Total Pageviews

Search: This Blog, Linked From Here, The Web, My fav sites, My Blogroll

12 May 2009

*nix for newbies - "no one knows everything about Unix"

under revision

Foremost be self-reliant ;-)


OS Components

The components that make up the Unix operating system are: the kernel, the shell, the file system, and the utilities (applications).

Unix Kernel
The kernel is the lowest layer (in our users prspective) of the Unix system. It provides the core capabilities of the system and allows processes (say rawly programs in execution) to access the hardware in an orderly manner. Basically, the kernel controls
These are all called autonomous functions, in that they are run without instructions by a user process. It is the kernel that allows the system to run in multiuser (more than one user can access the system at the same time, concurrently), multitasking (more than one program seems to running at the same time) mode.

A kernel is built for the specific hardware on which it is operating, so a kernel built for a Sun Sparc machine can’t be run on an Intel processor machine without modifications. Because the kernel deals with very low-level tasks, such as accessing the hard drive or managing multitasking, and is not user friendly, it is generally not accessed by the regular user.
  • One of the most important functions of the kernel is to facilitate the creation and management of processes. Processes are executed programs (called jobs or tasks in some operating systems) that have owners —human or systems— who initiate their calling or execution. The management of these can be very complicated because one process often calls another (referred to as forking in Unix). Frequently processes also need to communicate with one another, sending and receiving information that allows other actions to be performed. The kernel manages all of this outside of the user’s awareness.
  • The kernel also manages memory, a key element of any system. It must provide all processes with adequate amounts of memory, and some processes require a lot of it. Sometimes a process requires more memory than is available (too many other processes running, for example). This is where virtual memory comes in. When there isn’t enough physical memory (RAM), the system tries to accommodate the process by moving portions of it to the hard disk. When the portion of the process that was moved to hard disk is needed again, it is returned to physical memory. This procedure, called paging, allows the system to provide multitasking capabilities, even with limited physical memory.
  • Another aspect of virtual memory is called swap, whereby the kernel identifies the least-busy process or a process that does not require immediate execution. The kernel then moves the entire process out of RAM to the hard drive until it is needed again, at which point it can be run from the hard drive or from physical RAM. The difference between the two is that paging moves only part of the process to the hard drive, while swapping moves the entire process to hard drive space. The segment of the hard drive used for virtual memory is called the swap space in Unix, a term you will want to remember as you go on. Running out of swap space can cause significant problems, up to and including system failure, so always be sure you have sufficient swap space. Whenever swapping occurs, you pay a heavy price in significantly decreased performance, because disks are appreciably slower than physical RAM. You can avoid swapping by ensuring that you have an adequate amount of physical RAM for the system.

The shell is a command line (CLI) interpreter that enables the user to interact with the operating system. A shell provides the next (near to user) layer of functionality for the system(shell's layer site trough applications and kernel layer); it's what you use directly to administer and run the system. The shell you use will greatly affect the way you work. The original Unix shells have been heavily modified into many different types of shells over the years, all with some unique feature that the creator(s) felt was lacking in other shells. There are three major shells available on most systems:
  • the Bourne shell (sh-->bash-->dash): The Bourne shell (also simply called shell) was the first shell for Unix. It is still the most widely available shell on Unix systems, providing a language with which to script programs and basic user functionality to call other programs. Shell is good for everyday use and is especially good for shell scripting because its scripts are very portable (they work in other Unix versions Bourne shells). The only problem with the Bourne shell is that it has fewer features for user interaction than some of the more modern shells.
  • the C shell (csh-->tcsh): The C shell is another popular shell commonly available on Unix systems. This shell, from the University of California at Berkeley, was created to address some of the shortcomings of the Bourne shell and to resemble the C language (which is what Unix is built on). Job control features and the capability to alias commands ) make this shell much easier for user interaction. The C shell had some early quirks when dealing with scripting and is often regarded as less robust than the Bourne shell for creating shell scripts. The quirks were eventually fixed, but the C shell still has slight variations, resulting from different implementations based on which entity (commercial provider or other resource) is providing the shell.
  • the Korn shell (ksh): The Korn shell was created by David Korn to address the Bourne shell’s user - interaction issues and to deal with the shortcomings of the C shell’s scripting quirks. The Korn shell adds some functionality that neither the Bourne or C shell has while incorporating the strong points of each shell. The only drawback to the Korn shell is that it requires a license, so its adoption is not as widespread as that of the other two.
These are by no means the only shells available. Here’s a list of some of the many shells available for the different Unix systems:

sh (also known as the Bourne shell)
PDKSH (Public Domain Korn shell)
bash (Bourne Again Shell—a revamped version of Bourne shell)
Z shell (Like Bash but with more features)
TCSH (TENEX C shell is an enhancend csh)
Sash (Stand alone shell: a very minimal shell good for troubleshooting in minimalistic systems)
As with everything Unix, there are many different implementations, and you are free to choose the shell that best suits your needs based on the features provided.
The shell is used almost exclusively via the command line (CLI), a text-based mechanism by which the user interacts with the system.

The Other Components
The other Unix components are the file system and the utilities.
  • The file system enables the user to view, organize, secure, and interact with, in a consistent manner, files and directories located on storage devices.
  • Utilities are the applications that enable you to work on the system (not to be confused with the shell). These utilities include the Web browser for navigating the Internet, word processing utilities, e-mail programs, and other commands.
*nix is famous for its huge number of command line utility programs, and the programs themselves are famous for their large numbers of options, switches, and configuration files. But the truth is that users will only use a limited (but still significant) number of these utilities on a recurring basis, and then only with a subset of the most important and useful options, switches and configuration files.

Is also famous for its "programmability". Utilities are designed, by default, to work wtih other utilities within shell programs as a way of automating system tasks.

Unix boot process

System Startup
What occurs from the power-off position until your operating system is fully available is called the boot process. In the simplest terms, the boot process consists of the Read-Only Memory’s (ROM, or NVRAM, or firmware) loading of the program for actually booting (starting) the system.
This initial step (commonly called bootstrapping) identifies the devices on the system that can be booted or started from.  
You can boot or start from only one device at a time, but, because many different devices can be identified as bootable, one of those other identified devices can be used if one bootable device has a failure. These devices may load automatically, or you may be shown a list of devices from which you can choose.

The boot device doesn’t have to be a physical hard drive, because the system can boot from:
  • the network
  • removable storage (such as a CD-ROM or floppy diskette or memory stick)
A boot device simply holds the information about where to load the operating system. The bootstrap phase only identifies the hardware available for booting and whether it is usable.

Control is then transferred to the kernel. The operating system has not been loaded at this point, and the system is not usable for production processes. Some systems show the boot process by means of messages on the screen (Type dmesg command to see the message buffer of the kernel ), and others hide the system messages from the users by using graphical figures to represent the boot process.

After the initial bootstrapping, the boot program begins loading the Unix kernel, which typically resides in the root partition of the system (moatly as symbolic link to a image file in /boot ). The kernel on most Unix systems is called unix; in Linux systems, it might be called vmunix or vmlinuz. Its location differs according to the Unix version:

❑ AIX: /unix
❑ Linux: /boot/vmlinuz
❑ Solaris: /kernel/unix

These are only a few of the different kernel locations, but in general you shouldn’t have to modify the kernel in day-to-day or even development processes unless you are a system administrator or need to add/remove some functionality from the kernel for a specific need.

The kernel’s initial tasks, which vary according to hardware and Unix version, are followed by the initialization phase, in which the system processes and scripts are started. The init process is the first job started and is the parent of all other processes. It must be running for the system to run.

The init process calls the initialization scripts and completes administrative tasks relative to the system, such as starting sendmail, the X or window server (that provides the graphical user interface), and so on. The init process looks into the initialization specification file, usually called /etc/inittab. This file identifies how init should interpret different run levels and what scripts and processes should be started in each run level. A run level is a grouping of processes (programs in the most basic sense) or daemons (processes that run all the time).
  • Note--Ubuntu Linux do not use init anymore to manage its services during startup or shutdown of the system. Instead it uses 'upstart' as replacement for the traditional (sysv)init utility that is common to Linux-based operating system. All the things that you used to have in the /etc/inittab is ported to upstart's /etc/event.d/. It might take some of time to get used to the way upstart manage things in your computer, For example, the settings for 'tty3' is located in '/etc/event.d/tty3' if you need to change it's parameter, and rc scripts on rc*. Additionally you can use 'runlevel' command to determine which runlevel your computer is in. Please refer to Upstart Project page if you're interested to know more about the project.
  •  Excerpt from

    Debian Linux

    Debian, as well as most of the distributions based on it, like Ubuntu, does not make any distinction between runlevels 2 to 5. See also the Debian FAQ on booting.

    * 0 - Halt
    * 1 - Single
    * 2 - Full multi-user with display manager (GUI)
    * 3 - Full multi-user with display manager (GUI)
    * 4 - Full multi-user with display manager (GUI)
    * 5 - Full multi-user with display manager (GUI)
    * 6 - Reboot
    One way to see what runlevel you are on is to issue the following command as root (or in Ubuntu as normal user):

    # runlevel
    N 5
    If when you run the above command it says that you are indeed on runlevel 3, then you know that your entry into inittab is being honored. You can change to a different runlevel by using the following command as root:

    # telinit 5
    This will change your runlevel to 5 by shutting down unnecesary process's and starting up all runlevel 5 process's. In my case it says that I'm on runlevel 5. According to 2-5 on ubuntu all use a gui. Each defined run level should have an rcX.d directory where X is the run level number. The contents of the /etc/rc2-5.d directories are all the same, so you could customize lets say rc3.d. The contents of the rcX.d directory determines what happens at that runlevel. Because runlevel 3 is not used by default on ubuntu you could go into /etc/rc3.d and change what is loaded. For example the file /etc/rc3.d/S13gdm is used to start your gui. You could test this by temporarily moving the /etc/rc3.d/s13gdm file to another location and rebooting or if you are not already on runlevel 3 by issuing:

    # telinit 3

Mac OS X and some of the newer versions of Unix are not as verbose as other Unix systems, because, as Unix has evolved, the makers of the different Unix systems have made ease of use their primary goal. Because the typical end user has no use for the information, a lot of the messages that appear on initialization screens of older versions of Unix generally aren’t displayed by Mac OS X and user-friendly Linuxes (Fedora, Ubuntu, OpenSuse etc).

Note---You can use the escape sequence (Cmd+v) to view the boot messages on the Mac OS X.

The boot-up screens contain a wealth of information, but you don’t have to watch every message as it displays on your screen. You can use the command dmesg to gather boot-up messages that you can peruse at your leisure.

harrykar@harrykar-desktop:~$ dmesg
[    0.000000] BIOS EBDA/lowmem at: 0009fc00/0009fc00
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Linux version 2.6.28-11-generic (buildd@palmer) (gcc version 4.3.3 (Ubuntu 4.3.3-5ubuntu4) ) #42-Ubuntu SMP Fri Apr 17 01:57:59 UTC 2009 (Ubuntu 2.6.28-11.42-generic)
[    0.000000] KERNEL supported cpus:
[    0.000000]   Intel GenuineIntel
[    0.000000]   AMD AuthenticAMD
[    0.000000]   NSC Geode by NSC
[    0.000000]   Cyrix CyrixInstead
[    0.000000]   Centaur CentaurHauls
[    0.000000]   Transmeta GenuineTMx86
[    0.000000]   Transmeta TransmetaCPU
[    0.000000]   UMC UMC UMC UMC
[    0.000000] BIOS-provided physical RAM map:
[    0.000000]  BIOS-e820: 0000000000000000 - 000000000009fc00 (usable)
[    0.000000]  BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved)
[    0.000000]  BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)
[    0.000000]  BIOS-e820: 0000000000100000 - 000000007fff0000 (usable)
[    0.000000]  BIOS-e820: 000000007fff0000 - 000000007fff3000 (ACPI NVS)
[    0.000000]  BIOS-e820: 000000007fff3000 - 0000000080000000 (ACPI data)
[    0.000000]  BIOS-e820: 00000000ffff0000 - 0000000100000000 (reserved)
[    0.000000] DMI 2.3 present.
[    0.000000] last_pfn = 0x7fff0 max_arch_pfn = 0x100000
[    0.000000] Scanning 2 areas for low memory corruption
[    0.000000] modified physical RAM map:
[    0.000000]  modified: 0000000000000000 - 0000000000002000 (usable)
[    0.000000]  modified: 0000000000002000 - 0000000000006000 (reserved)
[    0.000000]  modified: 0000000000006000 - 0000000000007000 (usable)
[    0.000000]  modified: 0000000000007000 - 0000000000010000 (reserved)
[    0.000000]  modified: 0000000000010000 - 0000000000092c00 (usable)
[    0.000000]  modified: 000000000009fc00 - 00000000000a0000 (reserved)
[    0.000000]  modified: 00000000000f0000 - 0000000000100000 (reserved)
[    0.000000]  modified: 0000000000100000 - 000000007fff0000 (usable)
[    0.000000]  modified: 000000007fff0000 - 000000007fff3000 (ACPI NVS)
[    0.000000]  modified: 000000007fff3000 - 0000000080000000 (ACPI data)
[    0.000000]  modified: 00000000ffff0000 - 0000000100000000 (reserved)
[    0.000000] kernel direct mapping tables up to 373fe000 @ 10000-16000
[    0.000000] RAMDISK: 378bb000 - 37fef11d
[    0.000000] Allocated new RAMDISK: 00881000 - 00fb511d
[    0.000000] Move RAMDISK from 00000000378bb000 - 0000000037fef11c to 00881000 - 00fb511c
[    0.000000] ACPI: RSDP 000F63D0, 0014 (r0 AOPEN )
[    0.000000] ACPI: RSDT 7FFF3000, 0028 (r1 AOPEN  AWRDACPI 42302E31 AWRD        0)
[    0.000000] ACPI: FACP 7FFF3040, 0074 (r1 AOPEN  AWRDACPI 42302E31 AWRD        0)
[    0.000000] ACPI: DSDT 7FFF30C0, 340A (r1 AOPEN  AWRDACPI     1000 MSFT  100000C)
[    0.000000] ACPI: FACS 7FFF0000, 0040
[    0.000000] 1163MB HIGHMEM available.
[    0.000000] 883MB LOWMEM available.
[    0.000000]   mapped low ram: 0 - 373fe000
[    0.000000]   low ram: 00000000 - 373fe000
[    0.000000]   bootmap 00012000 - 00018e80
[    0.000000] (9 early reservations) ==> bootmem [0000000000 - 00373fe000]
[    0.000000]   #0 [0000000000 - 0000001000]   BIOS data page ==> [0000000000 - 0000001000]
[    0.000000]   #1 [0000001000 - 0000002000]    EX TRAMPOLINE ==> [0000001000 - 0000002000]
[    0.000000]   #2 [0000006000 - 0000007000]       TRAMPOLINE ==> [0000006000 - 0000007000]
[    0.000000]   #3 [0000100000 - 000087c52c]    TEXT DATA BSS ==> [0000100000 - 000087c52c]
[    0.000000]   #4 [000087d000 - 0000881000]    INIT_PG_TABLE ==> [000087d000 - 0000881000]
[    0.000000]   #5 [000009fc00 - 0000100000]    BIOS reserved ==> [000009fc00 - 0000100000]
[    0.000000]   #6 [0000010000 - 0000012000]          PGTABLE ==> [0000010000 - 0000012000]
[    0.000000]   #7 [0000881000 - 0000fb511d]      NEW RAMDISK ==> [0000881000 - 0000fb511d]
[    0.000000]   #8 [0000012000 - 0000019000]          BOOTMAP ==> [0000012000 - 0000019000]
[    0.000000] Zone PFN ranges:
[    0.000000]   DMA      0x00000000 -> 0x00001000
[    0.000000]   Normal   0x00001000 -> 0x000373fe
[    0.000000]   HighMem  0x000373fe -> 0x0007fff0
[    0.000000] Movable zone start PFN for each node
[    0.000000] early_node_map[4] active PFN ranges
[    0.000000]     0: 0x00000000 -> 0x00000002
[    0.000000]     0: 0x00000006 -> 0x00000007
[    0.000000]     0: 0x00000010 -> 0x00000092
[    0.000000]     0: 0x00000100 -> 0x0007fff0
[    0.000000] On node 0 totalpages: 524149
[    0.000000] free_area_init_node: node 0, pgdat c06d0f80, node_mem_map c1000000
[    0.000000]   DMA zone: 32 pages used for memmap
[    0.000000]   DMA zone: 0 pages reserved
[    0.000000]   DMA zone: 3941 pages, LIFO batch:0
[    0.000000]   Normal zone: 1736 pages used for memmap
[    0.000000]   Normal zone: 220470 pages, LIFO batch:31
[    0.000000]   HighMem zone: 2328 pages used for memmap
[    0.000000]   HighMem zone: 295642 pages, LIFO batch:31
[    0.000000]   Movable zone: 0 pages used for memmap
[    0.000000] ACPI: PM-Timer IO Port: 0x4008
[    0.000000] SMP: Allowing 1 CPUs, 0 hotplug CPUs
[    0.000000] Local APIC disabled by BIOS -- you can enable it with "lapic"
[    0.000000] PM: Registered nosave memory: 0000000000002000 - 0000000000006000
[    0.000000] PM: Registered nosave memory: 0000000000007000 - 0000000000010000
[    0.000000] PM: Registered nosave memory: 0000000000092000 - 00000000000a0000
[    0.000000] PM: Registered nosave memory: 00000000000a0000 - 00000000000f0000
[    0.000000] PM: Registered nosave memory: 00000000000f0000 - 0000000000100000
[    0.000000] Allocating PCI resources starting at 88000000 (gap: 80000000:7fff0000)
[    0.000000] PERCPU: Allocating 45056 bytes of per cpu data
[    0.000000] NR_CPUS: 64, nr_cpu_ids: 1, nr_node_ids 1
[    0.000000] Built 1 zonelists in Zone order, mobility grouping on.  Total pages: 520053
[    0.000000] Kernel command line: root=UUID=8f5f4986-bd5b-4e9d-b900-0c8ee26d33a4 ro quiet splash
[    0.000000] Enabling fast FPU save and restore... done.
[    0.000000] Enabling unmasked SIMD FPU exception support... done.
[    0.000000] Initializing CPU#0
[    0.000000] PID hash table entries: 4096 (order: 12, 16384 bytes)
[    0.000000] Fast TSC calibration using PIT
[    0.000000] Detected 1633.397 MHz processor.
[    0.004000] Console: colour VGA+ 80x25
[    0.004000] console [tty0] enabled
[    0.004000] Dentry cache hash table entries: 131072 (order: 7, 524288 bytes)
[    0.004000] Inode-cache hash table entries: 65536 (order: 6, 262144 bytes)
[    0.004000] allocated 10485440 bytes of page_cgroup
[    0.004000] please try cgroup_disable=memory option if you don't want
[    0.004000] Scanning for low memory corruption every 60 seconds
[    0.004000] Memory: 2053116k/2097088k available (4126k kernel code, 42608k reserved, 2208k data, 532k init, 1191880k highmem)
[    0.004000] virtual kernel memory layout:
[    0.004000]     fixmap  : 0xffc77000 - 0xfffff000   (3616 kB)
[    0.004000]     pkmap   : 0xff400000 - 0xff800000   (4096 kB)
[    0.004000]     vmalloc : 0xf7bfe000 - 0xff3fe000   ( 120 MB)
[    0.004000]     lowmem  : 0xc0000000 - 0xf73fe000   ( 883 MB)
[    0.004000]       .init : 0xc0737000 - 0xc07bc000   ( 532 kB)
[    0.004000]       .data : 0xc0507a6f - 0xc072fe60   (2208 kB)
[    0.004000]       .text : 0xc0100000 - 0xc0507a6f   (4126 kB)
[    0.004000] Checking if this processor honours the WP bit even in supervisor mode...Ok.
[    0.004000] SLUB: Genslabs=12, HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1
[    0.004019] Calibrating delay loop (skipped), value calculated using timer frequency.. 3266.79 BogoMIPS (lpj=6533588)
[    0.004054] Security Framework initialized
[    0.004069] SELinux:  Disabled at boot.
[    0.004114] AppArmor: AppArmor initialized
[    0.004128] Mount-cache hash table entries: 512
[    0.004367] Initializing cgroup subsys ns
[    0.004374] Initializing cgroup subsys cpuacct
[    0.004377] Initializing cgroup subsys memory
[    0.004384] Initializing cgroup subsys freezer
[    0.004405] CPU: L1 I Cache: 64K (64 bytes/line), D cache 64K (64 bytes/line)
[    0.004409] CPU: L2 Cache: 256K (64 bytes/line)
[    0.004436] Checking 'hlt' instruction... OK.
[    0.020588] SMP alternatives: switching to UP code
[    0.207035] Freeing SMP alternatives: 18k freed
[    0.207044] ACPI: Core revision 20080926
[    0.209057] ACPI: Checking initramfs for custom DSDT
[    0.566358] ACPI: setting ELCR to 0200 (from 0e00)
[    0.567704] weird, boot CPU (#0) not listedby the BIOS.
[    0.567710] SMP motherboard not detected.
[    0.567714] Local APIC not detected. Using dummy APIC emulation.
[    0.567716] SMP disabled
[    0.568176] Brought up 1 CPUs
[    0.568180] Total of 1 processors activated (3266.79 BogoMIPS).
[    0.568201] CPU0 attaching NULL sched-domain.
[    0.568666] net_namespace: 776 bytes
[    0.568684] Booting paravirtualized kernel on bare hardware
[    0.569016] Time:  6:02:36  Date: 05/12/09
[    0.569024] regulator: core version 0.5
[    0.569085] NET: Registered protocol family 16
[    0.569278] EISA bus registered
[    0.569302] ACPI: bus type pci registered
[    0.644219] PCI: PCI BIOS revision 2.10 entry at 0xfb470, last bus=1
[    0.644222] PCI: Using configuration type 1 for base access
[    0.646027] ACPI: EC: Look up EC in DSDT
[    0.651924] ACPI: Interpreter enabled
[    0.651930] ACPI: (supports S0 S3 S4 S5)
[    0.651956] ACPI: Using PIC for interrupt routing
[    0.656936] ACPI: No dock devices found.
[    0.656950] ACPI: PCI Root Bridge [PCI0] (0000:00)
[    0.657016] pci 0000:00:00.0: reg 10 32bit mmio: [0xe0000000-0xe3ffffff]
[    0.657085] pci 0000:00:01.0: supports D1
[    0.657120] pci 0000:00:08.0: reg 10 io port: [0xa000-0xa0ff]
[    0.657128] pci 0000:00:08.0: reg 14 32bit mmio: [0xe4141000-0xe41410ff]
[    0.657156] pci 0000:00:08.0: supports D1 D2
[    0.657159] pci 0000:00:08.0: PME# supported from D1 D2 D3hot D3cold
[    0.657164] pci 0000:00:08.0: PME# disabled
[    0.657194] pci 0000:00:09.0: reg 10 io port: [0xa400-0xa4ff]
[    0.657201] pci 0000:00:09.0: reg 14 io port: [0xa800-0xa8ff]
[    0.657208] pci 0000:00:09.0: reg 18 io port: [0xac00-0xacff]
[    0.657214] pci 0000:00:09.0: reg 1c io port: [0xb000-0xb0ff]
[    0.657221] pci 0000:00:09.0: reg 20 io port: [0xb400-0xb4ff]
[    0.657228] pci 0000:00:09.0: reg 24 32bit mmio: [0xe4140000-0xe4140fff]
[    0.657235] pci 0000:00:09.0: reg 30 32bit mmio: [0x000000-0x03ffff]
[    0.657245] pci 0000:00:09.0: supports D1 D2
[    0.657247] pci 0000:00:09.0: PME# supported from D1 D2 D3hot
[    0.657252] pci 0000:00:09.0: PME# disabled
[    0.657363] pci 0000:00:11.1: reg 20 io port: [0xb800-0xb80f]
[    0.657423] pci 0000:00:11.2: reg 20 io port: [0xbc00-0xbc1f]
[    0.657480] pci 0000:00:11.3: reg 20 io port: [0xc000-0xc01f]
[    0.657524] pci 0000:00:11.5: reg 10 io port: [0xc400-0xc4ff]
[    0.657606] pci 0000:01:00.0: reg 10 32bit mmio: [0xd0000000-0xd7ffffff]
[    0.657612] pci 0000:01:00.0: reg 14 32bit mmio: [0xd8000000-0xd807ffff]
[    0.657618] pci 0000:01:00.0: reg 18 io port: [0x9000-0x90ff]
[    0.657633] pci 0000:01:00.0: reg 30 32bit mmio: [0x000000-0x01ffff]
[    0.657642] pci 0000:01:00.0: supports D1 D2
[    0.657675] pci 0000:00:01.0: bridge io port: [0x9000-0x9fff]
[    0.657680] pci 0000:00:01.0: bridge 32bit mmio: [0xe4000000-0xe40fffff]
[    0.657685] pci 0000:00:01.0: bridge 32bit mmio pref: [0xd0000000-0xdfffffff]
[    0.657693] bus 00 -> node 0
[    0.657702] ACPI: PCI Interrupt Routing Table [\_SB_.PCI0._PRT]
[    0.674694] ACPI: PCI Interrupt Link [LNKA] (IRQs 1 3 4 5 6 7 10 *11 12 14 15)
[    0.674900] ACPI: PCI Interrupt Link [LNKB] (IRQs 1 3 4 5 6 7 10 11 12 14 15) *0, disabled.
[    0.675143] ACPI: PCI Interrupt Link [LNKC] (IRQs 1 3 4 5 6 7 10 *11 12 14 15)
[    0.675383] ACPI: PCI Interrupt Link [LNKD] (IRQs 1 3 4 5 6 7 *10 11 12 14 15)
[    0.675541] ACPI: WMI: Mapper loaded
[    0.675875] SCSI subsystem initialized
[    0.675945] libata version 3.00 loaded.
[    0.676052] usbcore: registered new interface driver usbfs
[    0.676077] usbcore: registered new interface driver hub
[    0.676122] usbcore: registered new device driver usb
[    0.676289] PCI: Using ACPI for IRQ routing
[    0.676390] Bluetooth: Core ver 2.13
[    0.676390] NET: Registered protocol family 31
[    0.676390] Bluetooth: HCI device and connection manager initialized
[    0.676390] Bluetooth: HCI socket layer initialized
[    0.676390] NET: Registered protocol family 8
[    0.676390] NET: Registered protocol family 20
[    0.676390] NetLabel: Initializing
[    0.676390] NetLabel:  domain hash size = 128
[    0.676390] NetLabel:  protocols = UNLABELED CIPSOv4
[    0.676390] NetLabel:  unlabeled traffic allowed by default
[    0.676390] AppArmor: AppArmor Filesystem Enabled
[    0.676390] pnp: PnP ACPI init
[    0.676390] ACPI: bus type pnp registered
[    0.681682] pnp: PnP ACPI: found 15 devices
[    0.681685] ACPI: ACPI bus type pnp unregistered
[    0.681690] PnPBIOS: Disabled by ACPI PNP
[    0.681705] system 00:00: iomem range 0xcb200-0xcbfff has been reserved
[    0.681709] system 00:00: iomem range 0xf0000-0xf7fff could not be reserved
[    0.681713] system 00:00: iomem range 0xf8000-0xfbfff could not be reserved
[    0.681716] system 00:00: iomem range 0xfc000-0xfffff could not be reserved
[    0.681720] system 00:00: iomem range 0x7fff0000-0x7fffffff could not be reserved
[    0.681724] system 00:00: iomem range 0xffff0000-0xffffffff has been reserved
[    0.681727] system 00:00: iomem range 0x0-0x9ffff could not be reserved
[    0.681731] system 00:00: iomem range 0x100000-0x7ffeffff could not be reserved
[    0.681734] system 00:00: iomem range 0xfee00000-0xfee00fff has been reserved
[    0.681738] system 00:00: iomem range 0xfff80000-0xfffeffff has been reserved
[    0.681747] system 00:02: ioport range 0x4d0-0x4d1 has been reserved
[    0.681750] system 00:02: ioport range 0x294-0x297 has been reserved
[    0.716527] pci 0000:00:01.0: PCI bridge, secondary bus 0000:01
[    0.716532] pci 0000:00:01.0:   IO window: 0x9000-0x9fff
[    0.716538] pci 0000:00:01.0:   MEM window: 0xe4000000-0xe40fffff
[    0.716543] pci 0000:00:01.0:   PREFETCH window: 0x000000d0000000-0x000000dfffffff
[    0.716560] pci 0000:00:01.0: setting latency timer to 64
[    0.716565] bus: 00 index 0 io port: [0x00-0xffff]
[    0.716568] bus: 00 index 1 mmio: [0x000000-0xffffffff]
[    0.716571] bus: 01 index 0 io port: [0x9000-0x9fff]
[    0.716574] bus: 01 index 1 mmio: [0xe4000000-0xe40fffff]
[    0.716577] bus: 01 index 2 mmio: [0xd0000000-0xdfffffff]
[    0.716579] bus: 01 index 3 mmio: [0x0-0x0]
[    0.716598] NET: Registered protocol family 2
[    0.716771] IP route cache hash table entries: 32768 (order: 5, 131072 bytes)
[    0.717285] TCP established hash table entries: 131072 (order: 8, 1048576 bytes)
[    0.719480] TCP bind hash table entries: 65536 (order: 7, 524288 bytes)
[    0.720608] TCP: Hash tables configured (established 131072 bind 65536)
[    0.720614] TCP reno registered
[    0.720814] NET: Registered protocol family 1
[    0.721023] checking if image is initramfs... it is
[    1.220040] Switched to high resolution mode on CPU 0
[    1.510675] Freeing initrd memory: 7376k freed
[    1.510824] cpufreq: No nForce2 chipset.
[    1.511028] audit: initializing netlink socket (disabled)
[    1.511059] type=2000 audit(1242108156.508:1): initialized
[    1.520773] highmem bounce pool size: 64 pages
[    1.520782] HugeTLB registered 4 MB page size, pre-allocated 0 pages
[    1.522502] VFS: Disk quotas dquot_6.5.1
[    1.522577] Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
[    1.523390] fuse init (API version 7.10)
[    1.523499] msgmni has been set to 1698
[    1.523785] alg: No test for stdrng (krng)
[    1.523804] io scheduler noop registered
[    1.523807] io scheduler anticipatory registered
[    1.523810] io scheduler deadline registered
[    1.523831] io scheduler cfq registered (default)
[    1.523852] PCI: VIA PCI bridge detected.Disabling DAC.
[    1.523894] pci 0000:01:00.0: Boot video device
[    1.527644] pci_hotplug: PCI Hot Plug PCI Core version: 0.5
[    1.527657] pciehp: PCI Express Hot Plug Controller Driver version: 0.4
[    1.527844] input: Power Button (FF) as /devices/LNXSYSTM:00/LNXPWRBN:00/input/input0
[    1.527849] ACPI: Power Button (FF) [PWRF]
[    1.527907] input: Power Button (CM) as /devices/LNXSYSTM:00/device:00/PNP0C0C:00/input/input1
[    1.527910] ACPI: Power Button (CM) [PWRB]
[    1.527972] input: Sleep Button (CM) as /devices/LNXSYSTM:00/device:00/PNP0C0E:00/input/input2
[    1.527981] ACPI: Sleep Button (CM) [SLPB]
[    1.528079] fan PNP0C0B:00: registered as cooling_device0
[    1.528087] ACPI: Fan [FAN] (on)
[    1.528309] ACPI: CPU0 (power states: C1[C1] C2[C2])
[    1.528332] processor ACPI_CPU:00: registered as cooling_device1
[    1.528337] ACPI: Processor [CPU0] (supports 2 throttling states)
[    1.531333] thermal LNXTHERM:01: registered as thermal_zone0
[    1.532218] ACPI: Thermal Zone [THRM] (48 C)
[    1.532271] isapnp: Scanning for PnP cards...
[    1.885879] isapnp: No Plug & Play device found
[    1.887726] Serial: 8250/16550 driver4 ports, IRQ sharing enabled
[    1.887830] serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
[    1.887921] serial8250: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
[    1.888281] 00:08: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
[    1.888412] 00:09: ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
[    1.889460] brd: module loaded
[    1.889910] loop: module loaded
[    1.890022] Fixed MDIO Bus: probed
[    1.890031] PPP generic driver version 2.4.2
[    1.890144] input: Macintosh mouse button emulation as /devices/virtual/input/input3
[    1.890203] Driver 'sd' needs updating - please use bus_type methods
[    1.890216] Driver 'sr' needs updating - please use bus_type methods
[    1.890459] sata_inic162x 0000:00:09.0: version 0.4
[    1.891254] ACPI: PCI Interrupt Link [LNKC] enabled at IRQ 11
[    1.891260] PCI: setting IRQ 11 as level-triggered
[    1.891267] sata_inic162x 0000:00:09.0: PCI INT A -> Link[LNKC] -> GSI 11 (level, low) -> IRQ 11
[    1.928179] scsi0 : sata_inic162x
[    1.928344] scsi1 : sata_inic162x
[    1.928392] ata1: SATA max UDMA/133 mmio m4096@0xe4140000 port 0xe4140000 irq 11
[    1.928397] ata2: SATA max UDMA/133 mmio m4096@0xe4140000 port 0xe4140040 irq 11
[    2.280039] ata1: SATA link down (SStatus 0 SControl 300)
[    2.632037] ata2: SATA link down (SStatus 0 SControl 300)
[    2.632477] pata_via 0000:00:11.1: version 0.3.3
[    2.633154] ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 11
[    2.633160] pata_via 0000:00:11.1: PCI INT A -> Link[LNKA] -> GSI 11 (level, low) -> IRQ 11
[    2.633167] pata_via 0000:00:11.1: VIA VLink IRQ fixup, from 255 to 11
[    2.633410] scsi2 : pata_via
[    2.633508] scsi3 : pata_via
[    2.637283] ata3: PATA max UDMA/133 cmd 0x1f0 ctl 0x3f6 bmdma 0xb800 irq 14
[    2.637287] ata4: PATA max UDMA/133 cmd 0x170 ctl 0x376 bmdma 0xb808 irq 15
[    2.800577] ata3.00: ATA-5: MAXTOR 6L020J1, A93.0500, max UDMA/133
[    2.800582] ata3.00: 40132503 sectors, multi 16: LBA
[    2.800609] ata3.00: limited to UDMA/33 due to 40-wire cable
[    2.816434] ata3.00: configured for UDMA/33
[    2.980385] ata4.00: ATAPI: PLEXTOR CD-R   PX-W4012A, 1.06, max UDMA/33
[    2.980423] ata4.01: ATAPI: SAMSUNG DVD-ROM SD-616T, F306, max UDMA/33
[    2.988284] ata4.00: configured for UDMA/33
[    2.996380] ata4.01: configured for UDMA/33
[    2.996911] scsi 2:0:0:0: Direct-Access     ATA      MAXTOR 6L020J1   A93. PQ: 0 ANSI: 5
[    2.997067] sd 2:0:0:0: [sda] 40132503 512-byte hardware sectors: (20.5 GB/19.1 GiB)
[    2.997096] sd 2:0:0:0: [sda] Write Protect is off
[    2.997100] sd 2:0:0:0: [sda] Mode Sense: 00 3a 00 00
[    2.997141] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    2.997257] sd 2:0:0:0: [sda] 40132503 512-byte hardware sectors: (20.5 GB/19.1 GiB)
[    2.997280] sd 2:0:0:0: [sda] Write Protect is off
[    2.997283] sd 2:0:0:0: [sda] Mode Sense: 00 3a 00 00
[    2.997322] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    2.997328]  sda: sda1 sda2 <>
[    3.030478] sd 2:0:0:0: [sda] Attached SCSI disk
[    3.030565] sd 2:0:0:0: Attached scsi generic sg0 type 0
[    3.031348] scsi 3:0:0:0: CD-ROM            PLEXTOR  CD-R   PX-W4012A 1.06 PQ: 0 ANSI: 5
[    3.033282] sr0: scsi3-mmc drive: 40x/40x writer cd/rw xa/form2 cdda tray
[    3.033287] Uniform CD-ROM driver Revision: 3.20
[    3.033443] sr 3:0:0:0: Attached scsi CD-ROM sr0
[    3.033502] sr 3:0:0:0: Attached scsi generic sg1 type 5
[    3.033944] scsi 3:0:1:0: CD-ROM            SAMSUNG  DVD-ROM SD-616T  F306 PQ: 0 ANSI: 5
[    3.035535] sr1: scsi3-mmc drive: 1x/48x cd/rw xa/form2 cdda tray
[    3.035615] sr 3:0:1:0: Attached scsi CD-ROM sr1
[    3.035663] sr 3:0:1:0: Attached scsi generic sg2 type 5
[    3.035890] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[    3.035916] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[    3.035932] uhci_hcd: USB Universal Host Controller Interface driver
[    3.036685] ACPI: PCI Interrupt Link [LNKD] enabled at IRQ 10
[    3.036690] PCI: setting IRQ 10 as level-triggered
[    3.036698] uhci_hcd 0000:00:11.2: PCI INT D -> Link[LNKD] -> GSI 10 (level, low) -> IRQ 10
[    3.036712] uhci_hcd 0000:00:11.2: UHCI Host Controller
[    3.036806] uhci_hcd 0000:00:11.2: new USB bus registered, assigned bus number 1
[    3.036837] uhci_hcd 0000:00:11.2: irq 10, io base 0x0000bc00
[    3.036982] usb usb1: configuration #1 chosen from 1 choice
[    3.037021] hub 1-0:1.0: USB hub found
[    3.037037] hub 1-0:1.0: 2 ports detected
[    3.037183] uhci_hcd 0000:00:11.3: PCI INT D -> Link[LNKD] -> GSI 10 (level, low) -> IRQ 10
[    3.037192] uhci_hcd 0000:00:11.3: UHCI Host Controller
[    3.037248] uhci_hcd 0000:00:11.3: new USB bus registered, assigned bus number 2
[    3.037269] uhci_hcd 0000:00:11.3: irq 10, io base 0x0000c000
[    3.037371] usb usb2: configuration #1 chosen from 1 choice
[    3.037402] hub 2-0:1.0: USB hub found
[    3.037415] hub 2-0:1.0: 2 ports detected
[    3.037583] usbcore: registered new interface driver libusual
[    3.037629] usbcore: registered new interface driver usbserial
[    3.037644] USB Serial support registered for generic
[    3.037660] usbcore: registered new interface driver usbserial_generic
[    3.037663] usbserial: USB Serial Driver core
[    3.037729] PNP: PS/2 Controller [PNP0303:PS2K,PNP0f13:PS2M] at 0x60,0x64 irq 1,12
[    3.038044] serio: i8042 KBD port at 0x60,0x64 irq 1
[    3.038057] serio: i8042 AUX port at 0x60,0x64 irq 12
[    3.038229] mice: PS/2 mouse device common for all mice
[    3.038435] rtc_cmos 00:04: RTC can wake from S4
[    3.038485] rtc_cmos 00:04: rtc core: registered rtc_cmos as rtc0
[    3.038512] rtc0: alarms up to one year, y3k, 242 bytes nvram
[    3.038627] device-mapper: uevent: version 1.0.3
[    3.038814] device-mapper: ioctl: 4.14.0-ioctl (2008-04-23) initialised:
[    3.038892] device-mapper: multipath: version 1.0.5 loaded
[    3.038897] device-mapper: multipath round-robin: version 1.0.0 loaded
[    3.039029] EISA: Probing bus 0 at eisa.0
[    3.039052] Cannot allocate resource for EISA slot 4
[    3.039070] EISA: Detected 0 cards.
[    3.039152] cpuidle: using governor ladder
[    3.039210] cpuidle: using governor menu
[    3.039895] TCP cubic registered
[    3.040058] NET: Registered protocol family 10
[    3.040592] lo: Disabled Privacy Extensions
[    3.041005] NET: Registered protocol family 17
[    3.041035] Bluetooth: L2CAP ver 2.11
[    3.041037] Bluetooth: L2CAP socket layer initialized
[    3.041041] Bluetooth: SCO (Voice Link) ver 0.6
[    3.041044] Bluetooth: SCO socket layer initialized
[    3.041094] Bluetooth: RFCOMM socket layer initialized
[    3.041110] Bluetooth: RFCOMM TTY layer initialized
[    3.041112] Bluetooth: RFCOMM ver 1.10
[    3.041148] powernow-k8: Processor cpuid 662 not supported
[    3.041196] IO APIC resources could be not be allocated.
[    3.041247] Using IPI No-Shortcut mode
[    3.041386] registered taskstats version 1
[    3.041518]   Magic number: 9:489:13
[    3.041529] usb_host usb_host2: hash matches
[    3.041665] rtc_cmos 00:04: setting system clock to 2009-05-12 06:02:38 UTC (1242108158)
[    3.041669] BIOS EDD facility v0.16 2004-Jun-25, 0 devices found
[    3.041672] EDD information not available.
[    3.042648] Freeing unused kernel memory: 532k freed
[    3.042809] Write protecting the kernel text: 4128k
[    3.042860] Write protecting the kernel read-only data: 1532k
[    3.074851] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input4
[    3.348090] usb 1-1: new full speed USB device using uhci_hcd and address 2
[    3.504563] Floppy drive(s): fd0 is 1.44M
[    3.505626] usb 1-1: configuration #1 chosen from 1 choice
[    3.515958] Initializing USB Mass Storage driver...
[    3.523932] FDC 0 is a post-1991 82077
[    3.524194] scsi4 : SCSI emulation for USB Mass Storage devices
[    3.528779] usbcore: registered new interface driver usb-storage
[    3.528788] USB Mass Storage support registered.
[    3.528916] usb-storage: device found at 2
[    3.528919] usb-storage: waiting for device to settle before scanning
[    3.575155] 8139cp: 10/100 PCI Ethernet driver v1.3 (Mar 22, 2004)
[    3.575203] 8139cp 0000:00:08.0: This (id 10ec:8139 rev 10) is not an 8139C+ compatible chip, use 8139too
[    3.579901] 8139too Fast Ethernet driver 0.9.28
[    3.579978] 8139too 0000:00:08.0: PCI INT A -> Link[LNKD] -> GSI 10 (level, low) -> IRQ 10
[    3.581086] eth0: RealTek RTL8139 at 0xa000, 00:1e:2a:bd:1e:9a, IRQ 10
[    3.581090] eth0:  Identified 8139 chip type 'RTL-8100B/8139D'
[    3.636053] usb 2-2: new full speed USB device using uhci_hcd and address 2
[    3.797418] usb 2-2: configuration #1 chosen from 1 choice
[    3.804658] scsi5 : SCSI emulation for USB Mass Storage devices
[    3.806692] usb-storage: device found at 2
[    3.806699] usb-storage: waiting for device to settle before scanning
[    4.259699] Marking TSC unstable due to TSC halts in idle
[    4.341411] PM: Starting manual resume from disk
[    4.341418] PM: Resume from partition 8:5
[    4.341420] PM: Checking hibernation image.
[    4.341878] PM: Resume from disk failed.
[    4.385371] kjournald starting.  Commit interval 5 seconds
[    4.385394] EXT3-fs: mounted filesystem with ordered data mode.
[    8.529941] usb-storage: device scan complete
[    8.532896] scsi 4:0:0:0: CD-ROM            PIONEER  DVD-RW  DVR-112D 1.22 PQ: 0 ANSI: 0
[    8.558863] sr2: scsi3-mmc drive: 40x/40x writer cd/rw xa/form2 cdda tray
[    8.559034] sr 4:0:0:0: Attached scsi CD-ROM sr2
[    8.559130] sr 4:0:0:0: Attached scsi generic sg3 type 5
[    8.805317] usb-storage: device scan complete
[    8.808280] scsi 5:0:0:0: Direct-Access     ST350083 0AS              3.AA PQ: 0 ANSI: 4
[    8.819249] sd 5:0:0:0: [sdb] 976773168 512-byte hardware sectors: (500 GB/465 GiB)
[    8.822242] sd 5:0:0:0: [sdb] Write Protect is off
[    8.822246] sd 5:0:0:0: [sdb] Mode Sense: 11 00 00 00
[    8.822249] sd 5:0:0:0: [sdb] Assuming drive cache: write through
[    8.830225] sd 5:0:0:0: [sdb] 976773168 512-byte hardware sectors: (500 GB/465 GiB)
[    8.832232] sd 5:0:0:0: [sdb] Write Protect is off
[    8.832236] sd 5:0:0:0: [sdb] Mode Sense: 11 00 00 00
[    8.832239] sd 5:0:0:0: [sdb] Assuming drive cache: write through
[    8.832245]  sdb: sdb1
[    8.839421] sd 5:0:0:0: [sdb] Attached SCSI disk
[    8.839520] sd 5:0:0:0: Attached scsi generic sg4 type 0
[   13.379974] udev: starting version 141
[   13.974245] parport_pc 00:0a: reported by Plug and Play ACPI
[   13.974345] parport0: PC-style at 0x378 (0x778), irq 7, dma 3 [PCSPP,TRISTATE,COMPAT,EPP,ECP,DMA]
[   14.003133] parport0: Printer, Canon S500
[   14.067898] shpchp: Standard Hot Plug PCI Controller Driver version: 0.4
[   14.097473] Linux agpgart interface v0.103
[   14.308316] input: PC Speaker as /devices/platform/pcspkr/input/input5
[   14.405576] agpgart: Detected VIA KT266/KY266x/KT333 chipset
[   14.410860] agpgart-via 0000:00:00.0: AGP aperture is 64M @ 0xe0000000
[   14.535567] irda_init()
[   14.535597] NET: Registered protocol family 23
[   14.839409] synaptics was reset on resume, see synaptics_resume_reset if you have trouble on resume
[   14.843919] ppdev: user-space parallel port driver
[   15.072516] ip_tables: (C) 2000-2006 Netfilter Core Team
[   15.230354] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
[   15.230813] CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use
[   15.230817] nf_conntrack.acct=1 kernel paramater, acct=1 nf_conntrack module option or
[   15.230820] sysctl net.netfilter.nf_conntrack_acct=1 to enable it.
[   15.333380] psmouse serio1: ID: 10 00 64<6>VIA 82xx Audio 0000:00:11.5: PCI INT C -> Link[LNKC] -> GSI 11 (level, low) -> IRQ 11
[   15.569389] VIA 82xx Audio 0000:00:11.5: setting latency timer to 64
[   15.983987] input: ImPS/2 Logitech Wheel Mouse as /devices/platform/i8042/serio1/input/input6
[   16.311947] lp0: using parport0 (interrupt-driven).
[   16.369947] ndiswrapper version 1.53 loaded (smp=yes, preempt=no)
[   16.445967] usbcore: registered new interface driver ndiswrapper
[   16.492897] tun: Universal TUN/TAP device driver, 1.6
[   16.492903] tun: (C) 1999-2004 Max Krasnyansky 
[   16.750792] Adding 883532k swap on /dev/sda5.  Priority:-1 extents:1 across:883532k
[   17.327909] EXT3 FS on sda1, internal journal
[   18.809673] type=1505 audit(1242108174.266:2): operation="profile_load" name="/usr/share/gdm/guest-session/Xsession" name2="default" pid=2062
[   18.893909] type=1505 audit(1242108174.350:3): operation="profile_load" name="/sbin/dhclient-script" name2="default" pid=2066
[   18.894302] type=1505 audit(1242108174.350:4): operation="profile_load" name="/sbin/dhclient3" name2="default" pid=2066
[   18.894426] type=1505 audit(1242108174.350:5): operation="profile_load" name="/usr/lib/NetworkManager/nm-dhcp-client.action" name2="default" pid=2066
[   18.894534] type=1505 audit(1242108174.350:6): operation="profile_load" name="/usr/lib/connman/scripts/dhclient-script" name2="default" pid=2066
[   18.955068] type=1505 audit(1242108174.410:7): operation="profile_load" name="/usr/bin/freshclam" name2="default" pid=2071
[   19.193861] type=1505 audit(1242108174.650:8): operation="profile_load" name="/usr/lib/cups/backend/cups-pdf" name2="default" pid=2075
[   19.194375] type=1505 audit(1242108174.650:9): operation="profile_load" name="/usr/sbin/cupsd" name2="default" pid=2075
[   19.253386] type=1505 audit(1242108174.710:10): operation="profile_load" name="/usr/sbin/mysqld" name2="default" pid=2079
[   19.302970] type=1505 audit(1242108174.758:11): operation="profile_load" name="/usr/sbin/tcpdump" name2="default" pid=2083
[   42.941612] eth0: link up, 100Mbps, full-duplex, lpa 0x45E1
[   45.398174] eth0: link up, 100Mbps, full-duplex, lpa 0x45E1
[   46.189716] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[   46.189722] Bluetooth: BNEP filters: protocol multicast
[   46.246191] Bridge firewalling registered
[   56.052043] eth0: no IPv6 routers present
[  102.444734] padlock: VIA PadLock not detected.
[51275.213615] Inbound IN=eth0 OUT= MAC=00:1e:2a:bd:1e:9a:00:22:33:64:2e:94:08:00 SRC= DST= LEN=1492 TOS=0x00 PREC=0x00 TTL=47 ID=15071 DF PROTO=TCP SPT=80 DPT=56534 WINDOW=49368 RES=0x00 ACK PSH URGP=0
[51335.209385] Inbound IN=eth0 OUT= MAC=00:1e:2a:bd:1e:9a:00:22:33:64:2e:94:08:00 SRC= DST= LEN=1492 TOS=0x00 PREC=0x00 TTL=47 ID=15118 DF PROTO=TCP SPT=80 DPT=56534 WINDOW=49368 RES=0x00 ACK PSH URGP=0
[51395.213338] Inbound IN=eth0 OUT= MAC=00:1e:2a:bd:1e:9a:00:22:33:64:2e:94:08:00 SRC= DST= LEN=1492 TOS=0x00 PREC=0x00 TTL=47 ID=15119 DF PROTO=TCP SPT=80 DPT=56534 WINDOW=49368 RES=0x00 ACK PSH URGP=0
[51455.213924] Inbound IN=eth0 OUT= MAC=00:1e:2a:bd:1e:9a:00:22:33:64:2e:94:08:00 SRC= DST= LEN=1492 TOS=0x00 PREC=0x00 TTL=47 ID=33141 DF PROTO=TCP SPT=80 DPT=56534 WINDOW=49368 RES=0x00 ACK PSH URGP=0
[51515.203944] Inbound IN=eth0 OUT= MAC=00:1e:2a:bd:1e:9a:00:22:33:64:2e:94:08:00 SRC= DST= LEN=1492 TOS=0x00 PREC=0x00 TTL=47 ID=33142 DF PROTO=TCP SPT=80 DPT=56534 WINDOW=49368 RES=0x00 ACK PSH URGP=0
[51575.206163] Inbound IN=eth0 OUT= MAC=00:1e:2a:bd:1e:9a:00:22:33:64:2e:94:08:00 SRC= DST= LEN=1492 TOS=0x00 PREC=0x00 TTL=47 ID=33143 DF PROTO=TCP SPT=80 DPT=56534 WINDOW=49368 RES=0x00 ACK PSH URGP=0

To change the boot-up parameters, you must modify either the system Read-Only Memory (ROM) or the Unix operating system initialization scripts as discussed later.

After the initialization phase has completed, the system is running and ready for users to log in. You will see a login prompt or graphical login screen on your system if you are logging in locally.

Logging In and Out of Unix
Logging in means that you are authenticating yourself to the Unix system as a valid user who needs to utilize resources. When you attempt to log in to a Unix system, you are typically asked to authenticate yourself by providing a username and password pair, although logins can include more advanced mechanisms such as:
  • biometrics (a retina eye scan, for example) or
  • one-time-use tokens that change password combinations every few seconds.
You can login by using either:
  • a graphical user interface (GUI) or
  • the command line (for local o remote [through e.g. ssh] login).

Logging in via GUI
If you have a keyboard/mouse and monitor directly connected to the Unix system, you can log in much like users log in to their home systems. The initial login screen can take many forms, from the traditional command line that only presents text information to graphical logins complete with pictures.

The username and password that you supply are against the internal system file or database containing a list of valid usernames and passwords.

An incorrect password usually results in a text or graphic message letting the user know the password or username (it is not precise if is wrong the password or the username because of secutity reasons) entered is invalid. Most Unix systems are set up to freeze an account or mostly set a time delay if a user enters a password incorrectly more than three (or some other specified number of) times. This is for security reasons, so that someone cannot easily continue to enter different passwords in an attempt to log in to another person’s account.

Logging In at the Command Line (CLI)
There are instances where Unix systems (like servers) aren’t running graphical user interfaces and all work is done using the command line. In these cases, you typically see either a banner message indicating the type of machine you are logging in to or a message set up by the system administrator. Sometimes you won’t see anything other than the login prompt. The banner portion of this screen is this part:

Linux harrykar-desktop 2.6.28-11-generic #42-Ubuntu SMP Fri Apr 17 01:57:59 UTC 2009 i686 GNU/Linux
harrykar-desktop login:

The first part of the banner indicates that this is a Linux system, specifically the Ubuntu SMP distribution release #42 that runs on a computer (i686 GNU/Linux: mean hardware architecture IA-32 x-86, generation i686) named harrykar-desktop (hostname or IP here) and the version of kernel is 2.6.28-11-generic compiled Fri Apr 17 01:57:59 UTC 2009.

Banners differ from system to system, but you can generally figure out what information is being presented. Because of security concerns, this information may be absent on systems that are publicly accessible through the Internet (exact system specifications make it easier for hackers to attack the system).

In the next line harrykar-desktop login: this is where you enter the username that you are logging in and press Enter (or Return). Next the request for the password comes on the line password: . If the user enters a bad password for that account, the system responds with the Login incorrect statement, followed by another chance to log in. This time the user enters the correct username and password. The system then displays the last time the user was logged in and provides access to a command line shell so that the user can begin working on the system.

Notice that the command line (and most GUI login) login doesn’t offer any hints about what username to use, so you have to know it ahead of time. If you not failure, follow a sequence of events for a successful logging in

The last time logged in is a security feature that enables you to see when the account was last used. If you notice that the last time logged in was a time when you weren’t using the system, someone may have broken into your account. Contact the system administrator immediately.
    If you use the command line to log in either remotely or locally and your username/ password combination is rejected, the system does not tell you which part of the login is incorrect. You get the same message—Login incorrect—whether your username is invalid or your password is wrong. This is another security mechanism to prevent malicious entities from attempting to guess usernames on the system; everyone must have a valid username/password combination to log in. 
    Do not forget your username and password, because there are usually no hints for either when you log in to Unix.

    Remotely Logging In
    Unix was built with networking in mind, allowing for remote operations via a command line or graphical user interface. When remotely logging in, you generally use a network protocol (A protocol is a standard method for transferring information between two different systems) such as TCP/IP. The following are some of the most common methods for logging in to a remote Unix system:
    • ssh: Logs in interactively to a shell to perform multiple functions such as running commands. This method uses encryption to scramble the session so that the username, password, and all communications with the remote system are encrypted (not readable by others).
    • telnet: Same as ssh but because this method is not encrypted (the username, password,and all communications with the remote system are sent in plain text and possibly viewable by others on the network).
    • sftp: Logs in to transfer files between two different systems. This method is encrypted.
    • ftp: Like sftp but this method is not encrypted.
    Encrypted means that the text is not understandable by others and is in a sense scrambled. For example, if the phrase “this is my password” were encrypted, it might show up as “14N!&x&*0|~dB{2” to anyone else viewing the session over the network.

    These are by no means the only methods for remote logins. For example, the r commands—rsh (remote shell), rcp (remote copy), and rlogin (remote login)—were prevalent in the past, but because they offer little security, they’re generally discouraged in today’s environments.

    rsh and rlogin are similar in functionality to telnet, and rcp is similar to ftp.

    To enable remote logins, the local and remote systems must have connectivity to each other and allow for access via the communications path (that is, no firewall or system restrictions).

    Most Unix systems have support for the protocols/commands used to connect to external systems, but these services may not always be available to you for remote connections (the remote machine may not allow connections to the system, for example). In these cases, you must contact the system administrator of the Unix system in order to determine the method for connecting remotely.

    Using ssh
    ssh (Secure SHell) and telnet are two methods that enable you to log in to a remote system and run commands interactively; that is, you can use most if not all of the commands available to your (remote) account as if you were locally connected. To use these commands, you need the following information at a minimum:

    command hostname

    command indicates the protocol you want to use (preferably ssh if it’s available, because the session would be encrypted) to connect, and hostname indicates the remote system to which you want to connect. hostname can be an actual name (such as harrykar-desktop) or an IP address (such as
    To connect to system harrykar-desktop (IP address of from a Linux system with ssh, you could type:

    ssh harrykar-desktop

    An IP address is a numerical designation used by the computer to route information from one system to another. Because a long set of numbers is often difficult for humans to remember, you can use a common name to refer to a remote system if the system is set up properly. After typing either of these commands, you’d see the same type of prompt or information that you did when you logged in locally via the command line.

    If this is the first time (this occurs only the first time you connect to the system) you are using ssh to connect to the remote system, you are prompted to accept the remote system’s keys, or identification. You can confirm the key with the remote system administrator. If someone changes the system or tries to pretend to be the server using ssh (and trying to steal your user credentials), you will be notified with a warning.

    After entering the password for the user account, you are put into a shell on the remote system. The reason you are not asked your username is that the ssh command sends the username you are logged in with on the local system unless you specify a different username. Now execute:


    and you see that you are truly remotely logged in to the machine named e.g. linux.

    When you run ssh hostname, ssh assumes that you want to log in to the remote system with the same username that you’re using on the local system. Your username on different systems may not always be the same because of differing naming conventions, so you may be "jdoe" on one system, "johnd" on a second, and "jd1234" on a third.

    If you need a different username to log on to a remote system, use the following syntax:

    ssh username@hostname

    If you are logged into system darwin as user johnd and want to remotely log in to system (linux) as user jdoe, you type:

    ssh jdoe@

    Using telnet
    Ssh although gives you encryption from local to remote server and vice versa, providing more security during the working session, ssh may not always be available to you because of e.g. system restrictions or policy. If that’s the case, you generally need to use telnet, which offers the same functionality, but with no encryption of data being transmitted between the local and remote systems.  
    telnet is an older protocol that’s in wide use even in today’s security-conscious environment because it’s available on many major platforms (including Microsoft Windows and DOS) by default
    You use telnet much like ssh except that sometimes you are prompted for your username and password (telnet doesn’t always assume you want to log in as the current user).

    To telnet from the darwin machine to the solaris machine (, you’d type:

    telnet solaris

    The system requests the user’s password, and after it’s provided, the last login and banner information is displayed. Running hostname again produces the
    expected results. The user can now run commands as if her screen and keyboard were directly connected to the solaris system.

    The Shell
    After you log in, you are taken to the shell predefined for you by your system admin(or trough your box install). A command line interface or a graphical user interface (GUI) displays, giving you access to the shell.

    If you are using a GUI, locate the xterm(terminal) or konsole or gnome-terminal application that gives you access to the shell. Then you’re all set to enter the commands discussed here.

    Logging Out
    After you have completed the work you need to do on the system using your interactive login, you need to exit the system in a controlled and orderly manner to prevent processes or jobs from ending abruptly.

    The command exit ends your shell session (or you can use the command logout in the bash or c shell). This closes the window that you are logged in to or ends your session completely. If you are using a GUI, there is typically a button or key sequence that logs you out of the session.

    System Shutdown
    Unix is a multiuser, multitasking system, so there are usually many processes or programs running at all times. Because the file system needs to be synchronized, just turning the power off creates issues with the file system and affects the stability of the system. There are always processes or tasks running on the system, even if no users are logged in, and an improper shutdown can cause numerous problems.

    You typically need to be the superuser or root (the most privileged account on a Unix system) to shut down the system, but on some standalone or personally owned Unix boxes, an administrative user and sometimes regular users can do so. Some GUIs enable you to shut down your system by clicking a button.
    The most consistent way to shut down a Unix system properly via the command line is to use one of the following commands:

    • halt Brings the system down immediately.
    • init 0 Powers off the system using predefined scripts to synchronize and clean up the system prior to shutdown. (Not available on all Unix systems.)
    • init 6 Reboots the system by shutting it down completely and then bringing it completely back up. (Not available on all systems.)
    • poweroff Shuts down the system by powering off.
    • reboot Reboots the system.
    • shutdown Shuts down the system.
    The preferred method is to use shutdown, which is available on all Unix systems. It uses scripts provided by the system for a proper shutdown and has most of the functionality of the other commands.

    The halt command typically brings down the system immediately without going through the recommended shutdown sequence, causing file system synchronization issues (possible corruption of data or worse).

    Another way to shut down and restart the system (reboot) is to use the following command:

    shutdown -r

    To shut down the computer so that you can then use the poweroff button to physically power the system down safely, you can use the following command:

    shutdown -h

    Using the shutdown command is the most proper way to bring the system down without corrupting data or creating system inconsistencies.

    Getting Help with man, info Pages and --help command option
    Unix commands have always had a multitude of arguments or options to allow different types of functionality with the same command. Because no one can possibly remember every Unix command and all its options, there has been online help available since Unix’s earliest days. Unix’s version of help files are called man pages.

    Man (manual) pages present online documentation in a standard format that is readable by any user and is set up in a consistent and logical manner. The command is used by simply typing the following syntax:

    man command

    The man page sections will be the same on all Linux systems, but may vary a bit on other Unix-type systems (BSD's etc). You should be able to view the man page for man to find out which sections are represented on the system you’re on:

    man man

    Man pages are generally divided into 9 sections, which generally vary by the man page author’s preference. Sections of man pages are ways of grouping man pages by topic.

    man Page Sections
    Number             Types of Pages
    1                  Executable programs or shell commands
    2                  System calls (functions provided by the kernel)
    3                  Library calls (functions within program libraries)
    4                  Special files (usually found in /dev)
    5                  File formats and conventions such as /etc/passwd
    6                  Games
    7                  Miscellaneous (including macro packages and conventions), such as man(7),  groff(7)
    8                  System administration commands (usually only for root)
    9                  Kernel routines [Non standard]
    ... ...

    1. Below the first command shows passwd in all sections (In that case to end a section view and change to the next press Q key followed by ENTER)
    2. Instead the second command shows only the passwd in 5th section
    3. If we omit the section number, man will return the man page from the first section it finds.
    man -a passwd
    man 5 passwd
    man passwd

    Here are some of the more common sections of a man page:

    ❑ NAME—Name of the command.
    ❑ SYNOPSIS—General usage parameters of the command.
    ❑ DESCRIPTION—Generally describes of the command and what it does.
    ❑ OPTIONS—Describes all the arguments or options to the command.
    ❑ SEE ALSO—Lists other commands that are directly related to the command in the man page or
    closely resembling its functionality.
    ❑ BUGS—Explains any known issues or bugs that exist with the command or its output.
    ❑ EXAMPLES (or TIPS)—Common usage examples that give the reader an idea of how the command
    can be used.
    ❑ AUTHORS—The author of the man page/command.

    You won’t always know the command you need to use, but if you know what a major point of a command is, you can search the man pages using the -k option (or apropos command), which looks for keywords in the man pages. The whatis command (or man's  –f option) is another man page searching utility. It is different from apropos in that it only prints man page descriptions that match the keyword you type in.  I.e. if you type apropos route Vs whatis route you see different results.

        If you need to change the permission settings of a file, for example, but can’t remember the command to use, you can type:

    man -k permission
    apropos permission
    whatis permission
    man -f permission
    man crontab -P more

    You’ll get a list of commands with the word permission in their keywords (instead whatis report is permission: nothing appropriate ).  –P more or  -P less option uses the pager program more or (the newest) less for paging through the crontab man page

    The results of your search show every command that matches with your keyword, and you can then view their man pages to find the command you need.
    The man pages are a vital resource and the first avenue of research when you need information about commands or files in a (relatively complex) Unix system.
    • The --help (or -h) option exist for almost all external commands (not embedded in the shell binary). 
    • Instead for internal (shell's) commands use the help command

    harrykar@harrykar-desktop:~$ help for
    for: for NAME [in WORDS ... ;] do COMMANDS; done
    The `for' loop executes a sequence of commands for each member in a
    list of items.  If `in WORDS ...;' is not present, then `in "$@"' is
    assumed.  For each element in WORDS, NAME is set to that element, and
    the COMMANDS are executed.
    for ((: for (( exp1; exp2; exp3 )); do COMMANDS; done
    Equivalent to
    (( EXP1 ))
    while (( EXP2 )); do
    (( EXP3 ))
    EXP1, EXP2, and EXP3 are arithmetic expressions.  If any expression is
    omitted, it behaves as if it evaluates to 1.
    harrykar@harrykar-desktop:~$ ps --help
    ********* simple selection *********  ********* selection by list *********
    -A all processes                      -C by command name
    -N negate selection                   -G by real group ID (supports names)
    -a all w/ tty except session leaders  -U by real user ID (supports names)
    -d all except session leaders         -g by session OR by effective group name
    -e all processes                      -p by process ID
    T  all processes on this terminal     -s processes in the sessions given
    a  all w/ tty, including other users  -t by tty
    g  OBSOLETE -- DO NOT USE             -u by effective user ID (supports names)
    r  only running processes             U  processes for specified users
    x  processes w/o controlling ttys     t  by tty
    *********** output format **********  *********** long options ***********
    -o,o user-defined  -f full            --Group --User --pid --cols --ppid
    -j,j job control   s  signal          --group --user --sid --rows --info
    -O,O preloaded -o  v  virtual memory  --cumulative --format --deselect
    -l,l long          u  user-oriented   --sort --tty --forest --version
    -F   extra full    X  registers       --heading --no-heading --context
    ********* misc options *********
    -V,V  show version      L  list format codes  f  ASCII art forest
    -m,m,-L,-T,H  threads   S  children in sum    -y change -l format
    -M,Z  security data     c  true command name  -c scheduling class
    -w,w  wide output       n  numeric WCHAN,UID  -H process hierarchy

    In some cases, developers have put more complete descriptions of commands, file formats, devices, or other Linux components in the GNU info database, a sort of linked set of online manual pages. You can enter the info database by simply typing the info command or by opening a particular component (use the q key to quit the info utility).

    $ info ls

    The previous command shows information on the ls command. You can navigate
    around the info utility using the up, down, left, and right arrow keys, as well as the Page Up and Page Down keys. Table below shows more about navigating in info.

    Keystroke    Movement
    ?                    Display the basic commands to use in info screens.
    Shift+l           Go back to the previous node you were viewing.
    n , p, u           Go to the node that is next, previous, or up, respectively.
    Enter             Go to the hyperlink that is under the cursor.
    Shift+r          Follow a cross reference.
    q or Shift+q  Quit and exit from info.

    Software packages that have particularly extensive text available in the info database include gimp, festival, libc, automake, zsh, sed, tar, and bash. Files used by the info database are stored in the /usr/share/info directory.

    Users and Groups
    A user account provides you with access to the Unix system, whether by
    • a shell
    • an ftp account, or 
    • other means. 
    To use the resources that the Unix system provides, you need a valid user account and resource permissions . Think of your account as your passport, identifying who you are to the Unix system.

    Account Basics
    There are three primary types of accounts on a Unix system:
    • the root user (or superuser) account,
    • system accounts,
    • user accounts
    • and group accounts
    Almost all accounts fall into one of those categories.

    Root Account
    The root account’s user has complete and unfettered control of the system, to the point that he can run commands to completely destroy the system (like rm -rf / ). The root user (also simply called root) can do absolutely anything on the system, with no restrictions on files that can be accessed, removed, and modified.

    The Unix methodology assumes that root users know what they want to do, so if they issue a command that will completely destroy the system, Unix allows it. If you are used to working with Microsoft Windows, its administrator account is most like Unix’s root account, except that Windows generally tries to protect itself from you—if you try to format the disk that the operating system is on, Windows prevents you from doing so, but Unix accepts the command and starts formatting with no regard to self-destruction. This basic tenet is why people generally use root for only the most important tasks, and then use it only for the time required—and very cautiously (moreover for that reason some lately *nixes use sudo instead the traditional su su).

    System Accounts
    System accounts are those needed for the operation of system-specific components. They include, for example, the mail account (for electronic mail functions),the sshd account (for ssh functionality) etc.

    System accounts are generally provided by the operating system during installation or by a software manufacturer (including in-house developers). They generally assist in the running of services or programs that the users require. There are many different types of system accounts, and some of them may not exist on your Unix system.

    For instance, some of the system account names you may find in your /etc/passwd file are adm, alias, apache, backup, bin, bind, daemon, ftp, guest, gdm, gopher, halt, identd, irc, kmem, listen, mail, mysql, named, noaccess, nobody, nobody4, ntp, root, rpc, rpcuser, and sys. These accounts are usually needed for some specific function on your system, and any modifications to them could adversely affect the system. Do not modify them unless you have done your research on their functionality and have tested the system with any changes.

    list:x:38:38:Mailing List Manager:/var/list:/bin/sh
    gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
    hplip:x:103:7:HPLIP system user,,,:/var/run/hplip:/bin/false
    avahi-autoipd:x:104:112:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false
    gdm:x:105:113:Gnome Display Manager:/var/lib/gdm:/bin/false
    pulse:x:106:115:PulseAudio daemon,,,:/var/run/pulse:/bin/false
    avahi:x:110:121:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false
    haldaemon:x:111:122:Hardware abstraction layer,,,:/var/run/hald:/bin/false
    harrykar:x:1000:1000:Charalampos Karipidis,,+393336450459,0922-987006,:/home/harrykar:/bin/bash
    mysql:x:115:130:MySQL Server,,,:/var/lib/mysql:/bin/false
    snort:x:116:131:Snort IDS:/var/log/snort:/bin/false
    postgres:x:118:133:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash

    User Accounts
    User accounts provide interactive access to the system for users and groups of users. General users are typically assigned to these accounts and usually have limited access to critical system files and directories.  
    Generally you want to use eight characters or fewer in an account name, but this is no longer a requirement for all Unix systems. For interoperability with other Unix systems and services, however, you will most likely want to restrict your account names to eight characters or fewer.
    An account name is the same as a username.

    Group Accounts
    Group accounts add the capability to assemble other accounts into logical arrangements for simplification of privilege (permission) management. Unix permissions are placed on files and directories and are granted in three subsets:
    • the owner of the file, also known as the user;
    • the group assigned to the file;
    • and others, anyone who has a valid login to the system but does not fall into either the owner or group subsets.
    The existence of a group enables a file (generally a resource) owner to grant access to files to a class of people. For example, say that a company with about 100 employees uses a central Unix server for all activities from production to research to support objectives.

    Three of the employees compose the company’s human resources (HR) staff; they often deal with sensitive information, including salaries, pay raises, and disciplinary actions. The HR staff has to store its information on the server everyone else uses, but its directory, Human_Resources, needs to be protected so that others cannot view the contents. To enable HR to set specific permissions on its files that allow access only to HR staff, the three staff members are put into a group called hr. The permissions on the Human_Resources directory can then be set to allow those members to view and modify files, while excluding all who fall into the other group (everyone else).

    One of the strengths of groups is that an account can belong to many groups, based on access requirements. For instance, the two members of the internal audit team may need to access everyone’s data, but their directory, called Audit, needs to be protected from everyone else’s account. To do this, they can belong to all groups and still have a special audit group in which they are the only members.

    Managing Users and Groups
    User management is a cornerstone activity for the healthy upkeep of a system. For security purposes, management should be limited to a few users who need to administer accounts. There are three main user administration files:

    /etc/passwd—Identifies the authorized accounts for the system.
    /etc/shadow—Holds the encrypted password of the corresponding account. Most late Unix systems have this file.
    /etc/group—Contains information on group accounts.

    The first—and the most important—administration file is /etc/passwd. This file holds the majority of information about accounts on the Unix system. Almost anyone with an account on the system can view the file, but only root can modify it.

    list:x:38:38:Mailing List Manager:/var/list:/bin/sh
    gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
    hplip:x:103:7:HPLIP system user,,,:/var/run/hplip:/bin/false
    avahi-autoipd:x:104:112:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false
    gdm:x:105:113:Gnome Display Manager:/var/lib/gdm:/bin/false
    pulse:x:106:115:PulseAudio daemon,,,:/var/run/pulse:/bin/false
    avahi:x:110:121:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false
    haldaemon:x:111:122:Hardware abstraction layer,,,:/var/run/hald:/bin/false
    harrykar:x:1000:1000:Charalampos Karipidis,,+393336450459,0922-987006,:/home/harrykar:/bin/bash
    mysql:x:115:130:MySQL Server,,,:/var/lib/mysql:/bin/false
    snort:x:116:131:Snort IDS:/var/log/snort:/bin/false
    postgres:x:118:133:PostgreSQL administrator,,,:/var/lib/postgresql:/bin/bash

    Take a look at any of the lines in the file, and you can see that there are seven distinct fields separated by colons. Although some fields can be left empty, each entry in the file must have all seven fields.Here are descriptions of the file entry fields:

    1. Login ID (username) that a user enters to log in to the account. Usernames should be unique, so avoid duplicate names, which only introduce confusion and create serious permission problems.Usernames are generally assigned by the administrator. Because users must use their usernames to log in to the system, complexity versus ease of use must be weighted when selecting username schemas.
    2. Encrypted password or x. If shadow passwords are used, this field contains just an x. In the early days of Unix, the password field contained the user’s encrypted password, but as machines got more powerful, it became easier to crack or discover the passwords, and passwords were moved to a separate file called /etc/shadow. Permissions allow only specific accounts to view that file. Some versions of Unix still include the encrypted password in the /etc/passwd file, but this practice is generally discouragent. An administrator usually assigns a user’s initial password.
    3. UID (user ID number) That's really how the system knows the account. This is how Unix represents the user (instead of using the more human's like username). A user often interacts with the system only through an account name, but the Unix system uses a number (UID) to represent the user. Every account is assigned a UID, generally in the range from 0 to 65535, with 0–99 reserved for system IDs (root's ID—the superuser—is always 0). The 65535 limit is not valid on all systems (some allow for many more). The UID does not have to be unique, although having users share UIDs is a bad practice because logging and permissions become confusing when two users share a UID. (The functionality sought by having users share UIDs can be accomplished through groups.) An administrator typically assigns account names and UIDs. The UID is what really identifies the user to the system. You can change your root account’s name to admin but because the UID associated with the account is 0, the system identifies it as the superuser. You could also assign the 0 UID to another user, and that account would have superuser permissions (this assignment presents security issues and is highly discouraged).
    4. Default GID (group ID)the primary, or default, group to which the account belongs. This doesn’t limit the total groups to which the account can belong; it only identifies the regular group the user belongs to upon login. This number doesn’t need to be unique because many users can share the same group with no adverse effects on the system. Lower-number groups are generally used for system account groups.
    5. The GCOS, or comment, field holds information about the accounts, such as the full name of the user, the telephone or office number, or any other human-readable information. This field can contain almost anything you want (except a colon, which would represent the end of the field). Most organizations use it to add some contact information for the account in case there is a problem. Anything in this file (and field) can be viewed by anyone on the system, so do not provide sensitive information such as credit card numbers or Social Security numbers(SSNs). This field can be left blank with no adverse effect (you’ll have two colons next to each other, the “blank field” in between). Interestingly, the GCOS field derives its name from the General Electric Comprehensive Operating System (GECOS), or General Comprehensive Operating System. The field was originally used for holding GCOS identification for services that ran off GECOS systems (which was its own operating system). GCOS is not in much use these days, but the term survives today when referring to this field.
    6. Location of the account’s starting, or home, directory (used to store personal files). This can be any valid directory (usually but not always /home) on which the user has full permissions (read, write, and execute). The directory is usually owned by the account with which it’s aligned. Do not assign any account with /tmp as the home directory because this can create serious security vulnerabilities.
    7. The user’s login shell. It must be a valid shell (usually listed in the /etc/shells file)

      # /etc/shells: valid login shells
      or else the user cannot log in interactively. All valid shells are usually identified in /etc/shells. If the shell identified in field seven doesn’t exist (such as a misspelled entry), the user will not be able to log in interactively. Be very careful when manually editing this field.


    The /etc/shadow file contains the encrypted password entries for local users as well as any password aging (which tells when passwords expire) or restrictions.


    Here are descriptions of the file entry fields:

    1. The login ID (username, or account name). This information corresponds to the /etc/passwd entry for the account.
    2. The encrypted version of the password (which can be 13 or more characters depending on the Unix implementation). Because this file is readable only by root, the passwords are more protected than if they were in the openly readable in /etc/passwd file. If this field is blank, the user is not required to enter a password—a very dangerous situation, because only the account name need be discovered for the system to be compromised. There are ways to lock an account (prevent anyone from using it) with this field as well, depending on the version of Unix. On some systems, for example, NP in this field means that the user cannot actively log in to the account, but must log in with his own account and then use sudo. You can also put a * (*LK* for Solaris) to indicate that the account is locked.
    3. The number of days from January 1, 1970, until the password was changed. This is used in conjunction with the other fields to determine if the account and password are still valid and if the password requires updating. The January 1, 1970, date represents what is called the epoch. It’s a date picked out by the creators of Unix as a good start time.
    4. The minimum number of days before the user can change his password again. This allows the system administrator to protect the user from changing his password too soon after the previous change, reducing the chance an attacker can change the password if he finds it. This field is also used for administrative functions such as password propagation between systems.
    5. The maximum number of days the password is valid before requiring a change. The administrator uses this field to enforce password change policies and to reduce the likelihood that a malicious entity can use brute force (continually trying passwords) to crack the password, which can take a significant amount of time, depending on how good the password is.
    6. The number of days the user is warned before password expiration. It is a good practice to give each user warning that her password is going to expire, so that she has the opportunity to change it at a convenient time before its expiration. If the user fails to change her password in the given amount of time, she could be locked out of the system until the system administrator can intervene. In our example, this field value is 7. The fields 7–9 are blank, as they are in most systems.
    7. Varies between the various Unix implementations but generally represents either the number of consecutive days of account inactivity that can elapse before the password is disabled, or the number of days after a password expires until that account is disabled.
    8. The number of days from January 1, 1970, until the account expires. This is useful in creating limited-time accounts (such as for temporary employees with a fixed date of hire and contract end).
    9. Reserved for future use.

    The /etc/group file contains the group information for each account.


    The files have the same format. Here are descriptions of the four colon-separated fields, using the next to-last line:

    1. The name of the group, which is how the group is identified to users.
    2. The password for using the group or x. This field is blank (no password) on most systems, but it can contain the encrypted password for the group or an x for a shadowed password. The /etc/passwd security issues also apply in this case, which is why some systems use a group shadow file. That file is generally located at /etc/gshadow; refer to your vendor documentation for more information on the file and its format. E.g.:

    3. The group ID (GID). This number identifies the group to the system. It is how Unix sees the group (similar to /etc/passwd UID).
    4. Comma-separated list of accounts that belong to the group. This information allows permissions to be set accordingly. The field can be blank, as the example shows.

    Managing Accounts and Groups
    Some Unix systems use different commands or command structures (options to the command), but using the command line to create, modify, and delete accounts and groups is fairly standardized among them. Following are commands (To run these commands, you must be logged in as root --superuser--) available on the majority of Unix systems and their descriptions:

    • useradd(or adduser script) Adds accounts to the system.
    • usermod Modifies account attributes.
    • userdel Deletes accounts from the system.
    • groupadd Adds groups to the system.
    • groupmod Modifies group attributes.
    • groupdel Removes groups from the system.
    To add or delete an account manually (without using the preceding commands), you would have to:

    ❑ Modify /etc/passwd to add or remove the account line.
    ❑ Modify /etc/shadow to add or remove the account line.
    ❑ Modify /etc/group to add or remove the account references.
    Add or remove the account’s home directory (if not shared, which by default it should not be).

    You can avoid these steps by using the commands (as is common practice). You’ll also reduce the risk of introducing a typo into one of the files, which could make your system unusable.

    Account Management
    The useradd command enables you to add a user in a single command line. The following list describes some of the options to the useradd command.

    • -c Comment for the GCOS or comment field (use quotes if you have a space in the comments). File and Field Affected: /etc/passwd; Field 5.
    • -d Account’s home directory. File and Field Affected: /etc/passwd; Field 6
    • -e Expiration date of the account in yyyy-mm-dd or mm/dd/yy format, depending on the Unix version. (The account is not valid after this date.). File and Field Affected: /etc/shadow; Field 8
    • -f Number of days the account can be inactive before being disabled or the number of days after the password has expired that the account will be disabled. File and Field Affected: /etc/shadow; Field 7
    • -g Initial group (default group). File and Field Affected: /etc/passwd; Field 4
    • -G Comma-separated list of supplementary or secondary groups to which the user belongs. File and Field Affected: /etc/group; Field 4 of groups identified in the command line
    • -m Creates the home directory if it doesn’t exist. File and Field Affected: Not applicable
    • -s The user’s shell for interactive logins. File and Field Affected: /etc/passwd; Field 7
    • -u Assigns user ID (unique unless -o option, which allows duplicate UIDs, is used). UIDs 0–99 are generally reserved for system accounts. File and Field Affected: /etc/passwd; Field 3

    The structure of the command is:

    useradd -c comment -d home directory -e expiration date -f inactive days -g primary
    (default) group -G secondary groups -m -s shell -u user id accountname

    The last item is the account name. It is not optional. It’s field 1 in the /etc/passwd file.
        Here’s an example that creates an account for a user named unixnewbie, whose real name is Jane Doe. Jane needs the account until July 4, 2006. Her primary group is users, and authors is her secondary group. She has requested the Bourne shell for her default shell. She isn’t sure she will be using this system, so let’s disable her account if she hasn’t used it within 60 days. The useradd command to create this account is:

    useradd -c “Jane Doe” -d /home/unixnewbie -e 040406 -f 60 -g users -G authors -m -s
    /bin/ksh -u 1000 unixnewbie

    After this command runs, a password to the account must be set using the passwd accountname command. To create the password for Jane Doe’s account, root would type:

    passwd unixnewbie

    The new account owner should change the password immediately.

    Group Management

    Managing groups is accomplished with the groupadd, groupmod, and groupdel commands on most Unix systems. groupadd has this syntax(makes the appropriate entry in the /etc/group file):

    groupadd -g  group_id   group_name

    To create a new group for the finance department called finance_2 and assign it a unique GID of 535, for example, you’d use:

    groupadd -g 535 finance_2

    To modify a group, use the groupmod syntax:

    groupmod -n new_modified_group_name old_group_name

    To change the finance_2 group name to financial, type:

    groupmod -n financial finance_2

    You can also use the -g option with groupmod to change the GID of the group. Here’s how you’d change the financial GID to 545:

    groupmod -g 545 financial

    To delete an existing group, all you need are the groupdel command and the group name. To delete the financial group, the command is:

    groupdel financial

    This removes only the group, not any files associated with that group. (The files are still accessible by their owners.)

    User Management with Graphical User Interface Tools

    There are many graphical user interface (GUI) tools available on the various Unix systems. The use of GUI tools makes management much easier for new administrators, but a good understanding of the command line interface tools is necessary before you use them primarily. Let’s take a look at a few of the GUI tools.

    Mac OS X
    Mac OS X has very straightforward user management tools. To access them, click the Apple icon in the upper-right corner of the screen and select System Preferences. Then choose Account in the section labeled System (bottom left).

    Accounts can be seen and you can add, edit or modify, and delete an account. You can also set the account to log in automatically upon boot-up.
    To edit an existing account, simply highlight the account and click the Edit User button. To set the auto login for an account or to delete an account, highlight the account and click the appropriate button. To create a new user, just click the New User button.

    Linux offers many ways to manage accounts with a GUI. Every distribution has its own method of user administration. Here’s a list of the commands that start the various graphical administration tools on the major distributions of Linux:
    • SUSE /sbin/yast2
    • Red Hat (Fedora Core) /usr/bin/system-config-users
    • Mandrakelinux /usr/sbin/userdrake
    • All webmin (an excellent tool IMHO)
    The webmin command enables remote administration, typically with a graphic interface (using your web browser) for users and other types of administrative tasks (you can configure DNS, Samba, NFS, local/remote filesystems and more ). After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. It is available at and works on most Unix systems, including Solaris’s. Webmin is not installed by default on most versions of Unix.

    The Linux tools vary in functionality, but generally provide all the capabilities of the command-line equivalents.

    Solaris provides a tool called admintool, which allows for granular management of accounts and groups. To access admintool, type the following at the command line:

    admintool & 

    The ampersand (&) after the command puts the command process in the background so you can continue using the terminal window for other operations. That's a general *nix rule.

    It has many features and can manage devices as well as users. To learn more about the capabilities of this tool, visit Sun Microsystems’ Web site ( and search for admintool.

    Becoming Another User
    There are times when you will need to log into another account without logging out of the system. There are two commands that enable you to do this: su and sudo.

    • The su (switch user) command is available on all versions of Unix. It enables you to remain logged in as yourself while accessing another account. You must know the password for the account you are trying to access using su unless you are the root user, in which case you don’t need a password (on the local system). Here’s the syntax for su: su accountname
    If you are logged in as jdoe, for example, and want to log in as jsmith, type:

    su jsmith

    When using su, you continue to use your own environment variables and profile. If you want to use the account’s user environment, put a dash (-) between the su and the account name:

    su - jsmith

    You will be asked for the password of the account to which you are switching unless you are the root user, in which case you are immediately logged in to the account. If you type the su command with no account name (with or without the -), you are attempting to log in to the root account and will be asked for the root password. (Many people think su stands for superuser because running the su command by itself takes you to the root, or superuser, account). When you have completed the tasks requiring the account you’ve su’d to, type exit. You’re returned to your original account (and environment, if applicable).

    • The sudo (superuser do) command enables the superuser, or root administrator, to delegate commands that can be run by others. It is not available on all Unix systems but can be downloaded from here. Here’s the command’s syntax: sudo command_to_run. To list all the commands available for the user to run with sudo, type: sudo -l. Before you can run any commands, the system generally requires you to enter your password so it can validate your credentials. On Mac OS X, you cannot easily log in as the root user using the su command, but you can use the sudo command to achieve the same functionality by typing:

      sudo /bin/sh
    This command takes you to a root shell, which is equivalent to running su by itself with no arguments (this works with other versions of Unix as well).

    User- and Group-Related Commands
    A number of commands can give you important user and group information to help you manage your accounts and the systems. The who command, for example, identifies who's currently logged in to the system. The output is in four columns:
    • login name
    • terminal
    • login date/time, and
    • remote hostname or X display.

    harrykar@harrykar-desktop:~$ who
    harrykar tty7         2009-05-15 21:00 (:0)
    harrykar pts/0        2009-05-16 02:33 (:0.0)
    jdoe  tty2            2009-05-16 22:33 (

    The console (pts) is the terminal (screen display) as well as the tty7,tty2 which are terminals (devices to identify what terminal the user is on). The next field identifies the date and time when each the user logged in, and you can see that jdoe came in from a remote connection (

    Sometimes you will be logging in to different machines or will have switched users so much that you aren’t sure what user you currently are. To do so, use the whoami or who am i command. These commands look almost the same, but the spaces make a big difference.

    • whoami shows who you are currently logged in as, whereas
    • who am i shows who you originally logged on to the system as.

    harrykar@harrykar-desktop:~$ whoami
    harrykar@harrykar-desktop:~$ who am i
    harrykar pts/0        2009-05-16 02:33 (:0.0)

    The id command shows information about the user logged in and about the user’s groups.

    harrykar@harrykar-desktop:~$ id
    uid=1000(harrykar) gid=1000(harrykar) groups=4(adm),20(dialout),24(cdrom),46(plugdev),108(lpadmin),123(admin),124(sambashare),1000(harrykar)

    Everything --uid=  gid= is the user ID information-- after the gid= pertains to primary and secondary (supplemental) groups to which the account belongs.

    The groups command can identify the groups to which a user or your account belongs. Run by itself, it identifies the groups of the currently logged-in user. Supply an account name as an argument, and groups reports on that user’s groups.

    harrykar@harrykar-desktop:~$ groups
    harrykar adm dialout cdrom plugdev lpadmin admin sambashare
    harrykar@harrykar-desktop:~$ groups root

    File System Concepts

    A file system is a component of Unix that enables the user to view, organize, secure, and interact with files and directories that are located on storage devices. There are different types of file systems within Unix:
    • disk-oriented
    • network-oriented
    • special, or virtual
    Disk-oriented (or local) file system—Physically accessible file systems residing on a hard drive, CD-ROM, DVD ROM, USB drive, or other device. Examples include UFS (Unix File System), FAT (File Allocation Table, typically Windows and DOS systems), NTFS (New Technology File System, usually Windows NT, 2000, and XP systems), UDF (Universal Disk Format, typically DVD), HFS+ (Hierarchical File System, such as Mac OS X), ISO9660 (typically CD-ROM), EXT2,3,4 (Extended Filesystem 2,3,4), etc.

    Network-oriented (or network-based) file system—A file system accessed from a remote location. These are usually disk-oriented on the server side, and the clients access the data remotely over the network. Examples include Network File System (NFS), Samba (SMB/CIFS), AFP (Apple Filing Protocol), and WebDAV.

    Special, or virtual, file system—A file system that typically doesn’t physically reside on disk, such as the TMPFS (temporary file system), PROCFS (Process File System), and LOOPBACKFS (the Loopback File System).

    Mac OS X users should keep in mind that, although their file system layout differs sharply from that of a traditional Unix system, all of the utilities mentioned here are available and useful on a Mac OS X system. Also, Unix is a case-sensitive operating system, but Mac OS X (also Windows) is a case-insensitive/case-preserving operating system.

    File System Basics
    A file system is a logical collection of files on a partition or disk. A partition is a container for information and can span an entire hard drive if desired. An apple pie, for example, can be eaten whole or it can be cut into slices, which is similar to how a hard drive or other physical storage device can be manipulated. A slice of pie is akin to a partition on a drive, and the whole pie could represent a single partition that takes up a whole disk. There are more advanced meanings as well, but for now, only a hard drive or the systematic division of a hard drive is considered to be a partition.

    A partition usually contains only one file system, such as one file system housing the / file system or another containing the /home file system. One file system per partition allows for the logical maintenance and management of differing file systems. These partitions are invisible to users, who can move effortlessly among any number of file systems on their Unix systems without even knowing they’ve gone from one to another.

    Everything in Unix is considered to be a file, including regular data files, directories, links (there are hard links and soft links you can use to make the same file accessible from different locations), named pipes and sockets (which provide access points for processes to communicate with each other), physical devices (files that provide access to the hardware components on your computer.There are character and block devices.) such as VD-ROMs, USB devices, floppy drives, and so forth. Associated with each file is a set of information that determines who can access the file and how they can access it. This use of files allows Unix to be consistent in its treatment of resources and gives the user a consistent mechanism of interaction (interface) with the system. It’s easy to understand, then, why file systems are an integral part of a Unix operating system.

    Unix uses a hierarchical structure to organize files, providing a from-the-top approach to finding information by drilling down through successive layers in an organized fashion to locate what’s needed. It’s similar to the way that a filing cabinet works. The file cabinet itself is the holder of all information—in other words, it’s the base of the filing system.
    To find hiring information about a certain employee, for example, you need to

    1. locate the correct file cabinet
    2. the correct drawer in the cabinet
    3. the correct folder in the drawer and 
    4. the correct page of information inside the folder.  
    In Unix, everything starts with the root directory, often designated only by /. (This directory is not to be confused with the user account named root). All other files and directories originate there. The root directory generally includes a set of commonplace directories, then subdirectories within those directories, and so on. To find specific information in Unix, you need to locate
    1. the correct directory
    2. the correct subdirectories, and 
    3. the correct file

    One important difference between the legacy operating system and Unix/Linux is that Linux does not employ the concept of drive letters. While drive letters split the file system into a series of different trees (one for each drive), Unix/Linux always has a single tree. Different storage devices may contain different branches of the tree, but there is always a single tree.

    Directory Structure
    Unix uses a hierarchical file system structure, much like an upside-down tree, with root (/) directory at the base of the file system and all other directories spreading from there. Not every version of Unix will have the same directories listed, because Unix vendors may incorporate their own directories (lack of standardization).

    Every vendor’s Unix systems implement their own directory structures as needed by the vendor and its customers. No system has the exact same directory structure as another, but they generally have a minimum number of common directories described here and usually follow the conventions outlined as well.

    Remembering that root directory is the base of the file system, there are some core directories that generally exist on most Unix systems. The directories have specific purposes and generally hold the same types of information for easily locating files.
    /dev or /devices (or both)

    Essentially, you always start with the root directory to find any other directory or file. If the hiring information you wanted to find earlier is stored in your Unix computer, you might find the specific information (let’s call the employee John Doe) in /home/hr/A_J/John_Doe, where / is the root directory, home is a subdirectory of root, hr is a subdirectory of home, A_J is a subdirectory of hr, and John_Doe, the file you want, is in the A_J directory.
    • / Root should contain only the directories needed at the top level of the file structure (or that come already installed in it). Unnecessary subdirectories under root can clutter your system, making administration more difficult and, depending on the system, filling up the space allocated for /.
    • bin Usually contains binary (executable) files critical for system use, and often contains essential system programs, such as vi (for editing files), passwd (for changing passwords), and sh (the Bourne shell).
    • boot Contains files for booting the system(kernel image files etc).
    • dev, devices Either or both of these will exist. They contain device files, often including cdrom(CD-ROM drive), eth0 (Ethernet interface), and fd0 (floppy drive). (The devices are often named differently in the different Unix systems.)
    • etc Contains system level configuration files such as passwd (holds user account information and is not to be confused with /bin/passwd); hosts (contains information about host resolution); and shadow (contains encrypted passwords).
    • export Often contains remote file systems (those external to the physical system), such as home directories exported from another system to save space and centralize home directories.
    • home Contains the home directory for users and other accounts (specified in /etc/passwd, for example).
    • kernel Contains kernel files.
    • lib Contains shared library files and sometimes other kernel-related files.

    • mnt Used to mount other temporary file systems, such as cdrom and floppy for the CD-ROM drive and floppy diskette drive, respectively.
    • proc Contains all processes marked as a file by process number or other information that is dynamic to the system.
    • sbin Contains binary (executable) files, usually for system administration. Examples include fdisk (for partitioning physical disks) and ifconfig (for configuring network interfaces).
    • tmp Holds temporary files used between system boots (some Unix systems do not delete the contents of the tmp directory between boots).
    • usr Used for miscellaneous purposes, or can be used by many users (such as for man pages). Can include administrative commands, shared files, library files, and others.
    • var Typically contains variable-length files such as log and print files and any other type of file that may contain a variable amount of data. For instance, the log files (typically in /var/log) range in size from very small to very large, depending on the system configuration.
    Your Unix system may contain more than, fewer than, or all of these directories, but it will generally contain five or six of them plus subdirectories that vary from implementation to implementation.

    Paths and Case
    There are two other important concepts you should know about before moving on: paths (absolute and relative) and case sensitivity.

    Every file has an absolute path and a relative path. The absolute path refers to the exact location of the file in its file system, such as /etc/passwd. The relative path refers to the location of a file or directory in relation (relative) to your current location. If you are in the /etc directory, for example, the relative path to /etc/passwd is passwd because it’s in the same directory you are. This is analogous to the location
    of your home. If you were giving your address to someone who lived in your neighborhood, you’d probably say that you lived two streets up at 1234 Anystreet. This would be your relative address—relative to your neighbor. If you were giving your address to someone in another country, you’d put it in more specific terms, such as 1234 Anystreet, Anytown, Montana, ZIP Code, USA, which would be your absolute address. Using a relative location is good if you’re using it from a known location, but the absolute path is always a safer option because you are specifying the exact location.

    Unix is a case-sensitive operating system. This means that the case (capitalization) of file and directory names matters. In DOS or Microsoft Windows systems, you can type a filename with no regard to the capitalization. In Unix, you must know the case of the file or directory name because you could have three different files named real_file, Real_file, and REAL_FILE. To make it easier for the user, though, Unix filenames are conventionally lowercase (this especially true for system-generated files). Mac OS X
    is a case-insensitive/case-preserving file system. This means that on Mac OS X there is no distinction between naming a file real_file, Real_file, or REAL_FILE but only one of those filenames can exist at a time. While Mac OS X does not distinguish between cases, it does retain the case as entered. Keep this in mind when exchanging files between Mac OS X computers and other Unix systems.

    Navigating the File System
    Now that you understand the basics of the file system, you can begin navigating to the files you need. The following are commands in alphabetical order you’ll use to navigate the system:

    • cat Concatenate: displays a file.
    • cd Change directory: moves you to the directory identified.
    • cp Copy: copies one file/directory to specified location.
    • file Identifies the file type (binary, text, etc).
    • find Finds a file/directory.
    • head, tail head shows the beginning of a file instead tail shows the end of a file.
    • less, more Browses through a file from end or beginning.
    • ls List: shows the contents of the directory specified.
    • mkdir Make directory: creates the specified directory.
    • mv Move: moves the location of or renames a file/directory.
    • pwd Print working directory: shows the current directory the user is in.
    • rm Remove: removes a file.
    • rmdir Remove directory: removes a directory.
    • touch Creates a blank file or modifies an existing file’s attributes.
    • whereis Shows the location of a file.
    • which Shows the location of a file if it is in your PATH.
    Let’s take a closer look at some of these commands:

    The first command you need is pwd, which shows you your current location within the file system. Knowing where you are in the file system is critically important because you can cause serious damage to the system by running certain commands when you think you are in one directory but are actually in another. The pwd command has no arguments; just type pwd at the command line. The output is similar

    harrykar@harrykar-desktop:~$ pwd

    The cd (change directory) command enables you to move around within the file system. Used without an argument, it returns you to your home directory. To move to another directory, that directory’s name is required as the argument:

    harrykar@harrykar-desktop:~/Photos$ cd
    harrykar@harrykar-desktop:~$ cd Photos

    You can use pwd to confirm your new location. cd takes you to the location you specify as long as you have permissions to enter that directory.

    The directory in which you typically start when you log in on your Unix system is called your home directory (you may be in a different directory if there is an administrative error or a problem with your identified home directory). You will usually control the contents (files and directories) in your home directory, which is defined in /etc/passwd and stores your files. You can use the ~ (tilde) to represent
    your home directory in many commands. For example, cd ~ moves you to your home directory, and ls ~ lists the contents of your home directory.
    Remember that in Unix, everything is a file, including the current directory and the directory preceding (or above) the current directory. There are two files in every directory called . (the current directory) and .. (the next higher directory). If you are in /usr/openwin/share/etc/workspace/ patterns, for example, and you want to move to /usr/openwin/share/etc/workspace, you can simply use cd .. instead of the longer cd /usr/openwin/share/etc/workspace. This convention has many scripting applications.

    which and whereis
    The which and whereis commands assist in finding files for which you know the names but not the location. With the filename as the argument, which looks only through the files identified in your PATH (an environment variable that contains a list of directories where executable files might be located). For example, if you are using the ls command and want to know where the actual ls command resides in the file system (most Unix systems contain both BSD and System V versions of ls), you can use the command which ls. It will show you the instances of the command ls in
    your PATH. The whereis command will locate the command in all its locations as defined by the system rather than the searching only the user’s PATH. If the argument you supply after which or whereis doesn’t exist on the file system, you receive a 'command not found type error message'.

    harrykar@harrykar-desktop:~$ which vi
    harrykar@harrykar-desktop:~$ whereis vi
    vi: /usr/bin/vi /usr/share/man/man1/vi.1.gz

    The output of the whereis command shows all locations of the command in a list of standard places defined by the system. Vi, is an editor. The echo $PATH command result in :

    harrykar@harrykar-desktop:~$ echo $PATH
      The echo command repeats whatever arguments you provide. When used with a defined system variable, the command shows you what the variable represents.

      You can also use the find command to locate files in Unix, although this command may consume a lot of resources (and make the system respond slowly). Here’s the syntax:
      find pathname options

      If you want to find the lostfile file, for example, and you think it’s somewhere in the /usr/share directory, you can use this command:

      find /usr/share -name lostfile -print

      There are many options to the find command, and you should refer to the man (manual) pages for more instructions on its many uses.

      After you find a file, you will usually want to do something with it. The first step is to determine what type of file it is (such as binary or text), and that’s where the file command comes in. The command has the following syntax:

      file filename

      The output shows that the file is binary, text, directory, device, or any of the other types of files in Unix. This is useful in determining whether a file can be viewed using the methods discussed next. For instance, a binary or directory file won’t show up very well using the more command because of the coding of the characters.

      The ls command enables you to list the contents of any directory that you have permissions to. The ls command by itself lists the contents of the current directory. To show the contents of any other directory, use ls path. For instance ls /usr/bin shows you the files and directories that reside in the /usr/bin
      directory. Using the ls -l command shows extended information about the directory contents:

      harrykar@harrykar-desktop:~$ ls -l
      total 3812
      -rw-r--r--  1 harrykar harrykar     756 2009-05-04 02:20 adempiere
      drwxr-xr-x 10 harrykar harrykar    4096 2009-05-04 13:00 Adempiere
      -rw-r--r--  1 harrykar harrykar       0 2009-05-04 02:20 adempiere_backup.dmp
      -rw-r--r--  1 harrykar harrykar   48384 2009-03-10 22:41 AGConfig100309.kry
      -rw-r--r--  1 harrykar harrykar   46656 2009-02-20 13:48 AGConfig200209.kry
      -rw-r--r--  1 harrykar harrykar     988 2009-02-08 18:11 antonio
      drwxr-xr-x  2 harrykar harrykar    4096 2009-04-23 08:46 Benchmarks
      drwxr-xr-x  2 harrykar harrykar    4096 2009-05-04 15:29 blog_tech
      -rw-r--r--  1 harrykar harrykar    8138 2008-10-07 06:25 cdma_beep.wav
      -rw-r--r--  1 harrykar harrykar    5988 2009-02-04 21:18 Charalampos Karypidis_new_gpgpublickey.asc
      drwxr-xr-x  5 harrykar harrykar    4096 2009-05-15 21:02 Desktop
      drwxr-xr-x 13 harrykar harrykar    4096 2009-05-05 19:45 Documents
      -rw-r--r--  1 harrykar harrykar    8738 2008-10-07 06:25 done.wav
      -rw-r--r--  1 harrykar harrykar   24637 2008-10-07 06:25 download-complete.wav
      drwxr-xr-x  2 harrykar harrykar    4096 2009-01-24 19:11 driver
      drwxr-xr-x  3 harrykar harrykar    4096 2009-02-25 03:41 emulators
      drwxr-xr-x  2 harrykar harrykar    4096 2009-05-12 23:50 Epiphany_dwls
      drwxr-xr-x  2 root     root        4096 2009-05-10 05:46 etc_bck
      lrwxrwxrwx  1 harrykar harrykar      26 2009-01-24 17:43 Examples -> /usr/share/example-content
      drwxr-xr-x  5 harrykar harrykar    4096 2009-04-30 10:07 iMacros
      -rw-r--r--  1 harrykar harrykar    1698 2009-02-04 12:30 le-web.key
      -rw-r--r--  1 harrykar harrykar  303140 2009-02-25 01:53 mame_all_supported_games
      drwxr-xr-x  2 harrykar harrykar    4096 2009-02-18 13:50 Music
      drwxr-xr-x 13 harrykar harrykar    4096 2009-05-08 17:42 my_dws
      drwx------  2 harrykar harrykar    4096 2009-01-24 19:01 ndis
      drwxr-xr-x  2 harrykar harrykar    4096 2009-04-24 23:28 nessus_policies
      drwxr-xr-x  2 harrykar harrykar    4096 2009-04-23 13:26 net_audits
      -rw-r--r--  1 harrykar harrykar   61985 2009-05-14 08:22 *nix for newbies - "no one knows everything about Unix".odt
      -rw-r--r--  1 harrykar harrykar    2403 2009-04-17 01:59 Overview for April 12 – 18, 2009.html
      -rw-r--r--  1 harrykar harrykar      70 2009-05-03 19:55 pgadmin.log
      drwxr-xr-x  8 harrykar harrykar    4096 2009-02-25 02:22 Photos
      drwxr-xr-x  8 harrykar harrykar    4096 2009-04-22 17:27 Pictures
      drwx------  2 harrykar harrykar    4096 2009-04-21 13:26 Private
      drwxr-xr-x  2 harrykar harrykar    4096 2009-04-15 02:31 progr_ex
      drwxr-xr-x  2 harrykar harrykar    4096 2009-01-24 18:27 Public
      -rw-r--r--  1 harrykar harrykar     296 2009-02-02 11:28 revoke.asc
      -rw-r--r--  1 harrykar harrykar 2346263 2009-03-17 18:56 rhythmbox-debug.txt
      drwxr-xr-x  8 harrykar harrykar    4096 2008-10-26 01:51 rubygems-1.3.1
      -rw-r--r--  1 harrykar harrykar  263748 2008-10-29 02:28 rubygems-1.3.1.tgz
      -rw-r--r--  1 harrykar harrykar  250949 2009-04-24 12:08 scan_amd_810.html
      -rw-r--r--  1 harrykar harrykar  329076 2009-04-24 21:16 scanlan.html
      -rw-------  1 harrykar harrykar    3410 2009-02-04 20:11 sec_key.asc
      drwxrwxrwx  2 harrykar harrykar    4096 2009-03-27 09:26 shared
      drwxr-xr-x  2 harrykar harrykar    4096 2009-01-24 20:46 Templates
      drwxr-xr-x 12 harrykar harrykar    4096 2009-05-16 01:58 transmission_dws
      -rw-r--r--  1 harrykar harrykar     626 2009-02-07 02:04 troubleshoot_printer.txt
      drwxr-xr-x  2 harrykar harrykar    4096 2009-03-30 19:09 Videos
      -rw-r--r--  1 harrykar harrykar   15872 2008-10-07 06:25 !.wav

      In the example output 2nd line:

      drwxr-xr-x 10 harrykar harrykar    4096 2009-05-04 13:00 Adempiere
      • drwxr-xr-x shows the type of file and the permissions associated with it
      • 10 is thhe number of links to the file
      • harrykar is the owner of the file
      • harrykar is the group to which the file owner belongs
      • 4096 Size of file (in characters)
      • 2009-05-04 13:00 The last time the file or directory was modified (changed)
      • Adempiere Name of file or directory
      If the ls command isn’t available for some reason, you can use the echo command to display files.Simply use echo directory* to see the contents of a directory. For example, to view the contents of the / directory, use echo /*, which shows output similar to running the ls command with no options. To show hidden files, use the echo /.* command. You must use the * metacharacter.

      Using the -a option with the ls command shows you all files or directories, including those that are hidden. A file or directory can be hidden by placing a . (period) in front of the filename. A standard ls command’s output does not list hidden files. One legitimate reason to hide a file or directory is to reduce the amount of clutter shown when running ls. Now see at ls -la output so you can see the difference:

      harrykar@harrykar-desktop:~$ ls -al
      total 8160
      drwxr-xr-x 112 harrykar harrykar    4096 2009-05-16 13:43 .
      drwxr-xr-x   4 root     root        4096 2009-05-10 05:17 ..
      -rw-r--r--   1 harrykar harrykar     756 2009-05-04 02:20 adempiere
      drwxr-xr-x  10 harrykar harrykar    4096 2009-05-04 13:00 Adempiere
      -rw-r--r--   1 harrykar harrykar       0 2009-05-04 02:20 adempiere_backup.dmp
      drwx------   5 harrykar harrykar    4096 2009-04-12 17:40 .adobe
      -rw-r--r--   1 harrykar harrykar   48384 2009-03-10 22:41 AGConfig100309.kry
      -rw-r--r--   1 harrykar harrykar   46656 2009-02-20 13:48 AGConfig200209.kry
      -rw-r--r--   1 harrykar harrykar     988 2009-02-08 18:11 antonio
      -rw-------   1 harrykar harrykar   11136 2009-05-16 03:21 .bash_history
      -rw-r--r--   1 harrykar harrykar     220 2009-01-24 17:43 .bash_logout
      -rw-r--r--   1 harrykar harrykar    3140 2009-02-04 19:16 .bashrc
      -rw-r--r--   1 harrykar harrykar    3139 2009-02-02 11:09 .bashrc~
      drwxr-xr-x   2 harrykar harrykar    4096 2009-04-23 08:46 Benchmarks
      drwxr-xr-x   2 harrykar harrykar    4096 2009-05-04 15:29 blog_tech
      drwx------   2 harrykar harrykar    4096 2009-02-16 22:07 .bogofilter
      drwx------   2 harrykar harrykar    4096 2009-03-17 02:47 .btanks
      drwxr-xr-x   4 harrykar harrykar    4096 2009-03-17 03:17 .bzf
      drwxr-xr-x   8 harrykar harrykar    4096 2009-05-05 20:50 .cache
      -rw-r--r--   1 harrykar harrykar    8138 2008-10-07 06:25 cdma_beep.wav
      -rw-r--r--   1 harrykar harrykar    5988 2009-02-04 21:18 Charalampos Karypidis_new_gpgpublickey.asc
      drwxr-xr-x   2 harrykar harrykar    4096 2009-05-10 03:55 .checkbox
      -rw-r--r--   1 harrykar games        305 2009-03-17 05:09 .circuslinuxrc
      drwxr-xr-x   5 harrykar harrykar    4096 2009-05-05 20:26 .clamtk
      drwx------  11 root     root        4096 2009-05-13 09:32 .coccinella
      drwxr-xr-x  15 harrykar harrykar    4096 2009-04-24 18:01 .config
      drwxr-x---   2 harrykar conquest    4096 2009-03-18 18:23 .conquest
      drwx------   3 harrykar harrykar    4096 2009-01-24 18:27 .dbus
      drwxr-xr-x   5 harrykar harrykar    4096 2009-05-15 21:02 Desktop
      -rw-------   1 harrykar harrykar      28 2009-05-16 13:35 .dmrc
      drwxr-xr-x  13 harrykar harrykar    4096 2009-05-05 19:45 Documents
      -rw-r--r--   1 harrykar harrykar    8738 2008-10-07 06:25 done.wav
      -rw-r--r--   1 harrykar harrykar   24637 2008-10-07 06:25 download-complete.wav
      drwxr-xr-x   2 harrykar harrykar    4096 2009-01-24 19:11 driver
      drwx------   2 harrykar harrykar    4096 2009-04-24 18:35 .ecryptfs
      drwxr-xr-x   3 harrykar harrykar    4096 2009-04-15 02:07 .emacs.d
      drwxr-xr-x   3 harrykar harrykar    4096 2009-02-25 03:41 emulators
      drwxr-xr-x   4 harrykar harrykar    4096 2009-03-17 04:32 .enigma
      drwxr-xr-x   2 harrykar harrykar    4096 2009-05-12 23:50 Epiphany_dwls
      -rw-------   1 harrykar harrykar      16 2009-01-24 18:27 .esd_auth
      drwxr-xr-x   2 root     root        4096 2009-05-10 05:46 etc_bck
      drwxr-xr-x   8 harrykar harrykar    4096 2009-04-20 19:30 .evolution
      drwxr-xr-x   7 harrykar harrykar    4096 2009-05-09 15:31 .exaile
      lrwxrwxrwx   1 harrykar harrykar      26 2009-01-24 17:43 Examples -> /usr/share/example-content
      -rw-r--r--   1 harrykar harrykar   31713 2009-01-29 21:35 .face
      -rw-r--r--   1 harrykar harrykar    1199 2009-04-14 03:29 .fbrc
      drwxr-xr-x   2 harrykar harrykar    4096 2009-05-05 16:08 .fontconfig
      drwxr-xr-x   2 harrykar harrykar    4096 2009-01-28 21:11 .fonts
      drwx------   5 harrykar harrykar    4096 2009-05-16 13:35 .gconf
      drwx------   2 harrykar harrykar    4096 2009-05-16 14:03 .gconfd
      drwx------   4 harrykar harrykar    4096 2009-01-30 01:27 .gegl-0.0
      drwx------   2 harrykar harrykar    4096 2009-03-17 05:13 .ggz
      drwxr-xr-x  22 harrykar harrykar    4096 2009-03-20 13:09 .gimp-2.6
      -rw-r-----   1 harrykar harrykar       0 2009-05-16 10:06 .gksu.lock
      drwxr-xr-x   2 harrykar harrykar    4096 2009-02-14 08:20 .gnochm
      drwx------  22 harrykar harrykar    4096 2009-05-16 03:21 .gnome2
      drwx------   2 harrykar harrykar    4096 2009-01-24 18:27 .gnome2_private
      drwx------   2 harrykar harrykar    4096 2009-05-16 13:37 .gnupg
      drwx------   3 harrykar harrykar    4096 2009-02-09 02:58 .googleearth
      drwxr-xr-x   2 harrykar harrykar    4096 2009-05-14 14:11 .gstreamer-0.10
      drwxr-xr-x   3 harrykar harrykar    4096 2009-03-18 15:47 .gtkatlantic
      -rw-r--r--   1 harrykar harrykar     425 2009-05-16 13:43 .gtk-bookmarks
      -rw-r--r--   1 harrykar harrykar     425 2009-05-11 12:05 .gtk-bookmarks.VJCUTU
      drwxr-xr-x   2 harrykar harrykar    4096 2009-04-28 10:03 .gtodo
      dr-x------   2 harrykar harrykar       0 2009-05-16 13:35 .gvfs
      drwx------   2 harrykar harrykar    4096 2009-04-22 14:54 .hamachi
      -rw-r--r--   1 harrykar harrykar     385 2009-04-22 14:54 .hamachi-gui.conf
      drwxr--r--   2 harrykar harrykar    4096 2009-05-12 23:09 .hardinfo
      -rw-------   1 harrykar harrykar   59629 2009-05-16 13:35 .ICEauthority
      drwx------   2 harrykar harrykar    4096 2009-03-27 10:32 .icedteaplugin
      drwxr-xr-x  32 harrykar harrykar    4096 2009-05-10 03:35 .icons
      drwxr-xr-x   5 harrykar harrykar    4096 2009-04-30 10:07 iMacros
      drwxr-x---   7 harrykar harrykar    4096 2009-03-20 11:25 .inkscape
      drwxr-xr-x   4 harrykar harrykar    4096 2009-03-27 10:24 .java
      -rw-r--r--   1 harrykar harrykar    1698 2009-02-04 12:30 le-web.key
      drwx------   4 harrykar games       4096 2009-03-17 04:03 .lgames
      drwx------   4 harrykar harrykar    4096 2009-05-16 12:05 .liferea_1.4
      drwx------   3 harrykar harrykar    4096 2009-01-24 18:27 .local
      -rw-r--r--   1 harrykar harrykar      84 2009-05-14 12:00 .~lock.*nix for newbies - "no one knows everything about Unix".odt#
      drwxr-xr-x   4 harrykar harrykar    4096 2009-04-27 12:31 .lyrics
      drwx------   3 harrykar harrykar    4096 2009-01-25 04:31 .macromedia
      -rw-r--r--   1 harrykar harrykar  303140 2009-02-25 01:53 mame_all_supported_games
      drwxr-xr-x   3 harrykar harrykar    4096 2009-04-26 22:31 .mission-control
      drwx------   4 harrykar harrykar    4096 2009-01-24 19:27 .mozilla
      drwx------   4 harrykar harrykar    4096 2009-04-30 17:03 .mozilla_dw
      drwxr-xr-x   2 harrykar harrykar    4096 2009-03-17 10:12 .mplayer
      drwxr-xr-x   2 harrykar harrykar    4096 2009-02-18 13:50 Music
      drwxr-xr-x  13 harrykar harrykar    4096 2009-05-08 17:42 my_dws
      drwxr-xr-x   3 harrykar harrykar    4096 2009-04-24 09:32 .nautilus
      drwx------   2 harrykar harrykar    4096 2009-01-24 19:01 ndis
      drwx------   2 harrykar harrykar    4096 2009-04-24 23:28 .nessus-client
      drwxr-xr-x   2 harrykar harrykar    4096 2009-04-24 23:28 nessus_policies
      -rw-------   1 harrykar harrykar   57068 2009-04-23 20:54 .nessusrc
      drwxr-xr-x   2 harrykar harrykar    4096 2009-04-23 13:26 net_audits
      drwx------   6 harrykar harrykar    4096 2009-04-29 19:11 .netpanzer
      drwxr-xr-x   3 harrykar harrykar    4096 2009-03-27 10:24 .netx
      -rw-r--r--   1 harrykar harrykar      54 2009-03-27 10:23 .netxrc
      -rw-r--r--   1 harrykar harrykar   61985 2009-05-14 08:22 *nix for newbies - "no one knows everything about Unix".odt
      drwxr-xr-x   3 harrykar harrykar    4096 2009-02-02 20:26
      drwx------   3 harrykar harrykar    4096 2009-01-28 15:35 .openoffice.org2
      -rw-r--r--   1 harrykar harrykar 3638953 2009-04-23 19:04 .openvas_plugin_cache
      -rw-------   1 harrykar harrykar   57473 2009-04-23 19:11 .openvasrc
      -rw-r--r--   1 harrykar harrykar      51 2009-04-23 19:03 .openvasrc.cert
      -rw-r--r--   1 harrykar harrykar    2002 2009-03-17 04:45 .overgod.cfg
      -rw-r--r--   1 harrykar harrykar    2403 2009-04-17 01:59 Overview for April 12 – 18, 2009.html
      -rw-r--r--   1 harrykar harrykar    2283 2009-05-04 03:33 .pgadmin3
      -rw-r--r--   1 harrykar harrykar      70 2009-05-03 19:55 pgadmin.log
      -rw-------   1 harrykar harrykar      24 2009-05-04 01:08 .pgpass
      drwxr-xr-x   8 harrykar harrykar    4096 2009-02-25 02:22 Photos
      drwxr-xr-x   8 harrykar harrykar    4096 2009-04-22 17:27 Pictures
      drwx------   2 harrykar harrykar    4096 2009-04-21 13:26 Private
      drwx------   2 harrykar harrykar    4096 2009-04-21 13:26 .Private
      -rw-r--r--   1 harrykar harrykar     791 2009-05-03 03:16 .profile
      -rw-r--r--   1 harrykar harrykar     777 2009-05-03 03:15 .profile~
      drwxr-xr-x   2 harrykar harrykar    4096 2009-04-15 02:31 progr_ex
      drwx------   5 harrykar harrykar    4096 2009-05-16 13:27 .psi
      drwx------   4 harrykar harrykar    4096 2009-02-04 21:14 .psi_new
      drwxr-xr-x   2 harrykar harrykar    4096 2009-01-24 18:27 Public
      drwx------   2 harrykar harrykar    4096 2009-05-16 13:35 .pulse
      -rw-------   1 harrykar harrykar     256 2009-01-24 18:27 .pulse-cookie
      drwx------   4 harrykar harrykar    4096 2009-04-29 18:39 .purple
      drwxr-xr-x   3 harrykar harrykar    4096 2009-02-07 00:54 .q3a
      drwxr-xr-x   2 harrykar harrykar    4096 2009-04-28 02:41 .qf
      drwxr-xr-x   2 harrykar harrykar    4096 2009-05-16 10:25 .qt
      -rw-------   1 harrykar harrykar    6521 2009-05-14 13:31 .recently-used
      -rw-------   1 harrykar harrykar   89251 2009-05-16 13:43 .recently-used.xbel
      drwxr-xr-x   5 harrykar harrykar    4096 2009-05-11 10:37 .rednotebook
      -rw-r--r--   1 harrykar harrykar     296 2009-02-02 11:28 revoke.asc
      -rw-r--r--   1 harrykar harrykar 2346263 2009-03-17 18:56 rhythmbox-debug.txt
      -rw-------   1 harrykar harrykar    1024 2009-04-23 19:03 .rnd
      drwxr-xr-x   8 harrykar harrykar    4096 2008-10-26 01:51 rubygems-1.3.1
      -rw-r--r--   1 harrykar harrykar  263748 2008-10-29 02:28 rubygems-1.3.1.tgz
      -rw-r--r--   1 harrykar harrykar  250949 2009-04-24 12:08 scan_amd_810.html
      -rw-r--r--   1 harrykar harrykar  329076 2009-04-24 21:16 scanlan.html
      drwxr-xr-x   3 harrykar harrykar    4096 2009-05-16 10:27 .scribus
      drwxr-xr-x   2 harrykar harrykar    4096 2009-03-17 05:04 .sdljump
      -rw-------   1 harrykar harrykar    3410 2009-02-04 20:11 sec_key.asc
      drwxrwxrwx   2 harrykar harrykar    4096 2009-03-27 09:26 shared
      drwx------   5 harrykar harrykar    4096 2009-03-16 20:38 .Skype
      -rw-r--r--   1 harrykar harrykar     137 2009-03-17 04:53 .snowballz.ini
      drwxr-xr-x   3 harrykar harrykar    4096 2009-04-30 23:15 .sok
      drwxr-xr-x   2 harrykar harrykar    4096 2009-03-17 04:27 .solarwolf
      drwx------   2 harrykar harrykar    4096 2009-01-30 04:26 .ssh
      -rw-r--r--   1 harrykar harrykar      85 2009-04-28 02:03 .sshmenu
      drwxr-xr-x   3 harrykar harrykar    4096 2009-04-26 21:07 .subversion
      -rw-r--r--   1 harrykar harrykar       0 2009-01-24 18:33 .sudo_as_admin_successful
      drwxr-xr-x   4 harrykar harrykar    4096 2009-02-28 04:37 .sudoku
      drwx------   2 harrykar harrykar    4096 2009-03-17 05:03 .supertux2
      drwxr-xr-x   2 harrykar harrykar    4096 2009-01-24 20:46 Templates
      drwxr-xr-x 148 harrykar harrykar    4096 2009-05-10 03:50 .themes
      drwx------   5 harrykar harrykar    4096 2009-02-07 00:51 .thumbnails
      drwxr-xr-x   5 harrykar harrykar    4096 2009-05-16 00:01 .tomboy
      -rw-r--r--   1 harrykar harrykar    6822 2009-05-16 13:36 .tomboy.log
      drwxr-xr-x   3 harrykar harrykar    4096 2009-05-08 17:42 .toMOTko
      drwx------   2 harrykar games       4096 2009-03-17 04:14 .toppler
      drwxr-xr-x  12 harrykar harrykar    4096 2009-05-16 01:58 transmission_dws
      -rw-r--r--   1 harrykar harrykar     626 2009-02-07 02:04 troubleshoot_printer.txt
      drwxr-xr-x   2 harrykar harrykar    4096 2009-01-24 19:49 .update-manager-core
      drwx------   2 harrykar harrykar    4096 2009-01-24 20:24 .update-notifier
      drwxr-xr-x   2 harrykar harrykar    4096 2009-03-30 19:09 Videos
      drwx------   2 harrykar harrykar    4096 2009-02-09 13:55 .w3m
      drwxr-xr-x   6 harrykar harrykar    4096 2009-02-24 06:28 .wahcade
      drwxr-xr-x   2 harrykar harrykar    4096 2009-05-16 10:01 .wapi
      drwxr-xr-x   3 harrykar harrykar    4096 2009-02-07 00:57 .warsow
      -rw-r--r--   1 harrykar harrykar   15872 2008-10-07 06:25 !.wav
      drwxr-x---   7 harrykar harrykar    4096 2009-04-14 03:05 .wesnoth
      drwxr-xr-x   4 harrykar harrykar    4096 2009-02-20 17:28 .wine
      -rw-------   1 harrykar harrykar     127 2009-05-16 13:35 .Xauthority
      -rw-r--r--   1 harrykar harrykar     129 2009-02-07 01:03 .xscreensaver-getimage.cache
      -rw-r--r--   1 harrykar harrykar    6194 2009-05-16 13:43 .xsession-errors
      drwxr-xr-x   2 harrykar harrykar    4096 2009-04-17 23:59 .zenmap

      In the example output total 8160 is the total number of files (here included also hidden files) in harrykar's home directory.
      One of the most common problems you run into in using the ls command is getting a 'permission denied' error when you try to list the contents of a directory as a non-root user. This error is typically caused by insufficient permissions.

      File Types
      In the ls -l example, every file line began with a d, -, or l. These characters indicate the type of file that’s listed. There are other file types (shown by their ls -1 single-character representation in the following list), but these three are the most common.
      • - Regular file, such as an ASCII text file, binary executable, or hard link (links are discussed in the following section)
      • b Block special file (block input/output device file used for transferring data from or to a device such as a physical hard drive)
      • c Character special file (raw input/output device file used for transferring data from or to a device such as a physical hard drive)
      • d Directory file (file that contains a listing of other files and/or directories contained within the directory)
      • l Symbolic link file (discussed in the following section)
      • s Socket (used for interprocess communication)

      Using Regular Files
      Regular files consist of data files (documents, music, images, archives, and so on) and commands (binaries and scripts). You can determine the type of a file using the file command. In the following example, you change to the directory containing bash shell documentation and use the file command to view some of the file types in that directory:
      $ cd /usr/share/doc/
      $ file doc-base/install-docs.html
      doc-base/install-docs.html: XML 1.0 document text
      $ file doc-base/copyright
      doc-base/copyright: ASCII English text
      $ file doc-base/doc-base.html
      doc-base/doc-base.html/: directory
      $ file doc/doc-base/changelog.gz
      doc-base/changelog.gz: gzip compressed data, was “changelog”, from Unix, last
      modified: Thu Feb 22 07:29:26 2007, max compression
      $ file shared-mime-info/shared-mime-info-spec.pdf
      shared-mime-info/shared-mime-info-spec.pdf: PDF document, version 1.4

      The file command that was run shows document files in the Ubuntu documentation directories of different formats. It can look inside the files and determine that a file contains text that has been compressed, PDF or PostScript that can be sent to a printer, plain text, or HTML (web page) markup. There is even a subdirectory shown, unexpected since it has an odd name for a directory (doc-base.html).

      Creating regular files can be done by any application that can save its data. If you just want to create some blank files to start with, there are many ways to do that. Here are two examples:

      $ touch /tmp/newfile.txt Create a blank file
      $ > /tmp/newfile2.txt    Create a blank file

      Doing a long list on a file is another way to determine its file type. For example:

      $ ls -l /tmp/newfile2.txt      List a file to see its type
      -rw-r--r-- 1 chris chris 0 Sep 5 14:19 newfile2

      A dash in the first character of the 10-character permission information (-rw-r--r--) indicates that the item is a regular file. Commands are also regular files, but are saved as executables. Here are some examples:

      $ ls -l /usr/bin/apt-key
      -rwxr-xr-x 1 root root 2230 2007-03-14 12:44 /usr/bin/apt-key
      $ file /usr/bin/apt-key
      /usr/bin/apt-key: Bourne shell script text executable
      $ file /bin/ls
      /bin/ls: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux
      2.6.0, dynamically linked (uses shared libs), stripped

      You can see that the apropos command is executable by the x settings for owner,
      group, and others. By running file on apt-key, you can see that it is a shell script.
      That’s opposed to a binary executable, such as the ls command indicated above.

      harrykar@harrysas:/usr/share/doc$ ls -l /usr/bin/apropos
      lrwxrwxrwx 1 root root 6 2009-10-31 08:50 /usr/bin/apropos -> whatis
      harrykar@harrysas:/usr/share/doc$ file /usr/bin/apropos
      /usr/bin/apropos: symbolic link to `whatis'
      harrykar@harrysas:/usr/share/doc$ file /usr/bin/whatis
      /usr/bin/whatis: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.15, stripped
      harrykar@harrysas:/usr/share/doc$ ls -l apropos
      ls: cannot access apropos: No such file or directory

      Using Directories
      A directory is a container for files and subdirectories. Directories are set up in a hierarchy from the root (/) directory down to multiple subdirectories, each separated by a slash (/). Directories are called folders when you access them from graphical file managers.

      To create new directories for storing your data, you can use the mkdir command. Here are examples of using mkdir to create directories in different ways:
      $ mkdir /tmp/new           Create “new” directory in /tmp
      $ mkdir -p /tmp/a/b/c/new  Create parent directories as needed for “new”
      $ mkdir -m 700 /tmp/new2   Create new2 with drwx — — — permissions

      The first mkdir command simply adds the new directory to the existing /tmp directory. The second example creates directories as needed (subdirectories a, b, and c) to create the resulting new directory. The last command adds the -m option to set directory permissions as well.

      You can identify the file as a directory because the first character in the 10-character permission string for a directory is a d:
      $ file /tmp/new
      /tmp/new: directory

      $ ls -l /tmp
      drwxr-xr-x 2 ericfj ericfj 4096 2007-09-11 07:25 new
      Another thing to notice about directories is that the execute bits (x) must be on, if you want people to be able to use the directory as their current directories.

      Using Device Files
      When applications need to communicate with your computer’s hardware, they direct data to device files. By convention, device files are stored in the /dev directory. Devices are generally divided into block devices (such as storage media) and character devices (such as serial ports and terminal devices).
      Device files are often called device drivers.
      Each device file is associated with a major number (indicating the type of device) and minor number (indicating the instance number of the device). For example, terminal (tty) devices are represented by major character device 4, while SCSI hard disks are represented by major block device number 8. Here are examples of device files:

      $ ls -l /dev/tty0 /dev/sda1           List character and block special devices
      brw-rw---- 1 root disk 8, 1 2007-09-05 08:34 /dev/sda1
      crw-rw---- 1 root root 4, 0 2007-09-05 08:34 /dev/tty0

      A listing of device names and numbers allocated in Linux is available in Ubuntu in the online manual page for the MAKEDEV command. Most device files are created automatically for you at boot time. So most people never create device files manually. However, you can create your own device file using the mknod command. Here’s an example:

      $ sudo mknod /dev/ttyS4 c 4 68  Add device for fifth serial port
      $ ls -l /dev/ttyS4              List new device file
      crw-r--r-- 1 root root 4, 68 Sep 6 00:35 /dev/ttyS4

      Using Named Pipes and Sockets
      When you want to allow one process to send information to another process, you can simply pipe (|) the output from one to the input of the other. However, to provide a presence in the file system from which a process can communicate with other processes, you can create named pipes or sockets. Named pipes are typically used for interprocess communication on the local system, while sockets can be used for processes to communicate over a network. Named pipes and sockets are often set up by applications in the /tmp directory. Here are some examples of named pipes and sockets:
      $ ls -l /tmp/.TV-chris/tvtimefifo-local /tmp/.X11-unix/X0
      prw------- 1 chris chris 0 Sep 26 2007 /tmp/.TV-chris/tvtimefifo-local
      srwxrwxrwx 1 root chris 0 Sep 4 01:30 /tmp/.X11-unix/X0

      • The first listing is a named pipe set up by the tvtime TV card player (note the p at the beginning indicating a named pipe). 
      • The second listing is a socket set up by the X GUI for interprocess communications.
      To create your own named pipe, use the mkfifo command as follows:

      $ mkfifo mypipe
      $ ls -l mypipe
      prw-r--r-- 1 chris chris 0 Sep 26 00:57 mypipe

      A link in Unix is similar to a shortcut in Microsoft Windows. Instead of copying files and directories to different parts of the file system, links can be set up to access that same file from multiple locations. 
          To comprehend links, you need to understand inodes. Every file in Unix has a number, called an inode, associated with it. Unix internally  doesn’t use the filename to refer to the file; it uses the inode. An inode is unique to a partition, so two completely unrelated files can have the same inode if and only if they’re in different partitions. That’s much like your driver’s license number (inode), which is unique in your state (partition). A driver in another state can have the same driver’s license number that you do, but the two of you can be uniquely identified based on your states.

      Links are extremely useful in many ways, such as enabling you to alias a command, program, or file to a more common name. You can also use links to create “copies” of a file without wasting storage space by duplicating the actual content. There are two types of links: hard and soft (also called symbolic or symlinks).
      • A hard link cannot span file systems (physical file systems such as hard drives), and the file linked is exactly the same as the original file. Can only be used on files (not directories). Is basically a way of giving multiple names to the same physical file. In inode reference, the file that you are linking to will have the same inode number as the link name, which is why you cannot use a hard link across different file systems. Every physical file has at least one hard link, which is commonly thought of as the file itself. Any additional names (hard links) that point to that single physical file must be on the same partition as the original target file (in fact, one way to tell that files are hard linked is that they have the same inode number). Changing permissions, ownership, date/time stamps or content of any hard link to a file results in all others being changed as well. However, deleting one link will not remove the file; it will continue to exist until the last hard link to the file is deleted.
         All changes made to either the file hard-linked to or the file resulting from the hard link are reflected in both. To create a hard link, use the command: ln file_name link_name
      • A soft (symbolic) link can span file systems or even different computer systems. When you try to open a symbolic link which points to a file or change to one that points to a directory, the command you run acts on the file or directory that is the target of that link. The target has its own set of permissions and ownership that you cannot see from the symbolic link. The symbolic link can exist on a different disk partition than the target. In fact, the symbolic link can exist, even if the target doesn’t. It will have a unique inode number (different from the target file) assigned to it, and if the link is removed, the original file remains. When the file being referred to is deleted, the symbolic link file becomes a dangling link to a non-existent file.
        To create a symbolic link, use the command: ln -s file_name link_name
      Whith ls -l, you’ll see an l in the file-type position and a -> next to the filename. These indicate a link. E.g. If a directory named bin shows ./usr/bin after the -> this means the directory is really located in /usr/bin. Links are often used to:
      • make it easier to find files
      • create convenient shortcuts(or call files or directories by other names) to other files
      • group collections of files

      Although directories typically show a d type in the first column of ls -l output, a file that links to a directory shows a file type of l because it is not really a directory, but a link to a directory. When creating soft links, always use absolute paths instead of relative paths for maximum portability. (Portability is being able to use a script on multiple types of Unix systems.)

      Modifications to any of the links or to the original file that is linked to will be seen no matter how you reference the file (by the hard_link, the soft_link, or the original filename). When moving or deleting a file that has links to it, you must be cognizant of any soft links on the system because you could break them.
      • For instance, say you have the sales_forecasts.txt file in a directory that contains your sales forecasts for the year, but you want others to be able to look at it by using a soft link from a different file system. You could create a soft link called steves_sales_forecasts.txt in a shared directory so that others could easily locate and access it. 
      • You could also create the hard link my_sales_forecasts_2005.txt in your home directory (assuming it is on the same file system) so you could easily reference the file when you wanted to. 
      • If you change the name of the original file (sales_forecasts.txt), the hard-linked file (my_sales_forecasts_2005.txt) will still point to the correct file because hard links use the inode as the reference and the inode doesn’t change when the filename changes. The soft-linked file steves_sales_forecasts.txt, however, will no longer point to the correct location because soft links use the filename as the reference. 
      • If you change the name of any of the links (soft or hard), they will still point to the proper location because the original file doesn’t change.
      • If you delete the original file that has links to it (sales_forecasts.txt) and then re-create the file with different data but the same name (sales_forecasts.txt), the hard link will no longer work because the inode of the file has changed, but the soft link will still work because it refers only to the name of the file.
      Here are some examples of using the ln command to create hard and symbolic links:

      $ touch myfile
      $ ln myfile myfile-hardlink
      $ ln -s myfile myfile-symlink
      $ ls -li myfile*
      292007 -rw-r--r-- 3 francois francois 0 Mar 25 00:07 myfile
      292007 -rw-r--r-- 3 francois francois 0 Mar 25 00:07 myfile-hardlink
      292008 lrwxrwxrwx 2 francois francois 6 Mar 25 00:09 myfile-symlink

      Note that after creating the hard and symbolic link files, we used the ls -li command to list the results. The -li option shows the inodes associated with each file. You can see that myfile and myfile-hardlink both have the inode number of 292007 (signifying the exact same file on the hard disk). The myfile-symlink symbolic link has a different inode number. And although the hard link simply appears as a file (-), the symbolic link is identified as a link (l) with wide-open permissions. You won’t know if you can access the file the symbolic link points to until you try it or list the link target.

      File and Directory Permissions
      The permissions of a file are the first line of defense in the security of a Unix system. The ability to access files, run commands, and change to a directory can be restricted with permission settings for user, group, and other users. When you do a long list (ls -l) of files and directories in Linux, the beginning 10 characters shown indicate what the item is (file, directory, block device, and so on) along with whether or not the item can be read, written, and/or executed. Figure illustrates the meaning of those 10 characters. The basic building blocks of Unix permissions are the read, write, and execute permissions, which are described in the following list:
      • read (r) Applied to a Directory: Grants the capability to read the contents of the directory or subdirectories. Applied to Any Other Type of File: Grants the capability to view the file.
      • write (w) Applied to a Directory: Grants the capability to create, modify, or remove files or subdirectories. Applied to Any Other Type of File: Grants write permissions, allowing an authorized entity to modify the file, such as by adding text to a text file, or deleting the file.
      • execute (x) Applied to a Directory: Grants the capability to enter the directory. Applied to Any Other Type of File: Allows the user to “run” the program.
      The permissions for each file are the second through the tenth characters from the left (remember the first character identifies the file type).
      • The permissions are broken into groups of threes, and each position in the group denotes a specific permission, in this order: read, write, execute. 
      • The first three characters (2–4) represent the permissions for the file’s owner. 
      • The second group of three characters (5–7) consists of the permissions for the group to which the file belongs. 
      • The last group of three characters (8–10) represents the permissions for everyone else (“others” in Unix parlance). 
      • The - is a placeholder to provide the proper separation for easier reading.

      Directory permissions:

      • Read allows the contents of the directory and subdirectories to be read;
      • write enables creation, modification, and deletion of files and subdirectories;
      • execute allows entry to the directory.

      To follow along with examples in this section, create a directory called /tmp/test
      and a file called /tmp/test/hello.txt. Then do a long listing of those two items, as follows:
      $ mkdir /tmp/test
      $ echo “some text” > /tmp/test/hello.txt
      $ ls -ld /tmp/test/ /tmp/test/hello.txt
      drwxr-xr-x 2 francois sales 4096 Mar 21 13:11 /tmp/test
      -rw-r--r-- 2 francois sales       10 Mar 21 13:11 /tmp/test/hello.txt

      After creating the directory and file, the first character of the long listing shows /tmp/test as a directory (d) and hello.txt as a file (-). Other types of files available in Linux that would appear as the first character include character devices (c), block devices (b) or symbolic links (l), named pipes (p), and sockets (s).

      The next nine characters represent the permissions set on the file and directory. The first rwx indicates that the owner (francois) has read, write, and execute permissions on the directory. Likewise, the group sales has the more restricted permissions (r-x) with no write permission. Then all other users have only read and execute permissions (r-x); the dash indicates the missing write permission.

      For the hello.txt file, the user has read and write permissions (rw-) and members of the group and all others have read permission (r--). When you set out to change permissions, each permission can be represented by an octal number (where read is 4, write is 2, and execute is 1) or a letter (rwx). 
      Generally speaking, read permission lets you view the contents of the directory, write lets you change (add or modify) the contents of the directory, and execute lets you change to (in other words, access) the directory. 
      If you don’t like the permissions you see on files or directories you own, you can change those permissions using the chmod command.

      Changing Permissions
      To change file or directory access permissions, you use the chmod(change mode) command. There are two ways to use chmod: symbolic mode and absolute mode.
      • Applying permissions with chmod’s absolute mode requires a numerical representation of the permissions, which is more efficient and is how the system views permissions. 
      • Permissions applied with chmod’s symbolic mode use the familiar rwx format and are easier to understand for most new users.
      The first 0 in the mode line can usually be dropped (so you can use 777 instead of 0777). That placeholder has special meaning. It is an octal digit that can be used on commands (executables) to indicate that the command can run as a set-UID program (4), run as a set-GID program (2), or become a sticky program (1). With set-UID and set-GID, the command runs with the assigned user or group permissions (instead of running with permission of the user or group that launched the command).
      WARNING! SUID should not be used on shell scripts. Here is a warning from the Linux Security HOWTO: “SUID shell scripts are a serious security risk, and for this reason the kernel will not honor them. Regardless of how secure you think the shell script is, it can be exploited to give the cracker a root shell.”
      Having the sticky bit on for a directory keeps users from removing or renaming files from that directory that they don’t own (/tmp is an example). Given the right permission settings, however, users can change the contents of files they don’t own in a sticky bit directory. The final permission character is t instead of x on a sticky directory.
      A command with sticky bit on used to cause the command to stay in memory, even while not being used. This is an old Unix feature that is not supported in Linux.
      The -R option is a handy feature of the chmod command. With -R, you can recursively change permissions of all files and directories starting from a point in the file system. Here are some examples:

      $ sudo chmod -R 000 /tmp/test   Close all permissions below /tmp/test
      $ sudo chmod -R a+rwx /tmp/test Open all permissions to all below /tmp/test
      $ sudo chmod -R 700 /tmp/test   Open permission only to owner below /tmp/test

      Note that the -R option is inclusive of the directory you indicate. So the  permissions above, for example, would change for the /tmp/test directory itself, and not just for the files and directories below that directory.

      Setting the umask
      Permissions given to a file or directory are assigned originally at the time that item is created. How those permissions are set is based on the user’s current umask value. Using the umask command, you can set the permissions given to files and directories when you create them.
      $ umask  0066  Make directories drwx--x--x   and files -rw-------
      $ umask  0077  Make directories drwx------   and files -rw-------
      $ umask  0022  Make directories drwxr-xr-x   and files -rw-r--r--
      $ umask  0777  Make directories d---------   and files ----------
      Changing Ownership
      When you create a file or directory, your user account is assigned to that file or directory. So is your primary group. As root user, you can change the ownership (user) and group assigned to a file to a different user and/or group using the chown and chgrp commands. Here are some examples:
      $ chown  chris test/   Change owner to chris
      $ chown  chris:market test/  Change owner to chris and group to market
      $ chgrp  market test/  Change group to market
      $ chown  -R chris test/  Change all files below test/ to owner chris   

      The recursive option to chown (-R) just shown is useful if you need to change the ownership of an entire directory structure. As with chmod, using chown recursively changes permissions for the directory named, along with its contents. You might use chown recursively when a person leaves a company or stops using your web service. You can use chown -R to reassign their entire /home directory to a different user. Related commands for changing group assignments and passwords include newgrp and gpasswd, as well as the /etc/gshadow file.

      Using chmod in Symbolic Mode
      The easiest way for a beginner to modify file or directory permissions is to use the symbolic mode. The first set of file permissions (characters 2–4 from the ls -l command) is represented with:
      • the u, for user
      • the second set (characters 5–7) is by g, for group
      • and the last set (characters 8–10) is represented by an o

        You can also use the -a option to grant or remove permissions from all three groups at once.
      With symbolic permissions you can add(+), delete(-), or specify(=) the permission set you want by using the operators + or - or =; E.g.  
      chmod o+wx file
      chmod o-wx file
      chmod g=r-x file

      Using chmod with Absolute Permissions
      The second way to modify permissions with the chmod command is to use a  number to specify each set of permissions for the file. Each permission is assigned a value, as the following table shows, and the total of each set of permissions provides a number for that set.

      Number Octal Permission-----------Representation----------- Permission Reference
      0--------------------------------------------------- No permission------------------------------------ ---
      1----------------------------------------------------Execute permissio-------------------------------- ---x
      2--------------------------------------------------- Write permission----------------------------------- -w-
      3--------------------------------------------------- Execute and write-------------------------------- -wx
      4--------------------------------------------------- Read permission------------------------------------ r--
      5----------------------------------------------------Read and execute permission----------------- r-x
      6--------------------------------------------------- Read and write permission---------------------- rw-
      7--------------------------------------------------- All permissions--------------------------------------- rwx

      The numbers from each set are stated together to form the file permissions. For example, if
      • the file owner (user) has read (4), write (2), and execute (1) permissions (4 + 2 + 1 = 7)
      • the group has read permission (4), and 
      • everyone else has no permissions (0) 
      the permissions for the file would be 740. If you want to change the myfile file’s permissions to those examples, use this command:
      chmod 740 myfile 
      following the syntax of the
      To change testfile permissions (which were just changed to -rw-r-xrwx with chmod symbolic permissions) back to the original, you’d run this command:
      $ chmod 774 testfile
      Then run ls -l to verify:

      $ ls -l /home/toms
      -rwxrwxr-- 1 toms users 1024 Nov 2 00:10 testfile

      If you used 043 instead of 774 in the chmod command, the new permissions would be:

      $ ls -l /home/toms
      ----r---wx 1 toms users 1024 Nov 2 00:10 testfile

      Permissions are a complex topic and are extremely important to the security of your system.

      Viewing Files
      After you have traversed the file system and found the file you are looking for, you probably want to view that file. There are many ways to do that in Unix, from using interactive editors (such as vi, emacs, gedit etc) to using some of the commands introduced in this section. The commands discussed here enable you to view a file quickly and move on without having to open a separate program.

      These commands have other functionality, but for now, the focus will be on their file-viewing capabilities. To view a file with all the output to the current terminal screen, use the command cat filename. This can be a problem in a long file because cat by itself simply dumps the contents of the file, not allowing you to pause the output—you’d have to read very fast! The more/less command can help. It runs the same way as cat, but the output requires you to press the space bar or an arrow key to move the file forward, enabling you to view a screenful of output at a time. With the more command you can also press Enter to move forward a single line at a time. The less command is more powerful than older more because you can move forward and backward within the file using the vi movement keys or the arrow keys. You have to press q to quit these file views. Here are examples of the more and less commands:

      $more /etc/syslog.conf
      $less /etc/syslog.conf

      The head and tail commands are interesting because they enable you to view the beginning (head) or the end (tail) of a file. Here’s how to use them:

      $head /etc/syslog.conf
      $tail /etc/syslog.conf

      These commands show you only the first 10 or the last 10 lines of a file by default. If you want to see more or fewer lines, you can specify it with the -n x argument, using the number of lines you want in place of x. Here are sample commands to see the first 15 or last 15 lines of a file, respectively:

      $head -n 15 /etc/syslog.conf
      $tail -n 15 /etc/syslog.conf

      An important option for the tail command is -f (for follow). This option continuously scans the input file instead of simply showing the number of lines indicated. To review the /var/log/syslog file (system log file for many Unix systems) in real time as events are occurring, for example, you could run:

      $tail -f /var/log/syslog

      The output would show you the contents of /var/log/syslog as they were being written to the file until you press the Ctrl+C key combination to stop the loop. This is very useful for watching files, especially log files, as they grow.

      Creating, Modifying, and Removing Files
      To copy a file within the file system, you can use the cp command. Here’s how you’d copy the file /etc/skel/cool_file to another location:

      $ cp /etc/skel/cool_file /home/danl/cool1

      You must have the appropriate permissions to copy, move, or modify a file. Typically you will require at least read permission on the source file (file to copy) and write access to the destination directory and/or file for the copy to occur.
      This command creates an exact duplicate of /etc/skel/cool_file in the /home/danl directory with the name of cool1.

      The cp command is good for copying files, but to move a file from one location to another without copying, you use the mv (move) command with similar syntax. For example, here’s how to move the /etc/skel/cool_file from its original location to /home/danl and rename it cool1:

      $ mv /etc/skel/cool_file /home/danl/cool1

      The mv command can also simply change the name of a file or directory. To change the name of the /home/danl/cool1 file to /home/danl/login_script, for example, you’d execute the following command:

      $ mv /home/danl/cool1 /home/danl/login_script

      The mv command works on directories, too, so you can move an entire directory from one location to another. If danl changed his username to danl12, you could change the home directory name using:

      $ mv /home/danl /home/danl12

      To create a blank file, you can use the touch command. If you use touch on an existing file, the last modified information is adjusted, but if you use it with a new filename, a blank file is created. Here’s how:  
      touch filename
      This is useful when you want to create a blank file for testing or other purposes.

      Deleting Files
      Of course, there will be times when you want to completely delete a file. Then you can use the rm (remove) command. Here’s how to remove (delete) /etc/skel/cool_file from the system:

      $ rm /etc/skel/cool_file

      The rm command has very powerful options, the primary two being -f and -r.

      • The -f option forces rm to remove a file without asking if it is OK; it will make the command occur with no output and will just take action.
      • The -r option will have the rm command descend into any subdirectories of a directory specified as an argument to the rm command. If a file is specified for deletion with the rm command, the rm command will not descend into any directories (it descends into a directory only when a directory is named for deletion).

        You should also be very careful typing arguments of the rm command, especially when using the -f (force) and -r (recursive, or descend into subdirectories), because you could remove or destroy your system.
      For example, if you’re logged in as root, want to delete a file called /tmp/remove_file, and type:

      $ rm -rf / tmp/remove_file

      The accidental space between the / and tmp would cause the / file system to be deleted, completely obliterating your system. The rm command by itself, with no switches, does not remove directories, but the rm command with the -rf switches removes directories and their subdirectories. Make sure you know exactly where in the directory structure you are (use the pwd command) before using rm and, when possible, use the absolute path to ensure you know exactly what you are deleting.

      Here’s an example: Your file system is getting full and you have to make room on the system right away. You run the ls -l command on the /var/log/archives directory (you have backups of everything, of course) and decide to remove any extra logs on the system. You go to your root terminal that you thought you ran the ls -l command in and run the following command:

      $ rm -rf *

      It turns out you were in the wrong terminal window—you were currently in the / directory. If you were logged in as root, you would completely remove all system files and render your system unusable because the command you ran would recursively remove (-r) all files (*) on the system without prompting you at all (-f).

      Making and Removing Directories
      The mkdir and rmdir commands deal specifically with directories. mkdir creates a new directory in which to store files and other directories. Its syntax is:
      mkdir directory_name.
      To create a directory called testdir, for example, you would use the command:

      $ mkdir testdir

      The testdir directory is stored in your current working directory. If you want to place it in a different directory, you need to use the absolute path. Here’s how you’d create the directory testdir in the /tmp directory:

      $ mkdir /tmp/testdir

      To remove a directory, use the syntax:
      rmdir directory_name.
      To remove the testdir created in the preceding example, use the command:

      $ rmdir /tmp/testdir

      As with rm, you can cause significant damage by not being aware of where you are in the file system and by running commands as the root user, although the consequences aren’t quite as severe because of limitations in the rmdir command. rmdir removes completely empty directories only, providing some safeguards against accidentally deleting directories containing files and other directories.

      Basic File System Management
      Like any storage medium, file systems can fill up to capacity, creating tremendous problems if not managed properly. The first way to manage your partition space is with the df (disk free) command. The command df -k (disk free) displays the disk space usage in kilobytes, as shown:

      harrykar@harrykar-desktop:~$ df -k
      Filesystem           1K-blocks      Used Available Use% Mounted on
      /dev/sdb1             18880388  14392812   3528500  81% /
      tmpfs                  1030956         0   1030956   0% /lib/init/rw
      varrun                 1030956       384   1030572   1% /var/run
      varlock                1030956         0   1030956   0% /var/lock
      udev                   1030956       156   1030800   1% /dev
      tmpfs                  1030956       540   1030416   1% /dev/shm
      lrm                    1030956      2392   1028564   1% /lib/modules/2.6.28-11-generic/volatile
      18880388  14392812   3528500  81% /home/harrykar/Private

      Some of the directories, such as tempfs and var/lock, show 0 in the kbytes, used, and avail columns as well as 0% for capacity. These are special (or virtual) file systems, and although they reside on the disk under /, by themselves they do not take up disk space. The df -k output is generally the same on all Unix systems:
      • Filesystem The physical file system (fdX (X=floppy drive number) = floppy drive, /dev/sdb1represents a disk drive, and so forth).
      • kbytes Total kilobytes of space available on the storage medium.
      • used Total kilobytes of space used (by files).
      • avail Total kilobytes available for use.
      • use/capacity Percentage of total space used by files.
      • Mounted on What the file system is mounted on.
      The avail and capacity/use columns are important to track because you don’t want your / (root) or /tmp partitions to fill up, because that will cause serious problems.

      Every portion of the file system is its own entity; the / file system is on its own separate physical partition (or device), as is /export/home (the usual location
      for users’ home directories on Sun Solaris’s version of Unix). Even if /export/home becomes full, the root and other partitions will not, because they are their own entities.

      You can use the -h (human readable) option to display the output in a format that shows the size in easier to understand notation as shown below (the -h option is not available on all versions of Unix):

      harrykar@harrykar-desktop:~$ df -h
      Filesystem            Size  Used Avail Use% Mounted on
      /dev/sdb1              19G   14G  3.4G  81% /
      tmpfs                1007M     0 1007M   0% /lib/init/rw
      varrun               1007M  384K 1007M   1% /var/run
      varlock              1007M     0 1007M   0% /var/lock
      udev                 1007M  156K 1007M   1% /dev
      tmpfs                1007M  540K 1007M   1% /dev/shm
      lrm                  1007M  2.4M 1005M   1% /lib/modules/2.6.28-11-generic/volatile
      19G   14G  3.4G  81% /home/harrykar/Private

      The du (disk usage) command enables you to specify directories to show disk space usage on a particular directory. This command is helpful if you want to determine how much space a particular directory is taking.

      harrykar@harrykar-desktop:~$ du /home/harrykar/Adempiere
      16 /home/harrykar/Adempiere/utils/unix
      84 /home/harrykar/Adempiere/utils/postgresql
      116 /home/harrykar/Adempiere/utils/windows
      4 /home/harrykar/Adempiere/utils/fyracle
      132 /home/harrykar/Adempiere/utils/oracle
      104 /home/harrykar/Adempiere/utils/oracleXE
      644 /home/harrykar/Adempiere/utils
      4 /home/harrykar/Adempiere/packages
      4 /home/harrykar/Adempiere/zkpackages
      75880 /home/harrykar/Adempiere/lib
      52 /home/harrykar/Adempiere/images
      3512 /home/harrykar/Adempiere/data/import
      50048 /home/harrykar/Adempiere/data
      8 /home/harrykar/Adempiere/keystore
      2676 /home/harrykar/Adempiere/jboss/lib
      56 /home/harrykar/Adempiere/jboss/server/adempiere/conf/xmdesc
      12 /home/harrykar/Adempiere/jboss/server/adempiere/conf/props
      352 /home/harrykar/Adempiere/jboss/server/adempiere/conf
      5556 /home/harrykar/Adempiere/jboss/server/adempiere/lib
      48 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/conf
      12 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/META-INF
      8 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/ROOT.war/WEB-INF
      40 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/ROOT.war
      3236 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar
      20 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/images
      8 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/META-INF
      16 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/cluster
      28 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx/adaptor/html
      12 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx/adaptor/model
      28 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx/adaptor/control
      72 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx/adaptor
      76 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx
      80 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss
      84 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org
      88 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes
      100 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF
      180 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war
      12 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/META-INF
      84 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/img
      12 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/css
      116 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/images
      8 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/META-INF
      28 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes
      8 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/WEB-INF/tlds
      60 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/WEB-INF
      2628 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war
      4032 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar
      4036 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management
      8 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/META-INF
      36 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org/jboss/invocation/http/servlet
      40 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org/jboss/invocation/http
      44 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org/jboss/invocation
      48 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org/jboss
      52 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org
      56 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes
      72 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF
      76 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war
      88 /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar
      7592 /home/harrykar/Adempiere/jboss/server/adempiere/deploy
      13504 /home/harrykar/Adempiere/jboss/server/adempiere
      13508 /home/harrykar/Adempiere/jboss/server
      152 /home/harrykar/Adempiere/jboss/bin
      16340 /home/harrykar/Adempiere/jboss
      143132 /home/harrykar/Adempiere

      The -h(human) option makes the output easier to comprehend:

      harrykar@harrykar-desktop:~$ du -h /home/harrykar/Adempiere
      16K /home/harrykar/Adempiere/utils/unix
      84K /home/harrykar/Adempiere/utils/postgresql
      116K /home/harrykar/Adempiere/utils/windows
      4.0K /home/harrykar/Adempiere/utils/fyracle
      132K /home/harrykar/Adempiere/utils/oracle
      104K /home/harrykar/Adempiere/utils/oracleXE
      644K /home/harrykar/Adempiere/utils
      4.0K /home/harrykar/Adempiere/packages
      4.0K /home/harrykar/Adempiere/zkpackages
      75M /home/harrykar/Adempiere/lib
      52K /home/harrykar/Adempiere/images
      3.5M /home/harrykar/Adempiere/data/import
      49M /home/harrykar/Adempiere/data
      8.0K /home/harrykar/Adempiere/keystore
      2.7M /home/harrykar/Adempiere/jboss/lib
      56K /home/harrykar/Adempiere/jboss/server/adempiere/conf/xmdesc
      12K /home/harrykar/Adempiere/jboss/server/adempiere/conf/props
      352K /home/harrykar/Adempiere/jboss/server/adempiere/conf
      5.5M /home/harrykar/Adempiere/jboss/server/adempiere/lib
      48K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/conf
      12K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/META-INF
      8.0K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/ROOT.war/WEB-INF
      40K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/ROOT.war
      3.2M /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar
      20K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/images
      8.0K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/META-INF
      16K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/cluster
      28K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx/adaptor/html
      12K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx/adaptor/model
      28K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx/adaptor/control
      72K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx/adaptor
      76K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss/jmx
      80K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org/jboss
      84K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes/org
      88K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF/classes
      100K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war/WEB-INF
      180K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/jmx-console.war
      12K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/META-INF
      84K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/img
      12K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/css
      116K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/images
      8.0K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/META-INF
      28K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/WEB-INF/classes
      8.0K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/WEB-INF/tlds
      60K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war/WEB-INF
      2.6M /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar/web-console.war
      4.0M /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management/console-mgr.sar
      4.0M /home/harrykar/Adempiere/jboss/server/adempiere/deploy/management
      8.0K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/META-INF
      36K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org/jboss/invocation/http/servlet
      40K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org/jboss/invocation/http
      44K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org/jboss/invocation
      48K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org/jboss
      52K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes/org
      56K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF/classes
      72K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war/WEB-INF
      76K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar/invoker.war
      88K /home/harrykar/Adempiere/jboss/server/adempiere/deploy/http-invoker.sar
      7.5M /home/harrykar/Adempiere/jboss/server/adempiere/deploy
      14M /home/harrykar/Adempiere/jboss/server/adempiere
      14M /home/harrykar/Adempiere/jboss/server
      152K /home/harrykar/Adempiere/jboss/bin
      16M /home/harrykar/Adempiere/jboss
      140M /home/harrykar/Adempiere

      One other command you should be familiar with is fsck (file system check). Unix generally uses a superblock to track the file system, including the size of the file system, free blocks available, and other relevant information. When the system does not shut down gracefully (such as when it’s powered off while still in multiuser mode) or when the system crashes, errors are introduced into the block. These errors could include the system’s marking of blocks as free (meaning they can be written to) when they are actually in use (which can cause serious data corruption), inode size errors, and other administrative problems. These cause inconsistencies in the superblock that require repair. The fsck command attempts to repair them. Because of the potentially disastrous issues surrounding this command, extreme care should be taken when running it, so refer to its man page for more information.

      Beginning Unix
      by Paul Love, Joe Merlino, Craig Zimmerman,
           Jeremy C. Reed, and Paul Weinstein
      ISBN 13: 978-0-7645-7994-3
      A Practical Guide to Linux Commands, Editors, and Shell Programming
      by Mark G. Sobell
      ISBN: 0-13-147823-0
      Begining the Linux command line
      by Sander Van Vugt
      ISBN 13: 978-1-4302-1889-0
      Ubuntu Linux TOOLBOX 1000+ Commands for Ubuntu   and Debian Power Users
      by Christopher Negus, François Caen
      Wiley 2008 ISBN: 978-0-470-08293-5

      No comments:

      Post a Comment