Linux OS

#Summary

These are notes for the Linux OS.

• Linux Distributions
  • Package Managers
  • Favorite Programs
• Overview
  • Hardware
  • Kernel
    • Memory Management Unit (MMU)
    • CPU Allocation
    • System calls (syscalls) with fork() and exce(program)
  • Processes
    • Process States
    • Daemon Processes
• Users
  • root is a superuser
• Shells
  • Bourne Shell
  • bash
• Standard Streams
  • Standard Input (stdin)
  • Standard Output (stdout)
  • Standard Error (stderr)
• Basic Unix commands
  • ls
  • cp
  • mv
  • touch
  • rm
  • echo
  • head
  • tail
  • sort
  • less
  • diff
  • file
  • xargs
• Navigating Directories and Files
  • / the root dir
  • pathname
  • / for absolute pathname
  • does not start with / for relative pathname
  • .. for parent directory
  • . for current directory
  • cd
  • mkdir
  • rmdir
  • pwd
• Shell Globbing
  • globbing with asterisk
  • globbing with ?
• Searching
  • grep
  • find
  • locate
• Shell Basics
  • Shell Keyboard Shortcuts
  • Configuration Files (Dot Files)
  • Shell variables
  • Environment variables
  • $PATH
• man pages and info
• Redirecting Standard Streams
  • > to redirect stdout (create new)
  • >> to redirect stdout (append)
  • | piping
  • 2> to redirect stderr to separate stream
  • >& to redirect stdout and stderr to same file
  • < to redirect to stdin
• Kill Process
  • More Job Control
• Linux Directory Hierarchy
  • usr
• File Permissions
  • chmod to modify file permissions
  • common permissions
• Symbolic Links
  • creating symbolic links
• Archiving and Compressing Files
  • gzip to compress/uncompress .gz files
  • tar to archive .tar files
  • combine .tar.gz for compressed archives
  • zcat
  • bzip2
  • zip and unzip
• sudo
• Devices
• Disks and Filesystems
• Load Average
• Log Rotate

##Linux Distributions

There’s a lot of Linux distributions. This image shows the various distributions:

• Debian, includes Ubuntu and Linux Mint
• Fedora, including a derivative called Red Hat Enterprise Linux (RHEL), and CentOS (a derivative off RHEL)
• Arch Linux

###Package Managers

Each system has a package management program. They include:

• Debian uses dpkg as the main package management program and APT (Advanced Package Tool) with the apt-get interface tool (e.g. search, update)
• Fedora uses rpm (red hat package manager) as the main package management program and Yum with the yum interface tool
• Arch Linux uses makepkg and can be managed with pacman

###Favorite Programs

• i3 as a Window Manager: i3
• Terminal with Terminator
• Simplescreenrecorder for Screen Recording: sudo apt-get install simplescreenrecorder
• Keymon to show Keys Pressed: sudo apt-get install keymon
• Texmaker for LaTeX files
• Kdenlive for video editing

Apt Commands

sudo apt-get update - run this after changing /etc/apt/sources.list or /etc/apt/prefernces sudo apt-get upgrade - upgrades all installed packages sudo apt-get dist-upgrade - same as upgrade, except does a ‘smart upgrade’ (smart conflict resolution) sudo apt-get check - diagnostic tool, does an update of the package lists and checks for broken dependencies sudo apt-get -f install - Fixes broken packages (if you get “unmet dependencies”) sudo apt-get autoclean - removes .deb fiels for packages that are no longer installed on your system sudo apt-get clean - removes all packages from the package cache sudo apt-get remove <package_name> - removes an installed package, leaving configuration files sudo apt-get purge <package_name> - completely removes a package and any associated configuration files sudo apt-get autoremove <package_name> - removes packages that were installed by other packages that are no longer needed sudo apt-cache search <search_term> - searches package name and description contains <search_term>

##Overview

The Linux Operating System has three main levels:

1. Physical Hardware, e.g. memory (lots of 1s and 0s) and CPU (reads and writes from and to memory)
2. Kernel, the software sitting in memory that tells the CPU what to do (unrestricted access to hardware)
3. User Processes, software that user runs (restricted acess to hardware)

##Kernel

The Kernel is the interface between hardware and the user software. In order to managem the CPU and memory, the Kernel has unrestricted access to hardware. Its main jobs are:

• Manage the memory - State is how all the 1s and 0s look in memory (an image). Kernel splits up memory and looks at each group to check their status (e.g. taken, free)
• Allocates CPU time to User Processes
• Interfaces with hardware, e.g. devices (usb, printer), usually through a uniform interface of device drivers
• Gets system calls from User processes and handles those requests

###Kernel’s MMU (Memory Management Unit)

The Kernel manages memory with the help of a memory management unit (MMU), that uses a memory management scheme (to enable virtual memory). Some details about memory:

• Kernel needs its own private memory
• User Processes have their own memory (aka user space, userland); these memory blocks can be private or public
• User Processes can share memory with other User Processes
• Some memory from User Processes are Read Only
• System can use more memory than available by using disk space
• Page Table is an implementation of a memory address map

###Kernel CPU Allocation

So what exactly is the relationship between the Kernel and the CPU? The Kernel helps with allocating CPU time for processes with these steps:

1. Kernel passes User Processes over to the CPU
2. CPU has an internal timer that interrupts the User Process once its used up its “time slice”
3. CPU switches back from the User Process to Kernel Mode and hands control back to Kernel
4. Kernel records the CPU and the process’ state in Memory kinda like a quick save
5. Kernel does its own processes, e.g. handle input/output
6. Kernel looks at a list of processes to see what’s ready
7. Kernel prepares the CPU (how long should this process take) and prepares the Memory (where is there room to store state)
8. Kernel passes the User Process the CPU to use

Rinse and Repeat.

###System Calls (syscall) with fork() and exec(program)

A system call (aka syscall) is when a User Process can’t do a process (either can’t access or have ability), so the process requests from the Kernel. There are two types of syscalls:

• fork() is when the Kernel creates a nearly identical copy of the process
• exec(program) is when the Kernel starts the program and then replaces the process

So what does this mean? Other than init, all User Processes start as a result of fork(). Most of the time, fork() then calls exec(program) to start a new program instead of running a copy of an existing program.

Note, system alls are written in C, which is why the syntax has parenthesis.

##Processes

There are two different types of processes in Linux:

• Foreground processes (aka interactive processes) - these are initialized and controlled through a terminal session. There’s a user connected to the system to start these processes since they haven’t been started automatically as part of the system functions/services
• Background processes (ak non-interactive/automatic processess) - processes that are not connected to a terminal; they don’t expect any user input

###Daemon Processes

Daemon processes are special types of background processes that start at system startup and keep running forever as a service.

###Creating Processes

The init process is the mother (parent) of all processes on the system. You can see this with the following (see process id of 1)

ps aux | grep init
root         1  0.0  0.1 225680  9332 ?        Ss   Jan24   1:50 /sbin/init splash

A new process is normally created when an existing process makes an exact copy of itself in memory. The child process will have the same environment as its parent, but only the process ID number is different. You’ll see the Process ID (PID) and the Parent Process ID (PPID).

When creating a new process, you can use fork or exec.

• fork starts a new process which is a copy of the one that calls it
• exec replaces the current process image with another (different) one

##Users

Linux defines a User as ‘someone that can run processes and own files’. As a User:

• username - assigned name of user
• userid - assigned an id for the user
• A User cannot terminate another User’s processes
• A User can share files with other Users through user groups
• passwd to change the password
• useradd <name> to create a standard user (and you can specify their home directory, otherwise will be /home/username/

##Passwords

Passwords are stored in /etc/shadow

###root is a superuser

The username root is a superuser, meaning it has access to escalated permissions to allow terminating other Users’ processes. You don’t want to normally run as root since it can be easy to make mistakes. Even though root is powerful, root still runs in ‘user space’ (and not in Kernel mode)

###Groups

Linux uses groups to organize users. Groups organize collections of accounts, mainly for handling permissions nicer. Control of each group is administered through the /etc/group file.

Every user has a default or primary group. You can change groups with the chgrp <newgroup> command.

##Shells

A shell is a program that runs commands. Shell Scripts are files that contain many shell commands. There are many types of shells, but they mainly originate from the bourne shell and the most common is the bourne again shell (aka bash).

You can usually find what shell is being used by going to /bin/sh and peaking in there to see the link to the shell.

chsh to change a shell.

###Bourne Shell

The original shell is the bourne shell. To see a modern shell, see below for Bourne Again Shell (aka bash)

###bash

bash is an enhanced version of the bourne shell and is the standard shell on most Linux distributions. Most of the below notes are for bash.

##Standard Streams

Linux processes use input and output steams to read and write data. For example, an input stream might be a device and the output stream might be a file or terminal. So what do you mean?

1. Type in the command cat in bash
2. Bash turns into an interactive stream; when you type in text, the text comes out to the terminal
3. The reasoning is that since we didn’t specify either a standard input or standard output steam, it used the default.

There’s three types of Standard Streams:

• Standard Input (stdin)
• Standard Output (stdout)
• Standard Error (stderr)

###Standard Input (stdin)

Basic Input.

###Standard Output (stdout)

Where output goes. By default, the Stream ID is 1.

###Standard Error (stderror)

Where errors go. By default, the Stream ID is 2.

##Basic Unix Commands

Unix is a flavor of Linux. You can use unix in many other systems so they will be your staple commands.

• cat outputs the contents of one or more files
• ls lists the contents of a directory
• cp copies files, e.g. cp file1 file2 copies file1 to file2
• mv moves a file (really just renaming it), e.g. mv filea fileb renames filea to fileb
• touch creates a file touch file1
• rm removes a file (or directory by specifying the correct options), e.g. rm file1 or rm -rf dir1 to remove a directory
• echo prints its arguments to standard output, a useful way to find out values, variables, or results of pattern matching
• head gets the first few lines of a file
• tail gets the last few lines of a file
• sort sorts a file (default alphabetical), use -n for numerical order, -r for reverse order
• less to return large file contents in a paginated format (one page at a time), e.g. less largefile1. Usually used with other commands like grep stuff /usr/share | less
• diff to return the differences between two files, often used with -u to return in a friendlier format for tools, e.g. diff -u file1 file2
• file to get a guess on what the filetype is, e.g. file file1
• xargs build and execute command lines from standard input (i.e. construct argument lists and invoke another utility)

###xargs

xargs is a good command to help chain other commands.

Say you have a set of directories that you want to copy over to another location. You can use xargs to help:

/tmp/yay/ls
dir1 dir2 dir3 dir4

/tmp/yay/ls | xargs -I % mkdir -p /tmp/another_dir/%
/tmp/another_dir/ls
dir1 dir2 dir3 dir

-I option

The -I option lets you take a string that will be replaced with the supplied input before the command is executed. Usually you use % as a common choice.

Shell Trick

Another trick is to use a shell script inside your command:

mkdir ~/backups
$ find /path -type f -name '*~' -print0 | xargs -0 bash -c 'for filename; do cp -a "$filename" ~/backups; done' bash

##Navigating Directories and Files

In order to navigate around Linux in the command line, you will need to know how directories and files are referenced and how to move across these paths.

• / is the root directory;, we never use a \ in Linux
• pathname is the path to a file
• absolute pathname (aka full pathname) is when the pathname starts with a /, e.g. /etc/blah/something.txt
• relative pathname is when a pathname does NOT start with a /, e.g. static/js/something.txt
• .. using two dots means referencing the parent directory, e.g. if you’re in /usr/bin, ../bin to refer to bin
• . means the current directory; not really used

These commands and terms are useful to navigate around paths:

• Current Working Directory is where a process is currently running
• cd changes directories, e.g. cd dir1 will change to dir1 (or if None, returns to home dir)
• ~ references the home directory
• mkdir creates a directory, e.g. mkdir dir1 creates dir1
• rmdir to remove a directory, e.g. rmdir dir1 to delete the dir1. If dir has files, use rm -rf dir1 to recursively (-r) delete a dir -d and all its contents
• pwd to print the current working directory; this will be useful when working with symbolic links, usually pwd -P to find the true path

##Searching Directories in Shell using Globbing (Wildcards)

Globbing (aka Wildcards) is the process of matching files and directories to a pattern in the shell.

• Important to note, globbing only applies to shell and shell scripting.
• Shell globbing is not the same as regular expressions (regex)
• E.g. The Shell uses ? to match one arbitrary character, where regex uses .

###Globbing Expansion Steps

So what happens after a match is made? The shell does a process called expansion, which means:

1. A glob matches a file or directory name
2. The glob substitutes those names
3. The glob then runs the rest of the shell command

Some Notes:

• Use single quotes around your command if you do not want expansion, e.g. echo * simply prints out *

###Globbing with *

* is used in shell globbing to match any arbitrary set of characters. Here’s sample ways of using *:

• *at matches anything that ends with at
• at* matches anything that starts with at
• *at* matches anything with at in the string

###Globbing with ?

? is used in shell globbing to match one arbitrary character.

• b?at would match boat and brat, but not brrat

##Grep

Grep prints the lines that matches an expression/a pattern. Grep understands patterns called regular expressions. Example uses include:

• grep root /etc/passwd to find the text root in the directory /etc/passwrd
• grep -i stuff etc/* to find the word stuff (-i for case insensitive) in the directory /etc/
• grep -v stuff etc/* to find the inverse of stuff (does not match) in /etc/

##File Search

To search inside a file (not in the shell), use / and ?.

• / to search forward from the cursor
• ? to search backwards from the cursor
• n to go to next match once search results are found

##Shell Basics

Let’s take a look at how our shell is configured and how to move around using shortcuts.

###Shell Keyboard Shortcuts

Shell keyboard shortcuts can be helpful:

• ^C is often used to reference Ctrl + C
• ^P to get previous command
• ^B to move back a step
• ^F to move forward a step
• ^A to move to beginning of the line
• ^E to move to end of the line
• ^W to erase preceding word
• ^U to erase from cursor to beginning of the line
• ^K to erase from cursor to end of the line
• ^Y to paste erased text (e.g. from ^U)

###Dot (Configuration) Files

Dot files are files that start with a .. These configuration files and directories are normally hidden by default and usually hold config settings.

• ls normally doesn’t show configuration files and directories by default (otherwise things print messy)
• ls -a to see all the directory files, including the configuration files
• .*. pattern to make shell globs search through configuration files, otherwise will ignore these files by default
• .bashrc and .login are common configuration files, .ssh is a common dot directory

###Shell Variables

Shell variables are temporary variables being stored by the shell. These can contain simple strings or some variables to control the way the shell behaves.

• STUFF=blah to assign the value blah to the shell variable STUFF
• echo $STUFF to use the shell variable (referencing with $)

###Environment Variables

Environment variables are slightly different than shell variables in that they get passed to the programs that the shell runs. These are used in configuration and option settings.

• STUFF=blah to assign the value blah to the variable STUFF (at this point, it’s not an environment variable yet)
• export STUFF to make environment variable STUFF (key is to use export to make environment variable)

###PATH variable

The PATH variable is a special environment variable that contains the command path; its purpose is to list the directories that the shell searches to locate a command.

• echo $PATH to show PATH, with $ to reference the PATH variable
• If multiple PATHS are found, the first is used
• Contents are separated by :
• PATH=somedir:$PATH to add a directory to the beginning of the PATH
• PATH=$PATH:somedir to add a directory to the end of the PATH
• Example PATH might look like: /usr/local/bin:/usr/bin:/bin

##man pages and info

man stands for Manual Pages, which are built in docts that are split into these 8 sections:

1. User Commands
2. System Calls
3. Higher-level Unix programming library documentation
4. Device Interface and Driver Information
5. File descriptions (system configuration files)
6. Games
7. File formats, conventions, and encodings (ASCII, suffixes, and so on)
8. System commands and Servers

###How to use man pages

Type in man <number> <search> where number is one of the sections above (1-8) and a search term

• man 5 passwd to get the file description of /etc/password (as opposed to system command)
• <command> --help to get help on a specific command, e.g. ls --help
• man -k <keyword> to search a manual page by keyword, e.g. man -k keyword

###

To get additional information, try out info <command>, e.g. info grep

• /usr/share/doc is where some packages dump their available documentation

##Redirecting Standard Streams

You can redirect standard input, standard output, and standard error streams. Normally we have:

stdin 0 - standard input typically carries data from a user to a program (e.g. receive input from a device like a keyboard). Normally stdin is terminated by EOF (end-of-file), meaning no more data to be read. stdout 1 - standard output writes the data that is generated by a program; when this is not redirected, it normally outputs text back to the terminal. stderr 2 - standard error writes the errors generated by a program that has failed at some point in its execution. the default destination for this stream is the terminal display

With redirection, we can:

• > to redirect Standard Output to another location by creating or replacing a file, e.g. command > file1
• ’»’ to redirect Standard Output to another location by appending to file, e.g. command >> file1
• | (aka piping) to redirect Standard Output to Standard Input of another command, e.g. command1 | command2, head /proc/cpuinfo | tr a-z A-z
• 2> to redirect Standard Error to a separate stream, e.g. command > file_a 2> file_b
  • Steam ID of 1 by deafult means Standard Output (to file_a), Steam ID of 2 by default means Standard Error (to file_b)
• >& to redirect Standard Output and Standard Error to the same file, e.g. `command > file_a 2>&1
• < is an uncommon scenario to take file and redirect to Standard Input, e.g. command < file_a

You can combine some of the stdin, stdout, stderr together with redirection:

Overwrite

Overwrite with:

> standard output < standard input 2> standard error

Append

You can append with:

>> appends standard output << appends standard input 2>> appends standard error

Pipes

Use pipes | to move output from one program to the input of another program

##List and Manipulate Processes

A process is a running program. Here’s how to read process details:

• ps to list processes
• PID is each process’ numeric id
• TTY is the terminal device that the process is running on
• STAT is the process Status, e.g. S for sleeping, R for running
• TIME is the time that the process has been running
• COMMAND is the last command that called the process (can change over time)

Common process commands are:

• ps x to show the running (executing) processes
• ps ax to show all running processes (not just yours)
• ps u to show detailed info on processes
• ps w to show full command nmaes (not just what fits in a line)
• ps aux to show all running (executing) processes in detail

###Kill Processes

kill to signal to kill a process

• kill <pid> to kill a specific process (based on PID)
• kill -STOP <pid> to STOP a specific process (based on PID)
• kill -CONT <pid> to continue a process (based on PID)
• kill <pid1> <pid2> <pid3> to kill multiple processes
• If a job is currently active in the prompt, you can ^C to kill the running job

###More Job Control

As you saw in Kill, you can manage shell jobs by sending TSTP signals (similar to STOP) and CONT signals. You can also send a job to the background or foreground.

• jobs command to see what jobs are currently running
• ^Z to send a TSTP signal to SUSPEND a process
• fg to start the process again (bring to foreground)
• bg to move the process to the background
• & to detach a process from the shell and put it in the backgroundso you have the prompt back, e.g. gunzip file.gz & to unzip a large file in bg
• ^L to redraw the entire screen
• ^R to redraw the current line, but be careful, can put you in reverse isearch mode if in bash prompt already (Esc to quit)

##Linux Directory Hierarchy

The details of the Linux Directory Hierarchy can be found in the Filesystem Hierarchy Standard (FHS) at http://www.pathname.com/fhs/

The overview looks like this for the main directories:

• /
• /bin/ - has read-to-run programs (executables), including most of the basic Unix commands like ls and cp
• /dev/ - contains device files
• /etc/ - has core system configuration directory (pronounced eht-see), e.g. user password, boot, device, networking files; usually specific to that machine’s hardware, e.g. etc/X11 has graphics cards configs
• /home/ - has personal directories for regular users
• /lib/ - short for library, has library files containing code that executables in /bin/ can use. Two types of libraries (static and shared); this only has shared libraries
• /sbin/ - place for system executables, relates to system management; regular users should not have have /sbin components. Most utilities here require root access
• /tmp/ - a storage area for smaller, temporary files. Any user can read and write from here, but may not have access to other user files. a storage area for smaller, temporary files. Any user can read and write here, but may not have access other user files. Sometimes cleared so do not put important info here.
• /var/ - the variable subdirectory, where programs record runtime information like system logging (/var/log/), user tracking, caches, and other files that system programs create and manage
• /proc/ - what processes are running, provides system statistics through a browsable directory-and-file interface. Contains info about currently running processes and some kernel parameters
• /boot - has kernel loader files, only useful for the very first stage of Linux startup procedure
• /media/ - base attachment point for removable media like flash drives
• /opt/ - additional third-party software, many systems don’t have this directory
• /usr/ - does NOT have user files; this is a large directory hierarchy, including most of the Linux system. Has many of the same files as root directory (e.g. usr/bin, usr/lib). This is where most of the user-space programs and data sit

###usr

The /usr directory is where most of the user-space programs and data sites.

- `/usr/bin/`
- `/usr/man/` has man pages
- `/usr/info/` has info pages
- `/usr/include` holds header files used by the C compiler
- `/usr/lib/`
- `/usr/local/` where administrators can install their own software; should look like that of `/` and `/usr`
- `/usr/sbin/`
- `/usr/share/` has files that should work on other kinds of Unix machines; sometimes `/man` or `/info` are here

##File Permissions

Every Unix file has a set of permissions that say whether you can read, write, or execute the file.

• ls -l to display the permissions
• E.g. -rw-r--r-- 1 juser somegroup 7041 Mar 26 19:34 endnotes.html
• The file has a mode
• The first character of the mode (in this case, -) determines the file type. - for regular file, d for directory
• Next comes three sections: “User Permissions”, “Group Permissions”, “Other permissions” (e.g. User has rw-, etc)

###chmod to change file permissions

Use chmod to change file permissions. There’s also umask to set a predefined set of permissions for any new files you create.

• chmod g+r file1 to add file permissions
• chmod g-r file2 to remove file permissions
• chmod 664 file3 to change permissions with numbers (an absolute change) since it changes all permission bits at once
• umask shell command to set a predefined set of permissions to any new file you create

###Common Permissions

Some of the most common modes:

• 644 - user: read/write; group, other: read, e.g. used for files
• 600 - user: read/write; group; other: none
• 755 - user: read/write/execute; group, other: read/execute. e.g. used for directories, programs
• 700 - user: read/write/execute; group, other: none. e.g. used for directories, programs
• 711 - user: read/write/execute; group, other: execute. e.g. used for directories

##Group Permissions

You can see all the group permissions under /etc/group. If you want to check the members of a group, you can run getent group my_group. To see your own groups, run groups.

##Symbolic Links

A symbolic link is a file that points to another file or directory.

lrwxrwxrwx 1 ruser users 11 Feb 27 13:52 somedir -> /home/origdir

In this example, when you try to access somedir, you get /home/origdir, i.e. a shortcut.

Links can get pretty confusing because:

• the destination (/home/origdir) doesn’t even need to exist
• there might be chained symbolic links, basically your system might have links that point to other links
• you might not know a symbolic link exists
• you might forget to add the -s option when creating a symbolic link, which means you create a hard link
• check command twice that you didn’t switch up the target and the linkname

###Creating Symbolic Links

ln -s target linkname so that the linkname argument is the name of the symbolic link. The target arg is the path of the file or directory that the link points to. The -s flag specifies a symbolic link.

To update a link, you can run ln -sf /path/to/dir/that/exists/already/ /path/to/symlink/akamyshortcut/

Remember that symlink is like cp, where you have the source and the target.

###Delete Symbolic Links

To delete a symbolic link, just type in unlink followed by the link

You can see a symlink with something like ls -alh .

lrwxrwxrwx  1 will will 42 Apr  2  2016 my_stuff -> my_folder/my_stuff/

##Archiving and Compressing Files

We want to be able to zip/unzip files (i.e. do compression / uncompress files) and to handle archives (pack / unpack multiple files and directories into one file).

###Gzip

To compress and uncompress files, we’ll use the program gzip. Files end with .gz

• gzip my_file to compress the file
• gunzip my_file.gz to uncompress the file

###tar

To pack multiple files and directories into one file, we want to create an archive with tar. We can also unarchive (take one file and put back into multiple files and directories). Files end with .tar

A lot of this depends on the modes:

• c flag activates create mode
• x flag means to put tar into extract/unpack mode
• t flag to check contents with table-of-contents mode

Then we can add additional flags:

• tar cvf my_archive.tar file_1 file_2 file_3
• v flag prints details such as file size and permissions
• f flag means the file option

Example Commands:

• tar xvf my_archive.tar to unpack a .tar file

###Compressed Archives with .tar.gz

Archives are normally found compressed, so you’ll see a filename ending in .tar.gz. Work from the right side to the left. Uncompress, then Unarchive.

1. Unzip first with gunzip my_file.tar.gz
2. Tar to unarchive with tar xvf my_file.tar

###zcat

A faster and more efficient way (in terms of kernel I/O time, disk space), is to use zcat.

zcat my_file.tar.gz | tar xvf -

This zcat command is the same as gunzip -dc. The -d option decompresses and the -c option sends to standard output (in this case, to the tar commmand)

Note: a .tgz file is the same as a .tar.gz file

###bzip2

A .bz2 file is the result of another compression program called bzip2. The advantage of this format is that it comrpesses text files a little more.

bunzip2 to decompress.

###zip and unzip

zip and unzip are still available to help with zip archives that come from Windows systems.

##su and sudo

You can run commands as the superuser; one method is to use su. Issues include:

• No record of system-altering commands
• No record of the users who performed system-altering commands
• No access to your normal shell environment
• You have to enter the password
• visudo to edit /etc/sudoers, this command checks for file syntax errors after you save the file

Instead, use sudo, e.g. sudo vipw

Note, you can configure list of users that can run commands as supervisor under /etc/sudoers file. You can set which Users can use sudo

##Devices

The kernel provides a way to interface with devices.

• /dev directory is the directory for devices
• Most of these device I/O interfaces are available to user processes as files known as device nodes.

###Using /dev to identify devices

Let’s see how device ouptut might look like:

$ls -l

#Sample output
brw-rw----   1 root disk 8, 1 Sep 6 08:37 sda1
crw-cw-rw-   1 root disk 1, 3 Sep 6 08:37 null

Here’s how to read the output:

• the first character b (block), c (character), p (pipe), s(socket), then the file is a device
• Block Device means programs accesses data from the device in fixed chunks. E.g. sda1 in the example above is a disk device, a type of block device
• Character Device means programs access data from the device using data streams. You can only read or write characters to these devices (e.g. printers)
• Pip Device (aka Named pipes) are like Character Devices, but with another process at the end of the I/O stream instead of the kernel driver
• Sockets are special-purpose interfaces that are used in interprocess communication (representing Unix domain sockets). These are usually outside of /dev dir.

There are also two numbers before the date, indicating the major and minor device numbers that help the kernel identify the device.

###Using /sys to identify devices

• The devices in /dev are so user processes can use the device, while the same devices are viewable in /sys/devices to view info and manage the device.
• To provide a uniform view for attached devices (instead of just the order they are found through reboot), look at /sys/devices.
• In the /sys directory, you can see symbolic link shortcuts (e.g. /sys/block contains all the block devices on the system
• ls -l /sys/block to see the true sysfs paths

###dd program for block and character devices

dd is useful for working with block and character devices because it allows you to read from an input file or stream and write to an output file or stream.

• dd copies data in blocks of a fixed size
• dd if=/dev/zero of=new_file bs=1024 count=1 copies a single 1024 byte block from ‘/dev/zero’ (a continuous stream of zero bytes) to ‘new_file’
• Be careful, it can be easy to corrupt data when using this program so to be safe, you should write to a new file

###Finding the name of a device

You can search for the name of a device a few ways:

• Query udevd using udevadm
• Look for the device in the /sys directory
• Guess the name from the output of a dmesg command (prints the last few kernel messages) or the kernel system log file
• mount command on the disk device and check output
• cat /proc/devices to see the block and character devices
• findmnt helps you find what mounts are available

###Hard Disks

Most hard disks are connected using the sd prefix, standing for SCSI disk (Small Computer System Interface). You might see:

• /dev/sda, /dev/sdb means entire disks
• /dev/sda1, /dev/sda2 means partitions on a disk
• lsscsi tool is used to list the SCSI devices on your system

####Terminals

Terminals are devices for moving character between a user process and an I/O device, usually for text output to a terminal screen. Pseudoterminal devices are emulated terminals that understand the I/O features of real terminals, but instead of talking to actual hardware, the kernel presents the I/O interface to software, like the shell terminal window.

• /dev/tty1 is the first virtual console
• /dev/pts/0 is the first pseudoterminal device
• /dev/pts directory is a dedicated filesystem
• /dev/tty device is the controlling terminal of the current process

Linux has two primary display modes: text mode and an X Window System server (graphics mode)

####Other Devices

• CD and DVD Drives sit in /dev/sr (e.g. /dev/sr0, /dev/sr1)
• PATA Hard Disks are older, these sit in /dev/hda, /devhdb); if you find one, its probably an unrecognized SATA drive (which can hinder performance)
• Serial Ports are in /dev/ttyS (e.g. /dev/ttyS0, `/dev/ttyACM1)), but you can’t do much with these here
• Parallel Ports are in /dev/lp0 and /dev/lp1), but these are old and have mostly been replaced by USB
• Bidirectional Parallel Ports are in /dev/parport0 and /dev/parport1
• Audio Devices are in /dev/snd/, /dev/dsp, and /dev/audio. Advanced Linux Sound Architecture (ALSA) is newer interface in /dev/snd

####Creating Device Files with udevd

Use devtmpfs and udev to create device files

• udevd is a user-space process that gets sent notifications from the Linux Kernel when a new device is detected on the system (e.g. new usb drive)
• The user-space process on the other end then examines the new device information, creates a device file, and does any device initialization
• However, some device files are needed early in the boot process; the devtmpfs filesystem was created in response to this problem of device availability during boot

##Disks and Filesystems

When working with disks and filesystems, you should be able to partition disks, create and maintain filesystems inside of the partitions, and work with swap space.

• Remember that earlier we see entire hard disks at say /dev/sda, but these disks are often partitioned into subdivisions of the whole disk at say /dev/sda1, /dev/sda2
• Partition Table is a small area of the disk where partitions are defined
• Filesystem is the next layer after the partition, where the database of files and directories are setup (what you normally see in user space)
• So what does that mean? If you want to access a file, you need to get the partition location from the parititon table, then search the filesystem database on that partition for the file

###Understanding Partitions

There are a few kinds of partition tables.

• The traditional partition table is inside the Master Boot Record (MBR)
• A newer standard is the Globally Unique Identifier Partition Table (GPT)

When we break up the partitions, we see that there are primary, extended, and logical partitions:

• A primary partition is a normal subdivision of the disk (e.g. parition 1), usually a limit of up to 4 partitions
• If you want more than 4 partitions, you need to designate one partitions as an extended partition
• You then divide up the extended partition into logical partitions that the OS can use as it would any other partition

When initially reading a table, the Linux kernel produces a debug output (can be found through dmesg) that shows these partitions, e.g.

sda: sda1 sda2 < sda5 >
# the `sda2 < sda5 >` output means that `/dev/sda2` is an extended partition containing a logical partition (`/dev/sda5`)
* We normally ignore extended partitions because we only want the logical partitions inside

###Partitioning Tools

Here are some different partitioning tools:

• parted is a text-based tool (MBR and GPT supported)
• gparted is a graphical version of parted
• fdisk is the traditional text-based Linux disk partitioning tool (does not support GPT)
• gdisk is a version of fdisk that supports GPT, but not MBR

###Using a Partitioning Tool

You can view and change partition tables with parted and fdisk. We will use parted for system partitioning, but it’s not recommended to use parted for creating filesystems.

• parted -l to view a system’s partition table
• parted and fdisk can also change partition tables (but fundamentally different approaches; fdisk designs a new partition table before making changes to the disk, only doing so when you exit the program while parted takes into effect as you issue the commands)
• You can see changes in partition from dmesg, e.g. creating two partitions on /dev/sdf outputs: sdf: sdf1 sdf2
• udevadm to watch the kernel event changes, e.g. udevadm monitor --kernel shows the old partition devices being removed and new ones being added
• Check /proc/partitions for full partition information
• Check /sys/block/device/ for altered partition system interfaces or /dev for altered partition devices

###Partition Considerations

There can be big performance consequences if you aren’t careful with laying out data based on the hardware.

Hard drives have a spinning platter on a spindle, with the head attached to a moving arm to read/write data on a cylinder; you can see sectors and cylinders, but the reported values are fiction so there’s not much you can do here; trust the Logical Block Addressing (LBA) to assign blocks correctly

Solid-State Disks (SSDs) don’t have moving parts, but one performance factor is partition alignment, which means read/writes are 4096 bytes at a time; this means if your partition data is outside the 4096 byte boundary, you have to do two reads instead of one

####Filesystems

The file-system are the files that you’re used to interacting with in user space. You can run ls and cd to these files and directories. Remember that the filesystem is a form of database that structures these simple block devices into a hierarchy of files and subdirectories that users can understand

There are different filesystem types, some optimized for Linux, and other foreign ones like Windows FAT family. Here are some common types:

• ext4 is the Fourth Extended filesystem, the second iteration of a line of filesystems native to Linux; has backward compatibility with older versions like ext3, ext2
• ext3 is the most common Linux fs type from a few years back
• ntfs is the a common Windows fs type for larger external hard drives
• iso9660 is ISO 9660, a CD-ROM standard
• msdos, vfat, umsdos are FAT filesystems, which are specific to Microsoft systems (common in smaller external hard drives)
• exfat is file system commonly found on USB flash drives and other external drives
• hfsplus (HFS+) is an Apple standard used on most Mac systems
• auto a special case; it will try to guess the fs type when you use this
• sysfs is a pseudo file system by the Linux kernel that exports information about various kernel subsystems
• nfs stands for Network File System (NFS), which is a way of mounting Linux discs/directories over a network An NFS server can export one or more directories that can then be mounted on a remote Linux machine

You can also create filesystems with mkfs, e.g. mkfs -t ext4 /dev/sdf2 to automatically determine the number of blocks in a device and set reasonable defaults

• When you use mkfs, it prints out diagnostic output as it works
• Some of the diagnostic information is relevant to the superblock, a key component at the top of the filesystem database
• You use the superblock backup numbers if you ever need to recover the superblock in case of a disk failure
• In reality, mkfs is just a frontend for a series of filesystem creation programs (e.g. mkfs.fs where fs is a filesystem type like ext4)

####Mounting a Filesystem

Mounting is the process of attaching a filesystem. When the system boots, the kernel reads some configuration data, then mounts root / based on the config data.

You need to know the following in order to mount a filesystem:

• The filesystem’s device (e.g. a disk partition; where the actual file-system data sits)
• The filesystem type
• The mount point, the place in the current system’s directory hierarchy where the filesystem will be attached

####Mount Commands

Run mount to get the filesystem status on your system. Each line corresponds to one currently mounted filesystem and follows this format:

• Starts with device name - Some devices are not real (e.g. proc), but are stand-ins for real device names because these filesystems do not need devices
• Followed by the word on
• The mount point (e.g. /sys)
• The word type
• The filesystem type (e.g. sysfs, devpts)
• Mount options in parentheses (e.g. rw, realtime)
• Put all of the above together into: `sysfs on /sys type sysfs (rw,relatime)
• Can substitute device name for the Universally Unique Identifier (UUID), which uses blkid (Block ID) which uses.

To mount and umount:

• mount -t type device mountpoint - e.g. mount -t ext4 /dev/sdf2 /home/extra`
• umount to unmount - e.g. umount mountpoint

Finding mounts:

$ findmnt
TARGET                                SOURCE     FSTYPE          OPTIONS
/                                     /dev/sda1  ext4            rw,relatime,errors=remount-ro,data=ordered
├─/sys                                sysfs      sysfs           rw,nosuid,nodev,noexec,relatime
│ ├─/sys/kernel/security              securityfs securityfs      rw,nosuid,nodev,noexec,relatime
│ ├─/sys/fs/cgroup                    tmpfs      tmpfs           ro,nosuid,nodev,noexec,mode=755
│ │ ├─/sys/fs/cgroup/systemd          cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/lib/systemd/systemd-cgroups-agent,name=systemd
│ │ ├─/sys/fs/cgroup/rdma             cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,rdma
│ │ ├─/sys/fs/cgroup/cpu,cpuacct      cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,cpu,cpuacct
│ │ ├─/sys/fs/cgroup/memory           cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,memory
│ │ ├─/sys/fs/cgroup/net_cls,net_prio cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,net_cls,net_prio
│ │ ├─/sys/fs/cgroup/cpuset           cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,cpuset
│ │ ├─/sys/fs/cgroup/pids             cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,pids
│ │ ├─/sys/fs/cgroup/blkio            cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,blkio
│ │ ├─/sys/fs/cgroup/devices          cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,devices
│ │ ├─/sys/fs/cgroup/perf_event       cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,perf_event
│ │ ├─/sys/fs/cgroup/freezer          cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,freezer
│ │ └─/sys/fs/cgroup/hugetlb          cgroup     cgroup          rw,nosuid,nodev,noexec,relatime,hugetlb
│ ├─/sys/fs/pstore                    pstore     pstore          rw,nosuid,nodev,noexec,relatime
│ ├─/sys/kernel/debug                 debugfs    debugfs         rw,relatime
│ ├─/sys/kernel/config                configfs   configfs        rw,relatime
│ └─/sys/fs/fuse/connections          fusectl    fusectl         rw,relatime
├─/proc                               proc       proc            rw,nosuid,nodev,noexec,relatime
│ └─/proc/sys/fs/binfmt_misc          systemd-1  autofs          rw,relatime,fd=34,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=480
├─/dev                                udev       devtmpfs        rw,nosuid,relatime,size=12283432k,nr_inodes=3070858,mode=755
│ ├─/dev/pts                          devpts     devpts          rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000
│ ├─/dev/shm                          tmpfs      tmpfs           rw,nosuid,nodev
│ ├─/dev/hugepages                    hugetlbfs  hugetlbfs       rw,relatime,pagesize=2M
│ └─/dev/mqueue                       mqueue     mqueue          rw,relatime
└─/run                                tmpfs      tmpfs           rw,nosuid,noexec,relatime,size=2462716k,mode=755
  ├─/run/lock                         tmpfs      tmpfs           rw,nosuid,nodev,noexec,relatime,size=5120k
  └─/run/user/1000                    tmpfs      tmpfs           rw,nosuid,nodev,relatime,size=2462716k,mode=700,uid=1000,gid=1000
    └─/run/user/1000/gvfs             gvfsd-fuse fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=1000,group_id=1000

####Mount NFS File Systems with fstab

Another way you can mount an NFS share from another machine is to add a line to /etc/fstab file. The line needs to start the hostname of the NFS server, the directory on the server being exported, and the directory on the local machine where the NFS share is to be mounted.

####Mount NFS File Systems with autofs

You can mount an NFS share using the autofs service. Autofs uses the automount daemon to manage your mount points by only mounting them dynamically when they are accessed. Autofs uses the master map configuration file over in /etc/auto.master to determine which mount points are defined. It then starts an automount process with the appropriate parameters for each mount point. Each line in the master map defines a mount point and a separate map file that defines the file systems to be mounted under this mount point. You might see:

/etc/auto.misc file that defines the mount points in the /misc directory /etc/auto.master the master file might define the relationship for this with a line like:

/misc and /etc/auto.misc --timeout 60

#####Autofs Commands

You can start the autofs service with:

/sbin/service autofs restart /sbin/service autofs status /sbin/service autofs reload - you must reload autofs when you modify /etc/auto.master

##Load Averages

Load Averages are a good indication on how your server is being used. You can see this when you type uptime or from htop. You see three numbers, like:

$ uptime
Tasks: 137, 554 thr, 1 running
Load average: 0.03 0.54 1.24
Uptime: 9 days

There are three numbers for load averages, and they represent the 1 min, 5 min, 15 min marks. With these, you can tell if the system load is idle, increasing, decreasing, or if its higher than your CPU count, you probably have a performance problem. Note that this is system load, not necessarily just CPU so it might include CPU, disk, uninterruptible locks.

You can look up bcc-tools (https://github.com/iovisor/bcc) for analysis of what the CPU is doing (e.g. create a CPU Flame Graph).

##Better CPU Metrics

Some better metrics (especially for CPUs) might be:

per-CPU utilization

$ mpstat -P ALL 1
09:45:30 PM  CPU    %usr   %nice    %sys %iowait    %irq   %soft  %steal  %guest  %gnice   %idle
09:45:31 PM  all    1.27    0.00    0.76    0.00    0.00    0.00    0.00    0.00    0.00   97.97
09:45:31 PM    0    1.04    0.00    1.04    0.00    0.00    0.00    0.00    0.00    0.00   97.92
09:45:31 PM    1    2.02    0.00    0.00    0.00    0.00    0.00    0.00    0.00    0.00   97.98
09:45:31 PM    2    1.02    0.00    1.02    0.00    0.00    0.00    0.00    0.00    0.00   97.96
09:45:31 PM    3    1.00    0.00    1.00    0.00    0.00    0.00    0.00    0.00    0.00   98.00

per-process CPU utilization

$ top, pidstat 1
09:52:14 PM   UID       PID    %usr %system  %guest    %CPU   CPU  Command
09:52:15 PM   123      1123    1.00    0.00    0.00    1.00     2  beam.smp
09:52:15 PM     0      1271    1.00    0.00    0.00    1.00     1  docker-containe
09:52:15 PM     0      1332    1.00    0.00    0.00    1.00     3  Xorg
09:52:15 PM  1001      2288    0.00    1.00    0.00    1.00     0  i3status
09:52:15 PM  1001     10390    1.00    0.00    0.00    1.00     2  pidstat
09:52:15 PM  1001     16999    2.00    0.00    0.00    2.00     1  chrome

per-thread run queue (scheduler) latency

E.g. in /proc/PID/schedstats, delaystats, perf sched

$ perf sched

CPU run queue latency

E.g. in /proc/schedstat, perf sched

CPU run queue length

E.g. vmstat 1 and the ‘r’ column

procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu-----
r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
0  0  48348 224424 385352 3696108    0    0    28   149  205  156 36  8 57  0  0
0  0  48348 224268 385352 3696148    0    0     0     0  275  674  1  1 98  0  0
1  0  48348 277900 385352 3642484    0    0     0     0 3792 1269  1  1 98  0  0
0  0  48348 277912 385352 3642432    0    0     0     0 5856 1545  1  1 98  0  0
0  0  48348 277820 385356 3642428    0    0     0    60 7907 1987  2  1 97  0  0

##IO Stat

You can get IO stats from iostat.

$iostat
Linux 4.10.0-20-generic (xps) 	08/08/2017 	_x86_64_	(4 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
          36.21    0.09    7.78    0.08    0.00   55.84

Device:            tps    kB_read/s    kB_wrtn/s    kB_read    kB_wrtn
nvme0n1           1.10         5.03       254.27    4160554  210132300
dm-0              0.02         0.01         0.06       9600      52532

Run iostat -m 5 to show in megabytes per second and 5 to recalculate every 5 seconds. Another good option is -x to show extended statistics.

$iostat -mx 5
avg-cpu:  %user   %nice %system %iowait  %steal   %idle
          16.43   13.11    3.13    0.96    0.72   65.65

Device:         rrqm/s   wrqm/s     r/s     w/s    rMB/s    wMB/s avgrq-sz avgqu-sz   await r_await w_await  svctm  %util
vda               0.00   246.45  279.18  235.57     2.04     2.77    19.15     0.04    0.07    0.28    0.21   0.08   3.90
dm-0              0.00     0.00    1.49    5.55     0.01     0.04    14.11     0.02    2.73    4.83    2.17   0.43   0.31
dm-1              0.00     0.00    2.28  119.85     0.04     0.53     9.68     0.02    0.19    7.62    0.05   0.19   2.26
dm-2              0.00     0.00   48.27   33.16     0.33     0.18    12.83     0.06    0.69    1.34    2.47   0.47   3.80
dm-3              0.00     0.00  225.28  278.88     1.65     2.01    14.87     0.04    0.09    0.33    0.21   0.01   0.31

You can check out the man pages to see what each of these mean, but in summary:

• %user - the percentage of CPU utilization that occurs while executing at the user level (i.e. appplication)
• %nice - the percentage of CPU utilization that occurs while executing at the user level with nice priority (-20 is highest priority, 19 is lowest priority)
• %system - the percentage of CPU utilization that occurs while executing at the system level (i.e. kernel)
• %iowait - the percentage of time that the CPU or CPUs were idle during which the system had an outstanding disk I/O request
• %steal% - the percentage of time spent in involuntary wait by the virtual CPU or CPUs while the hypervisor was servicing another virtual processor
• %idle - the percentage of time that the CPU or CPUs were idle and the system did not have an outstanding disk I/O request

Overall IOPS are with:

iostat -d <your disk name> | grep <your disk name> | awk '{ print $2; }'

e.g. iostat -dm sda | grep sda | awk '{ print $2; }'
     16.41

Below this is the Disk Utilization Report, which shows stats per physical device or partition basis.

##sysstat

sysstat is good for checking out disk I/O. On Ubuntu, you can install with:

• sudo apt-get install sysstat
• sudo vim /etc/default/sysstat
• change ENABLED="false" to ENABLED="true"
• change the collection interval from every 10 minutes to every 2 minutes in /etc/cron.d/sysstat to something like:

/etc/cron.d/sysstat

# The first element of the path is a directory where the debian-sa1
# script is located
PATH=/usr/lib/sysstat:/usr/sbin:/usr/sbin:/usr/bin:/sbin:/bin

# Activity reports every 10 minutes everyday
*/2 * * * * root command -v debian-sa1 > /dev/null && debian-sa1 1 1

# Additional run at 23:59 to rotate the statistics file
59 23 * * * root command -v debian-sa1 > /dev/null && debian-sa1 60 2

• Then restart the service with sudo service sysstat restart
• You can see all the statistics with: sar -A

##Use Method

For additional metrics / troubleshooting tips, see more from Brendan Gregg (like his USE Method)[http://www.brendangregg.com/usemethod.html].

USE Method - For every resource, check utilization, saturation, and errors.

Terminology:

resource - all physical server functional components (CPUs, disks, buses,
etc)
utilization - average time that the resource was busy servicing work
(expressed as a percent over time, e.g. one disk is running at 90%
utilization)
saturation - degree to which the resource has extra work which it can't
service, often queued (as a queue length, e.g. the CPU has an average run
queue length of four)
errors - count of error events (e.g. this network interface has had fifty
late collisoins)

Things to look for:

• Low utilization measurements (e.g. over 5 minutes) can still mean a high burst of utilization over a few seconds

##Systemd

Systemd is an init system and system manager that is managed through systemctl (command line utility for starting and stopping system-level services and checking their status)

Files

We have these files living in /etc/systemd/system/ directory and in directories like /run/systemd/system/ (for run-time unit definitions) and /lib/systemd/system/ (where the system has a copy of unit files).

# List the services that can be started or stopped
ls /etc/systemd/system/*.service
ls /run/systemd/system/*.service
ls /lib/systemd/system/*.service

Where to store files:

• Unit files in /etc/systemd/system have precedence over any of the other locations on the filesystem. If you want to modify the way a unit functions, this is the best location to modify it.
• Unit files in /run/systemd/system have inbetween precedence between /etc/systemd/system and /lib/systemd/system This is used for run-time unit definitions, basically systemd uses this area for dynamically changing the system’s unit behavior. All changes made in this diretory will be lost when the server is booted. Don’t make changes here.
• The system’s copy of unit files are generally kept in the /lib/systemd/system directory. When software installs unit files on the system, this is the default location where files are placed.

Overriding conf files for

If you were modifying a unit in say /etc/systemd/system, you want to do the following so you don’t overwrite the original file:

• Create a directory named after the unit file with a .d appended on the end For example, a unit called example.service will have a subdirectory named example.service.d
• Inside the subdiretory example.service.d, create a file ending with .conf

Running Commands

You can run commands like:

systemctl status my_name.service
systemctl status ntpd.service

# list unit files
systemctl list-unit-files --type=service
systemctl list-units --type [unit-name]

systemctl start my_name.service  # activate/start a service immediately
systemctl stop my_name.service  # deactivate/stop a service immediately
systemctl restart my_name.service  # restart a service (stop then start)
systemctl enable my_name.service  # Enable a service to start on bootup
systemctl disable my_name.service  # Disable a service to NOT start on bootup
systemctl reload my_name.service  # When supported, reloads a config file without interrupting pending operations
systemctl is-enabled my_name.service; echo $?  # Check if service is enabled (0 is enabled, 1 is disabled)
systemctl daemon-reload  # if you've modified a .service and need to reload it

Units

In systemd, a unit refers to any resource that the system knows how to operate on and manage. These resources are defined using configuration files called unit files. Basically, units are the objects that systemd knows how to manage. These units can be abstract services like network resources, devices, and filesystem mounts.

Types of Units

Systemd categories units according to the type of resource they describe. You can tell the type of a unit with its suffix (e.g. .service, .socket).

• .service - a service unit descries how to manage a service or application on the server (e.g. how to start and stop a service, the dependency and ordering information for related software)
• .socket - a socket
• .device
• .mount
• .automount
• .swap
• .target
• .path
• .timer
• .snapshot
• .slice
• .scope

##Log Rotate

Logrotate is a program on Linux systems that rotates, compresses, and mails system logs. Logrotate is used with ease of administration of systems that generate a large number of log files. Each log file can be handled daily, weekly, monthly, or when it grows too large.

Normally logrotate is setup as a daily cron job and is setup through a series of configuration files.

Log Rotate Config file

On Ubuntu, logrotate files are usually in:

• /etc/logrotate.conf - default settings and sets up rotation for a few logs that are not owned by an system packages. This has an include statement to get configuration from /etc/logrotate.d
• /etc/logrotate.d/ - where any packages that you install that might need help with log rotation.

For example, apt’s logrotate would be in cat /etc/logrotate.d/apt:

/var/log/apt/term.log {
  rotate 12
  monthly
  compress
  missingok
  notifempty
}

/var/log/apt/history.log {
  rotate 12
  monthly
  compress
  missingok
  notifempty
}

Another logrotate configuration would be:

# sample logrotate configuration file
compress

/var/log/messages {
    rotate 5
    weekly
    postrotate
        /usr/bin/killall -HUP syslogd
    endscript
}

"/var/log/httpd/access.log" /var/log/httpd/error.log {
    rotate 5
    mail www@my.org
    size 100k
    sharedscripts
    postrotate
        /usr/bin/killall -HUP httpd
    endscript
}

/var/log/news/* {
    monthly
    rotate 2
    olddir /var/log/news/old
    missingok
    postrotate
        kill -HUP `cat /var/run/inn.pid`
    endscript
    nocompress
}

~/log/*.log {}

Related Posts

• 05 Aug 2024 Trino
• 09 Jul 2024 High Level Data Processing Concepts
• 11 May 2023 DBT