Sie sind auf Seite 1von 142

Sol ution

Solution
-

Match t h e fo l l ow i n g ite m s to t h e i r cou nterparts i n t h e ta b l e.

Req u ested m a t c h to fi n d Pa tte r n s

O n l y f i l e n a m es beg i n n i n g w i t h " b " b*


-

O n l y f i l e n a mes e n d i n g i n " b " *b


-

O n l y f i l e n a m es c o n ta i n i n g a " b " *b*


-

O n l y f i l e n a m es w h e re f i rst c h a ra c t e r i s not " b " [ ! b] *


-

-
O n l y f i l e n a m es at l east 3 c h a racters i n l e n g t h ???*

O n l y f i l e n a m es t h a t conta i n a n u m be r * [ [:digit:] ] *

-
O n l y f i l e n a m es t h a t beg i n w i t h a n u p p e r-case l ette r [ [: u pper: ] ] *

- R H 1 24- R H E L7-e n-1-201 40606 53

-
-

C h a pter 2. M a n a g i n g F i l es Fro m t h e C o m m a n d L i n e
-

L a b : M a n a g i n g F i l es wit h S h e l l Expa n s i o n
-

Perfor mance checkl ist -

I n t h i s l a b, you w i l l c reate, m ove, a n d re m ove f i l es a n d fo l d e rs u s i n g a variety of fi l e n a m e


matc h i n g s h o rtcuts. -

Outcomes:
Fa m i l ia rity and p ractice with many fo r m s of w i l d c a rd s for l o ca t i n g and u s i n g f i l es. -

Before you begin ...


Perform the fo l l ow i n g steps o n serverX u n l ess d i rected ot h e rw i se. Log in a s s t ud e n t a n d beg i n
t h e l a b i n t h e h o m e d i recto ry.

1. To b e g i n , c reate sets o f e m pty p ractice f i l e s to u s e i n t h i s l a b. I f a n i n t e n d e d s h e l l e x pa n s i o n -

s h o rtcut i s n ot i m m e d i a t e l y recog n ized, st u d ents a re e x p e c t e d to u s e t h e s o l u t i o n to l e a r n


a n d practi ce. Use s he l l t a b co m p l et i o n to l ocate f i l e pat h n a m e s e a s i l y.

C reate a tota l of 12 f i l e s with n a m e s tv_seasonX_episodeY . ogg. R e p l a ce X w i t h t h e


season n u m ber a n d Y w i t h t h a t season's e p i sode, f o r t w o s e a s o n s o f s i x e p i sodes e a c h .

2. A s t h e author of a s u ccessf u l series of myste ry nove l s , yo u r next bestse l l e r ' s


c h a pters a re bei n g ed ited f o r p u b l is h i n g . C reate a tota l of e i g h t f i l e s w i t h n a mes
mys t e ry_ch ap t e rX . odf. R e p l a c e X with t h e n u m be rs 1 t h ro u g h 8. -

3. To o rg a n ize the TV e p isod es, c reate two s u b d i rectories n a m e d seasonl and season2 u n d e r
t h e exist i n g Videos d i recto ry. U s e o n e com m a n d .
-

4. M ove t h e a p p ropriate TV episodes i nto t h e season s u b d i recto r i es. U s e o n l y two c o m m a n d s ,


specify i n g desti n a t i o n s u s i n g re l a t ive syntax.

5. To o rg a n ize t h e mystery book c h a pters, c reate a two- level d i rectory h i e ra rc hy w i t h o n e


c o m m a n d . C reate my_b e s t s e lle r u nd e r t h e exist i n g Documen t s d i recto ry, a n d c h a p t e r s
b e n e a t h t h e n e w my_bes t selle r d i recto ry. -

6. U s i n g o n e c o m m a n d , c reate t h ree more s u b d i rectories d i re ct l y u n d e r t h e my_be st selle r


d i recto ry. N a m e these s u b d i rectories edi t o r , plot_ch a nge, a n d vaca t ion. The create -

parent option is not n e e d e d s i n c e t h e my_b e s t selle r parent d i rectory a l ready exists.

7. C h a n g e to t h e chap t e r s d i recto ry. U s i n g t h e h o m e d i rectory s h o rtcut to specify t h e -

s o u rce f i l es, move a l l book c h a pters i nto t h e c h ap t e r s d i recto ry, w h i c h i s n o w yo u r c u rrent


d i recto ry. What i s t h e s i m p l est syntax to spec ify t h e dest i n at i o n d i rectory?
-
8. The fi rst two c h a pters a re sent to the editor for revi ew. To re m e m b e r to not mod ify t hese
c h a pters d u ri n g t h e rev i ew, m ove t h ose two c h a pters o n l y to the e d i t o r d i rectory. Use
relative syntax sta r t i n g from the c h a p t e r s s u b d i rectory. -

9. C h a pt e rs 7 a n d 8 w i l l be w ritten w h i l e o n vacat i o n . M ove t h e f i l es from chapt e r s to


vac a t ion. Use one com m a n d w i t h o u t w i l d c a rd c h a racte rs. -

10. With one c o m m a n d , c h a n g e t h e w o r k i n g d i rectory to the s e a s o n 2 T V e p i sodes l ocat i o n , t h e n


copy t h e fi rst episode o f t h e s e a s o n to t h e vacat ion d i recto ry.
-

54 R H 1 24- R H E L 7-en-1 -20140606 -

-
-

Perfo r m a n c e check l i st
-

11. W i t h o n e co m m a n d , change t h e work i n g d i rectory to vacation, then l ist its f i l es. Episode
2 i s a l so needed. Ret u r n to t h e season2 d i rectory using the previous working directory
-
s h o rtcut. T h i s w i l l s u cceed if t h e l a st d i rectory c h a n g e was acco m p l i shed w i t h o n e com m a n d .
C o p y t h e e p i s o d e 2 f i l e i nto vac ation. Ret u r n to vacat ion u s i n g t h e s h o rtcut a g a i n .

- 12. C h a pters 5 a n d 6 may need a p l ot c h a n g e. To p revent t h ese c h a n g es f r o m m o d ify i n g orig i n a l


f i l es, copy both f i l es i n to plot_change. M ove u p o n e d i rectory to vacat i o n ' s p a rent
d i recto ry, then u s e o n e co m m a n d from t h e re.

13. To t ra c k c h a n g es, m a ke t h ree backups of c h a pter 5. C h a n g e to the plot_change d i recto ry.


Copy mys t e ry_c h ap t e r s . odf as a n e w f i l e n a m e to i n c l ude t h e f u l l date ( Ye a r- M o- Da).
- M a ke a n o t h e r copy a p p e n d i n g the cu rrent t i m esta m p (as the n u m be r of seco n d s s i n ce
t h e epoch) to e n s u re a u n i q u e fi l e n a m e. A l s o m a ke a copy a p p e n d i n g t h e c u rrent user
($USER) to t h e file n a me. See t h e s o l u t i o n for t h e syntax of a n y you a re u n s u re of ( l i ke what
- a rg u m e n t s to pass t h e date).

N ote, we cou l d a l so m a ke t h e same backups of t h e c h a pte r 6 files too.


-

14. The p l o t c h a n g es were not s u ccessfu l . D e l ete t h e plot_c hange d i recto ry. F i rst, d e l ete
a l l of the f i l e s in the plot_c hange d i recto ry. C h a n g e d i rectory up one l ev e l because t h e
- d i rectory ca n n ot be d e l eted w h i l e it i s t h e w o r k i n g d i recto ry. Try to d e l ete t h e d i rectory u s i n g
t h e r m com m a n d without t h e recursive o pt i o n . T h i s att e m pt s h o u l d fa i l . Now u s e t h e rmd i r
co m m a n d , w h i c h w i l l succeed.
-

15. When t h e vaca t i o n is over, t h e vac ation d i rectory is n o longer needed. D e l ete it using the
rm co m m a n d w i t h t h e recursive option.
-
W h e n f i n i s h e d , ret u r n to t h e h o m e d i recto ry.

- R H 1 24- R H E L 7-en-1 -20140606 55


-

C h a pter 2. M a n a g i n g F i l e s Fro m t h e Co m m a n d L i n e

Solution
-

I n t h i s l a b , you w i l l c reate, m ove, a n d re m ove f i l e s a n d fo l d e rs u s i n g a va r i ety of f i l e n a m e


matc h i n g s h o rtcuts. -

Outcomes:
Fa m i l ia rity and p ractice w i t h many forms of w i l d ca rd s for l ocati n g a n d using fi l es. -

Before you begin ...


Perform the fo l l ow i n g steps o n serverX u n l ess d i rected ot herwise. Log in a s s t ud e n t a n d beg i n -

t h e l a b i n t h e h o m e d i rectory.

1. To beg i n , c reate sets o f e m pty practice f i l e s t o u s e i n t h i s l a b. I f a n i n t e n d e d s h e l l e x p a n s i o n -

s h o rtcut i s not i m m e d iately recog n ized, s t u d e n t s a re expected to u s e t h e s o l u t i o n to l e a r n


a n d practice. U s e s h e l l t a b co m p l e t i o n to l ocate f i l e path n a m es e a s i l y.
-

C reate a tota l of 1 2 fi l es with n a m es tv_seasonX_episodeY . ogg. R e p l a c e X w i t h t h e


season n u m be r a n d Y with t h a t sea s o n ' s e p i s o d e, f o r t w o seasons o f s i x e p i sodes e a c h .

I� student@serverX - ] $ touch tv_season { 1 . . 2 }_episode{ 1 . . 6 } . ogg


I [student@serverX - ] $ ls -1

2. As t h e a u t h o r o f a s u ccessfu l series o f mystery nove l s, you r next bestse l l e r ' s


c h a pters a re b e i n g ed ited f o r p u b l i s h i n g . C reate a tot a l o f e i g h t f i l es w i t h n a mes -
mys t e ry_chapt e rx . odf. Replace X with t h e n u m be rs 1 t h ro u g h 8.

! [student@serverX
[student@serverX - �'"$
��--
- ] $ t ouch myst e ry_chap t e r { 1 . . 8} . odf

I
ls - 1
---�----

-
3. To o rg a n ize t h e TV e p i sodes, c reate two s u b d i rectories n a m e d season l a n d season2 u n d e r
t h e exist i n g Videos d i rectory. Use o n e co m m a n d .

[student@serverx
[student@serverx
- ] $ mkdir Videos/seaso n { 1 . . 2 }
- ] $ ls - lR

-
4. Move the a p p ro p riate T V episodes i nto t h e s e a s o n s u b d i rectories. Use o n l y two c o m m a n d s ,
specify i n g d e st i n a t i o n s u s i n g re l a t ive syntax.

lI.�[student@serverX
tudent@serverX - ] $ mv tv_season1* Videos/season1
-

[student@serverx
- ] $ mv tv_seaso n 2 * Videos/season2
- ] $ ls - lR
-
..

5. To orga n ize t h e mystery book c h a pt e rs, c reate a two- l eve l d i rectory h i e ra rc h y w i t h o n e


com m a n d . C reate my_b e s t seller u nd e r t h e e x i s t i n g Docume n t s d i recto ry, a n d chapt e r s -

beneath t h e n e w my_b e s t seller d i recto ry.

[student@serverx
I [student@serverX
-
- ] $ mkdir - p Docume n t s /my_best selle r/chapt e r s
- ] $ ls - lR

-
56 RH124- R H E L 7-en-1-20140606

-
-

Sol ution
-

6. U s i n g o n e co m m a n d , create t h ree more s u b d i rectories d i rect l y u nd e r the my_bes t selle r


d i recto ry. N a m e these s u b d i rectories edit o r , plo t_c hange, a n d vacat ion. T h e create


ll � student@serverX -]$ � �
-
parent option is n ot needed s i n ce t h e my_b e s t selle r p a rent d i rectory a l re a d y exists.

[student@serverX -]$
mkd r Docume n t s /my_bes t s lle r / { edit o r , plot_change , vacation}
1 ls - lR
l

- 7. C h a n g e to t h e chapt e r s d i recto ry. U s i n g t h e h o m e d i rectory s h o rtcut to s p ecify t h e


s o u rce f i l es, move a l l book c h a pters i nto t h e chapt e r s d i recto ry, w h i c h is now y o u r c u rrent
d i recto ry. What i s the s i m p l est syntax to s p e c ify t h e d e s t i n a t i o n d i rectory?

1· [student@serverx -]$ cd Document s /my_be s t selle r/chapters


-

[student@serverX chapters]$
[student@serverX chapters] $
mv -/myste ry_chapte r * .
I ls - 1
L �������- �����--'

8. T h e f i rst two c h a pters a re sent to t h e editor for review. To re m e m b e r to not mod ify t h ese
-
c h a pte rs d u ri n g t h e revi ew, move those two c h a pters only to t h e editor d i recto ry. U s e
re l a t ive s y n t a x sta r ti n g from t h e chapt e r s s u b d i recto ry.

; [student@serverX chapters]$
II [student@serverx chapters]$
-
mv mys t e ry_chap t e r l . odf mys t e ry_chapte r2 . odf . . /ed i t o r

[student@serverx chapters]$
ls - 1
ls - 1 . . /editor
- L - �����

9. C h a pters 7 a n d 8 w i l l be w ritten w h i l e on va cat i o n . M ove t h e f i l es from chap t e r s to

I [student@serverX chapters]$
vacation. Use one com m a n d with out w i l d ca rd c h a racte rs.

!,.:' [ student@serverX chapters] $


i
mv mys te ry_chap t e r 7 . odf mys t e ry_chapterB . odf . . I vacation
. I

�� tudent@serverx chapters] $
ls - 1
I
..
I


-
_ ls - 1 . . /vacation

- 1 0. W i t h one co m m a n d , c h a n g e t h e work i n g d i rectory to t h e season 2 TV episodes l ocat i o n , t h e n


c o p y t h e f i rst e p isode o f t h e season to t h e vacation d i recto ry.

l
i [ student@serverx chapters]$ cd -/Videos/season2
[stud � nt@serverX season2]$ cp tv_season2_episode1 . og g
vacation
-/Document s/my_best selle r /

-
.

11. W i t h o n e co m m a n d , c h a n g e t h e work i n g d i rectory to vacation, t h e n l ist i t s f i l es. E p i s o d e


2 i s a l so n e e d e d . Ret u r n to t h e season2 d i rectory u s i n g t h e previous working directory
-
s h o rtcut. This w i l l s u cceed if t h e last d i rectory c h a n g e was acco m p l ished w i t h o n e co m m a n d .
C o py t h e episode 2 f i l e i nto vacation. Ret u r n t o vacation u s i n g t h e s h o rtcut a g a i n .

[student@serverX season2] $ cd -/Documents/my_be s t seller/vacation


[student@serverX vacation] $ ls
-

[student@serverX vacation] $ c d -
-1

- [student@serverX season2] $ cp tv_season2_episode2 . ogg -/Document s/my_best selle r/


[student@serverx vacation] $ cd -
vacation

-
[student@serverX vacation] $ ls - 1
k- - ��������- -����- -���

- R H 1 24- R H E L7-en-1-20140606 57

-
C h a pter 2. M a n a g i ng F i l e s Fro m t h e C o m m a n d L i n e

12. C h a pt e rs 5 a n d 6 may need a p l ot c h a nge. To p revent t h e s e c h a n g e s f r o m modify i n g orig i n a l


fi les, copy both f i l e s i nto plo t_c h ange. M ove u p o n e d i rectory to vac a t io n ' s parent

-i
d i recto ry, t h e n use o n e co m m a n d from t h e re.

[student@serverx
[ student@serverX
[student@serverx
vacation] $ cd . .
my_bestseller]$ cp
my_bestseller]$ ls
I
I
chap t e r s/my s t e ry_c hapt e r [ 56 ] . odf plot_change

[student@serverx my_bestseller]$ ls
- 1 chapters
- 1 plot_change
L_ ���������������������--�������������

13. To track c h a n ges, m a ke t h re e b a c k u p s of c h a pter 5. C h a n g e to t h e plot_change d i recto ry.


Copy mys t e ry_c hap t e r s . odf as a new f i l e n a m e to i n c l u d e t h e f u l l date (Year-M o-Da).
M a ke a n ot h e r copy a p p e n d i n g the c u rrent t i m esta m p (as the n u m be r of seco n d s s i nce
t h e epoch) to e n s u re a u n i q u e file n a m e. A l s o m a ke a copy a p p e n d i n g t h e cu rrent user
($USER) to t h e f i l e n a m e. See t h e s o l ution for t h e syn t a x of a ny you a re u n s u re of ( l i ke what -

a rg u m e nts to pass t h e date).

[student@serverx my_bestseller]$ cd plot_change


[student@serverx plot_change] $ c p mys t e ry_c hap t e r 5 . odf
-

mys t e ry_chapter5_$ ( da t e +

[student@serverx plot_change]$ c p myst e ry_chapt e r 5 . odf


%F ) . odf
mys t ery_chapter5_$ ( date +

[student@serverX plot_change] $ c p mys t e ry_chapt e r5 . odf


%s ) . odf

[student@serverx plot_change] $ ls
mys t e ry_chapter5_$USER . odf
-1

N ote, we cou l d a l so m a ke t h e s a m e backups o f t h e cha pter 6 f i l es too.


-
14. The p l ot c h a n ges we re not s u ccessf u l . D e l ete the plot_c h ange d i recto ry. First, d e l ete
a l l of the f i l es i n t h e plot_change d i recto ry. C h a n g e d i rectory u p one level beca u s e t h e
d i rectory can not be d e l eted w h i l e it i s t h e w o r k i n g d i recto ry. Try to d e l ete t h e d i rectory u s i n g
t h e rm c o m m a n d without t h e recursive option. T h i s atte m pt s h o u l d fa i l . N o w u s e t h e rmdir
command, w h i c h wi l l succeed.

[student@serverx plot_change] $ rm myst e r y *


-

[student@serverX plot_change] $ cd . .
[student@serverx my_bestseller]$ rm plot_c hange
rm : cannot remove ' plot_change ' : Is a directory
[student@serverx my_bestseller]$ rmdir plot_change
[student@serverX my_bestseller]$ ls -1
-

1 5. W h e n t h e vacation is ove r, t h e vacat ion d i rectory is n o l o n g e r needed. D e l ete it u s i n g t h e


r m co m m a n d with t h e recursive o p t i o n . -

W h e n f i n i s h e d , ret u r n to t h e h o m e d i rectory.

[student@serverX my_bestseller]$
[student@serverx my_bestseller]$
rm - r vacation

[student@serverX my_bestseller]$
ls - 1
cd
-

58 R H 1 24- R H E L 7-en-1-20140606
-

Solution
-

S u m m a ry
-

T h e L i n u x F i l e Syste m H i e ra rc h y
I d e ntify t h e p u rpose for top- l ev e l d i rectories i n t h e L i n u x h i e ra rc hy.
-

Locat i n g F i l e s by N a m e
I nterpret a n d a p pro priate l y u s e f u l l a n d partia l p a t h f i l e n a m e synta x .

M a n a g i n g F i l es U s i n g Co m m a n d - L i n e Too l s
Work from t h e com m a n d l i n e t o c reate, m ove, a n d d e l ete f i l es a n d d i rectories.
-

M a t c h i n g F i l e N a mes U s i n g Pat h N a m e E x p a n s i o n
Lear n how to s pecify m u lt i p l e fi l es u s i n g many w i l d ca rd tec h n i q ues.

--

- R H124- R H E L 7-en-1-20140606 59

-
-

--
1

--

--

-
I

--

-
red h at ®

®
TRAINING

C H A PT E R 3

GETTING HEL P IN RED HAT


E N TER P RISE LINUX

Overview

Goal To resolve problems by u s i ng o n - l i n e h e l p syst e m s a n d Red


H a t su pport u t i l ities.

Objectives • Use the m a n L i n u x m a n u a l read e r.

• Use t h e p i nto G N U I nfo read e r.

• U se t h e Red Hat Pac k a g e M a n a g e r ( R PM ) package


d ocu mentation.

• Use the red h a t - s u p p o rt-tool c o m m a n d .

Sections • Read i n g Documentation U s i n g m a n C o m m a nd (and


Practice)

• Read i n g Documentation U s i n g p i nto C o m m a n d (a n d


Practice)

• Reading Documentation i n /us r/sha re/doc (a n d Practice)

• Gett i n g H e l p From Red Hat (and Practice)

Lab • Viewing a n d Print i n g H e l p Doc u mentation

R H 1 24- R H E L7-e n-1-201 40606 61


-

C h a pter 3. Gett i n g H e l p i n Red Hat E nterp rise L i n u x

Rea d i n g Doc u m e ntat i o n U s i n g m a n Co m m a n d

Objectives
After com p l et i n g t h i s sect i o n , s t u d e n t s s h o u l d be a b l e to l ocate d o c u m e ntat i o n a n d research
a n swers a b o u t commands.

I ntroducing the man command


The h i storica l L i n u x P ro g ra m m e r ' s M a n u a l , fro m w h i c h m a n pages o r i g i nate, was l a rg e e n o u g h
to b e m u l t i p l e pri nted b o o ks. E a c h conta i ned i nfo rmat i o n f o r specific types o f fi l es, w h i c h h a ve
become t h e sections l i sted b e l ow. A r t i c l e s a re refe rred to a s topics, as pages n o l o n g e r a p p l ies.

Sections o f the Linux manual -

Section Content type


1 User com m a n d s (both executable and shell programs) -

2 System ca l l s (kernel routines invoked from user space)


3 L i b ra ry f u n c t i o n s (provided by program libraries)
4 Specia l f i l e s (such as device files)
5 F i l e formats (for many configuration files and structures)
6 Games (historical section for amusing programs)
7 Conve n t i o n s . sta n d a rd s , a n d m i s ce l l a n e o u s (protocols, file systems)
-
8 System a d m i n istra t i o n a n d p r i v i l eg e d com m a n d s (maintenance tasks)
9 L i n u x ke r n e l A P I (internal kernel calls)
-

Note
-
M a n u a l section 9 is a recent a d d it i o n to L i n u x . N o t a l l m a n sect i o n l is t i n g s refere n c e it.

To d i st i n g u i s h i d e n t i c a l topic names i n d iffe rent sect i o ns, man page refe re nces i n c l u d e t h e
section n u m be r i n pa re n t h eses after t h e topic. For exa m p l e, passwd(l ) describes t h e c o m m a n d
to c h a n g e pa sswords, w h i l e passwd ( 5 ) ex p l a i n s t h e / e t c / p a s swd fi l e format f o r sto r i n g l oca l
-
u s e r accou nts.

To read specific m a n pages, use man topic. To p i c contents d i s p l ay one screen at a t i m e. U se


a r row keys for s i n g l e l i n e scro l l i n g o r t h e s pace b a r for t h e next scree n . T h e man com m a n d
s e a rches m a n u a l sect i o n s i n a config u red ord e r, d i s p l a y i n g po p u l a r sect i o n s f i rst. Fo r exa m p le,
man passwd d i s p l a ys pas swd(l ) by defa u lt. To d i s p l ay t h e man page topic from a specific
-
sect i o n , i n c l u d e t h e sect i o n n u m be r a rg u ment: man 5 pas swd d i s p l ays passwd(5).

62 R H 1 24- R H E L7-e n -1-20140606 -

-
-

I d e nt ify m a n pages by keyword


-

I dentify man pages by keyword


- The a b i l ity to eff i c i e n t l y searc h for topics and navigate man pages i s a c r i t i c a l a d m i n istration s k i l l .
T h e fo l l o w i n g ta b l e l ists basic man n a v i g a t i o n c o m m a n d s :

- Navigat ing man pages

Co m m a n d Res u l t

-
Spac e b ar S c ro l l fo rwa rd (d own) o n e s c r e e n
Page Down S c ro l l forwa rd (d own) one screen
Page Up S c ro l l b a c kwa rd (u p) o n e screen
-

DownA r row S c ro l l forwa rd (d own) one l i n e


U pA r r ow S c ro l l b a c k (u p) o n e l i n e
-
d S c ro l l forward (d own) o n e h a l f-screen
u S c ro l l backwa rd (up) o n e h a l f-screen
-
/s t ring Search forwa rd (d own) fo r s t ri n g i n t h e m a n page
n Repeat previous search fo rwa rd (d own) i n t h e m a n p a g e
-
N R e p e a t p revi o u s search bac kwa rd ( u p ) i n t h e m a n page
g G o to start of t h e m a n page.
-
G Go to e n d of t h e man page.
q E x i t man a n d ret u rn to t h e com m a n d s h e l l p ro m pt
-

Important
- When p e rfo r m i n g searc h es, s t ri ng a l l ows regular expression syntax. W h i l e s i m p l e text
(s u c h a s p a s s wd ) works a s expected, reg u l a r express i o n s use m eta-c h a ra cters (s u c h
as $, * , . , a n d ") for more s o p h i st icated pattern matc h i n g . T h e refore, sea rc h i n g with
- stri n g s which i n c l u d e program ex pressi o n m eta-ch a racters, such a s make $$$, m i g h t
y i e l d u n expected res u lts.

- Reg u l a r express i o n s a n d synta x a re d is c u s s e d i n Red Hat System Administration II, and


i n the regex(7) man topic.

- R H124- R H E L 7-en-1-20140606 63

-
-

C h a pter 3. Gett i n g H e l p i n Red Hat Enterprise L i n u x

Searching for man pages by keyword


A keyword search of m a n pages is perfo r med u s i n g man - k keyword, w h i c h d i s p l ays a l i st of -

keyword -m atc h i n g m a n page topics w i t h sect i o n n u m be rs.

[student@desktopX -]$ m a n - k pas swd


checkPasswdAccess ( 3 ) query the SELinux policy database i n the kernel .
-

chpasswd ( 8 ) update passwords in batch mode


ckpasswd ( 8 ) nnrpd password authenticator
fgetpwent_r ( 3 ) get passwd file entry reentrantly
getpwent_r ( 3 ) get passwd file entry reentrantly
-

passwd ( 1 ) - update user ' s authentication tokens


sslpasswd ( 1ssl) compute password hashes
-

passwd ( 5 ) password file


passwd . nntp ( 5 ) - Passwords for connecting to remote NNTP servers
passwd2des ( 3 ) - RFS password encryption -

Po p u l a r syste m a d m i n istration topics a re i n sect i o n s 1 (user c o m m a nds), 5 (fi l e fo r m ats), a n d 8


(ad m i n istrative c o m m a n d s). Ad m i n istrators u s i n g certa i n t ro u b l eshoot i n g too l s a l so use section
2 (system ca l l s) . The re m a i n i n g sect i o n s a re co m m o n l y for prog ra m m e r refe rence o r a d va n ced
-
a d m i n istra t i o n .

Note -

Keyword s e a rc h e s re l y on a n i n dex g e n e rated by t h e mandb(8) com m a n d , w h i c h m u st


be r u n as root. T h e c o m m a n d r u n s d a i l y t h ro u g h c r o n . d aily, o r by anac r o n t a b -
wit h i n a n h o u r of boot if out of date.

Important
T h e man com m a n d - K option performs a f u l l -text page searc h , not j u st t i t l es a n d -

descr i p t i o n s l ike t h e - k . A fu l l-text search ca n u s e g reater systems resou rces a n d take


m o re t i me.
-

R References -

man(1 ), mandb(8), man - pages(7), less(1), i n t ro(1), int ro(2), i n t ro(5), i n t ro(7),
int ro(8) man pages
-

64 R H1 24- R H E L 7 - e n -1-20140606 -

-
-

Practice : U s i n g t h e m a n Co m m a n d
-

P ra ct i ce: U s i n g t h e m a n Co m m a n d
-

-
Guided exercise
I n t h i s l a b, you w i l l p ractice f i n d i n g re l eva nt i nfo r m a t i o n by u s i n g man options a n d a rg u ments.

O utcomes
Fa m i l i a rity w i t h t h e man L i n u x m a n u a l system and practice f i n d i n g usef u l i n fo r m a t i o n by
-
searc h i n g and b rows i n g .

Before you begin ...


Pe rfo rm t h e fo l l ow i n g steps o n serverX u n l ess d i rected o t h e rw ise.

D 1. View the gedit(1) man page.

[student@serverX ] $
-
- -- -- -·--------

I
-
- ma n i g e d i t
- --
_ --------
_ ____� - ----�

- D 2. Research how to edit a specific fi l e using gedit from t h e co m m a n d l i n e.

gedit fil ename

D 3. Research the gedit o pt i o n used to b eg i n a n e d i t i n g sess i o n with the c u rsor at the end of
the f i l e.
-
gedit + fil ename

D 4. Research t h e su(1) m a n page.

[student@serverX -]$
-
����- - - · ---··---------------- ---

man 1 su
._
, __
_ ----- - ··- - - · - --- -------

D 5. Research w h a t s u does w h e n t h e use rname a rg u m e n t is o m itted.

-
s u a s s u m es a use rname of root.

D 6. Research how s u beh aves when a s i n g l e d a s h option is used.


-
s u starts a c h i l d login shell (creat i n g login e n v i ro n m e n t by s o u rc i n g login scri pts).
Without the s i n g l e d a s h , a n o n - l o g i n c h i l d s he l l i s created, matc h i n g the u s e r ' s c u rrent
en vi ro n m e nt.
-

D 7. Cons u l t t h e pas swd(1) m a n page. Dete r m i n e t h e o pt i o n s t h a t w i l l l oc k a n d u n l o c k a u s e r


acco u n t w h e n t h i s co m m a n d is used by root.

[student@serverX -]$
-

man 1 pas swd

-
pas swd - 1 username

pas swd - u use rname


-

D 8. Locate t h e two p r i n c i p l es to re m e m b e r accord i n g to t h e pas swd man page a u t h o rs.


Searc h for the word " p r i n c i p l e".
-

- R H 1 24- R H E L7-e n-1-20140606 65

-
-

C h a pter 3. Gett i n g H e l p i n Red H a t E n t e r p rise L i n u x

• Protect yo u r password .

• C hoose a h a rd-to-g u ess password. -

D 9. C o n s u l t t h e man page d oc u m e n t i n g t h e syntax of the / e t c / pas swd fi l e. What i s stored


i n t h e t h i rd fie l d of each l i n e? -

The re l evant m a n p a g e is passwd(5), fo u n d w i t h man - f pas swd.


-
The U I D ( n u m e r i c u s e r I D) for e a c h acco u nt.

D 10. Which c o m m a n d w i l l l i st d eta i l ed i n formation a bout a z i p a rc h i ve?


-

zipinfo(1) fo u n d w i t h man - k zip

D 11. Which m a n page conta i n s a l ist of paramete rs t h at c a n b e passed to the ke r n e l at boot -

t i m e?

boo t p a r am(7 ) fo u n d with man - k boot -

D 12. W h i c h comma n d i s used to t u n e ext4 f i l e syste m p a ra m ete rs?

-
t u ne2fs(8) fou n d w i t h man - k ext4

66 R H124- R H E L7-en+ 20140606

-
Rea d i n g Documentation U s i n g pinfo C o m m a n d

Rea d i n g D o c u m e nt a t i o n U s i n g p i nfo C o m m a n d

O bj ect ives
After c o m p l e t i n g t h i s section, students s h o u l d be a b l e t o research a n swers u s i n g G N U I nfo
d o c u m e nt a t i o n .

I nt ro d u c i n g G N U i nfo
M a n p a g es have a formal f o r m a t u s e f u l a s a c o m m a n d referen ce, b u t less usef u l a s
g e n e r a l d o c u mentation. For s u c h d o c u m e nts, t h e GNU Project deve l o ped a d ifferent o n l i n e
d o c u m e ntation system, k n ow n a s GN U i nfo. I nfo d o c u ments a re a n i m po rt a nt resou rce o n a R e d
Hat Enterp rise Lin u x system b e c a u s e m a ny f u n d a mental com pone nts a n d u t i l ities, s u c h as t h e
coreutils p a c ka g e a n d glibc sta n d a rd l i b ra ries, a re e i t h e r deve l oped by t h e GNU P roject o r u t i l ize
the i nfo d o c u ment system.

File: dir Node: Top This is the top of the INFO tree

This ( t h e Directory node ) gives a menu of maj o r t o p ic s .


Typing "q" exi t s , " ? " l i s t s a l l Info c o mm a n d s , "d" returns h e re ,
" h " g ives a p rime r t o r f i rst - timers ,
" mEmacs<Return>" visits the Emacs t o p i c , etc .

In Ema c s , you can c l i c k mou s e b u t t o n 2 o n a menu item or c ro s s r e f e r e n c e


to select i t .

* Menu:

Archiving
• Cpio : ( cpio) . C o py - i n - c o p y - o u t a rc h i v er t o t a p e o r d i s k .
• Ta r : ( ta r ) . Making tape ( o r d i s k ) a rchive s .

Basics
• Common o p t i on s : { 'oreuti.ls ) Common options .
Common o p t i o n s .
• C o reutil s : (coreutils ) . C o re GNU (file , text , shel l ) utilities .
• D a t e input f o rmats : ( c o reutil s ) Date input formats .
• F ile p e rmi s s i o n s : ( c o reutils ) File permissions .
Access mode s .
• Finding file s : ( f ind ) . Operating o n f i l e s m a t c h i n g c e rt a i n c ri t e r i a .
* ed: ( ed ) . The GNU Line Edito r .
iewing line 25/2llfl2 , 1%

Figure 3. 1 : pinto Info document viewer, top directory

I nfo d o c u m entation is struct u red as hyper l i n ke d i nfo nodes. T h i s fo rmat is more f l e x i b l e t h a n


m a n p a g e s , a l lowing t h o rou g h disc u s s i o n of c o m p l ex c o m m a n d s a n d c o n ce pts. Like m a n pages,
i nfo n odes a re read fro m t h e c o m m a n d l i ne, using either t h e info o r pinto c o m m a nd s .

S o m e c o m m a n d s a n d u t i l ities h a v e both m a n pages a n d i nfo d oc u m e ntation; u s u a l l y, t h e i nfo


d o c u m e n t a t i o n w i l l be m o re in-depth. C o m p a re the d iffe rences i n tar d o c u mentation u s i n g man
a n d pinfo:

[ s t u d e n t@d e s k topX - ] $ man tar


[ s t u d e n t@d e s k t o pX - ] $ pinto tar

The pinfo info read e r i s m o re a d v a n ced t h a n t h e orig i n a l info c o m m a n d . D e s i g n ed to match


the lynx text web b rowser keyst rokes, it a l so adds color. I nfo nodes for a p a rt i c u l a r topic are
browsed with pinfo topic. Enter only pinto for the i nfo topics d i recto ry. New docu mentation
nodes become ava i l a b l e i n pinto w h e n their co rrespondin g software p a c kages a re i nsta l l e d .

R H 1 24· R H EL 7 ·en-1-20140606 67
-

C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p r i se L i n u x


-

GNU I nfo vs. man page navigation


-
The info co m m a n d uses d iffe rent n a v i g a t i o n keystrokes t h a n does man. T h e info c o m m a n d
wa s d e s i g n e d to match t h e keyst rokes of t h e hype rtext-awa re lynx web b rowser. C o m p a re t h e
k e y b i n d i n g s i n t h e fo l l owi n g t a b l e : -

pinfo and man, key binding comparison

N av 1 g a t 1 on pinto man

S c ro l l forward (d own) o n e screen PageDown o r Space PageDown o r Space


S c ro l l b a c kwa rd (up) one screen PageUp o r b PageUp o r b
-

D i s p l ay t h e d i rectory of topics d -
-
S c ro l l forward (down) o n e h a l f-scre e n d
-
D i s p l ay t h e p a r e n t n o d e o f a topic u -

D i s p l a y t h e top (up) of a topic HOME 1G


-
-
S c ro l l bac kwa rd (up) o n e h a l f-screen u
Scro l l forwa rd (down) to next hype r l i n k DownAr row -
-
O p e n topic at c u rsor location Enter -

Scro l l forward (d own) o n e l i n e - DownA r r ow or E n t e r


-
Scro l l b a c kwa rd (up) to p revious hype r l i n k U pA r r ow -

S c ro l l bac kwa rd (u p) o n e l i n e - UpAr row


Searc h f o r a pattern / s t ring / s t ri n g
D i s p l ay next node (c h a pter) i n topic n -

Repeat prev i o u s search forwa rd (d own) I then Enter n -

D i s p l ay p revi o u s n o d e (c ha pter) i n topic p -


-
Repeat p rev i o u s sea rc h bac kwa rd ( u p) N -

Q u i t t h e p ro g ra m q q

R References
pinfo info (Info: An Introduction)
-
• A l l Sect i o n s

pinfo pinfo (Documentation for 'pinto ')


-
• A l l Sect i o n s

The G N U Project
-
http://www.g n u .o rg/g n u/t h e g n u p roject . h t m l

pinfo(1) a n d info(1 ) m a n pages

68 R H 1 24- R H E L 7-en-1 -20140606

-
-

Practice: U s i n g t h e p i nto Co m m a n d
-

P ra c t i ce: U s i n g t h e p i nto Co m m a n d
-

- Guide d exercise

I n t h i s l a b , you w i l l b rowse G N U I nfo d o c u m e nta t i o n u s i n g c o m m a n d - l i n e too l s.


-
O utcomes
U nd e rsta n d p ro g ra m d o c u mentation i n t h e G N U I nfo node syste m .
-
Before you begin...
Perfo r m t h e fo l l ow i n g steps o n serverX u n l ess d i rected ot h e r w i se.
-
D 1. I nvoke pinfo w i t h o u t a rg u m ents.

- ii [student@serverx - ] $ pinfo
I

- D 2. Navigate to the Common o p t ions to pic.

U s e U pAr row o r DownAr row u n t i l ( c o r e u t il s ) Common o p t ions i s h i g h l i g hted.


Press Enter to view this topic.
-
D 3. B rowse t h ro u g h t h i s info topic. Lea r n if l o n g -sty l e options c a n be a b b reviated.

- Use PageUp a n d PageDown to navigate t h ro u g h t h e topic. Yes, m a n y p rog ra m s a l low


l o n g options to b e a b b reviated.

- D 4. Dete r m i n e w h a t t h e sy m b o l s - - s i g n ify w h e n u s e d as a co m m a n d a rg u m e nt.

T h e sym b o l s - - s i g n ify the end of co m m a n d options and the start of co m m a n d


- arguments i n com p l ex co m m a nds w h e re t h e s h e l l ' s c o m m a n d - l i n e pars e r m i g ht not
correct l y m a k e t h e d i s t i n c t i o n .

- D 5. Without e x i t i n g p i n f o , m ove u p t o t h e G N U Co r e u t ils n ode.

Press u to move u p to the top node of the topic.

- D 6. M ove u p a g a i n , to the top topic.

Press u a g a i n . O b s e rve that when positioned at the top of a topic node, moving u p
- ret u r n s t o t h e d i rectory o f top ics. A lternate l y, p ress i n g d from a ny l eve l o r t o p i c w i l l m ove
d i rect l y to t h e d i rectory of topics.

.. D 7. Searc h for t h e patte r n nano a n d s e l ect t h a t t o p i c .

Press I fo l l owed by t h e search patte r n " n a n o" . W i t h t h e topic h i g h l i g hted, p ress E n t e r .


-
D 8. I n t h e I n t rod u c t io n , l ocate a n d s e l e c t Command L i n e Options. B rowse t h e topic.

P ress E n t e r to s e l ect I n t r o d u c t ion, t h e n DownAr r ow a n d E n t e r to s e l ect Command


-
Line Options. Use the a r row keys to b rowse the topic.

D 9. M ove u p o n e l ev e l to ret u r n to I n t r od u c t ion. M ove to t h e next topic.


-

- R H 1 24- R H E L7-en-1-20140606 69

-
-

C h a pter 3. Gett i n g H e l p i n Red H a t Enterprise L i n u x

P ress u t o move u p o n e leve l . The n e w location w i l l b e nano's t o p i c 1 I n t r od u c t ion.


N ow p ress n. Yo u w i l l h ave m oved to nano ' s topic 2 Editor Basics.
-

D 1 0. Exit pinto.

Press q to q u i t pinto. -

D 11. I nvoke pinfo a g a i n , specify i n g nano a s the desti n a t i o n topic from t h e com m a n d l i n e.

[student@serverx -]$
-
!
j pinfo nano
!

D 12. S e l ect t h e Edit o r B a s i c s t o p i c . -

Press DownA r r ow to h i g h l i g h t Editor Bas i c s , t h e n p ress En t e r to s e lect t h i s topic.


-

D 13. Read t h e E n t e r i n g T e x t a n d Special F u n c t io n s s u btopi cs.

U s e a r row keys to h ig h l ig h t a topic, PageUp and PageDown to b rowse the text, t h e n press -
u to m ove u p one leve l . Press q to q u it pinfo when you a re fi n i s hed.

70 R H 1 24- R H E L7 - e n -1 -20140606 -

-
-

Rea d i n g D o c u m e ntat i o n i n /u s r/s h a re/d o c


-

Rea d i n g Doc u m e ntat i o n i n /u s r/s h a re/d oc


-

-
Objectives
After com p l et i n g t h i s section, st u d e n t s s h o u l d be a b l e to researc h information u s i n g Red H a t
Packa g e M a n a g e r d o c u m e ntation.

Introducing package documentation


- I n a d d i t i o n to man a n d pinfo, deve l o p e rs m a y a l so c h oose to i n c l u d e d o c u m e n ta t i o n i n t h e i r
a p p l icat i o n ' s R P M d istribution package. W h e n t h e p a c k a g e is i n sta l l e d , f i l e s recog n ized as
d o c u m e nt a t i o n a re moved to / u s r / s hare/doc/packagename. Software package b u i l d e rs
- may i n c l u d e a nyt h i n g deemed h e l pf u l as a com p l e ment to, b u t not d u p l icat i n g , man pag es. G N U
packages a l so use / u s r /share/doc t o s u p p l e m e n t i nfo nodes.

- M ost p a c k a g es i n c l u d e f i l es desc r i b i n g package d istribution l i c e n s i n g . Some packages i n c l u d e


exte nsive P D F- o r H T M L-based d o c u m entat i o n . Accord i n g l y, a usef u l package b rows i n g method i s

I [student@desktopX -]$
p o i n t i n g a b rows e r of c h o i ce to f i l e : / / / u s r / s h a r e / d o c a n d uti l i z i n g a m o u se.
- - -- --- - --�---�----�--�
;
firefox file : // / u s r / s ha re/doc I
! ------��--- · __J
-
Some packages come with exte nsive exa m p l es, confi g u ration f i l e te m p l ates, scripts, tutori a l s ,
o r user g u ides. B rowse / u s r / s h a re/doc/vs f t pd - * as a n exa m p l e. S o m e d o c u m e ntation i s
-
s pa rse; t h e zip u t i l ity i n c l u d es t h e com p ress i o n a l g o r i t h m used a n d l itt l e e l se. O t h e r packages
i n c l udes l a rg e user m a n u a l s o r deve l o p e r g u ides, o r e l ectro n i c copies of related, p u b l i s h ed boo ks.

-
Note
Deve l op e rs may c hoose to b u n d l e exte n s ive doc u m e ntation i n a s e p a rate R P M . The
- gnuplot p rog ra m h a s t h e extra gnuplot-doc package, which m ust b e i n sta l l e d s e p a rate l y.
O t h e r s i m i l a r packages to b rowse i n c l u d e bash-doc a n d samba-doc. Often , extra
packages a re fo u n d i n Red H a t E n t e r p r i s e L i n u x ' s Optional softwa re c h a n n e l .
-

M a ny packages a l s o i n c l u d e d eve l o p e r d o c u mentat i o n , s u c h a s a n A p p l icat i o n


Prog ra m m i n g I nte rface ( A P I ) s p e c ificat i o n , p rovided i n a pa c k a g e w i t h a n a m e e n d i n g
-
i n -devel o r s i m i l a r. Packages may i n c l u d e a d d i t i on a l fi l es, s u c h a s h e a d e rs ; u s ef u l
d o c u m e ntation u s u a l l y o n l y n e e d e d f o r softwa re deve l o p me n t o r com p i l i n g .

Note
-
T h e k e r n e l itse l f h a s a s i g n if i c a n t d o c u m entation package. T h e kernel-doc package is a
trea s u re of kern e l , d r ive r, t u n i n g , a n d a d v a n ced config u ration i n f o r m a t i o n . E x p e rienced
-
syst e m a d m i n istrators reg u l a r l y research kernel-doc f i l es.

- R H124- R H EL 7 -en -1 -20140606 71


-

C h a pter 3. Gett i n g H e l p i n Red Hat Enterp rise L i n u x


-

References -

hie r (7 ) m a n page
• D i s c u sses t h e h i e ra rchy of Linux d i rectories, i n c l u d i n g /usr / s h a re/doc.
-

-
72 R H1 24- R H E L 7-en-1-20140606

-
-

P ra c t i ce: Viewing Pa c ka g e D o c u m entation


-

P ra ct i ce: V i ewi n g Pa c ka g e Docu m e ntat i o n


-

-
Guide d exercise
I n t h i s l a b, you wi l l research t h e docu mentat i o n u n d e r / u s r / s hare/doc to a n sw e r q u est ions.
-
U s e yo u r cho i ce of l e s s , ged i t , o r a b rowse r to view t h e d o c u mentation f i l e contents.

O u tcomes
M o re fa m i l i a rity, t h ro u g h practice, with t h e types of i n fo r m a t i o n that deve l o pers i n c l u d e with
-
t h e i r softwa re packages.

Before you begin ...


-
Pe rfo rm t h e fo l lo w i n g steps o n serverX u n l ess d i rected o t h e r w ise.

D 1. W h e re can you f i n d t h e l atest n ews a b o u t the vim p roject?

[student@serverx -]$ cd / u s r/share/doc


-

[student@serverX doc]$ less vim - common - * / README . tx t


-

View t h e vim-common R E A D M E and search for " n ews".


-
D 2. What is the wiki U R I for t h e yum packa g e?

-
i [student@serverx doc]$ less yum - 3 * / README
I

Search for " w i k i " i n / u s r/s h a re/doc/yum - 3 * / README.


-
D 3. What exa m p l e s a re prov i d e d for the com m a n d - l i n e be ca l c u l ator?

- I [student@serverX doc]$ ls -1 bc - * /Examples


'

Fo u n d i n t h e d i rectory / u s r /share/doc/bc - * / Examples.


-

... I [student@serverx doc]$


D 4. How wou l d you read the provided G R U B2 m a n u a l ?

firefox g r u b 2 - t ools - * /g r u b . html


i

Use firefox to d i s p l ay / u s r /share/doc/g r u b 2 - t ools - * / g r u b . h t ml.


-

D 5. What softwa re p rovi des its d o c u m e n t a s a s e p a rate package?

[student@serverx doc]$
[student@serverx doc]$
-
yum list * - doc *

[student@serverx -]$
cd

U s e yum t o d i s p l ay o n l y t h ose packages t h a t conta i n "-doc", "-docs", o r " - d oc u m e ntation"


i n t h e package n a me. When f i n is h e d , ret u r n to t h e home d i rectory.
...

... R H 1 24- R H E L 7-en-1-20140606 73

-
-

C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p rise L i n u x


-

G ett i n g H e l p Fro m Red H at


-

Objectives
-
Aft e r co m p l et i n g t h i s sect i o n , s t u d e nts s h o u l d be a b l e to view K n ow l ed g ebase i n fo r m a t i o n a n d
m a n a g e s u p po rt cases f r o m t h e c o m m a n d l i ne.
-

Red Hat Custome r Portal


Red H a t C u sto m e r Porta l ( h t t p s : / / a c c e s s . r e d h a t . c o m ) p rovides custo m e rs w i t h access
-
to eve ryt h i n g p rovided w i t h t h e i r s u b s c r i pt i o n t h r o u g h o n e conve n i e n t l ocat i o n . Custo m e rs
ca n search for s o l utions, FAQs, a n d a rt i c l es t h ro u g h K n ow l ed g e base. Access to offic i a l product
d o c u mentation is prov i d e d . S u pport t i c kets can be s u b m itted a n d managed. S u bs c r i p t i o n s
-
to Red Hat prod u cts c a n b e atta c h e d to a n d deta c h e d from reg i ste red systems, a n d software
d o w n loads, u pdates, and eva l u at i o n s c a n be obta i n ed . Pa rts of the site a re access i b l e to
everyone, w h i l e others a re exc l u s ive to custo m e rs with active s u bscriptions. H e l p with g ett i n g
-
access to Customer Porta l i s ava i l a b l e at h t t p s : I / a c c e s s . r e d h a t . c o m / h e l p / .

Customers c a n w o r k w i t h Red Hat C u stomer Porta l t h ro u g h a web b rows e r. T h i s sect i o n w i l l


-
i n t ro d u ce a c o m m a n d l i n e tool that c a n a l so b e used t o access R e d Hat C u sto m e r Porta l services,
redhat - s uppo r t - t ool.

Know l e d g e b a s e
-

-
SOLUTIO N S ARTICLES DO C U M EN TAT I O N VIDEOS

R n d answers t o questions or issi;es you Read technical articlPs and bP�I prac11ces Learn flow to msta.U configure and use W:.1dl short Monals and presentauons fur
rn<1yeirpenence for your Red Hal products your Red Hat products R� Hat products arn:l events

-
Figure 3.2: Knowledgebase at the Red Hat Customer Portal

U sing redhat-su pport-tool to search K nowledge base -

T h e Red H a t S u pport Too l u t i l ity r e d h at - su ppo r t - t ool p rovides a text console i nterface to
t h e s u b s c r i pt i o n - based Red H a t Access services. I nt e r n et access is req u i red to reac h t h e Red H a t
-
C u st o m e r Porta l . The redhat - s u p p o r t - t ool is text-based for use f r o m a n y ter m i n a l o r S S H
c o n n ecti o n ; n o g ra p h i c a l i nte rface i s p rovided.

-
T h e redhat - s u ppo r t - tool co m m a n d may be used as a n i n t e ra ctive s h e l l o r i nvoked a s
i n d iv i d u a l l y executed c o m m a n d s w i t h options a n d a rg u m e nts. T h e too l 's ava i l a b l e syntax is
i d e n t i ca l fo r both methods. By defa u lt. t h e pro g ra m l a u n c h e s i n s h e l l mode. Use t h e p rovided
-
help su b-co m m a n d to see a l l ava i l a b l e c o m m a n d s . S h e l l m o d e s u p ports t a b completion a n d t h e

I [student@desktopX -]$
a b i l it y t o ca l l p ro g ra m s i n t h e parent s h e l l .

I'-: We lcome to the Red Hat Support Tool .


-
redhat - su p po r t - tool

Command (? for help ) :


- -

W h e n fi rst i nvoked, r e d h a t - s u p po r t - t ool prompts for req u i red Red Hat


Access s u bscri b e r l og i n i nformat i o n . To avoid re p et i t i v e l y s u p p l y i n g this
-
i nfo r m a t i o n , t h e tool a s k s to store account inform a t i o n i n t h e user's h o m e d i rectory
($HOME/ . redhat - s u p p o r t - t ool/ r ed hat - s u p po r t - tool . conf). I f a Red H a t Access
acco u nt i s s h a red by many u s e rs, the - - global o p t i o n ca n save acco u nt i nformat i o n to
-

74 R H1 24- R H E L 7-e n-1-201 40606 -

-
-

U s i n g red hat-s u p port-tool to search K n ow l ed g e b a s e


-

/ e t c / redhat - s u p p o r t - t ool . cont, a l o n g w i t h ot h e r syste mwide config u ra t i o n . T h e too l ' s


config c o m m a n d modifies t o o l confi g u rat i o n sett i ngs.
-

The redhat - su p po r t - tool a l l ows s u bs c r i b e rs to search and d i s p l ay t h e same K n o w l e d g e ba s e


c o n t e n t s e e n w h e n o n t h e Red H a t C u sto m e r Porta l . K n o w l e d g ebase p e r m its keyword searches,
-
s i m i l a r to t h e man c o m m a n d . U s e rs c a n enter e rro r codes, syntax from l o g fi les, o r a ny mix of
keyword s to p ro d u ce a l ist of re leva n t s o l u t i o n d o c u m e nts.

- The fo l l o w i n g i s an i n it i a l config u ra t i o n and basic sea rc h d e m o n st rat i o n :

[student@desktopX -]$ redhat - s u p po r t - tool


Welcome to the Red Hat Support Tool .
Command ( ? for help ) : search How to manage system e n t i t leme n t s wit h subsc ription - manager
-

Please enter your RHN user ID : subscriber


Save the user ID in /home/student/ . redhat - support - tool/redhat - support- tool . conf (y/n ) : y
Please enter the password for subscriber : pas swo rd
Save the password for subscriber in /home/student/ . redhat -support - tool/redhat - support ­
-

tool . conf (y/n ) : y


-

After p ro m pt i n g t h e user for t h e req u i red u s e r confi g u rat i o n , t h e tool c o n t i n ues w i t h t h e o r i g i n a l


search req u est:
-

Type the number of the solution to view or ' e ' to return to the previous menu .
1 [ 253273 :VER] How to register and subscribe a system to Red Hat Network
( RHN ) using Red Hat Subscription Manager (RHSM )?
2 [ 17397 :VER] What are Flex Guest Entitlements in Red Hat Network?
-

3 [ 232863 :VER] How to register machines and manage subscriptions using Red
Hat Subscription Manager through an invisible HTTP proxy I Firewall?
3 of 43 solutions displayed . Type ' m ' to see more, ' r ' to start from the beginning
again, or ' ? ' for help with the codes displayed in the above output .
-

Select a Solution :
-

Specific sect i o n s of s o l ution d o c u m e n t s m a y be s e l ected for v i ew i n g .

Select a Solution : 1
-

Type the number of the section to view or ' e ' to return to the previous menu .
1 Title
2 Issue
-

3 Environment
4 Resolution
5 Display all sections
End of options .
-

Section : 1
Title
-

How to register and subscribe a system to Red Hat Network ( RHN ) using Red Hat
== = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = = == = = = = = = = = = = = = = = = = = == = = = = = = = = == = = = = = = = = = =

Subscription Manager (RHSM )?


URL : https : //access . redhat . com/site/solutions/253273
-

( END) q
-
[student@desktopX -]$
D i re c t l y a c c e s s K n o w l e d g e b a s e a r t i c l e s b y d o c u m e n t I D
-
Locate o n l i n e a r t i c l e s d i rect l y u s i n g t h e too l ' s k b com m a n d with t h e K n o w l edgebase d o c u m e n t
I D. Ret u r n e d d o c u m e n t s scro l l o n t h e s c r e e n w i t h o u t p a g i n a t i o n , a l l o w i n g a user to redi rect t h e
output u s i n g ot h e r l oca l com m a n d s. T h i s exa m p l e v i e w s t h e d o c u m e n t w i t h t h e less co m m a n d :
-

- R H 1 24- R H E L7-en-1 -20140606 75

-
-

C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p rise L i n u x

I [student@desktopX -)$ I
-
r----·� -· --=,____ _ -- --· ��-

- -�--�,
redhat - support - tool kb 253273 I less

Title : How to register and subscribe a system to Red Hat Network ( RHN ) using Red Hat
Subscription Manager ( RHSM)?
I
' -

ID : 253273
State : Verified : This solution has been verified to work by Red Hat Customers and
Support Engineers for the specified product version ( s ) .
URL : https : //access . redhat . com/site/solutions/253273
-

: q
L
-
---------- -----�-
- - ---- -

D o c u m e nt s ret rieved i n u n pa g i n ated format a re easy to s e n d to a p r i n t e r, convert to P D F o r


ot h e r d o c u m e n t f o r m a t , o r to red i rect to a data e n t ry p rog ra m for a n i n c i d e n t t rac k i n g o r c h a n g e
m a n a g e m e n t system, u s i n g o t h e r u t i l ities i nsta l l e d a n d ava i l a b l e i n R e d H a t Enterprise L i n u x.

Using redhat-support-tool to manage sup port cases -

O n e benefit of a p ro d u ct s u bscript i o n is a c cess to tec h n ica l s u p port t h ro u g h


R e d Hat C u sto m e r Porta l . Depen d i n g o n t h e syst e m ' s s u bs c r i p t i o n s u p po rt
-
l eve l , Red H a t m a y be contacted t h ro u g h o n - l i n e too l s or by p h o n e. See
h t t p s : / / a c c e s s . r e d h a t . c o m / s i t e / s u p p o r t / p o l i c y / s u p p o r t _p r o c e s s for l i n ks to
deta i l e d i nfo r m a t i o n a bout t h e s u p po rt p rocess.
-

Prepa r i n g a b u g report
Before contact i n g Red Hat S u pport, g a t h e r re l eva nt i nformat ion for a bug repo rt.
-

Define the problem. Be a b l e to c l e a r l y state t h e p ro b l e m and its sym pto m s . Be a s specific as


poss i b l e. Deta i l t h e steps w h i c h w i l l re p ro d u ce t h e p ro b l e m .
-

Gather background information. W h i c h p ro d u ct a n d version is affected? Be rea d y to p rovide


rel eva nt d i a g n ostic i nfor m a t i o n . T h i s ca n i n c l u d e o u t p u t of s o s r e po r t , d i s c u ssed later i n t h i s
s e c t i o n . Fo r ke r n e l pro b l e ms, t h i s cou l d i n c l u d e t h e syste m ' s kdump c ra s h d u m p or a d i g ita l photo -

of the ke r n e l b a c kt race d i s p l ayed o n the m o n itor of a c rashed system.

Determine the severity level. Red H a t uses fo u r severity leve l s to c l a ssify i s s u e s . Urgent a n d High -

severity p ro b l e m reports s h o u l d be fo l l owed by a p h o n e ca l l to t h e releva n t l oca l s u pport center


(see h t t p s : / / a c c e s s . r e d h a t . c o m / s i t e / s u p p o r t / c o n t a c t / t e c h n i c a l S u p p o r t ) .
-

Severity Desc r i pt i o n
Urgent (Severity 1 ) A p ro b l e m t h a t seve re l y i m pacts you r u s e o f t h e software i n a
-
product i o n e n v i ro n m e nt (s u c h as loss of prod u c t i o n data o r i n w h i c h
you r pro d u c t i o n syst e m s a re not f u n ct io n i ng ) . T h e s i t u a t i o n ha lts yo u r
b u s i ness o p e rat i o n s a n d n o p roce d u ra l worka ro u n d exists.
-
High (Seve rity 2 ) A p ro b l e m w h e re t h e softwa re is f u n c t i o n i n g b u t yo u r use i n a
p roduct i o n e n v i ro n m e nt is severe l y red uced. T h e s i t u a t i o n is c a u s i n g a
h i g h i m pact to p o rt i o n s of yo u r b u s i n e s s o p e rat i o n s a n d n o p roce d u ra l -

workaro u n d exists.
Medium (Severity 3 ) A pro b l e m t h a t i nvol ves partia l , n o n -critica l l oss of u s e o f t h e software
-
in a prod u c t i o n e n v i ro n m e n t or deve l op m e n t e n v i ro n ment. Fo r
p rod uction e n v i ro n m e nts, t h e re is a m e d i u m -to- l ow i m pact on yo u r
b u s i n ess, b u t yo u r b u s i n ess cont i n u e s t o f u n c t i o n , i n c l u d i n g b y u s i n g
-
a p roced u ra l workaro u n d . Fo r deve l o p m e n t e n v i ro n m e nts, w h e re t h e
s i t u a t i o n i s ca u s i n g yo u r p roject to n o l o n g e r c o nt i n u e or m i g rate i nto
p roduct i o n .

76 R H 1 24- R H E L7-e n -1-20140606

-
-

U s i n g red hat-s u p port-tool to m a n a g e s u p port cases


-

Seve rity Desc ripti o n


- L ow (Severity 4 ) A g e n e ra l usage q uest i o n , re p o rt i n g of a d o c u m entat i o n e r ro r, o r
reco m m e n d at i o n fo r a f u t u re p r o d u c t e n h a n c e m e nt o r m o d ificat i o n .
Fo r p rod u c t i o n e n v i ro n m e nts, t h e re is l ow-to- n o i m pact o n yo u r
- b u s i n ess o r t h e p e rfo r m a nce o r f u n ct i o n a l ity o f your syst e m . For
deve l o p m e n t e n v i ro n m e nts, t h e re is a med i u m -to- l ow i m pact o n yo u r
b u s i ness, b ut yo u r b u s i ness c o nt i n ues t o f u n c t i o n , i n c l u d i n g by u s i n g a
- p roce d u ra l worka ro u n d .

M a n a g i n g a b u g report w i t h redhat - s u p po r t - t ool


-
S u bs c r i b e rs may create, v iew, m o d i fy, and c l ose Red Hat S u p p o rt cases u s i n g redhat ­
s u p po r t - t ool. W h e n s u p p o rt cases a re o p e n e d o r m a i n ta i n ed , u s e rs may i n c l u d e fi l e s o r
d o c u me ntat i o n , s u c h a s d i a g n ostic reports (sosre p o rt). T h e tool u p l oa d s a n d atta c h e s f i l es
-
to o n l i n e cases. Case d eta i l s i n c l u d i n g product, version, summary, description, severity, a n d
case group may be a s s i g n ed w i t h c o m m a n d o pt i o n s or l et t i n g t h e t o o l p ro m pt f o r req u i red
i nfo r m a t i o n . In t h e fo l l o w i n g exa m p l e, the - - p r o d u c t and - - ve r sion o p t i o n s a re s pecified,
-
b u t redhat - s u p po r t - t ool wo u l d p rovi d e a l i st of c h oi ces fo r those options i f t h e opencase
command d i d not s p e c ify t h e m .

[student@desktopX -]$ redhat - su pport - t ool


Welcome to the Red Hat Support Tool .
-

Command (? for help ) : opencase


Please enter a summary (or ' q ' to exit ) : System fails to run without power
- - p roduc t = " Red Hat E n t e r p rise Linux" - - ve rsion=" 7 . 0 "

Please enter a description (Ctrl-D on an empty line when complete) :


-

When the server is unplugged, the operating system fails to continue .


1 Low
2 Normal
3 High
4 Urgent
Please select a severity (or ' q ' to exit ) : 4
Would you like to assign a case group to this case (y/N )? N
-

Would see if there is a solution to this problem before opening a support case? (y/N ) N

-
Support case 01034421 has successfully been opened .
�--�-------- ----- �---- _ _ _ _ __,.

-
I n c l u d i n g d i a g n o s t i c i nfo r m a t i o n by attac h i n g a S o s re p o r t a rc h ive
I n c l u d i n g d ia g n ostic i n f o r m a t i o n w h e n a s u p p o rt case is f i rst c reated c o n t r i b utes to q u icker
p ro b l e m reso l ut i o n . T h e sosreport com m a n d g e n e rates a compressed t a r arch ive of d i a g n ostic
- i nfo r m a t i o n g a t h e re d f ro m the r u n n i n g syste m . T h e redhat - s uppo r t - tool p r o m pts to i n c l u d e
o n e if a n a rc h ive h a s b e e n created p rev i o u s l y :

Please attach a sos report to support case 01034421 . Create a sos report as
the root user and execute the following command to attach the sos report
-

directly to the case :


redhat - support- tool addattachment -c 01034421 pa t h to sos repo r t
Would you like to attach a file to 01034421 at this time? (y/N ) N
-

Command (? for help ) :


- -- ------ - - -- - --- �-�
- - - -- - ��------

I f a c u rrent Sos re p o rt i s not a l ready prepared, a n a d m i n istrator c a n g e n e rate a n d attach o n e


l ater, u s i n g t h e too l ' s addat t achment co m m a n d a s a d v i sed prev i o u s l y. T h i s sect i o n ' s p ractice
-
exercise w i l l p rov i d e the steps for creat i n g and viewi n g a c u rrent Sos d i a g n ost i c report.

S u pport cases c a n a l so b e viewed, modified, and c l osed by you as t h e s u bscri ber:


-

- R H1 24- R H E L7 - en -1 -20140606 77

-
-

C h a pter 3. Gett i n g H e l p i n Red Hat Enterprise L i n u x


-

Command (? for help ) : listcases


Type the number of the case to view or ' e ' to return to the previous menu .
1 [Waiting on Red Hat] System fails to run without power
-

No more cases to display


Select a case : 1
Type the number of the section to view or ' e ' to return to the previous menu .
-

1 Case Details
2 Modify Case
3 Description
-

4 Recommendations
5 Get Attachment
6 Add Attachment
7 Add Comment
-

End of options .
Option : q
Select a Case : q
-

Command (? for help ) : q -

[ student@desktopX - ] $ redhat - su p po r t - t ool modifycase - - s t at us=Closed 01034421


Successfully updated case 01034421
[student@desktopX -]$ -

T h e Red Hat S u pport Too l h a s adva n ced a p p l icat i o n d i a g nostic a n d a n a l yt i c capa b i l it i es. U s i n g -

ke r n e l cra s h d u m p co re f i l es, redhat - s u p po r t - tool ca n c reate a n d extract a backtrace, a


report of t h e active sta c k f ra m es at t h e point of a c ra s h d u m p, to p rov i d e o n s i t e d i a g nostics a n d
o p e n a s u p port case. -

T h e tool a l so provides log f i l e a n a l ysis. U s i n g the too l 's analyze com m a n d , log fi l es of m a n y
types, i n c l u d i n g operat i n g syst e m , J Boss, Pyt h o n , To mcat, o V i r t . a n d ot h e rs, ca n b e p a rsed t o -
reco g n ize p ro b l e m sym pt o m s , w h i c h ca n t h e n be v i e w e d a n d d i a g nosed i n d iv i d u a l l y. Prov i d i n g
preprocessed a n a l ys i s , a s o p posed to r a w d a t a s u c h a s c ra s h d u m p or log f i l es, a l l ows s u p p o rt
cases to be opened a n d m a d e ava i l a b l e to e n g i n ee rs m o re q u i c k l y. -

] ; '� -,
; j f-
i R i References
-
!U__i
sos r e po r t 0 ) m a n p a g e

Red H a t Access: R e d H a t S u p po rt Too l -


htt ps://access.redhat.com/s ite/a rt i c l es/445443

Red Hat S u p port Too l Fi rst U s e -


https://a ccess. red h at.co m/s i te/videos/534293

Contacti n g Red H a t Tec h n i c a l S u p port


.....
htt ps://access.red h at.co m/site/s u pport/p ol i cy/s u pport_p rocess/

H e l p - Red H a t C u s t o m e r Porta l
-
https://a ccess. red h at.com/s ite/h e l p/

78 R H1 24- R H E L7 - e n -1-20140606 -

-
-

Practice: C reat i n g a n d View i n g a n Sos R e p o rt


-

P ra ct i ce: C reat i n g a n d View i n g a n Sos R e p o rt


-

-
Guided exercise
I n t h i s l a b, you w i l l use t h e sosre p o rt co m m a n d to g e n e rate a Sos report, t h e n view t h e contents
- of t h a t d i a g n ostic a rc h ive.

Outcomes

- A co m p ressed tar a rc h ive of syste m w i d e d i a g n ostic i n fo r m a t i o n .

Before you begin ...


- Perfo r m the fo l lowi n g steps o n serverX u n l ess d i rected othe rwise.

D 1. I f c u r re n t l y w o r k i n g a s a n o n - root u s e r, switch to root.

[student@serverx -]$ -
Password : redhat
su

D 2. R u n the sos report co m m a n d . T h i s may take m a ny m i n utes o n l a rg e r systems.

-
[ root@serverx -]# sosreport
sosreport (version 3 . 0 )
This command will collect system configuration and
diagnostic information from this Red Hat Enterprise Linux
-

system . An archive containing the collected information


will be generated in /var/tmp and may be provided to a Red
Hat support representative or used for local diagnostic or
-

recording purposes .
Any information provided to Red Hat will be treated in
strict confidence in accordance with the published support
-

policies at :
-
https : //access . redhat . com/support/
The generated archive may contain data considered
sensitive and its content should be reviewed by the
originating organization before being passed to any third party .
-

No changes will be made to system configuration .


Press ENTER to continue, or CTRL-C to quit . ENTER
-

Please enter your first initial and last name [serverX . example . com] : yourname
Please enter the case number that you are generating this report for : 0 1034421
-

- P ress E n t e r . Provide t h e req u ested information. M a ke up a va l u e for t h e case n u m be r.

Running 17/74 : general . . .

l
Creating compressed archive . . .
Your sosreport has been generated and saved in :
-

-
/var/tmp/sosreport -yourname . 01034421-20140129000049 . tar . xz

- R H1 24- R H E L 7-e n-1-20140606 79

-
-

C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p r i se L i n u x

The checksum is : b2e78125290a4c791162e68da8534887


-

Please send this file to your support representative . -

D 3. C h a n g e d i rectory to /var / t m p , and u n pa c k the arch ive. -

[ root@serverX -]# cd /var/tmp


[ root@serverX tmp]# tar - xv J f sos report - * . tar . xz -

D 4. C h a n g e d i rectory to t h e res u l t i n g s u b d i rectory a n d b rowse t h e f i l e s fo u n d t h e re.

[ root@serverX -]# cd sosrepo r t - yourname . 81834421 - 26148129668649


-

[ root@serverx sosreport -yourname. e1e34421-2e14e129eeee49}# ls - lR


-

O p e n f i l es, l ist d i rectories, a n d cont i n u e to b rowse to become fa m i l ia r with t h e


i nfo r m a t i o n i n c l uded i n Sos re p o rts. I n t h e f o r m o f t h e o r i g i n a l arch ived a n d c o m p ressed
-
file, this is t h e d i a g n ostic i n fo r m a t i o n you wou l d be atta c h i n g to a redhat - s u p po r t ­
t ool s u p port case. When f i n i s h e d , rem ove t h e a rc h ive d i rectory a n d f i l es a n d ret u r n to
yo u r home d i rectory.
-

[ root@serverX sosreport-yourname. e1@34421-2@14@129eeee49]#


[ root@serverX tmp]# rm - rf sos repo r t *
cd /var/tmp

[ root@serverx tmp]# exit


[student@serverx -]$
-

80 R H 1 24- R H E L7-en-1-20140606 -

-
-

L a b : V i e w i n g a n d P r i n t i n g H e l p Docu mentation
-

L a b : View i n g a n d Pri nt i n g H e l p Doc u m e ntat i o n


-

-
Perfor mance checklist
I n t h i s l a b, you wi l l p ractice research methods t y p i ca l l y used by syste m a d m i n i st rators to l e a r n
h o w to perfo r m n e ce s s a ry tasks.
-

Outcomes
• Acco m p l i s h a g iven task; practice l ocat i n g re l eva nt c o m m a n d s by searc h i ng man pages a n d
-
pinfo n odes.

• Learn new opt i o n s for com m o n l y used d o c u m e ntat i o n commands.


-

• Recog n ize va r i o u s d o c u m e n t f i l e formats; u s e a p p ro p riate too l s to v i ew a n d print


d o c u m e ntation an d o t h e r n o n -text fo rm atted f i l es.
-

Before you begin ...


Perform the fo l l owi n g steps o n serverX u n l ess d i rected ot h e rwi se.
-
1. Research man(1 ) to deter m i n e h o w t o p r e p a re a m a n p a g e f o r p r i n t i n g . W h a t format o r
re n d e r i n g l a n g u a g e is co m m o n l y used?
-
2. C reate a formatted output f i l e of t h e pas swd m a n page. Dete r m i n e t h e f i l e c o n t e n t fo rmat.

3. Research u s i n g man to l e a r n the co m m a n d (s) used for viewing o r p r i n t i n g Post s c r i pt f i l es.


-

4. Research evin ce(1 ) u s i n g man to l e a r n how to use the viewer i n p review m o d e. A l so,
dete r m i n e how to open a d o c u m e n t start i n g o n a specific page.
-

5. V i ew your Post s c r i pt f i l e u s i n g the va r i o u s evince o pt i o n s you resea rched. C l ose your


document file when you a re f i n i s hed.
-

6. Using man, research lp(l ) to dete r m i n e how to p r i n t a n y document sta rti n g o n a s pecific
page. Without actua l l y entering a ny com m a n d s (s i n ce t h e re a re n o pri nters), w h a t wou l d be
- t h e syntax, o n o n e com m a n d l i ne, to print o n l y pages 2 a n d 3 of yo u r Post s c ri pt f i l e?

O n e a n swer is lp pas swd . ps - P 2 - 3.


-
Fro m lp(1 ) , learn t h a t t h e - P option specifies pages. The lp co m m a n d spoo l s to t h e default
p r i nter, send i n g o n l y t h e page ra nge sta rt i n g o n 2 a n d e n d i n g on 3.

k:::SJ
-
, ...., ,,
Note
-
T h e re a re c u r re n t l y n o p r i nters confi g u red i n t h e c l a ssroom . H oweve r, you m a y
practice l at e r u s i n g p r i n t e r mod e l s c o n f i g u red i n you r own e n v i ro n m e nt . Fa m i l ia rity
with t h ese c o m m a n d s is often u s ef u l .
-

7. U s i n g pinfo, l o o k for G N U i nfo a bout t h e evince viewer.


-

8. A s a n o p p o rt u n ity to obse rve t h e a b u n d a n c e of G N U f u n d a m e nta l u t i l ities, u s e pinfo to


l ocate and b rowse a l l d o c u m e n t nodes for the coreutils c o m m a n d s and pro g ra m s.
-

R H 1 24- R H E L7 - en -1-20140606 81

-
-

C h a pter 3. Gett i n g H e l p i n Red Hat Enterprise L i n u x


-

9. U s i n g firefox, o p e n t h e syste m ' s package d o c u m e n t a t i o n d i rectory a n d b rowse i nto t h e


man - d b package s u b d i recto ry. View the p rov i d e d m a n u a l (s).
-

1 0. U s i n g t h e o p e n F i r efox b rowser, l ocate a n d b rowse i n to t h e init s c r i p t s p a c k a g e


s u b d i recto ry. View t h e sysconfig . t x t f i l e , w h i c h describes i m po rta nt syst e m
-
confi g u ra t i o n opt i o n s sto red i n t h e /e t c/sysconfig d i recto ry.

82 RH124- R H E L7-en-1-20140606 -
-

-
Sol ution

Solution
-

-
I n t h i s l a b, you w i l l p ractice resea rch methods typica l l y used by syst e m a d m i nistrators to l e a r n
how to p e r f o r m necessary tasks.

-
O ut c o m e s
• Acco m p l is h a g iven task; practice locat i n g re l eva nt c o m m a n d s by s e a rc h i n g man pages a n d
pinfo nodes.

- • Lea r n new o pt i o n s fo r com m o n l y used d o c u m e ntat i o n co m m a n d s .

Recog n i z e va rious d o c u m e n t f i l e formats; use a p p ropriate t o o l s to view a n d p r i n t

-

docu m e ntation a n d ot h e r n o n -text formatted fi les.

Before you begin ...

- Pe rfo r m the fo l lo w i n g steps o n se rve rX u n l ess d i rected ot h e rw ise.

1. Research man(1 ) to dete r m i n e how to p re p a re a man page for p r i n t i n g . What fo rmat or

- re n d e r i n g l a n g u a g e is com m o n l y used?

I [ student@serverx -]$ man man


-
man uses - t to p repa re a m a n page for p r i n t i n g , u s i n g Post s c r i pt.

- 2. C reate a formatted o u t p u t f i l e of t h e pas swd m a n page. Dete r m i n e t h e f i l e c o n t e n t fo rmat.

[ student@serverX -]$ m a n - t pas swd >


- [student@serverX - ] $ file passwd . ps
passwd . p s

[ student@serverx - ] $ less passwd . ps


- T h e f i l e is in Post s c r i pt format, l ea r n e d u s i n g t h e file c o m m a n d a n d confi rmed by view i n g
t h e f i l e contents. N ot ice t h e h e a d e r l i nes o f Post s c r i pt i nformat i o n .

- 3. Research u s i n g m a n to l e a r n t h e co m m a n d (s) u s e d f o r v i e w i n g o r p r i n t i n g Post s c r i pt f i l es.

[ student@serverx - ]$ m a n - k postsc ript viewe r


-

U s i n g m u l t i p l e words w i t h t h e - k o p t i o n f i n d s m a n pages matc h i n g either word; t hose w i t h


" postsc r i p t " o r " v i ewer" i n t h e i r descriptions. N o t i c e t h e evince(1 ) a n d gho s t s c r ipt ( 1) (or
-
g s (1 ) ) c o m m a n d s in the o u t p ut.

4. Research evince(1 ) u s i n g man to l e a r n how to use the v iewe r in p review mode. A l so,
-
dete r m i n e how to open a d o c u m ent sta rt i n g on a specific page.

-
I [ student@serverx -]$ man evince

The -w (or - - p review) o pt i o n o p e n s evince in preview m o d e. The - i option i s used to


- s p e c ify a start i n g page.

5. View yo u r Post s c r i pt file u s i n g t h e va r i o u s evince options you resea rched. C l ose yo u r


- d o c u m e n t f i l e w h e n you a re f i n i s h e d .

- R H 1 24- R H E L 7-en-1-20140606 83

...
-

C h a pter 3. Gett i n g H e l p i n Red Hat E n t e r p rise L i n u x


-

[ student@serverx
l
r
[ student@serverx
I - ) $ evince pas swd . ps

I [ student@serverX
1
- ) $ evince - w pas swd . ps
- ) $ evince - i 3 pas swd . ps
-

W h i l e n o r m a l evince mode a l l ows f u l l-screen a n d presentatio n-sty l e viewing, t h e evince -

p review mode is usef u l for q u i c k b rows i n g and p r i n t i n g . N ot i c e the pri n t i c o n at the top.

6. U s i n g man, research lp(1) to dete r m i n e how to print a n y d o c u m e n t start i n g on a specific -


page. W i t h o u t actua l l y ente r i n g a n y commands (since t h e re a re n o p r i n t e rs), w h a t wo u l d b e
t h e sy ntax, o n o n e c o m m a n d l i ne, to p r i n t o n l y pages 2 a n d 3 of y o u r Posts c r i pt f i l e?

[student@serverx
-

I - ) $ man lp
�������- ����
-
O n e a n swer is lp passwd . ps - P 2 - 3.

Fro m lp(1 ) , l e a r n that the - P o p t i o n specifies pag es. The lp com m a n d s p o o l s to the default
-
p r i n t e r, s e n d i n g o n l y t h e page ra n g e sta rt i n g on 2 a n d e n d i n g on 3.

-�----.... .
Note -

T h e re a re c u r re n t l y no p r i nters confi g u red i n the c l assroom. H owever, you may


practice later using printer models confi g u red i n y o u r own e n v i ro n m e nt. Fa m i l ia rity -

with t h ese com m a n d s is oft e n usef u l .

7. U s i n g pinfo, look for G N U i nfo a bo u t t h e evince viewer.

r-[student@serverx �
-

- ) $ pinfo evin e

-
N otice t h a t t h e evince(1 ) m a n p a g e d i s p l ays i n stead. The pinto d o c u m e n t viewer looks
for the rel eva nt man page when n o a p p ropriate GNU d o c u m e n t a t i o n node exists for t h e
requ ested topic. Press q to c l ose pinto.
-

8. As an o p p o rt u n ity to observe the a b u n d a nce of GNU f u n d a m e nta l u t i l i t i es, use pinfo to


l ocate and b rowse a l l d o c u m e n t nodes for the coreutils co m m a n d s a n d p rogra m s.

I [student@serverX
-
r

- ) $ pinfo

Fro m t h e d i rectory node, press DownAr r ow u n t i l the l i n k i s s e l ected for Coreut ils :
Co r e G N U ( file , t e x t , shell ) u t ilities . Press E n t e r to fo l l ow t h e l i n k to GNU
Co r e u t ils. N o t i c e t h e l o n g m e n u l is t i n g , w i t h I n t rod u c t ion c u r re n t l y sel ected. Press -

E n t e r . At the top of the scree n , pay atte n t i o n to the h e a d e r, w h i c h d i s p l ays the p revious,
c u rrent, and n ext nodes. Browse t h e i nfo r m a t i o n , press n for t h e next node, a n d repeat.
B rowse e a c h scre e n , s i m p l y n ot i c i n g t h e c o m m a n d s and t h e i r d e s c r i p t i o n s . Cont i n u e u n t i l -

n o d e 2 9 Opening t he Softwa r e Toolbox is rea c h e d . R e a d t h i s c h a pter i n i t s e n t i rety


u s i n g t h e navigation you have l e a r n e d . W h e n f i n i s hed, ret u r n the way you ca m e by u s i n g
only LeftAr row u n t i l t h e t o p d i rectory n o d e i s f i n a l l y rea c h e d . Press q to c l ose pinfo. -

84 R H 1 24- R H E L7-e n-1-20140606 -


-

Solution
-

9. U s i n g firefox, o p e n t h e syste m ' s package d o c u m entation d i rectory a n d b rowse i n to t h e

I [student@serverx -]$
man - d b p a c k a g e s u b d i recto ry. V i ew t h e p rovided m a n u a l (s).
-

fi refox /usr/share/doc
!
-
R e m e m b e r t h a t bookma rks c a n be m a d e for a n y d i rectories t h a t a re freq u e n t l y used.
Afte r b rows i n g to t h e man - d b d i recto ry, c l i c k to open a n d view t h e text vers i o n of the
- m a n u a l , t h e n c l ose it. C l ic k to open t h e Post s c r i pt vers i o n . As obse rved ea r l i e r, evince is
t h e syst e m ' s defa u l t viewer for Post s c r i pt and PDF d o c u m e nts. Yo u may wish to retu r n to
these d o c u m e nts l a t e r to become more k n o w l e d g ea b l e a bout man. W h e n f i n i s h e d , c l ose t h e
- evince viewer.

1 0. U s i n g t h e o p e n F i r efox b rowser, locate a n d b rowse i nto t h e init s c ript s package


- s u b d i recto ry. View t h e sysconfig . t x t fi l e, which descri bes i m portant system
confi g u ra t i o n o pt i o n s stored i n the / e t c / sysconfig d i recto ry.

-
N otice how usefu l a b rowser is for locat i n g a n d view i n g l o c a l syste m d o c u m e n t a t i o n . C l ose
the d o c u m e n t w h e n f i n i s h e d , but l eave Fi refox o p e n .

- R H124- R H E L 7 - e n -1 -20140606 85

-
-

C h a pter 3. Gett i n g H e l p i n Red Hat Enterprise L i n u x


-

S u m m a ry
-

Read i n g Doc u m e nt a t i o n Using m a n C o m m a n d


A n ove rview of t h e L i n u x m a n u a l i n m a n p a g e f o r m a t , i n c l u d i n g eff i c i e nt n a v i g a t i o n a n d
-
searc h i n g .

Rea d i n g D o c u m e n t a t i o n U s i n g p i nto Com m a n d


A n ove rview o f t h e G N U I nfo d o c u m e n t a t i o n syst e m , i n c l u d i n g eff i c i e n t n a v i g a t i o n a n d
searc h i n g .

Rea d i n g Docu m e nt a t i o n i n /u s r/s h a re/doc -

T h e practice of b u n d l i n g d o c u m e ntation w i t h RPM packages, which a re then stored


u n d e r t h e d i rectory /usr /s h ar e/doc.
-

Gett i n g H e l p Fro m Red Hat


U s e red hat-s u p p o rt-too l to l o o k u p Red H a t K n o w l e d g e base a rt i c l es a n d m a n a g e
s u pport cases. -

86 R H 1 24- R H E L7 - e n -1-20140606 -

-
red h at ®

®
TRAINING

C HA PT E R 4

CREATI NG, VIEWI NG, AN D


EDITING TEXT FILES

Overview

Goal To c reate, v iew, a n d edit text files from command output o r


i n a n e d itor.

Objectives • Redirect t h e text o u t p u t of a p ro g ra m to a file or to


a n ot h e r program.

• Edit exist i n g text files and c reate new files from the s h e l l
prompt w i t h a text editor.

• Copy text from a g ra p h i c a l window to a text file u s i n g a


text editor r u n n i n g i n t h e g ra p h i c a l enviro n m e nt .

Sections • R e d i re c t i n g O u t p u t to a File or Program (and Pra c t ice)

• E d i t i n g Text F i l es from t h e S h e l l P ro m pt (and Pract i ce)

• E d i t i n g Text Fi les with a G ra p h i c a l Editor (and P ractice)

Lab • C reat i n g , Viewing, a n d E d i t i n g Text F i les

R H1 24- R H E L7-en-1 -20140606 87


C h a pter 4. C re a t i n g , Viewing, a n d E d i t i n g Text F i l es

R e d i re ct i n g O u t p u t to a F i l e o r P ro g ra m

O bj e c t ives
After c o m p l e t i n g this section, students s h o u l d be a b l e to:

Describe the tec h n i c a l terms sta nd a rd i n put, sta n d a rd o ut p u t, and sta n d a rd error.

U s e red i rection c h a ra cters to control output to files.

U s e p i p i n g to control output to o t h e r programs.

Sta n d a rd i n p ut, sta n d a rd o u t p ut, a n d sta n d a rd e rro r


A p ro cess structure is constructed w i t h n u m be red c h a n ne l s (file descriptors) to m a n a g e o p e n
files. Processes c o n n e c t to files t o reach data content o r devices t h ese f i l es re p resent. Processes
are c reated with d efa u lt c o n n ections for c h a n n e l s 0, 1 , and 2 , k n o w n as standard input, standard
output, a n d standard error. Processes use c h a n n els 3 a n d a b ove to c o n ne ct to other f i l es.

std out
std i n
std err

..other files ...


-���,
. .I

Figure 4. 1 : Process 110 channels (file descriptors)

Channels ( File Descriptors)


N u m be r Channel name Descri p t i o n Defa u l t connection Usage

0 s t d in S t a n d a rd i n p u t Keyboa rd read o n l y

1 s tdou t Sta n d a rd output Te r m i n a l w r ite o n l y

2 stde r r Sta n d a rd error Te r m i n a l write o n l y

3+ filename O t h e r f i l es none read a n d /o r write

R e d i re ct i n g o u t p ut to a f i l e
C h a n n e l redirection r e p l a ces defa u l t c h a n n e l dest i n a t i o n s with f i l e n a m e s represe nting e i t h e r
o u t p u t f i l es o r d evices. U s i n g red i rect i o n , p rocess o u t p ut a n d error m e s s a g e s can b e c a p t u red a s
f i l e c o ntents, s e n t to a d ev i ce, o r d i sc a rd e d .

R e d i recting s tdou t s u p p resses p ro cess o u t p u t from a p pea r i n g o n t h e ter m i n a l . A s s e e n


i n t h e fol l o w i n g t a b l e, red i recting only s tdou t d o e s not s u p p ress s tde r r e rror messages
from d i s p l a y i n g o n t h e term i na l . The s p e c i a l file /dev/null q u ietly d i scards c h a n n e l o u t p u t
redi rected to it.

88 R H 1 24-RH E L7-en-1-20140606
R e d i recti n g o u t p u t to a f i l e

Output Redirection Operators

t
Usage E x p l a nation Visual aid
(note)

G
stdln stdout
., .,

-•
red i rect __

> fi l e s t do u t
======
':!'l.!,� 1 process
<1 l stderr
to a file
- - �

red i rect
stdout to a


» fi l e f i l e, a p pend

to c u r rent f i l e
c o n t e n t (2) =-

std In stdout
red i rect ..

process
.,


2 > fi l e stde r r
(1) /
� �� stderr

to a f i l e
--

d i scard std In stdout


.. .,
s t de r r error
process
2> /dev/n u l l messages by ,ZW �� std err
<�
red i recting to
/dev/null

combine
s t do u t a n d
•W ' "


t:J � process

-
& > fi l e


stde r r to rm -

o n e f i l e (1)

combine
stdln
s t do u t a n d ..
s t de r r, ,--
» fi l e 2 >&1
a p pe n d to /"? �'�
c u r re n t file
<2l <3l
content
(1)
N ote: 0verwrite existing file, c reate file i f new.
(2) A p p e n dexist i n g f i l e, c reate f i l e if n ew.
(3l
The order of red i rection is i m p o rtant to avo i d u n expected c o m m a n d behavior.
2>&1 sends stde r r to t h e s a m e p l a c e as stdou t . For t h i s to work, s t do u t
needs to be red i rected fi rst, before a d d i ng stde r r to s t dou t . A l t h o u g h &>>
is an a lter nate way to a p p e n d b o t h s t do u t a n d stde r r to a f i l e, 2>&1 is t h e
m e t h o d n e e d e d to s e n d b o t h s tdou t a n d stde r r t h r o u g h a p i pe.

R H124- R H E L7 -e n-1-20140606 89
-

-
C h a pter 4. C reat i n g , V i ew i n g , a n d Edit i n g Text F i l e s

-
Exa m p les f o r o u t p u t re d i re c t i o n

-
M a ny ro u t i n e a d m i n istra t i o n tasks a re s i m p l ified by using red i rection. U s e t h e p rev i o u s table to
assist while c o n s i d e r i n g the fo l l ow i n g exa m p l es :

-
• Save a t i m esta m p f o r l a t e r refe rence.

[student@desktopX - ] $
-
date > /tmp/saved - t imes t amp

• Copy the l a st 100 l i n es from a log f i l e to a n ot h e r f i l e.

[ student@desktopX - ] $ t ail - n 100 /var/log/dmesg > /tmp/las t - 100 - boot - messages -


• Concatenate fo u r f i l es i nto o n e.
-
[student@desktopX - ] $
-
cat file1 file2 file3 file4 > / t mp/all - fou r - in - one

• List the h o m e d i rectory ' s h id d e n and reg u l a r f i l e n a mes i nto a f i l e.

[student@desktopX - ] $ ls - a > / t mp/my - file - names -

-
j
• A p pend o u t p u t to an e x i st i n g f i l e.

[student@desktopX - ] $
[student@desktopX - ] $ -
echo " new line of informatio n " » /tmp/many - lines - o f - info rmation
diff previo u s - file c u r rent - file >> /tmp/t rackin g - change s - made

-
• I n t h e next exa m p l es, e r rors are g e n e rated s i n ce n o r m a l users a re d e n i e d access to system
d i recto ries. R e d i rect e r ro rs to a f i l e w h i l e view i n g n o r m a l co m m a n d o u t p u t o n the term i n a l .

[student@desktopX - ] $
-
find /etc - name passwd 2> /tmp/er ro r s

I [ student@desktopX - ] $
-
• Save process o u t p u t and error messages to s e p a rate fi l es.

find /etc - name passwd > /tmp/o u t p u t 2> /tmp/e r r o r s

• I g n o re a n d d i s c a rd error messages. -
[student@desktopX - ] $ f i n d /etc - name passwd > /t mp/o u t p u t 2> /dev/null
-

-
• Store output a n d g e n e rated errors toget h e r.

[student@desktopX - ] $ find /etc - name passwd &> /tmp/save - bo t h

• Append output and g e n e rated e r rors to a n e x i st i n g fi le.

[student@desktopX - ] $ find / e t c - name passwd >> /tmp/save - bo t h 2>&1


-

90 R H 1 24- R H E L7 - e n -1-20140606 -

-
Const r u c t i n g p i p e l i n e s

C o n st ruct i n g p i p e l i n es
Redirection contro l s c h a n ne l o u t p u t to or from files w h i l e piping sends c h a n n e l o u t p u t to a n o t h e r
process.

process process

Figure 4.8: Process 110 piping

E x a m p les for p rocess p i p i n g red i rection


Pagi nate a comma n d ' s long o u t p ut.

[ s t u d e n t@d e s k t o p X -]$ ls - 1 /us r/bin I less

C o u nt t h e n u m be r of l i nes in an o u t p u t o r l i s t i n g .

[ s t u d e n t @d e s k t o p X - ] $ ls I we - 1 > /tmp/how - many - files

G ra b the f i rst l i nes, last l i n es, or s e l ected l i nes of c o m m a n d output.

[ s t u d e n t@de s k topX - ] $ ls - t I head - n 10 > /tmp/ten - last - changed - files

process

Figure 4. 9: Process 110 piping with tee

E x a m p l es for using the t ee c o m m a n d for p i p i n g


The t e e c o m m a n d d i s p l ays o r red i re cts t h e i ntermediate res u l t n o r m a l l y s u p p ressed d u e t o
p i p i n g . I n t h e f i rst exa m p le, t h e ls l i sting is v i ewed o n a t e r m i n a l w h i l e s i m u ltaneously b e i n g
stored i n a fi le.

[ s t u d e n t@des ktopX - ] $ ls - 1 I tee /tmp/saved - ou t put

D ete r m i n e t h e term i n a l device for the current w i n d ow. Send t h e res u lts a s mail and view t h e
s a m e res u lts i n t h i s w i n d ow.

I [ s t u d e n t@d e s k topX
/dev/pts/0
- ] $ tty

R H1 24- R H EL 7-en-1-20140606 91
-

C h a pter 4. C reat i n g , View i n g , a n d E d i t i n g Text F i l e s

[student@desktopX -]$
-

ls 1 I t e e /dev/pts/0
- mail -s subject
s t udent@desktopl . example . com
-

R References
-
info bash ( The GNU Bash Reference Manual)
• S e c t i o n 3.2.2: P i pe l i n es
-
info bash ( The GNU Bash Reference Manual)
• Section 3.6: Red i re ct i o n s
-
i n f o c o r e u t il s ' t ee invo c a t ion ' ( The G N U coreutils Manual)
• Sect i o n 17.1: Red i rect o u t p u t to m u lt i p l e f i l es or processes
-
bas h (1 ) , cat(1), head(1 ) , les s ( 1 ) , mail(1 ) , t ee(1 ), t ty(1 ) , wc(1 ) man pages

92 R H 1 24- R H E L 7-e n-1-201 40606 -

-
-

P ractice: 1/0 R e d i re c t i o n a n d P i pe l i nes


-

Pra ct i ce: 1 /0 Red i rect i o n a n d P i pe l i n es


-

-
Quiz
Match t h e fo l l ow i n g items to t h e i r cou n te r pa rt s i n t h e t a b le.
-

&>/d ev/n u l l
EJ 2 >/d ev/n u l l > f i l e 2 > /d ev/n u l l

I I
-

»fi l e 2 > &1 > f i l e 2 >f i l e2 I tee file


-

Res u lt n ee d e d Red irection synta x u sed

D i s p l ay com m a n d o u t p u t to ter m i n a l , i g n o re a l l
-
e r ro rs.

- S e n d co m m a n d o u t p u t to fi l e; e r ro rs to d iffe re nt
f i l e.
-

S e n d o u t p u t a n d e r ro rs to t h e sa m e n ew, e m pty
- f i l e.

-
S e n d o u t p u t a n d e r rors to t h e sa m e f i l e, b u t
p rese rve ex i st i n g f i l e content.
-

R u n a co m m a n d , b u t t h row away a l l p o ss i b l e
-
te r m i n a l d i s p l ays.

-
S e n d co m m a n d o u t p u t to b o t h t h e s c re e n a n d a
f i l e a t t h e sa m e t i m e.
-

R u n c o m m a n d , save o u t p u t i n a f i l e, d i sca rd e r r o r
-
messa g e s .

- R H 1 24- R H E L7 - en -1 -20140606 93

-
C h a pter 4. C reat i n g , V i e w i n g , a n d Editing Text F i l e s

S o l ut i o n
Match t h e fo l l owi n g items to t h e i r cou nterparts i n t h e t a b l e.

Res u l t n e e d e d Re d i re c t i o n s y n t a x u s e d

D i s p l ay co m m a n d o u t p ut t o t e r m i n a l , i g n o re a l l 2 >/d e v/n u l l
e r ro rs.

Send co m m a n d o u t p u t to file; e r rors t o d i ffere n t >file 2>file2


f i l e.

S e n d o u t p u t a n d e r rors to t h e s a m e n ew, e m pty &>f i l e


f i l e.

S e n d o u t p u t a n d e r ro r s to t h e s a m e f i l e, b u t » f i l e 2 > &1
p reserve e x i st i n g f i l e c o n t e n t .

R u n a co m m a n d , b u t t h row a wa y a l l p o s s i b l e &>/d ev/n u l l


te r m i n a l d i s p l a ys.

Send co m m a n d o u t p u t to both the sc re e n a n d a I tee f i l e


file at the same t i me.

R u n co m m a n d , s ave o u t p u t i n a f i l e , d i s c a rd e r ro r > f i l e 2 > /d ev/n u l l


m e ssa g e s .

94 R H 1 24- R H E L7 - e n -1-20140606
E d i t i n g Text Fi les from t h e S h e l l P ro m pt

E d i t i n g Text F i l es f ro m t h e S h e l l P ro m pt

O bj e c t i ves
A f t e r c o m p l et i n g t h i s sect i o n , students s h o u l d be a b l e t o :

C reate new f i l e s a n d e d i t existing t e x t files from t h e s h e l l p ro mpt.

Navigate within a n e d itor to effectively acco m p l is h e d i t i n g tasks.

Ed i t i n g f i l es w i t h V i m
A key d e s i g n p r i n c i p l e of L i n u x is t h at i nfor m a t i o n is stored i n text-based f i l es. Text f i l es i n c l u d e
both flat files w i t h rows of s i m i l a r i nfo rmat i o n , s u c h a s c o n fi g u ra t i o n fi les i n / e t c , a n d Extensible
Markup Language (XML) f i l es, w h i c h define d ata struct u re t h ro u g h text tags, seen i n a p p l ication
confi g u ration files t h ro u g h o u t b o t h / e t c a n d / u s r . T h e a d va ntage of text files i s t h a t t h ey
c a n be m oved or s hared betwee n syste ms without req u i r i n g conversion, a n d can be v iewed a n d
e d i te d u s i n g a n y s i m p l e text e d itor.

V i m is a n i m p roved vers i o n of t h e vi editor d i stri b uted w i t h L i n u x a n d U N I X system s . V i m is h i g h ly


confi g u ra b l e a n d effic i e nt for p racticed users, i n c l u d i n g s u c h featu res as s p l i t screen e d i t i n g ,
c o l o r fo rmatt i n g , a n d h i g h l ig h t i n g fo r e d i t i n g text.

Figure 4. 10: Moving between Vim modes

W h e n f i rst opened, V i m starts i n command mode, used for navigation, cut a n d paste, a n d o t h e r
text m a n i p u lation. E n t e r e a c h o f t h e ot her m o d es w i t h s i n g l e c h a racter keyst rokes to a ccess
s p ecific e d i t i n g f u nc t i o n a l ity:
An i keyst roke enters insert mode, where a l l text typed becomes f i l e c o ntent. Press i n g Esc
retu r n s to c o m m a n d mode.

A v keyst roke e nters visual mode, w he re m u lt i p l e c h a racters may be s e l ected for text
m a n i p u l ation. Use v for m u lt i - l i n e and C t r l - v for b l o c k selection. The same keystro ke used to
enter visual m o d e (v, V o r C t r l - v) is used to exit.

R H 1 24- R H E L7-en-1 -20140606 95


-

C h a pter 4. C reat i n g , V i ew i n g , a n d E d i t i n g Text F i l es


-

T h e : keyst roke beg i n s extended command mode for tasks l i ke writ i n g t h e f i l e to save it. a n d
q u itti n g t h e V i m editor.
-

T h e m i n i m u m , b a s i c V i m w o r kflow
Vim h a s efficient. coord i nated keyst rokes for advanced e d i t i n g tas ks. A l t h o u g h con s i d e red usef u l
-
w i t h p ra c t i ce, V i m ' s capa b i l it i e s c a n ove rw h e l m n e w users. T h e fo l l owi n g workf l ow presents t h e
minimum keyst rokes every V i m u s e r m u st l e a r n t o acco m p l i s h any e d i t i n g task.
-
T h e i n st r u ctor will d e m o n s t rate a typica l f i l e editi n g session using only basic V i m keystrokes.

1. Open a file with vim fil ename.


-

2. Repeat t h i s text e n t ry cyc l e, a s m a n y t i m es a s t h e t a s k req u i res:

• U s e a r row keys to position the c u rsor.

• Press i to enter i n se rt mode.


-
• E n t e r text.

• Press Esc to ret u r n to com m a n d mode.


-

• I f n e cessa ry, p ress u to u n d o m i staken edits on t h e c u rrent l i ne.

3. Repeat this text d e l et i o n cyc le, a s m a ny times a s t h e t a s k req u i res: -

• U s e a r row keys to position the c u rsor.


-
• Press x to d e l ete a s e l ection of text.

• I f n e cessa ry, use u to u n d o m i st a k e n edits o n the c u rrent l i n e.


-

4. To save or exit, c h oose o n e of t h e fo l l ow i n g to write or d i s c a rd fi l e ed its:

• Enter : w to write (save) t h e file and re m a i n i n co m m a n d m o d e for m o re edit i n g . -

• E n t e r : w q t o write t h e f i l e a n d q u i t V i m .
-
• E n t e r : q ! t o q u it V i m , but d i scard a l l f i l e c h a n g es s i n c e t h e l a st write.

R e a r ra n g i n g e x i st i n g text
-
In Vim, copy and paste is kn o wn a s yank and put, u s i n g com m a n d c h a racters y and p. B e g i n by
p o s it i o n i n g the c u rsor o n the first c h a racter to be s e l ected, t h e n enter v i s u a l mode. Use a r row
keys to ex pa n d the v i s u a l s e l ection. W h e n read y, press y to yank the s e l ect i o n into m e m o ry.
-
Pos i t i o n t h e c u rsor at t h e new l ocat i o n , t h e n press p to put t h e s e l e c t i o n at t h e c u rsor.

T h e i n st r u ctor w i l l d e m o n st rate "ya n k a n d put" u s i n g v i s u a l m o d e.


-

1. O p e n a f i l e w i t h vim fil ename.

2. R e p e a t t h i s text s e l ecti o n cyc l e , a s m a ny t i m e s a s t h e t a s k req u i res: -

• U s e a r row keys to position the c u rsor to t h e fi rst c h a racter.


-
• Press v to enter v i s u a l mode.

• U s e a r row keys to position t h e c u rsor to t h e l a st c h a racter.


-

96 R H 1 24- R H E L7-en-1-20140606 -

-
-

E d i t i n g f i l e s with V i m
-

• Press y to ya n k (co py) t h e s e l e c t i o n .

- • U s e a rrow keys to pos i t i o n t h e cursor a t t h e i n sert location.

• Press p to p u t (pa ste) t h e s e l e c t i o n .


-

3. To s a v e o r exit, c h oose o n e of t h e fo l l owi n g to w r i t e o r d iscard f i l e ed its:

-
• E nt e r : w to write (save) t h e file and re m a i n i n com m a n d mode for m o re e d i t i n g .

• E n t e r : wq to w r i t e the f i l e a n d q u it V i m .

-
• E n t e r : q ! to q u it V i m , but d i s c a rd a l l f i l e c h a nges s i n ce t h e l a st w r ite.

�·:(
, · �,,
- Note
Bewa re t h e a d v a n ced V i m u s e r offe r i n g s h o rtcuts a n d t r i c ks before t h e b a s i cs a re
m a stered. V i m req u i res practice to become efficient. It is reco m m e n d e d to conti n u e
-
l e a r n i n g n e w keystrokes to exte n d V i m ' s usefu l n ess. For t hose c u r i o u s h o w exte n s ive
t h i s can be, p e rform a n I nternet search for " V i m t i ps".

7
-
A n i n - d e pt h p resentation of Vim i s i n c l u d e d in t h e Red Hat Enterprise Linux System
Administration II cou rse.

R References
-
vim(1) m a n p a g e

Vim the editor


-
http://www.v i m .o rg /

- R H 1 24- R H E L7 -en -1-20140606 97

-
-

C h a pter 4. C reat i n g , V i ew i n g , a n d Edit i n g Text F i l es


-

P ract i ce : Ed it i n g F i l es w i t h Vi m
-

Guide d exercise
-

I n t h i s l a b, you w i l l use a l oca l l y i n sta l l ed reso u rce to p ractice e nt ry-level vim e d it o r tec h n i q ues.

Outcomes: -

E x p e r ie nce with vim, and kn o wledge about u s i n g vimt u t o r to g a i n c o m peten cy.

Before you begin ... -

In this exercise, use the exist i n g Vim tuto r i a l b u n d l e d with the Vim editor. The i n sta l l ed vim­
enhanced p a c ka g e p rovides vimt u t o r . For e a c h exercise step, use t h e corres pond i n g l esson i n
v i m t utor to p ract i ce. Ret u r n h e re w h e n t h e l e s s o n step i s co m p l ete. Pe rfo r m t h e fo l l o w i n g steps -

on serve r X u n l es s d i rected otherwise.

I [student@serverx -]$
D 1. Open vimt u t o r . Read t h e We l c o m e screen and p e rfo r m Lesson 1 . 1 .
-

vim t u t o r
!
-

I n t h e l e c t u re, o n l y key boa rd a r row keys we re used for navigat i o n . I n vi's e a r l y yea rs,
users co u l d n ot re l y o n wo r k i n g keyboa rd m a p p i n g s for a r row keys. T h e refore, vi was
d e s i g n e d with c o m m a nds u s i n g o n l y sta n d a rd c h a ra cter keys, s u c h as the conve n i e n t l y -

g ro u ped h , j , k, a n d 1. H e re is o n e w a y to re m e m b e r t h e m :

h a n g back, j u m p down, k i c k up, leap forward. -

D 2. Ret u r n to t h e vimt u t o r w i n d ow. Perfo r m L esson 1 . 2.


-
T h i s e a r l y lesson teaches how to q u it w i t h o u t h a v i n g to keep a n u nwa nted f i l e c h a nge. A l l
c h a n ges a re l ost, b u t t h i s i s bett e r t h a n l e a v i n g a critica l f i l e i n a n i n c o r rect state.

-
D 3. Ret u r n to t h e vimt u t o r w i n d ow. Pe rfo r m Lesson 1 . 3.

V i m h a s faste r, m o re effic i e n t keystrokes to d e l ete a n exact a m o u n t of words, l i nes,


s e n t e n ces, and p a ra g ra p h s . H oweve r, a ny editing j o b can be acco m p l is h e d using only x
for s i n g l e - c h a racter d e l et i o n .

D 4. Ret u r n to t h e vimt u t o r w i n d ow. Pe rfo r m Lesson 1.4.

T h e m i n i m u m req u i red keystrokes a re for e n t e r i n g and leaving e d it mode, a r row keys,


a n d d e l et i n g . For most edit t a s ks , the fi rst key pressed is i. ·-

D 5. (Optional) Ret u r n to the vimt u t o r w i n d ow. P e rform L esson 1 . 5.


-
I n t h e l ec t u re, o n l y t h e i (insert) co m m a n d was t a u g h t as t h e keyst roke to e n t e r edit
m o d e. T h i s vi mtutor l esson d e m o n st rates t h a t ot h e r keyst rokes a re a va i l a b l e to change
t h e c u rs o r p l a ce m e n t w h e n i nsert m o d e i s e n t e red. H oweve r, o n ce i n i n sert mode, a l l text
·-
typed i s sti l l fi l e content.

D 6. Retu r n to t h e vimt u t o r w i n d ow. Perfor m L esson 1 . 6.


-

Save the file by writ i n g a n d q u i tt i n g . This i s the l a st lesson for the m i n i m u m required
keyst rokes to be a b l e to acco m p l i s h a ny e d i t i n g task.
-

98 R H 1 24- R H E L 7 - e n -1-20140606 -

-
-

G u i d e d exercise
-

D 7. Ret u r n to t h e vim t u t o r w i n d ow. F i n i s h by rea d i n g t h e Lesson 1 Summary.

- T h e re a re s i x m o re m u l t i-step lessons i n vimt u t o r . N o n e a re assig ned as f u r t h e r l e s s o n s


f o r t h i s cou rse, b u t fee l f r e e to use vim t u t o r o n yo u r own to l e a r n m o re a b o u t Vim.

.....

- R H 1 24- R H E L7-e n-1-20140606 99

-
-

C h a pter 4. C reat i n g , View i n g , a n d E d i t i n g Text F i l es


-

Ed it i n g Text Fi l es w i t h a G ra p h i ca l Editor -

Objectives -

Aft e r com p l et i n g t h i s sect i o n , stu d e n t s s h o u l d be a b l e to:

-
• Edit text f i l e s with gedit.

• C o py text between g ra p h i c a l w i n dows.


-

Editing files with gedit


The gedit a p p l ication is a f u l l -fea t u red text editor for the G N O M E desktop e n v i ro n m e nt. L a u n c h -

g e d i t by s e l ec t i n g A p p l i c a t i o n s > A c c e s s ories > g e d i t fro m t h e G N O M E m e n u . L i k e ot h e r


g ra p h i ca l a p p l ications, g e d i t can b e sta rted w i t h o u t navig a t i n g t h e m e n u . Press Alt + F 2 t o
o p e n t h e E nt e r a C o m m a n d d i a l og b o x . Ty pe gedit a n d press E n t e r . -

U n saved D o c ument 1 - gedit

File Edit View Search Tools Documents -

LJ Q Open v �, Save
U n s aved Document 1 -

Plain Text v Tab Width: 8 v Ln 1, C o l 1 INS

Figure 4.11: gedit text editor

G N O M E H e l p i n c l udes a gedit h e l p g u ide, w h i c h may be fou n d by s e l e c t i n g A p p l i c at i o n s > -

Favorites > He l p from t h e G N O M E m e n u . T h e n s e l ect Go > A l l D o c u m e n t s to v i ew t h e l ist of


g ra p h i c a l a p p l i cations. S c ro l l down to s e l ect t h e g e d i t Text E d i t o r hype r l i n k.
-
B a s i c g e d i t Keystro kes
Perform m a ny f i l e m a n a g e m e n t t a s k s u s i n g gedit ' s m e n u :
• To c reate a new f i l e i n g e d it, c l i c k t h e b l a n k p a p e r too l b a r i c o n , o r sel ect F i l e > N ew (Ct rl - n) -

from t h e m e n u .

• To save a f i l e , c l i c k t h e d i s k - drive save t o o l b a r i c o n , o r s e l ect F i l e > Save (Ct r l - s) f r o m t h e -

menu.

-
100 R H 1 24 - R H E L 7-en-1-20140606

-
Copying text between g ra p h i c a l w i n d ows

To o p e n an exist i n g fi le, c l i c k t h e Open t o o l b a r icon, or s e lect F i l e > O p e n (Ct r l - o) from t h e


m e n u . T h e O p e n F i les d i a log w i n d ow w i l l d i s p l a y from w h i c h users ca n l ocate a n d s e l ect t h e
file to o p e n .

M u l t i p l e f i l es may b e o p e n ed s i m u l t a n eo u s l y, e a c h with a u n i q u e t a b u nd e r t h e m e n u b a r. Ta b s
d i s p l a y a f i l e n a m e a f t e r being s a v e d t h e f i rst t i me.

Copyi n g t ext betwe e n g ra p h i ca l w i n d ows


Text c a n be copied between d o c u ments, text w i n d ows, and com m a n d w i n d ows i n t h e g ra p h ic a l
e nviro n m e nt. S e l ected text is d u p l i cated u s i n g copy a n d paste or m oved u s i n g c u t and paste.
Whether cut or c o p i e d , t h e text is h e l d in m e m ory for p a st i n g i nto a n o t h e r location.

To select text:
C l i c k and hold the l eft mouse b utton before the f i rst c h a racter d e s i re d .

D r a g t h e m o u s e o v e r a n d down u n t i l a l l req u i re d text is i n a s i n g l e h i g h l i g hted selection, t h e n


r e l e a s e t h e l eft b u t t o n . Do not c l i c k a g a i n w i t h t h e l eft b utto n , a s t h a t d e s e le cts t h e text.

To paste the select i o n , m u lt i p l e methods c a n a cc o m p l i s h the s a m e res u lt . In the fi rst method:


Click the r i g ht m o u s e b utton anywhere o n the text a rea j u st selected.

Fro m the res u lt i n g context m e n u , sel ect either cut o r copy.

Move the mouse to the w i n d ow or d o c u m e nt w h e re t h e text is to be p l a ced, c l i c k t h e l eft


mouse button to position w h e re t h e text s h o u ld go, a n d c l i c k the r i g ht m o u s e b utto n a g a i n ,
n o w c h o o s i n g paste.

H e re i s a s h orter mouse tec h n i q u e to practice:


Fi rst. s e l e ct t h e text.

Hover the mouse over the dest i n a t i o n w i n d ow and c l i c k the center m o u se button, j u st once, to
paste the text at t h e c u rsor.

This l ast method c a n o n l y copy, not cut. The o r i g i n a l text rem a i n s s e l ected a n d c a n be d el eted. A s
with other methods, t h e text rem a i n s i n m e mory a n d c a n b e repeate d l y p a sted .

•Unsaved Document 1 - gedit


Tools Documents

-) $ ls -l
f *Unsaved Document·� \ x

ldrwxr-xr-x.
( s t udent@desktopl
total e d rw>1 T - x r - x . 2 s t udent student 6 Feb 1 6 1 1 :29 Downl oads

d rwx r - x r -x . 2 student st udent 52 Feb 21 1 1 :52 Dl?Sktop 2 student student 6 Feb 16 1 1 : 29 Mus ic
d Nxr · x r - x . 2 student student 6 Feb 1 6 1 1 :29 Documem:s
d rwx r - x r - x . 2 student student 6 Feb 2 1 1 1 : 33 Pictures
2 studer,t student 6 Feb 1 6 1 1 ·29 Oo·wnloads d rax r - x r - x . 2 student stL.dent 6 Feb 1 6 1 1 : 29 Public

d n... , r :-1 r ' :' studPnt stuj,:.nt


dn·.�r .:r .
2 st ud ent student 6
;:; Fi:>b �6 79 Music d rwx r · x r - x . Feb 1 6 1 1 :29 Templ ates
I
11
d r .-.x r • r , L studPnt "tujPnt � F._.tJ 71 11 ii Pi.ctures
tJr,.,.•r � r ' 2 ':5tuJ"'i t �tu:J'2nt ".) FdJ l'J 11 2S Pub1ic
rw•r xr- • :_ student �tudent ".) �"'b 16 11 ....9 Templates

D
d rwx.r - x r - x . 2 studen.._ student 6 Feb 16 1 1 . 29 Videos
[ s tudent@desktopl -]$ After text selection at left,
click middle mouse button here to paste.

R H124- R H E L7-e n-1-20140606 1 01


-

C h a pter 4. C reat i n g , V i ew i n g , a n d E d i t i n g Text F i l es


-

Figure 4. 12: Select and paste using middle mouse button

-
T h e key b o a rd s h o rtcut method c a n a l so be used i n g ra p h i c a l a p p l ications:
• F i rst, s e l ect t h e text.

• U s e Ct rl - x to cut o r C t r l - c to copy the text. -

• C l i c k the l o c a t i o n w h e re the text is to be p l a ce d to position the c u rsor.


-

• U s e Ct r l - v to paste.

A Important -

T Ct rl - c a n d Ct r l - v w i l l not copy a n d paste w i t h i n a te r m i n a l w i n d ow. C t rl - c w i l l


act u a l l y t e r m i n ate t h e c u rrent r u n n i n g p rocess w i t h i n a te r m i n a l w i n d ow. To copy a n d -

paste w i t h i n a t e r m i n a l w i n d ow, u s e Ct r l - shift - c a n d Ct r l - shift - v.

R References
-
gedit(1) m a n p a g e

gedit Text Editor


• yelp help : ge d i t -

g e d it W i k i
https://w i k i . g n o me.org/A p ps/Ged i t -

102 R H 1 24- R H E L 7-en-1 -20140606 -

-
Practice: Copying Text Between W i n d ows

P ra ct i ce: C o py i n g Text B etwe e n W i n d ows

G u i d e d exe rc i s e
I n t h i s l a b, you w i l l e d it a f i l e with g e d i t , selecting text a n d pasting i t into t h e ed itor.

O utcomes:
A n edited l ist of the configuration f i l es fou n d i n t h e user's h o m e d i recto ry.

Before you begin. . .

Pe rfo rm t h e fo l l ow i n g steps o n serverX u n l ess d i rected otherwise. Log i n as student a n d begin


i n student's home d i rectory.

D 1. Red i rect a l o n g l i s t i n g o f a l l h o m e d i rectory files, i n c l u d i n g h i d d e n , into a f i l e n a med


gedit_la b.txt. Confirm t h a t t h e f i l e contains t h e l is t i n g .

[ s t udent@s e rv e rX - ] $ c d
[ s t u d e n t@s e rve rx - ] $ ls - al > gedit_lab . txt
[ s t u d e n t@s e rv e rX - ] $ cat gedit_lab . t xt

D 2. Open the file with the gedit text editor. I n c l u d e the e n d i n g a m p e rsa nd so that the s h e l l
prompt c a n ret u r n w h i l e gedit is r u n n i n g .

[ s t udent@s e r v e r X - ] $ gedit gedit_lab . txt &

D 3. I nsert the date at t h e top of yo u r f i l e d o c u ment.

D 3.1 . I n t h e s h e l l c o m m a n d window, d i s p lay today's date w i t h day o f t h e week, month,


date, a n d yea r.

[ s t u d e n t@s e r v e r x - ] $ date +roA" , "%B" "%d " , "%Y


F r iday, F e b r u ary 21, 2014

D 3.2. Sel ect t h e text u s i n g t h e mouse.

t st udent@des k t o p l -] $
[ st udent@desktopl -] $ date +%A " , "%8 " "%d " , "%Y
dli
i €JM@·lii@iiW.iWA;Jll
[ st udent@des k t o p l -] $ I

D 3.3. I n sert t h e text at t h e top of t h e f i l e d o c u m e nt. Switch to t h e gedit w i n d ow. U s i n g


a rrow keys, p l ace t h e c u rsor at t h e u p p e r- l eft c o r n e r o f t h e docum ent. P ress t h e
m i d d l e m o use button to paste t h e text.

D 3.4. Press En t e r one o r m o re times at t h e end of the inserted text to open b l a n k l i nes
a bove the f i l e l is t i n g .

D 4. I nsert a d e s c r i p t i o n for t h i s d o c u ment, i n c l u d i n g y o u r u s e r n a m e a n d h ost n a me, o n l i n e 2 .

D 4 .1 . I n t h e s h e l l c o m m a n d window, c reate d e s c r i ptive text u s i n g s h e l l e x p a n s i o n


concepts to i n c l u d e t h e username a n d h ost n a me w h e re t h e f i l e l ist w a s
generated.

R H124- R H E L7 -en-1-201 40606 1 03


C h a pter 4. C reat i n g , View i n g , a n d Editi n g Text F i l e s

[ s t u d e n t@serverX - ] $ echo " $USER ' s configu ration files o n " $ ( hostname )
s t u d e n t ' s c o nfig u r a t io n files on s e r v e r X . e x ample . com

D 4.2. S e lect t h e text u s i n g the m ou se.

- [ student@desktopl -] $
- [ student@deskt o p l -] $ e c h o "$USER ' s c o n figu ration files o n " $ ( hostname)

m•m••·'"''·'''''·r"'4*·'·'·msm•1111r1.11w•
[ student@desktopl - ] $ 11.1

D 4.3. I n sert t h e text on t h e second l i n e o f t h e f i l e d o c u ment. Switch t o t h e gedit


w i n d ow. U s i n g t h e a rrow keys, p l a ce the c u rs o r a t the second l i n e's leftmost
c h a racter. Press t h e m i d d l e m o u se b utton to paste the text.

D 4.4. Press Ent e r o r Delet e , a s n ecessa ry, to m a i n t a i n b l a n k l i n es a bove the f i l e


l isting.

D 5. Remove f i l e l i nes t h at are not h i d d en confi g u ration files o r d i rectories.

D 5.1. Rem ove t h e " tota l " l i n e a t the b eg i n n i ng of the l i sting.

D 5.2. Remove t h e two l i nes rep rese n t i n g t h e current d i rectory a n d t h e p a rent d i recto ry.

D 5.3. Remove l i nes for f i l e n a mes t hat do not start w i t h a dot. Do not edit or remove
l i n es for h i d d e n f i l es or d i rectories t h a t b e g i n w i t h a dot.

D 6. T h e final f i l e document s h o u l d b e s i m i l a r to the fo l l o w i n g i ma g e. M a n u a l ly edit the f i l e to


m a ke co rrect i o ns. T h e asterisk i n t h e d o c u m ent t a b o r w i ndow header is a rem i n d e r of
ed its u n saved. Save the fi l e and exit gedit.
*gediLlab.txt (N) - ge dit
File Edit View Search Tools Documents

� Open v jj\ Save J EJ , � Undo � - � fW j C'.:t �


J[J * gediUab.txt x
'
\ ------ -------------
1
F riday , Feb rua 1-y 2 1�� 0�
, 2� 4 -
1�
- -

st udent ' s c onfigu ration fil es on d e s k t o p l . exampl e . c om

- 1-w - - - - - - - . s t udent s t u d e n t 194 Feb 21 1 6 : 00 . bash_his t o ry


- rw- r- - 1-- - . st udent s t u d e n t 18 Aug 9 20 1 3 . bash_l o gout
- rw- r- - 1-- - . st udent student 1 9 3 Aug 9 2013 . bash_p rofile
- rw - r - - r - - . st udent student 231 Aug 9 2013 . bash re
d rwx - - - - - - . 9 st udent st udent 4096 F e b 2 1 1 6 : 02 . c ache
d rwx 1· - x r - x . 15 st udent st udent 4096 Feb 21 16 : 1 1 . c on fig
- 1-w - - - - - - - . 1 st udent st udent 16 Feb 1 6 0 4 : 48 . esd a u t h
- rw- - - - - - - . 1 st udent st udent 1 550 Feb 2 1 1 1 6 : 02 . ICEaut h o 1·i t y
d rwx - - - - - - . 3 st udent st udent 1 8 Feb 16 04 : 48 . l o c al
d rwx - - - - - - . 2 st udent st udent 28 Feb 15 1 3 : 47 . ssh

Plain Text v Tab Width: 8 v Ln 1 2, Col 43 INS

104 R H1 24-RH EL 7-e n-1-20140606


-

L a b : C reat i n g , V i ew i n g , a n d E d i t i n g Text F i l es
-

L a b : C reat i n g , Viewi n g , a n d Ed it i n g Text Fi l es


-

-
Performance checklist

I n t h i s l a b, you w i l l e d i t a f i l e u s i n g V i m ' s v i s u a l mode to s i m p l ify re petitive edits.


-

Outcomes:

-
Fa m i l i a rity with the u t i l ities and tec h n iq u e s req u i re d to p e rform fi l e e d i t i n g . The f i n a l ed ited f i l e
w i l l be a l i st o f s e l ected f i l e s a n d ta b u l a r data.

Before you begin. . .


-
Perfo r m t h e fo l l o w i n g s teps o n s er verX u n l ess d i rected otherwise. Log i n a s s t u d e n t a nd beg i n
i n t h e st u d e n t ' s h o m e d i rectory.
-
1. Red i rect a l o n g l is t i n g o f a l l c o n t e n t i n s t u d e n t ' s h o m e d i recto ry, i n c l u d i n g h i d d e n d i rectories
and f i l es, i nto a file named editing_final_lab . txt. Yo u r home d i rectory f i l es may
- not exact l y match t hose shown in t h e exa m p l e g ra p h ics. Theis lab ed its a r b i t ra ry l i nes a n d
co l u m n s . T h e i m portant outco m e i s to practice t h e v i s u a l s e l e c t i o n p rocess.

2. Edit the f i l e u s i n g Vim, to take a d va nt a g e of visual mode.

3. Remove t h e fi rst t h ree l i nes, since those l i n e s a re not n o r m a l file n a mes. Enter l i ne-based
v i s u a l mode w i t h upper case V.
-

4. R e m ove t h e p e r m ission co l u m n s for group and world o n t h e fi rst l i n e. In this step, enter
v i s u a l m o d e w i t h l ower case v, which a l l ows s e l e c t i n g c h a racters o n a s i n g l e l i ne o n l y.
-

5. Remove t h e p e r m i ssion co l u m n s for g r o u p and world o n t h e re m a i n i n g l i nes. This step w i l l


u s e a m o re effi c i e n t b l o c k s e l e c t i o n v i s u a l m o d e t o avoid h a v i n g t o repeat t h e s i n g l e l i n e e d it
- m u lt i p l e t i mes. T h i s t i me, enter v i s u a l m o d e with t h e control s e q u e n ce Ct r l - v, w h i c h a l l ows
s e l e c t i n g a b l o c k of c h a racters o n m u l t i p l e l i nes.

- 6. Remove the group owner co l u m n , l e a v i n g o n l y one " st u d e n t " co l u m n o n a l l l i n es. Use t h e


s a m e b l o c k s e l ection tec h n i q u e a s t h e l a st step.

- 7. R e m ove t h e t i m e co l u m n , but l eave t h e m o n t h a n d day o n a l l l i n es. A g a i n , use t h e b l ock


s e l ec t i o n v i s u a l mode.

-
8. Remove the D e s k t o p and Pu blic rows. T h i s t i m e, enter v i s u a l m o d e with u p pe r case V,
w h i c h a utomatica l l y s e l ects fu l l l i nes.

9. Save a n d exit. M a ke a backup, u s i n g t h e date ( i n seconds) to create a u n i q u e f i l e n a me.


-

10. M a i l the f i l e contents as the m essage, not an att a c h m e nt, to the user student.

- 11. Append a d a s h e d line to t h e file to reco g n ize t h e beg i n n i n g of newe r content.

12. Append a fu l l p rocess l i s t i n g , but only for p rocesses owned by t h e c u rrent u s e r s t ude nt a n d
- r u n n i n g o n t h e c u rre n t l y u s e d termi n a l . V i e w t h e p rocess l i st i n g a n d s e n d t h e l i s t i n g to t h e
f i l e w i t h o n e co m m a n d l i ne.

- R H1 24- R H E L 7-en-1 -20140606 105

-
-

C h a pter 4. Crea t i n g , V i e w i n g , a n d E d it i n g Text F i l es


-

13. Conf i r m t h a t t h e p rocess l i sti n g i s a t t h e b o t t o m of t h e l a b f i l e.


-

,_,

-
106 R H 1 24- R H E L 7 - e n -1 -20140606
-

Sol ution
-

Solution
-

I n t h i s l a b, you wi l l e d i t a f i l e u s i n g V i m ' s vis u a l m o d e to s i m p l ify re petitive edits.


-
Outcomes:
Fa m i l i a rity with t h e u t i l i ti es and tec h n iques req u i red to p e rform file e d i t i n g . The f i n a l e d ited f i l e
- w i l l b e a l ist o f sel ected f i l es a n d ta b u l a r data.

Before you begin ...


- Pe rfo r m t h e fo l l o w i n g steps o n s e rverX u n l ess d i rected o t h e r w ise. Log i n a s s t u d e n t and b e g i n
i n t h e student's h o m e d i recto ry.

- 1. Red i rect a l o n g l ist i n g o f a l l content i n s t u d e n t ' s h o m e d i rectory, i n c l u d i ng h i d d e n d i rectories


and f i l es, i nto a f i l e n a m e d editing_final_lab . txt. Yo u r home d i rectory f i l es may
not exact l y match t h ose shown i n t h e exa m p l e g ra p h ics. Theis lab edits a r b it ra ry l i nes a n d
- c o l u m ns. T h e i m portant outcome is to practice t h e v i s u a l s e l e c t i o n p rocess.

[student@serverx
... [ student@serverX
- ] $ cd
- ] $ ls - al > editing_final_lab . tx t

I [student@serverX
2. Edit t h e f i l e u s i n g V i m , to take a d vantage of visual mode.
-

- ] $ vim editing_final_lab . t xt
I

3. Remove t h e fi rst t h ree l i nes, since those l i nes a re n ot n o r m a l f i l e n a m es. E nt e r l i n e-based


v i s u a l mode with u p p e r case v .
-

U s e t h e a rrow keys to position t h e c u rsor at t h e fi rst c h a ra cter i n t h e fi rst row. E n t e r l i n e ­


based v i s u a l m o d e w i t h v . M ove down u s i n g t h e d o w n a rrow k e y t w i c e to s e l ect t h e fi rst
- t h ree rows. D e l ete the rows w i t h x.

4. Remove t h e p e r m i s s i o n co l u m n s for g ro u p a n d w o r l d on the fi rst l i ne. In t h i s step, enter


-
visual mode w i t h lo wer case v, w h i c h a l l ows s e l e ct i n g c h a racters o n a s i n g l e line o n l y.

U s e t h e a rrow keys to posit i o n t h e c u rsor at t h e f i rst c h a ra cte r. Enter v i s u a l m o d e w ith v.


Use the a r row keys to pos i t i o n the c u rsor a t the l ast c h a ra cte r, a s shown in the screens hot.
-
D e l ete t h e s e l e c t i o n with x.

- R H1 24- R H E L 7-en-1-20140606 1 07

-
-

C h a pter 4. C reat i n g , V i ew i n g , a n d E d i t i n g Text F i l es


-

student@deskt o p l : "'

-
File Edit View Search Terminal Help

1 - rw- - - - - - -I 1 s t u d e n t st u d e n t 7691 M a r 5 1 0 : 56 . bash h i s t o ry


-
' - rw - r - - r - - . 1 s t udent s t u d e n t 18 J a n 29 05 : 45 . b ash l o gout
i - rw - r - - r - - . 1
-
s t udent student 193 Jan 29 05 : 45 . b a s h p ro f i l e
1 - rw- r - - r - - . 1 s t udent s t u d e n t 2 3 1 J an 2 9 05 : 45 . b ashrc
' d rwx - - - - - - . 12 s t udent s t udent 4096 Feb 22 1 3 : 23 . c ac h e
-
, d rwx r - x r - x . 1 8 s t udent s t udent 4 0 9 6 F e b 2 1 1 1 : 33 . c on f i g
'
d rwx r - x r - x . 2 s t udent s t u d e n t 6 Feb 2 1 20 : 06 Desktop
d rwx r - x r - x . 2 s t u d e n t s t udent 4096 Feb 23 1 7 : 46 Documents
d rwx r - x r - x . 2 s t udent s t udent 6 Feb 16 11 : 29 Downl oads
d rwx r - x r - x . 2 s t udent s t ud e n t 4096 F e b 23 14 : 136 Music
-
d rwx r - x r - x . 2 s t udent student 6 F e b 23 1 6 : 23 P i c t u re s
d Nx r - x r - x . 2 6 F e b 1 6 1 1 : 29
i
st udent st udent Publ ic
d Nx - - - - - - . 2 s t udent s t u d e n t 24 Feb 22 1 5 : 33 . s sh
d rwx r - x r - x . 2 s t udent s t u d e n t 6 Feb 16 1 1 : 29 Templ a t e s l
d Nx r - x r - x . 2 4 <l 9 6 F e b 23 1 6 : 35 -

I
s t udent s t u d e n t Videos
- N- - - - - - - . 1 st udent st udent 1026 F e b 2 1 2 1 : 14 . viminfo

""_J
-
[.
!_

!�- VISUAL --

5. Remove the p e r m i s s i o n c o l u m n s for g ro u p and w o r l d o n the rema i n i n g l i nes. T h i s step w i l l


u s e a m o re effici e nt b l o c k s e l ection v i s u a l m o d e t o avoid h a v i n g t o repeat t h e s i n g l e l i n e e d i t
m u l t i p l e t i mes. T h i s t i me, enter v i s u a l mode w i t h t h e c o n t r o l s e q u e n ce Ct r l - v, w h i c h a l lows -

s e l e c t i n g a block of c h a racters o n m u l t i p l e l i nes.

U s e t h e a rrow keys to position the c u rsor at t h e fi rst c h a racter. Enter v i s u a l mode w i t h the -
control s e q u e nce Ct rl - v. U s e the a r row keys to p os i t i o n the c u rsor at t h e last c h a racter of
t h e co l u m n o n t h e l a st l i ne, a s s h o w n i n t h e scree n s hot. D e l ete t h e s e l ection w i t h x.
student@deskt o p l : N -

i File Edit View Search Terminal Help

, - rw - 1 s t u d e n t s t udent 7691 Ma r 5 lll : 56 . bash h i s t o ry


- rw - r - - r - - . 1 s t udent s t udent 18 Jan 29 05 : 45 . b a s h l ogout
- rw - r,- - r - - . 1 s t udent s t udent 193 Jan 29 65 : 45
-
. b a s h p ro f i l e -
- N - r - - r- - . 1 s t udent s t u d e n t 231 Jan 29 135 : 45 . ba s hrc
d rwx - - - - - - . 12 s t u d e n t s t u d e n t 4096 Feb 22 1 3 : 23 . cache
d Nx r - x r - x . 18 s t ud e n t s t u d e n t 4096 Feb 2 1 11 : 3 3 . c on fi g
2 6 2 1 213 : 136
-
d rwx r - x r - x . s t udent s t u d e n t Feb Desktop
d rwx r � x i" - x . 2 s t ud e n t s t u d e n t 4096 F eb 23 1 7 : 46 Doc u m e n t s
d rwx r - x r - x . 2 s t udent s t u de n t 6 Feb 1 6 1 1 : 29 Downl o a d s
, d rwx r - x r - x . 2 s t udent s t u d e n t 4096 Feb 2 3 1 4 : 66 M u sic
d Nx r - x r - x . 2 s t udent s t udent 6 Feb 23 1 6 : 2 3 P i c t u res
d rwx r- x r - x . 2 s t ud e n t s t udent 6 16 1 1 : 29
-
Feb Publ i c
' d Nx - - - - - - . 2 s t udent s t udent 24 Feb 22 1 5 : 33 . ssh
' d ""x r - x r - x _ 2 s t udent s t udent 6 Feb 1 6 1 1 : 29 Templ a t es
i d rwx r - x r - x . 2 s t udent s t udent Feb 4096 23 1 6 : 35 Videos
l - ""- " - - - - -1 1 st udent s t udent 1 0 2 0 Feb 21 2 1 : 1 4 . viminfo

!· -

-
- - VISUAL BLOCK - - 16, ll All

6. Remove t h e group owner col u m n , l e a v i n g o n l y o n e "st u d e n t " co l u m n on a l l l i n es . U s e t h e -


s a m e b l o c k selection tec h n i q u e a s t h e l a st step.

Use t h e a r row keys to p o s i t i o n t h e c u rsor at t h e f i rst c h a ra cter o f t h e g ro u p o w n e r co l u m n . -


E nter v i s u a l mode w i t h C t r l - v. U s e t h e a r row keys to p o s i t i o n t h e c u rsor at t h e l a st
c h a racter a n d row of t h e g ro u p o w n e r co l u m n , a s shown i n t h e scre e n s h ot. D e l ete t h e
s e l e c t ion w i t h x. -

108 R H 1 24- R H E L7-en-1-20140606 -

-
-

Solution
-

stu dent@deskt o p l : •
'
File Edit View Search Terminal H elp
-
i � ��
s t ud e n t s t udent 7691 Ma r 5 1 G : 56 . bash_h i s t o ry
1 s t u de n t st udent 1 8 Jan 2 9 05 : 4 5 . b ash_l o g o u t
1 - rw- 1 s t udent s t uden t 1 9 3 J an 2 9 05 : 45 . ba s h p ro f il e
l - rw- 1 s t udent st udent 2 3 1 J a n 29 05 : 4 5 . b ash rc
' d rwx 12 s t udent s t udent 4<l96 F eb 22 1 3 : 23 . c ac h e
- d rwx 1 8 s t u d en t st udent 4096 Feb 2 1 1 1 : 33 . c on f i g
d rwx 2 s t u d e n t st udent 6 F e b 2 1 2 0 : 0 6 D e s k t op
d rwx 2 s t udent s t u d e n t 4096 Feb 23 1 7 : 46 Doc ument s
d rwx 2 s t udent s t udent 6 Feb 1 6 1 1 : 29 Downl o a d s
d rwx 2 s t udent student 4096 Feb 2 3 1 4 : 06 M u s i c
- : d rwx 2 s t udent st udent 6 F e b 2 3 1 6 : 2 3 Pic t u res
d rwx 2 s t udent s t udent 6 Feb 16 1 1 : 29 Publ i c
d rwx 2 s t udent s t udent 24 Feb 2 2 1 5 : 3 3 . s sh
d rwx 2 s t udent s t udent 6 F eb 16 1 1 : 29 T e m pl a t e s
d rwx 2 s t ud e n t st udent 4 <l 9 6 F e b 2 3 1 6 : 35 Videos
- - rw - 1 s t u de n t st udenll 1 02 0 F e b 21 21 : 14 . v i m i n fo

-
I

I . . V I S U A L BLOCK - - 1 6 , 23

7. Remove t h e t i m e co l u m n , b u t l eave t h e m o n t h a n d d a y on a l l l i n es. A g a i n , use t h e b l ock


s e l e c t i o n vis u a l mode.
-
U s e t h e a r row keys to posit i o n t h e c u rs o r at t h e f i rst c h a racter. E nter v i s u a l m o d e with
C t r l - v. Use t h e a r row keys to posit i o n the c u rsor a t t h e l a st c h a racter and row of t h e t i m e
- co l u m n , a s s h o w n i n t h e scre e n s h ot. D e l ete t h e s e l e c t i o n w i t h x .
student@desktop l : •

: File Edit View Search Terminal Help

-
j - rw - 1 s t udent 7691 Ma r 5 10,: 56 . b ash h i s t o ry
� - rw - 1 s t udent 18 J a n 2 9 05 ! 4 5 . b a s h -l o g o u t
: - rw - 1 s t udent 1 9 3 J an 2 9 05 �45 . bash :Ji r o f i l e
- rw - 1 s t udent 2 3 1 J an 2 9 05 : 45 . ba s h rc
d rwx 12 s t udent 4096 Feb 2 2 1 3 : 23 . c a c he
d rwx 18 s t udent 4096 F e b 2 1 il : 3 3 . c on f i g
-
d rwx 2 student 6 Feb 2 1 20 : 06 D e sk t op
d rwx 2 s t udent 4096 Feb 2 3 1 7 : 46 D o c ument s
d rwx 2 st udent 6 Feb 16 :
1 1 2 9 Downl oads
' d rwx 2 s t udent 4096 F e b 23 14 :06 Music
' d rwx 2 s t udent 6 Feb 23 !6 ;23 Pi c t u res
- i l.: 2 9 Publ i c
' d rwx 2 s t udent 6 F eb 16
d rwx 2 s t udent 24 Feb 22 1s;j3 . ssh
d rwx 2 st udent 6 Feb 1 6 11 : 2 9 T e mpl a t es
' d rwx 2 s t udent 4096 F e b 2 3 16 : 35 V i de o s

-
- rw - 1 s t udent 1 0 20 F e b 2 1 21 : 1 m . v imin fo

I
1-
i
, ,
- I

V I SUAL BLOCK - - 1 6 , 3 4____A l l _,


_

-
8. R e m ove t h e D e s k t o p a n d P u b lic rows. T h i s t i me, enter v i s u a l m o d e w i t h u p p e r case V,
w h i c h a utomatica l l y se lects f u l l l i nes.
-
U s e the a r row keys to pos i t i o n the c u rs o r a t a ny c h a racter on the Desktop row. E nter v i s u a l
m o d e w i t h u pp e r c a s e v . T h e f u l l l i ne i s s e l ected, a s s h o w n i n t h e screen s h ot. D e l ete t h e
s e l e c t i o n w i t h x. Repeat f o r t h e Pu blic row.
-

- R H 1 24- R H E L 7 -en -1 -20140606 109

-
-

C h a pter 4. C reat i n g , Viewi n g , a n d Editi n g Text F i l es


-

student@deskto p l : •

File Edit View Search Terminal H elp


- rw -1 s t udent 7 6 9 1 Ma r 5 . b as h _ h ist o ry -
! - rw - 1 st udent 1 8 J a n 29 . bash_l ogout
- rw - 1 st udent 193 J a n 29 . bash _p r o f il e
- rw - 1 s t udent 231 Jan 2 9 . bash re
' d rwx 12 s t udent 4096 Feb 2 2 . c ac h e
d rwx 18 s t udent 4096 Feb 2 1 . c on f i g -
d rwx 2 s t udent 6 Feb 21 iies k t op
d rwx 4096 F e b

1
2 s t udent 23 Doc u m e n t s
d rwx
! d rwx
ict rwx
i d rwx
2 st udent
2 s t udent
2
2
s t udent
s t udent
6 Feb
4096 Feb
6 Feb
6 Feb
16
23
23
16
Downl oads
Music
P i c t u res
Publ ic
I -.

I
l
1 . s sh
d rwx 2 st udent 24 Feb 22
' d rwx 2 s t udent 6 Feb 16 Templ a t e s
' d rwx 2 s t udent 4096 Feb 23 Videos
- rw- 1 s t udent 1 020 F e b 21 . viminfo -

- - VISUAL LINE - - _____


7,31
�-
All
-�
!
I -

9. Save a n d exit. M a ke a backup, u s i n g t h e date ( i n seco n d s) to c reate a u n i q u e f i l e n a m e.

[student@serverx -]$ cp editing_final_lab . txt editing_final_lab_$ ( date +%s ) . t xt -

1 0. M a i l t h e f i l e contents a s t h e messa g e, n ot a n atta c h m e nt, to t h e u s e r s t u d e nt.


-

[student@serverx -]$ c a t editing_final_lab . tx t I mail - s " lab file " s t udent

11. A p p e n d a d a s h e d l i n e to t h e f i l e to recog n ize t h e b eg i n n i n g o f n e w e r conte nt.

[student@serverX -]$ ec h o " - - - - - - - - - - - - - - - - - ------- - - -


----- --------" >> -

editing_final_lab . txt

-
12. A p p e n d a f u l l process l is t i n g , but o n l y for p rocesses owned by t h e c u rrent user s t ude nt a n d
r u n n i n g o n t h e c u r re n t l y used ter m i n a l . V i e w t h e p rocess l i s t i n g a n d s e n d t h e l is t i n g t o t h e
f i l e w i t h o n e com m a n d l i n e.
-

[student@serverx -]$ ps - f I tee - a editing_final_lab . tx t

13. Conf i r m t h a t t h e p rocess l i st i n g i s at t h e bott o m of t h e lab fi le.

[student@serverx -]$ cat editing_final_lab . tx t


- rw- 1 student 7691 Mar 5 . bash_history
-

- rw- 1 student 18 Jan 29 . bash_logout


- rw- 1 student 193 Jan 29 . bash_profile
- rw- 1 student 231 Jan 29 . bashrc
drwx 12 student 4096 Feb 22 . cache
-

drwx 18 student 4096 Feb 21 . config


drwx 2 student 4096 Feb 23 Documents
drwx 2 student 6 Feb 16 Downloads
-

drwx 2 student 4096 Feb 23 Music


drwx 2 student 6 Feb 23 Pictures
drwx 2 student 24 Feb 22 . ssh
drwx 2 student 6 Feb 16 Templates
-

drwx 2 student 4096 Feb 23 Videos


-

110 R H 1 24- R H E L 7 - e n -1-20140606 -

-
-

S o l ut i o n

- rw 1 student 1020 Feb 21 . viminfo


-

UID PID PPID C STIME TTY TIME CMD


student 2005 2001 0 16 : 01 pts/0 00 : 00 : 00 /bin/bash

student 26923 2005 0 19 : 14 pts/0 00 : 00 : 00 ps -f


- student 26924 2005 0 19 : 14 pts/0 00 : 00 : 00 tee -a editing_final_lab . txt

R H1 24- R H E L7-en-1-20140606 111


-

C h a pter 4. Creat i n g , View i n g , a n d Ed i t i n g Text F i l es


-

S u m m a ry
-

Red i rect i n g O u t p u t to a F i l e o r Prog ra m


Desc r i b i n g h o w prog ra m o u t p u t is d is p l ayed, contro l l e d , a n d saved effect ive l y.
-

Edit i n g Text F i l es from t h e S h e l l Prompt


Edit f i l es u s i n g V i m , a text-based a d m i n istrator's e d i t i n g p rogra m .
-

Edit i n g Text F i l es w i t h a G ra p h i c a l Editor


U s i n g a n editor i n a g ra p h i c a l desktop e n v i ro n m e n t to c h a n g e file content and m ove
-
text between w i n d ows a n d fi l es.

112 R H1 24- R H EL 7-en-1-20140606 -

-
red h at®
®
TRAINING

C H A PT E R 5

MANAGING LOCAL LI N UX
USERS AND G R OU PS

Overview

Goal To m a n a g e l o c a l L i n u x users and g r o u p s a n d a d m i ni ster l o c a l


pas sword p o l ic ies.

Objectives • E x p l a i n t h e role of u sers a n d groups on a L i n u x system a n d


how t h e y a re u n derstood b y t h e c o m p uter.

• R u n c o m m a n d s as the s u peruser to a d m i n ister a L i n u x


system.

• C reate, m o d ify, lock, and d e l ete l o c a l l y defined user


a ccounts.

• Create, m o di fy, a n d d e l ete loca l l y defined g r o u p accounts.

• Lock a c co u nt s m a n u a l l y o r by sett i n g a password - a g i n g


policy i n t h e s hadow password f i l e .

Sections • U sers a n d Groups (and P ractice)

• G a i n i n g S u peruser Access (and Practice)

• M a n a g i n g Local U se r Accounts (and P ractice)

• M a n a g i n g Local Group Accounts (a n d Practice)

• M a n a g i n g U se r Passwords (and Pract ice)

Lab • M a n a g i n g L o c a l L i n u x U sers a n d Groups

R H124- R H E L7-en-1-20140606 113


-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups

U s e rs a n d G ro u ps
-

Objectives -

After com p l et i n g t h i s sect i o n , stu d e n t s s h o u l d be a b l e to e x p l a i n t h e ro l e of u sers a n d g ro u p s o n


a L i n u x syst e m a n d h o w t h e y a re u n d e rstood by t h e computer.
-.

What is a user?
Eve ry p rocess ( r u n n i n g prog ra m ) o n the syste m r u n s as a p a r t i c u l a r u s e r. Eve ry fi l e i s owned by
-
a partic u l a r u s e r. Access to f i l es and d i rectories a re restricted by u s e r. The u s e r associated with a
r u n n i n g p rocess d ete r m i n es t h e f i l e s a n d d i rectories a ccess i b l e to t hat p rocess.
-
The id co m m a n d is used to show i n f o r m a t i o n about the cu rrent l o g g e d - i n u s e r. Basic i nformat i o n
a bout a n o t h e r u s e r c a n a l so be req u ested b y p a s s i n g i n t h e u s e r n a m e of t h a t u s e r a s t h e fi rst
a rg u ment to t h e id c o m m a n d .
-

[ student@desktopX - ] $ id
uid=1000( student) gid=1000( student ) groups=1000( student ) , 10{wheel )
context=unconfined_u : unconfined_r : unconfined_t : s0-s0 : c0 . c1023 -

To v i ew the u s e r associated with a f i l e o r d i rectory, use the ls -1 co m m a n d . The t h i rd co l u m n


-

�� d ent@serverX - ] $ ls
s hows t h e u s e r n a m e :
-

I ���x- - - - - - . 2 gdm gdm 4096 Jan 24 13 : 05 orbit-gdm


-1 /tmp

drwx- - - - - - . 2 student 4096 Jan 25 20 : 40 orbit - student


-

- rw- r - - r - - . 1 root 23574 Jan 24 13 : 05 postconf


1 s t udent
I root
L___ -

To view process i n fo r m a t i o n , use t h e ps com m a n d . T h e defa u l t is to s h ow o n l y p rocesses i n t h e


c u rrent s h e l l . A d d t h e a option t o view a l l processes with a te r m i n a l . To v i ew t h e u s e r a ssociated
-
with a process, i n c l u d e the u opt i o n . T h e f i rst co l u m n s hows the u s e r n a m e :

[ student@serverx - ] $ ps au
USER PIO %CPU %MEM vsz RSS TTY STAT
START TIME COMMAND
428 0 . 0 0 . 7 152768 14400 tty1 Ss+Feb03 0 : 04 /usr/bin/Xorg
-

511 0 . 0 0 . 0 110012 812 ttyS0 Ss+Feb03 0 : 00 /sbin/agetty


root

1805 0 . 0 0 . 1 116040 2580 pts/0 Ss Feb03 0 : 00 - bash


root

2109 0 . 0 0 . 1 178468 2200 pts/0 Feb03 0 : 00 - student


root -

2110 0 . 0 0 . 1 116168 2864 pts/0 Feb03 0 : 00 - bash


root s

3690 0 . 0 0 . 0 123368
SU

1300 pts/0 R+ 11 : 42 0 : 00 ps au
s t udent s
s t udent -

The o u t p u t of the previ o us com m a n d s d i s p lays u s e rs by n a m e, but i n t e r n a l l y the o p e ra t i n g


system t ra c ks u s e rs by a UID number. T h e m a p p i n g of n a m es to n u m b e rs is d e f i n e d i n data bases -

of acco u n t i nfo r m a t i o n . By defa u lt, syste m s u s e a s i m p l e "flat f i l e," t h e / e t c / pas swd file, to
sto re info r m a t i o n a bo u t loca l use rs. T h e format of / e t c / pas swd fo l l ows (seve n c o l o n-se p a rated
fie l d s): -

C» username : Et password : E) u1o : C» G1o : C» GECOS : C> 1home/dir : C» shell -

C» username i s a m a p p i n g of a U I D to a n a m e for t h e b e n efit of h u m a n u s e rs .


-

114 R H 1 24- R H E L7 - e n -1-20140606 -

-
-

W h a t is a g r o u p?
-

0 password is w h e re, h i storica l l y, passwords were kept i n a n e n c rypted format. Tod a y, t h ey a re

0
stored i n a sepa rate f i l e ca l l e d / e t c / s hadow.
-

0
UID is a u s e r I D, a n u m b e r t h a t identifies t h e u s e r a t t h e most f u n d a m e nta l leve l .

0
GID i s t h e u s e r ' s p r i m a ry g ro u p I D n u m b e r. Groups w i l l b e discussed i n a m o m e nt.

O
- GECOS f i e l d i s a rb i t ra ry text, w h i c h u s u a l l y i n c l u d e s the user's rea l n a m e.
/homeldir is t h e l o c a t i o n of t h e user's p e rso n a l data a n d confi g u ration f i l e s .
0 shell is a prog ra m t h a t r u n s a s t h e user l o g s i n . Fo r a reg u l a r u s e r, t h is is n o r m a l l y t h e
-
prog ra m that p rovides t h e u s e r ' s com m a n d l i n e prom pt.

-
What is a group?
L i ke use rs, g ro u ps h a ve a n a m e a n d a n u m be r (G I D). Loca l g r o u ps a re defined in / e t c / g roup.

- P ri m a ry g ro u ps
• Every u s e r has exac t l y o n e primary group.

- • Fo r l oca l u s e rs, t h e p r i m a ry g ro u p is defi n e d by t h e G I D n u m be r of t h e g ro u p l isted i n t h e t h i rd


f i e l d of / e t c / pas swd.

- • N o r m a l l y, the p r i m a ry g ro u p owns new f i l es c reated by the u s e r.

• N o r m a l l y, t h e p r i m a ry g ro u p of a newly created u s e r is a n e w l y c reated g ro u p w i t h t h e s a m e


- n a m e a s t h e user. T h e u s e r i s t h e o n l y m e m b e r o f t h i s User Private Group ( U PG).

S u p p l e m enta ry g ro u p s
- • U sers m a y b e a m e m b e r o f z e ro o r more supplementary groups.

• The u s e rs t h a t a re s u p p l em e n t a ry m e m b e rs of l o ca l g ro u p s a re l isted i n t h e l a st f i e l d of t h e
- g ro u p ' s e n t ry i n / e t c / g roup. Fo r l o ca l g ro u ps, u s e r m e m be r s h i p is dete r m i n e d by a com m a ­
separated l i st of u s e rs fou n d i n t h e l a st f i e l d of t h e g ro u p ' s e ntry i n / e t c / g r o u p :

groupname : password : GID : list, of, users, in, this, group


;
- I

• S u p p l e m entary g ro u p m e m b e r s h i p is used to h e l p e n s u re t h a t u s e rs have access p e r m i s s i o n s


-
to f i l es a n d ot h e r resou rces o n t h e syste m .

-
R
References
id(1 ) , passwd ( 5 ) , a n d g ro u p ( 5 ) m a n pages
-
info libc (GNU C Library Reference Manual)
• Section 29: U sers a n d g ro u p s
-
( N ote t h at t h e glibc-devel p a c k a g e m ust b e i n sta l l e d for t h is i nfo node to b e a va i l a b le.)

- R H1 24- R H E L7-e n-1-20140606 115

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U se rs a n d Groups

P ra ct i ce: U s e r a n d G ro u p C o n c e pts -

Quiz -

M at c h t h e items below to t h e i r cou nterpa rts i n t h e ta b l e.

I I I��
-

/etc/group / e t c / p a s swd

h o m e d i rectory l og i n s h e l l p r i m a ry g ro u p

Description Keyword

A n u m be r t h a t i d e nt i f i es t h e u s e r at t h e
m ost f u n d a m e nta l l eve l -

-
T h e p rog ra m t h a t p rov i d e s t h e u s e r ' s
co m m a n d l i n e p ro m pt

Loca t i o n of l o ca l g ro u p i n fo r m a t i o n
-

Locat i o n of t h e u s e r ' s p e r so n a l f i l e s
-

A n u m be r t h a t i d e n t i f i es t h e g ro u p a t t h e -

m ost f u n d a m e n t a l l ev e l

Locat i o n of l oca l u s e r acco u nt i nfo r m at i o n


-

T h e fo u rt h f i e l d of / e t c / p a s swd
-

-
116 R H124- R H E L 7 - e n -1-20140606

-
-

S o l ut i o n
-

Solution
-

Match t h e items b e l ow to t h e i r cou nterpa rts i n t h e ta b l e.

Desc r i p t i o n Keywo rd

A n u m be r t h a t i d e n t ifies t h e u s e r a t t h e UID
most f u n d a m e nta l l eve l
-

- T h e p ro g ra m t h a t p rov i d es t h e u s e r ' s login shell


co m m a n d l i n e p ro m pt

Loca t i o n of l oca l g ro u p i nfo r m a t i o n /et c/group

Loca t i o n of t h e u s e r ' s p e rs o n a l f i l es h o m e d i re c t o ry
-

A n u m b e r t h a t i d e nt i f ies t h e g ro u p a t t h e GID
-
most f u n d a m e nta l l eve l

-
Loca t i o n of l o ca l u s e r acco u nt i nfo r m a t i o n / e t c / p a s swd

T h e fo u rt h fi e l d of / e t c / p a s swd p r i m a ry g ro u p

- R H124- R H E L7-en-1-20140606 117

-
-

C h a pte r 5. M a n a g i n g Loca l L i n u x U s e rs a n d Grou ps

G a i n i n g S u p e r u s e r Access
-

Objectives -
After com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to r u n co m m a n d s as t h e s u p e r u s e r to
a d m i n ister a L i n u x syst e m .

The r o o t user
-

Most o p e ra t i n g syste m s have some sort of superuser, a u s e r t h a t has a l l power ove r t h e system . -
This u s e r i n Red Hat Enterprise L i n u x i s t h e r o o t u s e r. This u s e r h a s t h e p o w e r t o ove r r i d e
n o r m a l p r i v i l e g e s o n t h e f i l e syste m , a n d i s used to m a n a g e a n d a d m i n i st e r t h e syst e m . I n
o rd e r to p e rform tasks s u c h a s i n sta l l i n g o r re m o v i n g softwa re a n d to m a n a g e syste m f i l e s a n d -
d i rectories, a u s e r m u st esca l ate p r i v i l e g e s to t h e r o o t user.

M ost devices ca n o n l y be control l e d by root, b u t t h e re a re a few except i o n s . Fo r i n st a n ce,


re mova b l e devices, s u c h a s U S B devices, a re a l l owed to be contro l led by a n o r m a l u s e r. Thus, a
n o n - root u s e r is a l l owed to add a n d re m ove f i l e s a n d otherwise m a n a g e a remova b l e device, but
only root i s a l l owed to m a n a g e "fixe d " h a rd d rives by defa u lt. -

This u n l i m ited pr i vi lege, however, comes w i t h res p o n s i b i l ity. root has u n l i m ited power to
d a m a g e the system: re m ove f i l es and d i rectories, re m ove user accounts, add backdoors, etc. -

I f the root account i s com p romised, s o m e o n e e l se w o u l d have a d m i n i st ra t i ve control of t h e


system. T h r o u g h o u t t h i s cou rse, a d m i n i strators w i l l be e n c o u ra g e d to l o g i n a s a n o r m a l u s e r a n d
esca l ate p r ivi l eg e s to r o o t o n l y w h e n n e e d e d . -

The ro o t a c c o u n t o n L i n u x is roug h l y e q u i va l e nt to t h e l o c a l A d m i n istrator account o n W i n d ows.


In L i n u x, most system a d m i n istrators l o g into an u n p ri v i leged user acco u n t and use va r i o u s too l s -

t o t e m p o ra r i l y g a i n root privi l eges.

-
Warning
O n e c o m m o n p ractice o n W i ndows i n t h e past is for t h e l oca l A d m i n i s t rator u s e r
-
to l o g i n d i rect l y t o perform syst e m a d m i n i st rator d u ties. H owever, o n L i n u x , it i s
reco m m e n d e d t h a t system a d m i n i s t rators should not l o g i n d i rect l y a s root. I nste a d ,
syst e m a d m i n i s t rators s h o u l d l o g i n a s a n o n - root user, a n d use ot h e r m e c h a n i s m s ( s u ,
-
s ud o , o r P o l i c y K i t , f o r exa m p l e) to t e m p o ra r i l y g a i n s u pe r u s e r p r i v i l eges.

B y l o g g i n g i n a s t h e a d m i n istrative u s e r, the e n t i re d e s ktop e n v i ro n m e n t u n n ecessa r i l y


-
r u n s w i t h a d m i n i s t ra t i ve privi l eges. I n t h a t s it u a t i o n , a ny secu rity v u l n e ra b i l ity w h i c h
wo u l d n o r m a l l y o n l y compromise t h e u s e r a cc o u nt h a s t h e pote n t i a l to c o m p ro m i s e t h e
e n t i re syst e m .
-

I n r e c e n t vers i o n s of M i c rosoft W i ndows, A d m i n i strator d i s a b l ed by defa u lt , a n d


featu res s u c h a s U s e r Acco u n t Control ( U A C ) a re used to l i m i t a d m i n i st rat ive p r i v i l e g e s
-
fo r users u n t i l a c tu a l l y needed. I n L i n u x , t h e P o l i c y K i t system is t h e n e a rest e q u iva l e n t
t o UAC.

118 R H124-R H E L 7-en-1-20140606 -

-
-

Switc h i n g u s e rs with su

Switching users with s u


-

-
The s u c o m m a n d a l l ows a u s e r to switch to a d i fferent u s e r a ccount. I f a u se r n a m e i s n ot
s pecified, t h e root a c c o u n t is i m p l ied. W h e n i nvoked a s a reg u l a r u s e r, a p rompt w i l l d i s p l a y a s k i n g
f o r t h e password of t h e a cco u nt y o u a re switc h i n g t o ; w h e n i n voked a s root, t h e re is n o n e e d t o
e n t e r t h e account pa ssword.

s u [ - ] <username>

[student@desktopX -]$
-

Password : redhat
su

- [ root@desktopx -]#
T h e co m m a n d s u use rname sta rts a non-login shell, w h i l e t h e co m m a n d s u - username
- starts a login she l l . T h e m a i n d is t i n c t i o n is su - sets u p t h e s h e l l e n v i ro n m e nt as if t h i s we re a
c l e a n l o g i n as that u s e r, w h i l e s u j u st sta rts a s h e l l as t h a t u s e r with t h e c u rrent e n v i ro n m e n t
sett i ngs.
-

In most cases, a d m i n istrators wa n t to r u n s u - to get t h e user's n o r m a l sett i n g s . Fo r m o re


i nfo r m a t i o n , see t h e bash(1) m a n page.
-

Note
- The s u com m a n d i s most freq u e n t l y used to get a c o m m a n d l i n e inte rface (s h e l l
prom pt) w h i c h i s r u n n i n g a s a n ot h e r u s e r, typica l l y r oo t . H owever, with t h e - c option,
it c a n be used l i ke t h e W i n d ows u t i l ity r u nas to run a n a rbitra ry p ro g ra m a s a n ot h e r
-
u s e r. S e e i n f o s u f o r d eta i l s.

R unning com mands as r o o t with s u d o


-

Fu n d a m e nta l l y, L i n u x i m p l e m e n t s a very coa rse- g ra i n e d p e r m issions m o d e l : root ca n d o


- everyt h i n g , ot h e r u s e r s c a n d o n ot h i n g (systems-related). T h e com m o n s o l u t i o n p rev i o u s l y
d iscussed is to a l l ow sta n d a rd u s e rs to t e m p o ra r i l y " b e c o m e root" u s i n g t h e su c o m m a n d . T h e
d isadvantage is t h a t w h i l e act i n g a s root, a l l t h e p r i v i l e g e s (a n d res p o n s i b i l iti es) o f root a re
-
g ranted. Not o n l y ca n t h e u s e r restart t h e web server, b u t t h ey can a l so re m ove t h e e n t i re / e t c
d i recto ry. Additi o n a l l y, a l l u s e r s req u i r i n g s u p e r u s e r p r i v i l e g e i n t h i s m a n n e r m u st k n ow t h e root
p a sswo rd .
-

T h e s u d o co m m a n d a l l ows a u s e r to be perm itted to r u n a c o m m a n d a s root, o r a s a n ot h e r u s e r,


based on sett i n g s i n t h e / e t c / s u d o e r s f i l e. U n l ike ot h e r too l s s u c h as s u , s u d o req u i res u s e rs
- to enter t h e i r own password for a u t h e nt i ca t i o n , not t h e password of t h e a ccou n t t h ey a re t r y i n g
to access. This a l l ows a n a d m i n istrator t o h a n d out f i n e - g ra i n ed p e r m i s s i o n s to users to d e l egate
system a d m i n istra t i o n tas ks, without havi n g to hand o u t the root password.
-

Fo r exa m p l e, w h e n sudo has b e e n config u red to a l l ow the user student to r u n t h e c o m m a n d


u s e rmod a s root, student cou l d r u n t h e fo l l owi n g co m m a n d to l o c k a u s e r a cco u nt:

[student@serverX -]$ sudo use rmod - L username


-
r=
[sudo] password for student : password
I
I
- l
O n e a d d i t i o n a l b e n efit to u s i n g s u d o is that a l l c o m m a n d s executed u s i n g sudo a re l o g g e d by
defa u l t to /va r/log / s e c u re.
-

- R H1 24- R H E L 7-en-1 -20140606 119

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups

' [ student@serverX -]$ sudo t ail /var/log/sec u r e


.---���
'

Feb 19 15 : 23 : 36 localhost sudo : student : TTY=pts/0 ; PWD=/home/student USER=root


COMMAND=/sbin/usermod - L student
-

Feb 19 15 : 23 : 36 localhost usermod [16325] : lock user ' student ' password
Feb 19 15 : 23 : 47 localhost sudo : student TTY=pts/0 ; PWD=/home/student USER= root
COMMAND=/bin/tail /var/log/secure
-

In Red H a t Enterprise L i n u x 7, a l l m e m b e rs of g r o u p wheel ca n u s e sudo to r u n com m a n d s a s


a ny u s e r, i n c l u d i n g root. T h e u s e r w i l l be prom pted for t h e i r own password. T h i s is a c h a n g e
f r o m R e d Hat Enterprise L i n u x 6 a n d e a r l i e r. U s e r s w h o were m e m bers o f g ro u p wheel d i d not
get this a d m i n istrative access by defa u l t in R H E L 6 and e a r l i e r.

To e n a b l e s i m i l a r b e h a v i o r o n e a r l i e r vers i o n s of Red Hat E n t e r p rise L i n u x , use vis u d o to edit


t h e confi g u ra t i o n f i l e and u nc o m m e n t t h e line a l l ow i n g t h e g r o u p wheel to run all c o m m a nds.

[ root@desktopX -]# cat /etc/sudoers


. . . Output omitted . . .
## Allows people in group wheel to run all commands
%wheel ALL=(ALL ) ALL
## Same thing without a password
# %wheel ALL=(ALL ) NOPASSWD : ALL
-

. . . Output omitted . . .

Warning
R H E L 6 d i d n ot g ra n t g ro u p wheel a ny s p e c i a l p r i v i l e g e s by d efa u lt. S ites w h i c h h ave
been using t h i s g ro u p m a y b e s u rp r i sed w h e n R H E L 7 automatica l l y g ra nts a l l m e m b e rs
of wheel f u l l sudo p r i v i l eges. T h i s cou l d l e a d to u n a u t h o rized users gett i n g s u p e r u s e r -

access to R H E L 7 syst e m s.

H i storica l l y, m e m b e rs h i p i n g ro u p wheel h a s b e e n u s e d by U n ix-l i ke systems to g ra n t -

o r control s u p e r u s e r a ccess.

M ost system a d m i n i stration a p p l i ca t i o n s with a G U I use P o l i c y K i t to p ro m pt u s e rs for -

a u t h e ntication and to m a n a g e root a ccess. In Red H a t E n t e r p r ise L i n u x 7, Po l ic y K i t


may a l so p ro m pt m e m b e rs of g ro u p wheel for their own passwo rd i n order to g et
-
root p r i v i l eges w h e n u s i n g g r a p h ica l too l s . T h i s is s i m i l a r to t h e way i n w h i c h t h ey c a n
use s u d o to get t h o s e pr i vi l e g es a t t h e s h e l l p r o m pt . P o l i c y K i t g ra nts t h ese p r i v i l eges
based o n i t s own confi g u ra t i o n sett i ngs, s e p a rate from sudo. Adva n ce d students
-
may be i nterested in t h e pkexec(1) a n d polki t ( 8 ) man pages for deta i l s o n how t h i s
system works, b u t it is beyo n d t h e scope o f t h is cou rse.

120 R H 1 24- R H E L 7 - e n -1 -20140606

-
-

R u n n i n g c o m m a nds a s root with s u d o


-

R References
-

s u (1 ) a n d s u do(8) m a n pa ges

info libc (GNU C Library Reference Manual)


• Section 29.2: T h e Persona of a Process

( N ote t h a t t h e glibc-devel package m ust b e i nsta l l e d for t h i s i nfo n o d e to be a va i l a b l e. )

R H 1 24- R H E L 7-en-1-20140606 121


-

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups

P ract i ce: R u n n i n g Co m m a n d s as root

Guide d exercise -

I n t h i s l a b , you w i l l practice r u n n i n g c o m m a n d s a s root.


-
Outcomes
U s e t h e s u with and without l o g i n s c r i pts to switch u s e rs. U s e s u d o to run c o m m a n d s with
p r i v i l ege.

Before you begin ...


Reset yo u r se rve r X syste m .
-

D 1. L o g i nto t h e G N O M E desktop o n s e rverX a s s t udent with a password o f s t u d e n t .

D 2. O p e n a w i n d ow with a Bash prom pt. -

S e l ect A p p l i c a t i o n s > Ut i l i t i e s > Te r m i n a l .

D 3. E x p l o re c h a ra cteristics o f t h e c u r rent s t u d e n t l o g i n e n v i ro n m e nt.

D 3.1 . V i ew t h e u s e r a n d g r o u p i nfo r m a t i o n a n d d i s p l ay t h e c u r re n t worki n g d i rectory.

[student@serverx - ] $ id
uid=1000( student ) gid=1000( student ) groups=1000( student } , 10(wheel )
context=unconfined_u : unconfined_r : unconfined_t : s0 - s0 : c0 . c1023
[student@serverx - ] $ pwd
-

/home/student
-

D 3 . 2 . V i ew t h e va r i a b l e s w h i c h specify t h e h o m e d i rectory a n d t h e locat i o n s searched


for executa b l e files.
-

[student@serverx - ] $ echo $HOME


/home/student
[student@serverx - ) $ echo SPATH
/usr/local/bin : /usr/local/sbin : /usr/bin : /usr/sbin : /bin : /sbin : /home/
student/ . local/bin : /home/student/bin
D 4. Switch to root without t h e dash and ex p l o re c h a racteristics of the n e w e n v i ro n m e nt.

-
D 4.1 . Become t h e root u s e r at t h e s h e l l p ro m pt.

[student@serverx ] $
Password : redhat
- su
-

D 4.2. V i ew the u s e r a n d g r o u p i nfo r m a t i o n a n d d i s p l a y the c u rrent worki n g d i recto ry. -


N ote t h e i d e n t ity c h a n g e d , b u t not t h e cu rrent w o r k i n g d i recto ry.

[ root@serverX student]# id
uid=0 ( root ) gid=0 ( root ) groups=0( root )
context=unconfined_u : unconfined_r : unconfined t : s0 - s0 : c0 . c1023
-

[ root@serverx student]# pwd -

122 R H 1 24- R H E L7-en-1-20140606

-
-

I /home/student
G u i d ed exercise
-

-
D 4.3. V i ew t h e va r i a b l es w h i c h spec ify t h e h o m e d i rectory a n d t h e l ocat i o n s sea rched
for executa b l e f i l es. Look for refe rences to the st u d e n t and root accou nts.

[ root@serverX student]# echo $HOME


/root
-

[ root@serverX student]# e c h o $PATH


/usr/local/bin : /usr/local/sbin : /usr/bin : /usr/sbin : /bin : /sbin : /home/
student/ . local/bin : /home/student/bin
-

-
D 4.4. E x i t t h e s h e l l to ret u r n to t h e s t u d e n t u s e r.

[ root@serverx student]#
exit
exit
-

- D 5. Switch to root w i t h t h e dash and ex p l o re c h a ra cteristics of t h e new e n v i ro n m e nt.

D 5.1 . Beco m e t h e r o o t u s e r at t h e s h e l l prom pt. Be s u re a l l t h e l o g i n s c r i pts a re a l so


-
executed.

j Password :
I [ student@serverX -]$ su
redhat
-

D 5.2. View the user a n d g ro u p i n fo r m a t i o n a n d d i s p l ay the c u rrent w o r k i n g d i recto ry.

[ root@serverx -]# id
uid=0 ( root ) gid=0( root ) groups = 0 ( root )
context=unconfined_u : unconfined r : unconfined_t : s0 - s0 : c0 . c1023
[ root@serverx -]# pwd
/root
-

D 5.3. View the varia b l es which specify t h e home d i rectory and t h e locat i o n s searched
for executa b l e f i l es. Look for refe re n ces to t h e student a n d root accou nts.

[ root@serverx -]# e c h o $HOME


-

/root
[ root@serverx -]# e c h o $PATH
/usr/local/sbin : /usr/local/bin : /sbin : /bin : /usr/sbin : /usr/bin : /root/bin
-

- D 5.4. Exit the s h e l l to ret u r n to t h e s t u d e n t u s e r.

I [ root@serverX -]#
logout
exit
- !

D 6. R u n seve ra l c o m m a n d s a s s t u d e n t w h i c h req u i re root a ccess.


-

D 6.1 . V i e w t h e l a st 5 l i nes o f the /va r /log/me ssages.

[student@serverX -]$ tail - 5 /var/log/messages


tail : cannot open ' /var/log/messages ' for reading : Permission denied
-

- R H 1 24- R H E L7-en-1-20140606 123

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d G ro u p s

[ student@serverx -]$ s u d o
-

Feb 3 15 : 07 : 22 localhost su : ( to root ) root on pts/0


t ail - 5 /var/log/messages

Feb 3 15 : 10 : 01 localhost systemd : Starting Session 31 of user root .


Feb 3 15 : 10 : 01 localhost systemd : Started Session 31 of user root .
Feb 3 15 : 12 : 05 localhost su : ( to root ) root on pts/0
-

Feb 3 15 : 14 : 47 localhost su : ( to student ) root on pts/0 -

D 6.2. M a ke a b a c k u p of a confi g u ration f i l e in the /etc d i rectory.

[student@serverX -]$ cp /etc/motd /etc/motdOLD


-

cp : cannot create regular file ' /etc/motdOLD ' : Permission denied


[student@serverx -]$ sudo c p /etc/mo t d /etc/motdOLD -

D 6.3. Remove the / e t c/motdOLD f i l e t h a t was j u st c reated.

[student@serverX -]$ rm /etc/motdOLD


-

rm : remove write-protected regular empty file ' /etc/motdOLD ' ? y


rm : cannot remove ' /etc/motdOLD ' : Permission denied
[student@serverx -]$ s u d o rm /etc/motdOLD
-

D 6.4. Edit a confi g u ra t i o n f i l e in the / e t c d i recto ry.

[student@serverx -]$ echo "Welcome to clas s "


-bash : /etc/motd : Permission denied
>> /et c/motd

[student@serverX -]$ s u d o v i m /etc/motd


-

·-

124 R H 1 24- R H E L 7 - e n -1-20140606 -


-

M a n a g i n g Loca l U s e r Acco u n t s

M a n a g i n g Loca l U se r Acco u nts


-

Objectives
Afte r c o m p l e t i n g t h i s sect i o n , s t u d e n t s s h o u l d be a b l e to c reate, m o d i fy, lock, a n d d e l ete l oca l l y
defined u s e r accou nts.

Managing local users


-
A n u m be r of com m a n d - l i n e too l s c a n be used to m a n a g e l o c a l u s e r accou nts.

u s e r ad d c reates u s e rs
- • u s e r ad d username sets reaso n a b l e defa u lts for a l l f i e l d s i n / e t c / pas swd w h e n r u n w i t h o u t
opt i o n s . T h e u s e radd com m a n d does not s e t a n y va l i d pa ssword by defa u lt, a n d t h e u s e r
can n ot l o g i n u n t i l a pa ssword i s set.
-

• u s e r add - - help w i l l d i s p l a y the basic o p t i o n s that can be used to ove r r i d e the defa u lts. I n
most cases, t h e s a m e o pt i o n s c a n b e used w i t h t h e u s e rmod co m m a n d t o mod ify a n exist i n g
- user.

• S o m e defa u lts, s u c h as t h e ra n g e of va l i d U I D n u m bers a n d defa u l t password a g i n g r u l es, a re


read from t h e / e t c /login . defs f i l e. Va l u es i n t h i s f i l e a re o n l y used w h e n creat i n g new
users. A c h a n g e to this file w i l l n ot have a n effect on a n y exist i n g u s e rs.

u s e rmod m o d ifies ex ist i n g u s e rs


• u s e r mod - - help wi l l d i s p l a y t h e basic o p t i o n s that c a n be used to m o d ify a n account. S o m e
co m m o n o p t i o n s i n c l ude:

u s e rmod options:
-c, - - comme n t COMMENT Add a va l u e, such a s a fu l l n a m e , to the GECOS fie l d .
-g, - - gid GROUP S pecify the p r i mary g r o u p for the user acco u nt.
-G, - - g roups GROUPS S p e c i fy a l i st of s u p p l e m e ntary g ro u ps for the user acco u nt.
-

-a, - - append Used with t h e -G option to a p p e n d t h e user to the


s u p p l e m e n t a l g ro u ps m e n t i o n e d w i t h o u t remov i n g t h e user
- from other g ro u ps.
-d, - - home HOME_D IR S pecify a n ew h o m e d i rectory for t h e u s e r account.
-m, - - move - home M ove a u s e r home d i rectory to a new l ocat i o n . M u st be used
with t h e - d option.
-s, - - shell SH E L L S p e c i fy a n ew l o g i n s h e l l f o r t h e u s e r a ccount.
- L, - - lo c k Lock a u s e r accou nt.
-U, - - unlock U n l o c k a u s e r acco u n t .
-

u s e r d e l d e l etes u s e rs
u s e r d e l use rname removes t h e u s e r from /etc/ passwd, b u t l eaves t h e h o m e d i rectory
-
intact by d efa u lt.

· u s e r d e l - r use rname removes t h e u s e r and t h e user's h o m e d i rectory.

- R H 1 24- R H E L7-en-1-20140606 125


-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups

Warning -

W h e n a u s e r is re m oved w i t h u s e rdel w i t h o u t t h e - r o p t i o n s pe c i f i e d , t h e syst e m


w i l l have f i l e s t h a t a re owned by a n u n a s s i g n e d u s e r I D n u m be r. T h i s c a n a l so h a p p e n
-
w h e n f i l e s c reated by a d e l eted u s e r exist o u t s i d e t h e i r h o m e d i recto ry. T h i s s i t u a t i o n
c a n l e a d to i n fo r m a t i o n l e a k a g e a n d ot h e r secu rity i s s u e s .

I n Red H a t E n t e r p r i s e L i n u x 7 t h e u s e r ad d com m a n d a s s i g n s n e w u s e rs t h e f i rst


free U I D n u m be r ava i l a b l e in t h e ra n g e sta r t i n g from U I D 1 0 0 0 or a bove. (u n l ess o n e
i s e x p l i c i t l y specified w i t h t h e - u UID option). This i s how i n fo r m a t i o n l e a k a g e c a n
o c c u r : I f t h e f i rst f ree U I D n u m be r h a d b e e n p reviou s l y a s s i g n e d to a user account
which h a s s i n c e been removed from t h e syste m , t h e o l d u s e r ' s U I D n u m be r w i l l
g e t rea s s i g n e d t o t h e n e w u s e r, g i v i n g t h e n e w u s e r o w n e rs h i p o f t h e o l d u s e r ' s
re m a i n i n g f i l es. The fo l l ow i n g s c e n a r i o d e m o n st rates t h i s s i t u a t i o n :

[ root@serverx -]# use radd prince


[ root@serverx -]# ls 1 /home
drwx- - - - - - . 3 prince prince 74 Feb 4 15 : 22 prince
[ root@serverx -]# userdel p r i n c e
-

[ root@serverx -]# ls - 1 /home


drwx- - - - - - . 3 1000 1000 74 Feb 4 15 : 22 prince
[ root@serverx -]# use radd b o b
[ root@serverX -]# ls - 1 /home
drwx- - - - - - . 3 bob bob 74 Feb 4 15 : 23 bob
drwx- - - - - - . 3 bob bob 74 Feb 4 15 : 22 prince
-

N ot i c e that bob now owns a l l f i l es t h a t p rince once owned. D e p e n d i n g o n the


s i t u a t i o n , o n e solution to this p ro b l e m i s to rem ove a l l " u nowned " f i l es from the
syste m w h e n t h e u s e r that created them i s d e l eted. Another s o l u t i o n i s to m a n u a l l y
a s s i g n t h e " u n ow n e d " fi les to a d iffe rent u s e r. T h e root u s e r ca n f i n d " u n ow n e d " f i l e s
a n d d i rectories by r u n n i ng : find I - no u s e r - o - no g r o u p 2> /dev/nu ll.

id d i s p l a ys u s e r i n fo r m a t i o n
• i d w i l l d i s p l ay u s e r i nfor m a t i o n , i n c l u d i n g t h e u s e r ' s U I D n u m be r a n d g r o u p m e m b e rs h i ps.

• id use rname w i l l d i s p l ay user i n fo r m a t i o n for use rname, i n c l u d i n g the user's U I D n u m b e r -

a n d g ro u p m e m bers h i ps.

pas swd sets pa sswords -

• pas swd use rname c a n be used to e i t h e r set the user's i n i t i a l pa ssword o r c h a n g e that u s e r ' s
pa sswo rd .

• T h e root u s e r c a n set a password to a ny va l u e. A message w i l l be d i s p l ayed if t h e password


does not m e et the m i n i m u m reco m m e n d e d c rite r i a , but i s fo l l owed by a p ro m pt to retype t h e
--
new passwo rd a n d a l l toke n s a re u pdated su ccessfu l l y.

[ root@serverx -]# passwd student


Changing password for user student .
New password : redhat123
-

BAD PASSWORD : The password fails the dictionary check - it is based on a dictionary
word

126 R H 1 24- R H E L 7-en-1-20140606 -

-
-

M a n a g i n g l oca l u s e rs

Retype new password : redhat123


-

passwd : all authenticatio n to k e n s u p da t e d s u c_c es s_f u llY ·


- _ _____________ __ ____
_
_
____
_____� - -

J'
• A reg u l a r u s e r m u st c h oose a password w h i c h is at l east 8 c h a racters in l e n g t h a n d i s not
based o n a d i c t i o n a ry word, t h e u s e r n a m e, or t h e p rev i o u s password.
-

U I D ra n g es
-
Specific U I D n u m bers a n d ra n g e s of n u m be rs a re used for s pecific p u r poses by Red H a t
Enterp rise L i n u x.

• UID 0 is a l ways a s s i g n e d to t h e s u pe r u s e r accou nt, roo t .


-

• UID 1 -200 i s a ra n g e o f " syste m u s e rs" a ss i g n e d statica l l y t o system p rocesses by R e d Hat.

- • UID 201 -999 i s a ra n g e of " syste m users" used by syst e m p rocesses t h a t do n ot own f i l e s o n
t h e f i l e syste m . T h e y a re typica l l y a s s i g n e d d y n a m i ca l l y f r o m t h e ava i l a b l e p o o l w h e n t h e
softwa re t h a t n e e d s t h e m i s i n sta l l e d . Prog ra m s r u n a s t h e s e " u n p r i v i l e g e d " syst e m u se rs i n
- o r d e r to l i m it t h e i r a ccess to j u st t h e resou rces t h ey n e e d to f u n c t i o n .

• UID 1 000+ i s t h e ra n g e ava i l a b l e for ass i g n m e n t to reg u l a r users.


-

Note
-
P r i o r to Red H a t Enterprise L i n u x 7, t h e co nve n t i o n was that U I D 1 -499 was u s e d for
system u s e rs a n d U I D 500+ for reg u l a r u s e rs. Defa u lt ra nges used by u s e radd a n d
g rou padd c a n b e c h a n g ed i n t h e / e t c/login . d e f s f i l e.
-

-
R References
u s e r add(8), u s e rmod(8), u s e rdel(8) m a n pages

- R H1 24- R H E L 7-en-1 -20140606 127

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d G ro u ps

P ract ice: C reat i n g U se rs U s i n g Co m m a n d - l i n e


Too l s
-

Guided exercise

I n t h i s l a b , you w i l l c reate a n u m be r of u s e rs on you r s e rverX syste m , sett i n g a n d record i n g a n


i n it i a l password f o r e a c h u s e r.
-
O u tcomes
A system with a d d i t i o n a l user accounts.
-
Before you begin...
Reset you r se rve r X syst e m .

D 1. L o g i nto t h e G N O M E desktop o n s e rverX a s s t u d e n t w i t h a password of s t u d e n t .

D 2. O p e n a w i n d ow w i t h a B a s h prom pt.

S e l ect A p p l icat i o n s > Uti l i t i e s > Term i n a l.

-
D 3. Become the root user at the s h e l l pro m pt.

[student@serverX -]$
Password : redhat
su - -

D 4. Add the u s e r juliet.

I [ root@serverx - ] # use radd j uliet


-

D 5. Confirm t h a t ju/iet has been added by exa m i n i n g the / e t c / pas swd f i l e.

[ root@serverx - ] # t ail - 2 /etc/pas swd


-

tcpdump : x : 72 : 72 : : / : /sbin/nologin
j uliet : x : 1001 : 1001 : : /home/j uliet : /bin/bash -

D 6. U s e t h e passwd c o m m a n d to i n it i a l ize juliet's password.

[ root@serverx - ] # pas swd j uliet


-

Changing password for user j uliet .


New password : j uliet
BAD PASSWORD : The password is shorter than 8 characters
Retype new password : j uliet
-

passwd : all authentication tokens updated successfully .


D 7. Cont i n u e a d d i n g t h e re m a i n i n g users i n t h e steps b e l ow a n d set i n i t i a l passwords.
-
D 7.1 . ro meo

I [ root@serverX - ] # use radd romeo l

128 RH124- R H E L 7-en-1-20140606 -

-
-

G u i d e d exerc i s e

[ root@serverX -]# pas swd romeo


-

Changing password for user romeo .


New password : romeo
BAD PASSWORD : The password is shorter than 8 characters
Retype new password : romeo
-

passwd : all authentication tokens updated successfully .


-

D 7.2 . h a m let

[ root@serverx -]#
-

[ root@serverX -]#
use radd hamlet
passwd hamlet

D 7.3. reba

[ root@serverx -]#
[ root@serverX -]#
-
u se radd reba
passwd reba

-
D 7.4. d o l l y

[ root@serverx -]#
[ root@serverx -]#
-
u s e r add dolly
pas swd dolly

- D 7.5. e l v i s

[ root@serverX -]#
[ root@serverx -]#
use radd elvis
- passwd elvis

- R H 1 24- R H E L 7-en-1-20140606 129

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups


-

M a n a g i n g Loca l G ro u p Acco u nts


-

Objectives -

Aft e r co m p l et i n g t h i s sect i o n , students s h o u l d be a b l e to c reate, mod ify, a n d d e l ete l o ca l l y


d e f i n e d g ro u p a ccounts.
-

Managing supplementary groups


A g r o u p m u st e x i st before a user c a n be a d d e d to t h a t group. Seve ra l com m a n d - l i n e too l s a re -

used to m a n a g e l o c a l g ro u p accou nts.

g ro u padd c reates g ro u ps -

• g roupadd groupname without o p t i o n s uses t h e n ext ava i l a b l e G I D from t h e ra n g e specified


i n t h e / e t c/login . defs f i l e.
-

• The - g GID option is used to s pecify a specific G I D.

[student@serverx -]$ sudo g roupadd - g 5000 at eam


-

-
Note
G iv e n t h e a utomatic c reat i o n of u s e r p rivate g roups (G I D 1 000+), it is g e n e ra l ly
-
reco m m e n ded to set a s i d e a ra n g e of G I D n u m b e rs to be used for s u p p l ementa ry
g ro u ps. A h i g h e r ra n g e w i l l avoid a col l i s i o n with a system g ro u p (G I D 0-999).

• T h e - r o p t i o n w i l l c reate a system g ro u p u s i n g a G I D from the ra n g e of va l i d system G I D


n u m be rs l isted i n t h e / e t c/login . defs f i l e. -

I [ student@serverx -]$ sudo g roupadd - r appus e r s

g r o u pmod m o d i fies ex ist i n g g ro u ps


• T h e g r o u pmod com m a n d is used to c h a n g e a g r o u p n a m e to a G I D m a p p i n g . The - n option i s -

used t o s pecify a new n a me.

I [student@serverx -]$ sudo g r oupmod - n j avaapp appu s e r s

l [ student@serverx -]$
• T h e - g option is used to s pecify a n e w G I D. -

s u d o g r o upmod - g 6000 ateam


i
-

g r o u pdel d e l etes a g ro u p
• T h e g r o u pdel com m a n d wi l l rem ove a g ro u p . -

[ student@serverx -]$ s u d o g r oupdel j avaapp


-

130 R H 1 24- R H E L7-en-1-20140606 -

-
-

M a n a g i n g s u p p l e m e nt a ry g ro u ps
-

• A g ro u p m a y not be re m oved if it is the p r i m a ry g ro u p of a ny ex ist i n g user. As w i t h use rdel,


check a l l file syste m s to e n s u re t h a t no files re m a i n owned by t h e g ro u p.
-

u s e rmod a lt e rs g ro u p m e m b e rs h i p
-
• The m e m b e rs h i p o f a g ro u p i s contro l l e d w i t h u s e r m a n a g ement. C h a n g e a u s e r ' s p r i m a ry
group with u s e rmod - g groupname.

• Add a u s e r to a s u p p l e menta ry g ro u p with u s e rmod - aG groupname use rname.

[student@serverx -]$
-

sudo use rmod - aG wheel elvis

Important
- T h e use of t h e - a o pt i o n m a kes u s e rmod f u n c t i o n i n "appe n d " mode. W i t h o u t it, t h e
u s e r wou l d b e re m oved f r o m a ll other s u p p l e m e n t a ry g ro u ps.

R References
-

g roup(5), g rou padd(8), g r o u pdel(8), a n d u s e rmod(8) m a n pages

- R H 1 24- R H E L7-en-1-20140606 131

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U sers a n d Groups


-

P ract ice: M a n a g i n g G ro u ps U s i n g Com m a n d ­


-

l i n e Too l s
-

Guided exercise
-

I n t h i s l a b , you w i l l a d d u s e rs to n e w l y c reated s u p p l e m e nta ry g ro u ps.

Outcomes -

T h e shakespeare g r o u p c o n s ists of j ulie t , romeo, and h amle t . The a r t i s t s g ro u p conta i n s


reba, dolly, a n d elvis .
-
Before you begin. . .
Perform t h e fo l l ow i n g steps o n s e r v e r X u n l ess d i rected ot h e rwise.
-
D 1. Become t h e r o o t u s e r a t t h e s he l l prom pt.

[student@serverx -]$
�--��-�--��� --�� .----�-� ------,

Password : redhat
-

I
L.
su -

___j
I
-
D 2.
.

C reate a s u p p l e m e n t a ry g ro u p ca l l ed shakespeare w i t h a g ro u p ID of 30000.

[I [ root@serverx -]# g roupadd


..
--i
__ . .

- g 30000 shakesp a r e I
I �-
_----�------ -----'

D 3. C reate a s u p p l e m e ntary g ro u p c a l led a r t i s t s .


-

[ root@serverX -]#
!
L ---- ----����
g roupadd a r t i s t s

-
D 4. Confirm t h a t shakespeare a n d artists have b e e n a d d e d by exa m i n i n g the / e t c / g r o u p
f i l e.

l [ root@serverx -]# t ail


-

reba : x : 1004 :
,. dolly - 5 /etc/group

: x : 1005 :
elvis : x : 1006 : -

shakespeare : x : 30000 :
1- artists : x : 30001 :
D 5. Add the juliet user to the shakespeare g r o u p a s a s u p p l e m entary g ro u p .

I [ root@serverx -]# u sermod


r� -
-G shakespeare j uliet

D 6. Confirm that ju/iet h a s been a d d e d u s i n g t h e id c o m m a n d . -

'
,-
[ root@serverx - ]# id j u liet
uid=1001{j uliet ) gid=1001(j uliet ) groups=1001{j uliet ) , 30000( shakespeare ) -

D 7. Cont i n u e a d d i n g t h e re m a i n i n g u s e rs to g ro u p s as fo l l ows: -

132 R H 1 24- R H E L 7-en-1-20140606 -

-
-

G u i d e d exercise
-

D 7.1 . Add romeo a n d hamlet to t h e shakespeare g ro u p.

[ root@serverX -]#
[ root@serverX -]#
-
u s ermod - G shakespeare romeo
usermod -G s hakespeare hamlet

D 7.2 . Add reba, dolly, a n d elvis to t h e artists g ro u p .

[ root@serverx -]#
[ root@serverx -]#
- u se rmod - G a r t i s t s reba

[ root@serverX -]#
use rmod -G a r t i s t s dolly
use rmod -G a r t i s t s elvis

D 7.3. Ve rify t h e s u p p l e m e nta l group m e m be r s h i p s by exa m i n i n g the / e t c / g r o u p f i l e.

[ root@serverx -]# t ail - 5 /etc/group


reba : x : 1004 :
-

dolly : x : 1005 :
elvis : x : 1006 :
shakespeare : x : 30000 : j uliet, romeo, hamlet
artists : x : 30001 : reba, dolly, elvis
-

- R H 1 24- R H E L7-en-1-20140606 133

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups


-

M a n a g i n g U s e r Pa sswo rd s
-

Objectives
-
After com p l e t i n g t h i s sect i o n , stu d e n t s s h o u l d be a b l e to l o c k a ccou nts m a n u a l l y or by sett i n g a
pa ssword-a g i n g p o l icy i n t h e s h a d ow pa ssword f i l e.
-

Shadow passwords and password policy


I n t h e d ista n t past, e n c rypted passwords were stored i n the worl d - reada b l e /etc/passwd f i l e. T h i s
-
w a s t h o u g ht to be reaso n a b l y sec u re u n t i l d i c t i o n a ry attacks o n e n c rypted pa sswords b e c a m e
c o m m o n . At t h a t point, t h e e n c rypted passwords, o r " pa sswo rd h a s h es," w e re moved to t h e m o re
sec u re /etc/s h a d ow f i l e. This new f i l e a l s o a l lowed pa ssword a g i n g a n d ex p i ra t i o n featu res to be
-
implemented.

T h e re a re t h ree p i eces of i nform a t i o n stored i n a m o d e r n password h a s h :


-
$1$gCj La2/Z$6 Pu0EK0AzfCj xj v2ho LOB/

1. 1: The h a s h i n g a l g or i t h m . The n u m be r 1 i n d icates a n M D 5 h a s h . The n u m be r 6 a p p e a rs w h e n


-
a S H A-512 h a s h is u s e d .

2. g C j La2/Z: The salt used t o e n c rypt t h e h a s h . T h i s is orig i n a l l y chosen at ra n d o m . T h e


s a l t a n d t h e u n e n c rypted password a re c o m b i n e d a n d e n c rypted to c reate t h e e n c ry pted
pa ssword h a s h . The use of a s a l t prevents two u s e rs with the s a m e password from h a v i n g
i d e n t ica l e n t ries i n t h e / e t c / s hadow f i l e.
-

3. 6Pu0 EK0AzfCj x j v2ho LOB/: The e n c rypted h a s h .

W h e n a u s e r tries t o log i n , t h e system lo o k s u p t h e e n t ry f o r t h e u s e r i n / e t c / s hadow, -

c o m b i n e s t h e s a l t for t h e u s e r with t h e u ne n c ry pted password t h a t was typed i n , a n d e n c rypts


them u s i n g the h a s h i n g a l g o r i t h m s p e c i f i e d . I f the res u lt matches the e n c rypted hash, the user
typed i n t h e r i g h t password. I f t h e res u lt does n ' t match t h e e n c rypted hash, t h e user typed i n the -

w ro n g pa ssword a n d t h e login att e m pt fa i l s. T h i s method a l l ows t h e syste m to d ete r m i n e if t h e


u s e r t y p e d i n t h e correct pa ssword w i t h o u t sto r i n g t h a t password i n a form u s a b l e for l o g g i n g i n .
-

Note
-
Red H a t E nterprise L i n u x 6 a n d 7 s u p port two n ew stro n g password h a s h i n g
a l g or it h m s , S H A-256 (a l g orit h m 5) a n d S H A-512 (a l g o r it h m 6 ) . Bot h t h e s a l t st r i n g
a n d t h e e n c rypted h a s h a re l o n g e r for t hese a l g o r it h m s. T h e defa u l t a l g or i t h m u s e d
f o r p assword h a s h e s c a n be c h a n g e d by t h e root user by r u n n i n g t h e c o m m a n d
aut hconfig - - passalgo w i t h o n e o f t h e a rg u m e nts m d 5 , sha256, o r sha512, a s
a p p ro p r i ate.

Red Hat Enterprise L i n u x 7 defa u l t s to u s i n g S H A-512 e n c ry pt i o n .

/ e t c / s h adow fo r m a t
T h e format of / e t c / s hadow fo l l ows ( n i n e c o l o n - s e p a rated f i e l d s):

L Oname : Opassword : 01astchange : Ominage : Omaxage : Owarning : Oinactive : Oexpire : Ob1ank I


-

134 R H 1 24- R H E L7-e n-1-20140606 -

-
-

Password a g i n g

O
-

O
T h e l o g i n name. T h i s m u st be a va l i d acco u n t n a m e o n t h e syste m .
The e n c rypted password. A password fie l d w h i c h starts with a exc l a m a t i o n m a r k m e a n s t h a t
-
t h e pa ssword i s l o c ked.

O
O The date of t h e l a st password change, re p resented a s t h e n u m be r of days s i nce 1 970.01 .01 .

-
The minimum n u m be r of d a ys before a password m a y be c h a n g e d , w h e re O means "no
m i n i m u m a g e req u i re m e nt."
O The maximum n u m be r of days before a p a ssword m u st be cha nged.
-
O The warning p e r i o d t h a t a pa ssword is a bo u t to ex p i re. Represented i n days, w h e re 0 m e a n s

O
" n o wa r n i n g g iven."
The n u m be r of d ays a n account re ma i n s a ctive after a passwo rd h a s expired. A u s e r may
- sti l l l o g i nto the system and c h a nge t h e password d u ri n g t h i s period. After the s p e c ified

O
n u m be r of days, the acco u nt is l ocked, beco m i n g inactive.

O
The account expiration date, represented a s t h e n u m be r of days s i n ce 1970.01 .01 .
-
This blank f i e l d is reserved for future u se.

- Password aging
The fo l l owi n g d i a g ra m re l ates t h e re l eva nt pa ssword-a g i n g pa ra meters, w h i c h ca n be adjusted
u s i n g chage to i m p l e m e n t a password-a g i n g p o l i cy.
-

max da y s ( - M )
-
' .
' .
.
'
.
.
i nactive d a y s
min days ' . warn da y s (-1)
- '
(-m) ' ' (-W)
' '
' '
'
-
time -
-

last change password i n a ct ive


-
date (-d) expi rat ion date
date

-
# chage - m 0 - M 90 -W 7 - I 14 username

chage - d e username w i l l force a password u pdate o n next l og i n .


-

chage -1 use rname w i l l l i st a u s e r n a m e ' s c u rrent sett i n gs.

- chage -E YYYY - MM - DD wi l l e x p i re a n acco u nt o n a s pecific day.

Note
The date c o m m a n d can b e used to ca l c u l ate a date in the f u t u re.

[student@serverX -)$ d a t e - d
Sat Mar 22 11 : 47 : 06 EDT 2014
-

" +45 days "

- R H1 24- R H E L7-en-1 -20140606 135

-
-
-
C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Gro u p s

Restricting access
W i t h the chage com m a n d , a n acco u n t e x p i rat i o n c a n be set. O n c e that date is rea c h e d , t h e user -

-
c a n not log i nto t h e syst e m i nteract ive l y. The u s e rmod com m a n d can " l oc k " a n account w i t h the
L option.
...

[student@serverX - ] $ sudo use rmod


r - --··----��-- -- - ------ �-���
- -�- -�..
--
� -��
- ---- - ·-------------··�-�-

[ student@serverX - ] $ s u - elvis
- L elvis

Password : elvis
su : Authentication failure
-

-
W h e n a user h a s l eft t h e c o m p a ny, t h e a d m i n istrator m a y l o c k a n d ex p i re a n acco u n t w i t h a

,-[� tud�nt@se�verX -]$


s i n g l e use rmod com m a n d . T h e date m u st be g iven a s t h e n u m be r of days s i n ce 1 970.01 .01 .

-
s u d o use rmod - L - e 1 elvis
� -- ---�----�

Loc k i n g t h e account p revents t h e user from a u t h e nt i c a t i n g with a password to t h e syste m . I t -

-
is t h e reco m m e n d ed m e t h o d of p reve n t i n g access to a n accou nt b y a n e m p l oyee w h o h a s l eft
t h e compa ny. If t h e e m p l oyee ret u rns, t h e acco u n t c a n later be u n l o c ked w i t h u s e r mod U
USERNAME. I f t h e acco u n t was a l so e x p i red, be s u re to a l so c h a n g e t h e e x p i ra t i o n date. -

T he nologin she l l
Sometimes a u s e r n e e d s a n acco u n t with a password t o a u t h e nt i cate t o a syste m , b u t does not -
need a n intera ctive s h e l l o n t h e system. Fo r exa m p l e, a m a i l se rver may req u i re a n a c c o u n t to
store m a i l a n d a password for t h e user to a u t h e n t i cate w i t h a m a i l c l ient used to ret r i eve m a i l .
T h a t u s e r d o e s n ot n e e d to l o g d i rect l y i nto t h e syst e m . -

A c o m m o n s o l u t i o n to t h i s s i t u a t i o n is to s e t t h e u s e r ' s l o g i n s h e l l to /sbin/nologin. I f t h e user


atte m pts to l o g i nto the system d i rect l y, t h e nologin " s h e l l " will simply c l ose t h e c o n n ection. -

[ root@serverX -]# u s e rmod - s /sbin/nologin s t udent


[ root@serverx - ] # s u - s t udent
j This account is currently not available .
Last login : Tue Feb 4 18 : 40 : 30 EST 2014 on pts/0
-

L___ ___

Important
Use of t h e nologin s h e l l preve nts i nteractive u s e of t h e system, but does n ot p reve nt -
a l l access. A user m a y sti l l b e a b l e to a u t h e n ticate and u p l o a d o r ret rieve files t h ro u g h
a p p l i c a t i o n s s u c h a s w e b a p p l i ca t i o n s , f i l e t ra n sfer p rograms, or m a i l rea d e rs.
-

R References -
chage(1 ), u s e rmod(8), s h ad ow(5), c ry pt ( 3 ) m a n pages

136 RH124- R H E L7 - e n -1 -20140606

-
-

Practice: M a n a g i n g U s e r Password A g i n g
-

P ra ct i ce: M a n a g i n g U s e r Pa sswo rd Ag i n g
-

-
Guide d exercise
I n t h i s l a b , yo u w i l l set u n iq u e password p o l icies for users.
-
Outcomes
T h e pa ssword fo r romeo m u st b e c h a n g e d when t h e u s e r fi rst l o g s into t h e syst e m , eve ry 9 0 days
t h e reafter, and t h e acco u n t e x p i res i n 1 8 0 days.
-

Before you begin ...


Pe rfo r m the fo l l ow i n g steps o n serverX u n l ess d i rected othe rwise.
-

D 1. E x p l o re l o c k i n g and u n l o c k i n g accou nts.

- D 1.1 . L o c k t h e romeo accou nt.

-
[student@serverX -]$ sudo use rmod - L romeo

D 1 .2 . Atte m pt to log in as romeo.

[ student@serverX -]$ su - romeo


-

Password : romeo
-
su : Authentication failure
D 1 .3. U n l oc k the romeo account.

[student@serverX -]$
-

s u d o use rmod - U romeo


---
- -- ------
-- ---
-
D 2. C h a n g e t h e password p o l icy for romeo to req u i re a new password every 90 days.

[ student@serverX -]$ sudo c hage - M 90 romeo


[student@serverX -]$ sudo chage romeo
Last password change Feb 03, 2014
-
-1

Password expires May 04, 2014


Password inactive never
Account expires never
-

Minimum number of days between password change 0


Maximum number of days between password change 90
-
Number of days of warning before password expires 7
D 3. A d d i t i o n a l l y, force a password c h a n g e o n t h e fi rst l o g i n for t h e r omeo a cco u nt.

!
! [ student@serverX -]$ sudo chage - d 0 romeo
- !

D 4. Log in a s romeo a n d c h a n g e the pa sswo rd to f o r s o o t h 123.

'- '- �::������s �:�::x -]$ su - romeo


-1
- r�--�----�-�----

· You are required to change your password immediately ( root enforced )


-

- R H 1 24- R H E L 7-en-1-20140606 137

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups

Changing password for romeo .


-

{current ) UNIX password : romeo


New password : forsooth123
Retype new password : forsooth123
[ romeo@serverx -]$ exit
-

...
D 5. E x p i re a ccounts in t h e futu re.

D 5.1 . Dete r m i n e a date 1 8 0 d ays i n t h e f u t u re. -

[ student@serverX -]$ date -d " +180 days "


Sa t Aug 2 1 7 : e5 : 2e EDT 2e14 -

D 5.2. Set accounts to ex p i re on t h a t d a te.

[ student@serverX -]$ sudo chage E 2914 - 98 - 82 romeo


-

[student@serverx -]$ sudo chage -1 romeo


Last password change Feb 03, 2014
-

Password expires May 04, 2014


-

Password inactive never


Account expires Aug 02, 2014
Minimum number of days between password change 0
Maximum number of days between password change 90
-

Number of days of warning before password expires 7


-

138 R H 1 24- R H E L7-en-1-20140606 -

-
-

L a b : M a n a g i n g Loca l L i n u x U s e rs a n d Groups
-

L a b : M a n a g i n g Loca l L i n ux U se rs a n d G ro u ps
-

-
Perfor mance checklist
I n t h i s l a b, you w i l l defi n e a defa u l t password p o l icy, c reate a s u p p l e m e nta ry g ro u p of t h ree new
users, and mod ify the passwo rd p o l icy of o n e u s e r.
-

Outcomes
• A new g ro u p o n serverX ca l l ed c o n s u l t an t s , i n c l u d i n g t h ree new u s e r acco u nts for Sam
-
Spade, Betty Boop, and Dick Tra cy.

A l l new accounts s h o u l d req u i re t h a t passwords be c h a n g e d at fi rst l o g i n a n d every 30 days


-
t h e reafter.

• The new c o n s u l t a n t accounts s h o u l d ex p i re at t h e e n d of t h e 90-day contract, a n d Betty Boop


- m u st c h a n g e h e r password every 1 5 days.

Before you begin ...


- Reset yo u r serverX syst e m .

1. E n s u re t h a t n e w l y c reated u s e rs have passwords w h i c h m u st be c h a n g e d every 3 0 days.


-
2. C reate a new g ro u p n a m e d c o n s u l t an t s w i t h a G I D of 40000.

3. C reate t h ree new u s e rs: s s pade, bboop, a n d d t r acy, with a pa ssword of default and add
-
them to t h e s u p p l e m enta ry g ro u p con s u l t a n t s . The p r i m a ry group s ho u l d re m a i n a s the
user private g ro u p .
-
4. Dete r m i n e t h e date 90 d ays in t h e f u t u re a n d set each of t h e t h ree new u s e r accounts to
expire on t h a t d ate.

-
5. C h a n g e the password po l i cy fo r the bboop account to req u i re a new password every 15 d ays.

6. Additi o n a l l y, force a l l users to c h a ng e t h e i r pa sswo rd o n fi rst l o g i n .


-

7. W h e n you f i n i s h , r u n t h e lab localu s e r s g rade eva l u ation s c r i pt to c o n f i r m you have


done everyt h i n g c o r rect l y.
-

- R H 1 24- R H E L 7-en-1 -20140606 139

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U se rs a n d G ro u ps

Solution
-
I n t h i s l a b , you w i l l d e f i n e a defa u lt password p o l i cy, c reate a s u p p l e m enta ry g r o u p of t h ree new
u s e rs, and mod ify t h e password p o l icy of o n e u s e r.
-
Outcomes
• A new g ro u p o n serve r X ca l l ed c o n s u l t an t s , i n c l u d i n g t h ree new u s e r accounts for S a m
S pa d e, Betty Boop, a n d D i c k Tra cy.
-

• A l l new acco u nts s h o u l d req u i re that passwords be c h a n g e d at fi rst l o g i n a n d eve ry 3 0 days


t h e reafter.
-

• T h e new c o n s u ltant a ccou nts s h o u l d e x p i re at t h e e n d of t h e 90-day contract, a n d Betty Boop


m u st c h a n g e her pa ssword every 15 days.
-

Before you begin ...


Reset yo u r serverX syst e m .
-

1. E n s u re t h a t n e w l y c reated users h a v e passwo rds w h i c h m u st be c h a n g ed every 3 0 d a ys.

[student@serverX - ] $
[student@serverX - ] $
-
s u d o v i m /et c/login . defs

. . . Output omitted . . .
cat /etc/login . defs

PASS_MAX_DAYS 30
PASS_MIN_DAYS 0
PASS_MIN_LEN 5
-

PASS_WARN_AGE 7
. . . output omitted . . . -

2. C reate a new g ro u p n a m e d c o n s u l t a n t s w i t h a G I D o f 40000.

[student@serverx - ] $
-

[student@serverX - ] $
s u d o g roupadd - g 4 0 0 0 0 consultan t s

stapdev : x : 158 :
t ail - 5 /etc/group

pesign : x : 989 :
-

tcpdump : x : 72 :
slocate : x : 21 :
consultants : x : 40000 :
-

3. C reate t h re e new users: s s pade, bboop, and d t r acy, with a password of defaul t and add -

them to the s u p p l e m e n t a ry g ro u p consu l t a n t s . T h e p r i m a ry g ro u p s h o u l d re m a i n a s t h e


user private g ro u p .

[student@serverx - ] $ sudo u s e r add - G c o n s u l t a n t s s spade


-

[student@serverx - ] $ sudo use radd -G c o n s u l t a n t s bboop


[student@serverx - ] $ sudo use radd -G c o n s u l t a n t s d t racy
[student@serverX - ] $ t ail -5 /etc/group
slocate : x : 21 :
-

consultants : x : 40000 : sspade, bboop, dtracy


sspade : x : 1001 :
bboop : x : 1002 :
-

dtracy : x : 1003 :
[student@serverx - ] $ sudo passwd s spade
Changing password for user sspade .
New password : default
-

BAD PASSWORD : The password is shorter than B characters


-

140 R H 1 24- R H E L7-en-1 -20140606 -

-
-

Solution

Retype new password : default


-

passwd : all authentication tokens updated successfully .


[ student@serverx - ] $ sudo pas swd bboop
-
[student@serverx - ) $ sudo passwd dt racy
- 4. Dete r m i n e t h e date 90 days in t h e f u t u re a n d set e a c h of t h e t h re e new u s e r accounts to
e x p i re o n that date.

[ student@serverx - ] $ date -d " +90 days "


Mon May 5 11 : 49 : 24 EDT 2014
-

[ student@serverx - ] $ sudo chage -E 2014 - 0 5 - 05


[ student@serverX - ) $ sudo c hage -E 2014 - 05 - 05
ss pade

[ student@serverX - ] $ sudo c h age -E 2014 - 0 5 - 05


-
bboop
dt racy

- 5. C h a n g e the pa ssword p o l i c y for the bboop acco u n t to req u i re a new password every 15 d a ys.

[ student@serverx - ) $ sudo c h age -M 15 bboop


[student@serverX - ) $ sudo chage -1 bboop
Last password change Feb 04, 2014
-

Password expires Feb 19, 2014


Password inactive never
Account expires May e s , 2014
Minimum number of days between password change
-

Maximum number of days between password change 15


e

- Number of days of warning before password expires 7


6. A d d i t i o n a l ly, force a l l users to c h a n g e their pa ssword o n fi rst l o g i n .

[ student@serverx
-

[student@serverx
- ] $ sudo chage - d 0 sspade

[ student@serverX
- ) $ sudo c hage -d 0 bboop
- - ] $ sudo chage -d 0 dt racy

7. W h e n you f i n i s h , r u n t h e lab localu s e r s g r ade eva l u at i o n s c r i pt to confi r m you have


-
done everyt h i n g correct l y.

-
[ student@serverx - ) $ lab localu s e r s g r ade

- R H 1 24- R H E L 7-en-1-20140606 141

-
-

C h a pter 5. M a n a g i n g Loca l L i n u x U s e rs a n d Groups


-

S u m m a ry
-

U s e rs and Groups
L i st the ro l e s of u s e rs and g ro u p s on a L i n u x system and v i ew the l oca l confi g u ration
-
f i l es.

Ga i n i n g S u peruser Access
-
Esca l ate privi l e g e to run c o m m a n d s a s the s u pe r u s e r.

M a n a g i n g Loca l U s e r Accounts
-
A d d , remove, and mod ify local u sers with co m m a n d- l i n e tools.

M a n a g i n g Loca l G ro u p Accou nts


-
M a n a g e loca l g ro u p s with c o m m a n d - l i n e too l s .

M a n a g i n g U s e r Passwords
-
M a n a g e password a g i n g p o l icies for u s e rs and m a n u a l l y lock, u n l o c k , and e x p i re
accou nts.

142 R H 1 24- R H E L 7-en-1-20140606 -

-
red hat ®

®
TRAINING

C H A PT E R 6

CONTR OLLING ACCESS TO


FI LES WITH LINUX FILE SYSTEM
PERMISSIONS

Overview

Goal To set L i n u x f i l e system p e r m i s s i o n s on files a n d interpret


the security effects of d i fferent p e r m i s s i o n sett i n g s.

Objectives • E x p l a i n how t h e L i n u x f i l e p e r m i s s i o n s model works.

• C h a n g e the p e r m i s s i o n s a n d owners h i p of files u s i n g


comm a n d - l i n e t o o l s .

• Conf i g u re a d i rectory i n which newly c reated f i l es are


autom a t i c a l l y writa b l e by m e m be rs of the g ro u p w h i c h
o w n s t h e d i recto ry, u s i n g spec i a l p e r m i s s i o n s a n d defa u l t
u m a s k sett i n g s.

Sections • L i n u x F i l e System Per m i s s ions (a n d P ract ice)

• M a n a g i n g F i l e System Perm i s s i o n s f rom t h e C o m m a n d


L i n e (and P ractice)

• M a n a g i n g Defa u l t Per m i s sions a n d F i l e Access (and


Practice)

Lab • Contro l l in g Access to F i l es with L i n u x F i l e System


Perm i s s i o n s

R H1 24- R H E L7-e n-1 -201 40606 143


C h a pter 6. Contro l l i n g Access to F i l es w i t h L i n u x F i l e System Permissions

L i n u x F i l e Syste m Pe r m i s s i o n s

O bject ives
After com pl e t i n g t h i s section, students s h o u l d be a b l e t o e x p l a i n h o w t h e L i n u x f i l e p e r m issions
m o d e l works.

L i n u x f i l e syst e m p e r m i s s i o n s
Access t o files by users a re co ntro l l e d by file permissions. The L i n u x f i l e p e rm issions system is
s i m p l e but f l e x i b l e, w h i c h m a kes it easy to u nd e rstand a n d a p p ly, yet a b l e to h a n d l e m ost n o r m a l
p e r m i s s i o n c a s e s easi ly.

Files have j u st t h ree categories of user to w h ic h p e r m i ss i o n s a p p ly. The f i l e is owned by a user,


n o r m a l l y t h e o n e w h o created the f i l e . The file is a l s o owned by a s i n g l e group, u s u a l l y t h e
p r i m a ry g r o u p of t h e user w h o c reated t h e file, b u t t h i s can be c h a nged. D ifferent p e r m issions
can be set fo r t h e own i n g u s e r, the owning g ro u p , and for a l l other users o n t h e system t h at are
n ot the user o r a m e m b e r of the ow n i n g g roup.

The most specific permissions a p p ly. So, user p e r m i ssions override group p e r m i ssions, w h i c h
override other p e rm i s s i o ns.

In t h e g ra p h i c that follows, j o s h u a is a m e m b e r of the groups j o s h u a and web, w h i l e a l l ison i s


a member of a l l i s o n , w h e e l , a n d w e b . W h e n j o s h u a a n d a l l ison h ave the need to co l l a b o ra te,
the f i l es s h o u l d be associated with the g r o u p web a n d the g ro u p permissions s h o u l d a l low the
desired access.

joshua a l lison

Figure 6. 1 : Group membership illustration

There a re a l s o just t h ree categories of permissions w h ich a p p ly: read, write, a n d execute. These
permissions affect a ccess to fi l es and d i rectories a s f o l l ows:

Effects of permissions on files and directories


Per m i ssion Effect o n f i l e s Effect o n d i rectories

r (read) Contents of t h e f i l e can be read. Contents of t h e d i rectory (fi l e n a mes)


can be l isted.
w (write) Contents of t h e file can be c h a n g e d . A ny f i l e i n t h e d i rectory m a y be c reated
or d e l eted.
x (exec) F i l es ca n be executed as c o m m a n d s. Contents of the d i rectory ca n be
accessed (d ependent o n t h e p e r m i ssions
of t h e files i n t h e d i rectory).

144 R H 1 24- R H E L7-e n-1-20140606


-

V i ew i n g f i l e/d i rectory p e r m i s s i o n s a n d ow n e rs h i p
-

N ote t h a t u s e rs n o r m a l ly have b o t h r ead a n d exec o n rea d - o n l y d i rectories, so t h a t t h ey c a n l ist


t h e d i rectory a n d a ccess its contents. I f a user o n l y has read a ccess o n a d i recto ry, the n a m es of
-
the f i l e s in it can b e l i sted, but n o ot h e r information, i n c l u d i n g p e r m i s s i o n s or t i m e sta m ps , a re
a va i l a b l e , n o r can they be a ccessed. I f a user o n l y has exec a ccess o n a d i recto ry, t h ey ca n n ot
l ist t h e n a mes of t h e f i l e s i n t h e d i rectory, b u t if t h ey a l re a d y k n ow t h e n a m e of a fi l e w h i c h t h ey
-
have p e r m i ssion to rea d , t h e n t h ey c a n access t h e contents of t h a t f i l e by ex p l i c i t l y specify i n g t h e
f i l e n a m e.

-
A f i l e m a y be removed by a nyo n e w h o h a s write p e r m i s s i o n to t h e d i rectory i n w h i c h t h e f i l e
res id e s , regardless o f t h e o w n e rs h i p o r p e r m i s s i o n s o n t h e fi l e itse l f. ( T h i s ca n be ove r r i d d e n w i t h
a s p e ci a l p e r m i s s i o n , t h e sticky bit, w h i c h w i l l be d i scussed a t t h e e n d o f t h e u n it.)
-

Viewing file/directory per missions and ownership


- T h e - 1 o p t i o n of t h e ls com m a n d w i l l expa n d t h e f i l e l is t i n g to i n c l u d e both t h e p e r m i s s i o n s of a
f i l e a n d t h e owners h i p:

[student@desktopX -]$ ls - 1 t e s t
- rw- rw- r - - . 1 student student 0 Feb 8 17 : 36 test
-

- The co m m a n d ls 1 d i r ec t o ryname w i l l show t h e expa n d ed l i s t i n g of a l l of t h e f i l e s t h a t


-

res i d e i n s i d e t h e d i recto ry. To p reve nt t h e d e s c e n t into t h e d i rectory a n d s e e t h e e x p a n d e d l i s t i n g


of t h e d i rectory itse l f, a d d t h e - d o p t i o n to I s :

[student@desktopX - ] $ ls - ld /home
-

drwxr-xr - x . 5 root root 4096 Jan 31 22 : 00 /home


-

· ��--...., ,>
Note
-

U n l i ke N T FS p e r m i s s i o n s , L i n u x p e r m i s s i o n s o n l y a p p l y to t h e d i rectory or f i l e t h a t
t h ey a re s e t o n . P e r m i ss i o n s o n a d i rectory a re not i n h e r ited a utomatica l ly by t h e
- s u b d i rectories a n d fi les w it h i n i t . ( T h e p e r m issions o n a d i rectory may effect ive l y b l o c k
access to i t s contents, however.) A l l p e r m issions i n L i n u x a re s e t d i rect l y o n e a c h f i l e o r
d i rectory.
-
The rea d p e r m i s s i o n on a d i rectory i n L i n u x i s rou g h l y e q u iva l e nt to L i st fo l d e r
contents i n W i n d ows.
-
The write p e r m i s s i o n on a d i rectory in L i n u x is e q u i va l e nt to M o d ify i n W i n d ows; it
i m p l i es t h e a b i l ity to d e l ete fi l es a n d s u b d i recto ries. In L i n ux , i f w r i t e a n d t h e st i c ky b i t
a re both set o n a d i rectory, then only t h e u s e r t h a t o w n s a file o r s u b d irectory i n the
-
d i rectory m a y d e l ete it. which is c l ose to t h e b e h a v i o r of t h e W i n d ows Write p e r m i s s i o n .

R o o t h a s t h e e q u i va l e n t of t h e W i ndows Fu l l C o n t r o l p e r m i s s i o n o n a l l f i l es i n L i n u x.
-
H oweve r, root may sti l l h a ve a ccess rest r i cted by t h e system ' s S E L i n u x p o l icy a n d t h e
s e c u rity context of t h e process a n d f i l es i n q u est i o n . S E L i n u x w i l l b e d i scussed i n a l a t e r
cou rse.
-

- E xam ples: Linux user, group, other conce pts


I Users and their groups :
-

- R H 1 24- R H E L 7-en-1-20140606 145

-
-

C h a pter 6. C o n t ro l l i n g Access to F i l es w i t h L i n u x F i l e Syste m Pe r m i s s i o n s

lucy lucy, ricardo


ricky ricky, ricardo
ethel ethel, mertz
fred fred, mertz
-

File attributes ( permissions, user & group ownership, name ) :


drwxrwxr-x ricky ricardo dir (which contains the following files)
-

- rw- rw- r - - lucy lucy lfilel


- rw- r - - rw- lucy ricardo lfile2
- rw- rw- r - - ricky ricardo rfilel
-

- rw- r- - - - - ricky ricardo rf ile2

All o we d /denied be hav i o r C ont ro l l ing pe r m i s s i on s


-
lucy is t h e only person w h o ca n c h a n g e the lucy has write p e r m i s s i o n s o n t h e f i l e
contents of 1 filel. 1 filel a s the o w n e r. N o one is l i sted a s a
m e m be r of t h e g r o u p lu cy. The p e r m i s s i o n s -
for other d o not i n c l u d e w rite p e r m i s s i o n s .
r i c ky c a n v i ew t h e c o n t e n t s of l f i l e 2, but r icky i s a m e m b e r of t h e g ro u p ricardo,
c a n n ot m o d ify t h e contents of 1file2. a n d t h a t group h a s read-o n l y p e r m i s s i o n s -

o n lfile2. Eve n t h o u g h other h a s w r i t e


p e r m iss ions, g r o u p p e r m issions take
-
p receden ce.
r i c ky ca n d e l ete lfilel and lfile2. r icky h a s write p e r m i s s i o n s on the d i rectory
conta i n i n g both f i l es, and a s s u c h , he c a n -
d e l ete a n y f i l e i n t h a t d i recto ry.
e t hel ca n c h a n g e t h e contents of 1 file2. S i n ce et hel i s not lucy, and is not a
m e m be r of t h e ricardo g ro u p, other -

p e r m i s s i o n s a p p l y to h e r, a n d those i n c l u d e
w rite p e r m i s s i o n .
-
lucy can c h a n g e t h e c o n t e n t s of rfilel. lucy is a m e m b e r of t h e ricardo g ro u p ,
a n d t h a t g r o u p h a s both r e a d a n d w rite
p e r m i s s i o n s o n rfilel. -

r i c ky ca n v i ew a n d mod ify t h e contents of r i c ky owns the file and h a s bot h rea d a n d


rfile2. w rite access to rfile2.
-

lucy ca n view but not mod ify t h e contents of lucy is a m e m b e r of t h e ricardo g ro u p , a n d


rfile2. that g ro u p h a s read-o n l y a ccess to rfile2.
-

e t hel and f r ed do not have a n y a ccess to other p e r m i s s i o n s a p p l y to e t hel and f r ed ,


t h e c o n t e n t s of rfile2. and those p e r m i s s i o n s d o n ot i n c l u d e rea d or
w rite p e r m i s s i o n . -

146 R H 1 24 - R H E L 7-en-1-20140606 -

-
-

E xa m p l es : L i n u x u s e r, grou p, o t h e r concepts

References
ls(1) m a n p a g e

- info c o r e u t ils (GNU Coreuti/s)


• S e c t i o n 1 3 : C h a n g i n g f i l e att r i b utes

Jllllllf

- R H1 24- R H E L7 - e n -1 -20140606 1 47

-
-

C h a pter 6. Contro l l i ng Access to F i l e s w i t h L i n u x F i l e System Per m i s s i o n s


-

P ract ice: I nt e r p ret i n g Fi l e a n d D i recto ry -

Pe rm i ss i o n s
-

Quiz
-
U s i n g the d i rectory l i s t i n g presented, match t h e items t h a t fol l ow to t h e i r cou nterpa rts i n t h e
ta b l e.

Users and their groups :


-

wilma wilma, flintstone


fred fred, flintstone
betty betty, rubble
barney barney, rubble
File att ributes ( permissions, user & group ownership, name ) : -

drwxrwxr-x fred flintstone dir (which contains the following files )


- rw- rw- r- - wilma wilma lfilel
- rw- r - - rw- wilma flintstone lfile2
- rw- rw- r- - fred flintstone rfilel
-

- rw- r - - - - - fred flintstone rfile2 -

Descri pt i o n File name


-

Is o w n e d by f r e d a n d rea d a b l e by a l l u s e rs

Contents m a y be m o d i f i e d by t h e u s e r b e t t y -

-
Ca n b e d e l eted by t h e u s e r f r e d

Ca n not be read by the user b a r ney

H a s a g ro u p ow n e rs h i p of wilma
-

C a n be d e l eted by t h e u s e r b a r ney

-
148 R H 1 24- R H E L7-en-1 -20140606

-
-

Sol ution
-

Solution
-

U s i n g t h e d i rectory l i s t i n g presented, match t h e items t h a t fo l l ow to t h e i r counterpa rts i n t h e


t a b l e.

Users and their groups :


-

wilma wilma, flintstone


fred fred, flintstone
betty betty, rubble
-

barney barney, rubble


File attributes ( permissions, user & group ownership, name ) :
-

drwxrwxr-x fred flintstone dir (which contains the following files )


- rw- rw- r - - wilma wilma lfilel
- rw- r - - rw- wilma flintstone lfile2
-

- rw- rw- r - - fred flintstone rfilel


-
- rw- r - - - - - fred flintstone rf ile2

-
Desc r i p t i o n File name

-
Is o w n e d by f r e d a n d rea d a b l e by a l l u se rs rfi l e1

C o n t e n t s m a y b e m o d i f i e d by t h e u s e r b e t t y l f i l e2

Ca n b e d e l eted b y t h e u s e r f r e d all
-

Ca n n ot be rea d by the user b a r n ey rfi l e2


-

H a s a g ro u p ow n e rs h i p of wilma l f i l e1
-

Ca n b e d e l eted by t h e u s e r b a r ney none


-

- R H1 24- R H E L 7-en-1-20140606 149

-
-

C h a pter 6. Co n tro l l i ng Access to F i l es w i t h L i n u x F i l e System Pe r m i s s i o n s


-

M a n a g i n g Fi l e Syste m Pe rm iss i o n s f ro m t h e
-

Co m m a n d L i n e
-

Objectives
Afte r com p l et i n g t h i s sect i o n , students s h o u l d be a b l e to c h a n g e t h e p e r m i s s i o n s a n d o w n e rs h i p -

o f f i l es u s i n g com m a n d - l i n e too ls.

Changing file/directory per missions -

T h e com m a n d used to c h a n g e p e r m i s s i o n s from t h e co m m a n d l i n e is chmod, s h ort for " c h a n g e


m o d e " ( p e r m i s s i o n s a re a l so c a l l e d t h e mode o f a f i l e) . The c hmod com m a n d ta kes a p e r m i s s i o n -

i n struction fo l l owed by a l i st of f i l e s o r d i rectories to c h a n g e. T h e p e r m i s s i o n i n st r u c t i o n c a n be


issued either sy m bo l i ca l l y (t h e sy m b o l i c method) o r n u m e r i ca l l y (t h e n u m e r i c method).
-

Sy m bo l i c method keywo rd s :

r chmod WhoWha tWhich file l di rec tory -

• Who is u, g , o, a (for user, group, other, all) -

• What is +, -, = (for add, remove, set exactly)

-
• Which is r, w, x (for read, write, executable)

T h e symbolic method of c h a n g i n g f i l e p e r m i s s i o n s uses l etters to represent t h e d iffe rent g ro u p s


o f p e r m i s s i o n s : u f o r u s e r, g f o r g ro u p, o for ot h e r, a n d a for a l l . -

W i t h t h e sym b o l i c met h o d , i t i s not n ecess a ry t o set a com p l ete new g r o u p o f p e r m i s s i o n s .


I n stead, it is possi b l e to c h a n g e o n e o r m o re of t h e existing p e r m issions. I n order to a cco m p l is h -

t h i s, u s e t h ree sy m b o l s : + to a d d p e r m i s s i o n s to a set, - t o remove p e r m i s s i o n s f r o m a s e t , a n d =


to r e p l a c e t h e e n t i re set for a g ro u p of p e r m issions.
-.

T h e permissions t h e m s e l ves a re re p resented by a s i n g l e l etter: r for read , w for write, and x for
execute.
-

N u m e r i c met h o d :

l c hmod
...--- ·--�-���-----�--���--.
I
### file l direc tory
-

• E a c h d i g it re p resents a n a ccess l eve l : u s e r, g ro u p, ot h e r. -

• # is s u m of r=4, w=2, a n d x = 1 .
-
U s i n g t h e numeric met h o d , p e r m i s s i o n s a re re p resented b y a t h ree-d i g i t ( o r four, w h e n sett i n g
a d v a n ced p e r m i ssions) octal n u m b e r. A s i n g l e octa l d i g i t c a n r e p resent t h e n u m bers 0 - 7 , exact l y
t h e n u m b e r o f pos s i bi l ities f o r a t h ree-bit n u m be r.
-

To co nve rt betwe e n sy m b o l i c a nd n u m e r i c representation of p e r m i s s i o n s, we need to k n ow how


the m a p p i n g i s d o ne. In the t h ree-d i g i t oct a l ( n u m e r i c) represe ntat i o n , each digit sta n d s for o n e
-

150 R H 1 24- R H E L 7-en-1-20140606 -

-
-

C h a n g i n g f i l e/d i rectory user o r g ro u p ow n e rs h i p


-

g ro u p o f p e r m i s s i o n s , f r o m l eft t o r i g h t : u s e r, g ro u p , a n d ot h e r. I n e a c h of t h e s e g ro u p s , start w i t h
0. I f t h e rea d p e r m i s s i o n is present, a d d 4 . A d d 2 i f write i s p resent. a n d 1 f o r execute.
-

N u m e r i c p e r m i s s i o n s a re often used by a d va n ce d a d m i n istrators s i n c e t h ey a re s h o rter to type


and p ro n o u n ce, w h i l e st i l l g i v i n g fu l l control ove r a l l p e r m i ss i o n s.
-

Exa m i n e t h e p e r m i s s i o n s - rwx r - x - - - . Fo r t h e u s e r, rwx i s ca l c u l ated a s 4+2+1=7. Fo r t h e


g roup, r - x is ca l c u lated a s 4+0+1=5, a n d for o t h e r u s e rs, - - - is repres e n ted w i t h 0. Putt i n g
- t hese t h re e toget h e r, t h e n u m e r i c repres e n t a t i o n of t h o s e p e r m i s s i o n s i s 750.

This ca l c u l at i o n c a n also be perfo r m ed i n t h e o pposite d i rect i o n . Look at t h e p e r m issions 640.


-
For t h e u s e r p e r m i s s i o n s, 6 represents read (4) a n d w rite (2), w h i c h d i s p l ays a s rw - . Fo r t h e
g ro u p pa rt. 4 o n l y i n c l u d es r e a d ( 4 ) a n d d i s p l ays a s r - - . T h e 0 f o r o t h e r p rovides n o p e r m i s s i o n s
( - - - ) a n d t h e f i n a l s e t of sym b o l i c p e r m i s s i o ns for t h i s f i l e i s - rw - r - - - - - .
-

Exa m p l es
• Remove read a n d w rite p e r m i s s i o n for g r o u p a n d ot h e r on filel:

[student@desktopX -]$
-

c hmod go - rw filel

I [ student@desktopX -]$
• Add execute p e r m i ss i o n for everyo n e o n file2:
-

-
L__���
'
-·-·· ��---�
chmod a+x file2
� -��� ·=1
• Set rea d , w r ite, a n d execute perm ission for u s e r, rea d , a n d execute for g roup, a n d n o

1I [ student@desktopX -]$
- p e r m i s s i o n f o r ot h e r o n sampled i r :
- �- -- -

chmod 750 sampledi r


-

-
Note
T h e c hmod com m a n d s s u p ports t h e - R o p t i o n for rec u rsively sett i n g p e r m i s s i o n s
-
o n a n e n t i re d i rectory t ree. W h e n u s i n g t h i s o pt i o n , b e s u re to u s e t h e X p e r m issions
i n stead of t h e x p e r m i s s i o n to i n d icate t h a t execute p e r m i s s i o n s should only b e set o n
d i rectories, a n d n o t reg u l a r f i l es. Fo r exa m p l e, t h e fo l l ow i n g com m a n d w i l l recu rsive l y
-
set r e a d a n d write a ccess o n d emodi r a n d a l l its c h i l d re n f o r t h e i r g ro u p o w n e r, but w i l l
o n l y a p p l y execute p e r m i s s i o n s to d i rectories, n o t reg u l a r f i l e s :

-
i
j
[ student@desktopX -]# chmod - R g+ rwX demodir
L

Changing file/directory user or group ownership


- A new l y c reated f i l e is owned by t h e user w h o c reates t h e f i l e. By defa u l t , t h e n e w f i l e has
a g ro u p o w n e rs h i p which is t h e p r i m a ry g r o u p of t h e u s e r c reat i n g t h e fi l e. S i n ce Red Hat
Enterprise L i n u x uses u s e r private g roups, this g r o u p is often a g ro u p w i t h only t h a t u s e r a s a
-

- RH124-R H E L7-en-1-20140606 1 51

-
-

C h a pter 6. Con tro l l i n g Access to F i l e s w i t h L i n u x F i l e System Pe r m i s s i o n s


-

m e m be r. To g ra nt a c c e s s based on g ro u p m e m b e rs h i p, t h e own e r o r t h e g r o u p of a f i l e may n e e d


to b e c h a n g e d .
-

F i l e owners h i p ca n be c h a n g e d with t h e c hown c o m m a n d . For exa m p l e, to g ra nt o w n e rs h i p of


t h e f i l e foofile to s t u d e n t , t h e fo l l owi n g co m m a n d co u l d be used:

I [ root@desktopX -]#
-

i
c hown s t udent foofile
I
-
chown can be used w i t h t h e - R opt i o n to rec u rs i v e l y c h a n g e t h e ow n e rs h i p of a n e n t i re d i recto ry
t ree. The fo l l ow i n g co m m a n d wo u l d g ra nt ow n e rs h i p of foodi r and a l l f i l e s and s u b d i rectories
wit h i n it to s t u d e n t : -

I [ root@desktopX -]# chown - R s t udent foodir


-

The c hown com m a n d ca n a l so be used to c h a n g e g ro u p own e r s h i p of a f i l e by p rece d i n g t h e


g r o u p n a m e w i t h a co l o n ( : ). Fo r exa m p l e, t h e fo l l o w i n g com m a n d w i l l c h a n g e t h e g r o u p foodir
to admins : -

I [ root@desktopX -]# chown : admins foodir


-
;

The c hown co m m a n d c a n a l so be used to c h a n g e both owner a n d g ro u p at t h e s a m e t i m e by


u s i n g the synta x owne r : group. Fo r exa m p l e, to c h a n g e the owners h i p of foo d i r to vis i t o r -

! [ root@desktopX -]#
a n d t h e g r o u p to g u e s t s , u s e :

c hown visitor : gu e s t s foodi r -


I

O n l y root c a n c h a ng e t h e owners h i p of a f i le. G r o u p o w n e rs h i p, h owever, c a n be set by root


-
o r t h e fi l e ' s o w n e r. root c a n g rant ow n e rs h i p to a ny g ro u p, w h i l e n o n - root u s e rs ca n g ra nt
ow n e rs h i p o n l y to grou ps t h ey b e l o n g to.

Note
I nstead of u s i n g c hown, some u s e rs c h a n g e t h e g ro u p ow n e r s h i p by u s i n g t h e c h g r p
-
com m a n d ; t h i s co m m a n d works exact l y t h e s a m e a s c h a n g i n g ow n e rs h i p w i t h c hown,
i n c l u d i n g t h e use of - R to affect e n t i re d i rectory t rees.
-

R References
J,i
·.__ I -
ls(1 ), chmod(1), c h own(1 ) , a n d c h g r p(1) m a n p a g e s

152 R H 1 24- R H E L 7-en-1-20140606 -

-
-

Practice: M a n a g i n g F i l e S e c u rity from t h e C o m m a n d L i n e


-

P ra ct i ce: M a n a g i n g Fi l e S e c u rity fro m t h e


-

Co m m a n d L i n e
-

Guided exercise
-
I n t h i s l a b, you w i l l c reate a co l l a b o ra t ive d i rectory fo r pre-ex i s t i n g u s e rs.

Outcomes
-
A d i rectory a ccess i b l e by a l l m e m b e rs of t h e at eam g ro u p and a file c reated by Andy t h a t ca n b e
mod ified by A l ice.
-
Before you begin ...
Reset yo u r s e rverX system.
-
D 1. L o g i n to t h e G N O M E d e s ktop on serverX a s s t u d e n t w i t h a pa ssword of passwo r d .

D 2. O p e n a w i ndow with a B a s h p ro m pt.


-

S e l ect A p p l i c a t i o n s > Ut i l i t i e s > Term i n a l.

- D 3. Become t h e root user at the sh e l l prom pt.

[student@serverx
I, Password :
I
- ] $ su -
- redhat

D 4. R u n lab pe rmissions s e t u p w h i c h w i l l c reate a s h a red g ro u p , ateam, w i t h two n e w


-
u s e rs, an d y a n d alice. T h e password for these accou nts i s passwo rd

-
[ root@serverX - ] # lab pe rmissions s e t u p

D 5. C reate a d i rectory i n / home called a t e am - text.

I [ root@serverX - ] # mkdir /home/ateam - t ext


-
i

-
D 6. C h a n g e t h e g r o u p ow n e rs h i p of t h e ateam - t ext d i rectory to at eam.

- [ root@serverX - ] # chown : ateam /home/ateam - t ext

D 7. E n s u re the p e r m i s s i o n s of a t eam - t e x t a l l ows g ro u p m e m b e rs to c reate a n d d e l ete f i l es.

[ root@serverX
i
! - ] # chmod g+w /home/ateam - t ext
!
-

D 8. E n s u re t h e p e r m i s s i o n s of a t eam - t e x t forbids ot h e rs from accessi n g its fi l es.

.... [ root@serverx - ] # chmod 770 /home/ateam - text


[ root@serverX - ] $ ls - ld /home/ateam - text
drwxrwx- - - . 1 root ateam 6 Jan 23 12 : 50 /home/ateam- text
-

- R H 1 24- R H E L 7-en-1-20140606 1 53

-
-

C h a pter 6. Co n tro l l i n g Access to F i l es w i t h L i n u x F i l e System Pe r m i s s i o n s


-

D 9. Exit t h e root s he l l a n d s w i t c h to t h e u s e r a ndy with a pa ssword of passwo r d .

[ root@serverx -]# exit


-

[student@serverX -]$ su
Password : password
- andy
-

D 1 0. N av i g ate to t h e / home/at eam - t ext fo l d e r (reme m b e r to open a te r m i n a l w i n d ow f i rst).

I [andy@serverX -]$
-

cd /home/ateam - text

-
D 11. C reate a n e m pty file ca l l e d andyfile3.

[andy@serverX ateam- text] $ touch andyfile3 -

D 12. Record t h e defa u lt u s e r and group ow n e rs h i p of t h e new fi l e and its permissions.


-

[andy@serverX ateam- text ] $ ls andyfile3


- rw- rw- r - - . 1 andy andy 0 Jan 23 12 : 59 andyfile3
-1

D 13. C h a n g e the g r o u p ow n e rs h i p of the new fi l e to ateam and record the new o w n e rs h i p a n d


p e r m issions. -

[andy@serverX ateam- text]$ chown : ateam andyfile3


[andy@serverX ateam- text ] $ ls -1 andyfile3
- rw- rw- r- - . 1 andy ateam 0 Jan 23 12 : 59 andyfile3
-

-
D 14. Exit the s h e l l and switch to the user alice with a password of passwor d.

[ root@serverx -]# exit


[ student@serverX -]$ su
Password : passwo r d
-
- alice

-
D 1 5. N a v i g ate to t h e /home/at e am - t ext fo l d e r.

[alice@serverX -]$ cd /home/ateam - text -

D 1 6. Dete r m i n e alic e ' s p r i v i l e g e s to a ccess a nd /o r mod ify andyfile3.

[alice@serverX ateam-text] $ e c h o " text " >>


-

[alice@serverX ateam-text ] $ cat andyfile3


andyfile3

text -

-
154 R H 1 24- R H E L7-e n-1-20140606

-
-

M a n a g i n g Defa u lt P e r m i s s i o n s a n d F i l e Access
-

M a n a g i n g Defa u lt Pe r m i ss i o n s a n d F i l e Access
-

-
Objectives
Afte r com p l et i n g t h i s section, st u d e nts s h o u l d be a b l e to confi g u re a d i rectory i n w h i c h newly
c reated f i l e s a re a ut o m a t i ca l l y writa b l e by m e m b e rs of t h e g ro u p which owns t h e d i rectory, u s i n g
- spec i a l p e r m i s s i o n s a n d defa u lt u m a s k sett i n g s.

-
Special per missions
The (o r setg id) permission on a n executa b l e f i l e m e a n s t h a t t h e c o m m a n d w i l l r u n as t h e
set u i d
user( o r g ro u p) o f t h e f i l e, not a s t h e u s e r t h a t ra n t h e c o m m a n d . O n e exa m p l e is t h e passwd
-
com m a n d :

[student@desktopX ] $ l s / u s r/bin/passwd
- rwsr -xr-x . 1 root root 35504 Jul 16 2010 /usr/bin/passwd
- -1
-

The st i c ky bit fo r a d i rectory sets a speci a l rest riction on d e l etion of f i l e s : O n l y t h e owner of t h e


-
f i l e (a n d roo t ) c a n d e l ete f i l e s wit h i n t h e d i rectory. A n exa m p l e is / t m p :

[student@desktopX -]$ ls - ld /tmp


,-- ---- --- -
. .- --- . - -- - - -� - · · ----

-
drwxrwxrwt . 39 root root 4096 Feb 8 20 : 52 /tmp

-
Last l y, setg i d o n a d i rectory m e a n s that f i l e s created i n the d i rectory w i l l i n herit the g roup
affi l ia t i o n from t h e d i rectory, rat h e r than i n h e r i t i n g it from t h e crea t i n g u s e r. T h i s i s com m o n l y
u s e d o n g ro u p co l l a b o rat ive d i rectories to a ut o m a t i ca l l y c h a n g e a f i l e f r o m t h e defa u lt private
- g ro u p to the s h a re d g roup.

Effects o f special permissions o n files and directories

- Speci a l Effect o n f i l es Effect on d i rectories


permission
u+s (s u i d ) F i l e executes a s t h e u s e r t h a t o w n s N o effect.
-
the f i l e , not the user t h at ra n the f i l e.
g+s (sg i d ) F i l e executes a s t h e g ro u p t h a t o w n s F i l es n e w l y created i n t h e d i rectory
-
the f i l e. have t h e i r g ro u p owner set to match t h e
g ro u p ow n e r o f t h e d i recto ry.
o+t (st i c ky) No effect. Users with write o n the d i rectory can
-
o n l y remove f i l e s that t h ey own; t h ey
ca n n ot rem ove o r force saves to f i l es
owned by ot h e r users.
-

Sett i n g s p e c i a l p e r m i s s i o n s
-
• Sym b o l i c a l ly: s et u i d = u + s ; setg i d = g + s ; s t i c ky = o+t

• N u m e r ica l l y (fo u rt h prece d i n g d i g it): set u i d = 4; setg id = 2; sticky = 1


-

Exa m p l es
• Add t h e setg i d bit o n d i r e c t o ry:
-

- R H1 24- R H E L 7-en-1 -20140606 155

-
-

C h a pter 6. C o n t ro l l i n g Access to F i l e s w i t h L i n u x F i l e System Pe r m i s s i o n s


-

[ root@desktopX - ] # chmod g + s direc t o ry I


���----1 -

• Set the setg i d bit, a n d rea d/write/execute for u s e r a n d g r o u p o n d i r e c t o ry: -

Default file permissions


The d efa u l t p e r m i s s i o n s for f i l es a re set by t h e p rocesses t h a t create t h e m . Fo r exa m p l e, text
-
edito rs c reate f i l e s so t h ey a re rea d a b l e and w ritea b l e, but not executa b l e, by eve ryo n e. The
same goes for s h e l l red i re ct i o n . Additi o n a l l y, b i n a ry executa b l es a re created executa b l e by the
co m p i l ers that c reate t h e m . The mk d i r com m a n d c reates new d i rectories with a l l p e r m i s s i o n s
-
set-read , w rite, a n d execute.

Experience s h ows that t h ese p e r m i s s i o n s a re not typica l l y set w h e n new f i l e s a n d d i rectories a re


-
c reated. T h i s is because some of t h e p e r m issio n s a re c l ea red by t h e u m a s k of t h e s h e l l p rocess.
The umas k co m m a n d w i t h o u t a rg u men ts w i l l d i s p l a y the c u rrent va l u e of the s h e l l ' s u ma s k :

[student@desktopX
0002
-
i - ] $ umask
i
!

Eve ry process o n t h e syste m h a s a u m a s k , w h i c h i s a n octa l b i t m a s k t h a t is used to c l e a r t h e


p e r m i s s i o n s of new f i l e s a n d d i recto ries t h a t a re c reated by t h e p rocess. I f a bit is s e t i n t h e
u m a s k , t h e n t h e corres p o n d i n g p e r m i s s i o n is c l e a red i n n e w f i l es. Fo r exa m p l e, t h e p revi o u s -

u m a s k , 0 0 0 2 , c l e a rs t h e w rite bit for o t h e r u s e rs. T h e l e a d i n g zeros i n d icate t h e s p e c i a l , u s e r, a n d


g r o u p p e r m i s s i o n s a re not c l e a red. A u m a s k of 0 7 7 c l e a rs a l l t h e g r o u p a n d ot h e r p e r m i s s i o n s o f
ne w l y created f i l es .

Use t h e umas k c o m m a n d w i t h a s i n g l e n u m e r i c a rg u m e nt to c h a n g e t h e u m a s k o f t h e c u rrent


s h e l l . The n u m e ri c a rg u me n t s h o u l d b e a n octa l va l u e corres p o n d i n g to the n e w u m a s k va l u e. I f it -

is less t h a n 3 d i g its, l e a d i n g zeros a re a s s u m e d .

The system defa u lt u m a s k va l u es f o r B a s h sh e l l u s e rs a re defined i n t h e / e t c / p rofile a n d


/ e t c /bas h r c f i l es. U s e rs can ove r r i d e t h e system defa u lts i n t h e i r . bas h_p rofile a n d
. bas h r c f i l es.
-

In this exa m p l e, p l ease fo l l ow a l o n g w i t h the next steps w h i l e yo u r i n st r u ctor d e m o n st rates t h e


effects of umas k on new f i l e s a n d d i rectories.
-

1. C reate a new file a nd d i rectory to see how the defa u l t umask a ffects p e r m i s s i o n s .

r
[student@desktopX - ] $ touch newfile1
[student@desktopX - ] $ ls newfile1
-

- rw- rw- r - - . 1 student student 0 May 9 01 : 54 newfile1


-1

[student@desktopX - ] $ mkdir newdir1


[student@desktopX - ] $ ls - ld newdir1
drwxrwxr-x . 2 student student 0 May 9 01 : 54 newdir1
-

156 R H 1 24- R H E L7-en-1 -20140606 -

-
-

Defa u lt f i l e p e r m i s s i o n s
-

2. S e t t h e u m a s k va l u e t o 0. T h i s sett i n g w i l l n o t m a s k a n y of t h e p e r m i s s i o n s o f new f i l es.


C reate a new file and d i rectory to see how this new u m a s k affects permissions.

[student@desktopX - ] $ umask 0
-

[ student@desktopX ] $ t o u c h newfile2
[student@desktopX - ] $ ls newfile2
-

- rw- rw- rw- . 1 student student 0 May 9 01 : 54 newfile2


- -1

[ student@desktopX - ] $ mkdir newdir2


[ student@desktopX - ] $ ls - ld newdir2
-
drwxrwxrwx . 2 student student 0 May 9 01 : 54 newdir2
- 3. Set t h e umask va l u e to 0 07. This sett i n g w i l l mask a l l of t h e "ot h e r " p e r m i s s i o n s of new f i l es.

[student@desktopX - ] $ umask 007


[student@desktopX - ] $ touch newfile3
[student@desktopX - ] $ ls newfile3
- rw- rw- - - - . 1 student student 0 May 9 01 : 55 newfile3
-

-1

[student@desktopX - ]$ mkdir newdir3


[student@desktopX - ] $ ls - ld newdir3
drwxrwx - - - . 2 student student 0 May 9 01 : 54 newdir3
-

-
4. S e t t h e u m a s k va l u e t o 027. T h i s sett i n g w i l l m a s k w r i t e a ccess f o r g roup m e m b e rs a n d a l l o f
t h e "ot h e r " p e r m i s s i o n s of new f i l es.

[student@desktopX ] $ umask 027


-

[student@desktopX - ] $ touch newfile4


-

[student@desktopX - ] $ ls newfile4
- rw- r - - - - - . 1 student student 0 May 9 01 : 55 newfile4
-1

[ student@desktopX -]$ mkdir newdir4


-

[student@desktopX -]$ ls - ld newdir4


- drwxr-x- - - . 2 student student 0 May 9 01 : 54 newdir4
5. Log i n a s root to change t h e defa u l t umask for u n p r i v i l eged u s e rs to pro h i b it a l l access for
-
u s e rs not i n t h e i r g ro u p.

M o d ify /etc/bas h r c a n d / e t c / p rofile to c h a n g e t h e defa u l t u m a s k for B a s h s h e l l


- u s e rs. S i nce t h e defa u l t u m a s k f o r u n p ri v i l eged u s e rs is 0002, l o o k f o r t h e umas k com m a n d
i n these f i l es t h a t sets t h e u m a s k t o t h a t va l ue. C h a n g e t h e m to s e t t h e u m a s k to 007.

[ root@desktopX - ] # less /et c/bas h r c


# You could check uidgid reservation validity in
-

# /usr/share/doc/setup- */uidgid file


if [ $UID -gt 199 ] && [ '" id -gn ' " = " ' id - un ' " ] ; then
umask 002
else
-

umask 022
-
fi
# Only display echos from profile . d scripts if we are no login shell
[ root@desktopX - ] # vim /etc/bas h r c
[ root@desktopX - ] # less /etc/bashrc
# You could check uidgid reservation validity in
-

# /usr/share/doc/setup- */uidgid file


- if [ $UID -gt 199 ] && [ " ' id -gn ' " = " ' id - un ' " ] ; then
else
umask 0 0 7

- R H124- R H E L 7-e n -1-20140606 1 57

-
-

C h a pter 6. Contro l l i n g Access to F i l es w i t h L i n u x F i l e Syste m P e r m i s s i o n s

umask 022
-

fi
# Only display echos from profile . d scripts if we are no login shell
[ root@desktopX -)# less /etc/profile
-

# You could check uidgid reservation validity in


# /usr/share/doc/setup- */uidgid file
if [ $UID -gt 199 ] && [ " ' id -gn ' " " ' id - un ' " ] ; then
-

umask 002
=

else
umask 022
fi
-

for i in /etc/profile . d/* . sh ; do


[ root@desktopX -)# vim /etc/profile
[ root@desktopX -]# less /etc/profile
-

# You could check uidgid reservation validity in


# /usr/share/doc/setup- */uidgid file
if [ $UID -gt 199 ) && [ " ' id -gn ' " " ' id - un ' " ] ; then
-

umask 0 0 7
=

else
umask 022
fi
-

for i in /etc/profile . d/ * . sh ; do -

6. Log back i n a s s t u d e n t a n d confi r m that t h e umask c h a n g e s you m a d e a re persistent.

I [ student@desktopX -)$ umask


-

I 0001
L_ -- ��������-----' -

Note -

ot h e r s h e l l s , s u c h a s t c sh, m a y have different syste m d e fa u l t i n i t i a l i z a t i o n f i l e s i n


/ e t c a n d u sers' h o m e d i rectories.
-

References
I R
-
"
bash(l), ls(l), c hmod(l ), a n d umask(l) m a n pages

158 R H 1 24- R H E L7-e n -1-20140606 -

-
-

Practice: Contro l l i n g N ew F i l e P e r m i s s i o n s a n d O w n e rs h i p
-

P ra ct i ce: Cont ro l l i n g N ew Fi l e Pe r m iss i o n s a n d


-

Ow n e rs h i p
-

Guide d exercise
-
I n t h i s l a b, you w i l l control defa u lt p e r m i s s i o n s o n new f i l e s u s i n g t h e umas k com m a n d a n d
set gid p e r m i s s i o n .

- Outcomes
• C reate a s h a re d d i rectory w h e re new f i l es a re a utomatica l l y owned by t h e g ro u p ateam.

- E x p e r i m e n t with va r i o u s u m a s k sett i n g s .

• Adj ust d e fa u lt p e r m issions fo r s p e c ific u s e rs .


-
• Confi r m you r adjustment is correct.

Before you begin ...


-
Reset yo u r s e rverX system. Run lab permissions s e t u p to c reate the alice a ccount. The
password for alice is passwo r d .
-
D 1. L o g i n as alice on you r s e rve rX v i rt u a l m a c h i n e a n d o p e n a w i n d ow w i t h a Bash
prom pt. U s e t h e umas k com m a n d without a rg u ments to d i s p l a y A l ice's defa u l t u m a s k
va l u e.

[alice@serverX -]$ umask


-

0002
-

D 2. C reate a new d i recto ry / t m p / s h a r e d a n d a new f i l e / t m p / s h a r ed/defau l t s to see


-
how the defa u l t u m a s k affects p e r m i s s i o n s .

[ alice@serverX -]$ mkdir /tmp/shared


[alice@serverX -]$ ls -ld /tmp/shared
drwxrwxr-x . 2 alice alice 6 Jan 26 18 : 43 /tmp/shared
[alice@serverX -]$ touch /tmp/shared/defaults
-

[alice@serverX -]$ ls /tmp/shared/defaults


- rw- rw- r - - . 1 alice alice 0 Jan 26 18 : 43 /tmp/shared/defaults
- 1
-

D 3. Change t h e g ro u p ow n e rs h i p of / t mp/shared to at eam and record t h e n ew owners h i p


-
a n d p e r m issions.

[alice@serverx -]$ chown : ateam /tmp/shared


[ alice@serverX -]$ ls -ld /tmp/shared
drwxrwxr-x . 2 alice ateam 21 Jan 26 18 : 43 /tmp/shared
-

D 4. C reate a new file i n / t mp/shared and record t h e ow n e rs h i p and p e r m issions.

[ alice@serverX -]$ touch /tmp/shared/alice3


[alice@serverX -]$ ls /tmp/shared/alice3
-

- rw- rw- r - - . 1 alice alice 0 Jan 26 18 : 46 /tmp/shared/alice3


-1

- R H 1 24- R H E L7 - en -1 -20140606 1 59

-
-

C h a pter 6. C o n t ro l l i n g Access to F i l e s w i t h L i n u x F i l e System Pe r m i s s i o n s


-

D 5. E n s u re t h e p e r m i s s i o n s o f / t m p / s h a r e d c a u s e f i l e s c reated i n t h a t d i rectory to i n herit


t h e g ro u p o w n e rs h i p of ateam.
-

[alice@serverx -]$ chmod g+s /tmp/shared


[alice@serverx -]$ ls -ld /tmp/shared
drwxrws r - x . 2 alice ateam 34 Jan 26 18 : 46 /tmp/shared
[alice@serverx -]$ touch /tmp/shared/alice4
-

[alice@serverx -]$ ls /tmp/shared/alice4


- rw- rw- r - - . 1 alice ateam 0 Jan 26 18 : 48 /tmp/shared/alice4
-1

D 6. C h a n g e the u m a s k for alice s u c h that n e w f i l es a re c reated with rea d-on l y access for
-
the g ro u p a n d n o access for ot h e r u s e rs. C reate a new f i l e a nd rec o rd the o w n e rs h i p a n d
p e r m i s s i o n s.

[alice@serverX -]$ umask 027


[alice@serverx -]$ touch /tmp/shared/alice5
-

[alice@serverX -]$ ls /tmp/shared/alice5


- rw- r - - - - - . 1 alice ateam 0 Jan 26 18 : 48 /tmp/shared/alice5
-1
-

[
D 7. O p e n a n e w B a s h s h e l l as alice a n d view t h e u m a s k .

[alioo@mmx -]$ "'"''


-

0002 -

D 8. C h a n g e t h e defa u l t umask fo r alice to p ro h i b it a l l a ccess for u s e rs n ot i n their g ro u p.

[alice@serverx -]# echo "umask 007 " >> -/ . bashrc


-

[alice@serverx -]# cat -/ . bashrc


# . bashrc
# Source global definitions
-

if [ -f /etc/bashrc ] ; then
/etc/bashrc
fi
-

# Uncomment the following line if you don ' t like systemctl ' s auto- paging feature :
# export SYSTEMD_PAGER=
# User specific aliases and functions
umask 007 -

D 9. Log o u t a n d b a c k i nto se rverX as alice a n d confirm t h a t t h e u m a s k c h a n g e s you m a d e


-
a re p e rs istent.

[alice@serverX -]$ umask


0007 -

1 60 R H 1 24- R H EL 7-e n-1-20140606 -


-

L a b : Contro l l i n g Access to F i l es with L i n u x F i l e Syst e m P e r m i s s i o n s


-

La b: Co n t ro l l i n g Access to F i l es wit h L i n u x F i l e
-

Syste m Pe rm i ss i o n s
-

Performance checklist
-
I n t h i s l a b, you w i l l config u re a system with d i rectories for u s e r co l l a b o rat ion.

Outcomes
-
• A d i rectory on serve r X ca l l ed / home/ s t ooges w h e re t h ese t h ree u s e rs ca n work
co l l a borat ive l y o n f i l es.

-
• O n l y t h e user and group access, c reate, and d e l ete fi l es i n / home/ s t ooges. F i l es c reated in
this d i rectory s h o u l d a utomatica l l y be a s s i g n e d a group o w n e rs h i p of s t ooges.

• New files c reated by u s e rs w i l l not be a cces s i b l e outside of t h e g roup.

Before you begin . . .

I [student@serverX -]$ lab permissions setup


- Reset yo u r se rve rX syst e m . Log into a n d set u p yo u r server syste m .

.... i
Yo u r serve r X m a c h i n e h a s t h ree accou nts, c u r ly, lar ry, a n d moe, w h o a re m e m b e rs of a g ro u p
c a l l e d s t ooges. T h e password f o r e a c h acco u n t i s passwo r d .
-

1. O p e n a term i n a l w i n d ow a n d become root o n serverX.

-
2. C reate t h e /home / s t ooges d i rectory.

3. C h a n g e g ro u p p e r m i s s i o n s on the /hom e/stooges d i rectory so it b e l o n g s to the stooges


- g ro u p.

4. Set p e r m i s s i o n s o n the /home/ s t ooges d i rectory so it i s a set G I D bit d i rectory (2), t h e


- o w n e r (7 ) a n d g ro u p ( 7 ) h a v e fu l l read/w r ite/execute p e r m issions, a n d ot h e r u s e rs h a v e n o
p e r m i s s i o n (0) to t h e d i rectory.

...
5. C h eck that the p e r m i s s i o n s were set p r o p e r l y.

6. M o d ify t h e g l o b a l l o g i n s c r i pts so that n o r m a l u s e rs have a u m a s k sett i n g w h i c h p reve nts


-
ot h e rs from viewing or m o d ify i n g new files and d i rectories.

7. W h e n you f i n i s h , o p e n a t e r m i n a l w i n d ow o n serve r X a n d r u n lab permissions g r ade to


confi r m you have d o n e eve ryt h i n g correct l y.
-

- R H 1 24- R H E L 7-en-1-20140606 1 61

-
-

C h a pter 6. Con tro l l i ng Access to F i l e s with L i n u x F i l e System P e r m i s s i o n s

Solution
-

I n t h i s l a b , you w i l l confi g u re a system with d i rectories for u s e r co l l a borat i o n .

Outcomes -

• A d i rectory o n serve r X ca l l ed /home/st ooges w h e re t h e s e t h re e users c a n work


co l l a borative l y on f i l es.
-

• O n l y t h e user and g r o u p a ccess, c reate, and d e l ete f i l es in / home / s t ooges. F i l e s c reated in


t h i s d i rectory s h o u l d a ut o m a t i ca l l y b e a s s i g n e d a g r o u p o w n e rs h i p of s t ooges.
-

• New files c reated by users w i l l not be acces s i b l e outside of the g roup.

Before you begin. . . -

Reset yo u r serverX syst e m . Log into and set u p yo u r server syste m .

I
[ student@serverX -]$ lab permissions setup -

Yo u r serverX m a c h i n e has t h re e a ccou nts, c u r ly, lar ry, and moe, w h o a re m e m b e rs of a g ro u p


-
ca l l ed s t ooges. The pa ssword f o r e a c h a ccount i s passwo r d .

1. O p e n a te r m i n a l w i n d ow a n d become root o n serverX.


---- -

[student@serverX -]$ su - 1
Password : redhat
[ root@serverX -]#
I -

2. C reate t h e /home /s tooges d i recto ry. -

!
j
I
[ root@serverx -]# mkdir /home/stooges
-

3. C h a n g e g ro u p p e r m i s s i o n s o n t h e /home/stooges d i rectory so it b e l o n g s to t h e stooges


g ro u p .

[ root@serverx -]# chown : stooges /home/stooges


-


I
I
L_��--�----
-

4. Set p e r m i s s i o n s o n t h e /home / s t ooges d i rectory so it is a set G I D bit d i rectory (2), t h e


o w n e r (7 ) a n d g r o u p (7 ) h ave f u l l read/write/execute p e r m i s s i o n s, a n d o t h e r u s e rs h a ve no
permission (0) to t h e d i rectory. -

[ root@serverX -]# chmod 2770 /home/stooges -

5. C h e c k that the p e r m i s s i o n s were set p ro p e r l y.

[ root@serverX -]# ls -ld /home/stooges


-

drwxrws- - - . 2 root stooges 1024 Dec 9 1 : 38 /home/stooges


-

6. M o d i fy the g l o b a l l o g i n s c r i pts so that n o r m a l u s e rs h a ve a u ma s k sett i n g w h i c h p reve nts


o t h e rs from view i n g o r m o d i fy i n g n ew files and d i rectories.

1 62 R H 1 24- R H E L 7-en-1-20140606 -

-
-

Sol ution
-

[ root@serverX -]# vim /etc/bashrc


[ root@serverx -]# vim /etc/profile
[ root@serverX -]# less /etc/bashrc
# You could check uidgid reservation validity in
-

# /usr/share/doc/setup- */uidgid file


if [ $UID -gt 199 ] && [ '" id -gn ' " = " ' id -un ' " ] ; then
umask 0 0 7
else
-

umask e 2 2
- fi
for i in /etc/profile . d/ * . sh ; do
-

7. W h e n you f i n i s h , open a term i n a l w i n dow o n serverX a n d r u n lab pe rmissions g r ad e to


confirm you h ave d o n e everyt h i n g correct l y.

[ student@serverX -]$ lab permissions grade


-

..

- R H 1 24- R H E L 7-en-1-20140606 1 63

-
-

C h a pter 6. C o n t ro l l i n g Access to F i l es w i t h L i n u x F i l e System Pe r m i s s i o n s


-

S u m m a ry
-

L i n u x F i l e System Pe r m i s s i o n s
I nt e r p ret f i l e a n d d i rectory p e r m i s s i o n s a s d i s p l ayed with t h e l s co m m a n d .
-

M a n a g i n g F i l e System Pe r m i s s i o n s f r o m t h e C o m m a n d L i n e
M o d ify ow n e rs h i p a n d p e r m i s s i o n s of f i l e s a n d d i rectories u s i n g c hmod a n d chown.
-

M a n a g i n g Defa u l t Pe r m i s s i o n s and F i l e Access


E x p l a i n how d efa u l t p e r m i s s i o n s a re set by the system and u s e umas k and SGI D to
-
control a uto m a ti c a ccess to f i l es.

......

1 64 RH124- R H E L7-en-1-20140606 -
red h at ®

®
TRAINING

C HA PT E R 7

MONITORING AND MANAGING


LINUX P ROCESSES

Overview

Goal To eva l u ate a n d control processes r u n n i ng on a Red Hat


E nterprise L i n u x syste m .

Objectives • List a n d i nterpret b a s i c i nformation a bout processes


r u n n i n g o n t h e system .

• Control p rocesses i n t h e s h e l l ' s session u s i n g b a s h j o b


contro l .

• Termi nate a n d control p rocesses using s i g n a l s.

• Monitor resou rce u s a g e and system load d u e to process


activity.

Sections • Processes (a n d Practice)

• Contro l l i n g Jobs (a n d P ra ctice)

• K i l l i n g Processes (a n d Pract ice)

• M o n it o r i n g Process Activity (and Practice)

Lab • M o n itoring a n d M a n a g i n g L i n u x Processes

R H124- R H E L7-e n-1 -20140606 165


-

C h a pter 7. M o n itoring a n d M a n a g i n g L i n u x Processes


-

P rocesses
-

Objectives -

Afte r com p l e t i n g t h i s sect i o n , students s h o u l d be a b l e to:

• Defi n e the l ife cyc l e of a p rocess. -

• Define p rocess states.


-
• View and i n t e r p ret process l ist i n g s.

What is a process? -

A process is a r u n n i n g i nsta n c e of a l a u n ched, executa b l e progra m . A p rocess c o n s i sts of:


• an a d d ress space of a l l ocated m e m o ry,
-

• secu rity p roperties i n c l u d i n g ow n e rs h i p crede n t i a l s a n d p r i v i l eges,

• o n e o r m o re exec u t i o n t h re a d s of prog ra m code, a n d -

• t h e p rocess state.
-
The environment of a p rocess i n c l udes :
• loca l a n d g l o ba l va ria b l es,
-
• a c u rrent sched u l i n g context, and

• a l l ocated system resou rces, such a s file descri pto rs and n etwork ports.
-

A n exist i n g (parent) process d u p l icates its own a d d ress space (fo r k) to c reate a new (child)
p rocess structu re. Eve ry new p rocess is a s s i g n e d a u n i q u e process ID ( P I O) for t ra c k i n g
-
a n d s e c u r ity. The P I O a n d t h e parent's process I D ( P P I D) a re e l e m e nts of t h e new p rocess
e n v i ro n m e nt. Any process m a y create a c h i l d p rocess. A l l p rocesses a re desce n d a nts of the f i rst
syst e m p rocess, w h i c h i s syst emd (1) o n a Red Hat Enterprise L i n u x 7 system.

i parent
-

process
fork
process I
I
wait I parent
• I process
i
--------
1---�r-1.i process -

child exec child exit


�---L...._
.i zombie
process process
-

Figure 7. 1 : Process life cycle


-
T h ro u g h t h e fo r k rou t i n e, a c h i l d p rocess i n h erits secu rity i d e ntiti es, p revious a n d c u rrent f i l e
d e s c r i ptors, port a n d resou rce p r i v i l eges, enviro n m e n t va r i a b l es, a n d p ro g ra m code. A c h i l d
p rocess m a y t h e n exec i t s o w n prog ra m code. N o r m a l l y, a p a re n t p rocess sleeps w h i l e t h e c h i l d -
process r u n s , sett i n g a req u est (wait ) t o be s i g n a l e d w h e n t h e c h i l d co m p l etes. U p o n exit. t h e
c h i l d p rocess h a s a l ready c l osed o r d i sc a rded i t s resou rces a n d e n v i ron ment; t h e re m a i n d e r i s

166 R H 1 24- R H E L7-en-1-20140606 -

-
Process states

refe rred to a s a zombie. The parent, s i g n a led awake when t h e c h i l d exited, c l e a n s t h e rem a i n i n g
structu re, t h e n c o n t i n u e s with i t s o w n pro g r a m code execut i o n .

P rocess states
I n a m u l t i t a s k i n g operating system, e a c h C P U ( o r C P U core) c a n b e w o r k i n g o n o n e p rocess at a
s i n g l e p o i n t i n t i m e. A s a p rocess r u n s , its i m m ed iate req u irements for C P U t i m e a n d reso u rce
a l location c h a ng e . Processes are a s s i g ned a state, which c h a n g es a s c i rc u m st a nces req u i re .


fork reap

schedule run
exit

preempt or
reschedule

event or
signal

Figure 7.2: Linux process states

The L i n u x p ro cess states a re i l l ustrated in t h e p revious d ia g ra m a n d described in t h e fo l l owi n g


t a b le.

Linux process states


Name Flag Kernel-defined state n a m e a n d description

TASK_R U N N I N G: The p rocess i s either execu t i n g o n a C P U o r waiting to r u n .


R u n n i ng R Process c a n be exe c u t i n g user routines o r ker n e l rou t i nes (system c a l l s) , o r
be q u e u e d a n d r e a d y w h e n i n the Running ( o r Runnable) state.

TAS K_I N T E R R U PT I BL E : The p rocess i s waiti n g for some c o n d i t i o n : a


s h a rdware request, system resou rce a ccess, or s i g n a l . W h e n a n event o r
s i g n a l satisfies t h e c o n d i t i o n , the process ret u r n s to Running.

TAS K_U N I N T E R R U PT I B L E : This p rocess is a l s o Sleeping, but u n l i ke s state,


Sleeping D w i l l not res p o n d to d e l ivered s i g n a l s . Used o n l y u n d e r specific conditions i n
w h i c h p rocess i nterruption may cause a n u n p re d i ct a b l e d evice state.

TAS K_K I L L A B L E : I d e n t i c a l to the u n i nterrupt i b l e D state, but modified to


K a l l ow the w a i t i n g t a s k to res pond to a s i g n a l to be k i l l e d (exited c o m p l etely).
U t i l i t ies f re q u e n t l y d i s p l a y Killable p rocesses a s D state.

R H1 24- R H E L7-en-1-20140606 167


-

C h a pte r ?. M o n it o r i n g a n d M a n a g i n g L i n u x Processes
-

Name Flag Ke r n e l -defined state n a m e a n d description


TAS K_STO P P E D : T h e p rocess h a s been Stopped (s u s p e n ded), u s u a l l y by -

T b e i n g s i g n a led by a u s e r o r a n ot h e r p rocess. The process can be cont i n u ed


Stopped (res u m e d ) by a n ot h e r s ig n a l to ret u r n to Running.
-
TAS K_ T R A C E D : A p rocess t h a t is b e i n g d e b u g g ed is a l so t e m p o ra r i l y
T
Stopped a n d s h a res t h e s a m e T state f l a g .
E X I T_ZO M B I E: A c h i l d p rocess s i g n a l s its pa re n t as it exits. A l l resou rces
z
-

except for the process i d e n t ity ( P l D) a re re l e a s e d .


Zombie E X I T _ D E A D : W h e n t h e parent c l ea n s u p (reaps) t h e re m a i n i n g c h i l d p rocess
-
x structure, t h e process is now re leased com p l et e l y. T h i s state w i l l never be
observed in p rocess - l i s t i n g uti l ities.

Listing processes
The ps com m a n d is used fo r l i sti n g c u r re n t processes. The co m m a n d ca n p rovide d eta i l ed
-
p rocess i n fo r m a t i o n , i n c l u d i n g :
• t h e u s e r i d e n t ificat i o n ( U I D) w h i c h d ete r m i n es p rocess p r i v i l eges,

-
• t h e u n i q u e p rocess i d e n t ification ( P I D),

• t h e C P U and rea l t i m e a l ready e x p e n d e d ,


-

• how m u c h m e mory t h e p rocess h a s a l l ocated i n va rious l o c a t i o n s ,

• t h e locat i o n of p rocess STDOUT, k n o w n a s t h e controlling terminal, a n d -

• t h e c u r re n t p rocess state.
-

Important
T h e L i n u x v e rs i o n of ps s u p p o rts t h re e o p t i o n formats, i n c l u d i n g : -

• U N I X ( PO S I X) options, w h i c h m a y b e g ro u p e d a nd m ust be p receded by a d a s h ,

• B S D o p t i o n s, w h i c h may be g ro u p e d a n d m u st n ot be u s e d w i t h a d a s h , a n d -

• G N U l o n g o pt i o n s , w h i c h a re preceded by t w o d a s hes.

-
For exa m p l e, ps - aux is not the same a s ps aux.

-
A common d i s p l ay l i s t i n g (o ptions aux) d i s p l a ys a l l p rocesses, w i t h col u m n s i n which u s e rs w i l l
b e i nterested, a n d i n c l udes p rocesses w i t h o u t a c o n t ro l l i n g term i n a l . A l o n g l is t i n g (opt i o n s lax)
p rov i d es m o re tec h n i c a l deta i l , but may d i s p l a y faster by avo i d i n g the u s e r n a m e l o o k u p. The
-
s i m i l a r U N I X syntax uses t h e o pt i o n s - ef to d i s p l a y a l l processes.

[student@serverX -]$ ps aux


·-� - �. ���--"'1�

USER PIO %CPU %MEM vsz RSS TTY STAT START TIME COMMAND
root 1 0 . 1 0 . 1 51648 7504 ? Ss 17 : 45 0 : 03 /usr/lib/systemd/syst
-

root 2 0.0 0.0 0 0? 17 : 45 0 : 00 [ kthreadd]


root 3 0.0 0.0 0 0? 17 : 45 0 : 00 [ksoftirqd/0]
s

root 5 0.0 0.0 0 0? S< 17 : 45 0 : 00 [ kworker/0 : 0H]


s

root 7 0.0 0.0 0 0?


-

s 17 : 45 0 : 00 [migration/0]
-
- o u t p u t t runca ted
-

168 R H 1 24- R H E L 7-en-1-20140606 -

-
-

L i st i n g processes

[student@serverx -]$ ps lax


-

F UID PID PPID PR! NI VSZ RSS WCHAN STAT TTY TIME COMMAND
4 0 1 0 20 0 51648 7504 ep_pol ss ? 0 : 03 /usr/lib/systemd/
1 0 2 0 20 0 0 0 kthrea S ? 0 : 00 [kthreadd]
1 0 3 2 20 0 0 0 smpboo S ? 0 : 00 [ksoftirqd/0]
-

1 0 5 2 0 -20 0 0 worker S< ? 0 : 00 [ kworker/0 : 0H]


- 1 0 7 2 -100 0 0 smpboo S ? 0 : 00 [migration/0]
[student@serverX -]$ ps -ef
o u t p u t t runca ted

UID PID PPID C STIME TTY TIME CMD


root 1 0 0 17 : 45 ? 00 : 00 : 03 /usr/lib/systemd/systemd - -switched- ro
root 2 0 0 17 : 45 ? 00 : 00 : 00 [ kthreadd]
-

root 3 2 0 17 : 45 ? 00 : 00 : 00 [ ksoftirqd/0]
root 5 2 0 17 : 45 ? 00 : 00 : 00 [ kworker/0 : 0H]
root 7 2 0 17 : 45 ? 00 : 00 : 00 [migration/0]
- - o u t p u t t runca ted -
-

-
By defa u lt, ps with n o options s e l ects a l l processes w i t h the s a m e effective user ID ( E U I D) a s the
c u rrent u s e r a n d associated w i t h t h e s a m e t e r m i n a l w h e re p s was i nvoked.
- • Processes in b ra ckets ( u s u a l l y at the top) a re sched u l ed kernel t h reads.

• Zom b i e s s h ow u p i n a ps listing a s exiting o r defunct.

• ps d i s p l ays once. U s e t op(1 ) for a re petitive u pd ate p rocess d i s p l ay.

• ps c a n d i s p l a y i n t re e format to v iew pa rent/c h i l d re l a t i o n s h ips.


-

• The defa u lt output i s u n so rted. D i s p l a y order m a t c h es that of the system process t a b l e,


w h i c h re uses ta b l e rows as processes d i e a n d new o n e s a re c reated. O u t p u t m a y a p pe a r
...
c h ro n o l og ica l , b u t is not g u a ra nteed u n l ess e x p l icit - 0 o r - - s o r t opt i o n s a re used .

- R References
info libc signal (GNU C Library Reference Manual)
• Section 24: S i g n a l H a n d l i n g
-

info libc p rocesses (GNU C Library Reference Manual)


• Section 26: P rocesses
-

ps(1) and signal(7 ) man pages

- R H 1 24- R H E L 7-en-1-20140606 1 69

-
-

C h a pter 7. M o n itoring a n d M a n a g i n g L i n u x Processes


-

P ra ct i ce: P rocesses -

Quiz -

Match t h e fo l l ow i n g items to t h e i r counte rparts i n t h e ta b l e.


-

D e s c r i pt i o n State
-

P rocess h a s b e e n sto p ped t e m p o ra r i l y.


-

P rocess h a s j u st b e e n t e r m i n a t e d .
-

P rocess i s s c h e d u l e d b u t i s n o t y e t o n a C P U .
-

P ro cess i s wa i t i n g fo r 1 /0. -

P rocess i s u n i nte r r u pt i b l y wa i t i n g fo r a d e v i ce t o res p o n d . -

P rocess i s a t a p ro m pt , n e e d i n g u s e r i n p u t . -

-
P ro cess i s exec u t i n g a system ca l l .

-
170 R H 1 24- R H E L7-en-1-20140606

-
-

Solution
-

Solution
-

Match t h e fo l l ow i n g items to t h e i r c o u nterparts i n the ta b l e.

Desc r i p t i o n State

Process h a s b e e n sto p p e d te m p o ra r i l y. T
-

Process h a s j u st been te r m i n a t e d . z
-

P rocess i s s c h e d u l ed b u t i s n ot yet o n a C P U . R
-

Process i s wa i t i n g fo r 1 /0 . s
-

-
Process i s u n i n te r r u pt i b l y wa it i n g fo r a d ev i ce to res p o n d . D

- Process i s at a p ro m pt , n e e d i n g u s e r i n p u t . s

-
Process i s exe c u t i n g a syste m ca l l . R

- R H 1 24- R H E L7-en-1-20140606 171

-
-

C h a pte r 7. M o n it o r i n g a n d M a n a g i n g L i n u x Processes
-

Cont ro l l i n g J o bs
-

Objectives -
After com p l et i n g t h i s sect i o n , stu d e nts s h o u l d be a b l e to:

• E x p l a i n the ter ms fore g ro u n d , b a c kg ro u n d , a n d c o n t ro l l i n g te r m i n a l . -

• U s e j o b c o n t ro l t o m a n a g e m u l t i p l e c o m m a n d - l i n e tasks.
-
Jobs and sessions
Job control i s a com m a n d s he l l fea t u re a l l o w i n g a s i n g l e s h e l l i n st a n ce to r u n a n d m a n a g e
-
m u lt i p l e com m a n ds. W i t h o u t job c o n t ro l , a p a r e n t s h e l l forks a c h i l d process to r u n a co m m a n d ,
s l e e p i n g u n t i l t h e c h i l d p rocess exits. W h e n t h e s h e l l prompt red i s p l ays, t h e pa rent s h e l l
h a s ret u r n e d . W i t h j o b contro l , co m m a n d s c a n b e s e l ective l y s u s p e n d e d , res u m ed, a n d r u n
-
a sy n c h ro n o u s l y, a l l o w i n g t h e s h e l l to ret u r n fo r a d d i t i o n a l co m m a n d s w h i l e c h i l d p rocesses r u n .

A foreground p rocess is a c o m m a n d r u n n i n g i n a t e r m i n a l w i n d ow. The term i n a l ' s device I D ( t ty)


....
is the process's controlling terminal. Fo reg ro u n d p rocesses receive keyboa rd-g e n e rated i n put a n d
s i g n a l s a n d a re a l l owed to read f r o m o r w rite to t h e term i n a l (e.g., via s t d i n a n d s t d o u t ) .

A p rocess session is c reated w h e n a te r m i n a l o r c o n s o l e f i rst o p e n s (e.g., a t l o g i n o r by invo k i n g a -


new Terminal i n sta n ce). A l l p rocesses (e.g . , t h e fi rst com m a n d s h e l l , its c h i l d re n , a n d p i p e l i nes)
i n itiated from that te r m i n a l s h a re the s a m e session ID. Wit h i n a sess i o n , o n l y o n e p rocess can be
i n t h e foreg ro u n d at a t i m e. -

A background p rocess is sta rted without a c o n t ro l l i n g term i n a l because it h a s n o need


for term i n a l i nteract i o n . In a ps l ist i n g , such processes (e.g., s e rvice daemons a n d kernel -
p rocess t h reads) display a q u est i o n mark (?) i n t h e TTY co l u m n . B a c kg ro u n d p rocesses w h i c h
( i m p ro pe r l y) atte m pt to r e a d f r o m o r w rite to t h e te r m i n a l may b e s u s p e n d e d .
-

Running jobs in the background


Any co m m a n d c a n be started i n t h e b a c k g r o u n d by a p p e n d i n g a n a m p e rs a n d (&) to t h e co m m a n d -
l i ne. T h e b a s h s h e l l d is p l a ys a job number (u n i q u e t o t h e session) a n d t h e P I O of t h e n e w c h i l d
p rocess. T h e c o m m a n d s h e l l does not w a i t f o r t h e c h i l d p rocess a n d red i s p l ays t h e s h e l l p ro m pt.

[ student@serverx -]$ sleep


-

[1] 5947
10000 &

[ student@serverx -]$ -

Note -

A n a m p e rs a n d w i l l b a c kg ro u n d o n l y t h e l a st c o m m a n d i n a p i p e l i n e, u n l ess t h e
com m a n d set i s s u r ro u nded w i t h pa rentheses. T h e P I O ret u r n e d i s from t h e p i p e l i n e ' s

1· [ student@serverX -]$ ( example_command I sort I mail -s "Sort output" )


-
l a st p rocess. A l l p rocesses i n t h e p i p e l i n e a re now m e m b e rs o f t h e s a m e j o b.

[1] 5998
&
-

172 R H 1 24- R H E L7-en-1-20140606 -

-
-

R u n n i n g jobs i n t h e b a c kg ro u n d
-

The b a s h co m m a n d s h e l l t ra c k s j o b s , per sess i o n , i n a t a b l e d i s p l ayed w i t h t h e j ob s co m m a n d .

[student@serverx -]$ jobs


-

[1] + Running sleep 10C:JC:JC:J &


[ s t ud e n t@serverx - ] $
-

Backg ro u n d jobs c a n reco n n ect to t h e contro l l i n g term i n a l by b e i n g b ro u g h t to t h e fore g ro u n d


-
u s i n g t h e fg com m a n d w i t h t h e j o b I D (%j o b n umb e r ) .

[""''"'""""" -] · , . ..
-

I sleep 1C:JC:JC:JC:J

The exa m p l e sleep c o m m a n d i s now r u n n i n g on the c o n t ro l l i n g term i n a l . The com m a n d s h e l l


i s a g a i n a s l eep, wait i n g f o r t h i s c h i l d p rocess to exit. To res e n d t o t h e backgro u n d , o r to s e n d
any co m m a n d i n w h i c h t h e t ra i l i n g a m persa n d was not o r i g i n a l l y i n c l u d e d , s e n d t h e keyboa rd­
-
g e n e rated suspend req u est (Ct r l - z ) to the p rocess.

sleep 1C:JC:JC:JC:J
"Z
[1]+ Stopped sleep 1C:JC:JC:JC:J
-

[student@serverX -]$
-

The s u s p e n d takes effect i m m e d ia te l y. The job is p l aced in the backg ro u n d . Pe n d i n g o u t p u t a n d


keyboard typea h e a d a re d iscarded.
-

The ps option j d i s p l ays j o b i nformation, i n c l u d i n g the i n it i a l co m m a n d s h e l l of e a c h sess i o n .


S i nce t h e s l e e p exa m p l e co m m a n d i s c u r re n t l y s u s p e n d e d , t h e state f l a g d i s p l ayed i s T .
-

[student@serverx -]$ ps j
PPID PIO PGID SID TTY TPGID STAT UID TIME COMMAND
2764 2768 2768 2768 pts/C:J 6377 Ss 1C:JC:JC:J C:J : C:JC:J /bin/bash
2768 5947 5947 2768 pts/C:J 6377 T 1C:JC:JC:J C:J : C:JC:J sleep 1C:JC:JC:JC:J
-

2768 6377 6377 2768 pts/C:J 6377 R+ 1C:JC:JC:J C:J : C:JC:J ps j


- [student@serverx -]$
To restart t h e process i n t h e background, use t h e bg co m m a n d with t h e s a m e j o b I D.

[student@serverx -]$
-

[1]+ sleep 1C:JC:JC:JC:J &


bg %1

-
[student@serverX -]$

-
The co m m a n d s h e l l w i l l wa r n a u s e r who atte m pts to exit a t e rm i n a l w i n dow (ses s i o n ) w i t h
s u s p e n d e d j o bs. I f t h e u s e r tr i es e x i t i n g a g a i n i m m ed i a t e l y, t h e s u s p e n d e d jobs a re k i l l e d .

- R H 1 24- R H E L7-en-1-20140606 173

-
-

C h a pter 7. M o n itoring a n d M a n a g i n g L i n u x Processes


-

R References -

Addit i o n a l i nfor m a t i o n m a y be a va i l a b l e i n t h e c h a pt e r o n viewing syst e m processes


i n the Red Hat Enterprise Linux System Administrator's Guide for Red H a t E n t e r p r i s e
-
L i n u x 7, w h i c h ca n b e fo u n d a t
htt p://docs.red hat.com/

-
libc i nfo page (GNU C Library Reference Manual)
• Sect i o n 24: Sig n a l H a n d l i n g

• Sect i o n 26: Processes -

bas h(l ) , builtins(1), ps(l), sleep(l) man pages


-

174 R H 1 24- R H E L 7-en-1 -20140606 -

-
-

Practice: B a c k g ro u n d a n d Fo re g ro u n d Processes
-

P ra ct i ce: B a c kg ro u n d a n d Fo reg ro u n d
-

P ro cesses
-

Guided exercise
-
I n t h i s l a b, st u d e nts w i l l start, s u s p e n d , a n d reco n n ect to m u l t i p l e p rocesses u s i n g j o b contro l .

Outcomes:
-
Practice s u s p e n d i n g and resta r t i n g u s e r p rocesses.

Before you begin ...


-
Log in a s student to serverX. Beg i n i n stu d e n t ' s home d i recto ry.

D 1. O p e n t w o te r m i n a l w i n d ows, s i d e by s i d e, to be refe rred to a s left a n d right.


-

D 2. In t h e l eft w i n d ow, sta rt a p rocess t h a t cont i n u o u s l y appends t h e word " ro c k " a n d a


space to t h e f i l e -/ou t file at o n e-second i nte rva l s . The c o m p l ete com m a n d set m u st
-
be conta i ned i n parenth eses f o r j o b control to i n t e r p ret t h e set as a s i n g l e job.

-
�s tudent@serverX -]$ (while true; do echo -n "rock " >> -/outfile; sleep 1; done)
D 3. In the right w i n d ow, use t ail to c o n f i r m that the new process i s w r i t i n g to t h e f i l e .

[ student@serverx -]$ tail -f -/outfile


-

-
D 4. In t h e left w i n d ow, s u s p e n d the r u n n i n g p rocess. The s h e l l ret u r n s the job I D in s q u a re
b ra c kets. I n t h e right w i n d o w, confi r m t h a t t h e p rocess o u t p u t h a s sto p p e d .

I [ student@serverX -]$ Ctrl-z


-

-
D 5. I n t h e left w i n d ow, view t h e j obs l i st. The + de notes t h e current job. Restart t h e j o b i n t h e
b a c kg ro u n d . I n t h e r i g h t w i n d ow, c o n f i r m t h a t t h e p rocess o u t p u t is a g a i n active.

[student@serverx -]$ jobs


[1] + Stopped ( while true; do
-

echo -n " rock " >> -/outfile ; sleep 1;


done )
[student@serverx -]$ bg
[student@serverX -]$ jobs
-

D 6. In the left w i n d ow, sta rt two m o re p rocesses to a p p e n d to the same o ut p u t f i l e. R e p l a c e


" ro c k " w i t h " p a p e r," a n d t h e n w i t h "scissors." To p r o p e r l y b a c k g r o u n d t h e p rocess, t h e
- c o m p l ete c o m m a n d set m u st be conta i n e d i n parentheses a n d e n d e d with a n a m pe rsa n d .

[ student@serverX -]$ (while true ; do echo -n "paper " > > -/outfile; sleep 1 ;
done) &
[ student@serverX -]$ (while true; do echo -n "scissors >> -/outfile; sleep
-

done) &
" 1;

- R H 1 24- R H E L 7-en-1-20140606 175

-
-

C h a pter 7. M o n it o r i n g a n d M a n a g i n g L i n u x Processes
-

D 7. I n t h e l eft w i n d ow, view j obs to see a l l t h ree p rocesses " R u n n i n g " . I n t h e right w i n d ow,
c o n f i r m t h a t a l l t h ree p rocesses a re a p p e n d i n g to t h e f i l e.

[student@serverx -]$ jobs


-

I
-

D 8. U s i n g o n l y com m a n d s p revio u s l y l e a r n e d , s u s p e n d the " rock" p rocess. In the l eft w i n d ow,


fore g ro u n d t h e job, u s i n g t h e j o b I D dete r m i n e d from t h e j obs l is t i n g , t h e n s u s p e n d it
u s i n g Ctrl-z. Confirm that the " ro c k " process is " Stopped " . In the r i g h t w i n d ow, confirm -

t h a t " ro c k " output i s n o l o n g e r a c t ive.

[ student@serverx -]$ jobs


[ student@serverx -]$ fg %number
-

[ student@serverx -]$ C t rl - z
-

D 9. E n d the " pa p e r " p rocess. I n t h e l eft w i n d ow, fore g ro u n d t h e job, t h e n t e r m i n ate it u s i n g


C t r l -c. C o n f i r m t h a t t h e " p a p e r " p rocess h a s d i sappea re d . I n t h e r i g h t w i n dow, confi rm
-
that " pa pe r " output is no l o n g e r act ive.

[ student@serverX -]$ jobs


[student@serverx -]$ fg %number
[ student@serverx -]$ Ct r l - c
-

D 1 0. I n t h e l eft wi n d ow, view t h e re m a i n i ng jobs u s i n g ps. T h e s u s p e n d e d j o b h a s state T. The


ot h e r backgro u n d j o b is s l e e p i n g (5), s i n ce ps is "on cpu" (R) w h i l e d i s p l a y i n g .

[student@serverx -]$ ps j
-

PPID PIO PGID SID TTY TPGID STAT UID TIME COMMAND
4489 6223 6223 6223 pts/1 12918 Ss 1000 0 : 00 bash
4489 6237 6237 6237 pts/2 9782 Ss 1000 0 : 00 bash
6237 9782 9782 6237 pts/2 9782 S+ 1000 0 : 00 tail -f /home/student/a
-

7360 9856 7360 6223 pts/1 12918 T 1000 0 : 00 sleep 1


7395 12916 7395 6223 pts/1 12918 s 1000 0 : 00 sleep 1
6223 12918 12918 6223 pts/1 12918 R+ 1000 0 : 00 ps j
-

D 11. Stop t h e re ma i n i n g two jobs. In t h e l eft w i n dow, fo re g ro u n d either job. Te r m i nate it u s i n g -

C t r l - c . Re peat w i t h t h e re m a i n i n g job. T h e " Stopped" j o b t e m p o ra r i l y resta rts w h e n


fo re g ro u n d e d . C o n f i r m that n o jobs re m a i n a n d that o u t p u t h a s sto p p e d .

[ student@serverx -]$ fg %number


-

[ student@serverX -]$ Ct r l - c
[ student@serverx -]$ fg %number
[ student@serverX -]$ Ct r l - c
-

[ student@serverx -]$ jobs


-

D 12. In the right w i n d ow, stop t h e t ail com m a n d . C l ose extra t e rm i n a l w i n d ows.

[ student@serverx -]$ C t rl - c
-

176 R H 1 24- R H E L 7-en-1-20140606 -

-
K i l l i ng Processes

K i l l i n g P ro c esses

O bj ect ives
After c o m p l e t i n g t h i s s e c t i o n , students s h o u l d be a b l e to:

• Use c o m m a n d s to k i l l and c o m m u n i cate with p ro cesses.

Def i n e the c h a racterist ics of a d a e m on p ro cess.

E n d user sess i o n s and p rocesses.

P rocess co n t ro l u s i n g s i g n a l s
A s i g n a l is a software i n te r ru pt d e l i vered to a p rocess. S ig n a l s report events to a n executing
p rogram. Eve nts t h a t g e n erate a s i g n a l can b e an error, external event (e. g . , 1/0 req u est o r e x p i red
t i mer), o r by explicit request (e.g., use of a s i g n a l-sen d i n g command o r by keyboard sequence).

The fo l l owing t a b l e l i sts t h e f u n d a m e ntal s i g n a l s used by system a d m i n i st rators for rou t i n e


p rocess m a n a g e m e nt. R e f e r to s i g n a l s b y e i t h e r t h e i r s h o rt ( H UP) o r p r o p e r (SIGHUP) n a me.

Fundamental process management signals


Signal S h o rt
Definitio n P u r pose
n um b e r name

U s e d to re p o rt term i n a t i o n of t h e control l i ng
p ro cess o f a terminal. A l s o u s e d to request p rocess
1 HUP Hangup
rei n i t i a l i za t i o n (confi g u ra t i o n rel o a d ) without
ter m i na t i o n .

Keyboa rd C a uses p ro g ra m ter m i na t i o n . C a n be b l o c ked o r


2 I NT
i n terrupt h a n d led. Sent by ty p i n g I NTR c h a racter (Ct r l - c) .

S i m i l a r to SIGINT, but a l s o p rod uces a p rocess


3 QUIT Keyboard q u i t d u m p at term i n ation. Sent b y ty p i n g QUIT
c h a racter (Ct rl- \).

C a uses a b r u pt program term i n a t i o n . C a n not be


9 KILL K i l l, u n b lockable
b l o c ke d , i g n ored, o r h a n d led; a lways fat a l .

C a u ses p ro g ra m term i n a t i o n . U n l ike SIGKI L L , c a n


15
TERM Te r m i n a te be b l ocked, i g nored, or h a n d led. T h e p o lite way to
default
a s k a program to term i n ate; a l l ows self-c l ea n u p .

S e nt to a p ro cess t o res u m e if sto p p e d . C a n n ot


18 CONT Continue be b locked. Even if h a nd l e d , a lways res u mes t h e
p ro cess.

S u s p e n d s t h e p rocess. C a n not be b l ocked o r


19 STOP Stop, u n b lockable
h a n d l ed.

U n l i ke SIGSTOP, c a n be b locked, i g n o re d , o r
20 TSTP Key b o a rd stop
h a n d l ed . Sent by ty p i n g S U S P c h a racter (Ct r l - z).

R H1 24- R H E L7-e n-1-201 40606 177


-

C h a pte r 7. M o n itoring a n d M a n ag i n g L i n u x Processes


-

Note -

S i g n a l n u m b e rs vary o n d iffe rent L i n u x h a rdwa re p l atfo r m s , but s i g n a l n a mes a n d


mea n i n g s a re sta n d a rd i zed. For c o m m a n d u s e, it i s a d v i s e d t o u s e s i g n a l n a m e s i n stead
-
of n u m be rs. The n u m b e rs d i sc u ssed i n this sect i o n a re for I nt e l x86 systems.

E a c h s ig n a l h a s a default action, u s u a l l y o n e of t h e fo l l owi n g : -

Term - C a u s e a p ro g ra m to t e r m i n ate (ex it) a t o n ce.


Core - C a u se a p ro gr a m to save a m e m o ry i m a g e (core d u m p), then t e r m i nate.
-
Stop - Cause a p rog ra m to stop exec u t i n g (s u s p e n d ) and wait to cont i n u e ( res u m e).

P rog ra ms c a n b e prepa red for expected eve nt s i g n a l s by i m p l e m e n t i n g h a n d l e r rout i n es to


i g n o re, re p l a ce, o r ext e n d a s i g na l ' s defa u l t action. -

C o m m a n d s f o r s e n d i n g s i g n a l s by ex p l i c i t re q u e st
U s e rs sig n a l t h e i r c u rrent fore g ro u n d p rocess by ty p i n g a key b o a rd control seq u e n ce to s u s p e n d -

(Ct rl - z ) , k i l l (Ct rl - c ) , o r core d u m p (Ct rl - \) t h e p rocess. To s i g n a l a b a c kg rou n d p rocess o r


p rocesses i n a d iffe re nt session req u i res a s i g n a l-se n d i n g c o m m a n d .
-
S i g n a l s c a n be s p e c i f i e d e i t h e r b y n a m e (e.g., - H U P o r - SI G H U P ) o r by n u m be r (e.g., - 1) . U s e rs
may k i l l t h e i r own processes, but root p r i v i l eg e is req u i red to k i l l p rocesses owned by ot h e rs.
-
• The kill c o m m a n d s e n d s a s i g n a l to a p rocess by I D. Despite its n a m e, the k i l l com m a n d can
b e used for s e n d i n g any s i g n a l , not j u st those for t e r m i n a t i n g p ro g ra ms.

[student@serverx -]$ kill PID


-

[student@serverx -]$ kill - signal


[ student@serverx -]$ kill
PID

1 ) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP


-1

6) SIGABRT 7 ) SIGBUS 8) SIGFPE 9) SIG KILL 10 ) SIGUSR1


-

11) SIGSEGV 12) SIGUSR2 13 ) SIGPIPE 14) SIGALRM 15 ) SIGTERM


I 16 ) SIGSTKFLT 17 ) SIGCHLD 18 ) SIGCONT 19) SIGSTOP 20) SIGTSTP
l._ - - o u tp u t t runca ted - -
-

• U s e killall to s e n d a s i g n a l to o n e or more p rocesses m a tc h i n g s e l e c t i o n criteria, s u c h a s a -

c o m m a n d n a me, processes owned by a specific u s e r, or a l l syste m-wide processes.

r. [[student@serverX
student@serverx -]$ killall
-]$ killall
command_pa t tern
-

[ root@serverX -]# killall


- signal command_pa t tern
- signal - u username command_pa t tern
-

• T h e pkill co m m a n d , l i ke killall, c a n s i g n a l m u lt i p l e processes. pkill u ses a d va n ced


s e l ection criteria, which c a n i n c l u d e c o m b i n a t i o n s of:
-
Command - P rocesses w i t h a pattern-matched c o m m a n d n a me.
UID - Processes owned by a L i n u x user acco u nt , effective or rea l .
GID - Processes o wn ed b y a L i n u x g ro u p account, effective o r rea l . -
Parent - C h i l d processes o f a s pecific p a re n t p rocess.
Terminal - P rocesses r u n n i n g o n a s pecific c o n t ro l l i n g te r m i n a l .

[ student@serverX -]$ pkill command_pa t tern


-

[student@serverX -]$ pkill - signal command_pa t tern


[ root@serverX -]# pkill -G GID command_pa t tern -

-
178 RH124- R H E L 7-en-1-20140606

-
-
-
- [ root@serverx -]#
Log g i n g u s e rs out a d m i n istrative l y

- [ root@serverx -] #
pkill - P PPID command_pa t tern I
_J
pkill � ·
--t t e rmi na 1_ name - u�uzo comma nd p a t t e rn
_ _
_
_ ________
___________ _ _ _ ____ _____

- Logging users out administratively


The w c o m m a n d views u s e rs c u r r e n t l y l o g g e d i nto the syste m a n d t h e i r c u m u l at i ve activities. U s e

-
t h e TTY a n d FROM co l u m n s to dete r m i n e t h e u s e r ' s l o c a t i o n .

A l l u s e rs h a ve a c o n t ro l l i n g t e r m i n a l , l isted a s p t s /N w h i l e w o r k i n g i n a g ra p h i c a l e n v i ro n m e n t

-
w i n d o w (pseudo-terminal) or t t yN o n a syste m console, a l ternate c o n s o l e, o r o t h e r d i re ct l y
c o n n ected ter m i n a l device. R e m ote u s e rs d i s p l ay t h e i r c o n n e c t i n g syst e m n a m e i n t h e FROM
co l u m n w h e n u s i n g the - f o pt i o n .

- [student@serverx -]$ w -f
12 : 43 : 06 up 27 min, 5 users, load average : 0 . 03, 0 . 17,
USER TTY FROM LOGIN@ IDLE JCPU
0 . 66
PCPU WHAT
student : 0 :0 12 : 20 ?xdm? 1 : 10 0 . 16s gdm- session-wor
- student pts/0 : 0
root
bob
tty2
tty3
12 : 20 2 . 00s 0 . 08s
12 : 26 14 : 58 0 . 04s
12 : 28 14 : 42 0 . 02s
0 . 01s w -f
0 . 04s - bash
0 . 02s -bash
student pts/1 desktop2 . example . 12 : 41 1 : 07 0 . 03s 0 . 03s -bash
[student@serverx -]$
I'
.... I

-
L__

Discove r how l o n g a user has b e e n o n t h e system by v i ew i n g t h e sess i o n l o g i n t i me. Fo r each


sess i o n , C P U reso u rces cons u m ed by c u r re n t jobs, included backg ro u n d t a s ks a n d c h i l d re n , a re

-
i n t h e JCPU c o l u m n . C u r rent fore g r o u n d p rocess C P U co n s u m pt i o n is i n t h e PCPU col u m n .

Users m a y be forced off a system f o r secu rity v i o l a t i o n s , resou rce ove ra l l ocat i o n , o r other

-
a d m i n i st rative need. U se rs a re expected to q u it u n n ecessary a p p l i c a t i o n s , c l ose u n used
co m m a n d s h e l ls, a n d exit l o g i n sess i o n s w h e n req u ested.

-
When s i t u a t i o n s occ u r i n w h i c h u s e rs ca n n ot b e contacted o r have u n res pons i ve sess ions,
r u n a wa y res o u rce cons u m pt i o n , o r i m proper system access, t h e i r sess i o n s may need to be
a d m i n i s t ra t i ve ly ter mi n ated u s i n g s i g n a l s .

- ' Important

-
A l t h o u g h SIGTERM is t h e defa u lt s i g n a l , SIGKI L L is a com m o n l y m is used
a d m i n i s t rator favorite. S i n c e the SIGKI L L s i g n a l c a n n o t be h a n d l e d o r i g nored, it
i s a l ways fata l . H owever, it forces t e r m i n a t i o n without a l l ow i n g t h e k i l led p rocess to

-
r u n se l f-c l ea n u p rou t i n es . I t i s reco m m e n d ed to send SIGTERM fi rst, then ret ry w i t h
SIGKI L L o n l y i f a p rocess fa i l s to res p o n d .

- P rocesses a n d sess i o n s c a n b e i n d iv i d u a l l y o r c o l l ective l y s i g n a l ed . To t e r m i n ate a l l p rocesses f o r


o n e u s e r, use t h e pkill co m m a n d . Beca u s e t h e i n it i a l p rocess i n a l o g i n sess i o n (session leader)

-
is d e s i g n e d to h a n d l e session t e r m i n at i o n req u ests a n d i g n o re u n i n te n d e d keyb o a rd s i g n a l s,
k i l l i n g a l l of a u s e r ' s p rocesses a n d l o g i n s h e l l s req u i res u s i n g t h e SIGKI L L s i g n a l .

[ root@serverx -]# bob


6964 bash
pgrep -1 -u

6998 sleep
6999 sleep
7000 sleep
-

[ root@serverx -]# pkill - SIGKI L L - u bob


-

- R H124-R H E L 7-en-1 -20140606 179

-
-

C h a pter 7. M o n it o r i n g a n d M a n a g i n g L i n u x Processes

[ root@serverX -]# pgrep bob


-

[ root@serverx -]#
-1 -u

-
W h e n processes req u i ri n g atte n ti o n a re i n t h e s a m e l o g i n sess i o n , i t m a y n ot be necessary
to k i l l a l l of a user's p rocesses. Dete r m i n e t h e contro l l i n g term i n a l for t h e session using t h e w
co m m a n d , t h e n k i l l o n l y p rocesses w h i c h reference t h e s a m e term i n a l I D. U n l ess SIGKI L L is -
specified, t h e session leader ( h e re, t h e bash login s h e l l ) s u ccessf u l l y h a n d l e s a n d s u rvives t h e
t e r m i n a t i o n req u est. but a l l ot h e r session processes a re t e r m i nated.
-

[ root@serverx -]# pgrep bob


7391 bash
- 1 -u

7426 sleep
7427 sleep
-

7428 sleep
[ root@serverX -]# -h - u bob
bob tty3 18 : 37 5 : 04 0 . 03s 0 . 03s - bash
w

[ root@serverx -]# pkill -t tty3


-

[ root@serverX -]# pgrep - 1 - u bob


7391 bash
[ root@serverx -]# pkill - SIGKI L L -t tty3
-

[ root@serverX -]# pgrep - 1 - u bob


[ root@serverx -]# -

T h e s a m e s e l ective p rocess t e r m i n a t i o n c a n be a p p l ied u s i n g pa rent a n d c h i l d p rocess


re l a t i o n s h i ps. Use the p s t ree co m m a n d to view a p rocess t ree for the syst e m or a s i n g l e user. -
U s e t h e pa rent p rocess's P I D to k i l l a l l c h i l d re n t h ey have created. T h i s t i me, t h e parent bash
login s he l l s u rvives because t h e s ig n a l is d i rected only at its c h i l d p rocesses.

[ root@serverx -]# pstree -p bob


-

bash(8391)-r-sleep( 8425 )
�sleep ( 8426 )
Lsleep ( 8427 )
[ root@serverx -]# pkill - P 8391
-

[ root@serverx -]# pgrep -1 -u bob


bash(8391)
[ root@serverx -]# pkill - SIGKI L L - P 8391
-

[ root@serverx -]# pgrep -1 - u bob


bash(8391)
[ root@serverx -]# -

References
I: R
L_j
info libc signal (GNU C Library Reference Manual)
• S e c t i o n 24: S i g n a l H a n d l i n g -

i n f o libc processes (GNU C Library Reference Manual)


• S e ct i o n 26: Processes -

kill(1 ) , killall(1 ) , pg rep(1 ) , p kill(1 ), p s t r ee(1), signal(7 ) , a n d w(1 ) man pages


-

180 R H 1 24- R H E L7 -en-1 -2 01 4 0 6 0 6 -

-
-

Practice: K i l l i n g Processes
-

P ra ct i ce: K i l l i n g P rocesses
-

-
Guided exercise
I n t h i s l a b, st u d e nts w i l l u se key board seq u e n ces a n d s i g n a l s to m a n a g e a n d stop p rocesses.
-
Outcomes:
Experience with observi n g the res u lts of sta rt i n g and sto p p i n g m u l t i p l e s h e l l p rocesses.
-
Before you begin ...
Log i n a s student to serverX. Start i n yo u r home d i recto ry.
-
0 1. O p e n t w o term i n a l w i n d ows, s i d e by s i d e, to b e refe rred t o a s left a n d right.

0 2. I n t h e l eft w i n d ow, start t h re e processes t h a t append text to a n output fi l e a t o n e-second


-
i nterva l s. To properly backgro u n d e a c h p rocess, the com p l ete c o m m a n d set m u st be

[student@serverx -]$ (while true; do echo -n 11game 1 1 -/outfile ; sleep 1; done) I


conta i n e d in pa rentheses and e n d e d with an a m p e rs a n d .

I
-

[student@serverX -]$ (while true; do echo -n "set >> -/outfile; sleep 1; done)
»

&

[student@serverX -]$ (while true; do echo -n "match " > > -/outfile; sleep 1;
"

- &

done) &
-
0 3. In t h e right w i n d ow, u s e t ail to c o n f i r m that a l l t h ree processes a re a p p e n d i n g to the
f i l e. In t h e l eft w i n d ow, view j obs to see a l l t h ree p rocesses " R u n n i n g " .
-

[student@serverx -]$ tail -f -/outfile


[student@serverx -]$ jobs
[1] Running ( while true ; do
echo -n "game " -/outfile ; sleep 1;
-

done ) &
[2] - Running ( while true; do
>>

echo -n "set " -/outfile ; sleep 1 ;


done ) &
-

( while true ; do
>>

[3]+ Running
echo -n "match " -/outfile ; sleep 1;
done ) &
- >>

- 0 4. S u s p e n d t h e " g a m e " p rocess u s i n g s i g n a l s . Confirm t h a t t h e " g a m e " p rocess is


" Stopped " . In t h e right w i n d ow, confirm t h a t " g a m e " output i s n o longer active.

[ student@serverx -]$ kill


[student@serverx -]$ jobs
-
-SIGSTOP %number

-
0 5. Te r m i n ate t h e "set" p rocess u s i n g s i g n a l s. C o n f i r m t h a t the "set" p rocess h a s
d i s a p pea red . I n t h e right w i n d ow, confi r m t h a t " s e t " o u t p u t is n o l o n g e r a ct i ve.

[ student@serverx -]$ kill


-

[student@serverx -]$ jobs


- SIGTERM %number

- R H 1 24- R H E L 7-en-1-20140606 1 81

-
-

C h a pter 7. M o n it o r i n g a n d M a n a g i n g L i n u x P rocesses

-
D 6. Res u m e the " g a m e " p rocess u s i n g s i g n a l s. Confirm that the " g a m e " p rocess i s " R u n n i ng " .
I n t h e r i g h t w i n d ow, confirm t h a t " g a m e " o u t p u t is a g a i n active.

[student@serverX -]$ kill


[student@serverx -]$ jobs
-
- SIGCONT %number

D 7. Te r m i n ate t h e re m a i n i n g two jobs. Confirm t h a t n o j o b s re m a i n a n d t h a t o u t p u t h a s


sto pped. From t h e l eft w i n d ow, term i n ate t h e r i g h t w i n d ow ' s t ail co m m a n d .
-

C l ose extra term i n a l w i n d ows.

[ student@serverx -]$ kill - S I GTERM %number


[ student@serverX -]$ kill - SIGTERM %number
-

[student@serverx -]$ jobs


[ student@serverx -]$ pkill - SIGTERM t ail
[ student@serverx -]$ -

182 R H 1 24- R H E L 7 - e n -1 -20140606


-

-
-

M o n itor i n g Process Activity


-

M o n ito ri n g P rocess Act ivity


-

-
Objectives
Afte r c o m p l e t i n g t h i s section, st u d e nts s h o u l d be a b l e to:

- • I nt e r p ret u pt i m e and load avera g es.

• M o n itor rea l -t i m e p rocesses.


-

Load average
The L i n u x k e r n e l ca l c u l ates a load average metric as a n exponential moving average of t h e load
-
number, a c u m u l at i ve C P U co un t of a ct ive system reso u rce req u ests.

• Active requests a re cou nted from pe r-C P U q u e u e s for r u n n i n g t h re a d s and t h reads wa it i n g for
-
1/0, a s t h e ke r n e l t ra c ks process resou rce activity and corres po n d i n g p rocess state c h a nges.

• Load number i s a ca l c u l at i o n ro u t i n e r u n every five seco n d s by defa u lt. w h i c h a cc u m u l ates a n d


-
avera g e s t h e active req u ests i n t o a s i n g l e n u m be r f o r a l l C P U s.

• Exponential moving average is a m a t h e matica l form u l a to s m ooth out t re n d i n g data h i g h s a n d


-
lows, i n c rease c u rrent activity s i g n ifica n ce, a n d decrease a g i n g data q u a l ity.

• Load average is t h e l o a d n u m be r c a l c u l at i o n rout i n e res u l t. Co l l ective l y, it refers to t h e t h ree


- d i s p l ayed va l ues of system activity data avera g e d for t h e l a st 1 , 5, and 1 5 m i n utes.

U n d e rsta n d i n g t h e L i n u x l o a d a v e ra g e ca l c u l a t i o n
- The l o a d average represents t h e pe rceived syste m load ove r a t i m e p e r i o d . Linux i m p l e m ents the
l o a d avera g e ca l c u l a t i o n a s a re p resentation of expected service wait t i m es, not only for C P U b u t
a l so for d i s k a n d network 1/0.
-

• L i n u x cou nts not o n l y p rocesses, b u t t h re a d s i n d ivid u a l l y, as sepa rate tasks. C P U req u est
q u e u e s for r u n n i n g t h reads (nr_running) a n d t h reads wait i n g for 1/0 resources (nr_iowait)
- rea s o n a b l y corres p o n d to process states R (Running) a n d D (Uninterruptable Sleeping). Wa i t i n g
fo r 1/0 i n c l udes t a s k s s l ee p i n g for expected d i s k a n d network res p o n ses.

- • The load n u m b e r is a g l o b a l c o u n t e r ca l c u l at i o n , w h i c h is s u m-tota l e d for a l l C P U s . S i nce t a s k s


ret u r n i n g f r o m s l ee p may resc h e d u l e to d iffe rent C P U s , a c c u rate per-C P U counts a re diff i c u lt.
but a n a c c u rate c u m u l ative c o u n t i s ass u red. D i s p l ayed l o a d avera g e s re present a l l C P U s.
-

• L i n u x cou nts each phys i c a l C P U core a n d m i c ro p rocessor hypert h read as separate exec u t i o n
u n its, l o g ica l ly represented a n d referred to a s i n d iv i d u a l C P U s . E a c h C P U has i n d e p e n d e n t
- req u est q u e ues. V i e w /p r o c / c p u info for t h e kern e l representat i o n of system C P U s.

[ student@serverX -]$ grep "model name" /proc/cpuinfo


model name Intel(R) Core(TM ) i5 CPU M 520 @ 2 . 40GHz
model name : Intel ( R ) Core(TM ) i5 CPU M 520 @ 2 . 40GHz
model name : Intel ( R ) Core(TM ) i5 CPU M 520 @ 2 . 40GHz
-

model name : Intel(R) Core(TM ) i5 CPU M 520 @ 2 . 40GHz


[student@serverX -]$ grep "model name" /proc/cpuinfo I
4
- we -1

- R H 1 24- R H E L 7-en-1-20140606 183

-
-

C h a pte r 7. M o n it o r i n g a n d M a na g i n g L i n u x Processes
-

• Some U N I X syste m s o n l y c o n s i d e re d CPU u t i l ization or run q u e u e l e n g t h to i n d icate system


l o a d . S i nce a system with i d l e C P U s can experience exte n s i ve wa i t i n g due to busy d i s k o r
-
n etwo r k resou rces, 1/0 c o n s i d e rat i o n is i n c l u d e d i n t h e L i n u x l o a d average. W h e n expe r i e n c i n g
h i g h l o a d avera g es with m i n i m a l C P U activity, exa m i n e t h e d i s k a n d network activity.
-
I nt e r pret i n g d i s p l ayed l o a d avera g e va l u e s
T h e t h ree va l u es represent the weighted va l u es over t h e l a st 1 , 5, and 15 m i n utes. A q u i c k
g l a n ce c a n i n d icate w h e t h e r syst e m l o a d a p p e a rs to be i n c rea s i n g o r d e c rea s i n g . C a l c u late t h e
-
a p p roximate per-CPU load va l u e to d ete r m i n e w h e t h e r t h e syste m is e x p e r i e n c i n g s i g n ificant
wa i t i n g .
-

--
� � :�dent@serverx -]$ uptime
• top, u p t ime, w , a n d gnome - sy s t em - moni t o r d i s p lay l oa d ave ra g e va l u es.

� 29 : 03 up 14 min, 2 users, load average : 2 . 92, 4 . 48, 5 . 20


-

• D i v i d e t h e d i s p l ayed load avera g e va l u es by t h e n u m be r of l o g ica l C P U s i n t h e system. A va l u e -

b e l ow 1 i n d icates satisfactory resou rce u t i l i z a t i o n a n d m i n i m a l wait t i m es. A va l u e a bove 1


i n d icates reso u rce sat u ra t i o n a n d s o m e a m o u nt of service wa it i n g t i m es.

# From /proc/cpuinfo, system has four logical CPUs, so divide by 4 :


-

# load average : 2 . 92, 4 . 48, 5 . 20


# divide by number of logical CPUs : 4 4 4
#
# per -CPU load average : 0 . 73 1 . 12 1 . 30
-

#
# This system ' s load average appears to be decreasing .
# With a load average of 2 . 92 on four CPUs, all CPUs were in use -73% of the time .
-

# During the last 5 minutes, the system was overloaded by -12%.


I # During the last 15 minutes, the system was overloaded by -30%. -
L__ _

• A n i d l e C P U q ue u e has a l o a d n u m be r of 0. E a c h rea d y a n d wa i t i n g t h read a d d s a count of 1.


W i t h a tota l q u e u e co u n t of 1 , t h e resou rce (C P U , d i s k , o r n etwork) is i n use, but n o req u ests -

s p e n d t i m e wa i t i n g . Additi o n a l req u ests i n c re m e n t the c o u n t . but si nce m a ny req u ests ca n be


p rocessed w i t h i n the t i m e period, resou rce utilization i n c re a ses, but not wait times.
-

• Processes s l ee p i n g for 1/0 d u e to a b u sy d i s k or network resou rce a re i n c l u d e d in t h e cou nt


and i n c rease the l oa d average. W h i l e n ot an i n d ication of C P U u t i l i z a t i o n , the q u e u e c o u n t sti l l
i n d icates t h a t users a n d prog ra m s a re wa it i n g for resou rce services. -

• U n t i l resou rce satu rat i o n , a l o a d average wi l l re m a i n below 1 , s i n c e tasks w i l l seldom be fo u n d


wa i t i n g i n q u e u e. L o a d avera g e o n l y i n c reases w h e n res o u rce s a t u ra t i o n c a u ses req u ests -

to rem a i n q u e ued and cou nted by the load c a l c u l at i o n ro u t i n e. When resou rce u t i l ization
a p p roaches 1 00%, each a d d iti o n a l req uest starts experie n c i n g service wait t i me.
-

Real -time process monitoring


T h e top p ro g ra m is a d y n a m ic view of t h e syste m ' s p rocesses, d is p l a y i n g a s u m m a ry h e a d e r
-
fo l l owed by a p rocess o r t h read l ist s i m i l a r to p s i n fo r m a t i o n . U n l ike t h e s t a t i c ps o u t p u t .
t o p cont i n u o u s l y refres hes a t a confi g u ra b l e i nterva l , a n d p rovides capa b i l ities f o r co l u m n
reo rd e r i n g , sort i n g , a n d h i g h l i g h t i n g . U s e r confi g u ra t i o n s c a n b e saved a n d m a d e persistent.
-

Defa u l t output c o l u m n s a re recog n i za b l e from ot h e r reso u rce t o o l s :


• T h e process I D (PID).
-

1 84 R H 1 24- R H E L7-en-1-20140606 -

-
-

Rea l - t i m e p rocess m o n it o r i n g
-

• U s e r n a m e (USER) is t h e process o w n e r.

- • Virtu a l m e m o ry (VI RT) is a l l m e m o ry t h e p rocess is u s i n g , i n c l u d i n g t h e res i d e n t set. s h a red


l i b ra ries, a n d a ny m a pped o r swa pped m e m o ry pages. ( L a b e l e d vsz in the ps c o m m a nd.)

- • Res iden t m e m o ry (RES) is t h e physica l m e m o ry used by t h e p rocess, i n c l u d i n g a ny res ident


sha red o bj e cts. ( L a b e l e d RSS i n t h e ps co m m a n d . )

- • Process state ( S ) d i s p l ays a s :

• D = U n i nt e r r u pta b l e S l e e p i n g
-
• R = R u n n i ng o r R u n na b l e

· S = S l ee p i n g
-

• T = Stopped o r Tra ced

- · z = Zo m bie

• C P U time (TIME) is t h e tota l p roces s i n g time s i nce t h e p rocess sta rted. May b e tog g l ed to
- i n c l u d e c u m u l ative t i m e of a l l prev i o u s c h i l d re n .

• T h e p rocess co m m a n d n a m e (COMMAN D).


-
Fu ndamental keystrokes in top

Key P u rpose
- ? or h H e l p for i nteractive keyst rokes.
1, t, m Tog g l e s for l o a d , t h reads, a n d m e m o ry h e a d e r l i nes.

- 1 Tog g l e s h o w i n g i n d iv i d u a l C P U s o r a s u m m a ry fo r a l l C P U s i n h e a d e r.
5 (1)
C h a n g e the refresh (sc reen) rate, i n deci m a l seco n d s (e. g . , 0.5, 1, 5).

-
b Tog g l e reverse h i g h l i g ht i n g for Running p rocesses; defa u lt i s b o l d o n l y.
B E n a b l e s use of b o l d in d i s p l a y, i n t h e h e a d e r, a n d fo r Running p rocesses.
H Tog g l e t h rea ds ; s h ow process s u m m a ry o r i n d ivid u a l t h reads.
-

u, U F i l t e r for any u s e r n a m e (effect ive, rea l ) .


M Sorts p rocess l i s t i n g by m e m ory u s a g e, i n desce n d i n g order.
-

p S o rts p rocess l i s t i n g by p rocesso r u t i l i z a t i o n , in desce n d i n g o rd e r.


k (1) K i l l a p rocess. W h e n prompted, enter PI O, t h e n signal.
-
r <1> R e n i c e a p rocess. W h e n p ro m pted, enter P I O , t h e n nice_value.
w Write (save) t h e c u rrent d i s p l ay config u ra t i o n fo r use at t h e next t o p restart.
-
q Q u it.
N ote: m N o t avai l a b l e if top started i n sec u re m o d e. See top(1).
-

- R H 1 24- R H E L 7-en-1 -20140606 185

-
-

C h a pte r 7. M o n it o r i n g a n d M a n ag i n g L i n u x Processes
-

' I

:;, R i References -
L_J
G N O M E System M o n it o r
yelp help : gnome - system - monit o r
-

ps(1 ) , t o p (1 ) , u p t ime(1 ) , a n d w(1) m a n pages

186 R H 1 24- R H EL 7 - e n -1 -20140606

-
-

P ract ice: M o n ito r i n g P rocess Activity


-

P ra c t i ce: M o n it o r i n g P rocess Act ivity


-

-
Guide d exercise
I n t h i s l a b, students w i l l use t h e t o p com m a n d to dyn a m i ca l l y view, sort, a n d stop p rocesses.

- Outcomes
Practice w i t h m a n a g i n g p rocesses i n rea l t i m e.

- Before you begin ...


Perfo r m the fo l l ow i n g tasks a s s t u d e n t o n the serverX m a c h i ne. Run lab process101 s e t u p
o n serverX t o prepa re f o r t h i s exercise.

[ student@serverx -]$ lab process101 setup


-

-
D 1. Open two ter m i n a l w i n d ows, side by s i d e, to b e refe rred to a s left a n d right. In the r i g h t
ter m i n a l , r u n t h e t o p u t i l ity. S i ze t h e w i n d ow to be a s ta l l a s poss i b l e.

I [ student@serverx -]$ top


-

'
� - -- - �------�-�--�

- D 2. I n t h e left te r m i n a l , d ete r m i n e t h e n u m be r o f l o g ica l C P U s o n t h i s v i rt u a l m a c h i ne.

i [ student@serverX -] $ grep "model name" /proc/cpuinfo I


- ---- - -
r ·
we -1
-
ii 1

II [ student@serverx -]$ process101


D 3. I n the left term i n a l , r u n a s i n g l e i n st a n ce of the p roce ss101 executa b l e.
-

D 4. I n t h e rig ht te r m i n a l , obse rve t h e t o p d i s p l ay. U s e t h e s i n g l e keyst rokes 1, t , a n d m to


tog g l e the l o a d , t h reads, a n d m e m o ry header l i nes. After observing this b e h a v i o r, e n s u re
-
t h a t a l l headers a re d i s p l a y i n g .

D 5. N ote the process I D ( P I D) for p roces s 101. View t h e C P U p e rcentage for t h e process,
- w h i c h is expected to hover a r o u n d 25% o r 30%.

View t h e load averages. On a s i n g l e- C P U v i rt u a l m a c h i ne, for exa m p l e, the o n e- m i n ute


- load avera g e is c u r re n t l y less than a va l u e of 1 . The va l u e o b s e rved may be a ffected by
reso u rce conte n ti o n fro m a n other virtu a l m a c h i n e o r t h e v i r t u a l h ost.

i [student@serverx -]$ process101


-
D 6. I n the l eft te r m i n a l , r u n a second i n stance of p r o c e s s 101.

- L- -----------�---�--�

D 7. I n top, n ote t h e p rocess I D ( P I D) for t h e second p ro c e s s 1 0 1. View t h e C P U p e rce n t a g e


for t h e process, a l so e x p e c t e d to h o v e r a r o u n d 25% o r 30%.
-

View t h e o n e- m i n ute l o a d average again, w h i c h m a y sti l l be l ess than 1 . Wa it u p to one


m i n ute to a l low t h e ca l c u l a t i o n to adjust to t h e new w o r k l o a d .
-

- R H1 24- R H E L 7-en-1-20140606 1 87

-
C h a pte r 7. M o nitoring a n d M a n a g i n g L i n u x Processes

I [ student@serverX -]$
D 8. In t h e l eft te r m i n a l , r u n a t h i rd i n stance of p rocess101.
f
-
process10 1
i

D 9. I n t o p , note t h e process I D ( P I D) for t h e t h i rd p ro ce ss101. View t h e C P U percentage for


the p rocess, again expected to hover a ro u n d 25% o r 30%.

V i ew t h e one- m i n ute l o a d ave ra g e a g a i n , which now i s expected to be a b ove 1 . Wa it u p to


one m i n ute to a l low the ca l c u l at i o n to a g a i n a dj u st to the new w o r k l o a d .

D 1 0. Optional: I f t h i s v i rt u a l m a c h i n e h a s m o re t h a n o n e l og i c a l C P U , s l ow l y start a d d i t i o n a l
p ro c e s s 101 i n sta n ces u n t i l t h e one-m i n ute load ave ra g e e q u a l s o r exceeds t h e n u m be r
o f l o g i c a l C P U s. D i v i d e t h e l o a d average va l u e b y t h e n u m be r o f C P U s to dete r m i n e t h e
est i m ated l o a d avera g e p e r C PU .

D 11. W h e n f i n ished observ i n g t h e l o a d avera g e va l u es, t e r m i nate each of t h e process101


processes from w i t h i n top.
-

D 1 1 .1 . P ress k . Observe t h e p r o m pt b e l ow t h e h e a d e rs a n d a bove t h e co l u m ns .

D 11.2. Type t h e P I D for o n e of t h e process101 i n sta n ces. P r e s s E n t e r . -

D 11 .3. P ress E n t e r a g a i n to u s e t h e defa u l t SIGTERM s i g n a l 15.


-
Confi r m that t h e s e l ected p rocess i s no l o n g e r obse rved i n top. I f the PIO sti l l re m a i ns,
repeat t h ese term i n a t i n g steps, s u bst i t u t i n g SIGKI L L s i g n a l 9 when prompted.
-
D 12. Repeat t h e p rev i o u s step fo r each rem a i n i n g p ro ce ss101 i nsta n ce. Confi r m that n o
p ro c e s s 101 i n st a n ces re m a i n i n t o p .

-
D 13. In t h e r i g h t w i n d ow, p ress q to exit top. C l ose extra t e r m i n a l w i n d ows.

188 R H 1 24- R H E L7-en-1-20140606 -

-
-

L a b : M o n itoring a n d M a n a g i n g L i n u x Processes
-

La b: M o n it o r i n g a n d M a n a g i n g L i n u x P rocesses
-

Performance checklist
I n t h i s l a b, students w i l l l ocate a n d m a n a g e p rocesses t h a t a re u s i n g t h e most resou rces on a
syste m .
-

Outcomes
E x p e r i e n c e u s i n g top a s a p rocess m a n a g e m e nt too l .
-

Before you begin ...


Perfo r m the fo l l o w i n g t a s ks a s s t ud e n t o n the serverX m a c h i ne. Run lab p rocesses s e t u p
-
a s r o o t o n s e rverX to prepa re fo r t h is exe rcise.

-
I! [student@serverX -]$ lab processes setup
1. In a te r m i n a l w i n d ow, ru n t h e t o p u t i l ity. S i z e t h e w i ndow to be a s ta l l as poss i b l e.
-

2. Obse rve t h e t o p d i s p l ay. T h e defa u l t d i s p l a y sorts by C P U ut i l i z a t i o n , h i g h est fi rst. W h a t a re


t h e p rocesses u s i n g t h e most C P U t i m e?
-
3. C h a n g e the d i s p l a y to sort by the a m o u nt of m e m o ry in use by each p rocess.

4. W h a t a re the p rocesses w i t h the l a rgest m e m ory a l l ocat ions?


-

5. Tu r n off the u s e of bold i n the d i s p lay. S a ve t h i s confi g u ration for reuse w h e n top is
resta rted.
-

6. Exit t op, then rest a rt it a g a i n . Confirm that t h e n ew d i s p l ay uses the saved confi g u ration;
i.e., t h e d i s p l ay sta rts sorted by m e m o ry u t i l i z a t i o n a n d bold i s turned off.
-

7. M o d ify t h e d is p l a y to aga i n sort by C P U u t i l i z a t i o n . Tu rn o n t h e use of b o l d . O bse rve t h a t


o n l y Running o r Runnable (state R ) p r o c e s s entries a re b o l d . S a v e t h i s conf i g u ra t i o n .
-

8. Open a n oth e r t e r m i n a l w i n dow if necessa ry. A s roo t , s u s p e n d the hippo p rocess. In top,
obse rve that the p rocess state i s now T.
-
9. The hippo p rocess q u i c k l y d i s a p pears from the d i s p l ay, since it i s no l o n g e r actively u s i n g
C P U res o u rces. L i st t h e p rocess i n fo r m a t i o n f r o m t h e comma n d l i n e to confi r m t h e p rocess
- state.

1 0. Res u m e exe c u t i o n of t h e hippo processes.


-
11. When f i n i s h e d observi n g the d i s p l ay, t e r m i nate the extra p rocesses u s i n g the co m ma n d l i n e.
Confi r m t h a t t h e p rocesses n o l o n g e r d i s p l a y i n t o p.

-
12. C h e c k t h a t t h e c l e a n u p is s u ccessfu l by r u n n i n g t h e g ra d i n g s c r i pt. I f necessa ry, f i n d a n d
t e r m i nate p rocesses l isted by t h e g ra d i n g s c r i pt, a n d repeat g ra d i n g .

- 13. Exit t h e t o p d i s p l ay. C l o s e ext ra term i n a l w i n d ows.

- R H 1 24- R H E L 7-e n-1-20140606 189

-
-

C h a pter 7. M o n it o r i n g a n d M a n a g i n g L i n u x Processes

Solution
I n t h i s l a b, s tu de nts w i l l l ocate a n d m a n a g e processes t h a t a re u s i n g t h e most resou rces on a
system.

Outcomes -

E x p e r i e n ce u s i n g top a s a p rocess m a n a g e m e n t too l .

Before you begin ... -

Perform t h e fo l l ow i n g tasks a s student o n t h e serverX m a c h i ne. R u n lab p rocesses s e t u p


a s r o o t o n serverX to p r e p a re f o r t h i s exercise.

[student@serverX ] $ la b
r-- · . . . · ... .. .. .
..
-

! - processes s e t u p

1. In a term i n a l w i n d ow, run the t o p u t i l ity. S i z e t h e w i n d ow to be a s ta l l a s poss i b l e.

[student@serverX -]$ top


top - 12 : 47 : 46 up 2 : 82, 3 users, load average : 1 . 67, 1 . 25, 8 . 73
Tasks : 361 total, 6 running, 355 sleeping, 8 stopped, 8 zombie
%Cpu ( s ) : 98 . 5 us, 1 . 4 sy, 8 . 8 ni, 8 . 8 id, 8 . 8 wa, 8 . 8 hi, 8 . 1 si, 8 . 8 st
KiB Mem : 2843424 total, 897112 used, 1146312 free, 1748 buffers
KiB Swap : 4879612 total, 8 used, 4879612 free . 296276 cached Me
PIO USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
4819 root 28 8 4156 76 8 R 57 . 5 8 . 8 2 : 54 . 15 hippo
2492 student 28 8 1359588 168428 37492 s 16 . 8 8 . 2 3 : 55 . 58 gnome- shell
1938 root 28 8 189648 35972 7568 R 1 . 9 1 . 8 8 : 29 . 66 Xorg
2761 student 28 8 628192 19688 12296 s 8 . 4 1 . 8 8 : 84 . 48 gnome- termi+ :
.
-
o u t p u t t runca t e d

2. O bse rve t h e t o p d i s p l ay. The defa u lt d i s p l a y sorts by C P U u t i l ization, h i g hest f i rst. W h a t a re


t h e processes u s i n g t h e most C P U t i m e?

I n a d d i t i o n to t h e defa u lt G N O M E s h e l l , f i n d t h e p rocess n a med hippo. -

3. C h a n g e the d i s p l a y to sort by the a m o u nt of m e m o ry in use by each process.

P ress M.

top - 12 : 57 : 38 up 2 : 11, 3 users, load average : 2 . 89, 1 . 78, 1. 19


:--

Tasks : 368 total, 5 running, 355 sleeping, 8 stopped, 8 zombie


%Cpu ( s ) : 99 . 8 us, 8 . 2 sy, 8 . 8 ni, 8 . 8 id, 8 . 8 wa, 8 . 8 hi, 8 . 8 si, 8 . 8 st
-

KiB Mem : 2843424 total, 896952 used, 1146472 free, 1748 buffers
KiB Swap : 4879612 total, 8 used, 4879612 free . 296288 cached Mem
PIO USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
-

2492 student 28 8 1359588 168428 37492 s 8 . 5 8 . 2 4 : 81 . 84 gnome- shell


4813 root 28 8 55368 51288 152 s 8 . 8 2 . 5 8 : 88 . 43 elephant
1938 root 28 8 189648 35972 7568 R 8 . 2 1 . 8 8 : 38 . 49 Xorg
2576 student 28 8 533752 33684 27784 S 8 . 1 1 . 6 8 : 89 . 29 vmtoolsd
2428 student 28 8 916268 25616 14484 s 8 . 8 1 . 3 8 : 88 . 61 gnome- setti+
2558 student 28 8 1848284 23136 16868 S 8 . 8 1 . 1 8 : 88 . 46 nautilus
ou tpu t t runca t e d

-
4. What a re t h e processes with t h e l a rg est m e m o r y a l l oc a t i o n s?

I n a d d i t i o n to t h e defa u lt G N O M E s h e l l a n d Xo r g , f i n d a p rocess n a m e d elephan t .


-

190 RH124- R H E L7 - e n -1-20140606 -

-
-

Sol ution
-

5. Tu r n o f f t h e use of b o l d i n t h e d i s p l ay. S a v e t h i s confi g u ra t i o n for re use w h e n t o p is


resta rted.
-

Press the s i n g l e u p p e rcase keyst roke B to tog g l e bold u s e off.


P ress t h e s i n g l e u p p e rcase keyst roke W to save t h i s confi g u ra t i o n . The defa u l t config u ra t i o n
fi l e i s . t o p r c i n t h e c u rrent u s e r ' s h o m e d i recto ry.

6. Exit top, t h e n resta rt it a g a i n . Confirm t h a t the new d i s p l ay uses the saved confi g u ra t i o n ;
- i . e . , t h e d i s p l a y s t a r t s s o r t e d by m e m o ry u t i l ization a n d b o l d i s t u rned off.

I [student@serverx -]$ to;


Press q to q u i t t h e c u r rent d i s p l a y, t h e n r u n top a g a i n .
-

I
-
7. M o d ify t h e d i s p l ay to a g a i n sort by C P U u t i l ization. Tu r n o n t h e use of b o l d . O b s e rve t h a t
o n l y Running o r Runnable (state R) p rocess e n t r i e s a re b o l d . S a v e t h i s config u ra t i o n .
-
P ress t h e s i n g l e u p p e rcase keyst roke P to s o r t b y C P U u t i l izat i o n .
Press t h e s i n g l e u p p e rcase keystroke B to tog g l e b o l d u s e on.
Press t h e single u p p e rcase keyst roke W to save t h i s confi g u ra t i o n .
-

8. O p e n a n ot h e r te r m i n a l w i ndow i f necessa ry. As root , s u s pe n d t h e h i p p o p rocess. I n t o p ,


obse rve that t h e p rocess s t a t e i s n o w T .

[student@serverx -]$ su -
-

Password : redhat
i
-
I: [ root@serverX -]# pkill - SIGSTOP hippo
9. The hippo p rocess q u ic k l y d i s a p pea rs from the d i s p l ay, s i n ce it is n o l o n g e r act ive l y u s i n g
-
C P U resou rces. L i st t h e process i nfo r m a t i o n f r o m t h e c o m m a n d l i n e to confi r m t h e process
state.

I [ root@serverx -]# ps $( pgrep hippo)


-

-f
i

-
1 0. R e s u m e execution of t h e hippo p rocesses.

-
[ root@serverx -]# pkill - SIGCONT hippo
11. W h e n f i n i shed o bs er vi n g t h e d i s p l ay, t e r m i nate t h e e x t r a processes u s i n g t h e co m m a n d l i n e.
- Confirm that t h e processes n o l o n g e r d i s p l a y i n t o p.

[ r oo t @s er v e r x - ] # p kill e 1 ep h a n t
[ root@serverX -]# pkill hippo ����������������.JI
· ---___-___________�--____����
- _

12. C h e c k that t h e c l e a n u p i s s u ccessfu l by r u n n i n g t h e g ra d i n g s c r i pt. I f necessa ry, f i n d a n d


-

I [ root@serverX -] # lab processes grade


te r m i nate p rocesses l i sted by t h e g ra d i n g scri pt, a n d r e p e a t g r a d i n g .

13. E x i t t h e t o p d i s p l ay. C l ose extra term i n a l w i n d ows.


-

- R H 1 24- R H E L 7-en-1-20140606 1 91

-
-

C h a pter 7. M o n itoring a n d M a n a g i n g L i n u x Processes


-

P ress q to q u it .

192 R H 1 24- R H E L7-e n -1-20140606 -

-
-

Solution
-

S u m m a ry
-

Processes
Define process compone nts and i n t e r p ret p rocess viewing co m m a n d s .

C o n t ro l l i n g J o b s
Practice exte n d e d p rocess m a n a g e m e n t tec h n i q u es, i n c l u d i n g sta rti n g , s u s p e n d i n g , a n d
c o n n e ct i n g to m u l t i p l e c o n c u rre n t tas ks.

K i l l i n g P rocesses
- Use si g n a l s to stop, sta rt, and re l o a d p rocesses and p rocess config u ra t i o n s .

M o n it o r i n g P rocess Activity
M a n a g e syst e m wo r k l oa d by uti l i z i n g load averages a n d p rocess statistics.

- R H 1 24- R H E L 7-en-1-20140606 193

-
-

-
'

-
1 94

-
I