1
Week Ten Announcements
Introduction:
Attendance
Link of the Week
Protocol Directory
Site contains information on all known networking protocols from ATM to IPX and
TCP/IP. Well laid-out with HTML and PDF versions of protocol information.
http://www.protocols.com/pbook
Protocol Dictionary
Information on all network protocols, including a precise overview of the protocol, a
detailed protocol format, related protocols and reference links.
http://www.javvin.com/protocolsuite.html
Yahoo!'s Internet Protocols Page
Yahoo!'s directory of Internet protocols.
http://dir.yahoo.com/Computers_and_Internet/Communications_and_
Networking/Protocols/
2
Week Ten Announcements
Sponsored
Define: Protocol
An agreed-upon format for
transmitting data between two
devices. The protocol
determines the following:
 the type of error
checking to be
used
 data compression
method, if any
 how the sending
device will indicate that it has finished sending a message
 How the receiving device will indicate that it has received a
message
There are a variety of standard protocols from which programmers can
choose. Each has particular advantages and disadvantages; for example,
some are simpler than others, some are more reliable, and some are faster.
From a user's point of view, the only interesting aspect about protocols is
that your computer or device must support the right ones if you want to
communicate with other computers. The protocol can be implemented either
in hardware or in software.
Use of VMware software
Review the bottom tray icons.
3
Week Ten Announcements
Review week nine lab assignment
What are autonomous processes?
Review the system initialization process and the steps involved in bring up a
system.
2.
3.
4.
5.
6.
7.
8.
1. CPU is pre-set to the RESET mode
CPU pre-programmed to seek 0xfffffff0 address location
BIOS eventually reads MBR
First part of MBR contains the boot partition table and executable
code
Second part of the MBR is used to locate the boot loader. It resides on
the “active” partition known as the Boot Sector.
Device drivers are loaded (initrd-2.4.20-8.img)
Kernel is invoked
Kernel performs the following tasks
Memory size determination
Hardware configuration
Kernel data structure initialization
Mount root partition
Hand crafted init process
Creation of the init process
Review the Linux run levels and the use of the shutdown command.
• System run levels
Levels 0 through 6
0 - Halt system
1 - System maintenance
S and s - Single user mode
2 – Multi-user mode
3 - Remote file sharing state
6 - Shutdown
4
Week Ten Announcements
Process states
Main article: Process states
The various process states, displayed in a state diagram, with arrows indicating possible
transitions between states.
Processes go through various process states which determine how the process is handled
by the operating system kernel. The specific implementations of these states vary in
different operating systems, and the names of these states are not standardised, but the
general high-level functionality is the same.[2]
When a process is created, it needs to wait for the process scheduler (of the operating
system) to set its status to "waiting" and load it into main memory from secondary
storage device (such as a hard disk or a CD-ROM). Once the process has been assigned
to a processor by a short-term scheduler, a context switch is performed (loading the
process into the processor) and the process state is set to "running" - where the processor
executes its instructions. If a process needs to wait for a resource (such as waiting for
user input, or waiting for a file to become available), it is moved into the "blocked" state
until it no longer needs to wait - then it is moved back into the "waiting" state. Once the
process finishes execution, or is terminated by the operating system, it is moved to the
"terminated" state where it waits to be removed from main memory.[2][3]
Threads
Main article: Thread (computer science)
In modern operating systems, each process can have several threads of execution (or
threads for short). Multiple threads share the same program code, operating system
5
Week Ten Announcements
resources (such as memory and file access) and operating system permissions (for file
access as the process they belong to). A process that has only one thread is referred to as
a single-threaded process, while a process with multiple threads is referred to as a multithreaded process. Multi-threaded processes have the advantage that they can perform
several tasks concurrently without the extra overhead needed to create a new process and
handle synchronised communication between these processes. For example a word
processor could perform a spell check as the user types, without freezing the application one thread could handle user input, while another runs the spell checking utility. [2]
Week ten expected outcomes
Next Lab Assignment
Key factors regarding /etc/passwd file:
It is considered the user database for the system
The information is useful for applications that run on the system.
Password file format:
User name
Password
UID – User ID; ,System UIDs are < 100, and user IDs are => 100;
root UID = 0
GID – Group ID; System UIDs are < 100, and user IDs are = > 100;
Userinfo – User information such as user name
Home directory
Login Application – initial application after shell (usually a shell)
What does the “x” indicate in the password file?
Indicates use of the shadow file.
What does /etc/shells file contain?
Contains a list of shells on the system.
Shadow File:
Shadow file stores encrypted passwords.
This file is only readable by root.
Used by default RedHat Linux.
Shadow File Format:
User name
Password
Change date – date password was last changed
Minlife – minimum number of days between password changes
Maxlife – maximum number of days between password changes.
6
Week Ten Announcements
Warn – number of days to warn the user in advance of password expiration
Disable – number of days inactivity before account is disabled
Expire date – date that account will expire.
Unused
Excrypted Passwords:
DES requires 13 characters in encrypted form
MD5 requires 34 characters in encrypted form
Most Linux systems utilize MD5
MD5 always begins with $1$
Group File:
Defines which users are in which groups
User can be in more than one group.
The group associated with a user in the /etc/passwd file is the users primary
group.
Group File Format:
Group name
Password
GID
Userlist
What is common about most of the above mentioned files?
Each field is separated with “:” (colon).
Does Linux supports the use of the shadow file?
Yes
What three files need to be updated when adding a new user?
passwd, group, shadow files.
Password file location on Einstein.
Password file is located under /etc directory.
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
7
Week Ten Announcements
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpm:x:37:37::/var/lib/rpm:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
kellya:x:501:502::/home/kellya:/bin/bash
kumarp:x:503:503:Pradeep Kumar:/home/kumarp:/bin/bash
morgensd:x:504:504:Dan Morgenstern:/home/morgensd:/bin/bash
caldwelr:x:505:505:Richard Caldwell:/home/caldwelr:/bin/bash
apache:x:48:48:Apache:/var/www:/sbin/nologin
oracle:x:600:600::/home/oracle:/bin/bash
cs:x:400:420::/home/cs:/bin/bash
In Linux, the file /etc/login.defs contains the systems login controls.
System location of mailboxes
Number of login retries
Delay between failed login attempts
Default values for system admin commands
What is LDAP?
LDAP is short for Lightweight Directory Access Protocol, a set of protocols designed to
access information directories. LDAP was derived from standards developed within
X500 standard and were intended to be simple to understand. LDAP supports TCP/IP for
Internet access.
Currently, LDAP is not broadly implemented, but it’s goal is for almost any application
executing on any platform to obtain directory information. LDAP is an open source
product .
Some of the suites include the following:


slapd - stand-alone LDAP daemon (server)
slurpd - stand-alone LDAP update replication daemon
8
Week Ten Announcements

libraries - implementing the LDAP protocol, and utilities, tools, and sample
clients.
Kernel
As the name implies, the kernel is the core of the operating system. A kernel consists of a
small collection of software that makes it feasible for the operating system to provide
other services. The kernel facilitates four basic types of services:




creation and management of processes
a filesystem
communications
a means to start the system
Kernel functions are of two broad types: autonomous and responsive. Kernel functions,
such as allocation of memory and CPU, are performed without being explicitly requested
by user processes. Other functions of the kernel, such as resource allocation and process
creation and management, are initiated by requests from processes.
These requests from processes come in the form of system calls. A system call can be
thought of as a low level request to the operating system. Examples of system calls
include:








fork
exec
kill
open
read
write
close
exit
For more essential information on the kernel see The UNIX System Kernel.
Processes
A process is the execution of a program. Some operating systems call the basic unit of
execution a "job," some call it a "task." In Unix it's called a process. In the Unix kernel,
anything that's done, other than autonomous operations, is done by a process issuing
system calls.
9
Week Ten Announcements
Processes often spawn other processes (using the fork system call) that run in parallel
with them, accomplish subtasks and, when they're finished, terminate themselves.
1.What is the process that another process starts called?



A subprocess.
A secondary process.
A child.
All processes have "owners." Typically the human owner of a process is the owner of the
account whose login process spawned the process in question. When a process creates or
spawns another process the original process is known as the parent while the process it
creates is called a child process. The child process inherits the file access and execution
privileges belonging to the parent.
Signals
One way that processes communicate with each other and with the kernel is through
signals. Signals are used to inform processes of unexpected external events such as a time
out or forced termination of a process. A signal consists of prescribed message with a
default action embedded in it. Each signal has a unique number associated with it. An
example is SEGV, segmentation violation. This signal is sent by the kernel if a user
attempts to access illegal memory. The kernel sends this message to a process. If the
process takes the default action upon receiving the message it will terminate.
For more essential information on processes and signals see Processes and Signals.
Virtual memory, swapping and paging
Physical memory refers to all the writable memory locations in the computer.
"Virtual memory is memory that appears to be allocated to application programs. The
operating system uses a portion of the hard disk as virtual memory, and swaps data
between the hard disk and physical memory. Virtual memory enables multitasking. If
your computer needs to run several programs simultaneously, and the memory that all
these programs require exceeds the amount of physical memory available, the operating
system allocates virtual memory to meet the total memory requirements of each program,
and then manages the available physical memory to meet the actual memory
requirements at each point in time. Therefore, the amount of virtual memory that is
allocated can be much greater than the amount of physical memory that is installed in the
computer."
--Physical memory and virtual memory TechNote.
Utilizing virtual memory involves paging and swapping.
10
Week Ten Announcements
Paging occurs when an active process requires more memory than what is accessible in
physical memory. Portions of the process are moved to disk so the physical memory can
be used for something else.
Swapping is done by the kernel. When memory space is running low the kernel looks for
a process that isn't likely to run in the near future. That process is written entirely to disk,
and the newly-freed memory is reassigned to another process or job.
For more optional information on virtual memory, swapping, and paging see LectureVirtual Memory.
Shell
The human user of a Unix system accesses the services of the kernel through a user
interface called a shell. The shell is a command interpreter that allows the user to initiate
processes to perform a nearly infinite variety of tasks.
2. When a command is entered what executes the corresponding program?



The kernel.
The shell.
A process.
There are several "standard" Unix shells, including the C-shell, Bourne shell, Korn shell,
and others. In addition to these command-line oriented shells, many vendors supply
graphical user interfaces (GUIs) that simplify or automate the functions of the underlying
shell. The X Window System is a GUI.
Different shells have different uses. For example, the C-shell is generally acknowledged
as being superior for interactive Unix work, while the Bourne shell has features that make
it preferable for programming. Shell choice is often a "religious" matter with experienced
Unix users, and is the subject of frequent debate.
In general, shells enable the following activities:




file and directory manipulation (copy, rename, move)
command execution
I/O redirection
job control
Shells and commands. For recommended information on different types of shells see
Description of different types of shells.
Job control
11
Week Ten Announcements
Job control is facilitated by the shell. In Unix a group of processes constitutes a job. Unix
allows users to control jobs from the terminal. The foreground job is the job in control of
the terminal. Whatever is typed in on the keyboard is sent to standard input of that
program. Only one job at a time may be in the foreground. However, multiple jobs may
run in the background. A job running in the background is effectively cut off from the
keyboard. A job may be sent to the background when it is created by placing an
ampersand (&) after the command.
3. How can a job be brought up to the foreground after it has been placed in the
background?



With fg.
By killing the job and restarting it in the foreground.
With the process ID number.
Jobs may be moved from foreground to background and vice versa. It is also possible to
stop jobs and restart them. Once a job is stopped it remains inactive until it is restarted.
In the X Window System, job control is enabled by making each window a pseudo
terminal. Each window acts as a terminal and can run a separate job. Multiple jobs can be
run in the same window by sending them to the background.
For more recommended information on job control see Job Control.
Utilities
Utilities are programs that perform system functions. Utility can also refer to a command
that is used to do work of some sort, such as mv to move files or directories. Unlike the
utilities in many other operating systems, including MS-DOS, most Unix utilities are
separate from the operating system. This means that they are not loaded with the
operating system kernel. They are executed as needed by the user or by processes the user
process spawns.
Unix provides utilities in many categories, including:





filesystem management
local and network communications
editors
filters and text processors
programming languages
Terms used: kernel, process, system call, CPU, child process, parent process, virtual
memory, swap, paging, shell, GUI, I/O, signal, virtual memory, spawn, pseudo
terminal, job control, X Window System.
12
Week Ten Announcements
An orphan process is a computer process whose parent process has finished or
terminated.
A process can become orphaned during remote invocation when the client process
crashes after making a request of the server.
Orphans waste server resources and can potentially leave a server in trouble. However
there are several solutions to the orphan process problem:
1. Extermination is the most commonly used technique; in this case the orphan
process is killed.
2. Reincarnation is a technique in which machines periodically try to locate the
parents of any remote computations; at which point orphaned processes are killed.
3. Expiration is a technique where each process is allotted a certain amount of time
to finish before being killed. If need be a process may "ask" for more time to
finish before the allotted time expires.
A process can also be orphaned running on the same machine as its parent process. In a
Unix-like operating system any orphaned process will be immediately adopted by the
special init system process. This operation is called re-parenting and occurs
automatically. Even though technically the process has the "init" process as its parent, it
is still called an orphan process since the process which originally created it no longer
exists.
On Unix and Unix-like computer operating systems, a zombie process or defunct
process is a process that has completed execution but still has an entry in the process
table, this entry being still needed to allow the process that started the zombie process to
read its exit status. The term zombie process derives from the common definition of
zombie—an undead person. In the term's colorful metaphor, the child process has died
but has not yet been reaped.
When a process ends, all of the memory and resources associated with it are deallocated
so they can be used by other processes. However, the process's entry in the process table
remains. The parent can read the child's exit status by executing the wait system call, at
which stage the zombie is removed. The wait call may be executed in sequential code,
but it is commonly executed in a handler for the SIGCHLD signal, which the parent is
sent whenever a child has died.
After the zombie is removed, its process ID and entry in the process table can then be
reused. However, if a parent fails to call wait, the zombie will be left in the process table.
In some situations this may be desirable, for example if the parent creates another child
process it ensures that it will not be allocated the same process ID. As a special case,
under Linux, if the parent explicitly ignores the SIGCHLD (sets the handler to SIG_IGN,
rather than simply ignoring the signal by default), all child exit status information will be
discarded and no zombie processes will be left.
13
Week Ten Announcements
A zombie process is not the same as an orphan process. An orphan process is a process
that is still executing, but whose parent has died. They don't become zombie processes;
instead, they are adopted by init (process ID 1), which waits on its children.
Zombies can be identified in the output from the Unix ps command by the presence of a
"Z" in the STAT column. Zombies that exist for more than a short period of time
typically indicate a bug in the parent program. As with other leaks, the presence of a few
zombies isn't worrisome in itself, but may indicate a problem that would grow serious
under heavier loads. Since there is no memory allocated to zombie processes except for
the process table entry itself, the primary concern with many zombies is not running out
of memory, but rather running out of process ID numbers.
To remove zombies from a system, the SIGCHLD signal can be sent to the parent
manually, using the kill command. If the parent process still refuses to reap the zombie,
the next step would be to remove the parent process. When a process loses its parent, init
becomes its new parent. Init periodically executes the wait system call to reap any
zombies with init as parent.