Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rootly Powers and Controlling Processes

Published bySolomon Davis Modified over 6 years ago

Similar presentations

Presentation on theme: "Rootly Powers and Controlling Processes"— Presentation transcript:

1 Rootly Powers and Controlling Processes
Chapters 3 & 4 Rootly Powers and Controlling Processes

2 Linux Admin Session 2 Outline
All things root. More fun with commands, shells, and scripting. Processes and how to manipulate them.

3 Lets Review Helpful documentation is available on most commands.
Use “man” command to open the manual page for that application (i.e., man wc ) Alternatively use “command --help” to open a brief help/usage screen

4 Lets Review Homework cut: separate lines into fields sort: sort lines
uniq: print unique lines wc: count lines, words, and characters For example, the command below shows that 20 users have /bin/bash as their login shell and that 12 have /bin/false. (The latter are either pseudo-users or users whose accounts have been disabled.) $ cut -d: -f7 /etc/passwd | sort | uniq -c 20 /bin/bash 12 /bin/false

5 Shell Environment Variables
Shell Environment All the programs that run under Linux are called as processes. Processes run continuously in Linux and you can kill or suspend different processes using various commands. When you start a program a new process is created. This process runs within what is called an environment. This particular environment would be having some characteristics which the program/process may interact with. Every program runs in its own environment. You can set parameters in this environment so that the running program can find desired values when it runs. Setting a particular parameter is as simple as typing VARIABLE=value . This would set a parameter by the name VARIABLE with the value that you provide. To see a list of the environment variables that are already set on your machine, type the following $ env

6 File Ownership Every file in Linux system belongs to an owner and a group. Owners are users or names on the system Groups – collections of users with the same file privileges The “find” command is used to locate files on a Unix or Linux system.  find will search any set of directories you specify for files that match the supplied search criteria.  (example) The “ls” command lists file information (example) UIDs and GIDs Mapped to names in /etc/passwd and /etc/group Similar to DOS command “dir” $ find / -name core $ find / -user student 2> /dev/null (sends error messages here permission denied) $ find / -name core > /tmp/corefiles 2> /dev/null $ ps –ef | grep httpd

7 Editors (Scripting) Vim (vi improved) Emacs Pico

8 Root “With great power comes great responsibility…….”
Root aka “superuser” UID 0 Traditionally root could perform any operation on any process. (bad idea)

9 Root cont’ Some examples of root activities include:
Changing the root directory of a process Creating device files Setting the system clock Raising resource usage limits and process priorities Setting the systems hostname Configuring the network interfaces Opening privileged network ports Shutting down the system

10 Root Password Lets look at security guide page 40
At least 8 characters in length Secure – NOT Secure “password” “12345” “cooper!ee” :P Change the password: every 3 months when security has been compromised when other sys admins leave

11 Secure Password Creation Methodology
T here are many methods that people use to create secure passwords. One of the more popular methods involves acronyms. For example: Think of an easily-remembered phrase, such as: "over the river and through the woods, to grandmother's house we go." Next, turn it into an acronym (including the punctuation). otrattw,tghwg. Add complexity by substituting numbers and symbols for letters in the acronym. For example, substitute 7 for t and the at symbol ) for a: 77w,7ghwg. Add more complexity by capitalizing at least one letter, such as H. 77w,7gHwg. Finally, do not use the example password above for any systems, ever.

12 Creating User Passwords Within an Organization
If an organization has a large number of users, the system administrators have two basic options available to force the use of good passwords. They can create passwords for the user, or they can let users create their own passwords, while verifying the passwords are of acceptable quality. Creating the passwords for the users ensures that the passwords are good, but it becomes a daunting task as the organization grows. It also increases the risk of users writing their passwords down. For these reasons, most system administrators prefer to have the users create their own passwords, but actively verify that the passwords are good and, in some cases, force users to change their passwords periodically through password aging. (we will revisit password aging – for now – man “chage” command)

13 Forcing Strong Passwords
When users are asked to create or change passwords, they can use the command line application passwd, which is Pluggable Authentication Modules (PAM) aware and therefore checks to see if the password is too short or otherwise easy to crack. /etc/security/pwquality.conf

14 Becoming Root Logging in a root is typically a bad idea
Actions are not logged The su command gives any user access The sudo command – executes programs with su like privileges /etc/sudoers lists authorized users Good for 5 minutes Sudoers actions are logged Du –sh /root

15 Other Pseudo Users bin – legacy owner of system commands (now used by root account) daemon – files and processes part of the Linux distribution but do not need to be owned by root nobody account- used for remote root users to access local file systems via NFS (network file sharing)

16 Controlling Processes
A process is an address space and set of data structures inside the kernel The kernel maintains process information Address space map Process status Execution priority Resources used Files and network ports opened Owner of the process

17 Processes Remember the “ps” command
PID – unique process IDs created by the kernel PPID – the parent ID of the process EUID – effective user ID Typically the same value as UID UID controls process ownership EUID controls process permissions GID and EGID are similar to UID and EUID respectively

18 Signals Provide interrupts to process Over 20 are defined (maybe more)
E.g. Can be used to halt or terminate processes via terminal, kernel or processes. When a process receives a signal “catch” the signal and perform some defined action Take a default action Processes can also block or ignore signals Core dump

19 nohup sh custom-script.sh &
No hang up and bg 0. Run some SOMECOMMAND 1. ctrl+z to stop (pause) the program and get back to the shell 2. bg to run it in the background 3. disown -h so that the process isn't killed when the terminal closes 4. Type exit to get out of the shell because now your good to go as the operation will run in the background in it own process so its not tied to a shell

20 Taking it one step further….
jobs - list the current jobs fg - resume the job that's next in the queue fg %[number] - resume job [number] bg - Push the next job in the queue into the background bg %[number] - Push the job [number] into the background

21 Kill Command “kill” is used to terminate a process
Can send any signal but by default sends TERM signal kill –l lists all possible signals kill -9 (KILL) pid The “pkill” command is similar to killall

22 Process State Process can enter one of four states:
“R” Runnable - ready for execution “S” Sleeping - waiting on resource before execution ”Z” Zombie - process is trying to die “T” Stopped - process is not allowed to execute “top” command (example) “ps aux” a option prints all processes, u option prints info about each process, and x option prints terminal based processes

23

24 /Proc A lot of kernel information is stored in the /proc directory
Programs such as ps pull information from this directory Inside the /proc directory, you’ll see two types of content — numbered directories, and system information files. /proc is not a real file system, it is a virtual file system. For example, if you do ls -l /proc/stat, you’ll notice that it has a size of 0 bytes, but if you do “cat /proc/stat”, you’ll see some content inside the file. Do a ls -l /proc, and you’ll see lot of directories with just numbers. These numbers represents the process ids, the files inside this numbered directory corresponds to the process with that particular PID.

Download ppt "Rootly Powers and Controlling Processes"

Similar presentations

June 1, 1999Foreground/Background Processing1 Introduction to UNIX H. Foreground/Background Processing.

June 1, 1999Foreground/Background Processing1 Introduction to UNIX H. Foreground/Background Processing.
Basic Unix system administration

Basic Unix system administration
Using tcpdump. tcpdump is a powerful tool that allows us to sniff network packets and make some statistical analysis out of those dumps. tcpdump operates.

Using tcpdump. tcpdump is a powerful tool that allows us to sniff network packets and make some statistical analysis out of those dumps. tcpdump operates.
Essential System Administration 3rd Edition Chapter 2 The Unix Way(Cont.) University Of Palestine.

Essential System Administration 3rd Edition Chapter 2 The Unix Way(Cont.) University Of Palestine.
Introduction to Unix – CS 21 Lecture 10. Lecture Overview Midterm questions Jobs and processes description The foreground and background Controlling jobs.

Introduction to Unix – CS 21 Lecture 10. Lecture Overview Midterm questions Jobs and processes description The foreground and background Controlling jobs.
CS 497C – Introduction to UNIX Lecture 26: - The Process Chin-Chih Chang

CS 497C – Introduction to UNIX Lecture 26: - The Process Chin-Chih Chang
Controlling Processes & Periodic Processes WeeSan Lee

Controlling Processes & Periodic Processes WeeSan Lee
Introducing the Command Line CMSC 121 Introduction to UNIX Much of the material in these slides was taken from Dan Hood’s CMSC 121 Lecture Notes.

Introducing the Command Line CMSC 121 Introduction to UNIX Much of the material in these slides was taken from Dan Hood’s CMSC 121 Lecture Notes.
Process Process: the UNIX abstraction of a stand-along computer that manages resources (memory, CPU, I/O resources) comprising a running program. Processes.

Process Process: the UNIX abstraction of a stand-along computer that manages resources (memory, CPU, I/O resources) comprising a running program. Processes.
Now, return to the Unix Unix shells: Subshells--- Variable---1. Local 2. Environmental.

Now, return to the Unix Unix shells: Subshells--- Variable---1. Local 2. Environmental.
Lesson 22 – Introduction to Linux Systems Administration.

Lesson 22 – Introduction to Linux Systems Administration.
Lecture 02CS311 – Operating Systems 1 1 CS311 – Lecture 02 Outline UNIX/Linux features – Redirection – pipes – Terminating a command – Running program.

Lecture 02CS311 – Operating Systems 1 1 CS311 – Lecture 02 Outline UNIX/Linux features – Redirection – pipes – Terminating a command – Running program.
Linux+ Guide to Linux Certification, Second Edition

Linux+ Guide to Linux Certification, Second Edition
Linux Installation and Administration Lesson 2 Tutor: George Papamarkos.

Linux Installation and Administration Lesson 2 Tutor: George Papamarkos.
5 UNIX Processes. Introduction  Processes  How to list them  How to terminate them  Process priorities  Scheduling jobs  Signals.

5 UNIX Processes. Introduction  Processes  How to list them  How to terminate them  Process priorities  Scheduling jobs  Signals.
UNIX Processes. The UNIX Process A process is an instance of a program in execution. Created by another parent process as its child. One process can be.

UNIX Processes. The UNIX Process A process is an instance of a program in execution. Created by another parent process as its child. One process can be.
Linux Filesystem Management

Linux Filesystem Management
Linux in More Detail Shirley Moore CPS5401 August 29, 2013 1.

Linux in More Detail Shirley Moore CPS5401 August 29,
Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.

Guide to Linux Installation and Administration, 2e1 Chapter 8 Basic Administration Tasks.
Unix System Administration Rootly Powers Chapter 3.

Unix System Administration Rootly Powers Chapter 3.

Similar presentations

Ads by Google