Beruflich Dokumente
Kultur Dokumente
December 2010
Class Syllabus
&onday "hru /riday 0 1230am "o 4230pm 9:30am 0 Class s"ar"s 10:30am 0 14 minu"e morning brea5 10:45am 0 Class resumes 6rom 6irs" brea5 12:00pm 0 %rea5 6or lunch 1:00pm 0 Class resumes 6rom lunch 3:00pm 0 14 minu"e a6"ernoon brea5 3:15pm 0 Class resumes 6rom second brea5 5:30pm 0 Class ends 6or "he day ns"ruc"or2 Justin Richard Bleistein 'hone2 (856) 912 0861 *mail2 !leistein"theats#r$up%c$m
;ni: (vervie,
;< ! (vervie,
;ni: is an opera"ing sys"em originally developed by a group o6 AT=T %ell lab employees7 " ,as developed in 11>17 0 ?Dennis $i"chie, and @en Thompson ,ere "he main developersA7 The curren" o,ner o6 "he ;< ! "rademar5, is "he (pen Group7 The curren" o,ner o6 "he ;< ! Sys"em - code, ,hich AT=T originally ,ro"e is SC(7 The ;< ! code ,as licensed "o commercial companies such as %&, (racle+Sun, and .e,e"" 'ac5ard, so "hey could crea"e "heir o,n version o6 "he ;< ! opera"ing sys"em7 ;niversi"y o6 Cali6ornia, %er5eley developed "heir o,n versions o6 "he ;< ! opera"ing sys"em called /ree %SD, and <e" %SD7 These are no" as ,idely used as "he commercial, or Linu: li5e opera"ing sys"ems7
A ! %asic Sys"em Adminis"ra"ion 5
;< ! (vervie,
The his"ory o6 ;< ! goes bac5 "o "he 11>0Bs7 &assachuse""s ns"i"u"e o6 Technology ?& TA, AT=T %ell Labs, and General *lec"ric ?G*A developed an e:perimen"al opera"ing sys"em called &ul"ics7 ?&ul"iple:ed n6orma"ion and Compu"ing ServiceA7 AT=T a" some poin" pulled ou" o6 "he &ul"ics proCec"7 Some o6 "he developers con"inued "o ,or5 on i"7 n "he 11D0Bs a proCec" 5no,n as ;nics, ,hich la"er changed "o ;< ! commenced7 The 6irs" version ,as ,ri""en in assembly language, bu" in 11D3 i" ,as re8,ri""en using "he C programming language7
A ! (vervie,
'
A ! (vervie,
A ! s"ands 6or Advanced n"erac"ive e!ecu"ive A ! is %&Bs version o6 "he ;< ! opera"ing sys"em7 A !, %&Bs version o6 ;< ! compe"es ,i"h &icroso6" )indo,s server opera"ing sys"ems, and o"her proprie"ary ;< ! opera"ing sys"ems such as, (racleBs Sun Solaris, .e,e"" 'ac5ardBs .'8;!, and Tru>E ;ni:7 A ! is mainly used 6or en"erprise business compu"ing7 The la"es" version o6 A !, is A ! >717 This version ,as made generally available by %& in 200D7 A ! version D71 is curren"ly as o6, 2010, available via "he %& (pen %e"a release program7
A ! (vervie,
A ! comes ,i"h an L-&, Logical -olume &anager, in"egra"ed in"o "he opera"ing sys"em by de6aul"7 " has 6or years7 A ! suppor"s L'A$S, Logical 'ar"i"ions7 A ! suppor"s bo"h hard,are?L'A$SA and so6",are?)'A$SA vir"ualiFa"ion7 A ! suppor"s ne,es" hard,are o66erings such as 10 gig e"herne" adap"ers, and G gig 6ibre channel adap"ers7 A ! is complian" ,i"h Sys"em - ;ni: sys"em s"andards7 A ! provides advanced sys"em securi"y 6ea"ures, a" many levels7 A ! has advanced diagnos"ic applica"ions 6or hard,are and so6",are errors7
A ! (vervie,
A ! has a lo" in common ,i"h o"her proprie"ary ;ni: opera"ing sys"ems7 'roprie"ary ;ni: opera"ing sys"ems "ypically di66er ,i"h sysadmin "ools, and vir"ualiFa"ion "echnology7 A ! comes ,i"h a Cournaled 6ilesys"em 0 #/S27 The older version #/S is s"ill shipped ,i"h A !7 #/S2 ,ill allo, mul"i "eraby"e 6iles, and mul"i pe"aby"e 6ilesys"ems7 A ! provides in"egra"ed securi"y audi"ing 6ea"ures, allo,ing you "o audi" sys"em ac"ivi"y a" a very granular level7 A ! provides an in"egra"ed accoun"ing sys"em, so "ha" you can accoun" 6or user, and applica"ion usage o6 resources on "he sys"em7 This is especially use6ul in chargebac5 environmen"s7
10
A ! (vervie,
%y de6aul" A ! comes ,i"h a so6",are componen" 5no,n as )or5Load &anager 0 )L&7 This so6",are allo,s you "o logically divide a single A ! opera"ing sys"em in"o mul"iple classes by resources 6or applica"ions and users "o run i"7 'o,er.A, 6ormerly 5no,n as .AC&', provides high availabili"y clus"ering 6or A ! sys"ems7 This provides au"oma"ed 6ailover and 6allbac5 con6igura"ions7 This produc" does no" come ,i"h A ! by de6aul"7 Hou mus" purchase a separa"e so6",are license 6rom %&7 %y de6aul" A ! comes ,i"h a sys"em moni"oring "ool 0 $&C, $esource &oni"oring and Con"rol, ,hich can moni"or and reac" "o cer"ain A ! even"s, and "hen e:ecu"e a cer"ain ac"ion based on "ha" even", such as au"oma"ically email "he sysadmin, or some o"her sys"em based ac"ion7
11
A ! (vervie,
A ! comes ,i"h a bac5up u"ili"y 5no,n as m5sysb 0 &a@e SHS"em %ac5up7 This u"ili"y ,ill allo, you "o crea"e a boo"able sys"em bac5up ,hich you ,ill use 6or sys"em disas"er recovery scenarios7 A ! comes ,i"h ano"her bac5up u"ili"y, called bac5up7 This command allo,s you "o bac5up a" a 6ile, and+or direc"ory level7 The coun"erpar" "o "his command is "he res"ore command, ,hich allo,s you "o res"ore "he 6iles and+or direc"ories you bac5ed up ,i"h "he bac5up command7 A ! comes ,i"h i"Bs o,n so6",are managemen" subsys"em, 6or so6",are7 " can manage so6",are inven"ory 6or bo"h L'' 6orma" so6",are, and $'& 6orma" so6",are7
12
A ! (vervie,
S"ar"ing in A ! version 471, Linu: a66ini"y is in"egra"ed in"o "he opera"ing sys"em7 &edia comes ,i"h A ! called, Linu: Applica"ions Toolbo: 6or A !7 Con"en"s o6 media are also available 6or 6ree do,nload via "he in"erne" 6rom %&7 This media con"ains %& cer"i6ied Linu: applica"ions compiled "o run on '()*$ sys"ems7 The rpm command, ,hich ins"alls Linu: so6",are is included by de6aul" in A !7 The source code "o "hese applica"ions are also available7 S"ar"ing in A ! version 471, a lo" o6 A ! no, con"ains archi"ec"ure, ,hich is mos" commonly 6ound on Linu: based sys"ems7
13
A ! overvie,
A ! version release his"ory2 11G> 0 A ! version 170 0 270 11G1 0 A ! version 171 6or "he 'S+2 'C 11G1 0 A ! version 370 6or $ SC+>000 line o6 servers 1112 0 A ! version 372 6or $ SC+>000 line o6 servers 111E 0 A ! version E70 6or $ SC+>000 line o6 servers 1114 0 A ! version E71 6or $ SC+>000 line o6 servers 111> 0 A ! version E72 6or $ SC+>000 line o6 servers 111D 0 A ! version E73 6or $ SC+>000 line o6 servers 1111 0 A ! version E7373 6or $ SC+>000 line o6 servers 2001 0 A ! version 471 6or $ SC+>000 and '()*$ servers 2002 0 A ! version 472 6or '()*$ servers 200E 0 A ! version 473 6or '()*$ servers 200D 0 A ! version >71 6or '()*$ servers 2011 0 A ! version D717 0 T*<TAT -*7
A ! %asic Sys"em Adminis"ra"ion 14
A ! overvie,
15
A ,ord on Linu:
Linu: is a clone o6 "he ;< ! opera"ing sys"em7 " is "echnically no" considered ;< !7 The 6irs" Linu: 5ernel ,as developed by Linus Trorvalds in 11117 Linu:Bs origins are 6ound in "he & <! opera"ing sys"em proCec" ,hich ,as a minimal ;ni: li5e opera"ing sys"em used 6or educa"ional purposes, e"c7 " ,as released in 11GD7 Linu: ac"ually s"ar"ed because Linus ,as 6rus"ra"ed ,i"h "he licensing o6 "he & < ! opera"ing sys"em7 There are many di66eren" dis"ribu"ions o6 "he Linu: opera"ing sys"em, aimed 6or di66eren" "hings, "he ",o mos" used in "he business compu"ing ,orld ho,ever are2 <ovell Suse Linu: and $ed .a" Linu: used mos"ly in *urope and in "he ;7S7 respec"ively7
16
1'
18
19
20
21
22
23
24
25
26
2'
28
29
30
31
32
%& '()*$ line o6 servers p> 0 #S12, #S22, #S23, and #SE3
;43
33
34
%& '()*$ line o6 servers pD 0 'SD00, 'SD01, PS700 Single wide blade. and 'SD02
Up to 64 GB of memory/RAM Up to 1 X 3.. G!"a#ert$ processors 4 core %&'(R processors %ower+M capa,!l!t!es PS701 Single wide blade. Up to 121 GB of memory/RAM Up to 1 X 3.. G!"a#ert$ processors 1 core %&'(R processors %ower+M capa,!l!t!es PS702 Double wide blade. Up to 206 GB of memory/RAM Up to 2 X 3.. G!"a#ert$ processors 16 core %&'(R processors %ower+M capa,!l!t!es
35
36
3'
38
39
40
41
42
43
44
45
46
4'
48
49
(ur Lab
The con6igura"ion o6 "he ATS lab, The nnova"ion Cen"er, ,eBll be using in "his ,ee5Bs class is as 6ollo,s7 T,o '()*$D blades2 'SD007 They have "he 6ollo,ing specs2 8 E %& 'o,er D processors7 8 32 Gigaby"es o6 real memory+$A&7 8 2 ! 300 Gigaby"e in"ernal hard dis5s7
50
(ur Lab
*ach blade has 13 A ! L'A$S crea"ed on "hem7 A ! version >71 TL > S' 27 )e ,ill be using 4 L'A$s 6rom "he 6irs" blade, %lade I 132 Gvicai:01 Gvicai:02 Gvicai:03 Gvicai:0E Gvicai:04
51
(ur Lab
)e ,ill be using 2 L'A$s 6rom "he second blade, %lade I 1E2 Gvicai:0> Gvicai:0D 8 The login name is roo", and "here is curren"ly no pass,ord se"7
The ns"ruc"or ,ill no, assign "hem7 *very s"uden" ,ill be assigned "heir o,n L'A$7
A ! %asic Sys"em Adminis"ra"ion 52
(ur Lab
(ur lab ne",or5 is a s"andard, Class C, 6la" ne",or5, on subne" 11271>G72E07 The ' addresses o6 "he L'A$S are lis"ed belo,2 &(icai)01 0 11271>G72E07123 &(icai)02 0 11271>G72E0712E &(icai)03 0 11271>G72E07124 &(icai)04 0 11271>G72E0712> &(icai)05 0 11271>G72E0712D &(icai)06 0 11271>G72E07134 &(icai)0' 0 11271>G72E0713>
53
(ur Lab
(n your des5"op you should have an applica"ion called, 'u""y7 Go ahead and double8clic5 on i"2
54
(ur Lab
(nce "he applica"ion s"ar"s "ype in "he ' address o6 your assigned L'A$2
(ur Lab
The n"egra"ed -ir"ualiFa"ion &anager, -&, is a ,eb in"er6ace ,hich allo,s you "o manage a physical sys"em ,hich has vir"ual A ! opera"ing sys"ems running on i"7 n "his class ,e ,ill use "his in"er6ace "o gain console access "o our L'A$S7 (pen "he &icroso6" n"erne" *:plorer "o "he 6ollo,ing address2 http:**192%168%240%101 ?/or s"uden"s on L'A$S2 Gvicai:01, "hru Gvicai:04A (r http:**192%168%240%102 ?/or s"uden"s on L'A$S2 Gvicai:0>, and Gvicai:0DA Login 6or bo"h2 padmin 'ass,ord 6or bo"h2 i!mi!m A6"er you open i" minimiFe "he ,indo,, you ,ill need i" in la"er labs7
A ! %asic Sys"em Adminis"ra"ion 56
(ur Lab
5'
(ur Lab
58
59
61
62
63
64
65
66
6'
68
69
'0
'1
'2
'3
'4
'5
'6
''
%y A ! %(S ins"alla"ion de6aul" "he only user ,hich is available "o log in"o is "he user Jroo"K7 $oo" is "he adminis"ra"or o6 "he sys"em7 "Bs "he mos" po,er6ul user8id on "he sys"em7 <o"e2 A synonym 6or roo" is Super user7
A ! %asic Sys"em Adminis"ra"ion '8
'9
80
*TCR The @orn shell is "he de6aul" in A !7 )hen you ins"all "he sys"em, and crea"e regular users, "hey ,ill be placed in"o "he @orn shell in "heir home direc"ory au"oma"ically ,hen "hey log in"o "he sys"em7
A ! %asic Sys"em Adminis"ra"ion 81
82
83
To se" "he pass,ord o6 "he roo" user, or any user 6or "ha" ma""er use "he pass,d command7
I pass/d Changing pass,ord 6or Sroo"S roo"Ts <e, pass,ord2 *n"er "he ne, pass,ord again2 I
The pass,ord ,ill no" be visible as you are en"ering i"7 Hou ,ill have "o con6irm i", once i"Bs "yped in7 The sys"em does "his "o preven" "ypos, and 6or securi"y reasons7
A ! %asic Sys"em Adminis"ra"ion 84
Connec"ion closed 0 ?'u""y closesA7 (pen ano"her connec"ion "o "he sys"em, and login as "he roo" user again2
A ! -ersion > Copyrigh" %& Corpora"ion, 11G2, 200D7 login2 r$$t roo"Ts 'ass,ord2 O&(TD S D S'LAH*D, T.*< @($< S.*LL '$(&'TO
<o"ice "ha" "he sys"em no, promp"s you 6or a pass,ord because you se" i" 6or "he roo" user7
A ! %asic Sys"em Adminis"ra"ion 85
86
8'
88
I cal Sep"ember 2001 Sun &on Tue )ed Thu /ri Sa" 1 2 3 E 4 > D G 1 10 11 12 13 1E 14 1> 1D 1G 11 20 21 22 23 2E 24 2> 2D 2G 21 30 I
89
90
91
*ven "hough you Cus" "yped in "he da"e command, you ,ill also ge" "he curren" "ime as ,ell7 <o"e "ha" "ime is mili"ary by de6au" in ;ni:7
92
<o"e, even "hough bc s"ands 6or basic calcula"or, i" does have "he capabili"y o6 doing more comple: calcula"ions o"her "han Cus" ari"hme"ic, as sho,n above7
A ! %asic Sys"em Adminis"ra"ion 93
94
<o"e2 (n mos" "erminals "oday, you can move around ,i"h "he normal 5eyboard arro,s7
95
I cat *5ile This is "he bes" ;ni: class have ever been "o7 ,ould recommend i" "o anyone7 I
96
I head .1 5ile This is "he bes" ;ni: class have ever been "o7 I
%y de6aul" "he head command ,ill sho, you "he 6irs" "en lines o6 a 6ile7
9'
%y de6aul" "he "ail command ,ill sho, you "he las" "en lines o6 a 6ile7 <o"e2 There is also a "ail 06, ,hich provides s"reaming ou"pu" o6 "he las" line o6 a 6ile7
A ! %asic Sys"em Adminis"ra"ion 98
99
100
101
102
##### # # # #
####
#####
####
####
####
103
104
<o"e, "he ;ni: cu" command doesnB" do much ,i"hou" "his pipe symbol, or 6eeding a 6ile "o i"7 Le"Bs say you ,an"ed only "o display "he 6irs" "hree charac"ers o6 "he da"e command ou"pu"7 Hou ,ould have "o use "he cu" command "o accomplish "his7 Le"Bs say you ,an"ed "o accomplish "his ,i"h one command7 )ha" you can do is e:ecu"e "he da"e command, "hen "ie i" "o "he cu" command ,i"h a ;ni: pipe7
I date /ri Sep E 2023>2EG *DT 2001 I date : cut .c1.3 /ri I
105
106
10'
108
6 you use a ], or a 0 here i" ,ill allo, you "o move 6or,ard, or bac5 by one page respec"ively7
A ! %asic Sys"em Adminis"ra"ion 109
<o"e, variables are no" discussed in dep"h in "his course7 They ,ould be discussed in more de"ail in a ;ni: shell scrip"ing+programming course7
A ! %asic Sys"em Adminis"ra"ion 110
111
Log ou" o6 "he sys"em via "he e:i" command, and "hen login as roo" again, by opening ano"her 'u""y session7 Hou ,ill no"ice "ha" "he promp" rese" i"sel6 bac5 "o ,ha" i" ,as originally7 This behaivor is discussed ,i"h more de"ail in "he ;ser &anagemen" sec"ion7
112
113
115
This command s"ands 6or 'resen" )or5ing Direc"ory7 This ,ill "ell you ,here e:ac"ly on "he direc"ory hierarchy+"ree you curren"ly are7 <o"ice ho, you are in J+K7 This means you are a" "he "op o6 "he direc"ory "ree7 This is roo"Bs home direc"ory7 <ormally ,hen you crea"e a regular user "he de6aul" home direc"ory ,ill be +home+userNname7 Since "his is "he roo" user, +, is "he home direc"ory7 &ore de"ails on user home direc"ories in "he ;ser &anagemen" sec"ion7
A ! %asic Sys"em Adminis"ra"ion 116
This is "he roo" direc"ory lis"ing ,hich is de6aul" a6"er %(S ins"alla"ion7
A ! %asic Sys"em Adminis"ra"ion 11'
This command added + a" "he end o6 "he obCec"s ,hich are direc"ories7 <o"e, "his command also sho,s "he _ symbol a" "he end o6 cer"ain direc"ories7 This means "hese are lin5s7 Lin5s mean "ha" "he direc"ory, or 6ile ac"ually re6ers "o ano"her 6ile, or direc"ory7
118
119
120
<o"ice, ho, "he ou"pu" o6 "he p,d command changes7 <o, you are in "he +"mp direc"ory7 Hou are no longer in "he + direc"ory7
121
This is a shor"cu" in ;ni: shells "o move bac5 "o your previous direc"ory7
A ! %asic Sys"em Adminis"ra"ion 122
123
<o"ice "he ne, direc"ory pa"h, and ho, "here are no 6iles in "his ne, direc"ory7 <o"e, direc"ory names have a limi" o6 256 charac"ers 0 ?alphanumericA7
A ! %asic Sys"em Adminis"ra"ion 124
sys"em
126
Hou canB" because "he direc"ories donB" e:is"7 (5, no problem again, righ"9 Le"Bs go ahead and crea"e "he direc"ories 6or "his 6ile2
I m8dir *tmp*testdir*testdir2*testdir3 m5dir2 0>43834D Canno" access direc"ory +"mp+"es"dir+"es"dir27 +"mp+"es"dir+"es"dir22 A 6ile or direc"ory in "he pa"h name does no" e:is"7 I
12'
128
24> Sep E 2320E 7 E01> Sep 4 1>204 77 24> Sep E 2222E dirab 0 Sep E 22223 6ilea 0 Sep E 22223 6ileb 0 Sep E 22223 6ilec
129
130
24> Sep E 2222E dirab 0 Sep E 22223 6ilea 0 Sep E 22223 6ileb 0 Sep E 22223 6ilec 21 Sep E 22234 6iled
6 you use double grea"er "han sign XX, "hen "ha" commandBs ou"pu" ,ill append "o "he end o6 "he already e:is"ing 6ile
I date CC 5iled I cat 5iled /ri Sep E 2223421> *DT 2001 /ri Sep E 2223D233 *DT 2001 I
131
Commands ,hich end ,i"h errors do no" ge" direc"ed "o a 6ile by de6aul"7 They ge" direc"ed "o some"hing ,hich called s"derr 0 STanDard *$$or7
I dati C 5iled @sh2 da"i2 no" 6ound I cat 5iled I I dati 2C 5iled I cat 5iled 5sh2 da"i2 no" 6ound I dati 2CC 5iled I cat 5iled 5sh2 da"i2 no" 6ound 5sh2 da"i2 no" 6ound
132
sys"em
133
6 you ,an"ed "o append "o a 6ile using "ee, you ,ould use "he 0a op"ion o6 "he "ee command7
I date : tee 5iled /ri Sep E 2224>22D *DT 2001 I cat 5iled /ri Sep E 2224>22D *DT 2001 I I date : tee .a 5iled /ri Sep E 2224D22E *DT 2001 I cat 5iled /ri Sep E 2224>22D *DT 2001 /ri Sep E 2224D22E *DT 2001 I
134
sys"em sys"em
I cat 5iled /ri Sep E 2224>22D *DT 2001 /ri Sep E 2224D22E *DT 2001 I cat 5ilee /ri Sep E 2224>22D *DT 2001 /ri Sep E 2224D22E *DT 2001 I
135
sys"em
24> Sep E 2222E dirab 0 Sep E 22223 6ilea 0 Sep E 22223 6ileb 0 Sep E 22223 6ilec 4G Sep E 2224D 6ilee
136
sys"em
I rmdir dira! I ls .ld dira! ls2 0>4383E1 The 6ile dirab does no" e:is"7 I
13'
0 Sep E 1E2E3 6ilea 0 Sep E 1E2E3 6ileb 0 Sep E 1E2E3 6ilec 4G Sep E 23201 6ilee
1 roo" 1 roo"
sys"em sys"em
138
139
Hou ,ere no" able "o do so, because "his direc"ory is no" emp"y7 Hou have ",o op"ions, you can dele"e every"hing in "his direc"ory manually, or you could issue "he 6ollo,ing command2
I rm .r *tmp*testdir I ls .ld *tmp*testdir ls2 0>4383E1 The 6ile +"mp+"es"dir does no" e:is"7 I
140
141
S& T
A ! has "he mos" e:"ensive uni: sys"ems managemen" "ool 0 smi" S& T
Sys"ems &anagemen" n"er6ace Tool
nvo5e using "he command smit or smitty Logging under user home direc"ory
0 $oo" "his is "ypically +smi"7log
;sed 6or audi"ing, building scrip"s S& T covers abou" L14^ o6 sys"em adminis"ra"ion "as5s7 S& T e:ecu"es commands under "he covers "o accomplish i"Bs "as5s7 Con6igura"ion en"ered via S& T menus are persis"en" across reboo"s7 S& T menus can be crea"ed, and "ailored "o any environmen"7
A ! %asic Sys"em Adminis"ra"ion 142
S& T
I smittH
143
S& T
144
S& T
145
S& T
146
S& T
14'
S& T
/as" pa"hs are a shor"cu" in S& T, allo,ing you "o Cump do,n "he menu hierarchy righ" "o "he menu you desire7
I smittH users
148
S& T
The 6as" pa"h o6 a speci6ic menu screen can be de"ermined by pressing "he W/GX 5ey ,hile in "ha" menu7 <o"e, i6 i"Bs a "e:" screen session press *SC]I7
S& T
Hou can use "he smi" W/>X 5ey ,hile in a menu, "o de"ermine ,hich command smi" is calling under "he convers7
I smittH shutd$/n
W/10X
A ! %asic Sys"em Adminis"ra"ion 150
S& T
Hou could use "he S& T W/1X 5ey "o e:i" ou" "o an A ! command shell promp", "emporarily, 6rom ,i"hin a S& T menu7
I smittH I smi""y
'ress W/1X I
151
S& T
152
S& T
Type in "he command e:i", "o re"urn "o "he S& T menu session7
I I e)it
153
S& T
Hou can press W/1X a" any poin" ,hile in S& T "o vie, "he help o6 "ha" par"icular S& T menu screen
W/10X
A ! %asic Sys"em Adminis"ra"ion 154
S& T
Go "o "he change user a""ribu"e smi""y ,indo, via i"Bs 6as"pa"h7 .i" W/EX7 This ,ill genera"e a pic5 lis"7 Smi" provides "his as a easy ,ay "o selec" "he obCec", in "his case user name, you ,ould li5e "o edi"7
I smittH chuser
155
S& T
Smi""y also has a search s"ring 6unc"ion7 )hen you ,an" "o search 6or some"hing in a smi" screen use "he + 5ey, and "hen "ype in "he s"ring you ,ish "o search 6or in "ha" smi" menu7
156
S& T
S& T
S& T also has a graphical version7
158
S& T
n graphical S& T, "here is a graphic o6 a man, Jroc5yK, running ,hen a command is running2
159
S& T
n graphical S& T "here is a graphic o6 a man, Jroc5yK, ,ho 6alls 6la" on his 6ace ,hen a command 6ails7
160
S& T
n graphical S& T "here is a graphic o6 a man, Jroc5yK, ,ho raises his hand in "riumph 6ollo,ing a success6ul command e:ecu"ion
161
S& T
162
A ! ;ser &anagemen"
163
A ! ;ser &anagemen"
To crea"e a user8id on A !, ei"her use "he smi", Sys"em &anagemen" n"er6ace Tool, or "he command m5user, ,hich is shor" 6or &a@e;S*$7 <o"e, "here is a limi" o6 G alphanumeric charac"ers 6or a user name7 pre6er "o use smi"7 "Bs more produc"ive "han "he command line7 8
I smittH m8user I76 JKIR ;0R7- <=>6
164
A ! ;ser &anagemen"
)ha" is "he m5user doing 9
&odi6ying 6iles2 +e"c+pass,d7 +e"c+group Also +e"c+securi"y+pass,d, group, users, limi"s
These 6iles can be edi"ed 6 "hey ge" ou" o6 sync, chec5 6or consis"ency2
usrc5 p,dc5 grpc5
165
A ! ;ser &anagemen"
;sers on "he sys"em are de6ined in "he +e"c+pass,d 6ile7 This 6ile has "he 6ollo,ing 6orma"7 I76RL<=>6 : MK&0<L7J>BKM : I01 : &01 :&6,K7: NK>6L10R6,-KRJ : 7N6MM The P in "he second 6ield indica"es "ha" "he pass,ord is in "he shado, 6ile7 The O in "he second 6ield indica"es "ha" "he user canB" login7
I ls .l *etc*pass/d 8r,8r88r88 1 roo" securi"y EGE Sep 4 2123G +e"c+pass,d
I cat *etc*pass/d roo"2P202022+2+usr+bin+5sh daemon2P212122+e"c2 bin2P222222+bin2 sys2P232322+usr+sys2 adm2P2E2E22+var+adm2 uucp2P242422+usr+lib+uucp2 gues"2P2100210022+home+gues"2 nobody2P2E21E1>D21E2E21E1>D21E22+2 lpd2P212E21E1>D21E22+2 lp2O21121122+var+spool+lp2+bin+6alse snapp2O22002122snapp login user2+usr+sbin+snapp2+usr+sbin+snappd nuucp2O2>242uucp login user2+var+spool+uucppublic2+usr+sbin+uucp+uucico
166
A ! ;ser &anagemen"
The shado, 6ile, is ,here "he encryp"ed pass,ord o6 all users are 5ep"7 The +e"c+pass,d 6ile is read by user8ids as "hey log in"o "he sys"em, "he P ne:" "o "heir userid in "ha" 6ile, "ells "he login program "o chec5 "he shado, 6ile, +e"c+securi"y+pass,d, 6or "he ac"ual pass,ord "o au"hen"ica"e you in"o "he sys"em7 (lder ;ni: sys"ems used "he +e"c+pass,d 6ile "o s"ore "he encryp"ed pass,ord7
I ls .l *etc*securitH*pass/d 8r,8888888 1 roo" securi"y 313 Sep 4 212E2 +e"c+securi"y+pass,d
I cat *etc*securitH*pass/d roo"2 pass,ord Q /y0ub:g..%r/& las"upda"e Q 12420G232D 6lags Q daemon2 pass,ord Q O bin2 pass,ord Q O R7
16'
A ! ;ser &anagemen"
The +e"c+group 6ile con"ains "he user+group memberships o6 all users de6ined "o "he sys"em7 <o"e "he second 6ield, P , is no" valid anymore7
I ls .l *etc*#r$up 8r,8r88r88 1 roo" securi"y 32D Sep 4 2123D +e"c+group
I cat *etc*#r$up sys"em2P202roo",pconsole s"a662P212Cus"in bin2P222roo",bin sys2P232roo",bin,sys adm2P2E2bin,adm uucp2P242uucp,nuucp mail2P2>2 securi"y2P2D2roo" cron2P2G2roo" prin"M2P212lp audi"2P2102roo" ecs2P22G2 nobody2P2E21E1>D21E2nobody,lpd usr2P21002gues" per62P2202 shu"do,n2P2212 lp2P2112roo",lp snapp2P2122snapp pconsole2P2132pconsole
168
A ! ;ser &anagemen"
A6"er "he user is crea"ed you ,ill see i" via "he id command, or lis"users command7
I id ustin uidQ202?Cus"inA gidQ1?s"a66A I listusers gues" Cus"in lp nobody pconsole snapp snapp login user I
A6"er you crea"e "he user id, you as roo" ,ill have "o se" "ha" user idBs login pass,ord
I pass/d ustin Changing pass,ord 6or SCus"inS Cus"inTs <e, pass,ord2 $e8en"er Cus"inTs ne, pass,ord2 I
A ! ;ser &anagemen"
<o, log o66, by "yping in e:i", and "hen login again as user Cus"in7
I e)it Connec"ion Closed7 ?'u""y closesA7
Connec" "o "he sys"em again, and login as ne,ly crea"ed user Cus"in
A ! -ersion > Copyrigh" %& Corpora"ion, 11G2, 200D7 login2 ustin Cus"inTs 'ass,ord2 Ucompa"V2 Hou are reMuired "o change your pass,ord7 'lease choose a ne, one7 Cus"inTs <e, pass,ord2 $e8en"er Cus"inTs ne, pass,ord2 OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO O O O O O )elcome "o A ! -ersion >71P O O O O O O 'lease see "he $*AD&* 6ile in +usr+lpp+bos 6or in6orma"ion per"inen" "o O O "his release o6 "he A ! (pera"ing Sys"em7 O O O O O OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO Y
1'0
A ! ;ser &anagemen"
<o"ice, even "hough you as roo" se" "his userBs pass,ord7 The sys"em s"ill promp"s "he user "o change "his pass,ord upon ini"ial login7 This is done 6or securi"y reasons7 Also, no"ice "ha" "he same message o6 "he day is displayed "o "his user ,hen "hey login7 A6"er "he user logs in no"ice "he dollar8sign, Y, shell promp"7 This shell promp" indica"es "ha" "his user is a regular, non8roo"+admin user7 The id command ,ill veri6y "ha" you are no, logged in as user Cus"in7
Y id uidQ202?Cus"inA gidQ1?s"a66A Y
Also no"ice "he de6aul" user group7 The user is au"oma"ically pu" in "he s"a66 user group ,hen crea"ed7 This is 6or all non8admin users7
A ! %asic Sys"em Adminis"ra"ion 1'1
A ! ;ser &anagemen"
<o"ice "his ini"ial direc"ory you are placed in ,hen you 6irs" log in"o "he sys"em7 The de6aul" home direc"ory 6or non8roo" users is +home+userNname7
Y p/d +home+Cus"in Y
There is a special charac"er ,hich is used as a shor" cu" 6or someoneBs home direc"ory7 A ,ay "o go "o your home direc"ory use L;S*$
Y ls .ld O dr,:r8:r8: 2 Cus"in s"a66 Y ls .ld O ustin dr,:r8:r8: 2 Cus"in s"a66 Y ls .ld O#uest dr,:r8:r8: 2 gues" usr Y #rep .i #uest *etc*pass/d gues"2P2100210022+home+gues"2 Y 24> Dec 02 10234 +home+Cus"in 24> Dec 02 10234 +home+Cus"in 24> Apr 14 2010 +home+gues"
1'2
A ! ;ser &anagemen"
$ecommended home direc"ory se"up 6or environmen"s7 Justin -ipPPP Se"up a sub home direc"ory up 6or each user group ,i"hin your organiFa"ion7 D%AsB home direc"ories2
I ls .ld *h$me*d!a dr,:r8:r8: 14 oracle dba I ls .l *h$me*d!a "o"al 13 dr,:r8:r8: 2 chouer dba dr,:r8:r8: 2 dai6ran dba dr,:r8:r8: 2 govindb dba dr,:r8:r8: 2 harishp dba dr,:r8:r8: 2 heuveln dba dr,:r8:r8: 2 Caschi6 dba dr,:r8:r8: 2 lipaul dba dr,:r8:r8: 2 oracle dba dr,:r8:r8: 2 raghupm dba dr,:r8:r8: 2 suhCos dba dr,:r8:r8: 2 ,i""en dba dr,:r8:r8: 2 :iaodan dba dr,:r8:r8: 2 Fheng, dba 412 #ul 24 102E1 +home+dba
412 #an 10 200> chouer 412 #ul 03 01231 dai6ran 412 #ul 24 102E1 govindb 412 &ay 23 2004 harishp 412 #un 22 0323G heuveln 412 #un 04 1024G Caschi6 412 &ay 2G 2004 lipaul 412 #ul 1G 01210 oracle 412 #un 24 14243 raghupm 412 &ar 2G 2004 suhCos 412 Apr 10 200> ,i""en 412 Dec 04 2004 :iaodan 412 Sep 13 2004 Fheng,
1'3
A ! ;ser &anagemen"
The applica"ion adminis"ra"orTs home direc"ories2
I ls .ld *h$me*appl dr,:r,:r,: 1E roo"
appldev
I ls .l *h$me*appl "o"al 12 dr,:r8:r8: 2 bas"enp ds"age dr,:r8:r8: 2 6la5e, ds"age dr,:r8:r8: 2 hendri5 ds"age dr,:r8:r8: E 5ilcul" ds"age dr,:r8:r8: 2 moserm ds"age dr,:r8:r8: 2 moun"C ds"age dr,:r8:r8: 2 ra"hins ds"age dr,:r8:r8: 3 ra"hins ds"age dr,:r8:r8: 2 vanhoop ds"age dr,:r8:r8: 2 ,er6ad ds"age dr,:r8:r8: 2 Fagorob ds"age dr,:r8:r8: 2 Fagorob ds"age
412 #ul 11 1222G bas"enp 412 #ul 10 14202 6la5e, 412 #ul 2E 14222 hendri5 412 #ul 1G 112E3 5il5ul" 412 #ul 10 1421E moserm 412 #ul 10 1420G moun"C 412 #ul 10 14204 ra"hens 412 #ul 20 102E0 ra"hins 412 #ul 30 0G202 vanhoop 412 #ul 1> 01221 ,er6ad 412 #ul 31 1122D Fagorob 412 #ul 31 11224 Fagorov
1'4
A ! ;ser &anagemen"
$ese" your o,n pass,ord "o some"hing di66eren"7
Y id uidQ20>?Cus"inA gidQ1?s"a66A Y pass/d Changing pass,ord 6or SCus"inS Cus"inTs (ld pass,ord2 Cus"inTs <e, pass,ord2 $e8en"er Cus"inTs ne, pass,ord2 Y
<o,, log o66 o6 "he sys"em as user Cus"in by "yping in "he e:i" command, and "hen log in"o "he sys"em again as user roo"7
A ! %asic Sys"em Adminis"ra"ion 1'5
A ! ;ser &anagemen"
Le"Bs say "ha" user Cus"in calls you, "he admin, and con6esses "o you "ha" "hey have 6orgo""en "heir login pass,ord, and you have "o rese" i" no, 6or "hem7 Hou do "ha" ,i"h "he pass,d Cus"in command as you did be6ore, bu" no"ice "he di66erence be",een ,hen you se" "he pass,ord as "he user him+hersel6, and ,hen you se" "he pass,ord as "he roo" user7 <o"ice "ha" ,hen you rese" i" as "he user "hemselves you ,ill be promp"ed 6or "he old pass,ord, and "hen "he ne, one7 This is done 6or securi"y reasons, bu" ,hen you se" someone elseBs pass,ord as "he roo" user, you are no" reMuired "o provide "he curren" pass,ord7 $oo" has "he po,er "o override "his e:"ra securi"y chec5, and "his ,ill also prove use6ul ,hen rese""ing a 6orgo""en pass,ord 6or someone7
1'6
A ! ;ser &anagemen"
To de"ermine ,ho is curren"ly logged in"o "he sys"em use "he ,ho command
I /h$ roo" I
p"s+0
Sep 4 21224
?11271>G722071A
1''
A ! ;ser &anagemen"
The las" command can assis" you in de"ermining "he login his"ory o6 a user in"o "he sys"em7
I last r$$t roo" p"s+0 roo" p"s+0 R
11271>G722071 11271>G722071
1'8
A ! ;ser &anagemen"
Le"Bs say you ,an"ed "o per6orm some sor" o6 sys"em main"enance, and you didnB" ,an" any users "o login during "his "ime7 Hou can do "his ,i"h a 6ile called +e"c+nologin7 Any s"ring you pu" in "ha" 6ile ,ill be displayed "o users a""emp"ing "o log in"o "he sys"em7
I ech$ B-N6 7J7-6> 07 ,IRR6<-MJ I<=Q=0M=BM6% ,N6,+ B=,+ M=-6R%B C *etc*n$l$#in I ls .l *etc*n$l$#in 8r,8r88r88 1 roo" sys"em 44 Sep 4 222E2 +e"c+nologin I cat *etc*n$l$#in T.* SHST*& S C;$$*<TLH ;<A-A LA%L*7 C.*C@ %AC@ LAT*$7 I
<o,, log ou" ,i"h e:i", and a""emp" "o login as user2 Cus"in2
A ! -ersion > Copyrigh" %& Corpora"ion, 11G2, 200D7 login2 ustin Cus"inTs 'ass,ord2 T.* SHST*& S C;$$*<TLH ;<A-A LA%L*7 C.*C@ %AC@ LAT*$7 login2
<o"e2 The echo command is discussed in more dep"h in a ;ni: programming+shell scrip"ing course7
A ! %asic Sys"em Adminis"ra"ion 1'9
A ! ;ser &anagemen"
<o"e, "he roo" user can bypass "his res"ric"ion and logon7 Also, userBs curren"ly logged on, ,hen you crea"e "his 6ile ,ill no" be a66ec"ed7 Tes" "ha" roo" can override "his7 Login again as roo" and i" ,ill succeed, regardless o6 "his +e"c+nologin 6ile being presen"2
AIX Version 6 opyright I!" orporation# $%&'# '($(. login) root root*s +ass,ord) ------------------------------------------------------------------------------- .elcome to AIX Version 6.$/ - +lease see the 01A2"1 file in 3usr3lpp3bos for information pertinent to - this release of the AIX 4perating 5ystem. ------------------------------------------------------------------------------6ast unsuccessful login) .ed 2ec $ (()7%)7' 58 '($( on 3dev3pts3$ from gvicaix($ 6ast login) 8hu 2ec ' (&)9%):7 58 '($( on 3dev3pts3( from $%'.$6&.'7(.&
180
A ! ;ser &anagemen"
)hen you remove "his 6ile, "hen users ,ill be able "o log in"o "he sys"em once again7
I ls .l *etc*n$l$#in 8r,8r88r88 1 roo" sys"em I rm *etc*n$l$#in I ls .l *etc*n$l$#in +e"c+nologin no" 6ound I 44 Sep 4 222E2 +e"c+nologin
<on8roo" logins are no, re8enabled once again7 'lease no"e "ha" reboo"ing "he sys"em ,ill au"oma"ically remove "his 6ile 6rom "he sys"em as ,ell7
181
A ! ;ser &anagemen"
Log ou", ,i"h "he e:i" command, and "hen log bac5 in"o "he sys"em as "he Cus"in user, "o veri6y "ha" non8roo" user logins are no, re8enabled7
I e)it Connec"ion closed AIX Version 6 opyright I!" orporation# $%&'# '($(. login) justin ;ustin*s +ass,ord) ------------------------------------------------------------------------------- .elcome to AIX Version 6.$/ - +lease see the 01A2"1 file in 3usr3lpp3bos for information pertinent to - this release of the AIX 4perating 5ystem. ------------------------------------------------------------------------------$ unsuccessful login attempt since last login. 6ast unsuccessful login) 8hu 2ec ' $()'$)': 58 '($( on 3dev3pts3$ from $%'.$6&.'7(.& 6ast login) 8hu 2ec ' $()$:)$6 58 '($( on 3dev3pts3$ from loopbac<
182
A ! ;ser &anagemen"
Logou" ,i"h, e:i" and log bac5 in"o "he sys"em again as roo"2
Y e)it Connec"ion closed AIX Version 6 opyright I!" orporation# $%&'# '($(. login) root ;ustin*s +ass,ord) ------------------------------------------------------------------------------ .elcome to AIX Version 6.$/ - +lease see the 01A2"1 file in 3usr3lpp3bos for information pertinent to - this release of the AIX 4perating 5ystem. A !- %asic Sys"em Adminis"ra"ion 183
A ! ;ser &anagemen"
The de6aul" message o6 "he day, &(TD, ,hich is displayed ,hen you log in"o "he sys"em can be changed7 "Bs changed by edi"ing "he 6ile +e"c+mo"d7
I cat *etc*m$td OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO O O O O O )elcome "o A ! -ersion >71P O O O O O O 'lease see "he $*AD&* 6ile in +usr+lpp+bos 6or in6orma"ion per"inen" "o O O "his release o6 "he A ! (pera"ing Sys"em7 O O O O O OOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOO I I ech$ RSelc$me t$ mH =0T sHstemU C *etc*m$td I ech$ RU CC *etc*m$td I !anner pr$ducti$n CC *etc*m$td I ech$ RU CC *etc*m$td
184
A ! ;ser &anagemen"
# cat /etc/motd .elcome to my AIX system ##### # # # # ##### # # # ##### # # # # ##### # # # # #### # # # # # # # # #### ##### # # # # # # # # ##### # # # # # # # # # # #### #### # # # # # # #### ##### # # # # # # # # # # # #### # # # # # # # # #### # # ## # # # # # # # # ## # #
185
A ! ;ser &anagemen"
Log o66 by "yping in e:i", and "hen login as roo" again7
AIX Version 6 opyright I!" orporation# $%&'# '($(. login) root root*s +ass,ord) .elcome to my AIX system ##### # # # # ##### # # ##### # # # # ##### # # # # #### # # # # # # # # #### ##### # # # # # # # # ##### # # # # # # # # # # #### #### # # # # # # #### ##### # # # # # # # # # # # #### # # # # # # # # #### # # ## # # # # # # # # ## # #
6ast unsuccessful login) =ri >ov '6 $%):&)99 58 '($( on 3dev3pts3( from $%'.$6&.''(.7: 6ast login) 5at >ov '? $?)::)'& 58 '($( on 3dev3pts3( from $%'.$6&.':(.$$? #
186
A ! ;ser &anagemen"
Le"Bs say you as as a user, didnB" care "o see "he message o6 "he day, &(TD, displayed "o you every "ime you logged in"o "he sys"em7 )ell you can disable i"7 Hou disable i" ,i"h a special 6ile called 7hushlogin7 Hou place "his 6ile in "he home direc"ory o6 "he user you ,ish "o disable "his 6or7 Log o66 o6 "he sys"em ,i"h e:i", and log in as user Cus"in again7
18'
A ! ;ser &anagemen"
)hile in "he home direc"ory o6 "ha" user, +home+Cus"in, "ouch a 6ile called 7hushlogin7
Y p/d +home+Cus"in Y ls .l %hushl$#in 7hushlogin no" 6ound Y t$uch %hushl$#in Y ls .l %hushl$#in 8r,8r88r88 1 Cus"in s"a66 Y
<o,, "ha" "he 6ile is crea"ed, log ou", and "hen log bac5 in"o "he sys"em as "ha" user, Cus"in, again7
188
A ! ;ser &anagemen"
Type e:i", and "hen re8connec" "o "he sys"em again7 <o"e, no &(TD is displayed upon login7
A ! -ersion > Copyrigh" %& Corpora"ion, 11G2, 200D7 login2 ustin Cus"inTs 'ass,ord2 Y id uidQ202?Cus"inA gidQ1?s"a66A Y p/d +home+Cus"in Y
189
A ! ;ser &anagemen"
*:i" and login as roo" again7 Loo5 a" "he message displayed prior "o logging in"o "he sys"em7The /irs" line s"ar"ing ,i"h A !, and "he "hird one ending in login2 is 5no,n as "he herald message7 " is "he pre8login message displayed "o "he users ,hen "hey go "o log in"o "he sys"em, "he &(TD discussed earlier is "he pos" login message7
AIX Version 6 Copyright IBM Corporation, 1 !", "##$% login& root +ass,ord) ##### # # # # ##### # # ##### # # # # ##### # # # # #### # # # # # # # # #### ##### # # # # # # # # ##### # # # # # # # # # # #### #### # # # # # # #### ##### # # # # # # # # # # # #### # # # # # # # # #### # # ## # # # # # # # # ## # #
6ast unsuccessful login) =ri >ov '6 '')7')$% 58 '($( on 3dev3pts3( from $%'.$6&.''(.7: 6ast login) 5at >ov '? $6)$%)7? 58 '($( on 3dev3pts3$ from localhost #
190
A ! ;ser &anagemen"
There is a 6ile called +e"c+securi"y+login7c6g ,hich con"rols "he global login, no" user a""ribu"es o6 "he sys"em7 To change "he herald message you ,ould change "he parame"er in "his 6ile7
I cd *etc*securitH I p/d +e"c+securi"y I ls .l l$#in%c5# 8r,8r88888 1 roo" securi"y 44EG <ov 2D 1>220 login7c6g
I chsec .5 *etc*securitH*l$#in%c5# .s de5ault .a herald?BSelc$me t$ ,$mpanH =B,Vs =0T c$mputer sHstemWnAlease enter H$ur l$#in name: R I lssec .5 *etc*securitH*l$#in%c5# .s de5ault .a herald de6aul" heraldQS)elcome "o Company A%CTs A ! compu"er sys"eman'lease en"er your login name2 S I
191
A ! ;ser &anagemen"
Close your pu""y session, logging ou" o6 "he sys"em, and "hen log bac5 in"o "he sys"em as roo"2
.elcome to ompany A! *s AIX computer system +lease enter your login name) root root*s +ass,ord) ##### # # # # ##### # # ##### # # # # ##### # # # # #### # # # # # # # # #### ##### # # # # # # # # ##### # # # # # # # # # # #### #### # # # # # # #### ##### # # # # # # # # # # # #### # # # # # # # # #### # # ## # # # # # # # # ## # #
6ast unsuccessful login) =ri >ov '6 '')7')$% 58 '($( on 3dev3pts3( from $%'.$6&.''(.7: 6ast login) 5at >ov '? $6)$%)7? 58 '($( on 3dev3pts3$ from localhost #
192
A ! ;ser &anagemen"
<o, open a console+vir"ual "erminal session "o your sys"em via "he -&7 <o"ice "he login herald+pre8login message displayed 0 The old+de6aul" one7
193
A ! ;ser &anagemen"
)ha" did you no"ice9 The de6aul"+old herald message is s"ill being displayed ,hen you log in"o "he sys"em "his ,ay7 Also no"ice ho, i" says Console Login, as oppose "o Cus" Login as ,i"h "he o"her de6aul"+old herald message7 This "ells us "ha" "here are ",o di66eren" heralds, so ",o di66eren" se""ings, a console+vir"ual "erminal via -&, and a non8console+"elne" herald message7 To change "he console login herald message2
I cd *etc*securitH I p/d +e"c+securi"y I ls l l$#in%c5# 8r,8r88888 1 roo" securi"y 4>3D <ov 2D 1>23> login7c6g
I chsec .5 *etc*securitH*l$#in%c5# .s *de(*c$ns$le .a herald?BSelc$me t$ ,$mpanH =B,Vs =0T c$mputer sHstemWnAlease enter H$ur c$ns$le l$#in name:B I
A ! ;ser &anagemen"
195
A ! ;ser &anagemen"
6 you close your pu""y session and "hen open i" again, you ,ill see "ha" your o"her non8console herald message is s"ill presen"7
.elcome to ompany A! *s AIX computer system +lease enter your login name) root root*s +ass,ord) ##### # # # # ##### # # ##### # # # # ##### # # # # #### # # # # # # # # #### ##### # # # # # # # # ##### # # # # # # # # # # #### 'o console string displayed ##### # # # # # # # # # # # #### # # # # # # # # #### # # ## # # # # # # # # ## # #
#### # # # # # # ####
$ unsuccessful login attempt since last login. 6ast unsuccessful login) 5at >ov '? $6)77)77 58 '($( on 3dev3pts3' from $%'.$6&.''(.7: 6ast login) 5at >ov '? $6)96)9% 58 '($( on 3dev3pts3$ from $%'.$6&.''(.7: #
196
A ! ;ser &anagemen"
<o"ice bac5 in "he herald message login and pass,ord promp"s2
.elcome to ompany A! *s AIX computer system +lease enter your login name) root root(s +ass,ord)
<o"ice ho, "hey bo"h display "he userBs name7 Hou can disable "his in A !, "o "igh"en "he securi"y more o6 your sys"em7
19'
A ! ;ser &anagemen"
I cd *etc*securitH I p/d +e"c+securi"y I ls .l l$#in%c5# 8r,8r88888 1 roo" securi"y 444G <ov 2D 1G224 login7c6g
Close your pu""y session and "hen login again7 <o"ice ho, "he username is no" echoed7
.elcome to ompany A! *s AIX computer system +lease enter your login name) )ser name is not displayed *hen typed% ----*s +ass,ord) )ser name in pass*ord prompt is hidden% .elcome to my AIX system ##### # # # # ##### # # ##### # # # # ##### # # # # #### # # # # # # # # #### ##### # # # # # # # # ##### # # # # # # # # # # #### #### # # # # # # #### ##### # # # # # # # # # # # #### # # # # # # # # #### # # ## # # # # # # # # ## # #
6ast unsuccessful login) 5at >ov '? $6)77)77 58 '($( on 3dev3pts3' from $%'.$6&.''(.7: 6ast login) 5at >ov '? $&)'%)$? 58 '($( on 3dev3pts3? from $%'.$6&.''(.7:
198
A ! ;ser &anagemen"
Hou can change "he pass,ord promp" "o"ally as ,ell7
I cd *etc*securitH I p/d +e"c+securi"y I ls .l l$#in%c5# 8r,8r88888 1 roo" securi"y 44EG <ov 2D 1D2EE login7c6g
Logou", and "hen log bac5 in"o "he sys"em again ,i"h pu""y as roo"2
.elcome to ompany A! *s AIX computer system +lease enter your login name) +lease enter your user(s login pass*ord& .elcome to my AIX system ##### # # # # ##### # # ##### # # # # ##### # # # # #### # # # # # # # # #### ##### # # # # # # # # ##### # # # # # # # # # # #### #### # # # # # # #### ##### # # # # # # # # # # # #### # # # # # # # # #### # # ## # # # # # # # # ## # #
199
A ! ;ser &anagemen"
To change "he de6aul" G*C(s, userBs real li6e in6orma"ion, use "he 6ollo,ing command2
I 5in#er ustin Login name2 Cus"in Direc"ory2 +home+Cus"in <o 'lan7 I pass/d .5 ustin Cus"inTs curren" gecos2 SS Change ?yesA or ?noA9 X Hes To9XJustin Richard Bleistein I 5in#er ustin Login name2 Cus"in Direc"ory2 +home+Cus"in <o 'lan7 n real li6e2 #us"in $ichard %leis"ein Shell2 +usr+bin+5sh
Shell2 +usr+bin+5sh
200
A ! ;ser &anagemen"
As you may have no"iced in "he pas" mo"d discussion, "he 7hushlogin 6ile has a period in 6ron" o6 i"7 Tha"Bs because "his is a special 6ile7 /iles ,i"h a period in 6ron" o6 "hem are no" displayed ,i"h "he ls command unless "he 0a argumen" is used ,i"h i", or "he 6ile is re6erenced direc"ly7 This is 6or regular non8roo" users7
Y id uidQ202?Cus"inA gidQ1?s"a66A Y p/d +home+Cus"in Y ls Y ls .l "o"al 0 Y t$uch %classi5ied Y ls Y ls .l "o"al 0 Y ls .a 7 77 7classi6ied 7pro6ile 7shNhis"ory Y ls .la "o"al 1> dr,:r8:r8: 2 Cus"in s"a66 24> Sep 4 23210 7 dr,:r8:r8: 4 bin bin 24> Sep 4 2123D 77 8r,8r88r88 1 Cus"in s"a66 0 Sep 4 23210 7classi6ied 8r,:r88888 1 Cus"in s"a66 24E Sep 4 2123D 7pro6ile 8r,8888888 1 Cus"in s"a66 4G2 Sep 4 23210 7shNhis"ory Y
201
A ! ;ser &anagemen"
Hou may also have no"iced, "ha" "here are already ",o 6iles in your home direc"ory ,i"h periods in 6ron" o6 "hem7 These are special 6iles as ,ell7 They are pu" "here au"oma"ically by "he sys"em, ,hen "he user ,as crea"ed7 8 %pr$5ile Q This is a special 6ile 6or "he @orn shell7 This is called an ini"ialiFa"ion 6ile 6or "he shell7 Any code in "his 6ile ,ill be e:ecu"ed au"oma"ically ,hen you log in"o "he sys"em, s"ar"ing "his shell7 8 %shLhist$rH Q This 6ile ,ill 5eep a his"ory o6 all o6 your command his"ory ,hile using "his shell7 This 6ile is only valid, 6or your shell login session7
202
A ! ;ser &anagemen"
The 6ile +e"c+securi"y+user7 This 6ile con"ains "he de6aul" user a""ribu"es 6or ne, users, as ,ell as individual user a""ribu"es7
I ls .l *etc*securitH*user 8r,8r88888 1 roo" securi"y I R de6aul"2 admin Q 6alse login Q "rue su Q "rue daemon Q "rue rlogin Q "rue sugroups Q ALL admgroups Q ""ys Q ALL au"h1 Q SHST*& au"h2 Q <(<* "pa"h Q nosa5 umas5 Q 022 e:pires Q 0 SHST*& Q Scompa"S login"imes Q p,d,arn"ime Q 0 accoun"Nloc5ed Q 6alse loginre"ries Q 0 R7 7 10441 Sep > 00241 +e"c+securi"y+user
203
A ! ;ser &anagemen"
R snapp2 admin Q 6alse rlogin Q 6alse su Q 6alse SHST*& Q S<(<*S login Q "rue ""ys Q +dev+""y0 regis"ry Q 6iles dceNe:por" Q 6alse nuucp2 admin Q 6alse pconsole2 admin Q "rue login Q 6alse rcmds Q deny su Q 6alse Cus"in2 admin Q 6alse R
204
A ! ;ser &anagemen"
Le"Bs say you ,an"ed "o loc5 a user accoun"7 )ell you could ei"her go "hrough smi", or user "he 6ollo,ing command7
I chuser acc$untLl$c8ed?true ustin I
205
A ! ;ser &anagemen"
<o, log bac5 in as roo" unloc5 "he user accoun" ,i"h "he chuser command7
I chuser acc$untLl$c8ed?5alse ustin
206
A ! ;ser &anagemen"
To dele"e a user 6rom "he sys"em use "he rmuser 0p username command7
I id ustin uidQ202?Cus"inA gidQ1?s"a66A I rmuser .p ustin I id ustin ;ser no" 6ound in +e"c+pass,d 6ile I
A ! ;ser &anagemen"
To crea"e a group, use "he command m5group7
I ls#r$up d!a Group SdbaS does no" e:is"7 I m8#r$up d!a I I tail .1 *etc*#r$up dba2P22022 I ls#r$up d!a dba idQ202 adminQ6alse usersQ regis"ryQ6iles I
A ! ;ser &anagemen"
To dele"e "he group 6rom "he sys"em, use "he rmgroup command7
I ls#r$up d!a dba idQ202 adminQ6alse usersQ regis"ryQ6iles I rm#r$up d!a I ls#r$up d!a Group SdbaS does no" e:is"7 I tail .1 *etc*#r$up ipsec2P22002 I
Go bac5 "o "he previous slide I 20G, and re8crea"e "he user group7
209
A ! ;ser &anagemen"
'u" user Cus"in in"o "he group, ,i"h "he chuser command7
I id ustin uidQ203?Cus"inA gidQ1?s"a66A I chuser p#rp?d!a ustin I id ustin uidQ20E?Cus"inA gidQ202?dbaA groupsQ1?s"a66A I tail .1 *etc*pass/d Cus"in2O220E220222+home+Cus"in2+usr+bin+5sh I
6 you no"iced, "here are ",o group se""ings 6or a user in A !7 'rimary groups, and group se"7 )hen you crea"e a 6ile i" is o,ned by "he user ,ho crea"ed "he 6ile, and is pu" in "he primary group o6 "ha" user7 Hou could "emporarily s,i"ch "o any one o6 "he secondary groups lis"ed in "he group se" i6 you needed "o7 &ore on "his in "he securi"y sec"ion7
A ! %asic Sys"em Adminis"ra"ion 210
A ! ;ser &anagemen"
" may be necessary a" "imes "o send ,ha"Bs called a broadcas" message ou" "o all users curren"ly logged on"o "he sys"em7 Hou do "ha" by logging in as roo", and using "he ,all command7
I /all 7Hstem needs t$ c$me d$/n s$$n 5$r emer#encH maintenance %roadcas" message 6rom roo"_gvicai:1E ?p"s+1A a" 0122>214 777 Sys"em needs "o come do,n soon 6or emergency main"enance I
Log o66 "he sys"em ,i"h e:i", and login again as user Cus"in7
A ! %asic Sys"em Adminis"ra"ion 211
A ! ;ser &anagemen"
There ,ill be "imes ,hen you ,ill have "o s,i"ch be",een di66eren" users on "he sys"em7 /or ins"ance, you are curren"ly logged in as user Cus"in, and you ,an" "o s,i"ch "o being user roo", ,i"hou" comple"ely logging ou" o6 "he sys"em7 Hou can use "he su command 6or "his7 This command s"ands 6or S,i"ch ;ser7
Y id uidQ202?Cus"inA gidQ202?dbaA Y su r$$t roo"Ts 'ass,ord2 I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I
6 you "ype in "he ,hoami command, ,i"h no spaces, i" ,ill display "he user you suBd "o, curren"ly logged in as7 6 you "ype in "he ,ho am i command ,i"h spaces, i" ,ill display "he user you suBd 6rom7
I /h$ami roo" I /h$ am i Cus"in p"s+0 I
Sep D 22201
?11271>G722071A
212
A ! ;ser &anagemen"
<o"e, i6 you "ype in su, ,i"hou" a user name as an argumen" "he meaning o6 "he command changes 6rom S,i"ch ;ser, "o Super ;ser, and by de6aul" ,ill s,i"ch you "o roo", i6 o6 course, you 5no, "he pass,ord7 Type in e:i", "o ge" bac5 "o user Cus"in, and "his "ime "ype in su ,i"hou" a username argumen"2
I e)it Y id uidQ203?Cus"inA gidQ1?s"a66A Y su roo"Ts 'ass,ord2 I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I
213
A ! ;ser &anagemen"
<o"ice ,hen a normal, non8roo", user suBs "o ano"her user, no" Cus" roo", "ha" user is reMuired "o supply "he "arge" userBs pass,ord "o su "o "ha" "arge" user7
Y id uidQ20>?Cus"inA gidQ202?dbaA Y su r$$t roo"Ts 'ass,ord2 I
<o, su 6rom roo" "o "he user Cus"in7 <o"ice ho, you are no" promp"ed 6or Cus"inBs pass,ord7 This is because you are roo"7
I su ustin Y id uidQ20>?Cus"inA gidQ202?dbaA Y
Close "he pu""y applica"ion, and "hen log in"o "he sys"em again, as user roo"7
214
A ! ;ser &anagemen"
Hou can also su "o a user ,i"h a 8, hyphen7 This means "ha" "he user should pic5 up "he en"ire environmen"2 variables, e"c, o6 "he "arge" user7 Le"Bs say ,e appended "he 6ollo,ing "o Cus"inBs 7pro6ile 6ile2
I (i O ustin*%pr$5ile R 'AT.Q+usr+bin2+e"c2+usr+sbin2+usr+ucb2Y.(&*+bin2+usr+bin+!112+sbin27 e:por" 'AT. i6 U 8s SY&A LS V I This is a" Shell s"ar"up7 n normal "hen echo SY&A L&SGS I opera"ion, "he Shell chec5s 6i I periodically7 N6J?JKI ech$ BN6MMK S6M,K>6 -K I76R JI7-0<% JKI 7IV1 S0-N -N6 . =R&I>6<-B I
215
A ! ;ser &anagmen"
I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I su ustin Y id uidQ203?Cus"inA gidQ1?s"a66A Y ech$ @N6J Y e)it I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I su . ustin .*LL( )*LC(&* T( ;S*$ #;ST <7 H(; S;TD ) T. T.* 0 A$G;&*<T Y id uidQ203?Cus"inA gidQ1?s"a66A Y ech$ @N6J H(; Y e)it I
216
A ! ;ser &anagemen"
There is an audi" log o6 su a""emp"s, 6ailures, and successes ,hich are logged in "he 6ile +var+adm+sulog7 n "his 6ile "he charac"er ] indica"es "he su ,as success6ul7 n "his 6ile "he charac"er 0 indica"es "he su ,as unsucess6ul7 Log ou" o6 "he sys"em, and "hen log bac5 in as user Cus"in7 Then 6ail a" an a""emp" "o su "o roo", and "hen succeed7
Y id uidQ202?Cus"inA gidQ202?dbaA Y su . roo"Ts 'ass,ord2 Canno" su "o Sroo"S 2 Au"hen"ica"ion is denied7 Y su . roo"Ts 'ass,ord2 I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I
21'
A ! ;ser &anagemen"
I cd *(ar*adm I p/d +var+adm I ls .l sul$# 8r,8888888 1 roo" sys"em E20 Sep 11 10233 sulog
I tail .2 sul$# S; 01+11 10233 8 p"s+1 Cus"in8roo" S; 01+11 10233 ] p"s+1 Cus"in8roo" I
218
A ! ;ser &anagemen"
The 7plan 6ile ,hich you can pu" in "he userBs home direc"ory, +home+userNname+, by de6aul", presen"s an overall obCec"ive "o "he userBs e:is"ence on "ha" sys"em7
I 5in#er ustin Login name2 Cus"in n real li6e2 #us"in $ichard %leis"ein Direc"ory2 +home+Cus"in Shell2 +usr+bin+5sh <o 'lan7 I su . ustin Y id uidQ202?Cus"inA gidQ1?dbaA Y p/d +home+Cus"in Y ech$ BAarticipatin# in the de(el$pment $5 the s$5t/areVs mem$rH structureB C %plan Y ls .l %plan 8r,8r88r88 1 Cus"in dba >G <ov 2D 1>202 7plan Y cat %plan 'ar"icipa"ing in "he developmen" o6 "he so6",areTs memory s"ruc"ure Y e)it I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I 5in#er ustin Login name2 Cus"in n real li6e2 #us"in $ichard %leis"ein Direc"ory2 +home+Cus"in Shell2 +usr+bin+5sh 'lan2 Aarticipatin# in the de(el$pment $5 the s$5t/areVs mem$rH structure
219
A ! ;ser &anagemen"
The +home+user+7proCec" 6ile displays "he name o6 a proCec" "ha" "he user migh" be involved in, reMuiring "hem "o be de6ined on "his sys"em2
I 5in#er ustin Login name2 Cus"in Direc"ory2 +home+Cus"in 'lan2 n real li6e2 #us"in $ichard %leis"ein Shell2 +usr+bin+5sh
'ar"icipa"ing in "he developmen" o6 "he so6",areTs memory s"ruc"ure I su . ustin Y id uidQ202?Cus"inA gidQ1?dbaA Y p/d +home+Cus"in Y ech$ B7$5t/are 1e(el$pment phase G 1B C %pr$ ect Y ls .l %pr$ ect 8r,8r88r88 1 Cus"in dba 31 <ov 2D 1>204 7proCec" Y cat %pr$ ect So6",are Developmen" phase I 1 Y e)it I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I 5in#er ustin Login name2 Cus"in n real li6e2 #us"in $ichard %leis"ein Direc"ory2 +home+Cus"in Shell2 +usr+bin+5sh 'roCec"2 7$5t/are 1e(el$pment phase G 1 'lan2 'ar"icipa"ing in "he developmen" o6 "he so6",areTs memory s"ruc"ure
220
A ! ;ser &anagemen"
There ,ill be "imes ,hen you ,ish "o loc5 ou" a user accoun" in A !7 Hou can do "his ,i"h smi""y7 5no, ,e did "his be6ore, "his is Cus" "o ge" you used "o smi"7 As roo"7
I smittH users
221
A ! ;ser &anagemen"
Selec" "he user ,hose accoun" you ,ish "o loc5 ou"2
222
A ! ;ser &anagemen"
Change "o "rue, ,i"h "he WTA%X 5ey2
223
A ! ;ser &anagemen"
X;10C
A ! %asic Sys"em Adminis"ra"ion 224
A ! ;ser &anagemen"
6 you chec5 "he +usr+securi"y+user 6ile, you ,ill see "ha" Cus"inBs accoun"Nloc5ed parame"er has changed "o "rue2
I tail .10 *etc*securitH*user umas5 Q 22 de6aul"Nroles Q SysCon6ig regis"ry Q 6iles Cus"in2 admin Q 6alse acc$untLl$c8ed ? true G usrc8 .n ustin 30018>>2 ;ser Cus"in is loc5ed
.o,ever roo" can override "his because roo" can s"ill su "o "his accoun" Cus" 6ine2
I su . ustin Y id uidQ203?Cus"inA gidQ1?dbaA Y
225
A ! ;ser &anagemen"
A ! -ersion > Copyrigh" %& Corpora"ion, 11G2, 20107 login2 ustin Cus"inTs 'ass,ord2 3004.301 J$ur acc$unt has !een l$c8edY please see the sHstem administrat$r% To unloc5 "he accoun", go ahead and log bac5 in"o "he sys"em as roo" again7 This "ime le"Bs change "his userBs a""ribu"e via "he command line ra"her "han ,i"h smi"7 I chuser acc$untLl$c8ed?5alse ustin I tail *etc*securitH*user umas5 Q 22 de6aul"Nroles Q SysCon6ig regis"ry Q 6iles Cus"in2 admin Q 6alse acc$untLl$c8ed ? 5alse I I usrc8 n ustin I
<o, e:i", and a""emp" "o login as user Cus"in again7 This "ime you ,ill succeed7
A ! %asic Sys"em Adminis"ra"ion 226
A ! ;ser &anagemen"
The de6aul" userBs ;ni: shell in A !, is @orn7 To change "ha" you use "he pass,d command7 To de"ermine ,hich shell your user is curren"ly se" "o, display "he value o6 "he sys"em variable YS.*LL7
Y id uidQ202?Cus"inA gidQ1?dba Y ech$ @7N6MM +usr+bin+5sh Y
To change "he login shell, log ou", and "hen log bac5 in as "he roo" user7 (nce in as roo", chec5 "he pass,ord 6ile "o see ,ha" shell user Cus"in curren"ly has se" as his de6aul"7
I #rep .i ustin *etc*pass/d Cus"in2P22032122+home+Cus"in2+usr*!in*8sh I
22'
A ! ;ser &anagemen"
I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I pass/d .s ustin Curren" available shells2 +bin+sh +bin+bsh +bin+csh +bin+5sh +bin+"sh +bin+5sh13 +usr+bin+sh +usr+bin+bsh +usr+bin+csh +usr+bin+5sh +usr+bin+"sh +usr+bin+5sh13 +usr+bin+r5sh +usr+bin+r5sh13 +usr+sbin+uucp+uucico +usr+sbin+sliplogin +usr+sbin+snappd Cus"inTs curren" login shell2 +usr+bin+5sh Change ?yesA or ?noA9 X Hes To9X*!in*!sh A ! %asic Sys"em Adminis"ra"ion 228
A ! ;ser &anagemen"
I #rep .i ustin *etc*pass/d Cus"in2P22032122+home+Cus"in2*usr*!in*!sh I
Log ou", and "hen log bac5 in"o "he sys"em again as user2 Cus"in7 Hou ,ill see ho, "he de6aul" shell o6 "his user has changed 6rom @orn, "o %ourne2
Y id uidQ203?Cus"inA gidQ1?s"a66A Y ech$ @7N6MM +usr+bin+bsh Y
There is also a chsh command, ,hich ,ill accomplish "he same "hing7
229
A ! ;ser &anagemen"
;ni: has ",o buil"8in schedulers7 These schedulers allo, you "o se"up programs "o run a" any da"e, or "ime in "he 6u"ure una""ended7 The ",o schedulers are Cron, and A"7 The Cron scheduler is "he mos" ,idely used7 The Cron scheduler is implemen"ed by ,ay o6 a cron "able7 A Cron "able is a 6ile ,hich holds "he Cob+Cron con6igura"ion da"a7 %y con6igura"ion da"a, mean "he da"e, and "ime "he schedule+Cob ,ill run una""ended on "he sys"em7 *very user ,ho is au"horiFed "o use "he cron scheduler, ,ill have "heir o,n cron "able 6ile7
230
A ! ;ser &anagemen"
;serBs cron"abs are 5ep" in "he 6ile +var+spool+cron+cron"abs+ The roo" user has a cron"ab se"up by de6aul"7 Hou can see ,ha"Bs scheduled "o run via "he cron scheduler, by using "he command cron"ab 0l, ,hile logged
I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I I cr$nta! l R7 I0 3 O O O +usr+sbin+s5ul5er IE4 2 O O 0 +usr+lib+spell+compress IE4 23 O O O ulimi" 4000b +usr+lib+smdemon7cleanu X +dev+null 0 11 O O O +usr+bin+errclear 8d S,( 30 0 12 O O O +usr+bin+errclear 8d . 10 0 14 O O O +usr+lib+ras+dumpchec5 X+dev+null 2X=1 I SSA ,arning 2 Dele"ing "he ne:" ",o lines may cause errors in redundan" ISSA ,arning 2 hard,are "o go unde"ec"ed7 01 4 O O O +usr+lpp+diagnos"ics+bin+runNssaNela 1X+dev+null 2X+dev+null 0 O O O O +usr+lpp+diagnos"ics+bin+runNssaNheal"hchec5 1X+dev+null 2X+dev+null I SSA ,arning 2 Dele"ing "he ne:" line may allo, enclosure hard,are errors "o go unde"ec"ed
231
A ! ;ser &anagemen"
The 6ollo,ing is an e:ample o6 a cron"ab en"ry 0 2 3 2 0 +home+bob+program1 There are si: 6ields in a cron"ab con6igura"ion7 They are as 6ollo,s, 6rom le6" "o righ"7 1 0 The minu"e o6 "he hour "he Cob ,ill run 0 ?0841A 2 0 The hour o6 "he day "he Cob ,ill run 0 ?0823A 3 0 The day o6 "he mon"h "he Cob ,ill run 0 ?1831A E 0 The mon"h o6 "he year "he Cob ,ill run 0 ?1812A 4 0 The day o6 "he ,ee5 "he Cob ,ill run 0 ?08>A 0 Q Sunday7 > 0 Command+program "o run7 n our e:ample a" "he "op o6 "he page a program called program1 ,hich resides in "he direc"ory +home+bob, ,ill run a" 2am, on /ebruary 3rd, on Sunday7 Hou can also use an as"eric5, O, in a speci6ic 6ield "o deno"e, run every ,ha"ever7 The pound sign, I, ,ill disable "ha" Cob+program 6rom running via cron7
A ! %asic Sys"em Adminis"ra"ion 232
A ! ;ser &anagemen"
Se""ing "he *D T($ sys"em variable "o a speci6ic edi"or ,ill "ell "he cron"ab edi"or ,hich edi"or "o use "o edi" "he cron"ab7
I ls .l *usr*!in*(i 8r8:r8:r8: 4 bin bin 302D0> Sep D 222E1 +usr+bin+vi
I e)p$rt 610-KR?*usr*!in*(i I ech$ @610-KR +usr+bin+vi I date /ri Sep 11 102E021G *DT 2001 I I cr$nta! e Z 45 10 3 3 3 *usr*!in*sleep 60 [ I ps .e5 : #rep .i sleep roo" 3D2DE> 3E01D2 0 102E1223 p"s+0 0200 grep 8i sleep I
233
A ! ;ser &anagemen"
Hou can vie, "he s"a"us o6 a pas" cron Cob by vie,ing "he +var+adm+cron+log 6ile7
I ps .e5 : #rep .i sleep roo" 3D2D4E 1 0 102E4200 I cd *(ar*adm*cr$n I p/d +var+adm+cron I ls .l l$# 8r,8r,8r88 1 bin bin 32041 Sep 11 11200 log
I tail l$# roo" 2 C&D ? +usr+lpp+diagnos"ics+bin+runNssaNheal"hchec5 1X+dev+null 2X+de v+null A 2 ' D ? 3D2GD> A 2 /ri Sep 11 10200200 2001 Cron #ob ,i"h pid2 3D2GD> Success6ul roo" 2 C&D ? +usr+lpp+diagnos"ics+bin+runNssaNenclNheal"hchec5 1X+dev+null 2X+dev+null A 2 ' D ? 3D21E0 A 2 /ri Sep 11 10230200 2001 Cron #ob ,i"h pid2 3D21E0 Success6ul r$$t : ,>1 ( *usr*!in*sleep 1000 [ ) : A01 ( 3934'0 ) : ;ri 7ep 11 10:45:00 2009 ,r$n J$! /ith pid: 3934'0 7uccess5ul
234
A ! ;ser &anagemen"
Hou can also use "he a" scheduler "o run programs una""ended in ;ni:+A !7 The advan"age o6 using "he a" scheduler over cron, especially 6or on8"ime Cobs, is "ha" you do no" have "o clean up "he Cob 6rom any "ab 6ile, ,hen i"Bs comple"ed7
I date /ri Sep 11 11201241 *DT 2001 I at 11:11 t$daH sleep >0 Cob roo"71242>G1G>07a a" /ri Sep 11 11211200 2001 I at .l roo"71242>G1G>07a I R I ps .e5 : #rep .i sleep roo" 3132GE 3D2G3G 0 11211200 I at .l I 8 0200 sleep >0 /ri Sep 11 11211200 2001
235
A ! ;ser &anagemen"
A" Cobs s"a"usB are also logged "o "he +var+adm+cron+log 6ile7
I tail *(ar*adm*cr$n*l$# roo" 2 C&D ? +usr+lpp+diagnos"ics+bin+runNssaNenclNheal"hchec5 1X+dev+null 2X+dev+null A 2 ' D ? 3D21E0 A 2 /ri Sep 11 10230200 2001 Cron #ob ,i"h pid2 3D21E0 Success6ul roo" 2 C&D ? +usr+bin+sleep 1000 = A 2 ' D ? 313ED0 A 2 /ri Sep 11 102E4200 2001 Cron #ob ,i"h pid2 313ED0 Success6ul roo" 2 C&D ? +usr+bin+errclear 8d S,( 30 A 2 ' D ? 31324G A 2 /ri Sep 11 11 200200 2001 roo" 2 C&D ? +usr+lpp+diagnos"ics+bin+runNssaNheal"hchec5 1X+dev+null 2X+de v+null A 2 ' D ? E04>1E A 2 /ri Sep 11 11200200 2001 Cron #ob ,i"h pid2 E04>1E Success6ul Cron #ob ,i"h pid2 31324G Success6ul r$$t : ,>1 ( r$$t%1252681860%a ) : A01 ( 3'2838 ) : ;ri 7ep 11 11:11:00 2009 ,r$n J$! /ith pid: 3'2838 7uccess5ul I
236
A ! ;ser &anagemen"
The cron, and a" schedulers also have a basic securi"y mechanism7
8 The 6ile *(ar*adm*cr$n*cr$n%denH is used "o lis" users ,ho are no" au"horiFed "o use cron7 8 The 6ile *(ar*adm*cr$n*cr$n%all$/ is used "o lis" users ,ho are au"horiFed "o use cron7 8 The 6ile *(ar*adm*cr$n*at%denH is used "o lis" users ,ho are no" au"horiFed "o use a"7 8 The 6ile *(ar*adm*cr$n*at%all$/ is used "o lis" users ,ho are au"horiFed "o use a"7
23'
A ! ;ser &anagemen"
;ser in6orma"ion is usually 5ep" local on "he A ! sys"em "hey are logging on"o, including "heir pass,ords7 Hou can use a 6ea"ure ,hich comes ,i"h A ! called < S, <e",or5 n6orma"ion Services, or Hello, 'ages7 This is a s"andard ,hich allo,s you "o have a cen"ral place "o loo5 up users, pass,ords, and o"her in6orma"ion7 This is a nice al"erna"ive "o managing "his in6orma"ion individually 6or each sys"em7 Sudo is an (pen Source "ool you can ins"all, ,hich ,ill allo, a regular user "o gain roo" privilege ,i"h "he regular userBs pass,ord7 A ! also has roles, $%AC, ,hich can be used "o easily "o dis"ribu"e sys"em privileges, and "as5s "o di66eren" users7
238
239
I shutd$/n
S.;TD()< '$(G$A& Tue Apr 1D 012202E> CDT 200D %roadcas" message 6rom roo"_h1 ?""yA a" 012202E> 777 shu"do,n2 'L*AS* L(G (// <() PPP All processes ,ill be 5illed in 1 minu"e7 %roadcas" message 6rom roo"_h1 ?p"s+0A a" 012212E> 777 shu"do,n2 T.* SHST*& S %* <G S.;T D()< <() )ai" 6or T.al" comple"ed777T be6ore s"opping7 *rror repor"ing has s"opped7 Advanced Accoun"ing has s"opped777 'rocess accoun"ing has s"opped7 n6sNclean2 S"opping </S+< S Daemons 0413800E The Subsys"em or Group, n6sd, is curren"ly inopera"ive7 041380EE The biod Subsys"em ,as reMues"ed "o s"op7 041380EE The rpc7loc5d Subsys"em ,as reMues"ed "o s"op7 041380EE The rpc7s"a"d Subsys"em ,as reMues"ed "o s"op7
240
241
242
%roadcas" message 6rom roo"_h1 ?p"s+0A a" 012E021> 777 shu"do,n2 T.* SHST*& S %* <G S.;T D()< <() shu"do,n 85 is 6inished7 The sys"em is s"ill up7 I
243
<o"e2 The JechoK command is used in ;ni: shell scrip"ing+programming7 )e donB" cover "ha" "opic in "his course7
A ! %asic Sys"em Adminis"ra"ion 244
<o"e2 The hal" command can also shu"do,n a sys"em, and "he reboo" command can also res"ar" "he sys"em7
A ! %asic Sys"em Adminis"ra"ion 245
246
24'
<o"e2 The JsleepK command is used in ;ni: shell scrip"ing+programming7 )e donB" cover "ha" "opic in "his course7
A ! %asic Sys"em Adminis"ra"ion 248
249
Sep 04 1D20G
250
<o"e, you could also use "he chi"ab command "o change "he con"en"s o6 an ini""ab en"ry7
A ! %asic Sys"em Adminis"ra"ion 251
252
253
R
case B@1B in st$p) ech$ Bscript 1 e)ecuted $n shutd$/nB C *(ar*script1%shutd$/n%$utYsleep 60YY start) ech$ Bscript 1 e)ecuted $n startupB C *(ar*script1%startup%$utYsleep 60YY 3) ech$ B0n(alid Kpti$n%%BYY esac
254
255
256
@,pars
S00c"Nboo"
SD1i"caTivoliCommonAgen"0 S11dbrc75sh
I ln .s *etc*rc%d*init%d*script2%8sh 71script2%8sh I ln .s *etc*rc%d*init%d*script1%8sh 72script1%8sh I ln .s *etc*rc%d*init%d*script3%8sh 73script3%8sh I ls .l "o"al 1> lr,:r,:r,: 1 roo" sys"em 4> <ov 2E 21222 @D1i"caTivoliCommonAgen"0 8X +var+op"+"ivoli+ep+run"ime+nons"op+bin+nons"opservice7sh lr,:r,:r,: 1 roo" sys"em 24 <ov 24 22221 @11dbrc75sh 8X +e"c+rc7d+ini"7d+dbrc75sh 8r8:888888 1 roo" sys"em 2E31 <ov 2E 1G201 @,pars 8r,:r8:r8: 1 roo" sys"em 1D4 <ov 2E 2122E S00c"Nboo" lr,:r,:r,: 1 roo" sys"em 2G <ov 24 2321D S1scrip"275sh 8X +e"c+rc7d+ini"7d+scrip"275sh lr,:r,:r,: 1 roo" sys"em 2G <ov 24 2321D S2scrip"175sh 8X +e"c+rc7d+ini"7d+scrip"175sh lr,:r,:r,: 1 roo" sys"em 2G <ov 24 2321D S3scrip"375sh 8X +e"c+rc7d+ini"7d+scrip"375sh lr,:r,:r,: 1 roo" sys"em 4> <ov 2E 21222 SD1i"caTivoliCommonAgen"0 8X +var+op"+"ivoli+ep+run"ime+nons"op+bin+nons"opservice7sh lr,:r,:r,: 1 roo" sys"em 24 <ov 24 22221 S11dbrc75sh 8X +e"c+rc7d+ini"7d+dbrc75sh I
25'
258
259
Scrip"27s"ar"up ,as se" "o e:ecu"e 6irs" on sys"em s"ar"up7 Scrip"17s"ar"up ,as se" "o e:ecu"e second on sys"em s"ar"up7 Scrip"37s"ar"up ,as se" "o e:ecu"e "hird+las" on sys"em s"ar"up7
I ls .l *(ar*3startup3 8r,8r88r88 1 roo" sys"em 8r,8r88r88 1 roo" sys"em 8r,8r88r88 1 roo" sys"em I 21 Dec 01 1422E +var+scrip"17s"ar"up7ou" ?2A 21 Dec 01 14223 +var+scrip"27s"ar"up7ou" ?1A 21 Dec 01 14224 +var+scrip"37s"ar"up7ou" ?3A
260
261
/ilesys"ems
262
/ilesys"em De"ails
/ilesys"ems are a mechanism "o manage 6iles, and direc"ories on an L-7 #/S 0 #ournaled /ile Sys"em7 /ilesys"ems are crea"ed on "op o6 logical volumes There are ",o "ypes o6 6ilesys"ems ,hich come ,i"h A !2 #/S, and #/S27 0 ?#/S2 ,as in"roduced in A ! version 471A7 )hen you ins"all "he A ! %(S on a >E8bi" sys"em+L'A$, #/S2 6ilesys"em are au"oma"ically crea"ed 6or "he sys"em7 /ilesys"em da"a is Cournaled 6or a #/S, and #/S2 6ilesys"em using a #/S, or #/S2 log respec"ively7 $ecommend using smi""y "o crea"e 6ilesys"ems 0 many, many argumen"s "o "he cr6s command Smi""y allo,s crea"ion 6rom a logical volume or crea"ion o6 6s and lv a" same "ime Supports compressed filesystems
263
/ilesys"em De"ails
Note: default creation of filesystem is to not mount at system restart n "he ne,es" version o6 A ! >71, 6ilesys"ems can be encryp"ed 6or securi"y7 A ! comes ,i"h a user space Muo"a sys"em ,hich you implemen" a" "he user, and 6ilesys"em level "o assis" in en6orcing space cons"rain"s7 There are snapsho" u"ili"ies available in A !, 6or Muic5 bac5ups o6 6ilesys"em da"a7 /ilesys"ems can be accessed by more "hen one node+server, a" a "ime on a shared dis5 sub8sys"em in a clus"ered environmen" using "he %& produc" G'/S 0 General 'arallel /ile Sys"em7
264
/ilesys"em De"ails
The di66erences be",een #/S?1A, and #/S2 6ilesys"ems7 &a:imum 6ile siFe 6or #/S is 88X >E gig7 &a:imum 6ile siFe 6or #/S2 is 88X 1 '% &a:imum 6ilesys"em siFe 6or #/S is 88X 1 T%7 &a:imum 6ilesys"em siFe 6or #/S2 is 88X E '% &a:imum number o6 inodes 6or #/S is 88X /i:ed, se" manually a" 6ilesys"em crea"ion7 &a:imum number o6 inodes 6or #/S2 is 88X Dynamic7 Limi"ed by dis5 space capaci"y7
265
/ilesys"ems
The de6aul" logical volumes, and 6ilesys"ems crea"ed on "he sys"em are as 6ollo,s7 These 6ilesys"ems are needed "o run "he sys"em7
hd1 +home hd2 +usr hd3 +"mp hd4 + 8 ?roo"A hd9(ar +var hd10$pt +op" hd11admin +admin *pr$c +proc
The 6ilesys"ems above, since "hey are ins"alled by de6aul" ,i"h "he opera"ing sys"em, are nic5 named JThe % G GK7
I d5 .# /ilesys"em G% bloc5s /ree ^;sed used ^ used &oun"ed on +dev+hdE 117>2 1712 GE^ 434>D 11^ + +dev+hd2 13712 1714 24^ EE123 2^ +usr +dev+hd1var 073G 0721 EE^ 1GG11 2G^ +var +dev+hd3 373G 373D 1^ DG 1^ +"mp +dev+hd1 30700 37>G GG^ G14E> 10^ +home +dev+hd11admin 0712 0712 1^ 4 1^ +admin +proc 8 8 8 8 8 +proc +dev+hd10op" 2700 07DD >2^ 33134 1>^ +op"
266
/ilesys"ems
There are also logical volumes ,hich are crea"ed by de6aul" ,i"h "he opera"ing sys"em7 These logical volumes, are called ra, logical volumes because "here are no 6ilesys"ems on "op o6 "hem7 The sys"em uses "hem direc"ly7 hd5 0 The boo" logical volume7 )here "he boo" code resides7 hd6 0 The de6aul" sys"em dump device, and sys"em paging space7 <o"e2 )hen you ins"all a sys"em ,hich is X E Gig o6 physical memory, "he sys"em ,ill au"oma"ically crea"e "he paging space device lgNdumplv "o hold sys"em dumps7 hd8 0 The de6aul" #/S or #/S2 log logical volumes7 )here "he logical volume resides7
26'
/ilesys"ems
To vie, 6ilesys"ems ,hich are curren"ly moun"ed on "he sys"em "ype in "he moun" command7 This command ,ill also sho, you ,ha" "ype o6 6ilesys"em i" is, #/S, or #/S2, "he da"e and "ime i" ,as moun"ed, and "he logical volume i"Bs using "o Cournal i"Bs changes7
I m$unt node moun"ed moun"ed over v6s da"e op"ions 88888888 888888888888888 888888888888888 888888 888888888888 888888888888888 +dev+hdE + C6s2 <ov 2> 1123E r,,logQ+dev+hdG +dev+hd2 +usr C6s2 <ov 2> 1123E r,,logQ+dev+hdG +dev+hd1var +var C6s2 <ov 2> 1123E r,,logQ+dev+hdG +dev+hd3 +"mp C6s2 <ov 2> 1123E r,,logQ+dev+hdG +dev+hd1 +home C6s2 <ov 2> 11234 r,,logQ+dev+hdG +dev+hd11admin +admin C6s2 <ov 2> 11234 r,,logQ+dev+hdG +proc +proc proc6s <ov 2> 11234 r, +dev+hd10op" +op" C6s2 <ov 2> 11234 r,,logQ+dev+hdG I
268
269
A ! Logical -olume &anager 0 L-& So6",are level managemen" in"er6ace ,hich provides a me"hod o6 managing dis5s in order "o "urn "hem in"o usable s"orage on A !7 n"egra"ed in A ! archi"ec"ure7 <o subseMuen" licenses, or ins"alla"ions reMuired7 Can add+dele"e+modi6y logical volumes ,hile sys"em is up and running Can add+remove mirroring ,hile up and running Suppor"s $A D 0 ] 1 ?mirroring and s"ripingA 'rovides a rich se" o6 commands "o manage
2'0
2'2
2'3
2'4
2'5
2'6
T(TAL ''s /$** ''s /$** D ST$ %;T (< 3G> 124770477007712G7712G
2''
2'8
2'9
280
281
ac"ive
<o"e, <one ne:" "o "he hard dis5 means "ha" i" is no" curren"ly a member o6 a volume group7
282
Hou ,ill have "o ma5e "ha" hdis5 a member o6 a vg, "urn i" in"o a physical volume, be6ore you can use i"7
283
This is lis"ed in megaby"es7 So "hese dis5s are 10 gig, and 4 gig respec"ively7
284
285
286
28'
288
289
290
291
<o,, do "he reverse ari"hme"ic opera"ion "o see ho, big "his logical volume is in meg 0 ?$emember 1,000 meg Q 1 gigA7
I !c 500 3 4 2000 4uit I
292
293
294
295
TH'* L's ''s '-s L- STAT* &(;<T '( <T C6s2 400 400 1 closed+syncd +my6s1 C6s2log 1 1 1 closed+syncd <+A -/S SiFe C6s2 E01>000 r, (p"ions no Au"o
296
29'
I m$unt node moun"ed moun"ed over v6s da"e op"ions 88888888 888888888888888 888888888888888 888888 888888888888 888888888888888 +dev+hdE + C6s2 Sep 01 0022D r,,logQ+dev+hdG +dev+hd2 +usr C6s2 Sep 01 0022D r,,logQ+dev+hdG +dev+hd1var +var C6s2 Sep 01 0022G r,,logQ+dev+hdG +dev+hd3 +"mp C6s2 Sep 01 0022G r,,logQ+dev+hdG +dev+hd1 +home C6s2 Sep 01 0022G r,,logQ+dev+hdG +dev+hd11admin +admin C6s2 <ov 2> 11234 r,,logQ+dev+hdG +proc +proc proc6s Sep 01 0022G r, +dev+hd10op" +op" C6s2 Sep 01 0022G r,,logQ+dev+hdG +dev+mylv1 +my6s1 C6s2 Sep 01 1E201 r,,logQ+dev+loglv00 I
298
299
300
<o"ice ho, "here is "he value o6 6alse, ne:" "o moun"7 This means "ha" "he 6ilesys"em ,ill no" be moun"ed au"oma"ically on sys"em reboo"7 )e can also see "his via "he ls6s command7
A ! %asic Sys"em Adminis"ra"ion 301
(p"ions yes
Au"o
302
303
304
305
TH'* C6s2log 1
L's 1
306
TH'*
L's
''s
'-s L- STAT*
30'
308
309
310
311
TH'* L's ''s '-s L- STAT* &(;<T '( <T C6s2log 1 1 1 open+syncd <+A C6s2 400 400 1 open+syncd +my6s1
<o"e, ,hen you crea"e an enhanced, #/S2, 6ilesys"em and le" A ! crea"e "he lv, i" ,ill au"oma"ically selec" "he name 6slvII, as "he name o6 "he lv7 )hen you crea"e a #/S1 6ilesys"em and le" A ! crea"e "he lv, i" ,ill au"oma"ically selec" "he name lvII, as "he name o6 "he lv7
A ! %asic Sys"em Adminis"ra"ion 312
/$** ''s2
I d5 .m *mH5s1 /ilesys"em &% bloc5s /ree ^;sed +dev+6slv00 2000700 111173D 1^ I ch5s .a si\e?250> *mH5s1 /ilesys"em siFe changed "o E1204D> I d5 .m *mH5s1 /ilesys"em &% bloc5s /ree ^;sed +dev+6slv00 2012700 201173D 1^ I
313
314
315
To impor" "he volume group again, ei"her on "he same, or di66eren" A ! sys"em, use "he 6ollo,ing7
I imp$rt(# .H (# hdis82 vg I m$unt all moun"2 +dev+hd1 on +home2 Device busy moun"2 +proc on +proc2 Device busy moun"2 +dev+hd10op" on +op"2 Device busy I d5 .# *mH5s1 /ilesys"em G% bloc5s /ree ^;sed +dev+6slv00 171> 171> 1^ E used ^ used &oun"ed on 1^ +my6s1
316
31'
T(TAL ''s /$** ''s /$** D ST$ %;T (< 3G> 124770477007712G7712G /$** ''s2 3G> ?30GG megaby"esA ac"ive
ac"ive ac"ive
T(TAL ''s /$** ''s /$** D ST$ %;T (< 3G> 124770477007712G7712G 12D1 24>7724>772447724>7724>
318
319
320
D ST$ %;T (< &(;<T '( <T 2 2 007700770277007700 +var 4 4 007700770477007700 +"mp 2 2 007700770277007700 +home 12 12 007700771277007700 +op" 3 3 037700770077007700 <+A >E >E 0077>E770077007700 <+A 1 1 007700770177007700 <+A 3 3 007700770377007700 + 2 2 007702770077007700 +admin 1>1 1>1 007700771>177007700 +usr 1 1 007701770077007700 <+A
L's
''s
321
322
323
T(TAL ''s /$** ''s /$** D ST$ %;T (< 3G> 124770477007712G7712G 12D1 24>7724>772447724>7724>
T(TAL ''s /$** ''s /$** D ST$ %;T (< 3G> 124770477007712G7712G /$** ''s2 3G> ?30GG megaby"esA
324
I e)tend(# r$$t(# hdis81 I lsp( hdis50 00c11G601D211ded hdis51 00c11G6004a16abb hdis52 00c11G601DG021Gb I ls(# .l r$$t(# roo"vg2 L- <A&* TH'* hd4 boo" 3 hd> paging >E hdG C6s2log 1 hdE C6s2 3 hd2 C6s2 1>1 hd1var C6s2 2 hd3 C6s2 4 hd1 C6s2 2 hd11admin 2 2 hd10op" C6s2 12
ac"ive ac"ive
L's ''s '-s L- STAT* 3 1 closed+syncd <+A >E 1 open+syncd <+A 1 1 open+syncd <+A 3 1 open+syncd + 1>1 1 open+syncd +usr 2 1 open+syncd +var 4 1 open+syncd +"mp 2 1 open+syncd +home 007702770077007700 +admin 12 1 open+syncd +op"
325
326
L's ''s '-s L- STAT* > 2 closed+syncd <+A 12G 2 open+syncd <+A 2 2 open+syncd <+A > 2 open+syncd + 322 2 open+syncd +usr E 2 open+syncd +var 10 2 open+syncd +"mp E 2 open+syncd +home 007702770077007700 +admin 2E 2 open+syncd +op"
32'
<o,, change "he boo"lis", so hdis51, ,here ,e mirrored "o, ,ill be "he dis5 "he sys"em boo"s o66 o6 during ne:" reboo"7
I !$$tlist .m n$rmal .$ hdis50 blvQhd4 hdis51 blvQhd4 I !$$tlist .m n$rmal hdis81 I !$$tlist .m n$rmal .$ hdis51 blvQhd4 I
328
329
330
L's ''s '-s L- STAT* &(;<T '( <T > 2 closed+syncd <+A 12G 2 open+syncd <+A 2 2 open+syncd <+A > 2 open+syncd + 322 2 open+syncd +usr E 2 open+syncd +var 10 2 open+syncd +"mp E 2 open+syncd +home 2 1 open+syncd +admin 2E 2 open+syncd +op"
I unmirr$r(# r$$t(# 041>812E> rmlvcopy2 6 hd4 is "he boo" logical volume, please run Tchpv 8c Wdis5nameXT as roo" user "o clear "he boo" record and avoid a po"en"ial boo" o66 an old boo" image "ha" may reside on "he dis5 6rom ,hich "his logical volume is moved+removed7 041>81G0E chvg2 The Muorum change "a5es e66ec" immedia"ely7 041>811EE unmirrorvg2 roo"vg success6ully unmirrored, user should per6orm bosboo" o6 sys"em "o reini"ialiFe boo" records7 Then, user mus" modi6y boo"lis" "o Cus" include2 hdis507 I
331
332
L's ''s '-s L- STAT* &(;<T '( <T 3 1 closed+syncd <+A >E 1 open+syncd <+A 1 1 open+syncd <+A 3 1 open+syncd + 1>1 1 open+syncd +usr 2 1 open+syncd +var 4 1 open+syncd +"mp 2 1 open+syncd +home 2 1 open+syncd +admin 12 1 open+syncd +op"
333
A ! /ile &anagemen"
334
A ! /ile &anagemen"
Some"imes i" is desirable "o pac5 mul"iple 6iles in"o one 6ile, ,hich ac"s as a pac5age7 The "ar command crea"es an archived pac5age 6ile ,hich consis"s o6 mul"iple 6iles, and+or direc"ories7 These archived pac5ages are 5no,n as "ar8balls7 TA$ s"ands 6or TApe a$chive7 Crea"e a direc"ory in +"mp called Cun5, and crea"e mul"iple 6iles, a subdirec"ory and 6iles under "ha" subdirec"ory2
Y m8dir *tmp* un8 Y cd *tmp* un8 Y t$uch 5ilea 5ile! 5ilec 5iled 5ilee @ m8dir *tmp* un8*dira @ t$uch *tmp* un8*dira*5ile5 @ t$uch *tmp* un8*dira*5ile#
335
A ! /ile &anagemen"
Y cd *tmp* un8 Y p/d +"mp+Cun5 Y ls .l "o"al 2E dr,:r8:r8: 8r,8r88r88 8r,8r88r88 8r,8r88r88 8r,8r88r88 8r,8r88r88
2 Cus"in s"a66 1 Cus"in s"a66 1 Cus"in s"a66 1 Cus"in s"a66 1 Cus"in s"a66 1 Cus"in s"a66
24> <ov 2E 1122E dira 0 <ov 2E 11222 6ilea 0 <ov 2E 11222 6ileb 0 <ov 2E 11222 6ilec 0 <ov 2E 11222 6iled 0 <ov 2E 11222 6ilee
Y tar .c(5 *tmp*5iles%tar *tmp* un8*3 a +"mp+Cun5+dira a +"mp+Cun5+dira+6ile6 0 bloc5s7 a +"mp+Cun5+dira+6ileg 0 bloc5s7 a +"mp+Cun5+6ilea 0 bloc5s7 a +"mp+Cun5+6ileb 0 bloc5s7 a +"mp+Cun5+6ilec 0 bloc5s7 a +"mp+Cun5+6iled 0 bloc5s7 a +"mp+Cun5+6ilee 0 bloc5s7 a +"mp+Cun5+6iles7"ar 20 bloc5s7
336
A ! /ile &anagemen"
Y ls .l *tmp*5iles%tar 8r,8r88r88 1 Cus"in s"a66 Y 20EG0 <ov 2E 1122> +"mp+6iles7"ar
33'
A ! /ile &anagemen"
Y ls .ld *tmp*5iles%tar 8r,8r88r88 1 Cus"in s"a66 20EG0 <ov 2E 1122> +"mp+6iles7"ar Y tar .)(5 *tmp*5iles%tar : +"mp+Cun5+dira : +"mp+Cun5+dira+6ile6, 0 by"es, 0 media bloc5s7 : +"mp+Cun5+dira+6ileg, 0 by"es, 0 media bloc5s7 : +"mp+Cun5+6ilea, 0 by"es, 0 media bloc5s7 : +"mp+Cun5+6ileb, 0 by"es, 0 media bloc5s7 : +"mp+Cun5+6ilec, 0 by"es, 0 media bloc5s7 : +"mp+Cun5+6iled, 0 by"es, 0 media bloc5s7 : +"mp+Cun5+6ilee, 0 by"es, 0 media bloc5s7 : +"mp+Cun5+6iles7"ar, 102E0 by"es, 20 media bloc5s7 Y ls .ld *tmp* un8 dr,:r8:r8: 3 Cus"in s"a66 Y ls .lR *tmp* un8 "o"al 2E dr,:r8:r8: 2 Cus"in s"a66 8r,8r88r88 1 Cus"in s"a66 8r,8r88r88 1 Cus"in s"a66 8r,8r88r88 1 Cus"in s"a66 8r,8r88r88 1 Cus"in s"a66 8r,8r88r88 1 Cus"in s"a66 8r,8r88r88 1 Cus"in s"a66 +"mp+Cun5+dira2 "o"al 0 8r,8r88r88 1 Cus"in s"a66 8r,8r88r88 1 Cus"in s"a66 24> <ov 2E 1122G +"mp+Cun5 24> <ov 2E 1122E dira 0 <ov 2E 11222 6ilea 0 <ov 2E 11222 6ileb 0 <ov 2E 11222 6ilec 0 <ov 2E 11222 6iled 0 <ov 2E 11222 6ilee 102E0 <ov 2E 11222 6iles7"ar 0 <ov 2E 11223 6ile6 0 <ov 2E 1122E 6ileg
338
A ! /ile &anagemen"
Hou can e:"rac" only a speci6ic 6ile 6rom your archive "ar8ball2
Y rm *tmp* un8*5ilea Y ls .l *tmp* un8*5ilea ls2 0>4383E1 The 6ile +"mp+Cun5+6ilea does no" e:is"7 Y tar .)(5 5iles%tar *tmp* un8*5ilea : +"mp+Cun5+6ilea, 0 by"es, 0 media bloc5s7 Y ls .l *tmp* un8*5ilea 8r,8r88r88 1 Cus"in s"a66 Y 0 <ov 2E 11222 +"mp+Cun5+6ilea
339
A ! /ile &anagemen"
To add "o "he con"en"s o6 a "ar8ball ,hich already e:is"s2
Y tar .t(5 *tmp*5iles%tar dr,:r8:r8: 202 1 0 <ov 2E 1122E201 2010 +"mp+Cun5+dira+ 8r,8r88r88 202 1 0 <ov 2E 11223244 2010 +"mp+Cun5+dira+6ile6 8r,8r88r88 202 1 0 <ov 2E 1122E201 2010 +"mp+Cun5+dira+6ileg 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilea 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ileb 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilec 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6iled 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilee 8r,8r88r88 202 1 102E0 <ov 2E 11222232 2010 +"mp+Cun5+6iles7"ar Y t$uch *tmp*;0M6= *tmp*;0M6B Y tar .r(5 *tmp*5iles%tar *tmp*;0M6= *tmp*;0M6B a +"mp+/ L*A 0 bloc5s7 a +"mp+/ L*% 0 bloc5s7 Y tar .t(5 *tmp*5iles%tar dr,:r8:r8: 202 1 0 <ov 2E 1122E201 2010 +"mp+Cun5+dira+ 8r,8r88r88 202 1 0 <ov 2E 11223244 2010 +"mp+Cun5+dira+6ile6 8r,8r88r88 202 1 0 <ov 2E 1122E201 2010 +"mp+Cun5+dira+6ileg 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilea 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ileb 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilec 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6iled 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilee 8r,8r88r88 202 1 102E0 <ov 2E 11222232 2010 +"mp+Cun5+6iles7"ar 8r,8r88r88 202 1 0 <ov 2E 112E1221 2010 +"mp+/ L*A 8r,8r88r88 202 1 0 <ov 2E 112E1221 2010 +"mp+/ L*% Y
340
A ! /ile &anagemen"
Hou can also use "he "ar command "o move 6iles, and subdirec"ories be",een sys"ems, e"c7 <o"e, "he na"ive "ar command in A ! can only cra"e "ar8ball archives ,hich are G gig in siFe7 To ge" around "his you can do,nload a 6ree version called g"ar, ,hich can crea"e "ar8ball archives ,hich are grea"er "han G gig in siFe7
341
A ! /ile &anagemen"
Hou can compress 6iles in ;ni: ,i"h "he compress command
Y p/d +"mp Y ls .l 5iles%tar 8r,8r88r88 1 Cus"in s"a66 20480 <ov 2E 112E1 6iles7"ar
Y c$mpress 5iles%tar Y ls .l 5iles%tar ls2 0>4383E1 The 6ile 6iles7"ar does no" e:is"7 Y ls .l 5iles%tar%] 8r,8r88r88 1 Cus"in s"a66 GG> <ov 2E 112E1 6iles7"ar7c
Y tar .)(5 5iles%tar%] "ar2 041181>1 A direc"ory chec5sum error on mediab 0 no" eMual "o >11407
<o"e, "he compress command au"oma"ically appends a 7c e:"ension "o "he end o6 "he 6ile i" compresses7
A ! %asic Sys"em Adminis"ra"ion 342
A ! /ile &anagemen"
To uncompress a 6ile you use "he, you guessed i", uncompress comand2
Y ls .l 5iles%tar%] 8r,8r88r88 1 Cus"in s"a66 Y unc$mpress 5iles%tar%] Y ls .l 5iles%tar 8r,8r88r88 1 Cus"in s"a66 886 <ov 2E 112E1 6iles7"ar7c
Y tar t(5 5iles%tar dr,:r8:r8: 202 1 0 <ov 2E 1122E201 2010 +"mp+Cun5+dira+ 8r,8r88r88 202 1 0 <ov 2E 11223244 2010 +"mp+Cun5+dira+6ile6 8r,8r88r88 202 1 0 <ov 2E 1122E201 2010 +"mp+Cun5+dira+6ileg 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilea 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ileb 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilec 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6iled 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilee 8r,8r88r88 202 1 102E0 <ov 2E 11222232 2010 +"mp+Cun5+6iles7"ar 8r,8r88r88 202 1 0 <ov 2E 112E1221 2010 +"mp+/ L*A 8r,8r88r88 202 1 0 <ov 2E 112E1221 2010 +"mp+/ L*% Y
<o"e "he uncompress command ,ill au"oma"ically remove "he 7c e:"ension o6 a 6ile i" uncompresses7
A ! %asic Sys"em Adminis"ra"ion 343
A ! /ile &anagemen"
There is ano"her command ,hich handles compression7 " is called gFip7
Y ls .l 5iles%tar 8r,8r88r88 1 Cus"in s"a66 Y #\ip 5iles%tar Y ls .l 5iles%tar%#\ 8r,8r88r88 1 Cus"in s"a66
Y tar .t(5 5iles%tar%#\ "ar2 041181>E There is a media read or ,ri"e bloc5 siFe error7 Y
The gFip command ,ill append "he 6ile e:"ension 7gF "o any 6iles i" compresses7 <o"e, "he gFip command achieves a be""er compression ra"io "han "he compress command7
A ! %asic Sys"em Adminis"ra"ion 344
A ! /ile &anagemen"
To uncompress any 6ile you compressed ,i"h "he gFip command, you use "he gunFip command2
Y ls .l 5iles%tar%#\ 8r,8r88r88 1 Cus"in s"a66 Y #un\ip 5iles%tar%#\ Y ls .l 5iles%tar 8r,8r88r88 1 Cus"in s"a66 3'9 <ov 2E 112E1 6iles7"ar7gF
Y tar .t(5 5iles%tar dr,:r8:r8: 202 1 0 <ov 2E 1122E201 2010 +"mp+Cun5+dira+ 8r,8r88r88 202 1 0 <ov 2E 11223244 2010 +"mp+Cun5+dira+6ile6 8r,8r88r88 202 1 0 <ov 2E 1122E201 2010 +"mp+Cun5+dira+6ileg 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilea 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ileb 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilec 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6iled 8r,8r88r88 202 1 0 <ov 2E 1122222E 2010 +"mp+Cun5+6ilee 8r,8r88r88 202 1 102E0 <ov 2E 11222232 2010 +"mp+Cun5+6iles7"ar 8r,8r88r88 202 1 0 <ov 2E 112E1221 2010 +"mp+/ L*A 8r,8r88r88 202 1 0 <ov 2E 112E1221 2010 +"mp+/ L*% Y
<o"ice ho, "he gunFip command removes "he 7gF 6ile e:"ension 6rom "he 6ile you uncompressed7
A ! %asic Sys"em Adminis"ra"ion 345
A ! /ile &anagemen"
The chec5sum o6 a 6ile can serve as bo"h a securi"y measure and an in"egri"y chec5 6or 6iles7 There are "hree sum commands available in A !2 sum 0 T,o numbers genera"ed7 (ne is a 1>8bi" chec5sum7 The o"her is ho, many 102E8by"e bloc5s "he 6ile occupies7 c8sum8 T,o numbers are genera"ed7 (ne is a 328bi" chec5sum, C$C 0 Cyclic $edundancy Chec57 The o"her is "he number o6 by"es "he 6ile occupies7 csum 0 md4 chec5sum7 The mos" reliable7
346
A ! /ile &anagemen"
Y sum *tmp*5iles%tar 44402 20 +"mp+6iles7"ar Y sum *tmp*5iles%tar 44402 20 +"mp+6iles7"ar Y
34'
A ! /ile &anagmen"
Changing "he con"en"s o6 a 6ile in any,ay ,ill change "he chec5sum2 'revious2 44402
@ ech$ BB CC *tmp*5iles%tar @ sum *tmp*5iles%tar 2''61 21 *tmp*5iles%tar
20
'revious2 3b42DcED11E1bGGb41>e>44a>b2e3ED>
@ csum *tmp*5iles%tar 298332556403aeddd5e0!44a'0dc55ed *tmp*5iles%tar @
348
A ! /ile &anagemen"
The ;ni: 6ile command per6orms a series o6 "es"s on an obCec", and de"ermines "he "ype2 6iles, direc"ory, "e:" 6ile, e:ecu"able, e"c2
Y 5ile *tmp +"mp2 direc"ory Y 5ile *tmp*5iles%tar +"mp+6iles7"ar2 "ar archive Y 5ile *usr*!in*cat +usr+bin+ca"2 e:ecu"able ?$ SC Sys"em+>000A or obCec" module Y 5ile *tmp* un8*5ilea +"mp+Cun5+6ilea2 emp"y Y Y 5ile *etc*h$sts +e"c+hos"s2 ascii "e:" Y
349
A ! /ile &anagemen"
Compu"er science re6resher o6 ho, space is calcula"ed7 %y"e scale2 8 8 8 8 8 8 8 8 8 8 Bits Q 1 %y"e 19000 BHtes Q 1 @iloby"e 19000 +il$!Htes Q 1 &egaby"e 19000 >e#a!Htes Q 1 Gigaby"e 19000 &i#a!Htes Q 1 Teraby"e 19000 -era!Htes Q 1 'e"aby"e 19000 Aeta!Htes Q 1 *:aby"e 19000 6)a!Htes Q 1 ce""aby"e 19000 ]etta!Htes ? 1 Ho""aby"e
350
A ! /ile &anagemen"
Hou can crea"e emp"y 6iles o6 a cer"ain siFe in A !7 The command is called lm5"emp7 To crea"e a 10 meg 6ile called "es"6ile in +"mp2
I p/d +"mp I lm8temp test5ile 10m "es"6ile I ls .l test5ile 8r,8r88r88 1 roo" sys"em 10EG4D>0 <ov 21 11212 "es"6ile
351
A ! /ile &anagemen"
To display "he siFe o6 a 6ile or direc"ory use "he du command7
352
A ! /ile &anagemen"
To vie, "he siFe o6 an en"ire direc"ory, you can use "he du command agains" a direc"ory as ,ell as a 6ile7
I p/d +"mp I m8dir 5iles I cd 5iles I p/d +"mp+6iles I m( test5ile 5iles I m( test5ile2 5iles I ls .l 5iles "o"al 20>GEGG 8r,8r88r88 1 roo" sys"em 10EG4D>0 <ov 21 11223 "es"6ile 8r,8r88r88 1 roo" sys"em 10EG4D>000 <ov 21 11223 "es"6ile2 I I du .m 5iles 1010700 6iles I du .# 5iles 0711 6iles I rm r 5iles
353
354
355
356
35'
358
359
360
361
362
<o"ice ho, "he column Ac"ive, and Au"o have "he value o6 no 6or "his ne,ly crea"ed paging space, paging007 To ac"iva"e "he paging space use "he s,apon command2
I s/ap$n *de(*pa#in#00 I lsps .s To"al 'aging Space 'ercen" ;sed 1ED2&% 1^ I lsps .a 'age Space 'hysical -olume -olume Group SiFe ^;sed Ac"ive Au"o Type Ch5sum paging00 hdis50 roo"vg 1>0&% 1 yes no lv 0 hd> hdis50 roo"vg 412&% 2 yes yes lv 0 I
363
364
365
366
I cat *etc*s/apspaces O +e"c+s,apspaces O O This 6ile lis"s all "he paging spaces "ha" are au"oma"ically pu" in"o O service on each sys"em res"ar" ?"he Ts,apon 8aT command e:ecu"ed 6rom O +e"c+rc s,aps on every device lis"ed hereA7 O O )A$< <G2 (nly paging space devices should be lis"ed here7 O O This 6ile is modi6ied by "he chps, m5ps and rmps commands and re6erenced O by "he lsps and s,apon commands7 hd>2 dev Q +dev+hd> au"o Q yes chec5sumNsiFe Q 0 pa#in#00: de( ? *de(*pa#in#00 aut$ ? n$ chec8sumLsi\e ? 0
36'
368
Hou can manually enable all paging spaces ,i"h "he command2
I s,ap$n .a 041D80D4 s,apon2 'aging device +dev+hd> is already ac"ive7 s,apon2 'aging device +dev+paging00 ac"iva"ed7 I I lsps .s To"al 'aging Space 'ercen" ;sed 1ED2&% 1^ I lsps .a 'age Space 'hysical -olume -olume Group SiFe ^;sed Ac"ive Au"o Type Ch5sum paging00 hdis50 roo"vg 1>0&% 1 yes yes lv 0 hd> hdis50 roo"vg 412&% 2 yes yes lv 0 I
369
3'0
3'1
3'2
3'3
3'4
3'6
Due "o "he 6ac" "ha" our sys"ems in "his lab are all under E gig o6 memory+$A&, ,e do no" have a dedica"ed dump device 6or "he running 5ernel "o dump "o7 n "he even" o6 a sys"em dump+panic, i" ,ill dump "o +dev+hd>, ,hich is also "he de6aul" paging space logical volume device7 <o"e2 A sys"em dump in A ! version >71, and above ,ill al,ays resul" in a compressed sys"em dump7 Hou canno" disable compression any longer7
3''
3'8
3'9
A6"er "he sys"em dumps "he memory "o "he dump device, "he sys"em ,ill au"oma"ically reboo" i"sel67
I uptime 1020>'& up 1 user, load average2 07>3, 0720, 070D I /h$ .! 7 sys"em boo" <ov 2> 22204 I sHsdumpde( .M 0E438031 Device name2 +dev+hd> &aCor device number2 10 &inor device number2 2 SiFe2 >D11400G by"es ;ncompressed SiFe2 >EEE2E24> by"es Da"e+Time2 /ri <ov 2> 22201243 CST 2010 Dump s"a"us2 0 Type o6 dump2 "radi"ional dump comple"ed success6ully Dump copy 6ilename2 +var+adm+ras+vmcore707%c I cd *(ar*adm*ras I ls .l (mc$re3 8r,8888888 1 roo" sys"em >D11400G <ov 2> 2220E vmcore707%c I
380
381
/ree ^;sed used ^ used &oun"ed on 17E1 1G^ 1G>0 D3^ +var
382
383
384
385
386
38'
388
389
390
391
392
393
394
395
396
39'
398
399
400
401
402
403
404
406
40'
<o, "he 5db promp" changes because ,e are no, loo5ing a" C'; 1 0 The second C';7
408
nvalid cpu E number <o"ice ho, moving "o C'; E errored7 )hy9 )ell le"Bs e:i" 5db and 6ind ou"7 @db is e:i"ed ,i"h "he e:i" command2
?3AX e)it I
409
410
411
412
?0AX
413
pvproc]01G000 1>Osysdumps ACT -* 0>000%* 0DE00DE 0000000G1CD%CEG0 0 0001 <A&*7777777 sysdumps"ar" STAT*777777 s"a" 20D 7777 :s"a" 20000 /LAGS777777 6lag 200200001 L(AD *!*C*D 77777777777 6lag2 200000000 77777777777 6lag3 200000000 77777777777 a"omic 200000000 77777777777 sec6lag20001 $((T L <@S777777 child 20000000000000000 77777777777 siblings 20000000000000000 77777777777 uidin6o 200000000022A2D>G 77777777777 ganchor 2/1000/0A0001G000 Wpvproc]01G000X T.$*AD77777 "hreadlis" 2/1000/0A1001G>00 Wpv"hread]01G>00X D S'ATC.777 synch 2//////////////// AACCT777777 proCid 200000000 77777777777 sproCid 200000000 77777777777 subproC 20000000000000000 77777777777 6ile id 20000000000000000 0000000000000000 00000000 77777777777 5cid 200000000 77777777777 6lags 20000
414
415
416
The processor penal"y is an in"eger "ha" is calcula"ed 6rom "he recen" processor usage o6 a "hread The recen" processor usage increases by appro:ima"ely 1 each "ime "he "hread is in con"rol o6 "he processor a" "he end o6 a 10 ms cloc5 "ic5, up "o a ma:imum value o6 1207 (nce per second, "he recen" processor usage values 6or all "hreads are recalcula"ed7
420
421
422
423
The problem ,i"h "he 6oreground is "ha" you ,ill have "o ,ai" un"il i" comple"es be6ore you gain con"rol o6 your "erminal again7 To "hro, some"hing in "he bac5ground pu" an ampersand 8 = a" "he end o6 i"7 This ,ay you can move on "o o"her "hings, ,hile "his is running7
I sleep 5 [ U1V DE04D32 I I U1V ] Done I sleep 4 =
424
I sleep 1000 [ U1V 3D34D40 I $!s U1V ] $unning I $!s .l U1V ] 3D34D40 $unning sleep 1000 = sleep 1000 =
I ps .e5 : #rep .i sleep roo" 3D34D40 4G1G2>2 0 0123323G p"s+0 0200 sleep 1000 I
425
To send your process "o "he bac5ground+s"opping i" go ahead and hi" C(<T$(L]c
^]U1V ] S"opped ?S GTST'A sleep 1000 = sleep 1000 = I $!s .l U1V ] 3D34D40 S"opped ?S GTST'A I
426
42'
428
<o, loo5 a" "he second number in "he above ps 0e6 ou"pu", ,hich is "he "hird column over7 Tha" is "he '' D 0 'aren" 'rocess D7 This is "he process ,ho is a paren" o6 "he process running 0 sleep7 Sleep is "he child "o 221E01E7 <o, le"Bs see ,ha" 221E01E is9
I ps .e5 : #rep .i 2294014 : #rep .i( #rep roo" 221E01E >GG134E 1 122EG2E1 p"s+1 0200 85sh roo" EGE1DD2 221E01E 0 1E20121> p"s+1 0200 ps 8e6 roo" >021312 221E01E 0 13241231 p"s+1 0200 sleep 1000 I
" is "he @orn shell process "ha" you logging on"o "he sys"em launched7
429
Tha" ,ill "ermina"e your pu""y connec"ion "o "he sys"em because "ha" is your login session+@orn shell7 Log bac5 in"o "he sys"em as roo", and you ,ill no, see "ha" sleep process has been adop"ed by i"Bs grandparen" 0 ini" ' D 17
I ps .e5 : #rep .i 6029312 roo" >021312 1 0 13241231 I
430
431
432
sleep 4 =
<o"e ho, you received "he ,arning above "ha" Cobs are curren"ly running under your user name7 gnore "ha" and "ype in e:i" a second "ime, maybe a "hird "ime as ,ell7
I e)it I e)it
Connec"ion Closed7
A ! %asic Sys"em Adminis"ra"ion 433
<o"e ho, "he process died even "hough 10000 seconds isnB" up ye"7 Hou can "ell "he sys"em no" "o 5ill "he process Cus" because you as "he user ,ho s"ar"ed i" logged ou" o6 "he sys"em2
I n$hup sleep 10000[ U1V >GG13>E I Sending nohup ou"pu" "o nohup7ou"7 I ps .e5 : #rep .i sleep roo" >GG13>E D0DG00> 0 1E223211 p"s+0 0200 sleep 10000 I Cobs U1V ] $unning nohup sleep 10000= I
434
This command au"oma"ically crea"es a nohup7ou" 6ile, Cus" in case any ou"pu" is genera"ed2
I ls .l n$hup%$ut 8r,8888888 1 roo" sys"em 0 Dec 03 1E223 nohup7ou"
435
436
440
441
442
443
444
445
446
44'
G sleep 10000 [ U1V DE04>EG G ps .e5 : #rep .i sleep roo" DE04>EG 221E01E 0 13202232 p"s+1 0200 sleep 10000 G
448
sys"em sys"em sys"em sys"em sys"em sys"em sys"em sys"em sys"em sys"em sys"em sys"em sys"em sys"em
0 Dec 03 13203 as 12G Dec 03 13203 cred 0 Dec 03 13203 c"l 0 Dec 03 1021E c,d 8X + 0 Dec 03 13203 6d 0 Dec 03 13203 l,p 0 Dec 03 13203 map 0 Dec 03 13203 mmap 0 Dec 03 13203 obCec" EEG Dec 03 13203 psin6o 0 Dec 03 1021E roo" 8X + 122GG Dec 03 13203 sigac" 1420 Dec 03 13203 s"a"us 0 Dec 03 13203 sysen"
449
0 Dec 03 1320E l,pc"l 120 Dec 03 1320E l,psin6o 1200 Dec 03 1320E l,ps"a"us
450
I ps .e5 : #rep .i sleep roo" DE04>EG 221E01E 0 13202232 p"s+1 0200 sleep 10000 I 8ill .9 '405648 I ps .e5 : #rep .i sleep U1V ] @illed sleep 10000 = I ls .ld *pr$c*'405648 ls2 0>4383E1 The 6ile +proc+DE04>EG does no" e:is"7 I
451
452
'D 33E2E>2
I st$psrc .s inetd 041380EE The +usr+sbin+ine"d Subsys"em ,as reMues"ed "o s"op7 I ps .e5 : #rep .i inetd I lssrc .s inetd Subsys"em Group ine"d "cpip I
453
I startsrc .s inetd 04138041 The ine"d Subsys"em has been s"ar"ed7 Subsys"em ' D is 222G3G>7 I ps .e5 : #rep .i inetd roo" 222G3G> E>432EE 4 0020G23D 8 0200 +usr+sbin+ine"d roo" D0DG01> >1>0E40 2 0020G2E0 p"s+0 0200 grep 8i ine"d I lssrc .s inetd Subsys"em Group ine"d "cpip I 'D 222G3G> S"a"us ac"ive
454
I lssrc .# n5s Subsys"em Group 'D S"a"us biod n6s 3>0ED1> ac"ive n6sd n6s E1G01D> ac"ive rpc7moun"d n6s 40E>E>E ac"ive rpc7s"a"d n6s 42E304E ac"ive rpc7loc5d n6s 430G4GE ac"ive n6srgyd n6s inopera"ive gssd n6s inopera"ive
455
456
45'
'D 222G3G>
S"a"us ac"ive
I re5resh .s inetd l04138014 The reMues" 6or subsys"em re6resh ,as comple"ed success6ully7 I
458
Devices
459
Devices
*very"hing in A !+;ni: is a 6ile, including devices7 *very device on "he sys"em is accessed via a special device 6ile7 The special device 6iles reside in "he +dev direc"ory, ,hich is under "he roo" 0 hdE par"i"ion+lv in "he roo"vg vg7 The special device 6iles in "he +dev direc"ory maybe "he access poin"s "o "hese devices 6or "he o+s commands, bu" "he ac"ual device a""ribu"es are 5ep" in "he sys"emBs (D& 0 (bCec" Da"a &anager7 The (D& is a special proprie"ary da"abase ,hich is main"ained by "he opera"ing sys"em7 "Bs uniMue "o A !7 Some people even compare i" "o "he $egis"ry on &icroso6" )indo,s opera"ing sys"ems 0 no" Mui"eP The (D& is s"ored in ",o places on "he sys"em, +e"c+obCrepos, and +usr+lib+obCrepos7
A ! %asic Sys"em Adminis"ra"ion 460
Devices
The (D& con"ains "he 6ollo,ing in6orma"ion2 17A Device a""ribu"es 27A L-& in6orma"ion 37A So6",are inven"ory in6orma"ion E7A S& T menu con6igura"ion
The (D& is very cri"ical "o "he overall opera"ion o6 "he sys"em7 6 "he (D& 6ails, or is removed 6rom "he sys"em, "ha" could render "he ,hole sys"em unusable, and i" could crash, and no" be able "o reboo"7
461
Devices
Ta5e a loo5 a" "he (D& 6iles7 These 6iles are called classes7 Tha"Bs abou" as 6ar as ,eBll be diving in"o "he (D& in "his class7
I ls *etc*$! rep$s AT&N'-C DA-ars 'dA" con6igNloc5 CDiagA"" DS&(p"ions 'dA"7vc cryp"oNmodule CDiagA""7vc DS&(p"ions7vc 'dA"!"d cryp"oNmodule7vc CDiagDev DS&enu 'dA"!"d7vc errno"i6y Con6igN$ules /$;% 'dCn his"ory CuA" /$;%NS$C 'dDv his"ory7vc CuA"7vc /$;s 'dDv7vc inven"ory CuDa"a /$;sNsrc 'd'a"hA" inven"ory7vc CuDa"a7vc &enuGoal 'd'a"hA"7vc lpp R I ls *usr*li!*$! rep$s 7sna7anyne"7soc5sna76ailNins"all ! <';T7vc CC cryp"oNmodule CC7vc cryp"oNmodule7vc DS&(p"ions 6i: DS&(p"ions7vc 6i:7vc DS&enu 6i:Nloc5 /(<T his"ory /(<T7vc his"ory7vc GA inven"ory R
462
Devices
As ,eBve men"ioned prior *very"hing in ;ni: is a 6ile7 Special ;ni: 6ilenames 6or common devices are as 6ollo,s2 *de(*5dG 8 /or dis5e""e drive devices7 *de(*cdG 8 /or CD8$(&+D-D drive devices7 *de(*hdis8G 8 /or hard dis5 devices 0 including SA< dis5 L;<S7 *de(*entG 0 /or physical e"herne" < C adap"er7 &ac address seen 6rom here7 *de(*enG 8 /or logical e"herne" < C in"er6ace 0 ? ' ge"s con6igured on "hisA7 *de(*5csG 8 /or /ibre channel device+.%A in"er6ace7 ))< is seen 6rom here7 *de(*5scsiG 8 /or e"herne" 6ibre channel device+.%A adap"er7 SA< s,i"ch lin5 s"a"us seen 6rom here7 *de(*c$ns$le 0 /or sys"em console7 *de(*pr$cG 8 /or C';, processor7 *de(*rmtG 8 /or "ape drive devices 0 including SA< "ape drives7 *de(*mem0 0 Sys"em real+good memory+$A&7
463
Devices
I ls .ld *de( dr,:r,:r8: 4 roo" sys"em E01> Dec 01 00200 +dev
I ls *de( 7S$C8uni: hd11admin mem p"ypD rhd3 sysdump6ile ""ypb 'LNroo"vg hd2 null p"ypG rhdE sysdumpnull ""ypc S$C hd3 nuls p"yp1 rhd4 ""y ""ypd NNvg10 hdE nvram p"ypa rhd> ""yp0 ""ype audi" hd4 pmem p"ypb rhdG ""yp1 ""yp6 clone hd> p"c p"ypc rhd1var ""yp2 urandom console hdG p"s p"ypd rhdis50 ""yp3 vio0 echo hd1var p"yp0 p"ype roo"vg ""ypE vscsi0 error hdis50 p"yp1 p"yp6 sad ""yp4 v"y0 errorc"l iplNblv p"yp2 random s6,0 ""yp> :"i 6scsi0 ipldevice p"yp3 rhd1 slog ""ypD Fero 6scsi1 iscsi0 p"ypE rhd10op" sp: ""ypG hd1 5mem p"yp4 rhd11admin sysdump ""yp1 hd10op" log p"yp> rhd2 sysdumpc"l ""ypa
464
Devices
*very device has a maCor and minor number7 n"ernally ,ha" "hey do is "he maCor number re6ers "o "he device driver, and "he minor number re6ers "o "he speci6ic ins"ance o6 "he device7 All devices ,i"h "he same maCor numbers ,ill re6er "o "he same device driver7 /or ins"ance all de6aul" sys"em logical volumes+hdBs ,ill have "he same maCor number7
I ls .l *de( "o"al E0 dr,:r,:888 2 roo" sys"em E01> <ov 30 23240 7S$C8uni: cr,8r,8888 1 roo" sys"em 10, 0 <ov 2E 22240 'LNroo"vg sr,:r,:r,: 1 roo" sys"em 0 <ov 30 10231 S$C cr,8888888 1 roo" sys"em 10, 0 <ov 30 10231 NNvg10 cr88r8888T 1 roo" sys"em G, 0 <ov 2E 222ED audi" cr,8r,8r,8 1 roo" sys"em 12, 0 <ov 2E 222ED clone cr,88,88,8 1 roo" sys"em E, 0 <ov 2E 222ED console cr,8r,8r,8 1 roo" sys"em 12, 24 <ov 2E 22241 echo cr,88,88,8 1 roo" sys"em >, 0 <ov 30 14200 error cr,8888888 1 roo" sys"em >, 1 <ov 2E 222ED errorc"l cr,8r,8r,8 1 roo" sys"em 1D, 0 <ov 2E 222ED 6scsi0 cr,8r,8r,8 1 roo" sys"em 1D, 1 <ov 2E 222ED 6scsi1 br,8r,8888 1 roo" sys"em 10, G <ov 2E 222E1 hd1 br,8r,8888 1 roo" sys"em 10, 1 <ov 2E 222E1 hd10op" br,8r,8888 1 roo" sys"em 10, 10 <ov 2E 222E1 hd11admin br,8r,8888 1 roo" sys"em 10, 4 <ov 2E 222E1 hd2 br,8r,8888 1 roo" sys"em 10, D <ov 2E 222E1 hd3 R
465
Devices
To lis" all hard dis5s on your sys"em, "his includes SA< dis5 L;<S, "ype in "he 6ollo,ing2
I lsde( .,c dis8 hdis50 Available -ir"ual SCS Dis5 Drive I
466
Devices
To lis" sys"em processors "ype in "he 6ollo,ing2
I lsde( .,c pr$cess$r proc0 Available 00800 'rocessor I
46'
Devices
To lis" all e"herne" in"er6aces on your sys"em2
I lsde( .,c i5 en0 Available S"andard *"herne" <e",or5 n"er6ace en1 De6ined S"andard *"herne" <e",or5 n"er6ace e"0 De6ined *** G0273 *"herne" <e",or5 n"er6ace e"1 De6ined *** G0273 *"herne" <e",or5 n"er6ace lo0 Available Loopbac5 <e",or5 n"er6ace I
468
Devices
To lis" all physical devices on your sys"em2
I lsde( .,c adapter en"0 Available Logical .os" *"herne" 'or" ?lp8heaA en"1 Available -ir"ual +( *"herne" Adap"er ?l8lanA 6cs0 Available C48T1 -ir"ual /ibre Channel Clien" Adap"er 6cs1 Available C>8T1 -ir"ual /ibre Channel Clien" Adap"er lhea0 Available Logical .os" *"herne" Adap"er ?l8heaA vsa0 Available L'A$ -ir"ual Serial Adap"er vscsi0 Available -ir"ual SCS Clien" Adap"er I
469
Devices
To lis" "he memory+$A& ins"alled on your sys"em2
I lsde( .,c mem$rH L2cache0 Available L2 Cache mem0 Available &emory I
4'0
Devices
To lis" a""ribu"es o6 a device "ype in "he lsa""r 0*l dev, command7
I lsde( .,c dis8 hdis50 Available -ir"ual SCS Dis5 Drive hdis51 Available -ir"ual SCS Dis5 Drive hdis52 Available -ir"ual SCS Dis5 Drive I lsattr .6l hdis80 'C& 'C&+6riend+vscsi 'a"h Con"rol &odule /alse algori"hm 6ailNover Algori"hm True hchec5Ncmd "es"Nuni"Nrdy .eal"h Chec5 Command True hchec5Nin"erval 0 .eal"h Chec5 n"erval True hchec5Nmode nonac"ive .eal"h Chec5 &ode True ma:N"rans6er 0:E0000 &a:imum T$A<S/*$ SiFe True pvid 00c11G601>G2>EE00000000000000000 'hysical volume iden"i6ier /alse MueueNdep"h 3 `ueue D*'T. True reserveNpolicy noNreserve $eserve 'olicy True I
A "rue ne:" "o "he device a""ribu"e indica"es "ha" "his a""ribu"e can be changed ,i"h "he chdev 0a a""rQvalue 0l device command7 A 6alse ne:" "o "he device a""ribu"e indica"es "ha" "his a""ribu"e canno" be changed7
A ! %asic Sys"em Adminis"ra"ion 4'1
Devices
To lis" "he a""ribu"es o6 your sys"em processor+C';2
I lsattr .6l pr$c0 6reMuency 3000000000 'rocessor Speed /alse sm"Nenabled "rue 'rocessor S&T enabled /alse sm"N"hreads E 'rocessor S&T "hreads /alse s"a"e enable 'rocessor s"a"e /alse "ype 'o,er'CN'()*$D 'rocessor "ype /alse I
4'2
Devices
To lis" a""ribu"es o6 your e"herne" in"er6aces2
I lsde( .,c i5 en0 Available S"andard *"herne" <e",or5 n"er6ace en1 De6ined S"andard *"herne" <e",or5 n"er6ace e"0 De6ined *** G0273 *"herne" <e",or5 n"er6ace e"1 De6ined *** G0273 *"herne" <e",or5 n"er6ace lo0 Available Loopbac5 <e",or5 n"er6ace I lsa""r 8*l en0 aliasE 'vE Alias including Subne" &as5 True alias> 'v> Alias including 're6i: Leng"h True arp on Address $esolu"ion 'ro"ocol ?A$'A True au"hori"y Au"horiFed ;sers True broadcas" %roadcas" Address True m"u 1400 &a:imum ' 'ac5e" SiFe 6or This Device True ne"addr 11271>G72E07123 n"erne" Address True ne"addr> 'v> n"erne" Address True ne"mas5 2447244724470 Subne" &as5 True pre6i:len 're6i: Leng"h 6or 'v> n"erne" Address True remm"u 4D> &a:imum ' 'ac5e" SiFe 6or $*&(T* <e",or5s True r6c1323 *nable+Disable TC' $/C 1323 )indo, Scaling True securi"y none Securi"y Level True s"a"e up Curren" n"er6ace S"a"us True "cpNmssd6l" Se" TC' &a:imum Segmen" SiFe True "cpNnodelay *nable+Disable TC'N<(D*LAH (p"ion True "cpNrecvspace Se" Soc5e" %u66er Space 6or $eceiving True "cpNsendspace Se" Soc5e" %u66er Space 6or Sending True I
4'3
Devices
To lis" a""ribu"es o6 your e"herne" adap"ers2
I lsattr .6l ent0 al"Naddr 0:000000000000 Al"erna"e *"herne" address True 6lo,Nc"rl no $eMues" Transmi" and $eceive /lo, Con"rol True CumboN6rames no $eMues" Transmi" and $eceive #umbo /rames True largeNreceive yes *nable receive TC' segmen" aggrega"ion True largeNsend yes *nable hard,are Transmi" TC' segmen"a"ion True mediaNspeed Au"oN<ego"ia"ion $eMues"ed media speed True mul"icore yes *nable &ul"i8Core Scaling True r:Nc5sum yes *nable hard,are $eceive chec5sum True r:Nc5sumNerrd yes Discard $! pac5e"s ,i"h chec5sum errors True r:Nclsc 1G *nable $eceive in"errup" coalescing True r:NclscNusec 14 $eceive in"errup" coalescing ,indo, True r:Ncoalesce 1> $eceive pac5e" coalescing True r:NM1Nnum G112 <umber o6 $eceive Mueue 1 )`*s True r:NM2Nnum E01> <umber o6 $eceive Mueue 2 )`*s True r:NM3Nnum 20EG <umber o6 $eceive Mueue 3 )`*s True ":Nc5sum yes *nable hard,are Transmi" chec5sum True ":Nisb yes ;se Transmi" n"er6ace Speci6ic %u66ers True ":NMNnum 412 <umber o6 Transmi" )`*s True ":NMueNsF G112 So6",are "ransmi" Mueue siFe True useNal"Naddr no *nable al"erna"e *"herne" address True I A ! %asic Sys"em Adminis"ra"ion 4'4
Devices
To lis" a""ribu"es o6 your 6ibre channel adap"er+.%A2
I lsattr .6l 5cs0 in"rNpriori"y 3 n"errup" priori"y /alse lgN"ermNdma 0:G00000 Long "erm D&A True ma:N:6erNsiFe 0:100000 &a:imum Trans6er SiFe True numNcmdNelems 200 &a:imum <umber o6 C(&&A<D *lemen"s True s,N6cNclass 2 /C Class 6or /abric True I
4'5
Devices
To lis" a""ribu"es o6 your 6ibre channel in"er6ace2
I lsattr .6l 5scsi0 a""ach none .o, "his adap"er is C(<<*CT*D /alse dyn"r5 yes Dynamic Trac5ing o6 /C Devices True 6cNerrNrecov 6as"N6ail /C /abric *ven" *rror $*C(-*$H 'olicy True scsiNid Adap"er SCS D /alse s,N6cNclass 3 /C Class 6or /abric True I
4'6
Devices
To lis" "he a""ribu"es o6 your memory2
I lsattr .6l mem0 en"NmemNcap +( memory en"i"lemen" in @by"es /alse goodsiFe 102E Amoun" o6 usable physical memory in &by"es /alse memNe:pN6ac"or &emory e:pansion 6ac"or /alse siFe 102E To"al amoun" o6 physical memory in &by"es /alse varNmemN,eigh" -ariable memory capaci"y ,eigh" /alse I
4''
Devices
To lis" a speci6ic device a""ribu"e2
I lsattr .6l hdis80 .a A,> 'C& 'C&+6riend+vscsi 'a"h Con"rol &odule /alse I I lsattr .6l ent0 .a mediaLspeed mediaNspeed Au"oN<ego"ia"ion $eMues"ed media speed True I
4'8
Devices
To display "he legal, possible values 6or an a""ribu"e "ype in "he 6ollo,ing2
I lsattr .Rl ent0 .a mediaLspeed 10N/ullNDuple: 100N/ullNDuple: 1000N/ullNDuple: 10000N/ullNDuple: Au"oN<ego"ia"ion
4'9
Devices
To display "he 6ac"ory de6aul" se""ing o6 a device a""ribu"e2
I lsattr .1l ent0 .a mediaLspeed mediaNspeed Au"oN<ego"ia"ion $eMues"ed media speed True I
480
Devices
The value o6 /alse ne:" "o a device a""ribu"e indica"es "ha" "his device a""ribu"e is no" modi6iable2
I chde( .l hdis80 .a A,>?5riend &e"hod error ?+e"c+me"hods+chgdis5A2 041E801G The values speci6ied 6or "he 6ollo,ing a""ribu"es are no" valid2 'C& 'a"h Con"rol &odule I
481
Devices
The value o6 True ne:" "o a device a""ribu"e indica"es "ha" "his device a""ribu"e is modi6iable2
I chde( .l ent0 .a mediaLspeed?1000L;ullL1uple) &e"hod error ?+usr+lib+me"hods+chgen"A2 041E80>2 Canno" per6orm "he reMues"ed 6unc"ion because "he speci6ied device is busy7 I
)e have come across ano"her issue above7 )e can modi6y "his value, bu" no" ,hen "he device is in use7 To correc" "his use "he op"ion 0'7 )ha" is op"ion does is upda"e "he (D& da"abase+regis"ry, bu" no" "he running device driver7 " upda"es "he (D&, so "he ne:" "ime you reboo" "he sys"em, ,hich ,ill be ,hen "he "his device, hdis50, is no" in use again because "he opera"ing sys"em ,ill be do,n7
482
Devices
I lsattr .6l ent0 .a mediaLspeed mediaNspeed Au"oN<ego"ia"ion $eMues"ed media speed True I chde( .l ent0 .a mediaLspeed?1000L;ullL1uple) .A en"0 changed I lsattr .6l ent0 .a mediaLspeed mediaNspeed 1000N/ullNDuple: $eMues"ed media speed True I entstat .dt ent0 : #rep .i speed &edia Speed Selec"ed2 Au"onego"ia"e &edia Speed $unning2 1000 &bps + 1 Gbps, /ull Duple: *:"ernal8<e",or58S,i"ch ?*<SA 'or" Speed2 1000 &bps + 1 Gbps, /ull Duple: I
483
Devices
A6"er "he sys"em comes bac5 up 6rom i"s reboo" you ,ill no"ice "ha" "his < C is no, running a" a 1000 6ull duple:, as oppose "o i"Bs de6aul" 0 au"onegocia"e2
I entstat .dt ent0 : #rep .i speed &edia Speed Selec"ed2 1000 &bps + 1 Gbps, /ull Duple: &edia Speed $unning2 1000 &bps + 1 Gbps, /ull Duple: *:"ernal8<e",or58S,i"ch ?*<SA 'or" Speed2 1000 &bps + 1 Gbps, /ull Duple: I I lsattr .6l ent0 .a mediaLspeed mediaNspeed 1000N/ullNDuple: $eMues"ed media speed True I
484
Devices
The lsc6g command displays ,ha" is 5no,n as vi"al produc" da"a7 n6orma"ion such as "he )orld )ide <ame o6 an .%A por" ,ill be here2
I lsc5# .(l 5cs0 6cs0 ;GE0>7D0H70>%141A8-18C48T1 -ir"ual /ibre Channel Clien" Adap"er <e",or5 Address7777777777777C040D>030AEA001C $(S Level and D777777777777 Device Speci6ic7?c0A77777777 Device Speci6ic7?c1A77777777 Device Speci6ic7?c2A77777777 Device Speci6ic7?c3A77777777 Device Speci6ic7?cEA77777777 Device Speci6ic7?c4A77777777 Device Speci6ic7?c>A77777777 Device Speci6ic7?cDA77777777 Device Speci6ic7?cGA77777777C040D>030AEA001C Device Speci6ic7?c1A77777777 .ard,are Loca"ion Code777777;GE0>7D0H70>%141A8-18C48T1 I
485
Devices
(r in6orma"ion such as "he &AC address o6 a < Cb
I lsc5# .(l ent0 en"0 ;DGA470017) .1DAC8'18T4 Logical .os" *"herne" 'or" ?lp8heaA %& .os" *"herne" Adap"er2 <e",or5 Address7777777777777*E1/1320G21D I
486
Devices
The en"s"a" command is an e"herne" < C speci6ic command7 " can "ell you in6orma"ion such as i6 "here is physical lin5 "o "his < C 6rom an e"herne" s,i"ch2
I entstat .dt ent0 : #rep .i lin8 Logical 'or" Lin5 S"a"e2 ;p 'hysical 'or" Lin5 S"a"e2 ;p I
" can also "ell you ,ha" speed your < C is se" a", and ho, 6as" i" is curren"ly running2
I entstat .dt ent0 : #rep .i speed &edia Speed Selec"ed2 Au"onego"ia"e &edia Speed $unning2 1000 &bps + 1 Gbps, /ull Duple: *:"ernal8<e",or58S,i"ch ?*<SA 'or" Speed2 1000 &bps + 1 Gbps, /ull Duple: I
48'
Devices
Ge""ing bac5 "o "he 6ibre channel+.%A device a""ribu"es2
I lsattr .6l 5scsi0 attach n$ne N$/ this adapter is ,K<<6,-61 ;alse dyn"r5 yes Dynamic Trac5ing o6 /C Devices True 6cNerrNrecov 6as"N6ail /C /abric *ven" *rror $*C(-*$H 'olicy True scsiNid Adap"er SCS D /alse s,N6cNclass 3 /C Class 6or /abric True I
The a""ach a""ribu"e displays "he s"a"us o6 "he .%A connec"ion "o your SA<2 n$ne ? S"a"us i6 "he adap"er is no" connec"ed "o a SA< s,i"ch ?cable is presen", bu" s,i"ch por" is no" con6igured7 s/itch ? S"a"us i6 "he adap"er is connec"ed "o a SA< s,i"ch7 al Q S"a"us i6 "he adap"er has no cable "o a s,i"ch or you are direc"ly a""ached "o a s"orage subsys"em, JalK means Arbi"rary Loop7 n "he la""er case "his S"a"us is accep"able 6or direc" a""achmen" ,hen bypassing a SA< s,i"ch7
A ! %asic Sys"em Adminis"ra"ion 488
Devices
To remove a device 6rom "he sys"em, "ype in rmdev 0dl dev7
I lsde( .,c dis8 hdis50 Available -ir"ual SCS Dis5 Drive hdis51 Available -ir"ual SCS Dis5 Drive hdis52 Available -ir"ual SCS Dis5 Drive I rmde( .dl hdis81 hdis51 dele"ed I lsde( .,c dis8 hdis50 Available -ir"ual SCS Dis5 Drive hdis52 Available -ir"ual SCS Dis5 Drive I
489
Devices
To add a ne, device ,hich you Cus" connec"ed "o "he sys"em, ,i"hou" reboo"ing, or "o bring a device bac5 you Cus" dele"ed, run "he c6gmgr command, ,hich s"ands 6or Con/iGura"ion &anaGe$7
I lsde( .,c dis8 hdis50 Available -ir"ual SCS Dis5 Drive hdis52 Available -ir"ual SCS Dis5 Drive I c5#m#r I lsde( .,c dis8 hdis50 Available -ir"ual SCS Dis5 Drive hdis51 Available -ir"ual SCS Dis5 Drive hdis52 Available -ir"ual SCS Dis5 Drive I
490
Devices
There are smi" menus 6or managing devices, and "here is a smi" 6as" pa"h "o ge" "o "he relevan" menus2
I smittH de(ices
491
Devices
There is also smi" menus "o change "he a""ribu"es o6 a device7 /or a dis5 6or ins"ance2
I smittH ch#ds8
492
Devices
493
Devices
/irm,are+/lash+&icrocode Q &icrocode is programming+code "ha" is inser"ed in"o programmable read8only memory, "hus becoming a permanen" par" o6 a compu"ing device7 '()*$4 0 ?There is only one 6irm,are+microcode s"reamA2 S/ means JSMuadrons /irm,areK7 '()*$> 0 ?There are di66eren" 6irm,are+microcode s"reams per di66eren" classi6ica"ions o6 sys"emsA *. is *n"erprise .igh8*nd *& is *n"erprise &id8$ange ?6ormerly n"ermedia"e8.ighA *L is *n"erprise Lo,8*nd
494
Devices
(n '()*$D servers "here are di66eren" 6irm,are+microcode s"reams 6or "he di66eren" classi6ica"ions o6 sys"ems, Cus" li5e in p>, ,i"h "he *R naming conven"ions7 n '()*$D "he naming conven"ion is A: The %& sys"em "ype, and model o6 each curren" pD sys"em are as 6ollo,s2 G2318*2%I 8 pD10 0 AL 6irm,are ?Lo, endA7 G2028*E%I 8 pD20 0 AL 6irm,are ?Lo, endA7 G2318*2%I 8 pD30 0 AL 6irm,are ?Lo, endA7 G2048*>%I 8 pDE0 0 AL 6irm,are ?Lo, endA7 G2338*G%I 8 pD40 0 AL 6irm,are ?Lo, endA7 111D8&&%I 8 pDD0 0 A& 6irm,are ?&idrangeA7 11D18&.%I 8 pDG0 0 A& 6irm,are ?&idrangeA7 11118/.%I 8 pD14 0 A. 6irm,are ?.igh endA7
A ! %asic Sys"em Adminis"ra"ion 495
Devices
To de"ermine "he microcode+6irm,are o6 "he sys"em "ype in "he 6ollo,ing2
I lsmc$de .c The curren" permanen" sys"em 6irm,are image is AAD10N0GG The curren" "emporary sys"em 6irm,are image is AAD10N0GG The sys"em is curren"ly boo"ed 6rom "he "emporary 6irm,are image7 I
)hen you upgrade "he microcode+6irm,are o6 a sys"em, you are upgrading "he 6le:ible service processor+/S'Bs code7 There are ",o sides "o "he service processor, "he A 0 'ermanen" side, and "he % 0 Temporary side7 )hen you apply microcode+6irm,are "o "he sys"em i" ge"s applied ini"ially "o "he Temporary side, ,hile "he curren"+old microcode+6irm,are remains on "he 'ermanen" side7 A6"er you allo, "he sys"em "o run 6or, le"Bs say a 6e, ,ee5s, ,i"h "he ne, microcode+6irm,are "hen you commi" i" by copying "he Temporary side+ne, level i" "o "he permanen" side+old level7 Hou can also reCec" "he ne,ly upgrade microcode+6irm,are i6 i" causes issues ,i"h "he sys"em, and "ha" is copying "he 'ermanen" side+old level over "he Temporary side+ne, level7
A ! %asic Sys"em Adminis"ra"ion 496
Devices
*very %& server has a 6our digi" machine "ype such as GE0>, and a model id such as D0H7 To de"ermine "his 6or your sys"em "ype in "he 6ollo,ing2
I uname .> %&,GE0>8D0H I
*very %& server has a uniMue serial number7 To de"ermine "his 6or your sys"em "ype in "he 6ollo,ing2
I prtc$n5 : #rep B7erial <um!erB &achine Serial <umber2 0>%141A I
The 6orma" o6 "he sys"em serial number is2 /ACT($HNC(D*?0>A / -*ND G TNS*$ ALN<;&%*$?%141AA
49'
Devices
To de"ermine ho, much memory+$A& you have ins"alled on your sys"em2
I prtc$n5 .m &emory SiFe2 102E &% I !$$tin5$ .r 10EG4D> I lsattr .6l mem0 en"NmemNcap +( memory en"i"lemen" in @by"es /alse #$$dsi\e 1024 =m$unt $5 usa!le phHsical mem$rH in >!Htes ;alse memNe:pN6ac"or &emory e:pansion 6ac"or /alse siFe 102E To"al amoun" o6 physical memory in &by"es /alse varNmemN,eigh" -ariable memory capaci"y ,eigh" /alse I
498
Devices
.o, "o display your processor+C';Bs cloc5 speed2
I lsattr .6l pr$c0 6reMuency 3000000000 'rocessor Speed /alse sm"Nenabled "rue 'rocessor S&T enabled /alse sm"N"hreads E 'rocessor S&T "hreads /alse s"a"e enable 'rocessor s"a"e /alse "ype 'o,er'CN'()*$D 'rocessor "ype /alse I prtc$n5 .s 'rocessor Cloc5 Speed2 3000 &.F I
499
Devices
The diagnos"ics program is mainly used by %& hard,are C*s7 " used "o run hard,are chec5s on "he devices on "he sys"em, upgrade microcode+6irm,are on adap"ers, e"c7
I dia#
X6 <-6RC
500
Devices
X6<-6RC
501
Devices
X;10C
502
Devices
There is a daemon ,hich runs on all A ! sys"ems 5no,n as "he error daemon7 " is responsible 6or logging cer"ain so6",are, and hard,are errors ,hich occur on "he sys"em7 <o"e, no" all errors are logged via "his 6acili"y7
I ps .e5 : #rep .i err roo" >44430 1 0 012E321G I 8 0200 +usr+lib+errdemon
503
Devices
To display a more de"ailed error repor" o6 "he errors "ype in "he 6ollo,ing2
I errpt .a : m$re 888888888888888888888888888888888888888888888888888888888888888888888888888 LA%*L2 $&CDN </(N0NST D*<T / *$2 A>D/E4AA Da"e+Time2 )ed Dec 1 012E323G CST 2010 SeMuence <umber2 G4 &achine d2 000%141ADE00 <ode d2 gvicai:01 Class2 ( Type2 </( )'A$2 Global $esource <ame2 $&Cdaemon Descrip"ion The daemon is s"ar"ed7 'robable Causes The $esource &oni"oring and Con"rol daemon has been s"ar"ed7 ;ser Causes The s"ar"src 8s c"rmc command has been e:ecu"ed or "he rmcc"rl 8s command has been e:ecu"ed7 $ecommended Ac"ions Con6irm "ha" "he daemon should be s"ar"ed7
504
Devices
To clear "he en"ire error repor" "ype in "he 6ollo,ing2
I errclear 0 I errpt I
505
506
50'
508
509
510
512
513
514
The above ping ou"pu" sho,s an a""emp" "o reach a hos"name ,hich is no" responding on "he ne",or57
516
51'
I tail *etc*h$sts I indica"es "he beginning o6 a commen"b charac"ers up "o "he end o6 "he I line are no" in"erpre"ed by rou"ines ,hich search "his 6ile7 %lan5 I lines are allo,ed7 I n"erne" Address .os"name I Commen"s I 11271720071 ne"0sample I e"herne" name+address I 12G71007071 "o5en0sample I "o5en ring name+address I 10727072 :24sample I :724 name+address 12D707071 loopbac5 localhos" I loopbac5 ?lo0A name+address 11271>G72E07123 gvicai:01 I
518
.(ST<A&*
AL ASN2
519
520
S"uden" on sys"em Gvicai:01 "elne" "o Gvicai:02, and vice8versa7 S"uden" on sys"em Gvicai:03 "elne" "o Gvicai:0E, and vice8versa7 S"uden" on sys"em Gvicai:04 "elne" "o Gvicai:0>, and vice8versa7 S"uden" on sys"em Gvicai:0D "elne" "o Gvicai:0>7
521
?gvicai:1EA
522
8r,8r88r88 1 roo"
sys"em
523
<o,, go"o "he "arge" sys"em, and veri6y "he 6ile ,as sen" "here7
I h$stname gvicai:14 I ls .l *tmp*pass/d 8r,8r88888 1 roo" sys"em I
524
525
I cat *etc*res$l(%c$n5 d$main theats#r$up%c$m nameser(er 192%168%240%150 I nsl$$8up ///%i!m%c$m Server2 a"sicdc7a"s7local Address2 11271>G72E07140 <on8au"hori"a"ive ans,er2 <ame2 ,,,7ibm7com7cs1G>7ne" Address2 1217E274G721> Aliases2 ,,,7ibm7com I
526
/lags $e6s
$ou"e Tree 6or 'ro"ocol /amily 2 ? n"erne"A2 de6aul" 11271>G72E071 ;G 0 E en0 8 8 12D+G 12D707071 ; 1E 2D1 lo0 8 8 11271>G72E070 11271>G72E07123 ;.Sb 0 0 en0 8 8 QX 11271>G72E0+2E 11271>G72E07123 ; > 10D1 en0 8 8 11271>G72E07123 12D707071 ;G.S E DG lo0 8 8 11271>G72E07244 11271>G72E07123 ;.Sb 2 G en0 8 8 $ou"e Tree 6or 'ro"ocol /amily 2E ? n"erne" v>A2 221^1 221^1 ;. 3 32 lo0 I 8 8
52'
528
A ! Securi"y
529
A ! Securi"y
A ! is shipped insecure7 .o,ever, i" has all o6 "he "ools "o be very secure7 The process o6 securing a sys"em is called hardening a sys"em7 Depending upon your corpora"e T policy, securi"y can be loose on an A ! sys"em, or very "igh"7 There is a "hin line be",een a secured sys"em, and a non8produc"ive sys"em7 &os" cus"omers compromise some,here in "he middle as 6ar as securi"y is concerned7 This is o6 course as long as "here are no legal regula"ions, e"c77
530
A ! Securi"y
(ne o6 "he 6irs" "hings you should do "o ensure your sys"em is secure, is ensure "he roo" user is pro"ec"ed ,i"h a pass,ord7 )e already accomplished "his earlier in "he class7
I pass/d Changing pass,ord 6or Sroo"S roo"Ts <e, pass,ord2 X6<-6RC $e8en"er roo"Ts ne, pass,ord2 X6<-6RC I l$#ins .p roo" 0 sys"em
I pass/d Changing pass,ord 6or Sroo"S roo"Ts <e, pass,ord2 $e8en"er roo"Ts ne, pass,ord2 I l$#ins .p I
531
A ! Securi"y
ns"all ssh, and disable "elne"7 $emember, "elne" is insecure because i" "ransmi"s login pass,ords in clear "e:" over "he ne",or57 To disable "elne", you mus" disable i"Bs subserver7 Hou do "ha" ,i"h "he s"opsrc 0" subNserver command7
I lssrc .t telnet Service Command "elne" +usr+sbin+"elne"d Argumen"s "elne"d 8a S"a"us ac"ive
I st$psrc .t telnet 0413812D The "elne" subserver ,as s"opped success6ully7 I lssrc .t telnet Service Command I Argumen"s S"a"us
532
A ! Securi"y
/T' should be disabled as ,ell7
I lssrc .t 5tp Service Command 6"p +usr+sbin+6"pd Argumen"s 6"pd ac"ive S"a"us
I st$psrc .t 5tp 0413812D The 6"p subserver ,as s"opped success6ully7 I lssrc .t 5tp Service Command I Argumen"s S"a"us
533
A ! Securi"y
*nable "elne", and 6"p once again7 The las" ",o labs ,as Cus" "o demons"ra"e ho, "o disable "hose ",o services7
I lssrc .t telnet Service Command Argumen"s S"a"us I startsrc .t telnet 0413812E The "elne" subserver has been s"ar"ed7 I lssrc .t telnet Service Command Argumen"s S"a"us "elne" +usr+sbin+"elne"d "elne"d 8a ac"ive I I lssrc .t 5tp Service Command Argumen"s I startsrc .t 5tp 0413812E The 6"p subserver has been s"ar"ed7 I lssrc .t 5tp Service Command Argumen"s 6"p +usr+sbin+6"pd 6"pd ac"ive I
S"a"us
S"a"us
534
A ! Securi"y
Ano"her "as5 you can do "o pro"ec" "he roo" user accoun" is "o disable "he abili"y "o log in"o "ha" user remo"ely7 I smi""y chuser
535
A ! Securi"y
536
A ! Securi"y
(pen ano"her pu""y session, and no"e ho, you canB" login as "ha" roo" user any longer remo"ely7 <o,, you ,ould be able "o login as roo" 6rom "he sys"em console7
A ! -ersion 4 Copyrigh" %& Corpora"ion, 11G2, 200D7 login2 r$$t $emo"e logins are no" allo,ed 6or "his accoun"7 login2
53'
A ! Securi"y
A6"er you se" "his a""ribu"e, rloginQ6alse, no"e you ,ill s"ill be able "o su "o "he roo" user, 6rom a normal user id7 This is "ypically done "o en6orce user accoun"abili"y7 Go bac5 "hrough smi", and change i" bac5 "o remo"e login "rue7
538
A ! Securi"y
A ! has Mui"e a 6e, securi"y op"ions you can se" 6or users you se"up on "he sys"em7 Go in"o "he smi""y chuser 6as"pa"h, and le"Bs revie, "hem "oge"her7
I smittH chuser
539
A ! Securi"y
All o6 "hese se""ings, are se" in "he +e"c+securi"y+user con6ig 6ile7 user securi"y ;ser D AD& < ST$AT -* ;S*$9 'rimary G$(;' Group S*T AD& < ST$AT -* G$(;'S $(L*S Ano"her user can S; T( ;S*$9 S; G$(;'S .(&* direc"ory ni"ial '$(G$A& ;ser </($&AT (< *!' $AT (< da"e ?&&DDhhmmyyA s "his user ACC(;<T L(C@*D9
A ! %asic Sys"em Adminis"ra"ion 540
A ! Securi"y
;ser can L(G <9 ;ser can L(G < $*&(T*LH?rsh,"n,rloginA9 Allo,ed L(G < T &*S <umber o6 /A L*D L(G <S be6ore user accoun" is loc5ed Login A;T.*<T CAT (< G$A&&A$ -alid TTHs Days "o )A$< ;S*$ be6ore pass,ord e:pires 'ass,ord C.*C@ &*T.(DS 'ass,ord D CT (<A$H / L*S <;&%*$ (/ 'ASS)($DS be6ore reuse )**@S be6ore pass,ord reuse )ee5s be",een pass,ord *!' $AT (< and L(C@(;T
541
A ! Securi"y
'ass,ord &A!7 AG* 'ass,ord & <7 AG* 'ass,ord & <7 L*<GT. 'ass,ord & <7 AL'.A charac"ers 'ass,ord & <7 (T.*$ charac"ers 'ass,ord &A!7 $*'*AT*D charac"ers 'ass,ord & <7 D //*$*<T charac"ers 'ass,ord $*G ST$H So6" / L* siFe So6" C'; "ime So6" DATA segmen" So6" STAC@ siFe So6" C($* 6ile siFe .ard / L* siFe *TCR
A ! %asic Sys"em Adminis"ra"ion 542
A ! Securi"y
/or "his sec"ion ,hich deals ,i"h ;ni: 6ile, and direc"ory permissions, go ahead and crea"e ano"her user called Cus"in2, ,hich is yourname22
I m8user ustin2 I id ustin2 uidQ2GG?Cus"in2A gidQ202?s"a66A I pass/d ustin2 Changing pass,ord 6or SCus"in2S Cus"in2Ts <e, pass,ord2 *n"er "he ne, pass,ord again2 I p/dadm .c ustin2 I
543
A ! Securi"y
)hen you crea"e a 6ile or direc"ory in A !, you user id o,ns "he 6ile, and your primary group o,ns i" as ,ell7 Log in as "he user you crea"ed bac5 in "he ;ser &anagemen" sec"ion, and crea"e an emp"y 6ile and direc"ory2
Y id uidQ2GD?Cus"inA gidQ202?dbaA groupsQ1?s"a66A Y p/d +home+Cus"in Y t$uch 5ile Y ls .l 5ile 8r,8r88r88 1 Cus"in dba Y m8dir dir Y ls .ld dir dr,:r8:r8: 2 Cus"in dba Y
544
A ! Securi"y
%y de6aul", you can dele"e, rename+move any 6iles, or direc"ories you crea"ed+o,n7 Dele"e2
Y id uidQ2GD?Cus"inA gidQ202?dbaA groupsQ1?s"a66A Y ls .l 5ile 8r,8r88r88 1 Cus"in dba 0 <ov 04 23232 6ile
Y rm 5ile Y ls .l 5ile ls2 0>4383E1 The 6ile 6ile does no" e:is"7 Y ls .ld dir dr,:r8:r8: 2 Cus"in dba 24> <ov 04 23232 dir
Y rmdir dir Y ls .ld dir ls2 0>4383E1 The 6ile dir does no" e:is"7 Y
545
A ! Securi"y
$ename+move2
Y t$uch 5ile Y m8dir dir Y ls .l 5ile 8r,8r88r88 1 Cus"in dba Y ls .ld dir dr,:r8:r8: 2 Cus"in dba Y m( 5ile 5ile2 Y m( dir dir2 Y ls .l 5ile2 8r,8r88r88 1 Cus"in dba Y ls .ld dir2 dr,:r8:r8: 2 Cus"in dba Y
546
A ! Securi"y
'opula"e "he 6ile, 6ile ,i"h da"a2
Y ech$ Bdata in 5ileB C 5ile Y ls .l 5ile 8r,8r88r88 1 Cus"in dba Y cat 5ile da"a in 6ile Y
%y de6aul" all users on "he sys"em have read permission "o "his 6ile7 Also, by de6aul" all users ,ho are also members o6 user Cus"inBs primary group, dba, "he group ,hich o,ns "his 6ile, have read permission "o "his 6ile, meaning i6 you are logged in"o "he sys"em ,ho is a member o6 "he same group ,ho crea"ed a speci6ic 6ile, "hen you ,ill have permission "o read "ha" 6ile, Cus" as "he o,ner does7
54'
A ! Securi"y
<o,, open ano"her pu""y session "o your sys"em, and login as user Cus"in2, "he user you crea"ed a" "he s"ar" o6 "his lab sec"ion7 (nce in, a""emp" "o read "he 6ile you Cus" crea"ed as user Cus"in in user Cus"inBs home direc"ory, you ,ill be able "o, bu" a""emp" "o ,ri"e "o "his 6ile as user Cus"in2 ,ho doesnB" o,n "he 6ile, you ,onB" be able "o2
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y ls .l *h$me* ustin*5ile 8r,8r88r88 1 Cus"in dba Y cat *h$me* ustin*5ile da"a in 6ile Y ech$ Bm$re data in 5ileB CC *h$me* ustin*5ile The 6ile access permissions do no" allo, "he speci6ied ac"ion7 5sh2 +home+Cus"in+6ile2 0E038004 Canno" crea"e "he speci6ied 6ile7 Y 13 <ov 0> 0021D +home+Cus"in+6ile
548
A ! Securi"y
S,i"ch user, ,i"h "he ;ni: su command, "o "he roo" user o6 "he sys"em and "hen change "he o,ner o6 "he +home+Cus"in+6ile 6ile "o Cus"in27 Hou change "he user o,nership o6 a 6ile ,i"h "he cho,n comand2
Y su roo"Bs 'ass,ord2 I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I ls .l *h$me* ustin*5ile 8r,8r88r88 1 Cus"in dba 13 <ov 0> 0021D +home+Cus"in+6ile
I ch$/n ustin2 *h$me* ustin*5ile I ls .l *h$me* ustin*5ile 8r,8r88r88 1 Cus"in2 dba 13 <ov 0> 0021D +home+Cus"in+6ile I
549
A ! Securi"y
<o,, "ype in "he e:i" command, "o become user Cus"in2 again7 A""emp" "o ,ri"e "o "he 6ile +home+Cus"in+6ile again, and no, "ha" user Cus"in2 o,ns "his 6ile, Cus"in2 ,ill be able "o ,ri"e "o "ha" 6ile7 Since user Cus"in2 no, o,ns "his 6ile, and by de6aul" ;ni: gives ,ri"e permission "o "he o,ner o6 a 6ile, Cus"in2 ,ill no, be able "o ,ri"e "o "his 6ile7
I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I e)it Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y ls .l *h$me* ustin*5ile 8r,8r88r88 1 Cus"in2 dba Y cat *h$me* ustin*5ile da"a in 6ile Y ech$ Bm$re data in 5ileB CC *h$me* ustin*5ile Y cat *h$me* ustin*5ile da"a in 6ile more da"a in 6ile Y 13 <ov 0> 0021D +home+Cus"in+6ile
550
A ! Securi"y
;ni: 6ile and direc"ory permissions are handled by "en bi"s se" 6or each 6ile and direc"ory7 Hou see "his via "he ls 0l command7 Go ahead and go "o your Cus"in 'u""y session2
Y id uidQ2GD?Cus"inA gidQ202?dbaA groupsQ1?s"a66A Y t$uch 5ilea Y ech$ BdataB C 5ilea Y cat 5ilea da"a Y ls .l 5ilea 8r,8r88r88 1 Cus"in dba Y 4 <ov 0> 0E20D 6ilea
551
A ! Securi"y
Y ls .l 5ilea
.r/.r..r..
Y
1 Cus"in dba
These "en permission bi"s are grouped "oge"her in"o "hree permission bi" se"s, ,i"h "hree permissions each2 r, ,, and :7 There is a permission bi" se" 6or "he 6ollo,ing groups o6 users2 8 ;sers ,hich o,n "he 6ile or direc"ory7 8 ;sers ,ho are members o6 "he same group ,ho o,ns "he 6ile or direc"ory7 8 ("hers+)orld7 *veryone else on "he sys"em7 <o" "he o,ner or a member o6 "he group ,ho o,ns "he 6ile or direc"ory7 8 There are also "hree basic permissions you can se" 6or each group 0 r Q $ead, , Q )ri"e, and : Q e!ecu"e7
Direc"ory9 $ead9 )ri"e9 *:ecu"e9 $ead9 )ri"e9 *:ecu"e9 $ead9 )ri"e9 *:ecu"e9
>
> &wner
>
5 Gro3p
>
&t#er
552
A ! Securi"y
So based on "he ls 0l ou"pu" o6 "he 6ile, 6ilea ,e deduce "he 6ollo,ing2 ;ser Cus"in, "he o,ner, has read, and ,ri"e permission on 6ilea7 *very user on "he sys"em ,ho is in "he dba group has read permission on 6ilea7 *very user on "he sys"em ,ho is no" "he o,ner or no" in "he dba group has read permission on 6ilea7 Go "o "he Cus"in2 'u""y session, and a""emp" "o read "he 6ile, 6ilea2
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y cat *h$me* ustin*5ilea da"a Y
Go bac5 "o "he Cus"in 'u""y session, and a""emp" "o read "he 6ile, 6ilea2
Y id uidQ2GD?Cus"inA gidQ21DG?dbaA groupsQ1?s"a66A Y cat 5ilea da"a Y
553
A ! Securi"y
<o, le"Bs change "he 6ile permission o6 "he 6ile7 To change "he permission ,e use "he chmod command7 n our e:ample ,e are going "o "a5e read permission ,ay 6rom "he o,ner o6 "he 6ile2
Y chm$d u.r 5ilea Y ls .l 5ilea 88,8r88r88 1 Cus"in dba Y cat 5ilea ca"2 0>428040 Canno" open 6ilea7 Y
/or "he chmod command you use "he 6ollo,ing parame"ers "o speci6y ,hich permission bi" se" you are se""ing, and ,hich permission bi" you are se""ing2 8 u Q (,ner o6 "he 6ile permission bi" se"7 8 g Q Group member o6 group ,hich o,ns "he 6ile permission bi" se"7 8 o Q ("hers+)orld7 <on8o,ners o6 "he 6ile, and non8group members o6 "he group o,ner o6 "he 6ile permission bi" se"7 8 Hou use "he ], plus sign "o gran", and "he minus 8, sign "o revo5e7
554
A ! Securi"y
Go "o your Cus"in2 ,indo, and a""emp" "o read "he 6ile7 <o"e, even "hough Cus"in2 is no" "he o,ner, "he "hird permission bi", o"her, has "he r 0 read se", "his means Cus"in2 can read "he 6ile even "hough Cus"in+o,ner canno"7
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y ls .l *h$me* ustin*5ilea 88,8r88r88 1 Cus"in dba Y cat *h$me* ustin*5ilea da"a Y 4 <ov 0> 0E20D +home+Cus"in+6ilea
555
A ! Securi"y
%ac5 a" "he Cus"in user ,indo, a""emp" "o edi" "he 6ile, 6ile, by re8 direc"ing ou"pu" "o i" 6rom "he ;ni: shell2
Y id uidQ2GD?Cus"inA gidQ21DG?dbaA groupsQ1?s"a66A Y ls .l 5ilea 88,8r88r88 1 Cus"in dba Y date CC 5ilea Y cat 5ilea ca"2 0>428040 Canno" open 6ilea7 Y (i 5ilea R S6ileaS The 6ile access permissions do no" allo, "he speci6ied ac"ion7 4 <ov 0> 0E20D 6ilea
<o"e, you as "he o,ner s"ill have ,ri"e permission "o 6ilea, so you can re8direc" ou"pu" "o "ha" 6ile, ho,ever since you as "he o,ner do no" have read permission "o "ha" 6ile you canno" edi" "he 6ile ,i"h "he vi edi"or, because you need read permission "o edi" "he 6ile ,i"h an edi"or ,hich mus" read i"7
A ! %asic Sys"em Adminis"ra"ion 556
A ! Securi"y
<o, go "o "he Cus"in2 ,indo, and ca" "he 6ile, so you see "ha" even ,i"hou" read permission you ,ere able "o append "o "his 6ile as user Cus"in ,i"h "he shell re8direc"ion o6 "he da"e command ou"pu"2
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y cat *h$me* ustin*5ilea da"a Sa" <ov > 1321420E *DT 2010 Y
As Cus"in2 a""emp" "o ,ri"e "o "his 6ile by re8direc"ing shell ou"pu" "o i"2
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y date CC *h$me* ustin*5ilea The 6ile access permissions do no" allo, "he speci6ied ac"ion7 5sh2 +home+Cus"in+6ilea2 0E038004 Canno" crea"e "he speci6ied 6ile7 Y ls .l *h$me* ustin*5ilea 88,8r88r88 1 Cus"in dba Y 3E <ov 0> 13214 +home+Cus"in+6ilea
55'
A ! Securi"y
%ac5 in "he Cus"in ,indo, go ahead and give "he las" permission bi" se" o 6or o"her, ,ri"e permission "o "his 6ile7
Y id uidQ2GD?Cus"inA gidQ21DG?dbaA groupsQ1?s"a66A Y ls .l 5ilea 88,8r88r88 1 Cus"in dba Y chm$d $2/ 5ilea Y ls .l 5ilea 88,8r88r,8 1 Cus"in dba Y 3E <ov 0> 13214 6ilea 3E <ov 0> 13214 6ilea
<o, in "he Cus"in2 ,indo, you should be able "o ,ri"e+append "o "his 6ile, because Cus"in2 no, no" being "he o,ner or in "he dba group has permission "o ,ri"e "o "his 6ile7 This is also 5no,n as J,orld ,ri"ableK2
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y date CC *h$me* ustin*5ilea Y cat *h$me* ustin*5ilea da"a Sa" <ov > 1321420E *DT 2010 Sa" <ov > 13224214 *DT 2010
558
A ! Securi"y
n "he Cus"in ,indo, give "he o,ner, you, read permission "o 6ilea again2
Y id uidQ2GD?Cus"inA gidQ21DG?dbaA groupsQ1?s"a66A Y ls .l 5ilea 88,8r88r,8 1 Cus"in dba Y chm$d u2r 5ilea Y ls .l 5ilea 8r,8r88r,8 1 Cus"in dba Y (i 5ilea R >3 <ov 0> 13224 6ilea
;se *SC]dd "hree "imes "o dele"e all "hree lines ,i"hin vi7 nser" "he 6ollo,ing comands+lines "o "he 6ile7 This is a simple shell scrip"2
GP*usr*!in*8sh ech$ RNell$U sleep 3 ech$ R-his is a simple shell script in Ini)U
559
A ! Securi"y
To run+e:ecu"e a ;ni: shell scrip" all you do is en"er "he name o6 "he 6ile, and "he ;ni: shell ,ill seMuen"ially e:ecu"e every command in "ha" 6ile7
Y ls .l 5ilea 8r,8r88r,8 1 Cus"in dba G2 <ov 0> 13230 6ilea
To be able "o run+e:ecu"e "his 6ile go ahead and give "he o,ner o6 "he 6ile e:ecu"e permission "o i"7
Y chm$d u2) 5ilea Y ls .l 5ilea 8r,:r88r,8 1 Cus"in dba Y 5ilea .ello (SHELL SCRIP P!"SES #$R HREE SEC$N%S&. This is a simple shell scrip" in ;ni: Y G2 <ov 0> 13230 6ilea
560
A ! Securi"y
Go "o "he Cus"in2 user ,indo, and a""emp" "o e:ecu"e "his shell scrip"2
Y id uidQ20E?Cus"in2A gidQ1?s"a66A Y *h$me* ustin*5ilea 5sh2 +home+Cus"in+6ilea2 0E03800> *:ecu"e permission denied7 Y Y chm$d $2) *h$me* ustin*5ilea 0EG1801E chmod2 no" all reMues"ed changes ,ere made "o +home+Cus"in+6ilea Y
<o"e, only "he o,ner o6 a 6ile, or direc"ory can change "he permission o6 a 6ile or direc"ory7 %ac5 in "he Cus"in ,indo,2
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y chm$d $2) 5ilea Y ls .l 5ilea 8r,:r88r,: 1 Cus"in dba GE <ov 20 1321D 6ilea Y
561
A ! Securi"y
Hou ,ill no, see "ha" bac5 in "he Cus"in2 ,indo,, "ha" user can no, e:ecu"e "his shell scrip"2
Y id uidQ20E?Cus"in2A gidQ1?s"a66A Y *h$me* ustin*5ilea .ello This is a simple shell scrip" in ;ni: Y
562
A ! Securi"y
/or Direc"ory permissions2
8 8 8
$ead permission is reMuired i6 a user ,ishes "o vie, "he con"en"s o6 a direc"ory, li5e ,i"h "he ls command7 )ri"e permission is reMuired i6 a user ,ishes "o crea"e a 6ile or sub8direc"ory in a direc"ory, or dele"e a 6ile or sub8direc"ory in a direc"ory7 *:ecu"e permission is reMuired i6 a user ,ishes "o move "o a direc"ory ,i"h "he cd command7
563
A ! Securi"y
Go ahead and revo5e read permission 6rom "his direc"ory2
Y ls .ld dir2 dr,:r8:r8: 2 Cus"in dba Y chm$d u.r dir2 Y ls .ld dir2 d8,:r8:r8: 2 Cus"in dba Y 24> <ov 0> 1E2E1 dir2 24> <ov 0> 1E2E1 dir2
Also "a5e e:ecu"e 6or "he o,ner a,ay2 Y chm$d u.) dir2
<o"ice no,, ho, you canno" even vie, "he con"en"s o6 "he direc"ory, le" alone cd "o i"2
Y ls dir2 ls2 dir22 The 6ile access permissions do no" allo, "he speci6ied ac"ion7 Y ls .l dir2 ls2 dir22 The 6ile access permissions do no" allo, "he speci6ied ac"ion7 "o"al 0
)i"h "he chmod command you can also speci6y mul"iple permissions 6or a permission bi" se" a" once7 So no, le"Bs give read, and e:ecu"e permission only "o "he o,ner bac5 6or "he dir2 direc"ory2
Y chm$d u2r) dir2 Y ls .ld dir2 dr,:r8:r8: 2 Cus"in dba
564
A ! Securi"y
Go ahead and crea"e some emp"y 6iles in "he direc"ory dir22
Y p/d +home+Cus"in Y cd dir2 Y p/d +home+Cus"in+dir2 Y ls Y t$uch 5ilea 5ile! 5ilec Y ls .l "o"al 0 8r,8r88r88 1 Cus"in dba 8r,8r88r88 1 Cus"in dba 8r,8r88r88 1 Cus"in dba Y
0 <ov 0> 1E2E1 6ilea 0 <ov 0> 1E2E1 6ileb 0 <ov 0> 1E2E1 6ilec
565
A ! Securi"y
Go ahead and move bac5 "o your+Cus"inBs home direc"ory, and "a5e a,ay "he e:ecu"e permission "o "his direc"ory2
Y cd Y p/d +home+Cus"in Y ls .ld dir2 dr,:r8:r8: 2 Cus"in dba Y chm$d u.) dir2 Y ls .ld dir2 dr,8r8:r8: 2 Cus"in dba Y ls dir2 6ilea 6ileb 6ilec Y cd dir2 5sh2 dir22 'ermission denied7 24> <ov 0> 1E2E1 dir2
)ha" can ,e conclude here9 )ell a ;ni: direc"ory needs e:ecu"e permission on i", 6or a user "o be able "o move "o i" 8 cd, "o i"7 .o,ever as long as "here is read permission "o "he direc"ory, ,e can s"ill vie, i"Bs con"en"s 0 6iles, and+or sub8direc"ories7
A ! %asic Sys"em Adminis"ra"ion 566
A ! Securi"y
Give 6ull r,: permission bac5 "o dir22
Y chm$d u2r/) dir2 Y ls .ld dir2 dr,:r8:r8: 2 Cus"in dba Y
<o,, revo5e "he ,ri"e permission 6rom "his direc"ory 6or "he o,ner2
Y chm$d u./ dir2 Y ls .ld dir2 dr8:r8:r8: 2 Cus"in dba Y
56'
A ! Securi"y
<o"ice ho, you canno" crea"e+,ri"e any"hing in "his direc"ory, because you revo5e your abili"y "o ,ri"e "o i"2
Y ls dir2 6ilea 6ileb 6ilec Y ls .l dir2 "o"al 0 8r,8r88r88 1 Cus"in dba 8r,8r88r88 1 Cus"in dba 8r,8r88r88 1 Cus"in dba Y cd dir2 Y p/d +home+Cus"in+dir2 Y t$uch 5iled "ouch2 0>4280E> Canno" crea"e 6iled7 Y Y m8dir dir2! m5dir2 0>43834D Canno" access direc"ory 77 72 The 6ile access permissions do no" allo, "he speci6ied ac"ion7 Y Y cd
0 <ov 0> 1E2E1 6ilea 0 <ov 0> 1E2E1 6ileb 0 <ov 0> 1E2E1 6ilec
568
A ! Securi"y
% G G(TC.A7 Le"Bs say you had a direc"ory "ha" you, user Cus"in, crea"ed called dirb7
Y id uidQ2GD?Cus"inA gidQ21DG?dbaA groupsQ1?s"a66A Y m8dir dir! Y ls .ld dir! dr,:r8:r8: 2 Cus"in dba 24> <ov 1> 1222G dirb Y
<o, you go in"o "ha" direc"ory, and crea"e a 6ile called2 6ilea, and a sub8direc"ory called dirc2
Y cd dir! Y p/d +home+Cus"in+dirb Y t$uch 5ilea Y ls .l 5ilea 8r,8r88r88 1 Cus"in dba Y m8dir dirc Y ls .ld dirc dr,:r8:r8: 2 Cus"in dba Y
569
A ! Securi"y
Go "o your Cus"in2 login ,indo,, and a""emp" "o dele"e "his 6ile2
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y cd *h$me* ustin*dir! Y ls .l 5ilea 8r,8r88r88 1 Cus"in dba
Y rm 5ilea rm2 $emove 6ilea9 H rm2 0>438>01 Canno" remove 6ilea7 The 6ile access permissions do no" allo, "he speci6ied ac"ion7 Y rmdir dirc rmdir2 0>438>01 Canno" remove dirc7 The 6ile access permissions do no" allo, "he speci6ied ac"ion7 Y
5'0
A ! Securi"y
Go bac5 "o your Cus"in ,indo, and change "he direc"ory permission o6 dirb "o give o"hers+,orld ,ri"e permission "o "his direc"ory2
Y id uidQ2GD?Cus"inA gidQ21DG?dbaA groupsQ1?s"a66A Y cd Y ls .ld dir! dr,:r8:r8: 2 Cus"in dba Y chm$d $2/ dir! Y ls .ld dir! dr,:r8:r,: 2 Cus"in dba
5'1
A ! Securi"y
$e"urn "o your Cus"in2 login ,indo,, and no, a""emp" "o dele"e "he 6ilea 6ile2
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y cd *h$me* ustin*dir! Y ls .l dr,:r8:r8: 2 Cus"in dba 24> <ov 1> 1223G dirb 8r,8r88r88 1 Cus"in dba 0 <ov 1> 12221 6ilea Y rm 5ilea rm2 $emove 6ilea9 H Y ls .l 5ilea ls2 0>4383E1 The 6ile 6ilea does no" e:is"7 Y rmdir dirc Y ls l dirc ls2 0>4383E1 The 6ile dirb does no" e:is"7
Hou are able "o do i", even "hough you, Cus"in2, do no" o,n "his 6ile, bu" Cus"in does7 Hou can because as long as "he direc"ory has ,ri"e permission on i" 6or a permission bi" se", anyone in "ha" se" can dele"e 6rom "ha" direc"ory, even i6 "hey do no" o,n "he 6ile7
5'2
A ! Securi"y
So ho, do you crea"e a public direc"ory ,here all users can dump "heir 6iles, and sub8direc"ories, bu" only "he o,ner o6 said 6iles, and sub8direc"ories can dele"e "hem9 This is ,here a special bi" 5no,n as "he Js"ic5y bi"K comes in"o place7 Tha" is e:ac"ly ,ha" i" is 6or, i" ma5es i" so all users can crea"e 6iles, and+or sub8direc"ories in a direc"ory, bu" only "he o,ner can dele"e "hem7 %ac5 in "he Cus"in user ,indo,2
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y ls .ld dir! dr,:r8:r,: 2 Cus"in dba Y chm$d $2t dir! Y ls .ld dir! dr,:r8:r," 2 Cus"in dba Y 24> <ov 20 13224 dirb
5'3
A ! Securi"y
<o, as user Cus"in crea"e 6ilea and dirc2
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y cd dir! Y t$uch 5ilea Y m8dir dirc Y ls .l "o"al 0 dr,:r8:r8: 2 Cus"in dba 8r,8r88r88 1 Cus"in dba Y
5'4
A ! Securi"y
Go "o user Cus"in2Bs ,indo, and a""emp" "o dele"e "ha" 6ile, and direc"ory Cus" crea"ed+o,ned by user Cus"in7 Hou ,onB" be able "o, even "hough you, everyone+,orld, has permission "o ,ri"e "o "his direc"ory7 Also ,hile you are "here crea"e your o,n 6ile and direc"ory ,hich ,ill be o,ned by you, Cus"in22
Y id uidQ20E?Cus"in2A gidQ1?s"a66A Y cd *h$me* ustin*dir! Y ls .l "o"al 0 dr,:r8:r8: 2 Cus"in dba 24> <ov 20 1322G dirc 8r,8r88r88 1 Cus"in dba 0 <ov 20 1322G 6ilea Y rmdir dirc rmdir2 0>438>01 Canno" remove dirc7 (pera"ion no" permi""ed7 Y rm 5ilea rm2 $emove 6ilea9 H rm2 0>438>01 Canno" remove 6ilea7 (pera"ion no" permi""ed7 Y t$uch 5ile! Y m8dir dird Y ls .l "o"al 0 dr,:r8:r8: 2 Cus"in dba 24> <ov 20 1322G dirc dr,:r8:r8: 2 Cus"in2 s"a66 24> <ov 20 13221 dird 8r,8r88r88 1 Cus"in dba 0 <ov 20 1322G 6ilea 8r,8r88r88 1 Cus"in2 s"a66 0 <ov 20 13221 6ileb
5'5
A ! Securi"y
%ac5 in "he Cus"in ,indo,, a""emp" "o dele"e "he 6ile an direc"ory user Cus"in2 Cus" crea"ed2
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y cd Y cd dirb Y ls 8l "o"al 0 dr,:r8:r8: 2 Cus"in dba 24> <ov 20 1322G dirc dr,:r8:r8: 2 Cus"in2 s"a66 24> <ov 20 13221 dird 8r,8r88r88 1 Cus"in dba 0 <ov 20 1322G 6ilea 8r,8r88r88 1 Cus"in2 s"a66 0 <ov 20 13221 6ileb Y rm 6ileb rm2 $emove 6ileb9 y Y rmdir dird rm2dir2 A 6ile or direc"ory in "he pa"h name does no" e:is"7 rm2 0>438>03 Canno" remove direc"ory dird7 Y rmdir dird Y ls 8l "o"al 0 dr,:r8:r8: 2 Cus"in dba 24> <ov 20 1322G dirc 8r,8r88r88 1 Cus"in dba 0 <ov 20 1322G 6ilea Y
5'6
A ! Securi"y
Can anyone "ell me ,ha" happened and ,hy9 A<S)*$PPP To correc" "his you use a user ,ho ,ill never use "his direc"ory, or ,ho is "he proCec" manager, o6 "he proCec" ,hich is using "his common direc"ory+reposi"ory 6or mul"iple userBs 6iles, and direc"ories7 )e can see an e:ample o6 "his, by de6aul", on all already ins"alled A ! sys"em7 This is seen in a 6ilesys"em, direc"ory called +"mp7 This 6ilesys"em, direc"ory is crea"ed au"oma"ically ,hen "he opera"ing sys"em is ins"alled, and loo5 a" i"Bs permissions2
Y ls .ld *tmp dr,:r,:r," D bin Y bin E01> <ov 20 1323D +"mp
As you can see "his 6ilesys"em, direc"ory has "he s"ic5y bi" se"7
5''
A ! Securi"y
As user Cus"in crea"e a 6ile and direc"ory in +"mp2
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y cd *tmp Y p/d +"mp Y t$uch 5ilea Y m8dir dira Y ls .l 5ilea 8r,8r88r88 1 Cus"in dba Y ls .ld dira dr,:r8:r8: 2 Cus"in dba Y
5'8
A ! Securi"y
As user Cus"in2 crea"e a 6ile and direc"ory as ,ell in +"mp2
Y id uidQ20E?Cus"in2A gidQ1?s"a66A Y cd *tmp Y p/d +"mp Y t$uch 5ile! Y m8dir dir! Y ls .l 5ile! 8r,8r88r88 1 Cus"in2 s"a66 Y ls .ld dir! dr,:r8:r8: 2 Cus"in2 s"a66 Y
)hile logged in as Cus"in2, a""emp" "o dele"e 6ilea and dira crea"ed by user Cus"in2 Y rm 5ilea rm2 $emove 6ilea9 H rm2 0>438>01 Canno" remove 6ilea7 (pera"ion no" permi""ed7 Y rmdir dira rmdir2 0>438>01 Canno" remove dira7 (pera"ion no" permi""ed7 Y
5'9
A ! Securi"y
<o, as user Cus"in a""emp" "o dele"e "he 6ile, and direc"ory you crea"ed as user Cus"in22
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y cd +"mp Y p,d +"mp Y rm 6ileb rm2 $emove 6ileb9 y rm2 0>438>01 Canno" remove 6ileb7 (pera"ion no" permi""ed7 Y rmdir dirb rmdir2 0>438>01 Canno" remove dirb7 (pera"ion no" permi""ed7 Y
580
A ! Securi"y
As user Cus"in2 dele"e "he 6ile, and direc"ory you, Cus"in2, crea"ed2
Y id uidQ20E?Cus"in2A gidQ1?s"a66A Y cd *tmp Y rm 5ile! Y rmdir dir! Y ls .l 5ile! ls2 0>4383E1 The 6ile 6ileb does no" e:is"7 Y ls .ld dir! ls2 0>4383E1 The 6ile dirb does no" e:is"7 Y
As user Cus"in dele"e "he 6ile and direc"ory you, Cus"in, crea"ed2
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y cd *tmp Y rm 5ilea Y rmdir dira Y ls .l 5ilea ls2 0>4383E1 The 6ile 6ilea does no" e:is"7 Y ls .ld dira ls2 0>4383E1 The 6ile dira does no" e:is"7 Y
581
A ! Securi"y
Hou can also revo5e mul"iple permissions simul"aneously 6rom a permission group se"7 %ac5 in Cus"in ,indo,2
Y p/d +home+Cus"in Y ls .ld dir2 dr8:r8:r8: 2 Cus"in dba Y chm$d u.r/) dir2 Y ls .ld dir2 d888r8:r8: 2 Cus"in dba Y 24> <ov 0> 1E2E1 dir2
Above ,e simul"aneously revo5ed "he read, ,ri"e and e:ecu"e permissions 6rom "he group and o"hers+,orld permission bi" se" 6or "his direc"ory7
A ! %asic Sys"em Adminis"ra"ion 582
A ! Securi"y
To se" a 6ile permission 6or all permission se"s, use "he a op"ion "o "he chmod command2
Y chm$d a?r/ 5ilea Y ls .l 5ilea 8r,8r,8r,8 1 Cus"in s"a66 Y
<o, all permission se"s o,ner, group, and o"her+,orld have read ,ri"e access "o "he 6ile7 To unse" all permission se"s "o all2
Y chm$d a? 5ilea Y ls .l 5ilea 8888888888 1 Cus"in s"a66 Y
Y date C 5ilea The 6ile access permissions do no" allo, "he speci6ied ac"ion7 5sh2 6ilea2 0E038004 Canno" crea"e "he speci6ied 6ile7 Y cat 5ilea ca"2 0>428040 Canno" open 6ilea7 Y %*5ilea 5sh2 7+6ilea2 0E03800> *:ecu"e permission denied7
583
A ! Securi"y
Hou can change "he permission bi" mode o6 a 6ile using numeric represen"a"ions o6 "he permission via "he chmod command7 The chmod command has "he 6ollo,ing numerical represen"a"ion 6or 6ile permissions in ;ni:2 8 0 Q <o permission bi" se" 8 1 Q *:ecu"e permission bi" 8 2 Q )ri"e permission bi" 8 E Q $ead permission bi" *ach permission bi" se" ge"s one number, "hree "o"al 6or each permission bi" se"2 o,ner, group, and o"her+,orld7 See upcoming e:amples 6or an elabora"ion on "his s"a"emen"7
584
A ! Securi"y
To give "he o,ner o6 6ilea e:ecu"e?1A permission only "ype in2
Y ls .l 5ilea 8888888888 1 Cus"in s"a66 Y chm$d 100 5ilea Y ls .l 5ilea 888:888888 1 Cus"in s"a66 Y G2 <ov 0> 13230 6ilea
585
A ! Securi"y
To give "he o,ner o6 6ilea read?EA permission only2
Y ls .l 5ilea 88,8888888 1 Cus"in s"a66 Y chm$d 400 5ilea Y ls .l 5ilea 8r88888888 1 Cus"in s"a66 Y G2 <ov 0> 13230 6ilea
586
A ! Securi"y
To give "he group o6 6ilea ,ri"e?2A permission only2
Y ls .l 5ilea 888888:888 1 Cus"in s"a66 Y chm$d 020 5ilea Y ls .l 5ilea 88888,8888 1 Cus"in s"a66 Y G2 <ov 0> 13230 6ilea
58'
A ! Securi"y
To give o"hers+,orld e:ecu"e?1A permission only on 6ilea
Y ls .l 5ilea 8888r88888 1 Cus"in s"a66 Y chm$d 001 5ilea Y ls .l 5ilea 888888888: 1 Cus"in s"a66 Y G2 <ov 0> 13230 6ilea
588
A ! Securi"y
To give ,orld+o"hers read?EA permission only on 6ilea
Y ls .l 5ilea 88888888,8 1 Cus"in s"a66 Y chm$d 004 5ilea Y ls .l 5ilea 8888888r88 1 Cus"in s"a66 Y G2 <ov 0> 13230 6ilea
589
A ! Securi"y
<o"e, ,ha" happened you los" "he o,nership o6 "he previous permission bi" every"ime ,e did "his, so "o re"ain our previous permission bi" se""ing ,e Cus" include "ha" in "he number represen"a"ion7 *:ample, 6irs" clear ou" all permission 6or 6ilea, ,hich ,ould be cleared using 0, since 0 means no permissions, and ,e do "ha" 6or all "hree permission bi" se"s2
Y ls .l 5ilea 8888888r88 1 Cus"in s"a66 Y chm$d 000 5ilea Y ls .l 5ilea 8888888888 1 Cus"in s"a66 Y G2 <ov 0> 13230 6ilea
<o, in "his e:ample ,e ,an" "he o,ner o6 6ilea "o have read?EA permission, "he group "o have e:ecu"e?1A permission, and o"hers+,orld "o have ,ri"e?2A permission2
Y chm$d 412 5ilea Y ls .l 5ilea 8r8888:8,8 1 Cus"in s"a66 Y
590
A ! Securi"y
Le"s say you ,an"ed each permission group se" "o have mul"iple permission, 6or ins"ance, you ,an"ed "he o,ner o6 "he 6ile "o have read?EA, ,ri"e?2A, and e:ecu"e?1A permission2
Y chm$d 400 5ilea Y chm$d 200 5ilea Y chm$d 100 5ilea Y ls .l 5ilea 888:888888 1 Cus"in s"a66 Y chm$d 42100 5ilea Y ls .l 5ilea 888:88S888 1 Cus"in s"a66 Y
.o, do you se" mul"iple permission bi"s "o a permission se" ,i"h "he chmod command using numbers9
=<JK<6FFF
A ! %asic Sys"em Adminis"ra"ion 591
A ! Securi"y
Hou sum all o6 "he desired permission bi" numerical values up and "hen Cus" apply "ha" number "o "he command7 So remember, in our 6irs" e:ample, ,e ,an" "he o,ner o6 "he 6ile "o have read?EA, ,ri"e?2A, and e:ecu"e?1A permission7
&wner
A ! %asic Sys"em Adminis"ra"ion
Gro3p
592
&t#er
A ! Securi"y
Y ls .l 5ilea 8888888888 1 Cus"in s"a66 Y chm$d '00 5ilea Y ls .l 5ilea 8r,:888888 1 Cus"in s"a66 G2 <ov 0> 13230 6ilea
593
A ! Securi"y
To give "he o"hers+,orld, read, and ,ri"e permission only, E ] 2 Q >2
Y chm$d '56 5ilea Y ls .l 5ilea 8r,:r8:r,8 1 Cus"in s"a66 Y
594
A ! Securi"y
To unders"and ho, "hose numbers2 1 6or e:ecu"e, 2 6or ,ri"e, and E 6or read, are assigned, ,e mus" "hin5 binary 0 ?1Bs and 0BsA7 To illus"ra"e and e:ample le" us say "ha" you ,an"ed a 6ile "o have "he 6ollo,ing permission se"2 8r,: r8: r,8 Tha" is o,ner2 read, ,ri"e, e:ecu"e7 Group2 read, e:ecu"e, and ("hers+,orld2 read, and ,ri"e7
595
A ! Securi"y
To de"ermine ,hich number represen"s ,hich permission you use a binary char"7 Hou pu" a 1 under each permission bi" se", and a 0 under each 0 ?hypenA, ,hich means no permission bi" se" here7 $emember our desired permission se" 6or a 6ile2 8r,: r8: r,8
Direc"ory9
$ead9
)ri"e9
*:ecu"e9
$ead9
)ri"e9
*:ecu"e9
$ead9
)ri"e9
*:ecu"e9
&wner
Gro3p
&t#er
596
A ! Securi"y
Hou are Cus" "urning on and o66 bi"s, and summing up "he binary values o6 "hose on and o66 bi" posi"ions2 (,ner2 .r/) 4 1 2 1 1 1
Decimal represen"a"ion o6 "he binary bi" coun" above is2 4 2 2 2 1 ? '% Group2 r.) 4 1 2 0 1 1
A ! Securi"y
(,ner2 .r/.
4 1
2 1
1 0
`.E.D.
Y chm$d 000 5ilea Y ls .l 5ilea 8888888888 1 Cus"in s"a66 Y chm$d '56 5ilea Y ls .l 5ilea G2 <ov 0> 13230 6ilea
.r/)r.)r/.
Y
1 Cus"in s"a66
598
A ! Securi"y
Hou can change "he group o,nership o6 a 6ile, or direc"ory ,i"h "he ;ni: chgrp command7
Y ls .l 5ilea 8r,:r88r,8 1 Cus"in dba Y G2 <ov 0> 13230 6ilea
<o"ice ho, "he second permission bi" se" does no" have an :, so "ha" means anyone in "he same group canno" run "his shell scrip", so le"Bs give "he group permission bi" e:ecu"e permission2
Y chm$d #2) 5ilea Y ls .l 5ilea 8r,:r8:r,8 1 Cus"in dba Y G2 <ov 0> 13230 6ilea
599
A ! Securi"y
<o, go "o "he Cus"in2 user ,indo, and a""emp" "o run "he shell scrip"7
Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y *h$me* ustin*5ilea 5sh2 +home+Cus"in+6ilea2 0E03800> *:ecu"e permission denied7 Y
This 6ailed because ,e gave "he group e:ecu"e permission, and user Cus"in2 is no" in "he dba group, ,hich is "he o,ner group o6 "he +home+Cus"in+6ilea shell scrip"7 To correc" "his ,e can ei"her pu" user Cus"in2 in"o "he dba group, change "he ,orld+o"her e:ecu"e permission, or change "he shell scrip"Bs group o,nership "o s"a66, so Cus"in2 can e:ecu"e i"7 )e do "his by becoming "he roo" user, and "hen using "he ;ni: chgrp command2
Y su . roo"Ts 'ass,ord2 I id uidQ0?roo"A gidQ0?sys"emA groupsQ2?binA,3?sysA,D?securi"yA,G?cronA,10?audi"A,11?lpA I ls .l *h$me* ustin*5ilea 8r,:r8:r,8 1 Cus"in dba I ch#rp sta55 *h$me* ustin*5ilea I ls .l *h$me* ustin*5ilea 8r,:r8:r,8 1 Cus"in s"a66 G2 <ov 0> 13230 +home+Cus"in+6ilea G2 <ov 0> 13230 +home+Cus"in+6ilea
600
A ! Securi"y
Type in e:i", "o ge" bac5 "o user Cus"in2, and "hen a""emp" "o e:ecu"e "ha" shell scrip" again7 <o, "he e:ecu"ion a""emp" ,ill succeed7
I e)it Y id uidQ2GG?Cus"in2A gidQ1?s"a66A Y ls .l *h$me* ustin*5ilea 8r,:r8:r,8 1 Cus"in s"a66 Y *h$me* ustin*5ilea .ello SHELL SCRIP P!"SES #$R HREE SEC$N%S This is a simple shell scrip" in ;ni: Y G2 <ov 0> 13230 +home+Cus"in+6ilea
601
A ! Securi"y
The umas5 de"ermines ,ha" "he de6aul" permissions o6 a 6ile and+or direc"ory ,ill be in ;ni:7 )hen you crea"e a 6ile, i"Bs de6aul" permission is r, 6or "he o,ner, r only 6or "he group, and r only 6or everyone else+,orld7 $e"urn "o user Cus"in2
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y cd Y p/d +home+Cus"in Y t$uch 5iled Y ls .l 5iled 8r,8r88r88 1 Cus"in dba Y
602
A ! Securi"y
)hen you crea"e a direc"ory, i"Bs de6aul" permission is r,: 6or "he o,ner, r: only 6or "he group, and r: only 6or everyone else+,orld7
Y m8dir dird Y ls .ld dird dr,:r8:r8: 2 Cus"in dba Y
Chec5 "he curren" umas5 value7 The 6ollo,ing umas5 value is "he de6aul" 6or all users2
Y umas8 022 Y
603
A ! Securi"y
Change "he umas5 so all subseMuen" 6iles, and direc"ories crea"ed in "his userBs shell ,ill by de6aul" have read permission only 6or "he user permission group, ,ri"e permission only 6or "he group permission group, and read, ,ri"e only 6or "he o"her+,orld permission group2
Y umas8 u?r9#?/9$?r/ Y umas8 0341 Y umas8 .7 uQr,gQ,,oQr, Y t$uch 5ilee Y ls .l 5ilee 8r888,8r,8 1 Cus"in dba Y m8dir dire Y ls .ld dire dr888,8r,8 2 Cus"in dba Y
604
A ! Securi"y
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y umas8 0341
Go "o "he user Cus"in2Bs ,indo, and chec5 "he umas57 <o"ice ho, i" is "he de6aul" ;ni: umas5 value, 0227 Tha" is because "he umas5 se""ing is per user shell session2
Y id uidQ20E?Cus"in2A gidQ1?s"a66A Y umas8 022 Y t$uch 5ilee Y ls .l 5ilee 8r,8r88r88 1 Cus"in2 s"a66 Y m8dir dire Y ls .ld dire dr,:r8:r8: 2 Cus"in2 s"a66 Y
605
A ! Securi"y
$emain in "he user Cus"in2Bs ,indo,7 Le"Bs discuss "he umas5 number2
Y umas8 022 Y
The umas5 command ,or5s ,i"h numbers Cus" as "he chmod command does, as ,e have seen earlier, bu" "he di66erence is "he umas5 command ac"ually sub"rac"s "he numbers 6rom D 0 *very permission se" ?r,:A7 De6aul" umas52 K/ner: '(r/)) 0 ? r/) 4(r)?$n9 /(2)?$n9 )(1)?$n ) 5$r direct$ries $nlH% &r$up: '(r/)) 2 ? 5 4(r)?$n9 /(2)?$559 )(1)?$n ) 5$r direct$ries $nlH% Kther: '(r/)) 2 ? 5 4(r)?$n9 /(2)?$559 )(1)?$n ) 5$r direct$ries $nlH%
A ! %asic Sys"em Adminis"ra"ion 606
A ! Securi"y
Go bac5 "o "he Cus"in userBs ,indo,
Y id uidQ203?Cus"inA gidQ20E?dbaA groupsQ1?s"a66A Y umas8 0341 Y
K/ner: '(r/)) 3 ? 4(r) 4(r)?$n9 /(2)?$559 )(1)?$55 ) 5$r direct$ries $nlH% &r$up: '(r/)) 5 ? 2(/) 4(r)?$559 /(2)?$n9 )(1)?$55 ) 5$r direct$ries $nlH% Kther: '(r/)) 1 ? 6 4(r)?$n9 /(2)?$n9 )(1)?$55 ) 5$r direct$ries $nlH%
60'
A ! Securi"y
Y umas8 0341 Y ls 8l 6ilee 8r.../.r/. 1 Cus"in dba Y ls .ld dire dr.../.r/. 2 Cus"in dba Y
Direc"ory9 $ead9
&wner
Gro3p
&t#er
A ! Securi"y
(ne more e:ample, se" "he umas5 "o 442 0 D84 Q 2?,A, D84 Q 2?,A, D82 Q 4?r:A2
Y umas8 552 Y umas8 0442 Y umas8 .7 uQ,,gQ,,oQr: Y t$uch 5ile5 Y ls .l 5ile5 88,88,8r88 1 Cus"in dba Y m8dir dir5 Y ls .ld dir5 d8,88,8r8: 2 Cus"in dba Y
The e:ecu"e permission is never se" 6or a 6ile by de6aul", and i" is se" 6or a direc"ory7
A ! %asic Sys"em Adminis"ra"ion 609
A ! So6",are &anagemen"
610
So6",are &anagemen"
A ! delivers opera"ing sys"em 6i:es, and ne, 6ea"ures and hard,are suppor" in so6",are pac5ages 5no,n as pa"ches7 An A ! Technology Level, 6ormally 5no,n as &ain"enance Levels, provide suppor" 6or ne, 6ea"ures and hard,are7 They are released ",ice a year, and are suppor"ed 6or ",o years by %&7 Technology Levels are cumula"ive, and also con"ain pas" Service pac5s7 An A ! Service 'ac5 provides 6i:es "o A ! opera"ing sys"em problems7 " is used "o address problems be",een Technology Levels7 Service pac5s are cumula"ive7 A'A$s 0 Au"horiFed 'rogram Analysis $epor"7 s a repor" o6 an opera"ing sys"em problem ei"her discovered by cus"omers in "he 6ield, or by %& developmen" "hemselves7 A'A$s are ,rapped up in Service pac5s, ,hich are ,rapped up in Technology Levels, ,hich are ul"ima"ely ,rapped in up ne,er A ! versions, and levels7 'T/s Q 'rogram Temporary /i:es are ,ha" you do,nload be",een service pac5s "o 6i: 5no,n problems ,i"h "he opera"ing sys"em ,hich may a66ec" a large number o6 cus"omers 0 i7e7 problem is ,i"h base code o6 A !7 e8/i:es, are usually developed by %& 6or a par"icular cus"omer7 They usually donB" address common problems7 6 "hey do, "hey are usually emergency 6i:es ,hich canB" ,ai" 6or service pac5s, li5e securi"y advisories, e"c77 The A ! ins"6i: command is used "o ins"all A'A$s, 6i:es, in A !7 The A ! ins"allp command is used "o ins"all %&, and %& suppor"ed so6",are 6orma", L'', in A !7
611
So6",are &anagemen"
These A ! opera"ing sys"em 6i:es can be ob"ained 6rom "he %& A ! /i: Cen"ral ,eb si"e, and you can use ei"her /T', or a #ava apple" "o do,nload "hem7
612
So6",are &anagemen"
So6",are ,hich is dis"ribu"ed in L'' 6orma" 0 Licensed 'rogram 'roduc", are ins"alled ,i"h "he ins"allp command, or smi""y ins"allp 6as" pa"h7 Go"o a direc"ory ,here have s"aged some so6",are, 6or "his class7 "Bs in a s"andard loca"ion 6or s"aging so6",are on A ! sys"ems a" +usr+sys+ins"7images
I cd *usr*sHs*inst%ima#es I smittH installp
613
So6",are &anagemen"
Type in a 7 , do", here7 This ,ill represen" "he curren" direc"ory you ,ere in ,hen you s"ar"ed smi""y7 Typically "he so6",are ,ould be on removable so6",are such as a cd7 n "ha" case you ,ould "ype in cd07
614
So6",are &anagemen"
'ress W/EX over "he S(/T)A$* "o ins"all 6ield, "o genera"e a pic5 lis" o6 so6",are, L''s, on "he ins"alla"ion media, "his case "he direc"ory available "o be ins"alled7 &ove do,n "o a so6",are pac5age ,e ,an" "o ins"all7 This one is called "ivoli7"sm7devices7ai:47r"e7 The ] sign ne:" "o "he 6ilese" indica"es i" is no" ins"alled, a _ sign ne:" "o "he 6ilese" ,ould indica"e "ha" i" is ins"alled7 'ress W/DX ,hen you have "he 6ilese" highligh"ed you ,an" "o ins"all7
615
So6",are &anagemen"
Hou should selec" a 'revie, 6irs"7 This ,onB" ac"ually ins"all "he so6",are7 This ,ill go "hrough a non8in"rusive "es" run "o "es" i6 "here are any problems, such as missing pre8reMs, e"c77
616
So6",are &anagemen"
DonB" 6orge" "he accep" "he license agreemen"7
61'
So6",are &anagemen"
(nce "he previe, goes "hrough o5, "hen press W/3X "o move bac5 "o "he previous smi" menu7
618
So6",are &anagemen"
<o,, change "he previe, "o no, and hi" en"er again "o ins"all "he so6",are 6or real "his "ime7
619
So6",are &anagemen"
)hen i"Bs done ins"alling hi" W/10X "o e:i" smi""y, and "hen le"Bs veri6y "he so6",are is no, ins"alled on "he sys"em ,i"h an lslpp command7
620
So6",are &anagemen"
I installp ., ins"allp2 <o 6ilese"s ,ere 6ound in "he So6",are -i"al 'roduc" Da"abase "ha" could be cleaned up7 I lppch8 .( I lslpp .l ti($li%tsm%de(ices%ai)5%rte /ilese" Level S"a"e Descrip"ion 8888888888888888888888888888888888888888888888888888888888888888888888888888 'a"h2 +usr+lib+obCrepos "ivoli7"sm7devices7ai:47r"e 4737070 C(&& TT*D %& Tivoli S"orage &anager Device Suppor" run"ime 'a"h2 +e"c+obCrepos "ivoli7"sm7devices7ai:47r"e 4737070 C(&& TT*D %& Tivoli S"orage &anager Device Suppor" run"ime I
621
So6",are &anagemen"
6 you ,an"ed "o learn "he da"e, and "ime a 6ilese" ,as ins"alled, use "he 0h op"ion "o "he lslpp command7
I date Sa" Sep 12 1>232222 CDT 2001 I lslpp .h ti($li%tsm%de(ices%ai)5%rte /ilese" Level Ac"ion S"a"us Da"e Time 8888888888888888888888888888888888888888888888888888888888888888888888888888 'a"h2 +usr+lib+obCrepos "ivoli7"sm7devices7ai:47r"e 4737070 C(&& T C(&'L*T* 01+12+01 1>22124G 'a"h2 +e"c+obCrepos "ivoli7"sm7devices7ai:47r"e 4737070 C(&& T I
C(&'L*T*
01+12+01
1>221241
622
So6",are &anagemen"
All 6ilese"s have levels re6erred "o as -7$7&7LR -ersion $elease &odi6ica"ion Level7 6 ,e ,an"ed "o upgrade "ha" "ivoli7"sm7devices7ai:47r"e level 6rom 4737070, ,hich is i"Bs base "o 473737277 )e could ins"all ,i"h an A''LH op"ion7 )ha" "his op"ion ,ill do is i" ,ill ins"all "he ne, level, 4737372, bu" save a copy o6 "he old level 47370707 This ,ill give "he users, some "ime "o "es" and veri6y "ha" "he upgrade did no" brea5 any"hing7 (nce "hey con6irm "hem you can C(&& T "he upgrade7 <o"e, i6 "here ,as a problem ,i"h "he upgrade and you have "o go bac5 "o "he base, "hen you ,ould per6orm a $*#*CT o6 "he 4737372 level, "o rever" bac5 "o "he 4737070 base level7 <o"e, once a level is C(&& TT*D i" canno" be $*#*CT*D7
623
So6",are &anagemen"
To deins"all so6",are 6rom "he sys"em7 Go bac5 in"o smi""y ,i"h "he ins"all 6as"pa"h li5e so7
I smittH install
624
So6",are &anagemen"
625
So6",are &anagemen"
.i" W/EX "o genera"e a pic5 lis" o6 6ilese"s ,hich are curren"ly ins"alled on "he sys"em, ,hich you could selec" "o de8ins"all7
626
So6",are &anagemen"
;se "he + 5ey "o bring up a search bo:7 Type in "ivoli7"sm7devices as our search s"ring7
62'
So6",are &anagemen"
'ress W/DX "o selec" i" 6or de8ins"alla"ion7
628
So6",are &anagemen"
Hou could also do a previe, only 6or "he deins"all Cus" as you could 6or "he ins"all7 Change "ha" "o no 6or "his lab7 Also selec" $*&(-* dependen" so6",are ,as ,ell7
629
So6",are &anagemen"
'ress W*<T*$X "o deins"all "he so6",are7
630
So6",are &anagemen"
<o,, an lslpp command ,ill veri6y "ha" "he 6ilese" has been deins"alled7
I installp ., ins"allp2 <o 6ilese"s ,ere 6ound in "he So6",are -i"al 'roduc" Da"abase "ha" could be cleaned up7 I lppch8 .( I lslpp .l ti($li%tsm%de(ices%ai)5%rte lslpp2 /ilese" "ivoli7"sm7devices7ai:47r"e no" ins"alled7 I
631
632
633
634
Sys"em con6igura"ion2 lcpuQ2 en"Q0710 modeQ;ncapped 102E>22> 102E>22D 102E>22G 102E>221 Average I ^usr 1 1 2 1 ^sys ^,io ^idle physc ^en"c 4 0 1E 0701 17> 3 0 1> 0701 >7E E 0 1E 0701 G7D E 0 14 0701 G72
635
636
'ageSiFe 'oolSiFe inuse pgsp pin vir"ual s E @% 8 1E31GE 1324 22>3G 11G1G m >E @% 8 EG03 0 2>11 EG03 I
63'
638
639
640
641
642
643
644
645
646
I ras$ .a bios"a" Q 0 5ernNheapNnoe:ec Q 0 5ernelNnoe:ec Q 1 mbu6NheapNnoe:ec Q 0 m"rcNcommonbu6siFe Q 4ED m"rcNenabled Q 1 m"rcNrarebu6siFe Q 2D "pro6NcycNmul" Q 1 "pro6Nev"Nmul" Q 1 "pro6Nev"Nsys"em Q 1 "pro6Nins"N"hreshold Q 1000 I
64'
648
<o"ice ho, i" rever"ed bac5 "o i"Bs de6aul" value 10GG, ra"her "han 5eep "he modi6ied value o6 2000 persis"en"7 Change i" again2
I (m$ .$ ma)5ree?2000 Se""ing ma:6ree "o 2000 I vmo 8L ma:6ree <A&* C;$ D*/ %((T & < &A! ;< T D*'*<D*<C *S 88888888888888888888888888888888888888888888888888888888888888888888888888888888 ma:6ree 2000 10GG 10GG 1> 201D14 E@% pages min6ree memoryN6rames 88888888888888888888888888888888888888888888888888888888888888888888888888888888 I TH'* D
Loo5 a" "he %((T value, ,e much change "ha" "o 20007
A ! %asic Sys"em Adminis"ra"ion 649
TH'* D
As you can see i" says i" appended "his value "o "he ne:"boo" 6ile7 The 6ile i" is re6erring "o is a 6ile in "he direc"ory +e"c+"unables7 There are "hree con6igura"ion 6iles in "ha" direc"ory ,hich allo, you "o se" "hese per6ormance parame"ers "o non8de6aul" values upon all subseMuen" sys"em reboo"s7
650
1G140 Dec 03 1020> las"boo" E33 Dec 03 1020> las"boo"7log E3D Dec 03 10210 ne:"boo"
I tail ne)t!$$t I C('H$ G.T n"erna"ional %usiness &achines Corp7 2002 I All $igh"s $eserved I I ;S Governmen" ;sers $es"ric"ed $igh"s 8 ;se, duplica"ion or I disclosure res"ric"ed by GSA AD' Schedule Con"rac" ,i"h %& Corp7 I I %&N'$(L(GN*<DNTAG (m$: ma)5ree ? B2000B
651
652
1G111 Dec 03 10214 las"boo" E4D Dec 03 10214 las"boo"7log E3D Dec 03 10210 ne:"boo"
8 The las"boo" 6ile provides a bac5up o6 ho, your "uning per6ormance parame"ers loo5ed prior "o your change7 8 The las"boo"7log 6ile provides a log o6 ,ha" ,as changed 6rom a per6ormance "uning parame"er perspec"ive during las" sys"em reboo"7
A ! %asic Sys"em Adminis"ra"ion 653
654
655
656
65'
658
659
660
661
&'10(
A ! %asic Sys"em Adminis"ra"ion 662
663
664
665
666
.as "he abili"y "o per6orm incremen"al level bac5ups7 .as "he abili"y "o per6orm advanced "ape ,ri"ing me"hods7 .as "he abili"y "o bac5up and res"ore ra, logical volumes7
66'
668
669
6'0
6'2
A ! Sys"em L'A$S
There is a special 6irm,are componen" o6 '()*$ sys"ems, all models, 5no,n as "he 'o,er .ypervisor 0 '.H'7 The 'o,er .ypervisor con"rols vir"ualiFa"ion on a '()*$ sys"em7 " is al,ays ac"iva"ed and handles "he separa"ion o6 "he di66eren" L'A$s, as 6ar as resource assignmen"s, e"c7 " also ensures "ha" one L'A$Bs opera"ing sys"em does no" in"er6ere ,i"h "he opera"ing sys"em o6 ano"her L'A$, e"c7 )hen a sys"em 6irs" ships 6rom %&, by de6aul", i"Bs a s"andalone sys"em7 The 'o,er .ypervisor is ac"ive and "here is only one L'A$ ,hich is named a6"er "he serial number o6 "he sys"em i"sel6, and "ha" L'A$ o,ns every resource on "he sys"em, i7e7 memory, C';s, and +( slo"s7 This is 5no,n as a 6ull sys"em par"i"ion7 Hou can alloca"e processors+C';s as a dedica"ed processor, or a shared processor7 <o"e, you need a" leas" "he 'o,er-& e:press edi"ion "o "a5e advan"age o6 microprocessors7 O
A ! %asic Sys"em Adminis"ra"ion 6'3
6'4
O There are e:cep"ions "o "his s"a"emen"7 'lease re6er "o "he -& 0 n"egra"ed -ir"ualiFa"ion &anager sec"ion 6or de"ails7
6'5
6''
6'8
6'9
680
681
682
683
684
685
686
68'
688
689
690
691
%& 'o,er-&
%& 'o,er-& 0 Licensed so6",are+6irm,are 6ea"ure ,hich enables %& vir"ualiFa"ion "echnology on %& '()*$ sys"ems7 %& 'o,er-& ,as 6ormerly 5no,n as A'- 0 Advanced 'o,er -ir"ualiFa"ion7 %& 'o,er-& is available in "hree edi"ions2
8 8 8 %& 'o,er-& *:press *di"ion %& 'o,er-& S"andard *di"ion %& 'o,er-& *n"erprise *di"ion
*ach edi"ion o66ers speci6ic limi"a"ions, or addi"ional 6ea"ures, as rela"ive "o one ano"her7
692
%& 'o,er-&
&icroprocessors, a757a7 shared processors, allo, you "o carve up "he processor+C'; i"sel6 in"o "ime slices, and assign "hose "ime slices "o L'A$s, ,he"her "han ,hole dedica"ed processors+C';s7 *ven "hough you are only carving up a 6rac"ion o6 "he processor+C'; 6or an L'A$7 The L'A$ sees i" as a ,hole processor7 Hou can carve up a processor+C'; in granuler uni"s o6 1+10"h o6 "he processor+C'; 0 so one millisecond 0 ?1+10"h ou" o6 one "ime sice 10 millisecondsA7 A6"er you s"ais6y a" leas" "he minimum 1+10"h processor+C'; reMuiremen" 6or an L'A$, you can "hen go even more granular in processor+C'; slicing, and carve i" up in 1+100"h uni"s7 Hou can have a mi:"ure o6 dedica"ed, and shared processors+C'; L'A$s on one managed sys"em7
693
694
695
696
69'
698
699
'00
A ! Advanced Topics
A ! $%AC, $ole %ased Access Con"rol, sys"em securi"y7 )or5load 'ar"i"ions 0 )'A$s 'o,er.A 0 /ormerly 5no,n as .AC&'7 A ! sys"em clus"ering7 *ncryp"ed /ilesys"ems7 )eb+G; version o6 "he opera"ing sys"em ins"alla"ion, and S& T in"er6ace7 Trus"ed A !7 S"andard, and *n"erprise *di"ion o6 A !7 A ! )L& 0 )or5 Load &anager A ! securi"y audi"ing A ! resource accoun"ing A ! Linu: a66ini"y7 'er6ormance "ools7 ;ni: shell scrip"ing 0 programming7 A ! %asic Sys"em Adminis"ra"ion '01
'02