diff --git a/docs/labs/systems_administration_II/lab3-bootup_and_startup.md b/docs/labs/systems_administration_II/lab3-bootup_and_startup.md index 4fff60e0f1..ae360b5425 100644 --- a/docs/labs/systems_administration_II/lab3-bootup_and_startup.md +++ b/docs/labs/systems_administration_II/lab3-bootup_and_startup.md @@ -10,26 +10,22 @@ tags: --- -# Lab 3: Boot and Startup processes +# Lab 3: Boot and startup processes +## Objectives -## Objectives +After completing this lab, you will be able to: +- manually control some startup processes and services +- automatically control services -After completing this lab, you will be able to - -- manually control some startup processes and services -- automatically control services - - -Estimated time to complete this lab: 50 minutes - +Estimated time to complete this lab: 50 minutes ## Boot process overview The exercises in this lab will begin from the booting-up process down to the logging in of the user. These steps will examine and try to customize parts of the boot-up processes. The high-level steps in the boot process are: -*Summary Of Steps* +### Summary of steps 1. hardware loads, reads and executes the boot sector 2. bootloader is executed (GRUB on most Linux distributions) @@ -37,18 +33,17 @@ The exercises in this lab will begin from the booting-up process down to the log 4. kernel initializes hardware 5. kernel mounts root file system 6. kernel executes /usr/lib/systemd/systemd as PID 1 -7. systemd starts the units needed and configured to run the default boot target -8. getty programs are spawned on each defined terminal -9. getty prompts for login -10. getty executes /bin/login to authentic user +7. `systemd` starts the units needed and configured to run the default boot target +8. `getty` programs are spawned on each defined terminal +9. `getty` prompts for login +10. `getty` executes /bin/login to authentic user 11. login starts shell - ### `systemd` -systemd is a system and service manager for Linux operating systems. +`systemd` is a system and service manager for Linux operating systems. -### `systemd` units +### `systemd` units `systemd` provides a dependency system between various entities called "units". Units encapsulate various objects that are needed for system boot-up and maintenance. Most units are configured in so-called unit configuration files - plain text ini-style files. @@ -62,11 +57,11 @@ systemd is a system and service manager for Linux operating systems. *Target units* are used for grouping other units. They provide well-known synchronization points during boot-up -*Device units* expose kernel devices in systemd and may be used to implement device-based activation. +*Device units* expose kernel devices in `systemd` and may be used to implement device-based activation. *Mount units* control mount points in the file system -*Automount units* provide automount capabilities, for on-demand mounting of file systems as well as parallelized boot-up. +*Automount units* provide automount capabilities, for on-demand mounting of file systems as well as parallelized boot-up. *Timer units* are useful for triggering activation of other units based on timers. @@ -80,11 +75,11 @@ systemd is a system and service manager for Linux operating systems. ## Exercise 1 -### /usr/lib/systemd/systemd | PID=1 +### /usr/lib/systemd/systemd | PID=1 -Historically init has been called many names and has taken several forms. +Historically init has been called many names and has taken several forms. -Regardless of its name or implementation, init (or its equivalent) is often referred to as the *mother of all processes*. +Regardless of its name or implementation, init (or its equivalent) is often referred to as the *mother of all processes*. The man page for “init” refers to it as the parent of all processes. By convention, the kernel's first program or process to be executed always has a process ID of 1. Once the first process runs, it then goes on to start other services, daemons, processes, programs and so on. @@ -92,7 +87,7 @@ Once the first process runs, it then goes on to start other services, daemons, p #### To explore the first system process !!! note - + In the exercises below, replace PID with the process ID number. 1. Log on to the system as any user. Query the /proc/PID/comm virtual file system path and find out the name of the process with the ID of 1. Type: @@ -118,7 +113,7 @@ Once the first process runs, it then goes on to start other services, daemons, p systemd ``` - + 4. Use the `ps` command to view the full path and any command-line arguments of the process or program behind PID 1. Type: ```bash @@ -126,24 +121,24 @@ Once the first process runs, it then goes on to start other services, daemons, p /usr/lib/systemd/systemd --switched-root --system --deserialize 16 ``` - + 5. To check that the mother-of-all processes, traditionally referred to as init, is actually systemd, use `ls` to confirm that `init` is a symbolic link to the `systemd` binary. Type: - + ```bash [root@localhost ~]# ls -l /usr/sbin/init lrwxrwxrwx. 1 root root 22 Aug 8 15:33 /usr/sbin/init -> ../lib/systemd/systemd ``` - + 6. Use the `pstree` command to show a tree-like view of the system processes. Type: - + ```bash [root@localhost ~]# pstree --show-pids ``` - + ## Exercise 2 -### `systemd` Targets (RUNLEVELS) +### `systemd` Targets (RUNLEVELS) `systemd` defines and relies on many different targets for managing the system. We'll focus on only 5 of the main targets in this exercise. The 5 main targets explored in this section are listed here: @@ -160,27 +155,27 @@ Once the first process runs, it then goes on to start other services, daemons, p #### To manage systemd targets 1. List ALL (active + inactive + failed) available targets on the server. - + ```bash [root@localhost ~]# systemctl list-units --type target --all ``` 2. List only the currently active targets. Type: - + ```bash [root@localhost ~]# systemctl list-units -t target ``` - + 3. Use the `systemctl` command to view/get the name of the default target that the system is configured to boot into. Type: - + ```bash [root@localhost ~]# systemctl get-default multi-user.target ``` - -4. View the contents of unit file for the default target (multi-user.target). Type: - + +4. View the contents of unit file for the default target (multi-user.target). Type: + ```bash [root@localhost ~]# systemctl cat multi-user.target @@ -194,11 +189,11 @@ Once the first process runs, it then goes on to start other services, daemons, p After=basic.target rescue.service rescue.target AllowIsolate=yes ``` - + Note some properties and their values configured in the `multi-user.target` unit. Properties like - Description, Documentation, Requires, After, and so on. - + 5. The `basic.target` unit is listed as the value of the `Requires` property for `multi-user.target`. View the unit file for basic.target. Type: - + ```bash [root@localhost ~]# systemctl cat multi-user.target # /usr/lib/systemd/system/basic.target @@ -210,15 +205,15 @@ Once the first process runs, it then goes on to start other services, daemons, p After=sysinit.target sockets.target paths.target slices.target tmp.mount RequiresMountsFor=/var /var/tmp ``` - + 6. The `systemctl cat` command only shows a subset of the properties and values of a given unit. To view a dump of ALL the properties and values of the target unit, use the show subcommand. The `show` command will also display the low-level properties. Show ALL the properties of multi-user.target, type: - + ```bash [root@localhost ~]# systemctl show multi-user.target ``` - + 7. Filter out the Id, Requires and Description properties from the long list of properties in the multi-user.target unit. Type: - + ```bash [root@localhost ~]# systemctl --no-pager show \ --property Id,Requires,Description multi-user.target @@ -228,36 +223,35 @@ Once the first process runs, it then goes on to start other services, daemons, p Description=Multi-User System ``` -8. View the services and resources that the multi-user.target pulls in when it starts. In other words, display what multi-user.target "Wants". Type: - +8. View the services and resources that the multi-user.target pulls in when it starts. In other words, display what multi-user.target "Wants". Type: + ```bash [root@localhost ~]# systemctl show --no-pager -p "Wants" multi-user.target Wants=irqbalance.service sshd.service..... ...... ``` - + 9. Use `ls` and `file` commands to learn more about the relationship of the traditional `init` program to the `systemd` program. Type: - + ```bash [root@localhost ~]# ls -l /usr/sbin/init && file /usr/sbin/init lrwxrwxrwx. 1 root root 22 Aug 8 15:33 /usr/sbin/init -> ../lib/systemd/systemd /usr/sbin/init: symbolic link to ../lib/systemd/systemd ``` - -#### To change the default boot target +#### To change the default boot target 1. Set/change the default target that the system boots into. Use the `systemctl set-default` command to change the default target to `graphical.target`. Type: - + ```bash [root@localhost ~]# systemctl set-default graphical.target ``` 2. Check if the newly set boot target is active. Type: - + ```bash [root@localhost ~]# systemctl is-active graphical.target @@ -267,54 +261,54 @@ Once the first process runs, it then goes on to start other services, daemons, p Note that the output shows the target is *not* active even though it was set as the default! 3. To force the system to immediately switch to, and use a given target, you have to use the `isolate` sub command. Type: - + ```bash [root@localhost ~]# systemctl isolate graphical.target ``` !!! Warning - + The systemctl isolate command can be dangerous if used wrongly. This is because it will immediately stop processes not enabled in the new target, possibly including the graphical environment or terminal you currently use! - + 4. Check again if `graphical.target` is now in use and is active. 5. Query for and view what other services or resources the graphical.target "Wants". - + !!! Question - + What are the main differences between multi-user.target and graphical.target "Wants"? - + 6. Because your system is running a server class operating system spin, where a full-fledged graphical desktop environment may not be desirable, switch the system back to the more suitable multi-user.target. Type: - + ```bash [root@localhost ~]# systemctl isolate multi-user ``` -7. Set/change the default system boot up target back to multi-user.target. - -8. Run a quick [and extra] manual check to see what target the default.target symlink points to, by running: - +7. Set/change the default system boot up target back to multi-user.target. + +8. Run a quick [and extra] manual check to see what target the default.target symlink points to, by running: + ```bash [root@localhost ~]# ls -l /etc/systemd/system/default.target ``` - -## Exercise 3 -The exercises in this section will show you how to configure system/user processes and daemons (aka services) that may need to be automatically started up with the system. +## Exercise 3 + +The exercises in this section will show you how to configure system/user processes and daemons (aka services) that may need to be automatically started up with the system. ### To view service status 1. While logged in as root, list all the systemd units that have a type of service. Type: - + ```bash root@localhost ~]# systemctl list-units -t service -all ``` - + This will show the complete list of active and loaded but inactive units. - -2. View the list of active systemd units that have a type of service. - + +2. View the list of active `systemd` units that have a type of service. + ```bash [root@localhost ~]# systemctl list-units --state=active --type service UNIT LOAD ACTIVE SUB DESCRIPTION @@ -328,83 +322,83 @@ The exercises in this section will show you how to configure system/user process ``` 3. Narrow down and learn more about the configuration of one of the services in the previous output, the *crond.service*. Type: - + ```bash [root@localhost ~]# systemctl cat crond.service ``` 4. Check if `crond.service` is configured to automatically start-up when the system boots. Type: - + ```bash [root@localhost ~]# systemctl is-enabled crond.service enabled ``` - + 5. View the real-time status of the `crond.service` service. Type: - + ```bash [root@localhost ~]# systemctl status crond.service ``` - + The output will include the most recent 10 journal lines/entries/logs by default. - + 6. View the status of `crond.service` and suppress showing any journal lines. Type: - + ```bash [root@localhost ~]# systemctl -n 0 status crond.service ``` - + 7. View the status of sshd.service. !!! Question - + View the status of `firewalld.service`. What is the `firewalld.service` unit? - + ### To stop services -1. While still logged in as a user with Administrative privileges, use the `pgrep` command to see if the `crond` process appears in the list of processes running on the system. - +1. While still logged in as a user with Administrative privileges, use the `pgrep` command to see if the `crond` process appears in the list of processes running on the system. + ```bash [root@localhost ~]# pgrep -a crond 313274 /usr/sbin/crond -n ``` - + If it finds a matching process name, the `pgrep` command should find and list the PID of `crond`. - + 2. Use `systemctl` to stop the `crond.service` unit. Type: - + ```bash [root@localhost ~]# systemctl stop crond.service ``` The command should complete without any output. - + 3. Using `systemctl`, view the status of `crond.service` to see the effect of your change. -4. Use `pgrep` again to see if the crond process still appears in the list of processes. +4. Use `pgrep` again to see if the `crond` process still appears in the list of processes. ### To start services -1. Login as Administrative user account. Use the `pgrep` command to see if a `crond` process appears in the list of processes running on the system. - +1. Login as Administrative user account. Use the `pgrep` command to see if a `crond` process appears in the list of processes running on the system. + ```bash [root@localhost ~]# pgrep -a crond ``` - + If `pgrep` finds a matching process name, it will list the PID of `crond`. - + 2. Use `systemctl` to start the `crond.service` unit. Type: - + ```bash [root@localhost ~]# systemctl start crond.service ``` - + The command should complete without any output or visible feedback. - + 3. Using `systemctl`, view the status of `crond.service` to see the effect of your change. Type: - + ```bash [root@localhost ~]# systemctl -n 0 status crond.service @@ -417,55 +411,54 @@ The exercises in this section will show you how to configure system/user process CGroup: /system.slice/crond.service └─313451 /usr/sbin/crond -n ``` - + !!! Question - + From the output of the `systemctl` status command on your system, what is the PID of `crond`? 4. Similarly use `pgrep` again to see if the `crond` process now appears in the list of processes. Compare the PID displayed by pgrep with the PID shown in the previous `systemctl` status `crond.service`. - + ```bash [root@localhost ~]# systemctl is-enabled crond.service enabled ``` - + ### To restart services For many services/daemons, restarting or reloading the running service/daemon whenever changes are made to their underlying configuration files is often necessary. This is so that the given process/service/daemon can apply the latest configuration changes. 1. View the status of crond.service. Type: - + ```bash [root@localhost ~]# systemctl -n 0 status crond.service ``` - - Make a note of the PID for crond in the output. - + + Make a note of the PID for `crond` in the output. + 2. Run `systemctl restart` to restart `crond.service`. Type: - + ```bash [root@localhost ~]# systemctl -n 0 status crond.service ``` The command should complete without any output or visible feedback. - -3. Check for the status of `crond.service` again. Compare the latest PID with the PID that you noted in Step 1. - + +3. Check for the status of `crond.service` again. Compare the latest PID with the PID that you noted in Step 1. + 4. Use `systemctl` to check if `crond.service` is currently active. Type: - + ```bash [root@localhost ~]# systemctl is-active crond.service active ``` - + !!! Question - + Why do you think the PIDs are different everytime you restart a service? - - + !!! Tip - + The functionality of the good old classic service command has been ported over to seamlessly work on systemd managed systems. You can use service commands like the following to stop, start, restart and view status of the `smartd` service. ```bash @@ -477,102 +470,102 @@ For many services/daemons, restarting or reloading the running service/daemon wh # service smartd restart ``` - + ### To disable a service 1. Use `systemctl` to check whether the `crond.service` is enabled to start with system boot automatically. Type: - + ```bash [root@localhost ~]# systemctl is-enabled crond.service enabled ``` - + The sample output shows it is. - + 2. Disable the `crond.service` from automatic startup. Type: - + ```bash [root@localhost ~]# systemctl disable crond.service Removed /etc/systemd/system/multi-user.target.wants/crond.service. ``` - + 3. Run the `systemctl is-enabled` command again to view the effect of your changes. - + !!! Question - + On a server that you need to manage remotely, why would you NOT want to disable a service like `sshd.service` from automatic start-up with system boots? - -### To ensure disabling (i.e. mask) a service -Even though the `systemctl disable` command can be used to disable services as you saw in the previous exercises, other systemd units (processes, services , daemons and so on) can stealthily re-enable a disabled service if needed. This can happen when a service depends on another [disabled] service. +### To ensure disabling (masking) a service + +Even though the `systemctl disable` command can be used to disable services as you saw in the previous exercises, other `systemd` units (processes, services , daemons and so on) can stealthily re-enable a disabled service if needed. This can happen when a service depends on another [disabled] service. -To ensure disabling of a systemd service unit and prevent accidental reactivation, you should mask the service. +To ensure disabling of a `systemd` service unit and prevent accidental reactivation, you should mask the service. 1. Use `systemctl` to mask the `crond.service` and prevent any undesired reactivation, type: - + ```bash [root@localhost ~]# systemctl mask crond.service Created symlink /etc/systemd/system/crond.service → /dev/null. ``` - -2. Run the `systemctl is-enabled` command to view the effect of your changes. - + +2. Run the `systemctl is-enabled` command to view the effect of your changes. + ```bash [root@localhost ~]# systemctl is-enabled crond.service masked ``` - + 3. To undo your changes and unmask `crond.service`, use the `systemctl unmask` command by running: - + ```bash [root@localhost ~]# systemctl unmask crond.service Removed /etc/systemd/system/crond.service. ``` - + ### To enable a service 1. Use `systemctl` to check the status of `crond.service` unit. Type: - + ```bash [root@localhost ~]# systemctl status crond.service ``` - + The service should still be in a stopped state. - + 2. Use the `systemctl enable` command to enable `crond.service` for automatic startup. Type: - + ```bash [root@localhost ~]# systemctl enable crond.service Created symlink /etc/systemd/system/multi-user.target.wants/crond.service → /usr/lib/systemd/system/crond.service. ``` - + 3. Again use `systemctl` to check if `crond.service` is active. Type: - + ```bash [root@localhost ~]# systemctl is-active crond.service inactive ``` - + !!! Question - + You just enabled `crond.service`. Why is it not running or not listed as being active in the previous command? - + 4. Use a slightly different variant of the `systemctl enable` command to enable `crond.service` and immediately start the daemon running. Type: - + ```bash [root@localhost ~]# systemctl --now enable crond.service ``` - + 5. Check if `crond.service` is now active. Type: - + ```bash [root@localhost ~]# systemctl is-active crond.service active ``` - + 6. Using `systemctl`, ensure that the `crond.service` is started, running and enabled for automatic start-up. diff --git a/docs/labs/systems_administration_II/lab6-the_file_system.md b/docs/labs/systems_administration_II/lab6-the_file_system.md index 36743b2094..58590dd763 100644 --- a/docs/labs/systems_administration_II/lab6-the_file_system.md +++ b/docs/labs/systems_administration_II/lab6-the_file_system.md @@ -15,18 +15,18 @@ tags: ## Objectives -After completing this lab, you will be able to +After completing this lab, you will be able to - Partition a disk - Use the Logical Volume Management (LVM) System - Create new file systems -- Mount and make use of file systems +- Mount and make use of file systems -Estimated time to complete this lab: 90 minutes +Estimated time to complete this lab: 90 minutes ## Overview of useful file system applications -Below is a summary of common applications used to manage file-systems. +Below is a summary of common applications used to manage file-systems. ### `sfdisk` @@ -60,7 +60,7 @@ Synopsis: --disk-id [] print or change disk label ID (UUID) --relocate move partition header ``` - + ### `debugfs` ext2/ext3/ext4 file system debugger @@ -70,12 +70,12 @@ Synopsis: ``` debugfs [-b blocksize] [-s superblock] [-f cmd_file] [-R request] [-d data_source_device] [-i] [-n] [-D] [-V] [[-w] [-z undo_file] [-c]] [device] ``` - + ### `badblocks` Search for bad blocks on a device -Synopsis: +Synopsis: ``` badblocks [ -svwnfBX ] [ -b block_size ] [ -c blocks_at_once ] [ -d read_delay_factor ] [ -e max_bad_blocks ] [ -i input_file ] [ -o output_file ] [ -p num_passes ] [ @@ -119,7 +119,7 @@ Synopsis: Used for creating MS-DOS (FAT12, FAT16 and FAT32) file system in Linux -Synopsis: +Synopsis: ``` Usage: mkdosfs [OPTIONS] TARGET [BLOCKS] @@ -142,20 +142,20 @@ Synopsis: -M TYPE Set media type in boot sector to TYPE ......... ``` - + ### `dumpe2fs` Lists the superblock and blocks group information on the device listed. -Synopsis: +Synopsis: ``` Usage: dumpe2fs [-bfghimxV] [-o superblock=] [-o blocksize=] device ``` -### `fdisk` +### `fdisk` -View and manipulate (add, remove and modify) disk partition tables +View and manipulate (add, remove and modify) disk partition tables Synopsis: @@ -219,7 +219,7 @@ Synopsis: Used to get or set the hard disk parameters -Synopsis: +Synopsis: ``` hdparm [options] [device] @@ -229,7 +229,7 @@ Synopsis: Used for adjusting tunable file system parameters on ext2/ext3/ext4 file systems. The filesystem must not be mounted write when this operation is performed. -Synopsis: +Synopsis: ``` Usage: tune2fs [-c max_mounts_count] [-e errors_behavior] [-f] [-g group] @@ -246,7 +246,7 @@ Synopsis: Creates a Linux swap area on a device -Synopsis: +Synopsis: ``` mkswap [-c] [-vN] [-f] [-p PSZ] device [size] @@ -256,7 +256,7 @@ Synopsis: Create Linux file systems -Synopsis: +Synopsis: ``` mkfs [ -V ] [ -t fstype ] [ fs-options ] filesys [ blocks ] @@ -266,7 +266,7 @@ Synopsis: A disk partitioning and partition resizing program. -Synopsis: +Synopsis: ``` Parted [options] [device [command [options]]] @@ -286,31 +286,31 @@ Synopsis: Used to mount a filesystem. -Synopsis: +Synopsis: ``` Mount [-fnrsvw] [-o options [,...]] device | dir ``` -## Exercise 1 +## Exercise 1 -PERFORM THIS EXERCISE ON YOUR LOCAL-SYSTEM +PERFORM THIS EXERCISE ON YOUR LOCAL-SYSTEM -Creating partitions (`fdisk`, `mke2fs`, `fsck`, `tune2fs`) +Creating partitions (`fdisk`, `mke2fs`, `fsck`, `tune2fs`) -In this exercise you will create additional partitions on your hard disk. During the initial installation you left some free space. You will create partitions on this space. +In this exercise you will create additional partitions on your hard disk. During the initial installation you left some free space. You will create partitions on this space. -Partitioning a disk allows the disk to be regarded as a group of independent storage areas. +Partitioning a disk allows the disk to be regarded as a group of independent storage areas. -Partitions also make backups easier and help to restrict and confine potential problem areas. +Partitions also make backups easier and help to restrict and confine potential problem areas. -Hard disk space is not infinite and one of your duties administrator is managing the available finite space. For instance, a simple way to restrict the total storage area on a disk where users can store their personal files is to create a separate partition for the users’ home directory (Of course quotas can also be used). +Hard disk space is not infinite and one of your duties administrator is managing the available finite space. For instance, a simple way to restrict the total storage area on a disk where users can store their personal files is to create a separate partition for the users’ home directory (quotas can also be used). -#### To explore block storage devices +### To explore block storage devices You will be using the `fdisk` utility -1. While logged on as root, display the current structure of your disk. Type: +1. While logged on as root, display the current structure of your disk. Type: ```bash [root@serverXY root]# fdisk -l @@ -325,7 +325,7 @@ You will be using the `fdisk` utility Device Boot Start End Sectors Size Id Type /dev/vda1 * 2048 52428766 52426719 25G 83 Linux ``` - + 2. Display the current disk usage statistics. Type: ```bash @@ -336,14 +336,14 @@ You will be using the `fdisk` utility /dev/vda1 24G 8.5G 14G 39% / ...... ``` - + From the sample output above under the Used column, you can see that the primary partition ( /dev/vda1) on which our root (/) directory is mounted on is completely (100%) filled up. - Of course your output might be different if you have a different sized disk or if you didn’t follow the partitioning scheme used during the OS install. + Your output might be different if you have a different sized disk or if you didn’t follow the partitioning scheme used during the OS install. #### To create a [fake] block device -We don't want you to accidentally alter the local hard disk on your system and make it inoperable, so we'll complete the following exercises on a pseudo-device that behaves and mimics an actual block device. This will be done by creating a reasonably sized [sparse] file and associating it with a pseudo-device. On Linux systems, these pseudo-devices are referred to as loop devices. A loop device is a pseudo-device that makes it possible to treat [and access] a regular data file as if it were a block device. +We don't want you to accidentally alter the local hard disk on your system and make it inoperable, so we'll complete the following exercises on a pseudo-device that behaves and mimics an actual block device. This will be done by creating a reasonably sized [sparse] file and associating it with a pseudo-device. On Linux systems, these pseudo-devices are referred to as loop devices. A loop device is a pseudo-device that makes it possible to treat [and access] a regular data file as if it were a block device. (This step is roughly equal to the same decisions you must make about purchasing actual disks/storage for a server. Decisions like - type, make, size, interface, form-factor and so on) @@ -352,28 +352,28 @@ We don't want you to accidentally alter the local hard disk on your system and m ```bash [root@serverPR root]# truncate --size 10GiB /tmp/10G-fake-disk.img ``` - + 2. Run the `losetup` command without any options to show active loop devices. Type: ```bash [root@serverPR root]# losetup ``` - + 3. Run the `losetup` command again to view/find the first unused loop device. Type: - + ```bash [root@serverPR root]# losetup -f --nooverlap /dev/loop0 ``` - + The first usable or unused loop device in the output of our sample system is `/dev/loop0`. - + 4. Using the 10G-fake-disk.img as a backing file, associate the file with an available loop device by running: ```bash losetup -f --nooverlap --partscan /tmp/10G-fake-disk.img ``` - + 5. Run the `losetup` command again to show loop devices in use. Type: ```bash @@ -383,7 +383,7 @@ We don't want you to accidentally alter the local hard disk on your system and m ``` 6. Use the `sfdisk` utility to list any partitions on the new pseudo-block device. Type: - + ```bash [root@localhost ~]# sfdisk -l /dev/loop0 Disk /dev/loop0: 10 GiB, 10737418240 bytes, 20971520 sectors @@ -391,9 +391,9 @@ We don't want you to accidentally alter the local hard disk on your system and m Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes ``` - + 7. Now use `fdisk` to list any partitions on the same device. Type: - + ```bash [root@localhost ~]# fdisk -l /dev/loop0 Disk /dev/loop0: 10 GiB, 10737418240 bytes, 20971520 sectors @@ -401,13 +401,13 @@ We don't want you to accidentally alter the local hard disk on your system and m Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes ``` - + #### To create partitions 1. You will create a new partition using the `fdisk` program. `fdisk` runs interactively, so you'll have many question-and-answer style prompts to complete specific tasks. - + Start by passing the name of the loop block device as an argument to the `fdisk`. Type: - + ```bash [root@localhost ~]# fdisk /dev/loop0 @@ -420,7 +420,7 @@ We don't want you to accidentally alter the local hard disk on your system and m Command (m for help): ``` - + 2. Display the built-in help system for `fdisk`, by typing `m` at the `fdisk` prompt. ```bash @@ -443,7 +443,7 @@ We don't want you to accidentally alter the local hard disk on your system and m i print information about a partition ...... ``` - + 3. From the displayed help listing, we can see that the `n` is used for adding a new partition. Type `n` at the prompt: ```bash @@ -452,9 +452,9 @@ We don't want you to accidentally alter the local hard disk on your system and m p primary (0 primary, 0 extended, 4 free) e extended (container for logical partitions) ``` - -4. Create a primary partition type by typing `p `: - + +4. Create a primary partition type by typing `p`: + ```bash Command (m for help): n Partition type @@ -462,27 +462,27 @@ We don't want you to accidentally alter the local hard disk on your system and m e extended (container for logical partitions) Select (default p): p ``` - + 5. This is the first primary partition on the block device. Set the partition number to 1: - + ```bash Partition number (1-4, default 1): 1 ``` - -6. Accept the default value for the first sector of the block device by pressing ENTER: - + +6. Accept the default value for the first sector of the block device by pressing ++enter++: + ```bash First sector (2048-20971519, default 2048): ``` - -7. Accept the default value for the last sector of the block device by pressing ENTER: - + +7. Accept the default value for the last sector of the block device by pressing ++enter++: + ```bash Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-20971519, default 20971519): ``` - + 8. Back at the main `fdisk` prompt, type `p` to print the current partition table of the block device: - + ```bash Command (m for help): p Disk /dev/loop0: 10 GiB, 10737418240 bytes, 20971520 sectors @@ -495,27 +495,27 @@ We don't want you to accidentally alter the local hard disk on your system and m Device Boot Start End Sectors Size Id Type /dev/loop0p1 2048 20971519 20969472 10G 83 Linux ``` - + The new partition you created is the one on `/dev/loop0p1` above. You will notice that the partition type is “83”. - + 9. Everything looks good. Write all the changes to the partition table by typing the `w` sub command of `fdisk`: - + ```bash Command (m for help): w ``` - - You'll likely see a warning about a failure to re-read the partition table. - + + You'll likely see a warning about a failure to re-read the partition table. + The `w` `fdisk` command will also exit the `fdisk` program and return the shell prompt. - -10. Per the warning message you may have gotten after writing the partition table to disk in the previous step, you may sometimes need to take extra steps to urge the kernel to acknowledge the new hard disk changes. Use the `partprobe` command to do this: - + +10. Per the warning message you may have gotten after writing the partition table to disk in the previous step, you may sometimes need to take extra steps to urge the kernel to acknowledge the new hard disk changes. Use the `partprobe` command to do this: + ```bash [root@localhost ~]# partprobe ``` - + !!! tip - + When using `fdisk`, the default partition type for newly created partitions is Linux (0x83). You can use the `fdisk` `t` command to change the type. For example to change the partition type to the LVM (0x8e) type you would do the following: Type `t` to change the partition type: @@ -536,48 +536,50 @@ We don't want you to accidentally alter the local hard disk on your system and m Command (m for help): w ``` -#### To create a physical volume +#### To create a physical volume To help demonstrate some of the subtle differences between the traditional method of managing block devices and the more modern approaches like the volume manager approach, we'll create a new pseudo-block device and attempt to prepare it (similar to partitioning) for use with a file system. -In the following steps we are going to create a new loop device backed by another regular file. And then we'll go on to setting up the device for the Logical Volume Manager (LVM) system. +In the following steps we are going to create a new loop device backed by another regular file. And then we'll go on to setting up the device for the Logical Volume Manager (LVM) system. 1. While logged in as a user with administrator privileges, create a sparse 10GB file called `10G-fake-lvm-disk.img`. Type: - + ```bash [root@server root]# truncate --size 10GiB /tmp/10G-fake-lvm-disk.img ``` - + 2. Run the `losetup` command to view/find the first unused loop device. Type: - + ```bash [root@serverPR root]# losetup -f --nooverlap ``` Our sample system's first usable or unused loop device has been incremented and is now /dev/loop1. - + 3. Using the 10G-fake-lvm-disk.img as a backing file, associate the file with an available loop device by running: - + ```bash [root@server root]# losetup -f --nooverlap --partscan /tmp/10G-fake-lvm-disk.img ``` - + 4. Run the `losetup` command to show loop devices in use. Type: - + ```bash [root@localhost ~]# losetup ``` + **OUTPUT** - ``` + + ```bash NAME SIZELIMIT OFFSET AUTOCLEAR RO BACK-FILE DIO LOG-SEC /dev/loop1 0 0 0 0 /tmp/10G-fake-lvm-disk.img 0 512 /dev/loop0 0 0 0 0 /tmp/10G-fake-disk.img 0 512 ``` - + We see the mapping of /dev/loop1 to the /tmp/10G-fake-lvm-disk.img backing file in our output. Perfect. - -5. Use the `pvdisplay` command to view the physical volumes currently defined on the system. Type: - + +5. Use the `pvdisplay` command to view the physical volumes currently defined on the system. Type: + ```bash [root@localhost ~]# pvdisplay --- Physical volume --- @@ -586,29 +588,31 @@ In the following steps we are going to create a new loop device backed by anothe PV Size 98.41 GiB / not usable 2.00 MiB ...... ``` - -2. Initialize the new /dev/loop1 block device (10G-fake-lvm-disk.img) as a physical volume. Use the `pvcreate` utility. Type: - + +6. Initialize the new /dev/loop1 block device (10G-fake-lvm-disk.img) as a physical volume. Use the `pvcreate` utility. Type: + ```bash [root@localhost ~]# pvcreate /dev/loop1 Physical volume "/dev/loop1" successfully created. ``` - -3. Run the `pvdisplay` command to view any changes. -#### To assign a physical volume to a volume group +7. Run the `pvdisplay` command to view any changes. -In this section, you will learn how to assign a PV device to an existing volume group. This has the net effect of increasing the storage capacity of an existing volume group. +#### To assign a physical volume to a volume group + +In this section, you will learn how to assign a PV device to an existing volume group. This has the net effect of increasing the storage capacity of an existing volume group. You'll add the `/dev/loop1` physical volume (PV) that was prepped and created above to the existing `rl` Volume Group (VG). -1. Use the `vgdisplay` command to view the currently configured volume groups. Type: - +1. Use the `vgdisplay` command to view the currently configured volume groups. Type: + ```bash [root@localhost ~]# vgdisplay ``` + **OUTPUT** - ``` + + ```bash --- Volume group --- VG Name rl System ID @@ -621,31 +625,35 @@ You'll add the `/dev/loop1` physical volume (PV) that was prepped and created ab Free PE / Size 0 / 0 ...... ``` - + !!! note - + From the output above: - The volume group name is rl - The size of the VG is 98.41 GiB - There are 0 (zero) physical extents (PE) that are free in the VG, which is equivalent to 0MB of space. - -2. Assign the new PV (/dev/loop1) to the existing `rl` volume group. Use the `vgextend` command, type: - + +2. Assign the new PV (/dev/loop1) to the existing `rl` volume group. Use the `vgextend` command, type: + ```bash [root@localhost ~]# vgextend rl /dev/loop1 ``` + **OUTPUT** - ``` + + ```bash Volume group "rl" successfully extended ``` - -4. Run the `vgdisplay` command again to view your changes. Type: - + +3. Run the `vgdisplay` command again to view your changes. Type: + ```bash [root@localhost ~]# vgdisplay ``` + **OUTPUT** - ``` + + ```bash --- Volume group --- VG Name rl System ID @@ -660,55 +668,55 @@ You'll add the `/dev/loop1` physical volume (PV) that was prepped and created ab Free PE / Size 2559 / <10.00 GiB ...... ``` - + !!! Question Using your `vgdisplay` output, note down the changes on your system. What are the new values for "Free PE / Size"? - -#### To remove a LV, VG and PV -This section will step through how to delete the `/dev/loop1` PV that you assigned to the existing `rl` VG in the previous section. +#### To remove a LV, VG and PV + +This section will step through how to delete the `/dev/loop1` PV that you assigned to the existing `rl` VG in the previous section. 1. Remove the logical volume named scratch2. Type: - + ```bash [root@localhost ~]# lvremove -f /dev/rl/scratch2 Logical volume "scratch2" successfully removed. ``` - + 2. Remove the scratch3 logical volume, by running: - + ```bash [root@localhost ~]# lvremove -f /dev/rl/scratch3 ``` 3. With the relevant volumes now removed, you can now reduce the size of the `rl` VG to make it consistent. Type: - + ```bash [root@localhost ~]# vgreduce --removemissing rl ``` - + 4. Remove any LVM labels from the `/dev/loop1` PV. Type: - + ```bash [root@localhost ~]# pvremove /dev/loop1 Labels on physical volume "/dev/loop1" successfully wiped. ``` -#### To create a new volume group +#### To create a new volume group In this section, you will create a brand new standalone volume group named "scratch". The scratch VG will get it's space entirely from the `/dev/loop1` pseudo block device. 1. Create the new `scratch` space. Type: - + ```bash [root@localhost ~]# vgcreate scratch /dev/loop1 Physical volume "/dev/loop1" successfully created. Volume group "scratch" successfully created ``` - -2. Run the `vgdisplay` command to view your changes. Type: - + +2. Run the `vgdisplay` command to view your changes. Type: + ```bash [root@localhost ~]# vgdisplay scratch --- Volume group --- @@ -726,23 +734,23 @@ In this section, you will create a brand new standalone volume group named "scra VG UUID nQZPfK-bo7E-vOSR*** ...... ``` - - !!! question - + + !!! question "Questions" + Review your `vgdisplay` output. What are the values for "Free PE / Size"? And how are these values different from the earlier section when you added the `/dev/loop1` PV to the existing `rl` volume group? - -#### To create a logical volume + +#### To create a logical volume With the additional free space we have been able to add to the `rl` volume group (VG), it is now possible to add a Logical volume that can be used to store data after formatting. -1. Use the `lvdisplay` command to view the currently configured logical volumes. Type: - +1. Use the `lvdisplay` command to view the currently configured logical volumes. Type: + ```bash [root@localhost ~]# lvdisplay ``` - - !!! question - + + !!! question "Questions" + From your output answer the following questions: 1. How many logical volumes (LVs) are defined? @@ -750,10 +758,9 @@ With the additional free space we have been able to add to the `rl` volume group 2. What are the names of the LVs? 3. What are the various LVs being used for on your system? - - + 2. Use the `lvs` command to similarly display the logical volumes, but this time filter the output to show specific fields. Filter to view the lv_name (logical volume name), lv_size (logical volume size), lv_path, vg_name (volume group name) fields. Type: - + ```bash [root@localhost ~]# lvs -o lv_name,lv_size,lv_path,vg_name LV LSize Path VG @@ -761,87 +768,91 @@ With the additional free space we have been able to add to the `rl` volume group root <60.79g /dev/rl/root rl swap <7.95g /dev/rl/swap rl ``` - + !!! note lv_name = logical volume name, lv_size = logical volume size, lv_path = logical volume path, vg_name = volume group name. - + 3. On the new `scratch` VG, create a new logical volume called “scratch2” using the `lvcreate` command. Set the size for `scratch2` to be 2GB. Type: - + ```bash [root@localhost ~]# lvcreate -L 2G --name scratch2 scratch Logical volume "scratch2" created. ``` - + 4. Create a second logical volume called “scratch3”. This time use up the entire remaining available space on the `scratch` volume group. Type: - + ```bash [root@localhost ~]# lvcreate -l 100%FREE --wipesignatures y --yes --zero y --name scratch3 scratch Logical volume "scratch3" created. ``` - -5. Use the `lvdisplay` command again to view the new LV. - + +5. Use the `lvdisplay` command again to view the new LV. + ## Exercise 2 To make the traditional partition and LVM-style volumes created earlier usable by the operating system, you need to create file systems on it. Writing a file system to a device is also known as formatting the disk. This exercise covers file system creation as well the use of some common file system maintenance tools. -#### To create a VFAT file system +### To create a VFAT file system Here you will use the `mke2fs` program to create an vFAT file system on the new /dev/loop0p1 partition. -1. Use the `mkfs.vfat` utility to create an vfat type file system on the `/dev/loop0p1` volume. Type: - +1. Use the `mkfs.vfat` utility to create an vfat type file system on the `/dev/loop0p1` volume. Type: + ```bash [root@localhost ~]# mkfs.vfat /dev/loop0p1 ``` + **OUTPUT** - ``` + + ```bash mkfs.fat 4.* ``` 2. Use the `lsblk` to query the system for interesting information about the block device. Type: - + ```bash [root@localhost ~]# lsblk -f /dev/loop0 ``` + **OUTPUT** - ``` + + ```bash NAME FSTYPE LABEL UUID MOUNTPOINT loop0 └─loop0p1 vfat 658D-4A90 ``` - + #### To create an EXT4 file system To make the logical volumes that were created earlier usable by the operating system, you need to create file systems on them. Writing a file system to a device is also known as formatting the disk. Here you will use the `mke2fs` program to create an EXT4 file system on the new scrtach2 volume. -1. Use the `mkfs.ext4` utility to create an EXT4 type filesystem on the `/dev/scratch/scratch2` volume. Type: - +1. Use the `mkfs.ext4` utility to create an EXT4 type filesystem on the `/dev/scratch/scratch2` volume. Type: + ```bash [root@localhost ~]# mkfs.ext4 /dev/scratch/scratch2 ...... Writing superblocks and filesystem accounting information: done ``` - + 2. Use the `lsblk` to query the system for interesting information about the scratch2 volume. Type: - + ```bash [root@localhost ~]# lsblk -f /dev/scratch/scratch2 NAME FSTYPE LABEL UUID MOUNTPOINT scratch-scratch2 ext4 6689b6aa**** ``` - -#### To create an XFS file system + +#### To create an XFS file system Here you will use the `mke2fs` program to create a XFS file system on the new scratch3 volume. -1. Use the `mkfs.xfs` utility to create a XFS type filesystem on the `/dev/rl/scratch3` volume. Type: - +1. Use the `mkfs.xfs` utility to create a XFS type filesystem on the `/dev/rl/scratch3` volume. Type: + ```bash [root@localhost ~]# mkfs.xfs /dev/scratch/scratch3 meta-data=/dev/scratch/scratch3 isize=512 agcount=4, agsize=524032 blks @@ -850,179 +861,181 @@ Here you will use the `mke2fs` program to create a XFS file system on the new sc ``` 2. Use the `lsblk` to query the system for interesting information about the scratch2 volume. Type: - + ```bash [root@localhost ~]# lsblk -f /dev/scratch/scratch3 ``` + **OUTPUT** - ``` + + ```bash NAME FSTYPE LABEL UUID MOUNTPOINT scratch-scratch3 xfs 1d1ac306*** ``` - + #### To use `dumpe2fs`, `tune2fs`, `lsblk` and `fsck` -Here we will walk through the use of some common filesystem utilities that can be used in maintaining the filesystem, fixing filesystem problems, debugging filesystem issues etc. +Here we will walk through the use of some common filesystem utilities that can be used in maintaining the filesystem, fixing filesystem problems, debugging filesystem issues etc. + +1. Find out the value of the current “maximal mount count” on the scratch2 volume. Type: -1. Find out the value of the current “maximal mount count” on the scratch2 volume. Type: - ```bash [root@localhost ~]# dumpe2fs /dev/scratch/scratch2 | grep -i "maximum mount count" dumpe2fs 1.4*** Maximum mount count: -1 ``` - - !!! question - + + !!! question "Questions" + 1. What purpose does the “maximum mount count” serve? 2. What is the value of the maximal mount count of your `root` volume (/dev/rl/root)? - -2. Adjust/set the maximal mount count value to zero between filesystem checks on the `/dev/scratch/scratch2` volume. Use the `tune2fs` command. Type: - + +2. Adjust/set the maximal mount count value to zero between filesystem checks on the `/dev/scratch/scratch2` volume. Use the `tune2fs` command. Type: + ```bash [root@localhost ~]# tune2fs -c 0 /dev/scratch/scratch2 tune2fs 1.*.* Setting maximal mount count to -1 ``` - -3. Use the `fsck` command to check the scratch2 file system. Type: - + +3. Use the `fsck` command to check the scratch2 file system. Type: + ```bash [root@localhost ~]# fsck -Cfp /dev/scratch/scratch2 fsck from util-linux 2.* /dev/mapper/scratch-scratch2: 11/131072 files (0.0% non-contiguous), 26156/524288 blocks ``` - + 4. Create a volume label for the new EXT4 volume using the `tune2fs` program. Type: - + ```bash [root@localhost root]# tune2fs -L scratch2 /dev/scratch/scratch2 ``` - + 5. Use `lsblk` to view information about `/dev/scratch/scratch2`. Type: - + ```bash [root@localhost ~]# lsblk -o name,size,label /dev/scratch/scratch2 NAME SIZE LABEL scratch-scratch2 2G scratch2 ``` - + 6. Check the XFS file system on the scratch3 volume. Type: - + ```bash [root@localhost ~]# fsck -Cfp /dev/scratch/scratch3 fsck from util-linux 2.* /usr/sbin/fsck.xfs: XFS file system. ``` - -## Exercise 3 -The previous exercises walked through preparing a block/storage device for use on a system. After going through all the motions of partitioning, formatting and so on, the final step in making the file system available to users for storing data is known as mounting. +## Exercise + +The previous exercises walked through preparing a block/storage device for use on a system. After going through all the motions of partitioning, formatting and so on, the final step in making the file system available to users for storing data is known as mounting. This exercise will cover how to `mount` and `umount` the file systems that we created in the previous exercise. ### `mount` -The `mount` command is used for attaching the filesystem created on a device to the file hierarchy. +The `mount` command is used for attaching the filesystem created on a device to the file hierarchy. #### To mount an VFAT file system 1. Log into the system as a user with administrative privileges. 2. Create a folder named `/mnt/10gb-scratch1-partition`. This folder will be used at the mount point for the scratch1 file system. Type: - + ```bash [root@localhost ~]# mkdir /mnt/10gb-scratch1-partition ``` - + 3. Mount the partition. Type: - + ```bash [root@localhost ~]# mount /dev/loop0p1 /mnt/10gb-scratch1-partition ``` - + 4. Use the `mount` command to display all VFAT file systems on the system. Use grep to filter the output for the word `scratch`. Type: - + ```bash [root@localhost ~]# mount -t vfat | grep scratch ``` 5. Use the `df` command to view a report of the file system disk space usage on the server. Type: - + ```bash [root@localhost ~]# df -ht vfat | grep scratch ``` - + 6. Use the `--bind` option with the `mount` command to make the `/mnt/10gb-scratch1-partition` file-system also appear under a simpler or more user friendly name/path such as `/mnt/scratch1`. Type: - + ```bash [root@localhost ~]# mount --bind /mnt/10gb-scratch1-partition /mnt/scratch1 ``` - + 7. Use the `df` command again to view the effect of the bind mount. - + #### To mount a EXT4 file system 1. Create a folder named `/mnt/2gb-scratch2-volume`. This folder will be used at the mount point for the scratch2 volume. Type: - + ```bash [root@localhost ~]# mkdir /mnt/2gb-scratch2-volume ``` - + 2. Mount the partition. Type: - + ```bash [root@localhost ~]# mount /dev/scratch/scratch2 /mnt/2gb-scratch2-volume ``` 3. Use the `mount` command to display all EXT4 file systems on the system. Type: - + ```bash [root@localhost ~]# mount -t ext4 ``` - -4. Ensure that the mount point has the right permissions for allowing all system users can write to the mounted volume, by running: - + +4. Ensure that the mount point has the right permissions for allowing all system users can write to the mounted volume, by running: + ```bash [root@localhost ~]# chmod 777 /mnt/2gb-scratch2-volume ``` - + 5. Use the `df` command to view a report of the file system disk space usage on the server. #### To mount a XFS file system 1. Create a folder named `/mnt/8gb-scratch3-volume`. This will be the mount point for the scratch3 file system. Type: - + ```bash [root@localhost ~]# mkdir /mnt/8gb-scratch3-volume ``` - + 2. Mount the partition. Type: - + ```bash [root@localhost ~]# mount /dev/scratch/scratch3 /mnt/8gb-scratch3-volume ``` 3. Use the `mount` command to display all XFS file systems on the system. Type: - + ```bash [root@localhost ~]# mount -t xfs | grep scratch ``` - + 4. Use the `df` command to view a report of the file system disk space usage on the server. #### To make file system mounts persistent -1. Use the `cat` command to review the current contents of the `/etc/fstab` file. +1. Use the `cat` command to review the current contents of the `/etc/fstab` file. 2. Before making any changes, backup the `/etc/fstab` file. Type: - + ```bash [root@localhost ~]# cp /etc/fstab /etc/fstab.copy ``` - + 3. Using a text editor, carefully append the following new entries in the `/etc/fstab` file for the 3 file systems that we created earlier. - + The new entries are: ```bash @@ -1030,9 +1043,9 @@ The `mount` command is used for attaching the filesystem created on a device to /dev/scratch/scratch2 /mnt/2gb-scratch2-volume ext4 defaults,nofail 0 0 /dev/scratch/scratch3 /mnt/2gb-scratch3-volume xfs defaults,nofail 0 0 ``` - + We'll use the BASH heredoc method below to create the entries. Carefully type: - + ```bash [root@localhost ~]# cat >> /etc/fstab << EOF /dev/loop0p1 /mnt/10gb-scratch1-partition auto defaults,nofail 0 0 @@ -1040,17 +1053,17 @@ The `mount` command is used for attaching the filesystem created on a device to /dev/scratch/scratch3 /mnt/8gb-scratch3-volume xfs defaults,nofail 0 0 EOF ``` - -4. With real disk or storage devices, the previous steps will be enough to make the system automatically and correctly mount all the new file systems and apply any special mount options. - + +4. With real disk or storage devices, the previous steps will be enough to make the system automatically and correctly mount all the new file systems and apply any special mount options. + BUT, because we've been using special pseudo-block devices (loop devices) in this lab, we must complete an additional important task to ensure that the correct loop devices are automatically recreated after the system reboots. - + To do this we'll create a custom systemd service unit to help with this. - + Use any text editor that you are comfortable with to create the `/etc/systemd/system/loopdevices.service` file. - - Enter the following text in the file. - + + Enter the following text in the file. + ```bash [Unit] Description=Activate loop devices @@ -1067,42 +1080,42 @@ The `mount` command is used for attaching the filesystem created on a device to [Install] WantedBy=local-fs.target ``` - + Ensure you save your changes to the file. - + 5. Use the `systemctl` command to enable the new loopdevice service. Type: - + ```bash [root@localhost ~]# systemctl enable loopdevices.service ``` - + 6. Try starting the service to ensure that it starts successfully. Type: - + ```bash [root@localhost ~]# systemctl start loopdevices.service ``` If it starts without any errors, you can now go on to the next step where you'll do the real test of rebooting the system. - + 7. Reboot the system and ensure everything works fine and that the new file systems got mounted automatically. ## Exercise 4 -**Preamble:** +**Preamble:** -For no good reason, the user named “unreasonable” has decided to create an extremely LARGE file on a system shared with other users!! +For no good reason, the user named “unreasonable” has decided to create an extremely LARGE file on a system shared with other users!! The file has taken up a lot of space on the local hard disk. As an administrator, you can find and delete the offending file and carry on with your day and hope it's a one time occurrence, OR you can find and delete the file to free up disk space and devise a plan to prevent a reoccurrence. We will attempt the latter solution in later exercise. -In the interim - +In the interim - >Unreasonable user strikes again! -#### To create the large file +### To create the large file -**Perform this exercise from your partner-system** +(**Perform this exercise from your partner-system**) Unreasonable user accidentally notices that new ***scratch*** file systems have been made available on the server overnight. "This is great!" he says to himself. @@ -1115,35 +1128,37 @@ He then proceeds to fill up the volume with an arbitrarily large file. ```bash [unreasonable@localhost ~]$ df -h ``` - + 3. Proceed immediately to fill up the available shared file system with garbage. Type - + ```bash [unreasonable@localhost ~]$ dd if=/dev/zero \ of=/mnt/2gb-scratch2-volume/LARGE-USELESS-FILE.tar bs=10240 ``` + **OUTPUT** - ``` + + ```bash dd: error writing '/mnt/2gb-scratch2-volume/LARGE-USELESS-FILE.tar': No space left on device 187129+0 records in 187128+0 records out 1916194816 bytes (1.9 GB, 1.8 GiB) copied, 4.99021 s, 384 MB/s ``` - + 4. After kicking off the `dd` process, go for a walk and return when the command completes or when it errors out because it can’t go any further. Or go and find the Administrator and complain about the disk space being full on the system. -5. Explore further unreasonable/senseless/annoying things can be done on the system. You are ***unreasonable user***. +5. Explore further unreasonable/senseless/annoying things can be done on the system. You are ***unreasonable user***. -## Exercise 5 +## Exercise 5 ### Quotas -Implementing and enforcing the use of disk quotas provides a way to ensure that the system has enough disk space and that users stay within their allotted disk space. Before implementing quotas you need to: +Implementing and enforcing the use of disk quotas provides a way to ensure that the system has enough disk space and that users stay within their allotted disk space. Before implementing quotas you need to: -* Decide which partitions or volumes that you want to implement disk quotas on. -* Decide the level at which to enforce the quotas – i.e. per user, per group or both. -* Decide what your soft and hard limits will be. -* Decide what the grace periods will be (i.e. if there will be any at all). +- Decide which partitions or volumes that you want to implement disk quotas on. +- Decide the level at which to enforce the quotas – i.e. per user, per group or both. +- Decide what your soft and hard limits will be. +- Decide what the grace periods will be (i.e. if there will be any at all). *Hard Limit* @@ -1151,25 +1166,25 @@ The hard limit defines the absolute maximum amount of disk space that a user or *Soft Limit* -The soft limit defines the maximum amount of disk space that can be used. However, unlike the hard limit, the soft limit can be exceeded for a certain amount of time. That time is known as the grace period. +The soft limit defines the maximum amount of disk space that can be used. However, unlike the hard limit, the soft limit can be exceeded for a certain amount of time. That time is known as the grace period. *Grace Period* -The grace period is the time during which the soft limit may be exceeded. The grace period can be expressed in seconds, minutes, hours, days, weeks, or months, thus giving the system administrator a great deal of freedom in determining how much time to give users to get their disk usage below their soft limit. +The grace period is the time during which the soft limit may be exceeded. The grace period can be expressed in seconds, minutes, hours, days, weeks, or months, thus giving the system administrator a great deal of freedom in determining how much time to give users to get their disk usage below their soft limit. -These are the high-level steps involved in implementing quotas. +These are the high-level steps involved in implementing quotas. -* Installing the quota software -* Modifying the “/etc/fstab” file -* Remounting the file system(s) -* Running quotacheck -* Assigning quotas +- Installing the quota software +- Modifying the “/etc/fstab” file +- Remounting the file system(s) +- Running quotacheck +- Assigning quotas -The commands you will be using are: +The commands you will be using are: -`quotacheck`: +`quotacheck`: -Utility for checking and repairing quota files. +Utility for checking and repairing quota files. ```bash quotacheck [-gucbfinvdmMR] [-F ] filesystem|-a @@ -1206,7 +1221,7 @@ Tool for editing user quotas `repquota`: -Utility for reporting quotas. +Utility for reporting quotas. ```bash Usage: @@ -1241,47 +1256,49 @@ Tools used for turning filesystem quotas on and off quotaoff [ -avugp ] ``` -#### To install the quota software +#### To install the quota software + +1. While logged in as root, first check to see if the `quota-*.rpm` package is installed on your system. Type: -1. While logged in as root, first check to see if the `quota-*.rpm` package is installed on your system. Type: - ```bash [root@localhost ~]# rpm -q quota quota-* ``` - + !!! question - + What was your output? 2. IF you don't have the quote package installed on your system, use `dnf` to install it. #### To setup and configure quota -1. You have decided to implement EXT4 style quotas on the “/dev/rl/scratch2" volume. You have also decided to implement quotas both at the user and group level. +1. You have decided to implement EXT4 style quotas on the “/dev/rl/scratch2" volume. You have also decided to implement quotas both at the user and group level. 2. Review the `/etc/fstab` file with your editor of choice. Below is the relevant entry in the file before we make any changes to the file. - + ```bash [root@localhost ~]# grep scratch2 /etc/fstab ``` + **OUTPUT** - ``` + + ```bash /dev/scratch/scratch2 /mnt/2gb-scratch2-volume ext4 defaults 0 0 ``` - + 3. Make a backup of `/etc/fstab`. - + 4. As a part of implementing quotas, some new quota related mount options need to be added to the scratch2 volume entry. The scratch2 volume entry needs to be update to the new line here: - + ```bash /dev/scratch/scratch2 /mnt/2gb-scratch2-volume ext4 defaults,usrquota,grpquota 0 0 ``` - + You can either use your favorite text editor to make the change or use the `sed` utility as shown in the next step. - + 5. Use the `sed` utility to search for the line we want to change and make the update in place. Type: - + ```bash [root@localhost ~]# sudo sed -i \ '/^\/dev\/scratch\/scratch2/ s|.*|/dev/scratch/scratch2 /mnt/2gb-scratch2-volume ext4 defaults,usrquota,grpquota 0 0|'\ @@ -1291,29 +1308,31 @@ Tools used for turning filesystem quotas on and off 6. Use `grep` again to quickly review the file to ensure the correct change was made in `/etc/fstab`. 7. For the changes to `/etc/fstab` to become effective you'll need to do a few more things. First reload systemd-daemon, by running: - + ```bash [root@localhost ~]# systemctl daemon-reload ``` 8. Next remount the relevant file system. Type: - + ```bash [root@localhost ~]# mount -o remount /mnt/2gb-scratch2-volume ``` 9. Verify that the new mount options have been applied by checking the `/proc/mounts` file. Type: - + ```bash [root@localhost ~]# cat /proc/mounts | grep scratch2 ``` + **OUTPUT** - ``` + + ```bash /dev/mapper/rl-scratch2 /mnt/2gb-scratch2-volume ext4 rw,relatime,quota,usrquota,grpquota 0 0 ``` - + !!! tip - + You can also check the mount options that are in use for any file system by using the `mount` command. For the previous example you can view the mount options for the ext4 formatted scratch2 volume by running: ```bash @@ -1323,108 +1342,112 @@ Tools used for turning filesystem quotas on and off ``` /dev/mapper/scratch-scratch2 on /mnt/2gb-scratch2-volume type ext4 (rw,relatime,quota,usrquota,grpquota) ``` - + !!! question - + Write down the commands to separately `unmount` a given filesystem and then `mount` it back? -11. You now need to make the file system ready to support quotas. Create the quota files and also generate the table of current disk usage per file system. Type: - +10. You now need to make the file system ready to support quotas. Create the quota files and also generate the table of current disk usage per file system. Type: + ```bash [root@localhost ~]# quotacheck -avcug ``` + **OUTPUT** - ``` + + ```bash .... quotacheck: Scanning /dev/mapper/scratch-scratch2 [/mnt/2gb-scratch2-volume] done ...... quotacheck: Old file not found. quotacheck: Old file not found. ``` - + !!! question - + After the above command has executed you will notice two new files created under the “/mnt/2gb-scratch2-volume" directory. List the files here? - - + !!! tip - + To get up-to-date status of the quota file system you should run the `quotacheck -avcug` command periodically while quota is turned off on the file system. - -12. To enable user and group quotas on all the file systems specified in “/etc/fstab” type: - + +11. To enable user and group quotas on all the file systems specified in “/etc/fstab” type: + ```bash [root@localhost ~]# quotaon -av ``` - -#### To assign quotas to users -You have decided to assign a soft limit of 90 MB and a hard limit of 100 MB for each user on the system with a grace period of 5 minutes. +#### To assign quotas to users -This means that all users for which we apply the quota cannot exceed the hard limit of 100 MB, but they have about 5 minutes to exceed their soft limit of 90 MB but still stay under their hard limit. +You have decided to assign a soft limit of 90 MB and a hard limit of 100 MB for each user on the system with a grace period of 5 minutes. + +This means that all users for which we apply the quota cannot exceed the hard limit of 100 MB, but they have about 5 minutes to exceed their soft limit of 90 MB but still stay under their hard limit. + +1. You will create the limits using a prototype user. The user called “me” will be your prototype user. Use the `edquota` command to create the limits. Type: -1. You will create the limits using a prototype user. The user called “me” will be your prototype user. Use the `edquota` command to create the limits. Type: - ```bash [root@serverXY root]# edquota -u me ``` - The above command will bring up your default editor with the contents below: - + + The above command will bring up your default editor with the contents below: + ```bash Disk quotas for user me (uid 1001): Filesystem blocks soft hard inodes soft hard /dev/mapper/scratch-scratch2 0 0 0 0 0 0 ``` - - Modify/edit the above file (the 3rd line) to reflect the limits you want. Change the file to read: - + + Modify/edit the above file (the 3rd line) to reflect the limits you want. Change the file to read: + ```bash Disk quotas for user me (uid 1001): Filesystem blocks soft hard inodes soft hard /dev/mapper/scratch-scratch2 0 90000 100000 0 0 0 ``` - + Save your changes to the file and close it. - -2. You will create the grace period using the `-t` option with the `edquota` command. Type: + +2. You will create the grace period using the `-t` option with the `edquota` command. Type: ```bash [root@serverXY root]# edquota -t ``` - - This command will bring up your default editor with the contents similar to the one shown below: - + + This command will bring up your default editor with the contents similar to the one shown below: + ```bash Grace period before enforcing soft limits for users: Time units may be: days, hours, minutes, or seconds Filesystem Block grace period Inode grace period /dev/mapper/scratch-scratch2 7days 7days ``` - - Edit the above file (the 4th line) to reflect the grace period you want. - - Change the file to read: - + + Edit the above file (the 4th line) to reflect the grace period you want. + + Change the file to read: + ```bash Grace period before enforcing soft limits for users: Time units may be: days, hours, minutes, or seconds Filesystem Block grace period Inode grace period /dev/mapper/scratch-scratch1 5minutes 7days ``` - + 3. Next apply the settings you have configured for the prototype user “me” to the users “ying” and “unreasonable”. Type: - + ```bash [root@localhost ~]# edquota -p me -u ying unreasonable ``` - -4. To get a status report for all quotas you have enabled, Type: - + +4. To get a status report for all quotas you have enabled, Type: + ```bash [root@localhost ~]# repquota /mnt/2gb-scratch2-volume ``` + **OUTPUT** - ``` + + ```bash *** Report for user quotas on device /dev/mapper/scratch-scratch2 Block grace time: 00:05; Inode grace time: 7days Block limits File limits @@ -1433,65 +1456,67 @@ This means that all users for which we apply the quota cannot exceed the hard li root -- 20 0 0 2 0 0 unreasonable +- 1871288 90000 100000 00:04 1 0 0 ``` - + !!! Question - + From the output above under the grace column for user `unreasonable`, how much grace period does the user have left? - + 5. From the report, you notice that unreasonable user has exceeded their quota limits on the server. You search for the offending file and help unreasonable user "clean it up" and get them back in compliance. Type: - + ```bash [root@localhost ~]# rm -rf /mnt/2gb-scratch2-volume/LARGE-USELESS-FILE.tar ``` - -6. Use the `su` command to temporarily assume the identity of the `unreasonable` user and try creating additional files or directories as that user. Type: - + +6. Use the `su` command to temporarily assume the identity of the `unreasonable` user and try creating additional files or directories as that user. Type: + ```bash [root@localhost ~]# su - unreasonable ``` 7. While logged on as the user unreasonable, you check and notice that the `/mnt/2gb-scratch2-volume/LARGE-USELESS-FILE.tar` file that you created in a previous exercise is missing! Irritated you decide to create it again. Type: - + ```bash [unreasonable@localhost ~]$ dd if=/dev/zero of=/mnt/2gb-scratch2-volume/LARGE-USELESS-FILE.tar bs=10240 ``` + **OUTPUT** - ``` + + ```bash ...... dd: error writing '/mnt/2gb-scratch2-volume/LARGE-USELESS-FILE.tar': Disk quota exceeded 10001+0 records in 10000+0 records out 102400000 bytes (102 MB, 98 MiB) copied, 0.19433 s, 527 MB/s ``` - - Hmmmm...interesting you mutter. - + + Hmmmm...interesting you mutter. + 8. Try creating a folder called test under /mnt/2gb-scratch2-volume/. An empty folder should not take up or use a lot of disk space and so you type: - + ```bash [unreasonable@localhost ~]$ mkdir /mnt/2gb-scratch2-volume/test mkdir: cannot create directory ‘/mnt/2gb-scratch2-volume/test’: Disk quota exceeded ``` - + 9. Check the size of the LARGE-USELESS-FILE.tar file. Type: - + ```bash [unreasonable@localhost ~]$ ls -l /mnt/2gb-scratch2-volume/LARGE-USELESS-FILE.tar -rw-rw-r-- 1 unreasonable unreasonable 102400000 Oct 5 19:37 /mnt/2gb-scratch2-volume/LARGE-USELESS-FILE.tar ``` !!! Question - + What happened? - + 10. Frustrated with ignorance the unreasonable user types: - + ```bash [unreasonable@localhost ~]$ man quota ``` - + !!! Note - + The “unreasonable” user will be forced to do something about the “LARGE-USELESS-FILE.tar” that he created. Until that user brings his total file size under his limit he will not be able to do a whole lot else. - + 11. All done with this lab on Linux file systems. diff --git a/docs/labs/systems_administration_II/lab7-the_linux_kernel.md b/docs/labs/systems_administration_II/lab7-the_linux_kernel.md index 193d542f98..43887ba8aa 100644 --- a/docs/labs/systems_administration_II/lab7-the_linux_kernel.md +++ b/docs/labs/systems_administration_II/lab7-the_linux_kernel.md @@ -10,7 +10,7 @@ tags: # Lab 7: The Linux kernel -## Objectives +## Objectives After completing this lab, you will be able to: @@ -60,7 +60,7 @@ Modules are shared object files (with names like module_name.o, module_name.ko e Modules are chunks of kernel code which may or may not be included directly in the kernel. They are compiled separately and can be inserted and removed from the running kernel at anytime. Modern systems make extensive use of loadable module support. Loadable modules offer various advantages such: 1. It reduces the overall size of the final kernel image - since they are not strictly a part of the - running kernel. + running kernel. 2. It saves RAM - they are only loaded into RAM when needed Some modules need to be directly compiled into the kernel while it is okay to make others separate loadable modules. @@ -90,36 +90,37 @@ In this exercise you will directly upgrade your kernel using the rpm application 1. Ensure you are logged into the system as root. 2. Run the `rpm` utility to list all kernel packages currently installed on the system. Type: - + ``` { .sh data-copy="rpm -q kernel" } - $ rpm -q kernel + rpm -q kernel ``` 3. Execute the `uname` utility to view some information about the current running kernel. Type: - + ``` { .bash data-copy="uname --kernel-release" } - $ uname --kernel-release + uname --kernel-release 5.*.el9_8.x86_64 ``` Make a note of the version/release number in your output. - + 4. Use `dnf` to download the latest kernel package available from the official Rocky Linux package repository. Type: - + ```bash - $ dnf download kernel + dnf download kernel ``` + You should now have an RPM package with a name similar to kernel-*.x86_64.rpm saved in your PWD. - + 5. Use `rpm` again to query the downloaded package for more information about itself. Type: - + ```bash [root@localhost ~]# rpm -qip kernel-*.x86_64.rpm ``` 6. Use `rpm` to do a test install of the downloaded kernel*.rpm to ensure that all its dependencies will be met. Type: - + ```bash $ rpm --test -ivh kernel-*.x86_64.rpm @@ -127,49 +128,49 @@ In this exercise you will directly upgrade your kernel using the rpm application kernel-core-uname-r = *.x86_64 is needed by kernel-*.x86_64 kernel-modules-uname-r = *.x86_64 is needed by kernel-*.x86_64 ``` - + From the output we can see that the package has unmet dependencies. - + 7. Use `dnf` to download the needed dependencies reported in the previous error message. Type: - + ```bash - $ dnf download kernel-core-uname-r kernel-modules-uname-r + dnf download kernel-core-uname-r kernel-modules-uname-r ``` - -8. Run `rpm` with the test option again to see if the kernel package can be upgraded. Type: - + +8. Run `rpm` with the test option again to see if the kernel package can be upgraded. Type: + ```bash $ rpm --test -Uvh kernel-*.rpm Verifying... ################################# [100%] Preparing... ################################# [100%] ``` - + Everything looks good this time! - -9. Finally use `rpm` to install the kernel package along with all its dependencies. Type: - + +9. Finally use `rpm` to install the kernel package along with all its dependencies. Type: + ```bash - $ sudo rpm -ivh kernel-*.rpm + sudo rpm -ivh kernel-*.rpm ``` 10. Use `rpm` to list all the installed kernel packages on your system. - + !!! Question - + What is different between the output of the rpm -q kernel command - before and after you installed the new kernel? - -12. We are done with using RPM to manage kernel packages on the system directly. + +11. We are done with using RPM to manage kernel packages on the system directly. Uninstall the latest kernel package that you downloaded and installed. For this, you'll need to specify the exact and correct name-epoch-version-release-architecture (NEVRA) info for the kernel and its associated dependencies that you want to uninstall. Type: - + ```bash [root@localhost ~]# rpm -e \ kernel- \ kernel-core- \ kernel-modules- ``` - + ## Exercise 2 ### Upgrade from the package repository @@ -181,37 +182,37 @@ In this exercise you will upgrade your kernel using the `dnf` application. DNF i 1. Ensure you are logged into the system as root. 2. Use `dnf` to list all kernel packages installed on the system as well as kernel packages available on the remote package repository. TYpe: - + ```bash [root@localhost ~]# dnf list kernel ``` 3. Use the `dnf` program to check for any updated kernel packages available. Type: - + ```bash [root@localhost ~]# dnf check-update kernel ``` - + You may or may not see any available kernel package updates on your system; Your output depends on how recently you updated the entire system. - + 4. If you see a new version of the kernel listed as being available, you can use `dnf` to query the remote repository for more information about the package by running: - + ```bash [root@localhost ~]# dnf info kernel --available ``` 5. Use `dnf` to automatically find, download, and install the latest kernel package available in the remote package repository. Type: - + ```bash [root@localhost ~]# dnf -y update kernel ``` 6. Now list the installed kernel packages. Type: - + ```bash [root@localhost ~]# dnf list kernel --installed ``` - + ## Exercise 3 ### Upgrade the kernel from source @@ -221,71 +222,72 @@ In this exercise you will build a new kernel from source, by configuring, compil #### To upgrade the kernel from source !!! note "Notes" - + The kernel version used in this exercise was the latest available at the time. The latest version available at the time you are reading this material may be different. An asterisk (*) has been used to denote the particular kernel version used. You will need to replace the "*" with the specific version you are using. For example, assuming the kernel version used in the steps below was - 6.6.13.4 - the kernel will be referred to as version 6.6.* - + 1. Log into the system as a user with Administrative privileges. -2. Install needed development tools. Type: - +2. Install needed development tools. Type: + ```bash - $ sudo dnf -y groupinstall 'Development Tools' + sudo dnf -y groupinstall 'Development Tools' ``` 3. Install the needed libraries and tools. Type: - + ```bash - $ sudo dnf -y install ncurses-devel bc openssl-devel elfutils-libelf-devel python3 dwarves + sudo dnf -y install ncurses-devel bc openssl-devel elfutils-libelf-devel python3 dwarves ``` 4. Download the latest kernel source by typing: - + ```bash [root@localhost ~]# curl -L -o linux-6.5.7.tar.xz \ https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.5.7.tar.xz ``` - + Note that linux-6.5.7.tar.xz just happens to be the latest kernel available at time of this writing. You should substitute linux-6.5.7.tar.xz or linux-6.*.tar.xz with whatever version of the kernel that you choose to follow along this exercise with. - -6. Unpack the kernel tarball into your pwd. Type: - + +5. Unpack the kernel tarball into your pwd. Type: + ```bash [root@localhost ~]# tar xvJf linux-6.*.tar.xz ``` - + The tar command will create a new directory called: “linux-6.*” under your PWD. - -7. List the contents of the new kernel source directory -8. Change (cd) into the kernel source directory. Type: - +6. List the contents of the new kernel source directory + +7. Change (cd) into the kernel source directory. Type: + ```bash - $ cd linux-6.5.7 + cd linux-6.5.7 ``` -9. Clean (prepare) the kernel build environment by using the `make mrproper` command. Type: - +8. Clean (prepare) the kernel build environment by using the `make mrproper` command. Type: + ```bash - $ make O=~/build/kernel mrproper + make O=~/build/kernel mrproper ``` -10. Copy over and rename the preexisting configuration file from the /boot directory into our kernel build environment: - +9. Copy over and rename the preexisting configuration file from the /boot directory into our kernel build environment: + ```bash - $ cp /boot/config-`uname -r` ~/build/kernel/.config + cp /boot/config-`uname -r` ~/build/kernel/.config ``` -11. Launch the graphical kernel configuration utility. Type: - +10. Launch the graphical kernel configuration utility. Type: + ```bash - $ make O=~/build/kernel menuconfig + make O=~/build/kernel menuconfig ``` + A screen similar to this will appear: - + ![Kernel Configuration File Systems screen](images/lab2-il01-kernel.png) - + !!! Note - + The kernel configuration screen that appears is divided into roughly three areas: 1. The top part shows various helpful information, keyboard shortcuts, and legends that can help you navigate the application. @@ -293,26 +295,26 @@ In this exercise you will build a new kernel from source, by configuring, compil 2. The main body of the screen shows an expandable tree-structured list of the overall configurable kernel options. You can further drill down into items with arrows in the parent to view and/or configure sub-menu (or child) items. 3. Finally, the bottom of the screen displays the actual actions/options that the user can choose. - -12. For demonstration purposes you'll add Btrfs filesystem support to the new kernel. + +11. For demonstration purposes you'll add Btrfs filesystem support to the new kernel. In the main configuration screen, use your arrow keys to navigate to and highlight the File systems item. - With File systems selected, press ENTER to view the sub-menu or child items for File systems. - + With File systems selected, press ++enter++ to view the sub-menu or child items for File systems. + In the File Systems section, use your arrow keys to navigate to *Btrfs filesystem support*. - -13. With *Btrfs filesystem support* highlighted, press `y` to include support for `btrfs` in the custom kernel. + +12. With *Btrfs filesystem support* highlighted, press `y` to include support for `btrfs` in the custom kernel. When you are done, an asterisk symbol (*) should appear beside the highlighted option. The final screen should look like the one shown here: - + ![Kernel Configuration File Systems screen](images/lab2-il02-kernel.png) - -14. Return to the main kernel configuration screen by pressing ESC twice on your keyboard. -15. Exit the kernel configuration application by pressing ESC twice again on your keyboard. +13. Return to the main kernel configuration screen by pressing ++escape++ twice on your keyboard. + +14. Exit the kernel configuration application by pressing ++escape++ twice again on your keyboard. Exiting the kernel configurator will force saving your changes to the .config file in the root of the kernel source tree. - -16. A dialog box will appear prompting you to save your new configuration. Ensure that Yes is selected and then press ENTER. -17. After the kernel configuration utility exits, you will be thrown back to your shell—inside the kernel source tree. - + +15. A dialog box will appear prompting you to save your new configuration. Ensure that Yes is selected and then press ++enter++. +16. After the kernel configuration utility exits, you will be thrown back to your shell—inside the kernel source tree. + !!! Tip To view the results of some of the changes you made using the `menuconfig` tool, use the grep utility to view the .config @@ -323,104 +325,106 @@ In this exercise you will build a new kernel from source, by configuring, compil CONFIG_BTRFS_FS=y ``` - -18. Let's optimize the kernel build time and also reduce the amount of disk space used during the kernel compile stage. By setting `CONFIG_DEBUG_INFO=no`, the resulting kernel image will NOT include debugging info thereby resulting in a smaller kernel image. This removes debugging symbols from the built kernel and modules. Type: - - ```bash + +17. Let's optimize the kernel build time and also reduce the amount of disk space used during the kernel compile stage. By setting `CONFIG_DEBUG_INFO=no`, the resulting kernel image will NOT include debugging info thereby resulting in a smaller kernel image. This removes debugging symbols from the built kernel and modules. Type: + + ```bash $ ./scripts/config --file ~/build/kernel/.config -d DEBUG_INFO \ -d DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT -d DEBUG_INFO_DWARF4 \ -d DEBUG_INFO_DWARF5 -e CONFIG_DEBUG_INFO_NONE ``` - -19. Complete another important step for custom Kernels on Rocky Linux distribution. Type: - + +18. Complete another important step for custom Kernels on Rocky Linux distribution. Type: + ```bash - $ sed -ri '/CONFIG_SYSTEM_TRUSTED_KEYS/s/=.+/=""/g' ~/build/kernel/.config + sed -ri '/CONFIG_SYSTEM_TRUSTED_KEYS/s/=.+/=""/g' ~/build/kernel/.config ``` - -20. Add a simple customization to the new kernel, allowing you to distinguish it from the other stock Kernels more easily. For this, use the `sed` utility to edit the Makefile in place. Type: - + +19. Add a simple customization to the new kernel, allowing you to distinguish it from the other stock Kernels more easily. For this, use the `sed` utility to edit the Makefile in place. Type: + ```bash - $ sed -i 's/^EXTRAVERSION.*/EXTRAVERSION = -custom/' Makefile + sed -i 's/^EXTRAVERSION.*/EXTRAVERSION = -custom/' Makefile ``` - -21. Verify the full version of the kernel that you just customized by passing the `kernelversion` target to the `make` command. Type: - + +20. Verify the full version of the kernel that you just customized by passing the `kernelversion` target to the `make` command. Type: + ```bash - $ make O=~/build/kernel kernelversion + make O=~/build/kernel kernelversion ``` - + OUTPUT: - ``` + + ```bash make[1]: Entering directory '/home/rocky/build/kernel' 6.5.7-custom make[1]: Leaving directory '/home/rocky/build/kernel' ``` - -22. You are ready to compile the kernel. Type: - + +21. You are ready to compile the kernel. Type: + ```bash - $ sudo make O=~/build/kernel -j $(nproc) + sudo make O=~/build/kernel -j $(nproc) ``` - + OUTPUT: - ``` + + ```bash make[1]: Entering directory '/root/build/kernel' SYNC include/config/auto.conf.cmd GEN Makefile HOSTCC scripts/kconfig/conf.o ... ``` - -23. After the compilation completes successfully, you'll end up with the finished kernel stored here: - + +22. After the compilation completes successfully, you'll end up with the finished kernel stored here: + ```bash ~/build/kernel/arch/x86/boot/bzImage ``` -24. Install the portions of the kernel that were configured as modules. Type: - +23. Install the portions of the kernel that were configured as modules. Type: + ```bash - $ sudo make O=~/build/kernel modules_install + sudo make O=~/build/kernel modules_install ``` - -25. With the kernel now built it's time to install it. Type: - + +24. With the kernel now built it's time to install it. Type: + ```bash - $ sudo cp ~/build/kernel/arch/x86/boot/bzImage \ + sudo cp ~/build/kernel/arch/x86/boot/bzImage \ /boot/vmlinuz- ``` - + Replace with the version number of your custom kernel. For the sample kernel we are using in this guide, the filename would be vmlinuz-6.*-custom. So here’s the exact command for this example: - + ```bash sudo cp ~/build/kernel/arch/x86/boot/bzImage /boot/vmlinuz-6.5.7-custom ``` - -26. Copy over and rename the corresponding System.map file into the /boot directory using the same naming convention: - + +25. Copy over and rename the corresponding System.map file into the /boot directory using the same naming convention: + ```bash - $ sudo cp -v ~/build/kernel/System.map /boot/System.map-6.5.7-custom + sudo cp -v ~/build/kernel/System.map /boot/System.map-6.5.7-custom ``` -27. Use the `kernel-install` utility to complete the file step. Type: - +26. Use the `kernel-install` utility to complete the file step. Type: + ```bash - $ sudo kernel-install add 6.5.7-custom /boot/vmlinuz-6.5.7-custom + sudo kernel-install add 6.5.7-custom /boot/vmlinuz-6.5.7-custom ``` - -28. The `kernel-install` utility will create a new boot entry in the boot loader configuration file. For EFI based systems you can look under /boot/loader/entries/ for matching entries. - -29. Run the grubby program to view the default kernel for the server. Type: - - ``` - $ sudo grubby --default-kernel + +27. The `kernel-install` utility will create a new boot entry in the boot loader configuration file. For EFI based systems you can look under /boot/loader/entries/ for matching entries. + +28. Run the grubby program to view the default kernel for the server. Type: + + ```bash + sudo grubby --default-kernel ``` -30. All done. Moment of truth now. The latest kernel will likely be configured as the new default kernel to boot into. If you have access to the system's console you can reboot your system and select the new custom Kernel in the GRUB boot menu. +29. All done. Moment of truth now. The latest kernel will likely be configured as the new default kernel to boot into. If you have access to the system's console you can reboot your system and select the new custom Kernel in the GRUB boot menu. If all goes well after the reboot, you can verify that system is running the custom kernel by running the `uname` command like this: - + ```bash - $ uname -r + uname -r ```