Linux Boot Process (Startup Sequence)- 6 Stages

• An operating system (OS) is the low-level software that manages

resources, controls peripherals, and provides basic services to
other software.
• In Linux, there are 6 distinct stages in the typical booting process.

1. BIOS

 BIOS stands for Basic Input/Output System

 Performs some system integrity checks
 Searches, loads, and executes the boot loader program.
 It looks for boot loader in floppy, cd-rom, or hard drive. You can
press a key (typically F12 of F2, but it depends on your system)
during the BIOS startup to change the boot sequence.
 Once the boot loader program is detected and loaded into the
memory, BIOS gives the control to it.
 So, in simple terms BIOS loads and executes the MBR boot
loader.
2. MBR
 MBR stands for Master Boot Record.
 It is located in the 1st sector of the bootable disk. Typically
/dev/hda, or /dev/sda

 MBR is less than 512 bytes in size.

 This has three components
o 1)primary boot loader info in 1st 446 bytes
o 2) partition table info in next 64 bytes

 MBR It contains information about GRUB (or LILO in old systems).

 So, in simple terms MBR loads and executes the GRUB boot
loader.

3. GRUB
 GRUB stands for Grand Unified Bootloader.
 If you have multiple kernel images installed on your system, you can
choose which one to be executed.
 GRUB displays a splash screen, waits for few seconds, if you don’t
enter anything, it loads the default kernel image as specified in the
grub configuration file.
 GRUB has the knowledge of the filesystem (the older Linux loader
LILO didn’t understand filesystem).
 So, in simple terms GRUB just loads and executes Kernel and
initrd images.

4. Kernel
 Mounts the root file system as specified in the “root=” in grub.conf
 Kernel executes the /sbin/init program
 Since init was the 1st program to be executed by Linux Kernel, it
has the process id (PID) of 1.
 initrd stands for Initial RAM Disk.

 initrd is used by kernel as temporary root file system until kernel is

booted and the real root file system is mounted.
5. Init
 Looks at the /etc/inittab file to decide the Linux run level.
 Following are the available run levels
o 0 – halt
o 1 – Single user mode
o 2 – Multiuser, without NFS
o 3 – Full multiuser mode
o 4 – unused
o 5 – X11
o 6 – reboot
 Init identifies the default initlevel from /etc/inittab and uses that to
load all appropriate program.
 Execute ‘grep initdefault /etc/inittab’ on your system to identify the
default run level
 Typically you would set the default run level to either 3 or 5.

6. Runlevel programs
 When the Linux system is booting up, you might see various
services getting started. For example, it might say “starting
sendmail …. OK”.
 Those are the runlevel programs, executed fromthe run level
directory as defined by your run level.
 Depending on default init level setting, the system will execute the
programs from one of the following directories.
o Run level 0 – /etc/rc.d/rc0.d/

o Run level 1 – /etc/rc.d/rc1.d/

o Run level 2 – /etc/rc.d/rc2.d/
o Run level 3 – /etc/rc.d/rc3.d/
o Run level 4 – /etc/rc.d/rc4.d/
o Run level 5 – /etc/rc.d/rc5.d/
o Run level 6 – /etc/rc.d/rc6.d/
 There are also symbolic links available for these directory under
/etc directly. So, /etc/rc0.d is linked to /etc/rc.d/rc0.d.
 Under the /etc/rc.d/rc*.d/ directories, you would see programs that
start with S and K.
  Programs starts with S are used during startup. S for startup.
 Programs starts with K are used during shutdown. K for kill.

Runlevels:
• A runlevel is the operating state of a Linux operating system.

• Linux relies on runlevels to determine which services are started

and which services are stopped.
• Runlevels are numbered from 0 to 6, with each runlevel offering
different services.
• Runlevels 0, 1, and 6 are standard runlevels reserved for special
purposes.
• Runlevels 2, 3, and 4 are used forwhatever purpose you or your
Linux distribution provider decide.
• The /etc/inittab file defines the runlevels on a Linux system.
Runlevel Runlevel Description
Runlevel 0 The halt runlevel - this is the runlevel at which the system
shuts down. For obvious reasons it is unlikely you would
want this as your default runlevel.

Runlevel 1 Single runlevel. This causes the system to start up in a

single user mode under which only the root user can log in.
In this mode the system does not start any networking or X
windowing, X or multi-user services. This run level is ideal
for system administrators to perform system maintenance
or repair activities.

Runlevel 2 Boots the system into a multi-user mode with text based
console login capability. This runlevel does not, however,
start the network.

Runlevel 3 Similar to runlevel 2 except that networking services are

started. This is the most common runlevel for server based
systems that do not require any kind of graphical desktop
environment.

Runlevel 4 Undefined runlevel. This runlevel can be configured to

provide a custom boot state.

Runlevel 5 Boots the system into a networked, multi-user state with X

Window System capability. By default the graphical desktop
environment will start at the end of the boot process. This is
the most common run level for desktop or workstation use.

Runlevel 6 Reboots the system. Another runlevel that you are unlikely
to want as your default.
System Administration
 The job involves the management of the entire system, ranging from
maintaining security, performing backups and disk management, to
providing a reliable service to all users.
 This task is usually entrusted to a single person, the system administrator,
also sometimes known as the super user.
 He has vast powers, having access to everything.
 The success and stability of any UNIX installation depends, on the
effectiveness of the system administrator’s
 System administration in UNIX is quite demanding, and requires from the
administrator an in depth knowledge of the different components of the
system.
 Most routine system administration functions can be handled by a special
menu-driven software sysadm (SVR4), scoadmin (Sea UNIX), control-panel
(Red Hat Linux) and yaSt (SuSE Linux).

root- The System Administration’s Login

 The UNIX system provides a special login name for the exclusive use of the
system administrator's , it is called root.
 This account doesn't need to be separately created, but comes with every
system.
 It also has a password, and like other user-ids, the administrator is expected
to enter it before he logs in.
 The prompt of root is #, unlike the $ used by all other users. Once you log in
to root, you are placed in the root (the top-most) directory (/root in Linux).
 Most super user commands are resident in /etc (/sbin and /usr/sbin in SCO
UnixWare and Linux), the reason why his PATH list is different from other
users:

 Since the super user is always moving around in the file system, it is
possible that he might inadvertently execute programs and shell scripts of
other users.
 That's why the PATH for a super user doesn't include the current directory
 Many of the standard scripts supplied with UNIX systems for system
administration work (especially the scripts related to booting) rely on the
Bourne shell for execution.
 As an administrator, you should not use the Korn shell, and definitely not the
C shell, as your login shell.
 Linux uses bash for system administrative activities also.

su: Acquiring superuser Status

 Any user can acquire super user status with the su command if she knows
the root password.
 For example, the user local (with the home directory /home/local) can also
use become a super user:

 su also prompts for the password, which it expects to be root's.

 The # prompt indicates that the user is a super user.
 The user-id is still local and the current directory doesn't change.
 $HOME doesn't change, in SCO UNIX, but it does in Linux (becomes /root).
 local now has powers of a super user.
 The su – Switch user command is used to get the privilege of a different
user with out logging to the system using that user name.
 The command format is as follows.
 su [ - ] username
 The - is used as a option to get the exact environments like the home
directory, path etc of the changed user account.

 If you have not specified a user name su will try to acquire the root’s
privilege.
 $ su – manoj
 password : ***********
 $
 Now you got the privilege of the user manoj.
 $ exit
 $
 Now you have returned back to the privilege of the original user
 # su – manoj
 $
 Since you are using su as root it will not ask for the password of the new
user.
Administration Privileges
 The super user has enormous powers, and, any command invoked by him
has a greater chance of success than those issued by others.
 There are several commands that are reserved for his exclusive use; no
other user will be able to execute them at all.
 There are some more commands that behave differently when executed by
him .
 The authority of the administrator is mainly derived from his power to
change the attributes of any file, and the power to initiate or kill any process.
 No file can ever be secure from him; he can delete any file with rm even if it
is write-protected.
 The restriction on ownership (file or process) simply doesn't apply to him.
 That is why the administrator has to use these powers with the utmost
caution.

The Function of the Unix Administrator

• The task of the Unix Administrator is difficult to define. Broadly it involves
ensuring that the Unix system provides the services it was intended for.
• These tasks vary from situation to situation, but will usually include the
following.
• Adding and removing users.
• Adding and removing hardware.
• Adding and removing software.
• Performing backups.
• Monitoring the system to ensure correct operation.
• Troubleshooting.
• Documentation.
• Auditing security.
• Helping users.
The control of users and groups exists at the core of Red Hat Linux
system administration. Users can be either people or logical users
(accounts that exist for applications so that they can perform specific
tasks). Both types of users have a Unique User ID and Group ID.
 Groups are logical expressions of organization. Groups form the
foundation of tying users together and giving them permissions to read,
write, or execute a given file.
Proper management of users and groups, as well as assigning and
revoking permissions, is one of the most important tasks of a system
administrator.

passwd Command : Changing Any Password

 The passwd command is used by a user to change her own password; the
old password is first prompted for, and then-the new one accepted.
 However, when you invoke the command as a super user, the system
behaves in a more lenient and helpful manner:

 Note that the system doesn't prompt for the old password when you invoke
this command as a super user.
 You should also make sure that knowledge of this password is kept closely
guarded.
 However, you must remember it yourself because if you forget it, then the
entire UNIX system may have to be reloaded
 A system administrator can never function properly unless he has access to
every user's directory.
 If he has reason to believe that an unauthorized person has acquired
knowledge of a user's password, then he should change the password of the
user immediately.
 Since he is not the custodian of everybody's password, UNIX allows him a
certain privilege of changing anybody's password without knowing it:

 Once again, the old password is not prompted for, only the new one has to
be entered twice.
Note: When the super user uses the passwd command to change a user's
password, he doesn't have to enter the old password to be able to change it.
Maintaining Security
 When you create a new file, Linux assigns the file permissions of the new
file using your default UID and GID.
 To allow others access to the file, you need to either change the security
permissions for the everyone security group or assign the file a different if all
group that contains other users.
 If you want to create and share documents among several people, there are
three additional bits of the information that Linux stores for each file and
directory like SUID, SGID, Sticky Bit.

 These are are some other special permission apart from the normal file
permissions read, write and execute which we set with chmod and chown
commands.

 Set User Id (SUID) :- Normally when a program runs, it inherits access

permissions from the logged in user.
SUID is defined as giving temporary permissions to a user to run a
program/ file with permissions of the file owner rather than the user who
runs it.
 Set Group Id (SGID): -For a file, the program runs under the permissions
of the file group. For a directory, new files created in the directory use
the directory group as the default group.
 Sticky Bits :- It is used mainly on folders in order to avoid deletion of a
folder and its content by other user through he/ she is having write
permissions. If Sticky bit is enabled on a folder, the folder is deleted by
only owner of the folder and super user (root). This is a security
measure to suppress deletion of critical folders where it is having full
permissions by others.

The SGID the is set using the Chmod Command.

It's added to the beginning of the standard 3-digit octal value ( r w x r w x r w x),
Or you can use symbols in symbolic mode.
Following table shows octal mode arrangement of the bits.
Sr. No. Binary Octal Description

1 000 0 All Bits Are Cleared

2 001 1 The Sticky Bit Is Set

3 010 2 The SGID Bit Is Set

4 011 3 The SGID And Sticky Bits Are Set

5 100 4 The SUID Bit Is Set

6 101 5 The SUID The And Sticky Bits Are Set

7 110 6 The SUID And SGID Bits Are Set

8 111 7 All Bits Are Set

 SUID Example
$ chmod u+s testfile.txt OR $ chmod 4750 testfile.txt
In above example, 4 indicates SUID bitset, 7 for full permissions for owner,
5 for write and execute permissions for group and no permissions for others
 SGID Example
$ chmod g+s <file / Directory > OR $ chmod 2750 <file / Directory >
Here, in 2750, 2 indicates SGID bitset, 7 for full permissions for owner, 5
for write and execute permissions for group and no permission for others
 Sticky Bit Example
$ chmod o+t /opt/ftp-data OR $chmod 1757 /opt/ftp-data
In above example, 1 indicates Sticky Bit Set, 7 for full permissions for
owner, 5 for read and execute permissions for group and full permissions
for others
 Users and Groups

 The control of users and groups exists at the core of Red Hat Linux system
administration.
 Users can be either people or logical users (accounts that exist for
applications so that they can perform specific tasks).
 Both types of users have a Unique User ID and Group ID.
 Groups are logical expressions of organization.
 Groups form the foundation of tying users together and giving them
permissions to read, write, or execute a given file .
 Proper management of users and groups, as well as assigning and revoking
permissions, is one of the most important tasks of a system administrator.

Types of Users:
• In a multiuser OS environment, there are multiple users who log into the
system to carry out their tasks. The users in multiuser OS environment
can be categorized as-
End users-
• These work on various utilities or applications installed on the system.
• These utilities can be single line utilities, shell scripts and C/C++
programs.
• The End users of the system are not involved in system maintenance
task.
Power users-
• The power users of the system carry out all the activities of an end user
and are also responsible for
• maintaining printer queues,
• backing up files on regular basis and
• performing house keeping tasks like cleaning up unwanted files.
 System Administrators-
• System administrators have complete control over the manner in which
the OS is set up on the machine and all the applications installed on the
system.
• They are also responsible for maintaining the hardware devicesattached
to the system.

The User Database Files

 In order to understand the concept of users, you need to know the format of
the user database files, /etc/passwd and /etc/shadow.
 Each line in both files consists of colon-separated fields, one line per user.
 The format of the password file /etc/passwd is given below.

Username: password: uid: gid: comment: home directory: shell

 Username: - Username is the unique name of the user.

 Password: - This field contains the encrypted password of the user
account. But if the shadowing is enabled this file contains only a X which
indicates that the user’s password is stored in /etc/shadow file.
 Uid: - The uid field contains the unique user identification number of the
user.
 Gid: - This field contains the user’s primary group identification number.
 Comment:- This is an optional field which contains some comments
about the user – normally his full name.
 Directory:- This field contains the path to the user’s home directory.
 Shell:- This field contain the default shell which has to be activated when
the user is logged in.
  Following is a sample entry in the /etc/passwd file

User1:g12fy:150:150: CWIT, PUNE : /home/user1: /bin/bash

The above entry shows that the

 user name is user1,
 password is g12fy,
 uid is 150,
 gid is 150,
 comment is CWIT,PUNE,
 user’s home directory is at /home/user1 and
 the default shell of the user is /bin/bash.

The Shadow Password System

 Shadow passwords offer a number of distinct advantages over the
traditional password system, including:
 Improved system security by moving the encrypted passwords normally
found in /etc/passwd to /etc/shadow, which is readable only by root.
 Information concerning password aging, how long it has been since a
password was last changed.
 Control over how long a password can remain unchanged before the user is
required to change it.

The /etc/shadow file contains the following fields:

1. The account name
2. The account’s encrypted password
3. The number of days elapsed since 1 January 1970 to the day last password
was changed
4. The minimum number of days required between password changes
5. The maximum number of days after which password must be changed
6. The number of days before password expires the user is to be warned
7. The number of days after the password expires before the account is
disabled
8. The number of days since 1 January 1970 after which the account is disabled

Tools for User and Group Administration

 Managing users and groups is tedious, but Red Hat Linux provides a few
tools and conventions to make users and groups easier to manage.
 While you can use useradd to create a new user from the shell prompt, a
popular way to manage users and groups is through
# redhat-config-users

User and Group Configuration:

useradd command

 From time to time, you have to add new users to the system.
 You have to associate each user with a group, and decide the permissions
that have to be set for both the user and her group.
 Adding a user involves setting of the following parameters, most of them in
/etc/passwd:
 A user identification number (UID) and username
 A group identification number (GID) and group name
 The home directory
 The login shell
 The mailbox
 The password

 If the user is to be placed in a new group, an entry for the group has to be
created in /etc/group.
 A user always has one primary group, and may also have one or more
secondary groups.
 This file contains all the named groups of file system.
The useradd command can be used to create user accounts. The
command format is given below:
useradd [-u UID][-g GID] [-G group1,group2…] [-c comment]
[-s shell] [-d home] [-e expire_date] [-f n] –m <username>
 -u UID User identification no. If not specified the next available
user ID will be taken as the UID
-g GID To specify the primary group ID for the user
-G group1 To specify the supplementary groups where the user
Should have the membership
-c To specify the comment.
-s To specify the default shell of the user. If not specified /bin/bash
will be taken as the default shell.

-d To specify the path for the home directory. If not specified home
directory will be created as /home/<username>
-e To specify the date of expiry of the user account in YYYY-MM-DD
format.
-f n Disable the account n days after the account password expires.
-m To create the home directory if it does not exists.
<username> Name of the useraccount.

#useradd –u 210 –g 300 –s /bin/ksh -d /home/manoj -m

manoj
The above command will create a user account named manoj with UID
210, GID 300, Korn Shell as the default shell and home directory as
/home/manoj.

usermod Command

 The usermod command is used to modify the user parameters set

with useradd.

usermod [-u UID] [-g GID] [-G grop1,group2…] [-c comment] [-s shell] [-d
home] [-e expire_date] -l -L -U –m <username>.

The options are almost same as useradd command.

-l This option is used to change the user’s login name
alone
-L This option is used to lock a user account.
-U used to unlock the useraccount.
 Users sometimes need to change login shell, and the following command
line sets the C shell as the login shell for the user oracle.

The chage command:

The chage command is used to set password aging policies.
# chage [options] username
The options are given below
-m Minimum days required between password changes.
-M Maximum number of days a user can use the same password
without changing it.
-E <date> Password expiry date in YYYY-MM-DD format.
-W Set warning days as the number of days before password
expiration
during which the user is warned that his password is due to
expire.

The userdel Command:

 The userdel command can be used to delete a user account.

userdel [-r] username
 The –r option is used to remove the users home directory along with
the user account.

 The following command removes oracle from the system

 This removes all entries pertaining to oracle from /etc/passwd,

etc/group and /etc/shadow.
 The user's files don't have to be deleted before removing the account.
 They remain as they are, and have to be removed separately if
required.
Group Administration:
 A group contain similar type of users as its members.
 In traditional Unix environment security and permissions are assigned
with the help of group accounts.
 Linux provides a set of commands for administering thegroup accounts.
 As like /etc/passwd file for user accounts, group account information
will be stored in /etc/group file.
 In this file one line will be available for each group with colon-
separated fields as follows-
groupname:passwd:gid:userlist
 Groupname is the name of the group
 Password is an optional field containing the encrypted group
password.
 Gid is the numeric group ID number.
 Userlist is a comma-separated list of the user account names that
comprise the group.
 A typical entry in the group file might resemble the following:
aita : x : 510 : manoj, babu, ram

The groupadd command

The groupadd command can be used to create new group accounts.
groupadd [ -g GID ] group name
-g is the option used to specify the group identification number. If it is not
specified in the command line next available group ID will be taken as
the new GID
# groupadd comp3
The above command will create a group called comp3
The groupmod command

The groupmod command is used to modify the group parameters,

normally the gid or the group name as follows.

groupmod[ -g new gid ][ -n new name ] groupname

-g option is used to change the group ID

–n option is used to change the group name alone.

The groupdel command

The groupdel command is used to delete the user accounts as follows

groupdel groupname

The groups Command

The groups command will display the names of the groups where a user
is having membership.
# groups
root bin admin daemon sys ….. etc
# groups user1
The above command will display the names of the groups where the
user user1 is having membership.

The id command
This command can be used to get the information about the uid, gid and
supplementary group Ids and group names of a user account. If you
invoke this command without any argument it will give details about
the current user.
# id
uid=0(root) gid=0(root) groups=0(root), 1(bin), 2(daemon), 3(sys), ……
# id meera
For getting the uid and gid information of a different user you can give
the user name as an argument to id command as above.
Using Graphical tools
On the GNOME desktop, go to the Main Menu Button (on the Panel)
--> Programs --> System -->
User Manager.
On the KDE desktop, go to the Main Menu Button (on the Panel) -->
Red Hat --> System -->
User Manager.

Adding a New User

 Modifying User Properties

Adding a New Group

Operation
 Booting and shutting down a system are some of the functions you
have to perform daily as an administrator.
 Unlike DOS, a UNIX system can't be brought up by simply switching
on the machine, but rather by issuing a series of commands in
sequence, or responding to some prompts.
 A separate series of steps also needs to be followed before the
machine is brought to a standstill.
 Booting / Startup
 Before the system is brought up, you have to first turn on power to the
peripherals that are immediately required.
 This is necessary because, when the kernel is loaded, the device
drivers for those peripherals that are powered and connected, can be
loaded too.
 After these external devices are switched on, the computer itself can
be turned on.
 The machine then goes through a complex series of processes that
may take up to a few minutes to complete the boot cycle.
 The exact sequence of the steps followed will depend both on the
hardware and software used.
 The first major event is the loading of the kernel into memory.
 The kernel then starts Spawning further processes, the most
important of which is init. This process always has the PID 1.
 It, in turn, spawns further processes some of which monitor all the
terminal lines.
 Eventually, init becomes the parent of all shells
 UNIX system can be set up in a number of modes (called run levels)
that are controlled by init.

 These two states are the most well-known:

 Single-user mode –
 This mode is important for the administrator, who uses it
perform his administrative tasks, like checking or backing, up
individual file systems.
 Other users are prevented from operating the system in single-
user mode.
 Multi-user mode –
 In this mode, individual file systems are mounted, and system
daemons are also started.
 Printing is possible only in multi-user mode when the lpsched
daemon is running.
Shutdown
 The administrator also has the duty of shutting down the machine at
the end of the day (if it is ever shutdown).
 The command /etc/shutdown (/sbin/shutdown in SCO UnixWare and
Linux) controls this sequence.

 shutdown usually performs the following activities

 Notifies users with wall (wall (an abbreviation of write to all) is
a Unix command-line utility that displays the contents of
a computer file or standard input to all logged-in users. It is
typically used by root to send out shutting down message to all
users just before poweroff.) about the system going down with a
directive to log off. Users are then expected to close all their files
and log out of the system within a minute or so. Shutdown itself
sleeps for a minute after mailing the first message and may issue
a reminder or two.
 Sends signals to all running processes so that they can terminate
normally.
 Logs users off and kills remaining processes .
 Unmounts all secondary file systems, i.e., detaches them from the
root file system.
 Writes information about file system status to disk to preserve the
integrity of the file system.
 Notifies users to reboot or switch off, or moves the system to
single-user mode.

 The shutdown command in Linux is used to shutdown the system in a

safe way.
 You can shutdown the machine immediately, or schedule a shutdown
using 24 hour format.
 It brings the system down in a secure way.
 When the shutdown is initiated, all logged-in users and processes are
notified that the system is going down, and no further logins are
allowed.
 Only root user can execute shutdown command.
  Syntax of shutdown Command
shutdown [OPTIONS] [TIME] [MESSAGE]

options – Shutdown options such as halt, power-off (the default

option) or reboot the system.
time – The time argument specifies when to perform the shutdown
process.
message – The message argument specifies a message which will
be broadcast to all users.

Options

-r : Requests that the system be rebooted after it has been brought

down.
-h : Requests that the system be either halted or powered off after it has

been brought down, with the choice as to which left up to the system.
-H : Requests that the system be halted after it has been brought down.
-P : Requests that the system be powered off after it has been brought
down.

-c : Cancels a running shutdown. TIME is not specified with this option,

the first argument is MESSAGE.
-k : Only send out the warning messages and disable logins, do not
actually bring the system down.

How to use shutdown

In it’s simplest form when used without any argument, shutdown will
power off the machine.

sudo shutdown

How to shutdown the system at a specified time

The time argument can have two different formats. It can be an absolute
time in the format hh:mm and relative time in the format +m where m is
the number of minutes from now.
The following example will schedule a system shutdown at 05 A.M:
sudo shutdown 05:00
The following example will schedule a system shutdown in 20 minutes
from now:

sudo shutdown +20

How to shutdown the system immediately

To shutdown your system immediately you can use +0 or its alias now:
sudo shutdown now
How to broadcast a custom message
The following command will shut down the system in 10 minutes from
now and notify the users with message “System upgrade”:

sudo shutdown +10 "System upgrade"

It is important to mention that when specifying a custom wall message

you must specify a time argument too.

How to halt your system

This can be achieved using the -H option.
shutdown -H
Halting means stopping all CPUs and powering off also makes sure the
main power is disconnected.

How to make shutdown power-off machine

Although this is by default, you can still use the -P option to explicitly
specify that you want shutdown to power off the system.

shutdown -P

How to reboot using shutdown

For reboot, the option is -r.
shutdown -r
You can also specify a time argument and a custom message:
shutdown -r +5 "Updating Your System"
The command above will reboot the system after 5 minutes and
broadcast Updating Your System”
 How to cancel a scheduled shutdown
If you have scheduled a shutdown and you want to cancel it you can use
the -c argument:

sudo shutdown -c

When canceling a scheduled shutdown, you cannot specify a time

argument, but you can still broadcast a message that will be sent to all
users.

sudo shutdown -c "Canceling the reboot"

IP Address Configuration

 ifconfig: Interface Configuration

 Since TCP/IP is independent of the network hardware, the IP
addresses are not built into the kernel, but rather reside in the
networking software.
 The ifconfig command is used to set the IP address, the netmask and
the broadcast address of each network interface.
 The command is usually run at boot time, though as system
administrator, you can run it separately:

 eth0is the Linux name of the first network interface that is shown by
the boot messages or the dmesg output.
 If the machine is a gateway, then the second interface name could be
eth1.

 ifconfig can also be used to activate and deactivate the interface.

 Sometimes, that is necessary if the IP address needs to be changed.
 The command has to be used in these ways:

 The administrator normally doesn't need to configure the interface

with ifconfig ; the commands are actually inserted in the startup
scripts by netconfig or netcfg.
Get details of specific interface
To find IP address of all three differently, use command
 ifconfig eth0
 ifconfig lo
 ifconfig wlan0
  Here, eth0, lo and wlan0 are the names of the active network
interfaces on the system.
 eth0 is the first Ethernet interface. (Additional Ethernet interfaces
would be named eth1, eth2, etc.) This type of interface is usually
a NIC connected to the network by a category 5 cable.
 lo is the loopback interface. This is a special network interface that
the system uses to communicate with itself.
 wlan0 is the name of the first wireless network interface on the
system. Additional wireless interfaces would be named wlan1, wlan2,
etc.

NIS [ Network Information Service ]

 The Linux NIS [Network Information Service] is as server used for

sharing critical data stored in flat files between systems on a network.
 NIS uses a standard client-server architecture arrayed in one of
several possible configurations. NIS configurations revolve around
the notion of a domain.
 An NIS domain is not the same as an Internet or DNS domain.
 An NIS domain name refers to a group of systems, typically on a LAN
or on only a subnet of a LAN, that use the same NIS maps.
 NIS domains are typically used as system management tools, a
convenient method for organizing groups of machines that need to
access the information shared across a network using a set of
common NIS maps.
 The NIS is a database that contains a series of tables.
 Each table is created from text files like /etc/passwd, /etc/services
and any other tabular files.
 Each table may contain one column or more with a unique key on
each row.

 You can think of it like any normal database. You can query these
tables in following two ways:
 Listing the entire table.

 Pulling a specific entry by searching.

 When a program makes a request to search for a user password

details, the client checks the /etc/passwd file to check if the user
doesn't exist there; the client then asks the NIS server to search for it
in the /etc/passwd table from the NIS server.
  Each NIS domain must have at least one system that functions as an
NIS server for that domain.
 An NIS server is a centrally-administered repository for information
that is shared across the network using NIS.
 NIS clients are programs that use NIS to query designated servers
for information that is stored in the servers' databases, which are
known as maps.
 NIS servers can be further subdivided into master and slave servers.
 A master server maintains the authoritative copies of the NIS
maps.
 A slave server maintains copies of the NIS databases, which it
receives from the master NIS server whenever changes are
made to the databases stored on the master

Following four NIS topologies are commonly used:

1. A single domain with a master server, no slave servers,and one or more

clients:

 The single domain configurations are the most widely used in most
situations. Fig. 5.4 illustrates the single domain, single server
configuration.
 In Fig. 5.4, the single server, master-1, responds to all queries from NIS
clients (client-1, client-2, and client-3) and is the sole source of
information for the domain, named admin.
2. A single domain with a master server, one or more slave servers, and one
or more clients:

 Fig. 5.5 illustrates the same domain but includes a slave server, slave-1.
 In this case, client-1 and client-2 continue to query the master server, but
client-3 communicates with the slave server when performing NIS queries.
 In Fig. 5.5, client-3 has not specifically been configured to communicate
with the slave server. Rather, it sends out NIS broadcast messages for a
given domain and accepts replies from any server authoritative for that
domain the server that "wins" is the server that replies first.

3. Multiple domains, each with its own master server, no slave servers, and
one or more clients:
 At large sites or in complicated networks, you might find it necessary to
have multiple NIS domains hence Fig. 5.6 and 5.7 illustrate such
configurations.
 Fig. 5.6 shows two domains, admin and devel, each with its own master
server, master-admin and master-devel. Clients in the admin domain (client-
1, client-2, and client-3) communicate only with the master-admin server,
and clients in the devel domain (client-4, client-5, and client-6) communicate
only with master-devel.
 4. Multiple domains, each with its own master server, one or more slave
servers and one or more clients:

 Fig. 5.7 illustrates the same setup as Fig. 5.6, except that each domain
has a slave server, slave-admin and slave-devel, and some of the clients in
each domain communicate with the slave servers rather than with the
master.
 As in the single server example, any given client will communicate with
the server for its domain that responds the fastest to a broadcast query.
 A property configured NIS Setup involves configuring at least one NIS
Server and one or more NIS Clients.

NFS [ Network File System ]

 NFS stands for Network File System, a file system developed by Sun
Microsystems, Inc..NFS allows a system to share directories and files
with others over a network.
 By using NFS, users and programs can access files on remote systems
almost as if they were local files.
 For example, if you were using a computer linked to a second computer
via NFS, you could access files on the second computer as if they
resided in a directory on the first computer.

 This is accomplished through the processes of exporting, (the process by

which an NFS server provides remote clients with access to its files)
and mounting, (the process by which file systems are made available to
the operating system and the user).
 The NFS is a way of mounting Linux discs/directories over a network. An
NFS server can export one or more directories that can then be
mounted on a remote Linux machine.
 Note, that if you need to mount a Linux filesystem on a Windows machine,
you need to use Samba/CIFS instead.
 Some of the most notable benefits that NFS can provide are:

1. NFS allows local access to remote files.

sIt uses standard client/server architecture for file sharing between on
network.
2. With NFS it is not necessary that both machines run on the same
OS.
3. With the help of NFS we can configure centralized storage solutions.
4. Users get their data irrespective of physical location.
5. No manual refresh needed for new files.
6. Newer version of NFS also supports acl, pseudo root mounts.
7. Can be secured with Firewalls and Kerberos.

 The possible uses of NFS are quite varied. For example, many sites store
users' home directories on a central server and use NFS to mount the
home directory when users log in or boot their systems.
 Of course, In this case, the exported directories must. be mounted
/home/username on the local (client) systems, but the export itself can
be stored anywhere on the NPS server, say, /exports/users/username.
 Another common scheme is to export public data or project-specific files
from an NFS server and to enable clients to mount these remote file
systems anywhere they see fit on the local system.

 Fig. 5.8 illustrates both of these examples.

 The network shown in Fig. 5.8 shows that all the client systems (pear,
mango, and so forth) mount their home directories from an NFS server
named NFSServer.
  On NFSServer, the exported file systems are stored in the /exports/home
directory (/exports/homes/u1, /exports/homes/u2, and so on).
 When users log in to any given system, their home directory is
automatically mounted on /home/username on that system.
 So, if the user u1 logs in on pear. /exports/homes/u1 is mounted on pear's
file system as /home/u1 this mounting is represented in
hosts/mount/point format for example, pear:/home/u1. If u then logs in
on mango, too (not illustrated in the figure), mango also mounts
/home/u1
 Logging in on two systems this way is potentially dangerous because
changes to files in the exported file system made from one login session
may affect the behavior of the other, but it is also very convenient, in
other situations, for such changes to be immediately visible.
 Fig. 5.8 also shows that three users, u5, u6, and u7, mount a project-
specific file system, /proj, also exported from NFSServer, in various
locations on their local file systems, kiwi:/work/proj, lime:/projects, and
peach/home/work.

Important commands for NFS:

1. showmount-e: Shows the available shares on your local machine,
2. showmount-e <server-ip or hostnames: Lists the available shares at
the remote server.
3. showmount-d: Lists all the sub directories.
4. exportfs-v: Displays a list of shares files and options on a server.
5. exportfs-a: Exports all shares listed in /etc/exports, or given name.
6. exportfs-u: Unexports all shares listed in /etc/exports, or given name.
7. exportfs-r: Refresh the server's list after modifying /etc/exports.

SAMBA
 SAMBA is a collection of different applications with when used together let a
Linux server perform network actions like file serving,
authentication/authorization, name resolution and print services.
 Linux Samba Server is one of the powerful servers that helps you to share
files and printers with Windows-based and other operating systems.
 Samba is based on the common client/server protocol of Server Message
Block (SMB) /Common Internet File System (CIFS).
 SMB is a file sharing protocol that was invented by IBM and has been
around since the mid-eighties. Since it's a protocol, (an agreed upon way of
communicating between systems).
 SAMBA allows for a Linux server to act as a Domain Controller. By doing so,
user credentials on the Windows domain can be used instead of needing to
be recreated and then manually kept in sync on the Linux server.
 Using client software that also supports SMB/CIFS (for example, most
Microsoft Windows products).
 An end user sends a series of client requests to the SAMBA server on
another computer in order to open that computer's files, access a shared
printer, or access other resources.
 The SAMBA server on the other computer responds to each client request,
either granting or denying access to its shared files and resources.
 This means you can use a Linux server to provide file sharing, printing, and
other services to other non-native Linux clients such as Microsoft Windows
using SAMBA.

 CIFS stands for Common Internet File System.

 CIFS is a dialect (a particular version.) of SMB.
 That is, CIFS is a particular implementation of the Server Message Block
protocol, created by Microsoft.
 Like CIFS, SAMBA implements the SMB protocol which is what allows
Windows clients to transparently access Linux directories, printers and files
on a SAMBA server.

How SMB Works:

 To understand Linux/Samba/Windows relationship, you need to understand

the relationships of the operating systems to their files, printers, users and
networks.
 In Linux, the login/password mechanism is radically different from the
Windows Active Directory model.
 Thus, it's important for the system administrator to maintain consistency in
the logins and passwords across both platforms.
 Users may need to work in different environments and may need access to
the different platforms for various reasons.
 So, it is useful to make working in such environments as seamless as
possible so that you don't have to worry about users needing to authenticate
again.
 Relative to SAMBA, several options are available for handling username
and password issues in different environments like:
 Linux Pluggable Authentication Modules (PAMS):
 This option allows you to authenticate users against a domain controller
(DC).
 This means you still have two user lists (one local and one on the DC),
but your users need to keep track of their passwords only on the
Windows system.

 SAMBA as a DC:
 This option allows you to keep all your logins and passwords on the
Linux system, while all your Windows boxes authenticate with SAMBA.

 Custom Script:
 You can create scripts for maintaining logins and passwords.
 This can be done using a cross-platform scripting language like Python.

 The SAMBA Server is composed of several components and daemons. The

three main daemons are smbd, nmbd, and winbindd.
 The smbd daemon handles the actual sharing of files and printers. It is
also responsible for user authentication and resource-locking issues.
This daemon uses port 139 or port 445 to listen for requests.
 The nmbd daemon is responsible for handling NetBIOS name service
requests. It uses port 137 to listen for requests and handles requests
from master browsers, domain browsers, and WINS servers.
 The winbindd daemon can be used to query native Windows servers for
user and group information.
 Monitoring Disk Space
• The one system resource that is most commonly over-committed is disk
space.
• There are many reasons for this, ranging from applications not cleaning
up after themselves, to software upgrades becoming larger and larger, to
users that refuse to delete old email messages.
• System administrators must monitor disk space usage on an ongoing
basis, or face possible system outages and unhappy users.
• UNIX has a number of commands, like the df and du commands, which
can also be issued by any user.
• Both of these commands report disk usage or the free space in terms of
blocks, the minimum unit of measurement of disk space, which in System
V is 512 bytes (1024 in Linux).

Using df
• The easiest way to see how much free disk space is available on a
system is to use the df command.
• Linux produces a different output; df there shows the percentage disk
utilization also
• E.g.:
• $df
File 1k-blocks Used Available Use% Mounted on
system
/dev/sda3 8428196 4282228 3717836 54% /
/dev/sda1 124427 18815 99188 16% /boot
/dev/sda4 8428196 3801644 4198420 48% /home
none 644600 0 644600 0% /dev/shm
• As we can see,
• df lists every mounted system
• provides information such as device size (under the 1k-blocks
column), as well as the space used and still available.

However, the easiest thing to do is to simply scan the Use% column for any
numbers nearing 100%.
 du - report disk space in use

• du reports the amount of disk space in use for the files or directories you
specify.

• Syntax
du [options] [directory or file]
• Common Options
• -a display disk usage for each file, not just subdirectories
• -s display a summary total only
• -k report in kilobytes (SVR4)
 Examples
• #du /home/sales/
4244 /home/sales/fans
6777 /home/sales/tvs
3229 /home/sales/ovens

It also reports the summary at the end.

find: Locating Files

 Find is an indispensable tool for the system administrator.
 It recursively examines a directory tree to look for files matching some
criteria, and then takes some action on the selected files.
 It has an unusual syntax, but what makes it so powerful is that its search is-
recursive, so it examines a directory tree completely (unless directed to
ignore some directories).
 find has a difficult command line, It's totally cryptic and doesn't help at all for
an initial orientation.
 The best thing is to break up find's arguments into three components:

 This is how find operates:

1. First, it recursively examines all files in the directories specified in path

_list.
2. It then matches each file for one or more selection_criteria.
3. Finally, it takes some action on those selected files.
 The path list may consist of one or more sub-directories separated by white
space.
 There can also be a host of selection criteria that you can use to match a file,
and multiple actions to dispose of the file.
 find can easily locate all files named afiedt.buf (the file used by Oracle's SQL
*Plus program) in the system:

The path list (I) indicates that the search should start from the root directory.
Each file in the list is then matched against the selection criteria (-name afi edt.
buf), which always consists of an expression in the form -operator argument. If
the expression matches the file (i.e., the file has the name afiedt.buf), then the
file is selected. The third section specifies the action (-print) to be taken on the
file, in this case, a simple display on the terminal. All find operators start with a -,
and the path list can never contain oneJ

 When find is used to match a group of filenames with a wild-card pattern,

the pattern should be quoted to prevent the shell from looking at it:

 -name is not the only operator used in framing the selection criteria; there
are many others (Table 17.1). s
 The actual list is much longer, and takes into account practically every file
attribute.

dd - block copy and convert

• The dd command allows you to copy from raw devices, such as disks and
tapes, specifying the input and output block sizes.
• dd was originally known as the disk-to-disk copy program. With dd you
can also convert between different formats, for example, EBCDIC to
ASCII, or swap byte order, etc.
 • Syntax
dd[if=input_device] [of=output_device] [Operand=value]

 Common Options
• if=input_device the input file or device
• of=output_device the output file or device
• If the input or output devices are not specified they default to standard
input and standard output, respectively.

Operands can include:

• ibs=n input block size (defaults to 512 byte blocks)
• obs=n output block size (defaults to 512 byte blocks)
• bs=n sets both input and output block sizes
• files=n copy n input files
• skip=n skip n input blocks before starting to copy
• count=n only copy n input blocks
• conv=value[,value] where value can include:
• asciiconvert EBCDIC to ASCII
• ebcdicconvert from ASCII to EBCDIC etc.

Disk Management - RAID

 As storage needs increase, it sometimes becomes necessary to put

additional drives with larger capacities online but with this the likelihood of a
device failure also increases.
 Fortunately, such failures can be handled gracefully, and more importantly
without downtime, using a technique called "Redundant Array of
Independent Devices" (RAID).
 Redundant array of independent devices (RAID) is method of storing data
across several disks to provide greater efficiency and redundancy. In effect,
you can have several hard disks treated as just one hard disk by your
operating system.
 RAID then efficiently stores and retrieves data across all these disks,
instead of having the operating system separately access each one as a
separate file system.
 Lower-level details of storage and retrieval are removed from concern of the
operating system. This allows greater flexibility in adding or removing hard
disks, as well as implementing redundancy in the storage system to provide
greater reliability.
 RAID can be implemented on a hardware or software level.

1. On a hardware level, you can have hard disks connected to a RAID

hardware controller, usually a special PC card. Your operating system then
accesses storage through the RAID hardware controller.
2. Alternatively, you can implement RAID as a software controller, letting
a software RAID controller program manage access to hard disks treated as
RAID devices.

RAID arrays provide increased performance and redundancy by combining

individual disks into virtual storage devices in specific configurations. RAID's are
in various Levels as explained below:

1. RAID 0 (Striping): RAID 0 works by striping data across multiple drives.

You need a minimum of two drives for RAID 0, but you can theoretically add as
many as you like

2. RAID 1 (Mirroring): RAID 1 is a simple mirror. Whatever happens on

one drive will happen on the other drives. While there will be no performance
benefit from RAID 1, there is an exact replica of your data on each drive.

3. RAID 5 (Single Disk Distributed Parity): Data is striped across the

drives along with parity information. Using the parity data, the computer can
recalculate the data of one of the other data blocks, should the data no longer
be available. RAID 5 uses a total of one drive's worth of parity. This means
RAID 5 can suffer the loss of a single drive.

4. RAID 6 (Double Disk Distributed Parity): Data is striped across the

drives along with parity information. RAID 6 uses a total of two drive's worth of
parity. RAID 6 can survive two drives failing at any single point in time.

5. RAID 10 (Combine of Mirror and Stripe): Data is striped across two

disks, and that is then mirrored on another set of disks. You get the
performance benefit from RAID 0, and the redundancy of RAID 1.

In Linux, the mdadm utility makes it easy to create and manage software RAID
arrays. If mdadm utility is not installed then use following command:
# sudo apt install madam
Use the following command to check the number of disk on your Linux system:
# lsblk -o NAME,SIZE,FSTYPE,TYPE,MOUNTPOINT
If you have two disks then you can configure RAID 0 and RAID 1. In the below
case there are three disk names as (sda, sdb, sdc)

Removing a device from RAID array:

 This is a mandatory step before logically removing the device from the array,
and later physically pulling it out from the machine in that order (if you miss
one of these steps you may end up causing actual damage to the device):

# sudo mdadm-manage /dev/mde fail /dev/sdc

Telnet

• Telnet is a user command and an underlying TCP/IP protocol for

accessing remote computers.
• Through Telnet, an administrator or another user can access someone
else's computer remotely.
• On the Web, HTTP and FTP protocols allow you to request specific files
from remote computers, but not to actually be logged on as a user of that
computer.
• With Telnet, you log on as a regular user with whatever privileges you
may have been granted to the specific application and data on that
computer.
• Telnet is most likely to be used by program developers and anyone who
has a need to use specific applications or data located at a particular host
computer.
• Telnet allows you to control and carry out instructions on a remote
machine.
• You’ll need a user account on the remote machine, consisting of a
username/password combination.
 • Once you have these, the commands for connecting are quite simple:
telnet[host name or IP address] [user name] [password]
• Once connected, the remote machine will act as if you’re a local user in
command line mode.
• You’ll be able to carry out any operation for which the user you’ve logged
in as has permissions. In effect, you are “on” the remote machine.

Need for Backup

• Data is critical to existence of any organization.

• There are some situations in which security and maintenance of data
becomes more critical. These situations create the need for Backup of
data. e.g.:
• Accidental erasing data from disk
• Corruption of data due to power failure or disk crash
• Virus attack
• Upgrade of system

Backup Strategies

• Backup strategy defines the kind of backup used or selected

• A full backup means a complete backup of all required files
• The incremental backup means the backup of only those files which have
been changed since previous backup.
• All organizations must have a definite backup policy.

Backup and Restore

• Backup and restore essentially consists of the copying of large numbers

of files from one place to another.
• UNIX in general provides three tools for the large scale storage of files: tar,
cpio and dump/restore.
• At least two of these systems should be available on any system.
cpio -- copy files to and from archives

Syntax
• cpio {-i} [options] [pattern...] [ _ archive]
• cpio {-o} [options] _ name-list [ _ archive]
• cpio {-p} [options] dest-dir _ name-list
cpio copies files between archives and directories.

• The first option to cpio is a mode indicator-

• -i Input. Read an archive from standard input and extract the contents
to disk or (if the –toption is
specified) list the contents to standard output.
• -o Output. Read a list of filenames from standard input & produce a
new archive on standard output
containingthe specified items.
• -p Pass-through. Read a list of filenames from standard input and copy
the files to the specified
directory.

E.g.:
• # ls | cpio –ov > /dev/fd0
• This copies the files in current directory to 1.44 MB floppy
• # cpio –iv < /dev/fd0
• This command restores the files from backup.
• Unless specifically stated otherwise, options are applicable in all operating
modes.

• -A(o mode) Append to the specified archive.

• -a(o and p modes) Reset access times on files after they are read.
• -B(o mode only) Block output to records of 5120 bytes.
• -C size (o mode only) Block output to records of size bytes.
• -c(o mode only) Use the old POSIX portable character format.
• -d(i and p modes) Create directories as necessary.
• -E file (i mode only) Read list of file name patterns from file to list and
extract.
• -F fileRead archive from or write archive to file.
• -f pattern (i mode only) Ignore files that match pattern.
 tar command-

• Used to create backups

• This command assembles various files into one package, commonly
called a "tarball".
• E.g.:
notes_1.txt
notes_2.txt
notes_3.txt
notes_4.txt
placed in a directory called /linux_course. To back them up and keep them
on a floppy, use the following command to package them in a tarball.

• tar -cvf linux_notes.tar notes*.txt

• c create or copy files to backup device

• v verbose-show what files they are
• f file -make a file - should always be the last option

Then you have the name of the file you want to create (linux_notes.tar) and
the files you want to backup (notes*.txt).

• # tar -cvf /dev/fd0 /home/sales/sql/*.sql

• # tar -xvf /dev/fd0

• c create or copy files to backup device

• v verbose-show what files they are
• f file -make a file - should always be the last option
Then you have the name of the file you want to create (linux_notes.tar) and
the files you want to backup (notes*.txt).
• x for extracting the files from backup device