Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
7
The Linux Filesystem
Terms youll need to understand:
mknod fdisk mkfs df du fsck Inode ln mount umount quotaon quotaoff edquota repquota Quota quotacheck quotastats locate updatedb which find xargs
In this chapter, youll learn of the standard disk layout and the utilities used to manage and alter disks. Directories, subdirectories, and files have been major topics throughout this book, and now it is time to elaborate on them by discussing the purpose and default content of each.
The / directory
Everything begins at the root directory (/).The root is the directory from which everything else becomes a subdirectory or subcomponent. When specifying locations using absolute addressing, you always begin with this directory because it is the ultimate origin, and it is impossible to move any further back since there is no directory above it.
mv ps sed As a rule of thumb, the executable or binary files located within this directory are available to all users. Binary files that are not critical to the operation of the system, or that are needed by all users, commonly appear in /usr/bin instead of here.
923_2C07.p65
11/16/00, 2:46 PM
923_2C07.p65
11/16/00, 2:46 PM
4 Chapter 7
brw-rw-rwbrw-r crw-rw crw-rw crw-rw brw-rw-r crw-r crw-rw-rwcrw-rw-rwbrw brw brw brw brw brw br br brw-rw-r crwwwcrw-rw crw-rw crw-rw crw-rw crw-rw crw-rw crw-rw
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
root root root root root root root root root root root root root root root root root root root root root root root root root root
root operator lp lp lp disk kmem root root root root root root root root root root disk root tty tty tty tty tty tty tty
4 1 0 1 2 0 1 3 1 0 1 2 3 0 1 8 9 0 0 1 10 11 12 13 14 15
Aug Aug Aug Aug Aug Aug Aug Aug Sep Aug Aug Aug Aug Aug Aug Aug Aug Aug Aug Jul Aug Aug Jul Aug Aug Aug
10 1999 floppy 10 1999 hard drive1 10 1999 lp0 10 1999 lp1 10 1999 lp2 10 1999 cd 10 1999 mem 10 1999 null 13 10:29 mouse 10 1999 ram0 10 1999 ram1 10 1999 ram2 10 1999 ram3 10 1999 rom0 10 1999 rom1 10 1999 rrom0 10 1999 rrom1 10 1999 sonycd 10 1999 tty0 6 15:27 tty1 10 1999 tty10 10 1999 tty11 6 15:27 tty12 10 1999 tty13 10 1999 tty14 10 1999 tty15
The first thing to note is that the files do not resemble listings you have examined in previous chapters. The first character of the permissions is either b or c to indicate how data is readby block or by character. Typically, devices that require constant interaction, such as a mouse or terminal (tty), are character based. Devices that do not require interaction once a process is started, such as floppy drives, memory (RAM and ROM), and CD drives, are block based. The second item of note is that the sizes of the files are expressed not in bytes but in pairs of numbers separated by commas. Covering the creation of such special files is beyond the scope of either of the current LPI exams, but you should know that you must use the mknod utility to create device files.
923_2C07.p65
11/16/00, 2:46 PM
923_2C07.p65
11/16/00, 2:46 PM
6 Chapter 7
One major difference between the two machines is the values in the /etc directory. The users who can log on at ABC are not the same as those who can log on at DEF; the user accounts are stored in /etc. The groups are not the same at the two organizations; those related files are stored in /etc. Other files include: motdThe Message of the Day file for displaying text when logging on X11A folder holding X Window values HOSTNAMEThe name of the machine hostsA file mapping hostnames to IP addresses for other machines available through a network In a nutshell, the /etc directory holds system configuration files specific to a machine.
bash sleep sleep ps root root root root root root root root root root root root root root root root 0 0 0 0 0 0 0 0 0 0 0 0 0 0 67112960 0 Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:16 15193 15220 15222 bus cmdline cpuinfo devices dma fb filesystems fs ide interrupts ioports kcore kmsg
923_2C07.p65
11/16/00, 2:46 PM
923_2C07.p65
11/16/00, 2:46 PM
-rrr -rrr -rrr -rrr -rrr -rrr -rrr -rrr dr-xr-xr-x dr-xr-xr-x -rrr -rrr -rrr dr-xr-xr-x lrwxrwxrwx -rrr -rrr -rrr -rrr dr-xr-xr-x dr-xr-xr-x -rrr -rrr $
1 1 1 1 1 1 1 1 4 3 1 1 1 2 1 1 1 1 1 10 4 1 1
root root root root root root root root root root root root root root root root root root root root root root root
root root root root root root root root root root root root root root root root root root root root root root root
0 0 0 0 0 0 0 0 0 0 0 0 0 0 64 0 0 0 0 0 0 0 0
Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep Sep
20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34 08:34
ksyms loadavg locks mdstat meminfo misc modules mounts net parport partitions pci rtc scsi self -> 15252 slabinfo sound stat swaps sys tty uptime version
923_2C07.p65
11/16/00, 2:46 PM
923_2C07.p65
11/16/00, 2:46 PM
10 Chapter 7
The sbin directory holds system-specific binaries. Most of the utilities in this subdirectory are related to managing the systemadding users and groups and working with networking. These are noncritical utilities because the system could function without them, and an administrator could manage without them as well: It is difficult, but certainly possible. The share directory holds information specific to the machine for certain utilities. The src directory contains the operating-system source code.
spoolSpooled data waiting for processing (such as printing) stateSystem state variables
As a general rule, necessary utilities for all users are stored in /bin, and utilities that are helpful to have (but not critical) are stored in /usr/bin. Utilities for the system administrative tasks are stored in /sbin. This is something to keep in mind for the exam. The dict directory holds the word list used by the spell utility to check spelling in text files. The game directory does not hold third-party games and is usually empty except for banner or similar trivial utilities. Not all the subdirectories beneath /usr are necessary, and they differ slightly based upon vendor and type of installation. The include directory holds C program header files, and lib offers more libraries for C-based programs. The local directory is a temporary holding facility used during installation, and the subdirectories beneath it should be empty. The man directory holds the manual pages used for help and documentation purposes, if they are installed.
Other Directories
Other directories can exist beneath the / directory. The directories described so far are always present, but the following two directories can also be present: installHolds information about the installation, such as scripts, errors, and so on. lost+foundShould be empty on a perfect system. When corruption occurs, however, the results appear in this directory.
923_2C07.p65
11/16/00, 2:46 PM
923_2C07.p65
10
11/16/00, 2:46 PM
12 Chapter 7 sda1for SCSI (Small Computer System Interface) The name of the device has four fields: The type of driveh for IDE or s for SCSI. The type of deviced for disk. The number of the disk expressed in alphabetical formata for the first, b for the second, and so on. The number of the partitionThe numbers 1 through 4 are set aside for use on primary partitions, whether or not you have that many, and the logical drives start numbering with 5. The disk should always have a minimum of two partitions: the filesystem itself (often referred to as root) and a swap partition. The swap partition contains the memory and some hard drive space. The swap partition size is always a minimum of the amount of RAM installed on the machine but can be larger (16MB is the minimum recommendation for hard drive space). For example, if you have 64MB installed on a machine and the swap partition needs 128MB, it can use a 64MB swap partition to read and write from as processing occurs. Using a swap partition larger than the amount of installed RAM is known as using virtual memory.
before use. A partition must be a primary partition for the operating system to be able to boot from it. A primary partition (only one) can be further subdivided into extended partitions, known as logical drives. Using DOS-style partitions, you can create up to four logical drives from a primary partition, but none of them are bootable by the operating system. You should remember that the maximum number of primary partitions you can have is four. The maximum number of partitions you can have when mixing and matching primary and extended is three primary partitions and four logical drives (for a grand total of seven). The theoretical limit is 15 partitions on SCSI disks and 63 partitions on IDE. The limitations mentioned previously are enforced with a DOS-style partition table. All partitions must be referenced in the /dev directory, and the first partition on the first disk is either: hda1for IDE (Integrated Drive Electronics)
The maximum allowable size for a swap partition under current versions of Linux is 128MB, and you can tweak the size of the partition. If you run out of room within the partition (or you have not configured a swap partition), Linux automatically creates a swap file, but using a partition is preferred. Linux can work with either swap files or swap partitions, but partitions provide more system efficiency.
One other note about hard drives: Linux prefers the number of cylinders on a drive to be 1,024 or less. With a larger number, you can encounter complications with software that runs at boot time (which is covered in Chapter 9) or booting and partitioning with other operating systems.
923_2C07.p65
11
11/16/00, 2:46 PM
923_2C07.p65
12
11/16/00, 2:46 PM
The Linux Filesystem 13 -lLists the partition tables. -vPrints the version of fdisk only. If you use neither of these options, fdisk first checks whether the number of cylinders on the default device (hda1) is greater than 1,024 and warns you if so. It then prompts for a command. You can start fdisk with a device other than the default by specifying it on the command line. For example, to start it with the third IDE drive, enter:
$ fdisk /dev/hdc
14 Chapter 7
To modify the system, assume the third partition is to be changed into two smaller partitions. First, enter the d command to delete the partition. A prompt asks which partition number (1through 4). Enter 3, and it is gone. To create a new partition, enter the n command. The prompt changes to:
e p extended primary partition (1-4)
After the utility has started, entering m provides help in the form of a menu:
a b c d l m n o p q s t u v w x toggle a bootable flag edit bsd disklabel toggle the dos compatibility flag delete a partition list known partition types print this menu add a new partition crate a new empty DOS partition table print the partition table quit without saving changes create a new empty Sun disklabel change a partition's system id change display/entry units verity the partition table write table to disk and exit extra functionality (experts only)
If you have already created other partitions, the prompts might not appear. For example, if you already have an extended partition, you cannot create another because it already exists. If you enter p for primary, you are next prompted for the number (14) to create; if you give a number already used, the command fails because you must first delete the partition before adding it again. In this case, suppose you want to make two equally sized partitions from the space that was once the third partition, so after entering p to the prompt earlier the sequence becomes the following, with values you enter in italics:
Partition number (1-4): 3 First cylinder (4317-16383, default 4317): {Press Enter) Using default value 4317 Last cylinder or +size or +sizeM or +sizeK _ (4317-16383, default 16383): 10350 Command (m for help): p Disk /dev/had: 16 head, 63 sectors, 16383 cylinders Units = cylinders of 1008 + 512 bytes Device /dev/hda1 /dev/hda2 /dev/hda3 Boot + Start 1 4064 4317 End 4063 4316 10350 Blocks 2047720+ 127512 3041136 Id 83 82 83 System Linux Linux swap Linux
The following examples illustrate what you can do with this utility, moving from simple actions to more complex. First, to see the partition table, you give the p command. The result resembles:
Disk /dev/had: 16 head, 63 sectors, 16383 cylinders Units = cylinders of 1008 + 512 bytes Device /dev/hda1 /dev/hda2 /dev/hda3 Boot + Start 1 4064 4317 End 4063 4316 16383 Blocks 2047720+ 127512 6081768 Id 83 82 83 System Linux Linux swap Linux
The information here shows three partitions (1 through 3) on a single IDE disk (hda). The first partition is bootable, the second partition is the swap partition, and the third is the remainder of the drive.
Command (m for help): n Command action e extended p primary partition (1-4) p Partition number (1-4): 4 First cylinder (10531-16383, default 10351): {Press Enter) Using default value 10351 Last cylinder or +size or +sizeM or +sizeK _ (10351-16383, default 16383): {Press Enter) Using default value 16383
923_2C07.p65
13
11/16/00, 2:46 PM
923_2C07.p65
14
11/16/00, 2:46 PM
16 Chapter 7
Command (m for help): p Disk /dev/had: 16 head, 63 sectors, 16383 cylinders Units = cylinders of 1008 + 512 bytes Device /dev/hda1 /dev/hda2 /dev/hda3 /dev/hda4 Boot + Start 1 4064 4317 10351 End 4063 4316 10350 16383 Blocks 2047720+ 127512 3041136 3040632 Id 83 82 83 83 System Linux Linux swap Linux Linux
Sample filesystem types. Filesystem Type Extended FAT16 HPFS AIX Linux Extended NTFS Windows 95 FAT32
To then change the existing swap file (partition 2) to a Linux partition, run the preceding procedure, and type the hex code 83. Typing L at the hex code prompt shows all the possible filesystem types (as does pressing l at the main fdisk menu). Table 7.1 outlines a few of the types. After making all the changes, you can quit fdisk and then format any partitions that need it. If you write the changes, an alert appears indicating that the partition table has been altered and the disks will be synchronized. You should reboot your system to ensure the table is properly updated. You can make dozens of changes with fdisk and lose them all if you type q to quit the tool. If you want to save the changes youve made, you must write them with w. You format the partitions with the mkfs (as in make filesystem) utility. You must use options with this utility to indicate the type of filesystem to make (-t), the device, the size, and any other options. For example, to format the newly created fourth partition for DOS, the command is:
$ mkfs -t msdos /dev/hda4 3040632
Used Available Use% Mounted on 573405 1305178 31% / 5212 5562198 0% /home
Used Available Use% Mounted on 573408 1305175 31% / 5212 5562198 0% /home
Used Avail Use% Mounted on 560M 1.2G 31% / 5.1M 5.3G 0% /home
Be extremely careful when using fdisk and mkfs because both have the ability to render a system inoperable if you use the incorrect parameters. You can use the mkfs utility to format floppy disks as well as hard drives, but the utility fdformat is much simpler to use for floppy disks.
Used Available Use% Mounted on 573406 1305177 31% / 5212 5562198 0% /home 0 0 - /dev/pts 0 0 - /proc 0 0 - /auto
923_2C07.p65
15
11/16/00, 2:46 PM
923_2C07.p65
16
11/16/00, 2:46 PM
18 Chapter 7
Used Available Use% Mounted on 560 1275 31% / 5 5432 0% /home 0 0 - /dev/pts 0 0 - /proc 0 0 - /auto
1 63 64 119
If you use the -a option, du lists files and not just directories. Table 7.3 lists other options that work with the du utility. The grand utility in this section is fsck: the filesystem check utility. Not only does it check the filesystem, but if errors are encountered, it can correct them. The utility utilizes entries in the /etc/fstab file to tell which filesystems to check during startup if it is configured to run automatically. The -A option also tells the utility to use this file. Note: The /etc/fstab file is read by fsck and related utilities but never written to. As an administrator, you need to update the fileplacing each filesystem on its own linewhen you want to make modifications to the operation of system utilities. When you run fsck, it shells out to the appropriate interface based upon the filesystem in use. For example, with a Linux filesystem (ext2), a common series of events is:
Table 7.2 Option -a -h -l -m -t -T Options for the df utility. Description All (include those that have no blocks) Display in human readable form Local filesystems only List in MB Show only those filesystems of a particular type Show the filesystem type
The ext2 listed for filesystem type stands for second extended filesystem and is the default used by Linux. When thinking of Linux partitions and the abilities thereof (file names, links, etc.), it is always ext2 that is synonymous with that. Whereas the df utility deals with partitions, the du utility shows disk usage by files and directories. From df, you can see that 560MB of hda1 is used, but you have no way of knowing what is using it. Using the du utility is the next step, showing how much space each item is using, beginning at whatever starting location you specify. For example, starting in the /root directory (the home directory of the root user), the utility shows the amount of space used by the subdirectories:
14 2 2 8 20 22 1 1 8 6 7 1 9 1 1 3 3 5 6 1 2 2 34 1 2 2 1 ./.seyon ./Desktop/Autostart ./Desktop/Trash ./Desktop/Templates ./Desktop ./.kde/share/config ./.kde/share/apps/kfm/tmp ./.kde/share/apps/kfm/bookmarks ./.kde/share/apps/kfm ./.kde/share/apps/kdewizard/Work/Windows ./.kde/share/apps/kdewizard/Work ./.kde/share/apps/kdewizard/Themes ./.kde/share/apps/kdewizard ./.kde/share/apps/kpanel/applnk ./.kde/share/apps/kpanel/pics ./.kde/share/apps/kpanel ./.kde/share/apps/kdisknav ./.kde/share/apps/kwm/pics ./.kde/share/apps/kwm ./.kde/share/apps/kdisplay/pics ./.kde/share/apps/kdisplay ./.kde/share/apps/kdehelp ./.kde/share/apps ./.kde/share/icons/mini ./.kde/share/icons ./.kde/share/applnk ./.kde/share/mimelnk
Options for the du utility Description Displays the list in bytes Shows a grand total Provides human readable output Displays the list in KB Shows the number of links Displays the list in MB Shows only totals Shows only directories on this (not different) filesystems
923_2C07.p65
17
11/16/00, 2:46 PM
923_2C07.p65
18
11/16/00, 2:46 PM
20 Chapter 7
$ fsck -A Parallelizing fsck version 1.14 (9-Jan-1999) E2fsck 1.14, 9-Jan-1999 for EXT2 FS 0.5b, 95/08/09 /dev/hda1 is mounted. WARNING!!! Running e2fsck on a mounted filesystem may cause SEVERE filesystem damage. Do you really want to continue (y/n)? y Pass 1: Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Checking reference counts Pass 5: Checking group summary information /dev/hda3: 927/1521664 files (0.3% non-contiguous), 215482/6081768 blocks $
When corruption occurs, files are dumped to the /lost+found directory, using their inode numbers as names. To see the inode numbers associated with files, you can use the -i option with ls:
$ ls -l drwx 5 root root -rw-rr 1 root root -rw-rr 1 root root -rw-rr 1 root root $ $ ls -li 18471 drwx 5 root root 18535 -rw-rr 1 root root 18536 -rw-rr 1 root root 18537 -rw-rr 1 root root $
1024 Sep 22 23:57 Desktop 81 Sep 23 00:25 monday 152 Sep 23 00:26 tuesday 38 Sep 23 00:26 wednesday
1024 Sep 22 23:57 Desktop 81 Sep 23 00:25 monday 152 Sep 23 00:26 tuesday 38 Sep 23 00:26 wednesday
Most of the other passes are self-explanatory, but the first requires further detail. An inode is a table entry that stores information about every file on the system. It is within the inode that information about the file is storedin much the same way that a phone book holds information about people within a city. Every item that appears in a directory listing has an inode associate with it. The inode holds the following types of information: A unique inode number The type of entry it is (file, directory, pipe, and so on) Permissions on the file in numerical format The physical size of the file The number of links to the entry (discussed later in this chapter) The owner of the file The group owning the file Times of create, modification, and access A pointer to the actual location of the data on the disk The inode numbers begin with 1 and increment from there: Files copied during installation have small numbers and recently created files have much larger numbers. When files and directories are deleted, their associated inode number is marked as usable once more.
When a file is moved, it maintains the same inode. When a file is copied, the original file maintains the same inode, but the new entry must have a new inode associated with it:
$ mv monday friday $ ls -li 18471 drwx 5 root root 18535 -rw-rr 1 root root 18536 -rw-rr 1 root root 18537 -rw-rr 1 root root $ cp friday monday $ ls -li 18471 drwx 5 root root 18535 -rw-rr 1 root root 18538 -rw-rr 1 root root 18536 -rw-rr 1 root root 18537 -rw-rr 1 root root $
1024 Sep 22 23:57 Desktop 81 Sep 23 00:25 friday 152 Sep 23 00:26 tuesday 38 Sep 23 00:26 wednesday
1024 Sep 22 23:57 Desktop 81 Sep 23 00:25 friday 81 Sep 23 00:38 monday 152 Sep 23 00:26 tuesday 38 Sep 23 00:26 wednesday
923_2C07.p65
19
11/16/00, 2:46 PM
923_2C07.p65
20
11/16/00, 2:46 PM
22 Chapter 7
admin called its file references. When you create a single file, you can make it available by all three names so all parties can find it as they formerly did. To make nonlocal files look localAssume that all users must use the same template when making system modification requests. This file can exist in the root users home directory (/root), and you can create a link within each users home directory (/home/user). The utility you use to create links is ln. When you create a link, you merely create another pointer to an already existing entity; only one inode is used, not two. Because there is only one copy, you also save disk space. When you link to a file to give others access, you must make certain they have appropriate permissions to access the file. Permissions are discussed in Chapter 8. You can create two types of links: hard and symbolic.
Another way to verify that it is the same data is to view the inodes. Every entity must have its own inode, as discussed earlier. If, however, you have only one set of data and multiple ways of accessing it, all the access methods (names) share the same inode:
$ ls -i 18471 Desktop 18535 friday $
Hard Links
The simplest of the two link types is the hard link. ln creates a hard link by default, and its use can be illustrated as follows:
$ ls -l drwx 5 root root -rw-rr 1 root root -rw-rr 1 root root -rw-rr 1 root root -rw-rr 1 root root $ $ ln monday thursday $ ls -l drwx 5 root root -rw-rr 1 root root -rw-rr 2 root root -rw-rr 2 root root -rw-rr 1 root root -rw-rr 1 root root $
As you add links to the data, the link count increments; as you remove links, the link count decrements. The data that the links point to remains on the system as long as anything at all points to it. For example, the file thursday was linked to monday. If monday is deleted, thursday still remains, but the link count decrements to one: Linux does not care which file was created first. Only when the link count drops to zero does the data no longer exist on the system. Every time you create a file from scratch, you create a link to the data (with a link count of one). When you remove the link (delete the file), the count becomes zero and the data goes away.
1024 Sep 22 23:57 81 Sep 23 00:25 81 Sep 23 00:38 152 Sep 23 00:26 38 Sep 23 00:26
When you view the files graphically, as shown in Figure 7.4, you see no indication that they are links to each other. To prove the link exists, however, any modification made to either file happens to both because they both reference the same data, as shown here:
1024 Sep 22 23:57 81 Sep 23 00:25 81 Sep 23 00:38 81 Sep 23 00:38 152 Sep 23 00:26 38 Sep 23 00:26
Notice that the attributes related to the time of the new entry (thursday) remained the same as those associated with monday and did not assume the current timeas would happen with a copy operation. This is because there is only one set of data, even though there are now two ways of referencing it. The second column from the left indicates the link count for files: the number of ways this same set of data can be referenced. The link count has incremented from one to two.
Figure 7.4 There is no indication, when viewed graphically, that the two files are linked.
923_2C07.p65
21
11/16/00, 2:46 PM
923_2C07.p65
22
11/16/00, 2:46 PM
24 Chapter 7
$ ls -l drwx 5 root root 1024 Sep 22 23:57 Desktop -rw-rr 1 root root 81 Sep 23 00:25 friday -rw-rr 2 root root 81 Sep 23 00:38 monday -rw-rr 2 root root 81 Sep 23 00:38 thursday -rw-rr 1 root root 152 Sep 23 00:26 tuesday -rw-rr 1 root root 38 Sep 23 00:26 wednesday $ $ cat >> monday Ingredients include carbonated water, high fructose corn syrup and/or sugar, citric acid, and natural flavoring. {press Ctrl+d} $ $ ls -l drwx 5 root root 1024 Sep 22 23:57 Desktop -rw-rr 1 root root 81 Sep 23 00:25 friday -rw-rr 2 root root 194 Sep 24 15:09 monday -rw-rr 2 root root 194 Sep 24 15:09 thursday -rw-rr 1 root root 152 Sep 23 00:26 tuesday -rw-rr 1 root root 38 Sep 23 00:26 wednesday $
drwx 5 root root -rw-rr 1 root root -rw-rr 2 root root lrwxrwxrwx 1 root root friday -rw-rr 2 root root -rw-rr 1 root root -rw-rr 1 root root $
1024 Sep 22 23:57 Desktop 81 Sep 23 00:25 friday 194 Sep 24 15:09 monday 6 Sep 24 15:49 saturday -> 194 Sep 24 15:09 152 Sep 23 00:26 38 Sep 23 00:26 thursday tuesday wednesday
You should note several items about this transaction: The link count on friday did not change. The new file always has a first column equal to lrwxrwxrwx to indicate it is a link. The date and time on the new file are not equal to those for the old file but instead are the current date and time because a new file is created (with its own inode). To the right of the file name is a graphical indication of the file really being referenced. And the new file has a size associated with it, but the size is equal to the pointer only. The last point is worth considering for a moment. The file friday has a size of 81, and saturday has a size of 6. This disparity in size is completely transparent to the user because any operation done on saturday is sent to friday instead. To illustrate:
$ cat friday this is the way that one and one will equal two and two and two will equal four $ $ cat saturday this is the way that one and one will equal two and two and two will equal four $ $ wc friday 4 18 81 friday $ wc saturday 4 18 81 saturday $
The same effect of a change to one happening to both also applies to permissions, owners, groups, and so on. Hard links cannot exist across filesystems; they must always be local. Users can create links to files, but not to directories; the root user, however, can also create links to directories with the -F or -d options.
Symbolic Links
To make a symbolic link, you must use the -s option with ln. A symbolic link is what you might call a shortcut in the Windows operating systems: a small file that points to another file. The primary purpose for a symbolic link is to get around the shortcomings of hard links. As such, short links allow users to link to directories and links to cross filesystems. To understand how a symbolic link is created, consider the following example:
$ ls -l drwx 5 root root -rw-rr 1 root root -rw-rr 2 root root -rw-rr 2 root root -rw-rr 1 root root -rw-rr 1 root root $ $ ln -s friday saturday $ ls -l
1024 Sep 22 23:57 81 Sep 23 00:25 194 Sep 24 15:09 194 Sep 24 15:09 152 Sep 23 00:26 38 Sep 23 00:26
In other words, saturday is just a symbolic (name) representation of friday. Whatever action you attempt is sent to the first file through the pointer held in the second. This behavior can lead to unexpected results: Because the file is a pointer, it can point to something that no longer exists or is currently unavailable. (Remember, symbolic links can span filesystems.) Consider the following sequence of events where the file being pointed to is removed:
923_2C07.p65
23
11/16/00, 2:46 PM
923_2C07.p65
24
11/16/00, 2:46 PM
26 Chapter 7
$ rm friday $ ls -l drwx 5 root root 1024 Sep 22 23:57 Desktop -rw-rr 2 root root 194 Sep 24 15:09 monday lrwxrwxrwx 1 root root 6 Sep 24 15:49 saturday -> friday -rw-rr 2 root root 194 Sep 24 15:09 thursday -rw-rr 1 root root 152 Sep 23 00:26 tuesday -rw-rr 1 root root 38 Sep 23 00:26 Wednesday $ wc saturday wc: saturday: No such file or directory $
This behavior can lead to frustration and aggravation for users because the error messages indicate that saturday does not exist, but every listing of the directory shows that it does. As an administrator, it is imperative for you to understand that the file does exist, but users see a pointer to a file that no longer does. When you view a symbolic link graphically, as shown in Figure 7.5, the name is italicized and a small box holding an arrow appears at the bottom left of the icon. A large number of the system files discussed at the beginning of this chapter are links to other items. For example, the /dev directory holds a plethora of symbolic links to devices that can be accessed via different names and in different locations.
Figure 7.5 Symbolic links use slightly different icons than standard files.
The entries listed here, and that appear by default, appear in the /etc/fstab file mentioned earlier in regard to the fsck utility. If you always want to mount additional filesystems, you should add their entries to this file. The command mount -a reads the fstab file and mounts and remounts all entries found within. If you do not want filesystems always mounted, you can dynamically load other filesystems using the device name with the mount utility. For example, to mount the CD, the command is:
$ mount /mnt/cdrom
The /mnt directory holds readily accessible definitions for external devices such as the cdrom and floppies. Options you can use with the mount command are: -aReads through the /etc/fstab file and mounts all entries. -fChecks whether a filesystem can be mounted (but does not mount it). An error message returned means that it cannot be found, and no error message means that it was found in /etc/fstab or /etc/mtab. -nPrevents the /etc/mtab file from being dynamically updated when a filesystem is added. -rMounts the filesystem as read-only.
This sample reads from the dynamic file /etc/mtab and indicates the device, the mount point, the type of filesystem, and the permissions (rw is read/write). In addition to read/write, filesystems can be mounted as read-only (ro), not allowing users (nouser), able to run binaries (exec) or not (noexec), not running certain files (nosuid), controllable by all users (user), and interpreting special devices on the filesystem (dev).
923_2C07.p65
25
11/16/00, 2:46 PM
923_2C07.p65
26
11/16/00, 2:46 PM
The Linux Filesystem 27 -tAllows you to specify the type of the filesystem being mounted. -wMounts the filesystem as read/write (the default). You can unmount a filesystem when it is no longer needed with the umount utility. To unload the CD, the command is:
$ umount /mnt/cdrom
28 Chapter 7
In some cases, it might be necessary for the kernel to be recompiled to support quotas, but not always. After the file is edited, go to the root of the partition where you want to apply the quota. As the root user, create a file called either quota.user or quota.group. The permissions on the file must be equal to read and write by the root user only (accomplished with the chmod command, which is discussed fully in Chapter 8). Thus, the sequence following the edit is:
$ touch quota.user $ chmod 600 quota.user
Options that you can use with the umount utility are: -aUnloads every entry in /etc/mtab -nUnloads but does not update /etc/mtab -rRemounts it as read-only if the unload fails -tUnloads all entries of a specific file type
You must then reboot. The utilities you can use are: quotaonEnables the use of quotas. You can use the -a option to enable for every filesystem having usrquota in /etc/fstab; otherwise, you must specify the filesystem. quotaoffDisables the use of the quotas.
edquotaEdits and changes the quota limits. You use the -u option to specify a user or -g to specify a group. You can use the -t option for a soft limit. repquotaGenerates a report of disk usage and the specified quota (created with edquota). Options with this tool include -a to check all filesystems in / etc/fstab; -g to see the report for groups; -u to see the report for users (default); and -v to show numbers even if they are zero. Any user can run this utility to see her own numbers, but root sees the report for all users. quotaShows the quotas in existence (similar to repquota). Any user can see his own, and root can see all. quotacheckScans the system and creates report files with the current usage (only available to root). quotastatsShows the amount of used space for each individual user and group. Note: Not all the utiilties are available in all implementations of Linux. By default, when a user or group reaches the quota limit, she is no longer allowed to save any further entries. Setting a soft limit means she can exceed the limit, but only for a short period of time (defined as a grace period, the default is 7 days).
The first field is the filesystem, and the second is the mount point. The third field is the filesystem type, and the fourth contains options for the filesystem. The fifth field identifies the order in which the filesystem would be used by a dump, and the sixth field is the order in which fsck would use it. You make a modification to the fourth field to use quotas, changing the line to read:
/dev/hda3 /home ext2 defaults,usrquota 1 2
Finding Files
Among all the files and all the different directories and subdirectories on a system, finding something specific can sometimes be a daunting task. A number of utilities in Linux can help ease this burden. This section outlines a few of the
923_2C07.p65
27
11/16/00, 2:46 PM
923_2C07.p65
28
11/16/00, 2:46 PM
30 Chapter 7
unique utilities and examines how they can be used to help find what you are looking for. The utilities to be examined, in order, are: locate updatedb which find (and a companion, xargs) The locate utility looks through a database file (instead of the actual directory tree) to find files that match a given name. The database is named locatedb and usually appears in a subdirectory in the /var directory. (Common locations include in /var/state or /var/lib.) You update the locatedb database through the use of the updatedb command. By default, updatedb runs at a regular basis (usually once a day), but you can run it manually as well. The advantage to using locate (and thus locatedb) is that it is much faster to search a database for an entry than to search the entire filesystem. The downside is that you cannot find files created after the last time updatedb was run using the locate utility. By default, updatedb moves through the filesystem and updates the locatedb database with entries anywhere it finds them. You can, however, create an optional file named updatedb.conf in the /etc directory. If the updatedb.conf file exists, then only directories listed in it are used to create the database. An example of the use of the locate command is:
$ locate grep /opt/kde/share/apps/kmail/pics/kmmsgreplied.xpm /usr/bin/egrep /usr/bin/fgrep /usr/bin/grep /usr/bin/zgrep /usr/bin/zipgrep /usr/doc/dosemu-0.98.5/bugreports.txt /usr/doc/grep-2.2 /usr/doc/grep-2.2/ABOUT-NLS /usr/doc/grep-2.2/AUTHORS /usr/doc/grep-2.2/INSTALL /usr/doc/grep-2.2/NEWS /usr/doc/grep-2.2/README /usr/doc/grep-2.2/THANKS /usr/doc/grep-2.2/TODO /usr/lib/python1.5/grep.pyc /usr/lib/python1.5/grep.pyo
/usr/lib/xemacs-20.4/lisp/efs/dired-grep.elc /usr/lib/xemacs-20.4/lisp/packages/igrep.elc /usr/man/de/man1/egrep.1.gz /usr/man/de/man1/grep.1.gz /usr/man/man1/egrep.1.gz /usr/man/man1/fgrep.1.gz /usr/man/man1/grep.1.gz /usr/man/man1/zgrep.1.gz /usr/man/man1/zipgrep.1.gz /usr/share/locale/de/LC_MESSAGES/grep.mo /usr/share/locale/es/LC_MESSAGES/grep.mo /usr/share/locale/fr/LC_MESSAGES/grep.mo /usr/share/locale/ko/LC_MESSAGES/grep.mo /usr/share/locale/nl/LC_MESSAGES/grep.mo /usr/share/locale/no/LC_MESSAGES/grep.mo /usr/share/locale/pl/LC_MESSAGES/grep.mo /usr/share/locale/ru/LC_MESSAGES/grep.mo /usr/share/locale/sl/LC_MESSAGES/grep.mo /usr/share/locale/sv/LC_MESSAGES/grep.mo /usr/share/vim/bugreport.vim $
Similar to the locate command is the which command. Instead of looking through a database, however, which looks through the directories listed in your path statement. When it finds a match in a directory for a name you give, it stops immediately and reports what it found. How is this useful? Suppose your system has 14 versions of grep; which tells you the first one it finds via the path search, and thus the one that is executed when you use the command. Very simple in nature, the following sample illustrates the use of which:
$ which grep /usr/bin/grep $
923_2C07.p65
29
11/16/00, 2:46 PM
923_2C07.p65
30
11/16/00, 2:46 PM
32 Chapter 7
The default starting point is the present working directory, but you can specify any directory. Whatever the starting point, the search recursively moves from there to all subdirectories beneath it. The criteria can be any of the options shown in Table 7.4. To find all files named grep on a system, beginning with the root directory, you enter:
$ find / -name "grep" /usr/bin/grep $
$ find / -name "grep" -exec ls -l {} \; -rwxr-xr-x 1 root root 70652 Aug 11 1999 /usr/bin/grep $
Be very careful with the -exec option because you can specify anything following itincluding move, remove, and so on. You can use the option -ok in place of exec to force a prompt before every action is taken. To find which files have been accessed, you use the -atime option. If the number following -atime is preceded by a plus sign (+), then find returns entries in which the access day was more than the number of days given. If the number following is preceded by a minus sign (-), then find returns entries in which the access day was less than the number of days given. For example, to find files in the current directory that have not been accessed for 10 days or more:
$ find . -atime +10
Notice that you do not need to specify the -print option: It is the default action. Notice also that, unlike locate, find found an exact match, not just entries with the four letters somewhere in the name. If you want to find matches that are portions of words, you need to use the asterisk (*) wildcard (find / -name *grep*). Once you find the match, you can perform an action on it, such as obtaining a long listing:
Table 7.4 Option -atime days -ctime days -exec command -group name -inum number -links number -mount -mtime days -name file -perm permission -print -size number -type type -user name Options for the find utility. Purpose Tests true if the file was accessed within the number of days specified. Tests true if the file was changed within the number of days specified. Executes a command. You must specify that the command is for a group {} and continues on \;. Tests true if the file belongs to the specified group. Tests true if the file has that inode number. Tests true if the number of links is equal to the specified number. Looks only on the local filesystem. Tests true only if the file was modified within the number of days specified. Tests true only if it matches the given name. Tests true if it matches the given permissions. Prints the names of matching files. Tests true if it matches the number of blocks or characters. Tests true if it matches the specified type (d=directory, f=file, b=block file, and c=character file). Tests true only if owned by the named user.
To find files that have been accessed within the last two days, type:
$ find . -atime -2
923_2C07.p65
31
11/16/00, 2:46 PM
923_2C07.p65
32
11/16/00, 2:46 PM
34 Chapter 7
Answer: Because the grep operation takes place on the names of the files, not the content of the files. The xargs utility pipes the entire name (thus the contents) into the next command in succession (grep, in this case), not just the resulting file name.
Notice that the result includes directories and files that are visible and hidden.
Utility Summation
This chapter discussed several utilities. Table 7.5 lists them and their purposes.
Table 7.5 Utility mknod fdisk mkfs df du fsck ln mount umount quotaon quotaoff edquota repquota, quota, quotacheck, and quotastats locate updatedb which find xargs Utilities discussed in this chapter. Purpose Makes special (character and block) files Divides the disk into partitions Formats partitions Reports the amount of disk free space remaining Shows where disk utilization is occurring Checks the filesystem and corrects problems Creates links: hard and symbolic Loads a remote filesystem Unloads a remote filesystem Turns on user/group quotas Turns off user/group quotas Creates quotas for users or groups Views quota useage Finds a file from the locatedb database Updates the locatedb database Finds a file from the path statement Locates a file based on given criteria Passes the output of one command into another
xargs
As powerful as the find utility is, it is limited in the results it can return to values within the filesystem structure. The only real text within the structure is the name of the entity, not the data itself. (The pointer points to that.) To illustrate, suppose the user edulaney put out a memo several months back on acceptable use of the company refrigerator in the break room. Since then, user edulaney has quit the company and several new employees (who would benefit from knowing this policy) have joined. You want to find the file and reprint it. About the closest you can get to accomplishing this task with find (and its results) is:
$ find / -user edulaney -type f -exec grep -i refrigerator {} \; stored in the refrigerator overnight will be thrown out $
You must use the type f option or else errors occur every time grep tries to search a directory. In this case, the line from the file is found, but there is no way of knowing what file contains itrendering the result pretty much useless. Enter the xargs utility: Analogous to a pipe, it feeds output from one command directly into another. Arguments coming into it are passed through with no changes and turned into input for the next command. Thus, the command can be modified to:
$ find / -user edulaney -type f | xargs grep -i refrigerator /home/edulaney/fileone:stored in the refrigerator overnight will be thrown out $
The desired file is indicated, so you can print it for the new employees. Food for thought: If xargs works as a pipe, why wouldnt the following command suffice?
$ find / -user edulaney -type f | grep -i refrigerator
923_2C07.p65
33
11/16/00, 2:46 PM
923_2C07.p65
34
11/16/00, 2:46 PM
36 Chapter 7
Practice Questions
Question 1
Which file updates the database that the locate command uses to find matches for search names? a. locatedb b. fstab c. mtab d. updatedb
Question 3
You want to start using quotas on the third partition of your systems disk. To begin, you must edit the fstab file. To which field must you add the usrquota entry? a. First b. Second c. Third d. Fourth e. Fifth f. Sixth
The correct answer to this question is d. The updatedb utility updates the database. Answer a is the name of the database the locate utility uses to find the files, so it is incorrect. Answer b is the file system table, and answer c is the mount table, neither of which relate to the locate utility.
The correct answer to this question is d. You must add the entry to the fourth field of the entry for the quotas to be invoked.
Question 4
What is the syntax to use to create a symbolic link named advise to a file in the same directory named please? [Fill in the blank]
Question 2
Which of the following files would be read by the command mount -a? a. /etc/mtab b. /etc/fstab c. /etc/update.conf d. /etc/mount
ln -s please advise
_______________
The correct answer to this question is b. The fstab file holds information about the filesystems known to it. Answer a/etc/mtabis where entries are written when the filesystems are loaded, so it is incorrect. The other two choices are invalid in relation to the question.
923_2C07.p65
35
11/16/00, 2:46 PM
923_2C07.p65
36
11/16/00, 2:46 PM
38 Chapter 7
Question 5
Which of the following locations could contain the kernel? [Check all correct answers] a. / b. /bin c. /boot d. /etc
Question 7
You are getting ready to begin system-administration tasks on your system. Before starting anything, you want to compile a list of utilities that are available only for this purpose (adding users, groups, and so on). Which directory contains the entries you are seeking? a. /usr/sbin b. /usr/bin c. /sbin d. /bin
The correct answers to this question are a and c. The default location for the kernel, which differs according to vendors and versions, is either root (/) or /boot. The /bin directory (choice b) holds executable files for all users, while the /etc directory (choice d) is used to hold configuration files; hence, these two choices are incorrect.
Question 6
Which of the following options can you use with the find utility to prompt a user before carrying out an operation? a. -exec b. -query c. -ok d. -perm
The correct answer to this question is a. The /usr/sbin directory holds systemspecific administrative binaries for use by the administrator. Answer b is used by all users, so it is incorrect. Answer c holds system utilities, but most are available for system purposes other than adding users and groups, such as formatting, checking the file systems, and so on; therefore, it is incorrect. Answer d is used by all users, so it is incorrect.
Question 8
On a SCSI hard drive, which of the following indicates the third partition on the second disk? a. hba3 b. sba3 c. sdb3
The correct answer to this question is c, which prompts you before carrying out an action. Answer a executes the same operation without first prompting the user; answer b is not an option for find; and answer d locates only files that meet the specified permissions.
d. hdc2
The correct answer to this question is c. The s indicates the type of disk, which is SCSI; the d indicates the type of device, which is disk; the b indicates the second disk; and the 3 indicates the third partition.
923_2C07.p65
37
11/16/00, 2:46 PM
923_2C07.p65
38
11/16/00, 2:46 PM
40 Chapter 7
Question 9
Which utility can you use to format a partition? a. format b. fdisk c. mkfs d. mount
The correct answer to this question is c. You use the mkfs utility to format a partition. Answer a does not exist in Linux, so it is incorrect. Answer b, fdisk, creates partitions, so it is incorrect. And answer d is used to load a remote filesystem, so it is incorrect.
Question 10
The fsck utility has found a number of corrupted files, and you have chosen to correct the filesystem. To which directory are the corrupted files written? a. lost+found b. tmp c. etc d. /
The correct answer to this question is a. The /lost+found directory holds the corrupted files. Usually they are so corrupted that their names are no longer known, and thus the files are written here by inode number. The /tmp directory (answer b) holds temporary files that do not need to survive a reboot. The /etc directory (answer c) hold configuration files used by the system, while the root directory (answer d) is the starting point of all subdirectories.
923_2C07.p65
39
11/16/00, 2:46 PM
923_2C07.p65
40
11/16/00, 2:46 PM