Skip to content

LinuxFoundation

Jump to bottom
Dej edited this page Apr 26, 2020 · 38 revisions
  1. Linux Filesystem Tree Layout

  • one large logical filesystem which can contain one or many distinct filesystems mounted at various points

  • Filesystem Hierarchy Standard : shareable (can shared between hosts)

shareable unshareable
static /usr /opt /etc /boot
----------- ------------------ --------------------
variable /var/mail /var/run /var/lock
  • Main directories:
    • /bin : contains binary executable files (cat, kill, ps) . Command binaries which are deemed non essential enough are in /usr/bin.
    • /lib: contains libraries needed to execute the binaries in /bin or /sbin . Also kernel module are in /lib/modules/
    • /boot: essential files for booting the system (vmlinuz compressed linux kernel and initrd initial RAM filesystem which is mounted before the real root filesystem becomes available, config to configure kernel compilation)
    • /dev: device nodes aka device files (byte-stream or block I/O devices). Network devices (eth1 , eth2) do not have device nodes
    • /usr: can be thought of as a secondary hierarchy, need not reside in the same partition as the root directory
    • /etc: contains machine-local configuration files/scripts (/etc/systemd contains config scripts for starting, stopping system services using systemd ; also /etc/init.d which contains scripts for System V initialization)
    • /var: logs in /var/log and cron jobs, mail file in /var/spool, lock files in /var/lock or cat /var/log/yum.log
    • /proc: is the mount point for a pseudo-filesystem, where all information resides only in memory, not on disk. The entires in /proc are called virtual files with zero bytes in size.
# List files opened by a process
lsof -p PID 
# equivalent more or less with 
ls -l /proc/PID/fd
  1. Processes
  • Process = executing program and associated resources (open files, signal handlers) and has various states: running, sleeping
  • Every process has a PID , PPID(parent PID), pgid(process group ID)
  • init usually is the first process run on a system, and is the ancestor of all subsequent processes running on the system (except for thos with [] arounf their name , they are initiated by the kernel)
  • orphaned processes (parent process dies before child) are adopted by init (thus the ppgid is set to 1) or (in distributions which use systemd) the ppgid is set to 2 (adopted by kernel thread known as kthreadd)
  • zombie process (defunct) is a process which terminates before his parent and released almost all the resources and remained only to convey (communicate) his exit status
  • processes are controlled by scheduling
  • process context = snapshot of process by trapping the state of the CPU registers
  • process permissions: programs marked with s (execute bit on) aka setuid programs run with the user-id of the user who owns the program versus program non-setuid which run with the permissions of the user who starts the program. (setuid program owned by root can be a security issue)
  • when process is launched: it runs with the effective user-id and group-id of the user who started it, and with the corresponding privileges. This behaviour can be modified by using special permissions
#setuid programs (e.g.: owned by root)
/etc/passwd
/etc/shadow

# setuid bit is represented by an s in place of x
ls -l /bin/passwd
-rwsr-xr-x. 1 root root 27768 Feb 11  2017 /bin/passwd

  • The setuid bit has no effect on directories. setuid or setgid bits are set, but the executable bit is not

  • When a process is started it has its own isolated space and it uses system calls to indirectly access the HW (the HW is managed by the kernel)

# ulimit command that displays/resets a number of resource limits associated with processes running under a shell
ulimit -a


# increase no of file descriptors (soft resources)
ulimit -n 1600

# no of leak-ed file descriptors supported by OS
ulimit -n

  • process states : running, sleeping(waiting), stopped(suspended Ctrl+Z sends SIGSTOP), zombie

  • fork - original parent process keeps running while the child process starts

  • exec - original parent process terminates and child parent inherits the process ID of the parent

  • when the user types a command in the shell a new process is created (using fork from the user's login shell then the command is loaded onto child process space via exec system call)

# list all process on the system PID PPID PRI(priority) NI(nice value)
ps -elf
  • nice -n 5 command [args] = niceness value can range from -20 (the highest priority) to +19 (the lowest priority) aka set priorities
  1. Signals (Inter_Process Communication)
  • Are used to emit notifications for processes to take action in response to unpredictable events
  • kill -l list signals , basic syntax kill <SIGNAL> <PID>
  • pkill -u libby foobar kills process foobar of libby user
  1. Package Management Systems

  • rpm = Redhat Package Manager (Centos, Fedora) + SUSE (OpenSuse)

  • dpkg = Debian Package Manager (Ubuntu, Debian, Mint)

  • https://www.digitalocean.com/community/tutorials/package-management-basics-apt-yum-dnf-pkg.

  • package types: Binary, Source (rrpmbuild --rebuild -rb p7zip-16.02-16.el8.src.rpm)

  • low-level utilities (rpm, dpkg) and high-level utilities (yum,dnf,apt,apt-get)

  • EPEL (Extra Packages for Enterprise Linux) - external package repository

    4.1 RPM (RedHat Package Manager)

    • rpm in itself doesn't retrieve packages over the network and installs only from the local machine
    • types of packages: binary (<name>-<version>-<release>.<distro>.<architecture>.rpm) and source (<name>-<version>-<release>.<distro>.src.rpm) also packages with noarch.rpm extension don't depend on CPU architecture
    • /var/lib/rpm = default directory which holds the RPM database (in form of Berkeley DB Hash Files)
# alternative db directory
rpm --dbpath

# repair/rebuild DB
rpm --rebuilddb

# list installed packages 
# yum list installed
rpm -qa

# which version of the package is installed
rpm -q <package.rpm>

# information about the package (e.g if it is Relocatable)
rpm -qip <package.rpm> 

# list all files from the package aka ls -lF $(rpm -ql </path/package>)
rpm -qil <package.rpm>

# verify if the files from the package are consistent with RPM database
rpm -Va </path/to/package> # no output means the package is ok

# install pacakage
rpm -ivh <package.rpm>

# upgrade package (also remove the old package)
rpm -Uvh <package.rpm>

# freshening packages in current dir (when download patches and what to upgrade packages already installed)
rpm -Fvh *.rpm

# uninstall a package using --test flag before
rpm -e --test <package> (not path to package)
- helper scripts used by RPM resides in `/usr/lib/rpm`
-

Clone this wiki locally