rootly power
DESCRIPTION
Rootly Power. Ownership. Every Unix file has both an owner and a group owner Only the owner can modify permissions on a file The owner can specify which operations the group owners may perform on a file Owners can be found in /etc/passwd - PowerPoint PPT PresentationTRANSCRIPT
1
Rootly Power
2
Ownership• Every Unix file has both an owner and a group owner• Only the owner can modify permissions on a file• The owner can specify which operations the group
owners may perform on a file• Owners can be found in /etc/passwd• Group owners can be found either in /etc/group or by
looking at the GID field of users in /etc/passwd• An entry in the /etc/passwd
Name:Password: UserID:PrincipleGroup:Gecos: HomeDirectory:Shell
3
UID and GID
• Kernel associates 4 numbers with each process– real and effective UID– real and effective GID– getuid, geteuid, seteuid
• Normally both real and effect numbers are the same
• SETUID or SETGID programs can modify them
4
The SuperUser
• On the UNIX system, the superuser is a privileged account with unrestricted access to all files and commands!!!
• The user name of this account is root. Many administrative tasks and their commands require superuser status.
• There are two ways to become superuser:– log in directly– su while logged in as someone else
5
Superuser
• Choose a good root password
• Change the root password every so often
• Try using “sudo” instead of giving out the root password
6
sudo command
• The sudo facility allows specified users to run specific commands as root without having to know the root password.
• sudo uses the configuration file /etc/sudoers
7
sudo command
• Advantages
8
Other pseudo-users
• bin – owners of system commands
• daemon – owner of unprivileged system software
• nobody – the generic NFS user
9
Controlling Processes
10
Processes and Files
• UNIX is built upon processes and files. A process is basically an executing program. All the work performed by a UNIX system is carried out by processes.
• All the long term information stored on a UNIX system is stored in files. Every file on a UNIX system has a number of attributes that serve different purposes.
• There are a collection of commands that allow users and SA’s to to manipulate files and processes.
11
Process
• Whenever you run a program, a process is created. The UNIX command line that you use to enter the commands is actually another program/command called the shell.
• To execute a command, that command has to be in one of the directories in your search path.
12
What information does kernel keep about each process?
• Process’s address space map• Current status of the process (sleeping, stopped,
runnable, etc)• Execution priority of the process• Resources the process has used• Process’s signal mask• Owner of the process
13
Process
• Process information– PID: process ID number
– PPID: parent PID
– UID and EUID: real and effective user ID
– GID and EGID: real and effective group ID
– Status of the process: R – runnable, S – Sleeping, Zombie, Stopped (use ps aux to get the process status)
– Niceness
– Control terminal
14
Process State (man ps)
• PROCESS STATE CODES: Here are the different values that the s, stat and state output specifiers(header "STAT" or "S") will display to describe the state of a process.
• D Uninterruptible sleep (usually IO)• R Running or runnable (on run queue)• S Interruptible sleep (waiting for an event to complete)• T Stopped, either by a job control signal or because it is
being traced.• W paging (not valid since the 2.6.xx kernel)• X dead (should never be seen)• Z Defunct ("zombie") process, terminated but not reaped by
its parent.
15
Process Management
• A user can communicate with a running process via signals, a facility which enables a running process to be notified about the occurrence of– an error event generated by the executing process– an asynchronous event generated by a process outside the
executing process• Signals are sent to the process ultimately by the
kernel. The receiving process has to be programmed such that it can catch a signal and take a certain action depending on which signal was sent.
• A running process can be sent a signal by using the kill command: kill [-signal] pid
16
Manipulating Process
• At any given time, there might be hundreds of processes running. There are many times when process information is needed. One of the most commonly used commands to find process information is the ps command.
• On a single CPU system, there can only be one process running at a given time. This is called the foreground process. It is the process which owns the terminal for input and output.
17
ps command
18
signal (man 7 signal)• Signal Value Action Comment• -------------------------------------------------------------------------• SIGHUP 1 Term Hangup detected on controlling terminal• or death of controlling process• SIGINT 2 Term Interrupt from keyboard• SIGQUIT 3 Core Quit from keyboard• SIGILL 4 Core Illegal Instruction• SIGABRT 6 Core Abort signal from abort(3)• SIGFPE 8 Core Floating point exception• SIGKILL 9 Term Kill signal• SIGSEGV 11 Core Invalid memory reference• SIGPIPE 13 Term Broken pipe: write to pipe with no readers• SIGALRM 14 Term Timer signal from alarm(2)• SIGTERM 15 Term Termination signal• SIGUSR1 30,10,16 Term User-defined signal 1• SIGUSR2 31,12,17 Term User-defined signal 2• SIGCHLD 20,17,18 Ign Child stopped or terminated• SIGCONT 19,18,25 Continue if stopped• SIGSTOP 17,19,23 Stop Stop process• SIGTSTP 18,20,24 Stop Stop typed at tty• SIGTTIN 21,21,26 Stop tty input for background process• SIGTTOU 22,22,27 Stop tty output for background process
• The signals SIGKILL and SIGSTOP cannot be caught, blocked, or ignored.
kill command is used to send signals from the command line
19
/proc Filesystem
20
strace and System Calls
• man 2 syscalls
• strace –p pid
21
Other Stuff
• The “nice” value is the value that influences the process CPU priority– nice– renice
• All processes, except those created by the kernel at boot time, are decedents of the init (PID 1) process