g t h e mylv
l o g i c a l vo l u m e in t h e myvg vo l um e g r o u p is /dev/myvg/mylv.
352
R H 1 24- R H E L 7 - e n -1-20140606
-
-
-
-
-
-
Exa m i n i n g f i l e syste m s
-
-
-
-
-
-
I t s h o u l d b e noted t h a t LV M re l ies o n t h e Device Mapper ( D M ) k e r n e l d river. T h e a bove sym b o l i c
l i n k / dev/myvg/mylv p o i n t s to t h e /dev/dm - number b l o c k device n od e. T h e a ss i g n m e nt of
the n umb e r i s seq u e n t i a l beg i n n i n g with zero (0). T h e re i s a a n ot h e r sym bol i c l i n k for eve ry
l o g ica l vo l u m e i n the / d ev/mappe r d i rectory w i t h the n a m e /dev/mapper /myvg - mylv. Access
to the l o g i ca l vo l u m e c a n g e n e ra l l y use e i t h e r of t h e c o n s istent and re l i a b l e sy m b o l i c l i n k n a mes,
since t h e /dev/d m - number n a m e c a n va ry w i t h e a c h boot.
Examining file syste ms
To g et an overview about t h e file system mount points and the a m o u nt of free space a va i l a b l e,
r u n t h e df com m a n d . W h e n t h e d f co m m a n d i s r u n w i t h o u t a rg u m e nts, it wi l l report tota l d i s k
spa ce, u s e d d i s k spa ce, a n d free d i s k space o n a l l m o u n te d reg u l a r f i l e systems. I t w i l l report o n
both l oca l a n d re mote systems a n d t h e p e rcentage o f t h e tota l d i s k space that i s b e i n g used.
D i s p l ay t h e f i l e syste m s a n d m o u n t points o n t h e serverX m a c h i n e.
[student@serverx ] $ df
Filesystem
1K-blocks Used Available Use% Mounted on
/dev/vda1
6240256 4003760 2236496 65% I
devtmpfs
950536
0 950536 0% /dev
tmpfs
959268
80 959188 1% /dev/shm
tmpf s
959268 2156 957112 1% /run
tmpfs
959268
0 959268 0% /sys/fs/cgroup
-
-
-
-
-
-
The partit i o n i n g o n t h e serve r X m a c h i n e sh ows o n e rea l f i l e system, w h i c h is m o u nted o n /.
T h i s i s c o m m o n for v i rt u a l m a c h i n es. The tmpfs and devtmpfs devices a re f i l e syst e m s i n system
m e m o ry. A l l fi les written i nto t m pfs o r devtm pfs d i s a p p e a r after syste m reboot.
To i m p rove rea d a b i l ity of t h e o u t p u t s izes, t h e re a re two d i fferent human-readable o p t i o n s : - h
20
0
o r - H. The d i ffere nce between t h e s e two options i s t h a t - h w i l l re port i n K i B c i ) , M i B (2 ) , o r
30
9
6
G i B (2 ) , w h i l e t h e - H o p t i o n w i l l report i n S I u n its: K B (1 0 \ M B (1 0 ), G B (1 0 ) , etc. H a rd d rive
m a n ufactu rers u s u a l ly u s e S I u n its when advert i s i n g t h e i r p ro d u cts.
S h ow a re port on t h e fi l e syste m s o n the serverX m a c h i n e with a l l u n its converted to h u m a n ­
rea d a b l e format:
-
-
-
-
-
-
-
-
-
[student@serverx -]$
Filesystem
Size
/dev/vda1
6 . 0G
devtmpfs
929M
tmpfs
937M
tmpfs
937M
tmpfs
937M
Used
3 . 9G
0
80 K
2 . 2M
0
df - h
Avail
2 . 2G
929M
937M
935M
937M
Use% Mounted on
65% I
0% /dev
1% /dev/shm
1% /run
0% /sys/fs/cgroup
Fo r m o re d eta i l ed i nfo r m a t i o n a bo u t t h e s pace used by a ce rta i n d i rectory t ree, t h e re i s t h e d u
com m a n d . The d u co m m a n d h a s - h a n d - H o p t i o n s to convert t h e o u t p u t to h u m a n - rea d a b l e
fo rmat. T h e d u co m m a n d s h ows t h e s i z e o f a l l f i l e s i n t h e c u rrent d i rectory tree rec u rs i v e l y.
S h ow a d i s k usage re p o rt for t h e / root d i rectory on s e rverX:
[ root@serverX -]# du /root
4 /root/ . ssh
4 /root/ . cache/dconf
4 /root/ . cache
4 /root/ . dbus/session- bus
R H 1 24- R H E L 7-en-1-20140606
353
-
-
C h a pter 14. Acces s i n g L i n u x F i l e Syste m s
4 /root/ . dbus
0 /root/ . config/ibus/bus
0 /root/ . config/ibus
0 /root/ . config
14024 /root
-
S h ow a disk usage re port in h u m a n - re a d a b l e fo rmat for the /var /log d i rectory o n serverX:
[ root@serverX - ] # du
4 . 9M /var/log/sa
68K /var/log/prelink
0 /var/log/qemu-ga
14M /var/log
- h /var/log
-
-
-
References
R
-
df(1 ) a n d d u (1 ) m a n pages
-
-
-
-
-
-
-
-
-
-
-
-
-
354
R H 1 24- R H E L 7-en-1-20140606
-
-
-
Practice: I d e nt i fy i n g F i l e Syste m s a n d Devices
P ra ct i ce: I d e n t i fyi n g F i l e Syste m s a n d Devi ces
-
Quiz
Match t h e fo l l owi n g items to t h e i r c o u n te r p a rt s i n t h e ta b l e.
-
/d ev/s d a 2
-
I
/d ev/sd b3
I
/d ev/s d c
I
/d ev/vd b
I
/d ev/vd b3
/d ev/vg_i n sta l I/Iv _h o m e
-
Desc ription
Device f i l e
-
-
-
T h e d ev i c e f i l e of a SATA h a rd d ri ve res i d i n g
i n /dev.
The d ev i c e fi l e of the seco n d p a rt i t i o n on
the f i rst S ATA h a rd d r i ve in / d ev.
-
T h e d ev i ce fi l e of a l og i ca l vo l u m e i n / d ev.
-
-
-
The d ev i c e f i l e of t h e seco n d d i s k in a v i rt u a l
m a c h i n e i n / d ev.
T h e d ev i c e f i l e of t h e t h i rd p a rt i t i o n on t h e
seco n d S ATA h a rd d rive i n / d ev.
-
-
The d ev i ce fi l e of the t h i rd p a r t i t i o n on t h e
seco n d d i s k i n a v i rt u a l m a c h i n e i n / d ev.
-
-
-
R H 1 24- R H EL 7 - en -1-20140606
355
-
C h a pte r 1 4. Access i n g L i n u x F i l e Syste m s
Solution
-
Match t h e fo l l o w i n g items to t h e i r c o u n t e r p a rts i n t h e t a b l e.
-
Desc r i p t i o n
Device f i l e
-
T h e d e v i ce fi l e of a SATA h a rd d r ive res i d i n g
i n / d ev.
/d ev/s d c
T h e d e v i c e f i l e of t h e seco n d p a r t i t i o n o n
t h e fi rst S ATA h a rd d rive i n / d ev.
/d ev/s d a 2
-
-
-
T h e d e v i ce f i l e of a l og i ca l vo l u m e i n / d ev.
/d ev/vg_i n sta I I/Iv _h o m e
-
T h e d e v i c e f i l e of t h e seco n d d i s k i n a v i r t u a l /d ev/vd b
m a c h i n e i n / d ev.
T h e d e v i c e fi l e of t h e t h i rd p a r t i t i o n o n t h e
seco n d S ATA h a rd d rive i n / d ev.
/d ev/s d b 3
-
-
-
T h e d e v i c e f i l e of t h e t h i rd pa rt i t i o n o n t h e
s e c o n d d i s k i n a v i rt u a l ma c h i n e i n / d ev.
/d ev/vdb3
-
-
-
-
-
-
356
R H 1 24- R H E L7-e n-1-20140606
-
-
-
M o u nt i n g a n d U n mo u n t i n g F i l e Systems
-
M o u nt i n g a n d U n m o u n t i n g F i l e Systems
-
-
Objectives
After c o m p l et i n g t h i s section, students s h o u l d be a b l e to a ccess t h e contents of f i l e systems by
a d d i n g a n d re mov i n g f i l e syste m s from t h e f i l e system h i e ra rc h y.
-
-
-
-
-
Mounting file systems manually
A f i l e system res i d i n g o n a SATA/PATA or SCS I d evice n e e d s to be m o u nted m a n u a l l y to access
it. The mount com m a n d a l l ows the root user to m a n u a l l y m o u n t a file system. T h e fi rst a rg u m e n t
of t h e mou n t com m a n d s p e c i f i e s t h e f i l e syst e m to m o u nt. T h e secon d a rg u me n t s p e c ifies t h e
ta rget d i rectory w h e re t h e f i l e syste m i s m a d e ava i l a b l e a f t e r m o u n t i n g i t . The ta rget d i rectory is
refe rred to a s a m o u nt p o i nt.
T h e mou n t com m a n d ex pects the fi l e system a rg u m e n t in one of two d iffe rent ways:
•
The d evice file of the p a r t i t i o n h o l d i n g t h e f i l e syste m , res i d i n g i n / d ev.
•
The UU/D, a u n i ve rs a l u n iq u e i d e ntifier of the f i l e syste m .
Note
-
As l o n g as a f i l e system is not recreated, t h e U U I D stays the s a m e. T h e device f i l e c a n
c h a n g e ; f o r exa m p l e, if t h e order of t h e d ev i ces i s c h a n g e d o r if a d d i t i o n a l d e v i c e s a re
a d d e d to t h e syste m .
-
-
-
T h e blkid co m m a n d g i ves a n overview o f exist i n g partit i o n s w i t h a f i l e system o n t h e m a n d t h e
U U I D o f t h e f i l e syst e m , a s we l l a s t h e f i l e syst e m used to format t h e partition.
[ root@serverX -]# blkid
/dev/vdal : UUID="46f543fd- 78c9-4526-a857 -244811be2d88" TYPE="xfs"
�
-
Note
-
-
-
A f i l e system ca n b e m o u nted o n a n exist i n g d i recto ry. T h e /mnt d i rectory e x i st s
by defa u l t a n d provides a n e n t ry point for m o u n t p o i nts. I t i s used for m a n u a l l y
m o u n t i n g d isks. I t i s reco m m e n d e d to create a s u b d i rectory u n d e r /mnt a n d u s e t h a t
s u b d i rectory a s a m o u n t p o i n t u n l ess t h e re i s a reas o n to m o u n t t h e f i l e syst e m i n
a no t h e r s p e c i f i c l oc a t i o n i n t h e f i l e syste m h i e ra rc hy.
I [ root@serverX -]#
M o u nt by device f i l e of t h e p a r t i t i o n that h o l d s t h e fi l e syste m .
-
-
mou n t /dev/vdb1 /mnt/mydata
M o u nt the fi l e syst e m by u n ive rsa l u n iq u e id, or the U U I D, of t h e f i l e system.
[ root@serverX -]#
mou n t U U I D = " 46f543fd - 7Bc9 - 4526 - a857 · 244811be2dB B " /mnt /mydata
-
-
-
R H 1 24- R H E L 7-en-1-20140606
357
-
-
C h a pter 14. Accessi n g L i n u x F i l e Syste m s
-
Note
-
I f t h e d i rectory a ct i n g a s m o u n t p o i n t is n ot e m pty, t h e f i l es t h a t exists i n t h a t d i rectory
a re not a ccess i b l e a s long a s a file syste m i s m o u nted t h e re. A l l f i l e s written to the
m o u n t point d i rectory end u p o n t h e f i l e syste m m o u nted t h e re.
-
Unmounting file systems
To u n mo u n t a f i l e syst e m , t h e umo u n t com m a n d expects t h e m o u n t point as a n a rg u m e n t .
-
C h a n g e to t h e /mnt /myd a t a d i recto ry. Try t o u m o u n t t h e d evice m o u nted o n t h e /mnt /myda t a
m o u n t p o i n t . I t w i l l fa i l .
[ root@serverX -]# cd /mnt/mydata
[ root@serverX mydata]# umount /mnt /mydata
umount : /mnt/mydata : target is busy .
( In some cases useful info about processes that use
the device is found by lsof ( B ) or fuser ( 1 ) )
-
-
U n m o u n t i n g is not poss i b l e if t h e m o u nt point is a ccessed by a p rocess. Fo r umou n t to be
s u ccessf u l , t h e p rocess needs to stop accessing t h e mount p o i n t .
T h e l s o f co m m a n d l ists a l l o p e n f i l e s a n d the p rocess access i n g t h e m i n t h e p rovi d e d d i recto ry.
It is usef u l to i d e n t ify w h i c h p rocesses c u r re n t l y p reve nt t h e f i l e system from s u ccessfu l
unmounting.
O n c e t h e p rocesses a re i d e ntified, a n a c t i o n ca n b e t a k e n , s u c h a s wa i t i n g f o r t h e p rocess to
c o m p l ete o r s e n d i n g a S I GT E R M o r S I G K I L L s i g n a l to t h e p rocess. In this case, it is s u ffi c i e n t to
c h a n g e the c u r rent w o r k i n g d i rectory to a d i rectory o u t s i d e the m o u n t point.
-
-
-
[ root@serverx mydata]# cd
[ root@serverX -]# umo u n t /mnt /mydata
�---- -'
I
!
�- =--,
-
Note
A c o m m o n cause for t h e f i l e system on t h e m o u nt p o i n t to b e b u sy i s if t h e c u r re n t
wor k i n g d i rectory of a s h e l l p ro m pt i s b e l ow t h e a ctive m o u nt point. T h e p rocess
a ccess i n g the m o u n t point is bash. C h a n g i n g to a d i rectory outside the mount p o i n t
a l l ows t h e device to b e u n mo u nted.
-
Accessing removable storage devices
R e m ova b l e m e d i a , s u c h as U S B f l a s h d ev ices a n d d rives, g et a utomatica l l y m o u nted by t h e
g r a p h ica l d e s ktop e n v i ro n m e nt w h e n p l u g g e d i n . T h e m o u n t p o i n t f o r t h e remova b l e m ed i u m i s
358
R H 1 24- R H E L7 - e n -1-20140606
-
-
-
-
-
Access i n g remova b l e storage devices
-
/ r u n/media/ < u s e r >/<label>. T h e <user> is t h e u s e r l o g g ed i nto the g ra p h ica l e n v i ro n m e nt.
The < l a b e l > i s t h e name g iven to the file syst e m when i t was c reated.
-
Warn ing
-
To s a fe l y re m ove U S B m e d i a from t h e syst e m , it is req u i red to u n mo u nt it before
p hysica l l y re m o v i n g it from t h e U S B s l ot to sy n c h ro n i z e t h e f i l e system. Removing a
U S B stora g e device without u n m o u n t i n g t h e f i l e syst e m on it c a n res u lt i n data l oss.
-
�J_
R
_
References
mou n t (8), umo u n t (8), a n d lsof(8) m a n p a g es
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7 -en -1-20140606
359
-
-
C h a pte r 1 4. Access i n g L i n u x F i l e Syste m s
-
P ract i ce: M o u nt i n g a nd U n m o u nt i n g F i l e
Syst e m s
-
-
Guided exe rcise
-
I n t h i s l a b , you w i l l m o u n t a n d u n m o u n t f i l e syste ms.
Outcomes:
-
The user i d e ntifies and m o u nts a new f i l e syst e m a t a specified m o u nt point, then u n mo u nts it.
Before you begin ...
-
Reset yo u r serverX system. Run the s c r i pt lab fs s e t u p before sta rt i n g the exercise.
D 1.
A new p a r t i t i o n with a file system h a s been a d d ed to the second d i s k (vdb) o n yo u r
serverX m a c h i ne. M o u n t t h e n ew l y ava i l a b l e partition b y U U I D at t h e n e w l y created
m o u nt point /mn t / newspace.
D 1 .1 .
-
-
U s e t h e blkid t o d i scover t h e U U I D o f t h e n e w l y a d d e d p a r t i t i o n , vdb1, o n
serve r X .
[ root@serverX -]# blkid
/dev/vdal : UUID="46f543fd -78c9-4526-a857-244811be2d88" TYPE= "xfs"
/dev/vdbl : UUID="7c5e3fbb-34eb-4431-a4a5-9b887clb6866" TYPE="xfs"
-
-
D 1 . 2 . C reate t h e m o u nt p o i n t / m n t / newspace o n serverX.
i [ root@serverX -]# mkdir /mnt /newspace
----· · - ----· ·� -�---�
D 1.3.
-
[ root@serverX -]#
m o u n t UUID= " 7 c 5e3fbb - 34eb - 4431 - a4a5 - 9b887c1b6866 " /mn t /
newspace
�---���---·-·
·-··-�
D 2.
-
M o u n t t h e f i l e syste m by U U I D o n t h e /mn t / news pace d i rectory of t h e serverX
m a c h i ne.
1.
r---......l
-----·
C h a n g e to t h e /mn t /news pace d i rectory a n d c reate a new d i recto ry,
/mn t /newspace/newd i r , w i t h an e m pty f i l e , /mn t / n ewspac e /n ewdi r / n ewfile, o n
serverX.
D 2 .1 .
-
-
C h a n g e t o t h e /mn t /newspace d i rectory o n serverX.
[ root@serverX -]#
-
cd /mn t/newspace
D 2.2. C reate a new d i recto ry, / m n t /newspace/newd i r , on serverX.
i
[ root@serverX newspace]# m k d i r
newdir
-
-
D 2.3. C reate a new em pty f i l e, /mn t / n ewspace/ newd i r /newfile, on s e rverX.
-
360
R H 1 24- R H E L 7 -e n -1 -20140606
-
-
·-
-
G u i d ed exercise
-
[ root@serverX newspace]#
t o u c h newdir/newfile
-
D 3.
-
-
-
-
U n m o u n t t h e f i l e syste m m o u nted on t h e /mn t /news pace d i rectory on se rve rX.
D 3.1 .
Try to u n m o u n t / m n t / news pace w h i l e t h e c u rrent d i rectory o n t h e s h e l l is st i l l
/mn t / n ewspace o n serve r X .
[ root@serverx newspace]#
umount /mnt/newspace
D 3.2. C h a n g e t h e c u rrent d i rectory o n t h e s h e l l to / r oot .
[ root@serverx newspace]#
[ root@serverx -]#
cd
D 3.3. S u ccessf u l l y u n m o u n t /mn t / n ewspace o n se rverX.
-
[ root@serverx -]#
umoun t /mnt /newspace
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1-20140606
361
-
-
C h a pt e r 1 4. Acces s i n g L i n u x F i l e Syst e m s
-
M a ki n g L i n ks Betwe e n Fi l es
-
Objectives
-
Aft e r com p l e t i n g t h i s sect i o n , st u d e nts s h o u l d be a b l e to u s e h a rd l i n ks a n d soft l i n ks to m a ke
m u lt i p l e n a mes point to t h e s a m e f i l e.
-
Managing links between files
-
C re a t i n g h a rd l i n ks
A h a rd l i n k is a new d i rectory en tr y w i t h a refe re n c e to a n e x i st i n g f i l e on t h e f i l e syst e m . Eve ry
f i l e in a f i l e system has one h a rd l i n k by defa u lt. To save s pa ce, i n stead of copy i n g , a new h a rd
l i n k can be c reated to refe rence t h e s a m e fi le. A new h a rd l i n k e i t h e r needs to have a d i fferent
file n a m e, if it i s c reated in the same d i rectory a s the exist i n g h a rd l i nk, o r it needs to res i d e i n a
d i fferent d i recto ry. A l l h a rd l i n ks p o i n t i n g to t h e s a m e f i l e have t h e s a m e p e r m issions, l i n k count,
u s e r/g ro u p owners h i ps, time sta m ps, a n d f i l e content. H a rd l i n ks p o i n t i n g to t h e s a m e file content
n e e d to be o n t h e s a m e file syste m .
-
-
-
-1
j [ root@serverx
T h e ls
r-· -
1
I
s hows t h e h a rd l i n k c o u n t after t h e p e r m i s s i o n s a n d before t h e o w n e r of a f i l e .
·-�
-
-�- ·
[ root@serverx
- rw- r - - r- - . 1 root root 0 Mar 11 19 : 19 newfile . txt
L_
-
- ] # echo " Hello Wo rld " > newfile . t x t
- ] # ls - 1 newfile . txt
-
_ _ ___
T h e com m a n d ln c reates n e w h a rd l i n ks to exist i n g f i l es. T h e co m m a n d expects a n e x i st i n g f i l e
a s t h e first a rg u m e nt, fo l l owed b y o n e o r m o r e a d d i t i o n a l h a rd l i n ks. The h a rd l i n ks c a n res ide
a ny w h e re a s l o n g a s t h ey a re o n t h e s a m e f i l e syst e m a s t h e exist i n g f i l e. After a n ew h a rd link i s
c reated, t h e re is n o w a y to te l l w h i c h o f t h e exist i n g h a rd l i n ks i s t h e o r i g i n a l o n e.
C reate a h a rd l i n k newfile - link2 . t x t for t h e e x i st i n g f i l e n ewfile . t x t i n t h e s a m e
d i rectory.
[ root@serverX - ] # ln newfile . txt /tmp/newfile - hlink2 . tx t
[ root@serverx - ] # ls newfile . txt / t mp/newfile - hlink2 . txt
- rw- rw- r - - . 2 root root 12 Mar 11 19 : 19 newfile . txt
- rw-rw- r - - . 2 root root 12 Mar 11 19 : 19 newfile- hlink2 . txt
-
-
-
-1
-
Eve n if t h e o r i g i n a l f i l e g ets d e l eted, t h e content o f t h e f i l e i s st i l l a va i l a b l e a s l o n g a s a t l east o n e
h a rd l i n k exists.
[ root@serverx - ] # rm -f newfile . txt
[ root@serverX - ] # ls /tmp/newfile - link2 . txt
- rw- rw- r - - . 1 root root 12 Mar 11 19 : 19 /tmp/newfile-link2 . txt
[ root@serverX - ] # cat / t mp/newfile - link2 . txt
Hello World
-
-
-1
-
-
-
362
R H1 24- R H E L7-en-1-20140606
-
-
-
-
M a n a g i n g l i n ks betwe e n f i l es
-
Important
-
A l l h a rd l i n ks refe re n c i n g t h e s a m e f i l e h a ve t h e s a m e p e r m i s s i o n s , l i n k count, u s e r/
g ro u p o wn ers h ips, t i m e sta m ps, a n d f i l e content. I f a n y of t h a t i nfo r m a t i o n is c h a n g e d
o n o n e h a rd l i n k, a l l oth e r h a rd l i n ks p o i n t i n g at t h e s a m e f i l e w i l l s h ow t h e new
i nfo r m a t i o n as we l l .
-
C reat i n g soft l i n ks
The ln - s com m a n d c reates a soft l i n k, a l so k n o w n as a s y m b o l i c l i n k. A soft l i n k is a specia l
f i l e type t h a t points to a n ex i s t i n g f i l e or d i recto ry. Soft l i n ks c a n p o i n t to a f i l e or d i rectory o n
a n ot h e r f i l e syst e m . U n l i ke a h a rd l i n k, a sym b o l i c l i n k can p o i n t t o a fi l e o n a d i ffere nt fi le syst e m .
-
[root@serverX
[root@serverX
lrwxrwxrwx . 1
link2 . txt
- rw- rw- r - - . 1
-
-
-]# ln -s
-]# ls
root root
root root
-1
/root/newfile-link2 . txt /tmp/newfile-symlink . txt
newfile-link2 . txt /tmp/newfile-symlink . txt
11 Mar 11 20 : 59 /tmp/newfile- symlink . txt /root/newfile­
12 Mar 11 19 : 19 newfile-link2 . txt
->
W h e n the o r i g i n a l file g ets d e l eted, the soft l i n k is sti l l p o i n t i n g to t h e f i l e b u t t h e t a rget is g o n e.
A soft l i n k p o i n t i n g to a m i s s i n g f i l e is ca l l ed a " d a n g l i n g soft l i n k."
[root@serverX -]# rm -f newfile-link2 . txt
[root@serverX -]# ls /tmp/newfile-symlink . txt
lrwxrwxrwx . 1 root root 11 Mar 11 20 : 59 /tmp/newfile- symlink . txt
t
f e l t
irectory
f
m
L_�._:_�_0: �;���������-:_�__�i_:__�_�_\_�-���-�-:�-������������-�-�-�-�-�-�-�--d
-
-1
-
->
newfile-link2 . txt
�-�
---- �-·�����- - -�
A soft l i n k c a n poi nt to a d i recto ry. T h e soft l i n k t h e n acts l i ke a d i recto ry. C h a n g i n g to t h e soft
l i n k d i rectory with cd works a s expected.
-
l
C reate a soft l i n k / root /configfiles p o i nt i n g to t h e / e t c d i recto ry.
-
[root@serverX -]# ln -s /etc /root/configfiles
[root@serverX -]# cd /root/configfiles
[root@serverX configfiles]# pwd
/root/configfiles
-
-
-
R
References
ln(1) m a n page
-
-
-
-
-
-
R H124- R H E L 7-en-1-20140606
363
-
-
C h a pter 14. Access i n g L i n u x Fi l e Syst e m s
-
P ra ct i ce: M a ki n g L i n ks B etwe e n Fi l es
-
Guide d exercise
-
I n t h i s l a b , you w i l l c reate h a rd a n d soft l i n ks.
-
Outcomes:
The user c reates a h a rd l i n k and a soft l i n k.
D 1.
C reate a n a d d i t i o n a l h a rd l i n k / root/qmp - manual . t x t f o r t h e exist i n g f i l e
/ u s r I s ha r e / doc/ qemu - kvm/ qmp - command s . t x t o n se rve rX.
D 1 .1 .
C reate t h e h a rd l i n k / root /qmp - manual . t x t . L i n k it to t h e f i l e
/ u s r / share/doc/qemu - kvm/qmp - command s . t x t .
1
[ root@serverX
- ] # ln / u s r/share/doc/qemu - kvm/qmp - command s . txt /root/qmp ­
-
-
-
manual . txt
D 1 . 2 . Verify t h e l i n k c o u n t o n t h e n e w l y c reated l i n k / root/qmp - manual . t x t .
[root@serverx - ] # ls /root/qmp - manual . txt
- rw- r - - r - - . 2 root root 63889 Nov 1 1 02 : 58 /root/qmp-manual . txt
-1
D 1 .3. Verify t h e l i n k count o n the orig i n a l f i l e
/ u s r / sh a r e/doc/qemu - kvm/qmp - c ommand s . t x t .
-
-
[ root@serverx - ] # ls / u s r / share/doc/qemu - kvm/qmp - command s . txt
- rw- r - - r- - . 2 root root 63889 Nov 1 1 02 : 58 /usr/share/doc/qemu- kvm/qmp­
commands . txt
r-
-
-1
-
-
D 2.
C reate t h e soft l i n k / r oot / t em p d i r p o i n t i n g t o t h e d i rectory / t m p o n serverX.
D 2.1 .
C reate t h e soft l i n k / r o o t / t em p d i r . L i n k it to / t mp.
I
[root@serverx
-
- ] # ln -s /tmp / root /tempdir
-
D 2.2. Verify the n ew l y created l i n k w i t h ls
- 1.
[root@serverx - ] # ls /root
lrwxrwxrwx . 1 root root 4 Mar 1 3 08 : 42 /root/tempdir
-1
->
/tmp
-
-
-
-
-
364
R H1 24- R H EL 7-e n-1-20140606
-
-
-
-
Loca t i n g F i l e s o n t h e System
-
Locat i n g F i l es o n t h e Syste m
-
Objectives
Afte r co m p l et i n g t h i s section, students sh o u l d b e a b l e to search for f i l e s o n m o u nted f i l e syste m s
u s i n g f i n d a n d locate.
-
Tools for finding files
-
-
A system a d m i n istrator n eeds too l s for sea rc h i n g fi les m a tc h i n g ce rta i n criteria o n t h e f i l e
syste m . T h i s sect i o n d i s c u sses t w o co m m a n d s t h a t ca n sea rc h fi les i n t h e f i l e syst e m . T h e
locate com m a n d sea rc h e s a p reg e n e rated d a t a b a se f o r f i l e n a m e s o r f i l e pat h s a n d ret u r n s t h e
res u lts i n sta n t l y. T h e find co m m a n d searc h e s t h e f i l e syste m i n rea l t i m e by c ra w l i n g t h ro u g h
t h e f i l e system.
Locating files by name with loc a t e
-
-
-
The locat e com m a n d ret u r n s search res u l ts based o n f i l e n a m e o r path from t h e locate
databa se. The database stores file name and p a t h i nfo r m a t i o n .
W h e n s e a rc h i n g e n t r i e s a s a reg u l a r user, res u lts a re ret u r n e d o n l y f o r w h e re t h e u s e r i nvo k i n g
t h e locate search h a s read p e r m i s s i o n s o n t h e d i rectory t ree t h a t conta i n s t h e m a tc h i n g
e l e ment.
Searc h for f i l e s w i t h " pa sswd " i n t h e n a m e o r p a t h i n d i rectory trees rea d a b l e by u s e r s t u d e n t o n
serverX.
[student@serverX -]$ locate passwd
/etc/passwd
/etc/passwd /etc/pam . d/passwd
/etc/security/opasswd
/usr/bin/gpasswd
/usr/bin/grub2-mkpasswd-pbkdf2
/usr/bin/lppasswd
/usr/bin/passwd
/usr/bin/userpasswd
/usr/bin/vino- passwd
/usr/bin/vncpasswd
-
-
-
-
Resu lts a re ret u r n e d even w h e n the f i l e n a m e o r path i s o n l y a part i a l match to t h e sea rch q u e ry.
-
[root@serverx -]# locate image
/home/myuser/boot . image
/home/someuser/my_family_image . png
/home/student/myimages -vacation/picture . png
-
-
-
-
-
-
The - i o p t i o n perfo r m s a case- i n s e n s itive s e a rc h . W i t h t h i s option, a l l poss i b l e co m b i n at i o n s o f
u p per- a n d l owercase l etters match t h e searc h .
I
[student@serverx -]$ locate - i messages
/usr/share/vim/vim74/lang/zh_TW/LC_MESSAGES
R H1 24- R H E L 7-en-1-20140606
365
-
-
C h a pter 14. Acces s i n g L i n u x F i l e Syste m s
I
I'·,
I
/usr/share/vim/vim74/lang/zh_TW/LC_MESSAGES/vim . mo
/usr/share/vim/vim74/lang/zh_TW . UTF-8/LC_MESSAGES
/usr/share/vim/vim74/lang/zh_TW . UTF-8/LC_MESSAGES/vim . mo
/usr/share/vim/vim74/syntax/messages . vim
/usr/share/vim/vim74/syntax/msmessages . vim
I /var/log/messages
-
-
-
L__________
_ --------
T h e - n option l i m its t h e n u m be r of ret u rned search res u l t s by locat e. T h e fo l l owi n g exa m p l e
l i m its t h e searc h resu lts ret u r n e d by locate to t h e f i rst five m a t c h es.
[student@serverX ] $ locate - n 5 snow . png
/usr/share/icons/HighContrast/16x16/status/weather- snow . png
/usr/share/icons/HighContrast/22x22/status/weather- snow . png
/usr/share/icons/HighContrast/24x24/status/weather- snow . png
I /usr/share/icons/HighContrast/256x256/status/weather - snow . png
�� sr/share/icons/HighContrast/32x32/status/weather- snow . png
j
-
L
-
Note
The locate d a t a b a s e i s a u t o m a t i ca l l y u p d a ted every d a y. T h e root u s e r c a n pe rfo r m
a n u pdate of t h e d a t a b a s e w i t h t h e updatedb c o m m a n d .
[ root@serverX -]#
-
-
-
-
updatedb
·---
-
-- ---- --��-- -�-�--- -r
-
Searching for files with find
T h e find c o m m a n d perfo r m s a rea l -t i m e sea rc h i n t h e loca l f i l e syste m s to f i n d f i l e s t h a t match
t h e c r iteria of t h e com m a n d - l i n e a rg u m e nts. The find com m a n d i s l o o k i n g at f i l es i n t h e f i l e
syst e m a s yo u r u s e r accou nt. T h e u s e r i nvoki n g t h e f i n d c o m m a n d m u st have rea d a n d execute
p e r m ission o n a d i rectory to exa m i n e its contents.
-
-
T h e f i rst a rg u m e n t to the find com m a n d is the d i rectory to search. I f the d i rectory a rg u m e nt
is o m itted, find w i l l sta rt t h e search i n t h e cu rrent d i rectory a n d look for matches i n a n y of t h e
s u b d i recto ries.
-
To sea rc h t h e h o m e d i rectory of u s e r stud ent. g ive find a sta r t i n g d i rectory of
/home/s t u d e n t . To search t h e e n t i re syste m , prov i d e a sta rt i n g d i rectory of /.
-
Note
-
find h a s a h u g e n u m be r of o pt i o n s t h a t c a n b e prov i d e d to desc r i b e exact l y w h a t k i n d
o f f i l e s h o u l d be fou n d . Searches ca n be based o n fi l e n a me, f i l e s ize, l a st mod ified t i m e
sta m p, a n d oth e r f i l e c h a racte ristics i n a n y c o m b i n a t i o n .
-
T h e - name o pt i o n fo l l owed by a f i l e n a m e l ooks u p fi l es matc h i n g t h e g iven f i l e n a m e a n d
ret u r n s a l l exact matches. To search for f i l es n a m e d s shd_config i n t h e I d i rectory a n d a l l
s u b d i rectories o n serve rX, r u n :
I
[ root@serverx -]# find
/etc/ssh/sshd_config
1
L______
366
I - name s shd_config
-
RH124- R H E L7-e n-1 -20140606
-
-
-
-
S e a r c h i n g for f i l e s with f i n d
-
-
-
W i l d c a r d s a re ava i l a b l e to search f o r a fi l e n a m e a n d ret u r n a l l res u l ts t h a t a re a partia l match.
When using wild cards, it is i m porta n t to q u ote t h e f i l e name to l o o k for to p reve nt t h e term i n a l
from i n te r p re t i n g t h e w i l d card.
The fo l l ow i n g exa m p l e searches for files i n the I d i rectory o n serverX that end i n
[ root@serverX - ] # find I - name
/etc/pki/nssdb/pkcsll . txt
/etc/brltty/brl-lt-all . txt
/etc/brltty/brl-mb-all . txt
/etc/brltty/brl-md-all . txt
/etc/brltty/brl-mn-all . txt
-
-
-
-
To p e rform a case- i n s e n s itive search f o r a g iven f i l e n a me, u s e t h e - iname opt i o n , fo l l owed b y
t h e f i l e n a m e to s e a r c h . To sea rc h case-i n s e n s itive l y for f i l e s that have messages i n t h e i r n a m e s
i n t h e I d i rectory o n serverX, r u n :
[ root@serverX - ] # find I - iname ' * message s * '
/var/log/messages
/usr/lib64/python2 . 7/site-packages/orca/notification_messages . py
/usr/lib64/python2 . 7/site-packages/orca/notification_messages . pyc
/usr/lib64/python2 . 7/site- packages/orca/notification_messages . pyo
/usr/share/locale/aa/LC_MESSAGES
/usr/share/locale/ab/LC_MESSAGES
/usr/share/locale/ace/LC MESSAGES
-
-
-
-
-
-
' * . t xt '
[root@serverX - ] # find /et c - name ' * pass * '
/etc/passwd
/etc/passwd/etc/fonts/conf . d/60-overpass . conf
/etc/selinux/targeted/modules/active/modules/passenger . pp
/etc/security/opasswd
/etc/pam . d/passwd
/etc/pam . d/password-auth-ac
/etc/pam . d/password-auth
/etc/pam . d/gdm-password
-
-
txt:
To searc h f o r f i l es i n / e t c / t h a t conta i n p a s s a ny w h e re i n t h e i r n a m es o n serverX, r u n :
-
-
•
find can s e a rc h for f i l e s based o n t h e i r o w n e rs h i p or perm i s s i o n s. U s ef u l opt ions w h e n
searc h i n g by ow n e r a re - u s e r a n d - g roup, w h i c h search by n a m e , a n d - uid a n d - gid, w h i c h
search by I D.
Search for f i l es owned by t h e user student i n t h e /home/ s t u d e n t d i rectory on s e rve r X .
rx -]$
f
: �:�. /. :bash_profile
:::�::::::
i
find - u s e r s t udent
. I . bash re
. / . ssh
-
-
-
-
Search for fi l es owned by t h e g ro u p student in / home/ i n the /home/ s t u d e n t d i rectory o n
serve r X .
R H 1 24- R H E L 7-en-1 -20140606
3 67
-
-
C h a pter 14. Access i n g L i n u x F i l e Syste m s
[student@serverX
. / . bash_logout
. / . bash_profile
. / . bashrc
. / . ssh
-
- ] $ find - g roup s t udent
-
-
S e a r c h f o r f i l es o w n e d by user
[student@serverx
. / . bash_logout
. / . bash_profile
. / . bashrc
. / . ssh
I D 1 000
-
-
I D 1 000
i n t h e /home/ s t u d e n t d i rectory o n s e rverX.
- ] $ f i n d - gid 1 0 0 0
[ root@serverx - ] # find
/var/spool/mail
/var/spool/mail/root
-
-
-
S e a r c h f o r f i l es o w n e d by user root a n d g r o u p mail o n t h e serverX m a c h i n e.
I - u ser root - g roup mail
A n u m e r i c p e r m i s s i o n preceded by I w i l l m a t c h f i l es that h a v e at l east o n e b i t o f u s e r, g ro u p, o r
ot h e r f o r t h a t p e r m i s s i o n set. A f i l e w i t h p e r m i s s i o n s r - - r - - r - - d o e s n ot m a t c h /222, but o n e
w i t h rw - r - - r - - does. A - s i g n before a p e r m i s s i o n m e a n s t h a t a l l t h ree i n sta nces of t h a t bit
m ust be on, so n e i t h e r of t h e p rev i o u s exa m p l es wou l d match, b u t s o m et h i n g l i ke rw - rw - rw ­
wou l d .
To u s e a m o re c o m p l ex exa m p le, t h e fo l l o w i n g c o m m a n d wo u l d match a ny f i l e f o r w h i c h t h e
user h a s rea d , w rite, a n d execute p e r m i s s i o n s , m e m b e rs o f t h e g ro u p h a ve r e a d a n d write
p e r m i s s i o n s, and ot h e rs have read -o n l y a ccess:
I [ root@serverx - ] # find /home
-
-
The - pe r m o pt i o n is used to l ook for fi l es with a p a rt i c u l a r set of p e r m i s s i o n s . Per m i s s i o n s can
be desc r i bed a s octa l va l ues, with s o m e c o m b i n a t i o n of 4, 2 , and 1 for rea d , w rite, and execute.
P e r m i s s i o n s can b e preceded by a I o r - s i g n .
- perm 764
-
-
-
-
-
-
To match f i l e s for which t h e user has a t l e a st write and execute p e r m i s s i o n s , and the group has
at l east write p e r m is s i o n s, and ot h e rs have at l e a st read access:
[ root@serverX
-
- ] $ find - uid 1000
Sea rc h for f i l es owned by g ro u p
[student@serverx
. / . bash_logout
. / . bash_profile
. / . bash re
. / . ssh
i n t h e / home/s t u d e n t d i rectory o n serverX.
-
- ] # f i n d /home - pe r m - 324
-
368
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
S e a rc h i n g for f i l es with f i n d
-
-
-
-
-
-
-
-
To match f i l e s for w h i c h t h e u s e r h a s r e a d p e r m i s s i o n s , o r t h e group h a s a t least read
p e r m i s s i o n s , or ot h e rs h ave a t l east write access:
I [ root@serverX
I
- ] # find /home - perm /442
W h e n used w i t h I o r - , a va l u e of 0 works l i ke a w i l d card, s i nce it m e a n s "a p e r m i s s i o n of at l e a st
n ot h i n g . "
To match a n y f i l e i n t h e / home/ s t udent d i rectory for w h i c h ot h e rs have at l ea s t read access o n
serverX, r u n :
I [student@serverX
- ] $ find - perm - 004
F i n d a l l f i l e s in t h e / home/s t u d e n t d i rectory w h e re other h a s write p e r m i s s i o n s on se rve rX.
I [student@serverX - ] $ f i n d
- pe rm - 002
The find co m m a n d c a n l o o k up f i l e s that m a t c h a s i z e s p e c ified w i t h t h e - si z e o p t i o n , fo l l owed
by a n u m e rica l va l u e and the u n it.
U n its to be used with the - size option a re:
-
-
-
-
•
k, for k i l o byte
•
M, for m e g a byte
•
G, for g i g a byte
I [student@serverX
Searc h for f i l e s w i t h a size of exactly 1 0 m e g a bytes.
- ] $ find - size 10M
�s i z e
Find f i l e s with a size more than 1 0 g i g a bytes.
-
-
-
-
-
-
'
I
[student@serverX
- ] $ find
+1 0 G
-- �__�__---�---�------�
L i st a l l f i l e s w i t h a s i z e less than 1 0 k i l obytes.
[student@serverx
- ] $ find - size - 10k
Important
T h e - size u n it m o d ifiers rou n d everyt h i n g u p to s i n g l e u nits. Fo r exa m p l e, f i n d size 1M w i l l s h ow f i l es s ma l l e r t h a n 1 M B b e c a u s e it rou nds a l l f i l es u p to 1 M B.
The - mmin opti o n , fo l l owed by t h e t i m e i n m i n utes, searches for a l l f i l e s t h a t h a d t h e i r content
changed at exact l y the g iven time i n t h e past.
To find a l l files that had t h e i r file content c h a n g e d exa c t l y 1 2 0 m i n utes a g o on serverX, r u n :
-
-
-
R H1 24- R H E L 7-en-1 -20140606
369
-
-
C h a pter 14. Acces s i n g L i n u x F i l e Systems
'I
[ root@serverX
- ] # find I - mmin 1 2 0
-
T h e + modifier i n front of t h e a m o u nt of m i n utes l o o ks for a l l f i l e s i n the I t h a t have b e e n
mod ified m o re t h a n 2 0 0 m i n utes a g o.
I [ root@serverX - ] # find
-
I - mmin +200
-
The - modifier c h a n g e s the sea rc h to l o o k for a l l f i l e s in the I d i rectory w h i c h have b e e n
c h a n g e d less t h a n 1 5 0 m i n utes a g o.
[ root@serverX
I
- ] # find I - mmin - 150
The - type option l i m its t h e search scope to a g iven f i l e type, s u c h as:
•
f, for reg u l a r f i l e
•
d , f o r d i recto ry
•
•
1,
-
-
-
for soft l i n k
b , for b l o c k device
-
S e a rc h for a l l d i recto r i e s i n the /etc fo l d e r on serverX.
[ root@serverX -]# f i n d /etc - type d
/etc
/etc/tmpfiles . d
/etc/systemd
/etc/systemd/system
/etc/systemd/system/getty . target .wants
-
-
-
Sea rch fo r a l l soft l i n ks o n t h e serverX system.
I [ root@serverX
I
- ] # f i n d I - type
1
-
G e n e rate a l ist of a l l b l oc k devi ces i n t h e /dev d i rectory o n s e rverX:
[ root@serverX
/dev/vda1
/dev/vda
- ] # f i n d /dev - type b
-
The - links option fo l l owed by a n u m be r l ooks for a l l f i l e s that have a certa i n h a rd l i n k c o u nt.
T h e n u m be r c a n b e p receded by a + modifier to look for f i l es with a co u n t h i g h e r t h a n the g iven
h a rd l i n k cou nt. I f t h e n u m be r is p receded with a - m o d i f i e r, the searc h i s l i m ited to a l l f i l e s with a
h a rd l i n k c o un t t h a t i s less t h a n t h e given n u m be r.
Search for a l l reg u l a r f i l e s w i t h m o re t h a n o n e h a rd l i n k o n t h e serverX m a c h i n e :
[ root@serverX
370
- ] # find I - type f - links + 1
-
-
-
-
R H 1 24- R H E L7 - e n -1-20140606
-
-
S e a rc h i n g for f i l es with f i n d
-
: ...-::.:
ii: R
u_�
! �'
References
locat e (1 ) , updatedb(8), a n d find(1) m a n pages
-
-
-·
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
371
-
-
C h a pter 14. Accessi n g L i n u x F i l e Syst e m s
-
P ra ct i ce: Locat i n g F i l es o n t h e Syste m
Guide d exercise
-
-
I n t h i s l a b , st u d e nts w i l l f i n d f i l e s o n t h e l oc a l f i l e system.
-
Outcomes:
T h e user w i l l sea rch f i l es with loc a t e and find.
D 1.
U s e the l o cate com m a n d to find va r i o u s d iffe rent files o n the s e rverX m a c h i n e.
D 1 .1 .
Eve n t h o u g h t h e locate database i s u p d ated a u t o m a t i ca l ly every day, m a ke s u re
t h e database i s u p-to-date by m a n u a l l y sta r t i n g a n u pdate o n serverX.
I
D 1.2.
D 1.3.
D 2.
[ root@serverX
- ] # updatedb
Locate t h e config u ra t i o n file log r o t a t e . cont o n serverX.
[ root@serverX - ] # locate logrotat e . conf
/etc/logrotate . conf
/usr/share/man/man5/logrotate . conf . 5 . gz
-
-
Locate t h e config u ra t i o n fi l e netwo r kmanage r . cont, i g n o r i n g case, o n serve r X .
[ root@serverX - ] # locate - i netwo r kmanage r . conf
/etc/NetworkManager/NetworkManager . conf
/etc/dbus -1/system . d/org . freedesktop . NetworkManager . conf
/usr/share/man/manS/NetworkManager . conf . 5 . gz
F i n d a l l f i l e s i n t h e /va r / l i b d i rectory o w n e d by u s e r c h rony on serverX.
I,
!
[ root@serverX - ] #
/var/lib/chrony
[root@serverx - ] # find
/var/spool/mail
/var/spool/mail/root
-
-
-
-
-
/var - user root - g roup mail
-
D 2.3. L i st a l l f i l es i n t h e / u s r /bin d i rectory with a file size g reater than 5 0 k i l o bytes.
[root@serverx - ] # find
/usr/bin/pre -grohtml
/usr/bin/iconv
/usr/bin/localedef
/usr/bin/rpcgen
-
""-·----�-·�-···���
find /var/lib - user c h rony
D 2.2. List a l l f i l e s i n t h e /var d i rectory owned by u s e r root a n d g ro u p mail.
372
-
-
U s e t h e find co m m a n d to p e rform rea l - t i m e searc h e s o n t h e serverX m a c h i n e accord i n g
t o t h e fo l l ow i n g req u i re m e nts:
D 2.1 .
-
-
/us r/bin - size +50k
-
R H 1 24- R H E L 7-en-1-20140606
-
-
-
G u i d ed exercise
-
/usr/bin/less
-
D 2.4. Find a l l fi l es i n t h e /home / s t u d e n t d i rectory t h a t h ave not b e e n c h a n g ed i n the
l a st 1 2 0 m i n u tes o n serverX.
-
[ root@serverx ]# find /home/ s t udent
/home/student
/home/student/ . bash_logout
/home/student/ . bash_profile
/home/student/ . bashrc
/home/student/ . ssh
-
-
-
-
-
-
-
mmin +120
D 2 . 5 . F i n d a l l f i l es i n t h e / t m p d i rectory t h a t h ave b e e n c h a n g e d i n t h e l a st 240
m i n utes on serverX.
[ root@serverX -]# f i n d
/tmp
/tmp/ . X11- unix
/tmp/ . X11- unix/X0
/tmp/ . ICE-unix
/tmp - mmin - 240
-
-
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7 -en -1-20140606
373
-
-
C h a pter 14. Acces s i n g L i n u x F i l e Systems
-
La b: Access i n g L i n ux Fi l e Syste m s
-
Perfor mance checklist
-
I n t h i s l a b , students w i l l m o u nt a l oca l f i l e syst e m , review it, a n d work w i t h soft l i n ks.
-
O u t c o m e s:
•
Gen erate a d i s k u s a g e report.
•
M o u nt a file syste m .
•
C reate a soft l i n k.
•
S e a rch f i l es i n t h e loca l f i l e system.
-
Before you begin...
-
Reset yo u r serve rX syste m .
R u n t h e lab fs set u p to s e t u p t h e server m a c h i n e f o r y o u r exercise.
-
1.
G e ne rate a disk usage re port with the d u com m a n d of the /var /log d i rectory o n serverX,
a n d save t h e res u l t i n t h e / t m p / r e s u lt s . t x t f i l e.
2.
I d ent ify a n d m o u n t a n e w l y a d d e d f i l e system by U U I D o n t h e /mnt /myf r ees pace d i rectory
o n serverX.
3.
C reate the soft l i n k / root /myf reespace, w h i c h p o i n t s to the /mnt /myf reespace
d i rectory o n serve rX.
4.
F i n d a l l soft l i n ks o n serverX t h a t have f r eespace a s part of t h e i r n a m es.
-
-
-
-
-
-
-
-
-
-
-
374
R H 1 24- R H E L 7 - e n -1 -20140606
-
-
-
-
Solution
-
Solution
-
I n t h i s l a b, students w i l l m o u n t a l o c a l f i l e syste m , rev iew it, a n d work w i t h soft l i n ks.
-
-
O utcomes:
•
G e n e rate a disk usage report.
•
M o u n t a file syste m .
•
C reate a soft l i n k.
•
S e a rc h f i l e s i n t h e l oca l f i l e syst e m .
-
-
-
Before you begin. . .
Reset yo u r se rve rX system.
R u n t h e lab fs setup to set u p t h e server machine for yo u r exerci se.
1.
-
-
2.
G e n e rate a d i s k u s a g e re port w i t h t h e d u co m m a n d o f t h e /var /log d i rectory o n serverX,
and save t h e res u l t i n t h e / t mp / r e s u l t s . t x t f i l e.
I
[ root@serverx
- ] # du /var/log > /tmp/result s
.
��t---------------�
I d e ntify a n d m o u n t a new l y a d d e d fi l e syste m b y U U I D o n t h e / m n t /myf rees pace d i rectory
o n se rverX.
-
2 .1 . I d e ntify the newly added f i l e system with t h e blkid com m a n d o n serverX.
[ root@serverx -]# blkid
/dev/vdal : UUID="46f543fd -78c9-4526-a857-244811be2d88" TYPE="xfs"
/dev/vdbl : UUID="a84f6842-ecld-4f6d-b767- b9570f9fcdc0" TYPE="xfs"
-
-
2.2. C reate t h e m o u n t point / m n t /myfrees pace on se rverX.
[ root@serverX
-
- ] # mkdir /mnt /myf reespace
2.3. M o u n t t h e fi l e syste m by U U I D on t h e /mnt /myf rees pace d i rectory of t h e se rve rX
m a c h i ne.
-
[ root@serverX
-
- ] # moun t UUID= " a84f6842 - ec1d - 4f6d - b7 6 7 - b9570f9fcdc0 " /mnt/
myf reespace
-
3.
-
-
-
-
-
C reate the soft l i n k / root /myf reespace, w h i c h points to t h e /mnt /myf rees pace
d i rectory o n serverX.
I
I
4.
[ root@serverx
- ] # ln - s /mnt /myfreespace /root/myf reespace
F i n d a l l soft l i n ks on serverX t h a t have f r ees pace a s p a rt of t h e i r n a mes.
[ root@serverx
- ] # find I - type
R H 1 24- R H E L 7-en-1 -20140606
1
- name ' * f reespace * '
37 5
-
-
C h a pter 14. Acces s i n g L i n u x F i l e Syst e m s
/root/myfreespace
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
376
R H 1 24- R H E L7-en-1-20140606
-
-
-
Solution
-
S u m m a ry
I d e ntify i n g F i l e Syste m s a n d Devices
Stora g e d evices a re re presented by d iffe re nt d evice fi les.
-
M o u n t i n g and U n m o u n t i n g F i l e Syste m s
-
Access i n g c o n t e n t s of f i l e syste m s o n i nter n a l a n d exte r n a l sto ra g e d ev i ces i s
i m portant.
-
M a k i n g L i n ks Between F i l e s
H a n d l i n g l i n ks to exist i n g f i l e s c a n s a v e space o n t h e f i l e syste m .
-
Locat i n g F i l e s o n t h e Syste m
S e a rc h i n g for f i l es i s i m portant for va r i o u s a d m i n i st rative t a s ks.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H1 24- R H E L 7-en-1 -20140606
377
""-I
I
,'
'•
I
-
'
-
-
I
378
·
--
®
red h at
®
TRAI NING
C H A PT E R 1 5
USING VIRTUALIZED SYSTEMS
Overvi ew
Goal
To create a n d use Red H a t E nterprise L i n u x v i r t u a l m a c h i nes
with Kernel-based Virtual M a c h i n e ( K V M ) and l i bvirt.
Objectives
•
I nsta l l a Red H at Enterprise L i n u x system as a host for
r u n n i n g v i rt u a l m a c h i nes.
•
Perfo rm a n i nteractive i n sta l l of Red Hat E nterprise L i n u x
o n a v i r t u a l mach i ne.
Sections
Chapter Test
R H124- R H E L7-en-1 -201 40606
•
M a na g i n g a Loca l V i r t u a l i z a t i o n Host (and Practice)
•
I nsta l l i n g a N ew V i r t u a l M ac h i n e (and Pract ice)
•
U s i n g V i r t u a l ized Systems
379
C h a pte r 1 5. U s i n g V i rtu a l i zed Syste m s
M a n a g i n g a Loca l V i rt u a l i z at i o n H ost
O bject i ves
After c o m p l e t i n g t h i s section, students s h o u l d b e a b l e to:
Describe a n d contrast Red Hat v i rt u a l ization p l atforms.
I n sta l l Red Hat Enterprise L i n u x as a v i r t u a l ization h ost syste m .
Syste m v i rt u a l i z at i o n a n d Red Hat E nt e r p ri s e L i n u x
KV M ( K e r n e l - based Virtual M a c h i ne) i s a f u l l v i r t u a l ization s o l u t i o n b u i l t into t h e sta n d a rd Red
Hat Enterprise L i n u x kernel. I t can run m u lt i ple, u n mo d ified W i n d ows a n d L i n u x g u est o p e ra t i n g
syste ms. The KV M hypervisor i n Red H a t Enterprise L i n u x is m a n a g e d w i t h t h e libvirt A P I a n d
u t i l ities, s u c h as virt - manager a n d virsh. S i n c e Red Hat Enterprise L i n u x is t h e fou n d a t i o n
of Red H at Enterp rise Virtualization a n d t h e Red H a t OpenStack p l a tfo r m , KV M is a consistent
c o m p o n e n t a c ross pro d u cts of the Red H a t cloud infrastructure.
�1 �::II�:� r
tQi:j
KVM
OS
KVM
RHEL
-
OS
KVM
KVM
1
�
APPpp j �
APPP- p
OS
KVM
I
OS
KVM
Storage
- N';twork
KVM
HW
HW
HW
HW
HW
HW
Private Cloud
HW
HW
HW
Figure 1 5. 1 : KVM throughout the Red Hat cloud infrastructure
KVM p rovi des t h e v i r t u a l m a c h i n e ( V M ) t e c h n o logy a c ross a l l Red Hat prod u cts, from sta n d a l o n e
p h y s i c a l i n st a n ces o f Red H a t E n t e r p r i se L i n u x u p to t h e c l o u d O p e n S t a c k p l atform. Start i n g a t
t h e u p pe r - l eft corner of t h e p rev ious fig u re :
Physical (legacy) systems-Red H a t Enterp rise L i n u x i n sta l la t i o n s o n l e g a cy h a rdware
provide KVM v i rtu a l i za t i o n , u p to t h e physical l i m i tations of s i n g l e syste ms, a n d a re m a n a ged
by l i bvi rt u t i l ities such a s vi r t - manag e r . Red H a t Ente r p r i se Linux i nsta n ces may also be
d i rectly h osted a t Red H at Certified C l o u d P roviders t h r o u g h Red H at C l o u d Access.
Red Hat Enterprise L i n u x i s typi c a l l y config u re d a s a thick host, a system t h at s u p ports V M s
w h i l e a l s o p rovid i n g other local a n d n etwork services, a p p l ications, a n d m a n a g e ment fu n c t i o n s.
380
R H 1 24- R H E L7-en-1-20140606
System v i rt u a l i zation a n d Red H a t E n t e r p rise L i n u x
•
-
Red H at Enterprise Virtualization ( R H EV ) - s u ppo rts KV M instances a c ross m u l t i p l e
R e d H a t Enterprise V i r t u a l i z a t i o n hypervisor ( R H EV-H) systems, p rov i d i n g K V M m i g ra t i o n ,
red u n d a n cy, a n d h i g h ava i l a b i l ity m a n a g e d by R H EV M a n a g e r ( R H E V - M ) .
R e d H a t E n t e r p r i s e V i r t u a l ization H y p e r v i s o r i s a thin host, a n ex p e rt l y m i n i m ized a n d t u n e d
ve rs i o n of R e d H a t En ter pr i se L i n u x ded icated to t h e s i n g u l a r pu rpose of p rov i s io n i n g a n d
s u p p o r t i n g g u est V M s.
-
-
R H E L O penStack platform- Red H a t p r i vate c l o ud a rc h itect u re u s i n g i nteg rated a n d t u n e d
OpenStack o n a Red H a t E n t e r p r i s e L i n u x fou n d a t i o n with KVM, m a n a g e d by e i t h e r t h e R e d
Hat O p e n Stack D a s h b o a rd ( H orizon com p o n e n t ) o r by Red Hat C l o u d Forms.
-
OpenStack in public
•
Hybrid Cloud -Red
-
-
-
-
-
-
-
-
-
-
cloud-OpenStack p u b l i c cloud a rc h itectu re i m p l e m ented a t Red H a t
Certified C l o u d Prov i d e rs, a n d m a n a g e d by e i t h e r t h e O p e n S t a c k H o ri z o n c o m p o n e n t or b y
R e d H a t C l o u d Fo r m s .
•
H a t C l o u d Fo r m s c l o u d m a n a g e m e n t u t i l ities m a n a g e a n d m i g rate KV M
i n sta n ces a c ross Red Hat R H E V a n d O p e n S t a c k a rc h itect u res, a n d t ra n s it i o n KV M i n st a n ces
with t h i rd-pa rty O p e n Stack and V M wa re p l a tforms.
KVM i n sta n ce config u ra t i o n s a re c o m pa t i b l e a c ross Red H a t p roducts. I n sta l l a t i o n req u i re m e nts,
para meters, and proce d u res a re e q u i va l ent o n s u pported p l a tforms.
C o n f i g u re a R e d H a t E n t e r p r i s e L i n u x Phys i c a l Syst e m a s a V i r t u a l i z a t i o n H o s t
Red Hat Enterprise L i n u x can be config u red a s a v i rtu a l i z a t i o n host, a p p ro p riate for
deve l o p m e nt, test i n g , t ra i n i n g , o r when need i n g to work i n m u lt i p l e o p e rat i n g syste m s at the
same t i me. Red Hat E n t e r p rise L i n u x h osts p rov i d e t h e a b i l ity to i n sta l l a d d i t io n a l s oftwa re on the
h ost p l atform as n e e d e d , such a s m o n ito r i n g u t i l ities and a g e nts, n etwork services, s p e c i a l ized
storage, a n d /o r ot h e r deve l o p m e n t too l s that m a y not be a p p ropriate to i n sta l l o n d e d icated Red
Hat Enterprise V i rt u a l ization hypervisors.
Red Hat Enterprise L i n u x i nsta l l a t i o n s a l so p rov i d e easier a ccess to t u n i n g and res o u rce
m a n a g e m e n t too l s (e.g., t u ned a n d c g ro u p s ) . By com p a r i s o n , R H EV-H hypervisors a re h i g h l y
secu red a n d self-t u n e d , restricting system a d m i n istrator- i n itiated c u sto m iz a t i o n by d e s i g n . W h e n
g reater a d m i n i st rative control is req u i red a n d t h e perfo r m a nce co m p ro m ise i s accept a b l e, Red
Hat Enterprise L i n u x i s a f l e x i b l e sta n d a l o n e KVM p l atfo r m . KV M i n sta n ces b u i l t o n R H E L c a n be
m i g rated o r t ra n s it i o n e d to m o re a p p ro p r i ate KV M p l atfo r m s a s enterprise needs i n c rea se.
P re p a r i n g a Red Hat Enterprise L i n u x syst e m to become a v i r t u a l i z a t i o n host req u i res c h e c k i n g
for m i n i m a l syst e m req u i re m e nts a n d i nsta l l i n g a c h o i ce of v i rtua l i z a t i o n h ost p a c k a g es.
Reco m m e n d e d syste m req u i re m ents:
O n e p rocessor core o r hypert h read for t h e m a x i m u m n u m be r of v i rt u a l ized CPUs i n a g u est
v i rt u a l m a c h i n e a n d o n e for the host.
•
-
-
-
•
•
2GB of R A M , p l u s a d d i t i o n a l RAM for virtu a l m a c h i nes.
6GB disk s pace for t h e host, plus t h e req u i re d disk space for each virtual m a c h i n e. M ost g u est
opera t i n g syste m s req u i re at least 6GB of d i s k s pace, but act u a l stora g e space req u i re m e nts
d e p e n d o n each g u est's image fo rmat.
T h e KV M hyperv i s o r req u i res either a n I nt e l p rocessor w i t h t h e I nt e l VT-x and I nt e l 64 exte n s i o n s
f o r x86-based syste ms, o r a n A M D processor w i t h t h e A M D-V a n d t h e A M D 64 exte n s i o n s. To
verify t h a t t h e host system h a rd wa re s u p ports t h e correct exte n s i o n s, view / p r o c / c p uinfo.
-
-
-
R H 1 24- R H E L 7-en-1-20140606
381
-
-
C h a pter 1 5 . U s i n g V i rt u a l ized Systems
[ root@serverX - ] # g r e p - - color - E " vmx l svm " / p r oc/cpuinfo
flags
fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat
pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc
arch_perfmon pebs bts rep_good aperfmperf pni dtes64 monitor ds_cpl v m x smx est
tm2 ssse3 cx16 xtpr pdcm sse4_1 xsave lahf_lm dts tpr_shadow vnmi flexpriority
T h e N o execute (NX) featu re, ca l l ed execute D i sa b l e ( X D) by I ntel a n d E n h a n ced V i r u s Protect i o n
by A M D, i s n o t n ecessa ry for b u i l d i n g a h o s t o n Red H a t Enterp rise L i n u x , b u t i s req u i re d f o r a
Red Hat Enterprise V i rt u a l i z a t i o n hypervisor ( R H E V - H ) .
[ root@serverX - ] # g r e p - - color - E " n x " /proc/cpuinfo
flags
fpu vme de pse tsc msr pae mce cxa apic sep mtrr pge mca cmov pat
pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc
arch_perfmon pebs bts rep_good aperfmperf pni dtes64 monitor ds_cpl vmx smx est
tm2 ssse3 cx16 xtpr pdcm sse4_1 xsave lahf_lm dts tpr_shadow vnmi flexpriority
B u i l d i n g a R H E L v i rt u a l i z a t i o n host req u i res t h e qemu - kvm a n d qemu - img packages at
m i n i m u m , to p rovide the user-leve l KVM e m u l ator and disk image m a n a g e r.
[ root@serverX
i
·-
-
-
-
-
-
-
-
- ] # yum i n s t all qemu - kvm qemu - img
- -- -�-------
Additi o n a l vi rt u a l i za t i o n m a n a g e m e nt packages a re a l s o reco m m e n d e d :
pyt h o n-vi r t i n st-Provides t h e v i rt-i n sta l l co m m a n d for c reat i n g v i rtua l m a c h i nes.
•
•
l i bvirt-Provides t h e host and server l i braries for i n t e ract i n g with hypervisors and host syste ms.
•
l i bv i rt-pyt h o n-Cont a i n s a module to permit Pyt h o n a p p l i c a t i o n s to use the l i bvirt A P I .
•
•
v i rt-ma n a g e r- P rov i d e s t h e V i rt u a l M a c h i n e M a n a g e r g ra p h ic a l tool for a d m i n iste r i n g V M s ,
u s i n g t h e l i bv i rt-c l i e nt l i b ra ry a s t h e m a n a g e m e n t A P I .
l i bv i rt-c l i e nt- Provides t h e c l ient A P l s a n d l i b ra ries f o r a cces s i n g l i bv i rt se rve rs, i n c l u d i n g t h e
v i rs h co m m a n d - l i n e tool t o m a n a g e a n d control V M s.
! [ root@serverX
- ] # yum i n s t all virt - manager libvi r t libvi r t - python python - vi r t i n s t
libvi r t - client
The u pdated anaconda g ra p h ic a l i n sta l l at i o n p ro g ra m for Red Hat Enterprise L i n u x 7 p rovides
better s u p p o rt for i n sta l l i n g R H E L to meet specific p u rposes. A n anaconda i n sta l l n o l o n g e r
p rovides t h e a b i l ity to s e l ect i n d i vi d u a l R P M p a c ka g es-o n l y base enviro n m e nts a n d a d d o n s a ppropriate f o r t h e s e l ected base-t h u s e l i m i n a t i n g g u esswork a n d res u l t i n g i n l e a n e r
confi g u ra t i o n s . System a d m i n istrators m a y st i l l i n sta l l a n y ot h e r desired R P M packages after
a n i n sta l l a t i o n is com p l ete by using sta n d a rd RPM i n sta l l a t i o n too l s (e.g., yum o r G N O M E
PackageKit).
To build a v i rt u a l i z a t i o n host during a g ra p h ica l i n sta l l of Red Hat Ente r p r i s e Linux, c h oose t h e
base enviro n m e nt V i rt u a l i z a t i o n H o st i n t h e l eft p a n e o f t h e anaconda Software S e l e c t i o n
s c re e n . S e l ect t h e V i rt u a l i z a t i o n P l atform A d d - O n c h e c k box i n t h e r i g ht pa n e to i n c l u d e t h e
m a n a ge m e n t too l s a n d u t i l ities, a s shown i n t h e fo l l ow i n g f i g u re.
-
-
-
-
-
-
-
-
-
-
382
R H 1 24- R H E L 7 - e n -1-20140606
-
-
M a n a g i n g v i r t u a l m a c h i nes
S OFTWARE S ELECTI ON
RED H AT ENTERPRI S E LINUX 7 0 I N STALLATI ON
mm
�
Base Environment
1�
I�
'I
"
r=-.
M i n i m a l Install
Add-Ons for S e l ected Environm ent
-
1
-
,.....,
Network File System Client
Enables the system to att a c h to n etwork storage.
Basic f u n ctio nalit y .
I n frastructure S e rv er
S e rv e r for o p e rating network i n f rastructure s e rv i c e s .
,-1
R e mote Mana g e m e n t for L i n u x
Re m ot e m a n ag e m e nt interface f o r R e d H at Enterprise
Linux, including O p e n L M I a n d S N M P .
F i l e a n d P r i n t S e rv e r
File, print, and storage s e r v e r f o r enterprises.
Basic We b S e rver
Server f o r serving static and d y n amic i n t e rn et content.
ri
Compatib ility L ibra rie s
C o m p atibility libraries f o r a p p lications built on
n
previous v e r s i o n s of R e d H at E n t e r pr i s e L i n u x.
S e rve r with GUI
S e rv e r f o r o p erating ne:tvvork infrastructure s e rv i c e s,
with a G UI .
ri
D e v e l o p m e n t Tools
A basic d e v e lo p m e nt environment.
Figure 15.2: Creating a virtualization host during a graphical installation
M a n a g i n g v i rt u a l m a c h i n es
The l i bv i rt package is a hypervisor- i n d e pe ndent v i rt u a l i z at i o n A P I to securely m a n a g e v i rt u a l
m a c h i nes b y p rov i d i n g t h e a b i l ity to p rovi s i o n , create, m o d i fy, monitor, contro l , m i g rate, a n d
stop virtu a l m a c h i n es o n a s i n g l e h ost. The l i bv i rt package p rovides A P l s to e n u m e rate, monitor,
a nd use t h e resou rces ava i l a b l e on t h e m a n a g e d host. i n c l u d i n g C PUs, memory, storage, a n d
n etwork i n g . M a n a g e m e n t tools u t i l i z i n g l i bvirt c a n access h ost syste m s remotely u s i n g sec u re
p rotoco l s .
Red H a t Enterprise L i n ux u ses l i bv i rt-based tools as t h e defa u lt f o r v i rt u a l ization m a n a ge m ent.
S u p p o rt is i n c l u d e d fo r t h e R H E L 5 Xen hypervisor, a n d for K V M o n R H E L 5, 6, a n d 7. These
m a na g e ment too ls u t i l ize l i bvirt:
virsh-The virsh c o m m a n d - l i n e tool is a n a lternative to the g ra p h i c a l v i rt-manager a p p l icat i o n .
U n p rivi leged u s e rs c a n use v i rs h i n read-o n l y mode, o r with root a ccess f o r f u l l a d m i n istrative
f u n ct i o n a l ity. The virsh com m a n d i s ideal for scripting v i r t u a l ization a d m i n i strat i o n .
virt-manager-virt- m a n a g e r is a g ra ph i c a l desktop tool a l l o w i n g a ccess to g uest consol es, a n d
i s used to perform v i rt u a l m a c h i n e creation, m i g ra t i o n , configuration, a n d a d m i n istrat ive tasks.
Both loca l a n d remote hypervisors c a n b e m a n aged t h ro u g h a s i n g l e i nte rface.
R H EV-M-Red H a t Enterp rise V i rt u a lization M a n a g e r p rov i d es a central m a n a g e m ent p latform
for physical and virtual res o u rces, a l lowing v i r t u a l m a c h i n es to b e started, sto p p e d , b u i lt , a nd
m i g rated betwe e n hosts. R H EV-M a l so m a na g es t h e storage a n d n etwork com p o n e nts of a data
center a n d p rovides s e c u re, remote g ra p h i c a l g u est c o n s o l e a ccess.
R H124- R H E L7 -en-1-201 40606
383
-
-
C h a pter 1 5. U s i n g Virt u a l ized Syst e m s
·-
Sta rt t h e V i r t u a l M a c h i n e M a n a g e r from t h e m e n u at A p p l i c at i o n s > Syst e m To o l s > V i r t u a l
M a c h i n e M a n a g e r , o r by r u n n i n g t h e vi r t - manag e r co m m a n d f r o m t h e s h e l l . Use t h i s
i nterface to power o n o r power off v i rt u a l m a c h i nes, assig n m e m o ry a n d C P U resou rces, m o n it o r
perfo r m a n ce, a n d co n n ect to t h e c o n s o l e of t h e virtua l m a c h i n es.
T h e vi r s h co m m a n d - l i n e tool provi d es the same f u n c t i o n a l ity a s vi r t - manag e r . U s e v i r s h
a s a n i n t e ractive sh e l l to p e rform s u bc o m m a n d s s u c h as edit, l i st, start, stop, a n d dest roy. T h e
fo l l o w i n g exa m p les s h ow t h e vi r s h c o m m a n d s r u n a s sta n d a l o n e co m m a n d s f rom t h e s h e l l :
[ root@foundationx
Id Name
1 desktop
2 server
[ root@foundationx
[ root@foundationX
Id Name
1 desktop
- server
[ root@foundationx
[ root@foundationX
Id Name
1 desktop
2 server
-]#
State
running
running
virsh list
-
-
-
-
-]# v i r s h dest roy server
-]# virsh list - - all
State
running
shut off
-]# virsh s t a r t se rver
-]# virsh list
State
running
running
-
-
-
-
-
vi r s h h a s s u bco m m a n d s for a d d i t io n a l m a n a g e m e n t tasks:
•
con n e ct- C o n nect to a l oca l o r remote KV M host using qemu : I I /hos t syntax.
•
n o d e i nfo- Ret u r n s ba s i c i nfo r m a t i o n a bout t h e host, i n c l u d i n g CPUs and m e m o ry.
•
a utostart-C o nf i g u res a KV M d o m a i n to start w h e n t h e host boots.
•
c o n s o l e - C o n n e ct to the v i rt u a l serial conso l e of a g u est.
•
c reate-Create a d o m a i n from an X M L confi g u ra t i o n f i l e a n d sta rt it.
•
d e f i n e - C reate a d o m a i n from an X M L confi g u ra t i o n fi le, but d o not start it.
•
u n d efi n e- U n define a d o m a i n . If the d o m a i n i s i n act ive, the d o m a i n confi g u ra t i o n i s re m oved.
•
e d it-Edit the XML config u ra t i o n file for a d o m a i n , which w i l l a ffect t h e next boot of t h e g u est.
•
reboot- Re boot t h e d o m a i n , a s if the r e boot c o m m a n d had been run from i n s i d e the g uest.
-
-
-
-
•
•
s h utdow n - G racef u l l y s h uts down the d o m a i n , a s if the s h u t d own com m a n d had been r u n
f r o m i n s i d e t h e g u est.
s c ree n s h ot-Ta kes a s c re e n s hot of a c u r rent d o m a i n conso l e a n d stores it in a fi l e.
-
-
-
384
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
M a n a g i n g v i rt u a l m a c h i n es
-
-
-
-
References
R
A d d i t io n a l i n f o r m a t i o n m a y be a va i l a b l e i n t h e i n t ro d u c t i o n a n d c h a pter o n system
req u i re m e n t s i n the Red Hat Enterprise Linux Virtualization Deployment and
Administration Guide for Red Hat Enterprise L i n u x 7, w h i c h can b e fo u n d a t
htt p : //docs.re d h at.co m /
Red H a t Enterprise V i rt u a l iz a t i o n Ad m i n istration G u i d e
•
-
Red H a t E n t e r p r i s e L i n u x O p e n Stack P l atfo r m 4 Gett i n g Started G u i d e
•
-
Section 1 . B a s i c s
Section 1 . I ntroduction
v i r s h (1 ) , vi r t - manager(1) man pa g e s
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
RH124- R H E L 7 -en -1 -20140606
385
-
-
C h a pter 1 5 . U s i n g V i rt u a l ized Systems
-
P ract i ce: M a n a g i n g a Loca l V i rt u a l i za t i o n H ost
Quiz
-
-
Match t h e fo l l owi n g i tems to t h e i r counterparts i n t h e t a b l e.
EJ EJ I
I
I
d est roy
IBI
s h u t d ow n
IB
u ndefi n e
-
-
-
P u rpose
v i rs h s u b co m m a n d
-
Boot a n e x i st i n g c o n fi g u red v i rt u a l m a c h i n e
-
I m m e d i ate l y sto p a v i rt u a l m a c h i ne, s i m i l a r to
unplugging it
-
-
D e l ete t h e c o n f i g u ra t i o n fo r a v i rt u a l m a c h i n e
permanently
-
U s e a n X M L conf i g u ra t i o n to c reate a n d boot a
v i rt u a l m a c h i n e
-
-
U s e a n X M L c o n f i g u ra t i o n to c reate a v i rt u a l
machine
-
G ra cef u l l y stop a n d resta rt a v i rt u a l m a c h i n e
-
Gracefu l l y stop a v i rt u a l m a c h i n e
-
-
-
386
R H1 24- R H EL7-en-1-20140606
-
-
-
-
Solution
-
Solution
-
M a t c h t h e fo l l owi n g items to t h e i r cou nterparts i n t h e t a b l e.
-
P u rpose
v i rs h s u bcom m a n d
Boot a n exist i n g c o n f i g u re d v i rt u a l m a c h i n e
start
I m m ed i a t e l y stop a v i rt u a l m a c h i n e , s i m i l a r to
u n p l u g g i n g it
d est roy
D e l ete t h e confi g u ra t i o n f o r a v i rt u a l m a c h i n e
permanently
u ndefine
U s e a n X M L c o n f i g u ra t i o n to c reate a n d boot a
v i rt u a l m a c h i n e
c reate
U s e a n X M L c o n fi g u ra t i o n to c reate a v i rt u a l
machine
define
G ra c ef u l l y sto p a n d rest a rt a v i rt u a l m a c h i n e
re boot
G ra c ef u l l y sto p a v i rt u a l m a c h i n e
s h utdown
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1 -20140606
387
C h a pter 1 5. U s i n g Virtua l ized Syste m s
I n st a l l i n g a N ew V i rt u a l M a c h i n e
O bj e c t ives
After c o m p l et i n g t h i s sect i o n , students s h o u l d be a b l e to:
B u i l d a v i rt u a l m a c h i n e configuration.
I nsta l l Red Hat Enterprise Linux into a n ew v i r t u a l machine i n st a n ce.
C reat i n g a v i rt u a l m a c h i n e
V i rt u a l m a c h i nes can perfo r m t h e s a m e tasks a s physical systems. System a d m i ni st rators
m a ke system s i z i n g and configuration d e c i s io n s u s i n g f u n d a m e nta l l y t h e s a m e criteria a s for
physical syste ms, i n c l u d i n g the g uest m a c h i ne's ro l e and p rojected system load. Pre p a ratory
considerations m ust i n c l u d e CPU and m e m o ry req u i rements, ty p e of 1 /0 and t h e expected
n u m ber of c l ients, access to p u b l ic o r exc l u sive storage, cu r rent and f u t u re sizing expectations,
and b a n d w i d t h and latency req u i re m ents. N ecessa ry disk and n etwork components m u st b e
config u re d on t h e virtua l h ost befo re c reat i n g t h e g u est.
L a u n c h the V i r t u a l M a c h i n e M a n a g e r from the m e n u A p p l i c a t i o n s > System Tools > Virtual
M a c h i n e M a n a g e r , or r u n t h e vi r t - manager command a s root. Click t h e Create a new
v i r t u a l m a c h i n e b utton to o p e n the N ew V M w i z a rd . E n s u re that virt- m a n a g e r can a ccess the
i nsta l l at i o n media (whet h e r loca l l y or ove r t h e network) befo re c o nt i n u i n g .
'�
-
1-=_
Create a new virtual machine
Step 1 of 5
_
__
Enter yo u r virt ual machine details
N am e;
[lll!lllll:!
C onn ection; l o c a l h ost (OEMU/KVM)
C h o o s e how you w o u l d l i k e to i n s t a l l the o per a t i n g system
f".
L o c a l i nst al l media (I SO image or C D ROM)
old' N etwork I ns t a l l (H TTP. FTP,
·"""
"
01-
NFS)
N etwo1·k B o o t (PXE)
I mp o r t existing disk image
1
----
I
C an c e l
Figure 15.3: Create a virtual machine (step 1 of 5)
S e lect a n a m e for the v i rt u a l m a c h i ne, w h i c h i s used a s t h e confi g u ra t i o n d o m a i n n a me. T h e
syste m h ost n a m e is configu red later d u r i n g t h e o p e rati n g system i nsta l l a t i o n . C h o i ces f o r
insta l l a t i o n t y p e d e p e n d o n w h a t resou rces a re prepa red. A n operating system DVD m ust be
a va i l a b l e o n the v i r t u a l host o r on p h ys i c a l m e d i a before s e l e c t i n g Local i nsta l l media, for
388
R H 1 24- R H E L7 - e n -1-20140606
C reating a v i rtua l m a c h i n e
exa m p le, o r a n etwork i nsta l lation s e rver m ust b e ava i l a b l e w h en select i n g N etwork Boot ( P X E ).
S h a r i n g a n d a cces s i n g t h e insta l l ation m e d i a u s i n g any f i l e s h a ring p rotocol is c h osen here.
Provide the operating system install URL
URL: J�om. e xam p l e. c om/co nt en t/r hel
..,. URL Options
7.0/x��v� j
l<ickstart URL:
_]
Kernel options: j
-- - - -
- -- ·
't;l Automatically detect operating system based on i n s t a l l media '
· - · - · · .... · · · · · - · · · · - - ----· · · · · ·
OS type:
Version:
Linux
.
· ······-
· · · ·-- ······-········
..
··-------····
.
......
--··
Red Hat Enterprise Linux 7
, ,­
C a n c el
J
��-�__
F o rward
!�·-B ack
Figure 15.4: Create a virtual machine (step 2 of 5)
E nter t h e U R L fo r t h e i n st a l l a t i o n m e d i a network resource. Config u re a n a ppropriate OS
type and Vers i o n for this g u est. When t h e i n st a l l a t io n media i s c u rrently a ccess i ble, selecting
Auto m a t i c a l l y detect o p e r a t i n g system f i l l s these fields. I f t h e fields rem a i n b l a n k o r a re
i n correct, f i x t h e i n st a l lation m e d i a before cont i n u i n g . The K i cksta rt options a l low u natte nded
i nsta l la t i o n s ; a K i c kstart server a n d p reconfigu red c l i e nt config u rati o n f i l e a re req u i red.
it �
-�-_----1
L...!..J ---Create a new v i rtua l ma chine
i
_ st:,p 3 of x
!
_
_
_
C hoose Memory and C P U settings
Memory (RAM):
'
!
2048
Up to
CPU s·
!�
. !
-
+
I
I
MB
1 5 6 3 6 MB available on the host
�
-
+
]
Up t o 6 availa ble
C ancel
__
Back
)
_
_
l: .�o.��vard
Figure 15.5: Create a virtual machine (step 3 of 5)
R H1 24 - R H E L7 -en-1-20140606
389
C h a pte r 1 5. U s i n g V i r t u a l i z e d Syste ms
Confi g u re a n a p propriate a m o u n t of Memory a n d CPUs. Red Hat Ente rprise L i n u x 7 req u i res a
m i n i m u m of o n e C PU a n d 1 024 M B of m e m o ry.
:�
I
-
Create a
new
Step 4 of 5
_
vi rtual
!
ma�hine
_
_
j
_
Enable storage for this virtual machine
C reate a disk image on t h e computer's hard d rive
8.0 - + G B
----'--
8 9 9 . 7 Gb available in the default lo c ation
Allocate entire disk now
·-
,-.. Select managed or other existing storage
r
Brows
�
I[
·1
Figure 1 5. 6: Create a virtual machine (step 4 of 5)
Ass i g n stora g e to t h e q uest v i rtual m a c h i n e. Fo r a c reated d i s k i mage, a l locating now w i l l p rovide
a small p e rf o r m a n ce benefit, while a l l o cat i n g later saves disk space not yet needed. To Select
m a n a ged or other exist i n g storage req u i res h a v i n g p revio u s l y p repared a d i s k i m age, physical
d evice, o r l o g i c a l v o l u m e p ri o r to b e g i n n i n g this i n sta l l .
390
R H 1 24 - R H E L7-en-1 -20140606
C reating a v i r t u a l m a c h i n e
I�
J
-
Create a new virtual machine
Step 5 of 5
minimal
R e a d y to begin i n s t a l l a t i o n of
OS:
Red H at E n t e r p r i s e L i n u x
7
I ns t a l l : U R L I n stall Tr e e
Memory:
C PUs:
Stor·age:
2048
MB
1
8.0
GB
{Var/lib/libvirtjimages/minima l.img
r;p
C us t o m i z e configuration before i n s t a l l
..- A d v a n c e d o pt i o n s
�
H os t device e n p 3 = 5 (Brid e 'brO') v
_
f"1
j
S e t a fixed MAC a d d r e s s
I
' 5 2: 54: 00: 00: 00: 0 (
V i r t Typ e :
Archit ectur· e :
kvm
v
I x86_64
v
·
i
C a nc e l
Back
Figure 15. 7: Create a virtual machine (step 5 of 5)
Verify t h e setti n g s of t h e v i r t u a l m a c h i n e i n t h e top h a l f of t h e d i a l o g w i n d ow. O p e n t h e
Advanced options to confi g u re n etwo r k i n g . V i r t u a l m a c h i nes can be configure d a s p rivate g uests
u s i n g Network Address Translation ( N AT), o r g iven t h e a p p e a ra n ce of d i rect s u b n et a ccess by
u s i n g t h e virtual host's p reco nfig u re d bridge.
The New VM wizard a utomat ica l ly g e nerates a M A C a d d ress in the 52:54:00 ra n g e for v i rt u a l
g u ests. U s e t h e ra n d o m M A C p rov i d e d or replace t h e a d d ress w i t h o n e t h a t fits t h e enviro n m e n t
req u i re m e nts. U n less t h e Custo m i z e config u ration before i n s t a l l c h ec k box is s e l ected, t h e
virtual m a c h i n e crea t i o n w i l l b e g i n w h en t h e F i n i s h b u t t o n i s p ressed.
N ote
In production enviro n m e nts, DNS and DHCP databases a re p reconfi g u re d w i t h h ost
n a m e s and reserved I P a d d resses a s s i g n e d to registered MAC a d d resses so a s to
centralize a n d coordi nate enterprise-wide virtual syst e m m a n a g e me nt. In a Red
Hat Tra i n i n g environme n t , the classroom DNS server h a s been p o p u l ated with M AC
a d d resses a n d u n iq u e n a mes for a nt i c i pated stu de nt g u est syste ms. Use an a p p ro p riate
MAC ad d ress a s d i rected by the instructor o r exercise i n structio ns.
R H 1 24- R H E L7-e n-1-20140606
391
C h a pter 1 5 . U s i n g Virtu a l i zed Systems
m i n i m a l V i rtual M ac h i ne
Basic Details
Processor
�
Memory
w
B o o t Options
"--'
S1
0
•
•
-
�
�
Virtl O Disk
1
N I C :OO:OO:OC
'
N ame:
! min i m a l
UUID:
8 3 04ce6c-4e84-4fl 7-al 7b-4e9dbea a 3 5 c 3
Status:
• Sh u toff
D e scription:
I np u t
Display Spice
S o u n d : default
Hy pervisor Details
Hyp e r v i sor: kvm
Console
Architecture: x 8 6_64
C h a n nel
Emulator: /usr/libexecfqemu-kvm
Video Default
O perating S ystem
H ostname: unknown
Product n a m e : u n k n ow n
� Ap p l ications
� M ac h i ne Settings
�
Security
I
Add H ardware
C ancel
Figure 15. 8: Create a virtual machine, customize configuration
I f t h e C u stomize confi g u ration before i nsta l l c h ec k b ox wa s s e l ected on t h e last step of t h e N ew
V M w i zard, t h e domain_name Virtual M a c h i n e detail screen d i s p l ays. A d m i n ist rators can f u rt h e r
m o d ify o r correct t h e config u ration befo re t h e i n sta l l ation b e g i ns. A d d i t i o n a l h a rdware- s u c h as
g ra p h ics and other add-in cards, d i sks, and netwo r k i nte rfa ces-may be config u red h e re.
W h e n c u stomization is co m p lete, p ress Begin I n st a l l a t i o n i n the u p p e r- l eft corner.
W h e n t h e i n stal lation is co m p l ete, a d m i nistrato rs ca n ret u r n to t h i s same d eta i l screen to m o d ify
o r co rrect the v i rt u a l m a c h i n e conf i g u ration. The option for a ut o m atica l l y sta rt i ng t h i s v i r t u a l
m a c h i n e w h e n t h e physical h ost boots i s a l so fo u n d h ere.
I n st a l l i n g Red H at E nt e r p r i s e L i n u x
I t i s rec o m m e n d e d that Red Hat Enterprise L i n u x b e i n st a l l e d u s i n g t h e g ra p h ical i nterface,
known as anaconda. I f anaconda d etects that a n i nsta l l ation started i n text mode w h e re a V N C
c o n n ection m i g ht b e poss i b le, a n aconda a s ks t o verify. T h e text m o d e i n st a l lation i s s i m p l e r, but
c e rta i n options ava i l a b l e i n g ra ph i c a l m o d e a re n ot ava i l a b l e in text mode.
D u r i n g t h e i nsta l l ation, v i r t u a l consoles accessed fro m t h e physical machine p rovi d e information
such a s d i a g nostic messages a n d t h e a b i l i ty to enter commands from a shell prompt. T h i s
ca p a b i l ity is n ot ava i l a b l e d u r i n g a r e m o t e i n sta l la t i o n . The fo l l owi n g t a b l e l ists t h e v i rt u a l
c o n s o l es ava i l a b l e d u r i n g i nsta l l ation, a n d t h e keystrokes u s e d t o switch between t h e m .
392
R H 1 24-R H E L 7-en-1 -20140606
I nsta l l i n g Red H a t Enterprise L i n u x
Description o f virtual consoles
Console
Keyboard shortcut
1
Ct rl+Al t + F l
Contents
Main in sta l l e r console, contains d e b u g g i n g i nformation from
anaconda
2
C t r l+Al t + F 2
3
C t r l+Alt +F3
S h e l l p ro m pt with root a ccess, contains a sto red h i story of
useful c o m m a n d s
I nsta l l ation log, d i s p l ays m essages sto red i n
/ t m p/anaconda . log
4
Ct rl+Al t + F4
Storage l o g , d i s p l ays messages on re lated storage
d ev ices from kernel and system services, stored in
/ tmp/st o r ag e . log
5
C t r l+Al t + F S
Program log, d i s p l ays messages from other system u t i l ities,
stored i n / t mp / p rog ram . log
6
Ct rl+Alt + F 6
S p a re shell p ro m pt
7
C t rl+Al t + F 7
The defa u l t console with G U I
A t t h e Welcome to Red H a t E nterprise L i n u x 7.0 screen, select t h e l a n g u a g e to be u s e d d u r i n g
i n sta l la t i o n . After i n s t a l l , users s e l e ct t h e i r own p referred l a n g ua g e u p o n n ew a c c o u n t l o g i n .
minimal Virtual Machine
File
Virtual Machine
View
Send Key
I N STALLATION S U M M ARY
RED HAT ENTERPRISE L I N U X 7 . 0 I N STALLATION
151 us
DATE & TI M E
KEYBOARD
Americas/New York tim ezone
English (US)
LANGUAGE S U P P O RT
English (Uf'Jted States)
0
I N STALLATION S O U R C E
SOFTWARE SELECTI O N
http://classroom. exam . . . rhel 7. O!x86_ 64/dvd/
Minim al install
"*'"'
I N STALLATI O N DESTI N A T I O N
AutomatIC partitioning sel ected
NETWORK & HOSTNAME
Wired (ethO}
connected
Quit
\.Ve won't touch your disks until ycu click 'Be9m lnstCJllation'
R H1 24-RH EL 7 - e n -1 -20140606
393
-
C h a pter 1 5. U s i n g V i rt u a l i zed Syste m s
-
Figure 15. 9: Anaconda installer, installation summary
The anaconda I n sta l l at i o n S u m m a ry s c reen d i s p l ays. Fro m t h i s centra l scree n , i n sta l l a t i o n
c u stom izat i o n s may b e p rovided before b eg i n n i n g t h e i n sta l l at i o n . The i nsta l l e r a l l ows
config u r i n g the i n sta l l a t i o n items in a ny order. S e l ect an item to view o r ed it. W h e n an item is
co m p l eted, o r it i s i n t e n d e d to be com p l eted l a t e r, p ress Done to ret u r n to t h i s centra l screen.
O n l y items m a rked w i t h a wa r n i n g sym b o l a re m a n datory. The o ra n g e status b a r a t t h e bottom
of the screen wa r n s t h a t these ite m s m u st be c o m p l eted before the i n sta l l a t i o n can beg i n . Once
req u i red ite m s a re com p l ete, p ress t h e B e g i n I n st a l l a t i o n button. P ress i n g t h e Q u it button
a borts t h e i n sta l l a t i o n . T h e v i rtua l machine confi g u ra t i o n w i l l re m a i n , but b e u n boota b l e until an
operat i n g syste m i n sta l l a t i o n i s resta rted a n d c o m p l eted.
-
-
-
As req u i re d , c o m p l ete the fo l l ow i n g items:
•
•
•
•
•
•
•
Date and t ime - S e l ect your city by c l i c k i n g i n t h e i nteractive m a p o r s e l ect from t h e
d ropdown l i st. S pecify a t i m e zone e v e n w h e n u s i n g N etwork T i m e Protoc o l ( N T P). M essages
co m p l a i n i n g t h a t N T P i s not confi g u red may be i g n o red if no N T P servers a re ava i l a b l e.
-
Language support - S e l ect l a n g u a ges to i n s ta l l i n a d d i t i o n to t h e defa u lt l a n g u a g e a l ready
specified. M u lt i p l e l a n g u ages a n d locales m a y b e s e l ected.
-
Keyboard - This item a l l ows a d d i n g a d d i t i o n a l key b o a rd l ayouts b eyo n d that i nc l u d e d with you r
defa u l t l a n g u a g e.
-
Insta l l at ion source - T h e i n sta l l a t i o n s o u rce was s e l ected d u r i n g t h e v i rt u a l m a c h i n e creation
steps and s h o u l d not need to be m o d i f i e d .
- By defa u lt, t h e g ra p h i ca l i n sta l l e r s e l ects t h e M i n i m a l i n sta l l e n v i ro n m e nt,
prov i d i n g o n l y packages essent i a l to run Red H a t Enterprise L i n u x . In Softwa re S e l ect i o n ,
c hoose f r o m a l ist of ot h e r b a s e e n v i ro n m e n t s by c l i c ki n g t h e ra d i o b utton f o r a n ava i l a b l e
e n v i ro n m e n t l i sted i n t h e l eft pa n e. N ext. s e l ect A d d - O n s fo r t h e s e l ected e n v i ro n m e nt from
t h e c h e c k boxes in the right pane.
-
Software se lect ion
Instal lation destinat ion - Sel ect and partition the d i sks onto which Red Hat Enterprise L i n u x
w i l l insta l l . T h i s i t e m expects a n a d m i n istrator to c o m p re h e n d partit i o n i n g s c h e m es a n d f i l e
system s e l e c t i o n criteria. The defa u lt ra d i o button f o r automatic partit i o n i n g w i l l a l l ocate t h e
s e l ected stora g e devices u s i n g a l l ava i l a b l e s pa ce. I f t h e re a re n o ot h e r o p e ra t i n g syste m s
a l ready i n sta l l ed o n t h i s c o m p u t e r o r you h ave c h o s e n n o t to preserve a p rev i o u s l y i n sta l l ed
operat i n g syst e m s, anaconda a u t o m a t i c a l ly i n sta l l s G R U B2 a s the boot l o a d e r.
Network & host name
- Detected n etwo r k con n e c t i o n s a re l isted i n t h e l eft p a n e. C l ic k a
l i sted c o n n e c t i o n to d i s p l ay more deta i l s. To config u re a network c o n n e c t i o n m a n u a l l y, c l ic k
t h e Conf i g u re b u t t o n i n t h e l ower- r i g h t c o r n e r. A d i a l og a p p e a rs to confi g u re t h e s e l ected
c o n n e c t i o n . Config u ra t i o n options d e p e n d o n a va i l a b l e n etwo r k h a rdwa re. O n l y n etwork
c o n n e c t i o n s req u i re d for i n sta l l a t i o n m u st be config u red h e re.
W h e n i nsta l l a t i o n c u sto m i z a t i o n is com p l ete, p ress
B e g i n I n sta l l a t i o n .
-
-
-
-
-
-
-
-
394
R H 1 24- R H E L7-en-1-20140606
-
-
I nsta l l i n g Red H a t Enterprise L i n u x
minimal Virtual Machine
File
Virtual Machine
View
Send Key
� us
U S E R S ETTI N G S
ROOT PASSWORD
Root password is not set
�1
RED HAT ENTERPR I S E L I N U X 7.0 I N S TALLATI O N
CONFI G U RATION
•
U S ER CREATION
No user wil l be created
-::' Installing setup ( 2 / 3 19)
©©©
"fil
A N SWERS IN AN I N STANT
RECOMMENDATIONS POWERED BY ANDREAS
eccess.redhet.com/support/ceses/
P.lusl!! complete"i_j;;ems matlced with this Icon befar:e,- continuing to the next step.
Figure 15. 1 0: Anaconda installer, configuration
The anaconda Confi g u ration screen d i s p l ays. The insta l l a t i o n has a l ready started; Red H a t
E nte r p r ise L i n u x re p o rts p rog ress n e a r t h e bottom of t h e s c r e e n a s it i n sta l ls se lected p a c ka g es
to t h e system.
A s req u i re d , co m p l ete t h e fo l l owing items:
Root password - The i n sta l l a t i o n program p ro m pts to set a root password fo r t h e syste m . The
f i n a l stage of t h e i nsta l l ation p rocess will not cont i n ue until a root password i s entered.
User creation - U s e t h e root a ccou nt o n l y for syste m a d m i n istra t i o n . C reate a n o n - root
a cc o u nt for general use. T h o u g h reco m m e n d e d to do d u r i n g insta l l a t i o n , this step i s o p t i on a l
a n d c a n b e perfo r m e d after t h e i n sta l lation is c o m p l ete.
W h e n the i n sta l l a t i o n states that it is com p l ete, p ress Reboot. After the v i rt u a l m a c h i n e ' s n o r m a l
pow e r - u p s e q u e n ce h a s com p l eted, R e d H a t Enterprise L i n u x l o a d s a n d sta rts, h i d d e n b e h i n d a
g r a p h i c a l screen t h a t d i s p lays a prog ress b a r. If a g ra p h i c a l deskto p was i n sta l l e d , t h e G U I l o g i n
d i s p lays . L o g i n a s t h e u s e r c reated d u r i n g i n sta l l a t i o n , o r a s root. T h e anaconda I n i t i a l S et u p
screen d i s p l ays.
As req u i re d , com p l ete t h e f o l l o w i n g items:
·
License information - The i nsta l l a t i o n p rog ra m prom pts to accept t h e l icens i n g terms.
R H 1 24- R H E L7-e n-1-20140606
395
C h a pte r 1 5. U s i n g V i rt u a l ized Syste m s
•
User creation
- D i s p lays o n l y if a n o n - root acco u n t h a s not yet b e e n created.
When i n i t i a l set u p tasks a re c o m p l ete, p ress F i n i s h I n st a l l a t i o n . T h e F i r s t Boot u t i l ity d i s p l ays,
p ro m p t i n g e n t ry of the f i n a l conf i g u ra t i o n i n fo r m a t i o n for t h i s system. Use t h i s ut i l ity to:
Config u re t h e Kd u m p c ra s h d u m p m e c h a n i s m .
•
•
Set t h e syste m t i m e a n d d ate.
•
Re g ist e r the m a c h i n e with Red Hat N etwork t h ro u g h S u bs c r i p t i o n M a n a g e m e nt.
T h e Red Hat E nterprise L i n u x i n sta l l a t i o n i s now co m p l ete. The system is rea d y for n o r m a l l o g i n
a n d u se.
References
Ri
I�
A d d i t i o n a l i nfo r m a t i o n may be a va i l a b l e i n t h e sectio n o n creati n g g u ests with v i rt­
m a n a g e r in t h e Red Hat Enterprise Linux Virtualization Deployment and Administration
Guide for Red H a t E n t e r p r i s e L i n u x 7, w h i c h c a n be fo u n d at
htt p: //docs.re d h a t.com /
v i r t - manage r O ) m a n p a g e
-
-
-
-
-
-
-
-
-
-
-
-
-
396
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
Practice: I n sta l l i n g a New V i rt u a l M a c h i n e
-
Pra ct i ce: I n sta l l i n g a N ew Vi rt u a l M a c h i n e
-
-
-
Quiz
The steps to i n sta l l Red Hat Enterprise L i n u x u s i n g t h e anaconda g ra p h i c a l i n t e rface a re s h o w n
b e l ow. I n d i cate t h e order t h e ste ps s h o u l d b e t a k e n .
a . Prov i d e t h e sou rce l ocat i o n a n d o p e ra t i n g system type
-
b. M o d ify Loca l iz a t i o n para ma t e rs for Date and T i m e, L a n g u a g e and Keyboa rd
c. Provid e Syst e m para mters fo r d i s k partit i o n i n g , netwo r k i n g a n d host n a m e
-
....
d . Confi g u re stora g e f o r t h i s v i r t u a l m a c h i n e
e . E n t e r t h e M e m ory a n d C P U sett i n g s
f . Prov i d e U s e r Sett i n g s f o r a root password a n d a n o n - root acco u n t
-
g . N a m e t h e v i rt u a l m a c h i n e a n d s e l ect a n i n sta l l at i o n sou rce.
h . S e l e ct the Software to b e i n sta l l ed
-
i . Confi g u re netwo r k i n g o pt i o n s for the i n sta l l at i o n
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7 -en-1 -20140606
397
-
C h a pter 1 5 . U s i n g V i rt u a l ized Syste m s
-
Solution
The steps to i n sta l l Red H a t Enterprise L i n u x u s i n g t h e anaconda g ra p h ica l i n t e rface a re s h own
b e l ow. I n d icate t h e order t h e steps s h o u l d be taken.
-
-
2 a . Prov i d e t h e s o u rce l ocation a n d o p e rat i n g system type
6 b. Modify Loca l i z a t i o n p a ra maters for Date and T i m e, L a n g u a g e a n d Key boa rd
-
8 c. Prov i d e System p a ra mters for d i s k partit i o n i n g , n etwo r k i n g a n d host n a m e
-·
4 d . Config u re stora g e f o r t h i s v i rt u a l m a c h i n e
3 e . Enter t h e M e m o ry a n d C P U sett i n g s
9 f . Prov i d e U s e r Sett i n g s fo r a root pa ssword a n d a n o n- root account
1 g . N a m e t h e virtual m a c h i n e a n d s e l ect a n i n sta l l ation sou rce.
-
-
7 h . S e l ect t h e Softwa re to be insta l l e d
5
-
i . Confi g u re netwo r k i n g options for t h e i n st a l l a t i o n
-
-
-
-
-
-
-
-
-
398
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
C h a pter Test: U s i n g V i r t u a l ized Systems
-
C h a pter Test: U s i n g Vi rt u a l i z e d Syste m s
-
-
Quiz
Match t h e fo l l ow i n g items to t h e i r cou nte r p a rts i n t h e ta b l e.
-
C l o u d Fo r m s
O p e n Sta c k i n p u b l i c c l o u d
-
R H E L O p e n S ta c k p l a tfo r m
-
I
R H EV-M
R e d H a t E n te r p r i s e V i rt u a l izat i o n
-
I
I
Red H a t E n t e r p r i s e L i n u x
v i rt- m a n a g e r
Con fi q u ration d escription
I
Red H at prod u ct
-
S i n g l e syste m h a rdwa re p rov i d i n g KV M s u p p o rt
-
-
M u l t i p l e system h a rd wa re p rov i d i n g v i rt u a l i ze d
red u n d a n cy
-
M u l t i p l e syste m h a rdwa re p rov i d i n g p r ivate c l o u d
-
-
C l o u d p rovi d e r p rov i d i n g p u b l i c c l o u d
M a n a g e m e nt u t i l ity fo r sta n d a l o n e KV M h osts
-
-
-
M a n a g e m e n t u t i l ity fo r m u l t i p l e host
v i rt u a l i z a t i o n p l atfo r m
M a n a g e m e nt u t i l ity f o r a l l v i rt u a l i z a t i o n a n d
c l o u d p l atfo r m s co m b i n e d
-
-
R H 1 24- R H E L 7-e n-1-20140606
-
399
-
-
C h a pter 1 5. U s i n g V i rt u a l ized Syst e m s
-
Solution
-
M atch t h e fo l l owing items to t h e i r cou nterparts i n t h e tab l e.
Con f i q ura tion d escription
Red H at prod uct
-
-
S i n g l e syst e m h a rd wa re p rovi d i n g KV M s u p p o rt
M u l t i p l e syste m h a rd wa re p ro v i d i n g v i rt u a l i z e d
red u n d a ncy
Red H a t E nt e r p r i s e
Linux
Red H a t E nt e r p r i s e
V i rt u a l i z a t i o n
-
-
-
M u l t i p l e syste m h a rd wa re p rov i d i n g p r i vate c l o u d
C l o u d p rovi d e r p rov i d i n g p u b l i c c l o u d
R H E L O p e n Sta c k
p l atfo r m
O p e n St a c k i n p u b l i c
cloud
-
-
-
M a n a g e m e n t ut i l ity for sta n d a l o n e KV M h osts
v i rt- m a n a g e r
-
M a n a g e m e n t ut i l ity fo r m u l t i p l e h ost
v i r t u a l i z a t i o n p l atfo r m
R H EV - M
M a n a g e m e n t ut i l ity for a l l v i rt u a l i z a t i o n a n d
c l o u d p l atfo r m s com b i n e d
C l o u d Fo r m s
-
-
-
-
-
-
-
-
400
R H 1 24- R H E L 7-en-1 -20140606
-
-
-
-
Solution
-
S u m m a ry
-
M a n a g i n g a Loca l V i rtua l i za t i o n Host
Prepare and b u i l d v i rt u a l ization i nf ra s t r u ct u re using Red H a t Enterprise L i n u x .
-
I n sta l l i n g a N ew V i rt u a l M a c h i n e
-
B u i l d v i r t u a l system c o m p o n e nts a n d i n sta l l R e d H a t Enterprise L i n u x i nto KV M virtu a l
m a c h i n es.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7 - e n -1-20140606
401
�
I
'
-
"'91.·
-
-
402
®
red h at
®
TRAINING
C HA PT E R 1 6
COMPREHENSIVE REVIEW
Overview
Goal
To p ractice and d e m o n s t rate knowledge and s k i l l s learned i n
R e d H a t System A d m i n istration I .
Objectives
La b
R H 1 24- R H E L7-en-1 -20140606
•
Practice s k i l l s l e a r n ed in Red Hat System A d m i n i s t ra t i o n I .
•
Comprehens ive Review
403
-
-
C h a pter 1 6 . C o m p re h e n s ive Review
-
Red H at Syste m Ad m i n ist rat i o n I
Co m p re h e n s ive Rev i ew
-
-
Objectives
Aft e r com p l e t i n g t h i s sect i o n , st u d e n t s s h o u l d be a b l e to d e m o n st rate k n o w l e d g e a n d s k i l l of t h e
topics covered i n e a c h c h a pter.
-
Reviewing Red Hat System Administration I
-·
Before beg i n n i n g the c o m p r e h e n s ive review for t h i s c o u rse, students s h o u l d be comforta b l e w i t h
t h e t o p i c s covered i n each c h a pter.
-
Do n ot h e s itate to a s k t h e i n st ructor for extra g u id a n c e or c l a rification on t h ese topics.
-
Chapter 1, Accessing the Command Line
To log into a L i n u x syste m a n d r u n s i m p l e com m a n d s u s i n g t h e s h e l l .
U s e B a s h s he l l syntax to e n t e r co m m a n d s at a L i n u x c o n s o l e.
-
•
•
L a u n c h a p p l icat ions i n a G N O M E d e s ktop enviro n m e n t.
•
U s e Bash featu res to r u n c o m m a n d s from a s h e l l prompt u s i n g fewer keystrokes.
Chapter 2, Managing Files From the Command Line
To co py, m ove, c reate, d e l ete, and o rg a n ize f i l es w h i l e wor k i n g from the Bash s h e l l p ro m pt.
I d e nt i fy the p u rpose for i m portant d i rectories o n a L i n u x syst e m .
-
-
•
•
S p e c ify f i l e s u s i n g a b s o l ute a n d re l a t i ve p a t h n a mes.
•
C reate, copy, m ove, and re m ove files and d i recto ries using co m m a n d - l i n e u t i l ities.
•
-
M atch o n e o r more fi l e names u s i n g s h e l l expa n s i o n as a rg u m e n t s to s h e l l c o m m a n d s .
Chapter 3 , Getting Help in Red Hat Enterprise Linux
-
To resolve p ro b l e m s by u s i n g o n - l i n e h e l p syste m s a n d Red H a t s u p port u t i l ities.
•
U s e t h e man Linux m a n u a l rea d e r.
-
•
U s e t h e pi nto G N U I nfo rea d e r.
•
U s e t h e Red H a t Pa ckage M a n a g e r ( R P M ) packa g e d o c u m e n t a t i o n .
•
U s e t h e red h at-s u p p o rt-to o l com m a n d .
-
Chapter 4 , Creating, Viewing, and Editing Text Files
To c reate, vi ew, a n d e d i t text f i l es from c o m m a n d o u t p u t or i n a n ed itor.
Red i rect t h e text output of a program to a f i l e o r to a not h e r p rog ra m .
•
•
•
-
-
E d i t exist i n g text f i l es a n d c reate new f i l e s f r o m t h e s he l l p ro m pt w i t h a text editor.
Copy text from a g ra p h i c a l w i ndow to a text f i l e u s i n g a text e d i t o r r u n n i n g i n t h e g ra p h i c a l
e n v i ro n m e nt.
-
-
404
R H 1 24-R H EL 7 -en-1-20140606
-
-
-
-
Review i n g Red H a t Syst e m A d m i n ist ra t i o n I
-
Chapter 5, Managing Local Linux Users and Groups
-
-
To m a n a g e l oc a l L i n u x users a n d g ro u ps a n d a d m i n ister l oca l password p o l icies.
E x p l a i n t h e ro l e of u sers a n d g ro u p s on a L i n u x syste m a n d how t h ey a re u n d e rstood by t h e
computer.
•
•
R u n c o m m a n d s a s t h e s u p e r u s e r to a d m i n ister a L i n u x syste m .
•
C reate, mod ify, l o c k , a n d d e l ete l o ca l l y d e f i n e d u s e r accou nts.
•
Create, mod ify, and d e l ete l o ca l l y defined g ro u p a ccou nts.
•
Lock accou nts m a n u a l l y or by sett i n g a password-a g i n g p o l icy i n the s h a dow pa sswo rd f i l e.
-
-
Chapter
-
6,
Controlling Access to Files with Linux File System Permissions
To set L i n u x f i l e system p e r m i s s i o n s on f i l e s a n d i nterpret t h e sec u rity effects of d i fferent
p e r m i s s i o n sett i n g s.
Ex p l a i n how t h e L i n u x f i l e p e r m i s s i o n s m o d e l works .
•
....
-
•
•
C h a n g e t h e p e r m i s s i o n s a n d o w n e rs h i p of f i l es u s i n g c o m m a n d - l i n e t o o l s .
Confi g u re a d i rectory i n w h i c h n ew l y c reated f i l e s a re a u t o m a t i ca l l y w r ita b l e by m e m bers o f
the g r o u p w h i c h owns the d i rectory, u s i n g s p e c i a l p e r m i s s i o n s a n d defa u l t u m a s k sett i n gs.
Chapter
-
7,
Monitoring and Managing Linux Processes
To eva l uate a n d control p rocesses r u n n i n g on a Red H a t Enterprise L i n u x syst e m .
List a n d i nt e r p ret b a s i c i n fo r m a t i o n a bo u t p rocesses r u n n i n g on t h e system.
•
-
-
•
Contro l p rocesses i n t h e sh e l l 's session using bash j o b contro l .
•
Te r m i nate a n d control processes u s i n g s i g n a l s.
•
M o n it o r resou rce u s a g e a n d system load d u e to p rocess activity.
Chapter
Controlling Services and Daemons
•
List syst e m da em o n s a nd n etwo r k services sta rted by t h e syste m d se rvice and soc ket u n its.
•
Control system d a e m o n s and network se rvices using systemc t l.
-
-
8,
To control a n d m o n it o r n etwo r k services a n d system d a e m o n s u s i n g systemd.
Chapter
9,
Configuring and Securing OpenSSH Service
To config u re sec u re co m m a n d - l i n e access o n re m ote systems u s i n g O p e n S S H .
L o g i nto a remote system u s i n g ssh t o r u n c o m m a n d s f r o m a sh e l l prom pt.
•
-
-
•
•
Set up ssh to a l l o w secure password-free l o g i n s by u s i n g a p rivate a u t h e nt i c a t i o n key f i l e.
C u sto m i z e sshd config u ration to rest rict d i rect l o g i n s a s root or to d i sa b l e password-based
a u t h e nt i c a t i o n .
Chapter 10, Analyzing and Storing Logs
-
To l ocate a n d accu rate l y i nterpret re l eva nt syst e m log f i l e s for t ro u b l es h o o t i n g p u rposes.
D e s c r i b e t h e b a s i c sys log a rc h itect u re in Red Hat Enterprise L i n u x 7.
•
-
•
I nt e r p ret e n t r i e s i n re l eva nt sys l o g f i l e s to t ro u b l es h oot prob l e m s o r review system status.
--
-
-
R H 1 24- R H E L7-en-1-20140606
405
-
-
C h a pter 16. C o m p r e h e n s i ve Review
•
•
•
Find and i n t e r p ret log e n t ries i n the syste m d j o u r n a l to t ro u b l es h oot p ro b l e m s or review
system status.
-
Config u re systemd-j o u r n a l d to store its j o u r n a l o n d i s k rat h e r than i n m e m o ry.
M a i nt a i n accu rate t i m e sy n c h ro n i z a t i o n a n d t i m e z o n e config u ra t i o n to e n s u re c o r rect
t i m esta m p s i n syst e m l o g s .
Chapter 1 1 , Managing Red Hat Enterprise Linux Networking
-
-
To confi g u re b a s i c 1 Pv4 n etwo r k i n g o n Red Hat E n t e r p r i se L i n u x syste ms.
E x p l a i n f u n d a m enta l concepts of computer n etwo r k i n g .
•
-
•
Test a n d review cu rrent network confi g u rat i o n w i t h basic u t i l ities.
•
M a nage network sett i n g s and devices with nmcli and N etwor k M a n a g e r.
•
M o d ify n etwo r k sett i n g s by edit i n g t h e confi g u ra t i o n f i l es.
•
Confi g u re and test system host n a m e and n a m e reso l ut i o n .
-
-
Chapter 12, Archiving and Copying Files Between Systems
To a rc h ive a n d copy f i l es from one system to a n ot h e r.
Use tar to create new c o m p ressed a rc h ive f i l e s a n d extract f i l e s from exist i n g arch ive fi les.
-
•
-
•
Copy files sec u re l y to o r from a remote syst e m r u n n i n g sshd.
•
Secure l y sy n c h ro n i z e t h e contents of a l oca l file o r d i rectory with a remote co py.
-
Chapter 13, Installing and Updating Software Packages
To down l o a d , i n sta l l , u p d a te, a n d m a n a g e softwa re p a c kages from Red H a t a n d Y U M package
re positories.
•
-
Reg i ster syst e m s w i t h you r Red H a t account and e n t i t l e them to softwa re u p d ates for i n sta l l e d
products.
-
•
E x p l a i n w h a t an RPM package i s and how RPM packages a re used to m a n a g e softwa re o n a Red
H a t Enterprise L i n u x system.
•
Find, i n sta l l , and u pdate software packages u s i n g t h e yum co m m a n d .
•
E n a b l e a n d d i s a b l e u s e of Red H a t o r t h i rd-pa rty Y U M re positories.
•
Exa m i n e and i n s ta l l d ow n l oaded softwa re packa g e f i l es.
-
Chapter 14, Accessing Linux File Systems
To a ccess a n d i n s pect e x i st i n g f i l e systems on a Red H a t Enterprise L i n u x syste m .
I d e ntify t h e f i l e syst e m h i e ra rc hy.
•
•
Access t h e contents of f i l e systems.
•
Use h a rd l i n ks and sym l i n ks to m a ke m u l t i p l e n a m es.
•
Search for f i l es on m o u nted file systems.
-
-
-
-
-
406
RH124- R H E L 7-en-1-20140606
-
-
-
-
Review i n g Red H a t System Ad m i n istra t i o n I
-
Chapter 15, Using Virtualized Systems
To create a n d use Red H a t E n t e r p r i s e L i n u x v i rt u a l m a c h i n e s with Ke r n e l - based V i r t u a l M a c h i n e
( KV M ) a n d l i bv i rt.
I n sta l l a Red Hat Enterprise L i n u x system a s a h ost for r u n n i n g v i rt u a l mach i n es.
-
•
-
-
-
•
R
Pe rfo rm a n i nteractive i n sta l l of Red Hat Enterprise L i n u x o n a v i rt u a l m a c h i ne.
References
Get information o n m o re c l a sses ava i l a b l e from Red H a t a t
www. re d hat.com/t ra i n i ng /
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L 7-en-1-20140606
407
-
-
C h a pter 1 6 . C o m p re h e ns ive Review
-
La b: Co m p re h e n s i ve Rev i ew
-
Perfor mance checklist
-
I n t h i s l a b , you w i l l practice a n d d e m o n st rate yo u r k n o w l e d g e a n d s k i l ls.
Outcomes:
-
Co m p l ete t h e fo l l ow i n g tasks a n d s u ccessf u l l y g ra d e t h e s e rve rX system with lab sal - r eview
g r ade as u s e r root o n serverX.
-
Before you begin...
Reset t h e s e rverX m a c h i ne.
Run t h e lab sal - review s e t u p a s u s e r root o n serverX.
1.
U s e B a s h c o m m a n d s to c o m p l ete t h e fo l l ow i n g t a s ks o n t h e s e rverX m a c h i n e :
•
•
2.
D i s p l a y t h e last n i n e l i n e s of t h e / u s r /bin/clean - binary - files f i l e a n d a d d t h e
o u t p u t to t h e / home / s t u d e n t / headt ail . t x t file.
Te n n e w L i n u x syste m s req u i re c h a n g e d o c u m e nt a t i o n f i l es. Ca rry out t h e fo l l o w i n g t a s k s o n
s e rverX t o c reate t h e m :
•
•
•
•
3.
D i s p l a y t h e fi rst 1 2 l i nes o f t h e / u s r /bin/clean - bin·a r y - files f i l e a n d s e n d t h e
o u t p u t to t h e /home/ s t u d e n t /head t ail . t x t f i l e.
C reate t h e em pty f i l e s with t h e fi l e n a m e syst em_c h a n ge s - machineY- mon t h_Z . t x t
i n t h e / home/s t ud e n t d i rectory o n t h e s e r v e r X m a c h i n e a s user student. R e p l a c e Y w i t h
t h e m a c h i n e n u m b e r a n d re p l ace Z with t h e m o n t h s jan, feb, a n d mar.
Create t h e /home/ s t u d e n t / syschanges d i rectory w i t h t h e s u b d i rectories j an, feb,
a n d mar.
-
-
-
-
Sort a l l n ew l y created fi l es by month into the correspo n d i n g s u b d i recto ry.
Rem ove a l l n ewly created f i l e s re l ated to m a c h i n e 9 a n d 1 0, because t h e h a rdware h a s
b e e n re p l a ced p e r m a n e n t l y.
U se t h e m a n pages to research h ow to t u r n off the use of c o l o rs in the o u t p ut. Put t h e
re l evant option o f t h e ls co m m a n d i nto t h e text f i l e /home/ s t u d e n t /lscolo r . t x t o n
serverX.
-
-
-
4.
5.
Copy t h e file /home/ s t u d e n t /vimfile . t x t to /home / s t u d e n t /longlis t i n g . txt
o n s e rverX. Use t h e vim e d it o r to c h a nge t h e /home/s t ud e n t /longlis t in g . t x t f i l e
accord i n g to t h e fo l l ow i n g req u i re m e nts:
•
Rem ove the file ow n e r col u m n . Do n ot remove a ny spaces.
•
Rem ove t h e Docume n t s a n d Pic t u res rows.
•
Save the f i l e w h e n d o n e with e d i t i n g .
-
-
-
C h a n g e confi g u ra t i o n a n d a d d n e w u s e rs a n d a new g ro u p accord i n g to t h e fo l l ow i n g
req u i re m e nts:
-
408
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
Perfo r m a nce c h e c k l ist
•
C h a n g e the defa u lt system sett i n g s for newly c reated u sers to e n s u re t h e i r passwords a re
c h a n g e d at l e a st every 60 d a ys.
-
-
•
C reate a new g ro u p n a m e d i n s t r u c t o r s with a G I D of 30000.
•
C reate t h ree new users: go rwell, r b r a d b u ry, and dadams, w i t h a password of f i r s t pw.
•
•
-
•
-
•
6.
-
•
•
-
-
Set p e r m i s s i o n s o n the /home/in s t r u c t o r s d i rectory so it h a s t h e G I D bit set on t h e
d i rectory, t h e o w n e r a n d g ro u p have f u l l read/w r ite/execute p e r m i s s i o n s , a n d o t h e r u se rs
have read p e r m i ssion to t h e d i recto ry.
Stop the c u r re n t l y r u n n i n g c u p s p r i n t i n g s e rv i ce o n se rve rX. The s e rvice s h o u l d not g et
a ut o m a t i ca l l y sta rted on system boot.
9.
Confi g u re the ssh service on se rverX accord i n g to the fo l l ow i n g req u i re m e nts:
User student o n se rve rX c a n l o g i n with a S S H p u b l i c key to the s t u d e n t account on
d e s ktopX.
D i s a b l e s s h login for t h e root user and password-based S S H a u t h e ntication o n serverX.
10. Yo u r s e rverX m a c h i n e h a s been relocated to the B a h a mas. The fo l l o w i n g c h a n g es have to b e
m a d e o n t h e s e r v e r X m a c h i n e:
•
C h a n g e t h e t i m e zone on t h e serverX m a c h i n e to Ba h a m a s a n d verify t h e t i m e zone h a s
b e e n c h a n g e d prope r l y.
11.
Record t h e c o m m a n d to d i s p l a y a l l syst emd jou r n a l ent ries record e d betwee n 9:05:00 a n d
9:1 5 : 0 0 i n t h e /home/s t u d e n t /syst emd r eview . t x t f i l e.
12.
C o nf i g u re r syslogd b y a d d i n g a ru l e to t h e new l y c reated confi g u ra t i o n fi l e
/et c / r syslog . d/au t h - e r r o r s . conf to l og a l l secu rity a n d a u t h e nt i c a t i o n messages
t h a t g et record e d i n the a u t h p r i v fa c i l ity w i t h t h e prio rity a le rt and h i g h e r to the
/va r /log/au t h - e r ro r s file a s we l l . Test t h e newly added l o g d i rective w i t h t h e logg e r
com m a n d .
13.
C reate a new stat i c n etwo r k c o n n ection u s i n g t h e sett i n g s i n the fo l l o w i n g t a b le. Be s u re to
re p l a ce the X with the correct n u m be r for yo u r systems.
-
-
T h e d i rectory i s owned by u s e r root and g ro u p i n structo rs.
8.
•
-
Fo rce a l l t h ree newly c reated users to c h a n g e t h e i r password o n fi rst l o g i n .
Dete r m i n e t h e p rocess u s i n g t h e most C P U resou rces on serverX a n d te r m i n ate it.
•
-
C h a n g e t h e password p o l icy for t h e go rwell account to req u i re a new password every 1 0
days.
7.
-
-
Set t h e t h re e n e w l y created accounts to e x p i re 60 d ays from today.
C reate the s h a red d i rectory / h ome/in s t r u c t o r s on serverX accord i n g to t h e fo l l ow i n g
req u i re m ents:
-
-
A d d t h e new u sers to t h e s u p p l e m e ntary g ro u p in s t r u c t o r s . T h e p r i m a ry g ro u p s h o u l d
re m a i n a s t h e u s e r private g ro u p.
-
-
-
R H 1 24- R H E L 7-en-1-20140606
409
-
C h a pter 1 6 . Com p re h e n s ive Review
-
Confi g u re the new c o n n ect i o n to be a u t o m a t i c a l l y sta rted .
•
O t h e r co n n ec t i o n s s h o u l d not sta rt a u t o m a t i c a l l y.
•
Mod ify t h e new co n n ection so t h a t it a l s o uses the a d d ress 1 0.0. X .1 /24.
•
Config u re t h e hos t s f i l e so t h a t 1 0.0.X.1 c a n be refe renced as " my h o s t " .
-
-
S e t t h e host n a m e to se rve rX.exa m p l e.com.
Para m et e r
Sett i n g
Connection name
review
IP a d d ress
172.25.X.11 /24
Gateway a d d ress
172.25.X.254
DNS a d d ress
172.25.254.254
-
14.
Sy n c h ro n ize the / e t c d i rectory t ree o n s e rverX to the /configbac k u p d i rectory on
se rve rX.
15.
C reate a n a rc h ive n a m e d / r oo t /config u rat ion - bac ku p - serve r . t a r . g z with t h e
/config bac k u p d i rectory a s content.
1 6. To p re p a re the arch ived d i rectory t ree for com pa rison w i t h t h e c u r re n t l y
active l y u s e d confi g u ra t i o n f i l es o n serverX, extract t h e contents o f t h e
/ root /configu r a t ion - bac k u p - se rve r . t a r . gz a rc h ive to t h e
/ t m p / configcompare/ d i rectory o n se rve rX.
17.
-
-
-
Perfo r m t h e fo l l ow i n g t a s ks on t h e serverX m a c h i n e:
•
•
Use s s h to execute t h e hos t n ame com m a n d o n deskto p X as user st u d e nt. S e n d t h e
o u t p u t o f t h e h o s t name co m m a n d to t h e / t mp/sc pfile . t x t f i l e o n d eskto pX.
Use s c p to copy t h e /tmp/scpfile . t x t file from d es ktopX to
/home/ s t u d e n t / s c pfile . t x t .
1 8 . C reate t h e f i l e / e t c /yum . repos . d / localu p d a t e s . r e p o to e n a b l e t h e " U pdates"
re pository fo u n d o n t h e content m a c h i ne. I t s h o u l d access content fo u n d a t t h e fo l l ow i n g
U R L: http://co ntent.exa m p l e.com/r h e l 7.0/x8 6_64/errata. D o not c h e c k G P G s i g n a t u res.
-
-
-
-
1 9.
Config u re serverX to a d h e re to specific softwa re req u i re m e nts:
•
The ke r n e l package should b e u pdated to the l atest vers i o n .
•
The xsane - gimp p a c k a g e s h o u l d b e i n sta l l ed.
•
The r h t - system package should b e i n s ta l l e d .
•
Fo r secu rity rea s o n s , se rve r X s h o u l d n o t h a v e t h e wvdial p a c k a g e i n st a l l ed .
-
-
F I X M E: n e e d to w a i t f o r f i n a l b i t s i n c l u d i ng rea l ava i l a b l e errata p a c ka g e s .
2 0 . G e n e rate a d i s k u s a g e r e p o r t w i t h t h e d u co m m a n d of t h e / u s r / s h a r e / f on t s d i rectory o n
se rve rX a n d save t h e res u l t i n t h e /home/ s t u d e n t / d u r e p o r t . t x t fi l e.
-
-
41 0
R H 1 24- R H E L7-en-1 -20140606
-
-
-
-
Perfo r m a n ce c h e c k l ist
-
21.
I d e ntify a n d m o u nt a n ew l y a d d e d f i l e syste m by U U I D o n t h e /mnt /datadump d i rectory o n
serverX.
-
22. C reate t h e soft l i n k / r oot /myd ataspace, w h i c h points to t h e /mn t /d a t ad u m p d i rectory
o n serverX.
-
23. Record t h e co m m a n d to find a l l soft l i n ks o n serverX that have d a t a as pa rt of t h e i r n a m e in
the / home/s t u d e n t /find . t x t f i l e.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H124-R H E L 7-en-1-201 40606
411
-
-
C h a pter 1 6. C o m p re h e n s ive Review
-
Sol ution
I n t h i s l a b , you w i l l practice a n d d e m o n st rate your k n o w l e d g e a n d s k i l ls.
Outcomes:
C o m p l ete t h e fo l l ow i n g ta s ks and s u ccessf u l l y g ra d e the serverX system with lab sal - r eview
g r ad e as user root on serverX.
-
-
-
Before you begin ...
Reset t h e serverX m a c h i ne.
-
Run t h e lab sal - r eview s e t u p a s u s e r root o n s e rverX.
1.
U s e B a s h c o m m a n d s to c o m p l ete t h e fol l o w i n g t a s ks o n the se rve rX m a c h i n e :
•
D i s p l ay t h e first 1 2 l i nes of t h e / u s r/bin/c lean - binary - files f i l e a n d s e n d t h e
o u t p u t to t h e /home / s t u d e n t / head t ail . t x t f i l e.
•
1 .1 .
D i s p l a y t h e l a st n i n e l i n e s of t h e / u s r / bin/clean - binary - files f i l e a n d a d d t h e
output to t h e / home/ s t ud e n t / headt ail . t x t f i l e.
D i s p l a y t h e f i rst 1 2 l i nes o f t h e / u s r/bin/c lean - binary - files f i l e a n d s e n d t h e
co m m a n d o u t p u t to t h e / home/s t u d e n t /headt ail . t x t f i l e.
[student@serverX
�
!
!
- ] $ head - n 12 / u s r / bin/clean - binary - files >/home/ s t u d e n t /
-
-
-
-
headt ail . txt
-
1.2. D i s p l ay t h e l a st n i n e l i nes of the / u s r /bin/clean - binary - files file and add the
co m m a n d output to the /home / s t u d e n t /head t ail . t x t f i l e .
I [student@serverX
i headt ail . txt
-
- ] $ t ail - n 9 /us r/bin/clean - binary - files >>/home/ s t u d e n t /
I
2.
-
Te n new L i n u x syst e m s req u i re c h a n g e doc u m e nt a t i o n fi l es. C a r ry out t h e fo l l ow i n g t a s ks o n
serverX to c reate t h e m :
•
•
•
•
-
C reate the em pty f i l e s with the f i l e name sys t em_c h an g e s - mac h i n e Y - mon t h_Z . txt
i n the / home / s t u d e n t d i rectory o n the se rve r X m a c h i n e a s user st u d e n t . R e p l a c e Y w i t h
t h e m a c h i n e n u m be r a n d re p l ace z with t h e m o n t h s jan, feb, a n d mar.
C reate t h e /home/ s t u d e n t /syschanges d i rectory w i t h t h e s u b d i rectories j an, feb,
and mar.
-
Sort all n ewly created fi l es by m o n t h i nto t h e corres p o n d i n g s u b d i recto ry.
Remove a l l newly c reated f i l es related to m a c h i n e 9 a n d 1 0, because t h e h a rd wa re h a s
been re p l aced p e r m a n e nt l y.
2 .1 . C reate a tota l of 30 f i l es w i t h n a mes syst em_chan g e s - machine Y- mon t h_Z . t x t .
Re p l a ce Y w i t h t h e m a c h i n e n u m be r a n d re p l a ce Z w i t h t h e m o n t h s jan, feb, a n d mar.
r
[student@serverx
-
-
-
- ] $ t o u c h -student/system_changes - machine { 1 . . 10} ­
mont h_{ j an , feb , ma r } . tx t
-
412
R H1 24- R H E L7-en-1-20140606
-
-
-
-
Solution
-
2.2. C reate t h e /home/ s t u d e n t /syschanges d i rectory with t h e s u b d i rectories j an, feb,
and mar.
j [student@serverx -]$ m k d i r
-
- p /home/student/syschange s / { j an , feb , mar}
I
-
�
2.3. S o rt a l l n e w l y c reated f i l es by m o n t h i nto t h e corres p o n d i n g s u b d i recto ry.
[ student@serverx -]$
[student@serverX -]$
syschanges/feb/
[student@serverX -]$
-
�
mv - s t u d e n t / system changes - machine * j an . xt /home/ s t udent/
syschanges/j an/
-
syschanges/mar/
-
mv -student/system_changes - machin e * feb . txt /home/student/
mv - s t u d e n t / system_change s - machine *mar . txt /home/student/
II
I
j'
l
1
2.4. R e m ove a l l n ewly created f i l es re l ated to m a c h i n e 9 a n d 1 0.
[student@serverx -]$
-
-
·��������--'
rm - f /home / s t udent/syschanges/ * /sys t em_change s ­
machine{ 9 , 10} * . txt
3.
Use the man pages to research how to t u r n off t h e use of c o l o rs in the output. Put the
re l eva nt opt i o n of the ls co m m a n d i nto the text f i l e / home/ s t u d e n t /lscolo r . t x t on
serverX.
-
3.1 . Look u p t h e re l eva nt o pt i o n i n the ls(1) m a n page to dete r m i n e how to p reve nt I s from
p rovi d i n g co l o rfu l output. W h a t i s the correct option?
I
-
-
[student@serverX -]$
man ls
ls uses - - colo r =neve r to t u r n off co l o rs i n t h e c o m m a n d o u t p ut.
3.2. C reate t h e text file /home / s t u d e n t /lscolo r . txt with the ls option to turn off
c o l o rfu l output.
[ student@serverX -]$
-
4.
-
Copy the f i l e /home / s t u d e n t /vimfile . txt to /home/ s t u d e n t /longlis t ing . t x t
o n serverX. U s e t h e vim e d i t o r to c h a n g e t h e /home/ s t u d e n t / lon glis t i n g . txt f i l e
accord i n g to t h e fo l l ow i n g req u i re m e nts:
•
R e m ove the file owner co l u m n . Do n ot re m ove a ny spaces.
•
R e m ove the Docume n t s and P ic t u r e s rows.
•
Save the f i l e w h e n done with e d it i n g .
-
-
-
e c h o " - - color=neve r " >/home/st u d e n t /lscolo r . txt
4.1 . C o p y t h e f i l e / home / s t u d e n t /vimfile . t x t t o
/ home/ s t u d e n t /longli s t in g . t x t .
[ student@serverx -]$
cp /home/student/vimfile . txt /home / s t udent /longlistin g . t x t
-
-
-
R H 1 24- R H E L 7 - en -1 -20140606
41 3
-
-
C h a pter 1 6. Co m p re h e n s ive Review
-
4.2. Edit the f i l e u s i n g V i m , to take a d v a n t a g e of visual mode.
I [ student@serverx - ] $ vim / home/s t u d e n t /longlisting . t xt
-
I
4.3. R e m ove t h e owner c o l u m n from t h e f i l e.
-
U s e t h e a r row keys to pos i t i o n t h e c u rs o r at t h e fi rst c h a ra cter of t h e g ro u p owner
co l u m n . Enter visual mode w i t h C t r l - v. U s e t h e a r row keys to p o s i t i o n t h e c u rsor at
t h e l a st c h a racter a n d row of t h e g ro u p o w n e r co l u m n . D e l ete t h e s e l ec t i o n with x.
4.4. R e m ove t h e Docume n t s and Pic t u r e s rows. Th i s t i m e, enter v i s u a l m o d e with an
u p p e rcase v, which a utomatica l ly s e l ects f u l l l i nes.
U s e the a r row keys to pos i t i o n the c u rsor at a ny c h a racter on the Docume n t s row.
E n t e r v i s u a l m o d e with a n u p p e rcase v. T h e fu l l l i n e is s e l ected, a s s h o w n i n t h e screen
s h ot. D e l ete t h e s e l ection w i t h x. Repeat for t h e Pic t u res row.
-
-
-
-
4.5. S a ve t h e f i l e a n d exit the editor.
Press t h e "esc" key a n d enter ":wq " to w rite t h e f i l e a n d exit vim.
-
5.
C h a n g e confi g u ra t i o n a n d add new u s e rs a n d a new g ro u p accord i n g to t h e fo l l o w i n g
req u i re m e n t s :
•
C h a n g e t h e defa u lt system sett i n g s for n ew l y c reated users to e n s u re t h e i r passwords a re
c h a n g e d at l e a st every 60 d a ys.
•
Create a new g ro u p n a med ins t r u c t o r s with a G I D of 30000.
•
Create t h ree new users : go rwell, r br a d b u ry, a n d dadams, with a pa sswo rd of f i r s t pw.
•
•
•
•
Add t h e new u s e rs to t h e s u p p l e m entary g r o u p inst r u c t o r s . T h e p r i m a ry g r o u p shou l d
re m a i n a s t h e u s e r private g ro u p.
-
-
-
-
Set t h e t h ree n e w l y c reated accou nts to ex p i re 60 days from today.
C h a n g e t h e pa ssword p o l icy for t h e go rwell a ccount to req u i re a n e w password every 1 0
days.
Fo rce a l l t h ree newly c reated u sers to c h a n g e their pa ssword o n fi rst l o g i n .
5.1. C h a n g e t h e d e fa u lt syste m sett i n g s fo r n e w l y c reated users t o e n s u re t h e i r pa sswords
a re c h a n g e d a t l east every 60 d ays.
[student@serverx - ] $
[ student@serverx - ] $
. . . Output omitted . . .
PASS_MAX_DAYS 60
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
PASS_WARN_AGE 7
. . . Output omitted . . .
sudo vim /etc/login . defs
cat /etc/login . defs
-
-
-
-
-
-
5.2. C reate a new g ro u p n a m e d i ns t r u ctors w i t h a G I D of 30000.
-
414
R H 1 24- R H E L 7-en-1-20140606
-
-
-
-
S o l ut i o n
-
[student@serverX -]$
[student@serverX -]$
stapdev : x : 158 :
pesign : x : 989 :
tcpdump : x : 72 :
slocate : x : 21 :
instructors : x : 30000 :
-
-
sudo g roupadd - g 30000 i n s t r uc t o r s
t ail - 5 /etc/group
5 . 3 . C reate t h re e n e w u se rs: go rwell, r b radbu ry, a n d dadams, with a password of
f i r s t pw a n d a d d t h e m to t h e s u p p l e m e ntary g ro u p inst r u c t o r s. T h e p ri m a ry g ro u p
s h o u l d re m a i n a s t h e u s e r private g ro u p.
[student@serverx -]$ sudo user add - G in s t r u c t o r s go rwell
[ student@serverX -]$ sudo useradd - G i n s t r u c t o r s rbradbury
[student@serverX -]$ sudo user add - G i n s t r u c t o r s dadams
[ student@serverX -]$ t ail -5 /etc/group
slocate : x : 21 :
instructors : x : 30000 : gorwell, rbradbury, dadams
gorwell : x : 1001 :
rbradbury : x : 1002 :
dadams : x : 1003 :
[student@serverX -]$ sudo pas swd go rwell
Changing password for user gorwell .
New password : fi r s t pw
BAD PASSWORD : The password is shorter than 8 characters
Retype new password : firstpw
passwd : all authentication tokens updated successfully .
[student@serverx -]$ sudo pas swd r b radbu ry
[student@serverX -]$ sudo pas swd dadams
-
-
-
-
-
-
-
5.4. Dete r m i n e t h e date 60 d a ys i n t h e fut u re a n d set e a c h of t h e t h ree new u s e r acco u nts
to expire o n that date.
[student@serverX -]$ d a t e - d "+60 day s "
Mon April 5 11 : 49 : 24 EDT 2014
[student@serverx -]$ sudo chage - E 2014 - 04 - 05
[student@serverX -]$ sudo chage - E 2014 - 04 - 0 5
[ student@serverX -]$ sudo chage - E 2014 - 04 - 05
-
-
-
-
-
_J
go rwell
r b radbury
dad ams
5.5. C h a n g e t h e pa ssword p o l icy for t h e go rwell acco u nt to req u i re a new password every
1 0 days.
[student@serverX -]$ sudo chage -M 10 go rwell
[student@serverX -]$ c hage go rwell
Last password change
Password expires
Password inactive
Account expires
j Minimum number of days between password change
I Maximum number of days between password change
J Number of days of warning before password expires
-1
·
I [ student@serverX -]$
Feb 04, 2014
Feb 14, 2014
never
April 05, 2014
0
10
7
5.6. Fo rce a l l t h re e n e w l y c reated users to c h a n g e t h e i r pa ssword on f i rst l o g i n .
-
-
-
R H 1 24- R H E L7-en-1-20140606
sudo c hage - d 0 go rwell
41 5
-
·-
C h a pter 16. C o m p re h e n s ive Review
[student@serverX
[student@serverX
·-
- ] $ sudo c h a g e - d a r b radb u r y
- ] $ sudo chage - d a dadams
-
6.
C reate t h e s h a red d i rectory / h ome/inst r u c t o r s on serverX accord i n g to t h e fo l l o w i n g
req u i re m e nts:
•
•
The d i rectory i s o wn ed by u s e r root a n d g ro u p i n st r u ctors.
Set permissions o n the /home/in s t r u c t o r s d i rectory so it h a s the G I D bit set o n the
d i recto ry, the owner and g r o u p have f u l l rea d/w rite/execute permissions, and ot h e r users
have read p e r m i s s i o n to t h e d i recto ry.
-
6.1. O p e n a term i n a l w i n dow a n d become root on serverX.
�
udent@serverx
Password :
I [ root@serverx
-
-
-]$ su -
redhat
-]#
-
6.2. C reate t h e / home/ins t r uc t o r s d i recto ry.
[ root@serverX
-
- ] # mkdir /home/in s t r u c t o r s
6.3. C h a n g e g ro u p p e r m i s s i o n s o n the /home/in s t r u c t o r s d i rectory so it b e l o n g s to t h e
g ro u p i n st r u ctors.
I [ root@serverX - ] # c hown
: in s t r uc t o r s /home/in s t r u c t o r s
6.4. Set p e r m i s s i o n s o n the / home/in s t r u c t o r s d i rectory so it is a set G I D bit d i rectory
(2), t h e owner (7 ) and g ro u p (7) h ave fu l l read/write/execute p e r m i s s i o n s , and o t h e r
users h a v e r e a d p e r m i s s i o n ( 4 ) to t h e d i recto ry.
I
[ root@serverX
�
[ root@serverX - ] # ls - ld /home/ins t r u c t o r s
drwxrwsr- - . 2 root instructors 1024 Dec 9 1 : 38 /home/instructors
Dete r m i n e t h e process u s i n g t h e m ost C P U resou rces o n s e rverX a n d t e r m i nate it.
7.1 . I n a ter m i n a l w i n d ow, r u n t h e top u t i l ity. S i z e t h e w i n d ow as ta l l as poss i b l e. To p s o rts a l l
p rocesses b y C P U u t i l izat i o n . The c p u h o g p rocess i s t h e o n e w i t h t h e h i g hest C P U u s a g e.
[ root@serverX - ] # top
top 12 : 47 : 46 up 2 : 02, 3 users, load average : 1 . 67, 1 . 25, 0 . 73
Tasks : 361 total, 6 running, 355 sleeping, 0 stopped, 0 zombie
%Cpu ( s ) : 98 . 5 us, 1 . 4 sy, 0 . 0 ni, 0 . 0 id , 0 . 0 wa, 0 . 0 hi, 0 . 1 si, 0 . 0 st
KiB Mem : 2043424 total, 897112 used, 1146312 free,
1740 buffers
0 used , 4079612 free . 296276 cached Me
KiB Swap : 4079612 total,
PID USER
TIME+ COMMAND
PR NI VIRT RES SHR S %CPU %MEM
4019 root
76
20 0 4156
0 R 57 . 5 0 . 0 2 : 54 . 15 cpuhog
-
41 6
-
-
- ] # chmod 2774 / h me/in s t r u c t o r s
6.5. Check t h a t the p e r m i s s i o n s were set p ro p e r l y.
7.
-
R H 1 24- R H E L7-en-1-20140606
-
-
-
-
-
-
-
-
-
-
-
Solution
2492 student 20 0 1359500 168420 37492 s 16 . 8 8 . 2 3 : 55 . 58 gnome-shell
1938 root
20 0 189648 35972 7568 R 1 . 9 1 . 8 0 : 29 . 66 Xorg
2761 student 20 0 620192 19688 12296 s 0 . 4 1 . 0 0 : 04 . 48 gnome-termi+
-
-
o u tpu t t runca ted
7.2 . Exit the top d i s p l ay.
-
Press q to q u it.
-
7.3. Te r m i n ate t h e c p u hog process u s i n g the com m a n d l i ne. Confirm t h at t h e p rocesses no
l o n g e r d i s p l ay i n top.
I [ root@serverx -]#
-
-
8.
Stop the c u r re n t l y r u n n i n g cups p r i n t i n g s e rvice o n serverX. The s e rvice s h o u l d not get
a utomatica l l y sta rted on syste m boot.
8.1 . Stop the cups service.
-
[ student@serverX -]$
[student@serverx -]$
-
I
-
9.
[student@serverX -]$
[student@serverx -]$
sudo syst emc t l disable c u p s
sudo s y s t e m c t l s t a t u s cups
Confi g u re the s s h s e rvice o n serverX accord i n g to the fo l l o w i n g req u i re m e nts:
•
•
-
sudo systemc t l stop cups
sudo syst emc t l s t a t u s c u p s
8.2. Confi g u re t h e c u p s service so that it does n ot sta rt a t system boot.
-
-
pkill cpuhog
User student o n s e rve r X ca n l o g i n with a S S H p u b l i c key to the s t u d e nt acco u n t o n
desktopX.
D i sa b l e s s h login for t h e root user and pa sswo rd-based SSH a ut h e nt i c a t i o n o n se rve rX.
9.1 . G e n e rate a S S H p u b l ic key o n serverX a s user stude nt.
I
[student@serverx -]$
s s h - keygen
9.2. I n sta l l the SSH p u b l i c key g e n e rated p reviou s l y o n se rverX to the s t u d e n t acco u n t on
d e s ktopX.
-
-
-
-
[student@serverx -]$ s s h - copy - id desktopX
/usr/bin/ssh -copy-id : INFO : attempting to log in with the new key( s ) , to filter
out any that are already installed
/usr/bin/ssh-copy-id : INFO : 1 key( s ) remain to be installed - - if you are
prompted now it is to install the new keys
student@desktopX ' s password : s t udent
Number of key ( s ) added : 1
Now try logging into the machine, with : "ssh ' student@desktopX ' "
and check to make sure that only the key ( s ) you wanted were added .
-
-
-
RH124- R H E L 7-en-1-20140606
417
-
-
C h a pter 1 6. C o m p re h e n s i ve Review
-
9.3. Log in, then c h a n g e to the root a ccou nt, o n the s e rverX v i rt u a l m a c h i n e.
I
[student@desktopX -]$
-
su -
9.4. C u s t o m i z e t h e s s h service o n s e rverX by d i s a b l i n g S S H c o n n e c t i o n s for t h e u s e r root
a n d o n l y a l low key-based l o g i n .
S e t t h e n ecessa ry confi g u ra t i o n f i l e p a ra m eters i n / e t c / s s h / s s hd_config:
PermitRootLogin no
PasswordAuthentication no
-
-
-
9.5. Restart t h e sshd service o n serverX.
[ root@serverx -] #
sys t emc t l r e s t a r t s s h d
-
9.6. O n a d iffe re nt term i n a l w i n dow o n desktopX, va l i date t h a t user root c a n n ot connect to
serverX with t h e ssh co m m a n d . I t s h o u l d fa i l beca use we d i s a b l e d root logins w i t h t h e
s s h servi ce.
[ student@desktopX -]$ ssh root@serverX
Password : redhat
Permission denied, please try again .
Password : redhat
Permission denied, please try again .
Password : redhat
Permission denied ( publickey, gssapi- keyex, gssapi-with - mic, password ) .
1 0. Yo u r serverX m a c h i n e h a s been rel ocated to t h e B a h a mas. T h e fo l l o w i n g c h a n g e s h ave to be
m a d e o n the serverX m a c h i n e :
•
C h a n g e t h e t i m e zone on t h e serverX m a c h i n e to B a h a m a s a n d ve r i fy t h e t i m e z o n e has
been c h a n g e d prope r l y.
-
-
-
-
-
-
1 0.1 . I d e ntify t h e correct t i m e z o n e for B a h a m a s on serverX.
[ root@serverx -]# t zselect
Please identify a location so that time zone rules can be set correctly .
Please select a continent or ocean .
1} Africa
2 } Americas
3} Antarctica
4) Arctic Ocean
5 ) Asia
6 } Atlantic ocean
7 ) Australia
8 } Europe
9 ) Indian Ocean
10} Pacific Ocean
11} none - I want to specify the time zone using the Posix TZ format .
#? 2
Please select a country .
28} Haiti
1} Anguilla
29 } Honduras
2 } Antigua & Barbuda
-
-
-
-
-
-
41 8
R H 1 24- R H E L7-en-1-20140606
-
-
Sol ution
-
-
-
-
-
-
-
-
-
-
-
-
-
30 ) Jamaica
3 ) Argentina
4 ) Aruba
31 ) Martinique
5 ) Bahamas
32 ) Mexico
6 ) Barbados
33 ) Montserrat
7 ) Belize
34 ) Nicaragua
8 ) Bolivia
35 ) Panama
9 ) Brazil
36 ) Paraguay
10 ) Canada
37 ) Peru
11 ) Caribbean Netherlands 38 ) Puerto Rico
12 ) Cayman Islands
39 ) St Barthelemy
13 ) Chile
40 ) St Kitts & Nevis
14 ) Colombia
41 ) St Lucia
15 ) Costa Rica
42 ) St Maarten ( Dutch part )
16 ) Cuba
43 ) St Martin ( French part )
17 ) Curacao
44 ) St Pierre & Miquelon
18 ) Dominica
45 ) St Vincent
19 ) Dominican Republic
46 ) Suriname
20 ) Ecuador
47 ) Trinidad & Tobago
21 ) El Salvador
48 ) Turks & Caicos Is
22 ) French Guiana
49 ) United States
23 ) Greenland
50 ) Uruguay
24 ) Grenada
51 ) Venezuela
25 ) Guadeloupe
52 ) Virgin Islands (UK)
26 ) Guatemala
53 ) Virgin Islands (US)
27 ) Guyana
#? 5
The following information has been given :
Bahamas
Therefore TZ= ' America/Nassau ' will be used .
Local time is now : Fri Mar 7 09 : 38 : 50 EST 2014 .
Universal Time is now : Fri Mar 7 14 : 38 : 50 UTC 2014 .
Is the above information OK?
1 ) Yes
2 ) No
#? 1
You can make this change permanent for yourself by appending the line
TZ= ' America/Nassau ' ; export TZ
to the file ' . profile ' in your home directory; then log out and log in again .
Here is that TZ value again, this time on standard output so that you
can use the /usr/bin/tzselect command in shell scripts :
America/Nassau
-
1 0.2 . C h a n g e t h e time z o n e to A m e rica/ N a s s a u o n serverX.
-
-
-
-
[ root@serverX -]#
t imedatec t l set - timezone America/Nassau
1 0.3. Ve rify the t i m e zo n e has been properly set on serverX.
[ root@serverX -]#
Local time :
Universal time :
RTC time :
Timezone :
NTP enabled :
NTP synchronized :
RTC in local TZ :
Wed 2014-04-09
Wed 2014-04-09
Wed 2014-04-09
America/Nassau
yes
no
no
t imedatec t l
18 : 21 : 06 GEST
16 : 21 : 06 UTC
16 : 21 : 06
( GEST, +0200 )
-
-
-
R H 1 24- R H E L7-en-1-201 40606
419
-
-
C h a pte r 1 6. C o m p re he n s ive Review
I.
I
I
DST active : yes
Last DST change : DST began at
Sun 2014-03-30 01 : 59 : 59 CET
Sun 2014-03-30 03 : 00 : 00 CEST
Next DST change : DST ends ( the clock j umps one hour backwards ) at
Sun 2014-10-26 02 : 59 : 59 CEST
Sun 2014-10-26 02 : 00 : 00 CET
-
-
-
'--- �-�--- --�--��-�----'
11.
12.
Record t h e com m a n d to d i s p l a y a l l syst emd j o u r n a l e n t ries record e d between 9 : 0 5 : 0 0 a n d
9:15:00 i n t h e /home / s t u d e n t / systemd review . t x t f i l e.
I
[ root@serverX -]#
echo " j ou rnalctl - - since 9 : 05 : 00 - - u n t il 9 : 15 : 00 " >/home / s t udent/
-
-
systemdreview . txt
Confi g u re r syslogd by a d d i n g a r u l e t o t h e n e w l y created config u ra t i o n f i l e
/ e t c / r syslog . d/au t h - e r ro r s . c o n f to l o g a l l secu rity a n d a u t h e ntication m e s s a g es
t h a t get recorded i n t h e a ut h p r i v fac i l ity w i t h t h e p r i o rity a l ert a n d h i g h e r to t h e
/var /log/au t h - e r ro r s fi l e a s we l l . Test t h e n e w l y a d d e d log d i rective with t h e logge r
command.
-
-
1 2.1. Add t h e d i rective to log au t h p r iv . ale r t sys log m e s s a g e s to t h e
/var/log/au t h - e r ro r s f i l e i n t h e / e t c / r syslog . d/au t h - e r ro r s . c o n f
confi g u ration f i l e.
I [ root@serverx -] # echo
-
" au t h p r iv . ale r t /var/log/au t h - e r ro r s " >/etc/r syslog . d/
I au t h - e r r o r s . conf
L_
-
1 2 .2. Restart t h e r syslog service o n se rve rX.
j [ root@serverx -]#
-
syst emc t l r e s t a r t r syslog
� --���---�----����--�---'
1 2 .3. M o n itor t h e n e w l y created l o g f i l e /va r/log/au t h - e r r o r s on serverX for c h a n g es i n
a d iffe re nt t e r m i n a l w i n dow.
[ root@serverX -]#
-
t ail -f /var/log/au t h - e r r o r s
1 2.4. U s e logger to create a new l o g e ntry to /va r/log/au t h - e r ro r s o n serve r X .
I
[ root@serverx -]#
--
i
I
13.
-
logger - p authp riv . ale r t " Logging t e s t a u t h p riv . ale r t "
-
12.5. Ve rify t h e message sent to sys l o g with t h e logge r c o m m a nd a p pe a rs i n t h e
/va r/log/au t h - e r ro r s fi l e o n serverX i n t h e t e r m i n a l r u n n i n g t ail - f /va r /
log/au t h - e r r o r s .
I [ root@serverX -]#
-
-
-------�---,
Feb 13 11 : 21 : 53 serverl root : Logging test authpriv . alert
-----
t ail - f /var/log/au t h - e r r o r s
C reate a new stat i c n etwork c o n n ection using t h e sett i n g s i n the fo l l owi n g table. B e s u re to
re p l a c e t h e X w i t h the c o r rect n u m be r for yo u r systems.
-
-
420
RH124- R H E L 7-en-1-20140606
-
-
-
-
Solution
-
-
•
Confi g u re t h e new con n e ct i o n to b e a utomatica l l y sta rted.
•
other c o n n e ct i o n s s h o u l d not start a utomat ica l l y.
•
M o d ify t h e new connect i o n so t h a t it a l s o uses t h e a d d ress 1 0.0.X.1 /24.
•
Config u re t h e h o s t s f i l e so t h a t 1 0.0.X.1 c a n be refe re n ced as " my h ost " .
•
S e t t h e host n a m e t o s e rverX.exa m p l e.com.
-
-
-
-
Pa ra m eter
Sett i n g
Connection name
review
IP a d d ress
172 .25.X.11 /24
Gateway a d d ress
172.25.X.254
D N S a d d ress
172.25.254.254
-
1 3 .1 . C reate a new static network c o n n e c t i o n u s i n g the sett i n g s in the ta b l e. Be s u re to
re p l a ce the X w i t h the correct n u m be r for yo u r syste ms.
-
-
-
-
.
L
.
1
-
�
�m
�
· ·-1
- ] # nmcli con a d d con - n me revie ifn e e t h EI
pe ethernet ip4
172 . 25 . X . 11/24 gw4 172 . 25 . X . 254
- ] # nmcli con mod 11 review11 ipv4 . d n s 172 . 25 . 254 . 254
[ root@serverx
-- --- - ��-
--- --��- - - --------
13.2. Confi g u re t h e new c o n n e c t i o n to be a utosta rted. o t h e r c o n n e c t i o n s s h o u l d not start
a utomatica l l y.
1
I
i
L_ _
-
�
r' �·root@serverX
[ root@se rve rx
[ root@serverX
i [ root@serverx
- � - - -�-
- ] # nmcli con mod " review" conne c t ion . a u t oconnect yes
- ]# nmcli con mod " System e t h EI " conne c t ion . autoconnect no
-- -
:
13.3. M o d ify t h e new connect i o n so that it a l so uses t h e a d d ress 1 0.0.X.1 /24.
L.
- ] # nmcli con mod " review" +ipv4 . addresses 19 . 9 . X . 1/24
Or a l ternate l y :
[ root@serverX
[ root@serverx
-
- ] # e c h o " I PADDR1=10 . El . X . 1 " >> /etc/sysconfig/netwo r k - sc ripts/
ifcfg - review
-
-
»
/etc/sysconfig/netwo r k - sc ripts/ifcf g ­
1 3.4. Config u re t h e hos t s f i l e so t h a t 1 0.0.X.1 can be refe re nced as " myhost " .
i
-
- ] # echo " PREFIX1=24"
review
!
[ root@serverX
- ] # echo " 10 . El . X . 1 myhos t " > > /etc/ho s t s
13.5. Set t h e host n a m e to serverX.exa m p l e.com.
-
j [ root@serverx - ] # host namec t l set - hostname serverX . example . com
-
-
-
R H 1 24- R H E L7-en-1 -20140606
421
-
-
C h a pter 1 6. C o m p re h e n s ive Review
-
14. S y n c h r o n i z e the /etc d i rectory t re e o n serverX to the /configbac k u p d i rectory on
serverX.
-
14.1 . To be a b l e to c reate t h e ta rget d i rectory /configbac kup, switch to t h e root user
acco u nt w i t h t h e s u com m a n d .
[student@serverX -]$
Password : redhat
[ root@desktopX -]#
-
su
14.2 . C reate t h e ta rget d i rectory f o r t h e confi g u ra t i o n f i l es o n serverX.
[ root@serverX -]#
I
-
mkdir /configbac kup
-
14.3. U s e the r sync c o m m a n d to sy n c h ro n i z e the /etc d i rectory t re e o n s e rverX to the
/configsync d i rectory o n s e rverX. Be a wa re that o n l y t h e root user ca n rea d a l l the
content in the /etc d i rectory o n se rve rX.
I [ root@serverX -]# rsync
- av /etc /configbackup
-
!
15.
C reate a n a rc h ive n a m e d / r oo t /config u r at ion - backu p - s e r ve r . t a r . gz w i t h t h e
/config bac k u p d i rectory a s content.
-
1 5.1 . Store t h e /configbac k u p d i rectory i n the
/ r oo t /config u r a t ion - bac k u p - se rve r . t a r . gz a rc h ive.
-
1 zr �ot@serverx -]# tar czf / root/configu ration - backu p - se r v:������-g� /configbac kup I
·
I
__
--
-
----�-------�
16. To p repa re t h e a rc h ived d i rectory t ree for c o m pa rison with t h e c u r r e n t l y
a ctive l y used confi g u ra ti o n f i l es o n s e rverX, extract t h e contents of t h e
/ root/config u r at ion - bac k u p - s e rve r . t a r . gz a rc h ive to t h e
/tmp/configcompare/ d i rectory o n serverX.
-
-
1 6.1 . C o n n e ct to t h e serverX m a c h i n e as user root by using ssh.
[ root@desktopX - ] #
Password : redhat
[ root@serverx -]#
-
s s h root@serverX
-
1 6.2 . C reate t h e ta rget d i rectory / t mp/configcompa re/ w h e re t h e contents o f t h e
/ r oot /config u r a t ion - bac k u p - se rve r . t a r . gz arch ive w i l l g e t extracted.
l
[ root@serverx -]#
mkdir /tmp/configcompare
-
1 6. 3. C h a n g e to the ta rget d i rectory / t mp/configcompare/ o n s e rverX.
[ root@serverX -]# cd / t mp/configcompare
[ root@serverX configcompare]#
422
R H1 24- R H E L7-en-1-20140606
-
-
-
-
S o l ut i o n
-
1 6.4. Extract t h e contents of t h e / r oot/config u rat ion - bac ku p - serve r . t a r . gz
a rc h ive to the / t mp/configcompa r e / d i rectory o n serverX.
!
I
!
-
17.
•
-
U s e s s h to execute t h e host name com m a n d o n d e s ktopX a s user st u d e n t . S e n d t h e
o u t p u t o f t h e h o s t name c o m m a n d to t h e / t m p / s c pfile . t x t f i l e on d e s ktopX.
U s e s c p to copy t h e / t mp/sc pfile . t x t f i l e from d e s ktopX to
/home / s t u d e n t / sc pfile . tx t .
17.1 . Use s s h to e x e c u t e t h e h o s t name c o m m a n d o n d e s ktopX a s u s e r st u d e nt. S e n d t h e
o u t p u t o f t h e h o s t name c o m m a n d to t h e / t mp / s c pfile . t x t f i l e o n d e s ktopX.
-
i
I
-
i
[ root@serverx
- ] # s s h s t udent@desktopX ' ho s t name >/tmp/scpfile . txt '
17.2. Use scp to copy t h e / t mp/scpfile . t x t f i l e from deskto p X to
/ home/ s t u d e n t / s c pfile . txt o n the serverX m a c h i ne.
-
I
i
-
-
t a r xzf /root /config - bac k u p - serve r . t a r . gz
Perform t h e fo l l ow i n g tasks on t h e serverX m a c h i n e :
•
-
[ root@serverX configcompare]#
[ root@serverX
- ] # scp root@desktopX : /tmp/sc pfile . t xt /home/student/
18. C reate t h e file / e t c /yum . repos . d/local u pdat es . repo to e n a b l e t h e " U pdates"
re pository fo u n d o n t h e content m a c h i ne. I t s h o u l d a ccess content fo u n d a t the fo l l ow i n g
U R L: http://conte nt.exa m p l e.com/rhel7.0/x 86_64/e r rata. Do not c h e c k GPG s i g n a t u res.
C reate the f i l e / e t c /yum . repos . d/localupdat es . repo with the fo l l ow i n g content:
-
[u � dates]
Hat Updates
I-. name=Red
baseurl=http : //content . example . com/rhel7 . 0/x86_64/errata
enabled=l
gpgcheck=0
-
-
1 9.
-
Confi g u re s e rverX to a d h e re to specific softwa re req u i re m ents:
•
The kernel package s h o u l d b e updated to t h e l atest vers i o n .
•
The xsane - gimp package s h o u l d b e i n sta l l ed .
•
The r h t - sys t em package s h o u l d be i n sta l l ed.
•
Fo r secu rity rea sons, s e rverX should not h a ve t h e wvd ial package i n sta l l e d .
-
-
F I X M E: n e e d to w a i t f o r f i n a l bits i n c l u d i n g rea l a va i l a b l e e rrata packa g es.
-
1 9.1 . U pdate t h e kernel package.
yum update kernel
-
19.2. l nsta l l t h e xsane - gimp p a c kage.
-
-
-
R H1 24- R H E L 7-en-1-20140606
423
-
-
C h a pter 1 6. C o m p r e h e n s ive Review
-
yum i n s t all xsane - gimp
1 9.3. I n sta l l the r h t - sys t em package.
-
yum i n s t all r h t - sys t e m
1 9.4. Fo r secu rity rea s o n s , s e r v e r X s h o u l d n ot h a ve t h e wvd ial p a c k a g e i n sta l l e d .
y u m r emove wvd ial
-
20. G e n e rate a d i s k u s a g e report with t h e du com m a n d of t h e / u s r/share/fon t s d i rectory o n
serverX a n d s a v e t h e res u l t i n t h e /home/ s t u d e n t / d u r e po r t . t x t f i l e.
[ root@serverx
-
-
- ] # du / u s r / s hare/fo n t s >/home/student/durepo r t . txt
-
21.
I dentify a n d m o u n t a n ew l y a d d e d file syste m by U U I D o n t h e /mn t / d a t adump d i rectory o n
se rve rX.
-
21.1 . I d e ntify t h e n ew l y added file system with the blkid co m m a n d o n serverX.
[ root@serverx - ] # blkid
/dev/vdal : UUID="46f543fd-78c9-4526- a857- 244811be2d88" TYPE="xfs"
/dev/vdbl : UUID="a84f6842 -ecld-4f6d- b767- b9570f9fcdc0" TYPE="xfs"
-
-
21.2 . C reate t h e m o u n t po i n t /mnt/datad u m p o n serverX.
[ root@serverX
-
- ] # m k d i r /mnt/datadump
21.3. M o u n t the f i l e syste m by U U I D on the /mn t / d a t ad u m p d i rectory of the s e rverX
m a c h i n e.
[ root@serverX
- ] # moun t UUID= " a84f6842 - ec ld - 4f6d - b767 - b9570f9fcdc0 " /mnt /
-
-
datadump
22. C reate the soft l i n k / root /mydat aspace, w h i c h p o i n t s to the /mn t /datadump d i rectory
o n serverX.
, [ root@serverx
-
- ] # ln -s /mn t/datadump / root /mydatas pace
23. Record the com m a n d to f i n d a l l soft l i n ks o n s e rverX t h a t have data as part of t h e i r n a m e i n
t h e /home/ s t u d e n t /find . t x t f i l e.
[root@serverx
-
- ] # echo " find I - type 1 - name ' * d a t a * ' " >/home/ student/find . tx t
-
-
-
-
-
424
RH124- R H E L7-en-1-20140606
-
-
-
-
Sol ution
-
S u m m a ry
-
Red H a t Syste m A d m i n istra t i o n I Com p re h e n s ive Review
Review c h a pte rs to va l i d ate knowledge leve l .
•
Review p ractice exerci s es to va l idate s k i l l l eve l .
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
R H 1 24- R H E L7-e n-1-20140606
425
Download
advertisement