Palimpsest The Gnome Disk Utility fedora

Unless you are certain the hard disk where you are installing Fedora RHEL has nothing on it (it is a new disk) or you are sure the disk holds no information of value, it is a good idea to examine the contents of the disk before you start the installation. The palimpsest disk utility, which is available from a live session, is a good tool for this job. It is part of the gnome-disk-utility package. Open the Palimpsest Disk Utility window by selecting Main menu Applications System ToolsODisk...

Smbtree Displays Windows Shares

Home Directories MainPrinter IPC Service (pb Samba) IPC Service (pb Samba) mgs temp PB mark PB Mai nPrinter PB ADMIN In the preceding output, MGS is the name of the workgroup, PB is the name of the Windows machine, mark and tmp are directory shares, and MainPrinter is a shared printer. Workgroup and machine names are always shown in capitals. Refer to the smbtree man page for more information.

Command Line Utilities

This section describes a few command-line system administration tools you may find useful. To learn more about most of these utilities, read the man pages. For information about umask and uname, see the info pages. Changes the login shell for a user. When you call chsh without an argument, you change your own login shell. Superuser can change the shell for any user by calling chsh with that user's username as an argument. When changing a login shell with chsh, you must specify an installed...

N

See Username server, 385, 386 space, 1095 variable, 299 807, 812 named daemon, 389, 788, 794 named directory, 794, 800 named file, 786, 805 Named pipe, 351, 482, 483 Namespace, 32, 1095 NAT, 820, 1095 National Center for Supercomputer Applications, 395 Nautilus, 98-104 access permissions, 121 control bars, 266 emblems, 120, 266 File Browser versus Spatial windows, 99 File Browser window, 99, 264-270 file manager, 270 file, open with, 110 hidden files, displaying,...

Declare and typeset Assign Attributes to Variables

The declare and typeset builtins (two names for the same command) set attributes and values for shell variables. Table 9-3 (next page) lists five of these attributes. Table 9-3 Variable attributes (typeset or declare) Table 9-3 Variable attributes (typeset or declare) Declares a variable as an array (page 924) Declares a variable to be a function name (page 335) -i Declares a variable to be of type integer (page 305) Makes a variable readonly also readonly (page 303) Exports a variable (makes...

Downloading rpm Package Files with yumdownloader

The yumdownloader utility locates and downloads but does not install rpm files. If this utility is not available on the local system, use yum to download and install the yum-utils package before attempting to run yumdownloader. The following example downloads the samba rpm file to the working directory Loaded plugins presto, refresh-packagekit samba-3.4.2-47.fc12.i686.rpm 4.3 MB 00 04 Downloading You can use yumdownloader with the source option to download rpm source pack-source files age...

Parted Reports on and Partitions a Hard Disk

The parted (partition editor) utility reports on and manipulates hard disk partitions. The following example shows how to use parted from the command line (see Running Commands from a Terminal Emulator Shell on page 118). It uses the print command to display information about the partitions on the dev sda drive Disk geometry for dev sda 0kB - 165GB Disk label type msdos Disk geometry for dev sda 0kB - 165GB Disk label type msdos i't forget to update etc fstab, if necessary Figure 16-3...

Working with MySQL

Adding a user Before starting to work with the database, create a user so you do not have to work as the MySQL root user. If the MySQL username you add is the same as your Linux username, you will not have to specify a username on the MySQL command line. In the following example, Max works as the MySQL root (-u root) user to create a database named maxdb and add the MySQL user named max with a password of mpassword. The GRANT statement gives Max the permissions he needs to work with the maxdb...

Desktop Effects fedora

Open the Desktop Effects window by selecting Main menu SystemOPreferences Desktop Effects or by giving the command desktop-effects from a terminal emulator or Run Application window (ALT-F2). This window enables you to turn on Desktop Effects and to select from two options. Turning on Desktop Effects replaces the Metacity window manager with Compiz (compiz.org), which implements a 3D-accelerated desktop. One of the most dramatic desktop effects is wiggly windows To see this effect, turn on...

Overview of Linux

The Linux operating system has many unique and powerful features. Like other operating systems, Linux is a control program for computers. But like UNIX, it is also a well-thought-out family of utility programs (Figure 1-1) and a set of tools that allow users to connect and use these utilities to build systems and applications. Linux Has a Kernel Programming Interface The Linux kernel the heart of the Linux operating system is responsible for allocating the computer's resources and scheduling...

Tunneling Port Forwarding

The ssh utility allows you to forward a port (port forwarding, page 1099) through the encrypted connection it establishes. Because the data sent across the forwarded port uses the encrypted ssh connection as its data link layer (page 365), the term tunneling (page 1112) is applied to this type of connection The connection is tunneled through ssh. You can secure protocols including POP, X, IMAP, and WWW by tunneling them through ssh. Forwarding X11 The ssh utility makes it easy to tunnel the X11...

Connecting Several Clients to a Single Internet Connection

Configuring the kernel of the router system to allow clients on multiple local systems on the LAN to connect to the Internet requires you to set up IP masquerading, or SNAT (source NAT). IP masquerading translates the source and destination addresses in the headers of network packets that originate on local systems and the packets that remote servers send in response to those packets. These packets are part of connections that originate on a local system. The example in this section does...

Rm Removes a Link

When you create a file, there is one hard link to it. You can then delete the file or, using Linux terminology, remove the link with the rm utility. When you remove the last hard link to a file, you can no longer access the information stored there and the operating system releases the space the file occupied on the disk for subsequent use by other files. This space is released even if symbolic links to the file remain. When there is more than one hard link to a file, you can remove a hard link...

Split Horizon Server

Assume you want to set up a LAN that provides all its systems and services to local users on internal systems, which may be behind a firewall, and only certain public services such as Web, FTP, and mail to Internet (public) users. A split horizon (also called DMZ) DNS server takes care of this situation by treating queries from internal systems differently from queries from public systems (systems on the Internet). View sections BIND 9 introduced View sections in named.conf. View sections...

Chkconfig Configures Services III

The chkconfig character-based utility duplicates much of what the system-config-services utility does It makes it easier for a system administrator to maintain the etc rc.d directory hierarchy. This utility can add, remove, list startup information, and check the state of system services. It changes the configuration only it does not change the current state of any service. To see a list of all services, give the following command (you can omit the l option) All services that run their own...

Desktop Environments Managers

As a consequence, it does not provide some of the more common features found in GUIs, such as the ability to drag windows. The UNIX Linux philosophy is one of modularity X relies on a window manager, such as Metacity or Compiz, to draw window borders and handle moving and resizing operations. Unlike a window manager, which has a clearly defined task, a desktop environment (manager) does many things. In general, a desktop environment, such as GNOME or KDE, provides...

NIS and LDAP

NIS (Network Information Service) simplifies the maintenance of common administrative files by keeping them in a central database and having clients contact the database server to retrieve information from the database. Developed by Sun Microsystems, NIS is an example of the client server paradigm. Just as DNS addresses the problem of keeping multiple copies of etc hosts files up-to-date, NIS deals with the issue of keeping system-independent configuration files (such as etc passwd) current....

Jump Start II Setting Up a Local or Remote Printer Using the CUPS Web Interface

This JumpStart explains how to use the CUPS Web interface to set up a printer connected to the local system or connected to the local network. If the printer you are configuring is on an older Linux system or another UNIX-like operating system that does not run CUPS, the system is probably running LPD LPR. Newer versions of Linux and UNIX variants that support CUPS (including Mac OS X) support IPP. Most devices that connect printers directly to a network support LPR LPD some support IPP....

Syntax

Command-line syntax dictates the ordering and separation of the elements on a command line. When you press the RETURN key after entering a command, the shell scans the command line for proper syntax. The syntax for a basic command line is command argl arg2 argn return One or more SPACEs must separate elements on the command line. The command is the name of the command, argl through argn are arguments, and RETURN is the keystroke that terminates all command lines. The brackets in the...

Sendmail Setting Up Mail Clients Servers and More

In This Chapter Sending and receiving email require three pieces of software. At each end, there is a client, called an MUA (Mail User Agent), JumpStart I Configuring which is a bridge between a user and the mail system. Common sendmail on a Client 672 MUAs are mutt, KMail, Thunderbird, and Outlook. When you JumpStart II Configuring send an email, the MUA hands it to an MTA (a Mail Transfer sendmail on a Server 673 Agent such as sendmail), which transfers it to the destination How sendmail...

Important Standard Directories and Files

Originally files on a Linux system were not located in standard places. The scattered files made it difficult to document and maintain a Linux system and just about impossible for someone to release a software package that would compile and run on all Linux systems. The first standard for the Linux filesystem, the FSSTND (Linux Filesystem Standard), was released on February 14, 1994. In early 1995 work was started on a broader standard covering many UNIX-like systems FHS (Linux Filesystem...

Advanced Exercises

If you are running Apache on a firewall system, perhaps to display a Web front end for firewall configuration, how would you make sure that it is accessible only from inside the local network 6. Why is it more efficient to run scripts using mod_php or mod_perl than through CGI 7. What two things does SSL provide and how does this differ if the certificate is self-signed 8. Some Web sites generate content by retrieving data from a database and inserting it into a template using PHP or CGI each...

Working with Access Rules

The setfacl utility modifies a file's ACL and the getfacl utility displays a file's ACL. When you use getfacl to obtain information about a file that does not have an ACL, it displays the same information as an ls -l command, albeit in a different format -rw-r--r-- 1 max max 9537 Jan 12 23 17 report group max user rw-group r--other r-- The first three lines of the getfacl output are called the header they specify the name of the file, the owner of the file, and the group the file is associated...

Gq An LDAP Client

The gq utility (gq-project.org) is a graphical (GTK+-based) LDAP client you can use to display, edit, and delete entries. It is part of the gq package. Before you can work with gq, you must specify the DN for the administrator. Select menubar File Preferences, click the Servers tab, highlight the server (localhost in the example), click Edit, click the Connections tab, and set Bind DN to the DN for the administrator (cn ldapadmin,dc sobell,dc com in the example). Figure 21-4 shows gq displaying...

The Free Software Definition1

We maintain this free software definition to show clearly what must be true about a particular software program for it to be considered free software. Free software'' is a matter of liberty, not price. To understand the concept, you should think of free as in free speech,'' not as in ''free beer.'' Free software is a matter of the users' freedom to run, copy, distribute, study, change and improve the software. More precisely, it refers to four kinds of freedom, for the users of the software The...

Getopts Parses Options

The getopts builtin parses command-line arguments, thereby making it easier to write programs that follow the Linux argument conventions. The syntax for getopts is where optstring is a list of the valid option letters, varname is the variable that receives the options one at a time, and arg is the optional list of parameters to be processed. If arg is not present, getopts processes the command-line arguments. If optstring starts with a colon ( ), the script takes care of generating error...

Connecting Several Servers to a Single Internet Connection

DNAT (destination NAT) can set up rules to allow clients from the Internet to send packets to servers on the LAN. This example sets up an SMTP mail server on 192.168.1.33 and an HTTP (Web) server on 192.168.1.34. Both protocols use TCP. SMTP uses port 25 and HTTP uses port 80, so the rules match TCP packets with destination ports of 25 and 80. The example assumes the mail server does not make outgoing connections and uses another server on the LAN for DNS and mail relaying. Both commands put...

C

See C programming language c filename extension, 191 C programming language, 1073 about, 8, 9 library getpwnam() function, 697 getpwuid() function, 697 libwrap.a, 445, 447 portability, 9 C++ programming language, 9 C89 programming language, 9 Cable 10Base2, 361 10BaseT, 361 Category 5, 361 Category 5e, 361 Category 6, 359, 361 Category 7, 359 coaxial, 361 fiberoptic, 361 glass, 361 modems, 1073 thicknet, 361 thinnet, 361 twisted pair, 361 unshielded twisted pair, 361 UTP, 361 Cache, 1073...

Sftp A Secure FTP Client

As part of OpenSSH, Fedora RHEL provides sftp, a secure alternative to ftp (page 643). Functionally the same as ftp, sftp maps ftp commands into OpenSSH commands. You can replace ftp with sftp when you are logging in on a server that is running the OpenSSH daemon, sshd. Once you are connected to a system with sftp, give the command to display a list of commands. For secure communication, use sftp or scp to perform all file transfers requiring authentication. Refer to the sftp man page for more...

Important Files and Directories

This section details the most common files used to administer the system. Also refer to Important Standard Directories and Files on page 198. .bash_profile Contains an individual user's login shell initialization script. The shell executes the commands in this file in the same environment as the shell each time a user logs in. The file must be located in a user's home directory. The default Fedora RHEL .bash_profile file executes the commands in .bashrc. You can use .bash_profile to specify a...

Name of the Calling Program

The shell stores the name of the command you used to call a program in parameter 0. This parameter is numbered zero because it appears before the first argument on the command line echo The command used to run this script is 0 abc The command used to run this script is . abc home sam abc The command used to run this script is home sam abc The preceding shell script uses echo to verify the name of the script you are executing. You can use the basename utility and command substitution to extract...

Zones

For administrative purposes, domains are grouped into zones that extend downward from a domain (Figure 24-3). A single DNS server is responsible for (holds the information required to resolve) all domains within a zone. The DNS server for a zone also holds pointers to DNS servers that are responsible for the zones immediately below the zone it is responsible for. Information about zones originates in zone files, one zone per file. Root domain The highest zone, the one containing the root...

Lsof Finds Open Files

The lsof (Is open files) utility locates open files. Its options display only certain processes, only certain file descriptors of a process, or only certain network connections (network connections use file descriptors just as normal files do and lsof can show these as well). Once you have identified a suspect process using ps -ef, give the following command Replace pid with the process ID of the suspect process lsof displays a list of file descriptors that process pid has open. The -s option...

Nodes Domains and Subdomains

Each node in the hierarchical DNS database is called a domain and is labeled with a (domain) name. As with the Linux file structure, the node at the top of the DNS hierarchy is called the root node or root domain. While the Linux file structure separates the nodes (directory and ordinary files) with slashes ( ) and labels the root node (directory) with a slash, the DNS structure uses periods (Figure 24-1). hrweb.berkeley.edu Subdomains or hosts Figure 24-1 The DNS domain structure (FQDNs are...

FTP Server vsftpd

This section discusses the vsftpd server as supplied by Fedora RHEL. Install the following package vsftpd Run chkconfig to cause vsftpd to start when the system enters multiuser mode. sbin chkconfig vsftpd on Start vsftpd If you change the vsftpd. conf configuration file, you need to restart vsftpd. The vsftpd server can run in normal mode (the xinetd daemon page 445 calls vsftpd each time a client tries to make a connection) or it can run in stand-alone mode (vsftpd runs as a daemon and...

Tune2fs Changes Filesystem Parameters

The tune2fs utility displays and modifies filesystem parameters on ext2, ext3, and ext4 filesystems. This utility can also set up journaling on an ext2 filesystem, turning it into an ext3 filesystem. With the introduction of increasingly more reliable hardware and software, systems are rebooted less frequently, so it is important to check filesystems regularly. By default, fsck is run on each partition while the system is brought up, before the partition is mounted. (The checks scheduled by...

Printing Using CUPS

Modern versions of Windows (2000 and later) support IPP and, as a result, can communicate directly with CUPS. To use this feature, you must have CUPS configured on the Linux print server to allow remote IPP printing you also need to create a new printer on the Windows system that points to the IP address of the Linux print server. First set up the etc cups cupsd.conf file to allow network printing from a client, as explained in Sharing CUPS Printers on page 537. Setting up CUPS to allow...

LVM Logical Volume Manager

The Logical Volume Manager (LVM)1 allows you to change the size of logical volumes (LVs, the LVM equivalent of partitions) on the fly. With LVM, if you make a mistake in setting up LVs or your needs change, you can use system-config-lvm (Main menu SystemOAdministrationOLogical Volume Management) to make LVs either larger (assuming there is space in the volume group) or smaller easily without affecting user data. (You need to use yum page 500 to install the system-config-lvm software package to...

Finger Lists Users on the System

Figure 5-11 finger I lists who is logged in Figure 5-11 finger I lists who is logged in is available. If the user has logged in over the network, the name of the remote system is shown as the user's location. For example, in Figure 5-11 jenny and hls are logged in from the remote system named bravo. The asterisk (*) in front of the name of Helen's device (TTY) indicates that she has blocked others from sending messages directly to her terminal (refer to mesg Denies or Accepts Messages on page...

Mount Mounts a Filesystem

The mount utility connects directory hierarchies typically filesystems to the Linux directory hierarchy. These directory hierarchies can be on remote and local disks, CDs, and floppy diskettes. Linux also allows you to mount virtual filesystems that have been built inside ordinary files, filesystems built for other operating systems, and the special proc filesystem (page 478), which maps useful Linux kernel information to a pseudodirectory. Mount point The mount point for the filesystem...

Pushd Pushes a Directory on the Stack

To change directories and at the same time add a new directory to the top of the stack, use the pushd (push directory) builtin. In addition to changing directories, the pushd builtin displays the contents of the stack. The following example is illustrated in Figure 9-3 Figure 9-3 Creating a directory stack Figure 9-3 Creating a directory stack Figure 9-4 Using pushd to change working directories Figure 9-4 Using pushd to change working directories When you use pushd without an argument, it...

Scp Copies Files fromto a Remote System

The scp (secure copy) utility copies an ordinary or directory file from one system to another on a network. This utility uses ssh to transfer files and employs the same authentication mechanism as ssh thus it provides the same security as ssh. The scp utility asks you for a password when one is required. The format of an scp command is scp user from-host source-file user to-host destination-file where from-host is the name of the system you are copying files from and to-host is the system you...

The GNULinux Connection

An operating system is the low-level software that schedules tasks, allocates storage, and handles the interfaces to peripheral hardware, such as printers, disk drives, the screen, keyboard, and mouse. An operating system has two main parts the kernel and the system programs. The kernel allocates machine resources, including memory, disk space, and CPU (page 1077) cycles, to all other programs that run on the computer. The system programs perform higher-level housekeeping tasks, often acting as...

Setuid and Setgid Permissions

When you execute a file that has setuid (set user ID) permission, the process executing the file takes on the privileges of the file's owner. For example, if you run a set-uid program that removes all files in a directory, you can remove files in any of the file owner's directories, even if you do not normally have permission to do so. Minimize use of setuid and setgid programs owned by root security Executable files that are setuid and owned by root have Superuser privileges when they are run,...

Using X

This section provides basic information about starting and configuring X from the command line. For more information see the Xserver man page and the man pages listed at the bottom of the Xserver man page. Starting X from a Character-Based Display Once you have logged in on a virtual console (page 137), you can start an X Window System server by using startx. See page 423 for information on changing the initdefault entry in the etc inittab file that causes Linux to boot into single-user mode,...

Running a Perl Program

There are several ways you can run a program written in Perl. The -e option enables you to enter a program on the command line perl -e 'print Hi there. n' The -e option is a good choice for testing Perl syntax and running brief, one-shot programs. This option requires that the Perl program appear as a single argument on the command line. The program must immediately follow this option it is an argument to this option. An easy way to write this type of program is to enclose the program within...

Using Nautilus to Work with Files

Nautilus, the GNOME file manager, is a simple, powerful file manager. You can use it to create, open, view, move, and copy files and folders as well as to execute programs and scripts. One of its most basic and important functions is to create and manage the desktop. This section introduces Nautilus and demonstrates the correspondence between Nautilus and the desktop. See page 264 for more detailed information on Nautilus. Terms folder and Nautilus displays the File Browser window, which...

Optional Groups Commands

You can use parentheses to group commands. The shell creates a copy of itself, called a subshell, for each group. It treats each group of commands as a job and creates a new process to execute each command (refer to Process Structure on page 314 for more information on creating subshells). Each subshell (job) has its own environment, meaning that it has its own set of variables with values that can differ from those of other subshells. The following command line executes commands a and b...

Setting Personal Preferences

You can set preferences for many objects on the desktop, including those on the panels. Workspace Switcher To display the Workspace Switcher Preferences window (Figure 4-5), first right-click anywhere on the Switcher to display the Switcher menu and then select Preferences. Specify the number of workspaces you want in the spin box labeled Number of workspaces. (The window looks different when you have Desktop Effects page 108 enabled FEDORA .) The number of workspaces the Switcher displays...

Using Disk Druid to Partition the Disk

Disk Druid, a graphical disk-partitioning program that can add, delete, and modify partitions on a hard disk, is part of the Fedora RHEL installation system. You can use Disk Druid only while you are installing a system it cannot be run on its own. You can use palimpsest (page 78), parted (page 568), or fdisk to manipulate partitions and system-config-lvm to work with LVs after you install Fedora RHEL. As explained earlier, if you want a basic set of partitions, you can allow Anaconda to...

Rsyslogd Logs System Messages

Traditionally UNIX programs sent log messages to standard error. If a more permanent log was required, the output was redirected to a file. Because of the limitations of this approach, 4.3BSD introduced the system log daemon (rsyslogd) now used by Fedora. RHEL uses syslogd. This daemon listens for log messages and stores them in the var log hierarchy. In addition to providing logging facilities, rsyslogd allows a single machine to serve as a log repository for a network and allows arbitrary...

Authorized Keys Automatic Login

You can configure OpenSSH so you do not have to enter a password each time you connect to a remote system. To set things up, you need to generate a personal authentication key, place the public part of the key on the remote server, and keep the private part of the key on the local client. When you connect, the remote system issues a challenge based on the public part of the key. The private part of the key is required to respond properly to the challenge. If the local system provides the...

Redirection

The term redirection encompasses the various ways you can cause the shell to alter where standard input of a command comes from and where standard output goes to. By default the shell associates standard input and standard output of a command with the keyboard and the screen as mentioned earlier. You can cause the shell to redirect standard input or standard output of any command by associating the input or output with a command or file other than the device file representing the keyboard or...

The Anaconda Installer

Anaconda, which is written in Python and C, identifies the hardware, builds the filesystems, and installs or upgrades the Fedora RHEL operating system. Anaconda can run in textual or graphical (default) interactive mode or in batch mode (see Using the Kickstart Configurator on page 82). Exactly which screens Anaconda displays depends on whether you are installing Fedora from a live session or from the install DVD, whether you are installing Red Hat Enterprise Linux, and which parameters you...

Installing the Kernel Source Code

When the kernel source code is not present on the system, you need to install it. fedora Before you start, install rpmbuild. You will need this program to unpack and apply patches to the source files. The rpmbuild utility is part of the rpmdevtools package. Give the following command to install this package rhel Before you start, install some development tools including the C compiler (gcc) Use pirut (page 505) to install Development Development Tools. You also need to install two packages yum...

Trap Catches a Signal

A signal is a report to a process about a condition. Linux uses signals to report interrupts generated by the user (for example, pressing the interrupt key) as well as bad system calls, broken pipes, illegal instructions, and other conditions. The trap builtin catches, or traps, one or more signals, allowing you to direct the actions a script takes when it receives a specified signal. This discussion covers signals that are significant when you work with shell scripts. Table 27-5 lists these...

Thanks

First and foremost, I want to thank Mark L. Taub, Editor-in-Chief, Prentice Hall, who provided encouragement and support through the hard parts of this project. Mark is unique in my 26 years of book writing experience an editor who works with the tools I write about. Because Mark runs Linux on his home computer, we shared experiences as I wrote this book. Mark, your comments and direction are invaluable this book would not exist without your help. Thank you, Mark T. Molly Sharp of ContentWorks...

CUPS on the Command Line

In addition to using the Web interface, you can control CUPS and manage print queues from the command line. This section describes the utilities that enable you to manage printers and print queues and establish printing quotas. PPD files The lpinfo utility provides information about the printer drivers and interfaces available to CUPS. The -m option displays the list of available PostScript Printer Definition (PPD) files drivers. drv hp hpcups.drv apo11o-2100.ppd Apollo 2100, hpcups 3.9.8 drv...

Symbols

to reexecute the previous event, 321 last word of the previous event, 323 to choose a script shell, 288 in regular expressions, 1026 in variable name, 301 variable, 930 variable, 915 variable, 917, 929 ( ). See Command, substitution * variable, 932 variable, 930 variable, 903, 932 , expand variable, 935 0 variable, 931 job number, 242, 295 316, 930 & background process, 1070 & bitwise operator, 954, 957 & in replacement strings (regular expressions), 1029 & & Boolean operator,...

Logical Evaluation Conditional Expressions

The syntax of a conditional expression is expression where expression is a Boolean (logical) expression. You must precede a variable name with a dollar sign ( ) within expression. The result of executing this builtin, like the test builtin, is a return status. The conditions allowed within the brackets are almost a superset of those accepted by test (page 889). Where the test builtin uses -a as a Boolean AND operator, expression uses & & . Similarly, where test uses -o as a Boolean OR...

Special Files

Special files represent Linux kernel routines that provide access to an operating system feature. FIFO (first in, first out) special files allow unrelated programs to exchange information. Sockets allow unrelated processes on the same or different computers to exchange information. One type of socket, the UNIX domain socket, is a special file. Symbolic links are another type of special file. Device files Device files, which include both block and character special files, represent device...

Monitoring Disk Usage

Sooner or later you will probably start to run out of disk space. Do not fill up a disk Linux can write to files significantly faster if at least 5 to 30 percent of the disk space in a given filesystem remains free. Using more than the maximum optimal disk space in a filesystem can degrade system performance. As a filesystem becomes full, it can become fragmented. This is similar to the DOS concept of fragmentation but is not nearly as pronounced and is typically rare on modern Linux...

Copying Rules to and from the Kernel

The iptables-save utility copies packet filtering rules from the kernel to standard output so you can save them in a file. The iptables-restore utility copies rules from standard input, as written by iptables-save, to the kernel. Sample output from iptables-save follows system-config-firewall Generates a Set of Rules 833 Generated by iptables-save v1.4.5 on Tue Oct 13 12 31 13 2009 *fi1ter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j...

A DNS Cache

You install a DNS cache (also called a resolving, caching nameserver) when you install the bind package (fedora) or the bind and caching-nameserver packages (rhel). The section JumpStart I Setting Up a DNS Cache (page 787) explains how to run this server. This section explains how the files Fedora provides implement this server. The RHEL caching-nameserver package provides a similar setup. named.conf The named Configuration File (fedora) The default named.conf file is shown next. Fedora has...

Anaconda Screens

Anaconda displays different screens depending on which commands you give and which choices you make. During a graphical installation, Anaconda starts, loads drivers, and probes for the devices it will use during installation. After probing, it starts the X server. This section describes the screens that Anaconda displays during a default installation and explains the choices you can make on each of them. Logo Anaconda displays the logo screen (Figure 3-5) after it obtains enough information to...

Variables That Control History

The value of the HISTSIZE variable determines the number of events preserved in the history list during a session. A value in the range of 100 to 1,000 is normal. When you exit from the shell, the most recently executed commands are saved in the file given by the HISTFILE variable (the default is .bash_history). The next time you start the shell, this file initializes the history list. The value of the HISTFILESIZE history can help track down mistakes tip When you have made a command-line...

RPC Network Services

Much of the client server interaction over a network is implemented using the RPC (Remote Procedure Call) protocol, which is implemented as a set of library calls that make network access transparent to the client and server. RPC specifies and interprets messages but does not concern itself with transport protocols it runs on top of TCP IP and UDP IP. Services that use RPC include NFS and NIS. RPC was developed by Sun as ONC RPC (Open Network Computing Remote Procedure Calls) and differs from...

Dump restore Back Up and Restore Filesystems

The dump utility, which first appeared in UNIX version 6, backs up either an entire filesystem or only those files that have changed since the last dump. The restore utility restores an entire filesystem, an individual file, or a directory hierarchy. You will get the best results if you perform a backup on a quiescent system so that the files are not changing as you make the backup. The next command backs up all files (including directories and special files) on the root ( ) partition to SCSI...

The Upstart Event Based init Daemon fedora

Because the traditional System V init daemon (SysVinit) does not deal well with modern hardware, including hotplug devices, USB hard and flash drives, and network-mounted filesystems, Fedora replaced it with the Upstart init daemon RHEL still uses xinetd (page 445), a successor to the init daemon. Several other replacements for SysVinit are also available. One of the most prominent, initng (www.initng.org), is available for Debian and runs on Ubuntu. In addition, Solaris uses SMF (Service...

NFS Sharing Filesystems

JumpStart I Mounting a Remote Directory Hierarchy 730 JumpStart II Configuring an NFS Server Using Exporting a Directory Hierarchy . . 738 automount Automatically Mounts Directory Hierarchies 744 The NFS (Network Filesystem) protocol, a UNIX de facto standard originally developed by Sun Microsystems, allows a server to share selected local directory hierarchies with client systems on a heterogeneous network. NFS runs on UNIX, DOS, Windows, VMS, Linux, and more. Files on the remote computer (the...

List the kernel boot messages

Tip To save a list of kernel boot messages, run dmesg immediately after booting the system and logging in This command saves the kernel messages in a file named dmesg.boot. This list can be educational it can also be useful when you are having a problem with the boot process. For more information see page 553. rc scripts Next the rcn tasks (see rc2 task on page 422 for an example) run the etc rc.d rc init script, which runs the scripts for the services that need to be started when you first...

Changing the Input Focus

When you type on the keyboard, the window manager (page 142) directs the characters you type somewhere, usually to a window. The active window is the window accepting input from the keyboard it is said to have the input focus. Depending on how you set up your account, you can use the mouse in one of three ways to change the input focus (you can also use the keyboard see page 116) Click-to-focus (explicit focus) Gives the input focus to a window when you click the window. That window continues...

Logging In on the System

FEDORA When you boot a standard Fedora system, it displays a Login screen (Figure 4-1) on the system console. In the middle of the screen is a window that holds a list of user-names. Once you click your username, Fedora displays a text box labeled Password. In addition, at the bottom of the screen is a panel whose icons allow you to work in a different language, select a different keyboard layout, change your access preferences (e.g., make the text larger and easier to read), view boot...

Traditional UNIX Printing

Before the advent of GUIs and WYSIWYG (page 1116) word processors, UNIX users would create documents using an editor such as vi and a typesetting markup language such as TeX or nroff troff, convert the resulting files to PostScript using an interpreter, and send the PostScript files to the printer using Ipr (BSD) or Ip (System V). Fedora RHEL implements both BSD and System V command-line printing utilities for compatibility. However, these utilities are now wrappers around the equivalent...

Redirecting Standard Error

Chapter 7 covered the concept of standard output and explained how to redirect standard output of a command. In addition to standard output, commands can send output to standard error. A command can send error messages to standard error to keep them from getting mixed up with the information it sends to standard output. Just as it does with standard output, by default the shell sends a command's standard error to the screen. Unless you redirect one or the other, you may not know the difference...

Chapter Summary

Linux has a hierarchical, or treelike, file structure that makes it possible to organize files so that you can find them quickly and easily. The file structure contains directory files and ordinary files. Directories contain other files, including other directories ordinary files generally contain text, programs, or images. The ancestor of all files is the root directory named . Most Linux filesystems support 255-character filenames. Nonetheless, it is a good idea to keep filenames simple and...

Administrator Defined Jobs

Mudat example The following administrator-defined job uses the exec keyword to execute a shell command. You can also use this keyword to execute a shell script stored in a file or a binary executable file. exec echo Entering runlevel 5 on (date) > tmp mudat.out This file defines a task It runs the echo shell command when the system enters runlevel 5. This command writes a message that includes the time and date to tmp mudat.out. The shell uses command substitution (page 348) to execute the...

Performing a Simple Backup

When you prepare to make a major change to a system, such as replacing a disk drive or updating the Linux kernel, it is a good idea to archive some or all of the files so you can restore any that become damaged if something goes wrong. For this type of backup, tar or cpio works well. For example, if you have a SCSI tape drive as device dev st0 that is capable of holding all the files on a single tape, you can use the following commands to construct a backup tape of the entire system All of the...

Printing with CUPS

JumpStart I Configuring a Local Printer 521 system-config-printer Configuring a Printer 522 JumpStart II Setting Up a Local or Remote Printer Using the CUPS Web Interface 527 A printing system handles the tasks involved in first getting a print job from an application (or the command line) through the appropriate filters (page 1082) and into a queue for a suitable printer and then getting it printed. While handling a job, a printing system can keep track of billing information so the proper...

Anatomy of an iptables Command

Command line This section lists the components of an iptables command line that follow the name of the utility, iptables. Except as noted, the iptables utility is not sensitive to the position of arguments on the command line. The examples in this chapter reflect a generally accepted syntax that allows commands to be easily read, understood, and maintained. Not all commands have all components. Many tokens on an iptables command line have two forms a short form, consisting of a single letter...

Partitioning a Disk

During installation, Anaconda calls the partitioner to set up disk partitions. This section discusses how to plan partition sizes. Although this section uses the term partition, planning and sizing LVs (logical volumes page 38) works the same way. For more information refer to page 60 and to the Linux Partition HO WTO at www.tldp.org HOWTO Partition. tip Historically a gigabyte (GB) meant either 230 (1,073,741,824) or 109 (1,000,000,000) bytes. Recently the term gibibyte (giga binary byte...

Configuring the Linux Kernel

Before you can compile the code and create a Linux kernel, you must decide and specify which features you want the kernel to support. You can configure the kernel to support most features in two ways by building the feature into the kernel or by specifying the feature as a loadable kernel module (page 549), which is loaded into the kernel only as needed. In deciding which method to use, you must weigh the size of the kernel against the time it takes to load a module. Make the kernel as small as...

Changing Appearance Themes

One of the most exciting aspects of a Linux desktop is the flexibility it offers in allowing you to change its appearance. You can change not only the backgrounds, but also window borders (including the titlebar), icons, the buttons applications use, and more. To see some examples of what you can do, visit art.gnome.org. Appearance Preferences window (FEDORA) Themes In a GUI, a theme is a recurring pattern and overall look that (ideally) pleases the eye and is easy to interpret and use. You can...

Inputrc Configuring Readline

The Bourne Again Shell and other programs that use the Readline Library read the file specified by the INPUTRC environment variable to obtain initialization information. If INPUTRC is not set, these programs read the .inputrc file. They ignore lines of .inputrc that are blank or that start with a pound sign ( ). You can set variables in .inputrc to control the behavior of the Readline Library using the following syntax Table 9-11 (next page) lists some variables and values you can use. See...

Sharing CUPS Printers

The Listen directive in the CUPS configuration file, etc cups cupsd.conf, specifies which IP address and port or which domain socket path CUPS binds to and accepts requests on. The Listen directive has the following format where IP is the IP address that CUPS accepts connections on, port is the port number that CUPS listens on for connections on IP, and path is the pathname of the domain socket CUPS uses to communicate with printers. CUPS typically uses port...

Logrotate Manages Log Files

Rather than deleting or truncating log files, you may want to keep these files for a while in case you need to refer to them. The logrotate utility helps you manage system log (and other) files automatically by rotating (page 1104), compressing, mailing, and removing each as you specify. The logrotate utility is controlled by the etc logrotate.conf file, which sets default values and can optionally specify files to be rotated. Typically, logrotate.conf has an include statement that points to...

How iptables Works

Prerouting Packet Modification

Netfilter and The functionality frequently referred to as iptables is actually composed of two com-iptables ponents netfilter and iptables. Running in kernelspace (page 1090), the netfilter component is a set of tables that hold rules that the kernel uses to control network packet filtering. Running in userspace (page 1113), the iptables utility sets up, maintains, and displays the rules stored by netfilter. A rule comprises one or more criteria (matches or classifiers) and a single action (a...

Introduction to Cacti

Cacti (cacti.net) is a network monitoring tool that graphs system and network information over time (time-series data) and provides a comprehensive Web interface for browsing and examining the ongoing performance of the devices on a network. For example, you can configure Cacti to monitor the network traffic passing through the network ports on local servers and the switch and router ports on the local network. Cacti graphs provide information on traffic levels on the various parts of the...

Command Line Options

Command-line options override declarations in the configuration files. Following are descriptions of some of the more useful sshd options. -d (debug) Sets debug mode wherein sshd sends debugging messages to the system log and the server stays in the foreground. You can specify this option up to three times to increase the verbosity of the output. See also -e. (The ssh client uses -v for debugging see page 629.) -e (error) Sends output to standard error, not to the system log. Useful with -d. -f...

Read Accepts User Input

When you begin writing shell scripts, you soon realize that one of the most common tasks for user-created variables is storing information a user enters in response to a prompt. Using read, scripts can accept input from the user and store that input in variables. The read builtin reads one line from standard input and assigns the words on the line to one or more variables echo -n Go ahead read fi rstline echo You entered first1ine read1 The first line of the readl script uses echo to prompt you...

Xinetd may not be installed

Tip Working as root, give the following command to install xinetd The base configuration for xinetd is stored in the etc xinetd.conf file. If this file is not present, xinetd is probably not installed. (See the preceding tip.) The default xinetd.conf file is well commented. The following sample xinetd.conf file shows some of the more common defaults Sample configuration file for xinetd The defaults section specifies the default configuration of xinetd the files in the included directory, etc...

Array Variables

An array variable is an ordered container of scalars whose name begins with an at sign ( ) and whose first element is numbered zero (zero-based indexing). Because an array can hold zero or more scalars, it is a plural variable. Arrays are ordered hashes (page 990) are unordered. In Perl, arrays grow as needed. If you reference an uninitialized element of an array, such as an element beyond the end of the array, Perl returns undef. The first statement in the following program assigns the values...

Directory Files and Ordinary Files

Like a family tree, the tree representing the filesystem is usually pictured upside down, with its root at the top. Figures 6-2 and 6-3 show that the tree grows Figure 6-2 A secretary's directories Figure 6-2 A secretary's directories downward from the root, with paths connecting the root to each of the other files. At the end of each path is either an ordinary file or a directory file. Special files, which can also be at the ends of paths, are described on page 482. Ordinary files, or simply...

Recursive Shell Script

A recursive construct is one that is defined in terms of itself. Alternatively, you might say that a recursive program is one that can call itself. This may seem circular, but it need not be. To avoid circularity a recursive definition must have a special case that is not self-referential. Recursive ideas occur in everyday life. For example, you can define an ancestor as your mother, your father, or one of their ancestors. This definition is not circular it specifies unambiguously who your...

User ID Mapping Options

Each user has a UID number and a primary GID number on the local system. The local etc passwd and etc group files map these numbers to names. When a user makes a request of an NFS server, the server uses these numbers to identify the user on the remote system, raising several issues The user may not have the same ID numbers on both systems and may therefore have owner access to files of another user (see NIS and NFS for a solution). You may not want the root user on the client system to have...

Internet Services

Linux Internet services are provided by daemons that run continuously or by a daemon that is started automatically by the xinetd daemon (page 390) when a service request comes in. The etc services file lists network services (for example, telnet, ftp, and ssh) and their associated numbers. Any service that uses TCP IP or UDP IP has an entry in this file. IANA (Internet Assigned Numbers Authority) maintains a database of all permanent, registered services. The etc services file usually lists a...

Avoiding a Trojan Horse

A Trojan horse is a program that does something destructive or disruptive to a system while appearing to be benign. As an example, you could store the following script in an executable file named mkfs echo 'Good Morning Mr. Jones. How are you Ha Ha Ha.' > dev console done If you are running as Superuser when you run this command, it would continuously write a message to the console. If the programmer were malicious, it could do worse. The only thing missing in this plot is access permissions....

TSIGs Transaction Signatures

Interaction between DNS components is based on the query-response model One part queries another and receives a reply. Traditionally a server determines whether and how to reply to a query based on the IP client's address. IP spoofing (page 1089) is relatively easy to carry out, making this situation less than ideal. Recent versions of BIND support transaction signatures (TSIGs), which allow two systems to establish a trust relationship by using a shared secret key. TSIGs provide an additional...

Administration Core Concepts

System Administrator and Superuser 405 The Upstart Event-Based init Daemon (fedora) 417 rpcinfo Displays Information About rpcbind 443 TCP Wrappers Client Server Security (hosts.allow and hosts.deny) 447 Setting Up a chroot Jail 448 nsswitch.conf Which Service to Look at First 455 The job of a system administrator is to keep one or more systems in a useful and convenient state for users. On a Linux system, the administrator and user may both be you, with you and the computer being separated by...

Bunzip2 and bzcat Decompress a File

You can use the bunzip2 utility to restore a file that has been compressed with bzip2 -rw-rw-r-- 1 sam sam 584000 Mar 1 22 31 1etter_e -rw-r--r-- 1 sam sam 33287 Mar 1 22 40 zach.jpg The bzcat utility displays a file that has been compressed with bzip2. The equivalent of cat for .bz2 files, bzcat decompresses the compressed data and displays the contents of the decompressed file. Like cat, bzcat does not change the source file. The pipe in the following example redirects the output of bzcat so...