Linux/Unix 1: The Unix File System Lesson 1: Get t ing St art ed How to Learn using O'Reilly School of Technology Courses Getting Started Using the CodeRunner Lesson 2: List ing Files Listing Files Getting more information Wild Cards Handing in a Quiz or Objective Lesson 3: File Permissions File Permissions So What About Those Other Characters? Another Way to Change Permissions Lesson 4: Basic File Manipulat ion Basic File Manipulation Copying files Moving Files Deleting Files Creating and Removing Directories Copying into Directories Handing in Objectives Lesson 5: Connect ing t o t he Useract ive Access Server The Hottub Access Server Connecting to hottub Lesson 6: Text Edit ors The Need for a Text Editor What is Emacs? Command Keys and the Emacs Window Other Text Editors Pico Vi Lesson 7: Shells What is a Shell? Bash Command History Dot Files Aliases Login Files PATH and Other Environment Variables Lesson 8: Syst em Inf o W Uname Lesson 9: Unix Pipes and Grep Grep Output Redirection Lesson 10: Unix Regular Expressions Regular Expressions . * ^ and $ Lesson 11: Odds and Ends

More or Less Head and Tail Man Locate Find Lesson 12: Links Hard Links More About Hard Links Symbolic Links Lesson 13: Processes Processes Parent and Child Processes Backgrounding a Process Lesson 14: Tar and Gzip Tar and Gzip Tar Gzip Lesson 15: The Super User The Super User Accessing your Bubble machine su Lesson 16: SSH What is SSH? Using SSH Installing SSH on your bubble SSHD rc.local SCP Lesson 17: Syslog System Logs Sample Log Files and Entries Log File Example Syslog.conf Keeping track of user logins Other log files Lesson 18: Cron Cron Crontab More on Redirecting Output Editing your Crontab Lesson 19: Managing Users User Accounts The Password File The Shadow File The Group File Adding Accounts Removing Accounts Copyright © 1998-2014 O'Reilly Media, Inc. This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Getting Started How to Learn using O'Reilly School of T echnology Courses Welco me to O'Reilly Scho o l o f Techno lo gy (OST) System Administratio n Co urse. The best way to learn a new skill o r techno lo gy is to experiment. The mo re yo u experiment, the mo re yo u learn. Our learning system is designed to enco urage experimentatio n and help yo u learn how to learn system administratio n. Here are so me tips fo r using it effectively: Le arn in yo ur o wn vo ice Wo rk thro ugh yo ur o wn ideas and listen to yo urself in o rder to learn yo ur new skill. We want yo u to facilitate yo ur o wn learning, so we avo id lengthy video o r audio streaming, and keep spurio us animated demo nstratio ns to a minimum. T ake yo ur t im e Learning takes time and rushing can have negative effects o n yo ur pro gress. By taking yo ur time, yo u will try new things and learn mo re. Even if yo u have so me experience yo u will be surprised what new co ncepts o r new ways to lo o k at the Linux wo rld yo u may disco ver. Cre at e yo ur o wn e xam ple s and de m o nst rat io ns In o rder to understand a co mplex co ncept, yo u need to understand its vario us parts. We will help yo u by o ffering guidance as yo u create a demo nstratio n piece by piece. Expe rim e nt wit h yo ur ide as and que st io ns Yo u are enco uraged to wander fro m the path o ften to explo re po ssibilities! We can no t po ssibly anticipate all o f yo ur questio ns and ideas, so it is up to yo u to experiment and create o n yo ur o wn. Acce pt guidance , but do no t de pe nd o n it Try to o verco me difficulties o n yo ur o wn. Go ing fro m misunderstanding to understanding o n yo ur o wn is the best way to learn any new skill. Our go al is fo r yo u to use the techno lo gy independent o f us. Of co urse, yo u can always co ntact yo ur instructo r if yo u are o ut o f ideas. Cre at e REAL pro je ct s Real pro jects are mo re meaningful and rewarding to co mplete than simulated pro jects. They will help yo u to understand what is invo lved in real wo rld situatio ns. After each lesso n yo u will be given o bjectives and/o r quizzes so yo u can test yo ur new kno wledge.

Getting Started Fo r this class we will be using the Co derunner in yo ur web bro wser. This applicatio n allo ws yo u to co nnect to a remo te server running the Linux o perating system. A se rve r is a co mputer that se rve s files and services to o ther co mputers via a netwo rk. To access the OST server, use the username and passwo rd sent to yo u after signing up fo r the co urse.

Yo ur machine will send text characters to o ur server. Our server will send the resulting o utput back to yo ur co mputer. Our server has Linux installed as its o perating system. Linux is an alternative o perating system primarily used fo r server applicatio ns. Linux is Unix that can be run using Intel pro cesso rs. Yo u will be using Unix co mmands to co mmunicate with the Linux server. Yo u may still be wo ndering abo ut the differences between Unix and Linux. Unix was the o perating system develo ped by AT&T Bell labs back in the 70 's. Unix was develo ped primarily fo r use by guru pro grammers, making it so mewhat unfriendly fo r the casual user. At that time, Unix o nly ran o n expensive mainframe co mputers. In the early 9 0 's, a co mputer science student named Linus To rvalds develo ped a free versio n o f Unix at the University o f Helsinki. This new versio n co uld be used o n perso nal co mputers, much like the PC yo u pro bably have o n yo ur desk right no w. This new versio n o f Unix was called Linux. Fo r the purpo ses o f this co urse, we will use the terms interchangeably.

Using the CodeRunner The bo tto m half o f this bro wser windo w is called Co deRunner. Co deRunner is used to experiment with many types o f pro gramming languages. Whenever yo u are wo rking o n this co urse, yo u will be using the Unix terminal. Try selecting this butto n no w.

Yo u will be lo gged in auto matically o r yo u will be pro mpted to enter yo ur lo gin and passwo rd. If yo ur username appears but no o ther actio n takes place, click o n the Co deRunner with yo ur mo use and enter yo ur passwo rd. The characters o f yo ur passwo rd will no t appear o n the screen and the curso r will no t mo ve. Once yo u hit Enter yo u then be lo gged in the OST server. It sho uld lo o k so mething like this: Last login: Thu Dec 18 11:01:45 2008 from somewhere.over.the.rainbow.com cold:~$ Yo u will see info rmatio n telling yo u the last time yo u lo gged into yo ur shell and fro m where. The server is named co ld. All OST students have shells o n this server. A she ll is a place where yo u can execute Unix co mmands o n the server. The co mmands yo u execute within yo ur o wn shell will no t effect any o ther shell. co ld:~$ is called a co mmand pro mpt. If yo u see this, yo u're ready to execute Unix co mmands. If yo u do no t, please email yo ur instructo r so she can help yo u. When yo u are finished with yo ur sessio n, simply type e xit at the pro mpt. It sho uld lo o k so mething like this cold:~$ exit

Keep in mind that if yo ur sessio n is do rmant fo r lo nger that 6 0 minutes, yo u will be disco nnected auto matically fro m the server. Simply hit the Co nne ct in the middle o f the Co deRunner screen to lo gin again.

Note

If yo u are already familiar with a different telnet o r ssh client, feel free to use it. Be sure to use the ho stname co ld.use ract ive .co m to co nnect. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Listing Files Lesson Objectives To be able to navigate a directo ry structure using the ls and cd co mmands.

Listing Files In the last lesso n, yo u learned ho w to lo gin to yo ur shell o n the OST server. Go ahead and lo gin to yo ur shell no w. Yo ur shell co ntains all o f the files that yo u have saved to yo ur OST acco unt. To see a list o f these files, yo u will use the ls co mmand. Mo st Unix co mmands have very sho rt names. At first the co mmand names may no t make much sense to yo u, but they do have meaning. In this case ls stands fo r list stuff. So me peo ple say it is a sho rtened versio n o f list. Try using the ls co mmand. At the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ ls Objective1.txt cold:~$

cgi

index.html

Even if yo u have never saved anything to yo ur acco unt, yo u will have an inde x.ht m l file and a cgi directo ry. These are auto matically created when yo u register with OST. If yo u have taken o ther OST co urses yo u may have quite a few files. No tice that so me o f the "stuff" listed is blue(like cgi). The blue co lo ring means that it is a directo ry. Directo ries pro vide yo u with a way to o rganize yo ur files. Yo u can think o f a directo ry as a tree-like structure. The ro o t directo ry (referred to as just /) is the trunk o f the tree. Directo ries within the ro o t directo ry are the branches in which yo u can sto re o ther directo ries o r files. On co ld yo ur ho me directo ry is /users/username.

To navigate thro ugh the tree structure, yo u will use the cd co mmand. This stands fo r change directo ry. Yo u must fo llo w this co mmand with the name o f the destinatio n directo ry(where yo u want to go ). Try changing directo ries to the cgi directo ry and listing all o f the files in this directo ry. At the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ cd cgi cold:~/cgi$ ls ajaxlib.pl* cgi-lib.pl*

counter.pl*

guest.pl*

Yo u sho uld see a list o f all the files in yo ur cgi directo ry. Also , no tice that the co mmand pro mpt changed to co ld:~/cgi$ . This means yo u are wo rking in the cgi directo ry. If yo u want to get back to yo ur ho me directo ry fro m here, specify .. as yo ur destinatio n directo ry. The .. means that yo u want to back up o ne directo ry.

Do so me explo ring and see what is in the ro o t (/) directo ry. At the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ cd / cold:/$ ls bin mp var boot sers dev sr

etc

initrd

media

mnt2

root

software

t

home

lib

misc

opt

sbin

srv

u

mnt

proc

selinux

sys

u

httpd@

lost+found

Like the co mmands o f Linux, the names o f these directo ries and their co ntents have specific meaning. Part o f being a system administrato r is research. Try searching the web fo r the meaning o f so me o f these directo ries. Just lo o k aro und a bit to get used to using cd and ls. If yo u ever get lo st, yo u can be transpo rted back to yo ur directo ry instantly by typing cd with no destinatio n directo ry. Go ahead and do this no w.

Getting more information After yo u have finished explo ring, go back to yo ur cgi directo ry and list the files again. Yo u will be using the -l flag to get mo re info rmatio n abo ut these files. A f lag is an additio nal parameter given to a co mmand that gives it mo re specific instructio ns o n ho w to perfo rm its jo b. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~/cgi$ ls -l total 20 -rwxr-xr-x 1 username webusers -rwxr-xr-x 1 username webusers -rwxr-xr-x 1 username webusers -rwxr-xr-x 1 username webusers cold:~/cgi$

486 4433 2765 3182

Jun Jun Jun Jun

9 9 9 9

16:25 16:25 16:25 16:25

ajaxlib.pl* cgi-lib.pl* counter.pl* guest.pl*

In the first co lumn (the o ne that lo o ks like a bunch o f strange letters and dashes) are the file permissio ns fo r each file. Yo u will learn mo re abo ut permissio ns in the next lesso n. The seco nd co lumn gives yo ur username, o r the o wner o f the file o r directo ry, fo llo wed by the wo rd we buse rs, the gro up to which the file belo ngs. All OST students are part o f the webusers gro up. The third co lumn sho ws the size o f the file (in bytes), the date the file was last mo dified, and the file's name. There are so me o ther flags that can be used with the ls co mmand. One o f these flags allo ws yo u to see hidden files. By default, ls do es no t list files that start with a perio d (also called a do t). These are kno wn as dotfiles. We can fo rce these files and directo ries to be listed by specifying the -a flag. See if yo u can find the do tfile in yo ur ho me directo ry. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ ls -al total 392 drwxr-xr-x 4 drwxr-xr-x 1921 -rw------1 -rwxr-xr-x 1 drwxr-xr-x 2 -rwxr-xr-x 1 -rw-r--r-1 -rw-r--r-1 drwxr-xr-x 4 -rw-rw-r-1 drwx-----2 cold:~$

username root username username username username username username username username username

webusers root webusers webusers webusers webusers webusers webusers webusers webusers webusers

4096 151552 58 42 4096 334 557 0 4096 32768 4096

Jun 9 10:46 Jun 9 10:40 Jun 9 10:46 Jun 9 10:46 Jun 9 10:36 Jun 9 10:46 Jun 9 10:46 Jun 9 10:46 Mar 3 10:46 Jul 23 14:29 Jul 15 15:25

. .. .bash_history .bash_login* cgi .emacs* index.html Objective1.txt .php_files .psdevtab .ssh

If there are any do tfiles in yo ur ho me directo ry, they will be at the to p o f the list. At the very least yo u sho uld

have the do tfile .bash_hist o ry. The single do t (.) and do uble do t (..) directo ries represent the current directo ry and the parent directo ry respectively. This is why yo u can type cd .. to back up o ne directo ry. It is also impo rtant to no te that yo u can use a tilde (~) to represent yo ur ho me directo ry. cd back into yo ur cgi directo ry to see this in actio n. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~/cgi$ cd ~ cold:~$

Wild Cards If yo u have hundreds o f files in yo ur directo ry, the ls co mmand can return a lo t mo re info rmatio n than yo u care to see. Wild cards can be used to limit the amo unt o f info rmatio n displayed. cd into yo ur /usr/bin directo ry. There are two ways to do this: Type cd /, then type cd usr, and then type cd bin. Using this pro cess, yo u wo uldd have to type three separate co mmands. Type cd /usr/bin. Yo u can reach the same destinatio n using o nly o ne co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: cold:/usr/bin$ ls There are a lo t o f files in /usr/bin! What if yo u were lo o king fo r a file that started with the letter n (lo wercase N), but yo u co uld no t remember exactly what it was called? This is where a wild card can be helpful. The asterisk (*) is used to take the place o f any number o f characters.

Note

Keep in mind that Unix is case sensitive. This means that Unix can distinguish between upper and lo wer case letters.

After the co mmand pro mpt, type the fo llo wing co mmands: cold:/usr/bin$ ls n* Yo u sho uld see a list o f all the files that begin with the letter n. No w try this: After the co mmand pro mpt, type the fo llo wing co mmands: cold:/usr/bin$ ls n? nc* nl* nm* Do yo u see ho w ? wo rks? It stands fo r any single character. If yo u wanted to list the files called runt and runs, but no t running, yo u co uld use ls run?

Handing in a Quiz or Objective After yo u have read the lesso n yo u have yo ur first quiz to co mplete that allo ws yo u to demo nstrate the co ncepts yo u have learned. Under Lesso n 2 there is a Quiz 1 item. Click o n this to reveal the quiz questio ns. Be sure to scro ll do wn the page to make sure yo u have answered all questio ns. When yo u have finished, scro ll do wn the to p half o f the Co derunner screen and select the butto n that reads Hand in at the bo tto m right side o f the windo w. Yo u will use the same pro cedure to hand in o bjectives. Simply click o n the Hand In butto n to hand in any files created(Please do no t use the Dro p In bo x fo r this co urse.). This butto n will alert yo ur instructo r that yo ur wo rk is ready to be evaluated. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

File Permissions Lesson Objectives By the end o f this lesso n yo u will: Understand the differences between re ad, writ e , and e xe cut e file permissio ns. Understand the co ncept o f o wner/gro up/everyo ne access levels. Be able to mo dify permissio ns using the chm o d co mmand.

File Permissions Remember ho w ls -l displayed a bunch o f strange letters and dashes in the first field? Tho se characters are used to indicate f ile pe rm issio ns. Since Unix is a multi-user o perating system, it needs to keep track o f who has access to each file o therwise users wo uld be able mo dify o r delete o ne ano ther's files. Examine file permissio ns mo re clo sely. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ ls -l total 16 -rw-r--r-1 username drwxr-xr-x 2 username -rw-r--r-1 username

webusers webusers webusers

0 Dec 4096 Dec 557 Dec

6 10:40 Objective1.txt 6 10:36 cgi/ 6 10:36 index.html

Yo u already kno w that the files and directo ries in yo ur ho me directo ry are o wned by yo u and that they are part o f the webusers gro up. This gro up includes everyo ne who is enro lled in an OST co urse. If yo u o wn a file o r directo ry, yo u are allo wed to set permissio ns o n it fo r yo urself, yo ur gro up, and everyo ne else. These characters tell yo u the permissio ns fo r each catego ry. The first character will always be d, -, o r l. A d indicates a directo ry and a dash (-) indicates a file. An l indicates a link. Fo r no w, we will o nly fo cus o n directo ries and files. Yo u will learn mo re abo ut links in Lesso n 12. The next three characters are the permissio ns that the o wner has fo r the file o r directo ry. There are three po ssible permissio ns: (r)ead (w)rite, and e(x)ecute. If read permissio n are set the co ntents o f a file can be seen. Fo r directo ries read permissio ns allo w the co ntents, the files, within a directo ry to be seen, but yo u canno t cd into it. Read permissio ns also allo w the file o r directo ry to be co pied to ano ther lo catio n. Write permissio ns allo w editing o r deleting o f the co ntents o f a file o r directo ry. Execute permissio ns allo w a file to be executed. Fo r example, if the file is a pro gram script, it can be run. Execute permissio ns also allo w users to cd into a directo ry and list its co ntents. Try changing yo ur permissio ns o n the CGI directo ry. To change permissio ns yo u must use the chm o d co mmand. There are two ways to use this co mmand. Yo u will use the first metho d fo r the remainder o f this lesso n. At the end o f this lesso n, the seco nd metho d will be discussed. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ chmod u-x cgi cold:~$ cd cgi Yo u sho uld see the message that says bash: cgi: Pe rm issio n de nie d. Yo u were no t allo wed to cd into this directo ry. Yo u changed the m o de o f the directo ry fo r u. The execute permissio n was taken away (-x) fro m the cgi directo ry. Ho w do yo u think yo u wo uld give execute permissio n back to the file? After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ chmod u+x cgi cold:~$ cd cgi This time yo u sho uld have no tro uble using cd to enter yo ur cgi directo ry.

What if yo u wanted to remo ve all three permissio ns? (Make sure yo u are in yo ur ho me directo ry.) After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ chmod u-rwx cgi cold:~$ ls -l total 16 -rw-r--r-1 username d---r-xr-x 2 username -rw-r--r-1 username

webusers webusers webusers

0 Dec 4096 Dec 557 Dec

6 10:40 Objective1.txt 6 10:36 cgi/ 6 10:36 index.html

When yo u are finished, add read, write, and execute permissio ns back to yo ur cgi directo ry. Make sure yo ur permissio ns are exactly as they were o riginally.

So What About T hose Other Characters? The next three characters are the permissio ns the gro up has fo r the file o r directo ry. Remember, yo ur gro up is we buse rs. The final three characters are the permissio ns fo r all o ther peo ple. Here is an example o f permissio ns o n a file:

Try remo ving read permissio ns fo r the gro up and giving write and execute permissio ns to yo urself and o ther peo ple fo r yo ur index.html file. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ chmod guo-r,uo+wx cold:~$ ls -l total 16 -rw-r--r-1 username drwxr-xr-x 2 username --wx--x-wx 1 username

index.html webusers webusers webusers

0 Dec 4096 Dec 557 Dec

6 10:40 Objective1.txt 6 10:36 cgi/ 6 10:36 index.html*

No w, try visiting the URL ht t p://yo urdo m ain/inde x.ht m l o n the internet. Be sure to replace yo urdo m ain with use rnam e .o re illyst ude nt .co m . What happened? Yo u sho uld see the message that yo u are Fo rbidde n to view the page. This is because the web server that serves yo ur web pages is no t readable by any gro up. Change the permissio ns o f index.html back to their o riginal state. Then visit the URL again. Yo u sho uld see yo ur page displayed no w. So , no w that yo u kno w what permissio ns are, ho w do yo u set them fo r a file o r directo ry? Fo r mo st files (like HTML files), yo u will want to be sure that everyo ne (the o wner, the gro up, and all o ther peo ple) can read the file, but o nly yo u, the o wner, have permissio n to write to it. That permissio n wo uld lo o k like this: -rw-r--r-Ano ther co mmo n permissio n is -rw-------. This permissio n means yo u are the o nly perso n who can read and write to the file. Using rw is a go o d idea if yo u have a file that co ntains yo ur passwo rd. If yo u have a cgi script, yo u will pro bably want to make sure that the gro up (especially the server) and all o ther peo ple o n the internet can execute it. To do that, set the permissio ns to -rwxr-xr-x.

Another Way to Change Permissions

chm o d can use a numerical argument to symbo lize the permissio ns as well. The first digit is used to change the permissio ns o f the o wner, the seco nd digit is used to change the permissio ns o f the gro up, and the third digit is used to change the permissio ns o f all o ther peo ple.

To determine the number yo u need to use, yo u will have to use a little additio n. The sum o f the numbers represent the permissio n that will be set fo r the file: 4 = Re ad 2 = Writ e 1 = e Xe cut e To give the o wner read and write permissio ns, yo u wo uld add 2 + 4 , so the first digit wo uld be 6 . To give the gro up and all o ther peo ple read access o nly, the seco nd digit and third digit wo uld be 4 . The co mmand yo u wo uld use wo uld be: chm o d 6 4 4 f ile nam e .ht m l As a system administrato r, yo u will need to make sure that file permissio ns are set co rrectly in o rder to maintain security. Be sure yo u understand ho w to change permissio ns befo re mo ving o n to the next lesso n. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Basic File Manipulation Lesson Objectives To understand basic file and directo ry manipulatio n using cp, m v, rm , m kdir, rm -r.

Basic File Manipulation No w that yo u kno w ho w to change permissio ns o n yo ur files and directo ries, it is time to learn so me basic co mmands fo r manipulating files.

Copying files The cp co mmand is used to co py files fro m o ne lo catio n to ano ther. The cp co mmand requires at least two arguments: the so urce file and its destinatio n. Pro per syntax, o r structure, fo r this co mmand is: cp so urce destinatio n Let us say yo u have an impo rtant file that yo u want to edit. Befo re editing it, yo u sho uld create a co py (also kno wn as a backup). To do this, yo u use the co mmand cp f ile f ile .o ld. This creates a co py o f f ile called f ile .o ld in yo ur current directo ry. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ cd cgi cold:~/cgi$ ls ajaxlib.pl* cgi-lib.pl* counter.pl* cold:~/cgi$ cp counter.pl counter.pl.old cold:~/cgi$ ls ajaxlib.pl* cgi-lib.pl* counter.pl* guest.pl*

guest.pl* counter.pl.old*

No tice that yo u have indeed co pied the file. Yo u can always use the ls co mmand to ensure that the file was co pied. Yo u can also co py a file into a different directo ry by specifying a directo ry in yo ur destinatio n: cp so urce destinatio n_directo ry/co py_o f_file and yo u can specify mo re than o ne so urce file to be co pied into the destinatio n directo ry: cp so urce so urce destinatio n_directo ry/ In additio n, yo u can use wild cards and flags just as yo u did with the ls co mmand. Try to co py an entire directo ry using the -a flag with cp co mmand. At the co mmand pro mpt, type the fo llo wing co mmands: cold:~/cgi$ cd .. cold:~$ cp -a cgi cgi2 cold:~$ cd cgi2 cold:~$ ls ajaxlib.pl* cgi-lib.pl* guest.pl*

counter.pl*

counter.pl.old*

No tice that yo u have created a new directo ry called cgi2 and that the co ntents o f this directo ry are the same as the cgi directo ry.

Moving Files The m v co mmand is used to mo ve files fro m o ne lo catio n to ano ther. The m v co mmand allo ws yo u to mo ve a file o r to rename it.

After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ cd cgi cold:~/cgi$ ls ajaxlib.pl* cgi-lib.pl* counter.pl* guest.pl* cold:~/cgi$ mv counter.pl.old counter.pl.original cold:~/cgi$ ls ajaxlib.pl* cgi-lib.pl* counter.pl* al* guest.pl*

counter.pl.old*

counter.pl.origin

The file co unt e r.pl.o ld* no lo nger exists. It is no w called co unt e r.pl.o riginal*.

Deleting Files The rm co mmand is used to remo ve files. Be careful when remo ving files! Unix do es no t ask yo u fo r yo ur co nfirmatio n befo re deleting the file. It will be remo ved permanently. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~/cgi$ rm counter.pl.original cold:~/cgi$ ls ajaxlib.pl* cgi-lib.pl*

counter.pl*

guest.pl*

Creating and Removing Directories The m kdir co mmand is used to create a new directo ry. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ mkdir images cold:~$ ls Objective1.txt

cgi/

cgi2/

index.html

images/

Can yo u guess which co mmand is used to remo ve a directo ry? The rm dir co mmand can used to remo ve a directo ry. To use this co mmand to remo ve a directo ry, the directo ry must no t co ntain any files. Try remo ving the im age s directo ry. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ rmdir images cold:~$ ls Objective1.txt

cgi/

cgi2/

index.html

No w, what if yo u want to remo ve a directo ry, including all o f the files within that directo ry? Yo u wo uld need to use the rm co mmand. Try remo ving the cgi2 directo ry yo u created at the beginning o f this lesso n. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ rm -r cgi2 cold:~$ cd cgi2 bash: cgi2: No such file or directory No tice that we co uld no lo nger cd into the cgi2 directo ry. That is because it has been deleted. The r flag means recursive. The co mmand rm -r cgi2 remo ves all files and directo ries within the cgi2 directo ry, and all o f the files and directo ries within tho se directo ries, and all o f the files and directo ries within tho se directo ries, and so o n. That is why the -r flag means recursive!

WARNING

Using rm -r can be extremely dangero us! If yo u were to type rm -r ~ accidentally, fo r example, yo ur entire ho me directo ry wo uld be deleted.

Copying into Directories No w that yo u kno w ho w to create yo ur o wn directo ries, yo u sho uld practice co pying files into a directo ry. Create a directo ry called backups and co py a few o f the files fro m the cgi directo ry into it. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ cd cgi cold:~/cgi$ mkdir backups cold:~/cgi$ cp cgi-lib.pl counter.pl guest.pl backups cold:~/cgi$ cd backups cold:~/cgi/backups$ ls cgi-lib.pl* counter.pl* guest.pl* The last directo ry listed is the destinatio n directo ry. All o f the files will be co pied into this directo ry. Keep in mind that yo u can also use the m v co mmand in the same manner.

Handing in Objectives No w that yo u have read the lesso n yo u have yo ur first pro ject to co mplete that allo ws yo u to demo nstrate the co ncepts yo u have learned. Yo u will no t need to hand in a specific file, simply do the tasks presented to yo u in yo ur shell while yo u are co nnected to the server. Please make sure the filename asked fo r in the instructio ns is the name o f yo ur file and yo u are o n the co rrect server. When yo u are finished, scro ll do wn the to p half o f the Co derunner screen and select the butto n that reads Hand in at the bo tto m right side o f the windo w. Yo u will have the o ppo rtunity to write co mments to yo ur instructo r o n the left side o f the screen. Even tho ugh yo u will no t be handing in any files, selecting this butto n will alert yo ur instructo r that yo ur pro ject is ready to be evaluated. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Connecting to the Useractive Access Server Lesson Objectives To be able to access ho ttub fro m the co ld server, The ho ttub server is ano ther OST server that yo u will be using in this co urse.

T he Hottub Access Server Up until no w, yo u have been lo gging into the OST's co ld server. Fro m no w o n, yo u will be lo gging into ano ther gro up o f machines called ho t t ub. These machines are part o f a system that was develo ped specifically fo r the purpo se o f teaching Unix. In later lesso ns, yo u will be given ro o t access o n yo ur o wn machine inside o f ho ttub's private netwo rk. Ro o t access is a special type o f access usually reserved fo r system administrato rs respo nsible fo r maintaining the security and usability o f the server.

Connecting to hottub Lo gin to yo ur Unix shell o n the co ld server, just like befo re. Yo u will be using the ssh pro gram to co nnect to ho ttub. ssh is similar to t e lne t , which is a pro gram to co nnect to o ther co mputers. Every time yo u lo gin to yo ur shell o n co ld, yo u are using a telnet pro gram to do it. ssh is a mo re secure fo rm o f telnet. It stands fo r secure shell. Yo u will learn mo re abo ut ssh in Lesso n 16 . Fo r no w, all yo u need to kno w is ho w to lo gin to ho ttub. No rmally, the syntax yo u wo uld use to co nnect to a server lo o ks so mething like this: cold:~$ ssh server.useractive.com Because yo u are sharing co mputers with o ther students taking this class, yo u will be using an alias that OST has created in o rder to co nnect to ho ttub. After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ hottub The authenticity of host 'hottub5.useractive.com (63.171.219.85)' can't be estab lished. RSA key fingerprint is ed:0b:24:e6:df:06:bd:la:5c:96:b6:f8:8d:35:fe:8e. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'hottub5.useractive.com,63.171.219.85' (RSA) to the l ist of known hosts. [email protected]'s password: password Last login: Fri Feb 8 13:17:32 2002 from smack.useractive.com hottub5:~$ The first time yo u use ssh yo u will have to type ye s to co ntinue co nnecting. Be sure to enter yo ur passwo rd when pro mpted. When yo u are co nnected co rrectly, yo u sho uld see a co mmand pro mpt that lo o ks so mething like ho t t ub:~$ .

Note

The passwo rd yo u sho uld use to lo gin to ho ttub is the same passwo rd yo u use to lo gin to co ld.

To lo go ut o f ho ttub, simply type e xit . Go ahead and try this no w. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Text Editors Lesson Objectives To be able to use Unix text edito rs.

T he Need for a T ext Editor Mo st o f the files used to co nfigure a Unix server are merely text files. This means that yo u will o ften find yo urself editing files by hand using a text edito r. There are lo ts o f edito rs yo u can use to do this, but the three mo st co mmo n o nes are e m acs, pico /nano , and vi. The majo rity o f this lesso n will be dedicated to understanding emacs. Pico /nano and vi will be discussed briefly at the end o f this lesso n.

What is Emacs? Emacs is very versitile Unix based text edito r. If yo u can think o f a feature that a text based edito r sho uld have, emacs pro bably has it. The name is an abbreviatio n fo r e dito r m acro s.

Command Keys and the Emacs Window Yo u will use different co mmand key sequences to manipulate yo ur file in emacs. They are used to save a file, search fo r a specific sectio n o f a file, and exit o ut o f a file. To execute a co mmand key sequence, yo u need to fo llo w a few basic rules. Cg

Mx

The C stands fo r the CONTROL key (Ctrl). The g stands fo r the G key and the dash (-) signifies that yo u sho uld hit bo th keys (the CONTROL key and the G key) at the same time.

The M stands fo r the META key. Unfo rtunately, mo st co mputers no lo nger have a META key. When yo u see this yo u sho uld hit the ESCAPE key (Esc) instead. Then hit the X key. If the META key still existed, yo u wo uld hit the META key and the X key at the same time. Ho wever, when yo u are using the ESCAPE key yo u must hit the keys separately. In o ther wo rds, yo u wo uld hit the ESCAPE key first, then the X key. In so me instances, hitting the ESC twice befo re the X key is needed fo r META functio n. This may so und co nfusing, but yo u will get the hang o f it.

Emacs is usually accessed fro m the Unix co mmand line by typing e m acs, fo llo wed by the name o f a file. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ emacs myfile.txt Yo u sho uld see a screen that lo o ks almo st identical to the o ne pictured belo w:

Yo u can igno re the to p heading highlighted in black. The blank area in the middle is where yo u will be typing. At the bo tto m yo u will see a line highlighted in black and then a white line belo w it. The black line tells yo u almo st everything yo u wo uld ever want to kno w abo ut the current editing enviro nment. Yo u sho uld see the name o f the file currently being edited (m yf ile .t xt ). Inside parenthesis yo u sho uld see the wo rd T e xt . This tells yo u the type o f file yo u are editing. In this case yo u are editing a basic text file. The L1 indicates that yo ur curso r is currently o n line 1 o f the do cument. The last part tells yo u which sectio n o f the file yo u are viewing. Right no w, it says All because yo u have the entire co ntent o f the file o n yo ur screen. Often, it will be a percentage o f the do cument o r Bo t if yo u happen to be at the end. The last line in white is the co mmand line. Whenever yo u use co mmand keys, they will be displayed there. When yo u co mplete a co mmand (such as saving), it will sho w up there as well. Type so mething in to the do cument so yo u can practice saving and exiting the file. Emacs will no t let yo u save a file that has no thing in it.

Note

Because yo u are co nnecting to the server via an applet within the bro wser, it do es no t replicate the emacs pro gram perfectly. After typing text into yo ur do cument, try using the right and left arro w keys to mo ve back and fo rth alo ng the text. Depending o n the bro wser and o perating system yo u're using, yo u may find that so me o f the characters disappear. If this happens, type C-l and yo ur text will reappear. Please email yo ur instructo r if yo u have any questio ns abo ut this.

No w try saving m yf ile .t xt . Type C-x and then C-s to save the file. If yo u make a mistake yo u can type C-g to start o ver. When yo u are successful, yo u will see a message that the file was written in the emacs co mmand line.

Exit emacs by typing C-x C-c. Yo u sho uld see a Unix co mmand pro mpt. Use ls to see if the file is in yo ur acco unt no w. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ls -l myfile.txt -rw-rw-r-1 username users

38 Jul 24 09:26 myfile.txt

Once yo u are certain the file exists, o pen it again so yo u can get mo re co mfo rtable using emacs. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ emacs myfile.txt First, so yo u will need so mething to wo rk with, add so me mo re text to yo ur file. Just keep typing wo rds until yo u get to the end o f the line (yo u may have to type mo re than what is sho wn belo w). Keep typing until the text wraps o nto the next line.

No tice the backslash characters (\) at the end o f each line o f text. The backslash has no t been added to yo ur do cument but indicates that the line was to o lo ng to fit o n the screen. The backslash tells yo u the text was wrapped to the next line. No tice that if yo u mo ve the curso r up o r do wn thro ugh that line, the curso r will skip several lines o f co de. That is because emacs co nsiders it a single line instead o f two o r three. This may be the desired effect when yo u are writing co de, but if yo u are writing a sto ry, yo u may want the lines to break so yo u can edit the text mo re easily. To break the lines, try using: M-x aut o -f ill-m o de Ho ld do wn the ESC key then type x. Yo u will see the text M-x displayed in the co mmand line. Type in aut o f ill-m o de here and hit Ent e r. No tice that the wo rd Fill is no w included inside o f the parenthesis alo ng with the wo rd T e xt . Type wo rds into the do cument again. This time, emacs will break the lines just as a typical wo rd pro cessing pro gram wo uld do .

In o rder to experiment with mo re emacs co mmands, yo u need to add mo re text to the do cument. Yo u can quickly add mo re text by cutting and pasting the text yo u already have. Mo ve yo ur curso r to the beginning o f the file. Hit C-k repeatedly until all o f the text has disappeared. This is kno wn as cutting the text. To paste it, hit C-y. Remember, yo u need a lo t o f text, so be sure to hit C-y 15-20 times to co ntinue pasting the same text o ver and o ver. The reaso n yo u have pasted so much text is so yo u can learn so me co mmands that can be used to mo ve thro ugh a do cument mo re quickly. C-v do es the same thing as the PageDo wn key, and M-v wo rks like PageUp. Practice using these co mmands to mo ve up and do wn thro ugh the text file. Yo u can also search thro ugh a file using emacs. Search myfile.txt fo r the first o ccurrence o f the wo rd He llo . To do this, hit C-s. Yo u will see the text I-se arch: displayed in the co mmand line. Type the wo rd He llo . No tice ho w the curso r jumps to the first o ccurrence o f the wo rd He llo fo llo wing the curso r lo catio n. To sto p searching, hit Ent e r. To co ntinue searching fo r mo re o ccurrences o f the wo rd He llo , co ntinue hitting C-s. If yo u want to find multiple o ccurrences o f a string o f characters and replace them with ano ther string o f characters, yo u can use search and replace. To initiate this, type M-x re place -st ring. Then type He llo and hit Ent e r. Yo u sho uld see the text Re place st ring: He llo displayed in the co mmand line. No w, type the string yo u want to use to replace it. Re place st ring: He llo wit h: Hi Then hit Ent e r again. Yo u sho uld see the text Re place d 10 o ccurre nce s displayed in the co mmand line. Emacs tells yo u ho w many times it fo und and replaced the string. Keep in mind that emacs starts its search fro m wherever the curso r was lo cated. If yo u want to search and replace the string thro ugho ut the entire

do cument, make sure yo ur curso r is at the beginning o f it. Also , emacs replaces exactly what yo u type in the search string. If yo u want to replace the wo rd t he with a, the wo rd t he n will beco me an. Be careful!

Note

Remember, yo u can always cancel an emacs co mmand using C-g if yo u make a mistake.

When yo u edit an existing file with emacs, it creates a backup o f the o ld versio n by appending a tilde (~) to the end o f the filename. Fo r example, if yo u were to exit emacs and list the files in yo ur directo ry, yo u wo uld find the files m yf ile .t xt and m yf ile .t xt ~. This is helpful if yo u edit and save a file, then realize yo u have made a mistake. Yo u can always use the tilde file as a backup file. The backup files that emacs creates are co mmo nly referred to as emacs dro ppings. If yo u have no t do ne so already, save the file myfile.txt using C-x C-s. Then exit the do cument using C-x C-c. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ls myfile* myfile.txt myfile.txt~ The fo llo wing table summarizes all o f the e m acs co mmands yo u learned in this lesso n: C-x C-s

save

C-x C-c

exit

C-g

cancel

C-s

search

C-k

cut lines o f text

C-y

past lines o f text

C-v

page do wn

M-v

page up

M-x auto -fill-mo de auto matically wrap text M-x replace-string search and replace So me emacs users experience pro blems with the delete/backspace key. Fo r a quick fix, check o ut this link

Other T ext Editors Note

As I mentio ned befo re, because we are using a telnet applet to co nnect to the server, the emacs pro gram is no t replicated perfectly. Yo u may have so me tro uble using pico and vi thro ugh Co deRunner depending o n which bro wser and o perating system yo u are using.

Pico Pico is a very simple text edito r that is a derivative o f the pine email reader. Yo u may be familiar with it. Altho ugh pico do es no t have a lo t o f co mmands, it is fast. Open m yf ile .t xt using pico . After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ pico myfile.txt Pico is much mo re straightfo rward than emacs. At the bo tto m o f the screen is a list o f co mmands. The carat symbo l (^) indicates that yo u sho uld hit the CONTROL key alo ng with the indicated letter. Fo r example, ^C will repo rt the current curso r po sitio n at the bo tto m o f the screen. Hit Ct rl+c to see fo r yo urself.

Note

Pico auto matically breaks lines o f text. If yo u do no t want it to do this, yo u will need to use the -w flag when yo u o pen the file: pico -w f ile nam e

To exit pico , hit Ct rl+x. If yo u have no t made any changes to the do cument, the pro gram will exit immediately. If yo u have made changes, yo u will be asked if yo u want to save the mo dified buffer. Type y to save it. Yo u will then be asked fo r the filename. No rmally yo u wo uld no t want to change the filename, so yo u wo uld just hit Ent e r.

Note

Mo re current versio n o f Linux/Unix have replaced Pico with Nano but mo st co mmands are the same.

Vi Many Linux/Unix o perating systems will have either vi and/o r emacs installed. vi can be mo re challenging to learn but allo ws a system administrato r to wo rk quickly by co mbining co mmands. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ vi myfile.txt

A go o d indicatio n that yo u are using vi is the presence o f tildes (~). To exit the pro gram enter ESC then :q. If fo r so me reaso n yo u canno t quit, yo u can fo rce the pro gram to quit by adding an exclamatio n po int: ESC :q! If yo u want to learn mo re abo ut vi there is a nice tuto rial pro vided by the University o f Califo rnia at San Diego . Fo r the remainder o f this co urse we will be using e m acs in o ur examples but feel free to use any edito r yo u feel co mfo rtable with o r wish to learn mo re abo ut. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Shells Lesson Objectives To understand Unix she lls. Key co ncepts include hist o ry, aliase s, e nviro nm e nt variable s, pat h, and editing do t files.

What is a Shell? A shell is a pro gram that allo ws yo u to co mmunicate with the o perating system o n ano ther co mputer. Go ahead and lo gin to yo ur ho ttub shell. Mo st o f the time yo u're lo gged into yo ur shell, there's a pro mpt, just waiting fo r yo u to type in a co mmand. See lo o k...it's just waiting: Observe the fo llo wing: hottub:~$ ...and waiting... Observe the fo llo wing: hottub:~$ ...until yo u give it a co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ uptime 4:15pm up 26 days, 23:44,

6 users,

load average: 0.00, 0.01, 0.00

Then it waits again. Very patient, do n't yo u think? There are a lo t o f different shells. They all do basically the same thing, but have different features to separate them fro m o ne ano ther. The o riginal shell was the Bo urne Shell, sh. OST uses bash, the Bo urne again shell, which has mo re built-in features.

Bash Command History One o f the mo st co nvenient features o f bash is that it keeps a histo ry o f the co mmands yo u type. To illustrate this, try typing a few different co mmands. Do n't wo rry abo ut what these co mmands do --yo u're just using them to illustrate the bash histo ry feature. Yo u'll pro bably get slightly different results than tho se sho wn belo w.

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ uname -a |awk '{ print $2 }' hottub.useractive.com hottub:~$ df Filesystem 1K-blocks Used Available Capacity Mounted on /dev/sda4 6182660 3411808 2456784 59% / /dev/sda1 132207 6916 118465 6% /boot none 516256 0 516256 0% /dev/shm /dev/sda3 1976524 275380 1600740 15% /var makers.local:/vol/hottubA/hottub/home 356515840 38042632 318473208 11% /home plumber.local:/users 125262048 84201568 41060480 68% /users plumber.local:/software 125262048 84201568 41060480 68% /software hottub:~$ mount /dev/sda4 on / type ext2 (rw) none on /proc type proc (rw) none on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sda1 on /boot type ext3 (rw) none on /dev/shm type tmpfs (rw) /dev/sda3 on /var type ext3 (rw) makers.local:/vol/hottubA/hottub/home on /home type nfs (rw,nosuid,bg,hard,noint r,nolock,rsize=8192,wsize=8192,nfsvers=3,addr=10.0.121.23) plumber.local:/users on /users type nfs (rw,nosuid,bg,soft,intr,nolock,addr=10.0 .121.10) plumber.local:/software on /software type nfs (rw,nosuid,bg,soft,intr,nolock,add r=10.0.121.10) hottub:~$ Again, do n't wo rry if yo u do n't understand what these co mmands do . No w, let's say yo u want to execute the first co mmand (unam e -a |awk '{ print $ 2 } ') again. It wo uld save time if yo u didn't have to type it all again, right? Well, if yo u use the up and do wn arro ws o n the keybo ard to access the co mmand histo ry, yo u do n't have to ! Hit the up arro w o nce. Observe the fo llo wing change: hottub:~$ mount This displays the previo us co mmand. Hit the up arro w two mo re times. Observe the fo llo wing change: hottub:~$ uname -a |awk '{ print $2 }' By hitting the up arro w three times, yo u can get yo ur first co mmand again. Yo u can even mo dify the co mmand befo re executing it again. Change the 2 to a 1. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ uname -a |awk '{ print $1 }' Linux The co mmand histo ry beco mes really co nvenient when yo u are do ing repetitive tasks such as so ftware testing. bash also keeps track o f yo ur last 50 0 co mmands in a file called .bash_hist o ry that is lo cated in yo ur ho me directo ry. It do esn't add yo ur mo st recent co mmands to the file right away, but it will append them to the file when yo u lo go ut. Try lo gging o ut and lo gging back in to take a lo o k at the .bash_hist o ry file.

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ exit cold:~$ hottub [email protected]'s password: password hottub:~$ emacs .bash_history Bro wse thro ugh .bash_hist o ry a bit and take a lo o k at all the co mmands yo u have typed thus far. Feel free to exit e m acs whenever yo u're do ne.

Dot Files Yo u may be wo ndering why .bash_hist o ry starts with a perio d. Several files and directo ries in yo ur ho me directo ry start with perio ds, but yo u will no t see these files when yo u list (ls) the files in yo ur directo ry. By default, ls hides files that start with a perio d. If yo u type ls -a (the -a means all), yo u sho uld see all o f the files in yo ur ho me directo ry, including the do t files. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ls -a

Mo st o f the do t files yo u see here ho ld co nfiguratio n and preference info rmatio n fo r vario us pro grams. It's no t likely that yo u'll need to to uch (o r even be aware o f) mo st o f them.

Aliases Bash, alo ng with mo st shells, allo ws yo u to make co mmand aliases fo r things yo u use all the time. Try making an alias fo r unam e -a. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ alias u="uname -a" This sets up an alias fo r unam e -a as u. So no w yo u have a sho rtcut. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ u Linux hottub.useractive.com 686 i686 i386 GNU/Linux

2.4.34.2-skas3 #6 SMP Thu Jun 8 09:03:50 CDT 2008 i

This is a great way to save time! No w, lo go ut o f ho ttub and lo g back in. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ exit cold:~$ hottub [email protected]'s password: password hottub:~$ u bash: u: command not found u no lo nger wo rks. Aliases o nly last as lo ng as yo u're lo gged in. And it's kind o f a pain to set up the alias every time we lo gin. Lucky fo r us, bash checks fo r a co uple o f files that it will run every time yo u lo gin. Yo u can add yo ur alias to these lo gin files to save the alias fo r the next sessio n.

Login Files Every time bash is o pened, it lo o ks in yo ur ho me directo ry fo r a file called .bashrc. This file is typically used to set up a user's enviro nment. It usually co ntains co mmands and/o r shell script co de. Add yo ur alias fro m abo ve into the .bashrc file.

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ emacs .bashrc The file sho uld already exist, so all yo u need to do is add the new text in the appro priate sectio n. If the file do esn't exist o r lo o ks different, just add the new line near the to p so mewhere.

Save the file and exit emacs using C-x C-s C-x C-c. Fro m no w o n, when yo u lo gin, the alias will auto matically be set up fo r yo u.

PAT H and Other Environment Variables It's helpful to think o f yo ur shell as an enviro nment. Yo ur shell is ho w yo u see the Unix system. Things that describe yo ur enviro nment (yo ur username, ho me directo ry, path, etc) are called e nviro nm e nt variable s. The shell keeps track o f the enviro nment variables fo r yo u. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ env This is a list o f all o f the current enviro nment variables and their values. It's no t very co nvenient to lo o k at them this way, so try using bash's built in e cho co mmand to examine specific variables. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ echo $LOGNAME username hottub:~$ echo $HOME /home/username hottub:~$ echo $SHELL /bin/bash hottub:~$ echo $PATH /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11R6/bin:/home/username/bin LOGNAME is yo ur username, HOME is the lo catio n o f yo ur ho me directo ry, and SHELL is yo ur shell. Yo u can pro bably figure these o ut by yo urself. But what is yo ur PAT H? Yo ur PAT H co ntains co mmo n lo catio ns o f co mmands. When yo u type any co mmand, yo ur shell lo o ks in tho se lo catio ns (in o rder) fo r the co mmand in questio n. Fo r example, if yo u type the chm o d co mmand, yo ur shell checks in the /usr/bin directo ry first. If it's no t there, it lo o ks in the /bin directo ry. When the co mmand is fo und it is then executed. Why are so me o f these in the bin directo ry and so me in the sbin directo ry and o ther similar directo ries? It's to separate similar co mmands into different catego ries. Co mmands in the sbin directo ry will usually be used o nly by the system administrato r, but co mmo n co mmands that everyo ne will use are ho used in the bin directo ry. Yo u may want to take a lo o k thro ugh these directo ries in o rder to get an

idea o f the co mmands yo u'll likely be using later. The which co mmand checks yo ur path as well. It is used to find the actual lo catio n o f co mmands in yo ur path. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ which chmod /bin/chmod If a co mmand is no t fo und in yo ur path (and yo u didn't specify the path o n the co mmand line), it will no t be executed. Many times the default system path do es no t include all o f the lo catio ns where co mmands reside. A lo t o f systems do no t have any sbin directo ries in yo ur path. OST co ntains sbin directo ries, but it is missing /usr/lo cal/sbin. The lo cal bin directo ries are fo r installed pro grams that are no t part o f the base distributio n. They are pro grams installed by the system administrato r, which will be yo u eventually! Let's add this directo ry to the path using the e xpo rt co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ export PATH=$PATH:/usr/local/sbin hottub:~$ echo $PATH /usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/X11R6/bin:/home/username/bin:/ usr/local/sbin The e xpo rt co mmand can be added to .bashrc so that it's executed every time yo u lo gin to ho ttub. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ emacs .bashrc Yo u sho uld see so mething that lo o ks like this:

Save .bashrc and exit emacs by typing C-x C-s C-x C-c. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

System Info Lesson Objectives To be able to use useful co mmands like w, upt im e , f inge r, and unam e .

W Suppo se yo u have multiple users lo gging into yo ur system. Ho w do yo u kno w who 's lo gged in? Well, that's where w co mes in. Yo u can think o f w as asking "who ?" After the co mmand pro mpt, type the fo llo wing co mmands: cold:~$ w 2:36pm up 2 days, 22:35, 3 users, load average: 1.09, 0.79, 0.71 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT sammy pts/1 Mon11am 0.00s 0.13s 0.02s w sammy pts/2 2:32pm 10.00s 0.04s 0.04s ssh hot.user kerry pts/4 hot.useractive.c 2:36pm 10.00s 0.02s 0.02s -bash No tice that w pro vides yo u with mo re info rmatio n than just who is lo gged in to ho ttub. Let's go o ver this info rmatio n slo wly. First, lo o k at the first line o f text that is printed: 2:36 pm

Time o f day.

up 2 days, 22:35

System uptime - 2 days 22 ho urs 35 minutes.

3 use rs

Number o f users currently lo gged in.

lo ad Lo ad average is a measure o f the utilizatio n o f yo ur CPU. Anything belo w 1 is great. If yo ur lo ad average ave rage is co nsistently higher than 2, yo u might want to co nsider upgrading to a faster machine. 1.0 9

Lo ad average fo r the last minute.

0 .7 9

Lo ad average fo r the last 5 minutes.

0 .7 1

Lo ad average fo r the last 15 minutes.

Alright, so that's the to p line, what's the info rmatio n abo ut each user lo gged in? Let's lo o k at the last entry. ke rry

The username.

pt s/4

The terminal co nnectio n name.

ho t .use ract ive .c This is the lo catio n fro m which the user is co nnecting to the server. It is usually a truncated ho stname. A dash means that the user is co nnecting to the machine lo cally. 2:36 pm

Time at which the user lo gged in.

10 .0 0 s

This is ho w lo ng the user has been idle o n the system. In this case, ke rry has no t executed any co mmand fo r 10 .0 0 seco nds.

0 .0 2s

JCPU - This is the amo unt o f to tal CPU time used by the current lo gin sessio n o n that tty (sessio n).

0 .0 2s

PCPU - This is the amo unt o f CPU time used by the current pro cess.

-bash

The current pro cess the user is running. -bash is just the shell, so ke rry isn't do ing anything special right no w.

The first line o f text can also be o btained with the upt im e co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ uptime 3:22pm up 2 days, 23:14,

3 users,

load average: 1.09, 0.79, 0.71

Mo re specific info rmatio n abo ut a user can be o btained using the f inge r co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ finger username Login: username Name: Real User Name Directory: /home/username Shell: /bin/bash On since Sun Apr 29 10:21 (CST) on pts/2 41 minutes 10 seconds idle On since Sat Apr 28 12:51 (CST) on pts/3 5 seconds idle Mail last read Fri Apr 27 21:14 2001 (CST) No Plan. Fro m this yo u can find o ut a user's real name, the last time she lo gged in, and the last time she checked her mail.

Uname Ano ther useful co mmand is unam e . Use this co mmand in co njunctio n with the -a flag. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ uname -a Linux hottub.useractive.com 2.4.34.2-skas3 #6 SMP Tue Dec 11 10:49:06 CST 2007 i686 unk nown ho t t ub is the linux system to which yo u are co nnected. In this case, it's running kernel versio n 2.4.34.2-skas3 that was co mpiled o n December 11, 20 0 7 at 10 :49 :0 6 am CST. As yo u can see, yo u can get a lo t o f useful info rmatio n with just a few simple co mmands. Experiment with these a bit and beco me mo re co mfo rtable using them. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Unix Pipes and Grep Lesson Objectives To understand the gre p co mmand. To understand o utput and input redirectio n using >>>, |, and > myoutfile No w if yo u cat m yo ut f ile , yo u sho uld see the same thing in there twice. It's useful to append to files when the input changes every time. Then yo u can use that file later to see ho w things change o ver time o r to generate a repo rt. The "less than" symbo l ( in co mbinatio n with each o ther. Fo r example, yo u can use /e t c/se rvice s as input, and m yo ut f ile as o utput. Observe the fo llo wing: hottub:~$ grep name < /etc/services > myoutfile

Do no t write o r append to a file that is being read as input. The result o f do ing this is unpredictable. Co nsider this co mmand:

Note

gre p t he < f ile > f ile If f ile is large, the o utput fro m the co mmand will o verwrite its co ntents befo re it's finished being used as input. As yo u can imagine, this do es no t give go o d results and destro ys f ile . Instead, use the co mmand gre p t he < f ile > f ile 2 ; m v f ile 2 f ile

See yo u at the next lesso n! Copyright © 1998-2014 O'Reilly Media, Inc.

Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Unix Regular Expressions Lesson Objectives To understand Unix regular expressio ns.

Regular Expressions If yo u remember fro m the previo us lesso n, the re in gre p stands fo r regular e xpressio n. A re gular e xpre ssio n is a way o f defining a pattern. In the previo us lesso n o ur pattern was simply a wo rd, such as nam e .

Note

If yo u kno w Perl, yo u'll no tice that Unix regular expressio ns are no t exactly the same as Perl regular expressio ns.

Yo u used the -i flag with the gre p co mmand to search fo r wo rds witho ut being case sensitive. That way yo u fo und o ccurrences o f bo th nam e and Nam e . Ano ther way to do this is to use brackets. Observe the fo llo wing: hottub:~$ grep [nN]ame /etc/services This will find either n o r N fo llo wed by am e . The brackets are used to give a list o f po ssibilities. Yo u can either type each character to be matched o r yo u can give a list. Fo r example [a-z]a[a-z]e matches any lo wercase letter (a thro ugh z), fo llo wed by an a, then any lo wercase letter, and finally an e . Here are so me examples o f o ther lists yo u can use: [ae io uAEIOU]

matches any lo wer o r upper case vo wel

[^ae io uAEIOU]

matches a no n-vo wel character. (The ^ means NOT when inside a bracket.)

[0 -9 ]

matches any single digit

[^0 -9 ]

matches any character that is no t a digit.

[a-z]

matches any lo wercase letter

[a-zA-Z ]

matches any lo wer OR upper case letter

[a-zA-Z 0 -9 ]

matches any digit o r letter

. Yo u can match any character by using a perio d. n..e This will match the letters n and e with any two characters between them. It will therefo re match nam e , nine , nZ We , n3be , and n/(e .

* Yo u can use an asterisk (*) to find zero o r mo re o ccurrences o f a character. [nN]e *d This will match Ne d, ne e d, nd, and ne e e e e d. If yo u want to match o ne o r mo re blank spaces, yo u must use quo tes aro und the regular expressio n. " a space " " a *lo t " The seco nd example will match zero o r mo re blank spaces which will acco unt fo r the co mmo n misspelling o f "a lo t" as "alo t". Keep in mind ho wever, that it's testing each line fo r a match separately. So if the letter "a" is at the end o f o ne line and the wo rd "lo t" is at the beginning o f the next line, no match will be fo und.

^ and $ Yo u can specify to match a pattern when it is at the beginning o r end o f a line. If ^ is used, it will match the wo rd when it's lo cated at the beginning o f a line. ^t he This will match any line that starts with t he . If $ is used, it will match the wo rd when it's lo cated at the end o f a line. t he $ This will match any line that ends with t he . Yo u can use any co mbinatio n o f these characters to match just abo ut anything yo u want. " ^ *[A-Z ]" This will match any line that starts with zero o r mo re spaces which is then fo llo wed by an uppercase letter. It co uld be useful fo r finding the first line o f a paragraph. The mo st difficult thing abo ut regular expressio ns is deciding which o ne is best to use. They are an extremely useful to o l fo r pro grammers, so be sure to experiment with them a bit befo re yo u mo ve o n to the next lesso n. See yo u there! Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Odds and Ends Lesson Objectives To understand pagers. These include m o re , le ss, he ad, t ail, m an, lo cat e , and f ind.

More or Less Yo u already kno w ho w to edit files, but if yo u want to bro wse thro ugh a file, there are co uple o f faster ways. Yo u can use the co mmands m o re and le ss. m o re will print o ut a file o ne full screen at a time. To see the next screen, yo u must hit the space bar. When yo u reach the end o f the file, the co mmand will exit. Yo u can exit befo re this by typing q. The biggest pro blem with m o re is that we canno t see the previo us screen. So I usually o pt to use a co mmand called le ss. le ss has mo re features than m o re . I guess yo u co uld say le ss is m o re , mo re o r less. It wo rks exactly the same way, except yo u have the ability to use Page Up (o r PgUp o n so me keybo ards), Page Do wn (o r PgDo wn), and the arro w keys. Let's try using so me o f these co mmands. We'll need so me text to practice o n, so I grabbed an HTML versio n o f the intro ducto ry chapter o n MySQL fro m www.mysql.co m. If it's no t in yo ur ho me directo ry, co py it there fro m /e t c/ske l/m anual_Int ro duct io n.ht m l. Befo re yo u experiment with the mo re and less co mmands, I'd like to sho w yo u a little trick kno wn as t ab o r co m m and co m ple t io n. Type the text sho wn belo w, but DO NOT hit Ent e r. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ more manu No w hit the T ab key. No tice ho w the rest o f the file name is co mpleted fo r yo u. Observe the fo llo wing: hottub:~$ more manual_Introduction.html Hit backspace to delete the text. Then type the text sho wn belo w. Again, do no t hit Ent e r. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ more m Hit T ab o nce. Hhmm...no thing happened. Hit T ab again. Yo u sho uld no w see a list o f the files in yo ur directo ry that start with the letter m . Observe the fo llo wing: manual_Introduction.html myfile.txt

myfile.txt~ myoutfile

No w try using the m o re co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ more manual_Introduction.html Again, yo u can scro ll thro ugh the file screen by screen by hitting the space bar. When yo u reach the end o f the file, it will auto matically exit the mo re co mmand. Yo u can hit the Q key to exit the co mmand at any time.

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ less manual_Introduction.html To exit the less co mmand yo u must use the Q key. It will no t auto matically exit when yo u have reached the end o f the file. Because bo th co mmands let yo u examine a file page by page, they are called pagers. While in m o re o r le ss, yo u can search fo r a string by typing / and the string fo r which yo u want to search. After typing the string, hit Ent e r.

Head and T ail So metimes yo u o nly need to see the to p o r bo tto m o f a file o r input stream. When that's the case, use the he ad o r t ail co mmands. By default they sho w yo u the first o r last 10 lines respectively. Ho wever, with the -n flag, yo u can specify ho w many lines yo u wo uld like to display. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ head manual_Introduction.html This will display the first 10 lines o f the do cument. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ tail manual_Introduction.html This will display the last 10 lines. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ tail -n 15 manual_Introduction.html This will display the last 15 lines.

Man There are so many co mmands with so many different o ptio ns that it's almo st impo ssible to co ver all o f them fo r every situatio n. Luckily, Unix systems co me with an extensive set o f manuals that are called the m an page s. To access them, use the m an co mmand. Fo r example, have a lo o k at the man page fo r ls. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ man ls As yo u can see, the m an co mmand uses the le ss interface by default. The typical layo ut o f a man page has a syno psis near the to p and sho ws the pro per syntax o f the co mmand. The syno psis is fo llo wed by a detailed descriptio n o f the co mmand and all o f the individual o ptio ns with which it can be used. Near the bo tto m, man pages usually co ntain the names o f o ther asso ciated co mmands and files, as well as autho r info rmatio n. If yo u have a questio n abo ut a co mmand, it's a go o d idea to co nsult the man pages first. Every no w and then yo u might want to just bro wse thro ugh them. In many situatio ns, the so lutio n to a pro blem is sitting in the man pages, just waiting to be fo und.

Locate In a previo us lesso n we learned ho w the which co mmand co uld be used to find co mmands in yo ur path. What if yo u want to find a file o r a co mmand that is no t in yo ur path? What if yo u kno w part o f the name o f a file, but no t all o f it? which isn't go ing to be very helpful in these situatio ns. Many systems keep a filename database that yo u can search thro ugh using the lo cat e co mmand. The o nly pro blem is that it returns every match, even tho se that are part o f the pathname. Still, it's better than searching by hand. Imagine that yo u are lo o king fo r files that co ntain the wo rd pt im e .

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ locate ptime /var/cache/yum/dag/headers/perl-DateTime-Format-Strptime-0-1.0700-1.1.e13.rf.noarch.h dr /var/cache/yum/dag/headers/perl-DateTime-Format-Strptime-0-1.0702-1.e13.rf.noarch.hdr /usr/bin/ruptime /usr/bin/uptime /usr/sbin/ntptimeset /usr/sbin/ntptime /usr/share/doc/ntp-4.1.2/ntptime.htm /usr/share/man/man1/ntptime.1.gz /usr/share/man/man1/ruptime.1.gz /usr/share/man/man1/uptime.1.gz /usr/share/man/man3/strptime.3.gz One o f the files that was fo und was the upt im e co mmand (co mmands are really just a type o f file). When yo u type this co mmand, yo u receive info rmatio n abo ut ho w lo ng the system has been running. This info rmatio n is o btained fro m the database. Ho w do es it get into the database? It's updated auto matically using the co mmand updat e db. Many systems run this co mmand auto matically every night.

Find If lo cat e isn't giving yo u what yo u want, o r if yo u want a little mo re po wer, try using the f ind co mmand. Since f ind actually lo o ks thro ugh the filesystem (instead o f checking the database) it uses up a lo t mo re system reso urces. Therefo re, the first argument o f f ind is the directo ry to start lo o king in. This directo ry will act as a base fo r the search. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ find /usr/bin -name "*ptime*" /usr/bin/uptime /usr/bin/ruptime f ind has many different o ptio ns. I suggest yo u read thro ugh a little bit o f the man page fo r f ind to get a sense o f the po ssibilities. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Links Lesson Objectives To understand file links including hard links and symbo lic links.

Hard Links The key to understanding links is realizing that a file and its name are no t the same thing. The file itself is co mpo sed o f o ne o r mo re blo cks o f memo ry o n yo ur disk. The filename is a hard link to the file. We can use the ln co mmand to create ano ther hard link to the same file. Use a text edito r to create a new file called f ile 1 that co ntains a line o f text. Then type the fo llo wing co mmands. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ cat file1 This is my line of text. hottub:~$ ls -la file1 -rw-r--r-1 username users

25 Jul

5 09:19 file1

No w create a seco nd hard link to that file. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ln file1 file2 List and examine these files. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ls -l file1 file2 -rw-r--r-2 username users -rw-r--r-2 username users

25 Jul 25 Jul

5 09:23 file1 5 09:23 file2

The same info rmatio n is listed fo r bo th filenames. This is the expected result since they link to the same file. The number 2 right befo re the username indicates the number o f links there are to the file. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ rm hottub:~$ cp hottub:~$ ln hottub:~$ ln hottub:~$ ls -rw-r--r--rw-r--r--rw-r--r--rw-r--r--

file2 file1 file2 file1 file4 file2 file3 -la file1 file2 file3 file4 2 username users 25 2 username users 25 2 username users 25 2 username users 25

Jul Jul Jul Jul

5 5 5 5

09:23 09:23 09:23 09:23

file1 file2 file3 file4

The first thing yo u did was remo ve f ile 2 fro m yo ur directo ry. After that, the co mmands may have beco me a little co nfusing. Yo u can see that so me hard links were created, but yo u really have no idea which o nes link to each o ther. What can yo u do witho ut examining the co ntents o f all the files? The key is to use the -i flag o f ls to co mpare the inode numbers o f the files.

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ls -il file1 4954258 -rw-r--r-2 4954252 -rw-r--r-2 4954252 -rw-r--r-2 4954258 -rw-r--r-2

file2 file3 file4 username users username users username users username users

25 25 25 25

Jul Jul Jul Jul

5 5 5 5

09:23 09:23 09:23 09:23

file1 file2 file3 file4

Fro m this yo u can see that f ile 1 and f ile 4 are the same, as well as f ile 2 and f ile 3.

More About Hard Links Hard links use the same file. If yo u mo dify o ne file, the o ther file(s) will change as well. If yo u delete any o f the hard links, even the o riginal o ne, the o ther file(s) still exists and yo u can access it fro m the o ther links. The do wnfall o f hard links is that they canno t be used acro ss separate filesystems. Additio nally, o nly the superuser can create a hard link to a directo ry. As a result, hard links aren't used very o ften.

Note

When using emacs yo u have to be careful. Emacs will save the o ld file as a backup (tilde file) and create a new file fo r the changes. As a result, yo ur hard links co uld be destro yed if yo u aren't careful.

Symbolic Links Hard links are po inters to a file. Sym bo lic links (so metimes called so ft links) are mo re like po inters to hard links. A so ft link o nly refers to the pathname o f the file to which it's po inting. Yo u can think o f it as an alias fo r the real file. Symbo lic links are created by using the -s flag with the ln co mmand. Remo ve the extra files and create a symbo lic link to f ile 1. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ rm hottub:~$ ln hottub:~$ ls lrwxrwxrwx

file2 file3 file4 -s file1 file2 -l file2 1 username users

5 Jul

5 11:27 file2 -> file1

There are a co uple o f things I want to mentio n here. First, no tice the arro w that po ints fro m f ile 2 to f ile 1. This indicates that f ile 2 is a symbo lic link to f ile 1. Seco nd, no tice that the permissio ns o n the file begin with the letter l and that the permissio ns seem to give full access to everyo ne. But this is no t actually the case. Because f ile 2 is a link, it do esn't really have any permissio ns o f its o wn. Symbo lic links are used all the time to give multiple names to a file o r to link to it fro m ano ther directo ry. If yo u remo ve the actual file, the link will still exist. Ho wever, since it po ints to no thing, it beco mes useless. Why use links at all? Why no t just co py the file? Well, there are two reaso ns. First, links are much smaller than files, so it saves disk space to use links instead o f co pying the o riginal file. Seco nd, yo u o nly have to edit o ne file to make a change. If yo u co pied the file yo u'd have to edit all o f them individually. So no w that we've go t file links handled, let's mo ve o n! Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Processes Lesson Objectives To understand ho w to examine and manipulate pro cesses using ps, t o p, and kill. To understand abo ut backgro unding and fo regro unding jo bs.

Processes A Unix machine keeps track o f every pro gram yo u run. Yo ur lo gin shell and every individual co mmand that yo u execute is being sto red by the machine. Yo u can take a lo o k at the pro ce sse s that are running by using the ps co mmand. At the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ps PID TTY 11307 pts/0 11340 pts/0

TIME CMD 00:00:00 bash 00:00:00 ps

Using ps by itself o nly sho ws the pro cesses fo r the current sessio n. Yo u can get mo re info rmatio n abo ut these pro cesses by using the u o ptio n. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ps u USER PID %CPU %MEM username 11307 0.0 0.7 username 11332 0.0 0.5

VSZ 1736 2348

RSS TTY 980 pts/0 716 pts/0

STAT START S 10:05 R 10:06

TIME COMMAND 0:00 -bash 0:00 ps u

The co lumns yo u will use mo st o ften are USER, PID, and COMMAND. These sho w the user who o wns the pro cess, the pro cess id, and the co mmand that's running. So metimes a user will have a runaway pro cess that needs to be sto pped, o r yo u will need to sto p a pro gram that's running in the backgro und. In these cases, yo u'll use the kill co mmand. Get the PID (Pro cess Identificatio n) o f yo ur bash shell by using ps u. Be sure to replace YOUR_PID with the actual PID. It was 1130 7 in the example abo ve, but yo ur number will be different. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ kill YOUR_PID hottub:~$ Hmmm...no thing happened. Well, that's because so me pro cesses have the po wer to igno re a simple kill co mmand. Try it again with a little mo re po wer by using the -9 o ptio n. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ kill -9 YOUR_PID The -9 flag fo rces the kill to happen at the system level. If yo u have the co rrect PID, yo u will have to lo gin again no w because yo u have just killed yo ur o wn shell. This usually isn't so mething yo u wo uld want to do . Ho wever, yo u may need to kill o ther users' pro cesses, in which case the same idea can be applied. In o rder to do this, yo u wo uld need to get info rmatio n abo ut pro cesses o ther than yo ur o wn.

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ ps aux USER PID %CPU %MEM root 1 0.0 0.0 root 359 0.0 0.2 root 414 0.0 0.0 root 432 0.0 0.1 root 490 0.0 0.3 username 11486 0.0 0.7 username 11522 0.0 0.5

VSZ 1120 1168 1328 1164 2128 1736 2356

RSS 68 284 120 240 436 980 724

TTY ? ? ? ? ? pts/4 pts/4

STAT S S S S S S R

START Jul26 Jul26 Jul26 Jul26 Jul26 11:41 11:49

TIME 0:04 0:12 0:00 0:00 0:00 0:00 0:00

COMMAND init syslogd -m 0 crond inetd sendmail: ac -bash ps aux

This is a list o f all the pro cesses running by every user. The abo ve list is o nly a partial list that we can use to allo w us to discuss a few that are o f particular interest. The first pro cess is init and it will always have a PID o f 1. Other PIDs will vary. Keep in mind that the results o f ps aux are usually cut sho rt so that the lines do n't wrap aro und. To get a wider o utput, add the w flag like so : ps auxw Ano ther po pular way o f checking the pro cesses o n a system is the t o p co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ top Yo ur screen sho uld no w lo o k like this. The pro cesses listed are the o nes that are using mo st o f the co mputer's cpu po wer. t o p will co ntinually update itself with the mo st current info rmatio n. Yo u can hit q to quit, o r yo u can type Ct rl+c.

Watch t o p fo r a bit befo re quitting.

Parent and Child Processes The kernel (the brain o f the server) keeps track o f which pro cesses spawn o ther pro cesses. Yo ur shell, fo r example, is the parent o f any o ther pro cesses yo u run fro m it. If yo u kill a parent pro cess by using the kill co mmand o r by lo gging o ut, all o f its child pro cesses die as well.

Backgrounding a Process A go o d way to keep pro cesses running while yo u're do ing so mething else is to run them in the backgro und. Here yo u'll learn two different ways to "backgro und" a pro cess. Start by running t o p again.

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ top Once t o p is o pen and running, hit Ct rl + z. Observe the fo llo wing: [1]+ Stopped (signal) hottub:~$ This tells yo u that the t o p pro cess has sto pped. It hasn't been killed, just paused. Yo u can let it keep running by using bg. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ bg [1]+ top & The ampersand (&) indicates that the pro gram is running in the backgro und. The benefit to tempo rarily backgro unding a pro cess is that yo u can pause to run a different co mmand, then resume what yo u were do ing later. Suppo se yo u're finished using t o p and yo u do n't want it to run in the backgro und because it's using up valuable system reso urces. Yo u can get a list o f current tasks with the jo bs co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ jobs [1]+ Stopped (tty output)

top

The number in the brackets o n the left side is the jo b number. Yo u can use it to reference the jo b when yo u want to get rid o f it. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ kill %1 Yo u can also start a co mmand so that it runs in the backgro und immediately. It's pretty po intless with t o p, since yo u need to see the co mmand in o rder to use it. But let's use t o p anyway, just to illustrate the po int. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ top & hottub:~$ If yo u use the jo bs co mmand, yo u can see that t o p is indeed running in the backgro und. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ jobs [1]+ Stopped (tty output)

top

Yo u can fo regro und the pro cess to check o ut what's happening. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ fg Practice backgro unding and fo regro unding so me pro cesses to get mo re co mfo rtable do ing it. When yo u're finished, make sure to exit all o f the pro cesses. Copyright © 1998-2014 O'Reilly Media, Inc.

Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Tar and Gzip Lesson Objectives To be able to archive files using t ar. To be able to co mpress and deco mpress files using gzip.

T ar and Gzip T ar No w that yo u have seen so me basic co mmands, it's time to get acquainted with so me mo re advanced co mmands. The first co mmand yo u'll be using is t ar. T ar stands fo r t ape archiver. These days, mo st peo ple use tar to archive files o n disk, no t tape. We'll be using tar to archive files o n disk as well. What is an archive? An archive is a co llectio n o f files gro uped to gether into o ne place. Archives are useful fo r backup purpo ses. They also make transferring gro ups o f files easier. The .tar fo rmat is used to distribute much o f the so ftware in the Unix wo rld. A parallel fro m the windo ws wo rld wo uld be the .zip fo rmat. Yo u may also co me acro ss a .tar.gz file. This is simply a co mpressed tar file which we'll discuss later in this lesso n. Use tar to create an archive. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ cd /etc hottub:/etc$ tar -cf ~/xinetd.tar xinetd.d hottub:/etc$ ls ~/x* /home/username/xinetd.tar The c flag creates a new archive and f specifies that we will be archiving to a file. This will create an archive file named xine t d.t ar that co ntains the xine t d.d directo ry and all o f its files. The xine t d.d directo ry still exists, but there is no w a new file which is the packaged versio n o f the o riginal directo ry. So ho w do yo u kno w the files are really there? There is a way to view the co ntents o f an archive file. Instead o f using the c flag, try using the t flag fo r t e st mo de. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:/etc$ cd ~ hottub:~$ tar -tvf xinetd.tar drwxr-xr-x root/root 0 -rw-r--r-- root/root 317 -rw-r--r-- root/root 297 ... -rw-r--r-- root/root 305 -rw-r--r-- root/root 748 -rw-r--r-- root/root 317

2001-07-23 16:39:16 xinetd.d/ 2000-08-09 04:55:21 xinetd.d/chargen-udp 2001-07-03 14:00:21 xinetd.d/chargen 2000-08-22 23:17:11 xinetd.d/telnet 2000-07-18 17:02:31 xinetd.d/time 2001-03-15 15:17:35 xinetd.d/time-udp

The additio nal v flag stands fo r verbo se. In test mo de, t ar will read thro ugh the archive, but yo u must use v to display the co ntents. Yo u sho uld see a list o f all the files that are in xinetd.tar. To retrieve these files, yo u will need to extract them so meho w. The tar co mmand has an extract mo de if yo u use the x flag.

After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ tar -xf xinetd.tar hottub:~$ cd xinetd.d hottub:~/xinetd.d$ ls chargen daytime echo chargen-udp

daytime-udp

echo-udp

finger

rlogin

rsync

telnet

rexec

rsh

services

time

time-udp

No tice that when tar extracted the archive, it created the xine t d.d directo ry. There are no w two co pies o f this directo ry--o ne in yo ur ho me directo ry and o ne in the etc directo ry. Tar files preserve the o riginal directo ry structure, so they are extremely useful when creating backups. Keep in mind that xine t d.t ar still exists even tho ugh yo u have extracted the files. Yo u may want to delete this file at so me po int later o n, but we'll be using it in the example belo w.

Gzip While t ar co mbines multiple files and directo ries into a single archive, the gzip co mmand can co mpress a file into a smaller size. Co mpressed files are useful fo r saving disk space and fo r decreasing the amo unt o f time it takes to do wnlo ad a file. The gzip co mmand is very easy to use. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~/xinetd.d$ cd .. hottub:~$ gzip xinetd.tar hottub:~$ ls xinetd.tar* xinetd.tar.gz hottub:~$ gzip has co mpressed the xine t d.t ar file and added the .gz extensio n to it. Yo u can deco mpress this file using gunzip. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ gunzip xinetd.tar.gz T ar and gzip are o ften used in co njunctio n with each o ther. Yo u can tar multiple files to create a single file, then gzip the file to co mpress it. Fo r this reaso n, t ar has a built-in flag so that yo u can co mpress and deco mpress archive files in o ne step (the z flag). Adding this flag to a tar co mmand will co mpress the file if it is used in co njunctio n with the c flag. Observe the fo llo wing: hottub:~$ tar -cvzf test.tar.gz mytestdirectory So metimes these files are created using a .t gz extensio n. Ho wever, .t ar.gz is the mo st co mmo n. If yo u add the z flag, in co njunctio n with the x flag, it will deco mpress the file. Experiment and see if yo u can wo rk this o ut fo r yo urself! Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

The Super User Lesson Objectives To be intro duced to the superuser acco unt and the su co mmand. To be able to use the bubble co mputer.

T he Super User Recall fro m lesso n 3 that every file o n the server has three sets o f permissio ns: user, gro up, and everyo ne else. This restricts peo ple fro m accessing files that the system depends o n o r private files. Ho wever, there is o ne perso n who has access to every file o n the server. The administrato r o f the system has access to the supe r use r acco unt with the lo gin name o f ro o t . Alo ng with the po wer granted to the super user co mes a lo t o f respo nsibility. Having access to every file o n the system means that yo u can destro y any file yo u want. A co uple o f wro ng keystro kes and yo u might as well re-install the who le system fro m scratch. If that scares yo u a little bit, well...it sho uld. It's impo rtant to remember to be careful when yo u do n't have any restrictio ns.

Accessing your Bubble machine Yo u are abo ut to be given super user access o n o ne o f the OST servers. This is no t a simulatio n. Yo u will have the access yo u need o n a real machine while yo u learn so me o f what it takes to be a system administrato r. The co mputers yo u will be using are o n a separate netwo rk co nnected to the ho ttub server. We call these co mputers bubble s. (It's an analo gy--yo u must get in the ho ttub befo re yo u can play with the bubbles.) Try co nnecting to a bubble machine. After the co mmand pro mpt, type the fo llo wing co mmands: hottub:~$ bubble Trying 10.0.0.12... Connected to 10.0.0.12. Escape character is '^]'. Red Hat Linux release 7.2 (Enigma) Kernel 2.4.16 on an i686 login:

Note

The bubble co mmand is a pro gram that was written fo r this co urse to allo w yo u to co nnect to machines within o ur netwo rk. This co mmand is no t a standard Unix co mmand.

The bubble co mmand is used to lo cate a free bubble and set it up using yo ur info rmatio n. The bubble is rebo o ted so that the machine will have yo ur setup in place. Fo r this reaso n, it may take several seco nds to co nnect. After the machine is rebo o ted, yo u must enter yo ur lo gin and passwo rd.

After the co mmand pro mpt, type the fo llo wing co mmands: Trying 10.0.0.12... Connected to 10.0.0.12. Escape character is '^]'. Red Hat Linux release 7.2 (Enigma) Kernel \r on an \m login: username Password: Last login: Thu Feb 22 14:12:16 from hottub bubble12:~$ Co ngratulatio ns! Yo u have, fo r the first time, lo gged into a bubble co mputer. If yo u're having tro uble, be sure to email yo ur mento r.

Note

The number that is listed after bubble indicates which bubble yo u are using.

Try o btaining so me info rmatio n abo ut the machine. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ w 2:00pm up 14 days, 59 min, USER TTY FROM username pts/0 hottub bubble12:~$

1 user, load average: 0.00, 0.00, 0.00 LOGIN@ IDLE JCPU PCPU WHAT 1:41pm 0.00s 0.00s 0.00s w

These results sho uld no t be surprising to yo u. The machine has o nly been up a sho rt time and yo u're the o nly o ne lo gged in.

su To have to tal co ntro l o ver yo ur bubble, yo u will need to have superuser access. Yo u'll be using the su co mmand to do this. Yo ur superuser lo gin is the same as yo ur lo gin, with the additio n o f su in fro nt o f the name. If yo ur lo gin is use rnam e , yo ur superuser lo gin is suuse rnam e . Fo r example, my lo gin is m ike and my superuser lo gin is sum ike . This might be a bit co nfusing because yo u learned at the beginning o f the lesso n that the superuser acco unt lo gin was ro o t , right? Well, it is, but Unix actually keeps track o f users by their user identificatio n number (UID). Giving an acco unt a UID o f 0 (zero ) gives the acco unt all o f the same privileges as the ro o t user. The UID number o f yo ur superuser lo gin is 0 . Try lo gging in as a superuser. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ su suusername Password: bubble12:~# No tice that the pro mpt has changed fro m a $ to a # . This pro vides a go o d way to determine which acco unt yo u're using. Whenever yo u are the superuser, the pro mpt will sho w a # instead o f a $ . It's a go o d idea to lo go ut o f yo ur superuser acco unt whenever yo u're no t using it. Since yo u will no t be using this acco unt right no w, go ahead and exit. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~# exit exit bubble12:~$

No w yo u are just a regular user o n the bubble. Go ahead and lo go ut o f the bubble as well. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ exit logout Connection closed by foreign host. hottub:~$ In the next lesso n, yo u'll use yo ur superuser access o n the bubbles. See yo u so o n! Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

SSH Lesson Objectives To understand ssh by do wnlo ading, installing, and mo difying it.

What is SSH? ssh stands fo r secure shell. It's a way to co nnect to a server, very similar to telnet, but with o ne impo rtant difference. The co nnectio ns and everything yo u type is encrypted. This is why it's secure. Why is this so impo rtant? With telnet (and mo st o ther netwo rk applicatio ns), everything yo u type is sent o ver the netwo rk as plain text, including yo ur passwo rd. If there are co mputers o n yo ur netwo rk that can't be "trusted," they co uld eavesdro p o n yo ur telnet sessio n and learn yo ur passwo rd. With an ssh co nnectio n, yo u can be sure that everything passed between yo ur co mputer and the remo te machine is encrypted. Even if so meo ne intercepts what yo u typed, there is no way to decipher it.

Using SSH Using ssh is almo st exactly like using t e lne t . When yo u t e lne t to a machine it gives yo u the familiar lo gin pro mpt: Observe the fo llo wing: faucet:~$ telnet hostname.useractive.com Trying 204.212.246.153... Connected to hostname.useractive.com. Escape character is '^]'. Red Hat Linux release 7.0 (Guinness) Kernel 2.2.16-22 on an i686 login: ssh assumes that yo u will lo gin with the same username yo u are currently using. This means yo u do n't have to enter yo ur lo gin name when yo u co nnect to ho ttub. What if yo u have to co nnect to a machine using a different lo gin than the o ne yo u're currently using? That's no pro blem. Observe the fo llo wing: cold:~$ ssh [email protected] Yo u wo uld then be lo gged in as billy o n ho stname.useractive.co m.

Installing SSH on your bubble The bubble do esn't have ssh installed o n it right no w, so yo u'll need to install it. Yo u will use the ncf t p pro gram to do wnlo ad the so ftware fro m the ho ttub. ncftp is a file transfer pro gram. In fact f t p stands fo r f ile t ransfer pro to co l. Lo gin to a bubble. Then co nnect to the ho ttub ano nymo us file server using the ncftp pro gram lo cated at the address belo w.

After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ ncftp hottub.private.useractive.com NcFTP 3.0.2 (October 19, 2000) by Mike Gleason ([email protected]). Copyright (c) 1992-2000 by Mike Gleason. All rights reserved. Connecting to 10.0.0.1... hottub.useractive.com NcFTPd server (free personal license) ready. Logging in... You are user #1 of 3 simultaneous users allowed. Logged in anonymously. Logged in to hottub.private.useractive.com. ncftp / > ncf t p will lo gin to the server ano nymo usly if the -u o ptio n isn't given (in o ther wo rds if yo u want to transfer files fro m yo ur ho ttub acco unt to the bubble machine yo u'll use ncftp -u ho ttub.useractive.co m and it will ask yo u fo r yo ur lo gin info rmatio n and lo g yo u into yo ur acco unt). No w let's find and do wnlo ad the ssh pro gram. List the directo ry yo u are in, then cd into the pub directo ry: After the co mmand pro mpt, type the fo llo wing co mmands: ncftp / > ls pub/ ncftp / > cd pub ncftp /pub > ls apache make-3.79.1-5.i386.rpm rc.sysinit apache_1.3.19.tar.gz mysql-3.23.42.tar.gz slocate-2.5-5.i386.rpm bashrc ncftp-3.0.2-1.i386.rpm ssh-1.2.27-bin.tar.gz bind-8.2.3-1.i386.rpm openss1-0.9.6.tar.gz ssh-1.2.27.tar.gz bind-utils-8.2.3-1.i386.rpm passwdreset tftp emacs php-4.0.6.tar.gz ua_support flex-2.5.4a-13.i386.rpm pop3 uatest.php inittab qpopper4.0.4.tar.gz ncftp /pub > get ssh-1.2.27.tar.gz ssh-1.2.27.tar.gz: 998.58 kB 3.99 MB/s ncftp /pub > quit bubble12:~$ No w yo u sho uld have this file in yo ur directo ry. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ ls objective15 ssh-1.2.27.tar.gz Use t ar to extract the files. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ tar -xzf ssh-1.2.27.tar.gz bubble12:~$ ls objective15 ssh-1.2.27 ssh-1.2.27.tar.gz bubble12:~$ cd ssh-1.2.27 bubble12:~/ssh-1.2.27$ List the co ntents o f the directo ry.

After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ls

As yo u can see, there are a lo t o f files in this directo ry. Mo st o f the files are c pro grams that are part o f the SSH pro gram. No w that yo u have the files, it's time to learn ho w to install a pro gram. First, yo u need to co nfigure the m ake f ile . Then co mpile the pro gram and install it. This is the way mo st Unix pro grams are installed. A m ake f ile is a file that tells a pro gram co mpiler the o rder in which to co mpile all o f the sub-pro grams that make up the entire pro gram. Try to co nf igure the make file no w. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ ./configure ; make

After yo u type this co mmand, yo u will see many messages checking, updating, and creating files. Everything sho uld co mpile just fine. The next step is to install ssh. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ make install ... /usr/bin/install: cannot create regular file `/usr/local/bin/ssh1': Permission denied make: *** [install] Error 1 bubble12:~/ssh-1.2.27$ Why did it fail? That do esn't make sense do es it? Well, there's a reaso n. Yo u're trying to install pro grams into system directo ries and yo u do n't have permissio n to do that as a no rmal user. Yo u can get aro und this pro blem if yo u are a superuser tho ugh. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ su suusername Password: bubble12:~/ssh-1.2.27# make install ... done bubble12:~/ssh-1.2.27# exit exit bubble12:~/ssh-1.2.27$ See if it wo rks. Try co nnecting to the bubble fro m itself. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ ssh localhost Secure connection to localhost refused; reverting to insecure method. Using rsh. WARNING: Connection will not be encrypted. No such file or directory bubble12:~/ssh-1.2.27$ It didn't! Even tho ugh yo u've installed the ssh client, yo u haven't set up the bubble to listen fo r co nnectio ns. To do this, yo u must run sshd.

SSHD

sshd is the secure shell daemo n that listens fo r inco ming ssh co nnectio ns. A pro gram that runs in the backgro und and waits fo r so mething to happen is called a dae m o n. Mo st daemo ns end with a d, like ncftpd (the ftp daemo n fo r transferring files), httpd (web server daemo n), and sshd (secure shell daemo n). After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ su suusername Password: bubble12:~/ssh-1.2.27# /usr/local/sbin/sshd & [1] 11752 [1]+ Done /usr/local/sbin/sshd bubble12:~/ssh-1.2.27# exit bubble12:~/ssh-1.2.27$ The sshd pro gram is no w running. It will co ntinue to run until yo u sto p it o r until yo u shut do wn the co mputer. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ ssh localhost [email protected]'s password: Last login: Tue Feb 27 17:09:52 2001 from hottub No mail. bubble12:~$ Excellent! Yo u have no w used the bubble to lo gin in to the bubble (which is so mething yo u no rmally wo uldn't have any reaso n to do ) and go tten a chance to see ho w ssh wo rks. Go ahead and terminate this co nnectio n by typing e xit o nce.

Note

No rmally, yo u use the bubble co mmand to co nnect to the bubble. This auto matically uses ssh (no t telnet) to establish the co nnectio n.

So sshd is running o n yo ur bubble. If yo u rebo o t the bubble it will no t be running any lo nger. Yo u need to run it auto matically each time yo ur bubble rebo o ts.

rc.local When the system is rebo o ted, it will always execute the co mmands fo und in /e t c/rc.d/rc.lo cal. This gives the system administrato r a simple and easy way to start special daemo ns like sshd o r to run custo m scripts. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ su suusername Password: bubble12:~/ssh-1.2.27# cd /etc/rc.d bubble12:~/etc/rc.d# emacs rc.local Yo u sho uld see so mething that lo o ks like this:

rc.lo cal sho uld already have so me lines in it. Let's add the co mmand used to run sshd. Simply add the same line as the o ne yo u wo uld type when running sshd at the co mmand line.

Save rc.lo cal and e xit o ut o f yo ur super user acco unt.

SCP The ssh package also includes an excellent co mmand to transfer files securely fro m o ne machine to ano ther. This co mmand is called scp. It is a lo t like the co py co mmand (cp). The main difference is that yo u can co py files to and fro m o ther users and ho sts. Try it o ut! After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~/ssh-1.2.27$ cd ~ bubble12:~$ scp hottub.private.useractive.com:manual* . Host key not found from the list of known hosts. Are you sure you want to continue connecting (yes/no)? yes Host 'hottub.private.useractive.com' added to the list of known hosts. [email protected]'s password: manual_Introduction.html | 79 KB | 79.3 kB/s | ETA: 00:00:00 | 100%

All files that have names beginning with m anual will be co pied fro m the ho t t ub to yo ur current directo ry o n the bubble (.), which in this case is yo ur ho me directo ry. scp also allo ws yo u to specify a username in fro nt o f the ho stname, just like ssh do es. Co ngratulatio ns o n installing yo ur first pro gram! As a system administrato r, yo u will install many pro grams. Onward! Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Syslog Lesson Objectives To understand system lo gs.

System Logs Note

If yo u have no t already, co nne ct t o yo ur bubble m achine no w. If yo u have fo rgo tten yo ur new bubble passwo rd, lo gin to yo ur OST Start Page to reset it using the Update link under the My Lab Acco unt sectio n.

Because a server has a lo t o f things go ing o n at o nce, there must be so me way to keep track o f it all. This is helpful when trying to diagno se a pro blem. Yo u sho uld also keep track o f all o f the co nnectio ns to the machine fo r security reaso ns. System lo gs are created by syslo gd, a daemo n that separates lo g messages acco rding to the instructio ns in the co nfiguratio n file. Befo re go ing further with the actual o peratio n o f syslo gd, take a lo o k at a few lo g files so that yo u can get an idea o f what they lo o k like.

Sample Log Files and Entries The lo gs are usually sto red in the /var/lo g directo ry. cd into this directo ry and take a lo o k aro und. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ cd /var/log bubble12:/var/log$ ls boot.log dmesg cron htmlaccess.log

httpd lastlog

maillog messages

netconf.log news

secure spooler

squid statistics

wtmp xferlog

The list o f files in yo ur lo g directo ry is pro bably no t quite that lo ng. Ho wever, the files listed abo ve pro vide a go o d example to discuss. The first thing yo u sho uld no tice is that a lo t o f the files have the same name except fo r the number at the end o f the filename. Lo g files can get extremely large. In o rder to prevent the files fro m getting to o large, many system administrato rs co py the current file to a backup file, then start o ver. This is kno wn as ro t at ing t he lo gs. Usually the pro cess is auto mated by the default system setup o r by the administrato r themselves at a later time. The m aillo g file (which is pro bably empty right no w) co ntains the lo gs o f all o f the email co ming and go ing fro m the server. This is useful fo r identifying spammers o r reso lving pro blems a user might have when checking email. A typical set o f entries wo uld lo o k so mething like this: Observe the fo llo wing: Oct 31 14:56:00 bubble sendmail[8669]: OAA08669: from=username, size=216, c lass=0, pri=30216, nrcpts=1, msgid=, relay=username@localhost Oct 31 14:56:00 bubble sendmail[8669]: OAA08669: to=username, ctladdr=usern ame (500/500), delay=00:00:00, xdelay=00:00:00, mailer=local, stat=Sent There is o ne entry when the message arrives to the system. There is ano ther entry when this message is delivered. This particular user sent a message fro m himself to himself. Yo u do no t need to co ncern yo urself with the specifics o f this type o f file, but yo u sho uld be aware that this file exists. The m e ssage s file co ntains info rmatio n abo ut all co nnectio ns (telnet and ssh) to the server.

Observe the fo llo wing: Nov Nov Nov Nov

6 6 6 6

17:39:24 17:39:24 17:39:26 17:39:32

bubble bubble bubble bubble

sshd[25122]: connect from hot.useractive.com sshd[25122]: log: Connection from 209.16.196.243 port 1023 sshd[25122]: log: Password authentication for username accepted. su: (to suusername) username on /dev/ttyp0

These fo ur entries were generated when o ne user lo gged into the OST servers. The first line indicates that there was a co nnectio n to sshd fro m ho t .use ract ive .co m . The seco nd line gives the IP address and the po rt that the user is using. The third line indicates that the passwo rd was entered and accepted. Finally, the user lo gs into her superuser acco unt so that she has permissio n to read the lo g file. The lo g files do no t keep track o f everything every user do es. The purpo se is to have a reco rd o f the mo st impo rtant info rmatio n so that it can be used if necessary, to track do wn a bug o r security pro blem.

Log File Example Try creating an entry in the m e ssage s file. Telnet to yo ur OST do main lo calho st . When yo u are pro mpted to lo gin, yo u sho uld do so inco rrectly. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ telnet localhost Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Red Hat Linux release 7.2 (Enigma) Kernel \r or an \m login: userasdf Password: Login incorrect After failing to lo gin, yo u sho uld type Ct rl+] to break o ut o f the telnet sessio n. Then type quit to exit the telnet pro mpt. After the co mmand pro mpt, type the fo llo wing co mmands: login: Ctrl+] telnet> quit Connection closed. bubble12:~$ No w take a lo o k at the lo g file. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ cd /var/log bubble12:/var/log$ tail messages tail: messages: Permission denied Why do yo u think yo u weren't allo wed to lo o k at this file? After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:/var/log$ ls -l messages -rw------1 root root

571004 Nov

8 17:22 messages

By examining the file permissio ns and o wnership yo u can see that the ro o t user is the o nly o ne allo wed to read and write to the messages file. Even tho ugh it's yo ur server, yo ur user acco unt is still just a user acco unt. Yo u'll need to beco me a super user in o rder to view the co ntents o f this file.

After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:/var/log$ su suusername Password: bubble12:/var/log# Yo u can no w view the lo g file. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:/var/log# tail messages ... Mar 1 15:28:49 bubble12 login(pam_unix)[14625]: check pass; user unknown Mar 1 15:28:49 bubble12 login(pam_unix)[14625]: authentication failure; logname= uid=0 euid=0 tty=pts/1 ruser= rhost=localhost Mar 1 15:28:49 bubble12 login[14625]: FAILED LOGIN 1 FROM localhost FOR userasdf, Authentication service cannot retrieve authentication info. Mar 1 15:30:25 bubble12 su(pam_unix)[14626]: session opened for user suusername by use rname(uid=505)

Remember, t ail will display the last 10 lines o f a file, but yo u sho uld fo cus o n the last fo ur lines. Of these fo ur lines, the first three are a result o f the failed lo gin attempt. The last indicates that yo u used yo ur superuser acco unt to view the lo g file. Lo g files can be lengthy and hard o n the eyes. Yo u can use t ail -n X, cat , gre p, and le ss to search thro ugh them mo re easily.

Note

Example: t ail -n 4 0 0 m aillo g |gre p use rnam e |le ss Additio nally, yo u can use t ail -f m aillo g to view updates to the lo g as they happen.

Exit o ut o r yo ur superuser acco unt. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:/var/log# exit bubble12:/var/log$

Syslog.conf The lo catio n fo r all o f the lo g files and their co ntents are specified by the syslo g co nfiguratio n file lo cated in /e t c/syslo g.co nf . Lo gs are divided into different files as specified in the co nfiguratio n. Mo st o f the time the default system co nfiguratio n will be just fine, so the co nfiguratio n will no t be discussed in detail here. Yo u sho uld be aware tho ugh, that fo r so me reaso n, the syslo g.co nf file uses tabs to delimit fields instead o f spaces. Fo r mo re info rmatio n, see the man pages fo r syslo g.co nf .

Note

Yo u may have no ticed that co nfiguratio n files are lo cated in /e t c. This is no t a co incidence. There is a file system standard that dictates where files sho uld be sto red, and /e t c is the lo catio n fo r co nfig files.

Keeping track of user logins When yo u learned abo ut w yo u may have wo ndered ho w the system keeps track o f who is lo gged in. Info rmatio n abo ut users that are currently lo gged in is kept in utmp and wtmp. The files aren't regular text files so yo u can't really lo o k at them yo urself. If yo u need to find o ut when a user last lo gged in o r where they've been lo gging in fro m, that's po ssible as well. All o f the user lo gins are kept in /var/log/lastlog. The info rmatio n can't be viewed as a regular text file, but yo u can use the last co mmand to check it o ut.

Type the fo llo wing at the Unix pro mpt: bubble12:~$ last username |head -n 5 username pts/0 bubble.useractiv username pts/0 hottub username pts/0 hottub username pts/0 hottub username pts/0 hottub

Tue Mon Mon Mon Mon

Nov Nov Nov Nov Nov

21 20 20 20 20

11:50 23:57 20:04 18:56 18:19

-

still 23:59 21:47 19:00 18:47

logged in (00:01) (01:42) (00:04) (00:27)

This sho ws the last 5 times that "username" has lo gged in. I suggest yo u do n't type last witho ut any arguments o r witho ut piping it thro ugh a filter. Otherwise it will print all o f the lo gin info rmatio n fo r all o f the users. If it hasn't been cleared in awhile the lastlog can get pretty big. We can also gre p to see the last 5 lo gins fro m the bubble to the ho ttub. Type the fo llo wing at the Unix pro mpt: hottub:~$ last |grep bubble |head -n 5 username pts/62 bubble.useractiv Tue Nov 21 11:50 username pts/13 bubble.useractiv Mon Nov 20 12:10 username pts/13 bubble.useractiv Sun Nov 19 14:36 username pts/13 bubble.useractiv Wed Nov 15 23:17 somedude pts/13 bubble.useractiv Wed Nov 15 12:33 -

still logged in 12:11 (00:01) 15:09 (00:33) 23:24 (00:06) 17:14 (04:41)

Keep in mind that yo ur lastlog is go ing to be different than mine. So yo u'll pro bably want to try to lo o k fo r a different ho st. No tice that with this metho d I was also able to see that "so medude" lo gged in fro m bubble as well as "username."

Other log files There are a few o ther lo gs files that yo u sho uld kno w abo ut that aren't functio ns o f syslo gd. First, the cro n daemo n--that we'll learn abo ut in the next lesso n--keeps track o f its o wn lo gs in /var/log/cron. Entries in the cro n lo g lo o k like this: Observe the fo llo wing: root (11/21-15:01:00-10617) CMD (run-parts /etc/cron.hourly) username (11/21-15:08:00-10641) CMD (echo "hello" 1> /tmp/test 2> /tmp/test) They're very simple really. Yo u see the user the co mmand was run fo r, the time it was executed, and the co mmand itself. Cro n isn't the o nly pro gram that creates its o wn lo g files. Chances are yo ur webserver do es as well. The o nly pro blem is that the lo catio n o f the webserver lo gs tends to vary system by system. Places to lo o k wo uld be /var/log/httpd o r /httpd/logs. Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Cron Lesson Objectives To be able to run pro grams auto matically at certain times using cro n.

Cron A lo t o f tasks that a systems administrato r wo uld perfo rm need to be repeated weekly o r even daily. Mo st, if no t all, Unix machines have a system in place called cron that allo ws yo u to schedule tasks. It might be helpful to think o f things being in chro no lo gical o rder when yo u're wo rking with cron. The scheduled tasks are kept in crontab files which we'll get to a little later. The actual pro gram that takes care o f running the pro cesses is called cro nd. The 'd' is fo r daemon. Daemo n stands fo r Disk And Executio n MONito r. The cro n daemo n sits and waits fo r the co nditio ns in the cro ntab files to be met. We already learned that the ssh daemo n (sshd) sits and waits fo r inco ming ssh co nnectio ns. We'll co ver o ther daemo ns in the future and yo u'll find that mo st o f them end in 'd.'

Crontab The cro n daemo n needs so me instructio ns o n what to run and when to run it. These instructio ns are co ntained in crontab files. Let's lo o k at the fo rmat o f a cro ntab file, and then we'll create o ur o wn. Here's a typical cro ntab file: Observe the fo llo wing: # DO NOT EDIT THIS FILE - edit the master and reinstall. # (/tmp/crontab.23589 installed on Mon Sep 18 11:30:21 2000) # (Cron version -- $Id: crontab.c,v 2.13 1994/01/17 03:20:37 vixie Exp # $) PATH="/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin" MAILTO=root 08 04 * * * /root/scripts/time.sh 1>/dev/null 2>/dev/null 00 00 * * * /root/scripts/nightly 1>/var/log/nightly.log 30 23 * * 6 /root/scripts/rotlogs.sh 1>/dev/null 2>/dev/null The lines in black that start with # are just co mments in the co nfiguratio n. The blue lines co ntain variables that cro nd will use if needed. PAT H wo rks just like the PATH enviro nment variable that we learned abo ut earlier. MAILT O is the email address that will be used to repo rt erro rs during executio n o f the co mmands. In this case, the ro o t user o n the same system will be mailed. The re d stuff can get co nfusing with cro ntabs. These five fields determine when the co mmands are run. Fro m left to right, the fields and values are as fo llo ws: Fie ld

Value s

minute

0 -59

ho ur

0 -23

day o f mo nth 1-31 mo nth

1-12

day o f week

0 -7

Let's go thro ugh a co uple o f them. 08 04 * * * The first entry is fo r minute and the seco nd is fo r ho ur, so the values o f 0 8 and 0 4 give us a time o f 4:0 8 am. All o f the o ther fields have a star, which is the same as saying "every day o f the mo nth, every mo nth, and fo r all days o f the week." In o ther wo rds, the co mmand will run at 4:0 8 every mo rning. Let's lo o k at the last o ne. 30 23 * * 6 The time fo r this o ne is 23:30 . That's the same thing as saying 11:30 pm. Just as befo re, it's go ing to run o n every day

The time fo r this o ne is 23:30 . That's the same thing as saying 11:30 pm. Just as befo re, it's go ing to run o n every day o f every mo nth, but this time, it's o nly go ing to run if it's Saturday.

Note

Sunday can be represented by bo th 0 and 7.

We can also select multiple times by using co mmas. Fo r example, if we wanted the previo us example to run o n Wednesdays as well, we'd do the fo llo wing: 30 23 * * 3,6 The gre e n parts fro m abo ve are the co mmand lines that cro n will run. /ro o t /script s/ro t lo gs.sh 1>/de v/null 2>/de v/null The ro t lo gs.sh script is lo cated in /root/scripts. (It's purpo se is to ro tate the lo gs o n the server fro m which this cro ntab example was taken.) It's always a go o d idea to include the full path to the co mmand. What's the o ther stuff tho ugh?

More on Redirecting Output In previo us lesso ns yo u learned ho w to redirect the o utput o f a co mmand to a file. Yo u can do the same thing with a co mmand run by cro n. If yo u do n't, any o utput will be written to the co nso le. So essentially, unless yo u're physically sitting at the machine yo u'll have no idea what happened. Here's the co mmand fro m the example again: /ro o t /script s/ro t lo gs.sh 1>/de v/null 2>/de v/null The 1 and the 2 stand fo r STDOUT (standard o utput) and STDERR (standard erro r), respectively. They are separate fo rms o f o utput, so we need to distinguish between them when we redirect the o utput. In the case abo ve, instead o f writing the o utput to a file, we just redirect it to /de v/null. We do this when we do n't care what the o utput is and we'd rather it didn't clutter up the co nso le. /de v/null is kind o f like a black ho le, anything yo u put into it will disappear fo rever. It's the big No thing o f the Unix wo rld.

Editing your Crontab The lo catio n o f the cro ntab files can vary fro m system to system, but typical places to lo o k wo uld be: /var/spo o l/cro n /var/cro n Additio nally, RedHat Linux co ntains the cro ntab info rmatio n fo r the ro o t user in several directo ries under /etc. Altho ugh the cro ntab files are just text, yo u sho uld use the cro nt ab co mmand to edit them. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ crontab -e Ahh! What's that? Remember when I to ld yo u abo ut vi? Well, there it is. The -e flag tells cro ntab that we want to use the default edito r and the default edito r in this case happens to be vi. Do yo u remember ho w to exit? If no t, type ESC then :q. Befo re we run cro nt ab again. Let's set o ur default edito r to so mething mo re familiar, like pico . We do this by setting the EDITOR enviro nment variable. Do yo u remember ho w to do this? After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ export EDITOR=pico Let's try to edit o ur cro ntab again. Yo u may want to add that line to yo ur .bashrc as well. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ crontab -e Yeah, that's better.

By default, cro nt ab will try to edit the cro ntab o f the user that runs it. So if yo u're currently the superuser, yo u will be editing ro o t's cro ntab. Otherwise it will be yo ur individual user cro ntab that gets edited. Keep in mind tho ugh, cro nd will run the co mmand as the user who 's cro ntab made the co mmand. So if the co mmand needs to be run as ro o t, it better be in ro o t's cro ntab.

Note

Ro o t can edit anyo ne's cro ntab by using the -u flag.

Yo ur cro ntab file is pro bably empty at this po int. Let's add a simple entry. Type the fo llo wing into yo ur edito r: 45 * * * * /bin/echo "hello" 1> /tmp/test 2> /tmp/test The time o r number o f minutes yo u cho o se fo r yo ur cro ntab refers to the part o f the ho ur yo ur co mmand will execute. If yo u cho o se 4 5 fo r the minutes in yo ur cro ntab, yo ur co mmand will execute at 45 minutes past the ho ur, every ho ur. To save time when yo u're testing, pick a time that's 5-10 minutes into the future. Also , make sure yo u hit e nt e r at the end o f that cro ntab line. If there isn't a newline at the end, it wo n't run. No w save and exit. (C-x y fo r pico ) Just to pro ve that cro n will create the o utput file, let's check to make sure it's no t there no w. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ ls -la /tmp/test ls: /tmp/test: No such file or directory Alright, go o d. No w let's just wait a few minutes to let cro n run the co mmand. When the time yo u selected is past, run the ls co mmand again. (Yo u can check the system time with dat e .) After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ ls -la /tmp/test -rw-r--r-1 username username bubble12:~$ cat /tmp/test hello

6 Oct 31 15:45 /tmp/test

Excellent. No tice that the file mo dificatio n time is 45 minutes, just like it sho uld be. Keep in mind that the cro ntab entry we created will run that co mmand every ho ur. Let's try ano ther o ne. After the co mmand pro mpt, type the fo llo wing co mmands: 45 13 * * * /bin/echo "hello" 1> /tmp/test 2> /tmp/test

Can yo u explain what's happening here? What time do yo u think this wo uld execute? Go o d jo b! See yo u so o n fo r the final lesso n! Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.

Managing Users Lesson Objectives To be able to add and delete user acco unts. To understand the fo rmat o f two very impo rtant files: /etc/passwd and /etc/shado w.

User Accounts In o rder fo r so meo ne to lo gin to yo ur machine, they'll need an acco unt. A user acco unt co nsists o f a lo gin, a passwo rd, and a ho me directo ry. All o f this info rmatio n, and mo re, is sto red in the passwo rd file.

T he Password File The passwo rd file, lo cated in /e t c/passwd, co ntains all o f the info rmatio n fo r a user's acco unt. This file is used as a reference by a number o f pro grams so let's take a lo o k at a typical line fro m /e t c/passwd to see what it all means. Observe the fo llo wing: jdoe:x:500:100:John Doe:/home/jdoe:/bin/bash jdo e

This is the user's lo gin name.

x

This is the passwo rd field. In o ld passwo rd files there will be an encrypted passwo rd here. Ho wever, no wadays a shado w file (discussed later) is used fo r the passwo rds.

500

The UID (user id) number. The UID is used by the filesystem to keep track o f file o wnership.

10 0

The GID (gro up id) number. The GID is used to indicate the default gro up o f the user.

J o hn Do e

This is simply the user's full name.

/ho m e /jdo e The full pathname o f the user's ho me directo ry. Mo st o f the time it's /home fo llo wed by the username, but it can vary between systems. /bin/bash

This is the user's lo gin shell. Other co mmo n examples are /bin/csh and /bin/t csh.

Go ahead and type the fo llo wing and take a lo o k at yo ur o wn passwo rd file: After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ cat /etc/passwd Who a! What are all tho se? Yo u're the o nly user o n the machine so why are there all tho se o ther lo gin names? Mo st o f the acco unts yo u see are all used by the system fo r o ne reaso n o r ano ther. The very first entry is fo r the ro o t user. No tice that its UID and GID are bo th zero . At the end, next to yo ur username, yo u'll see ano ther lo gin similar to yo urs that starts with "su". This is yo ur super user acco unt that yo u'll be using later. See ho w it's UID and GID are zero as well. This means it gives yo u all o f the privileges o f the ro o t user. That all makes pretty go o d sense, except fo r the x in the passwo rd field. What's up with that? In the o ld days, the encrypted passwo rd wo uld be right there in /e t c/passwd so why isn't it anymo re? The /e t c/passwd file is readable by anyo ne. This allo ws pro grams to lo o k up info rmatio n, but at the same time it allo ws a malicio us user to view the encrypted passwo rds o f his fello w users. Well, so what? They're encrypted right? That's true, but we can't rely o n o ur users to have go o d passwo rds, so we have to make it as hard as po ssible fo r o thers to see the encrypted o nes. There are pro grams that try to crack a passwo rd by go ing thro ugh a huge list o f wo rds (o r co mbinatio ns o f them) and encrypting them all. If they find a match, then they've fo und the right passwo rd. The so lutio n is to sto re the encrypted passwo rds in a separate file that o nly the ro o t user o r a pro gram with ro o t privileges can read. We call this the shado w file.

T he Shadow File The shado w file, /etc/shadow, co ntains a bunch o f o ne line entries, much like the passwo rd file. The shado w file co ntains a lo t o f info rmatio n that allo ws an administrato r to set an expiratio n date fo r a user's passwo rd. This fo rces

the user to change their passwo rd o n a regular basis, thus impro ving security. Let's examine a typical entry to see the differences. Observe the fo llo wing: jdoe:0aGhPdjzKx76o:11123:0:99999:7:-1:-1:134540364 Yuck. It's no t as bad as it lo o ks, trust me. jdo e

This is the user's lo gin name again. No surprise here.

0 aGhPdjzKx7 6 o This string o f seemingly rando m characters is an encrypted passwo rd. The passwo rd a user enters is encrypted and then co mpared with this to see if it matches. 11123

This is the creatio n date o f the current passwo rd (if the passwo rd changes, so do es this date). It's the number o f days since Jan 1, 19 70 .

0

Number o f days befo re the passwo rd can be changed. Zero just means that the user can change his/her passwo rd right away.

99999

Date the passwo rd expires. This indicates the number o f days until the passwo rd must be changed. 9 9 9 9 9 is effectively infinity.

7

This is the number o f days befo re the expiratio n date that the user will be warned.

-1

Number o f days after the passwo rd expires that the acco unt is disabled. -1 indicates that it wo n't be disabled.

-1

Number o f days since Jan 1, 19 70 that the acco unt is disabled. -1 indicates that it wo n't be disabled.

134 5 4 0 36 4

This is the reserved field.

Mo st o f tho se fields do n't even need to exist if yo u aren't go ing to fo rce passwo rds to expire. The next example sho ws ano ther example o f a line fro m /etc/shadow. Observe the fo llo wing: jdoe:0aGhPdjzKx76o:11083::::::

T he Group File The gro up file (/etc/group), as yo u can pro bably imagine co ntains info rmatio n abo ut the gro ups o n the system. Here are a co uple examples o f /etc/group entries. Observe the fo llo wing: sys:x:3:root,bin,adm man:x:15: users:x:100: sys

This is the gro up name.

x

This is the passwo rd field, which isn't used in mo st cases.

3

The GID

ro o t ,bin,adm These are the users who belo ng to that gro up in additio n to their default gro up as listed in /etc/passwd. The seco nd example sho ws a listing o f a gro up that exists, but do esn't have any additio nal members.

Adding Accounts Adding acco unts is fairly simple when using a pro gram such as use radd.

Note

The o lder way o f adding users invo lved the use o f an adduse r script. If use radd isn't o n yo ur system, try adduse r.

Let's add a user with the lo gin name o f sam m y. The default o f the use radd pro gram is to create a gro up fo r every user with the same name as their lo gin. It wo uld add an entry in /e t c/gro up to reflect this. Ho wever, this isn't very useful, so we'll make sam m y's default gro up use rs. We'll need to su first. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~$ su suusername bubble12:~# /usr/sbin/useradd -c "Sammy Jones" -g 100 sammy This co mmand will create an entry fo r sam m y in /etc/passwd and /etc/shadow. It will also auto matically create /home/sammy and co py the files fro m /etc/skel with the co rrect permissio ns. (Mo st o f them are "do t" files so yo u'll need to use ls -a to see them.) The /etc/skel directo ry co ntains a skeleton versio n o f a ho me directo ry. Yo u can add o r remo ve things fro m this directo ry and these changes will be reflected when yo u create new users. The -g o ptio n allo ws yo u to specify the default GID fo r the user. The use rs gro up is 10 0 . The o nly thing use radd do esn't do is create a passwo rd fo r sam m y. Fo r this, yo u simply use the passwd co mmand. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~# passwd sammy Changing password for user sammy New UNIX password: Retype new UNIX password: Be sure and specify the username here, o r it will change yo ur super user passwo rd.

Removing Accounts To remo ve a user's acco unt yo u need to do three things. Remo ve their entries fro m /etc/passwd and /etc/shadow. Also yo u'll want to remo ve their ho me directo ry. Yo u can either do this manually o r with use rde l. After the co mmand pro mpt, type the fo llo wing co mmands: bubble12:~# /usr/sbin/userdel sammy bubble12:~# exit This will delete sam m y's entries in /etc/passwd and /etc/shadow. The ho me directo ry is still there. So metimes it's go o d to leave the ho me directo ry aro und fo r a little while just in case sam m y needs to get a file fro m his o ld acco unt. Well, that's all fine and go o d, but so metimes we just want to get rid o f the who le mess right away. Observe the fo llo wing: bubble12:~# /usr/sbin/userdel -r sammy The -r o ptio n tells use rde l to remo ve the user's ho me directo ry as well. If yo u want to test this o ptio n yo urself, yo u'll need to re-add the acco unt first.

Note

If yo u remo ve an acco unt fro m /etc/passwd and /etc/shadow, but still have so me o f its o ld files sitting aro und; yo u'll see that ls repo rts the UID instead o f a username.

So metimes we do n't want to remo ve an acco unt, but we need to disable it tempo rarily. A co mmo n way to do this is to add an asterisk (*) to the beginning o f the encrypted passwo rd in /etc/shadow, using a text edito r. Observe the fo llo wing: j-doe:*0aGhPdjzKx76o:11083:::::: The result is that passwo rd authenticatio n will fail resulting in the user no t being able to lo gin. Addit io nal co m m ands t o lo o k at

cho wn Change o wnership o f a file(s) chgrp

Change the gro up o f a file(s)

Copyright © 1998-2014 O'Reilly Media, Inc.

This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License. See http://creativecommons.org/licenses/by-sa/3.0/legalcode for more information.