Đặng Thanh Bình
Basic System Administration
Contents
– ls, cd, pwd, mkdir, mv cp, rm, rmdir, locate, find,
grep
– touch, cat – Recursive and interactive modes – PATH variable, which command
• File and Directory management
2
• Linking Files • File and directory permissions • sudoers
FILE AND DIRECTORY MANAGEMENT
3
The Linux Directory Structure
• Directory: Used to organize other files into a
the hard disk
logical tree structure – Stored in a filesystem of a specific partition in
– Referred to using the / character • Forms root of a hierarchical tree
4
• Root: The top level directory
The Linux Directory Structure
5
• The Windows file system structure
The Linux Directory Structure • The Linux file system structure
6
File Types
– Normal files (program, text, library, …) – Directory – Special files (device, socket, pipe, …) – Symbolic links (symlinks)
7
• 4 basic file types
File Name Regulations
• Maximum 255 characters • May contain any characters (including
special characters)
8
• Hidden file/directory starts with a period (.)
Pathname
• Absolute pathname: starts with “/”
• Relative pathname: DOES not start with a
“/”
9
• Special pathnames: • .. – parent directory • . – current directory
Changing Directories
• Home directory: unique to each user
– ~ metacharacter used to refer to home directory
• pwd
(print working directory) command: displays current directory in the directory tree • cd (change directory) command: change the
current directory in the directory tree – Argument specifies the destination directory – cd: go to user’s home directory – cd PATHNAME
10
Listing Files
• ls command: List the files in a directory • May pass an argument indicating the
• Owner • Group owner • File size • Most recent modification
Long listing for each file eight includes components • File type character • List of permissions (mode
of the file)
11
time • Filename
• Hard link count
directory to be listed – –F option: Argument to indicate file types – –l option: Argument to list long file listings
Listing Files
12
Listing Files
13
Creating Files
– touch FILENAME – touch FILE1 FILE2
• touch command: creat an empty file
• cat command: display and/or edit file
14
content – -n option: displays line number and contents – cat FILENAME – cat > FILENAME (use Ctrl-D to finish)
Viewing Text Files
• tac command: displays contents of a text file
in reverse order
15
• head command: view first ten lines of a file • tail command: view last ten lines of a file • For head and tail commands – Line count includes blank lines – Can provide numeric option to specify the number of lines to be displayed (e.g., head -2 filename)
Viewing Text Files
• more command: displays text files page-by-
page – Pressing Spacebar displays the next page – Pressing Enter displays the next line
• less command: same as more command,
16
but can also use cursor to scroll • Interaction with more and less: – pressing h key gets Help screen – pressing q key quits more and less commands
Viewing Text Files
• more and less can be used with output of
other commands
17
• If output is too large to fit on terminal screen, use “|” metacharacter and more or less command – e.g., ls -l | more
Displaying the Contents of Binary Files
• strings command: searches for and displays
text characters in a binary file – Might indicate purpose of binary file
in
• od command: displays contents of file in
18
octal format (numeric base 8 format) – -x option displays contents of the file hexadecimal format (numeric base 16 format)
Managing Files and Directories
– Arguments specify directory’s absolute or
relative pathname
• mkdir command: creates new directories
– Minimum of two arguments:
• Source file/directory (may specify multiple sources) • Target file/directory
– Pathnames can be absolute or relative – For multiple files, can use wildcards in pathname – Also used to rename files or directories
19
• mv command: moves files
Managing Files and Directories
– Same arguments as the mv command – Also used to make copies of files
20
• cp command: copies files
Managing Files and Directories
• Recursive: referring to
itself and
its own
contents – Recursive copy command copies the directory and all
subdirectories and contents
– Recursive search includes all subdirectories in a
directory and their contents
– Use –r option
• Interactive mode: Prompts user before
overwriting files – –i option – –f option (force): Overrides interactive mode
21
Managing Files and Directories
22
• rm command: Removes files – Arguments are a list of files – Can use wildcards – Interactive mode by default – Use -f option to override
Managing Files and Directories
– Arguments are a list of files – Can use wildcards – Interactive mode by default – Use -f option to override – Cannot be used to remove directory full of files
• rmdir command: removes directories
• To delete directory and all
its contents files), use rm –r
23
(subdirectories and command
Finding Files
system • To update the database use updatedb command
– Information returned may not fit on screen
• Use with more or less commands
24
• locate command: Search for files on system – Receives full or partial filename as argument – Uses premade indexed database of all files on
Finding Files
• find command: recursively search for files
starting from a specified directory
– Slower than locate command, but more versatile
– Format: find – If using wildcard metacharacters, ensure that they are interpreted by the find command
• Place wildcards in quotation marks – To reduce search time, specify subdirectory to be searched 25 26 • Common criteria used with find command • Common criteria used with the find 27 command • PATH variable: lists directories on system specifying absolute or relative path where executable files are located
– Allows executable files to be run without • which command: search for an executable were searched 28 file
– Searches the PATH variable
– If the file is not found, lists the directories that • Text tools: commands that search for and manipulate text (regexp): • Regular expressions languages – Including grep, emacs, C++, PERL, and many more 29 text
wildcards that ease the search for specific
text
– Match patterns of text within a text document
– Used by many text tools and programming – Different from wildcard metacharacters • Wildcard metacharacters interpreted by shell; regexps interpreted by text tools • Wildcard metacharacters match characters in filenames; regexps match characters within text files
• Wildcard metacharacters have different definitions that regexps • More regexps than wildcard metacharacters – Regular expressions are divided into common regexps and extended regexps 30 • Regular Expressions 31 • Regular Expressions • grep (global regular expression print)
command: displays lines in a text file that
match common regexps • egrep command: displays lines in a text file that match extended regexps
– Can be written as grep -E • fgrep command: does not interpret any regular expressions
– Returns results much faster than egrep
– Can be written as grep -F 32 • grep requires two arguments – Text to search for • Can use regular expressions – Files in which to search • grep is case sensitive – For case-insensitive search, use –i option • grep matches patterns of text, ignoring division into words • To search only for occurrences of a word, surround it by space characters 33 34 • Inodes store information about files and folders,
such as file ownership, access mode (read, write,
execute permissions), and file type.
– Fixed number of inodes per file system
– Inodes do not contain file names, only file metadata. • Use df -i to see inode usage
• Use ls -i to determine a filenames inode number
• WARNING: You can use up all of a filesystems
inodes without using all of the storage space on
the disk it resides. 35 • Symbolic link: one file is a pointer or shortcut to another 36 • Hard link: two files share the same data • Filesystem has three main structural the filesystem
• e.g., number of inodes and data blocks, size of each data block – The inode table: consists of several inodes, each of which describes a file or directory
• Unique inode number, file size, data block locations, last date modified, permissions, and ownership
– Data blocks: Data making up contents of a file 37 sections:
– Superblock: Contains general information about • Hard linked files share the same inode and inode number
– Must reside on the same filesystem • To remove hard linked files, delete one of 38 the linked files
– Reduces the link count for the file 39 • The structure of hard linked files – Data blocks in the linked file contain only a pathname for the target file
• Linked file and target file have different sizes – Editing symbolic linked file actually edits the target file • If the target file is deleted, symbolic link serves no function 40 41 • The structure of symbolically linked files • ln (link) command: Create hard and symbolic • Existing file to link
• Target file to create as a link to existing file relative or absolute – Use –s option to create symbolic link
– Arguments
can be
pathnames 42 links
– Two arguments: 43 • All users must login with a username and password • Users identified by username and group memberships • Access to resources depends on username and group membership 44 • Must have required permissions • Primary group: user’s default group
• During file creation, file’s owner and group
owner set to user’s username and primary
group
– Same for directory creation • whoami command: view current user name
• groups command: view group memberships and primary group 45 • touch command: create an empty file • chown (change owner) command: change – Can use –R option for contents of directory ownership of a file or directory
– Two arguments:
• New owner
• File to change • chgrp (change group) command: change command 46 group owner of a file or directory
– Same arguments and options as for chown • Mode: inode section that stores permissions
• Three sections, based on the user(s) that receive the permission:
– User permissions: owner
– Group permissions: group owner
– Other permissions: everyone on system • Three regular permissions may be assigned to each user:
– Read
– Write
– Execute 47 48 • User: refers to owner of a file or directory
• Owner: refers to users with ability to change 49 permissions on a file or directory
• Other: refers to all users on system
• Permissions are not additive 50 • chmod (change mode) command: change • Criteria used to change permissions
• Filenames to change mode (permissions) of files or directories
– Two arguments at minimum • Permissions stored in a file’s or a directory’s 51 inode as binary powers of two 52 53 • New files given rw-rw-rw- permissions by default • The default permissions are configurable.
These are defined by the user mask (umask),
which is set by the umask command
• umask : find what the current umask is
• umask –S: display the umask expressed symbolically rather than in octal form • umask u=rwx,g=rx,o=rx is equivalent to 54 55 56 • Performing a umask 022 calculation 57 • Performing a umask 007 calculation • Three more optional special permissions for 58 files and directories
– SUID (Set User ID)
– SGID (Set Group ID)
– Sticky bit – If set on a file, user who executes the file becomes owner of the file during execution
• e.g., ping command – No functionality when set on a directory
– Only applicable to binary compiled programs • Cannot be used on shell scripts – Excample: • chmod u+s file1.txt
• chmod 4750 file1.txt 59 • SUID • SGID – Applicable to files and directories
– If set on a file, user who executes the file becomes member of the file’s group during execution – If a user creates a file in a directory with SGID set,
the file’s group owner is set to be the directory’s
group owner and not the user’s primary group – Example: • chmod g+s file1.txt
• chmod 2750 file1.txt 60 – Previously used to lock files in memory
– Currently only applicable to directories
– Ensures that a user can only delete his/her own
files when given write permissions in a directory – Example • chmod o+t /opt/dump/ or chmod +t /opt/dump/
• chmod 1757 /opt/dump/ 61 • Sticky bit • Special permissions require execute
• Mask execute permission when the displayed by the ls –l command • May be set even if file or directory does not have execute permission
– Indicating letter in the mode will be capitalized • Add special permissions via chmod argument 62 command
– Add an extra digit at front of permissions • Representing special permissions in the 63 mode • Representing special permissions in the 64 absence of the execute permissions • Numeric representation of regular and 65 special permissions 66 67 • Login as root
• Use “su” to become root
• Use “sudo” to execute commands as root • The /etc/sudoers file controls – who can run what commands as what users on what machines – special things such as whether you need a password for particular commands. • The file is composed – aliases (basically variables) and – user specifications (which control who can run what). 68 • 4 kinds of aliases: User_Alias, Runas_Alias, Host_Alias and Cmnd_Alias • Each alias definition is of the form: – Alias_Type NAME = item1, item2, ... where Alias_Type is one of 4 types above.
• Use semicolon as separator – Alias_Type NAME1 = item1, item2 : NAME2 = item3 • There are also built in aliases called ALL which match everything where they are used. 69 # Everybody in the system group "admin" is covered by
the alias ADMINS User_Alias ADMINS = %admin # The users "tom", "dick", and "harry" are covered by
the USERS alias User_Alias USERS = tom, dick, harry # The users "tom" and "mary" are in the WEBMASTERS
alias User_Alias WEBMASTERS = tom, mary # You can also use ! to exclude users from an alias # This matches anybody in the USERS alias who isn't in
WEBMASTERS or ADMINS aliases User_Alias LIMITED_USERS = USERS, !WEBMASTERS, !ADMINS 70 # UID 0 is normally used for root
# Note the hash (#) on the following line
indicates a uid, not a comment.
Runas_Alias ROOT = #0
# This is for all the admin users similar to
the User_Alias of ADMINS set earlier
# with the addition of "root"
Runas_Alias ADMINS = %admin, root 71 # This is all the servers Host_Alias SERVERS = 192.168.0.1, 192.168.0.2, server1 # This is the whole network Host_Alias NETWORK = 192.168.0.0/255.255.255.0 # And this is every machine in the network that is not
a server Host_Alias WORKSTATIONS = NETWORK, !SERVER # This could have been done in one step with #Host_Alias WORKSTATIONS = 192.168.0.0/255.255.255.0, !
SERVERS # but I think this method is clearer. 72 # All the shutdown commands Cmnd_Alias SHUTDOWN_CMDS = /sbin/poweroff,
/sbin/reboot, /sbin/halt # Printing commands Cmnd_Alias PRINTING_CMDS = /usr/sbin/lpc,
/usr/sbin/lprm # Admin commands Cmnd_Alias ADMIN_CMDS = /usr/sbin/passwd,
/usr/sbin/useradd, /usr/sbin/userdel,
/usr/sbin/usermod, /usr/sbin/visudo # Web commands Cmnd_Alias WEB_CMDS = /etc/init.d/apache2 73 • User Specifications are where the sudoers file sets who can run what as who. • Syntax
– PASSWD and NOPASSWD to specify whether the user has to enter a password or not – NOEXEC to prevent any programs launching shells 74 themselves 75 # This lets the webmasters run all the web commands on
the machine "webserver" provided they give a password
WEBMASTERS webserver= WEB_CMDS
# This lets the admins run all the admin commands on
the servers
ADMINS SERVERS= ADMIN_CMDS
# This lets all the USERS run admin commands on the
workstations provided they give the root password or
and admin password (using "sudo u • The program used to edit the sudoers file.
• Traditionally, visudo opens the /etc/sudoers file with the "vi" text editor • Ubuntu, however, has configured visudo to use the "nano" text editor instead. • If you would like to change it, issue the sudo selecteditor 76 following command: Select an editor. To change later, run
'selecteditor'. 1. /bin/ed 2. /bin/nano < easiest 3. /usr/bin/vim.tiny Choose 13 [2]: 77 # /etc/sudoers
# This file MUST be edited with the 'visudo' command as root.
# See the man page for details on how to write a sudoers
file.
Defaults env_reset
# Uncomment to allow members of group sudo to not need a
password
# %sudo ALL=NOPASSWD: ALL
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL
# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL 78 • Shutting Down From The Console Without A = SHUTDOWN_CMDS /sbin/poweroff, NOPASSWD:NOEXEC: (root) = Cmnd_Alias
/sbin/halt, /sbin/reboot
Password Defaults env_reset,pwfeedback 79 Passwordsfind>
• e.g., find /root –name project
Finding Files
Finding Files
Finding Files
Searching for Text Within Files
Searching for Text Within Files
Searching for Text Within Files
Searching for Text Within Files
Searching for Text Within Files
LINKING FILES
What is an INODE?
Linking Files
Linking Files
Linking Files
Linking Files
Linking Files
• Symbolic linked files do not share the same
inode and inode number with their target file
• Symbolic linked file is a pointer to the target file
Linking Files
Linking Files
FILE AND DIRECTORY
PERMISSIONS
File and Directory Permissions
File and Directory Ownership
File and Directory Ownership
File and Directory Permissions
Interpreting the Mode
Interpreting the Mode
Interpreting Permissions
Changing Permissions
Changing Permissions
Changing Permissions
Default Permissions
umask 022
Default Permissions
Default Permissions
Default Permissions
Special Permissions
Special Permissions
Special Permissions
Special Permissions
Setting Special Permissions
Setting Special Permissions
Setting Special Permissions
Setting Special Permissions
SUDOERS
How To Obtain Root Privileges
/etc/sudoers file
Aliases
User Alias
Runas Aliases
Host Aliases
Command Aliases
User Specifications
User Specifications Example
What is visudo?
What is visudo?
$ sudo selecteditor
Default sudoers file
Common Tasks
