cs 468: advanced unix class 3
DESCRIPTION
CS 468: Advanced UNIX Class 3. Dr. Jesús Borrego Regis University. Topics. Update from last class Unix File System Systems Programming/File Management Homework 2 solutions Homework 3 Assignment Q&A. Update from last class. AVG for Linux Linux scan tools Linux LDAP tools - PowerPoint PPT PresentationTRANSCRIPT
![Page 2: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/2.jpg)
Topics
•Update from last class•Unix File System•Systems Programming/File Management•Homework 2 solutions•Homework 3 Assignment•Q&A
2
![Page 3: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/3.jpg)
Update from last class
•AVG for Linux•Linux scan tools•Linux LDAP tools
▫Many for Linux, Windows, Mac▫Some provide Active Directory integration
on Linux and Mac•Winaudit
▫Demo
3
![Page 4: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/4.jpg)
AVG for Linux
4
http://www.ihaveapc.com/wp-content/uploads/2011/07/AVG-for-Linux-001.png
![Page 5: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/5.jpg)
Linux scan tools
•Portable Linux Auditing CD (PLAC): http://plac.sourceforge.net/
•Linux Security Auditing Tool (LSAT): http://usat.sourceforge.net/
•Tiger Security Auditing and Intrusion Detection Tool: http://www.nongnu.org/tiger/
•OpenAudIT: http://www.open-audit.org/
5
![Page 6: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/6.jpg)
Linux LDAP Explorer Tools
6
http://ldaptool.sourceforge.net/
![Page 7: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/7.jpg)
JXplorer
7
http://jxplorer.org/
![Page 8: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/8.jpg)
WinAudit
8
G:\CS 468\Mercury.html
![Page 9: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/9.jpg)
UNIX System Calls
•File Management▫Files: open, close, write, read, Directory (getdents)▫Special
Sockets: internet sockets, accept, bind, connect, listen mknod, ioctl, pipe
•Process Management▫Signals, nice, chdir, wait, exec, fork, exit, etc.
•Error Handling▫perror
•See figures 13.1-13.3 in UPU
9
![Page 10: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/10.jpg)
Error Handling
•Global variable errno stores cause of error (code)
• Initial value is set to 0 when the process is called
• If successful, variable is not changed• If unsuccessful, errno is overwritten with
value•Subroutine perror translates into
meaningful message•Must include <errno.h>
10
![Page 11: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/11.jpg)
Errno.h
•EPERM = 1 not owner•ENOENT = 2 No such file or directory•ESRCH =3 no such process•EINTR = 4 interrupted system
call•EIO = 5 I/O error
•Example of usage on pages 434-435 in UPU
11
![Page 12: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/12.jpg)
File Manipulation
•Can access regular files, directories and special files:▫Disk-based files▫DVD, CD-ROM▫USB▫Terminals▫Printers▫IPC facilities (sockets, pipes)
12
![Page 13: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/13.jpg)
File management
•Open is used to open or create a file• If file is opened ok, open () returns a file
descriptor•The file descriptor is a pointer to the file
stream•Should close the file when no longer needed•System file descriptors (predefined):
▫0 – standard input▫1 – standard output▫2 - standard error
13
![Page 14: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/14.jpg)
File operations
•Open – opens old or creates new file•Read – transfers bytes from file into buffer•Write - transfer bytes from buffer to file•Lseek – positions pointer to an offset in a
file•Close – closed old file•Unlink – removes a file from the file
system
14
![Page 15: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/15.jpg)
Open parameters•File name: Absolute or relative path name•Mode: Bitwise OR of read/write flag
O_RDONLY – read only O_WRONLY – write only (not used for input) O-RDWR – read and write O_APPEND – add after file pointer O_CREAT – create if it does not exist O_EXCL – fail if file exists O_NONBLOCK – used for pipes O_TRUNC – truncate to zero bytes if exists
•Permissions – umask (Ch. 4, p. 178-9)
15
![Page 16: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/16.jpg)
File Operations examples
•Create – p. 446•Read – pp. 446-447•Write – pp.447-448•Lseek – pp. 448-450•Close – p. 450•Unlink – p. 450
16
![Page 17: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/17.jpg)
Monitor program
•Program code provided in the book•If we want to keep track of changes to a
file, we can invoke the monitor program•Will display information about files
modified since the last scan•Example: pp. 451-452•Displays additions, modifications,
deletions in a directory•Status of files is stored in a stats table
17
![Page 18: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/18.jpg)
Other file functions
•getdents – gets information about a directory
•chown and fchown – changes file owner •chmod, fchmod – changes file permissions•dup, dup2 – duplicates a file descriptor• fcntl – grants access to file characteristics• truncate, ftruncate – shortens a file• ioctl – controls a device• link – creates a hard link•mknod – makes a special file
18
![Page 19: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/19.jpg)
UNIX special files
•Provides interfaces to files to make them look like regular files▫Directory files▫Device files▫Sockets▫Pipes▫Printers▫Zip files
19
![Page 20: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/20.jpg)
Streams
•I/O facilities that expand the file system•Can be used to add device drivers to
kernel •Can provide interfaces to the network
drivers•We can create streams to view web page
code, for example
20
![Page 21: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/21.jpg)
21
![Page 22: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/22.jpg)
Input/Output Objects
•Regular file•Directory File•Special File
▫Pipe Named Pipe and Unnamed pipe
▫Socket▫Peripheral
Buffered: tape, disk Unbuffered: tape, terminal
22
![Page 23: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/23.jpg)
I/O Buffering
•Buffer pool – collection of buffers used to cache
•When a read is required, the data is moved to a buffer and then to the process’ address space
•Subsequent reads obtain data from buffer•Writes to items in buffer pool made without
I/O•When process ends, system uses delayed
writes23
![Page 24: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/24.jpg)
Directory file I/O•Directories are different than regular files•Can only be created using mknod or mkdir
▫mknod creates d irectory, named pipe, or special file
•Can only be read using getdents•Can be modified with use of link
▫link adds a hard link into a directory▫Hard links are names that refer to the same file
Retain same contents in both files▫Can make it difficult to track files
Prefer to use symbolic (soft) links – like a shortcut Do no retain data
24
![Page 25: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/25.jpg)
Disk Architecture
•Platter – the plate•Tracks – concentric circles•Sectors – pie slices•Block – sector and track intersection•Read write head positioning•Cylinders•Disk transfer time•Interleave – p. 575
25
![Page 26: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/26.jpg)
inodes
•For regular file or directories▫Location of disk blocks
•For special files▫Information to locate the peripheral
•Contains permission flags, owner, group, modification time.
•Has fixed size and can contain pointers to indirect pointers
26
![Page 27: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/27.jpg)
Contents of inode
•Type of file•File permissions•Owner and group ids•Hard link count•Last modification and access time•Location of the blocks•Major and minor device numbers•Symbolic link•Displayed when ls –l is executed
27
![Page 28: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/28.jpg)
Large files
•If the file is small, it can be contained in the inode (< 40K)
•If the file is more than 1- blocks, an indirect block is used (p. 578)
•See file system layout on page 579•Superblock contains information about
the entire file system (p. 580)
28
![Page 29: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/29.jpg)
Superblock contents
•Total number of blocks in the file system•Number of inodes in the inode free list•Size of blocks in bytes•Number of free blocks•Number of used blocks•List of bad blocks
▫ Contained in a single bad file•In inode2 identifies the root directory
blocks
29
![Page 30: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/30.jpg)
To open a file
•Must retrieve the inode from the pathname▫If path is absolute, start from inode 2▫If path is relative, search from pwd
•Components of path are processed from left to right
•Every component (except last) must be a directory of symbolic link
30
![Page 31: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/31.jpg)
Mounting files•When UNIX starts, the directory hierarchy is
taken from the root device•Can mount other file systems to the original
hierarchy•The typical UNIX hierarchy consists of many
devices, each as a subtree of the total hierarchy
•To mount a subdirectory, use mount command▫$ mount /dev/flp /mnt▫Mounts /dev/flp under the /mnt subdirectory
•To detach, unmount
31
![Page 32: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/32.jpg)
Special file I/O
•All peripherals have device drivers•The peripheral device driver supplies the
peripheral’s interface•Two types:
▫Block oriented – I/O made using blocks of data
▫Character oriented – I/O on a character by character basis
•Typically, peripherals provide both types
32
![Page 33: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/33.jpg)
Major/Minor numbers
•Used to locate the device driver associated with the device
•Major number specifies particular device driver
•Minor specifies which of many will be used•Used to index into switch tables to locate
the correct driver•See page 618 (UPU) for sample switch
table
33
![Page 34: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/34.jpg)
Terminal I/O
•Similar to peripherals•Terminal device drivers must support
special different kinds of pre-/post-processing of I/O▫Each kind is called a line discipline:
Raw mode – no processing at all Cbreak mode – Control characters (S- and –Q
for flow control, -C to terminate) Cooked (canonical) mode – full processing
available (backspace, delete, etc., until Return is pressed)
34
![Page 35: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/35.jpg)
Terminal Data Structures
•clists – linked lists of fixed size character arrays. Used to buffer preprocessed input, post processed input, and output associated with the terminal
•tty structures – contain the state of the terminal, pointers to clists, currently selected discipline, list of characters to be processed, and options set by ioctl. Only one tty structure per terminal
35
![Page 36: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/36.jpg)
File System Maintenance
•fsck – check the integrity of the file system
•df – displays used and available disk space
•du – displays kbytes or 512-byte blocks allocated to the filenames (total with –s)
•mkfs – creates a new file system ▫Available to root
36
![Page 37: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/37.jpg)
![Page 38: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/38.jpg)
UNIX file system
Comprised of four components•A named space – the hierarchy•An API – used to manage, navigate and manipulate objects•A security model – protects, hides, shares•An implementation – software to link logical model to the actual hardware implementation
38
![Page 39: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/39.jpg)
File systems
•NFS & CIFS forward requests to another machine
•Default: ext3 and ext4•Sun’s ZFS, Veritas’ VxFS, ReiserFS, IBM’s
JFS•Microsoft’s FAT and NFS•ISO 9660 for CD ROMs
39
![Page 40: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/40.jpg)
Pathnames
•The file system appears as a single unified hierarchy starting at the root: /
•Windows separates into partitions and drives
•Absolute path – starting from the root•Relative path – from current directory•File names can have alpha characters and
numbers, but no slashes▫If spaces are present, enclose in quotation
marks40
![Page 41: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/41.jpg)
Detaching file systems
•Unmount detaches a file system that is not in use
•To avoid errors, use fuser command to see if processes are holding references to the file system
•For example:▫fuser –c /usr▫Prints the PID of every process using the file
system (file or directory), plus letter codes to show the nature of the activity
41
![Page 42: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/42.jpg)
![Page 43: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/43.jpg)
File Tree Organization
•We can use various incompatible naming conventions simultaneously
•UNIX file system is too disorganized•The root file system includes root directory
and few files and subdirectories•The OS kernel is somewhere else,
distribution dependent
43
![Page 44: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/44.jpg)
![Page 45: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/45.jpg)
![Page 46: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/46.jpg)
File Types
•Seven types:1. Regular files2. Directories3. Character device files4. Block device files5. Local domain sockets6. Named pipes (FIFO/FCFS)7. Symbolic links
•Command ls –ld shows the types
46
![Page 47: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/47.jpg)
![Page 48: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/48.jpg)
Character and block device files•Device drives provide standard interface to
emulate a regular file▫When system receives a request, it forwards
it to the appropriate device driver•Character device files allow associated
drivers perform their own I/O buffering•Block device files are used to handle large
amounts of data and want the kernel to buffer for them
48
![Page 49: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/49.jpg)
Local domain sockets
•Sockets are like ports in a computer, and allow communication among processes
•Local domain – accessible from local host•Visible from the file system instead of
network•Created with socket system call and
removed with rm or unlink
49
![Page 50: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/50.jpg)
Named pipes
•Similar to sockets – provide communication between two processes on same host
•Not used frequently, since local domain sockets perform the same functionality
•Created with mknod and removed with rm
50
![Page 51: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/51.jpg)
Symbolic links
•A symbolic link points to a file•Also called soft link•Can be created with ln –s and remove with
rm•Can use either absolute or relative path
51
![Page 52: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/52.jpg)
File Attributes
•All files contain a set of 9 permission bits to control read, write, and execute the file
•Three other bits affect the operation of executable programs (the mode)
•The 12 bits are organized into 3 4-bit groups: owner, group, everyone (world)
•We use octal numbers to represent these bits
52
![Page 53: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/53.jpg)
![Page 54: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/54.jpg)
![Page 55: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/55.jpg)
Default permissions
•Built in command umask sets default permissions for new files
•The umask is specified in three digit octal numbers to represents what to take away
55
![Page 56: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/56.jpg)
Example•Command umask 027:
▫All permissions for owner▫No write for group▫No permissions for everyone else
56
![Page 57: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/57.jpg)
Access Control Lists
•UNIX permissions are simple and predictable
•Non-UNIX systems use more complicated process: ACLs
•ACLs are more powerful than UNIX▫But also more complex
•History and examples of ACLs in the book (USAH pp. 160-172)
57
![Page 58: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/58.jpg)
Homework
58
•Questions on Homework 2?•Demo to other students (if you did not
demo last time)•Homework 3 Assignment
▫Download from the Web page▫Complete before week 4’s class
•Next class:▫2 hour class▫2 hour midterm
![Page 59: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/59.jpg)
Midterm
•Topics:▫System Admin, booting and shutting down
Linux▫Installing Unix and Managing Users▫Managing and programming the file system
•Textbooks:▫USAH: Ch 1-4, 6, 7, 12▫UPU: pp 431-471, 572-584, 606-622, 630-
640•7 questions and 1 script
59
![Page 60: CS 468: Advanced UNIX Class 3](https://reader035.vdocuments.site/reader035/viewer/2022062423/5681442f550346895db0c7e4/html5/thumbnails/60.jpg)
Questions?
60