1.

Basic Linux operation

There is no need to be a Linux expert in order to develop Web application. Only a handful of
basic server administration skills are needed for typical Web application developer. Here we
cover these minimum skills to administer Linux server. Since we chose Linux server without
any GUI (Graphical User Interface), we will use text-based Linux console commands for all
the administration tasks, regardless that you operate directly on the Linux server computer
or operate remotely from other PCs using SSH ( 1.4). It might be a little bit challenging for
the first time, but this is actually the preferred way to administer any Linux-based server.
(GUI is originally intended for desktop computers).

1.1. Login to and logout from the server

The first thing you do is to log in to the Linux server. For better security, it is a good practice
to login as normal user first (not as root), then change to super user (root) as needed. In
order to change to a super user (after logged in as normal user), use su command with
hyphen (-) as shown below.

> su -
Password: Enter password for root (eg, student, stuictti)
#
Now you are root

Once you have finished your work on the server, you will log out from the server by using
exit command.

# exit

Note that if you used su command to be root, you need to exit twice, once from root and
another from the normal user.

1.2. Basic console command usage

Since everything you do on the Linux server will be console command basis, you must know
the fundamental facts on the Linux system and the usage of console commands.
Very basic rules in Linux
If you have never used Linux but have used Windows or MS-DOS before, there are some
important differences between Linux console and Windows/MS-DOS command prompt.
 Almost everything you type from the keyboard in Linux (including file name,
commands, etc.) is case sensitive. You cannot interchangeably use uppercase or
lowercase like you did in MS-DOS.
 The path separator character is “/” (slash) in Linux, not “\” (backslash) as in MS-
DOS
 There is no concept of “Drive letter” (such as A: or C:) in Linux. Entire file system in
Linux always has single logical root “/”, and any physical drive will be mapped
(“mounted”) as a subdirectory in the single-rooted file system. In other words,
Linux file system is a logical file system that normally does NOT correspond to any
physical layout of hardware drives.
 In MS-DOS, if you omit the path to an executable file (command), the current
directory is assumed. In Linux, however, the current directory is NOT assumed.
Suppose you have the executable file named “test” in the current directory. If you
want to execute the file, just typing “test” at the console will NOT execute it. In
order to execute the file, you must either specify full path to the file (such as
“/usr/local/bin/test”) or use the current directory character like “./test”.

Getting help for Linux commands

If you don‟t know the usage of a particular Linux command, you can get help on the usage
by either of the following two methods. First, you can issue the command with --help
option to get brief description on the usage of the command. For example, you can show the
usage of su command by entering su -- help like shown below.

# su --help
Usage: su [OPTION]... [-] [USER [ARG]...]
Change the effective user id and group id to that of USER.

-, -l, --login make the shell a login shell

-c, --commmand=COMMAND pass a single COMMAND to the shell with -c
-f, --fast pass -f to the shell (for csh or tcsh)
-m, --preserve-environment do not reset environment variables
-p same as -m
-s, --shell=SHELL run SHELL if /etc/shells allows it
--help display this help and exit
--version output version information and exit
 A mere - implies -l. If USER not given, assume root.

If this brief description is not enough for you, you can refer to the detailed online manual
page of that command by issuing the man command, followed by the command name that
you want to know like shown below.

# man su
man su
Reformatting su(1), please wait...
SU(1) User Commands SU(1)
NAME
su - run a shell with substitute user and group IDs
SYNOPSIS
su [OPTION]... [-] [USER [ARG]...]
DESCRIPTION
Change the effective user id and group id to that of USER.
-, -l, --login
make the shell a login shell
-c, --command=COMMAND
pass a single COMMAND to the shell with -c
-f, --fast
pass -f to the shell (for csh or tcsh)
-m, --preserve-environment
Manual page su(1) line 1

In this case, it will show the man (online manual) page of the su command. A man page is a
screen-full of information that you can go forth and back by using up / down arrow keys or
page up / page down keys. Press q key to exit from the man page.
If you want to search the string in man pages, press / key followed by the search text, then
press Enter. Press n to search the next match of the string.

DESCRIPTION
Change the effective user id and group id to that of USER.
-, -l, --login
make the shell a login shell
-c, --command=COMMAND
pass a single COMMAND to the shell with -c
-f, --fast
 pass -f to the shell (for csh or tcsh)
-m, --preserve-environment
/login to search the string (login)

You will see the following descriptions

Reformatting su(1), please wait...
-, -l, --login
make the shell a login shell
-c, --command=COMMAND
pass a single COMMAND to the shell with -c
A mere - implies -l. If USER not given, assume root.
Manual page su(1) line 14/62 56%

and then press n key to search the next match of the string.
Reformatting su(1), please wait...
make the shell a login shell
-c, --command=COMMAND
pass a single COMMAND to the shell with -c
-f, --fast
pass -f to the shell (for csh or tcsh)

Press q key to exit from the man page and to clear the screen, please enter clear command
and then Enter key.

1.3. Network configuration

The most important and fundamental configuration for a server is network configuration. If
the network is not properly configured, any server software including Apache and MySQL will
not work for your Web application. You cannot even do remote administration by SSH
connection if the network is not working. In order to quickly check if the network is working,
you can use ifconfig command. This command will show detailed information including IP
address, MAC address and receiving / transmitting packet counts of all active network
interfaces on the system like shown below. The part shown bold letters is the IP address of
the server (which should be the IP address you have set during the installation).

# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:76:CD:AD:CA
inet addr:192.168.0.123 Bcast:192.168.0.255
 Mask:255.255.255.0
inet6 addr: fe80::216:76ff:fecd:adca/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11246 errors:0 dropped:0 overruns:0 frame:0
TX packets:2041 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2211847 (2.1 Mb) TX bytes:285586 (278.8 Kb)

lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:60 errors:0 dropped:0 overruns:0 frame:0
TX packets:60 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3912 (3.8 Kb) TX bytes:3912 (3.8 Kb)

Normally ifconfig command should show two or more network interfaces including lo,
which is the local loopback interface (and is not physical network interface device). If you
see only lo in the result of ifconfig command, it means that no physical network
interface device is active or working, thus Web application server software cannot work
correctly. In case your network interface device is not working, or if your network
configuration needs modification, the first thing you should do is to use yast, the central
utility for SUSE Linux administration.
Using yast
yast is NOT a standard Linux command, but a dedicated system management utility
designed for SUSE Linux. Using yast, you can do almost any system configuration change
including adding new hardware / software, updating modules to the latest version (even
automatically), setting up network configuration including firewall settings, and so on. If you
need any change in core system configuration, yast is the first command you should use in
SUSE Linux. Invoking yast from the command prompt will bring the on-screen interface like
shown below.
 Fig: 3.1 Yast main screen in text mode

In order to setup network devices, choose “Network Devices” from the menu on the left,
then choose “Network Card” from the menu on the right.

Fig: 3.2 Choose “Network Devices” from the menu of the left.
 Fig: 3.3 Choose “Network Card” from the menu on the right.

You will see the same network configuration screen as you saw during the installation of
SUSE Linux..

Fig: 3.4 Network Setup Main Screen.

 Fig: 3.5 Network Card Information

1.4. Accessing the server through SSH

Since typical Web application server is a dedicated Linux server placed in the server room or
sometimes in the distant place (like Web hosting company), normally you have no or few
chance to actually operate on that computer directly. This means that you need to do all the
administration tasks remotely from your PC through network. For that purpose, we use
secured connection between the server and your PC by using SSH (Secured Shell). SSH
encrypts all the traffic between the two computers that it is safely used on the Internet. You
can connect to the Linux server by using ssh command as follows:

sw:~ # ssh 192.168.0.123

The authenticity of host '192.168.0.123 (192.168.0.123)' can't be established.
DSA key fingerprint is 27:59:5b:44:4d:9e:f9:cc:c4:f5:36:94:21:c8:b2:41.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.123' (DSA) to the list of known hosts.
Password:
Last login: Wed Oct 17 14:35:13 2007 from 192.168.0.234
Have a lot of fun...
sw1:~ #
Now you are login to the Linux server which IP address is 192.168.0.123. You can
operate on that Linux server from your PC just like as you did on the server directly.
SSH client software
In order to connect to Linux server using SSH, you need a SSH client software on your PC. If
your PC is also a Linux machine, you can use standard SSH client included in Linux
distribution. However, normally your PC is a Microsoft Windows workstation, and you need
to install separate SSH client for connection.
There are many Windows SSH client software available on the market, both as free software
and as commercial products such as the followings.
 PuTTY (http://www.chiark.greenend.org.uk/~sgtatham/putty/)
 TeraTerm Pro + TTSSH2 (http://hp.vector.co.jp/authors/VA002416/teraterm.html)
 SSHWinClient (http://www.ssh.com/products/ssh/)
 SecureCRT (http://www.vandyke.com/products/securecrt/index.html)
In this training course, we use PuTTY, which is one of the most popular free SSH client
software for Windows.

Once you have connected to the Linux server by SSH client, you can login to and operate on
that Linux server from your PC just like as you did on the server directly.

Firstly, you should download putty-0.58-installer.exe from the internet or other server.

And then run this .exe file (PuTTY) and we will occur PuTTY Configuration.
 Fig: 3.6 PuTTY Configuration from client.

Press the Open button. If network connection works properly, you will see the following text
mode screen.

Fig: 3.7 Login as root user

 Fig: 3.8 Access from root.

1.5. Navigating through file system

How Does The Linux File System Work?
The File system Hierarchy Standard (FHS) has been designed to be used by Unix
distribution developers, package developers, and system implementers. The FHS defines the
main directories and their contents in Linux and other Unix-like computer operating systems.
The Linux file system does things a lot more differently than the Windows file
system. There is only a single hierarchical directory structure. Everything starts from the root
directory, represented by '/', and then expands into sub-directories. In the Windows
environment, one may put one's files almost anywhere: on C drive, D drive, E drive etc. On
the other hand, Linux sorts directories descending from the root directory / according to
their importance to the boot process.
Another point likely to confuse newbie is the use of the front slash '/' instead of the
backslash '\‟ as in DOS/Windows. Linux, like Unix also chooses to be case sensitive. Below is
the fundamental directory structure of SUSE Linux 10.2 configured for Web
application.
/ (root)

boot … Stores static files required to boot the system, such as the Linux kernel.
etc … Stores non-binary configuration files that are local to the machine.
lib … Stores libraries needed to execute the binaries in /bin/ and /sbin/
mnt … Reserved for temporarily mounted file systems such as NFS
proc … Stores special files that communicate with the kernel
sbin … Stores executables used by the root user
subdomain*1 … Stores sub-domain data for Apache Web server
tmp … Stores temporary files
var … Stores variable, frequently written data files
bin … Stores essential executables for all users
dev … Stores special or device-specific files such as device drivers
home … Stores each user‟s home directory
media … Contains mount points for removable media such as 3.5 diskettes and CD-ROM
opt … Stores large, static application software packages
root … Home directory for root user
srv … Stores the server-specific data such as for WWW, FTP, etc.
sys*2 … Special directory used by Linux file system
usr … Stores files that can be shared across multiple machines
*1 … Apache-specific directory *2 … Not standard in FHS
Fig: 3.9 Directory structure of SUSE Linux 10.2 configured for Web application

For the minimum Linux administration for Web application server, Web application
developers don‟t have to know all the details of these directories. But he/she normally works
only with the following directories.
 /etc … This is the most important directory for Linux system administration. All the
configuration files for server software including Apache, MySQL, PHP and SSH are
stored here, and you must work with those configuration files.
 /srv … This is the location where all the Web contents are stored. All the HTML, PHP
and CSS files should go here at /srv/www/htdocs/ sub-directory.
 /var … This is the location that you should check the working status of all the server
software by inspecting log files stored at /var/log/ sub-directory.
 /home … This is the place for home directory (the first place you are in when
you login to the server) for all normal users
 /root …This is the home directory for root user

How Do We Navigate the File System?

You can navigate through Linux file system by using cd command. For example, if you are in
our home directory (/home) and want to switch to the var directory (/home/var), the
following command does the trick:

# cd var
To switch back to your home directory, you could type
# cd /home/var
but there is shortcut you will find useful. This is the double-dot (..) notation, as in
# cd ..
This will move you one level up, to the parent directory.

For full-directory path starting from the root, you should use “/” such as “/var/log”,
or the name of subdirectory starting from the current location without “/” such as
“log/apache2”.
How Do We List Linux Files?
The ls command lists the names of all files in the current directory, and tells you about the
attributes of those files. Here are some examples:

# ls var list the name of all files and sub-directories in the var
directory.

By default, ls prints a simple, columnar list of our files; but it will list your files in
many different formats if you add one or more flags on the command line. To use any of
them, simply type the ls command at the prompt, followed by a space, and then add a
switch by typing a hyphen followed by the flag, like this:
# ls –al
Here are some of the most commonly used ls flags:

a Lists all files, including hidden ones.

l Displays the file list in long format, including file
details like size, time stamp, and owner.
F Adds a slash after the name for directories, an asterisk
for executables, and an at sign (@) for linked files.
r Reverses the sort order (alphabetic or time).
t Sorts the list by the time each file was created.

1.6. File permissions and owners

How Do Linux File Permissions Work?
If you share a Linux system, you will undoubtedly have private files that you want to
keep private, as well as files that you want to be public. You can control access to your files
by setting the permission flags and ownership for your files. When you browse file list by ls
command with –l option, it will show the file details like shown below.
# ls –l
total 28
-rw------- 1 kogure users 321 Aug 7 07:25 .bash_history
drwx------ 2 root root 176 Jul 31 18:52 .gnupg
drwxr-xr-x 2 root root 80 Jul 31 18:23 .kbd
-rw------- 1 root root 12740 Jul 31 18:39 .suse_register.log
-rw------- 1 root root 1014 Aug 6 07:01 .viminfo
drwxr-xr-x 2 root root 168 Aug 7 07:28 .wapi
drwxr-xr-x 2 root root 48 Apr 22 21:51 bin

Name of the file or directory

Last modified date and time
Size of the file or directory
Group that the file or directory belongs to
Owner
Fig: 3.10of the file or directory
Detailed listing of ls command
Here, permission consists
Numberofof 9links
characters that can
(file) or number be individed
of files into 3 groups of 3 characters
it (directory)
as follows.Permissions
File type (-:file, d:directory, l:symbolic link, c:character device, b:block device, etc.)
Permission for the file owner
Permission for the group that the owner belongs to
Permission for all other users

r : Read permission
rwx r-x r-x w : Write permission
x : Execute permission
Fig: 3.10. 3 groups of 3 kinds of permissions
To understand how to read file permissions, let's start by splitting apart those ten
characters for .bash history :

Directory? Owner's Access Group Access Others' Access

- rw- r-- ---

Readable Not executable

Writable Not writable
Not executable Readable
 The character in the first position, a hyphen (-), indicates that this is a file and not a
directory. Directories are marked with a d, as in drwxr-x--- (this precedes the directory bin).
The next three characters (rw-) tell us whether the file's owner (kogure) can read,
write, and execute the file. An r in the first position means that the file can be read; a „w‟ in
the second position means that the file can be written to (updated); and a hyphen (-) in the
third position means that the file can‟t be executed (run). For example (rw-) means that the
file can be read and written to, but not executed.
The next sets of three characters define read, write, and execute access for the
users in a particular group (the users group, in this case), along the same lines as above.
For example, the characters (r--) that appear in these positions for .bash history tell us that
the users group can read this file but can't write to or execute it.
The final set of three characters --- all hyphens, in this case --- defines access for
those who are not the owner or in the listed group. This one's easy: No one outside the
listed group has any kind of access to this file.
In sum, access to the .bash histroy file is controlled like so: The owner (kogure)
can read and update the file, but cannot execute it. People in the users group can only read
the file, and everybody else on the system gets no access at all.

How Can You Change Linux File Permissions?

These permissions sometimes affect the working of server software (especially
Apache) and cause unexpected trouble or problem for Web application developer. You
should know the basic facts and strategy of these permissions like shown below in order to
develop flawless, secure Web application.
 The permission can be modified only by the owner of the file, or root user.
Simply said, root user has super power to modify just about everything on the server.
That‟s why you should be very careful of using root account and should make root
account secure in order to prevent malicious users.
 Basically, you should disable w (write) permission to “other users” for important
static files that should not be modified or deleted. This will prevent other users to
(accidentally or intentionally) modify or delete the file.
 All server software, including Apache and MySQL, are normally running as a
certain user (such as “apache” user) and NOT as a root user. This means that if you
disable r/w permission of a file that is needed to read/write by the server software, the
software will not be able to read/write the file, resulting in a failure or error of the server
function. For example, if you upload HTML files and PHP files to the Web application
server by using normal user account, you should be careful of the permissions of those
uploaded files.
In order to modify the permissions of a file or a directory, use chmod command.

# chmod permission file_or_directory_name

For the permission, you can specify a particular permission at a time, or the
combination of all 9 permissions at once. In order to change a particular permission, you use
the following syntax.

# chmod u + r file_or_directory_name
g - w
o = x

WHO IT APPLIES TO ACCESS CHANGE ACCESS TYPE

(pick one or more) (pick one) (pick one or more)

u For the owner (user) + Grant access r For read access

g For the group - Deny access w For write access

o For all others = give only that access x For execute access

For example, if you want to add write permission to other users for a file, you enter
the command like this.

# chmod o+w file_or_directory_name

On the other hand, if you want to assign the combination of all 9 kinds of permissions
at once, you use octet-encoded 3-digit number like shown below.

# chmod 750 file_or_directory_name

The first digit corresponds to the permission for owner. The second digit is for group,
and the third digit is for other users. Each digit is the addition of the following numbers.

 Read permission = 4
 Write permission = 2
 Execute permission = 1
So, the number “750” in the example above means that you specify read, write and
execute permission to owner (4 + 2 + 1 = 7), read and execute permission to group (4 + 1
= 5), and no permission to other users (0).
Sometimes you may need to change the owner of a file itself for server software to
correctly handle the file. In order to change the owner of a file or a directory, you use chown
command.

# chown new_owner file_or_directory_name

1.7. Modifying Configuration

Most of the real administration works you do on a Web application server are
normally the change of configuration. Whether you wish to change the behavior, adjust the
performance or add new functionality, you will basically do only the following two things on
the Linux server.
 Install or remove the software component
 Modify the configuration file (if needed)
Installing or Removing Software
In Linux, software is available in the form of packages. Normally, a package contains
everything needed for a program: the program itself, the configuration files, and
documentation. A package containing the source files for the program is normally available
as well.
Some packages depend on other packages. This means that the software of the
package only works properly if another package is also installed. Furthermore, the
installation of some packages is only possible if certain other packages are installed, perhaps
because the installation routine needs specific tools. Accordingly, such packages must be
installed in the correct sequence. There are some packages with identical or similar
functionalities. If these packages use the same system resource, they should not be installed
concurrently (package conflict). Dependencies and conflicts can occur between two or more
packages and are sometimes very complex. The fact that a specific package version may be
required for smooth interaction can make things even more complicated.
All these factors must be taken into consideration when installing, uninstalling, and
updating software. YaST provides an extremely efficient tool for this purpose: the software
installation module usually referred to as the package manager. When the package manager
starts, it examines the system and displays installed packages. If you select additional
packages for installation, the package manager automatically checks the dependencies and
selects any other needed packages (resolution of dependencies). If you select conflicting
packages, the package manager indicates this and submits suggestions for solving the
problem (resolution of conflicts). If a package needed by other installed packages is marked
for deletion, the package manager issues an alert with detailed information and alternative
solutions.
Apart from these purely technical aspects, the package manager provides a well-
structured overview of the range of packages in SUSE LINUX. The packages are arranged by
subjects and the display of these groups is restricted by means of suitable filters.
In order to install or remove software using yast, you should choose “software” from
the menu on the left, and then choose “software management” from the menu on the right.
All available software packages will be shown on the screen like below.

Fig: 3.11 Software management screen of yast

From here, you can choose the software that you wish to install, or remove software
that has already been installed (with the “i” mark on the left). The most convenient way to
choose the right software is to use “Filter” menu. You can browse the packages by groups,
or you can search for the name of software.
In case software that you want to install is not in the list, you can still install it
manually by using standard RPM package or source compilation, but this software will not be
managed automatically by yast and you must manage them manually.
Location of configuration files
In order to change the behavior or adjust the functionality of the installed software,
you must modify the configuration file. Almost all Linux software has their configuration file
that is a text file describing the options and settings for the execution of the software.
Normally, almost all configuration files are located at /etc directory. Below is the list
of important configuration files in SUSE Linux 10.2 that Web application developers should
work with.

Table 2 – Important configuration files in SUSE Linux 10.2 for Web application
developers
File name Location Description
httpd.conf /etc/apache2 Main configuration file for Apache server
*.conf /etc/apache2/conf.d All included configuration files for Apache
my.cnf /etc MySQL server configuration file
php.ini /etc/php5/apache2 PHP configuration file
Sshd_config /etc/ssh SSH server configuration file

Modify configuration file with vi

In order to view and modify these configuration files, you need a text editor. The
most popular and widely available text editor for Linux system is vim, also found with the
name vi. The vi editor is found on all BSD systems and all commercial UNIX systems. You
should learn how to use vi for this reason alone.
When you want to modify the content of existing configuration file, you should make
backup file before using vi. You can make backup file by cp command like shown below.

# cp filename backup_filename

If you want to create new file, or already made backup file, then you can start vi with
the file name that you want to edit like this.

# vi filename

You will see surprisingly simple screen almost filled with the content of the file, except
for the bottom row of the screen that shows brief information of the editing like shown
below.
#password = your_password
port = 3306
socket = /var/lib/mysql/mysql.sock
# Here follows entries for some specific programs
"my.cnf" 160L, 4984C 18,1 28%

File name Size of the file (in lines and characters) Current position in the file
You can use arrow keys, PgUp / PgDn, Home / End keys to navigate through the file
just like any other text file editors. However, when you wish to modify the content, you must
be very careful because the operation of editing in vi is quite different from normal text
editors. Basically, in order to edit something in vi, you MUST first press a key that indicates
what kinds of editing operation you will make. Unlike normal text editors, you cannot even
just type characters to edit the content. This is very confusing for beginners, but once
accustomed; you can use it on any Linux/Unix computer. Below is the list of basic operation
commands in vi. You should at least memorize these basic commands. Be careful that they
are all case-sensitive.
 Table 3 – The minimum operation commands you need in vi

Operation How to do it
Browsing content Use arrow keys, PgUp/PgDn, Home/End keys
Insert text Press i key, type the content, then press Esc key when finished.
Append text Press a key, type the content, then press Esc key when finished.
Delete a character Press x key or Del key
Delete a line Press d key 2 times (dd)
Join two lines into one Press J key on the upper line
Undo Press u key
Search for a text Press / key, type search text, then press Enter
Search next match Press n key
Copy a line into clipboard Press y key 2 times (yy)
Paste a line from clipboard Press p key
Save and exit vi Press :wq + Enter or press Z key (Shift-z) two times (ZZ)
Quit without saving file Press :q! + Enter

1.8. Managing Process

The ps command is one of the tools for visualizing processes. This command has
several options which can be combined to display different process attributes. With no
options specified with ps, it only gives information about the current shell and eventual
processes:

Linux-v848:~ # ps
PID TTY TIME CMD
4688 pts/2 00:00:00 bash
4706 pts/2 00:00:00 ps

Since this does not give enough information − generally, at least a hundred
processes are running on your system. In Linux, all running software is managed as
“processes”. There are normally many processes running on the same Linux server. In order
to see all running processes, you can use ps command with aux option (without hyphen “-“).

# ps aux
USER PID %CPU %MEM VSZRSS TTY STAT START TIME COMMAND
root 1 0.0 0.1 716172 ? S 09:36 0:03 init [3]
root 2 0.0 0.0 0 0 ? SN 09:36 0:00 [ksoftirqd/0]
root 3 0.0 0.0 0 0 ? S< 09:36 0:01 [events/0]
...
 root 4357 0.0 1.4 4132 1892pts/0 Ss 18:28 0:00 -bash
root 4586 0.0 0.6 2384 836pts/0 R+ 20:06 0:00 ps aux

# Note that the last line of the list always shows the process of your own console (see
the COMMAND column above), because the console is also one of the running processes.
We will usually select particular processes out of the list of all processes, using the
grep command in a pipe, which will select and display all processes owned by a particular
user.
ps −ef | grep username

This example shows all processes with a process name of bash, the most common
login shell on Linux systems:
linux-v848:~ # ps aux | grep bash
brenda 31970 0.0 0.3 6080 1556 tty2 S Feb23 0:00 −bash
root 32043 0.0 0.3 6112 1600 tty4 S Feb23 0:00 −bash
theo 32581 0.0 0.3 6384 1864 pts/1 S Feb23 0:00 bash
theo 32616 0.0 0.3 6396 1896 pts/2 S Feb23 0:00 bash
theo 32629 0.0 0.3 6380 1856 pts/3 S Feb23 0:00 bash
theo 2214 0.0 0.3 6412 1944 pts/5 S 16:18 0:02 bash
theo 4245 0.0 0.3 6392 1888 pts/7 S 17:26 0:00 bash
theo 5427 0.0 0.1 3720 548 pts/7 S 19:22 0:00 grep bash

In these cases, the grep command finding lines containing the string bash is often
displayed as well on systems that have a lot of idle time. If you don't want this to happen,
use the pgrep command.

# Note that this command will also show your own console process as the last line and
don‟t confuse the line with the process you are looking for. In other words, if you see only
one line (console process) as the result of this command, it means that the process is NOT
running.
In order to restart a process after you modify the configuration, use killall command
with –HUP option. This command will first kill all the matched processes and then restart
them automatically.

# killall –HUP name_of_process

1.9. Viewing Log

Any Linux system will generate many log files by default containing various information
about the operation of the system such as normal actions, debugging information,
security/authorization messages, web/email events, etc. Once you have succeeded to run all
necessary server software on Linux, you need to check their status and working condition
regularly by taking a look at their logs. A log is a text file that contains the records of
important activities or events occurred in the software. A record is a line of text normally
containing date, time and information of an event. Each server‟s software has independent
log file, and some software have more than one kind of log files.

In SUSE Linux 10.2, all these logs are stored in /var/log directory. Below is an example of
the content of /var/log directory.

# ls /var/log
YaST2 mail.err zmd-backend.log-20060806.bz2
Acpid mail.info zmd-backend.log-20060807.bz2
apache2 mail.warn zmd-backend.log-20060808.bz2
boot.log messages zmd-backend.log-20060809.bz2
boot.msg mysqld.log zmd-messages.log
boot.omsg news zmd-messages.log.2006-07-31
faillog scpm zmd-messages.log.2006-08-04
firewall warn zmd-messages.log.2006-08-06
krb5 wtmp zmd-messages.log.2006-08-07
lastlog z md-backend.log zmd-messages.log.2006-08-08

The bold letter means a sub-directory. You can see that there are many log files in this
directory, and the logs of particular software are sometimes stored in its own sub-directory
(such as apache2). There are also older, archived log files (with the extension of .bz2).
These log archives will be regularly and automatically created by Linux system.

In order to view the full content of a log file, you can open it with vi, or use cat command
together with less command like shown below.

# cat log_file_name | less

This will let you browse through the log file with arrow keys and PgUp/PgDn keys. If you
want to quit this browsing display (created by less command), you can press q key.
Sometimes you may wish to see only the last (the newest) few lines of a log with real-time
update, so that you can see the live display of a frequently appended log file. You can do
that by tail command with –f option like this.

# tail -f log_file_name

To quit from the real-time display of tail command, press ctrl + c key.
Example:
You can view common log file /var/log/messages using any one of the following command:

# tail -f /var/log/messages
# less /var/log/messages
# more -f /var/log/messages
# vi /var/log/messages

Output of the /var/log/messges are as follows:

# less -f /var/log/messages
Jan 12 20:27:03 linux-j0fj auditd: Config file /etc/audit/auditd.conf
doesn't exist, skipping
Jan 12 20:27:03 linux-j0fj kernel: audit(1168608423.488:3):
audit_backlog_limit=256 old=64 by auid=4294967295
Jan 12 20:27:03 linux-j0fj kernel: klogd 1.4.1, ---------- state
change ----------
Jan 12 20:27:03 linux-j0fj kernel: audit(1168608423.564:4):
audit_pid=3192 old=0 by auid=4294967295
Jan 12 20:27:03 linux-j0fj SuSEfirewall2: Warning: ip6tables does not
support state matching. Extended IPv6 support disabled.
Jan 12 20:27:03 linux-j0fj SuSEfirewall2:
/var/lock/SuSEfirewall2.booting exists which means system boot in
progress, exit.

1.10. Rebooting or shutting down the server

Normally, Linux server does not have to be rebooted often. Most of the software-based
system updates can be done without rebooting. However, you need to reboot the server in
some cases such as connecting new hardware devices. In such cases, you can reboot the
server by using shutdown command with –r option as follows.

# shutdown -r now

On the other hand, you can completely shutdown the server by using shutdown command
with –h option as follows.

# shutdown -h now

Note, however, that this command will physically turn off the computer hardware (if the
computer supports ACPI standard), and you must manually turn the computer hardware on
again in order to make the server running back again. This will be a problem if you place the
server at distant place (such as at server room or at web hosting service company).
1.11. Linux commands for Web application developer
Below is the list of all Linux commands that Web application developer should use often.

Table 4 – List of convenient Linux commands for beginners

Command Usage example Description
cat cat file Display content of file
cat -n file
Display with line numbers
cat file1 file2 > file3
Concatenate files to create new file
cd cd dir Change current directory
cd ..
Move to the parent directory
chgrp chgrp group file Change belonging group of a file
chkconfig chkconfig --list Show start-up processes of Linux
chkconfig proc on
Make the process start-up when booting Linux
chkconfig proc off
Make the process not start-up when booting Linux
chmod chmod 644 file Change the permission of a file (to 644)
chown chown user file Change the owner of a file
clear clear Clear the display of console screen
cp cp file1 file2 Copy file1 to file2
cp -r dir1 dir2
Copy whole directory
diff diff file1 file2 Compare content of 2 text files
dircmp dircmp dir1 dir2 Compare content of 2 directories
finger finger Display currently logged in users
grep grep "text" file Search text in a file
grep -n "text" file
Display result with line number
grep -i "text" file
grep -r "text" file Search the text with ignoring the case
Search in dub-directories
groupadd groupadd groupname Add new group
groupdel groupdel groupname Delete a group
groups groups username Show group name of the user (current user if omitted)
ifconfig ifconfig Show network hardware (interface) information
kill kill PID Kill a process of the specified process ID
kill -HUP PID
Restart the process of the specified process ID
(Use ps command to know process ID)
last last Show information of last login
less less file Show content of file 1 page at a time (press q to exit)
grep text file | less
Show the result of grep command 1 page at a time
locate locate file Search the file instantly (requires updatedb before)
ls ls Show the list of files in current directory
ls -la
Show the list of files with all details
 Command Usage example Description
man man command Show manual pages for the command
man -k keyword
Search keyword in all available manual pages
mkdir mkdir dir Create sub-directory
nslookup nslookup host Show IP address or hostname of the host
passwd passwd Change password
ping ping IP Check connection to the host or IP
ps ps aux Show all running process in detail
pwd pwd Show current directory
rm rm file Delete a file
rm -r dir
Delete all the files in sub-directory
rm -rf dir
Force deleting all the files in sub-directory
rmdir rmdir dir Delete sub-directory
shutdown shutdown -h now Shut down the server
shutdown -r now
shutdown -h +10 Reboot the server
Shut down the server 10 minutes later
su su Become root temporarily
su user
Become the user temporarily
tail tail +100 file Shows the last 100 lines of a file
tail -f file
Show real-time display of the last part of a file
touch touch file Update the last modified timestamp of the file to current
time (if the file already exists), or create blank file with the
file name (if the file does not exist)
traceroute traceroute IP Show route to the specified IP or host
updatedb updatedb Update file location database (for locate command)
uptime uptime Show the duration of running of the server since the last
boot-up
useradd useradd -m user Add new user with his/her home directory
useradd -g group user
Add new user together with the belonging group
userdel userdel user Delete a user
userdel -r user
Delete a user with his/her home directory
vi vi file Full-screen text editor
view view file Execute vi editor in read-only mode
which which command Show the location of command
whoami whoami Show the user name of current user

1.12. Making the server more secure

Now the network security is a serious problem on the Internet. In order to protect from any
threats or instability of the system, you must always update the system to the latest
condition. Though we will not practice in this training course, you should do the following
things for maintaining secure server.
 Automatic Online Update. You can set it up by yast utility in SUSE Linux, and other
distributions should also have the similar functionality.
 Setup proper settings for firewall. You can do it by yast utility in SUSE Linux, and other
distributions should also have the similar functionality.
 Consider disabling SSH login by root (so that you must login as normal user, then use
su command to become root every time). You can set it up by SSH configuration file
(/etc/ssh/sshd_conf).
 Consider using SSH user mode authentication (disabling login by username and
password, and force user to have the SSH host key beforehand at the client computer)