1 Week Ten Announcements Introduction: Attendance Link of the Week Protocol Directory Site contains information on all known networking protocols from ATM to IPX and TCP/IP. Well laid-out with HTML and PDF versions of protocol information. http://www.protocols.com/pbook Protocol Dictionary Information on all network protocols, including a precise overview of the protocol, a detailed protocol format, related protocols and reference links. http://www.javvin.com/protocolsuite.html Yahoo!'s Internet Protocols Page Yahoo!'s directory of Internet protocols. http://dir.yahoo.com/Computers_and_Internet/Communications_and_ Networking/Protocols/ 2 Week Ten Announcements Sponsored Define: Protocol An agreed-upon format for transmitting data between two devices. The protocol determines the following: the type of error checking to be used data compression method, if any how the sending device will indicate that it has finished sending a message How the receiving device will indicate that it has received a message There are a variety of standard protocols from which programmers can choose. Each has particular advantages and disadvantages; for example, some are simpler than others, some are more reliable, and some are faster. From a user's point of view, the only interesting aspect about protocols is that your computer or device must support the right ones if you want to communicate with other computers. The protocol can be implemented either in hardware or in software. Use of VMware software Review the bottom tray icons. 3 Week Ten Announcements Review week nine lab assignment What are autonomous processes? Review the system initialization process and the steps involved in bring up a system. 2. 3. 4. 5. 6. 7. 8. 1. CPU is pre-set to the RESET mode CPU pre-programmed to seek 0xfffffff0 address location BIOS eventually reads MBR First part of MBR contains the boot partition table and executable code Second part of the MBR is used to locate the boot loader. It resides on the “active” partition known as the Boot Sector. Device drivers are loaded (initrd-2.4.20-8.img) Kernel is invoked Kernel performs the following tasks Memory size determination Hardware configuration Kernel data structure initialization Mount root partition Hand crafted init process Creation of the init process Review the Linux run levels and the use of the shutdown command. • System run levels Levels 0 through 6 0 - Halt system 1 - System maintenance S and s - Single user mode 2 – Multi-user mode 3 - Remote file sharing state 6 - Shutdown 4 Week Ten Announcements Process states Main article: Process states The various process states, displayed in a state diagram, with arrows indicating possible transitions between states. Processes go through various process states which determine how the process is handled by the operating system kernel. The specific implementations of these states vary in different operating systems, and the names of these states are not standardised, but the general high-level functionality is the same.[2] When a process is created, it needs to wait for the process scheduler (of the operating system) to set its status to "waiting" and load it into main memory from secondary storage device (such as a hard disk or a CD-ROM). Once the process has been assigned to a processor by a short-term scheduler, a context switch is performed (loading the process into the processor) and the process state is set to "running" - where the processor executes its instructions. If a process needs to wait for a resource (such as waiting for user input, or waiting for a file to become available), it is moved into the "blocked" state until it no longer needs to wait - then it is moved back into the "waiting" state. Once the process finishes execution, or is terminated by the operating system, it is moved to the "terminated" state where it waits to be removed from main memory.[2][3] Threads Main article: Thread (computer science) In modern operating systems, each process can have several threads of execution (or threads for short). Multiple threads share the same program code, operating system 5 Week Ten Announcements resources (such as memory and file access) and operating system permissions (for file access as the process they belong to). A process that has only one thread is referred to as a single-threaded process, while a process with multiple threads is referred to as a multithreaded process. Multi-threaded processes have the advantage that they can perform several tasks concurrently without the extra overhead needed to create a new process and handle synchronised communication between these processes. For example a word processor could perform a spell check as the user types, without freezing the application one thread could handle user input, while another runs the spell checking utility. [2] Week ten expected outcomes Next Lab Assignment Key factors regarding /etc/passwd file: It is considered the user database for the system The information is useful for applications that run on the system. Password file format: User name Password UID – User ID; ,System UIDs are < 100, and user IDs are => 100; root UID = 0 GID – Group ID; System UIDs are < 100, and user IDs are = > 100; Userinfo – User information such as user name Home directory Login Application – initial application after shell (usually a shell) What does the “x” indicate in the password file? Indicates use of the shadow file. What does /etc/shells file contain? Contains a list of shells on the system. Shadow File: Shadow file stores encrypted passwords. This file is only readable by root. Used by default RedHat Linux. Shadow File Format: User name Password Change date – date password was last changed Minlife – minimum number of days between password changes Maxlife – maximum number of days between password changes. 6 Week Ten Announcements Warn – number of days to warn the user in advance of password expiration Disable – number of days inactivity before account is disabled Expire date – date that account will expire. Unused Excrypted Passwords: DES requires 13 characters in encrypted form MD5 requires 34 characters in encrypted form Most Linux systems utilize MD5 MD5 always begins with $1$ Group File: Defines which users are in which groups User can be in more than one group. The group associated with a user in the /etc/passwd file is the users primary group. Group File Format: Group name Password GID Userlist What is common about most of the above mentioned files? Each field is separated with “:” (colon). Does Linux supports the use of the shadow file? Yes What three files need to be updated when adding a new user? passwd, group, shadow files. Password file location on Einstein. Password file is located under /etc directory. root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin 7 Week Ten Announcements news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin operator:x:11:0:operator:/root:/sbin/nologin games:x:12:100:games:/usr/games:/sbin/nologin gopher:x:13:30:gopher:/var/gopher:/sbin/nologin ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin nobody:x:99:99:Nobody:/:/sbin/nologin rpm:x:37:37::/var/lib/rpm:/sbin/nologin vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin nscd:x:28:28:NSCD Daemon:/:/sbin/nologin sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin pcap:x:77:77::/var/arpwatch:/sbin/nologin ntp:x:38:38::/etc/ntp:/sbin/nologin kellya:x:501:502::/home/kellya:/bin/bash kumarp:x:503:503:Pradeep Kumar:/home/kumarp:/bin/bash morgensd:x:504:504:Dan Morgenstern:/home/morgensd:/bin/bash caldwelr:x:505:505:Richard Caldwell:/home/caldwelr:/bin/bash apache:x:48:48:Apache:/var/www:/sbin/nologin oracle:x:600:600::/home/oracle:/bin/bash cs:x:400:420::/home/cs:/bin/bash In Linux, the file /etc/login.defs contains the systems login controls. System location of mailboxes Number of login retries Delay between failed login attempts Default values for system admin commands What is LDAP? LDAP is short for Lightweight Directory Access Protocol, a set of protocols designed to access information directories. LDAP was derived from standards developed within X500 standard and were intended to be simple to understand. LDAP supports TCP/IP for Internet access. Currently, LDAP is not broadly implemented, but it’s goal is for almost any application executing on any platform to obtain directory information. LDAP is an open source product . Some of the suites include the following: slapd - stand-alone LDAP daemon (server) slurpd - stand-alone LDAP update replication daemon 8 Week Ten Announcements libraries - implementing the LDAP protocol, and utilities, tools, and sample clients. Kernel As the name implies, the kernel is the core of the operating system. A kernel consists of a small collection of software that makes it feasible for the operating system to provide other services. The kernel facilitates four basic types of services: creation and management of processes a filesystem communications a means to start the system Kernel functions are of two broad types: autonomous and responsive. Kernel functions, such as allocation of memory and CPU, are performed without being explicitly requested by user processes. Other functions of the kernel, such as resource allocation and process creation and management, are initiated by requests from processes. These requests from processes come in the form of system calls. A system call can be thought of as a low level request to the operating system. Examples of system calls include: fork exec kill open read write close exit For more essential information on the kernel see The UNIX System Kernel. Processes A process is the execution of a program. Some operating systems call the basic unit of execution a "job," some call it a "task." In Unix it's called a process. In the Unix kernel, anything that's done, other than autonomous operations, is done by a process issuing system calls. 9 Week Ten Announcements Processes often spawn other processes (using the fork system call) that run in parallel with them, accomplish subtasks and, when they're finished, terminate themselves. 1.What is the process that another process starts called? A subprocess. A secondary process. A child. All processes have "owners." Typically the human owner of a process is the owner of the account whose login process spawned the process in question. When a process creates or spawns another process the original process is known as the parent while the process it creates is called a child process. The child process inherits the file access and execution privileges belonging to the parent. Signals One way that processes communicate with each other and with the kernel is through signals. Signals are used to inform processes of unexpected external events such as a time out or forced termination of a process. A signal consists of prescribed message with a default action embedded in it. Each signal has a unique number associated with it. An example is SEGV, segmentation violation. This signal is sent by the kernel if a user attempts to access illegal memory. The kernel sends this message to a process. If the process takes the default action upon receiving the message it will terminate. For more essential information on processes and signals see Processes and Signals. Virtual memory, swapping and paging Physical memory refers to all the writable memory locations in the computer. "Virtual memory is memory that appears to be allocated to application programs. The operating system uses a portion of the hard disk as virtual memory, and swaps data between the hard disk and physical memory. Virtual memory enables multitasking. If your computer needs to run several programs simultaneously, and the memory that all these programs require exceeds the amount of physical memory available, the operating system allocates virtual memory to meet the total memory requirements of each program, and then manages the available physical memory to meet the actual memory requirements at each point in time. Therefore, the amount of virtual memory that is allocated can be much greater than the amount of physical memory that is installed in the computer." --Physical memory and virtual memory TechNote. Utilizing virtual memory involves paging and swapping. 10 Week Ten Announcements Paging occurs when an active process requires more memory than what is accessible in physical memory. Portions of the process are moved to disk so the physical memory can be used for something else. Swapping is done by the kernel. When memory space is running low the kernel looks for a process that isn't likely to run in the near future. That process is written entirely to disk, and the newly-freed memory is reassigned to another process or job. For more optional information on virtual memory, swapping, and paging see LectureVirtual Memory. Shell The human user of a Unix system accesses the services of the kernel through a user interface called a shell. The shell is a command interpreter that allows the user to initiate processes to perform a nearly infinite variety of tasks. 2. When a command is entered what executes the corresponding program? The kernel. The shell. A process. There are several "standard" Unix shells, including the C-shell, Bourne shell, Korn shell, and others. In addition to these command-line oriented shells, many vendors supply graphical user interfaces (GUIs) that simplify or automate the functions of the underlying shell. The X Window System is a GUI. Different shells have different uses. For example, the C-shell is generally acknowledged as being superior for interactive Unix work, while the Bourne shell has features that make it preferable for programming. Shell choice is often a "religious" matter with experienced Unix users, and is the subject of frequent debate. In general, shells enable the following activities: file and directory manipulation (copy, rename, move) command execution I/O redirection job control Shells and commands. For recommended information on different types of shells see Description of different types of shells. Job control 11 Week Ten Announcements Job control is facilitated by the shell. In Unix a group of processes constitutes a job. Unix allows users to control jobs from the terminal. The foreground job is the job in control of the terminal. Whatever is typed in on the keyboard is sent to standard input of that program. Only one job at a time may be in the foreground. However, multiple jobs may run in the background. A job running in the background is effectively cut off from the keyboard. A job may be sent to the background when it is created by placing an ampersand (&) after the command. 3. How can a job be brought up to the foreground after it has been placed in the background? With fg. By killing the job and restarting it in the foreground. With the process ID number. Jobs may be moved from foreground to background and vice versa. It is also possible to stop jobs and restart them. Once a job is stopped it remains inactive until it is restarted. In the X Window System, job control is enabled by making each window a pseudo terminal. Each window acts as a terminal and can run a separate job. Multiple jobs can be run in the same window by sending them to the background. For more recommended information on job control see Job Control. Utilities Utilities are programs that perform system functions. Utility can also refer to a command that is used to do work of some sort, such as mv to move files or directories. Unlike the utilities in many other operating systems, including MS-DOS, most Unix utilities are separate from the operating system. This means that they are not loaded with the operating system kernel. They are executed as needed by the user or by processes the user process spawns. Unix provides utilities in many categories, including: filesystem management local and network communications editors filters and text processors programming languages Terms used: kernel, process, system call, CPU, child process, parent process, virtual memory, swap, paging, shell, GUI, I/O, signal, virtual memory, spawn, pseudo terminal, job control, X Window System. 12 Week Ten Announcements An orphan process is a computer process whose parent process has finished or terminated. A process can become orphaned during remote invocation when the client process crashes after making a request of the server. Orphans waste server resources and can potentially leave a server in trouble. However there are several solutions to the orphan process problem: 1. Extermination is the most commonly used technique; in this case the orphan process is killed. 2. Reincarnation is a technique in which machines periodically try to locate the parents of any remote computations; at which point orphaned processes are killed. 3. Expiration is a technique where each process is allotted a certain amount of time to finish before being killed. If need be a process may "ask" for more time to finish before the allotted time expires. A process can also be orphaned running on the same machine as its parent process. In a Unix-like operating system any orphaned process will be immediately adopted by the special init system process. This operation is called re-parenting and occurs automatically. Even though technically the process has the "init" process as its parent, it is still called an orphan process since the process which originally created it no longer exists. On Unix and Unix-like computer operating systems, a zombie process or defunct process is a process that has completed execution but still has an entry in the process table, this entry being still needed to allow the process that started the zombie process to read its exit status. The term zombie process derives from the common definition of zombie—an undead person. In the term's colorful metaphor, the child process has died but has not yet been reaped. When a process ends, all of the memory and resources associated with it are deallocated so they can be used by other processes. However, the process's entry in the process table remains. The parent can read the child's exit status by executing the wait system call, at which stage the zombie is removed. The wait call may be executed in sequential code, but it is commonly executed in a handler for the SIGCHLD signal, which the parent is sent whenever a child has died. After the zombie is removed, its process ID and entry in the process table can then be reused. However, if a parent fails to call wait, the zombie will be left in the process table. In some situations this may be desirable, for example if the parent creates another child process it ensures that it will not be allocated the same process ID. As a special case, under Linux, if the parent explicitly ignores the SIGCHLD (sets the handler to SIG_IGN, rather than simply ignoring the signal by default), all child exit status information will be discarded and no zombie processes will be left. 13 Week Ten Announcements A zombie process is not the same as an orphan process. An orphan process is a process that is still executing, but whose parent has died. They don't become zombie processes; instead, they are adopted by init (process ID 1), which waits on its children. Zombies can be identified in the output from the Unix ps command by the presence of a "Z" in the STAT column. Zombies that exist for more than a short period of time typically indicate a bug in the parent program. As with other leaks, the presence of a few zombies isn't worrisome in itself, but may indicate a problem that would grow serious under heavier loads. Since there is no memory allocated to zombie processes except for the process table entry itself, the primary concern with many zombies is not running out of memory, but rather running out of process ID numbers. To remove zombies from a system, the SIGCHLD signal can be sent to the parent manually, using the kill command. If the parent process still refuses to reap the zombie, the next step would be to remove the parent process. When a process loses its parent, init becomes its new parent. Init periodically executes the wait system call to reap any zombies with init as parent.