AppendixD
advertisement
Appendix D
The /etc/passwd File
· The password file, /etc/passwd, contains one line for each user with an account on the
local system; e.g.,
alex:H48refbv6Yp0k:1003:101:,,,:/home/alex:/usr/bin/ksh
· Fields are separated with colons
- User name
- Encrypted password (blank if none, or x if enhanced security)
- User ID number (uid)
- Group ID number (gid)
- Name, address text (variable format - may be blank)
- Home directory (can be anywhere; /home/user is typical)
- Shell
· /etc/passwd is readable by all to permit access to its contents
Disk Partition Names
· Vendors have different conventions for disk partition names
· For example, the root partition might be named
/dev/hd01
Hard disk 0's partition 1
/dev/sd0a
SCSI disk 0's partition a
/dev/dsk/0s1
Disk 0's partition
/dev/rz0a
DEC RZ disk 0's partition a
/dev/dsk/c0t0d0s0
SCSI controller 0, target 0, logical unit 0, partition 0
- Boot disk is "always" disk 0
- Note that disk's first partition might be partition 0, partition 1, partition a, or something
else!
- Check your vendor's system administration documentation
· On our system most files in /dev are symbolic links to actual device files in /devices
- Allows experienced administrators and older programs to use "traditional" names in
/dev
-- /devices is configured during system installation
-- Can be reconfigured by modifying files in /kernel/drv and then rebooting with
"reconfigure" option
-- Details are far beyond the scope of this course!
-- Course 366, UNIX System and Network Administration, covers these kinds of issues
· For example, on our systems, /dev/dsk/c0t0d0s0 is a symbolic link to
/devices/isa/aha@33,0/cmdk@0,0:a
- Bus type, controller type and address, disk number, partition letter
Block and Character Devices
· Symbolic links (on our systems)
$ ls -l /dev/console /dev/dsk/c0t0d0s0 /dev/null
... /dev/console -> ../devices/pseudo/cn@0:console
... /dev/dsk/c0t0d0s0 -> ../../devices/isa/aha@330,0/cmdk@0,0:a
... /dev/null -> ../devices/pseudo/mm@0:null
$
· Actual device attributes (on our systems):
$ cd /devices/isa/aha@33,0; ls -l cmdk@0,0:a
brw-r----- 1 root sys 102, 0 Dec 5 13:36 cmdk@0,0:a
$ cd /devices/pseudo; ls -l cn@0:console mm@0:null
crw--w---- 1 jko root 0, 0 Dec 5 12:41 cn@0:console
crw-rw-rw- 1 root sys 13, 2 Dec 5 12:01 mm@0:null
$
Block Special Files
· To improve file I/O efficiency, UNIX uses a buffer cache of recently read/written data
blocks (cache size depends on available main memory)
· A block special file (type b) provides access to device trough the buffer cache
· For example,
$ strings /dev/dsk/c0t0d0s0 | more
displays all the ASCII strings in the root partition, reading through the buffer cache
· Ordinary users should not have read/write access to disk partitions
Character Special Files
· A character special file (type c) provides access to a device bypassing the buffer cache
· The system console and other terminals are always character devices
$ who > /dev/console
$
writes the output of who onto the system's console, unless write access is denied by the
user logged in on /dev/console (use mesg n to deny access)
Other File Types
· Other file types provide rendezvous points in the filesystem through which unrelated
processes can communicate
m
- XENIX shared memory
p
- Named pipe
s
- BSD socket or XENIX semaphore
· These are of little interest to general users
- Used by software developers to create client/server applications
Chapter Objectives
In this chapter, you will learn about:
• UNIX and other operating systems/platforms
• UNIX market position
• UNIX features
• The history of UNIX
• Why there are so many versions of UNIX
• Standards organizations
UNIX and other operating systems/platforms
IBM
HP
Mainframe
HP-UX
AS/400
RS/6000
AIX/6000
SUN Compaq (DEC)
Solaris
VAX/Alpha
WNT
Open VMS
DEC Unix
SGI Novell
IRIX
UnixWare
PC-based (INTEL) systems:
Windows NT (Windows 95/98), Windows 2000, OS/2
Linux !!!
SCO UNIX
Intel platform implementations of
Solaris
DEC Unix
UNIX Market Position
Features unique to UNIX in the 1970s are not found in many systems
• Many systems, in many ways, may be "better" than UNIX
• Windows NT? OS/2? VMS?, etc.
No comparable system is available on so wide a range of platforms from so many
vendors, or boasts of so large a pool of trained users, programmers, and administrators
for CORPORATE systems (Home PCs are dominated by MS)
Customer demand for standards will ensure UNIX a prominent role for the foreseeable
future
•Virtually "owns" the engineering workstation and Internet server/gateway
• markets
• Widely used to support databases, transaction monitors, desktop,
• publishing, and custom-built decision-support software
• Strong in academic (universities) area, science, military
The History of UNIX
· UNIX Version 1, 1969
- Ken Thompson and Dennis Richie, Bell Labs
- Written in assembly language for DEC PDP-7
· Unix Version 3, 1973
- Rewritten in Dennis Richie's C language DEC PDP-11
- Timesharing, multi-user system borrowing from MULTICS
- Exemplified UNIX philosophy: power, simplicity, flexibility,
and portability
· All UNIX versions since, have been written mostly in C, with
portability a central feature
UNIX Goes to School
· During 1970s, AT&T was a regulated telecommunications monopoly
- Not allowed to market UNIX
- Could use UNIX within Bell system
- Could give UNIX away to academic users!
· Strong academic interest in UNIX
- Many versions on many systems at AT&T and universities
- U.C. Berkeley's BSD (Berkeley Software Distribution) was most influential:
the first to have virtual memory and networking support
· Many free UNIX "work-alike" originated in university operating system
courses:
Linux
MINIX
BSD/386
Xinux
etc.
Commercial UNIX: System V
· During the 1980s, with the breakup and deregulation of AT&T, marketing
restrictions on UNIX were eliminated:
- System III (1982) was the first supported commercial release
- System V followed, with a series of releases that added new features and
enhancements
- UNIX System Laboratories (USL), a subsidiary of AT&T partially owned
by other companies, was formed to develop and promote System V
· Traditional strength has been with commercial applications:
- Shared memory supports efficient database transactions
- Improved system administration utilities and user applications
- SCO UNIX, IBM's AIX, Hewlett-Packard's HP-UX, and Silicon
Graphics' IRIX are based on SVR2 or SVR3
Berkeley UNIX
· Berkeley UNIX (formally BSD, Berkeley Software Distribution):
- Favored by researchers and engineers
- The first to have virtual memory support, networking, and
window systems
- Sun's SunOS 4.x and DEC's ULTRIX are based on BSD
· 4.4 BSD was released in the late summer of 1992, and is U.C
Berkeley's final release:
- Berkeley Software Design, Inc. (BSDI) is a commercial
provider of "pure" BSD
Unified UNIX: SVR4
· System V Release 4 (SVR4) combines the business-oriented
features of System V with the engineering-oriented features of
BSD:
- Intended to unify UNIX market
- Sun's Solaris 2.x (SunOS 5.x) and Novell's UnixWare are
versions of SVR4
Disunified UNIX
· Most vendors were displeased with AT&T/USL's SVR3 and SVR4 licensing
requirements
- Chose to enhance SVR2, SVR3, or BSD software they had licensed earlier
- Added own implementations of missing pieces from "the other side"
- Added own administrative tools, network support, GUIs
- Added own real-time support, enhanced filesystems, security, etc.
· By early 1990s, most UNIXes were approximate supersets of SVR4 features
· Novel bought USL from AT&T in the sprig of 1993
- Reorganized assets and people into UNIX Systems Group (USG)
- "Gave" the UNIX trademark to X/Open in October 1993
- Sold USG to SCO in September 1995
POSIX
· POSIX (Portable Operating System Interface definition)
- First formal attempt by customers to standardize UNIX
- Defined by IEEE Standards Committee P1003
- Provides a baseline of compatibility for UNIX variants
- Large customers (e.g., government agencies, the European Union, General Motors)
often require POSIX compliance
· POSIX subcommittees work on different areas, such as
- Operating system interface
- Shell and utilities
- System administration
- Networking issues
· POSIX subcommittees are formed or reorganized regularly
IEEE = Institute of Electrical and Electronics Engineers
SVID and OSF
· System V Interface Definition (SVID) - (AT&T, Sun)
- Series of documents from UNIX System Laboratories
- Defines the interface to and behavior of System V releases
· OSF (Open Software Foundation) - (IBM, DEC, HP)
- Corporation established through member donations
- Charted to define and implement OSF/1, a UNIX-like operating system independent of
AT&T/USL
-- DEC sells an enhanced version of OSF/1 called Digital UNIX
· Other OSF technologies include
- Motif, the most widely used GUI on UNIX systems
- Distributed Computing Environment (DCE)
X/Open and COSE
· X/Open is an international consortium of UNIX vendors
- Publishes Portability Guides to which members companies adhere
- Became owner of the UNIX trademark in October 1993
· COSE (Common Open Software Environment; "cozy") group
- Established in the spring of 1993 by HP, IBM, SCO, SunSoft, and Novell (USL and
Univel)
-- Continues to attract support from other vendors
- Developed a Common Desktop Environment (CDE) GUI, based on Motif with features
from OPEN LOOK and other sources
- Worked with X/Open on the "Spec1170" list of UNIX interfaces, now called the Single
UNIX Specifications
- Continues to work toward a common set of system administration tools and procedures,
etc.
Configuring UNIX Applications
· Most higher level UNIX applications (shells, editors, terminal emulators,
documentation browsers, etc.) can be configured using some or all of:
- Command-line options
- Internal configuration settings
- Configuration files
- Environment variables
- X resources
· We've seen examples of man of these
- man vs. man -k
- The Korn shell's set -o, $HOME/.profile, PATH, etc.
· In this chapter, we offer more examples and introduce X resources
- A command's man page gives specific configuration information
X Geometry Options
· Most X applications honor a geometry option, of the form
-geometry <width>x<hight>[+-]x_off[+-]y_off
- width and height are usually in pixels, sometimes in characters and lines
- x_off and y_off are offsets, in pixels, from the edges of the screen
· For example:
$ dtterm -geometry 80x40-0-0 &
- Creates an 80-character wide, 40-line tall dtterm window in the lower right corner of the
screen
$ xclock -geometry 150x150+20-20 &
- Crates a 150 by 150 pixel xclock, slightly indented from the lower left corner of the
screen
· An X display consists of a keyboard, a mouse and one or more screens
- Atypical workstation or PC has a single display with a single screen
- A larger system might have multiple displays (X terminals)
- A specialized workstation display might have more than one screen
· You can specify the hostname, display, and screen on which you want a window to
appear using the -display option
x_app -display hostname:display.screen
- If hostname is not given, the local host is assumed
- If .screen is not given, .0 is assumed
· For example, to put an xclock on host ltree20's display
$ xclock -display ltree20:0 &
· -display is often used following rlogin to direct the window of a remotely executed
program back to your own display
- For example, to execute a weather simulation program written for a supercomputer,
with the user interface window on your screen:
$ rlogin super
... system-dependent messages ...
$ weather_sym -display local_host:0 &
... window appears on local_host ...
· -display can also be used in combination with rsh
- You may have to type the full path of the program, since the default PATH for rsh may
only include /bin and/or /usr/bin
$ rsh ltree20 /path/xclock -display `hostname`:0 &
X Color options
· Foreground (text and graphics) and background colors can be set using -fg color_name
and -bg color_name
For example, a terminal emulator with red letters on yellow background
$ xterm -fg red -bg yellow &
· Names of available colors can be found in a file called rgb.txt or can be looked up in
documentation, or displayed by a command
- Details vary
- On our systems, use
$ showrgb | more
Other X Options
· Some other standard X options include
-font font_name
Use font font-name rather than default (use
xlsfonts to list available fonts)
-iconic
Start application in iconic form
-title string
Title to appear in title bar
-rv
Reverse video
· Specific applications have their own options, as well
- The SYNOPSIS and DESCRIPTION sections of the man page will give the details
- For example, for a digital clock using the 10x20 (large) font with blue numerals on pink
background
$ xclock -digital -font 10x20 -fg blue -bg pink &
X DISPLAY Variable
· X applications use a variety of application-specific environment variables
- Refer to the DESCRIPTION and ENVIRONMENT sections of the man pages
· The DISPLAY environment variable is used by all X applications
- Identifies the host, display, and screen on which application windows should appear
- Makes it unnecessary to specify the -display option
$ env | grep DISPLAY
DISPLAY=:0.0
$
- Screen 0 of dispaly 0 of current host
-- I.e., wherever you are currently logged in
· When you login remotely to another host with rlogin, DISPLAY is not exported to the
remote host's shell
- You can use -display option with each X application
- Or, define DISPLAY using your local hostname after logging in to the remote host
$ DISPLAY=local_host:DN.SN; export DISPLAY
-- local_host is your local hostname
-- DN is your display number
-- SN is your chosen screen number
UNIX Environment Settings And Sample Scripts
1. Default system-wide user profile from /etc/profile
2. User’s default .profile if any
3. Application specific profile if any
4. Full Oracle export
5. Log directory cleanup
#1 is executed at the Login time
#2 (if any) is executed at the Login time
#3 (if any) is called from #2
Examples of the #1 (fragment), #2 and #3:
# Default (example of) system-wide profile file (/usr/bin/sh
initialization).
# Set the default paths - Do NOT modify these.
PATH=/usr/bin:/usr/ccs/bin:/usr/contrib/bin
MANPATH=/usr/share/man:/usr/contrib/man:/usr/local/man
# Make sure PATH contains either /usr/bin or /sbin (if /usr/bin
is not available).
if [ ! -d /usr/sbin ]
then
PATH=$PATH:/sbin
else
if [ -r /etc/PATH ]
then
grep -q -e "^/usr/bin$" -e "^/usr/bin:" -e
":/usr/bin:"\
-e ":/usr/bin$" /etc/PATH
if [ $? -eq 0 ]
then
PATH=`cat /etc/PATH`
else
PATH=$PATH:`cat /etc/PATH`
fi
fi
fi
………………………………………………………………………….
It is only a fragment. Usually this file contains hundreds of
lines
# example of user’s local .profile file
# Set some terminal features
stty erase ^H
TERM=vt100
export TERM
# Set up the search paths:
PATH=$PATH:/etc:/usr/local/bin:.
export PATH
# Set up the shell variables:
EDITOR=vi
export EDITOR
# Set vi-style command line editing
set -o vi
# Setup Oracle environment variables
. $HOME/set_oraenv
PS1="ORA:$(whoami)>>>”
# example of ORACLE environment settings file
#!/bin/ksh
export ORAENV_ASK=NO
export ORACLE_SID=NY_ORA_SERVER
export ORACLE_BASE=/usr/local/oracle
export ORACLE_HOME=$ORACLE_BASE/product/8.1.5
export SHLIB_PATH=$ORACLE_HOME/lib
export CLASSPATH=$ORACLE_HOME/jlib:$ORACLE_HOME/product/jlib
export PATH=$PATH:$ORACLE_HOME/bin:.
#exp_full.sh - to export the full database
#--------------------------------------------------------------------------# Set the Oracle environment:
. $HOME/set_oraenv
#--------------------------------------------------------------------------ORA_INST=nyora_inst
EXPDIR=$HOME/exports/FULL_EXP
EXPPASS=$(cat $HOME/passwords/sys/.orasys)
LOGFILE=${HOME}/exports/logs/exp_full_${ORA_INST}_$(date +%m%d%Y:%H%M).log
# Startup compress command in background
(compress < ${EXPDIR}/ORAPIPE > ${EXPDIR}/exp_full_${ORA_INST}.dmp.Z ) &
#--------------------------------------------------------------------------echo " Exporting $ORACLE Instance ..."
echo ""
#--------------------------------------------------------------------------date
exp sys/${EXPPASS} log=${LOGFILE} file=${EXPDIR}/ORAPIPE buffer=4096 grants=y
\
indexes=y rows=y constraints=y compress=y record=n full=y
date
mv ${EXPDIR}/exp_full_${ORA_INST}.dmp.Z
${EXPDIR}/exp_full_${ORA_INST}.dmp.$(date +%m%d%y%H%M%S).Z
HOSTNAME=`uname -n`
grep "Export terminated successfully" $LOGFILE
gstatus=$?
if (( $gstatus != 0 ))
then
print "Full export was not successful" >> ${LOGFILE}
fi
#!/bin/ksh
cleanup_directory()
{
dir_path=$1
file_mask=$2
num_of_days=$3
cd $dir_path
for name in $(find . -name "$file_mask" -mtime +${num_of_days} -print)
do
rm -f $name
done
}
typeset appl=oribipop
typeset app_root=/usr/project/$appl
cleanup_directory "${app_root}/logs"
cleanup_directory "${app_root}/logs"
cleanup_directory "${app_root}/logs"
cleanup_directory "${app_root}/logs"
cleanup_directory "${app_root}/logs"
cleanup_directory "${app_root}/logs"
"*backup*"
"*.old*"
"*.log*"
"shutdown*"
"startup*"
"*.spc"
$ cat replace
#!/bin/ksh
#replace: replace str1 in files with str2, in place
# 12.04.00
IK
50
50
50
50
50
365
case $# in
0|1|2) echo 'Usage: replace str1 str2 files' 1>&2; exit 1
esac
left="$1"; right="$2"; shift; shift
for i
do
overwrite $i sed "s%$left%$right%g" $i
done
$ cat overwrite
#!/bin/ksh
# set -o xtrace
#overwrite: overwrite file with output of command
#note: must use redirection of input from file in command if required
# # 12.04.00
IK
case $# in
0|1) echo 'Usage: overwrite file cmd [args]' 1>&2; exit 2
esac
file=$1; shift
new=/tmp/overwr1.$$; old=/tmp/overwr2.$$
trap 'rm -f $new $old; exit 1' 1 2 15
if "$@" > $new
then
cp $file $old
trap '' 1 2 15
cp $new $file
else
echo "overwrite: $1 failed, $file unchanged" 1>&2
rm -f $new $old
exit 1
fi
rm -f $new $old
$ $ cat rgrep
# rgrep - recursive "grep"
if [ $# -ne 1 ]
then
echo "usage: rgrep pattern"
exit 1
fi
find . -type f -print | xargs grep "$1"
# Use the following command, if no "xargs" is available:
# find . -type f -exec grep "$1" {} \;
$
$ cat doc_hist
#!/bin/ksh
# doc_hist
# quick check of document modification history
# 11/03/00
IK
USAGE="Usage: $0 doc_ref"
if (( $# != 1 ))
then
print $USAGE; exit 1
fi
echo Checking DOCUMENT table
sql "select * from document where ref=$1"
echo Checking AUDIT table starting 1 hr before last doc. modification
sql "select * from audit where modified>=(select modified - 1 units hour from do
cument where ref=$1) and document =$1"
echo checking DIRECTION table
sql "select * from direction where modified>=(select modified - 1 units hour fro
m document where ref=$1) and identifier=$1"
$
1. Create .netrc file in your home directory:
machine ftp.nai.com
login anonymous
password <e-mail address>
macdef init
cd pub/antivirus/datfiles/4.x
bin
prompt
mget dat-*.tar
close
bye
where <e-mail address> is the address of the user who is logging in to the FTP
server.
.netrc should be in mode 600 in order to work.
2. create download script:
/usr/local/uvscan/uvscan_update
#!/bin/ksh
# uvscan_update
# Auto download script to update .dat file for virus scan program
# runs from root account, uses .netrc
# 10/04/00
IK
ops="/export/home/ibesoper"
install_directory=`dirname $0`
# directory portion of the script invocation line (see also basename)
function get_out {
# Delete the directory that you created.
cd /
rm -fr /tmp/dat-updates
exit $1
}
# Create a download directory
mkdir /tmp/dat-updates
cd /tmp/dat-updates
# Get the version of the currently installed dats from the info
# given by the --version switch
current_version=`
$install_directory/uvscan --version |
grep "Virus data file" |
awk '{ print substr($4,2,4) }'`
# Get the new dats.
# The entry in your .netrc file should take care of the downloading.
# test ftp to this site showed tendency to hung, therefore loop for 3 attempts
counter=0
while (( counter <3 ))
do
ftp ftp.nai.com &
sleep 300
#wait 5 minutes, then check
PID=`ps -ef |grep ftp.nai.com|grep -v grep|awk '{print $2}'`
if [ $PID ]
# aghh... ftp failed (shouldn't take this long )
then
kill -9 $PID
(( counter=counter+1 ))
if (( counter == 3 ))
then
echo "`date +%m.%d.%y`: FTP download from ftp.nai.com
failed.
Giving up" |tee $ops/virus.alert >
$ops/logs/uvscan_update.log
broadcast virus
rm $ops/virus.alert
get_out 1
fi
else
# OK, looks like ftp is done
break
fi
done
# Get the version of the new dats from the filename.
new_version=`echo dat-*.tar | awk '{ print substr($1,5,4) }'`
# If they are the same age or older than the current ones,
# don't install them
if [ "$current_version" -ge "$new_version" ]
then
echo "`date +%m.%d.%y`: No new dats available at this time
Currently installed version: $current_version
Version on FTP site: $new_version" > $ops/logs/uvscan_update.log
else
tar -xf dat-*.tar
# Move them to the install directory, making sure the
# filename is lower case.
for file in `tar -tf dat-*.tar`
do
newfile=`echo $file | tr [A-Z] [a-z]`
mv ./$file $install_directory/$newfile
done
# Get the current version again and make sure the new dats
# installed correctly.
current_version=`
$install_directory/uvscan --version |
grep "Virus data file" |
awk '{ print substr($4,2,4) }'`
if [ ! "$current_version" -eq "$new_version" ]
then
echo "`hostname`: Virus dat file updates did not work correctly.
Please try manually." |tee $ops/virus.alert >>
$ops/logs/uvscan_update.log
broadcast virus
rm $ops/virus.alert
fi
fi
get_out 0
