archive-be.com » BE » S » SIPHOS.BE

Total: 45

Choose link from "Titles, links and description words view":

Or switch to "Titles and links view".
  • Chapter 10. User Management
    group compat hosts files dns In the example the passwd shadow and group services are managed by the compat implementation Compat is the default implementation provided by glibc GNU C Library which offers access to the various etc files The hosts service used to resolve host names to IP addresses and vice versa is managed by two implementations files which is the implementation that offers access to the etc hosts file a table containing IP address and host name s dns which is the implementation that offers queries with DNS servers Group Information Group membership is used to group different users who need access to a shared resource assign the resource to a particular group and add the users to this group The etc group file Similar with the etc passwd file group information is stored inside the etc group Again every line in this text file defines a group the fields within a group definition are separated by a colon Group name Group password or x if the password is stored elsewhere Group ID Group members who don t have the group as a primary group It might seem strange to have a password on a group After all a user logs on using his user name However there is a sane reason for this you can add users to a different group and password protect this group If a user is logged on to the system but doesn t use the particular group as primary group and leaves his terminal malicious users can t change to this particular group without knowing the password even if they have access to the users terminal and therefore logged on session Group passwords aren t used often though The cases where group passwords can be used privileged groups are usually implemented differently for instance using privilege escalation tools like sudo Creating or Deleting Users The useradd command If you want to add a user to the system you can use the useradd command you ll need to be root to perform this action useradd D thomas In the above example a user account identified by thomas is created using the system default settings which for a Gentoo Linux system means that the default shell is bash the home directory is home thomas etc after which his password is set You can pass on additional arguments to the useradd command to alter the users attributes such as the user id home directory primary group I encourage you to read the useradd manual page for more information The userdel command If a user account needs to be removed from the system you can use the userdel command userdel r thomas With the r option userdel not only removes the user account from the system but also cleans and removes the users home directory If you omit this option the users home directory remains available on the system allowing you to keep his private or not files for future use The usermod command To manipulate

    Original URL path: http://swift.siphos.be/linux_sea/usermanagement.html (2016-05-01)
    Open archived version from archive


  • Chapter 11. Network Management
    0 broadcast 192 168 0 255 up ip route add default via 192 168 0 1 In the example I used the ifconfig command to tell Linux to assign the IP address 192 168 0 100 to the eth0 interface setting the netmask part of the IP address that denotes the network to 255 255 255 0 and broadcast IP address which addresses all IP addresses in the local network to 192 168 0 255 This is the same as assigning the IP address on a 192 168 0 1 24 network for those who understand the CIDR notation If you need static IP addresses but don t know the netmask and broadcast please ask your network administrator these are quite basic settings necessary for an IP configuration You ll most likely also receive a set of IP addresses which correspond to the DNS servers name servers for your network You ll need to set those IP addresses inside the etc resolv conf file nano etc resolv conf search lan nameserver 10 2 3 4 nameserver 10 2 3 5 With this configuration file you tell Linux that a host name can be resolved through the DNS services at the corresponding IP addresses the name servers if it does not know the IP address itself If you want to configure eth0 to automatically obtain its IP address and default gateway and even DNS servers which is the most popular method for local network configurations you can use a DHCP client such as dhcpcd dhcpcd eth0 That s all there is to it unless the command fails of course Gentoo Linux Network Configuration If you want to have Gentoo Linux configure your network device you ll need to edit the etc conf d net file nano etc conf d net If you need to set the IP address yourself static IP address you ll need to set the following suppose the static IP address is 192 168 0 100 gateway 192 168 0 1 and netmask 255 255 255 0 and the name servers are 10 2 3 4 and 10 2 3 5 config eth0 192 168 0 100 netmask 255 255 255 0 dns servers eth0 10 2 3 4 10 2 3 5 If you want to configure the interface to use DHCP automatically obtain IP address config eth0 dhcp For more examples on the Gentoo Linux network configuration with more advanced features check out the usr share doc openrc net example file To enable this support you need to add the net eth0 service to the default runlevel and start the net eth0 service rc update add net eth0 default etc init d net eth0 start If a command tells you that net eth0 doesn t exist create it as a symbolic link to the net lo service script cd etc init d ln s net lo net eth0 More about services later Wireless Network Configuration Wireless networking support is actively being developed on Linux Sadly it is also one of the regions where a fully automated out of the box solution isn t available yet Linux is lacking this because the card providers themselves do not follow standards or refuse to help out with free software driver development As a result wireless card support drivers can be triggered through free software drivers if you re lucky proprietary Linux drivers if you re somewhat lucky or proprietary Windows drivers if you re not lucky but will still be able to get your card working A fourth state can be that you just won t get it working Yet However development of wireless card support is like I said actively being developed Chances are that an unsupported card or chip set now will be supported within 6 months Generally speaking though 80 to 90 of the wireless cards chip sets are supported under Linux Supporting your Network Card If you have configured your kernel with support for your wireless network card you should be able to find the interface in the ifconfig a output ifconfig a eth0 Link encap Ethernet HWaddr c8 0a a9 42 9d 76 inet addr 192 168 20 2 Bcast 192 168 20 255 Mask 255 255 255 0 UP BROADCAST MULTICAST MTU 1500 Metric 1 RX packets 0 errors 0 dropped 0 overruns 0 frame 0 TX packets 0 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 0 0 0 B TX bytes 0 0 0 B Interrupt 30 Base address 0x6000 eth1 Link encap Ethernet HWaddr f0 7b cb 0f 5a 3b inet addr 192 168 1 3 Bcast 192 168 1 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 510358 errors 0 dropped 0 overruns 0 frame 13407 TX packets 300167 errors 5 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 732540912 698 6 MiB TX bytes 26679459 25 4 MiB Interrupt 16 In the above example two Ethernet interfaces are detected eth0 which in my case is a regular Ethernet interface and eth1 which since I only have a single wired interface on my system is most likely the wireless card To be absolutely sure about the wireless capabilities you ll need to install wireless tools or iw Using Wireless Extensions Support wireless tools The old yet still working wireless extensions support tool set is slowly being deprecated in favour of the new tool set However you might be required to use the old set as the switch requires the wireless card drivers to be rewritten as well Especially with proprietary drivers this might take a while so support for wireless tools is not going to go away soon The information in this section will help you configure a wireless card network using command line tools For a more user friendly approach please read User friendly Network Configuration Tools Verifying Wireless Capabilities To verify if a particular Ethernet interface really has wireless capabilities first install wireless tools and then run iwconfig emerge wireless tools iwconfig lo no wireless extensions eth0 no wireless extensions eth1 IEEE 802 11bgn ESSID 1de verdiep Nickname Mode Managed Frequency 2 462 GHz Access Point 02 26 5A 4B E4 6A Bit Rate 54 Mb s Tx Power 24 dBm Retry min limit 7 RTS thr off Fragment thr off Encryption key off Power Managementmode All packets received Link Quality 5 5 Signal level 48 dBm Noise level 94 dBm Rx invalid nwid 0 Rx invalid crypt 0 Rx invalid frag 0 Tx excessive retries 32 Invalid misc 0 Missed beacon 0 As I already suspected eth1 is indeed the wireless interface Accessing a Wireless Network To access an existing wireless network you need a few settings Some of them can be obtained quickly others might require information from your network administrator Let s first start with the wireless network name called the ESSID With iwlist you can obtain a list of detected wireless networks and their accompanying ESSIDs iwlist eth1 scan eth1 Scan completed Cell 01 Address 00 11 0A 2A 73 03 ESSID aaa Protocol IEEE 802 11bg Mode Master Frequency 2 417 GHz Channel 2 Encryption key off Bit Rates 1 Mb s 2 Mb s 5 5 Mb s 9 Mb s 11 Mb s 6 Mb s 12 Mb s 18 Mb s 24 Mb s 36 Mb s 48 Mb s 54 Mb s Quality 82 100 Signal level 48 dBm Extra Last beacon 37ms ago Cell 02 Address 00 C0 49 B0 37 43 ESSID USR8022 Protocol IEEE 802 11b Mode Master Frequency 2 462 GHz Channel 11 Encryption key on Bit Rates 1 Mb s 2 Mb s 5 5 Mb s 11 Mb s 22 Mb s Quality 41 100 Signal level 76 dBm Extra Last beacon 7665ms ago In this case two wireless networks are found The first one has ESSID aaa and does not require any encryption so you don t need to know any password or passphraze to access this network notice the Encryption key off setting The second one has ESSID USR8022 and requires an encryption key However the second network s signal is also less powerful lower quality and signal level To configure your card to use a particular ESSID you can use the iwconfig command iwconfig eth1 essid aaa Suppose that you need to enter an encryption key as well you can add the key either in its hexadecimal form or through the ASCII representation iwconfig eth1 essid USR8022 key FF83 D9B3 58C4 200F ADEA DBEE F3 iwconfig eth1 essid USR8022 key s MyPassPhraze Once you have attached your wireless interface to a particular network you can configure it as if it was a fixed Ethernet interface Now Gentoo Linux allows you to configure your wireless network card through etc conf d net as well In the next example the wireless configuration is set so that the two networks aaa and USR8022 are supported where aaa is the preferred network modules iwconfig key aaa key off key USR8022 s MyPassPhraze enc open preferred aps aaa USR8022 Once your wireless interface is connected to a wireless network you can use the IP configuration commands as shown earlier for wired networks Again you ll need to add the net eth1 service to the default runlevel and then fire up the net eth1 service rc update add net eth1 default etc init d net eth1 start Using the New Wireless Extensions Support iw The new wireless extensions support requires kernel drivers that use the new nl80211 netlink interface Almost all free software wireless drivers have been ported towards this interface so if your wireless card is by default supported by the Linux kernel you will most likely want to use the iw tool set Verifying Wireless Capabilities To verify if a particular Ethernet interface really has wireless capabilities first install iw and then run iw list emerge iw iw list lWiphy phy0 Band 1 Frequencies 2412 MHz 1 20 0 dBm 2417 MHz 2 20 0 dBm 2484 MHz 14 20 0 dBm passive scanning no IBSS Bitrates non HT 1 0 Mbps 2 0 Mbps short preamble supported 54 0 Mbps max scan SSIDs 1 Supported interface modes IBSS managed Unlike wireless tools iw lists the device as being phy0 so no immediate relation with eth0 eth1 The relation can be found using iw dev iw dev phy 0 Interface eth1 ifindex 4 type managed Accessing a Wireless Network To access an existing wireless network you need a few settings Some of them can be obtained quickly others might require information from your network administrator Let s first start with the wireless network name called the ESSID With iw scan you can obtain a list of detected wireless networks and their accompanying ESSIDs iw dev eth1 scan BSS 02 87 11 26 39 f9 on eth1 TSF 130175283584 usec 1d 12 09 35 freq 2432 beacon interval 100 capability ESS Privacy ShortSlotTime 0x0411 signal 61 00 dBm last seen 930 ms ago SSID TM2300 Supported rates 1 0 2 0 5 5 11 0 6 0 9 0 12 0 18 0 DS Parameter set channel 5 ERP Barker Preamble Mode Extended supported rates 24 0 36 0 48 0 54 0 RSN Version 1 Group cipher CCMP Pairwise ciphers CCMP Authentication suites PSK Capabilities 0x0000 BSS 00 1a 70 eb ae f4 on eth1 TSF 606247219588 usec 7d 00 24 07 freq 2437 beacon interval 100 capability ESS ShortSlotTime 0x0401 signal 72 00 dBm last seen 870 ms ago SSID linksys Supported rates 1 0 2 0 5 5 11 0 18 0 24 0 36 0 54 0 DS Parameter set channel 6 ERP no flags Extended supported rates 6 0 9 0 12 0 48 0 In this case two wireless networks are found The first one has ESSID TM2300 and requires WPA encryption this can be deduced from the RSN information The second network has SSID linksys and does not require encryption To configure your card to use a particular non WPA encrypted ESSID you can use the iw connect command iw eth1 connect linksys Suppose that you need to enter a WEP encryption key as well you can add the key either in its hexadecimal form or through the ASCII representation iw eth1 connect myssid keys d 0 FF83D9B358C4200FE8343033 iw eth1 connect myssid keys 0 MyPrivatePassword To verify that the connection succeeded request the link status using iw link iw dev eth1 link Connected to 68 7f 74 3b b0 01 on eth1 SSID linksys freq 5745 RX 30206 bytes 201 packets TX 4084 bytes 23 packets signal 31 dBm tx bitrate 300 0 MBit s MCS 15 40Mhz short GI Once you have attached your wireless interface to a particular network you can use the IP configuration commands as shown earlier for wired networks Using wpa supplicant for WPA Encrypted Networks The wpa supplicant tool is a software component which controls the wireless connection between your system and an access point A major advantage of wpa supplicant over the previously described wireless tools is its support for WPA WPA2 Before you can use wpa supplicant you first need to install it emerge a wpa supplicant Accessing a Wireless Network You need to configure your wpa supplicant to support the wireless network s you want to access Suppose that your home network is called home and is a secured WPA environment with key myHomeKey and at your work there is a wireless network called CompanyGuests secured WPA environment with key myCompanyKey and a third network at your local computer club called hobby not secured then the following wpa supplicant conf configuration could work ctrl interface var run wpa supplicant ctrl interface group wheel network ssid home psk myHomeKey network ssid CompanyGuests psk myCompanyKey network ssid hobby key mgmt NONE The wpa supplicant tool also supports WPA2 For instance network ssid akkerdjie proto WPA2 psk highly private key If you do not like to see your private key in plain text use wpa passphraze to encrypt your key wpa passphraze akkerdjie highly private key network ssid akkerdjie psk highly private key Plain comment can be removed psk cbcb52ca4577c8c05b05e84bdd2ef72f313d3c83da18c9da388570ae3a2a0921 You can copy paste the resulting information in wpa supplicant conf and remove the commented plain text key information If your wireless card is found by Linux and its powered on then running the following command will activate the wpa supplicant on top of it assume the wireless interface is called wlan0 wpa supplicant Dwext iwlan0 c etc wpa supplicant conf One interesting option is the D option with this you select the wireless driver to use With Dwext we use the Linux wireless extensions which is quite generic In certain cases you might need to use a different driver the Internet has many resources on how to configure your specific wireless network card with Linux if the Linux wireless extensions don t work Of course once the configuration file is finished you can use Gentoo s networking scripts as well First edit etc conf d net to use wpa supplicant modules wpa supplicant wpa supplicant wlan0 Dwext To have the wireless support active when you boot up your system enable the net wlan0 init script If etc init d net wlan0 doesn t exist yet first create it cd etc init d ln s net lo net wlan0 Next add the net wlan0 init script to the default runlevel rc update add net wlan0 default User friendly Network Configuration Tools The above information should allow you to work with any possible Linux installation However the commands might look a bit tricky and especially with the wireless configuration might even require you to hop between various commands or windows before you get the connection working Luckily there are other tools around which rely on the same tools as mentioned before but offer the user a saner interface from which they can configure their network Note that these do require that the network card is already detected by Linux so the kernel configuration part should have succeeded Wicd My personal favourite is Wicd installable through net misc wicd The tool exists out of two parts a daemon and an end user configuration interface emerge wicd Once installed add the wicd service to the boot or default runlevel rc update add wicd default Next make sure Gentoo doesn t start its own network configuration by editing etc rc conf setting the following rc hotplug net Now start the wicd service and shut down the services you are currently using etc init d net eth1 stop etc init d wicd start If you run inside a graphical environment that supports applets most desktop environments do run wicd client from a Run Program prompt or so From within a command line interface you can use wicd curses This client will connect with the service and allow you to configure your networks both wired and wireless more easily I refer you to the Wicd homepage for more information documentation on the tool Firewall Configuration When your system is going to use the Internet often using a firewall is encouraged People generally believe that their operating system is secure out of the box if they don t click on weird links inside e mails or Internet sites Sadly this isn t true Also Linux should never be seen as a secure operating system security of a system is completely defined by the competence of the system administrator A firewall will not fully protect your system from malicious users on the Inter net but it will filter many of course depending on the strength of the firewall There are many firewalls available for Linux on Gentoo Linux alone more than a dozen tools exist just check out the content of the net firewall category Most firewall tools use iptables as underlying tool The iptables tool is an administration tool for

    Original URL path: http://swift.siphos.be/linux_sea/networkmanagement.html (2016-05-01)
    Open archived version from archive

  • Chapter 12. Service Management
    actually rc update can also do this using rc update show rc config list List of Default Services When a pristine Gentoo install has finished you will already have quite a few services available The following sections give a quick overview of those services and what they stand for alsasound The alsasound service is responsible for loading the appropriate sound kernel modules if they are known as modules and saving restoring the sound configuration at boot up shut down When the service is started you might see kernel modules being loaded in memory However no other processes are started as part of this service bootmisc The bootmisc service is responsible for various boot level activities such as loading the kernel parameters from etc sysctl conf cleaning up directories to ensure they don t contain rogue information that might hinder the bootup create if they don t exist system files with the correct permissions Once the service has finished starting no additional processes will be running checkfs The checkfs service is responsible for verifying the integrity of your systems file systems By default it will verify the integrity of the file systems whose last digit in etc fstab isn t zero You can force a root file system check by adding the forcefsck boot parameter or force a full file system check for all partitions listed in the fstab file by creating an empty forcefsck file This file will be automatically removed once the check has been finished touch forcefsck On the other hand if you want to ignore the file system checks create the fastboot file It too will be automatically removed this time when the system has booted Once the service has finished starting no additional processes will be running checkroot The checkroot service is responsible for checking the consistency of the root file system This service uses the same boot parameters forcefsck or fastboot as the checkfs service The service is also responsible for remounting the root file system read write by default it gets mounted read only by the Linux kernel Once the service has finished starting no additional processes will be running clock The clock service is responsible for setting the system time based on the BIOS clock and the settings defined in etc conf d clock It will also synchronise the system clock with your hardware clock during shut down Once the service has finished starting no additional processes will be running consolefont The consolefont service is responsible for setting the console font Once the service has finished starting no additional processes will be running host name The host name service is responsible for setting your systems host name based on the input of etc conf d hostname Once the service has finished starting no additional processes will be running keymaps The keymaps service is responsible for setting your keyboard mapping qwerty azerty dvorak based on the etc conf d keymaps file Once the service has finished starting no additional processes will be running local

    Original URL path: http://swift.siphos.be/linux_sea/servicemanagement.html (2016-05-01)
    Open archived version from archive

  • Chapter 13. Storage Management
    sda1 1 14 105808 83 Linux dev sda2 15 49 264600 82 Linux swap dev sda3 50 70 158760 83 Linux dev sda4 71 2184 15981840 5 Extended dev sda5 71 209 1050808 83 Linux dev sda6 210 348 1050808 83 Linux dev sda7 349 626 2101648 83 Linux dev sda8 627 904 2101648 83 Linux dev sda9 905 2184 9676768 83 Linux Command m for help d Partition number 1 9 3 Repeat this step for every partition you want to delete When you re finished type the w command to write the changes to disk and exit fdisk of course you probably want to wait until you ve created the new partitions as well Command m for help w Adding Partitions Now to add new partitions I will work from the given partition layout example given previously Also I assume that the disk has no partitions So first let s create dev sda1 Command m for help n Command action e extended p primary partition 1 4 p Partition number 1 4 1 First cylinder 1 12621 default 1 Press return to use the default 1 Using default value 1 Last cylinder or size or sizeM or sizeK 1 621 default 621 100M In the above command sequence I asked fdisk to create a new partition which will be a primary one remember if I would select extended then I would be creating a container partition which can then host logical partitions fdisk then asks for the first cylinder and proposes as default the first cylinder which means as much as start at the beginning of the disk Then fdisk asks where the partition should end As I m not going to calculate which cylinder is around the 100Mbyte limit I just tell fdisk to create a partition of 100Mbyte size Next I create dev sda2 3 and 4 in one go Command m for help n Command action e extended p primary partition 1 4 p Partition number 1 4 2 First cylinder 97 12621 default 97 Return again Using default value 97 Last cylinder or size or sizeM or sizeK 97 12621 default 12621 12288M Command m for help n Command action e extended p primary partition 1 4 p Partition number 1 4 3 First cylinder 4041 12621 default 4041 Return again Using default value 4041 Last cylinder or size or sizeM or sizeK 4041 12621 default 12621 27648M Command m for help n Command action e extended p primary partition 1 4 p Partition number 1 4 4 First cylinder 12021 12621 default 12021 Return again Using default value 12021 Last cylinder or size or sizeM or sizeK 12021 12621 default 12621 Return In the last sequence we let the final partition be as large as the remaining amount of disk space left so we accept the default last cylinder proposal Right now the partition scheme is set but the partitions aren t ready yet I now need to mark each partition with a particular partition type A partition type is a small label assigned to a partition that allows an operating system to know if it can read the partition i e understand its content or not For instance the partition type Linux label 83 allows Linux operating systems to identify the partition as a partition it understands Windows on the other hand will not show this partition as it does not support Linux partitions Likewise a FAT32 Windows partition has label 0B labels are hexadecimal In our example we need to use two partition types one to identify a Linux partition 83 and one to identify the Linux swap partition 82 To mark partitions as such use fdisk s t command Command m for help t Partition number 1 4 1 Hex code type L to list codes 83 Changed system type of partition 1 to 83 Linux Command m for help t Partition number 1 4 2 Hex code type L to list codes 83 Changed system type of partition 2 to 83 Linux Command m for help t Partition number 1 4 3 Hex code type L to list codes 83 Changed system type of partition 3 to 83 Linux Command m for help t Partition number 1 4 4 Hex code type L to list codes 82 Changed system type of partition 4 to 82 Linux swap Now that our partitions are created and marked write the changes to disk and exit fdisk with the w command Placing a File System on a Partition With a partition alone you cannot do much the partition is available as an empty space but has no file system on it File systems are mandatory to use as they structure the partition and allow the operating system to manage files directories and more on the partition We covered this already in the section called File Systems To place a file system on a partition you need to use the mkfs type command For instance to create an ext2 or ext3 partition use mkfs ext2 or mkfs ext3 With the example partition scheme I would use ext2 for the boot partition dev sda1 and ext3 for the two other Linux partitions mkfs ext2 dev sda1 mkfs ext3 dev sda2 mkfs ext3 dev sda3 A good idea is to label each partition A volume label is a simple string of limited length 16 bytes so 16 characters as I don t suspect unicode is supported here which can allow you to find the partition more easily Say that you label your partitions based on their use mkfs ext2 L boot dev sda1 mkfs ext3 L root dev sda2 mkfs ext3 L home home sda3 With labels set you can use label based device file names instead of the sometimes difficult to remember standard ones dev disk by label root instead of dev sda2 Finally I need to mark the swap partition as a swap partition using the mkswap command This command also supports the L label option if you want to use it mkswap dev sda4 Using the Partitions With the selected partitions created you can now start using them Enabling a Swap Partition To enable a swap partition use the swapon command This will inform the Linux kernel that the selected partition can be used as a swap partition swapon dev sda4 Because you do not want to enter this command every time you boot your system add the following line to etc fstab This will automatically enable the selected partition as a swap partition dev sda4 none swap sw 0 0 Enabling a File System To enable a file system on a partition you need to mount it on your file system This has already been covered in the section called The mount Command and the fstab file Fixing Corrupt File Systems If a file system is corrupt you will notice this when you want to mount the file system or when the system tries to automatically mount the file system for you dev sda4 The superblock could not be read or does not describe a correct ext2 filesystem If the device is valid and it really contains an ext2 filesystem and not swap or ufs or something else the superblock is corrupt and you might try running e2fsck with an alternate superblock e2fsck b 8193 device Filesystem couldn t be fixed Now before you run into the night screaming for help sit down and try executing the command that the output gave The proposed command will vary depending on file system used e2fsck b 8193 dev sda4 If the e2fsck check reports that there is corruption found it might ask you to confirm every correction it wants to do As a file system check can easily report hundreds to thousands of corruptions not that that means that there are thousands of files corrupt it might be easier to tell e2fsck to just acknowledge them all for you e2fsck y dev sda4 Using File System Labels or IDs Most if not all file systems allow you to give them an appropriate label Such labels can then later be used to identify a file system without having to mount it and look at it Linux even supports the use of these labels for the various mount and file system operations The use of labels or UUIDs as we will see later also allows one to use configurations such as in the fstab file which do not need to be modified when your system gets changed for instance new partitions created new disks added reshuffling of disks and more Labels versus UUIDs There are two identifiers commonly used when dealing with file systems LABEL and UUID a LABEL is a user provided name for a file system An example could be ROOT HOME or DATA a UUID Universally Unique Identifier is a system generated identifier for a file system Examples are bae98338 ec29 4beb aacf 107e44599b2e and 31f8eb0d 612b 4805 835e 0e6d8b8c5591 As you can imagine a given label is much more user friendly than a UUID So how do you set a label for a file system Well this heavily depends on the file system you use For ext2 ext3 or ext4 file systems you can use the e2label command e2label dev sda2 ROOT For an XFS file system the command would be given with xfs admin xfs admin L ROOT dev sda2 You can even set labels for swap file systems mkswap L labelname device FAT file systems mlabel i device labelname and JFS file systems jfs tune L labelname device The easiest method to read the label and UUID of a file system is to use the blkid command blkid dev sda3 dev sda3 UUID 2bc32022 27a8 47d5 8d33 83c86e23618c LABEL ROOT TYPE ext4 Using Labels UUIDs in fstab If you have set a label for your file system s or use UUIDs you can use this information in the etc fstab file Just substitute the value in the first column where the device is located with the correct LABEL or UUID setting dev sda2 ext4 defaults noatime 0 0 could then become one of the following LABEL ROOT ext4 defaults noatime 0 0 or UUID bc32022 27a8 47d5 8d33 83c86e23618c ext4 defaults noatime 0 0 Not Using Labels UUIDs as Kernel Options Some people hope to use the same information as kernel option for instance to change the root dev sda2 kernel parameter to root LABEL ROOT This is possible but only if you use an initramfs so use this for the real root parameter The Linux kernel itself does not support calling devices through their UUID or LABEL information Removable Media Removable media differs from partitions in the fact that they are removable Some removable media cannot be written to others can If you can write to it you most likely can partition and put a file system on it just as if it was a hard disk The most important difference is that they are not always available for the system you can plug put them in or pull them out so you should mount and unmount the file system Luckily there are tools that automatically mount umount such devices Mounting Removable Media As seen before media mount points can be defined in etc fstab to ease the mount process Two examples one for a CD ROM device and one for a USB storage device could be dev cdrom media cdrom auto defaults user noauto 0 0 dev sdb1 media usb auto defaults user noauto 0 0 As you can see the mounts are defined with auto as file system type meaning that the mount process attempts to automatically find the file system to use and has user users have the ability to mount this location and noauto do not attempt to mount this when the system boots as options But in order to successfully edit the fstab file you need to know what device will be used and you also need to make sure that the destination directories exist Device Files and udev The udev device manager creates device files for your partitions including removable media when it is attached to the system One of the advantages of using udev is that it also creates various symlinks that identify the same device For instance a plugged in USB stick can get the following device files created dev sdb1 The following links can then be created to this device file dev block 8 17 dev disk by id usb USB DISK 2 0 0789E600025 0 0 part1 dev disk by path pci 0000 00 1d 7 usb 0 1 1 0 scsi 0 0 0 0 part1 dev disk by uuid 3466 4C39 dev disk by label UDISK 2 0 The advantage of having these links is that when you plug another USB stick first and then this one it s device file might be different say dev sdc1 but the by id by uuid and by label links will remain the same Obtaining the device file When you plug in a removable media like a USB stick the kernel will log that it has detected the hardware One way to find out which device file is used is to filter the dmesg output for text such as removable media dmesg grep removable sd 4 0 0 0 sdb Attached SCSI removable disk In this example the hardware device file is for dev sdb The partitions can then be obtained by listing all files in dev starting with sdb ls dev sdb dev sdb dev sdb1 Now if you want to find out which files point to or are hardlinks to a particular device file say dev sdb1 you can use the following find construct find L dev samefile dev sdb1 dev sdb1 dev disk by label UDISK 2 0 dev disk by uuid 3466 4C39 dev disk by id usb USB DISK 2 0 07891E600025 0 0 part1 dev disk by path pci 0000 00 1d 7 usb 0 1 1 0 scsi 0 0 0 0 part1 dev block 8 17 Network File Systems Although Unix has grown with NFS as the primary network file system others are available which offer different features you might require NFS NFS or Network File Server is one of the most popular network file systems used in the Linux Unix world With NFS you can export files and directories to other systems on the network while still using the Unix way of assigning permissions and ownership to files NFS Server If you want to export files to your network yourself you need to install the necessary NFS server tools which is included in the nfs utils package emerge nfs utils Once installed you need to select what directories you want to export through the etc exports file The syntax for the exports file is similar to the SunOS exports file 3 and allows you to select a particular directory as an exportable resource together with specific mount options for the clients I will give a multi line example that will get you going usr portage 192 168 1 0 24 ro home 192 168 1 0 24 rw no subtree check media usb rw no root squash mediacenter ws5 ws6 ws7 root squash The first line gives read only access to usr portage to all systems in the 192 168 1 0 24 network The second line gives read write access to home to all systems in the same network I also added the no subtree check see the exports man page for more information as it improves reliability for file systems where file changes occur frequently such as home directories The third line gives read write access to the media usb location to the hosts with hostname mediacenter ws5 ws6 and ws7 Also all these hosts except for ws7 have root access to the files as well as a security measure by default the root user of the remote clients do not have root access to the file systems exported by NFS As you can see from the syntax you can either give options specific for a host between brackets or give general options to all hosts for the selected directory To start the NFS service you only need to start the nfs runlevel etc init d nfs start All other required services such as rpc statd and portmap are automatically started by the initialisation script NFS Client At the client side you add in one or more lines in the etc fstab file to mount a remote NFS file system Suppose that the NFS server is at 192 168 1 100 you can use the following lines in etc fstab to mount the file systems defined in the previous section 192 168 1 100 usr portage usr portage nfs ro proto tcp 0 0 192 168 1 100 home home remoteusers nfs rw proto tcp 0 0 192 168 1 100 media usb media usb nfs ro proto tcp 0 0 You can of course also run an NFS mount without fstab For more information about the NFS mount options please read the nfs manual page Samba Samba offered by the net fs samba package is a tool set that offers interoperability with Microsoft Windows networks Not only can you access files shared on a Microsoft Windows network or share files yourself on such a network you can also use or manage printers that are exported to the Microsoft Windows network In the majority of cases if you need to do something with a Microsoft Windows network you ll need to configure Samba on your system Although the configuration options for Samba can be overwhelming there is an integrated web administration tool for Samba called SWAT which is included when you install the net fs samba package with the swat USE flag which is enabled by default Managing Disk Space To identify the current file system usage you can

    Original URL path: http://swift.siphos.be/linux_sea/storagemanagement.html (2016-05-01)
    Open archived version from archive

  • Chapter 14. System Management
    them out Note The etc profile script does not read out all values inside etc env d itself for at least two reasons The structure used in etc env d uses a specific appending logic i e variables that are defined several times do not overwrite each other instead their values are appended which could be too hard to implement in etc profile without too much overhead After all etc profile is read by every newly launched session so if it took too much time your system would start up much slower The system administrator might want to make a set of changes which should be made atomic for instance remove a value from one variable and add it to another If changes are publicized immediately a session could read in etc profile which loads an at that time incorrect environment variable set especially when a process is launched after the administrators first change but before the second Managing Environment Entries On Linux the behaviour of many commands is manipulated by values of environment entries or environment variables Within Gentoo Linux you can manage the system wide environment variables through the etc env d directory Environment Files Inside etc env d you will find environment files which use a simple key value syntax For instance the etc env d 20java file defines amongst other environment variables the PATH and MANPATH variables cat etc env d 20java MANPATH opt blackdown jdk 1 4 2 03 man PATH opt blackdown jdk 1 4 2 03 bin opt blackdown jdk 1 4 2 03 jre bin With these settings the value of MANPATH location where man will search for its manual pages and PATH location where the system will look for executable binaries every time you enter a command is extended with the given values note that the variables are not rewritten their value is appended to the value previously assigned to the variable The order in which variable values are appended is based on the file name inside etc env d This is why most files start with a number as most people find it easier to deal with order based on numbers plus that the filenames themselves are still explanatory to what purpose they serve Changing Environment Variables If you want to change a system variable globally you can either add another file to etc env d or manipulate an existing one In the latter case you should be aware that application upgrades automatically update their entries inside etc env d without warning this location is not protected unlike many other configuration locations As such it is advisable to always add your own files rather than manipulate existing ones When you have altered an environment file or added a new one you need to call env update to have Gentoo process the changes for you env update This command will read in all environment files and write the final result in etc profile env which is sourced by etc profile which

    Original URL path: http://swift.siphos.be/linux_sea/systemmanagement.html (2016-05-01)
    Open archived version from archive

  • Chapter 15. Installing Gentoo Linux
    en mirrors2 xml A stage3 file is an archive of a prebuilt Gentoo environment which we will extract to the installation location mnt gentoo An install file is an ISO file CD image which contains a minimal Gentoo environment from which you can boot and install Gentoo from Download the stage3 file and store it in mnt gentoo If you have the full URL at hand you can also use wget cd mnt gentoo wget http gentoo osuosl org releases x86 autobuilds 20091201 stage3 i686 20091201 tar bz2 On many forums you will find the notion of funtoo stages Funtoo is to say it in the author s own words who happens to be Daniel Robbins the founder of Gentoo Linux a Gentoo Linux variant which offers freshly built Gentoo Linux stable stages using Gentoo s official stable branch You can use a funtoo stage instead of a Gentoo official stage if you want After all they both contain roughly the same material However some caution is still in place the Funtoo stages continuously evolve and diverge into their own set so I recommend to take a quick stab at the Funtoo installation instructions nevertheless At the time of writing the instructions are quite resembling Finally quit your browser and extract the downloaded files on your installation location tar xvjpf stage3 tar bz2 Next edit the mnt gentoo etc portage make conf file As discussed previously this file contains variables that define Portage behaviour Right now I m focussing on the variables CFLAGS CXXFLAGS and MAKEOPTS CFLAGS C and CXXFLAGS C inform gcc GNU s Compiler Collection what optimizations it should use see Compiler Directives MAKEOPTS defines how many parallel compilations should occur when you install a package especially useful for multicore SMP systems A good choice is the number of core s in your system plus one for instance a dual core CPU would lead to MAKEOPTS j3 You can edit the make conf file using nano vim or any other text editor Configuring the System Our next step is to configure the installation environment Preparing the Installation Environment First prepare the environment for chrooting Chrooting is the process of altering your sessions file system root to another location In our case mnt gentoo should become for your running session In order to chroot successfully we need to ensure that networking will still function properly and that both kernel data and device drivers are available inside the chroot cp L etc resolv conf mnt gentoo etc resolv conf mount t proc none mnt gentoo proc mount o bind dev mnt gentoo dev Chrooting Now chroot into the Gentoo installation environment update your environment variables and for safety reasons change your prompt so that you know you re inside your Gentoo installation environment chroot mnt gentoo bin bash env update source etc profile export PS1 chroot PS1 Right now this session where the prompt starts with chroot is inside your Gentoo installation environment Configuring Portage Now update the Portage tree

    Original URL path: http://swift.siphos.be/linux_sea/installgentoo.html (2016-05-01)
    Open archived version from archive

  • Chapter 16. Introducing the Graphical Environment
    things on your screen These services are defined in the X11 protocol an industry open standard Because the interface is open many X servers exist one more powerful than the other Popular X servers are Xorg and XFree86 However on Gentoo Linux Xorg is the only available X server due to legal restrictions as well as support base Installing Xorg To install Xorg on Gentoo Linux I suggest to read the X Server Configuration HOWTO from Gentoo s documentation repository It describes how to install Xorg configure it to work with your hardware and more This chapter only gives a quick introduction to this You should understand that the Xorg configuration defines amongst other things the resolution and refresh rates of your screen s the language used by your input keyboard the drivers used to render stuff i810 vesa but also closed proprietary drivers like nVidia and ATIs Once configured to your likings do not forget to take a backup of your configuration hint some people place their X configuration online for others to see there is nothing personal inside anyway Installing Xorg Before installing Xorg first make sure that the VIDEO CARDS and INPUT DEVICES variables are set in etc portage make conf INPUT DEVICES evdev keyboard mouse VIDEO CARDS vesa intel In the above example I selected the vesa video driver a default driver that is supported by most video cards but with little functionality and intel video driver as I have an Intel graphic card Next install x11 base xorg server emerge x11 base xorg server Once finished it is time to check out the graphical server environment Testing Xorg Try out Xorg without using any configuration file The Xorg server will try to automatically detect the necessary settings and to be honest does a fine job at that Don t test out things as root though startx If you haven t configured a graphical environment yet you ll be greeted with a console and an ugly background However that alone should suffice to verify if your mouse and keyboard are working as well as do a preliminary verification of the resolution of your screen If the graphical server doesn t seem to function properly make sure to read up on Gentoo s Xorg Server Configuration HOWTO Window Managers Window managers interact with the X server using the X11 interface and manage how your graphical environment looks like but also how it behaves for instance there are window managers that do not support dragging windows Certain window managers are accompanied by various other tools that integrate nicely with the window manager These tools offer services like a panel from which you can launch commands or programs immediately application menus file manager etc The aggregation of these tools is often called a desktop environment because it offers a complete desktop to the user Installing a Window Manager Gentoo supports many window managers To install one simply emerge it For fluxbox a popular lightweight window manager Gentoo even has

    Original URL path: http://swift.siphos.be/linux_sea/graphicenvironment.html (2016-05-01)
    Open archived version from archive

  • Chapter 17. Log File Management
    be interrupted or run in a degraded mode ALERT Immediate action needs to be taken EMERG The system is unusable no this has nothing to do with emerge Gentoo Portage installation tool Based on these two fields log messages are then filtered by the system logger into one or more log files System Logger Configuration How a system logger is configured depends on the system logger you use In this book I ll focus on the syslog ng logger The configuration file for syslog ng is etc syslog ng syslog ng conf An example configuration is displayed below version 3 0 options stats freq 43200 source src unix stream dev log max connections 256 internal file proc kmsg destination messages file var log messages destination cron file var log cron log destination auth file var log auth log filter f messages not facility cron auth authpriv filter f cron facility cron filter f auth facility auth authpriv filter f warnplus level warn err crit emerg log source src filter f cron filter f warnplus destination cron log source src filter f auth destination auth log source src filter f messages destination messages It might be easy to read the configuration file from the bottom up The log entries define where messages come from source which filters the system logger applies filter and where the resulting messages are stored in destination The filter entries define what the filters actually do For instance the filter f warnplus only accepts events with an importance level of warn or higher The destination entries define where the events are stored in the log files The source entry defines where the system logger gets its messages from which in this case is the dev log socket the kernel message interface kmsg and its own internal logging This fairly simple example immediately shows how flexible the logs can work There are many more interesting filters you can apply such as match to match regular expressions within the logged event and program to match log events of a particular tool Non Syslog Log Files Many tools log through the system logger but it is not a huge majority Lots and lots of tools server software and others have their own logging system This makes it a bit more difficult to fully manage the log files properly However if you know where the log files are then that s a start Xorg Logging The Xorg server stores it log file at var log Xorg 0 log The trailing 0 denotes that this is of the current last start The log file of the start before that is called Xorg 1 log and so on Xorg uses the following notations to identify the various criticality levels Markers probed from config file default setting from command line notice II informational WW warning EE error NI not implemented unknown The Xorg server will automatically rotate the log files by default 3 times after which it will erase the oldest log file Gentoo

    Original URL path: http://swift.siphos.be/linux_sea/logfilemanagement.html (2016-05-01)
    Open archived version from archive