KEMBAR78
Linux | PDF | Booting | Backup
0% found this document useful (0 votes)
16 views21 pages

Linux

The document outlines the Linux boot process, detailing the roles of boot loaders like LILO and GRUB, the steps involved in bootstrapping, and the significance of runlevels in managing system services. It explains how the kernel initializes and configures hardware, the creation of system processes, and the execution of startup scripts. Additionally, it covers the configuration of boot loaders and the management of runlevels through the init process and associated files.

Uploaded by

alexthomasatk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
16 views21 pages

Linux

The document outlines the Linux boot process, detailing the roles of boot loaders like LILO and GRUB, the steps involved in bootstrapping, and the significance of runlevels in managing system services. It explains how the kernel initializes and configures hardware, the creation of system processes, and the execution of startup scripts. Additionally, it covers the configuration of boot loaders and the management of runlevels through the init process and associated files.

Uploaded by

alexthomasatk
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

1

Module IV
Linux Boot process: LILO - boot process, /etc/lilo.conf file, GRUB - /etc/grub.conf file runlevels, rc
files, startup scripts. Mounting: mounting file systems, structure of /etc/fstab. Linux Administration :
Major services in Linux system - init, /etc/inittab file, login from terminal, syslog and its configuration
file /etc/syslog.conf, periodic command execution: at and cron, crontab file , GUI, X windows.
Starting and stopping different services – service command.

Booting
Bootstrapping or booting means starting up a computer. Bootstrapping is the full
name of the process for bringing a computer system to life and making it ready
for use. The normal facilities provided by the operating system are not available
during the start up process, so the computer must pull itself up by its own
bootstraps. During bootstrapping , the kernel is loaded into memory and begins
to execute . A variety of initialization tasks are performed , and the system is
then made available to the users
Boots time is a period and it is depends on many factors . Errors in configuration
file , missing or unreliable equipment ,and damaged file system may prevent a
computer from coming up .
When a computer is turned on , it executes boot code that is stored in ROM.
That code in turn attempt to figure out how to load and start your kernel . The
Kernel probe’s the system’s hardware , then spawns the system’s init process
,which is always PID 1
Several things must happen before the login prompt can appear . File systems
must be checked and mounted and system daemons started
Automatic and manual booting
Most unix systems must boot either automatic mode or manual mode. In
automatic mode the system performs the complete boot procedure on its own ,
without any external assistance . In manual mode ,the system follows automatic
procedure up to a point but then turns control over to an operator before most
initialization script have been run . In day to day operation automatic booting is
used . You will usually have to boot manually when some problem breaks
automatic booting
Steps in boot process
A typical bootstrapping process consists of following distinct steps
1. Loading and initialization of kernel
2. Device detection and configuration

Navajyothi College Cherupuzha


2

3. Creation of spontaneous system processes


4. Operator intervention (manual boot only)
5. Execution of system startup scripts

Administrator have little control over most of the steps. We effect most
bootstrapping configuration by editing system startup scripts
The boot process begins when the instructions stored in the computer’s
permanent or non volatile memory (BIOS ,ROM etc) are executed . This
storage location for the initial boot instructions is generally referred to as
firmware. These instructions are executed automatically when the power is
turned on or the system is reset . these instructions are used to locate and
start up the systems boot program
Kernel initialization
The kernel is itself a program , and the first bootstrapping task is to get
this program into memory so that it can be executed . The path name of the
kernel is vendor dependent , but it has traditionally been something like
/linix or /vmlinux
Most systems implements a two stage loading process. During the first
stage the system’s ROM loads a small boot program into memory from
disk. This program then arranges for the kernel to be loaded . The kernel
performs memory tests to find out how much RAM is available . Some
portion of memory is reserved for kernel and it cannot be used for user
level process. The kernel is the part of unix os that remains running at all
times when the system is up
Hardware configuration
One of the kernel’s first job is to check out the machine’s environment to
see what hardware is present . When you construct kernel for your system
, you tell it what hardware devices it should expect to find ,when the kernel
begins to execute ,it tries to locate and initialize each device that you have
told it about . Most kernel print a line of cryptic information about each
device they find . The drivers for the devices that are missing or that are
not respond will be disabled
System processes
Once basic initialization is complete , the kernel creates several
spontaneous processes in user space . The number and nature of
spontaneous process may vary from system to system.

Navajyothi College Cherupuzha


3

Various kernel and memory handler (kflushd,kupdate ,kswapd)


Once spontaneous processes have been created , the kernel’s role in
bootstrapping is complete . however ,none of the processes that handle
basic operations have been created nor have most of the linux daemons
been started . All of these tasks are taken care of by init process
Other activities performed by init process include
 Checking the integrity of the filesystems

 Mounting local disk

 Designating and initializing paging areas

 Performing file system cleanup activities

 Starting daemons

Operator intervention (Manual boot only )


If the system is to be brought up in single user mode , a command line flag
passed in by the kernel notifies init process of this fact as it starts up .
During a single user boot ,you are normally prompted to enter the root
password . if you enter the right password the system will spawn a root
shell . From the single user shell you can execute commands .however only
the root partition is usually mounted , you must mount other file systems
by hand
Execution of startup scripts
By the time the system is ready to run its startup scripts . The startup scripts
are normal shell scripts and they are selected and run by init process
Multiuser operation
After the initialization script have run ,the system is fully operational,
except no one can log in . for logins to be accepted on a particular terminal
, a getty process must be listing on it ( getty process is Unix program running
on a host computer that manages physical or virtual terminals (TTYs). When it detects
a connection, it prompts for a username and runs the 'login' program to authenticate
the user.) . init spawns these getty processes directly ,completing the boot
process. Init is also responsible for spawning graphical login systems such
as xdm,gdm etc . init process continues to performs an important role even
after bootstrapping is complete
Navajyothi College Cherupuzha
4

Boot loader
It is the program that loads the Operating System(os) when the computer is
turned on. Typically boot loaders give the ability to select from a list of OS to
load during the startup of the computer. Boot loader software execute after
BIOS(Basic Input Output System) complete its startup test. Boot loader is starts
an OS. The boot loader is the first piece of software started by BIOS. It is
responsible for loading the kernel with the wanted kernel parameters and
initialize RAM before initializing boot process.
Examples:-
 LILO (Linux loader ) : It was the default boot loader for many Linux
distribution before Grub become popular. LILO doesn’t depend on a
specific file system and can boot an OS from floppy disk and hard disk.

Grub(Grant Unified Boot Loader): most widely used and popular Linux boot
loader. Grub is written in assembly language and c.
LILO the traditional Linux boot loader
LILO is configured and installed with LILO command. LILO configuration
file is /etc/lilo.conf.The working of LILO boot loader is based on the contents
of this configuration file. To change your boot configuration use simply update
/etc/lilo.conf and return lilo. You must reconfigure lilo every time the boot
process changes. Here is a lilo.conf file.
boot = /dev/had # put boot loader on MBR
root = /dev/hda1 # specify root partition
delay = 20 # 2 sec for user interrupt
image = /vmlinuz # kernel to boot
label = linux
read = only
image = /vmlinuz-backup # backup entry
label=backup
read-only

Navajyothi College Cherupuzha


5

Each possible boot scenario has a label at boot time you can tell LILO which one
to use by entry the appropriate label. The first label to appear in lilo.conf
becomes the default. In the above example the default boot file /vmlinuz. The
read only tag specifies that the kernel should mount its root file system read
only. In the above example the system is also configured to boot a backup kernel.
/vmlinuz-backup: It’s always a good idea to have such an alternative ; a broken
kernel configuration can lead to an unbootable system.
Multi booting on PCS
Since may OS run PCS , it is fairly common practice to setup machine to be able
to boot several different systems. To make this work you need to configure a boot
loader to recognize all the different OS on your disks.
Each disk partition can have its own second –stage boot loader. However
where is only one MBR. When setting up a multi boot configuration you must
decide which boot loader is going to be the ’’master”. For better or worse ,your
choice will often be dictated by the vagaries of the OS involved. LILO and
GRUB are the best option for a system that has a linux partition. GRUB is
superior to LILO in multi booting situation.
GRUB

GRUB: The GRand Unified Boot loader


GRUB is particularly popular among users who run a variety of operating
systems. It is the most widely used and popular linux boot loader. Grub is written
in assembly language and C.
By default, GRUB reads its default boot configuration from
/boot/grub/grub.conf.
Here’s a sample grub.conf file:
default=0
timeout=10
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
title Red Hat Linux (2.6.9-5)
root (hd0,0)
kernel /boot/vmlinuz-2.6.9-5 ro root=/dev/hda1

Navajyothi College Cherupuzha


6

This example configures only a single operating system, which GRUB boots
automatically
(default=0) if it doesn’t receive any keyboard input within 10 seconds
(timeout=10). The root filesystem for the “Red Hat Linux” configuration is
theGRUB device (hd0,0). GRUB loads the kernel from /boot/vmlinuz-2.6.9-5
and displays a splash screen from the file /boot/grub/splash.xpm.gz when it is
loaded.

GRUB multiboot configuration


A multiboot GRUB system is much like its single-boot counterpart. Install all
the desired operating systems before making changes to /boot/grub/grub.conf.
A grub.conf configuration for booting Windows looks different from one for
booting
a UNIX or Linux system:

title Windows XP
rootnoverify (hd0,0)
chainloader +1

The chainloader option loads the boot loader from a the specified location (in this
case, sector 1 on the first partition of the primary IDE drive). The rootnoverify
option guarantees that GRUB will not try to mount the specified partition. This
option keeps GRUB from messing with partitions it can’t understand, such as
NTFS partitions or partitions outside the area that GRUB can read.The grub.conf
file below can boot Windows XP from partition 1, Red Hat Enterprise Linux from
partition 2, and Fedora from partition 3:

default=0
timeout=5
splashimage=(hd0,2)/boot/grub/splash.xpm.gz
hiddenmenu
title Windows XP
rootnoverify (hd0,0)
chainloader +1
title Red Hat
root (hd0,1)
kernel /boot/vmlinuz
title Fedora
root (hd0,2)
kernel /boot/vmlinuz

Navajyothi College Cherupuzha


7

RUN LEVELS
A runlevel refers to the modes of operation in a linux -based operating system
.Each runlevel has a certain number of services stopped or started, giving the user
control over the behavior of the machine. Conventionally, seven runlevels exist,
numbered from zero to six.Run levels is actually a series of states . at any given
time , the system is at one of these state .the system can changed to any another
state by using various administrative commands. A run level is a state
of init process and the whole system that defines what system services are
operating. Run levels are identified by numbers

After the Linux kernel has booted, the init program reads the /etc/inittab file to
determine the behavior for each runlevel. Unless the user specifies another value
as a kernel boot parameter, the system will attempt to enter (start) the default
runlevel.

Run
Mode Action
Level
0 Halt Shuts down system
A system administration /maintenance state.Does
1 Single-User Mode not configure network interfaces, start daemons,
or allow non-root logins
Does not configure network interfaces or start
2 Multi-User Mode
daemons.
Multi-User Mode
3 Starts the system normally.
with Networking
4 Undefined Not used/User-definable
5 X11 As runlevel 3 + display manager(X)
6 Reboot Reboots the system

Most Linux servers lack a graphical user interface and therefore start in runlevel
3. Servers with a GUI and desktop Unix systems start runlevel 5. When a server
is issued a reboot command, it enters runlevel 6. By default Linux boots either to
runlevel 3 or to runlevel 5. The default runlevel for a system is specified in
the /etc/inittab file,

Using the telinit command to change run levels

Navajyothi College Cherupuzha


8

The program responsible for altering the runlevel is init, and it can be called using
the telinit command.
The telinit utility may be used to change the current system run level. Its name
comes from the fact that it tells the init process what to do next. It takes the new
run level as its argument. The following command tells the system to reboot:
# telinit 6

As an alternative to telinit, the runlevel into which the system boots can be
changed by modifying /etc/inittab manually with a text editor. It cause the
changes makes permanently
BOOTING SINGLE-USER MODE

Single-user mode is a great way to change the system configuration or perform


maintenance tasks without worrying about affecting (or being troubled by) other
users. It’s also a lifesaver when you’re working on a broken system. It’s most
common to enter single-user mode by passing arguments to the boot loader.
However, you can usually enter single-user mode from another run level by
running
the command telinit 1.
Initialization files in Linux
I. /etc/inittab : Which is init process’s configuration file.
II. A series of primary script named rcn(where n is the run level), typically
stored in /etc or /sbin.
III. A collection of subsystem specific script for each run level typically
located in sub directories named rcn.d.
I. /etc/initttab(init process’s configuration file)

On boot time when init process take control from the kernel, it scan its
configuration file /etc/inittab it determine what to do next.
This file defines init’s action whenever the system enters a new run level. It
contain instructions to carry out when the system goes different run levels.
Each entry in inittab file implicitly define a process to be run at one or more run
levels. Sometimes this process is executing as long as the system remains in a
given run level.
When the system changes runlevel init process check the inittab file to determine
the processes that should be running at the new runlevel. It then kills all currently
running process that should not be running at the new level and starts all processes
specified for the new runlevel that are already running.

Navajyothi College Cherupuzha


9

II. Typically the commands to execute at the start of each run level are
contained in the script named rcn.

For eg: when the system moves to run level 3,init process reads the /etc/inittab
file, it tells it to execute rc3.
Traditionally it process defines 7 run level. Each of which represents a particular
set of services that the system should be running (run level).The /etc/inittab files
tell init what to do at each of its run levels the entries in /etc/inittab file has the
following form.
cc : run level: action: process
Where, cc is unique case sensitive label identifying each entry level is a list of
runlevels to which the entry applies. If it is blank the entry applies to all of them.
Process is the command to executed action indicate how init process treat the
process started by the entry. The most important action keyword are
1. Wait: Start the process and wait for it to finish before going to next
entry.
2. Respawn : Start the process automatically restart it when it dies
3. Boot: Execute the entry only at boot time.
4. Init default : Specifying the default run level
5. Off: If the process associated with this entry is running, kill it.

III) Working with startup scripts

Init process executes the system startup scripts. Some tasks that are often perform
in the startup script are
 Setting name of the computer
 Setting the time zone
 Checking the disk fsck
 Mounting the system disk
 Removing old files from /
 Configuring network interfaces
 Starting up daemons and network services
rc files
rc.d
This script is used to control the starting, stopping and restarting daemons it is a
daemon control script.

Navajyothi College Cherupuzha


10

rc.local
This script will execute after all other initialization. We can use this file to add
commands necessary for our environment. You can put your own initialization
stuff here. For eg: you can start additional daemons or initialize a printer. This
file is get executed end of boot process.
rc.Sysinit
It is a configuration script that was run by init process for the initialization of the
system, which set the environment path, check file system, set the system clock
activate swap partition etc…
The X Windows system -Linux GUI
GUI (Graphical User Interface) and CLI (Command Line Interface), are the two modes for
users to interact with the computer. GUI makes it easy for the user, therefore makes the OS
user friendly. CLI gives the user more control and options. Xwindows is progress compared to
the CLI.
Linux offers a wide variety of flashing window and desktop managers for use under X , the
graphical environment . The X window system (commonly X Window System or X11) is a
computer software system and network protocol that provides a basis for graphical user
interfaces (GUI) for networked computers.
provides the basic framework, or primitives, for building such GUI environments: drawing and
moving windows on the screen and interacting with a mouse and keyboard
Some of the program provide in the core distribution include.
 Xterm:a terminal emulator
 Twm:a minimalistic window manager
 Xdm: a display manager
 Xconsol: a console redirect program
 Bitmap: a bitmap editor
 Xault, xhost and iceauth: access control programs
 Xset,xmodmap and many others : User preference setting program
 Xclock: a clock
 Xlsfonts and others: a font displayer, utilities for listing information about fonts,
windows and displays
Xfs: a font server

Starting XWindows automatically


To load Xwindow we can use the command startx.
To change the configuration file etc/inittab default run level entry to 5 as
Id : 5 : initdefault
This will starts Xwindows automatically.
Mounting and Unmounting (Floppy/CDROM/Hard-drive Partitions)

Navajyothi College Cherupuzha


11

By default a Linux system will allow normal users to unmount partitions.


However unless given permission by the superuser, users will not be allowed to
mount partitions. The commands listed below will not work for normal users
unless users have permission to mount that device.
mount
It is a linux command to mount or attach a device or partition to the file system
tree(/)
. This needs to be done so you can access the drive
Syntax:
Mount /mount_point
umount
'Unmount' a device. The command umount a device. It removes it from the
file-system hierarchy (the tree ( / )). This needs to be done before you remove a
floppy/CDROM
or any other removable device
umount /mount_point
/etc/fstab file
fstab is a configuration file that contains information of all the partitions and
storage devices in your LINUX machine. The file is located under /etc, so the full
path to this file is /etc/fstab. /etc/fstab
contains information of where your partitions and storage devices should be
mounted and how. If you can't access your Windows partition from Linux, aren't
able to mount your CD or write to your floppy as a normal user, or have problems
with your CD-RW, you probably have a misconfigured /etc/fstab file. So, you can
usually fix your mounting problems by editing your fstab file.
/etc/fstab is just a plain text file, so you can open and edit it with any text editor
you're familiar with. However, note that you must have the root privileges before
editing fstab. So, in order to edit the file, you must either log in as root or use the
su command to become root.Of course everybody has a bit different /etc/fstab file
because the partitions, devices and their properties are different on different
systems. But the basic structure of fstab is always the same.
Here's an example of the contents of /etc/fstab:
/dev/hda2 / ext2 defaults 1 1
/dev/hdb1 /home ext2 defaults 1 2
/dev/cdrom /media/cdrom auto ro,noauto,user,exec 0 0
/dev/fd0 /media/floppy auto rw,noauto,user,sync 0 0
proc /proc proc defaults 0 0
/dev/hda1 swap swap pri=42 0 0
The first column contains the device name, the second one its mount point, third
its filesystem type, fourth the mount options, fifth (a number) dump options, and
sixth (another number) filesystem check options.
1st and 2nd columns: Device and default mount point

Navajyothi College Cherupuzha


12

The first and second columns should be pretty straightforward. They tell the
mount command exactly the same things that you tell mount when you mount
stuff manually: what is the device or partition, and what is the mount point.
.Some partitions and devices are also automatically mounted when your Linux
system boots up.For example, have a look at the example fstab above. There are
lines that look like this:
/dev/hda2 / ext2 defaults 1 1
/dev/hdb1 /home ext2 defaults 1 2
These lines mean that /dev/hda2 will be mounted to / and /dev/hdb1 to /home.
This is done automatically when your Linux system boots up.
3rd column: Filesystem type
The third column in /etc/fstab specifies the filesystem type of the device or
partition. Many different filesystems are supported
 ext2 and ext3 ----- linux file system
 swap----. The filesystem type "swap" is used in your swap partitions.
 vfat and ntfs --- windows file system
 auto No, this isn't a filesystem type .The option "auto" simply means that
the filesystem type is detected automatically
4th column: Mount options
The fourth column in fstab lists all the mount options for the device or partition.
auto and noauto: With the auto option, the device will be mounted automatically
(at bootup, just like I told you a bit earlier, or when you issue the mount -a
command). auto is the default option. If you don't want the device to be mounted
automatically, use the noauto option in /etc/fstab. With noauto, the device can be
mounted only explicitly.
user and nouser: These are very useful options. The user option allows normal
users to mount the device, whereas nouser lets only the root to mount the device.
nouser is the default, which is a major cause of headache for new Linux users. If
you're not able to mount your cdrom, floppy,Windows partition, or something
else as a normal user, add the user option into /etc/fstab.
exec and noexec: exec lets you execute binaries that are on that partition, whereas
noexec doesn't let you do that.
Exec is the default option,
ro: Mount the filesystem read-only.
rw: Mount the filesystem read-write.
defaults Uses the default options that are rw, suid, dev, exec, auto, nouser, and
async.
5th and 6th columns: Dump and fsck options
Dump is a backup utility and fsck is a filesystem check utility. The 5th column in
/etc/fstab is the dump option. Dump checks it and uses the number to decide if
a filesystem should be backed up. If it's zero, dump will ignore that filesystem. If
you take a look at the example fstab, you'll notice that the 5th column is zero in
most cases.The 6th column is a fsck option. fsck looks at the number in the 6th
Navajyothi College Cherupuzha
13

column to determine in which order the filesystems should be checked. If it's zero,
fsck won't check the filesystem.
If your particular distribution is setup not to allow users to mount partitions its
not very hard to change this, simply edit the /etc/fstab file (as root) and:
Replace the word "defaults" with "user" or Add "user" to the end of the options
list for the particular partition(s).d comments place # before any text.).

Periodic Execution Commands(Job scheduling commnads)(AT &


CRON )
AT
AT executes commands at a specified time . At allows fairly complex time
specifications. It accepts times of the form HH:MM to run a job at a specific
time of day. (If that time is already past, the next day is assumed.) You may
also specify midnight, noon, or teatime (4pm) and you can have a time-of-day
suffixed with AM or PM for running in the morning or the evening. You can
also say what day the job will be run, by giving a date in the form month-name
day with an optional year, or giving a date of the form MMDDYY or
MM/DD/YY or DD.MM.YY. The specification of a date must follow the
specification of the time of day.
For example, to run a job at 4pm three days from now, you would do at 4pm
+ 3 days, to run a job at 10:00am on July 31, you would do at 10am Jul 31
and to run a job at 1am tomorrow, you would do at 1am tomorrow.
If the file /etc/at.allow exists, only usernames mentioned in it are allowed to
use at.
If /etc/at.allow does not exist, /etc/at.deny is checked, every username not
mentioned in it is then allowed to use at. If neither exists, only the superuser
is allowed use of at. An empty /etc/at.deny means that every user is allowed
use these commands, this is the default configuration.
Eg :You start by running the at command at the command line, passing it the
scheduled time as the option. It then places you at a special prompt, where you
can type in the command (or series of commands) to be run at the scheduled
time. When you're done, press Control-D on a new line, and your command
will be placed in the queue.
A typical at command sequence looks like this
at 9:30 PM Tue
warning: commands will be executed using /bin/sh
at> echo "its time to say good Bye."
at> ^D
CRON
cron is a Linux system process that will execute a program at a preset time. Under
linux,periodic execution is normally handled by cron daemon.cron starts when
the system boots and remains running as long as the system is up.To use cron you

Navajyothi College Cherupuzha


14

must prepare a text file that describes the program that you want executed and the
times that cron should execute them. A cron configuration file is crontab.Here is
the format of a crontab file:
[min] [hour] [day of month] [month] [day of week] [program to be run]
where each field is defined as
[min] Minutes that program should be executed on. 0-59. Do not set as * or the
program will be run once a minute.
[hour] Hour that program should be executed on. 0-23. * for every hour.
[day of month] Day of the month that process should be executed on. 1-31. * for
every day.
[month] Month that program whould be executed on. 1-12 * for every month.
[day of week] Day of the week. 0-6 where Sunday = 0, Monday = 1, ...., Saturday
= 6. * for every day of the week.
[program] Program to be executed. Include full path information.
Crontab time specifications
Field Description Range
minute Minute of the hour 0 to 59

hour Hour of the day 0 to 23

day Day of the month 1 to 31

month Month of the year 1 to 12

weekday Day of the week 0 to 6

Each of the time-related fields may contain


• A star, which matches everything
• A single integer, which matches exactly
• Two integers separated by a dash, matching a range of values
• A comma-separated series of integers or ranges, matching any listed value
Here are some examples:
10 ,3 * * * /home/user/check.sh
Will run /home/user/check.shat 3:10am on every day.
45 10 * * 1-5 start.sh
It means “10:45 a.m Monday to friday

You must use crontab to load cron jobs into cron. First create a text file that uses
the above rule to describe the cron job that you want to load into cron. But before
you load it, type crontab -l to list any jobs that are currently loaded in crontab.
CRONTAB
A cron is a utility that allows tasks to automatically run in the background of the
system at regular intervals by use of the cron daemon. Crontab (CRON TABle)
Navajyothi College Cherupuzha
15

is a file which contains the schedule of cron entries to be run and at what times
they are to be run. This can be quite useful.
How does it work?
A cron schedule is a simple ASCII text file. Each user has their own cron
schedule. This is normally located in /var/spool/cron/crontabs for linux
machines.. To create a cron schedule type:
crontab -e
The text editor vi will open a blank window for the "crontab entries" to be
entered. Each line represents a seperate crontab entry (hereafter referred to as
"cron jobs"). (To add comments place # before any text.).
System logs in linux
Log files are files that contain messages about the system, including the kernel,
services, and applications running on it. There are different log files for different
information. For example, there is a default system log file, a log file just for
security messages, and a log file for cron tasks.
Log files can be very useful if you are trying to troubleshoot a problem with the
system such as trying to load a kernel driver or if you are looking for unauthorized
log in attempts to the system..
Some log files are controlled by a daemon called syslogd. A list of log messages
maintained by syslogd can be found in the /etc/syslog.conf configuration file.
Syslog: a utility for tracking and logging system messages
syslog accepts log data from the kernel (by way of klogd), from any and all local
processes, and even from processes on remote systems. It's flexible as well,
allowing you to determine what gets logged and where it gets logged. A
preconfigured syslog installation is part of the base operating system in Linux
Syslog has two important functions
To liberate the programmer the tedious process of writing logs
To put administrator in control of logging.syslog is flexible . it allow messages
are sorted by their source
Logrotate: managing logs

logrotate is a command designed to ease administration of systems that generate


large numbers of log files. It allows automatic rotation, compression, removal,
and mailing of log files. Each log file may be handled daily, weekly, monthly, or
when it grows too large. Logrotes configuration file is /etc/logrotate.conf.
the important options are
compress
Old versions of log files are compressed with gzip by default.
daily
Log files are rotated every day.
nocompress
Old versions of log files are not compressed with gzip
Size=log size
Navajyothi College Cherupuzha
16

Rotate log if file size>logsize

SERVICE COMMAND
Services are important background processes on a system.it is also called daemons.
Generally, they are launched when you boot up your system. managing services is a common
job for a Linux system admin. The service command is part of the init daemon. Let us have a
look at how to start, stop and restart services using the service command.
Listing all the services

service --status –all


we get a list of all the services on our system. In this list, services preceded by a [+] sign are
enabled while the ones preceded by a [-] sign are disabled. This command can be used to find
out the current status of a service on our system. Else, you can use it to verify that your signal
to the system to start, stop or restart a service took effect.
Starting a service

we use the start option of the service command to start a service. This option is preceded by
the name of the service which we wish to start.
service <ServiceName> start
Stopping a service

To stop a service using the service command, we utilise the stop option. This option is
preceded by the name of the service which we wish to stop
service <ServiceName> stop
Restarting a service

To restart a service using the service command, we make use of the restart option. Like
previous examples, this option is typed after the name of the service which we wish to start.
The following command helps us restart a service on Linux.

Module 5
System Maintenance: tmpwatch command, logrotate utility. Backup and Restore: types of backup -
full, differential, incremental, cp, tar commands. Linux Installation: Partitioning, MBR, SWAP, file
system mount points, rpm utility - installation of packages

tmpwatch
Definition:: The tmpwatch utility recursively searches through specified directories and
removes files which have not been accessed in a specified period of time. Tmpwatch is
normally used to clean up directories which are used for temporarily holding files (for
Navajyothi College Cherupuzha
17

example, /tmp). Tmpwatch ignores symlinks, won't switch filesystems and only
removes empty directories and regular files. By default, tmpwatch dates files by their
atime (access time), not their mtime (modification time).
tmpwatch [-u|-m|-c] [-faqstv] [--verbose] [--force] [--all] [--test]
OPTIONS
-u, --atime
Make the decision about deleting a file based on the file's atime (access time).
This is the default.
-m, --mtime
Make the decision about deleting a file based on the file's mtime (modification
time) instead of the atime.
-c, --ctime
Make the decision about deleting a file based on the file's ctime (inode change
time) instead of the atime; for directories, make the decision based on the
mtime.
-a, --all Remove all file types, not just regular files and directories.
***************************************************************
BACK UP
Protecting information is one of the important task of system administrator.
.There are many ways to lose data. Software bugs routinely corrupt data files. Users
accidentally delete data . Hackers erase disks. Hardware problems and natural disasters
take out entire machine . If executed correctly, backups allow an administrator to restore
data to the condition ,it was in at the time of the last backup.
Backups must be done carefully and on a strict schedule. The backup system and
backup media must also be tested regularly to verify that they are working correctly.
Planning for BACK UP a system

Developing an effective backup strategy is an ongoing process. There are many factors
to consider in developing a backup plan. The following questions
are among the most important
What files need to be backed up?
Where are these files?
Who will back up the files?
Where, when, and under what conditions should backups be performed?
How often do these files change
How long do we need to retain this data?

1) Full Backup
The simplest backup scheme is to copy all the files on a system to
tape or other backup media. A full backup does just that, including every file
within a designated set of files . Full backups are time-consuming; restoring a
single file from a large backup spanning multiple tapes is often inconvenient, and

Navajyothi College Cherupuzha


18

when files are not changing very often, the time taken to complete a full backup
may not be justified by the number of new files that are actually being saved
2) Incremental backup
Incremental backups are usually done more frequently. In an incremental
backup, the system copies only those files that have been changed since some
previous backup
3) Differential backup
This backup copies added or changed files since the last full back up
DUMP and restore commands
1) Dump
2) Restore
3) Tar
The dump and restore commands are the most common way to create and restore
from backups . You may have to explicitly install dump and restore on your Linux
systems
Dumping filesystems
Syntax
Dump options filesystem
dump builds a list of files that have been modified since a previous dump, then packs
those files into a single large file to archive to an external device. dump has several
advantages over most of the other utilities described in this chapter:
• Backups can span multiple tapes.
• Files of any type (even devices) can be backed up and restored.
• Permissions, ownerships, and modification times are preserved.
• Files with holes are handled correctly.
• Backups can be performed incrementally (with only recently modified files
being written out to tape).
 The dump command understands the layout of raw filesystems, and it reads a
filesystem’s inode table directly to decide which files must be backed up. This
knowledge of the filesystem makes dump very efficient,
Restoring the file system
The restore utility retrieves files from backup tapes made with the dump utility
Syntax
Restore options files and directories
TAR(tape archive)
The Linux “tar” stands for tape archive, which is used by large number of Linux system
administrators to deal with backup. The tar command used to zip a collection of files
and directories into highly compressed archive file commonly
called tarball or tar, gzip in Linux. The tar is most widely used command to create
compressed archive files and that can be moved easily from one disk to anther disk or
machine to machine.Tar can be used to copy files to and from tape or across a network.
Create tar Archive File
tar –cvf directory-name.tar directory-name
Navajyothi College Cherupuzha
19

1. c – Creates a new .tar archive file.


2. v – Verbosely show the .tar file progress.
3. f – File name type of the archive file.

Create tar.gz Archive File


To create a compressed gzip archive file we use the option as z.
tar –cvzf directory-name.tar.gz directory-name
Untar tar Archive File
To untar or extract a tar file, just issue following command using option x (extract).
Tar command will untar the file in present working directory.
Tar –xvf tar file

inode
In Linux and other Unix-based operating systems, an inode (short for "index node") is a data structure
that stores information about a file or directory. Each file or directory on a filesystem is associated
with an inode, which contains metadata such as the file's permissions, ownership, size, creation and
modification timestamps, and the location of the file's data blocks on the disk.
The inode contains a fixed set of information about the file, which includes:
 File type (regular file, directory, symbolic link, device file, etc.)
 File permission mode
 Owner and group ownership
 Size of the file in bytes
 Timestamps (creation, modification, and access times)
 Number of hard links pointing to the file
 Pointers to the disk blocks that contain the file's actual data
The inode is used by the file system to locate and access the file's data on the disk. When a file is
accessed, the file system first looks up the inode associated with the file and retrieves the information
it needs to locate the data blocks on the disk.
The inode data structure plays a critical role in the management and organization of files on a Linux
or Unix-based file system. It enables the system to efficiently store and retrieve file information and
provides a mechanism for ensuring the integrity of the file system by keeping track of important
metadata associated with each file.
***************************************************
Linux installation & Partitioning
Disk Partitioning is the process of dividing a disk into one or more logical areas, often known as
partitions, on which the user can work separately. It is one step of disk formatting. If a partition is
created, the disk will store the information about the location and size of partitions in the partition
table. In Linux, partitions are represented by device files. These files are located at /dev A device file
is a file with type c ( for "character" devices, devices that do not use the buffer cache) or b (for "block"
devices, which go through the buffer cache). In Linux, all disks are
represented as block devices only.By convention, IDE drives will be given device names /dev/hda to
/dev/hdd.Hard Drive A (/dev/hda) is the first drive and Hard Drive C(/dev/hdc) is the third. Once a
drive has been partitioned, the partitions will represented as numbers on the end of the names. For
example, the second partition on the second drive will be /dev/hdb2.

Navajyothi College Cherupuzha


20

Each partition is identified by a unique device name and a corresponding file system, such as ext3,
NTFS, or FAT32. The file system determines how the data is organized and stored on the partition.
Different file systems have different characteristics and are optimized for different purposes.

Master boot record


The Master Boot Record (MBR) is a small but critical piece of code located at the beginning of a hard
drive or other storage device. The MBR contains several important components, including the partition
table and the boot loader. The partition table is a small piece of data that describes the layout of the
hard drive, including the number and size of partitions. The boot loader, on the other hand, is
responsible for loading the operating system into memory and starting its execution. In Linux, the
MBR is typically used to boot the operating system.MBR is responsible for loading and executing the
GRUB boot loader.The MBR is located in the 1st sector of the bootable disk, which is
typically /dev/hda, or /dev/sda, depending on your hardware. The MBR also contains information
about GRUB, or LILO in very old systems. The MBR contains partition table information that
describes the layout of the disk and the location of the various partitions. This information is critical
for the operating system to access and manage the disk's data.

SWAP
In Linux, "swap" refers to a space on a hard drive that is used as virtual memory when the physical
RAM (Random Access Memory) in a system is full. The swap space allows the system to temporarily
store less frequently used data and swap it back into RAM when needed.
. The combined sizes of the physical memory and the swap space is the amount of virtual memory
available. Linux has two forms of swap space: the swap partition and the swap file. The swap partition
is an independent section of the hard disk used for swapping; no other files can reside there. The swap
file is a special file in the filesystem that resides amongst your system and data files. It is possible to
run a Linux system without a swap space, and the system will run well if you have a large amount of
memory -- but if you run out of physical memory then the system will crash, as it has nothing else it
can do, so it is advisable to have a swap space

RPM
Red Hat Package Manager or RPM Package Manager (RPM) is a package management system. RPM
packages are precompiled and compressed software packages that contain all the files necessary to
install and run a particular piece of software on a Linux system. RPM packages have a ".rpm" file
extension. RPM was intended primarily for Linux distributions. The RPM Package Manager (RPM) is
a powerful command line driven package management system capable of installing, uninstalling,
verifying, querying, and updating computer software packages.
RPM package is a powerful utility to manage the software in all major Linux distributions. RPMs can
be used to,
 Install packages
 Remove packages
 Upgrade packages
 Verify packages
To manage RPM packages in Linux, you can use the rpm command-line utility. Some common
rpm commands include:
Installing a package
rpm –i package_name.rpm
Removing a package name

Navajyothi College Cherupuzha


21

rpm –e package_name.rpm
querying a package
rpm –q package_name.rpm
this command will display the information about the installed package specified in the command
Updating a package
rpm –u packagename.rpm
This command will update the installed package specified in the command
Listing the package
rpm –qa
This command will display all installed package

Navajyothi College Cherupuzha

You might also like