Veer wowwwwwovvuwwyeuUUwUUoUUwuuU”d Discovery Tools Hardware and System Clock Console Virtual Terminals Setial Ports SCSI Devices USB Devices USB Configuration e ‘Common UNIX Printing System Defining a Printer Managing Optical Media Tope Drives Tape Libraries Managing Linux Device Files Kernel Hardware info ~ ys Joys! Structure sev Kernel Modules Configuring Kemel Components and Modules Handing Module Dependencies Configuring the Kernel via /proc/ Leb Tasks 1. Adjusting Kernel Options 2: Configuring Print Queues 43. Introduction to Troubleshooting Labs 4 Troubleshooting Practice: Kernel Modules Chapter LINUX HARDWARE DISCOVERY, INTERACTION, AND CONTROLDetecting New Hardware Manuslly {As the Linux kernel loads, it scans for hardware and then loads ‘rivers fo initialize and support the detected hargware. Examining kkemel boot messages is 9 good way to see what hardware has been detected. You can view the current kernel messages at any time with the daesg command. A copy of the kernel messages is made near the end of the boot sequence and stored 80 it can be examined long after the in memory messages have been overwritten Boot time keel messages are Kept in /var/log/dnesg, “The /proc/ Virtual Filesystem ‘The running komel exports detals about detected hardware in the Jproe/ and /sys/ filesystems. You can use the eat command to ‘isp the contents of the fils in these filesystems. Files and dicectores in /proc/ persining to hardware that may be useful include: cpuinfo, dna, interrupts, ionen, meninfo, bus, bus/usb/, ide/sdk/* In many cases, utlites exist that can extract the same information ‘ut of the files in /proc/ and display it in @ more human readable fashion. For example, instead of trying to reed the rew data shown in the /proc/bus/pei/ and /proc/bus/usb/ directories, you can use the {spel and Isusb commands. The output of these commands is ‘easier to read and both commands support several levels of verbosity. 12 Hardware Discovery Tools Manual discovery of hardware does, 1 Year/tog/aesg 1 Vprec! and /eys! 1 Abpel, shal, Ussesi, ond tsusb 1 daldecode,biosdecode Hardware Abstraction Layer ‘The Ishal command displays the HAL database and can be useful to ‘obtain details such as the system BIOS version or serial numbers: $ Usbal | grep ‘systen\,(firmare|hardiare)’ systen.firmvare, release. date = "84/29/21 System. irmare. version = "2.3.1" (seeing) systen.firmare.venéor = “Oeil Tne." (string) System: hardvare.uuid = '4446C=5196-1644-8862-B14633" (string) systenchardae. serial = “9R7R6E6" (seeing) Snip Interpreting BIOS DMI Data Information stored in CMOS by the BIOS often contains lowevel details about system hardware. Dump the data stored by the BIOS in hhuman readable format with the dnidecode, o1 biosdecode ‘commands: 4 aidecode | sed -n */Menory Device! ,//p 15 (ize| peed eriat)* (string) ere, Size: 2048 XB Speed: 667 Miz (1.5 ns) Serial Number: ED1E3C43 RRR RR EERE RRR RAR ANNIPOE CU ECVE EWE woUUeEUEUUwwUUoNuWed ‘Manipulating the Hardware and System Clocks ‘The hardware clock s usually connected to @ small battery that allows it to continue to function even when the rest of the system is {med off oF disconnected trom externel power sources. Functions within the Linux kernel rely on the system clock that is provided by the kernel instead of the hardware clock. Examples of ‘operations that make use ofthe system clock include: fle creation, ‘and modification timestamps and logfile timestamps. When the system boots, the hardware clock can be sed to seed the system clock wit its initial value. During extended operation, the values of the hardware and system clock can drift apart. In this case, itmay be necessary to re-seed the system clock value from the hardware clock oF vice versa (depending on which of the two clocks Is diverging from the tue time). ‘The hweToek command is the primary way of interacting with the hardware clock. The fllowing examples illustrate its usage: f hmctock ~-systohe # Imclock --set ~-date "12/30/2086 16:52 ust # helock ~-show sat 38 Dec 2886 12:52:40 aM NST 534333 seconds Tho date command isthe primary way of interacting with the system clock. in addition to being able to set the system clock, the date ‘command has extteme configuabily in the output format it uses to lisp the current system date and time. The following exemples, Hardware and System Clock Hardware elock vs. system elock ‘leek itustrate its usage: 95/18/05 # date *#A, 1B the teen" ‘Tuesday, May the 16th 4 echo “s(date +45) seconds have passed since the Linux Epoch" 1115773238 seconds have passed since the Linux Epoch 13Console Drivers ‘The Linux system console can use elther the standard VGA driver, or 2 Video chipset specific modular frame buffer diver. The VGA driver Is always present inthe kernel and will bind automatically (become ‘activel to the console if no other driver is loaded, Chipset specific, frame buller divers can be loaded by passing the vvideo=drdver_nane option to the kemel on boot. Alternatively, the ‘ygacon or vesafb drivers {which support all the standard VGA and ESA video modes respectively) can be configured by passing the vyga=video sode|.sk argument to the keel. Ifa frame butter device i in use, the kernel will display the Tux ‘penguin on boot. To determine exactly which driver isin use, view {the values exported in /3ys/ a8 shown in the following example: Uhost_using_system driver] # cat /sys/class/veconsole/vtcond/nane (s) voae Uhost_using_vesafb-driver} ¥ cat /proc/eadline Fo TOORSLABEL®/ vgae31b 4 cat /sys/class/vtconsole/vtcon®/name (s) dumy device 4 cat /sys/class/vtconsole/vtcon!/nane (W) frane buffer device “4 Console Deivers *systom diver * frame butter vers Console Device File The /dev/console character device is managed by the kernel and by default wil point to the currently active TTY. Kernel messages are sent to /dev/console withthe intent thatthe User atthe physical ‘console will see the messages (regardless of which specific vitual ‘console is currently active). instead of the default ehavior, the ‘console can be set to point to either @ specific TY or a seal port. For example, to have console messages always sent to the frst virtual terminal pass consolesttyl 3s a kernel argament. When in 2 ephclX session, consle messges can be sen by runing ‘Soria Consol ‘The kemel has support for unning @ serial console. Ful documentation is found in the Just /share/doc/kerneldoct /Docunentation/kernel-paraneters txt fle. For example, to enable both a local TTY and sarial console, pass the following kernel arguments through the bootlader: console=tty8 console=ttyS8,19286x8. Kernel messages would then be logged 10 both. \When a serial console is enabled, itis also common to modify GRUB. ‘and init to use the same serial pot for interaction and login. This is ‘done by making the following additions: ROR RAR RRR RRR RRA AAAIVee wow wwrwwUwUUUUUYuYUUUoUEUus (Fle: Pboot/erub/erab. cont (On RHEL, agetty will automatically launch a serial console it serial ‘console was specified a the last console on the kernel command line, This fs done via a udev helper, Upstart, and Jete/init/serial cont "Network Console ‘The kernel has support for running a network console. This can be sel to capture kemel messages, (especially when troubleshooting kernel crashes). Assuming the Kernel was bult wth the ‘CONFIG_NETCONSOLE option, pass the painted with this priodty Minimum Console Log Lavel -» minimum (highest priority) value that ‘the Console Log Level can be set to Default Console Log Level => default value for Console Log Level, ‘An alternative, easy way, to set the console log level i with the {nesg -n Level command. For debugging, you can cause all kernel messages to be displayed on the console with timestamps by passing the ignore_loglevel and tine arguments on boot. netconsole=/src.port/¢/sre_ip// device], (dst_port|¢dst_ip/ {dst_sac] ‘argument to the Kernel on boot. Optional, i support has been Bult {38 a module, netconsole support can be started at any time by loading the Kernel module and passing the needed options as shown inthis example: # modprobe netconsole “notconsole=8890810.160.8.3/etho, 51481 Console Log Levels Kernel code can emit messages tothe system console using the kernel printk() function. The /proc/sys/kernel/print file holds four eumeric values related to which kernel messages are sent to the console, (see proctS)). These can be changed by writing new values to the fie or via the sysctl command, (kernel.printk boolean) To View the curent value, run either of te following § cat /proc/sys/kernel/printk Senet al eciaeg, 5 sysctl kernel .printk Kenel.printk= 3 40017 ‘The meaning of the four values lft to right, as given below top to bottom, are Console Log Level =». messages with higher priority than this value ‘ll be printed to the console Default Message Log Level => messages without a priccty will be 18Virtual Terminals Although /dev/console isthe primary device file associated withthe system console, writes to the device are typically redicected to another device (such as a specific vital torminal or serial device), ‘Virtual terminals are fullscreen TTY devices on the system video ‘monitor. Up to 63 TTYs are supported corresponding to device fles ‘Jéeu/tty( 1-63), The /dev/ tty fle is special and points to “Whichever TTY is currently active, Under normal operation, the init program starts a login onthe frst 6 TTYs. Programs ean direct output to unused TTYs, For example: 4 tail -£ /var/tog/nessages > /dev/tty12 & ‘The current contents {text minus any attributes) of each virtual terminal can be read via the /dev/ vest I=] fle. The contents of the ‘currently active virtual terminal can be read via /dev/ ves. To $99 text plus attributes, use /dev/vesa/s). For example: cat /dov/ves station! login: ‘Switching Virtual Terminals ‘Tho fist twelve TTYs can be accessed by pressing EVE] through EE respectively (when in X. Beis also necessary. Optional, Using +6) or =] works when notin X and can be used to ‘access high numbered terminals (moving sequentially from one terminal to the next). Finally. the chvt. r&_num command will switch to the specified vinual terminal 16 Virtual Terminals Devic Files faevitty S faevives Switching Opening, Closing, and Locking Seraling Common Changes Tort koymaps + screen blanking Opening, Closing, and Locking Virtual Terminale Additional TYs can be started withthe openvt command and kernel resources associated with a TTY cen be Tread with the deal tocvt ‘Command. For security, the current vitual console (default). or Virtual consoles, can be locked with the vleck command. The following demonstrates these commands: ao9 station! login: root password: makeitso (=) Hey. Iaeureeys 4 opeavt ~sw bash 4 ey Jaevreeye ent feey Jaev/etys Penvt 4H vlock =a ‘The entire console display is nov completely locked. You will not be able to suitch to another virtual console Please enter the password to unlock. oot’ Passio: makeitso B=) exit itty Jaev/etys Fdeatlocvt 6 RRO O RRR R RRA RAR R AAR AAR AAA ARANVe eee ewww wwe EwUUUwwowwwd Serolting ‘A scrollback butters maintained for the curently active vitval terminal. Scroll backward by pressing BBase], and scroll forward ‘with BEE], When a switch to another vitual terminal is made, the Contents of the scollback buffer ae lst It anything is written to the terminal while it is currently displaying something in the serollback region, the terminal will automaticaly jump forward to display the now text. This can make itctficult to ‘examine messages inthe scrolback history (especialy during boot, ot shutdown) as the splay will continue to jump away ftom the desired Text a8 new messages ate writen. Pressing the Serall Lack key wal toggle the state ofthe scrolHock flag for the curently active virtual terminal. When scrlbiock is enabled on a particular TTY, the kernel vill block all writes to that TTY (causing any process attempting to \wtte to the TTY to enter an uninteruptable sleep state wating for the VO write to complete}. The Bar fra] and fax}n) key combos vil stil work to scroll the terminal while scolLiock is engaged. Serollback support can be completely cisabled by passing the o-seroll argument to the kernel on boot. Changing Fonts ‘The font used by the vitual terminals can easily be changed with the setfont font_file command. A large collection of fonts is included in the /ib/kbd/consolefonts/ directory. For example: # setfont /Lib/kbé/consolefonts/gr737b-Sx16-nedieval psfu.gz Changing Keymaps ‘When a key is pressed or released a scancode is generated. The kernel translates the scancodes to a keycode whichis then mapped ta‘ key symbol. Used to map keycodes to key symbols, the current nslation table can be viewed with duapkeys and changed using the ‘oadkeys command, The keycode generated by a particular key or key combination can be determined using shodkey. The system includes a large number of standard keymaps for popular layouts and keyboard types in the /Lib/kbd/keyraps/ directory. The keyooard translation table is shared by al vetsl terminals and changes will oulve a single session. For example, if a user logs into TTY} and changes the mapping, someone later logging into TTY2 ‘would see the same mappings (even ifthe user who made the ‘change had logged off of TY earlier, ‘Switch viual terminals to use Dvorak key mappings: # losdkeys /1ib/kbd/keymaps/i386/avorak/dvorak map. gz Disable the serolock key: 4 echo "keycode 70 = nul | Loadkeys - ‘Swap the caps-lock and left control keys: ¥ dunpkeys | sed *5/58 = caps_Lock/S8 = control/;» ‘5/91 = Control/97 = Caps_Lock/' | loadkeys ‘Changing Screen Blanking By default, the vitua terminals will be automatically blanked (using [APM if avaiable) ater 10 minutes of inactivity. The interval of ‘inactivity that wil vigger blanking can be set with settera blank interval_sinutes. Vitual terminal screen blanking can be disabled ‘entirely with the following command, # sottern -powersave off -blank 0 ‘To tum offscreen blanking forthe console, use the folowing ‘command. This is commonly put ina boot up script such as +e. local so tha, if they occur, kemel panic messages can be Viewed. Without this the console wil lank, and because of the kernel panic, cannot be un-blanked. f settern -blank @ /dev/console 2>41,Legacy Serial Ports ‘The venerable serial port has been around even longer than the PC. ‘There are many different kinds of serial ports; GPIB, AS-232, RS-822 RS-485 being some of the most common. The big differences are in What kinds of connectors are used, which pins eaty data of other signaling, the voltages used, etc. ‘Almost every PC ever built has atleast one RS-232 serial pon. This {able shows the important, common parameters and names of the frst 4 serial pons: [Linux Device Node [Port VO Address] IR Taev7eeyse ote g Taev/eeyst loaie a Faevletys? orses a Taevleeys3 lores 3 ‘The minicom Command Many network devices such as routers and switches have serial ports that can be used to configure the device. The minicoa command inializes a serial port and provides an interactive interface for ‘working with these kind of devices. Device specific serial port Settings can be stored in individual contigs that are then called when ceonnecting to that device. For example: 18 Serial Ports Jaevreeyst ‘nlnicon TU! serial communieations program ‘Setscan ~ GUI serial commonieations program, ‘Setserial ~ show or change port settings +2sz puckago~ Implements Zmodem, Ymodem and Xmodem file ‘ranstor protocols ‘esKeralt— Implements Kermit file transfer protocol 4 cat /ete/ninire.cisco pu baudrate 3668 pu bits a pu parity X pu Stopbits 1 W minieo /ete/ninire.cisco ‘serial port is initialized and connection is established... ‘this system is the property of Guru labs, L.C. ‘OWAUTHORTZED ACCESS TO THIS DEVICE 15 PROMIBITED. User Access Verification Username: ee snip... ‘The setserial Command ‘Most programs that interlace with a sell port, such as terminal ‘emulators, wil send the necessary configuration commands to, inalize the serial por. On the rare occasions that @ program does ‘ot do this, and the defaults forthe port and application are incompatible, the setserial command can be used to configure the Port. setserial can also be used to list the current settings of @ seal port 4 sotsorial -av /dev/tty Jeeu/eeys8, Line @, UART! unknown, Port: @x03£8, IRQ: 4 Baud baser’ 115200, close_delay: 58, divisor: @ losing ait Plagst spd.normal skip_test auto_irg ee AYVe wow ewww weUEUwUUwUuWwwWd Device Identification Evary SCSI dovice is assigned an ID (used to diferentiate commands ‘and responses sent by deviees on a shared SCSI bus). The address is in the form host (SCSI adapter number), bus (channel number target (id number) 1un (logical unit number. The Lssesi command can display information about what SCSI hosts and devices are seen by the kernel as show inthis example: § lsseed -1 [o megaraid sas 5 Issesi fenclosu DP BACKPLANE 1.05. ~ isk HP RAID COWTRIR 1.63 /dev/sda ‘The Issesi command gets its data from fles in /sys/class/sesi_* ‘which can also be read directly 2s an alternative ‘Scanning for New SCSI Devices In addition to the methods already discussed, a list of all SCS! devices known to te kernel can be seen by reading the ‘Iproc/scsi/scsi file. Newly added SCSI devices will not be visible to {he Kernel unl ether a reboot. oF 3 rescan of the corresponding host. A rescan can be initiated vie the Jsys/clase/scsi_post/host_nun/scan fle. I the now device is a ‘SAN device, a loop inilalization protocol (LIP) command may need to ‘be issued to the HBA card to rescan the Fiber Channel bus as wel, The following example uses the wildcard (dash character) in place ‘of bus, target, and tun and would cause the kernel to detect any ‘SCSI Devices tifying devices Tptoe/sesi/sesi 2 Absest ‘Adding / Removing devices with /sys/class/sesi_+ ‘SCSI Command Protocol "Commands supported by SCS! devices (Care aeross many transports: ATAPI, PATA, SATA, SPI, SA, FCP, USB, Froware SBP-2, IP (or SCSI, at ‘Viewing end setting options | = sdpara osgaap ‘new devices on the specified SCSI host: 4 cat /proc/sesi/sesi tsee current devices Attached devices: Host: scsi Channel: @8 1d: 68 Lun: 68 Vendor: 0 Hodel! BACKPLANE Rev: 1.85 ‘ype: Bnelosure AIST SCST revision: 65 Host: scsi channel: 92 1d: 88 tan: 68 Vendor! HP Hodel: RAID CONTRLR Rev: 1.63 ‘ype: Direct-Access ANSI SCSI revision: 05 4 echo 1 > /sys/class/fe_host/host_nun/issue_lip 6 sleep 15, f echo "= - -* > /sys/class/sesi host /ost®/scan # daasgWiew rests of resean wap es Vendor: SEAGATE’ Hodel: sT33696s8ss Rev: $515, ‘ype: Direct-Access ANSI SCSI revision: 5 Vendor SEAGATE Hodel: ST336@655SS Rev: S15 ‘ype: Direct-Aocess ANSI SCSI revision: 45 19‘Adding and Removing SCSI Devices ‘To make the kernel aware of hotplugged or removed SCSI devices, send commands to either the /proc/ seei/acsi file (2.4 kernel, or within the /sys/class/sesi_host/ hierarchy (2.6 kernol, exact fle depends on Kernel version) The folowing example idanifis the SCSI id associated withthe /dev/sda disk and then removes that device from the kemners view: # Usscsi | grep /dev/sda [4:1:0:6) "disk HP VIRTUAL DISK 1028 /dev/sda # echo 1 > /sys/class/sesidevice/4\:1\:0\:6/delete To add devices under the 2.6 kernel rescan the corresponding host 28 previously shown, ‘Viewing and Setting SCSI Mode Pages ‘Mode pages contain meta data about a SCSI device as defined by the ‘SCSI (raft) standards: wa.t18.0rg. The spectic pages supported by 2 dovice will vary based on the device and transport in use. in ‘sddition, davices may support Vital Product Data (VPD) pages with ‘2ddtional data. The sdpara command can be used t0 view and set ‘values contained in the various mode pages supported by a SCSI vice. This command is similar to the hdpara command Which cen View and set similar device and anspor relatog sotungs of ATA. ‘riven devices (wav.t13.0F9), and some over exists between the ‘commands. The following example shows using sépara to view and ‘set mode page values: f lsscsi ~g fdetermine scsr generic device for first drive Yeueseseh dik am Hcacht wuA72N7 ATA Taev/s98 1:8] disk ATA Hitachi HUA72167 A74K = ‘feev/sq) Ulatsees] dist AP IMMURL DISK” 1028 Zdev/sda /doe/os2 # sdparm --enunerate view mode pages supported by sdparm Node pages: + «output onitted . ‘bc’ “Sxle,@x61 Background control (ssc) ca 6x98" Caching (sec) ems 6x22 CD/DVD (HN) capabilities and. nechanical status (20) + +. output omitted... 4 sdparm ~-page=ca /dev/sg@ fist values in Caching mode page Teev/sgh: ATA itachi HUATZI67 A74A 110 ‘caching (58¢) node page: re OUtput omitted =. brie (cha: al SHE (eha: a] ee 8 (char a) + output omitted... 4 Saparm “5 WOR=1 /dev/so6 enable write cache 4 sdparn --pagesca =I =-get=Vce /dev/sg8 fread value to verity Téew/sgb: ATR ‘Hitachi HUAT2I67 AD4A ice 1 (cha: yl Urite cache enable ‘The sg.nap command can also show SCSI generic device mappings. ‘The SCSI generic device can be used to send custom SCSI commands to devices, 4 sg.map i x ‘Teev7egh 4 8 8 6 8 NTA Hitachi HUAT2I07 ATAR ‘Peov/sgi 4 81 8 8 ATA Hitachi HUAT2I67 ATER Determining Disk Type, and SAT The following example shows reading info from the VPD pages for 8 disk, Note that based on the SCSI ATA Translation (SAT) layer info displayed thatthe disk can be identified as a SATA disk with translation done within an LS! RAID contraller 4# sdparn ~-pagessv /dov/sg9 _tget List of supported VPD pages Hdev/sg@: ATA Hitachi WUA?2107 474A Supported VPD pages vPO page: ‘Supported VeD pages [sv] Unit serial nunber (sn) Device identification [di] ode page policy mpp] [ATA information (SAT) [ai] 4 sdpara ~-pago-ai /dev/sg®#get SAT layer info ‘Teov/sgh: ATA Hitachi HUATZI67 ATAA. ‘AMA information VPD pages SAT Vondor identification: ist SAT Product identification: LSt SATL SAT Product revision level: 6098 [ATA conmand IDENTIFY DEVICE response summary: model: Hitachi HUA72187S5KLA338 serial number: GTF286P0Gu9B6F firmware revision: GKSORT¢A RAR RRO RRR RAR ARR AAAIvewwewworwrweuwwuuuuUUwMuUwUUUuUUuUuU™ Under Linux, iis also common to see SCSI ATA Translation done by the kernel itself as shown inthe following output: 4 sdparm ~-inquiry ~-pagesai /dev/sda Vdev/sda: ATA 'ST3560626NS DELS ‘Am information VPD page: 'SAT Vendor identification: Linux SAT Product identification: Uibata SAT Product revision level: DE13 [ATA command IDENTIFY DEVICE response summary: model: S735686260S Serial nunber: sqwszncg finmare revision: DE13 ‘The s9.nap command is provided by the sg3_utils package.USB Devices teu Kernel Messages ‘nes 1 Yoat/og/nessages Examining Detectod USB Controllers and Doves tals hdd oto, ese masses Wao atin oie /onucaages te Ail kere evs cuomly connected the sytem teuse a command ine messages can also be vowed with he daesg command, Some tel hax dlspiay ach doves an evespening bu and cones enouee wl appear in bath plcas. Ts exampe output shows ‘mtr Vor Sate tntormaton canbe oploed wah the f numb Re mesoges shew tte ove wil be seas uncer oe s8 ‘The kernel reports information about discovered USB devices in the iRiver, Ltd. sHP-14@ mp3 player Bus 881 Device 883: ID 8464:088e Logitech, Inc. Optical Mouse Bus 881 Device 681: ID 0868;6006 # dnesg tsb 3-1: new high speed USB device using ehei_hod and address 6 sesi2 : SCSI elation for USB Mass Storage devices usb-storage: device found at 6 ‘usb-storage: waiting for device to settle before scanning Vendor: LEXAR Model: JUMPORIVE SECURE Rev: 2008 ype: Direct-necess ‘AISI SCSI revision: ‘csi device sdb: 582888 512-byte hdur sectors (257 ¥8) sib: assuming drive cache: write through ‘/dov/sesi/host2/buse/earget®/lné: pl Attached scsi disk sdb at scsi2, channel @, id 6, lun @ usb-storage: device scan complete ssp wiz RRR AAR RRR RRR RRR RR AAR AAAIVOCuCwwUWwUUUoUUuVUUUUNUUUYUUUVUUUTD devices are automaticaly configured during inialized on boot. When USB devices are plugged into the system, the kernal wil oad the appropriate module, and then femit a uevent message that Is read by udev which then creates the ‘corresponding device filets). Since the USB host controller interfaces with the rest of the system via the PCI bus, information about which USB chipset the host has, ‘can be found in this fashion: Ne Corp. USB (rev 43) NBC Corp. US® (rev 43) NBC Corp. USB 2.8 (rev 84) Core USB Kernel Modules ‘The main kernel module for USB support is usbcore.ko, There are tree addtional kernel modules, one for each major chipset family. The following shows the module file names, but itis not uncommon Jn modern distibutions to have these compiled in direct thci-hod bo "Universal Host Controller Interface" = Kernel module {or IntGWVIA chipsets (USB 1.1) ‘obci-hod ho "Open Host Controller Interface’ > Kernel module for mast other non intolVIA chipsets (USB 1.1), ‘eei-hod. ko Enhenced Host Controller Interface” =» Keinel module {or USB 2.0 {high speed) standard (usvally chips from NEC). USB Configuration Dicabling USB Storage Device Specific USB Kernel Modules Additonal kernal modules exist for ditferent USB devices. Some of the most commonly used include: lusbhid.ko =+ humeninterlace devices such as keyboards, mice, and Tovsticks lsb-storage.ko = mass storage devices such as external hard ‘tives and "keychain" drives usblp-ho = printers tusbserial.ko => USB to serial pon adapters Disabling USB Storage Devices Site security policies sometimes requie disabling support for USB. storage devices. no USB devices will be used, then disabling USB support in the BIOS, or removing the core USB keimel modules, may be an option. To disable only suppor for USB storage, prevent the ‘associated module from loading by ether blacklisting it or configuring the system to run an alternate command instead: fi e[rodprobe d/blacklist cont iacklist_ush_store Fle: Fetc/cdprobe cont 7 [instal usb-storage logger “Atteapted USB Storage” 13curs ‘The Common UNIX Printing System, or CUPS, is 8 completely now. ‘modern printing system. Web-based administration makes CUPS very ‘easy to set up. The CUPS printing subsystem has many advantages ‘over its! competitors LPO and LPRIng, the two top items, is the ‘support the Internet Printing Protocol (IPP) and PostScript Printer Definition (PPD) fies. Full documentation is avaliable atthe project's homepage: hetps//wwnecups.ora ‘The Internet Printing Protocol ‘The IPP protocol isthe new standard for communicating with a ‘network printer. Windows 2000 and XP have builtin IPP support and 'Win8x and NT have IPP support available as @ download from ‘Microsoft. From 9 Windows client perspective, what this means is that a Windows box can print to printer shared by a Linux box via CUPS without any addtional sofware (no need to install the “Print, Services for UNIX* addon) IPP also has security clearly defined as. ‘well user x609 cotfcates support For security, print job submissions ‘can be done using SSL. 4 Common UNIX Printing System ‘A complately now printing system = Supports both BSD and S)sV printing commands For example: tpe and tp + Supports network. peal, serial, and USB printers. Many advanced features Web based adminraton Uses Postscript Ptr Description files (ped) ‘Automat cient setup ‘Supports IPP (iterrat Pring Protocol) * Glent authentication ry easy to setupl Postscript Printer Description Files ‘All PostScript printers conform to some level (1,2, 3, etc) of the ‘specification. The spec defines how a print job ean use common printer features such a: duplexing, however, the spec cannot define hhow to use some neveiangled fancy hardware feature of a given printer such as a stapler or choosing what sort of color matching (Automatic, SWOP Press, SRGB Display. Fuji Poot, etc) to perform, For these printer specife features, the printer manufacturer ereates 9 PPD file that describes how to enable and use these advanced features. The PPD file acs as a print driver. In a forward thinking fashion, PPO files aro written in PostScript, an ASCI format. and 2 such afe platform noutal. If you have a PostScript printer (ora ‘non-Postscsit printer but use the foomatie print system to generate 8 Yoke’ PPD file) then when creating the print queue in CUPS, you can define the PPD to use. The ond result is that on a por-prinjob basis, he printer settings can be tweaked and taken advantage of AAP AFAR RE RRA RRA RRRvewwewrwvwwwwwwuureUUEUWuOUwuwwuW” Graphical Print Configuration Since the beginning of UNIX printing, the /etc/printcap file uses ‘syntax that is somewhat cryptic. This can make editing ths file time Consuming process. I you consider in aition the many other tasks ‘associated with configuring a printer manually (creating the needed rectory structure, seting permissions, creating fiers and scripts, ‘etc, setting up printer can become quite a chore. Because af this, using a front end program has been the noc, Configuring the CUPS printing subsystem ‘Tho CUPS printing subsystem is quite abit easier to configure than ‘both LPO and LPFing. The two main configuration files are in an easy to read Apache-ike format in the /ete/cups/ directory. The ‘cupsd.coaf isthe global configuration file and handles settings such {85 what clonts are allowed, logging deta, and maximum limits on| jobs, users, and copies. The printers. conf file contains enties for ‘each configured printer. Besides manval editing, it can be managed three ways: ‘https/ /localhost :631/ oe padnin 2 Distribution specie utilty By default, the web interface only accepts connections from localhost. Public access provides read-only access, but when ‘attempting an administration task, CUPS prompts for the root, ‘username and password. Defining a Printer ‘CUPS wob interface padnin KDE Control Center (kcontzol} Peripherals ~ Printer too! ‘systew-coafig-printer Command Line CUPS also provides » commandline utity, padaia, that ean be run {2 root on the machine to add, modify and delete printer. For example: 4 \padnin -p phasorseo ~z -P /tmp/tk866dp1.ppd-> ‘v hetp://phaser868. example.com:80/ipp/ ‘This command will create a prirt queue named phaser868, enable it load the PPD file specified into the CUPS database for use by this printer, and connect to the printer atthe specified URL. system-config-printor Additionally, RHELS provides systen-config-printer as a GUI print {queue creation tool. Via an easy-to-use graphical interface, systen-config-printer allows you to set up local or remote (network) printers. 115Managing CDs, DVDs, and BDs ‘Managing optical media, such as a Digital Video Dise, can be useful for backups, transporting and sharing data, and manipulating data {such as with a custom instalation dik). Linux typically uses the ‘Jeev/sdx device file, along with symbolic inks such as /dev/edron, ‘and /éev/dvd. For instance, t0 eject a CO-ROM, type the following 8 eject /dev/oaron ‘Some systems have the capability to close the CD tray with the ~& option. Te target ean aso be the mount point forthe device, 2 Pant. ‘Most madern optical dives support asynchronous notifications of ‘events, such a8 media insertion, va either MMC or SATA ATAPL textonsions. Older devices are actively polled by HAL (which can {cause problems with some devices or have a performance impact) ‘This poling ean be disabled, or re-enabled, 8s shown here: 4 hal-disable-potling --device /dev/caron # hal-disable-polling --enable-polling ~-device /dev/caron Creating a Now Disk Image ‘The akisofs command can read the file in a specified di tory hierarchy and create a new image. For example, to create an ISO standard 8660 CO-ROM image of a directory, type the following: $ mkisofs -o cd.iso -V “ZABEL-MAME™ ~iso-lovel 3 DIR-ZARGEE 116 Managing Optical Media 0, DVD, and Bus eetfcbrn od Serv syns) ‘The ISO level maintains compatibity with ISO CD image standards. ‘The original standard maintained compatibility with Microsoft's DOS, ‘meaning that fle names are case-sensitive uppercase) and ‘esticted to 8 characters, and a 3 character extension, With later ‘stonderds (IS0-8660: 1888 and ISOS660: 1880), somo of the restrictions were relaxed. Level 3 inthe example sbove is resvicted 10.31 characters, with an 8 nested directory Init and a total path longth mit of 258 characters Image Formats and mkisofs Options ‘To accommodate the needs of modern disk flesystems, seve ‘extensions to the base standard exst, The Joliet extensions are ‘common on Microsoft Windows platforms, have a limitation of 64 Ccharectr filenames, and use UTF-18 character coding, (see ~{charset). Add the -J option to use these extensions, of ~Jolict-tong for filenames up to 108 characters. For Unix systems, its preferable to use the Rockridge protocol instead of, or in addition to, Joist. To use Rockridge use the -R or =F option, -r has preset vaiues for UID and GID 8 e.g. root} ownership of files, gives global ‘ead access to files, but not write; where execute access is given to a fil, the x-bits sat for user, group, and other for that file). 255, character fle names are allowed, with case-sensitive naming, device fies and symbol ink presovation, nd wih he & nested ectry limit remove CCompatibiity with other systems, such as MS-DOS, is becoming less of an issue with these older systems. However if compatiity is ‘heeded, # TRANS. BL varsltion fie con be used in euch rectory to RR AAA RRA ROAR RRR ARR AR AAA SAA AAAS AASVOC CWC Www OU UUW UUweUWwwUUWuUWwO” ‘wanstate the fl fle name from the 8:3 DOS (and older ISO focmat, {including symbokc links, ang block and character device majr/minor numbers) Enable TRANS. TBL with the =7 option. ‘Croating an Image from an Existing Disk ‘The readed command is useful for taking existing media, and creating ‘an image for later reproduction. It is preferred over other methods ‘such as the dd command because in the event of CRC read errs, it will automatically ety. readed uses a simple interactive mode that ‘prompts for options not passed on the command lin. An example basic invocation might look like the following 4 eaded -v dev=/dev/cdron ‘Most modern optical drives will automatically slow down if they ‘encounter read errors, but when trying to read from particulary dirty ‘or damaged disks, using the speed=# option to manually slow read speed may help. Creating Dises from Images To buin an existing ISO CD image to CD, DVD, oF BD use the cdrecord command. In general, the cdrecord command will ‘autodetect the CD-ROM drive. typical invocation which would ‘Show progress and eject when complete would Be: 4 cdrecord -eject -v c8.is0 To specity the device tobe used, use the dev= option. This option cen use the syntax: [scsibus, target, lun (e.g. dev=15,1,0) or can take the device path as an argument (e.g. dev=/dey/dvérw). These can be discovered as follows: # wotin —devices Overview of accessible drives (1 found) : fiance’ "DYD RW AD-771 seeibusl: 1,8,8 168) ‘Optiarc’ “DvD RW AD-7716H" *A833* Removable CO-ROX wee anip ee For convenience, commonly used options (such as the device to use) can be placed into tha /etc/vedin.cont fl. Note that a default config file is elteady present which sets the device to /dev/cdrom and ‘peices burnfree, an option that enables @ feature of most modern ‘optical drives that prevents buffer undertun ero. Roading and Writing Audto CDs ‘Audio CDs use a different on disc format than data CDs. The cedparanoia command has extra features focused to the audio disc format thet inerease the chances of creating a bit perfect image from ‘an audio disc. The edrdao commend can then be used to burn audio back out oa dise. This command operates the dive in Diskat-Once burning mode which alows for things such as zero length track pre-gaps desirable on many audio disks, Additional Examples To create an exact duplicate of an optical data disk that includes not [ust the same data, but also subchannel data and identical TOC use the ~elone option as shown in this example: 4 readed dev=/dev/dvd ~clone f=disk. ing # cdrecord -clone ~ravi6r disk.ing To burn the contents of the current local directory to an optical disk loaded in the drive on a temote system: f mkisofe -r . | ssh user@renote host "cdrecord -data ~" ‘Mount an optical image file using the laopbeck option: loop -t 180968 disk.iso /ant/cdron ‘See and set the DVD region code for a dive (Waring, only fixed ‘number 0! changes are possible) # regionset regionset version 8.1 ~- reads/sets region code on DVD drives Current Fegion Code’ setting RPC Phase: IT typer SE? vendor resets available: 4 user controlled changes resets available: 4 drive pleys discs from region(s): 1, nask=6xFs Would yor Like to change the region’ setting of drive? (y/nl:y Enter the new region nuaber for your drive [1..8):3, New nask: 8x#C, correct? [y/nl: Region cade set successfully! # nount. 17Backup Hardware Linux supports a wide varity of backup hardware, ranging from small loppy tape drives all the way up to enterpriselevel DLT and similar large-capacity devices, Almost all SCSI devices will work without any further configuration. IDE or other non-SCSlinterface devices will require addtional driver suppor. For devices which may or may not be supported, most distibutions have a hardware compatibiliy Ist. Linux Tape Deviee Files “The fist SCSI tape device is accessible via /dev/st® and via ‘/éov/nst8. Tho second ile isthe no-rewind device file for the same tape drive. On the standard file after any operation, the tape is rewound. With the no-ewind device fils, this rewinding doesnt occur Likewise, IDE tape drives device files aro /dev/ht® and /dev/aht®. ‘Tope Drive Density Modes ‘Modem tape drives can operate in multiple modes. For example, hardware compression can be on or off, or reading and writing can be done at cifferent bit densities. Linux suppons accessing each tape rive in four diferent configurations of modes: /dev/st8 == model, /dev/st8l == mode2, /dev/stim == mode3, /dev/st6a == modes ‘wat configuration is mapped to each mode is defined in the Jete/stinit der fle, For DLT drives, use file availabe at: Jost /share/doe/nt-at-*/stinit def. examples 118 Robot Tape Libraries support “Manipulating Magnotic Medi ‘The nt command can be used to rewind, erase, and position a tape. Each backup produces 9 single file on the tape, to pasition the tape at tho start ofthe Sr fl, the fllowing command can be used: fmt -£ /dev/nst9 ast 3 ‘This does an absolute position by fist rewinding the tape. Relative forwards and backwards position changes can be made by replacing asf with either £58 or be. Controlling Tepe Libraries ‘Tape Libraries typically consist of one or more tape drives, 2 robotle arm with possibly a bar code scanner, and 2 oF more tapes in sots. ‘The ntx command can be used to control the library and unload and unloed tapes. The mex command is often scripted in conjunction with at, a5 well as tar, epio, or the dump backup commends. ARORA RAR RRR RAR AAA AAASVOW UwUwwwwwYUVEVowwowUVeuUWowud Using the mtx Command The mtx commend is used to contol the robot within tape libraries, Once a tape is loaded into tape driver, then the mt command can be used to manipulate the tape. The mtx command uses the =f ‘option to specity which SCSI generic device to use. If you arent sure ‘which SCSI generic device maps to your tape library. then use the inquiry option and cycle through the SCSI generic devices until you find the Rorery with 3 Product Type: Medium Changer. For example: 4 mtx “£ /dev/sg1 inquiry Product Type: Nediun Changer Vendor 10: ‘ATL . Product 1D: "1588 . Revision: '2.08" [Attached changer? tio ‘Other commonly used options incude: ‘status = Displays slot and tape drive tape media status including ‘any barcodes if available inventory = Forces robot to rescan al slots and drives oad slotaun [ drivenun ] = Loads media for specitied slot into tape drive 220 unload ( slotnun } [ deivenun } = Unioads media. By default unloads tape from drive zer0 to orginal slot. ‘transfer slotnua slotmum = Transfer media Tape Libraries “Tope Libraries accessed via SCSI genorie devices /aevsg8, fdev/sa, etc CControlied vi the tx command > Supports barcode reoders Examples from the mtx Command Display status of tape library, load @ tape from slot 3 into drive zero, ‘and then display the status again f mtx -£ /dev/sg3 status ‘Storage Changer /dev/sg3:2 Drives, 28 slots ( 1> Taport/Export bata Transfer Element @:Enpty Data Transfer Element 1:Empty Storage Elenent 1:Pull :VoluneTageBLP451s Storage Blenent 2:Full. :VoluneTag-BLPA525 Storage Elenent 3:Pull :VoluneTag-BLP453S wes nip a i ate -£ /dev/s93 load 3 Ente -£ /dev/sg3 status Storage Changer /dev/sg3:2 Drives, 20 slots ( > Taport/Bxport.) Data Transfer Element 8:Full (Storage Elerent 3 Lo» ‘aded) Volunetag = BLP4S3S, bata fransfer Elenent 1impty. ‘Storage Elenent 11Full :VoluneTag=a.P45is ‘Storage Elenent 2:Full :VoluneTageBLP452S Storage Elenent 3:Bnpty esnips es 149Linux Devices Files Linux provides user space access to hardware through device files. When an application accesses a davice file, the Kernel uses the appropriate device driver to interact with the hardware, The /dev/ ‘directory is usually the only directory with any device files. Historically, most device fles were created during the install process {often by instaling an RPM that provided the files). Devce flles can ‘also be eroated manually using the aknod command. When creating byrid A ata-HDS72808071A388_PFDBUSSDUSRESK ~> ../../sdb j= ata-S13168318AS_6VNGRA3T => «./../sda = at2-51316031685_SUN6KA3J-parti == ata-ST3168318AS_6VNGRAWT-part2 -> |) = dn-nane-vg_stationx-I_root => «.//di partl “> v+/+./sdal part? <> 10/./sda2 > eof o/b =~ 86ScbeB4-£9a2-476e-Sdtd-affd2979eNIb -> ../../adal p= 16£34414-4312-4823-8da8-ca653c336077 -> 5. /../dn-2 n= 4£576937-19de-478b-9£38-ad362d863400 => ../. dnd n= 7738de34-4842-446a-b320-B4f0686b12da => ©... /de-1 == Tocabdbt-d3ec-425b-b784-a7381145E46e -> ../../da-8 = fe0Se254-a664-48e6-a674-224b8499548 —> ../.. 86-3 3 directories, 33 files watHistory of the /dev/ Directory on Linux ne feature of the 2.6 kernel was improved device handling Originally, device files in /dev/ were stalealy created on disk, A new system named devis was ereated to allow device nodes to be ‘automatically created. As devis evolved, it showed several ctical flaws. A new system called udev was released Inthe 2.6 kernel, which replaces devi. ‘Reasons for the Crestion of syste ‘One of the goals of udev was to move device naming from kernel space to usor space. This simplifies the Kemel and gives users more ‘control over device naming. n order for this to be possible, information about devices needed to be exported from the kernel to a ‘place whore eny application on the system could access it. The ‘olution for this nd is a virtual filesystem called sysfs. ‘The creation of sysfs also helped the Linux keel developers come closer to reaching another important objective: to clean up /pr0c!. ‘The procfs viral filesystem was orginally created to provide information about processes running on the system. Overtime, /proc/ became poluted with mare and more information about system hardware. One goal of sysfs isto move information about hardware from /proc/ into /sys/, v.22 Kernel Hardware Info ~ /sys/ ‘Reasons forthe creation of syste ‘Provides hardvare information needed by udev + Centvazed locaton for device information * Clean up /proe/ ‘= Usually mounted on /sys/ syste ‘The systs filesystem is usually mounted on /ays/.The alectory structure contains entris for al devices on the system. Programs '8uch a8 udev look in /sys/ for information neaded to load kernel ‘modules, create device nodes in /dev/ and configure each device. (On modem Linux distributions, the sysfs flesysten is automatically ‘mounted on /5ys/ at boot. AR AAR RAR AR ARR AR RAR AA ARRASsys! Layout The root ofthe sysfs filesystem contains several directories. Important directories and thei use are described below: /sys/btock/ = Provides information about each block device on the systom (hard crives, CD-ROM drives, USB stocage devices, etc). ‘Jsys/bus/ => Displays which device drivers are associated to each ‘device. Tere is a directory for each system bus (PCI, SCSI, USB, etc} which in turn contain two sub-directories: devices/ and drivers/. The devices directory contains a symlink for each ‘device on the bus. These symlinks point to the corresponding device in /sys/devices/. The divers directory contains information on each devise diver needed or the devices on hat Isyslelass/ -> Categories devices by their functionality. For ‘example, /sys/class/net/ contains information about each ‘network interlace on the system and /sys/class/input/ contains information about input devices (keyboards, mice, ot). These directories contain symlinks that point tothe device locaton in Tsys/devices/ and the device diver in /sys bus Ieys/aevices/ => Contains the complete hierarchy of devices on the ‘system and how they are connected. Detailed information about ‘each device is presented. For example, /sys/devices/ shows how a USB mouse is intograted in the system: System PC! ‘Bus-USB Controller «USB Hub—-USB Mouse Isys/module/ = Contains a directory for each loaded kernel module. "This directory contains information about the module such as Isys/ Structure Main syste drectorios Toysrbloek ‘sye/bus? ‘Ieys/elass/ Iaye/sevices/ * Ysys/mosule/ Other syate directories /aye/firmanee! fayerrernel? ‘Jeysl poner! ‘module parameter values and reference counts {how many ‘modules are using that module) Isys/fizmare/ =» Some device drivers need to loa firmware into ‘the device in order for it to function. This is accomplished in 2 vice diver by providing a systs interface. That interface wall ‘9ppeer under this directory. It can then be used by a userspace program to uplead firmware (binary data} to the device criver, ‘which (presumably) in turn, loads the firmware into the devie Itself. Ths is about the only case ‘sysfs mechanism does not provide human readable output /sys/kernel/ = The /sys/kernel/debua/ directory is used by ketnel 6 driver developers for debugging. The /sys/kernel/hotplug_segnun fle is used by the hotplugging subsystem. ‘/sys/power/ = Controls the syste power state via ths directory. ‘Tho /sys/pover/ state ile ean be read to show which power states are supported. Writing one of those values back to this flo will place the system in that state. 1.23udev General Operstion Historical, the /dev/ directory was static and was populated at instal time, and then manualy by the systems administrator 35 devices were added or removed from the system. In contrast. the Ludev system dynamically creates device fils. Basic operation of udev Is as follows: 1. udevd lexically sons together the rule files found in /{ib, ete) hadev/rules.d/*.rules and then reads the rules into memory. 2, When the kernel detects a device (@.9. device enumeration on boot, hot-add of device, manual loading of kernel module, ete) itemits a uevent record which is read by the running udewd process. 3. udevd creates. deletes, or changes files under /dev/ based on the current ries. ‘As part ot processing some rules, udev runs extemal programs. ‘Additionally some hardware evenis are passed to higher level subsystems such as HAL and utisks (formerly DeviceKit. This lows for things like the graphical desktop reacting to a hardware change ‘such 8s launching @ file browser when an external disk is attached. ‘Managing the udevd Process ‘The udev daemon is fist started by scripts contained in the initial RAM disk during the early phases of the boot process. Init later calls ‘sdditiona scripts that interact withthe running udev daemon and finish populating the /dev/ directory. The udevada command can be 126 udev era “Reads cules into memory (/(1ib, etc} /udev/ tutes. + Ustens via notink socket for Kamel uovont massages * Creates, deletes, or changes fos under /dev/ evade sands messages to running udevd * debugivace udev and Kernel uovent sctity Used to interact with the running udev daemon. The following examples show some of the more common uses: ‘udevada control ~-relond-rules =» Re-ead ‘ule files into memory (perhaps new rules were created that are needed for future hardware events) udevada trigger --actionschange => Send change event for all ‘ubsystoms rebuilding /dev/ files based on loaded rules. ‘udevada info --expart-ab =+ Dump the contents of the udev ‘database showing: name, pat, sysfs attibutes, and environment _attbutes forall devices ‘wdevada monitor -+ Show all keel vevent and udev messages {useful for testing and debuging new rues) Creating Custom udev Rules ‘Standard udev rules needed by the system are provided by the /Uib/adev/rutes.d/*rutes files. These files should not be modified {2s they ate replaced as newer udev packages are installed. inthe rare ‘case where it is necessary, creating a file with the same filename in the /etc/udev/tules.d/ directory wil prevent the corresponding standard .rules file from being processed, Application RPMs can provide additional udev rules by placing .rules files in the /etc/udev/rules.d/ directory. For custom rules, 8 ew fle such as fete/udev/rules.d/99-xeuston.rules should be created. When naming the file, remember that udev only processes files ending in the .rales suffi, corts them lexicographically and that ‘custom rules should generally be run after the standard rules. RRA RRR AR RRR AAR AAA AAA AAA ASAIwewwwwewowwwwwwwTowUuUwUUUYUwYuuUUN! Fle File Syntax. Within the rules files, each rule is single ine, and each line hes the basic form of: eyeevatue.to.compare, key-value.to.ssiga Comparisons match the device in question, and then assignments determine the actons takon fr tat device such as the name of the fle o be crested in /dey/- Example of common keys tat ore compared include: ERIE, the Kemal samo forthe device: [imS{filenane), a sys atibute forthe dovice: ENV{Key}. a dvoice property value. Examples of common assignments include: KANE or SIMLINK lename tobe cated in /dev/:CHNER] GROUP NODE. permissions ond owneship fo the created device fie, Full {socumentation is found in tha udev() man page. Creating new rules generally stat with determining the correct set of ‘comparisons needed to uniquely identity the device in question. Use the udevada info command to find useful keys and values in the eye! filesystem that can be matched by APTRS keys: 1 udevadn info -a -p /sys/block/ sb 128Kernel Modules Kernel modules give the kernel access to functions, commonly called symbols, for many kernel services such as NetFiter, lesystam abstraction, hardware drivers, security, and network stacks. These ‘modules may depend on functions from other modules. These ‘dependencies need to be resolved, ether manually using insuod and xasod, or automatically using ether modprobe. Learning About Kernel Modules Configuring a module must be done either at boottime, for statically compiled module, of atthe time thatthe module is loaded. Kernel modules can have various options. To identiy options and ‘other information about a module use the modinfo command: a = ists author ofthe module lists description of the module =U 5 ists license of the module Sa 3 list the fle name of the module “p = lists parameters (options) forthe module Listing the modules that are curently loaded into the kemel is done withthe Usted command. ‘The following shows an example of the Lsnod commands output which is comprised of three columns: the module name, module ‘ize, and usage count: Module Used by 1.26 Kemel Modules Kernsl Modules Provide * HarGoare orvers Linx Secorty Modules (LSM) Discovering information about modules ‘= modiafo ‘Managing modules, saad nemo mod ‘ABI compatibty wie snipe ss ad 2120979 exports G61 tsa ngs aumes 1 ockd 635833 nfsd,nts sanip ss Inserting and Removing Modulos Inserting kernel modules is done with the inswod command. The basie syntax of the insmod command is: insand (ilenane|modute_name) [nodule_options] [...] ‘The insaod command will attempt to load the specitiod module. This {oad wil fal if the module does not detect compatibie hardware on the system, or if tis dependent on modules that are not curently loaded. Removing kernel modules is done with the rmnad command. Usage is ‘ranod nodule_nane. Modules wil fall to unioad if they ae currently in tse (check the "Used by" count in the module listing). Due tothe kemel data structures they use andior modify, some modules (such ipv6,ko module) can not be unloaded once they have been Oe eSYEE OwWEUeUUUwWwoUUEUuUUUUUUYewUUUEd Kerne! ABI Compatibility Upstream Linux kernel development (http: //kernel.ora) does not {guarantee ABI compatbilty from one version ofthe kernel to the ext, (eg. 2627 t0 2.6.28, or even 2628.1 10 2828.2), & diver {kernel module) may work with 3 kernel it was not complied for but only i the portion of the kernel ABI that t uses has not changed. Beginning with Red Hat Enterprise Linux 6, the Driver Update Program provides a stable ABI subset for companies to develop ‘agains, and the Driver Update Module and testing serot (http://driverupdateprosras.con/dovnloads/abi_check.oy) to ‘check the module compatibility withthe ABI interface, The officiel, ‘website is http://driverupdateproaran.cor, which includes an Upload form for te ting modules.‘Kernel Configuration In order for the Linux kemel to use any device, it needs the kernel Instructions for that device. These kernel instructions are supplied in the form af a device diver. Device drivers can be statically linked into the kernel, but more typically they are modular drivers which can be loaded and unloaded dynamically in the running kernel. |t support for some device and functionality has been statically linked into the kernel, the only way you can configure that driver fs By ‘modifying the bootloader (GRUB) configuration to pass the desired parameters wen the kernel is loaded. For example if you wanted the komel to run a console on the fist setial port, and you wanted local text consoles to run at @ speciic VESA mode, you could modify the kernel line in your GRUB configuration file to something tke: File: Pboot/arub/arub. cont [S[kernet_Tvmlinuz ro ro0t=/dev vg /FOoe vea=Oesve /ete!modprobe.d/ and /etc/modprobe.cont ‘The /etc/nadprobe.d/ directory, and the corresponding Jetc/nodprobe cont fle, is used to configure kernel driver modules. ‘These files support a large number of options including conditional statements. The two most commonly used configuration directives 19 alias and options. Aliases associate some common names with ® particular kernel module. For example, this ine species thatthe 1.28 Configuring Kernel Components and Modules ‘Two methods of compling kernel features * Comaed ino Kora nary installed under /boot/ 1 Sopaate kernal medule(" Ko} installed under /ib/nodules/ ‘Configuration options can be passed to kernel binary on boot Iteracively from GRUB command prompt + Persistent trom GRUB config fle Configuration options ean be passed to kernel modules interactively when fading module 1 Porsstenty from /ete/nodprobe. cont ‘thd device uses the 3eS8x.ko driver: Fils: fetc/ncdprabe cont falas ote $08 eerie ‘The options directive is used to set physical parameters (ike IRQ and DMA addresses) or activate features supported by the driver. For ‘example, this line would assign IROs 10 and 11 t0 two 3c609 ISA ‘network cards in the machine: File: Tetc/acdprobe cont fons 30509 Irgei6, RHELE does not come with an /ete/nodprobe.conf by default, but instead only uses files within the /ete/modprobe.d/ directory. RARER REAR RAR RAR AAR RRA ASVEC veUUwuoweuUUrUuUoUUUUUUwUuUES Module Dependencies Some modules need functions that are provided by other modules, Creating interdependencies. In order to use a module that needs functions provided by another, the module that provides the functions ‘must be loaded before the module that requires them. To deal with ‘module into-dependencies, an administrator can manually load the ‘modules using insaod. ‘The modprobe Command ‘The modprobe command provides an alternative to manually resolving ‘module inter-dependencies. It provides automatic resolution of ‘madule dependencies. The nodprobe command resolves module dependencies using alist ofall modules and the symbols they ‘tequire and provide, This list is created using the depacd command. It thas syntax similar to a Makefile and is writen to the ‘Nib/modules/$ (uname -r) /nodates.dep fl. ‘The depaod command will create a nodvtes.dep file (among other files) fr the curtenty running kernel. Once the nodules.dep file is Cteated the modprobe command can be used to insert and remove ‘modules from the kernel ‘The following example would insert the nfs-ko module into the kemel, including any needed dependencies, eg. the sunrpe.ko ‘module which nfs-ko depends on): # modprobe nts Handling Module Dependencies Movdule Dependencies ‘+ /Ubfnodules/$(unane -r}/nogoles.dep To later remove the module, you would invoke modprobe with the = ‘option as shown inthis example: 1 moriprobe -r nfs 1-29Viewing Process Information via /proc/PID/ If the /proc/ filesystem is mounted, then the eunning kernel uses it a8 an interface to expose information about itself. The original use of ‘Zproe/ was to provide information about running process on the ‘system. Commands ike ps depend on /proc/ as the source of Process information. Inside /proc/ exists @ sub-arectory whose ‘name corresponds with the PID of each process on the system, for ‘can be viewed such as cadL.ine, environ and status. Also, there are ‘symlinks for root, exee and cwd that ink to the process’ fesystom ‘oot, executable and current working directory, respectively ‘The directory /proc/P10/£8/ contsin symlinks to fles (when applicable) for each file handle thatthe process hes open. Configuring the Kernel via /proc/sys/ ‘The majority of the files in /proc/ are read-only, but most of the files found under the /proc/sys/ hierarchy are writable by the root Us {and can be used to tune various aspects of the running kernel and its ‘modules. The /proc/sys/ directory isthe only part of the /proc/ filesystem that is writable. To view the current value of a procs fil, use the eat command a shown ia this example: 4 cat /proc/sys/fs/file-aax 101643 130 Configuring the Kernel via /proc/ ‘Jpt0e/PID/ exposes information about ach process on the system “Fle and symnks lide eoch llder prove formation about tha process, Jprce/sye/ exposes tunable kernel parameters ‘ww curent values ath eat 1 Ietty with echo 1 view and modify with sysctl command Jete/ sysctl cont adds porsstonce to tunable kernel paremeters ‘You can set the file to @ new value using the echo commend and rediecting the output to the file as shown in ths example: 4 echo "118080" > /proc/sys/fs/fite-aax Using the sysctl Command Instead of using the cat and echo commands as shown in the previous examples, you can use the sysctl command to view and Set values in /proc/. For example, to view and modify the same value as shown betore, you could execute these commands: 4H sysctl fs.filemar fs.file-nax = 161603 4H sysctl -w "fs, fiLo-maneit6 ‘The sysctl command can also list all available kernel tuning options ‘8 shown in this example: 4H sysctl -a pee stip. Esloverflowid = 65534 fsidentry-state = 21296 18868 45 8 8 8 fs.file-max = 191603 "9758161643 POLAR REL RAR RE ARRAN AAA ATTveeswoewrerwwwwrewwUwewuUUwowUUed ‘Making Tuning Changes Permanent (Changes to the values in /proc/ wll not survive a reboot. To provide for parmanent changes. the system inalization script runs the sysctl ~p command on boot. This reads settings from a the Tetc/sysctl.cont file if it exists. and makes the tuning changes on ‘boot. The syntax forthe text fle can be obtained from the sysctl cont (5) man pag ‘To have the file-nax parameter set toa specific value each boot, do the following: (Fie: Jete/eysctl cont ee eee eesLab 1 Eatimated Time: 60 minutes Task 1: Adjusting Kernel Options Page: 133 Time: 18 minutes Requirements: & (1 station) ff (classroom server) ‘Task 2: Configuring Print Queues 138 Time: 15 minutes Requirements: (1 station) (classroom server) X (graphical environment) introduction to Troubleshooting Labs 1-42 Time: 10 minutes Requirements: (1 station) ‘Task 4: Troubleshooting Practice: Kernel Modules Page: 1-47 Time: 10 minutes Requirements: (1 station) 132 RRR ERE RAR REAR ARR RAR AAAeC UCU wewYOOwWwUwUwwHuUUwuUWwed ont : 4 ‘Enable the Masic St Disable ICMP brcoccat fees Task 1 a Adjusting Kernel Options BIT station 8 (classroom server) Eetimated Time; 16 minutes Relevance The Linux kernel has hundreds of tunable options that can affect the performance or security of the system. Being able to tune these options in 2 persistent manner is an important system administration sk Notices ‘RIF this lab exercise is being run within vital environment, the use of special keystrokes may bo needed to switch between virtual terminals, 1) The folowing actions require administrative privileges. Switch toa x00! login shell: Ssu-t Password: makeitso [= 2) The Nagic~systeq key Is a low-level method to communicate with the kernel. I the kernel documentation is installed, related information can be found in the sysrq. txt fl, Insiall the kernel documentation: 4 yum install -y kernel-doc + output omitted... '3) Use the less command to look at the syseq. txt file # less /usr/share/doc/kerne|~doc~*/Documentation/sysrg.tet ++ output onitted . 44) Support for the Magic-sysReg option is compiled into the kernel. Examine the ‘current value of /proc/sys/kernel/sysrq? 4 cat /proc/sys/kernet/sysrq 6 133134 5) 6) 7” Enable the ful st of tagic-SysReq key combinations by editing the Jetc/sysctl.cont fle and changing the value of kernel .sysrg to 1: [Fier Fete/sysctl.cont +|kernet.sysrq Use the sysctl program to process the /ete/sysct1.coaf file and then view the # sysctl -p ce stipe ss kernel. sysrg = 1 4 cat /proc/sys/kernel/sysrq i ‘Alternatively, the echo command could be used to make this change immediately by running echo 1 > /proc/sys/kernel/sysrq, however, changes made using this, technique will not persist across reboots. Create a simple tojan login script to help test the kernel syszq functions. Create a fle named /¢np/ Login with this content (Fle: Feaprtogin y + Hl 3 + + +] echo “Suser + Spass >> /emp/foo +] stoop 3 +] echo ~e *\ntogin incorrect\n" + | done eeeee ewww wwe we ewUUwUwouUUUN ‘Notice that in this script, the intercepted usernames and passwords willbe stored the /tmp/ oo fle. 8) Make the trojan login script executable 4 chmod 755 /tmp/login nd login as the guru user. Launch the serint and login as the guru user to test the script 5 emp/togin login? gure passvord: work =] login incorrect login: EV 10) Use the kernel sysrq function to have the kernel kl ll processes on this viual terminal. The init process will then re-spawn the real login ome 11) The virtual terminal has been compl trojans running. Login tothe mach database: 5 cat /tap/too + + output omitted . ly respawned by iit and there are no ‘and cisplay the contents ofthe trojan 12) The folowing actions require administrative privileges, Switch to a root login shel $su-t ‘This gin prompt generated by the tan sept end no te arma gin program, 1 doesnot beak out of he sig because is ‘rpg and going is sna. Ie being done evra erate conection this Key ambiaton may no be able tobe assed to the remot system 30, is step wil ot wk, and ‘terminating the session maybe necessary. 1.35Password: makeitso f=) 13) 1 your system has been configured to ignore ICMP echo-broadeasts for extva ‘security, this kernel parameter must be disabled prior to the upcoming stops in this ab./As the root user, temporarily enable ICMP echo-broadeast support: 4 sysctl net.tpvé. icup_echo_ignore_broadcasts=@ net. ipv4. ionp echo ignore broadcasts = 8 14) ICMP ping requests sent to the broadcast address are answered by each host that listens to thet broadcast address. Verity that your system is responding to broadcast pings: 4 ping ~b ~c3 10,100.0.255 ARNG: pinging "broa PING 18,108.8,255 (18.1 address 255) 56(84) bytes of data. 4 bytes from 18.108.6.1: Lonp.soane tt1nEd tine.063 ns “Your systems P adress thou appear somone ia 4 bytes fron Scaprsege® ttl=64 time-8.173 ns (DUP!) ‘he output. Ober systems inthe Gass00m mayor may 64 bytes fron caprseqe8 tel=64 time=8.187 ns (DUP!) ot appear nthe King 64 bytes from icap_seqee tt1=64 timen8.197 ns (DUP!) 64 bytes fron icap_seqré tel=64 timo-8.205 ns (DUP!) 64 bytes fron cmp_soge8 tt1=64 timo=8.213 ms (DUP!) 64 bytes fron icmp_sege] eel=64 time=6.039 ns snip. i 255 ping statistics --- 3 packets transmitted, 2 received, #34 duplicates, packet loss, time 1800s Et min/avg/nax/ndev = 0.039/8.153/8.213/8.068 ma, pipe 2 16) Ater the system so that it will not answer ICMP requests fora broadcast address by tuning the TCPAP stack via /proe/: 4 sysctl net. iprd.icup_echo_ignore_broadcasts=1 net.ipv4.icmp_echo_ignore broadcasts = 1 16) Verity that the change to /proc/sys/net /ipv4/icup_echo_ignore_broadcasts 136 ‘was successfully applied by pinging the broadcast address again and verifying that the system does not respand this time: 4 ping 03 10.100.0,255 RRA R ARERR AOR AAR RAR AAA RRAwewwwwwuwwowwwwwwewUwwUUUwUwwOwuUWS WARNING: pinging broadcast address PING 16.189.6.255 (18.188.0.255) 56(84) bytes of data 64 bytes Ero 1 1 Leap. soged ecIn6t tine 16 ns Your stems 64 bytes from 1 jomp_seqra ¢tl=64 tine=8.127 ns (DUP!) ouput 64 bytes from 1 femosegré telcet tine-8c136 ne (DOF!) 64 bytes from 1 Lomp_soge® tt1=64 time-@.146 as (DUP!) 64 bytes from 19.188.8.U: icxp_seq-s tti-64 tine=8.156 ne (DUP!) 64 bytes from 18.100.8.7: icsp_seqr8 ttl=64 tine=6.166 ms (DUP!) = snip 255 ping statistics 3 5, Ot packet loss, tine éns 21/8. 164/8.234/8.853 ms, pipe 2 17) though configured to ignore broadcast pings by default, make the kernel parameter explicit by ading an entry to the /ete/sysctl -cont fle: je: /eteFaysctl cont [¢[net-Tpvt. Tonp_eche_Ignore_brosdeasts = 1} Cleanup 18) Return sysiq to its orginaly configured state: (fe fetelepect ent] emeteeyseg—> + [kernel syseq 19) To avoid a rebo« 4 sysctl -p load the settings made to the /ete/syset cont fe adress shold no loge appear in his 137Obigetives Labi ferret ‘Contr it cus uns We Susan Task ‘Configuring Print Queues —— '2.(1 station) @ (classroom server) X (graphical environment) Relevance Huge numbers of new printed pages of content are created every day. {Linux isa popular choice for deploying print servers, and configuring and ‘managing a pint server is 8 common systems administration task, Notices % To access print queues, use the appropriate URL: [server exaep 1) The following actions require adminiswatve privileges. Switch to a root login shell Ssu-t Password: makeitso =] 2) Install CUPS as a prerequisite of running ths lab task. yun instal -y cups + output omitted. . . i service cups start + +. output omitted . . 4 chiccontig cups on 3) Administrative privileges are no longer required: exit the root shell to return to an Unprivleged account Foxit 4) As the guru user, add a focal queue using the native CUPS wob intrface: (Open a web browser to http://tocalhost :631/ Click the Adminstration link near the top. ee a Aeee ewwwwvwwwwwwwCwUowwUweVueuwuwud 5) 8) 7 8) Click the Add Printer button, Enter the root username and password Solect Internet Printing Protocol. (pp). Click the cont ne button. ‘On the Device uRr for printer! dialog, inthe Device URI box, append to the ‘existing text so that it reads pp://sexver1 .example.con/printers/stationt@) Click the cont nue button. Ento this information in the dlalog provided: Fae Valve tame [peintert [Hocation [3rd planet fron the Sen Description |Renote queve stationlql on serverl Click tho cont ive button. On the Hake/Nanufacturer for printert dialog: Choose Rav, (lick the continue button. (On the Nodel/Driver for printer! dialog: Choose Raw Queue (en). Click the add Printer button. At the Set Default Options for printer! page, select Set Default options. Foramoment, amessage willbe printed: Printer printerl default options have been set successfully. ‘The page wil then cefresh to indicate the print queue is eccepting jobs. 1-399) 10) 1) 12) 13) 14) 15) 16) 1-40 The following actions require admini shel: S suet Password: makeitso 2] Print the /ete/passwa fle using the raw option, fpr “1 -P printert /ete/passwt ‘With a web browser, vey that printing is working properly for the printer! queue by browsing to hetp2/ Hinton la file exists, the print job was successful ‘Add the printer? queue using \padnin: 4 \padain -p printer? -£ -p "Renote queue stationsy? on serverl* -P /usr/share/cups/nodel/textonly ppd» ~v ipp://server! .eranple.cow/printers/stationtq2 ‘View the new lines added to the /ete/cups/printers.conf: # tail -n 38 /ote/eups/printers.cont + + + output onitted. - Print the /etc/profile fle using the raw option, -1: lpr -1 -P printer? /ete/profite Open http://server1 example.con/printoutput /stationta2/ in a web browser Verify that printing is working properly for the printer? queve. it file exists, the print job was successful Sot the printer? quoue as the default local queue: # tpadnin -€ printer? RRR ARERR ARR RRR ERAS AAA AAA AAAwe Oe rE Cee ee weer CUU wu EWU 17) Observe the change inthe /etc/cups/printers.cont fle: 4 grep pefautt /otc/cups/printers cont ‘ofauttzrinter printer2> 18) Finally. remove the definitions for the printer] and printer? queues: # Ipadnin ~« printer? 4 lpadnin -x printer? 19) Administrative privileges are no longer required; exit the root shell to return to an ‘unprivleged account: 4 exit "This may take CUPS several seconds to update the Fl. Vat142 Objectives Lab1 Practice using the tsmenu command, Task 3 Requirements Introduction to ‘R(T station) Troubleshooting Labs Relevence Estimated Time: 10 minutes 1 2) 3) 4) Troubleshooting scenario scripts were installed on your system as part of the classroom setup process. You can use these scripts to break your _yetem in a contrllod way, thon practice troubleshooting ond feng the problem. ‘The following actions requite administrative privileges. Switch to a root login shell ‘As the root user, invoke the tsxenu command: # tenena ‘The fist time the troubleshooting framework is started, some information about your system is needed: Press =] to continue, ‘The PreLininacy Information screen states that tsmenu is sbout to collect information about the system. ‘This will happen only once. Select Yes then press B=] to continue firm the correct Linux distribution was detected. Use the [E] (left arrow) key and EI (ight arrow) key to switch between Yes and to. Press 63] to continue. Confirm your preferred Ethernet device was detected. Ine Select troubleshooting Group sereen is displayed. This frst scenario is 8 simple HOWTO for the tsntena command. Its function is to famnifarize you with the usage of tment RRA RAR FARR AAR RR RAR ARR AAAWEES EY Cee wor UWwuCwuUUUoWwUuWwWd 5) 6) 7 Selact troubleshooting Group #6. Use the [E (up arrow) key and {2 (down arrow) key to select a group of troubleshooting scenarios. ‘Select ox than press = Use the (left arrow) key and Eight arrow) key to choose whether to switch to the next or previous screen, The Select Scenario Category screen is displayed, ‘Teoubeshooting Group 48 contains only one scenario category: Soloct the Learn category. Pick the scenario category to view. ‘Select 0X then press =). ‘Continue tothe next screen. ‘The Select Scenario Script screen is displayed. ‘The Leam category contains only one scenario: Solect the Learn sh scenario. Pick the break script to run, Solect ox then press Continue to the next screen. ‘The Break systea? screen is displayed ‘The system is about to be broken. Before breaking the system, read the description of the problem to solve in this scenario: Read the scenario description. ‘Make sure youre prepared to break the systea now! Soloct Yes then pross =). un the break script Wait forthe break serit to run, ‘Some break scripts can take up to 8 couple minutes to run. ‘The SYSTEN IS BROKEN! screen is displaved 14310) '8) The tsnenu commend is now locked on the selected scenario and will nt permit ‘another scenario to run until the current scenario is solved: Contemplate the fact that you have just deliberately broken your own system. Life is funny sometimes, itt? Select ox then press E= Begin the troubleshooting process. ‘The tsnenu command stops running. Depending on the scenario, a reboot may be ‘required betore the problem is noticeable, In these cases, the system will reboot ‘automaticaly after you press B= 9) itis possible to reread the scenario description two diferent ways. First, the description is saved in a text file, Display the contents ofthis i ‘Second, rerun the tsnenu command. Each time the tsnenu command runs. it checks to sen ifthe currant problam has been solved. H the problem hasnt been solved, tsneno will provide information ‘about the current scenario instead of presenting alist of new scenarios. ‘As the root user reinvoke the tsnenu command: 4 tenons ‘The Scenario Wot Coapleted screen is displayed. 11) tis not possible to run another break script until the current scenario has been finished. ‘Select 0x then press B=) 12) ‘If unsure of how to proceed, the tssenu commend cen provide hints. It doesnt 188 immediately reveal the solution, but instead presents gradual hints in the order of realistic troubleshooting process. ‘View all ofthe Yearn-1.sh hints: Aeww ew wuvuUVweUUwrwwuUUVowUUUwuUUWs 13) 4) Solect the Hint menu item, then select OK and press EE ‘View a hint forthe eurrent problem. Read the fst hint. ‘Select 0x then press =). alum tothe scenario menu Press BJ then read the second hint. Press =] 0 return tothe scenario menu. Press =] then read the thie hint Press Bz] to return tothe scenario menu. ‘Notice thatthe total number of hints avalible is indicated and previous hints ar teshown, Instead of closing and re-running the tsnenu command to check if the current scenario problem has been solved. its possible to recheck the problem by using the scenario menu's Check menu item: Solect check, then select Ox and press =] CCheck if the problem scenario is solved Note the scenatio is not completed Select of then press B=] Fletum tothe scenario menu {tthe problem scenario has not been solved and tsmenu wont let a new scener be selected. carefully review the requirements in the scenario description I still ‘unsure about how to proceed then consult the instructer. Reread the scenario description, then close tsnenu: Select Description, then select ox and press =]. View the scenatio descrition. Re-read the scenario description, Select OK then press =] Rotur to the scenario menu. Select cancel then press [=I 1-45‘Close tsnenu and return to the command ine, 115) Solve the scenario problem by creating the required file: 4 touch /root/solved 16) Launch the tsmenu command again: 4+ tenenu 17) As usual, tsnenu checks to see if youve solved the current problem. Once the problem is solved, the Proubleshoot ing Group sereen is uniocked and another Scenario can be explored! Note that youve completed the scenario. Solect 0x then press EI ‘The Troubleshooting Group screen is now unlocked. Select cancel then press ‘Close tsnenu and return tothe command line. 18) Administrative privileges are no longer required; exit the root shel to return to an ‘nprivileged account # exit 1-46 POPPA ROLE LRA RRA ARAMA RAVeer eUwoOwwWwuUUWUWwoUwUUuws Objectives ' Practice troubleshooting kernel module issues. Requirements B(1 station) Relevance Troubleshooting scenario scripts were installed on your system as part of the classroom setup process. You use these scripts to break your system in controlled ways, and then you troubleshoot the problem and fx the system. Notices ‘The tena program requires root access to the system and will need to be run from a root shel. 1) Use tsnenu to complete the kernel module troubleshooting scenario: [Scenario Name Troubleshooting Group] Cateaory| [Groups Ker kemelmeduleO1-sh Lab 1 Task 4 Troul sk 4 Practice: Kernel Module: