Linux Basics: Difference between revisions
→List of System Calls
| (26 intermediate revisions by the same user not shown) | |||
Line 21:
*Searches, loads, and executes the boot loader program.
*It looks for boot loader in floppy, cd-rom, or hard drive.
*You can press a key (typically
*Once the boot loader program is detected and loaded into the memory, BIOS gives the control to it.
*In simple terms BIOS loads and executes the MBR boot loader.
Line 56:
</pre>
*As you notice from the above info, it contains kernel and initrd image.
*Linux initial RAM disk (initrd) is a temporary root file system that is mounted during system boot to support the two-state boot process.
*Initrd contains various executables and drivers that permit the real root file system to be mounted.
*So, in simple terms GRUB just loads and executes Kernel and initrd images.
Line 129 ⟶ 131:
*Contain host-specific files and directories, e.g. information about system and application configuration files like startup, shutdown, start, stop script for every individual program.
*
;/home – Home Directory
Line 144 ⟶ 146:
;/lost+found – Recovering Files
*Every Linux file system and partitions has a lost+found in it’s directory.
*In the
;/media – Removable Media Devices
Line 179 ⟶ 180:
*Selinux comes with RedHat based distro (fedora, centos), selinux is a security architecture integrated into the 2.6.x kernel using the Linux Security Modules (LSM).
*It is used to enforce the resource policies that define what level of access users, programs, and services have on a system.
;/srv – Service Data
Line 201 ⟶ 202:
*Pronounced as ‘user’, /usr contains the majority of user utilities, programs, libraries, documentation etc for all user-related second level programs rather than applications and files used by the system.
*Some user programs are stored here like telnet, ftp, etc.
*/usr is shareable between various FHS-compliant hosts but can not be written to.
;/var – Variable Files
Line 434 ⟶ 436:
df -i /dev/vda1 ==> Inodes on Filesystem
ls -il myfile.txt ==> Show inode no of file
find /home/
stat unetbootin.bin ==> Show all details of file
stat --format=%i unetbootin.bin ==> Shows only inode no
Line 453 ⟶ 455:
There is no option to increase/decrease inodes on disk.
Its only created during the creation of filesystem on any disk.
= File Descriptor =
* A FD or fildes is an abstract indicator (handle) used to access a file or other input/output resource, such as a pipe or network socket.
* File descriptors form part of the POSIX application programming interface.
* Each Unix process (except perhaps a daemon) should have three standard POSIX file descriptors corresponding to the three standard streams:
<pre>
Int value Name symbolic constant file stream
0 Standard input STDIN_FILENO stdin
1 Standard output STDOUT_FILENO stdout
2 Standard error STDERR_FILENO stderr
</pre>
*Example
<pre>
root@myserver:/proc/28994/fd# ls -lh
total 0
lr-x------ 1 root root 64 Nov 29 17:04 0 -> /dev/null
l-wx------ 1 root root 64 Nov 29 17:04 1 -> /dev/null
lrwx------ 1 root root 64 Nov 29 17:04 10 -> /tmp/.ZendSem.tjJF6q (deleted)
lrwx------ 1 root root 64 Nov 29 17:04 11 -> anon_inode:[eventpoll]
l-wx------ 1 root root 64 Nov 29 17:04 2 -> /var/log/apache2/error.log
</pre>
* In Unix, File Descriptors index into a Per-Process File Descriptor Table maintained by the Kernel.
* That in turn indexes into a system-wide table of files opened by all processes called the File Table.
* This table records the mode with which the file has been opened: for Reading, Writing, Appending, and possibly other modes.
* It also indexes into a third table called the Inode Table that describes the actual underlying files.
* To perform input or output, the process passes the file descriptor to the kernel through a system call.
* The Kernel will access the file on behalf of the process.
* The process does not have direct access to the file or inode tables.
* The set of file descriptors open in a process can be accessed under the path /proc/PID/fd/, where PID is the process identifier.
* File Descriptors can refer to any Unix file type named in a file system.
* As well as regular files, this includes directories, block and character devices (called "special files"), Unix domain sockets, and Named Pipes.
* File Descriptors can also refer to other objects that do not normally exist in the file system - Anonymous Pipes and Network Sockets.
;Using lsof to Recover Deleted Files
Source [https://www.masterkenneth.com/2019/03/using-lsof-to-recover-deleted-files/ masterkenneth.com]
lsof | grep myfile ==> get pid, say 11230
ls -l /proc/11230/fd/4
cp /proc/11230/fd/4 myfile
;Recover Disk space by deleted file; truncate the file
{{notice|This command needs testing.[https://unix.stackexchange.com/questions/68523/find-and-remove-large-files-that-are-open-but-have-been-deleted]}}
: > "/proc/11230/fd/4"
= Sort links vs Hard link =
Line 776 ⟶ 827:
sudo fdisk -l ==> Partition & FS Type details
parted ==> List out partitions and modify them
== Port ==
*Check Port state
cat /sys/class/net/wlp2s0/operstate
*Explanation of ip link command:
Source: [https://serverfault.com/questions/15776/how-to-check-the-physical-status-of-an-ethernet-port-in-linux/836033#836033 serverfault.com]
ip link
ip link show INTERFACE as follows.
This is a port which is administratively up, but physically down:
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
the UP indicates the system is configured to try and use the NIC for networking.
The NO-CARRIER here tells what is the issue.
This is a port that is administratively down (its physical layer is 'up', technically - it is a VM):
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
Finally, this port is working normally:
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq state UP mode DEFAULT group default qlen 1000
It is administratively UP, the LOWER_UP indicates the physical layer is working (i.e. there is a carrier), and the second UP confirms (in effect) the IP layer is up.
== IP ==
Line 912 ⟶ 988:
== Kill Command ==
Signal Types:
1) SIGHUP On POSIX-compliant platforms, SIGHUP ("signal hang up") is a signal sent to a process when its controlling terminal is closed. It was originally designed to notify the process of a serial line drop.
2) SIGINT
3) SIGQUIT Same as SIGTERM but this can also dumps core
4) SIGILL raised when an attempt is made to execute an invalid, privileged, or ill-formed instruction.
5) SIGTRAP
6) SIGABRT Signal Abort, should generate a Core Dump
7) SIGBUS
8) SIGFPE
9) SIGKILL
10) SIGUSR1
11) SIGSEGV Segmenation Fault - Accessing Memeory incorrectly; trying to modify read only memory; accessing memory outside of your process' mappings
12) SIGUSR2
13) SIGPIPE
14) SIGALRM
15) SIGTERM Used to terminate a process by Kill command.
16) SIGSTKFLT
17) SIGCHLD
Line 947 ⟶ 1,024:
63) SIGRTMAX-1
64) SIGRTMAX
* Default for Kill command is 15: TERM
= Process states in Linux =
R running or runnable On run queue
D uninterruptible sleep Usually IO
S interruptible sleep Waiting for an event to complete
Z defunct/zombie Terminated but not reaped by its parent
T Stopped Either by a job control signal or because it is being traced
= Character vs Block Devices =
* Character ('c') Device:
This is one with which the Driver communicates by sending and receiving single characters (bytes, octets).
Ex: serial ports, parallel ports, sounds cards.
*Block ('b') Device
This is one with which the Driver communicates by sending entire blocks of data.
Ex: hard disks, USB cameras, Disk-On-Key.
= System Calls =
Line 972 ⟶ 1,069:
! Type !! System Call !! Description !! Call Syntax
|-
|Rowspan='
|-
|exec || Also used to create processes; but replaces the address space, text segment, data segment etc. of the current process with the new process.<br/> Only the new process exists after exec().<br/> The process which made the system call, wouldn't exist. ||
|-
|read || read from a file descriptor ||
|-
|write || write to a file descriptor ||
|-
|open || open and possibly create a file ||
|-
|
|-
|close || close a file descriptor ||
|-
|malloc || allocates size bytes and returns a pointer to the allocated memory. The memory is not initialized. ||
|-
|calloc || used to allocate a specified amount of memory and then initialize it to zero ||
|-
|sbrk || Real memory allocation occurs via this call, which adjust the break point to increase the size of the heap. ||
|-
|
|-
|exit || terminate the calling process ||
|-
|wait || To make the process to wait ||
|-
|getpid || To find the unique process id ||
|-
|getppid || To find the parent process id ||
|-
|nice || To bias the currently running process property ||
|-
|ptrace || process trace ||
|-
| ||access || check user's permissions for a file ||
|-
| ||pipe || create pipe ||
|-
|Rowspan='8'|Network || socket || create an endpoint for communication ||
|-
|
|-
|accept || accept a connection on a socket ||
|-
|sendto || send a message on a socket ||
|-
|shutdown || shut down part of a full-duplex connection ||
|-
|
|-
|listen || listen for connections on a socket ||
|-
|getsockname || get socket name ||
|-
|Rowspan='15'| File || truncate || truncate a file to a specified length ||
|-
|chdir || change working directory ||
|-
|
|-
|
|-
|getcwd || get current working directory ||
|-
|
|-
|
|-
|
|-
|link || make a new name for a file ||
|-
|unlink || delete a name and possibly the file it refers to ||
|-
|symlink || make a new name for a file ||
|-
|readlink || read value of a symbolic link ||
|-
|chmod || change permissions of a file ||
|-
|chown || change ownership of a file ||
|-
|umask || set file mode creation mask ||
|-
|Rowspan='29'| System ||gettimeofday || get / set time ||
|-
|sysinfo || return system information ||
|-
|syslog || read and/or clear kernel message ring buffer; set console_loglevel ||
|-
|getuid || get user identity ||
|-
|setuid || set user identity ||
|-
|utime || change file last access and modification times ||
|-
|ustat || get filesystem statistics ||
|-
|statfs || get filesystem statistics ||
|-
|sysfs || get filesystem type information ||
|-
|getpriority || get/set program scheduling priority ||
|-
|mlock || lock and unlock memory ||
|-
|sysctl || read/write system parameters ||
|-
|prctl || operations on a process ||
|-
|chroot || change root directory ||
|-
|sync || commit filesystem caches to disk ||
|-
|mount || mount filesystem ||
|-
|umount || unmount filesystem ||
|-
|swapon || start swapping to file/device ||
|-
|swapoff || stop swapping to file/device ||
|-
|reboot || reboot or enable/disable Ctrl-Alt-Del ||
|-
|sethostname || set hostname ||
|-
|gethostname || get hostname ||
|-
|ioperm || set port input/output permissions ||
|-
|init_module || load a kernel module ||
|-
|delete_module || unload a kernel module ||
|-
|io_setup || create an asynchronous I/O context ||
|-
|ppoll || wait for some event on a file descriptor ||
|-
|tee || duplicating pipe content ||
|-
|getcpu || determine CPU and NUMA node on which the calling thread is running ||
|}
= Piping =
*Pipe command allows sending the output of one command to another.
*Piping can redirect the standard output, input, or error of one process to another for further processing.
Command-1 | Command-2 | …| Command-N
*Syntax for unnamed pipe command is the | character.
*Here, the pipe cannot be accessed via another session.
*it is created temporarily to accommodate the execution of Command-1 and redirect the standard output.
*It is deleted after successful execution.
;Named Pipe
*A named pipe can last until as long as the system is up and running or until it is deleted.
*It is a special file that follows the FIFO (first in, first out) mechanism.
*It can be used just like a normal file - you can write to it, read from it, and open or close it.
*To create a named pipe, the commands are:
mkfifo <pipe-name>
mknod <pipe-name> p
*This creates a named pipe file that can be used even over multiple shell sessions.
= Init vs Systemd =
Source [https://www.tecmint.com/systemd-replaces-init-in-linux/ tecmint.com]
;Init (Initialization)
*The init is a daemon process which starts as soon as the computer starts and continue running till, it is shutdown.
*In-fact init is the first process that starts when a computer boots, making it the parent of all other running processes directly or indirectly and hence typically it is assigned “pid=1“.
*If somehow init daemon could not start, no process will be started and the system will reach a stage called “Kernel Panic“.
*Also called System V init as System V is first commercial UNIX Operating System designed and usages of init is identical to most Linuxes.
;Systemd (System Management Daemon)
*A init replacement daemon designed to start process in parallel.
*Implemented in a number of standard distribution – Fedora, OpenSuSE, Arch, RHEL, CentOS, etc.
*Similar to init, systemd is the parent of all other processes directly or indirectly.
*It is the first process that starts at boot hence typically assigned a “pid=1“.
*It was designed to overcome the shortcomings of init.
*It itself is a background processes which is designed to start processes in parallel, thus reducing the boot time and computational overhead.
*It has a lot other features as compared to init.
;Need to replace Init
*Init process starts serially i.e., one task starts only after the last task startup was successful and it was loaded in the memory.
*This often resulted into delayed and long booting time.
*Systemd was not designed for speed but for getting the things done neatly which in turns avoid all the UN-necessary delay.
;Features of systemd
Clean, stateforward and efficient design.
Simpler boot process.
Concurrent and parallel processing at boot.
Better API.
Simple Unit Syntax.
Ability to remove optional components.
Low memory footprints.
Improved technique to express dependencies.
Initialization instruction written in config file and not in shell script.
Make use of Unix Domain Socket.
Job Scheduling using systemd Calendar Timers.
Event Logging with journald.
Choice of logging System events with systemd as well as syslog.
Logs are stored in binary file.
systemd state can be preserved to be called later in future.
Track process using kernel’s cgroup and not PID.
Users login managed by systemd-logind.
Better integration with Gnome for interoperability.
;Bottlenecks systemd
Everything at one place.
Not POSIX standard.
;Upstart – A init replacement daemon implemented in Ubuntu GNU/Linux and designed to start process asynchronously.
= Troubleshooting Slow Server =
| |||