Lession1 Linuxpreview 091013105123 Phpapp02

LINUX PREVIEW
NETWORK ADMINISTRATION
NETWORK ADMINISTRATION
Khoa CNTT H Nng Lm TP. HCM 01/2007 2/18
The Virtual File System Structure
The Virtual File System Structure
VFS nh ngha
tp hop cc chc
nng m mi mt
filesystem phi
c. Giao tip ny
xy dung trn tp
hop cc thao tc
gn lin ti 3 i
tuong l:
1. filesystems,
2. inodes, and
3. open files.
! th"#$ t%& ti# EXT'
! th"#$ t%& ti# EXT'
on v co s ca h thng tp tin EXT2 l i-node. y l mt

cu trc iu khin c bit hoc n chi truc tip ti cc ti cc
block d liu (data block) hoc l chi ti mt i-node khc.
H thng EXT2 cho php cc i-node lin kt ti a 3 mc, do

vy ln ti a ca mt tp tin l 2 GB.
-node chi luu nhng thng tin v nhng tp tin v thu muc
uoc trong h thng tp tin. Nhung chng khng luu tn tp tin
v thu muc thuc su. Mi tp tin tao ra s uoc phn b mt
inode luu nhng thng tin sau:
Loai tp tin v quyn han truy cp tp tin
Ngui s hu tp tin.
Kch thuc ca tp tin v s hard link n tp tin.
Ngy v thi gian chinh sa tp tin ln cui cng.
V tr ni dung tp tin trong h thng tp tin.
Cc thu muc trong EXT2 uoc xem nhu nhng tp tin c bit
cha nhng con tr n cc i-node ca cc entry.
I(N)*e a#* Data +l)c, i# EXT' FS
m)*e
inode can describe one of file, directory, symbolic

link, block device, character device or FFO.
O-#er I#.)rmati)#
The user and group identifiers of the owners of

this file or directory. This allows the file system to
correctly allow the right sort of accesses,
Si/e
The size of the file in bytes,

Timestam&s
The time that the inode was created and the last
time that it was modified
Data+l)c,s
Pointers to the blocks that contain the data that

this inode is describing. The first twelve are
pointers to the physical blocks containing the
data described by this inode and the last three
pointers contain more and more levels of
indirection.
Direct)ries i# EXT' FS
Direct)ries i# EXT' FS
Direct)ries are im&leme#te* as a s&ecial ty&e ).
.iles0 Actually1 a *irect)ry is a .ile c)#tai#i#$ a list
). e#tries0 Each e#try c)#tai#s a# i#)*e #um+er
a#* a .ile #ame0
Li#, 2Li3# ,4t5
Li#, 2Li3# ,4t5
tao ra mt tn tp tin th hai cho mt tp tin.
Trong Linx tn tai hai loai lin kt:

60 ar* Li#,: lin kt trong cng h thng tp tin vi hai
inode entry tuong ng tr n cng mt ni dung vt l
(cng inode number v chng tr n cng d liu). Hard link
chi c th thuc hin uoc nu file ch v ngun nm trn
cng mt phn vng a. Thuc t hai files ny u chi ti
cng mt i-node vt l :
$ ls (il testfile
14253 testfile
$ l# testfile test2
$ ls (il testfile test2
14253 testfile 14253 test2
C hai tp tin u c inode number ging nhau
Li#, 2Li3# ,4t5
Li#, 2Li3# ,4t5
'0 S).t 2sym+)lic5 Li#, : l mt lin kt khc m khng s dung
inode entry cho vic lin kt. Chng ta s dung khi file ch v
ngun khng nm trn cng mt a.. Ty chon (s ca lnh l#
cho php tao ra mt soft link. V du:
$ ls (il bigfile
6253 bigfile
$ l# (s bigfile anotherfile
$ ls (il bigfile anotherfile
6253 bigfile 8358 anotherfile
Nhu vy i-node number ca cc tp tin khc nhau. Lit k mt
thu muc s thy soft link:
lrwxrwxrwx 1 root root 6 Sep 16:35 anotherfile -> bigfile
-rw-rw-r-- 1 root root 2 Sep 17:23 bigfile
ar* Li#, 7 Sym+)lic Li#,
ar* Li#, 7 Sym+)lic Li#,
Khng c su khc bit gia original file v hardlink file. xc

nh chi s i-node xem 2 files c hardlink vi nhau hay khng
phi dng ls li
l# abc habc
l# 7s abc sabc
ls 7i abc habc sabc
12345 abc 12345 habc 12345 sabc
ls 7il abc habc sabc

12345 ... abc
12345 ... habc
23410 ... sabc -> abc
Moi su thay i quyn han v ch nhn trn original file u dn

n thay i trn cc hardlinks v nguoc lai nhung khng nh
hung n symbolic links
Quyn han th hin (ls l) trn symbolic link khng bao gi thay
i v lun l lr-8r-8r-8. Khi thay i quyn han trn symbolic
link th quyn han s thy i trn original file (tt nhin s thay
i trn tt c hardlinks).
Ch nhn symbolic link v original file l khc nhau

Permissi)#s
Permissi)#s
( 2r-(5 2r-(5 2r((5 6 sam sam
9 9 9 9
Ty&e )-#er $r)u& )thers
The .irst item1 -hich s&eci.ies the .ile ty&e1 ca# sh)- )#e ).
the .)ll)-i#$:
* : a *irect)ry
( 2*ash5 : a re$ular .ile 2rather tha# *irect)ry )r li#,5
l : a sym+)lic li#, t) a#)ther &r)$ram )r .ile
;ey)#* the .irst item1 i# each ). the .)ll)-i#$ three sets1 y)u
-ill see )#e ). the .)ll)-i#$:
r : .ile ca# +e rea*
- : .ile ca# +e -ritte# t)
8 : .ile ca# +e e8ecute* 2i. it is a &r)$ram5

Usi#$ File System <)mma#*s
chm)*
chm)*
chm)* has two methods of changing filename
permissions:
1. One way is the numeric method, which sets the
user, group and world permissions at once.
2. The other way to specify chmod permissions is
the character flag method, which changes only
the attributes you specify.
<hm)* : Usi#$ a .la$ meth)*
I*e#tities
u the user who owns the file (that is, the owner)
$ the group to which the user belongs
) others (not the owner or the owner's group)
a everyone or all (u, g, and o)
Permissi)#s
r read access
- write access
8 execute access
Acti)#s
= adds the permission
( removes the permission
> makes it the only permission
chm)* u=r- s#ea,ers0t8t
Here are some common examples of settings that can

be used with chmod:
$=- adds write access for the group
)(r-8 removes all permissions for others
u=8 allows the file owner to execute the file
a=r- allows everyone to read and write to the file
u$=r allows the owner and group to read the file
$>r8 allows only the group to read and execute (not
write)
By adding the -R option, you can change permissions

for entire directory trees.
<ha#$i#$ Permissi)#s With Num+ers
Each permission setting can be represented by a

numerical value:
r > ?
- > '
8 > 6
( > @
F)r s#ea,ers0t8t1 here are the #umerical
&ermissi)#s setti#$s:
( 2 r - ( 5 2 r - ( 5 2 r ( ( 5
9 9 9
?='=@ ?='=@ ?=@=@
The total for the user is six, the total for the group is
six, and the total for others is four. The permissions
setting is read as 664.
To implement these new settings, type:

chm)* A?? s#ea,ers0t8t
(r-((((((( 2A@@5 Only the owner has read and write permissions.
(r-(r((r(( 2A??5 Only the owner has read and write permissions; the
group and others have read only.
(r-8(((((( 2B@@5 Only the owner has read, write, and execute
permissions.
(r-8r(8r(8 2BCC5 The owner has read, write, and execute permissions;
the group and others have only read and execute.
(r-8((8((8 2B665 The owner has read, write, and execute permissions;
the group and others have only execute.
(r-(r-(r-( 2AAA5 Everyone can read and write to the file. (Be careful
with these permissions.)
(r-8r-8r-8 2BBB5 Everyone can read, write, and execute. (Again, this
permissions setting can be hazardous.)
ere are s)me c)mm)# setti#$s .)r *irect)ries:
*r-8(((((( 2B@@5 Only the user can read, write in this directory.
*r-8r(8r(8 2BCC5 Everyone can read the directory; users and groups
have read and execute permissions.
Khi User tao ra file hoc folder mi, th bao gi file

hoc folder mi ny cng c mt quyn han mc
nh no
L!#h umas, : DuyE# hF# mGc HI#h
v du : file.txt c quyn han mc nh l 664 ;
folder l 775
tnh quyn han mc nh ny Linux s dung

phuong php sau:
JuyE# hF# mGc HI#h cKa .ile = 666 umask
JuyE# hF# mGc HI#h cKa .)l*er = 777 umask
umask lL +i4# mL chM#$ ta cN thO hi!u chP#h
umask : hiO# thI $iQ trI umas,
umask newNumber : umas, > #e-Num+er
vd:
umas, 666
t)uch file
File sR cN JuyE# @@@.
Stic,y +it
Stic,y +it
Khi UserA c quyn Write i vi mt .)l*er th

UserA c th 8Na +St ,T mUt .ile hoc su+.)l*er
no #$ay cV ,hi UserA khWng &hVi lL chK #hX# YL
cZ#$ ,hW#$ cN JuyE# hF# $[ i vi file v subfolder
ni trn.
xem thuc tnh ca folder hy dng
ls -ld
V du. /tmp/ c thuc tnh dwrxwrxwrx
Stic,y +it
Stic,y +it
Mc d User sv khng c quyn g i vi file root.txt ,

nhung sv c th xa root.txt.
UserA khng th xa files ca UserB trong folder m tt

c Users u c quyn Write chng ta hy s dung Sticky
Bits: chmod +t folder.
The R))t Direct)ry
The R))t Direct)ry
the following directories, or symbolic links to

directories, are required in / :
/bin Essential command binaries
/boot Static files of the boot loader
/dev evice files
/etc Host-specific system configuration
/lib Essential shared libraries and kernel
modules
/mnt Mount point for mounting a filesystem
temporarily
/sbin Essential system binaries
/tmp Temporary files
/usr Secondary hierarchy
/var Variable data
Ru##i#$ Pr)$rams at ;))t Time
Ru##i#$ Pr)$rams at ;))t Time
The \etc\rc0*\rc0l)cal script is executed by the init

command at boot time or when changing runlevels.
Adding commands to this script is an easy way to
perform necessary tasks like starting special services
or initialize devices without writing complex
initialization scripts in the /etc/rc.d/init.d/ directory and
creating symbolic links.
The \etc\rc0serial script is used if serial ports must be

setup at boot time. This script runs setserial
commands to configure the system's serial ports.
Users a#* ]r)u&s
Users a#* ]r)u&s
Control of users and groups is a core element of Red Hat

Linux system administration.
Users can be either people, meaning accounts tied to

physical users, or accounts which exist for specific
applications to use.
Groups are logical expressions of organization, tying users

together for a common purpose. Users within the same
group can read, write, or execute files owned by the group.
Each user and group have a unique numerical

identification number called a userid (UID) and a groupid
(GID) respectively.
A good system administrator must first understand what

user accounts and groups are and how they work.
User a#* ]r)u& Ma#a$eme#t T))ls
User a#* ]r)u& Ma#a$eme#t T))ls
The following command line tools can also be

used to manage users and groups:
useradd, usermod, and userdel ndustry-

standard methods of adding, deleting and modifying
user accounts.
groupadd, groupmod, and groupdel ndustry-

standard methods of adding, deleting, and
modifying user groups.
gpasswd ndustry-standard method of

administering the \etc\$r)u& file.
/etc/group
A**i#$ a User
A**i#$ a User
To add a user to the system:
1. ssue the useradd command to create a locked user
account:
useradd [options] <username>
2. Unlock the account by issuing the passwd command
to assign a password and set password aging
guidelines:
passwd <username>
The c)mma#* li#e )&ti)#s .)r usera**
-c comment Comment for the user
-d home-dir Home directory to be used instead of

default /home/username
-e date ate for the account to be disabled in

the format -MM-
-f days Number of days after the password

expires until the account is disabled. (f 0 is
specified, the account is disabled immediately after
the password expires. f -1 is specified, the account
will not be disabled after the password expires.)
-g group-name Group name or group number for the

user's default group (The group must exist prior
to being specified here.)
-m Create the home directory if it does not

exist.
-M o not create the home directory.
-n o not create a user private group for the

user.
-r Create a system account with a U less

than 500 and without a home directory.
-p password The password encrypted with crypt.
-s User's login shell, which defaults to

/bin/bash.
-u uid User for the user, which must be unique

and greater than 499, unless the -o option
is used. Values between 0 and 99 are
typically reserved for system accounts.
Delete a user acc)u#t ( user*el
Delete a user acc)u#t ( user*el
userdel -r username
The userdel command modifies the system
account files, deleting all entries that refer to
login. The named user must exist. The options
which apply to the userdel command are:
-r Files in the users home directory will be
removed along with the home directory itself
and the users mail spool. Files located in
other file systems will have to be searched for
and deleted manually.
M)*i.y a user acc)u#t ( userm)*
usermod option username
-c comment
The new value of the users password file
comment field. t is normally modified using
the chfn(1) utility.
-d homedir
The users new login directory. f the -m
option is given the contents of the current
home directory will be moved to the new home
directory, which is created if it does not already
exist.
-e expiredate
The date on which the user account will be
disabled. The date is specified in the format
-MM-.
-g initialgroup
The group name or number of the users new initial
login group.The group name must exist. A group
number must refer to an already existing group. The
default group number is 1.
-p passwd
The encrypted password, as returned by crypt(3).
-u uid
The numerical value of the users . This value
must be unique, unless the -o option is used. The
value must be non-negative. Values between 0 and
99 are typically reserved for system accounts. Any
files which the user owns and which are located in
the directory tree rooted at the users home directory
will have the file user changed automatically.
Files outside of the users home directory must be
altered manually.
-L
Lock a users password. This puts a in front of
the encrypted password, effectively disabling the
password. ou cant use this option with -p or -U.
-U
Unlock a users password. This removes the in
front of the encrypted password. ou cant use this
option with -p or -L.
cha#$e <)mma#* Li#e O&ti)#s
cha#$e <)mma#* Li#e O&ti)#s
oc! the user"s pass#ord f the user does not exist,

use the useradd command to create the user account,
but do not give it a password so that it remains locked. f
the password is already enabled, lock it with the
command:
usermod -L username
$orce immediate pass#ord e%piration Type the

following command:
change -d 0 username
This command sets the value for the date the password
was last changed to the epoch (anuary 1, 1970). This
value forces immediate password expiration. t means
that the user must to set a password the first time the
user log in.
Note, this process does not work if the user logs in using
the SSH protocol.
A**i#$ a ]r)u&
A**i#$ a ]r)u&
groupadd options <group-name>
-g gid Group for the group, which must

be unique and greater than 499,
unless the -o option is used.
-r Create a system group with a G less
than 500.
-f Exit with an error if the group already
exists. f -g and -f are specified, but the
group already exists, the -g option is
ignored.
User PriYate ]r)u&s
User PriYate ]r)u&s
Red Hat Linux uses a user &riYate $r)u& 2UP])

scheme, which makes UNX groups easier to manage.
A UPG is created whenever a new user is added to

the system. A UP] has the same #ame as the user
for which it was created and that user is the only
member of the UPG.
UPGs makes it is safe to set default permissions for a

newly created file or directory which allow both the
user and that user"s group to make modifications to
the file or directory.
The setting which determines what permissions are

applied to a newly created file or directory is called a
umas! and is configured in the /etc/bashrc file.
Traditionally, on UNX systems the umask is set to
022, which allows only the user who created the file or
directory to make modifications.
]r)u& Direct)ries
]r)u& Direct)ries
a group of people work on files in the /var/T directory.

Some people are trusted to modify the directory but
certainly not everyone. So first create an emacs
group, as in the following command:
groupadd itgroup
n order to associate the contents of the directory with

the emacs group, type:
chown -R root.itgroup /var/T
Now, it is possible to add the proper users to the

group with the gpasswd command:
gpasswd -a username> itgroup
Allow the users to actually create files in the directory

with the following command:
chmod 775 /var/T

\etc\&ass-*
\etc\&ass-*
The /etc/passwd file is world-readable and contains a list of
users, each on a separate line. On each line is a colon
delimited list containing the following information:
Username The name the user types when logging into

the system.
&ass#ord Contains the encrypted password (or an x if

shadow passwords are being used more on this later).
User ID 'UID( The numerical equivalent of the

username which is referenced by the system and
applications when determining access privileges.
Group ID 'GID( The numerical equivalent of the primary

group name which is referenced by the system and
applications when determining access privileges.
\etc\&ass-*
\etc\&ass-*
)ome directory The absolute path to the user's

home directory, such as /home/uan/.
*hell The program automatically launched

whenever a user logs in. This is usually a command
interpreter (often called a shell). Under Red Hat Linux,
the default value is /bin/bash. f this field is left
blank, /bin/sh is used. f it is set to a non-existent file,
then the user will be unable to log into the system.
Here is an example of a /etc/passwd entry:
root:%:+:+:root:,root:,-in,-ash
This line shows that the root user has a shado#
pass#ord, as well as a UID and GID of +. The root
user has ,root, as a home directory, and uses
,-in,-ash for a shell.
\etc\sha*)-
\etc\sha*)-
Because the /etc\&ass-* file must be world-readable (the

main reason being that this file is used to perform the
translation from UID to username), there is a risk involved
in storing everyone's password in /etc\&ass-*.
Therefore, the ,etc/shadow file is reada-le only -y the

root user and contains pass#ord (and optional password
aging information) for each user. As in the /etc\&ass-*
file, each user's information is on a separate line. Each of
these lines is a colon delimited list including the following
information:
Username The name the user types when logging

into the system. This allows the login application to
retrieve the user's password (and related information).
\etc\sha*)-
\etc\sha*)-
.ncrypted pass#ord The 13 to 24 character

password. The password is encrypted using either the
crypt(3) library function or the md5 hash algorithm. n
this field, values other than a validly-formatted
encrypted or hashed password are used to control user
logins and to show the password status. For example, if
the value is or , the account is locked and the user is
not allowed to log in. f the value is a password has
never been set before (and the user, not having set a
password, will not be able to log in).
Date pass#ord last changed The number of days

since anuary 1, 1970 (also called the epoch) that the
password was last changed. This information is used in
conunction with the password aging fields that follow.
/um-er of days -efore pass#ord can -e changed

The minimum number of days that must pass before the
password can be changed.

Li#u8 Net-)r,i#$
Li#u8 Net-)r,i#$

Determi#i#$ ^)ur IP A**ress
Determi#i#$ ^)ur IP A**ress
ou can determine the P address of this device with

the ifconfig command.
rootbigboy tmp ifconfig

eth0 Link encap:Ethernet HWaddr 00:A0:CC:60:B7:G4
inet addr:192.168.100.5 Bcast:192.168.100.255
Mask:255.255.255.0
UP BROACAST RUNNNG MULTCAST MTU:1500 Metric:1
RX packets:161930 errors:1 dropped:0 overruns:0 frame:0
TX packets:244570 errors:0 dropped:0 overruns:0 carrier:0
collisions:475 txqueuelen:100
RX bytes:55075551 (52.5 Mb) TX bytes:178108895 (169.8 Mb)
nterrupt:10 Base address:0x9000
<ha#$i#$ ^)ur IP A**ress
<ha#$i#$ ^)ur IP A**ress
f you wanted, you could give this eth0 interface an P

address using the ifconfig command.
rootbigboy tmp ifconfig eth0 10.0.0.1 netmask

255.255.255.0 up
The up at the end of the command activates the

interface. To make this permanent each time you boot up
you'll have to add this command in your /etc/rc.d/rc.local
file.
Linux also makes life a little easier with interface

configuration files located in the /etc/sysconfig/network-
scripts directory. nterface eth0 has a file called ifcfg-eth0,
eth1 uses ifcfg-eth1 ... etc. ou can place your P address
information in these files which are then used to auto-
configure your NCs when Linux boots.
I#ter.ace <)#.i$urati)# Files
I#ter.ace <)#.i$urati)# Files
nterface configuration files control the software interfaces

for individual network devices. As the system boots, it
uses these files to determine what interfaces to bring up
and how to configure them. These files are usually
named ifcfg-<name>, where <name> refers to the name
of the device that the configuration file controls.
One of the most common interface files is ifcfg-eth0,

which controls the first Ethernet net#or! interface card or
/I0 in the system. n a system with multiple NCs, there
are multiple ifcfg-eth<1> files (where <1> is a unique
number corresponding to a specific interface). Because
each device has its own configuration file, an
administrator can control how each interface functions
individually.
E8am&le c)#.i$urati)# .ile
E8am&le c)#.i$urati)# .ile
Below is a sample ifcfg-eth0 file for a system using a

fixed P address:
EVCE=eth0
BOOTPROTO=none
ONBOOT=yes NETWORK=10.0.1.0
NETMASK=255.255.255.0
PAR=10.0.1.27
USERCTL=no
For example, the ifcfg-eth0 file for an interface using

HCP looks quite a bit different, because P
information is provided by the HCP server:
EVCE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
the c)#.i$ura+le &arameters i# a# Ether#et
i#ter.ace c)#.i$urati)# .ile

BOOTPROTO=<protocol>, where <protocol> is one of

the following:
none No boot-time protocol should be used.
bootp The BOOTP protocol should be used.
dhcp The HCP protocol should be used.
BROACAST=<address>, where <address> is the

broadcast address. This directive is deprecated.
EVCE=<name>, where <name> is the name of the

physical device (except for dynamically-allocated PPP
devices where it is the logical name).
NS23456=<address>, where <address> is a name

server address to be placed in /etc/resolv.conf if the
PEERNS directive is set to yes.
PAR=<address>, where <address> is the P address.
NETMASK=<mas!>, where <mas!> is the netmask value.
NETWORK=<address>, where <address> is the network

address. This directive is deprecated.
ONBOOT=<ans#er>, where <ans#er> is one of the

following:
yes This device should be activated at boot-time.
no This device should not be activated at boot-time.
USERCTL=<ans#er>, where <ans#er> is one of the

following:
yes Non-root users are allowed to control this device.
no Non-root users are not allowed to control this

device.
I#ter.ace <)#tr)l Scri&ts
I#ter.ace <)#tr)l Scri&ts
The interface control scripts activate and deactivated system

interfaces. There are two primary interface control scripts,
/sbin/ifdown and /sbin/ifup, that call on control scripts located
in the /etc/sysconfig/network-scripts/ directory.
The ifdown and ifup interface scripts are symbolic links to

scripts in the /sbin/ directory. When either of these scripts are
called, they require the value of the interface to be specified,
such as:
rootbigboy network-scripts ifup eth0

etermining P information for eth0... done.
The easiest way to manipulate all network scripts

simultaneously is to use the /sbin/service command on the
network service (/etc/rc.d/init.d/network), as illustrated the
following command:
/etc/rc.d/init.d/network <action>
<action> can be either start, stop, restart, or status.

)- T) <ha#$e ^)ur De.ault ]ate-ay
)- T) <ha#$e ^)ur De.ault ]ate-ay
This can be done with a simple command. This example

uses the standard ethernet interface eth0.
rootbigboy tmp route add default gw 192.168.1.1 eth0
n this case, make sure that the router / firewall with P

address 192.168.1.1 is connected to the same network as
interface eth0
Once done, you'll need to update your

/etc/sysconfig/network file to reflect the change. This file is
used to configure your default gateway each time Linux
boots.
NETWORKNG=yes
HOSTNAME=bigboy
GATEWA=192.168.1.1
Some people don't bother with this step and ust place the
route add command in the file /etc/rc.d/rc.local
\etc\sysc)#.i$\#et-)r,
\etc\sysc)#.i$\#et-)r,
The /etc/sysconfig/network file is used to specify information

about the desired network configuration. The following values
may be used:
NETWORKNG=<7alue>, where <7alue> is one of the following

boolean values:
yes Networking should be configured.
no Networking should not be configured.
HOSTNAME=<7alue>, where <7alue> should be the $ully

8ualified Domain /ame ($8D/), such as
hostname.expample.com, but can be whatever hostname is
necessary.
GATEWA=<7alue>, where <7alue> is the P address of the

network's gateway.
GATEWAEV=<7alue>, where <7alue> is the gateway device,

such as eth0.
NSOMAN=<7alue>, where <7alue> is the NS domain name.

T) <ha#$e The Du&le8 Setti#$ O. ^)ur NI<
A Ethernet NCs built into motherboards (onboard NCs) frequently

don't negotiate port speed and duplex correctly.
ou can manage the duplex and speed settings of your NC with the
mii-tool command. t is best to use this command with compatible
hardware.
n the example below, we can see the output of the command verbose
-v mode. n this case, negotiation was OK, with the NC selecting
100Mbps, full duplex mode (F).
rootbigboy tmp mii(t))l 7Y

eth1: negotiated 100baseTx-F, link ok
product info: vendor 00:10:18, model 33 rev 2
basic mode: autonegotiation enabled
basic status: autonegotiation complete, link ok
capabilities: 100baseTx-F 100baseTx-H 10baseT-F 10baseT-
H
advertising: 100baseTx-F 100baseTx-H 10baseT-F 10baseT-
H
link partner: 100baseTx-F 100baseTx-H 10baseT-F 10baseT-
H flow-control
ou can set your NC to force itself to a particular speed

and duplex by using the -F switch with any of the
following options: 100baseTx-F, 100baseTx-H,
10baseT-F, or 10baseT-H. Remember that you could
lose all network connectivity to your server if you force
your NC to a particular speed/duplex that doesn't match
that of your switch.
rootbigboy tmp mii-tool -F 100baseTx-F eth0
have seen where NCs appear to work with failed

negotiation, but this is usually accompanied by many
collision type errors being seen on the NC when using
the ifconfig -a command and only marginal performance.
The causes for this could include an incompatible NC,
incorrect settings on your switch port or a bad cable.
<)#.i$uri#$ ^)ur \etc\h)sts File
The /etc/hosts file is ust a list of P addresses and their

corresponding server names. our server will typically check
this file before referencing NS, if the name is found with a
corresponding P address then NS won't be queried at all.
192.168.1.101 smallfry
n the example above server smallfry has an P address of

192.168.1.101. ou can access 192.168.1.101 using the
ping, telnet or any other network aware program by
referring to it as smallfry Here is an example using the ping
to see if smallfry is alive and well on the network.
rootbigboy tmp ping smallfry

PNG zero (192.168.1.101) 56(84) bytes of data.
64 bytes from smallfry (192.168.1.101): icmpseq=0 ttl=64
time=0.197 ms
64 bytes from smallfry (192.168.1.101): icmpseq=1 ttl=64
time=0.047 ms
ou can also add aliases to the end of the line which will
allow you to refer to the server using other names. Here we
have set it up so that smallfry can also be accessed using
the names tiny and littleguy.
192.168.1.101 smallfry tiny littleguy

ou should never have an P address more than once in

this file as Linux will only use the values in the first entry it
finds.

192.168.1.101 smallfry (Wrong)
192.168.1.101 tiny (Wrong)
192.168.1.101 littleguy (Wrong)
The L))&+ac, I#ter.ace_s L)calh)st E#try
The L))&+ac, I#ter.ace_s L)calh)st E#try
Usually the very first entry in /etc/hosts defines the P address of the
server's virtual loopback interface. This is usually mapped to the name
localhost.localdomain (the universal name used when a server refers
to itself) and localhost (the shortened alias name). By default,
System inserts the hostname of the server between the 127.0.0.1 and
the localhost entries like this:
127.0.0.1 bigboy localhost.localdomain localhost
When the server is connected to the nternet this first entry after the
127.0.0.1 needs to be the fully qualified domain name (FQN) of the
server. For example, bigboy.mysite.com, like this:
127.0.0.1 bigboy.my-site.com localhost.localdomain localhost
Some programs such as Sendmail are very sensitive to this and if they
detect what they feel is an incorrect FQN they will default to using the
name localhost.localdomain when communicating with another
server on the network. This can cause confusion, as the other server
also feels it is localhost.localdomain.
Note: ou MUST always have a localhost and localhost.localdomain

entry mapping to 127.0.0.1 for Linux to work properly.
]UI Net-)r, <)#.i$urati)#
]UI Net-)r, <)#.i$urati)#
GU : Start Menu => System Settings => Network or
Shell: redhat-config-network
OYerYie-
OYerYie-
To configure a network connection with the Network

Administration Tool, perform the following steps:
1. Add the physical hardware device to the hardware
list.
2. Add a network device associated with the physical
hardware device.
3. Configure the hostname and NS settings.
4. Configure any hosts that cannot be looked up
through NS.
Esta+lishi#$ a# Ether#et <)##ecti)#
To add an Ethernet connection, follow these steps:

1. Click the evices tab.
2. Click the New button on the toolbar.
3. Select Ethernet connection from the evice Type list, and
click Forward.
4. f you have already added the network interface card to
the hardware list, select it from the Ethernet card list.
Otherwise, select Other Ethernet Card to add the
hardware device.
5. f you selected Other Ethernet Card, the Select Ethernet
Adapter window appears. Select the manufacturer and
model of the Ethernet card. Select the device name. f
this is the system's first Ethernet card, select eth0 as the
device name; if this is the second Ethernet card, select
eth1 (and so on). The Network Administration Tool also
allows you to configure the resources for the NC. Click
Forward to continue.
6. n the Configure Network Settings window, choose between
HCP and a static P address. f the device receives a
different P address each time the network is started, do not
specify a hostname. Click Forward to continue.
7. Click Apply on the Create Ethernet evice page.
After configuring the Ethernet device, it appears in the device

list as shown in bellow Figure
Be sure to select File => Save to save the changes.
After adding the Ethernet device, you can edit its configuration
by selecting the device from the device list and clicking Edit. For
example, when the device is added, it is configured to start at
boot time by default. To change this setting, select to edit the
device, modify the Activate device when computer starts value,
and save the changes.
When the device is added, it is not activated immediately, as

seen by its nactive status. To activate the device, select it from
the device list, and click the Activate button. f the system is
configured to activate the device when the computer starts (the
default), this step does not have to be performed again.
f you associate more than one device with an Ethernet card, the
subsequent devices are de7ice aliases. A device alias allows you
to setup multiple virtual devices for one physical device, thus
giving the one physical device more than one P address. For
example, you can configure an eth1 device and an eth1:1
device.
Ma#a$i#$ DNS Setti#$s
Ma#a$i#$ DNS Setti#$s
Ma#a$i#$ )sts
Ma#a$i#$ )sts
Ma#a$i#$ )sts
Ma#a$i#$ )sts
To add an entry to the /etc/hosts file, go to the Hosts tab,

click the New button on the toolbar, provide the requested
information, and click OK. Select File => Save or press
Ctrl-S to save the changes to the /etc/hosts file. The
network or network services do not need to be restarted
since the current version of the file is referred to each time
an address is resolved.
To change lookup order, edit the /etc/host.conf file. The line

order hosts, bind specifies that the /etc/hosts takes
precedence over the name servers. Changing the line to
order bind, hosts configures the system to resolve
hostnames and P addresses using the name servers first.
f the P address cannot be resolved through the name
servers, the system then looks for the P address in the
/etc/hosts file.
ActiYati#$ DeYices
ActiYati#$ DeYices
Network devices can be configured to be active or inactive

at boot time. For example, a network device for a modem
connection is usually not configured to start at boot time;
whereas, an Ethernet connection is usually configured to
activate at boot time. f your network device is configured
not to start at boot time, you can use the Red Hat Control
Network program to activate it after boot time. To start it,
select Main Menu Button (on the Panel) => System Tools
=> Network evice Control or type the command redhat-
control-network.
To activate a device, select it from the list and click the

Activate button. To stop the device, select it from the list
and click eactivate.
ActiYati#$ DeYices
ActiYati#$ DeYices
DeYice Aliases
DeYice Aliases
De7ice aliases are virtual devices associated with the same

physical hardware, but they can be activated at the same time
to have different P addresses. They are commonly
represented as the device name followed by a colon and a
number (for example, eth0:1).
After configuring the Ethernet device, such as eth0, to use a

static P address (HCP does not work with aliases), go to the
evices tab and click New. Select the Ethernet card to
configure with an alias, set the static P address for the alias,
and click Apply to create it. Since a device already exists for
the Ethernet card, the one ust created is the alias such as
eth0:1.
To modify the settings for the device alias such as whether to

activate it at boot time and the alias number, select it from the
list and click the Edit button.
Select the alias and click the Activate button to activate the
alias. f you have configured multiple profiles, select which
profiles in which to include it.
ActiYati#$ DeYices
ActiYati#$ DeYices
T) Yeri.y that the
alias has +ee#
actiYate*1 use
the c)mma#*
i.c)#.i$0 The
)ut&ut sh)ul*
sh)- the *eYice
a#* the *eYice
alias -ith
*i..ere#t IP
a**ress

Lession1 Linuxpreview 091013105123 Phpapp02

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lession1 Linuxpreview 091013105123 Phpapp02

Uploaded by

Copyright:

Available Formats

LINUX PREVIEW

on v co s ca h thng tp tin EXT2 l i-node. y l mt

H thng EXT2 cho php cc i-node lin kt ti a 3 mc, do

Loai tp tin v quyn han truy cp tp tin

Kch thuc ca tp tin v s hard link n tp tin.

Ngy v thi gian chinh sa tp tin ln cui cng.

V tr ni dung tp tin trong h thng tp tin.

inode can describe one of file, directory, symbolic

The user and group identifiers of the owners of

The size of the file in bytes,

Pointers to the blocks that contain the data that

tao ra mt tn tp tin th hai cho mt tp tin.

Trong Linx tn tai hai loai lin kt:

Khng c su khc bit gia original file v hardlink file. xc

ls 7il abc habc sabc

Moi su thay i quyn han v ch nhn trn original file u dn

Ch nhn symbolic link v original file l khc nhau

chm)* u=r- s#ea,ers0t8t

Here are some common examples of settings that can

By adding the -R option, you can change permissions

Each permission setting can be represented by a

To implement these new settings, type:

Khi User tao ra file hoc folder mi, th bao gi file

tnh quyn han mc nh ny Linux s dung

Khi UserA c quyn Write i vi mt .)l*er th

Mc d User sv khng c quyn g i vi file root.txt ,

UserA khng th xa files ca UserB trong folder m tt

the following directories, or symbolic links to

The \etc\rc0*\rc0l)cal script is executed by the init

The \etc\rc0serial script is used if serial ports must be

Control of users and groups is a core element of Red Hat

Users can be either people, meaning accounts tied to

Groups are logical expressions of organization, tying users

Each user and group have a unique numerical

A good system administrator must first understand what

The following command line tools can also be

useradd, usermod, and userdel ndustry-

groupadd, groupmod, and groupdel ndustry-

gpasswd ndustry-standard method of

-c comment Comment for the user

-d home-dir Home directory to be used instead of

-e date ate for the account to be disabled in

-f days Number of days after the password

-g group-name Group name or group number for the

-m Create the home directory if it does not

-M o not create the home directory.

-n o not create a user private group for the

-r Create a system account with a U less

-p password The password encrypted with crypt.

-s User's login shell, which defaults to

-u uid User for the user, which must be unique

oc! the user"s pass#ord f the user does not exist,

$orce immediate pass#ord e%piration Type the

groupadd options <group-name>

-g gid Group for the group, which must

Red Hat Linux uses a user &riYate $r)u& 2UP])

A UPG is created whenever a new user is added to

UPGs makes it is safe to set default permissions for a

The setting which determines what permissions are

a group of people work on files in the /var/T directory.

n order to associate the contents of the directory with

chown -R root.itgroup /var/T

Now, it is possible to add the proper users to the