You are on page 1of 40


Basic Linux Commands

mkdir - make directories Usage mkdir [OPTION] DIRECTORY Options Create the DIRECTORY(ies), if they do not already exist. Mandatory arguments to long options are mandatory for short options too. -m, mode=MODE set permission mode (as in chmod), not rwxrwxrwx - umask -p, parents no error if existing, make parent directories as needed -v, verbose print a message for each created directory -help display this help and exit -version output version information and exit cd - change directories Use cd to change directories. Type cd followed by the name of a directory to access that directory.Keep in mind that you are always in a directory and can navigate to directories hierarchically above or below. mv- change the name of a directory Type mv followed by the current name of a directory and the new name of the directory. Ex: mv testdir newnamedir pwd - print working directory will show you the full path to the directory you are currently in. This is very handy to use, especially when performing some of the other commands on this page rmdir - Remove an existing directory rm -r

Removes directories and files within the directories recursively. chown - change file owner and group Usage chown [OPTION] OWNER[:[GROUP]] FILE chown [OPTION] :GROUP FILE chown [OPTION] --reference=RFILE FILE Options Change the owner and/or group of each FILE to OWNER and/or GROUP. With --reference, change the owner and group of each FILE to those of RFILE. -c, changes like verbose but report only when a change is made -dereference affect the referent of each symbolic link, rather than the symbolic link itself -h, no-dereference affect each symbolic link instead of any referenced file (useful only on systems that can change the ownership of a symlink) -from=CURRENT_OWNER:CURRENT_GROUP change the owner and/or group of each file only if its current owner and/or group match those specified here. Either may be omitted, in which case a match is not required for the omitted attribute. -no-preserve-root do not treat `/' specially (the default) -preserve-root fail to operate recursively on `/' -f, -silent, -quiet suppress most error messages -reference=RFILE use RFILE's owner and group rather than the specifying OWNER:GROUP values -R, -recursive operate on files and directories recursively -v, -verbose output a diagnostic for every file processed The following options modify how a hierarchy is traversed when the -R option is also specified. If more than one is specified, only the final one takes effect. -H -L -P if a command line argument is a symbolic link to a directory, traverse it traverse every symbolic link to a directory encountered do not traverse any symbolic links (default)

chmod - change file access permissions Usage chmod [-r] permissions filenames

r Change the permission on files that are in the subdirectories of the directory that you are currently in. permission Specifies the rights that are being granted. Below is the different rights that you can grant in an alpha numeric format.filenames File or directory that you are associating the rights with Permissions u - User who owns the file. g - Group that owns the file. o - Other. a - All. r - Read the file. w - Write or edit the file. x - Execute or run the file as a program. Numeric Permissions: CHMOD can also to attributed by using Numeric Permissions: 400 read by owner 040 read by group 004 read by anybody (other) 200 write by owner 020 write by group 002 write by anybody 100 execute by owner 010 execute by group 001 execute by anybody ls - Short listing of directory contents -a -d -F list hidden files list the name of the current directory show directories with a trailing '/' executable files with a trailing '*' -g -i -l show group ownership of file in long listing print the inode number of each file long listing giving details about files and directories

-R -t

list all subdirectories encountered sort by time modified instead of name

cp - Copy files cp myfile yourfile Copy the files "myfile" to the file "yourfile" in the current working directory. This command will create the file "yourfile" if it doesn't exist. It will normally overwrite it without warning if it exists. cp -i myfile yourfile With the "-i" option, if the file "yourfile" exists, you will be prompted before it is overwritten. cp -i /data/myfile Copy the file "/data/myfile" to the current working directory and name it "myfile". Prompt before overwriting the file. cp -dpr srcdir destdir Copy all files from the directory "srcdir" to the directory "destdir" preserving links (poption), file attributes (-p option), and copy recursively (-r option). With these options, a directory and all it contents can be copied to another dir ln - Creates a symbolic link to a file. ln -s test symlink Creates a symbolic link named symlink that points to the file test Typing "ls -i test symlink" will show the two files are different with different inodes. Typing "ls -l test symlink" will show that symlink points to the file test. locate - A fast database driven file locator. slocate -u This command builds the slocate database. It will take several minutes to complete this command.This command must be used before searching for files, however cron runs this command periodically on most systems.locate whereis Lists all files whose names contain the string "whereis". directory. more - Allows file contents or piped output to be sent to the screen one page at a time less - Opposite of the more command cat - Sends file contents to standard output. This is a way to list the contents of short files to the screen. It works well with piping. whereis - Report all known instances of a command wc - Print byte, word, and line counts

bg bg jobs Places the current job (or, by using the alternative form, the specified jobs) in the background, suspending its execution so that a new user prompt appears immediately. Use the jobs command to discover the identities of background jobs. cal month year - Prints a calendar for the specified month of the specified year. cat files - Prints the contents of the specified files. clear - Clears the terminal screen. cmp file1 file2 - Compares two files, reporting all discrepancies. Similar to the diff command, though the output format differs. diff file1 file2 - Compares two files, reporting all discrepancies. Similar to the cmp command, though the output format differs. dmesg - Prints the messages resulting from the most recent system boot. fg fg jobs - Brings the current job (or the specified jobs) to the foreground. file files - Determines and prints a description of the type of each specified file. find path -name pattern -print Searches the specified path for files with names matching the specified pattern (usually enclosed in single quotes) and prints their names. The find command has many other arguments and functions; see the online documentation. finger users - Prints descriptions of the specified users. free - Displays the amount of used and free system memory. ftp hostname Opens an FTP connection to the specified host, allowing files to be transferred. The FTP program provides subcommands for accomplishing file transfers; see the online documentation. head files - Prints the first several lines of each specified file. ispell files - Checks the spelling of the contents of the specified files. kill process_ids kill - signal process_ids kill -l Kills the specified processes, sends the specified processes the specified signal (given as a number or name), or prints a list of available signals. killall program killall - signal program

Kills all processes that are instances of the specified program or sends the specified signal to all processes that are instances of the specified program. mail - Launches a simple mail client that permits sending and receiving email messages. man title man section title - Prints the specified man page. ping host - Sends an echo request via TCP/IP to the specified host. A response confirms that the host is operational. reboot - Reboots the system (requires root privileges). shutdown minutes shutdown -r minutes Shuts down the system after the specified number of minutes elapses (requires root privileges). The -r option causes the system to be rebooted once it has shut down. sleep time - Causes the command interpreter to pause for the specified number of seconds. sort files - Sorts the specified files. The command has many useful arguments; see the online documentation. split file - Splits a file into several smaller files. The command has many arguments; see the online documentation sync - Completes all pending input/output operations (requires root privileges). telnet host - Opens a login session on the specified host. top - Prints a display of system processes that's continually updated until the user presses the q key. traceroute host - Uses echo requests to determine and print a network path to the host. uptime - Prints the system uptime. w - Prints the current system users. wall - Prints a message to each user except those who've disabled message reception. Type Ctrl-D to end the message.

adduser Add a user to the system addgroup Add a group to the system alias Create an alias apropos Search Help manual pages (man -k) apt-get Search for and install software packages (Debian) aspell Spell Checker awk Find and Replace text, database sort/validate/index b basename Strip directory and suffix from filenames bash GNU Bourne-Again SHell bc Arbitrary precision calculator language bg Send to background break Exit from a loop builtin Run a shell builtin bzip2 Compress or decompress named file(s) c cal Display a calendar case Conditionally perform a command cat Display the contents of a file cd Change Directory cfdisk Partition table manipulator for Linux chgrp Change group ownership chmod Change access permissions chown Change file owner and group chroot Run a command with a different root directory chkconfig System services (runlevel) cksum Print CRC checksum and byte counts clear Clear terminal screen cmp Compare two files comm Compare two sorted files line by line command Run a command - ignoring shell functions continue Resume the next iteration of a loop cp Copy one or more files to another location cron Daemon to execute scheduled commands crontab Schedule a command to run at a later time csplit Split a file into context-determined pieces cut Divide a file into several parts d date Display or change the date & time dc Desk Calculator dd Convert and copy a file, write disk headers, boot records ddrescue Data recovery tool declare Declare variables and give them attributes df Display free disk space

diff Display the differences between two files diff3 Show differences among three files dig DNS lookup dir Briefly list directory contents dircolors Colour setup for `ls' dirname Convert a full pathname to just a path dirs Display list of remembered directories dmesg Print kernel & driver messages du Estimate file space usage e echo egrep expression eject enable env ethtool eval exec exit expect terminal expand export expr f false fdformat fdisk fg fgrep string file find fmt fold for format free fsck ftp function fuser file g gawk getopts Display message on screen Search file(s) for lines that match an extended Eject removable media Enable and disable builtin shell commands Environment variables Ethernet card settings Evaluate several commands/arguments Execute a command Exit the shell Automate arbitrary applications accessed over a Convert tabs to spaces Set an environment variable Evaluate expressions Do nothing, unsuccessfully Low-level format a floppy disk Partition table manipulator for Linux Send job to foreground Search file(s) for lines that match a fixed Determine file type Search for files that meet a desired criteria Reformat paragraph text Wrap text to fit a specified width. Expand words, and execute commands Format disks or tapes Display memory usage File system consistency check and repair File Transfer Protocol Define Function Macros Identify/kill the process that is accessing a Find and Replace text within file(s) Parse positional parameters

grep pattern groups gzip h hash head help history hostname i id if ifconfig ifdown ifup import file install j join k kill killall l less let ln local locate logname logout look lpc lpr lprint lprintd lprintq lprm ls lsof m make man mkdir mkfifo mkisofs mknod

Search file(s) for lines that match a given Print group names a user is in Compress or decompress named file(s) Remember the full pathname of a name argument Output the first part of file(s) Display help for a built-in command Command History Print or set system name Print user and group id's Conditionally perform a command Configure a network interface Stop a network interface Start a network interface up Capture an X server screen and save the image to Copy files and set attributes Join lines on a common field Stop a process from running Kill processes by name Display output one screen at a time Perform arithmetic on shell variables Make links between files Create variables Find files Print current login name Exit a login shell Display lines beginning with a given string Line printer control program Off line print Print a file Abort a print job List the print queue Remove jobs from the print queue List information about file(s) List open files Recompile a group of programs Help manual Create new folder(s) Make FIFOs (named pipes) Create an hybrid ISO9660/JOLIET/HFS filesystem Make block or character special files

more mount mtools mv mmv n netstat nice nl nohup nslookup o open op p

Display output one screen at a time Mount a file system Manipulate MS-DOS files Move or rename files or directories Mass Move and rename (files) Networking information Set the priority of a command or job Number lines and write files Run a command immune to hangups Query Internet name servers interactively Open a file in its default application Operator access

passwd Modify a user password paste Merge lines of files pathchk Check file name portability ping Test a network connection pkill Stop processes from running popd Restore the previous value of the current directory pr Prepare files for printing printcap Printer capability database printenv Print environment variables printf Format and print data ps Process status pushd Save and then change the current directory pwd Print Working Directory q quota Display disk usage and limits quotacheck Scan a file system for disk usage quotactl Set disk quotas r ram ram disk device rcp Copy files between two machines read Read a line from standard input readarray Read from stdin into an array variable readonly Mark variables/functions as readonly reboot Reboot the system rename Rename files renice Alter priority of running processes remsync Synchronize remote files via email return Exit a shell function rev Reverse lines of a file rm Remove files rmdir Remove folder(s) rsync Remote file copy (Synchronize file trees)

s screen scp sdiff sed select seq set sftp shift shopt shutdown sleep slocate sort source split ssh strace su sudo sum symlink sync t tail Output the last part of files tar Tape ARchiver tee Redirect output to multiple files test Evaluate a conditional expression time Measure Program running time times User and system times touch Change file timestamps top List processes running on the system traceroute Trace Route to Host trap Run a command when a signal is set(bourne) tr Translate, squeeze, and/or delete characters true Do nothing, successfully tsort Topological sort tty Print filename of terminal on stdin type Describe a command u ulimit umask umount unalias uname unexpand uniq Limit user resources Users file creation mask Unmount a device Remove an alias Print system information Convert spaces to tabs Uniquify files Multiplex terminal, run remote shells via ssh Secure copy (remote file copy) Merge two files interactively Stream Editor Accept keyboard input Print numeric sequences Manipulate shell variables and functions Secure File Transfer Program Shift positional parameters Shell Options Shutdown or restart linux Delay for a specified time Find files Sort text files Run commands from a file `.' Split a file into fixed-size pieces Secure Shell client (remote login program) Trace system calls and signals Substitute user identity Execute a command as another user Print a checksum for a file Make a new name for a file Synchronize data on disk with memory

units unset unshar until useradd usermod users uuencode uudecode v v vdir vi vmstat w

Convert units from one scale to another Remove variable or function names Unpack shell archive scripts Execute commands (until error) Create new user account Modify user account List users currently logged in Encode a binary file Decode a file created by uuencode Verbosely list directory contents (`ls -l -b') Verbosely list directory contents (`ls -l -b') Text Editor Report virtual memory statistics

watch Execute/display a program periodically wc Print byte, word, and line counts whereis Search the user's $path, man pages and source files for a program which Search the user's $path for a program file while Execute commands who Print all usernames currently logged in whoami Print the current user id and name (`id -un') Wget Retrieve web pages or files via HTTP, HTTPS or FTP write Send a message to another user x xargs Execute utility, passing constructed argument list(s) yes Print a string until interrupted . Run a command script in the current shell ### Comment / Remark

Installing Red Hat Linux

For the purpose of this section, RedHat Linux version 9.0 has been chosen for use as the basis of a Linux Access Point. It is envisaged that NZ-Wireless will eventually replace this section with a purpose built Access Point distribution or perhaps a suitably modified commercial distribution, but in the meantime this will have to do. The choice of distribution is really down to personal preference. I have chosen Redhat for this HOWTO because it is easy for new users to get a handle on and because a suitable HOSTAP kernel is available as an RPM. If you chose to use a different distribution, you will need to know the locations and names of some files mentioned in this HOWTO on your system as they may be different to Redhat. You should be aware that some of the commands given here are also Redhat specific and you will need to know the alternatives for your distribution. You should also be aware that software download links in this HOWTO point to RH9 RPM versions which may not be compatible with your chosen distribution. The steps below assume that the reader has not installed Linux before. It assumes that the user may wish to use the system as a Server or as a Desktop in addition to an Access Point. It also assumes that the user has no data on the system that is to be preserved. The following is a step-by-step guide lacking a lot of detail. If you're comfortable installing Linux or have specific reaquirements in mind, you can safely skip this section. The end result of this initial Redhat install will be a Linux box running X and GNOME that can be used for multiple purposes but is not optimised for any single purpose. It will use approximately 1.2GB of disk space

Step by Step guide to installing Redhat

Screen 1 If you have booted your system with the Redhat installation media or are installing by NFS you will see the Redhat welcome screen. Press enter for install in graphical mode. Screen 2 Press next Screen 3 Select English Screen 4 Keyboard type. Choose US International Screen 5 Mouse type. Select your mouse type here and, if you are going to use this system as a desktop, enable the emulate 3 buttons check box. Screen 6 Installation type. Choose Custom Screen 7 Disk Partitioning. Choose Manually with Disk Druid Screen 8 Disk Setup. Delete all existing partitions (WARNING: ALL Data currently on the disk is erased!) Depending on your needs, create new partitions. I go for simplicity, creating two partitions, one for use as

swap which I make twice as large as the amount of physical RAM and one for all other data, called a root partition. Here's how; Screen 9 Boot Loader. Grub is the preferred boot loader and the default options are suitable, so nothing needs to be changed here. Click next. Screen 10 Network configuration. You will see a list of your network interfaces (such as eth0). Configure each one to suit your own physical network requirements, with reference to the information you gathered in chapter 2. I don't use DHCP for wired machines so I select to configure manually and enter the IP information in the box provided. Note that your wireless card probably has not been detected by this stage. Don't worry we'll configure it later. Screen 11 Firewall configuration. If you intend to run NoCat your entries here will be superseded by the NoCat configuration process. For the purpose of the initail configuration, select Medium security level and ETH0 as a trusted device. Allow Incoming ssh. Screen 12 Additional Language Support. Check English (NZ) and uncheck English (USA) Screen 13 Timezone. Click on the map of New Zealand to set the timezone. Screen 14 Root password. This screen is where we set the password for the super-user.Create a root password that you will remember. Click OK then Next Screen 15 Authentication Configuration. The default settings don't need to be changed. Click Next. Screen 16 Package selection. The packages you chose here will depend on what you want to do with your system, so the recommendations I make below are guidelines. Anything that you omit here but need later can be installed at a later stage.


Before Red Hat Linux can start up on your system, it must be told to boot by special instructions placed on a boot loader, code that exists on your primary hard drive or other media device that knows how to start the Linux kernel. If you are using an x86 system that only boots Red Hat Linux, and if you only use one version of the Linux kernel, then the exact process used by the boot loader to start Red Hat Linux is not all that important. The Red Hat Linux installation program allows you to quickly and easily configure the boot loader in your hard drive's Master Boot Record (MBR) to load the operating system. However, if you wish to have the choice to boot from multiple Linux kernels or other operating systems, then knowledge of the method used by Red Hat Linux to provide the necessary options to you, as well as an understanding of the boot process and what to change, is essential. This chapter discusses GRUB, the method Red Hat Linux uses to launch operating systems on x86 systems, and looks at various command and configuration options that allow you to control the boot process.

Defining GRUB
GNU GRUB (GRand Unified Bootloader) is a program that installs a boot loader to the MBR, which exists at the beginning sectors of a disk. It allows you to place specific instructions in the MBR that loads a GRUB menu or command environment, permitting you to start the operating system of your choice, pass special instructions to kernels when they boot, or discover system parameters (such as available RAM) before booting.

GRUB Features
GRUB contains a number of features that make it preferable to other available boot loaders. These are some of the most important: GRUB provides a true command-based, pre-OS environment on x86 machines to allow maximum flexibility in loading operating systems with certain options or gathering information about the system. Many non-x86 architectures have employed pre-OS environments for years that allow you to control how the system boots from a command line. While some command features are available with LILO and other x86 boot loaders, GRUB contains a greater number of features. GRUB supports Logical Block Addressing (LBA) mode. LBA places the addressing conversion used to find files on the drive in the drive's firmware, and it is used on many IDE and all SCSI hard disks. Before LBA, hard drives could encounter a 1024-cylinder limit, where the BIOS could not find a file after that point, such as a boot loader or kernel files. LBA support allows GRUB to boot operating systems from partitions beyond the 1024-cylinder limit, so long as your BIOS supports LBA mode (most do). GRUB's configuration file is read from the disk every time the system boots, preventing you from having to write over the MBR every time you change the boot options. Most boot loaders are not sophisticated enough to read configuration files and use them to set up boot options. For example, to change a LILO boot configuration, such as changing the default operating system to boot, you must change a LILO configuration file and run a command that overwrites the system's MBR with the new configuration data. This is more risky than GRUB's method, because a misconfigured MBR would leave you with an unbootable system. With GRUB, if you misconfigure the configuration file and reboot, it will simply drop you to a command line and allow you to manually type commands that will launch the operating system. The MBR is not touched except to update the Stage 1, Stage 2, or menu configuration file locations, and this is rarely necessary.

In order to use grub to boot a computer, you need to know the following: 1. The partition containing the kernel 2. Within that partition, the directory path and filename of the kernel 3. The partition containing /sbin/init In addition, you might need the partition, path and filename of the initrd file, but usually this is not necessary with grub. Now let's take a look at an example. Imagine a system in which /dev/hda1 is mounted as /boot, and /dev/hda9 is mounted as /. Within /boot the kernel filename is vmlinuz-i686-up-4GB. Now let's answer the four questions: 1. 2. 3. The partition containing the kernel = /dev/hda1, or (hd0,0) in grub-speak Within that partition, the directory path and filename of the kernel = /vmlinuz-i686-up-4GB (Remember, /dev/hda1 is mounted directly to /boot, so it contains the kernel directly) The partition containing /sbin/init is /dev/hda9

In that case, here are the grub commands you would input to boot that system: grub> root (hd0,0) grub> kernel /vmlinuz-i686-up-4GB root=/dev/hda9 grub> boot The preceding is usually sufficient to boot a Linux box. The standalone root statement tells the partition containing the kernel. The kernel statement describes the path and filename, within the partition containing the kernel of the kernel. The argument to the root= argument to the kernel statement tells the partition containing /sbin/init, which of course turns out to be the root partition in the booted system. Be careful of these duelling root keywords. The standalone one is the root as seen from grub, and contains the kernel. The argument to the kernel statement is the root as seen from the fully booted system, and contains /sbin/init. Be careful also of where you use grub partition notation and where you use Linux partition notation. You use grub partition notation ((hd0,0)) everywhere except the root= argument to the kernel statement. In the root= argument you use the Linux partition notation. Note that in Linux notation, the drive starts with a for the first IDE port master, then b for the first IDE port slave, then c for the second IDE port master, and d for the second IDE port slave, on and on throughout your IDE ports. In Linux notation, the partition number within the drive starts with 1. In grub partition notation, the first accessible hard drive is (hd0), the next accessible hard drive (even if it's on the 3rd, 4th or higher IDE port) is (hd1), and so forth. In grub partition notation, the partition number is zero based. Thus: /dev/hda1 is the same partition as (hd0,0) Occasionally you'll need to specify an initrd, although this is rare. If so, after the kernel statement and of course before the boot statement, insert the following: initrd /initrd-i686-up-4GB.img It's absolutely essential that if you do use an initrd statement, that the initrd file you reference must match the kernel you referenced earlier. Another documented way to boot from grub is to put the grub-root in the kernel statement itself instead of as a separate entity: grub> kernel (hd0,0)/vmlinuz-i686-up-4GB root=/dev/hda9 grub> boot If you do that, you'll need to also specify the grub root ((hd0,0)) on any initrd statement.

Booting Up Foreign Distros

Let's say you're a United States English speaker using grub to bust back into a Knoppix machine that lost its boot loader. The commands discussed previously would put you in Knoppix just fine, but the error messages and even the console keyboard would be German (Deutsch). If you wanted to boot up in American English, you'd add the argument lang=us to the kernel statement, like this: grub> kernel (hd0,0)/vmlinuz-i686-up-4GB root=/dev/hda9 lang=us grub> boot or grub> root (hd0,0) grub> kernel /vmlinuz-i686-up-4GB root=/dev/hda9 lang=us grub> boot

The Single Partition Configuration

The preceding example detailed a system with a dedicated /boot partition. Especially in these days of modern bioses that can boot past cylinder 1024, many people don't use a separate partition for /boot. Imagine if the root partition were /dev/hda1, and /boot was just another directory on that partition. In that case, here are the commands you'd use: grub> root (hd0,0) grub> kernel /boot/vmlinuz-i686-up-4GB root=/dev/hda1 grub> boot The only difference is here the grub root is the same as the booted system root.

Linux Start up and Run Levels
The Init Program
As seen in the previous section, the kernel will start a program called init, if it finds it. The init process reads the file "/etc/inittab" and uses this file to determine how to create processes. Read the init man page for more information. Also note that init is always running and can dynamically do things and run processes based upon various signals. The administrator can also cause it to dynamically change system processes and runlevels by using the telinit program or editing the "/etc/inittab" file.

Linux utilizes what is called "runlevels". A runlevel is a software configuration of the system that allows only a selected group of processes to exist. Init can run the system in one of eight runlevels. These runlevels are 0-6 and S or s. The system runs in only one of these runlevels at a time. Typically these runlevels are used for different purposes. Runlevels 0, 1, and 6 are reserved. For Redhat Linux version 6, the runlevels are:

0 1 2 3 4

halt Single user mode Multiuser, without NFS (The same as 3, if you don't have networking) Full multiuser mode unused

5 6

X11 Reboot

The inittab file The "/etc/inittab" file tells init which runlevel to start the system at and describes the processes to be run at each runlevel. An entry in the inittab file has the following format:
id:runlevels:action:process id - A unique sequence of 1-4 characters which identifies an entry in inittab. runlevels - Lists the runlevels for which the specified action should be taken. This field may contain multiple characters for different runlevels allowing a particular process to run at multiple runlevels. For example, 123 specifies that the process should be started in runlevels 1, 2, and 3. action - Describes which action should be taken. Valid actions are listed below o respawn - The process will be restarted whenever it terminates. o wait - The process will be started once when the specified runlevel is entered and init will wait for its termination. o once - The process will be executed once when the specified runlevel is entered o boot - The process will be executed during system boot. The runlevels field is ignored. o bootwait - Same as "boot" above, but init waits for its termination. o off - This does nothing. o ondemand - This process will be executed whenever the specified ondemand runlevel is called. o initdefault - Specifies the runlevel which should be entered after system boot. If none exists, init will ask for a runlevel on the console. The process field is ignored. o sysinit - The process will be executed during system boot. It will be executed before any boot or bootwait entries. The runlevels field is ignored. o powerwait - The process will be executed when init receives the SIGPWR signal. Init will wait for the process to finish before continuing. o powerfail - Same as powerwait but init does not wait for the process to complete. o powerokwait - The process will be executed when init receives the SIGPWR signal provided there is a file called "/etc/powerstatus" containing the word "OK". This means that the power has come back again. o ctrlaltdel - This process is executed when init receives the SIGINT signal. This means someone on the system console has pressed the "CTRL-ALT-DEL" key combination. o kbrequest - The process will be executed when init receives a signal from the keyboard handler that a special key combination was pressed on the console keyboard. o process - Specifies the process to be executed. If the process starts with the '+' character, init will not do utmp and wtmp accounting for that process. This is needed for gettys that insist on doing their own utmp/wtmp housekeeping (a historic bug).

Below is an example file:

# inittab This file describes how the INIT process should set up # the system in a certain run-level. # # Author: Miquel van Smoorenburg, <> # Modified for RHS Linux by Marc Ewing and Donnie Barnes #

# Default runlevel. The runlevels used by RHS are: # 0 - halt (Do NOT set initdefault to this) # 1 - Single user mode # 2 - Multiuser, without NFS (The same as 3, if you do not have networking) # 3 - Full multiuser mode # 4 - unused # 5 - X11 # 6 - reboot (Do NOT set initdefault to this) # 1) id:3:initdefault: # System initialization. 2) si::sysinit:/etc/rc.d/rc.sysinit 3) 4) 5) 6) 7) 8) 9) l0:0:wait:/etc/rc.d/rc l1:1:wait:/etc/rc.d/rc l2:2:wait:/etc/rc.d/rc l3:3:wait:/etc/rc.d/rc l4:4:wait:/etc/rc.d/rc l5:5:wait:/etc/rc.d/rc l6:6:wait:/etc/rc.d/rc 0 1 2 3 4 5 6

# Things to run in every runlevel. 10) ud::once:/sbin/update # Trap CTRL-ALT-DELETE 11) ca::ctrlaltdel:/sbin/shutdown -t3 -r now # When our UPS tells us power has failed, assume we have a few minutes # of power left. Schedule a shutdown for 2 minutes from now. # This does, of course, assume you have powerd installed and your # UPS connected and working correctly. 12) pf::powerfail:/sbin/shutdown -f -h +2 "Power Failure; System Shutting Down" # If power was restored before the shutdown kicked in, cancel it. 13) pr:12345:powerokwait:/sbin/shutdown -c "Power Restored; Shutdown Cancelled" # Run gettys in standard runlevels 14) 1:2345:respawn:/sbin/mingetty 15) 2:2345:respawn:/sbin/mingetty 16) 3:2345:respawn:/sbin/mingetty 17) 4:2345:respawn:/sbin/mingetty 18) 5:2345:respawn:/sbin/mingetty 19) 6:2345:respawn:/sbin/mingetty

tty1 tty2 tty3 tty4 tty5 tty6

# Run xdm in runlevel 5 # xdm is now a separate service 20) x:5:respawn:/etc/X11/prefdm -nodaemon On the left side of the file listing, above, are added numbers to help describe lines. Those lines

without line numbers are either blank or begin with a "#" which means the line is a comment. Those line numbers are not part of the original file and are added here for reference purposes. On line 1 above you see "id:3:initdefault:". The id is "id" which stands for initdefault. Note that it is unique on all the numbered lines. The runlevel is 3 which sets the default starting runlevel to runlevel 3. The action is initdefault which tells init to make this runlevel the default runlevel. Note that the process field is blank since it is ignored by the initdefault action. Line 2 tells init to run the program "/etc/rc.d/rc.sysinit" during system boot, before any other processes. Lines 3 through 9 tell init to run the program "/etc/rc.d/rc" for runlevels 0 through 6. Note that for each line the appropriate runlevel is passed to the "/etc/rc.d/rc" script program on the command line. For example note on line 5 above the second field is the runlevel specifying 2. At the end of the line there is a space and a 2 which allows the variable 2 to be passed on the command line to the program. Line 10 specifies that the program "/sbin/update" will run once for every runlevel. Line 11 sets up the program "/sbin/shutdown" to run when someone on the system console has pressed the "CTRL-ALT-DEL" key combination. Line 12 specifies "/sbin/shutdown" to run if the power fails. Note that there are different options passed on the command line for lines 11 and 12 although they run the same program. Line 13 specified "/sbin/shutdown" will run if power is restored for any of runlevels 1 through 5. Lines 14 through 19 specifies the "/sbin/mingetty" program to run on 6 different terminals for runlevels 2 through 5. This means that you can run 6 virtual terminals from your keyboard simultaneously by pressing "ALT-F1" through "ALT-F6". Note pressing "ALT-F7" or above will do nothing, but the screen will not change from your current terminal.

Note the order of programs to run as specified above are: 1. 2. 3. /etc/rc.d/rc.sysinit /etc/sbin/update /etc/rc.d/rc 3 - Note: we are running runlevel 3 here.

Therefore, the next thing that the system does is to run the rc.sysinit file, save buffers to the hard drive, then run system script files for the requested runlevel which will start up many system and network services as explained in the next section.

Linux Password & Shadow File Formats

Traditional Unix systems keep user account information, including one-way encrypted passwords, in a text file called ``/etc/passwd''. As this file is used by many tools (such as ``ls'') to display file ownerships, etc. by matching user id #'s with the user's names, the file needs to be world-readable. Consequentally, this can be somewhat of a security risk. Another method of storing account information, one that I always use, is with the shadow password format. As with the traditional method, this method stores account information in the /etc/passwd file in a compatible format. However, the password is stored as a single "x" character (ie. not actually stored in this file). A second file, called ``/etc/shadow'', contains encrypted password as well as other information such as account or password expiration values, etc. The /etc/shadow file is readable only by the root account and is therefore less of a security risk. While some other Linux distributions forces you to install the Shadow Password Suite in order to use the shadow format, Red Hat makes it simple. To switch between the two formats, type (as root): /usr/sbin/pwconv /usr/sbin/pwunconv To convert to the shadow format To convert back to the traditional format

With shadow passwords, the ``/etc/passwd'' file contains account information, and looks like this: smithj:x:561:561:Joe Smith:/home/smithj:/bin/bash

Each field in a passwd entry is separated with ":" colon characters, and are as follows:

Username, up to 8 characters. Case-sensitive, usually all lowercase

An "x" in the password field. Passwords are stored in the ``/etc/shadow'' file. Numeric user id. This is assigned by the ``adduser'' script. Unix uses this field, plus the following group field, to identify which files belong to the user. Numeric group id. Red Hat uses group id's in a fairly unique manner for enhanced file security. Usually the group id will match the user id. Full name of user. I'm not sure what the maximum length for this field is, but try to keep it reasonable (under 30 characters). User's home directory. Usually /home/username (eg. /home/smithj). All user's personal files, web pages, mail forwarding, etc. will be stored here. User's "shell account". Often set to ``/bin/bash'' to provide access to the bash shell (my personal favorite shell).

Perhaps you do not wish to provide shell accounts for your users. You could create a script file called ``/bin/sorrysh'', for example, that would display some kind of error message and log the user off, and then set this script as their default shell. Note: Note: If the account needs to provide "FTP" transfers to update web pages, etc. then the shell account will need to be set to ``/bin/bash'' -- and then special permissions will need to be set up in the user's home directory to prevent shell logins

The ``/etc/shadow'' file contains password and account expiration information for users, and looks like this: smithj:Ep6mckrOLChF.:10063:0:99999:7::: As with the passwd file, each field in the shadow file is also separated with ":" colon characters, and are as follows: Username, up to 8 characters. Case-sensitive, usually all lowercase. A direct match to the username in the /etc/passwd file. Password, 13 character encrypted. A blank entry (eg. ::) indicates a password is not required to log in (usually a bad idea), and a ``*'' entry (eg. :*:) indicates the account has been disabled. The number of days (since January 1, 1970) since the password was last changed. The number of days before password may be changed (0 indicates it may be changed at any time) The number of days after which password must be changed (99999 indicates user can keep his or her password unchanged for many, many years) The number of days to warn user of an expiring password (7 for a full week) The number of days after password expires that account is disabled

The number of days since January 1, 1970 that an account has been disabled A reserved field for possible future use

Understanding fields in /etc/passwd

The /etc/passwd contains one entry per line for each user (or user account) of the system. All fields are separated by a colon (:) symbol. Total seven fields as follows. Generally, passwd file entry looks as follows (click to enlarge image):

1. 2.

Username: It is used when user logs in. It should be between 1 and 32 characters in length. Password: An x character indicates that encrypted password is stored in /etc/shadow User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for administrative and system accounts/groups.


4. 5. 6. 7.

Group ID (GID): The primary group ID (stored in /etc/group file) User ID Info: The comment field. It allow you to add extra information about the users such as user's full name, phone number etc. This field use by finger command. Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes / Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell. Please note that it does not have to be a shell.

/etc/passwd is only used for local users only. To see list of all users, enter:
$ cat /etc/passwd

To search for a username called tom, enter:

$ grep tom /etc/passwd

/etc/passwd file permission

The permission on the /etc/passwd file should be read only to users (-rw-r--r--) and the owner must be root:
$ ls -l /etc/passwd


-rw-r--r-- 1 root root 2659 Sep 17 01:46 /etc/passwd

Your password is stored in /etc/shadow file

Your encrpted password is not stored in /etc/passwd file. It is stored in /etc/shadow file. In the good old days there was no great problem with this general read permission. Everybody could read the encrypted passwords, but the hardware was too slow to crack a well-chosen password, and moreover, the basic assumption used to be that of a friendly user-community. Almost, all modern Linux / UNIX line operating systems use some sort of the shadow password suite, where /etc/passwd has asterisks (*) instead of encrypted passwords, and the encrypted passwords are in /etc/shadow which is readable by the superuser only.

Automount - what and why?

Automounting is the process where mounting and unmounting of certain filesystems is done automatically by a daemon. If the filesystem is unmounted, and a user attempts to access it, it will be automatically (re)mounted. This is especially useful in large networked environments and for crossmounting filesystems between a few machines (especially ones which are not always online). It may also be very useful for removable devices, or a few other uses, such as easy switching between a forced-on ascii conversion mount of a dos filesystem and a forced-off ascii conversion mount of the same dos fs. If you are new to Linux and dont understand what mounting and deamons are,then refer to some documentation regarding this.

Types of automounting
There are two types of automounters in linux; AMD and autofs. AMD is the automount daemon, and supposedly works like the SunOS AMD. It is implemented in user space, meaning it's not part of the

kernel. It's not necessary for the kernel to understand automounting if you NFS mount to the local host, through the AMD daemon, which routes all automount filesystem traffic through the NFS system. Autofs is a newer system assisted by the kernel, meaning that the kernel's filesystem code knows where the automount mount points are on an otherwise normal underlying fs, and the automount program takes it from there. Only autofs will be described in this mini-howto.

Useful Commands
mount [-lhV] mount -a [-fFnrsvw] [-t vfstype] [-O optlist] mount [-fnrsvw] [-o options [,...]] device | dir mount [-fnrsvw] [-t vfstype] [-o options] device dir All files accessible in a Unix system are arranged in one big tree, the file hierarchy, rooted at /. These files can be spread out over several devices. The mount command serves to attach the file system found on some device to the big file tree. Conversely, the umount(8) command will detach it again. The standard form of the mount command, is

mount -t type device dir This tells the kernel to attach the file system found on device(which is of type type) at the directory dir. The previous contents (if any) and owner and mode of dir become invisible, and as long as this file system remains mounted, the pathname dir refers to the root of the file system on device. Three forms of invocation do not actually mount anything: mount -h prints a help message; mount -V prints a version string; and just mount [-l] [-t type] lists all mounted file systems (of type type). The option -l adds the (ext2, ext3 and XFS) labels in this listing. See below. Since Linux 2.4.0 it is possible to remount part of the file hierarchy somewhere else. The call is

mount --bind olddir newdir After this call the same contents is accessible in two places. One can also remount a single file (on a single file). This call attaches only (part of) a single filesystem, not possible submounts. The entire file hierarchy including submounts is attached a second place using

mount --rbind olddir newdir

Note that the filesystem mount options will remain the same as those on the original mount point, and cannot be changed by passing the -o option along with --bind/--rbind. Since Linux 2.5.1 it is possible to atomically move a mounted tree to another place. The call is

mount --move olddir newdir Since Linux 2.6.15 it is possible to mark a mount and its submounts as shared, private, slave or unbindable. A shared mount provides ability to create mirrors of that mount such that mounts and umounts within any of the mirrors propagate to the other mirror. A slave mount receives propagation from its master, but any not vice-versa. A private mount carries no propagation abilities. A unbindable mount is a private mount which cannot cloned through a bind operation. Detailed semantics is documented in Documentation/sharedsubtree.txt file in the kernel source tree.

mount --make-shared mountpoint mount --make-slave mountpoint mount --make-private mountpoint mount --make-unbindable mountpoint The following commands allows one to recursively change the type of all the mounts under a given mountpoint.

mount --make-rshared mountpoint mount --make-rslave mountpoint mount --make-rprivate mountpoint "mount --make-runbindable mountpoint" The proc file system is not associated with a special device, and when mounting it, an arbitrary keyword, such as proc can be used instead of a device specification. (The customary choice none is less fortunate: the error message 'none busy' from umount can be confusing.) Most devices are indicated by a file name (of a block special device), like /dev/sda1, but there are other possibilities. For example, in the case of an NFS mount, device may look like It is possible to indicate a block special device using its volume label or UUID (see the -L and -U options below). The file /etc/fstab (see fstab(5)), may contain lines describing what devices are usually mounted where, using which options. This file is used in three ways: (i) The command

mount -a [-t type] [-O optlist] (usually given in a bootscript) causes all file systems mentioned in fstab (of the proper type and/or having or not having the proper options) to be mounted as indicated, except for those whose line contains the noauto keyword. Adding the -F option will make mount fork, so that the filesystems are mounted simultaneously. (ii) When mounting a file system mentioned in fstab, it suffices to give only the device, or only the mount point.

(iii) Normally, only the superuser can mount file systems. However, when fstab contains the user option on a line, anybody can mount the corresponding system. Thus, given a line

/dev/cdrom /cd iso9660 ro,user,noauto,unhide any user can mount the iso9660 file system found on his CDROM using the command mount /dev/cdrom or mount /cd For more details, see fstab(5). Only the user that mounted a filesystem can unmount it again. If any user should be able to unmount, then use usersinstead of user in the fstab line. The owner option is similar to the user option, with the restriction that the user must be the owner of the special file. This may be useful e.g. for /dev/fd if a login script makes the console user owner of this device. The group option is similar, with the restriction that the user must be member of the group of the special file. The programs mount and umount maintain a list of currently mounted file systems in the file /etc/mtab. If no arguments are given to mount, this list is printed. When the proc filesystem is mounted (say at /proc), the files /etc/mtab and /proc/mounts have very similar contents. The former has somewhat more information, such as the mount options used, but is not necessarily up-to-date (cf. the -n option below). It is possible to replace /etc/mtab by a symbolic link to /proc/mounts, and especially when you have very large numbers of mounts things will be much faster with that symlink, but some information is lost that way, and in particular working with the loop device will be less convenient, and using the "user" option will fail.

The full set of options used by an invocation of mount is determined by first extracting the options for the file system from the fstab table, then applying any options specified by the -o argument, and finally applying a -r or -w option, when present. Options available for the mount command: -V Output version. -h Print a help message. -v Verbose mode. -a Mount all filesystems (of the given types) mentioned in fstab. -F (Used in conjunction with -a.) Fork off a new incarnation of mount for each device. This will do the mounts on different devices or different NFS servers in parallel. This has the advantage that it is faster; also NFS timeouts go in parallel. A disadvantage is that the mounts are done in undefined order. Thus, you cannot use this option if you want to mount both /usr and /usr/spool. -f Causes everything to be done except for the actual system call; if it's not obvious, this ''fakes'' mounting the file system. This option is useful in conjunction with the -v flag to

determine what the mount command is trying to do. It can also be used to add entries for devices that were mounted earlier with the -n option. -i Don't call the /sbin/mount.<filesystem> helper even if it exists. -l Add the ext2, ext3 and XFS labels in the mount output. Mount must have permission to read the disk device (e.g. be suid root) for this to work. One can set such a label for ext2 or ext3 using the e2label(8) utility, or for XFS using xfs_admin(8), or for reiserfs using reiserfstune(8). -n Mount without writing in /etc/mtab. This is necessary for example when /etc is on a readonly file system. -pnum In case of a loop mount with encryption, read the passphrase from file descriptor num instead of from the terminal. -s Tolerate sloppy mount options rather than failing. This will ignore mount options not supported by a filesystem type. Not all filesystems support this option. This option exists for support of the Linux autofs-based automounter. -r Mount the file system read-only. A synonym is -o ro. -w Mount the file system read/write. This is the default. A synonym is -o rw. -L label Mount the partition that has the specified label. -U uuid Mount the partition that has the specified uuid. These two options require the file /proc/partitions (present since Linux 2.1.116) to exist. -t vfstype The argument following the -t is used to indicate the file system type. The file system types which are currently supported include: adfs, affs,autofs, cifs, coda, coherent, cramfs, debugfs, devpts, efs, ext, ext2, ext 3, hfs, hpfs, iso9660, jfs, minix, msdos, ncpfs, nfs, nfs4, ntfs, proc,qnx4, ramfs, reiserfs, r omfs, smbfs, sysv, tmpfs, udf, ufs, umsdos, usbfs, vfat, xenix, xfs, xiafs. Note that coherent, sysv and xenix are equivalent and that xenix and coherent will be removed at some point in the future -- use sysv instead. Since kernel version 2.1.21 the typesext and xiafs do not exist anymore. Earlier, usbfs was known as usbdevfs. For most types all the mount program has to do is issue a simple mount(2) system call, and no detailed knowledge of the filesystem type is required. For a few types however (like nfs, nfs4, cifs, smbfs, ncpfs) ad hoc code is necessary. The nfs ad hoc code is built in, but cifs, smbfs, and ncpfs have a separate mount program. In order to make it possible to treat all types in a uniform way, mount will execute the program/sbin/mount.TYPE (if that exists) when called with type TYPE. Since various versions of the smbmount program have different calling conventions, /sbin/mount.smbfs may have to be a shell script that sets up the desired call. If no -t option is given, or if the auto type is specified, mount will try to guess the desired type. If mount was compiled with the blkid library, the guessing is done by this library. Otherwise, mount guesses itself by probing the superblock; if that does not turn up anything that looks familiar, mount will try to read the file /etc/filesystems, or, if that does not exist, /proc/filesystems. All of the filesystem types listed there will be tried, except for those that are labeled "nodev" (e.g., devpts, proc, nfs, and nfs4). If /etc/filesystems ends in a line with a single * only, mount will read /proc/filesystems afterwards.

The auto type may be useful for user-mounted floppies. Creating a file /etc/filesystems can be useful to change the probe order (e.g., to try vfat before msdos or ext3 before ext2) or if you use a kernel module autoloader. Warning: the probing uses a heuristic (the presence of appropriate 'magic'), and could recognize the wrong filesystem type, possibly with catastrophic consequences. If your data is valuable, don't ask mount to guess. More than one type may be specified in a comma separated list. The list of file system types can be prefixed with no to specify the file system types on which no action should be taken. (This can be meaningful with the -a option.) For example, the command: mount -a -t nomsdos,ext mounts all file systems except those of type msdos and ext. -O Used in conjunction with -a, to limit the set of filesystems to which the -a is applied. Like t in this regard except that it is useless except in the context of -a. For example, the command: mount -a -O no_netdev mounts all file systems except those which have the option _netdev specified in the options field in the /etc/fstab file. It is different from -t in that each option is matched exactly; a leading no at the beginning of one option does not negate the rest. The -t and -O options are cumulative in effect; that is, the command mount -a -t ext2 -O _netdev mounts all ext2 filesystems with the _netdev option, not all filesystems that are either ext2 or have the _netdev option specified. -o Options are specified with a -o flag followed by a comma separated string of options. Some of these options are only useful when they appear in the /etc/fstab file. The following options apply to any file system that is being mounted (but not every file system actually honors them - e.g., the sync option today has effect only for ext2, ext3, fat, vfat and ufs): async All I/O to the file system should be done asynchronously. atime Update inode access time for each access. This is the default. auto Can be mounted with the -a option. defaults Use default options: rw, suid, dev, exec, auto, nouser, and async. dev Interpret character or block special devices on the file system. exec Permit execution of binaries. group Allow an ordinary (i.e., non-root) user to mount the file system if one of his groups matches the group of the device. This option implies the options nosuid and nodev (unless overridden by subsequent options, as in the option line group,dev,suid). mand Allow mandatory locks on this filesystem. See fcntl(2). _netdev

The filesystem resides on a device that requires network access (used to prevent the system from attempting to mount these filesystems until the network has been enabled on the system). noatime Do not update inode access times on this file system (e.g, for faster access on the news spool to speed up news servers). nodiratime Do not update directory inode access times on this filesystem. noauto Can only be mounted explicitly (i.e., the -a option will not cause the file system to be mounted). nodev Do not interpret character or block special devices on the file system. noexec Do not allow direct execution of any binaries on the mounted file system. (Until recently it was possible to run binaries anyway using a command like /lib/ld*.so /mnt/binary. This trick fails since Linux 2.4.25 / 2.6.0.) nomand Do not allow mandatory locks on this filesystem. nosuid Do not allow set-user-identifier or set-group-identifier bits to take effect. (This seems safe, but is in fact rather unsafe if you have suidperl(1)installed.) nouser Forbid an ordinary (i.e., non-root) user to mount the file system. This is the default. owner Allow an ordinary (i.e., non-root) user to mount the file system if he is the owner of the device. This option implies the options nosuid andnodev (unless overridden by subsequent options, as in the option line owner,dev,suid). remount Attempt to remount an already-mounted file system. This is commonly used to change the mount flags for a file system, especially to make a readonly file system writeable. It does not change device or mount point. ro Mount the file system read-only. rw Mount the file system read-write. suid Allow set-user-identifier or set-group-identifier bits to take effect. sync All I/O to the file system should be done synchronously. In case of media with limited number of write cycles (e.g. some flash drives) "sync" may cause life-cycle shortening. dirsync All directory updates within the file system should be done synchronously. This affects the following system calls: creat, link, unlink, symlink, mkdir, rmdir, mknod and rename. user Allow an ordinary user to mount the file system. The name of the mounting user is written to mtab so that he can unmount the file system again. This option implies the options noexec, nosuid, and nodev (unless overridden by subsequent options, as in the option lineuser,exec,dev,suid). users Allow every user to mount and unmount the file system. This option implies the options noexec, nosuid, and nodev (unless overridden by subsequent options, as in the option line users,exec,dev,suid). context=context, fscontext=context and defcontext=context

The context= option is useful when mounting filesystems that do not support extended attributes, such as a floppy or hard disk formatted with VFAT, or systems that are not normally running under SELinux, such as an ext3 formatted disk from a non-SELinux workstation. You can also use context= on filesystems you do not trust, such as a floppy. It also helps in compatibility with xattr-supporting filesystems on earlier 2.4.<x> kernel versions. Even where xattrs are supported, you can save time not having to label every file by assigning the entire disk one security context. A commonly used option for removable media is context=system_u:object_r:removable_t. Two other options are fscontext= and defcontext=, both of which are mutually exclusive of the context option. This means you can use fscontext and defcontext with each other, but neither can be used with context. The fscontext= option works for all filesystems, regardless of their xattr support. The fscontext option sets the overarching filesystem label to a specific security context. This filesystem label is separate from the individual labels on the files. It represents the entire filesystem for certain kinds of permission checks, such as during mount or file creation. Individual file labels are still obtained from the xattrs on the files themselves. The context option actually sets the aggregate context that fscontext provides, in addition to supplying the same label for individual files. You can set the default security context for unlabeled files using defcontext= option. This overrides the value set for unlabeled files in the policy and requires a file system that supports xattr labeling. For more details see selinux(8) --bind Remount a subtree somewhere else (so that its contents are available in both places). See above. --move Move a subtree to some other place. See above.

Filesystem Specific Mount Options

The following options apply only to certain file systems. We sort them by file system. They all follow the -o flag. What options are supported depends a bit on the running kernel. More info may be found in the kernel source subdirectoryDocumentation/filesystems. Just like nfs or smbfs implementation expects a binary argument to the mount system call. This argument is constructed by mount.cifs(8) and the current version of mount (2.12) does not know anything about cifs.

Mount options for ext

None. Note that the 'ext' file system is obsolete. Don't use it. Since Linux version 2.1.21 extfs is no longer part of the kernel source.

Mount options for ext2

The 'ext2' file system is the standard Linux file system. Since Linux 2.5.46, for most mount options the default is determined by the filesystem superblock. Set them with tune2fs(8). acl / noacl

Support POSIX Access Control Lists (or not). bsddf / minixdf Set the behaviour for the statfs system call. The minixdf behaviour is to return in the f_blocks field the total number of blocks of the file system, while the bsddf behaviour (which is the default) is to subtract the overhead blocks used by the ext2 file system and not available for file storage. Thus
% mount /k -o minixdf; df /k; umount /k Filesystem 1024-blocks Used Available Capacity Mounted on /dev/sda6 2630655 86954 2412169 3% /k % mount /k -o bsddf; df /k; umount /k Filesystem 1024-blocks Used Available Capacity Mounted on /dev/sda6 2543714 13 2412169 0% /k

(Note that this example shows that one can add command line options to the options given in /etc/fstab.) check=none / nocheck No checking is done at mount time. This is the default. This is fast. It is wise to invoke e2fsck(8) every now and then, e.g. at boot time. debug Print debugging info upon each (re)mount. errors=continue / errors=remount-ro / errors=panic Define the behaviour when an error is encountered. (Either ignore errors and just mark the file system erroneous and continue, or remount the file system read-only, or panic and halt the system.) The default is set in the filesystem superblock, and can be changed using tune2fs(8). grpid or bsdgroups / nogrpid or sysvgroups These options define what group id a newly created file gets. When grpid is set, it takes the group id of the directory in which it is created; otherwise (the default) it takes the fsgid of the current process, unless the directory has the setgid bit set, in which case it takes the gid from the parent directory, and also gets the setgid bit set if it is a directory itself. grpquota / noquota / quota / usrquota These options are accepted but ignored. nobh Do not attach buffer_heads to file pagecache. (Since 2.5.49.) nouid32 Disables 32-bit UIDs and GIDs. This is for interoperability with older kernels which only store and expect 16-bit values. oldalloc or orlov Use old allocator or Orlov allocator for new inodes. Orlov is default. resgid=n and resuid=n The ext2 file system reserves a certain percentage of the available space (by default 5%, see mke2fs(8) and tune2fs(8)). These options determine who can use the reserved blocks. (Roughly: whoever has the specified uid, or belongs to the specified group.) sb=n Instead of block 1, use block n as superblock. This could be useful when the filesystem has been damaged. (Earlier, copies of the superblock would be made every 8192 blocks: in block 1, 8193, 16385, ... (and one got thousands of copies on a big filesystem). Since version 1.08,mke2fs has a -s (sparse superblock) option to reduce the number of backup superblocks, and since version 1.15 this is the default. Note that this may mean that ext2 filesystems created by a recent mke2fs cannot be mounted r/w under Linux 2.0.*.) The block number here uses 1k units. Thus, if you want to use logical block 32768 on a filesystem with 4k blocks, use "sb=131072". user_xattr / nouser_xattr Support "user." extended attributes (or not).

Mount options for ext3

The 'ext3' file system is a version of the ext2 file system which has been enhanced with journalling. It supports the same options as ext2 as well as the following additions:

journal=update Update the ext3 file system's journal to the current format. journal=inum When a journal already exists, this option is ignored. Otherwise, it specifies the number of the inode which will represent the ext3 file system's journal file; ext3 will create a new journal, overwriting the old contents of the file whose inode number is inum. noload Do not load the ext3 file system's journal on mounting. data=journal / data=ordered / data=writeback Specifies the journalling mode for file data. Metadata is always journaled. To use modes other than ordered on the root file system, pass the mode to the kernel as boot parameter, e.g. rootflags=data=journal. journal All data is committed into the journal prior to being written into the main file system. ordered This is the default mode. All data is forced directly out to the main file system prior to its metadata being committed to the journal. writeback Data ordering is not preserved - data may be written into the main file system after its metadata has been committed to the journal. This is rumoured to be the highestthroughput option. It guarantees internal file system integrity, however it can allow old data to appear in files after a crash and journal recovery. commit=nrsec Sync all data and metadata every nrsec seconds. The default value is 5 seconds. Zero means default.

Configuring a Samba Server

The default configuration file (/etc/samba/smb.conf) allows users to view their Red Hat Linux home directories as a Samba share. It also shares any printers configured for the Red Hat Linux system as Samba shared printers. In other words, you can attach a printer to your Red Hat Linux system and print to it from the Windows machines on your network.

Graphical Configuration
To configure Samba using a graphical interface, use the SambaServerConfigurationTool. For command line configuration, The SambaServerConfigurationTool is a graphical interface for managing Samba shares, users, and basic server settings. It modifies the configuration files in the /etc/samba/ directory. Any changes to these files not made using the application are preserved. To use this application, you must be running the X Window System, have root privileges, and have the redhat-config-samba RPM package installed. To start the SambaServerConfiguration Tool from the desktop, go to the MainMenuButton (on the Panel) =>SystemSettings => Server Settings => SambaServer or type the command redhat-config-samba at a shell prompt (for example, in an XTerm or a GNOME terminal).

SambaServerConfigurationTool ConfiguringServerSettings
The first step in configuring a Samba server is to configure the basic settings for the server and a few security options. After starting the application, select Preferences=> ServerSettings from the pulldown menu. The Basic tab is displayed as shown in below A :

FigureA: ConfiguringBasicServerSettings
On the Basic tab, specify which workgroup the computer should be in as well as a brief description of the computer. They correspond to the workgroup and server string options in smb.conf.

The Security tab contains the following options: AuthenticationMode This corresponds to the security option. Select one of the following types of authentication. o Domain The Samba server relies on a Windows NT Primary or Backup Domain Controller to verify the user. The server passes the username and password to the Controller and waits for it to return. Specify the NetBIOS name of the Primary or Backup Domain Controller in the AuthenticationServer field. The EncryptedPasswordsoption must be set to Yes if this is selected. o Server The Samba server tries to verify the username and password combination by passing them to another Samba server. If it can not, the server tries to verify using the user authentication mode. Specify the NetBIOS name of the other Samba server in the AuthenticationServer field. o Share Samba users do not have to enter a username and password combination on a per Samba server basis. They are not prompted for a username and password until they try to connect to a specific shared directory from a Samba server. o User (Default) Samba users must provide a valid username and password on a per Samba server basis. Select this option if you want the Windows Usernameoption to work

EncryptPasswords (Default value is Yes) This option must be enabled if the clients are connecting from a Windows 98, Windows NT 4.0 with Service Pack 3, or other more recent versions of Microsoft Windows. The passwords are transfered between the server and the client in an encrypted format instead of in as a plain-text word that can be intercepted. This corresponds to the encrypted passwords option. GuestAccount When users or guest users log into a Samba server, they must be mapped to a valid user on the server. Select one of the existing usernames on the system to be the guest Samba account. When guests logs in to the Samba server, they have the same privileges as this user. This corresponds to the guest account option.

The SambaServerConfigurationTool requires that an existing user account be active on the Red Hat Linux system acting as the Samba server before a Samba user can be added. The Samba user is associated with the existing Red Hat Linux user account.

To add a Samba user, select Preferences=> SambaUsers from the pulldown menu, and click the AddUser button. On the CreateNewSambaUser window select a UnixUsernamefrom the list of existing users on the local system. If the user has a different username on a Windows machine and will be logging into the Samba server from the Windows machine, specify that Windows username in the WindowsUsernamefield. The AuthenticationMode on the Security tab of the ServerSettings preferences must be set to User for this option to work. Also configure a SambaPasswordfor the Samba User and confirm the Samba Password by typing it again. Even if you select to use encrypted passwords for Samba, it is recommended that the Samba passwords for all users are different from their Red Hat Linux system passwords. To edit an existing user, select the user from the list, and click Edit User . To delete an existing Samba user, select the user, and click theDeleteUser button. Deleting a Samba user does not delete the associated Red Hat Linux user account.

The users are modified immediately after clicking the OK button.

Adding a Share

Addinga Share
To add a share, click the Add button. The Basic tab configures the following options: Directory The directory to share via Samba. The directory must exist. Descriptions A brief description of the share. BasicPermissions Whether users should only be able to read the files in the shared directory or whether they should be able to read and write to the shared directory. On the Accesstab, select whether to allow only specified users to access the share or whether to allow all Samba users to access the share. If you select to allow access to specific users, select the users from the list of available Samba users. The share is added immediately after clicking OK.

Command Line Configuration

Samba uses /etc/samba/smb.conf as its configuration file. If you change this configuration file, the changes do not take effect until you restart the Samba daemon with the command service smb restart. To specify the Windows workgroup and a brief description of the Samba server, edit the following lines in your smb.conf file:


Replace WORKGROUPNAME with the name of the Windows workgroup to which this machine should belong. The BRIEF COMMENT ABOUT SERVER is optional and is used as the Windows comment about the Samba system. To create a Samba share directory on your Linux system, add the following section to your smb.conf file (after modifying it to reflect your needs and your system):

[sharename] comment = Insert a comment here path = /home/share/ valid users = tfox carole public = no writable = yes printable = no create mask = 0765
The above example allows the users tfox and carole to read and write to the directory /home/share, on the Samba server, from a Samba client.