Lesson 1: System initialization and services

System initialization and services

Service startup

●
Service startup

The init process and systemd

Run levels History
Changing the default target
Configuring daemons
Daemons and service

●
Daemons are processes that wait or run in the background
performing various tasks.
●
Daemons start automatically at boot time and continue to run until
shutdown or until they are manually stopped.
●
Service often refers to one or more daemons.
●
Service units have a .service extension and represent system
services.
The init process (History)

The init process (History)

●
When the kernel has finished booting it creates a single user process
– Process ID 1 and Runs the program /sbin/init
● init is (directly or indirectly) the ancestor of every other process in
the system
– Its actions are controlled by the file /etc/inittab
●
Red Hat Enterprise 7 uses systemd
– The "systemd" process ID 1 is a new kind of init system, which
replaces init. /sbin/init is now a symbolic link to
/usr/lib/systemd/systemd
– Systemd provides parallelization capabilty, which increase the
boot speed of a system.
– Run the programs /usr/lib/systemd/systemd)
– inittab is no longer used when using systemd
Run levels (History)
● The set of services started by init depends on the run level that it
enters
– Conventionally the run levels are configured as follows

Run Level Action

0 Halt/shutdown (Do NOT set initdefault to this)
1 Single-user (maintenance) – the only user process is a root shell
2 Mutli-user without networking
3 Full multi-user with networking
4 Not used
5 Multi-user plus X windows
6 Reboot (Do NOT set initdefault to this)
●
The run level that the system boots into is determined by the
initdefault entry in /etc/inittab
Changing the default target
Log in as root
●
Generally, Linux operates in runlevel 3 or 5.
●
systemd uses 'targets' instead of runlevels.
●
By default, there are common targets:
– rescue.target: - analogous to runlevel 1
– multi-user.target :- analogous to runlevel 3
– graphical.target :- analogous to runlevel 5
●
To set a default target, run:
# systemctl set-default TARGET.target

eg. # systemctl set-default multi-user.target Do now!

●
Reboot the machine
– Verify that it now boots directly into a text login
●
To view current default target, run:

# systemctl get-default
Commands
●
reboot the system
# Init 6
# systemctl reboot
●
Shut down and halt the system
# Init 0
# systemctl halt
●
Shut down and power-off the system
# systemctl poweroff
●
System shutdown immediately
# shutdown -h now
●
system shutdown after 10 minutes
# shutdown -h + 10
●
system will be rebooted at 14:30
# shutdown –r 14:30
Linux services

●
Linux services are called deamons, out of them, the following are
most widely used: By convention, the names of many daemon
programs end in the letter “d”.

– dhcpd : DHCP server service

– httpd : Apache Web server service

– mysqld : MySQL server service

– named : BIND server service

– network : Networking service

– nfs : Network File Share service

– sshd : Open SSH and SFTP server service

– xinetd : Provides support for telnet, ftp, talk, tftp etc.

Listing services with systemctl

●
List the state of all units to verify a system startup

# systemctl

●
List a service is active and show if the unit is enabled at boot time.

# systemctl is-active NetworkManager

# systemctl is-enabled NetworkManager

●
List the active state of all loaded units. The –-all option will add
inactive units

# systemctl list-units –type=service

# systemctl list-units –type=service ––all

Starting and stopping services

●
Command syntax

systemctl status/start/stop/restart <service name>

Example

# systemctl restart NetworkManager

●
To enable a service so it starts automatically at boot time, type the
following:

# systemctl enable NetworkManager

●
To disable a service so it doesn't start automatically at boot time,
type the following:

# systemctl disable NetworkManager

Configure service at runlevel (History)

●
Command to display the run level mode

#runlevel
●
Service command

#Service NetworkManager restart

●
Manage services at runleves
chkconfig command used to configure services at run level
# chkconfig –– list display running services
# chkconfig –– list network display network service
# chkconfig –– level 5 network off disable network at run level 5
# chkconfig network off disable network on all run levels
# chkconfig –– level 5 network on enable network on run level 5
Lesson 2: Network configuration

Network configuration
Outline

●
In this Lesson we will learn about:

✓ The basics of the IP protocol and packet delivery

✓ How to configure a network interface

✓ How to configure name resolution

✓ Some basic diagnostic tools

TCP/IP primer

●
TCP/IP primer
Introducing TCP/IP
IP addresses
Network and host components
CIDR notation
A typical internet
IP routing decisions
The routing table
MAC addresses
The ARP protocol
The ARP cache
The naming of network interfaces
Services and port numbers
The /etc/services file
Traceroute

●
Tracing data path from US (Netwok-tools.com) to Ethiopia (AAiT)
– Select “Trace” and click “Go”
Hop (ms) (ms) (ms) IP Address Host name
1 0 0 0 206.123.64.233 - Missouri, US
2 1 1 1 129.250.202.253 xe-0-4-
012.r01.dllstx04.us.bb.gin.ntt.net Colorado, US–NTT America (ISP)
3 1 1 1 89.221.40.162 ae0.dallas2.dal.seabone.net
Dallas, US – NTT America (ISP)
4 362 343 342 185.70.202.2 - Italy, RIPE ISP
5 386 386 385 185.70.202.9 - Italy, RIPE ISP
6 404 403 404 197.254.194.22 - Sudan
7 Timed out Timed out Timed out
Introducing TCP/IP

●
Linux systems communicate using a protocol suite called TCP/IP
– IP is a network layer protocol and is responsible for routing packets across
an interconnected set of networks (an “internet”) to the correct machine

– TCP (Transmission Control Protocol) is a transport layer protocol layered

over IP, and is responsible for delivering packets to a specific application
(service) on the destination machine
●
Connection-oriented (establishes a reliable “virtual circuit” between
two applications)

– UDP (User Datagram Protocol) is another transport layer protocol

●
Connectionless
●
Not guarenteed
IP addresses

A connection from a computer

to a network is identified by an
IP address (a 32-bit number)

IP addresses are written in dotted decimal notation.

Each byte of the address is written as a decimal
integer between 0 and 255

11000000 10101000 00000000 00000101

IP address 192.168.0.5
Network and host components

●
An IP address is divided into two parts: a network ID and a host ID
– The network ID is used to route packets to the correct network
– The host ID is used to deliver packets to the correct host on the network
●
A subnet mask defines how an IP address is split between network
and host components

255.255.255.0

subnet mask 11111111 11111111 11111111 00000000

IP address 11000000 10101000 00000000 00000101

192 . 168 . 0 . 5

Network ID Host ID
CIDR notation

●
CIDR (Classless Inter-Domain Routing) notation allows an interface's
IP address and subnet mask to be represented compactly:

192.168.0.5/24
The number of bits in the
IP address that should be
interpreted as the network ID

subnet mask 11111111 11111111 11111111 00000000

IP address 11000000 10101000 00000000 00000101

Network ID Host ID
A typical internet

A B C D 176.13.4.92

The Internet

192.168.0.1 192.168.0.3 192.168.0.254

192.168.0.2 192.168.0.4

P Q R S

192.168.1.1 192.168.1.3 192.168.1.254

192.168.1.2
IP routing decisions

●
IP decides how to route a packet to its destination based on the
network component of the destination IP address
Example:
Do I have a direct Yes Send the packet
connection to A to C
on this connection
this network?
No
Send the packet
Do I know a route Yes A to Q
to the IP address
to this network? via S
specified in the
routing table
No
Yes Send the packet A to the
Do I have a
default gateway? to the default outside world
gateway via D
No
Network unreachable
The routing table

●
Linux holds IP routing information in an internal routing table
– May be displayed with the command route -n
– This example is from machine 'A' and has been edited to fit the page:
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Iface
192.168.0.0 0.0.0.0 255.255.255.0 U eth0
192.168.1.0 192.168.0.254 255.255.255.0 U eth0
0.0.0.0 192.168.0.4 0.0.0.0 UG eth0

●
The most specific matching route (the one with the longest
“Genmask”) is used
– The packet is sent to the specified gateway via the specified interface
The routing table explained

●
First entry:
– Says that the local network (192.168.0.0/24) is connected directly to the
network interface called eth0. There is no gateway (the IP address is
shown as 0.0.0.0)

●
Second entry:
– Says that packets destined for the network 192.168.1.0/24 should be sent
to the gateway 192.168.0.254 using network interface eth0

●
Third entry:
– This route always matches because the “genmask” is zero
– Specifies 192.168.0.4 as the default gateway
– Says where to send the packet if there is no more specific match
Routing table flags

●
The flags in the fourth column of the routing table show how the
kernel will interpret the entry and have the following meanings:
●
! - learned routes for network are rejected
●
A – route added by addconf (an IPv6 address resolution protocol )
●
C – cache entry
●
D – route created by a routing daemon or ICMP redirect
●
G – use the gateway given in the Gateway column for traffic going to the
network specified in the routing entry
●
M – route has been modified by a routing daemon or ICMP redirect
●
R – reinstate routing to permit routing updates for this particular routing
entry
●
U – network route is created (up) and will be used by kernel to make
routing decisions
MAC addresses

●
When an IP packet is transmitted on a physical medium (eg ethernet)
it is encapsulated inside a frame which includes the physical address
(“MAC address”) of the network interface it is being sent to
●
The MAC address is permanently assigned to the interface
– 48 bits; written in hex with colons, e.g. 00:06:5B:BA:6E:FB

A B C
00:06:44:6C:E6:8A 00:06:5B:B6:54:B9 00:06:5B:BA:6E:FB

192.168.0.1 192.168.0.2 192.168.0.3

IP Datagram 00:06:5B:BA:6E:FB
The ARP protocol

●
ARP (address resolution protocol) is used to discover MAC addresses

ARP request is broadcast:

Who is 192.168.0.3?
Tell 192.168.0.1

A B C
00:06:44:6C:E6:8A 00:06:5B:B6:54:B9 00:06:5B:BA:6E:FB

192.168.0.1 192.168.0.2 192.168.0.3

ARP reply: “192.168.0.3 is at 00:06:5B:BA:6E:FB”

The ARP cache

●
To avoid an ARP broadcast prior to every transmission, known IP-to-
MAC address bindings are stored in the ARP cache
– The cache is always consulted first
– Entries remain in the cache for about 15 minutes then time out

● The ARP cache can be examined via /proc/net/arp:

# cat /proc/net/arp
IP address HW type Flags HW address Mask Device
192.168.0.4 0x1 0x2 00:60:97:5E:B9:E2 * eth0
192.168.0.1 0x1 0x2 00:50:BA:99:C1:A9 * eth0
Manipulating the ARP cache

● The arp command can also be used to examine the cache and to
manually add or delete entries, though this is rarely necessary
– Show all entries:
# arp -a
– Add an entry:
# arp -s 192.168.0.3 00:60:97:1A:37:BF -i eth0 temp
– Add a permanent entry:
# arp -s 192.168.0.3 00:60:97:1A:37:BF -i eth0
– Delete an entry:
# arp -d 192.168.0.3
The naming of network interfaces

●
The linux kernel assigns names to network interfaces

Point-to-point dial-up
connection via modem
Ethernet interfaces

eno16777736 ppp0

ens33 lo

The loopback interface provides a way

to reach the local machine. Packets
are simply looped back up the TCP/IP
stack. There is no associated network
hardware. The loopback interface has
the IP address 127.0.0.1
Services and port numbers

●
An IP address identifies a specific machine for packet delivery.
Beyond that, a port number identifies a specific service (application
program) to which data should be delivered.
– Port number is 16 bits
(0-65535) Web ftp ssh
●
To connect to a specific server server server
server, a client needs to
know the IP address of
the machine, and the
service's port number
80 21 22
– e.g. 192.168.0.5:80
●
TCP and UDP each has
its own set of ports
– TCP port 21 is not the
same as UDP port 21
192.168.0.5
The /etc/services file

●
There is a fixed, standardised association between services, the port
numbers at which they listen, and the protocols (TCP orUDP) they use
– Maintained by the Internet Assigned Numbers Authority (www.iana.org)
– Held in the /etc/services file
– Here is a heavily edited extract:

ftp-data
ftp-data 20/tcp
20/tcp ## File
File Transfer
Transfer [Default
[Default Data]
Data]
ftp
ftp 21/tcp
21/tcp ## File Transfer [Control]
File Transfer [Control]
ssh
ssh 22/tcp
22/tcp ## SSH
SSH Remote
Remote Login
Login Protocol
Protocol
telnet
telnet 23/tcp
23/tcp ## Telnet
Telnet
smtp
smtp 25/tcp
25/tcp mail
mail ## Simple
Simple Mail
Mail Transfer
Transfer
time
time 37/tcp
37/tcp ## Time
Time
time
time 37/udp
37/udp ## Time
Time
domain
domain 53/tcp
53/tcp ## Domain
Domain Name
Name Server
Server
domain
domain 53/udp
53/udp ## Domain Name Server
Domain Name Server
http
http 80/tcp
80/tcp ## World
World Wide
Wide Web
Web HTTP
HTTP
Configuring a network interface

●
Configuring a
network interface

Showing interface status with ip

Configuring an interface with nmcli
Configuring an interface with nmtui
Configuring an interface with DHCP
Where are the network settings stored?
Showing interface status with ifconfig
(History)

● The ifconfig command shows the status of a network interface. It is

becoming obsolete.
– If you get not found, please install it as
# yum install net-tools -y

Lets add some other tools that we will use later

# yum install bind-utils -y

# yum install traceroute -y

●
Example:
# ifconfig
ens33 Link encap:Ethernet HWaddr 00:06:5B:BA:6E:FB
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::206:5bff:feba:6efb/64 Scope:Link
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9749 errors:0 dropped:0 overruns:0 frame:0
TX packets:7215 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:8034188 (7.6 Mb) TX bytes:793559 (774.9 Kb)
Interrupt:10 Base address:0x3000
Configuring an interface with ip command

● ip command configure ip addresses temporary:

#ip addr add dev ens33 192.168.1.1/24
●
To show the ip address
#ip a

●
To show the ip address
#ip addr show
●
Display the statistics
#ip -s link
●
NetworkManager is a service that manages network connections, but
it doesn’t manage ip command assigned configurations
 Configuring an interface with nmcli
● nmcli can also be used to configure interface settings temporarily:

# nmcli

# nmcli dev show

# nmcli dev Show the interface

# nmcli con Show the dev interface detail

Note: at this network demo exercise we should have add additional NIC from VirtualBox.

# nmcli device status, nmcli device up enp0s8 nmcli device up enp0s9

Note: after we add two additional NICs they can be reach Ips from DHCP or Static. Once they get IP we can
connect using the newly created IP to the server.

# nmcli connection modify enp0s8 ipv4.method manual ipv4.addresses 192.168.1.10/24

Disable the interface
# nmcli device down enp0s8, # nmcli device up enp0s8

# systemctl restart NetworkManager --- then the newly changed IP will work.
Enable the interface
#nmcli con down “Wired connection 1”

#nmcli con up “Wired connection 1” Set IP address and

default gateway
#nmcli networking on

#nmcli networking off

#nmcli dev modify ens33 ipv4.addresses 192.168.1.1/24

ipv4.gateway 192.168.1.254 ipv4.dns 8.8.8.8 ipv4.method manual

●
Display NIC adapter

#nmcli connection show

●
Display NIC adapter status
 Configuring static IP

● # vi /etc/sysconfig/network-scripts/
● # Vi /etc/NetworkManager/system-connections
DEVICE=enp0s9
BOOTPROTO=none
ONBOOT=yes
NETMASK=255.255.255.0
IPADDR=192.168.1.15
USERCTL=no
GATEWAY=192.168.1.1
# nmcli connection down enp0s9
# nmcli connection up enp0s9
# systemctl restart NetworkManager
# nmcli connection show
# nmcli connectionn delete UUID ---- to delete the
connection by UUID.
Configuring an interface with nmcli (continued)

● Create adapter with new name: add additional NIC on the VMware
setting
# nmcli con add con-name test type ethernet ifname ens33
●
Assign IP address to the new adapter interface
# nmcli dev modify test ipv4.addresses 192.168.1.10/24
ipv4.method manual
●
Activate the new created adapter
# nmcli con up test
●
To delete adapter
# nmcli con delete test
●
Restart and enable network service using NetworkManager service
# systemctl restart NetworkManager
# systemctl enable NetworkManager
 Configuring an interface with ip addr

●
Add Ip Addres using the following command
# ip addr add 192.168.30.62/24 dev enp0s3
# ip addr show enp0s3
●
To delete Ip Address
# ip addr del 192.168.30.63/24 dev enp0s3
●
Restart and enable network service using NetworkManager service
# systemctl restart NetworkManager
# systemctl enable NetworkManager
Configuring an interface with nmtui

● NetworkManager text user interface (TUI) tool

● nmcli can also be used to configure interface settings:
#nmtui
Configuring an interface with DHCP

●
A system can be configured to obtain network settings automatically
from a DHCP (Dynamic Host Configuration Protocol) server
– IP address, subnet mask, default gateway, DNS server, ...
– Settings are leased for a specified time; client must renew the lease
before it expires if it wants to keep using the settings
●
Advantages:
– No manual configuration needed. In particular, machines which often
move between different physical networks (e.g. laptops) do not have to
be manually re-configured each time
– IP addresses can be re-used – you can have more machines than you
have IP addresses if they are not all needed at once
●
Disadvantages
– You need a DHCP server
– Machines offering services (e.g. Web servers) cannot be guarenteed to
stay on the same IP address
● dhclient command runs a DHCP client software
Where are the network settings stored?

●
The permanent network settings for the interface eth0 are stored in
the file /etc/sysconfig/network-scripts/ifcfg-eth0
# vi /etc/sysconfig/network-scripts/ifcfg-ens33
●
For a statically configured
machine it might look like
this:
BOOTPROTO='static'
BOOTPROTO='static'
ONBOOT='yes'
ONBOOT='yes'
BROADCAST='192.168.1.255'
BROADCAST='192.168.1.255'
IPADDR='192.168.1.1'
IPADDR='192.168.1.1'
NETMASK='255.255.255.0'
NETMASK='255.255.255.0'
NETWORK='192.168.1.0'
NETWORK='192.168.1.0'

●
For a machine configured via BOOTPROTO='dhcp'
BOOTPROTO='dhcp'
DHCP it might look like this: STARTMODE='onboot'
STARTMODE='onboot'
Network Monitoring

Iptraf: is a command-line interface in Linux that displays the network

traffic statistics in real-time for various interfaces on the system. It
displays network interface utilization, bandwidth usage, packet drops,
and other traffic-related information. The iptraf command is a
powerful tool for monitoring network performance and identifying
potential bottlenecks or issues with network connectivity.

# yum install iptraf

Name resolution

●
Name resolution

Name services
Hostname
The /etc/hosts file
Domain Name resolution
The name service switch
Configuring a DNS client
Name services

●
Users prefer to identify computers using names, not IP addresses
– Simple names: server01, pluto, mars, galaxy, ...
– Fully qualified domain names:
server01.example.com, www.ftt.co.uk, …

●
Naming services translate names to IP addresses

●
The resolvers (doing the name lookup) can be made to look in several
places
– A local file (/etc/hosts)
– A NIS server (Network Information Service)
– A NIS+ server (successor to NIS)
– A DNS server (Domain Name Service)
Host Name

●
Host name configuration file /etc/hostname

$hostnamectl set-hostname server01

●
or

$hostname server01
The /etc/hosts file

● The file /etc/hosts is used to define locally-known names

27.0.0.1
27.0.0.1 localhost
localhost localhost.localdomain
localhost.localdomain The loopback address
:1
:1 localhost
localhost localhost.localdomain
localhost.localdomain
192.168.1.1
192.168.1.1 server01
server01 server01.example.com
server01.example.com

A machine may be known

by more than one name
The Domain Name System (DNS)

●
DNS (Domain Name System) implements a distributed database of
machine name to IP address mappings, encompassing all “globally
visible” machines on The Internet

●
The implementation of DNS for UNIX / Linux is called BIND
– Berkeley Internet Name Domain
– Discussed next week

●
To use DNS, all that most computers need to know is the IP address
of a single (local) DNS server; the rest is magic

●
DNS can also do reverse lookups, to map IP addresses to host names
The name service switch

● Resolvers read the file /etc/nsswitch.conf to determine which files

or services they should consult to look up machine names or other
items
●
The name service switch configures several lookup services
– Hostnames, user accounts, service names, others ...
● A typical entry in nsswitch.conf looks like this:

hosts: files dns myhostname

These entries direct the
The name of Then, resolvers to use libraries:
the “database” consult dns libnss_files,
libnss_dns,
First, look in the local Finally,
file (/etc/hosts) consult myhostname
Configuring a DNS client

●
The only DNS 'client' command-line tools are diagnostic programs
such as dig and nslookup
●
The true DNS clients are the resolver functions in the C library
– They are configured by the file /etc/resolv.conf

Specifies the IP addresses of

your 'local' DNS servers. The
resolvers will try them in
nameserver the order given. It is best to
nameserver 192.168.1.1
192.168.1.1 have more than one.
nameserver 8.8.8.8
nameserver 8.8.8.8
nameserver
nameserver 4.2.2.2
4.2.2.2
search Specifies the default domain
search disney.edu
disney.edu
to be searched if DNS is
asked to resolve a simple
name like 'sleepy'
Basic diagnostic tools

●
Basic diagnostic
tools

Testing reachability with ping

Testing name resolution with ping and dig
How did the packet get there? - traceroute
Showing TCP status with netstat -t
Showing interface statistics with netstat -i
Establishing static routes
Testing reachability with ping

● The ping command tests reachability of a remote machine

– Sends ICMP 'Echo request' packet, expects ICMP 'Echo reply”
– Reports the round-trip time

Send 2 echo requests ...

With an interval of 5 seconds ...

to this address
$ ping -c2 -i5 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=47 time=188 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=47 time=189 ms

--- 192.168.1.1 ping statistics ---

2 packets transmitted, 2 received, 0% loss, time 5000ms
rtt min/avg/max/mdev = 188.487/188.785/189.084/0.527 ms
Testing name resolution with ping and dig

● By supplying ping with a machine name instead of an IP address, you

can also test name resolution
$ ping -c1 server01 Resolved by local /etc/hosts file
PING sleepy (192.168.1.1) 56(84) bytes of data.
64 bytes from server01 (192.168.1.1): ....
Resolved by DNS
$ ping -c1 server01.example.com
PING server01.example.com (192.168.1.1) 56(84) bytes of
data.
64 bytes from server01.example.com (192.168.1.1): ....

● The command dig can be used to test DNS servers

– Very flexible tool, see man dig for details
– Here we use it to do simple name resolution:
$ dig server01.example.com
How did the packet get there? - traceroute

● The command traceroute can be used to determine the route that

an IP packet will take to reach a specific destination:
root@server01 ~]# traceroute server01.example.com

traceroute to server01.example.com (192.168.1.1), 30 hops max, 60 byte packets

1 server01 (192.168.1.1) 0.047 ms 0.014 ms 0.013 ms

Exercise: Configuring the in-class network

●
Overview: In this exercise we will perform basic configuration of the
network, assigning a hostname, a static IP address, a subnet mask
and a default gateway to each network interface.
●
We will configure our machines to do name resolution using a
combination of a local hosts file and DNS
●
We will test connectivity and name resolution on the network
●
Note: The machines are configured with a regular account called
'lpiuser' or using root user.

1. Configure your second server to have a static IP address of

192.168.1.2 and a subnet mask of 255.255.255.0 and default
gateway 192.168.1.1
2. Set the host name server02, and a domain name of example.com
 Exercise (continued)

3. Add entries to /etc/hosts to point to your second server.

192.168.1.2 server02 server02.example.com
4. Try to ping the machine by hostname, IP address and fully qualified
domain name server02.example.com
5. Verify that you can ping the first server 192.168.1.1
6. Edit the file /etc/resolv.conf and set the IP address of the DNS
server to 192.168.1.1. In the real world.
nameserver 192.168.1.1
7. Try to ping one of the machines not in your hosts file. Does name
resolution work now?
If not, use dig to help debug your resolver configuration.
Hint:- comment dns entry on /etc/resolv.conf. #nameserver 192.168.1.1
8. Examine the file /etc/sysconfig/network-scripts/ifcfg-ens33.
Edit ONBOOT=yes
Can you see the network settings you established?
Showing TCP status with netstat -t

● netstat -t shows the current state of TCP connections

– -a flag also shows endpoints listening for connections
# netstat -at
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:nfs *:* LISTEN
tcp 0 0 *:echo *:* LISTEN
tcp 0 0 *:netbios-ssn *:* LISTEN
tcp 0 0 *:sunrpc *:* LISTEN
tcp 0 0 *:x11 *:* LISTEN
tcp 0 0 localhost:smtp *:* LISTEN
tcp 0 0 localhost:32925 localhost:echo ESTABLISHED
tcp 0 0 localhost:echo localhost:32925 ESTABLISHED
tcp 0 0 localhost:725 localhost:sunrpc TIME_WAIT
tcp 0 0 *:www-http *:* LISTEN
tcp 0 0 *:ssh *:* LISTEN
Showing TCP status with netstat -t (continued)

● By default, netstat displays IP addresses as machine names, and

known port numbers as service names
– -n flag forces numeric representation instead
# netstat -nt
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:32925 127.0.0.1:7 ESTABLISHED
tcp 0 0 127.0.0.1:7 127.0.0.1:3292 ESTABLISHED

7 is the port number

of the echo service 3292 is the (arbitrary)
port number of the
client's end of the
connection
 Establishing static routes

●
“Static” (permanent) routes can be added to the routing table using
the route command
– For the two-network intranet we saw earlier in the chapter:
# route add -net 192.168.0.0 netmask 255.255.255.0 gw
192.168.1.1 dev ens33

to reach this
send via this using this network ...
gateway ... interface

Now show the updated routing table:

# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Iface
192.168.0.0 192.168.1.1 255.255.255.0 U ens33
192.168.1.0 192.168.0.254 255.255.255.0 U eth0
0.0.0.0 192.168.0.4 0.0.0.0 UG eth0
 NIC Teaming/Bonding
●
Setting up Ethernet channel bonding Ethernet channel bonding allows
you to have more than one network interface card on a computer
associated with a single IP address. There are several reasons you
might want to do this:
1- High availability Multiple NICs on the same IP address can ensure
that if one subnet goes down or one NIC breaks, the address can
still be reached on a NIC connected to another subnet.
2- Performance If there is too much network traffic to be handled by
one NIC, you can spread that traffic across multiple NICs.

/etc/sysconfig/network-scripts/ifcfg-bond0
NIC Teaming/Bonding

/etc/sysconfig/network-scripts/ifcfg-bond0

DEVICE=bond0
ONBOOT=yes
IPADDR=192.168.1.150
NETMASK=255.255.255.0
BOOTPROTO=none
BONDING_OPTS="mode=active-backup"
GATEWAY=192.168.1.1

DEVICE=eth0
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
ONBOOT=yes
NIC Teaming/Bonding config..
/etc/sysconfig/network-scripts/ifcfg-bond0

DEVICE=eth1
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
ONBOOT=yes

DEVICE=eth2
MASTER=bond0
SLAVE=yes
BOOTPROTO=none
ONBOOT=yes
Bonding-Options
1- balance-rr (mode=balance-rr): This mode is known as balance-rr (Round-robin).
It provides load balancing and fault tolerance by transmitting packets in sequential
order to each network interface in the bond.

2- active-backup (mode=active-backup): In this mode, only one network interface

is active (the primary interface), while the others remain in a standby state. If the
active interface fails, the backup interface takes over automatically.

3- balance-xor (mode=balance-xor): This mode provides load balancing and fault

tolerance. It transmits based on the selected transmit hash policy and the availability of
network interfaces.

4- broadcast (mode=broadcast): In this mode, all network interfaces in the bond

are used to transmit network traffic. It is typically used for broadcasting or when
network traffic needs to be received by all interfaces.

5- 802.3ad (mode=802.3ad): Also known as LACP (Link Aggregation Control

Protocol) mode, this mode requires a switch that supports IEEE 802.3ad dynamic link
aggregation. It provides load balancing and fault tolerance by negotiating link
aggregation with the switch.

6- balance-tlb (mode=balance-tlb): In this mode, the outgoing network traffic is

distributed between the active network interfaces based on the current load. Incoming
traffic is received by the currently active interface.

7- balance-alb (mode=balance-alb): The balance-alb (Adaptive Load Balancing)

mode provides load balancing and fault tolerance by dynamically balancing the traffic
based on the current load and the availability of network interfaces. It does not require
any special switch support.
Quiz

●
A machine needs to send an IP packet to address 192.168.9.44 from
an interface with an assigned address and subnet mask of
192.168.0.5/20. Can the packet be sent directly, or does it need to be
routed?
●
What is the name of the protocol used to convert IP addresses to MAC
addresses?
●
Which file defines the association between service names and port
numbers?
●
Name one advantage and one disadvantage of using DHCP to assign
network settings
●
Name three ways of doing name resolution
– Which file would you edit to specify the order in which these three ways
are tried?
Lesson 3: File system and storage management

File system and storage management

 File system types

File system types

●

Native linux file system formats

File system formats of other systems

Network file system formats

The xfs file system

The ext2, ext3, and ext4 file system

The virtual file system

Lab and Training Recommendations

●
The training should be begin by adding five disks on the VirtualBox
●
 Native linux file system formats

●
Linux supports many file system formats
●
ext2
–Probably the most common 'native' linux file system format
●
ext3
–Extension of ext2 to support journaling (log of changes), backwards
compatible
–Much faster to check file system consistency after a crash
●
ext4
–ext4 file system is based on the ext3 file system and features a number
of improvements
●
Xfs
–xfs - is a highly scalable, high-performance file system
-This file system is selected by default and is highly recommended
 File system formats of other systems

Linux also supports the native file systems of other operating systems
●

–Useful on dual-boot systems

●
FAT, VFAT
–Used on floppies, and Windows 95/98
●
NTFS
–Used on Windows NT, 2000, XP
–Under linux, only read access is supported reliably
HPFS
●

–Native file system of OS/2

CDROM
●

–ISO9660 with Joliet and Rockridge extensions

 Network file system formats

●
Linux can also mount file systems from remote file servers using a
number of file sharing protocols
NFS (Network File System)
●

–The native UNIX file sharing protocol, originally from Sun Microsystems
SMB (Server Message Block)
●

–Thenative Windows file sharing protocol, supported on linux by the

Samba package
The xfs file system format

• xfs - is a highly scalable, high-performance file system that supports

file systems up to 16 EiB (approximately 16 billion GiB), files up to 8
EiB (approximately 8 billion GiB), and directory structures containing
tens of millions of entries. Xfs ( from silicon graphics).

• XFS supports metadata journaling, which facilitates quicker crash

recovery. The XFS file system can also be defragmented and resized
while mounted and active.

• This file system is selected by default and is highly recommended.

• The maximum supported size of an XFS file system in Red Hat

Enterprise Linux is currently 500 TiB.

$ mkfs.xfs /dev/sda5
The ext4 file system format

• ext4 - The ext4 file system is based on the ext3 file system and
features a number of improvements.

•These include support for larger file systems and larger files, faster and
more efficient allocation of disk space, no limit on the number of
subdirectories within a directory, faster file system checking, and
more robust journaling.

•The maximum supported size of an ext4 file system in Red Hat

Enterprise Linux is currently 50 TiB.

$ mkfs.ext4 /dev/sda5
The ext3 file system format

• ext3 — The ext3 file system is based on the ext2 file system and has
one main advantage -journaling.

• Using a journaling file system reduces time spent recovering a file

system after a crash as there is no need to check the file system for
metadata consistency by running the fsck utility every time a crash
occurs.

• The maximum supported size of an ext3 file system in Red Hat

Enterprise Linux is currently 16 TiB

$ mke2fs -j /dev/sda5
 The ext2 file system format

●
ext2 — file system supports standard Unix file types, including
regular files, directories, or symbolic links.
• It provides the ability to assign long file names, up to 255 characters.
• The maximum supported size of an ext2 file system in Red Hat
Enterprise Linux is currently 16 TiB

$ mke2fs /dev/sda5
 The virtual file system

●
The linux kernel provides a virtual filesystem layer which hides the
differences between the physical filesystem layouts
–Supports standard UNIX open/close/read/write operations
–Providesillusion of UNIX filesystem semantics (e.g. rwx-style access
permissions on FAT filesystems)

Process

Virtual Filesystem Layer

FAT reiser ext2 JFS VFAT NFS SMB

Floppy Hard disk partition Network

 Partition management

Partition management
●

Naming of IDE and SCSI drives

Naming of partitions

Swap partitions

Partitioning guidelines

Partitioning examples

Creating partitions with fdisk

Creating and mounting a file system

 Naming of IDE drives

Disk drives and partitions have names in the /dev directory

●

Modern PCs are able to connect up to 4 IDE drives:

●

Primary Secondary
IDE Interface IDE Interface

Master Master
/dev/hda /dev/hdc
On a typical PC with
one hard drive and
one CD or DVD drive,
Slave Slave
the CD/DVD may be
/dev/hdb /dev/hdd
connected as hdb or
hdc
 Naming of SCSI drives

SCSI controllers can handle multiple drives

●

–They are simply named in order

SCSI controller

Note: Linux sometimes emulates

First device
other devices as SCSI devices;
/dev/sda
e.g. USB memory sticks or
digital cameras

Second device
/dev/sdb

Third device
/dev/sdc
 Naming of partitions

Originally, PCs allowed a maximum of four partitions on a hard drive

●

–To allow more, one partition can be designated an extended partition

–Multiple logical partitions can be placed within the extended partition
●
Linux numbers the primary partitions 1, 2, 3 and 4, and the logical
partitions are numbered starting at 5 (even if there are less than 4
primary partitions)
These examples are for a machine with IDE drives:
●

FIrst drives has

hda1 hda2 hda3 three primary
partitions

Second drive has

hdb1 hdb5 hdb6
hdb2 hdb7 one primary,
one extended,
and three
logical partitions
 Swap partitions

It is normal to allocate one or more partitions as swap partitions

●

–Swap partitions do not contain a filesystem

–Theyare used to increase the available virtual memory space on the
machine beyond the amount of RAM (random access memory)
How big should the swap partition be?
●

–Hard to give generic advice

–Acommon rule of thumb is to make swap twice the size of RAM for <
2G and an additional 1X RAM for any more
–Performance degrades significantly if the system does a lot of swapping
–Sincememory is relatively cheap, a better guideline might be to put
enough RAM in the machine so that it never swaps at all
–
 Partitioning guidelines

●
The simplest partitioning scheme is to put the entire file system into the
root partition
–Easy, no need to make any up-front decisions about partition sizes
●
However, there are good reasons for using more partitions
–Keeping the root partition small minimises the amount of file system
that must be intact and available for the system to boot successfully
–Partitions provide a crude way to impose disk space quotas on pieces of
the file system
–Partitions
are the “unit of administration” of the file system (e.g. Repair,
backup and restore of the file system is on a per-partition basis)
–Partitions
for “static” pieces of the filesystem (e.g. /usr) can be
mounted read-only, improving security
–If
your file system spans multiple hard drives, you necessarily have
multiple partitions
 Partitioning guidelines (continued)

Directories essential for booting must be on the root partition

●

–/bin, /sbin, /etc, /lib, ...

Other directories are candidates for being on separate partitions
●

–/usr May be mounted readonly. Suggested minimum size 2 Gbytes

–/var

–/boot On early PCs this partition needs to be within the first 1024
cylinders. Suggested minimum size 50 Mbyte.
–/home On a server, this partition may be exported to client machines
This is likely to be the largest partition
–/tmp Hard to give a specific guideline on the size but 1 Gbyte is
probably
more than enough
–/opt
 Partitioning example: dual-boot desktop machine

Small desktop machine with 20 Gbyte hard drive

●

Windows partition Linux root partition Linux swap

/dev/hda1 /dev/hda2 /dev/hda3

10 Gbytes 9.5 Gbytes 512 Mbytes

 Partitioning example: server with two hard drives

Server machine with two 80 Gbyte hard drives

●

/boot partition Linux root partition Linux swap Linux /opt partition
/dev/hda1 /dev/hda2 /dev/hda3 /dev/hda4

50 Mbytes 5 Gbyte 1 Gbyte 74 Gbyte

/home partition
/dev/hdb1

80 Gbytes – exported to clients via NFS

 Creating partitions with fdisk, gdisk
●
The command-line tool fdisk allows manipulation of the partition table
on a hard drive
–Has a rather clunky user interface
–The following slides show a typical dialog
Can be used non-interactively to list the partition table:
●

# fdisk -l /dev/sda
Disk /dev/sda: 85.9 GB, 85899345920 bytes, 167772160 sectors

Units = sectors of 1 * 512 = 512 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk label type: dos

Disk identifier: 0x0001701f

Device Boot Start End Blocks Id System

/dev/sda1 * 2048 411647 204800 83 Linux

/dev/sda2 411648 21932031 10760192 8e Linux LVM

/dev/sda3 21932032 64315391 21191680 83 Linux

 Creating partitions with parted
●
The GNU parted is a partitioning tool that works with MBR, GPT, APM,
and BSD disk labels, and other disk types.
●
You start GNU Parted much as you start fdisk; that is, by typing its
name followed by the device you want to modify, as in parted /dev/sda
to partition the /dev/sda hard drive:
To use parted to create a GPT disk, use the mklabel command
●

(parted) mklabel gpt

Then to create a new partition, use the mkpart command :
●

(parted) mkpart primary ext4 1024kb 2tb

–# parted /dev/sda
GNU Parted 3.2 (Section Omitted)

Welcome to GNU Parted! Type 'help' to view a list of commands.

(parted) print

Model: VMware, VMware Virtual S (scsi)

Number Start End Size File system Name Flags

1 1049kB 10.0GB 9999MB ext4 Linux filesystem

 Creating partitions with cfdisk

The tool cfdisk provides a slightly better interface

●
Creating partitions with fdisk

# fdisk /dev/sda
Display the existing
Command (m for help): p
partition table
Disk /dev/sda: 255 heads, 63 sectors, 3648 cylinders
Units = cylinders of 16065 * 512 bytes

Device Boot Start End Blocks Id System

/dev/sda1 * 1 784 6297448+ 83 Linux
/dev/sda2 785 850 530145 82 Linux swap

Command (m for help): n

Command action
e extended
p primary partition (1-4)
e
Create an extended partition
Partition number (1-4): 4
(sda4) spanning the whole of
First cylinder (851-3648, default 851):
the rest of the disk
Using default value 851
Last cylinder or +size or +sizeM or +sizeK (851-3648, default 3648):
Using default value 3648
 Creating partitions with fdisk (continued)

Create a logical partition

Command (m for help): n (hda5) of 500 Mbytes
Command action
l logical (5 or over)
p primary partition (1-4)
l
First cylinder (851-3648, default 851):
Using default value 851
Last cylinder or +size or +sizeM or +sizeK (851-3648, default 3648): +500M

Command (m for help): p Redisplay the partition

table to verify
Disk /dev/hda: 255 heads, 63 sectors, 3648 cylinders
Units = cylinders of 16065 * 512 bytes

Device Boot Start End Blocks Id System

/dev/hda1 * 1 784 6297448+ 83 Linux
/dev/hda2 785 850 530145 82 Linux swap
/dev/hda4 851 3648 22474935 5 Extended
/dev/hda5 851 914 514048+ 83 Linux
Creating partitions with fdisk (continued)

Finally, the new partition

Command (m for help): w table is written to the disk
The partition table has been altered! and fdisk exits
Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16:

Device or resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.

#partprobe

It is apparently necessary
to reboot to force the
kernel to use the new table
 Creating a file system

After creating a partition you need to build a filesystem on it

●

mke2fs - create an ext2/ext3/ext4 filesystem

●

For example, to build an ext3 filesystem on /dev/sda5:

●

# mke2fs -j /dev/sda3

-j specifies that a journal Specifies the inode The partition name

should be created. Without density in bytes per
this, an ext2 file system is inode. (It's usually
created OK to accept the
default)

To create an xsf file system on /dev/sda3:

●

# mkfs.xfs /dev/sda3
●
To Create an ext4 file system
# mkfs.ext4 /dev/sda5
 Mounting a file system

Our new partition must be mounted before it can be accessed

●

If necessary, create a mount point first:

●

# mkdir /media/new1
Now attach the partition to the mount point:
●

# mount /dev/sda5 /media/new1

Finally, we can copy some files onto the new partition, for example:
●

# cp -r /usr/share/man /media/new1
To unmount the partition:
●

# umount /dev/sda5 Note the command is

umount not unmount
–Or ...
# umount /media/new
 Exercise: Creating new partitions

In this exercise we will create two new disk partitions, each of 500 Mbytes, on
the free space on the hard drive. We will format one of these partitions as an
ext2 file system and the other as an ext4 file system. Create the first partition
using fdisk:

1. Log in as root

2. Enter the command:

# fdisk /dev/sda
3. At the fdisk command prompt, enter the command 'p' to show the current
partition table.
How many partitions are currently defined? _____________________________
What are the device names of these partitions? _________________________
What is the highest cylinder number on the hard drive? __________________
What is the highest cylinder number currently in use in a partition? _______
continued ...
 Exercise (continued)

4. Following the example in the notes, use fdisk to create an extended partition
(sda4) spanning the whole of the remaining free space on the disk
5. Print the partition table to verify the result.
Write down the device name of your new partition: _____________________
6. Write out the partition table and exit from fdisk
7. Back at the shell prompt, enter the command 'partprobe'.
8. After the machine has rebooted, log back in as root.
9. Following the example in the notes, create an ext2 filesystem with a journal on
the new partition.
( Be very careful not to re-format any of the other partitions. If you are in any
doubt what the device name of the new partition is, ask your instructor.)
 Exercise (continued)

Write down the command you used:

_______________________________________
11. Create a mount point called “/new1” for the new partition:

Write down the command you used: ______________________________

12. Mount the new filesystem onto the new mount point.
Write down the command you used: _____________________________
13. Run the command

# ls -a /new1
What directory exists on an empty ext2 file system? ______________________

End of exercise
 Partitioning using GUI

GNOME comes with a partitioning tool called “Disks”

●

–Start disk utility by typing disk in search show applications

–You need to create a free space using fdisk first
–
 Partitioning using GUI

●
GParted enables point-and-click partition management, including
partition moving and resizing.
$ apt-get install gparted
 Mount options and the fstab file

●
Mount options and
the fstab file
Mount options

The fstab file

Mounting removable media
 Mount options

Mount has many options. Here are a few:

●

Option Meaning
-r Mount the partition read-only
Mount a file system of the specified type (for example, ext2, ext3,
-t type iso9660, msdos, nfs, reiserfs, smbfs) Normally not necessary as mount
will figure out the file system type automatically
-a Mount all the file systems listed in /etc/fstab
-o noexec Do not allow files on this file system to be executed
-o nodev Do not allow device files to be recognised on this filesystem
-o nosuid Do not allow programs on this file system to run “set user ID”
-o ro Mount the partition read-only (same as -r)
-o remount Remount the partition (e.g. To change from read-only to read-write)

Options following -o can be combined in a comma-separated list, e.g.

●

# mount -t ext2 -o ro,nodev,noexec /dev/sda3 /data1

 The /etc/fstab file

The /etc/fstab file helps automate the mounting of file systems

●

Entries in the file serve two purposes

●

–They specify file systems to be mounted automatically at boot time

–They associate a set of mount options and a mount point with a file
system allowing it to be mounted using only a single argument to mount
$ vi
● /etc/fstab
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more
info
/dev/mapper/rhel-root / xfs defaults 0 0
UUID=82026ef6-f464-4f88-b137-a0e87feeb531 /boot xfs defaults 0 0
/dev/mapper/rhel-swap swap swap defaults 0 0
/dev/sr0 /media/cdrom0 auto defaults 0 0

Partition Mount Filesystem Mount Dump and fsck

name point type options parameters
 Mount options in the fstab file

●
The fourth field in fstab supplies options to use with the mount
command.
The noauto option
●

–Specifiesthat the file system is not to be mounted at boot time. The

purpose of such entries is to simplify the mount command. For example
with fstab as shown, either of the commands
$ mount /dev/fd0
$ mount /media/floppy
–Would be taken to mean:
$ mount -o noauto,user,sync /dev/fd0 /media/floppy
 Mounting removable media

By default, only root can mount and unmount file systems

●

–There
is a common requirement to allow non-root users to mount and
unmount removable media such as floppies, CDs and DVDs
–The user option allows ordinary users to mount and unmount this
filesystem. (Once mounted, only the user who mounted it can unmount
it)
●
Removable media allow the introduction of 'uncontrolled' files and may
carry security risks; e.g.
–A shell owned by root with the setuid bit on
–A device file entry for /dev/hda1 with mode rw-rw-rw
–Any malicious executable
There are mount options to eliminate these risks:
●

–nosuid, nodev, noexec

–The user option implies nosuid, nodev and noexec
 Mounting flash drive
●
Use fdisk -l to see the list of partitions in your system.
# fdisk -l
Disk /dev/sda: 255 heads, 63 sectors, 3648 cylinders
Units = cylinders of 16065 * 512 bytes

Device Boot Start End Blocks Id System

/dev/sda1 * 1 784 6297448+ 83 Linux
/dev/sda2 785 850 530145 82 Linux swap

●
Plug the flash drive on the virtual machine and issue fdisk -l again
# fdisk -l
Disk /dev/sda: 255 heads, 63 sectors, 3648 cylinders
Units = cylinders of 16065 * 512 bytes

Device Boot Start End Blocks Id System

/dev/sda1 * 1 784 6297448+ 83 Linux
/dev/sda2 785 850 530145 82 Linux swap

/dev/sdb1 1 7557 60653552 c FAT32

●
Now we can mount it
# mkdir /media/flashdisk
# mount -t vfat /dev/sdb1 /media/flashdisk
Exercise: Modifying /etc/fstab

1. Modify your fstab so that the two partitions you previously created are
automatically mounted onto /new1 and /new2 when the system is
booted.
2. Reboot the system to verify.
 Maintaining integrity of File Systems

●
Can run fsck to check or repair the filesystems of the target system
# fsck /dev/sda3
●

●
du displays disk usage statistics for directories
# du /etc/rc.d
Option Meaning
-c show grand total
-a show all file not just directories
-h human readable format as M (Megabytes) or G(Giga bites)
-S include subdirectories too

●
df file system info
# df /dev/sda3
Logical Volume Manager {PV, VG, and LV}
 Logical Volume Manager {PV, VG, and LV}
# pvcreate /dev/sdg ---> to create Physical Volume (pv)
# pvs
---
# vgcreate vg_app /dev/sdg ---> to create Volume Group (vg)
# vgs
---
# lvcreate -L 40G -n lv_app vg_app ---> to create Logical
Volume (lv)
# lvs
---
# mkfs.xfs /dev/vg_app/lv_app ---> to format and create file
system
# mkdir /app
# mount /dev/vg_app/lv_app /app ---> to mount the drive
# df -Th
# vi /etc/fstab ---> to permanently mount the drive it should
be record on the fstab.
 Logical Volume Manager {lvextend, vgextend}
# lvextend -L +20G /dev/vg_app/lv_app
# xfs_growfs /dev/vg_app/lv_app or # resize2fs
/dev/vg_app/lv_app – if it’s ext4 partition.
# lvs
# df -Th

Note: to extend VG, we should have poweroff the server and

add additional disk.
1. in the virtual Box disk add 100 GB additional disk
2. # lsblk -p
3. # vgextend vg_app /dev/sdh
4. # vgs
5. # lvextend -L +90G /dev/vg_app/lv_app – afte successfully
increased the Volume Group, we can resize Logical Volume.
6. # xfs_growfs /dev/vg_app/lv_app or # resize2fs
/dev/vg_app/lv_app – if it’s ext4 partition.
7. # df -Th
 Exercise: Move the disk from server to another server

1. clone server1 VM
2. on server1, add 100 GB for App Partition
3. create Volume:
# pvcreate /dev/sdb
# vgcreate vg_app /dev/sdb
# lvcreate -L 70G -n lv_dba vg_dba
# mkfs.xfs /dev/vg_dba/lv_dba
# mount /dev/vg_dba/lv_app /dba
# df -Th
4. creating sample files on the /dba
# echo "Welcome to DBA Log File" >> dba1.log
# echo "Welcome to DBA Log File" >> dba2.log
# echo "Welcome to DBA Log File" >> dba3.log
5. power off server1 and remove attached 100 GB DBA disk
from the virtual Machine --- assume this server has failed.
6. power off server2 and attached 100 GB DBA disk from the
virtual Machine.
7. Power on Server2
 Quiz

●
What is the device name for the slave IDE drive attached to the primary
IDE controller?
●
What is the device name for the first logical partition on the master IDE
drive attached to the secondary IDE controller?
●
In a long directory listing (i.e. The output of ls -l) what does it mean if
the first character on the line is a 'b'?
–In which directory might you find such an entry?
●
Give two reasons why you might prefer not to put the entire file system
of a linux system into the root partition
Assuming this line in /etc/fstab:
●

/dev/fd0 /media/floppy auto noauto,user 0 0

What do the options noauto,user mean?
 True or False?

–Linux
can read the NTFS file system format as used by Microsoft
Windows
–Microsoft windows can read the ext2 file system as used by Linux
–On an ext2 file system the inode table is expanded on demand
–Only root can mount removable media into the file system
–All
the file systems listed in /etc/fstab are automatically mounted at
boot time
Lesson 4: Process management

Process management
Outline

●
In this lesson we will learn about:

✓ Processes and process concepts

✓ Examining processes

✓ Adjusting process priority and job control

✓ Signals, orphans and zombies

Process concepts

●
Process concepts

Processes
Typical process life cycle
Processes

●
A process represents an active instance of a program
●
Some processes are started by users
●
Typing commands on a command line
●
Selecting applications from a desktop menu
●
Some processes are started automatically, usually at boot time
●
Provide system sevices e.g. file servers, print services, web servers
●
Known as “daemons”
●
At any one time, a linux system is likely to have between 50 and 500
processes
●
Linux performs pre-emptive multitasking between processes allowing
them to share resources (including CPU time) on the computer
●
Each process has a numeric identifier, called its process ID (PID)
●
Systemd has process ID 1
Examining processes

●
Examining processes

Listing processes with ps

Command line options for ps
Long process listings
Listing system processes
Listing processes with pstree
Showing process activity with top
Listing processes with ps

● The ps command lists the processes running on the system

With no arguments, ps shows

$$ ps only the processes running on
ps
PID the current terminal
PID TTY
TTY TIME
TIME CMD
CMD
3540
3540 tty1
tty1 00:00:00
00:00:00 bash
bash
3632 tty1
3632 tty1 00:00:00 ps
00:00:00 ps The command used to
$$ launch the process

The process ID. HH:MM:SS of CPU

These are allocated time used by
sequentially in the process
range 0-32767,
then wrap round The device name
to re-use available of the associated
values terminal
Command line options for ps

●
A confusing set of option flags control which processes are shown and
how much detail is shown about each process
$ps aux
●
Process selection flags include:
Flag Meaning
x List processes that have no controlling terminal
a Show processes belonging to other users
U user Show processes owned by user

●
Process detail flags include:

Flag Meaning
l Show long format (more detail)
u Show detailed “user oriented” format
e Show the process environment
f Show processes as a hierarchical tree
 “Long” process listings

●
The 'l' option provides additional detail for each process

$$ ps
ps ll
FF UID
UID PIDPID PPID
PPID PRI
PRI NI
NI VSZ
VSZ RSS
RSS WCHAN
WCHAN STAT
STAT TTY
TTY TIME
TIME COMMAND
COMMAND
00 00 3540
3540 3539 15
3539 15 0 2884 1700 wait4
0 2884 1700 wait4 SS pts/1
pts/1 0:00 /bin/bash
0:00 /bin/bash
00 00 3553
3553 2186 15
2186 15 0 2868 1648 schedu S
0 2868 1648 schedu S tty1
tty1 0:00
0:00 -bash
-bash
00 00 4107
4107 3540 19
3540 19 0 3680 1708 -
0 3680 1708 - RR pts/1
pts/1 0:00
0:00 ps ll
ps
$$

Memory
usage
ID of the Process status:
user running “NICE” value R Runnable
the process S Sleeping
Priority (lower values T Suspended
mean higher priority) Z Zombie
ID of the parent What the process
process is waiting for
ID of the process
“Long” process listings (continued)

●
The 'u' option shows a slightly different set of fields:

$$ ps
ps uu
USER
USER PID
PID %CPU
%CPU %MEM
%MEM VSZ
VSZ RSS
RSS TTY
TTY STAT
STAT START
START TIME
TIME COMMAND
COMMAND
root
root 3540 0.0 0.3 2884 1700
3540 0.0 0.3 2884 1700 pts/1 pts/1 SS 16:07
16:07 0:00 /bin/bash
0:00 /bin/bash
root
root 3553
3553 0.0
0.0 0.3
0.3 2868
2868 1648
1648 tty1
tty1 SS 16:07
16:07 0:00
0:00 -bash
-bash
root
root 4172 0.0 0.1 2668 720
4172 0.0 0.1 2668 720 pts/1 pts/1 RR 20:39
20:39 0:00
0:00 ps uu
ps
$$

Percentage of Percentage of Time (HH:MM)

CPU time this memory this when process
process is using process is using was started
Listing system processes

● The command ps ax shows all processes

This list has been
$$ ps
ps ax
ax heavily edited
PID TTY
PID TTY STAT
STAT TIME
TIME COMMAND
COMMAND
11 ?? Ss
Ss 0:02
0:02 /sbin/init
/sbin/init splash
splash
22 ?? SS 0:00 [kthreadd]
0:00 [kthreadd]
33 ?? I< 0:00 Kernel processes
I< 0:00 [rcu_gp]
[rcu_gp]
44 ?? I<
I< 0:00 [rcu_par_gp]
0:00 [rcu_par_gp]
....
....
724
724 ?? SS 0:00
0:00 /sbin/syslogd
/sbin/syslogd
727
727 ?? SS 0:00
0:00 /sbin/klogd -c
/sbin/klogd -c 11 -2
-2
1081
1081 ?? SS 0:00 /sbin/portmap
0:00 /sbin/portmap
1115 Daemons
1115 ?? SS 0:00
0:00 /sbin/rpc.statd
/sbin/rpc.statd
1278
1278 ?? SS 0:00 /usr/sbin/acpid
0:00 /usr/sbin/acpid
....
....
8432
8432 ?? SS 0:00
0:00 login
login --
-- tux
tux
8433
8433 tty1
tty1 SS 0:00 -bash
0:00 -bash
8453 tty1 RR 0:00 User processes
8453 tty1 0:00 ps
ps ax
ax
Listing processes with pstree

● The pstree command shows the parent/child relationships of

processes as a tree using “ASCII art”
$ pstree -u
systemd─┬─ModemManager───2*[{ModemManager}]

├─NetworkManager───2*[{NetworkManager}]

├─VGAuthService

├─abrt-dbus───3*[{abrt-dbus}]

├─2*[abrt-watch-log]

├─abrtd

├─accounts-daemon───2*[{accounts-daemon}]

├─alsactl

├─at-spi-bus-laun─┬─dbus-daemon───{dbus-daemon}

│ └─3*[{at-spi-bus-laun}]

├─at-spi2-registr───2*[{at-spi2-registr}]
To list processes we can use glances

● # dnf install glances

Exploring sysstatMonitoring (System Status)

• # dnf install sysstat

• The sysstat package contains the sar, sadf, mpstat, iostat, tapestat, pidstat,
cifsiostat tools for Linux.
• sar is the system activity reporter utility.
• sadf is the system activity data formatter that displays data collected by sar in
multiple formats (CSV, XML, etc.)
• iostat is the input/output statistics utility that displays CPU utilization and disk
I/O statistics.
• tapestat displays tape and tape drive statistics.
• mpstat is the multi-processor statistics utility that displays global and per-
processor statistics.
• pidstat reports statistics for Linux processes by process ID.
• cifsiostat is the CIFS (Samba/SMB) I/O statistics utility.
• Note: The sar utility is the most used of the sysstat suite of commands.
Showing process activity with top

● The top command shows a real-time display of process activity which

automatically updates at regular intervals
– Shows the 'top' screenful of processes sorted on a selected column
●
%CPU, %Memory, etc.
– Interactive commands allow
●
selection of whose processes to show
●
selection of which field to sort on
●
selection of refresh interval
●
killing of processes
– 'h' command shows help screen, 'q' quits
An example of top
 An example of atop and htop

●
We can install atop and htop command to
view the system view
# Dnf install atop htop
Exercise: Using ps and top

1. Use an appropriate ps command to find the process that is running

the daemon 'syslogd'
– What is the process ID? ____________________________
– Who owns this process? ___________________________
– What is the process ID of its parent? _______________
– Hint: use grep to search the output of ps for the process you want
2. Run the top command
– How long has the system been up? ____________________
– What is the total amount of memory in the machine? _________________
– How much memory is linux using? ____________________
– Using the help screen as a guide, sort the top listing on (a) the process ID
and (b) the %CPU utilisation of the processes
Process priority and job control

●
Process priority and
job control

Adjusting process priority

Job control in the shell
Adjusting process priority

●
Process priorities are adjusted dynamically and cannot be set
explicitly
● The nice command adjusts the 'nice' level of a process which affects
its dynamic priority
●
Nice values range from -20 (highest priority) to +19 (lowest priority)
$ nice -7 firefox
●
Only root can start a process with negative niceness (nastiness?)
● The renice command adjusts the nice level of a running process
$ renice +1 -u lpiuser All processes owned by lpiuser
$ renice -2 1712 Process 1712 only
Job control in the shell

●
The bash shell is able to manage multiple jobs
●
Jobs can be started in the foreground – shell waits for it to finish
●
Jobs can be started in the background by appending '&' to the command –
shell prompts for another command immediately
●
The following job control commands are available:
jobs Lists the current jobs
^Z Stop (pause) the current foreground job
bg Restart a foreground job in the background
fg Bring a background job into the foreground
kill Terminate a job by job number and process by process ID
pkill Terminate a process by name
Job control in the shell (continued)

$$ sleep
sleep 120
120 && Job started in background
[1]
[1] 3197
3197 Shell reports job number and PID
$$ sleep
sleep 180
180 &&
[2]
[2] 3198
3198
$$ jobs
jobs
[1]-
[1]- Running
Running sleep
sleep
[2]+
[2]+ Running
Running sleep
sleep &&
$$ fg '+' indicates the current
fg job
Bring current job
sleep
sleep into foreground
[2]+ Stopped ^Z stops (pauses)
sleep the current job
[2]+ Stopped sleep
$$ kill
kill %1
%1
$$ fg
fg '%1' means job number 1
sleep
sleep
^C terminates the
[1]
[1] Terminated
Terminated xclock
foreground
xclock -update
job-update 11
Shell reports
termination of job 1
 Exercise: Using job control

● The program sleep (a standard tool) simply sleeps for a specified

number of seconds, then exits
$ sleep 10 10 seconds later
$
●
We will use these two programs to investigate background processes
and the use of 'nice' values
Exercise: Using job control (continued)

1. Start 2 instances of sleep 150 and 300 all in the background

2. List your background jobs with the jobs command
– What are their job numbers and process ids? _________________________
3. Wait 20 seconds
4. Re-run the jobs command.
– How many jobs are there now? ________
– When does the shell notify you that a background job is done? ________
5. Run the command ps u
– What are the PIDs of the two instances of sleep? ______________________
– What percentage of CPU time are these processes using? _____________
6. Kill both background jobs using kill and the job numbers
Signals, orphans and zombies

●
Signals, orphans and zombies

Sending signals
Signal types
Signal handlers
Orphan processes
Zombie processes
Getting rid of zombies
Sending signals
●
Signals are software interrupts delivered to a process by the kernel
– Linux defines over 30 signal types, kill -l will give the full list
●
Some signals can be generated by the terminal driver in response to
specific key combinations
– This only works for programs running in the foreground
^C Send SIGINT signal
^\ Send SIGQUIT signal
●
If a program is not running in the foreground, or has no attached
terminal, signals can be delivered using the kill command:
$ kill -15 4321
$ kill -SIGTERM 4321
Signals can only be sent to a process
$ kill 4321
by its owner (or by root)
● The killall command is similar but specifies
SIGTERM processes
is the default by by
type sent name
kill
$ killall -SIGHUP xinetd
● Manual page
$man 7 signal
Command man 7 signal lists signal types

Signal Default
Number Description
Name Handling
Most shells send this signal to all
Kill
1 SIGHUP child processes when they
process
terminate
Sent by terminal driver in response
Kill
2 SIGINT to ^C. Intended as a graceful
process
termination
Kill
Sent by terminal driver in response process
3 SIGQUIT
to ^\ and write
core dump
This signal cannot be caught or Kill
9 SIGKILL
ignored process
This is the default signal sent by Kill
15 SIGTERM
the kill command process
Causes a stopped or traced process Continue
18 SIGCONT
to continue process
Signal handlers

●
A process can elect how it wants to react on receipt of a signal by
nominating a handler for that signal type
– A function that will be called when the signal is delivered
– Within a shell script, the trap command defines signal handlers
●
If a handler is not specified, each signal type has a default behaviour
– For most signals, the default is to kill the process
– For some signals, the default is to ignore the signal
●
Signals 9 (SIGKILL) and 19 (SIGSTOP) cannot be caught or ignored
– Use SIGKILL as a last resort – the program has no opportunity to clean up
●
Some programs respond to a signal by re-reading their config file
– The SIGHUP signal is conventionally used for this
– Allows services to be re-configured on the fly without stopping them
Orphan processes

●
Sometimes, a parent process exits without waiting for its child(ren) to
finish
– Any children are automatically inherited by the init process

fork()
fork()
init
fork()
process

exit()
orphan

wait() exit()
Zombie processes

●
Occasionally, a parent process will not wait for its children but will
block on some other event
●
Processes that exit when no process is waiting for them become
'zombies'
– Cannot be laid to rest as they want to pass back their exit status
– Marked as <defunct> in a ps listing
– In the worst case, zombies accumulate and fill the process table so that
no more processes can be started
●
The way to get rid of zombies is to kill their parent
– The zombies will then be inherited by init
●
Zombies are generally a result of bad program design
Getting rid of zombies

Killing the parent will

usually eliminate the
zombies
$ ps l
F UID PID PPID STAT TTY TIME COMMAND
0 500 2359 2358 S pts/1 0:00 /bin/bash
0 500 3705 3704 S pts/2 0:00 /bin/bash
0 500 3766 2358 S pts/3 0:00 /bin/bash
0 500 3876 2359 S pts/1 0:00 ./myprog
0 500 3877 3876 Z pts/1 0:00 [myprog] <defunct>
0 500 3878 3876 Z pts/1 0:00 [myprog] <defunct>
0 500 3879 3876 Z pts/1 0:00 [myprog] <defunct>
0 500 3882 3876 Z pts/1 0:00 [myprog] <defunct>
0 500 3883 2359 R pts/1 0:00 ps l

Notice that the zombies

have a common parent
Quiz

●
Name four programs that allow you to display a list of processes
●
Describe the circumstances that lead to the formation of zombies
●
Which type of signal cannot be caught or ignored?
●
Which type of signal is sent by the terminal driver in response to ^C?
● Explain the difference between the commands kill 1 and kill %1
● In the output from ps l, what does an 'R' in the STAT column mean?
●
True or false?
– The ps command can display the processes running on a remote machine
– A program's priority can be set to a fixed level using the bash shell
– The command kill 1234 sends a SIGTERM signal to process 1234
– The top command can order processes based on %CPU utilisation
Lesson 5: Backup and recovery strategies

Backup and recovery strategies

Archiving and backup tools

●
Archiving and
backup tools
Creating archives with tar
tar examples
Backing up and Restoring
Files from a tar Archive
Install from source code
Creating archives with tar

● tar (originally, “tape archiver”) is a popular tool for archiving files

●
Archives ownership, timestamps, etc. as well as a file's data
●
Options include:
Option Meaning
c Create an archive
t List the contents of an archive
x Extract files from an archive. Files are extracted to the current directory
r Append to archive
Append to archive if file newer than copy already in archive (You must
u
specify exactly one of c, t, x, r or u)
f The following argument specifies the name of the archive
v Verbose mode: list the files being added / extracted
z Compress/uncompress the archive using gzip compression
j Compress/uncompress the archive using bz2 compression
 tar examples
● Archive the current directory, writing the archive to /tmp/foo.tar:
$ tar cf /tmp/foo.tar .
● Archive the directory /root, writing the archive (compressed) to
/tmp/root.tar and listing the files added to the archive
$ tar czvf /tmp/root.tar.gz /root
● List the files in the archive foo.tar:
$ tar tvf /tmp/foo.tar
# tar tvzf myconfig_bkp.tar.gz | grep passwd --- we can grep
from tar file
● Extract all the files from the compressed archive root.tar.gz:
$ tar xzvf /tmp/root.tar.gz
# tar xzvf myconfig_bkp.tar.gz -C /home/abebe/ -- to extract in
different location
●
Extract one file from the archive
$ tar xzvf /tmp/root.tar.gz shopping
●
Compressing an archived files
Exercise: Using tar

1. Following the examples in the notes, create two tar archives of the
files in /etc:
– The first should be called /tmp/etc.tar and should be uncompressed
– The second should be called /tmp/etc.tar.gz and should be gzipped
2. Compare the sizes of the files /tmp/etc.tar and /tmp/etc.tar.gz
– What compression factor is achieved? _____________________
3. List the files in the compressed archive and verify that the file motd is
present (hint: use grep)
4. Remove the file /etc/motd, using rm
5. Restore the file /etc/motd from the compressed archive and verify
that it is now present
●
Congratulations! You have created a tar archive and restored a file
from it.
Backing up and Restoring Files from a tar Archive

●
To backup a directory by creating a tar file
# tar czvf /tmp/etc.tar.gz /etc
●
To restore a directory content by extracting from a tar file:
# mkdir /backuptest Create target directory
# cd /backuptest
# tar xzvf /tmp/etc.tar.gz Extract to the target
Installing from source code: the pros and cons

● If you have gcc command and related development tools installed,

it's easy to download and build from source code
– If gcc is not installed use yum install gcc command to install it from
CD.
●
Advantages
– You can install software for which no binary RPM is available
– You can get the latest version
– The same source distribution can be built on many platforms
– You have greater choice in configuring the software
●
Where the pieces will be placed in the file system
●
Which features are compiled in and which are excluded
●
Disadvantages
– You need the compiler, etc. installed
– Your system may become more difficult to maintain and upgrade,
especially if support is provided by a third party
Installing from source code: the procedure

●
Source distributions are most commonly supplied as “tarballs”
– Compressed archives built using the tar utility
● Here is the command sequence for building the net-snmp package
from source; it is very typical
● First, download the tarball net-snmp-5.1.tar.gz from a suitable
internet archive such as sourceforge.net, into /tmp (say)

$ cd ~/build Extract the archive into

some convenient directory
$ tar zxvf /tmp/net-snmp-5.1.tar.gz
$ cd netsnmp-5.1 This will probe your system and create a
$ ./configure 'makefile' suitable for building the software
on your machine
$ make
Build the software
$ make install
Install the software (usually
needs to be done as root)
Lesson 6: Cron

Automate System Administration

Tasks
Topic

●
We will learn how to use cron to run jobs at regular
intervals and to use at to run jobs at a specific time.
●
The key knowledge areas are:
– Cron Facility
– At Facility
– Cron Files
CRON, CROND & CRONTAB

●
A Cron is a time scheduled jobs on the Linux system. The
configuration template file is stored /etc/crontab
●
For any administrative tasks that have to be run regularly,
such as Back Ups and Network Services, then the cron
facility is the best way to do it.
●
The cron facility, consists of the crond daemon on Red hat
and cron on ubuntu.
●
crontabs - describing what work is to be done, when and
how frequently.
●
The daemon, which is started by systemd, wakes up every
minute and checks the crontab to determine what is to
be done.
●
Users manage crontabs using the crontab command.
CRONTAB File

●
To create a crontab, the crontab command with the (-e for
edit, -l for list ,-r for remove) option will open a text editor
where your specifications of the cron job can be specified.
#crontab [-u user] [-l | -e | -r] [file]
●
Every crontab entry will contain six fields:
●
Minute, hour, day of the month, month of the year, day of
the week and String to be executed by sh.
●
The respective ranges for the time fields are: 0-59, 0-23,
1-31 and 1-12, 0-7 (Sunday=0 or 7).
●
Start cron service
#systemctl restart cron
#systemctl enable cron
CRONTAB File

●
The basic usage of cron is to execute a job in a specific
time as shown below. This will execute the Full backup
shell script (full-backup) on 10th June 08:30 AM.
●
Please note that the time field uses 24 hours format. So,
for 8 AM use 8, and for 8 PM use 20.
30 08 10 06 * /home/ramesh/full-backup

30 – 30th Minute
08 – 08 AM
10 – 10th Day
06 – 6th Month (June)
* – Every day of the week
CRONTAB File (cont...)

●
The final field will always be interpreted as a string to
pass to the Bash
●
crontab -l -u (Display scheduled jobs by user)
●
crontab -r (Deletes scheduled jobs)
At Facility

●
Sometimes you just want to run a job once.
●
Linux provides the at command. The instructions to be
executed are read from a file specified with the -f option.
#at -f backup.sh
●
To display the time for the job to run, you can use the -v
#at -f backup.sh -v 05:45
●
Runs the script back up at 05:45
At Facility (cont...)

●
The at command also has a -q option. When used, this
option increases the nice value for the job.
●
For jobs scheduled using the at command, you can delete
them using the command with the job
●
atrm (deletes scheduled jobs using at command)
●
atq (lists scheduled jobs using at command)
Crontab Example

●
Add administrative task to crontab file
#crontab -e
*/1 * * * * echo “hello”>>~/crontest

●
Restart the cron service Administrative
#systemctl restart cron
●
Verify the scheduled task
#tail -f ~/crontest
More Examples

●
Add administrative task to crontab file
#crontab -e
*/1 * * * * ping -c 1 127.0.0.1
>>~/pingsuccess 2>>~/pingfailure
●
Restart the cron service Administrative
#systemctl restart cron
●
Verify the scheduled task

#tail -f ~/pingsuccess
at Example

●
Run administrative task using at command
#at -f pingtest.sh -v 17:48
Exercise

●
Copy pingtest.sh script and testservers.txt from flash disk
and save on /root directory.
●
Change the permission of pingtest.sh script
#chmod 777 /root/pingtest.sh
●
Add the following line in crontab
#crontab -e
*/1 * * * * /root/pingtest.sh
●
To verify run the following command
#tail -f ~/pingerr