8/8/2019 Linux Tech

1/33

The Linux Boot ProcessWhen a PC is booted it starts running a BIOS program which is a memory resident program on an EEPROMintegrated circuit. The BIOS program will eventually try to read the first sector on a booting media such as hard or floppy drive. The boot sector contains a small program that the BIOS will load and attempt to pass r

control to. This program will attempt to read the operating system from the disk and run it. LILO is the progthat Linux systems typically use to give users a choice of operating systems to run. It is usually installed in boot sector which is also called the master boot record. If the user chooses to boot Linux, LILO will attempload the Linux kernel causing the following basic events to happen:

1. LILO will have a timeout period for the user to press the TAB key. If the user does not press the TAkey before the timeout occurs, LILO will run the default operating system selected when it was instaIf the user presses the TAB key, LILO will present the user with a choice of systems to boot from baupon the labels and images as set up in the /etc/lilo.conf file that controlled the last LILO install. Thvery significant to system administrators. Let's say you have or want to install a multiple boot LinuxLinux/Windows system. Assuming you want LILO to control the boot process and you have two

versions of Linux. They are Redhat, called rhl, and Slackware, called slackw. You may set each systto mount the others. Redhat will mount Slackware on a directory called /slackw and Slackware willmount Redhat on a directory called /rhl. If you want to be able to boot both systems and install LILOfrom Redhat, you will want your /etc/lilo.conf file to be similar to the following:

boot=/dev/hdamap=/boot/mapinstall=/boot/boot.bprompttimeout=50default=rhlimage=/boot/vmlinuz # Location of kernel

label=rhl # Name of OS (for the LILO boot menu)root=/dev/hda1 # Location of root partitionread-only # Mount read only

image=/slackw/vmlinuz # Location of kernellabel=slackw # Name of OS (for the LILO boot menu)root=/dev/hda2 # Location of root partitionread-only # Mount read only

Note that the Slackware kernel is located on the subdirectory /slackw which is where the Slackware operatinsystem is installed on the Redhat system. Also be aware that the root locations may vary from system to sysbased upon the system configuration. The administrator will type "lilo" on the command line to install LILOsetting the configuration file up. If doing the same thing from the Slackware system, the configuration file w

be as follows:

boot=/dev/hdamap=/boot/mapinstall=/boot/boot.bprompttimeout=50default=rhlimage=/rhl/boot/vmlinuz # Location of kernel

label=rhl # Name of OS (for the LILO boot menu)root=/dev/hda1 # Location of root partition

8/8/2019 Linux Tech

2/33

read-only # Mount read onlyimage=/vmlinuz # Location of kernel

label=slackw # Name of OS (for the LILO boot menu)root=/dev/hda2 # Location of root partitionread-only # Mount read only

Since the Linux kernel is installed compressed, containing a small program to de-compress itself, it

uncompress itself. If the kernel recognizes that the system has a video card which supports some special text modes (su

100 columns by 40 rows), Linux may ask which mode to use. The video mode and other options canspecified either during the kernel compilation or with LILO or the rdev program. Therefore the videcan be preset, so the user is never asked.

The kernel checks the hardware (hard disks, floppies, network adapters, etc), and configures some odevice drivers, while outputting messages about its findings. See an example boot output below:

LILO boot:Loading linux.Console: colour VGA+ 80x25, 6 virtual consolesCalibrating delay loop... 166.71 BogoMIPS

Memory: 62720k/65536k available (1008k kernel code, 412k reserved, 1052k data, 64K iniChecking if this processor honors the WP bit even in supervisor mode... OK.Buffer-cache hash table entries: 65536 (order: 9, 2097152 bytes)Page-cache hash table entries: 16384 (order: 4, 65536 bytes)VFS: Diskquotas version dquot_6.4.0 initializedCPU: Cyrix 6x86MX 2.5 Core/Bus Clock stepping 06Checking 386/387 coupling... OK, FPU using exception 16 error reportingChecking 'htl' instruction... OK.POSIX conformance testing by UNIFIXmtrr: v1.35a (19990819) Richard Gooch (rgooch@atmf.csiro.au)PCI: PCI BIOS revision 2.10 entry at 0xbf0a0PCI: Using configuration type 1PCI: Probing PCI hardware

Linux NET4.0 for Linux 2.2Based upon Swansea University Computer Society NET3.039NET4: Unix domain sockets 1.0 for Linux NET4.0NET4: Linux TCP/IP 1.0 for NET4.0IP Protocols: ICMP, UDP, TCP, IGMPTCP: Hash tables configured (ehash 65536 bhash 65536)Initializing RT netlink socketStarting Kswapd v 1.5Detected PS/2 Mouse Port.Serial driver version 4.27 with MANY_PORTS MULTIPORT SHARE_IRQ enabledttyS00 at 0x03f8 (irq = 4) is a 16550AttyS01 at 0x02f8 (irq = 3) is a 16550Apty: 256 Unix98 ptys configuredapm: BIOS version 1.2 Flags 0x07 (Driver version 1.9)

Real Time Clock Driver v1.09RAM disk driver initialized: 16 RAM disks of 4096K sizePIIX4: IDE controller on PCI bus 00 dev 39PIIX4: not 100%native mode: will probe irqs later

ide0: BM-DMA at 0xf000-0xf007, BIOS settings: hda:pio, hdb:pioide1: BM-DMA at 0xf008-0xf00f, BIOS settings: hdc:pio, hdd:pio

hda: ST36422A, ATA DISK drivehdb: ST36422A, ATA DISK drivehdd: FX240S, ATAPI CDROM driveide0 at 0x1f0-0x1f7,0x3f6 on irq 14ide1 at 0x170-0x177,0x376 on irq 15

8/8/2019 Linux Tech

3/33

hda: ST36422A, 6103MB w/256kB Cache, CHS=778/255/63hdb: ST36422A, 6103MB w/256kB Cache, CHS=778/255/63hdd: ATAPI 24X CD-ROM drive, 256kB CacheUniform CDROM driver Revision: 2.56Floppy drive(s): fd0 is 1.44MFDC 0 is a post-1991 82077md driver 0.90 MAX_MD_DEVS=256, MAX_REAL=12raid5: measuring checksumming speed

raid5: MMX detected, trying high speed MMX checksum routinespII_MMX : 252.222 MB/secp5_MMX : 291.084 MB/sec8regs : 176.403 MB/sec32regs : 116.967 MB/sec

using fastest function: p5_mmx (291.084 MB/sec)scsi : 0 hosts.scsi : detected totalmd.c sizeof(mdp_super_t) = 4096Pattition check:hda: hda1 hda2 hda3 hda4hdb: hdb1

RAMDISK: Compressed image found at block )

autodetecting RAID arraysautorun ...... autorun DONE.VFS: Mounted root (ext2 filesystem) readonly.change_root: old root has d_count=1Trying to unmount old root ... okayFreeing unused kernel memory: 64k freedAdding Swap: 128516k swap-space (priority -1)3c59x.c:v0.99H 11/17/98 Donald Becker http://cesdis.gsfc.nasa.gov/linux/drivers/vortexeth0: 3Com 3c905B Cyclone 100baseTx at 0x6800, 00:10:4b:ca:db:a1, IRQ 108K byte-wide RAM 5:3 Rx:Tx split, autoselect/Auto negotiate interface.MII transceiver found at address 24, status 786d.MII transceiver found at address 0, status 786d.Enabling bus-master transmits and whole-frame receives.

eth1: 3Com 3c905B Cyclone 100baseTx at 0x6c00, 00:10:4b:ca:db:b5, IRQ 118K byte-wide RAM 5:3 Rx:Tx split, autoselect/Auto negotiate interface.MII transceiver found at address 24, status 7849.MII transceiver found at address 0, status 7849.Enabling bus-master transmits and whole-frame receives.

Installing knfsd (copyright (C) 1996 okir@monad.swb.de).nfsd_fh_init : initialized fhcache, entries=1024NET4: Linux IPX 0.38 for NET4.0IPX Portions Copyright (c) 1995 Caldera, Inc.

The text varies on different systems, depending on the system hardware, the version of Linux being used, anconfiguration.

The kernel will try to mount the root filesystem. The location of the filesystem is configurable atcompilation time, with the rdev program, or with LILO. The filesystem type is detected automaticalmounting the root filesystem fails, the kernel will panic and halt the system. The root filesystem is umounted read-only so that the filesystem can be checked while it is mounted. This feature can also bmodified using the rdev program. It is not advised to check a filesystem already mounted as read-wr

The kernel starts the program "init" which becomes process number 1. Init will start the rest of the s

8/8/2019 Linux Tech

4/33

Unixcommand line programs and builtins (more)

File systemcatcdchmodchownchgrpcksumcmpcpdddudffsckfuserlnlslsattrlsofmkdir mountmvpwdrmrmdirsplittouch umask

Processes

atchrootcronexitkillkillallnicepgreppidofpkillpspstreesleep

timetopwait

Userenvironment

envfingeridlognamemesgpasswdsusudouptimewwallwhowhoamiwrite

Text processingawkcommcsplitcutedexfmtheadiconvjoinlessmorepastesedsortstringstalktailtruniqviwcxargs

Shellprogramming

aliasbasenamedirnameechoexprfalseprintftesttrueunset

Networking inetdhostifconfignetstatnslookuppingrloginnetcattraceroute

Searching findgreplocatewhereiswhich

Miscellaneousaproposbannerbccalcleardateddfilehelphistoryinfolplprmanpaxsizeteetputtypeunamewhatisyes

Linux Start up and Run Levels

The Init Program

As seen in the previous section, the kernel will start a program called init, if it finds it. The init process readfile "/etc/inittab" and uses this file to determine how to create processes. Read the init man page for moreinformation. Also note that init is always running and can dynamically do things and run processes based upvarious signals. The administrator can also cause it to dynamically change system processes and runlevels busing the telinit program or editing the "/etc/inittab" file.

Runlevels

Linux utilizes what is called "runlevels". A runlevel is a software configuration of the system that allows on

selected group of processes to exist. Init can run the system in one of eight runlevels. These runlevels are 0-and S or s. The system runs in only one of these runlevels at a time. Typically these runlevels are used fordifferent purposes. Runlevels 0, 1, and 6 are reserved. For Redhat Linux version 6, the runlevels are:

0 - halt

1 - Single user mode

2 -Multiuser, without NFS (The same as 3, if you don't havenetworking)

3 - Full multiuser mode

http://wiki/Unixhttp://wiki/Command_linehttp://wiki/Command_linehttp://wiki/Shell_builtinhttp://wiki/List_of_Unix_utilitieshttp://wiki/Cat_(Unix)http://wiki/Cd_(command)http://wiki/Chmodhttp://wiki/Chmodhttp://wiki/Chownhttp://wiki/Chgrphttp://wiki/Cksumhttp://wiki/Cksumhttp://wiki/Cmp_(Unix)http://wiki/Cp_(Unix)http://wiki/Dd_(Unix)http://wiki/Du_(Unix)http://wiki/Df_(Unix)http://wiki/Fsckhttp://wiki/Fuser_(Unix)http://wiki/Ln_(Unix)http://wiki/Lshttp://wiki/Lsattrhttp://wiki/Lsofhttp://wiki/Mkdirhttp://wiki/Mount_(Unix)http://wiki/Mount_(Unix)http://wiki/Mvhttp://wiki/Pwdhttp://wiki/Pwdhttp://wiki/Rm_(Unix)http://wiki/Rmdirhttp://wiki/Rmdirhttp://wiki/Split_(Unix)http://wiki/Touch_(Unix)http://wiki/Umaskhttp://wiki/Umaskhttp://wiki/At_(Unix)http://wiki/Cronhttp://wiki/Exit_(command)http://wiki/Kill_(Unix)http://wiki/Killallhttp://wiki/Nice_(Unix)http://wiki/Pgrephttp://wiki/Pidofhttp://wiki/Pidofhttp://wiki/Pkillhttp://wiki/Ps_(Unix)http://wiki/Pstreehttp://wiki/Pstreehttp://wiki/Sleep_(Unix)http://wiki/Time_(Unix)http://wiki/Top_(software)http://wiki/Top_(software)http://wiki/Wait_(command)http://wiki/Envhttp://wiki/Finger_protocolhttp://wiki/Finger_protocolhttp://wiki/Id_(Unix)http://wiki/Lognamehttp://wiki/Lognamehttp://wiki/Mesghttp://wiki/Passwd_(command)http://wiki/Su_(Unix)http://wiki/Su_(Unix)http://wiki/Sudohttp://wiki/Uptimehttp://wiki/W_(Unix)http://wiki/Wall_(Unix)http://wiki/Wall_(Unix)http://wiki/Who_(Unix)http://wiki/Whoami_(command)http://wiki/Write_(Unix)http://wiki/AWKhttp://wiki/Commhttp://wiki/Csplithttp://wiki/Cut_(Unix)http://wiki/Ed_(text_editor)http://wiki/Ex_(text_editor)http://wiki/Fmt_(Unix)http://wiki/Fmt_(Unix)http://wiki/Head_(Unix)http://wiki/Iconvhttp://wiki/Iconvhttp://wiki/Join_(Unix)http://wiki/Less_(Unix)http://wiki/More_(command)http://wiki/Paste_(Unix)http://wiki/Paste_(Unix)http://wiki/Paste_(Unix)http://wiki/Sedhttp://wiki/Sedhttp://wiki/Sort_(Unix)http://wiki/Strings_(Unix)http://wiki/Talk_(Unix)http://wiki/Tail_(Unix)http://wiki/Tr_(Unix)http://wiki/Tr_(Unix)http://wiki/Uniqhttp://wiki/Vihttp://wiki/Wc_(Unix)http://wiki/Wc_(Unix)http://wiki/Xargshttp://wiki/Xargshttp://wiki/Shell_(computing)#Unix_shellshttp://wiki/Alias_(command)http://wiki/Basenamehttp://wiki/Basenamehttp://wiki/Dirnamehttp://wiki/Echo_(command)http://wiki/Echo_(command)http://wiki/Echo_(command)http://wiki/Exprhttp://wiki/False_(Unix)http://wiki/False_(Unix)http://wiki/False_(Unix)http://wiki/Printfhttp://wiki/Test_(Unix)http://wiki/True_(Unix)http://wiki/True_(Unix)http://wiki/True_(Unix)http://wiki/Unsethttp://wiki/Network_utilitieshttp://wiki/Inetdhttp://wiki/Host_(Unix)http://wiki/Ifconfighttp://wiki/Netstathttp://wiki/Netstathttp://wiki/Nslookuphttp://wiki/Nslookuphttp://wiki/Pinghttp://wiki/Rloginhttp://wiki/Rloginhttp://wiki/Netcathttp://wiki/Traceroutehttp://wiki/Findhttp://wiki/Grephttp://wiki/Grephttp://wiki/Locate_(Unix)http://wiki/Whereishttp://wiki/Whereishttp://wiki/Which_(Unix)http://wiki/Apropos_(Unix)http://wiki/Banner_(Unix)http://wiki/Bc_programming_languagehttp://wiki/Cal_(Unix)http://wiki/Clear_(Unix)http://wiki/Clear_(Unix)http://wiki/Date_(Unix)http://wiki/Date_(Unix)http://wiki/Dd_(Unix)http://wiki/Dd_(Unix)http://wiki/File_(command)http://wiki/File_(command)http://wiki/Help_(command)http://wiki/History_(Unix)http://wiki/History_(Unix)http://wiki/Info_(Unix)http://wiki/Lp_(Unix)http://wiki/Lprhttp://wiki/Man_pagehttp://wiki/Man_pagehttp://wiki/Pax_(Unix)http://wiki/Size_(Unix)http://wiki/Size_(Unix)http://wiki/Tee_(command)http://wiki/Tputhttp://wiki/Type_(Unix)http://wiki/Type_(Unix)http://wiki/Unamehttp://wiki/Unamehttp://wiki/Whatishttp://wiki/Yes_(Unix)http://wiki/Unixhttp://wiki/Command_linehttp://wiki/Shell_builtinhttp://wiki/List_of_Unix_utilitieshttp://wiki/Cat_(Unix)http://wiki/Cd_(command)http://wiki/Chmodhttp://wiki/Chownhttp://wiki/Chgrphttp://wiki/Cksumhttp://wiki/Cmp_(Unix)http://wiki/Cp_(Unix)http://wiki/Dd_(Unix)http://wiki/Du_(Unix)http://wiki/Df_(Unix)http://wiki/Fsckhttp://wiki/Fuser_(Unix)http://wiki/Ln_(Unix)http://wiki/Lshttp://wiki/Lsattrhttp://wiki/Lsofhttp://wiki/Mkdirhttp://wiki/Mount_(Unix)http://wiki/Mvhttp://wiki/Pwdhttp://wiki/Rm_(Unix)http://wiki/Rmdirhttp://wiki/Split_(Unix)http://wiki/Touch_(Unix)http://wiki/Umaskhttp://wiki/At_(Unix)http://wiki/Cronhttp://wiki/Exit_(command)http://wiki/Kill_(Unix)http://wiki/Killallhttp://wiki/Nice_(Unix)http://wiki/Pgrephttp://wiki/Pidofhttp://wiki/Pkillhttp://wiki/Ps_(Unix)http://wiki/Pstreehttp://wiki/Sleep_(Unix)http://wiki/Time_(Unix)http://wiki/Top_(software)http://wiki/Wait_(command)http://wiki/Envhttp://wiki/Finger_protocolhttp://wiki/Id_(Unix)http://wiki/Lognamehttp://wiki/Mesghttp://wiki/Passwd_(command)http://wiki/Su_(Unix)http://wiki/Sudohttp://wiki/Uptimehttp://wiki/W_(Unix)http://wiki/Wall_(Unix)http://wiki/Who_(Unix)http://wiki/Whoami_(command)http://wiki/Write_(Unix)http://wiki/AWKhttp://wiki/Commhttp://wiki/Csplithttp://wiki/Cut_(Unix)http://wiki/Ed_(text_editor)http://wiki/Ex_(text_editor)http://wiki/Fmt_(Unix)http://wiki/Head_(Unix)http://wiki/Iconvhttp://wiki/Join_(Unix)http://wiki/Less_(Unix)http://wiki/More_(command)http://wiki/Paste_(Unix)http://wiki/Sedhttp://wiki/Sort_(Unix)http://wiki/Strings_(Unix)http://wiki/Talk_(Unix)http://wiki/Tail_(Unix)http://wiki/Tr_(Unix)http://wiki/Uniqhttp://wiki/Vihttp://wiki/Wc_(Unix)http://wiki/Xargshttp://wiki/Shell_(computing)#Unix_shellshttp://wiki/Alias_(command)http://wiki/Basenamehttp://wiki/Dirnamehttp://wiki/Echo_(command)http://wiki/Exprhttp://wiki/False_(Unix)http://wiki/Printfhttp://wiki/Test_(Unix)http://wiki/True_(Unix)http://wiki/Unsethttp://wiki/Network_utilitieshttp://wiki/Inetdhttp://wiki/Host_(Unix)http://wiki/Ifconfighttp://wiki/Netstathttp://wiki/Nslookuphttp://wiki/Pinghttp://wiki/Rloginhttp://wiki/Netcathttp://wiki/Traceroutehttp://wiki/Findhttp://wiki/Grephttp://wiki/Locate_(Unix)http://wiki/Whereishttp://wiki/Which_(Unix)http://wiki/Apropos_(Unix)http://wiki/Banner_(Unix)http://wiki/Bc_programming_languagehttp://wiki/Cal_(Unix)http://wiki/Clear_(Unix)http://wiki/Date_(Unix)http://wiki/Dd_(Unix)http://wiki/File_(command)http://wiki/Help_(command)http://wiki/History_(Unix)http://wiki/Info_(Unix)http://wiki/Lp_(Unix)http://wiki/Lprhttp://wiki/Man_pagehttp://wiki/Pax_(Unix)http://wiki/Size_(Unix)http://wiki/Tee_(command)http://wiki/Tputhttp://wiki/Type_(Unix)http://wiki/Unamehttp://wiki/Whatishttp://wiki/Yes_(Unix)

8/8/2019 Linux Tech

5/33

The "/etc/inittab" file tells init which runlevel to start the system at and describes the processes to be run at runlevel. An entry in the inittab file has the following format:

id:runlevels:action:process

id - A unique sequence of 1-4 characters which identifies an entry in inittab.

runlevels - Lists the runlevels for which the specified action should be taken. This field may containmultiple characters for different runlevels allowing a particular process to run at multiple runlevels. example, 123 specifies that the process should be started in runlevels 1, 2, and 3.

action - Describes which action should be taken. Valid actions are listed below

respawn - The process will be restarted whenever it terminates.

wait - The process will be started once when the specified runlevel is entered and init will waits termination.

once - The process will be executed once when the specified runlevel is entered

boot - The process will be executed during system boot. The runlevels field is ignored.

bootwait - Same as "boot" above, but init waits for its termination.

off - This does nothing.

ondemand - This process will be executed whenever the specified ondemand runlevel is calle

initdefault - Specifies the runlevel which should be entered after system boot. If none exists, will ask for a runlevel on the console. The process field is ignored.

sysinit - The process will be executed during system boot. It will be executed before any boobootwait entries. The runlevels field is ignored.

powerwait - The process will be executed when init receives the SIGPWR signal. Init will wathe process to finish before continuing.

powerfail - Same as powerwait but init does not wait for the process to complete.

powerokwait - The process will be executed when init receives the SIGPWR signal providedis a file called "/etc/powerstatus" containing the word "OK". This means that the power has c

back again. ctrlaltdel - This process is executed when init receives the SIGINT signal. This means someo

the system console has pressed the "CTRL-ALT-DEL" key combination.

kbrequest - The process will be executed when init receives a signal from the keyboard handa special key combination was pressed on the console keyboard.

process - Specifies the process to be executed. If the process starts with the '+' character, init not do utmp and wtmp accounting for that process. This is needed for gettys that insist on dotheir own utmp/wtmp housekeeping (a historic bug).

Below is an example file:

# inittab This file describes how the INIT process should set up

# the system in a certain run-level.## Author: Miquel van Smoorenburg, # Modified for RHS Linux by Marc Ewing and Donnie Barnes#

# Default runlevel. The runlevels used by RHS are:# 0 - halt (Do NOT set initdefault to this)# 1 - Single user mode# 2 - Multiuser, without NFS (The same as 3, if you do not have networ# 3 - Full multiuser mode

8/8/2019 Linux Tech

6/33

# 4 - unused# 5 - X11# 6 - reboot (Do NOT set initdefault to this)#

1) id:3:initdefault:

# System initialization.2) si::sysinit:/etc/rc.d/rc.sysinit

3) l0:0:wait:/etc/rc.d/rc 04) l1:1:wait:/etc/rc.d/rc 15) l2:2:wait:/etc/rc.d/rc 26) l3:3:wait:/etc/rc.d/rc 37) l4:4:wait:/etc/rc.d/rc 48) l5:5:wait:/etc/rc.d/rc 59) l6:6:wait:/etc/rc.d/rc 6

# Things to run in every runlevel.10) ud::once:/sbin/update

# Trap CTRL-ALT-DELETE

11) ca::ctrlaltdel:/sbin/shutdown -t3 -r now

# When our UPS tells us power has failed, assume we have a few minutes# of power left. Schedule a shutdown for 2 minutes from now.# This does, of course, assume you have powerd installed and your# UPS connected and working correctly.

12) pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Do

# If power was restored before the shutdown kicked in, cancel it.13) pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancell

# Run gettys in standard runlevels14) 1:2345:respawn:/sbin/mingetty tty1

15) 2:2345:respawn:/sbin/mingetty tty216) 3:2345:respawn:/sbin/mingetty tty317) 4:2345:respawn:/sbin/mingetty tty418) 5:2345:respawn:/sbin/mingetty tty519) 6:2345:respawn:/sbin/mingetty tty6

# Run xdm in runlevel 5# xdm is now a separate service

20) x:5:respawn:/etc/X11/prefdm -nodaemon

On the left side of the file listing, above, are added numbers to help describe lines. Those lines withonumbers are either blank or begin with a "#" which means the line is a comment. Those line number

not part of the original file and are added here for reference purposes. On line 1 above you see "id:3:initdefault:". The id is "id" which stands for initdefault. Note that it is

on all the numbered lines. The runlevel is 3 which sets the default starting runlevel to runlevel 3. Thaction is initdefault which tells init to make this runlevel the default runlevel. Note that the process fblank since it is ignored by the initdefault action.

Line 2 tells init to run the program "/etc/rc.d/rc.sysinit" during system boot, before any other process

Lines 3 through 9 tell init to run the program "/etc/rc.d/rc" for runlevels 0 through 6. Note that for eathe appropriate runlevel is passed to the "/etc/rc.d/rc" script program on the command line. For examnote on line 5 above the second field is the runlevel specifying 2. At the end of the line there is a spa

8/8/2019 Linux Tech

7/33

a 2 which allows the variable 2 to be passed on the command line to the program.

Line 10 specifies that the program "/sbin/update" will run once for every runlevel.

Line 11 sets up the program "/sbin/shutdown" to run when someone on the system console has press"CTRL-ALT-DEL" key combination.

Line 12 specifies "/sbin/shutdown" to run if the power fails. Note that there are different options pasthe command line for lines 11 and 12 although they run the same program.

Line 13 specified "/sbin/shutdown" will run if power is restored for any of runlevels 1 through 5. Lines 14 through 19 specifies the "/sbin/mingetty" program to run on 6 different terminals for runlev

through 5. This means that you can run 6 virtual terminals from your keyboard simultaneously by pr"ALT-F1" through "ALT-F6". Note pressing "ALT-F7" or above will do nothing, but the screen will change from your current terminal.

Note the order of programs to run as specified above are:

1. /etc/rc.d/rc.sysinit2. /etc/sbin/update3. /etc/rc.d/rc 3 - Note: we are running runlevel 3 here.

Therefore, the next thing that the system does is to run the rc.sysinit file, save buffers to the hard drive, thensystem script files for the requested runlevel which will start up many system and network services as explathe next section.

The Linux Login Process

After the system boots, at serial terminals or virtual terminals, the user will see a login promptsimilar to:

machinename login:

This prompt is being generated by a program, usually getty or mingetty, which is regenerated bythe init process every time a user ends a session on the console. The getty program will calllogin, and login, if successful will call the users shell. The steps of the process are:

1. The init process spawns the getty process.2. The getty process invokes the login process when the user enters their name and passes

the user name to login.3. The login process prompts the user for a password, checks it, then if there is success, theuser's shell is started. On failure the program displays an error message, ends and theninit will respawn getty.

4. The user will run their session and eventually logout. On logout, the shell program exitsand we return to step 1.

Note: This process is what happens for runlevel 3, but runlevel 5 uses some different programsto perform similar functions. These X programs are called X clients.

The init process revisited

8/8/2019 Linux Tech

8/33

These lines cause init to spawn the mingetty process on runlevels 2 through 5 for tty1 and otherterminals. To do this init will use the "fork" function to make a new copy of itself and use an"exec" function to run the mingetty program. Getty will wait for the user, then read the username.Then mingetty will invoke login with the user's name as an argument. If the password entered doesnot match for the user, init will load and run mingetty again. If the login is successful, init will usethe "exec" function to run the user's shell program. When the shell exits through the "logout"

command, init will load and run the mingetty program again (the reason for the "respawn"command in the /etc/inittab file). The file "/etc/passwd" determines the shell to be used for the userwho is logging in. This version of Linux uses the mingetty program which is a minimum gettyprogram used for virtual terminals. On some systems and normally Unix systems traditionally thegetty program is used which has more capabilities. In this section, the getty program is described,but you should be aware that many of the special features of getty will not apply to mingetty.

Note that network logins are handled differently than console logins since it is impractical to havea getty provided for each potential network login. Network logins are normally handled throughthe internet super daemon, inetd using either the telnet or rlogin communication protocol. Thetelnet daemon will invoke the login program when a session starts, then if successful, the login

program will invoke the user's shell.

Getty

Getty performs the following functions:

1. Open tty lines and set their modes2. Print the login prompt and get the user's name3. Begin a login process for the user

A detailed analysis:

1. At startup, it parses its command line, then reads it's default file, usually "/etc/conf.getty" todetermine runtime values. After setting up the "line" or virtual line, getty outputs thecontents of the "/etc/issue" file. Then getty reads the user's name and invokes login with theuser's name as an argument. While reading the user's name, getty attempts to adapt thesystem to the speed of the terminal being used, and also sets certain terminal parameters toconform with the user's login procedure. See the termio man page.

2. The tty device used by getty is determined by the argument on the command line. Thisargument is normally determined by the entry in /etc/inittab. The speed argument is a labelto an entry in the "/etc/gettydefs" file. this entry defines the initial speed and tty settings,the login prompt to be used, the final speed and tty settings and a pointer to another entry to

try if the user indicates that the speed is not correct. This is done by sending a breakcharacter.

3. Getty scans the gettydefs file looking for a matching entry to the speed. The first entry isused if no speed was given or no match was found.

4. The type argument names the type of terminal attached to the line such as 3101. The typeshould be a valid name listed in the termcap database. Getty uses this value to determinehow to clear the video display and sets the environment variable "TERM" to the contentsof this value. On most Linux systems, this value will be "linux".

5. The lined argument describes the line discipline to use on the line. The default is

8/8/2019 Linux Tech

9/33

"LDISC0".

During its startup, getty looks for the file "/etc/conf.getty.line" or "/etc/conf.getty". It reads thecontents for lines with the form "NAME=value". The name strings are listed below:

SYSTEM=name - Sets the nodename value. The default is the value returned by uname(3)

which returns your system information, usually "Linux". VERSION=string - Sets the @V parameter to the value of the string or the contents of the

file (if the string begins with "/") pointed to by the string.

LOGIN=name - The name of the login program to be run when the user enters their name.The default is /bin/login.

INIT=string - A string used to initialize the line before being used by getty

ISSUE=string - This string is typed rather than the contents of the /etc/issue file.

CLEAR=value

HANGUP=value

WAITCHAR=value

DELAY=seconds

TIMEOUT=number

CONNECT=string

WAITFOR=string

ALTLOCK=line

ALTLINE=line

RINGBACK=value

SCHED=range1 range2 range3

OFF=string

FIDO=string

EMSI=value

These commands are explained better in the getty(1m) man page.

Login

The login program will prompt for the user name if no argument is given on the command line.

If the file "/etc/nologin" exists and the user is not root, the contents of the "/etc/nologin" file areprinted to the screen and the login is terminated. If special access restrictions are specified for theuser logging in in the file "etc/usertty", the restrictions must be met or the log in will be denied and

the program syslog will log the attempt. If the user is root the login must be on a terminal listed inthe file "etc/securetty".

If the above conditions are met, the user password will be requested and then it will be checked (Ifa password is required for this username). After three unsuccessful attempts to login the responsegets very slow, and after 10 attempts, login dies. As usual all login failures will be reported by thesyslog facility. If the file ".hushlogin" exists in the user's home directory then a "quiet" login isperformed which disables checking of mail and the printing of the last login time and the messageof the day. Otherwise if the file "var/log/lastlog" exists the last login time is printed and then the

8/8/2019 Linux Tech

10/33

current login is recorded in this file. Is the current login recorded in this file if it does not alreadyexist or if the file ".hushlogin" exists? I think it does but have found no documentation that says.

At this point the login program will perform standard administrative tasks. These include:

1. Setting the UID and GID of the tty

2. Preserving the TERM environment variable if it exists.3. Preserving other environment variables if the p option is used4. The HOME, PATH, SHELL, TERM, MAIL, and LOGNAME environment variables are

set.5. The default path is set to "/usr/local/bin:/bin:/usr/bin:." for normal users and

"/sbin:/bin:/usr/sbin" for root.6. If this is not a "quiet" login, the message of the day is printed and the file with the user's

name in "/usr/spool/mail" will be checked and a message will be printed if it has non-zerolength.

7. The users shell is started. The shell is specified in the file "/etc/passwd". If it is notspecified, login will use "/bin/sh" as a default shell. This shell will be run with the user's

privileges rather than root privileges as login was run.8. If there is no directory specified for the user in "/etc/passwd", login will use "/" by defaultfor the user's home directory.

Another function that login will perform is to update the user accounting login files which are"/var/run/utmp" and "var/log/wtmp" which hold information about the amount of time users havebeen on the system along with when they logged on and off. Also the init program and getty maywrite to these files.

How login uses the /etc/passwd file:

Once the user has successfully logged in, the login program will invoke the user's shell. The loginprogram will look in the /etc/passwd file to determine which shell program to run. The /etc/passwdfile contains entries containing the complete path of the shell. A sample /etc/passwd file is listedbelow:

root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:daemon:x:2:2:daemon:/sbin:adm:x:3:4:adm:/var/adm:lp:x:4:7:lp:/var/spool/lpd:sync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdown

halt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:news:x:9:13:news:/var/spool/news:uucp:x:10:14:uucp:/var/spool/uucp:operator:x:11:0:operator:/root:games:x:12:100:games:/usr/games:gopher:x:13:30:gopher:/usr/lib/gopher-data:ftp:x:14:50:FTP User:/home/ftp:nobody:x:99:99:Nobody:/:xfs:x:100:101:X Font Server:/etc/X11/fs:/bin/falsegdm:x:42:42::/home/gdm:/bin/bash

8/8/2019 Linux Tech

11/33

postgres:x:40:233:PostgreSQL Server:/var/lib/pgsql:/bin/bashsquid:x:23:23::/var/spool/squid:/dev/nullmark:x:500:500::/home/mark:/bin/bashgeorge:x:501:501::/home/george:/bin/bash

the syntax is:

account:password:UID,GID,GECOS:directory:shell

where the fields are defined as:

account - The user's name.

password - The users encrypted passwrod or a place holding character if the system isusing shadow passwords and storing the password in the /etc/shadow file which is readableonly by root.

UID - The users numerical identification.

GID - The number of the primary group for the user.

GECOS - Usually has the full user name. This field is only for information purposes and isoptional. This information is sometimes called the user's finger information.

directory - The full path of the user's home directory.

shell - The full path and filename of the user's shell. If no value is here /bin/sh is assumed.This value can be changed with the chsh command.

The login program will use the account field to find the username and therefore get the UID of theuser. Login will also use the password (or the /etc/shadow file) to be sure the entered password is amatch. Login will look up the user's home directory and use that to set the $HOME environmentvariable. Login will use the shell field to determine what shell program (such as bash, sh, tsh, etc)to run for that user. then login will pass program control to the shell program. There is animportant difference in the control passed at this point, however! The shell program will run withthe user's privileges and not with root privileges. The programs to this point (init, getty, login)have all run with root privileges.

Files used by the login program:

/etc/nologin - This file is used to prevent users who are not root from logging into thesystem.

/etc/usertty - This file is used to impose special access restrictions on users.

/etc/securetty - Controls the terminals that the root user can login on.

.hushlogin - When this file exists in the user's home directory, it will prevent check for

mail, printing of the last login time, and the message of the day when the user logs in. /var/log/lastlog - Contains information about the last time a login was done on the system.

/etc/passwd - Contains information about the user including the ID, name, home directory,and the path to the preferred shell program. If not using shadow passwords, this file mayalso contain user passwords.

The Linux Bash Shell

8/8/2019 Linux Tech

12/33

On many Redhat distributions if the file ".bashrc" exists in the user's home directory it is run fromthe .bash_profile script. The .bashrc program will modify the path.

If the shell is not invoked by the login program, such as in single user mode (runlevel 1) bash willrun the program .bashrc in the user's home directory. This is assuming the -norc option or the-rcfile option was not passed to bash to cancel running .bashrc or use another file.

Bash behavior

Many bash commands are used in script programming. The script programming manual will givebetter insight into the use of these commands. Some noteworthy items supported by bash include:

1. Pipelines using the | symbol2. Redirection with , 3. Parameter expansion4. Environment variables - There is an extensive list.5. History - An ability to bring back previous commands using a command history list

6. Special characters for setting up the PS1 and PS2 prompt strings: \t - time

\d - date

\n - newline

\s - Shell name

\W - The current working directory

\w - The full path of the current working directory.

\u - The user name

\h - Hostname

\# - The command number of this command.

\! - The history number of the current command7. builtins - Bash supports an extensive array of builtin commands

Linux Filesystems

What happens with filesystems when the system starts

As discussed in previous sections, the LILO linux loader program will boot itself from the boot recordof a hard drive, then look for the kernel in the location specified when it was installed. The kernel willload and decompress, then look for the root filesystem in a location specified by the user when theyran the rdev program on the kernel or specified it using LILO to pass the root location as a parameterto the kernel. The kernel will then normally mount the root filesystem in readonly mode, unless it hasbeen programmed to do otherwise. Then the kernel will look for the init program and start it. The initprogram will run a series of script files which will:

1. Use the program fsck to mount the /proc filesystem.2. It will start the swap device with the swapon command.

8/8/2019 Linux Tech

13/33

1. The name of the device such as "/dev/hda1"2. The mount point. Use "/" for root. Other typical mount points are "/dos" for DOS, "swap" or

"none" for the swap partition, and "/mnt/floppy" for "/dev/fd0" (the floppy drive).3. The type of filesystem. They are: mini, ext, ext2(linux native), xiafs, msdos, hpfs, ntfs, fat32,

iso9660(CD-ROM), nfs, swap (for swap space)4. The mount options for use with the filesystem. Read the mount man page to see possible options.

ro= read only, user- allows normal users to mount the device.5. The frequency the filesystem needs to be dumped by the dump command. For ext2, normallymake it 1, for others make it 0. 0 or nothing means it is not dumped.

6. A number telling the order in which the filesystems should be checked at reboot time by the fsckprogram. Your root should be 1, others are in ascending order or 0 to not be checked.

To determine your hard drive's partitions and see what each partition holds which operating system, youmay use the fdisk program. Just make sure you don't change your disk information. You can use the 'p'command to see a list of current partitions, then you can add them to your fstab file.Note: In order for the mount to succeed, you must have created the mount point subdirectory (except forroot).

I like to install multiple copies of Linux on one computer for two reasons.

1. The second copy can serve as a backup to the first. If I totally screw up one copy of Linux, bychanging kernels, etc, I can still get to the filesystem from the other system and straighten out myproblems.

2. I can learn about other linux packages.

A typical /etc/fstab file:

/dev/hda2 / ext2 defaults 1 1/dev/hdb1 /data auto defaults 0 0

/dev/hda1 /dos vfat defaults 0 0/dev/hda3 /slackw ext2 defaults 1 2/dev/hda4 swap swap defaults 0 0/dev/cdrom /mnt/cdrom iso9660 noauto,owner,ro 0 0/dev/fd0 /mnt/floppy ext2 noauto,owner 0 0none /proc proc defaults 0 0none /dev/pts devpts gid=5,mode=620 0 0

The /proc filesystem is required for tracking processes in RAM (memory). The directories /data, /dos,and /slackw must exist or their mounts will fail. The entries for the floppy and cdrom allow them to beautomatically dismounted if they are mounted during shutdown. The noauto option in their entries, keepthese devices from being mounted at startup.

Note:You can use the fdisk utility to toggle the bootable flag (change the boot partition). This can help if youinstall an OS over linux that wipes LILO. However the OS that wiped LILO must be able to toggle thispartition to a Linux filesystem.

Programs used to manage filesystems

8/8/2019 Linux Tech

14/33

badblocks(8) - Search a device for badblocks. The command "badblocks /dev/hda" will searchthe first partition of the first IDE hard drive for badblocks.

cfdisk(8) - A partition table manipulator used to create or delete disk partitions.

dosfsck(8) - Used to check a msdos filesystem.

dumpe2fs(8) - Lists the superblock and blocks group information on the device listed. Use with acommand like "dumpe2fs /dev/hda2". The filesystem on the device must be a Linux filesystem

for this to work. fdformat(8) - Performs s lowlevel format on a floppy disk. Ex: "fdformat /dev/fd0H1440".

fdisk(8) - Used to add or remove partitions on a disk device. It modifies the partition tableentries.

fsck(8) - Used to check and/or repair a Linux filesystem. This should only be used on systemsthat are not mounted.

hdparm(8) - Used to get or set the hard disk parameters.

mkdosfs(8) - Used to create a msdos filesystem.

mke2fs(8) - Create a Linux native filesystem which is called a second extended filesystem. Thiscreates the current version of the Linux filesystem.

mkfs(8) - Used to make a Linux filesystem on a device. The command "mkfs /dev/hdb1" willcreate a Linux filesystem on the first partition of the second IDE drive.

mkswap(8) - Creates a Linux swap area on a device.

mount(8) - Used to mount a filesystem. It supports many types of filesystems.

stat(1u) - Used to print out inode information on a file. Usage: stat filename

swapoff(8) - Used to de-activate a swap partition.

swapon(8) - Used to activate a swap partition.

tune2fs(8) - Used to adjust filesystem parameters that are tunable on a Linux second extendedfilesystem. The filesystem must not be mounted write when this operation is performed. Canadjust maximum mount counts between filesystem checks, the time between filesystem checks,the amount of reserved blocks, and other parameters.

umount(8) - Unmount a filesystem.

The fsck Program

Fsck is used to check and optionally repair a damaged file system. Exit codes when all filesystems arechecked using the A option are:

0 - No errors

1 - File system errors corrected

2 - System should be rebooted

4 - File system errors left uncorrected

8 - Operational error

16 - Usage or syntax error

128 - Shared library error.

Options:

-A Check all filesystems listed in /etc/fstab in one run

-C Display completeness progress bars

8/8/2019 Linux Tech

15/33

-N Don't execute, show what would be done

-R Skip the root filesystem when checking all root filesystems

-a Automatically repair the filesystem

-r Interactively repair the filesystem

This program is actually a front end for the file system checkers fsck.ext2, fsck.minix, and fsck.msdos.

The mount and umount Command

Used to mount a filesystem. This program is used to attach a filesystem on some device to the Unixdirectory tree. The "umount" command is used to detach the filesystem. The mount command supportsthe filesystems listed below. One command syntax is:

mount [-fnrsvw] [-t fstype] [-o options] device dir

Where the device is the name of the device being mounted and dir is the name of the directory thedevice will be mounted to (mount point).

Some options:

-a - Mount all filesystems listed in the /etc/fstab file.

-F - Forks a new mount thread for each device. This option is used with the -a option.

-f - Fakes the mount since it does everything except the call to perform the mount. This optionworks to add entries in the /etc/mtab file.

-n - Does a mount without writing into the /etc/fstab file. This is needed to mount filesystemsread only.

-r - Mount the device in read only mode.

-w - Mount the device in read/write mode. This is the default setting for the mount command. -L label - Mount the filesystem with the label indicated.

-U uid - Mount the filesystem with the user ID indicated.

-t fstype - This option tells the mount command what type of filesystem is being mounted. Thetypes are listed below. It the -t option is not used or the type is specified as auto, the superblockof the device will be probed to determine the type of filesystem. If this fails, the files/etc/filesystems or /proc/filesystems will be read and all filesystems listed there will be triedexcept for proc and nfs.

The -o option allows additional options to be listed in the mount command. Some of these options are:

auto - Mount the device in the auto mode as described above. defaults - Use the default options of rw, suid, dev,exec,auto, nouser, and async.

dev - Interpret block or character special devices

exec - Allow execution of executable files

nouser - Don't allow a normal user to mount the filesystem.

rw - Allow reading and writing to/from the device.

suid - Allow set user identifier and set group identifier bits to have an effect.

8/8/2019 Linux Tech

16/33

See the mount(8) man page for more information.

Filesystems supported by mount

adfs

affs

autofs

coda

devpts - Linux swap

ext2 - Linux native partition

hfs

hpfs

iso9660 - Filesystem used on CDROM disks.

msdos - DOS based filesystem, Also called FAT or FAT16.

nfs - Network file sharing

ntfs - Filesystem for Windows NT and Windows 2000

proc - The virtual filesystem Linux uses to store parameters in memory. qnx4

romfs

smbfs

sysv - UNIX filesystem

ufs

umsdos

vfat - Enhanced 32 bit filesystem used for Windows 95 and Windows 98. Sometimes calledFAT32.

Files

/etc/fstab - The filesystem table defining devices to be mounted when the system starts.

/etc/mtab - The mount table for mounted devices.

/proc/mounts - Contains similar information as /etc/mtab.

/etc/filesystems - Can be used to set the filesystem probe order when filesystems are mountedwith the auto option. The nodev parameter is specified for filesystems that are not really locallymounted systems such as proc, devpts, and nfs systems.

/proc/filesystems - The file used to detect filesystems if the /etc/filesystems does not exist. Anexample:

ext2nodev proc

iso9660nodev autofsnodev devpts

vfatnodev ncpfs

8/8/2019 Linux Tech

17/33

The Relationship between LILO, the Kernel

and the Linux Root Filesystem

Linux LILOThe program, lilo, which resides on /sbin/lilo is a program that is used to install a boot loader ona boot media such as a hard or floppy drive. If the kernel is modified, lilo must be rerun. Theboot loader that lilo creates accesses a map of disk blocks that are in the kernel file. BIOS isused by the boot loader to load the kernel and is therefore subject to the limitations of BIOS.Therefore any disk size limitations that lilo has is usually due to the limitations of an olderBIOS. Lilo maintains a file called /boot/map by default which contains the names and locationsof the kernel(s) to boot. Typing lilo -q will list the names (which are labels in lilo.conf) in thisfile. Lilo uses the file /etc/lilo.conf to determine what files to map. Another configuration filecan be used by using the -C option with lilo. Lilo can specify a root directory for the system byusing the option -r. The default boot file to be used as the boot sector is /boot/boot.b.

There are several important functions that lilo may provide to allow a system to boot.

Specify the location of the root filesystem with a command like:

root=/dev/hda1

The rdev program can also be used to point the kernel to the root device.

Provide an initial RAM disk image for the kernel to boot from. This is necessary if the

kernel requires a device supported by a module in order to boot. The following commandsets a ram disk image. This image file is generated when the kernel is compiled.

initrd=/boot/initrd-2.2.14.img

If LILO fails when printing out "LILO", it means the following:

LIGeometry mismatch or /etc/lilo/boot.b was moved without running the mapinstaller

LIL Geometry mismatch or media (disk) failure

Geometry failure means the number of cylinders, heads, or sectors in the BIOS configuration did

not match the disk.You can use the command "hdparm g /dev/hda" to determine hard disk geometry.

Starting the Kernel

In order for the kernel to be properly started, it must be in the correct location as pointed to by thelilo boot loader program. This location is specified in the /etc/lilo.conf configuration as describedabove. Also the kernel must be properly setup after any new compile is done. The compile is done

8/8/2019 Linux Tech

18/33

from the directory /usr/src/linux. The boot image for the new kernel should be taken from the file"/usr/src/linux/arch/i386/boot/bzImage" and renamed vmlinuz or vmlinux-2.2.12-20 or whatever itis your intention to call it. Sometimes a softlink file in /boot called vmlinuz points to the kernelthat is to be run. If the copy of vmlinuz is copied from the directory /usr/src/linux, the kernel maynot load properly. Sometimes the error message states that the kernel is too large.

Loading the Root Device and rdev

Once a kernel is created, it can be further configured with the utility program called "rdev". Thisprogram is used to set the image root device, swap device, and RAM disk size. Without using rdevto set the location of the root image, the kernel would need to rely upon the lilo boot loaderprogram to tell it where it is. If this is not setup properly, you would get a message like "kernelpanic, unable to mount root device". In a kernel bootable image, there are several pairs of bytesthat specify the following characteristics. These pairs of bytes start at decimal offset 498 in thekernel image.

498 Root flags (One sets the root FS to mount in read or read-write mode)

500-502 Reserved504 RAM disk size506 Video mode508 Root device510 Boot Signature4. The swap device

To get help using rdev, type "rdev h". Below are formats for making adjustments to the kernelimage:

rdev vmlinuz /dev/hda2

Sets the kernel image named vmlinuz to mount /dev/hda2 as root

filesystem.

rdev -s vmlinuz /dev/hda3 Sets the kernel image to mount /dev/hda3 as the swap device.

rdev -r vmlinuz 627 Set the RAMDISK size in kilobytes

rdev -v vmlinuz 1Set the bootup video mode 3=ask, -2=extended VGA, -1=NormalVGA, 1=key1 as if 0 pressed at the prompt, 2=key2 as if 1 werepressed.

rdev -R vmlinuz 1Set the rootflags to read only status, a 0 would mount read-write.This means the root partition is read-only at boot time so thefilesystem can be checked before being mounted

8/8/2019 Linux Tech

19/33

Linux KernelThe best document I have ever found to explain the Linux kernel in everyday readable languageis "The Linux Kernel" by David A Rusling. Another excellent source is "A Tour of the LinuxKernel Source" by Alessandro Rubini. If you want more information, read the Linux kernel

source code. This section gives a brief synopsis of some functions performed by the Linuxkernel in an effort to help the user use the system through better understanding.

The kernel acts as a mediator for your programs and your hardware. First, it performs memorymanagement for all of the running programs, and manages the time slices of the processor'scycles that they get. It provides a portable interface for programs to talk to your hardware.

The kernels main functions:

Device drivers:Interfacing to hardware through device drivers forcharacter, block and network interface devices

Process Management:Controlling processes and the address space they haveaccess to

Allocating time slices for processes

Inter-process communication including process tonetwork card communication

Memory management: Virtual memory addressing control

Filesystem control and structuring

Networking

When the kernel is loaded, it begins in 8086 real mode. It moves parts of itself to two differentaddresses. The kernel identifies some of the hardware characteristics of the system. At this point, itmay ask the user to choose the video mode they want to run the console at. Then it moves itssystem area from an address higher up in memory to 1000 hexadecimal. Then it enters protectedmode and decompresses itself. It stores the decompressed code and data, begins execution of thedecompressed code, sets up the processors register tables for memory management, and sets upmemory paging.The following parts of the kernel are initialized:

Memory bounds are set

The traps, IRQ channels and scheduling are initialized

The command line is parsed

The device drivers and disk buffering are initialized

The delay loop, called the BogoMips number is calculated

Tests the to see if interrupt 16 works with the coprocessor

The kernel begins user mode and forks the init process.The init process tries to run the first of the following programs it can find:

/sbin/init, /etc/init, bin/init, or /bin/sh.

8/8/2019 Linux Tech

20/33

If the last is run, it forks a root shell on the first terminal.

Kernel Module Support

Most kernels (except those for floppy boot disks or small remote systems) are compiled somodular support is required.

The package modules.tar.gz contains all the programs needed to manage modules. This shouldalready be installed on most distributions. The kernel modules are usually in a directory pertinentto the kernel version in /lib/modules. Modules can be found in "lib/modules/2.2.12-20" for kernelversion 2.2.12-20. They are loadable modules ending in ".o" that are used to support the kernel.To load a module type "insmod module" where "module" is the name of the module to load. Ex:insmod /lib/modules/2.2.12-20/misc/ftape.o

Programs used to manage modules are:

insmod - Installs a loadable kernel module into the running kernel.

lsmod - Lists all the currently loaded kernel modules

rmmod - Unloads modules, Ex: rmmod ftape

depmod - Creates a dependency file, "modules.dep" in the directory "/lib/modules/x.x.x",later used by modprobe to automatically load the relevant modules.

modprobe - Used to load a module or set of modules. Loads all modules specified in thefile "modules.dep".

Modules are loaded from startup script files using "modprobe" to handle loadable modulesautomatically.

FILES:

/etc/conf.modules - A list of alias names for modules used to help determine systemrequired modules. See the man page on depmod.

modprobe -l |more Lists all the modules available for your kernel

rmmod module_name Remove a module from the kernel

Kernel parameter modification

The "sysctl" program is a tool used to modify kernel parameters, or what is actually variables anddata structures. If you type "sysctl -a |more" you will see a long list of kernel parameters. You canuse this sysctl program to modify these parameters. However, I have been unable to add newparameters.

8/8/2019 Linux Tech

21/33

Linux Dependencies on Programs and Shared

LibrariesThe operating and its binaries are currently designed to rely on shared libraries, much like

dynamically linked libraries (DLLs) in the windows environments. Therefore most binarys, suchas init, login, ls, cp, to name a few will likely use some shared library. Loadable modules areloaded into the kernel by the program "/sbin/insmod". Most libraries are in the /lib directory. Thelibncurses.so.4 library is in /usr/lib. The file "/etc/ld.so.conf" contains a list of directory locationswhere the system finds its library files. See the man page on ldconfig. The program ld.so is thedynamic linker the programs use to load and run the shared library. Librarys that contain the samemajor number are compatible with programs that require that major number, but not compatiblewith programs requiring a different major number. The file /etc/ld.so.conf contains a list ofdirectories that the linker will search to find shared library files. If you add entries to their file, usethe "ldconfig" command afterwards to regenerate the shared library cache. The environmentvariable LD_LIBRARY_PATH can add more directories to this search path. For each library there

are generally two separate files. One with a .a or .o extension is the static version, linked in atcompile time, and .so.version which is the dynamically linked version. The static files are usuallyin /usr/lib. When changing dynamic link files use "ln -sf" to change it rather than removing it andreplacing it since temporarily removing a library file may stop many functions from working.Standard libraries:

libc - standard c library

libm - Standard math library

How to determine what library a binary needs

Using the "ldd" command, type "ldd /bin/ls" to see the shared libraries used by the "ls" command.Do the same for any other binary you are interested in. This way if a binary (newly created, downloaded, etc) requires a library you can check your "lib" directory to see if it is there. If it is not,you will need to create and install it.

How to tell if a library is a.out or ELF type

Type "file library.so.x", substituting the name of your library for "library.so.x". If ELF is used theloader library "ld-linux.so" is required, and if a.out is used, "ld.so" is required.

8/8/2019 Linux Tech

22/33

The Linux sysconfig directoryThe /etc/sysconfig directory is where many of the files that control the system configuration arestored. This section lists these files and many of the optional values in the files used to makesystem changes. To get complete information on these files read the file /usr/doc/initscripts-

4.48/sysconfig.txt.

Linux System Configuration and the proc

filesystem

The /proc filesystem

The /proc filesystem is used to store many system configuration parameters. It is a virtualfilesystem that resides in the kernels memory. Some of the areas in this filesystem cannot bewritten to by the root user including /proc/sys. Much information here is based on the proc manpage. Fro more information refer to that page. Elements of the proc filesystem include:

Linux Configuration Files

System configuration files

/etc/conf.getty - Used for system parameters for the getty program. Doesn't work with themingetty program. See the section on the Login Process.

/etc/fstab - The filesystem table defining devices to be mounted when the system starts.See the section on filesystems.

/etc/inittab - The init program's configuration file. See the section on Startup andrunlevels for information on this file. /etc/filesystems - Can be used to set the filesystemprobe order when filesystems are mounted with the auto option. The nodev parameter isspecified for filesystems that are not really locally mounted systems such as proc, devpts,and nfs systems.

/etc/limits - Limits users resources when a system has shadow passwords installed.

/etc/nologin - Prevents non-root users from logging onto the system if this file exists. Seethe section on the Login Process.

/etc/securetty - Controls the terminals that the root user can login on. See the section onthe Login Process.

/etc/sysconfig/keyboard - Defines where the system will get its keymappings. See thesection on Initialization Scripts and the /etc/sysconfig directory.

8/8/2019 Linux Tech

23/33

User configuration files

.hushlogin -When this file exists in the user's home directory, it will prevent check for mail,printing of the last login time, and the message of the day when the user logs in.

.bash_profile - A script that may be run by the bash shell. See the section on the bash shell.

.bash_login - A script that may be run by the bash shell. See the section on the bash shell.

.bashrc - A script that may be run by the bash shell. See the section on the bash shell.

.profile - A script that may be run by the bash shell. See the section on the bash shell.

Linux Process managementProcess control and the ability for inter process communication is handled by the Linux kernel.

Tools for working with processes

accton - Turns process accounting on and off. Uses the file /var/log/pacct. To turn it ontype "accton /var/log/pacct". Use the command with no arguments to turn it off.

kill - Kill a process by number

killall - Send a signal to a process by name

lastcomm (1) - Display information about previous commands in reverse order. Worksonly if process accounting is on.

nice - Set process priority of new processes.

ps(1) - Used to report the status of one or more processes.

pstree(1) - Display the tree of running processes. renice(8) - Can be used to change the process priority of a currently running process.

sa(8) - Generates a summary of information about users' processes that are stored inthe /var/log/pacct file.

skill - Report process status.

snice - Report process status.

top - Displays the processes that are using the most CPU resources.

Process Scheduling

Computer time on Linux systems is allocated in jiffies. A jiffie is a microprocessor time slice. Onmost Linux systems it is 1/100 of a second. On some systems it is 1/1024 of a second. The Linuxkernel controls process scheduling. There are three types of scheduling:

1. normal - Referred to as other, this is the scheduling type set for normal programs2. FIFO - This is a real time scheduling priority. The FIFO term means the first process

started (first in) will be the first done (first out). The only time this type of process exits isif it sleeps, is rescheduled, or if it must wait on other kernel priorities to be done.

3. RR - This is a round robin type of scheduling, where each task gets a certain amount of

8/8/2019 Linux Tech

24/33

time then it must exit, yield control to the next task and get back into the task queue. This isa real time scheduling priority.

Linux processes have the following characteristics:

1. policy - normal or real time. Real time processes have a higher priority than normal

processes.2. priority - The process priority. It is a number between -20 and 19. The value of -20 is thehighest, and 19 is the lowest priority. Process priority can be set with the nice(1) commandand changed using the renice(8) command.

Inter-Process Communication

The types of inter process communication are:

1. Signals - Sent by other processes or the kernel to a specific process to indicate variousconditions.

2. Pipes - Unnamed pipes set up by the shell normally with the "|" character to route outputfrom one program to the input of another.

3. FIFOS - Named pipes operating on the basis of first data in, first data out.4. Message queues - Message queues are a mechanism set up to allow one or more processes

to write messages that can be read by one or more other processes.5. Semaphores - Counters that are used to control access to shared resources. These counters

are used as a locking mechanism to prevent more than one process from using the resourceat a time.

6. Shared memory - The mapping of a memory area to be shared by multiple processes.

Message queues, semaphores, and shared memory can be accessed by the processes if they haveaccess permission to the resource as set up by the object's creator. The process must pass anidentifier to the kernel to be able to get the access.

Signals

Linux Signals are:

Signal Name Number Description

SIGHUP 1 Hangup (POSIX)

SIGINT 2 Terminal interrupt (ANSI)

SIGQUIT 3 Terminal quit (POSIX)

SIGILL 4 Illegal instruction (ANSI)

SIGTRAP 5 Trace trap (POSIX)

SIGIOT 6 IOT Trap (4.2 BSD)

SIGBUS 7 BUS error (4.2 BSD)

SIGFPE 8 Floating point exception (ANSI)

SIGKILL 9 Kill(can't be caught or ignored) (POSIX)

8/8/2019 Linux Tech

25/33

SIGUSR1 10 User defined signal 1 (POSIX)

SIGSEGV 11 Invalid memory segment access (ANSI)

SIGUSR2 12 User defined signal 2 (POSIX)

SIGPIPE 13 Write on a pipe with no reader, Broken pipe (POSIX)

SIGALRM 14 Alarm clock (POSIX)

SIGTERM 15 Termination (ANSI)SIGSTKFLT 16 Stack fault

SIGCHLD 17 Child process has stopped or exited, changed (POSIX)

SIGCONT 18 Continue executing, if stopped (POSIX)

SIGSTOP 19 Stop executing(can't be caught or ignored) (POSIX)

SIGTSTP 20 Terminal stop signal (POSIX)

SIGTTIN 21 Background process trying to read, from TTY (POSIX)

SIGTTOU 22 Background process trying to write, to TTY (POSIX)

SIGURG 23 Urgent condition on socket (4.2 BSD)

SIGXCPU 24 CPU limit exceeded (4.2 BSD)SIGXFSZ 25 File size limit exceeded (4.2 BSD)

SIGVTALRM 26 Virtual alarm clock (4.2 BSD)

SIGPROF 27 Profiling alarm clock (4.2 BSD)

SIGWINCH 28 Window size change (4.3 BSD, Sun)

SIGIO 29 I/O now possible (4.2 BSD)

SIGPWR 30 Power failure restart (System V)

As noted above, processes can ignore, block, or catch all signals except SIGSTOP and SIGKILL.

If a process catches a signal, it means that it includes code that will take appropriate action whenthe signal is received. If the signal is not caught by the process, the kernel will take default actionfor the signal.

FIFOs

FIFOs are permanent objects and can be created using the mkfifo(1) or mknod(1) command.Inside the program, the FIFO can be created using the mknod command, then opened and readfrom or written to just like a normal file. The FIFO is normally in blocking mode when attemptingto perform read operations.

8/8/2019 Linux Tech

26/33

LINUX DevicesThe below table lists common Linux devices.

/dev/fd0 Floppy disk

/dev/hda0 IDE Hard drive 1, partition 0

/dev/hdb3 IDE Hard drive 2, partition 3

/dev/sda First SCSI hard drive

/dev/cdrom

CD ROM drive This device may be on the secondary controller as a master(/dev/hdc) or slave (/dev/hdd). In fact, your /dev/cdrom is probably actually asoftlink to one of these two devices, if you have an IDE interface. If you use SCSI,you will probably use something like /dev/sda1 or 2, etc.

/dev/mouseMay be a pointer to /dev/psaux which is the ps2 device or /dev/cua which is aserial device or /dev/ttyS0

Some Disk Devices:

primary IDE master /dev/hda

primary IDE slave /dev/hdb

secondary IDE master /dev/hdc

secondary IDE slave /dev/hdd

Linux devices are merely files used to direct output and input through. They have to be supportedby the kernel to work properly. How it exactly ties into the kernel and its modules, I am not yetsure. I do know that many devices are supported by modules such as "loop.o" for /dev/loop0..7.To add the module to the kernel, you must use the insmod command. See the section on "TheKernel", subsection "Kernel Module Support".

To make a device, type "mknod device device type major number minor number" For example,"mknod /tmp/psaux c 10 1" creates a character ps2 device with name "/dev/psaux" with majornumber 10, minor number 1. I believe there is a set numbering scheme for devices, but I'm notsure what it is. This could be how it ties into the kernel. The types of devices are:

c - character

u - unbuffered character

b - block

p - FIFO

8/8/2019 Linux Tech

27/33

Linux Services, Devices, and Deamons

Linux Startup Services:

Startup services are services run at boot time. They may be provided by daemon programsrunning in the background or are one time only programs run during the bootup to provide somefunction to the system. This section gives a brief overview of these services. This sectionoutlines those services that can be started using Redhat's linuxconf program. Not all arenecessarily daemon programs. Also it is possible to set up other startup programs, daemons, orservices that are not included in this list. There are 3 basic categories to these services.

A one time only program run at bootup to provide a function to the system such askudzu, or keytable.

A program run as a daemon upon startup that provides system services such as gpm,autofs, cron, and atd.

A program run as a daemon upon startup that provides networking services such asdhcpd, bootparamd, arpwatch, gated, and httpd.

amd Runs the automount daemon for remote filesystem mounting such as nfs.

apmd Monitors battery status and can shut down the system if power is low.

arpwatchKeeps track of ethernet IP address parings what are resolved using the ARPprotocol. This allows system administrators to note new IP addresses being used.It maintains a database in /var/arpwatch/arp.dat.

atdRuns commands scheduled by the "at" program at their scheduled times. Jobs arestored in /var/spool/at

autofs Also called the automount daemon, it is used to automatically mount filesystemson demand. It is especially worthwhile for working with removeable media suchas floppies or CD ROM disks.

bootparamd

Allows remote computers to boot from a Linux box using the BOOTP networkprotocol. This allows the remote computer to get its IP address if the serverknows the hardware address of the remote machine. The DHCP protocol is anupgrade to this protocol since it is more automated.

crondA daeman that executes scheduled commands according to the /etc/crontab file.It can be used to clean up temporary files in /tmp and /var/tmp and other places.

dhcpd Provides DHCP services to "lease" out IP addresses to remote machines.

firewall

gatedProvides routing services for BGP and other protocols. Alternative to routed.Supports IGP (Interior gateway protocol) and EGP (Exterior Gateway Protocol).

gpm Provides mouse support to Linux.

httpd The Apache hypertext transfer protocol Web server.

identdServer implementing the TCP/IP proposed standard IDENT user identificationprotocol in RFC 1413. It returns user information to a remote host that a user isrequesting a service from. Also called auth.

inetThe internet super daemon (inetd) that provides all the services specified in/etc/inetd.conf.

8/8/2019 Linux Tech

28/33

Linux Deamons

This section gives a brief overview of miscellaneous daemons (not covered in the paragraph on services)running on the system and their function.

init

The first process to start after the kernel. It controls the system runlevel and

adapts any child whose parent dies.

nmbdResponds to netbios name service requests for Samba works in conjunctionwith Samba which is why it is not mentioned under startup services..

update (kupdate)Does a sync every 30 seconds. A sync is an updating of memory pages, orvirtual memory pages that have been changed, but not saved to the swap disk

bdflush (kflushd) Started by update - does a more imperfect sync more frequently

(kpiod)

(kswapd)

getty Listens for connections at terminals

8/8/2019 Linux Tech

29/33

Linux Network ServicesNetwork services can be started and run through the system startup scripts as its own stand alone daemon.However to conserve system resources and make it easier to manage services, the inetd (internet superdaemon) program is used to run various services such as ftp and telnet. Services such as httpd (web server)

are run without inetd since performance is the major concern with this service and not security.

inetd

The inet daemon acts as a network super server providing several networking services such as:

auth - identd - This is a server that returns user information to a remote host that a user is requestinga service from. If it is running on your system, it allows the remote host to acquire your user name.It is not used for login and user authentification. It is described in RFC 1413. The daemon calledidentd provides this service, and its configuration file is /etc/identd.conf. For client side use of auth,

you should be able to turn on user authentification on servers such as your telnetd server with theoption "-a user" option. See the telnetd man page for more information.

bootps - bootpd - A server that allows remote clients to get their IP addresses from a bootp serverusing the bootp network protocol. This involves the server having a /etc/bootptab file containinghardware addresses and associated IP addresses for each computer to be serviced.

Telnet - A protocol used to open user sessions from remote sites.

Ftp - File transport protocol. Allows users to transport files between remote sites.

tftp - in.tftp - Trivial file transport protocol. A way for users to transfer files to/from remotemachines without logging in. Normally this transfer is limited to specific areas and is normally usedfor transporting files to clients which are needed for remote booting.

finger - in.fingerd - Allows users to get information about users currently logged in on the local

system or remote systems. exec - in.rexecd - Remote execution server allows remote users to execute commands on the system

provided they have proper authorization using their name and password.

rsh - in.rshd - Remote shell, Used to execute commands on a remote host

rlogin (login) - in.rlogind - An older method of opening remote sessions, being replaced by telnet.

talk - in.talkd - A communication program that allows two users to talk by copying lines from oneuser's terminal to the other.

comsat A server that notifies users when they have received mail. The biff program is used to turncomsat service on and off for each user.

pop-2 - ipop2d - Supports POP2 remote mail access protocol.

pop-3 -ipop3d - Supports POP3 remote mail access protocol.

imap - imapd - Supports the IMAP4rev1 remote mail access protocol which is more powerful thanPOP3. See RFC 2060.

uucp - uucico - The daemon that processes Unix to Unix copy (UUCP) file transfer requests thatwere queued by uucp or uux.

netstat - Displays network connections, routing tables, and other networking information about asystem.

swat - A Samba web administration tool allowing the administrator to configure the /etc/smb.conffile using a web browser.

Trivial internal services used for testing

8/8/2019 Linux Tech

30/33

The inetd daemon is configured by modifying the /etc/inetd.conf file. The format of each line is as follows:

1. service name - The name of a valid service in the file /etc/services which is the first entry on eachrespective line. If the service is a Sun-RPC service it is specified in the file /etc/rpc.

2. Socket type - The choices are stream, dgram, raw, rdm (reliably delivered message), or seqpacket(sequenced packet socket).

3. protocol - A protocol listed in /etc/protocols which is some type of network protocol such as IP, ICMP,TCP, UDP, etc.4. flags - wait/nowait[.max] - Wait applies to datagram sockets only. All other socket types should have

the "nowait" option in this entry. Nowait entries are used for multithreaded servers which free theirsockets after each request so it can continue receiving more requests on the same socket. The tftpddaemon should have this option set to "wait". The suffix ".max" specifies the maximum number ofserver instances that can be spawned within 1 minute. The default value is 40.

5. user[.group] - The name of the user the server will run as. If the user name is listed as"usernam.group1" the server can run with a different group ID than the one specified in the passwordfile for that user.

6. Server program - The path and name of the program to be executed when the request is found on the

socket.7. Server program arguments - Command line arguments to the server program being run.

A typical inetd.conf file is listed below:

# inetd.conf This file describes the services that will be available# through the INETD TCP/IP super server. To re-configure# the running INETD process, edit this file, then send the# INETD process a SIGHUP signal.

#echo stream tcp nowait root internal#echo dgram udp wait root internal

#discard stream tcp nowait root internal#discard dgram udp wait root internal#daytime stream tcp nowait root internal#daytime dgram udp wait root internal#chargen stream tcp nowait root internal#chargen dgram udp wait root internal#time stream tcp nowait root internal#time dgram udp wait root internal

# These are standard services.

ftp stream tcp nowait root /usr/sbin/tcpd in.ftpd -l -atelnet stream tcp nowait root /usr/sbin/tcpd in.telnetd

# Shell, login, exec, comsat and talk are BSD protocols.

shell stream tcp nowait root /usr/sbin/tcpd in.rshdlogin stream tcp nowait root /usr/sbin/tcpd in.rlogind#exec stream tcp nowait root /usr/sbin/tcpd in.rexecd#comsat dgram udp wait root /usr/sbin/tcpd in.comsattalk dgram udp wait nobody.tty /usr/sbin/tcpd in.talkdntalk dgram udp wait nobody.tty /usr/sbin/tcpd in.ntalkd#dtalk stream tcp wait nobody.tty /usr/sbin/tcpd in.dtalkd

8/8/2019 Linux Tech

31/33

# Pop and imap mail services et al

#pop-2 stream tcp nowait root /usr/sbin/tcpd ipop2d#pop-3 stream tcp nowait root /usr/sbin/tcpd ipop3d#imap stream tcp nowait root /usr/sbin/tcpd imapd

# The Internet UUCP service.

#uucp stream tcp nowait uucp /usr/sbin/tcpd /usr/lib/uucp/uucico -l

# Tftp service is provided primarily for booting. Most sites# run this only on machines acting as "boot servers." Do not un comment# this unless you *need* it.

tftp dgram udp wait root /usr/sbin/tcpd in.tftpd /tftpboot#bootps dgram udp wait root /usr/sbin/tcpd bootpd

# Finger, systat and netstat give out user information which may be# valuable to potential "system crackers." Many sites choose to disable# some or all of these services to improve security.

finger stream tcp nowait nobody /usr/sbin/tcpd in.fingerd#cfinger stream tcp nowait root /usr/sbin/tcpd in.cfingerd#systat stream tcp nowait guest /usr/sbin/tcpd /bin/ps -auwwx#netstat stream tcp nowait guest /usr/sbin/tcpd /bin/netstat -f inet

# Authentication

auth stream tcp wait root /usr/sbin/in.identd in.identd -e -o

# End of inetd.conf

linuxconf stream tcp wait root /bin/linuxconf linuxconf --http#swat stream tcp nowait.400 root /usr/sbin/swat swat

The tcp wrapper daemon

The purpose of the TCP wrapper daemon is to monitor requests and allow or deny service based onconfiguration. The tcpd wrapper daemon provides an extra level of protection to network services. Toimplement the tcp wrapper in the services provided by inetd, the /etc/inetd.conf file must be modified to trickinetd into running tcpd rather than the actual service. The standard way of doing this is to convert a line suchas:

telnet stream tcp nowait root /usr/sbin/in.telnetd

to:

telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd

Files:hosts_access, hosts.allow, hosts.deny

8/8/2019 Linux Tech

32/33

Other Network Services

Network services that do not need to use inetd are described in the section on the Daemons and Services.They are listed below:

arpwatch, bootparamd, dhcpd, gated, httpd, identd (auth), innd, ldap, mars-nwe (netware), mcserv, named,

nfs, nfslock, portmap, postgresql, pulse, pxe, routed, rstatd, rusersd, rwalld, rwhod, sendmail, smb, snmpd,squid, xfs, xntpd, ypbind, yppasswd, ypserv.

There are many other networking services the system can provide, including packet firewall and routingservices that can be provided by the kernel using other tools to configure them. Also other important servicessuch as virtual private networking (VPN) and many others can be run by getting a copy of the properprogram, installing it and configuring it

8/8/2019 Linux Tech

33/33

Linux Dependencies on Programs and Shared

LibrariesThe operating and its binaries are currently designed to rely on shared libraries, much like dynamically

linked libraries (DLLs) in the windows environments. Therefore most binarys, such as init, login, ls,cp, to name a few will likely use some shared library. Loadable modules are loaded into the kernel bythe program "/sbin/insmod". Most libraries are in the /lib directory. The libncurses.so.4 library is in/usr/lib. The file "/etc/ld.so.conf" contains a list of directory locations where the system finds its libraryfiles. See the man page on ldconfig. The program ld.so is the dynamic linker the programs use to loadand run the shared library. Librarys that contain the same major number are compatible with programsthat require that major number, but not compatible with programs requiring a different major number.The file /etc/ld.so.conf contains a list of directories that the linker will search to find shared libraryfiles. If you add entries to their file, use the "ldconfig" command afterwards to regenerate the sharedlibrary cache. The environment variable LD_LIBRARY_PATH can add more directories to this searchpath. For each library there are generally two separate files. One with a .a or .o extension is the static

version, linked in at compile time, and .so.version which is the dynamically linked version. The staticfiles are usually in /usr/lib. When changing dynamic link files use "ln -sf" to change it rather thanremoving it and replacing it since temporarily removing a library file may stop many functions fromworking.Standard libraries:

libc - standard c library

libm - Standard math library

How to determine what library a binary needs

Using the "ldd" command, type "ldd /bin/ls" to see the shared libraries used by the "ls" command. Dothe same for any other binary you are interested in. This way if a binary (newly created, down loaded,etc) requires a library you can check your "lib" directory to see if it is there. If it is not, you will need tocreate and install it.

How to tell if a library is a.out or ELF type

Type "file library.so.x", substituting the name of your library for "library.so.x". If ELF is used theloader library "ld-linux.so" is required, and if a.out is used, "ld.so" is required.