You are on page 1of 49


UNIX is a multitasking, multi-user computer operating system originally developed in 1969
by a group of AT&T employees at Bell Labs .
Unix operating systems are widely used in servers, workstations, and mobile devices. Unix
was designed to be portable, multi-tasking and multi-user in a time-sharing configuration.
Unix systems are characterized by various concepts:
 the use of plain text for storing data;
 a hierarchical file system;
 treating devices and certain types of inter-process communication (IPC) as files;
 the use of a large number of software tools, small programs that can be strung
together through a command line interpreter using pipes.
These concepts are collectively known as the Unix philosophy.
Unix vs Windows: Two Major Classes of Operating Systems
On the server front, Unix has been closing in on Microsoft’s market share.
On the client front, Microsoft is currently dominating the operating system market with over
90% market share.
Advantages of Unix over windows

Flexiblity -Unix is more flexible and can be installed on many different types of
machines, including main-frame computers, supercomputers and microcomputers.
Stable -Unix is more stable and does not go down as often as Windows does,
therefore requires less administration and maintenance.

Security-Unix has greater built-in security and permissions features than

Processing power -Unix possesses much greater processing power than

Inexpensive open-source operating systems - The mostly free or inexpensive
open-source operating systems, such as Linux , with their flexibility and control,
are very attractive to (aspiring) computer wizards.

Software design -Unix also inspires novel approaches to software design, such as
solving problems by interconnecting simpler tools instead of creating large
monolithic application programs.

Main Features of UNIX

multi-user- more than one user can use the machine at a time
supported via terminals (serial or network connection)

multi-tasking -more than one program can be run at a time

hierarchical directory structure -to support the organisation and maintenance of

portability- only the kernel ( <10%) written in assembler ,tools for program
a wide range of support tools (debuggers, compilers)

programming facility- Unix shell is a programming language .This featureis used to
design shell scripts

1.Linux-The Operating System

Linux is a Unix-like computer Operating System (or OS) that uses the Linux kernel. Linux
started out as a personal computer system used by individuals, and now used mostly as a
server operating system. Linux is a prime example of open-source development, which means
that the source code is available freely for anyone to use.
Linus Torvalds, who was then a student at the University of Helsinki in Finland, developed
Linux in 1991. He released it for free on the Internet. Due to the far reach of the Free
Software Foundation (FSF) and the GNU Project, Linux popularity increased rapidly, with
utilities developed and released for free online.
It provides the basic computer services needed for someone to do things with a computer. It is
the middle layer between the computer hardware and the software applications you run.

The GNU software

About GNU
GNU stands for 'GNU's Not Unix.' It was a project conceived by Richard Stallman in 1983 in
response to the increasing tendency of software companies to copyright their software under
terms that prohibited sharing. GNU's purpose is to develop a wholly free system.
The kernel combined with GNU's free software is properly called "GNU/Linux."
About GPL
Both the kernel and the software are freely available under licencing that is sometimes called
"copyleft" (as opposed to copyright). Where traditional copyright was meant to restrict usage
and ownership of a copyrighted item to as few people as possible, inhibiting development and
growth, GNU/Linux is different. It is released under terms designed to ensure that as many
people as possible are allowed to receive, use, share, and modify the software. That licence is
called the GPL (GNU Public Licence).
What is the Kernel?
The kernel is a program that constitutes the central core of a computer operating system. It
has complete control over everything that occurs in the system.
The kernel is the first part of the operating system to load into memory during booting (i.e.,
system startup), and it remains there for the entire duration of the computer session because
its services are required continuously. Thus it is important for it to be as small as possible
while still providing all the essential services needed by the other parts of the operating
system and by the various application programs.
Because of its critical nature, the kernel code is usually loaded into a protected area of
memory, which prevents it from being overwritten . The kernel performs its tasks, such as
executing processes and handling interrupts, in kernel space, whereas everything a user
normally does, in user space.
Crash of the Kernel
When a computer crashes, it actually means the kernel has crashed. If only a single program
has crashed but the rest of the system remains in operation, then the kernel itself has not
crashed. A crash is the situation in which a program, either a user application or a part of the
operating system, stops performing its expected function(s) and responding to other parts of
the system. The program might appear to the user to freeze. If such program is a critical to the
operation of the kernel, the entire computer could stall or shut down.
The kernel provides basic services for all other parts of the operating system, typically
including memory management, process management, file management and I/O
(input/output) management (i.e., accessing the peripheral devices). These services are

requested by other parts of the operating system or by application programs through a
specified set of program interfaces referred to as system calls.
Components of Linux Kernel
The major components of the Linux kernel shown in Figure
Figure . One architectural perspective of the Linux kernel

System call interface
The SCI is a thin layer that provides the means to perform function calls from user space into
the kernel.
Process management
Process management is focused on the execution of processes. In the kernel, these are called
threads. In user space, the term process is typically used. The kernel provides an application
program interface (API) through the SCI to create a new process (fork, exec ) ,stop a process
(kill, exit), and communicate and synchronize between them (signal).
Also in process management is the need to share the CPU between the active threads called
CPU scheduling
Memory management
Another important resource that's managed by the kernel is memory. Linux includes the
means to manage the available memory, as well as the hardware mechanisms for physical and
virtual mappings.
Supporting multiple users of memory, there are times when the available memory can be
exhausted. For this reason, pages can be moved out of memory and onto the disk. This
process is called swapping because the pages are swapped from memory onto the hard disk.
You can find the memory management sources in ./linux/mm.
Virtual file system
The virtual file system (VFS) is an interesting aspect of the Linux kernel because it provides
a common interface abstraction for file systems. The VFS provides a switching layer between
the SCI and the file systems supported by the kernel .
Network stack
The network stack, by design, follows a layered architecture modeled after the protocols
themselves. You can find the networking sources in the kernel at ./linux/net.

there are elements that must consider the architecture for normal operation and for efficiency. Microkernels have a advantage of portability ex: they don’t have to worry if you change your video card Microkernels also have a very small footprint./linux/arch subdirectory defines the architecture-dependent portion of the kernel source contained in a number of subdirectories that are specific to the architecture (collectively forming the BSP). and IPC (inter process communication). microkernels. Each has its own advocates and detractors. Ex:Unix Pros  Portability  Small install footprint  Small memory footprint  Security Cons  Hardware is more abstracted through drivers  Hardware may react slower because drivers are in user mode  Processes have to wait in a queue to get information  Processes can’t get access to other processes without waiting Monolithic Kernel Monolithic kernels are the opposite of microkernels because they encompass not only the CPU. The . and IPC. the i386 directory is used. You can find the device driver sources in ./linux/drivers. for both memory and install space. and they tend to be more secure because only specific processes run in user mode which doesn’t have the high permissions as supervisor mode. memory. Architecture-dependent code While much of Linux is independent of the architecture on which it runs. but they also include things like device drivers. Microkernel A microkernel manages: CPU. hybrid kernels and exokernels. Categories of Kernels Kernels can be classified into four broad categories: monolithic kernels. For a typical desktop. file system management. memory. Monolithic kernels tend to be better at accessing hardware and multitasking. Ex: Linux Pros  More direct access to hardware for programs .Device drivers The vast majority of the source code in the Linux kernel exists in device drivers that make a particular hardware device usable. and system server calls. The Linux source tree provides a drivers subdirectory that is further divided by the various devices that are supported.

Their operating system was novel in respect of portability. each exporting a different API (application programming interface). Ken Thompson and Dennis Richie.They implemented a rudimentary operating system they named Unics. called C. Begun in 1965. such as one for Linux and one for Microsoft Windows. Somehow. Two Bell Labs software engineers. it should work with no additional installations  Processes react faster because there isn’t a queue for processor time Cons  Large install footprint  Large memory footprint  Less secure because everything runs in supervisor mode Hybrid kernels Hybrid kernels are similar to microkernels. Ritchie and Thompson made copies of Unix freely available to programmers around the world.2-Linux History Linux traces its ancestry back to a mainframe operating system known as Multics (Multiplexed Information and Computing Service). Exokernels in themselves they are extremely small A major advantage of exokernel-based systems is that they can incorporate multiple library operating systems. who incorporated the best such changes in their version of Unix. and they provide no hardware abstractions on top of which applications can be constructed. Easier for processes to communicate between each other  If your device is supported. This separation of hardware protection from hardware management enables application developers to determine how to make the most efficient use of the available hardware for each specific program. including Microsoft Windows NT. worked on Multics . 1. 2000 and XP. Exokernels Exokernels differ from the other types of kernels in that their functionality is limited to the protection and multiplexing of the raw hardware. These programmers revised and improved Unix. except that they include additional code in kernel space so that such code can run more swiftly than it would were it in user space. sending word of their changes back to Ritchie and Thompson. Most modern operating systems use hybrid kernels. Ritchie and Thompson first created a programming language. the spelling of the name became Unix. Multics was one of the first multi-user computer systems and remains in use today. . These kernels represent a compromise that was implemented by some developers .Hybrid kernels should not be confused with monolithic kernels that can load modules after booting (such as Linux). Writing Unix in C made it possible to easily adapt Unix to run on computers. thus making it possible to simultaneously run both Linux and Windows applications. As word of their work spread and interest grew. In order to create a portable operating system. as a pun on Multics.

Torvalds sent a posting to the comp. networking. 1992. On October 5th. 1991. Although Torvalds continued to function as the Linux kernel release manager.4 in January 2001.95. After that Linux became an underground phenomenon. a non-free Unix-like system. stable kernel.2. develop.11. but then released Version 0. Torvalds was a student at the University of Helsinki in Finland where he had been using Minix. and by December 19th a functional. providing (among other improvements) compatibility with the upcoming generations of Intel's 64-bit Itanium computer processors. The underlying GNU Project was launched in 1983 by Richard Stallman originally to develop a Unix-compatible operating system calledGNU. Torvalds released Version 0. with a growing group of distributed programmers that continue to debug. which merged into The Linux Foundation. a basic version that still needed Minix to operate. and by September had a basic design that he called Version 0. and by 1991 most of the components of the system were ready. Linus Torvalds invented Linux itself. proving ready for production use.Linux is the first truly free Unix-like operating system.01. He started by developing device drivers and hard-drive access.12 under the well established GNU General Public License. which is called Linux. was afterwards combined with the GNU system to produce a complete free operating system. was officially released in January 1999. recognizing a common standard that could finally reunify the fractured world of the Unix Wars. a major update to the Linux kernel. most computer companies supported Linux in one way or another. and instead went to work for a company called Transmetaand helped develop mobile computing solutions. This kernel. stand-alone Unix-like Linux system was released as Version 0. The kernel was then rapidly improved by Torvalds and a growing number of volunteers communicating over the Internet. Still missing was the kernel.12 was released. In 1991. More and more free software was created for Linux over the next several years. he avoided work at any of the many companies involved with Linux in order to avoid showing favoritism to any particular organization.3 Linux Features:Following are the key features of the Linux operating system:  Multitasking: several programs running at the same time. By the year 2000. and enhance the source code baseline to this day. to reflect the fact that it was becoming a full-featured system. and made his home at the Open Source Development Labs (OSDL). intended to be entirely free software. and began writing his own kernel.minix newsgroup announcing the release of Version 0. Linux continued to be improved through the 1990's. .  Multiuser : several users on the same machine at the same time (and no two-user licenses!). and database serving. The next major release was V2. Many programs and utilities were contributed by developers around the world.11 under a freeware license of his own devising.02. and started to be used in large-scale applications like web hosting. On January 5. Linux Version 0. The next release was called Version 0. 1. an improved. Version 2. but which attracted considerable interest nevertheless.os.

 Shared copy-on-write pages among executables.  Debian GNU/LINUX -Debian is a free operating system (OS) that uses the Linux kernel and provides more services than a pure OS: it comes with many packages. you can use up to 64. Corporations and agencies that standardize on Red Hat Enterprise Linux are free to focus on building their businesses.  RedHat . The latest release. This means that multiple process can use the same memory to run in. including the whole kernel and all drivers. knowing they have a platform that delivers more of what they need.  Mandrake -It was developed at Melbourne IT Limited which is a world leader in the supply of domain name registration and other online solutions with a strong commitment to the delivery of high value internet services and Web-based solutions to organizations of all sizes across the globe. . and control.  Multiprocessor/multithreading: it has native kernel support for multiple independent threads of control within a single process memory space.  Demand loads executables : Linux only reads from disk those parts of a program that are actually used. precompiled software bundled up in a nice format for easy installation on your machine. It was the early "business-oriented distribution" . the development tools and all user programs. efficiency. or both. represents a new standard for Red Hat by offering greater flexibility. and all the common system V file systems. including minix. but everything that has been free. with the possibility of adding more swapping areas during runtime .4 Linux Distibution Some of the popular LINUX distributions are:  Caldera OpenLinux .  Multiple virtual consoles: several independent login sessions through the console are allowed . Plenty of commercial programs are being provided for Linux without source. is still free. A unified memory pool for user programs and disk cache.  Supports several common file systems. and has an advanced file system of its own.  Virtual memory using paging (not swapping whole processes) to disk: to a separate partition or a file in the file system. including the entire base operating system.  Protected It has memory protection between processes.Red Hat Enterprise Linux is an enterprise platform well-suited for a broad range of applications across the IT infrastructure. also. which offers file systems of up to 4 TB. you switch by pressing a hot-key combination. so that all free memory can be used for caching. not just Intel. 1. and the cache can be reduced when running large a Linux distribution that was created by the former Caldera Systems corporation. that page (4KB piece of memory) is copied somewhere else. These are dynamically allocated. and names up to 255 characters long. all of it is freely distributable. Multiplatform: runs on many different CPUs. so that one program can't bring the whole system down. Red Hat Enterprise Linux 6. When one tries to write to that memory.  All source code is available. Copy-on-write has two benefits: increasing speed and decreasing memory use. Xenix.

IPX. IPv4. IPv4.    The hardware level contains device drivers and machine specific components.  The kernel interfaces with the hardware and device drivers and presents a stable set of interfaces to support standard UNIX application programs. Netrom. DDP.  The application programs enable the users to accomplish meaningful work with the a free and open source Linux-based operating system. DDP (AppleTalk).SUSE is the original provider of the enterprise Linux distribution and the most interoperable platform for mission-critical computing. like shells. Stable network protocols included in the stable kernels currently include TCP. They are user. and others. . kernel and hardware levels. 1.   Slackware -. like getting from place to place. AX. IPX. It's the only Linux recommended by Microsoft .25. IPv6. using plain text files for configuration and making as few modifications as possible to software packages . and to be the most "Unix-like" Linux distribution. and AX. And it's supported on more hardware and software than any other enterprise Linux distribution TurboLinux The Turbolinux distribution was created as a rebranded Red Hat distribution Many networking protocols: the base protocols available in the latest development kernels include TCP.Slackware aims for design stability and simplicity. X.  The hardware and device drivers present a stable set of definitions to support many types of kernels. It was one of the earliest operating systems to be built on top of the Linux kernel .25. The user level is a collection of applications. It is divided into three levels.5 Overview of linux Architecture:Linux Architecture Linux is a hardware independent architecture derived from UNIX. editors and utilities.25. The kernel level is a mix of machine-dependent and machine-independent software. SuSE . These levels may be thought of like the wheel of an automobile.

space. 1.6 -System Processes:- Processes . And while each user-space process occupies its own virtual address space. The fundamental architecture of the GNU/Linux operating system At the top is the user.  the kernel code. This code serves as the processor and platform-specific code for the given architecture.  system call interface. Here. the kernel occupies a single address space The Linux kernel can be further divided into three gross levels.  the architecture-dependent code. Below the user space is the kernel space.Figure 2. which implements the basic functions such as read and write. This code is common to all of the processor architectures supported by Linux. the Linux kernel exists. There is also the GNU C Library (glibc). which forms what is more commonly called a BSP (Board Support Package). which can be more accurately defined as the architecture-independent kernel code. This provides the system call interface that connects to the kernel and provides the mechanism to transition between the user-space application and the kernel. or application. This is important because the kernel and user application occupy different protected address spaces. This is where the user applications are executed.

Stopped The process has been stopped. Linux must keep track of the process and its system resources to fairly manage it and the other processes in the system. Waiting The process is waiting for an event or for a resource. interruptible and uninterruptible. Linux Processes Linux can manage the processes in the system. Interruptible waiting processes can be interrupted by signals whereas uninterruptible waiting processes are waiting directly on hardware conditions and cannot be interrupted under any circumstances. Each individual process runs in its own virtual address space and is not capable of interacting with another process except through secure. for some reason. Each process is a separate task with its own rights and responsibilities. It will use the CPUs in the system to run its instructions and the system's physical memory to hold it and its data. kernel-managed mechanisms. by default it has 512 entries. Zombie This is a halted process which. a new task_struct is allocated from system memory and added into the task vector. Process State As a process executes it changes state according to its circumstances. usually by receiving a signal. Linux is a multiprocessing operating system. The task vector is an array of pointers to every task_struct data structure in the system. If one process crashes it will not cause another process in the system to crash. To make it easy to find. the current. Linux also supports real time processes. and the required system resources for those threads. It is what it sounds like. The Life Cycle of Processes . As processes are created. Linux processes have the following states: Running The process is either running (it is the current process in the system) or it is ready to run (it is waiting to be assigned to one of the system's CPUs). a dead process. running. It is an address space with one or more threads executing within that address space. each process is represented by a task_struct data structure. It will open and use files within the filesystems and may directly or indirectly use the physical devices in the system.A process is a program that is running. process is pointed to by the current pointer. Needs of a process During the lifetime of a process it will use many system resources. This means that the maximum number of processes in the system is limited by the size of the task vector. constantly changing as the machine code instructions are executed by the processor In short a process is an executing program encompassing all of the current activity in the microprocessor. Each instance of a running program constitutes a process. A process is a dynamic entity. A process that is being debugged can be in a stopped state. Linux differentiates between two types of waiting process. still has a task_struct data structure in the task vector.

If the process is simply a copy of the original process (a fork but no exec). sleeping 5. newly created. not ready to run." These changes can occur.The state a process is in changes many times during its "life. ready to run 4. it then begins to run in the state that the original process was in (1 or 2). an interrupt may be generated (more often than not. When a process is running. issued exit system call (zombie) Life cycle of the process   A newly created process enters the system in state 5. This is the same state as state 3 because it is still ready to run and in main memory. executing in user mode 2. this is the system clock) and the currently running process is pre-empted (3). when the process makes a system call. and not sleeping 6.h: 1. A commonly used model shows processes operating in one of six separate states. which you can find in sched. for example. executing in kernel mode 3. .

The init program uses /etc/inittab as a script file to create new processes within the system. it can never run again because nothing exists other than the entry in the process table. It is now in state 4. the process is awakened. One exception is the slot in the process table. These new processes may themselves go on to create new processes. Assume at this point that the system call made was to read a file on the hard disk. Creating a new process . the value of its PPID (Parent process ID) is changed to 1 (the PID of init). the initial process starts up a kernel thread (called init) and then sits in an idle loop doing nothing. When a process is inherited by init. it is statically defined at kernel build time and is. called init_task. it moves from state 4 (sleeping) to state 3 (ready to run). the kernel will be nice to the process by allowing it to set the priority at which it will run when it wakes. which is the responsibility of the init process for the exit code of the exiting process. This can be used by the parent process to determine whether the process did what it was supposed to do or whether it ran into problems. it is voluntarily giving up the CPU. The INIT process When the system starts up it is running in kernel mode and there is. Nice process When a process puts itself to sleep while waiting for an event to occur that is for example an interrupt from the keyboard. This can be in either user mode (1) or kernel mode (2). The exit() system call releases all the data structures that the process was using. idle. Whenever there is nothing else to do the scheduler will run this. When the data is ready. Because the read is not carried out immediately. If the exiting process has any children.    When the process makes a system call while in user mode (1). rather confusingly. and it becomes a "zombie. process. The idle process's task_struct is the only one that is not dynamically allocated. the process goes to sleep. it moves into state 2 where it begins to run in kernel mode. but rather it is once again ready to run in main memory (3). they are "inherited" by init. the initial process. The only thing to do is to let the system clean it up. in a sense. Ending the life cycle A process can end its life by either explicitly calling the exit() system call or having it called for them. The process shows that it has terminated by putting itself into state 6.At the end of system initialization. An Idle process . waiting on the event that the system has read the disk and the data is ready. If a process that was asleep is awakened (perhaps when the data is ready). only one process. This is why you cannot "kill" a zombie process. The init kernel thread or process has a process identifier of 1 as it is the system's first real process that does some initial setting up of the system and then executes the system initialization program. Because the process is being so nice to let others have a turn." Once here. This does not mean it runs immediately.

The Virtual File System supplies the applications with the system calls for file management to maintain internal structures and passes tasks on to the appropriate actual file system.New processes are created by cloning old processes. This applies to the process's files.7 . Another important job of the VFS is performing standard actions. Cloning a process's virtual memory A new set of vm_area_struct data structures must be generated together with their owning mm_struct data structure and the cloned process's page tables.Ext2 and Ext3 File system:LINUX supports large number of file systems with the help of unified interface to the LINUX kernel called the Virtual File System (VFS). Instead Linux uses a technique called ``copy on write'' which means that virtual memory will only be copied when one of the two processes tries to write to it. or rather by cloning the current process. . Basic principles  A file system refers to the purposeful structuring of data thereby increasing the speed of access to data and a facility for random access. A new task is created by a system call (fork or clone) and the cloning happens within the kernel in kernel mode. signal handlers and virtual memory. When cloning processes Linux allows the two processes to share resources rather than have two separate copies. 1. A new task_struct data structure is allocated from the system's physical memory with one or more physical pages for the cloned process's stacks (user and kernel). None of the process's virtual memory is copied at this point. At the end of the system call there is a new process waiting to run once the scheduler chooses it. Figure The layers in the file system.

Using the functions of the buffer cache. LINUX also has at its disposal the buffer cache .  Each file system starts with a boot block reserved for the code required to boot the operating system . which means that. it is possible to access any of the sequentially numbered blocks in a given device.  In LINUX. which adds another file system (of whatever type) to an existing directory tree.  Every file is represented by just one inode. each inode has a unique number and the file itself can also be accessed using this number.  the inode already contains a few block numbers to ensure efficient access to small files. Access to larger files is provided via indirect blocks. access rights and the allocation of data to blocks on the physical media. . These data blocks thus contain ordinary files along with the directory entries and the indirect blocks.  When using these. These are also implemented as files.  This arrangement is built up by the action of mounting the file system.  The remaining blocks for the device provide the space for the data. which also contain block numbers. The information contained includes access times.  Directories allow the file system to be given a hierarchical structure. which are divided into a specific number of equal-sized blocks.  Figure shows the arrangement of a typical LINUX inode. Random access is made possible by block-oriented devices. the information required for file management is kept strictly apart from the data and collected in a separate inode structure for each file.  All the information which is essential for managing the file system is held in the superblock which is followed by a number of inode blocks containing the inode structures for the file system Figure Structure of a LINUX inode. but the kernel assumes them to contain pairs consisting of a filename and its inode number. within a file system.

forms the mount interface: further functions of the file system implementation will be made known to the VFS via this function. A new file system can be mounted onto any directory. #endif  the VFS is given the name of the file system ('minix').  These structures are held in the static table super_blocks[] and limited in number to NR_SUPER. read_super( ). as this calls all the read_super( ) functions present in the various file system implementations  The file-system-specific function read_super() reads its data if necessary from the appropriate block device using the LINUX cache functions .  Another major important aspect of a file system is data security.  The superblock is initialized by the function read_super() in the Virtual File System. and • a silent flag indicating whether unsuccessful mounting should be reported.  This system call is necessary because access to kernel structures is not allowed from user mode (which is the status of the init process).' immediately after the init process is created by the kernel function init() (file init/main.c). it will contain: • a superblock structure in which the elements s_dev and s_flags are filled in accordance with Table below.  The file-system-independent mount flags in the superblock.  When called.  The function passed. 1.  The setup call itself is called just once.  Every mounted file system is represented by a super_block structure. .  Unmounting the file system releases the hidden directory structure again. #ifdef CONFIG_MINIX_FS register_filesystem(&(struct file_system_type) {minix_read_super. the file system containing the file must be mounted. Mounting  Before a file can be accessed. The representation of file systems in the kernel  The actual representation of data in LINUX'S memory sticks closely to the logical structure of a UNIX file system.  These functions are provided to the VFS via the function register_filesystem().  The function sets up the file_system_type structure  it has been passed in a singly linked list whose beginning is pointed to by file_systems.  The VFS. This can be done using either the system call mount or the function mount_root(). "minix". This original directory is then known as the mount point and is covered up by the root directory of the new file system along with its subdirectories and files. calls the file-system-specific functions for the various implementations to fill up the structures. • a character string (in this case void *) containing further mount options for the file system. • This flag is used only by the kernel function mount_root().  This file-system-specific function will have been made known on registering the implementation with the VFS. NULL}).  It is called by the system call setup after all the file system implementations permanently included in the kernel have been registered.  The mount_root() function takes care of mounting the first file system (the root file system).

there is a pointer generic_sdp. h>.to write the superblock and to read file system information. }. . struct iattr *). int *. and these form the basis for further work on the file system. struct statfs *). such as block size.  In addition.  The function is used in synchronizing the device and is ignored by read-only file systems .  For file system modules mounted later. if the pointer to the operation is NULL -no further action will take place. Superblock operations The superblock structure provides. void (*write_inode) (struct inode *).  when it should also release the superblock and other information buffers and/or restore the consistency of the file system. • put_super(sb)  The Virtual File System calls this function when unmounting file systems. void (*write_super) (struct super_block *). char *). in the function vector s_op. functions for accessing the file system. int (*notify_change) (struct inode*. int (*remount_fs) (struct super_block *. access rights and time of the last change.  In addition. struct super_operations { void (*read_inode) (struct inode *). void (*put_super) (struct super_block *). which are defined in the file <linux/ Locks.  This uses the functions Lock_super() and unLock_super().  write_super(sb)  The write_super(sb) function is used to save the information of the superblock.  The function will cause the cache to write back the buffer for the superblock: this is ensured by setting the buffer's b_dirt flag. void (*put_inode) (struct inode *). the structure holds special information on the relevant file systems.  If a superblock operation is not implemented .Macro MSRDONLY MSNOSUID MSNODEV MSNOEXEC MSSYNCHR MSREMOU Value 1 2 4 8 16 32 Remarks File system is read only Ignores S bits Inhibits access to device files Inhibits execution of program Immediate write to disk Changes flags  The superblock contains information on the entire file system.  The components s_Lock and s_wait ensure that access to the superblock is synchronized. void (*statfs) (struct super_block *. the s_dev entry in the superblock structure must be set to 0 to ensure that the superblock is once again available after unmounting.that is.  The functions in the super_operations structure serve to read and write an individual inode.

if device file */ /* size */ /* time of last access */ . The inode structure  When a file system is mounted. umode_t i_mode.  The main purpose of the read_inode0 function is to mark the different file types by entering inode operations in the inode according to the file type. time_t i_atime. the superblock is generated and the root inode for the file system is entered in the component i_mount at the appropriate mount point. dev_t i_rdev.  Its main task is to delete the file physically and release its blocks.  This involves entering the new attributes for the file system in the superblock and restoring the consistency of the file system. in its inode structure. off_t i_size. attr)  The changes made to the inode via system calls are acknowledged by notify_change(). • notify_change(inode. which will already have given the entries i_dev.• statfs(sb. the number of free blocks and the preferred block size. analogous to write_super(). in a similar way to read_super(). that is. options)  The remount_fs() function changes the status of a file system . flags. • remount_fs(sb.  The structure is located in the user address space. gid_t i_gid.  It is called by the function _iget(). • write_inode(inode) This function saves the inode structure.  All inode changes are carried out on the local inode structure only.  This structure provides information on the file system. • read_inode(inode)  This function is responsible for filling in the inode structure it has been passed. unsigned long i_ino. • put_i node(inode)  This function is called by iput() if the inode is no longer required.  The definition of the inode structure is as follows: struct Inode { dev_t i_dev. which means that the computer exporting the file system needs to be informed. /* file device number */ /* inode number */ /* file type and access rights */ /* number of hard Links */ /* owner */ /* owner */ /* device. nlink_t i_nlink. statfsbuf)  The two system calls statfs and fstatfs call the superblock operation which fill in the staffs structure. i_ino. i_sb and i_flags their contents. uid_t i_uid.

which is accessed via the entries i_next and i_prev. First. /* time of last modification */ time_t i_ctime. for which the components i_count.  This approach is not particularly efficient. * 1_hash_prev. ••• void *generic_ip.time_t i_mtime. /* socket management */ unsigned short i_count. where collisions are dealt with via a doubly linked list using the components i_hash_next and i_hash_prev. /* time of creation */ unsigned long i_blksize.  The unused inodes are generated via the grow_inodes() function. /* inode operations */ struct super_block * i_sb. inodes are also stored in an open hash table hash_table[].  The remainder contains management information and the file-system-dependent union u.  In memory. /* inode has been modified */ unsigned char i_pipe. this holds information on the file. unused inodes. /* file-system-specific information */ }. /* inode represents pipe */ unsigned char i_sock. /* DCache version management */ struct semaphore i_sem. /* inode is current */ union { struct pipe_inode_info pipe_i. /* access control */ struct inode_operations * 1_0p. /* block size */ unsigned long i_blocks. /* inode linking . /* file locks */ struct vm_area_struct * i_mmap.  In the first section. /* not used */ unsigned char i_update. /* number authorized to write */ unsigned short i_flags. struct minix_inode_info minix_i. /* reference counter */ unsigned short i_wcount. /* wait queue */ struct file_lock * i_flock.  The iget( ) function supplies the inode specified by the superblock and the inode number . which is called every time that less than a quarter of all the inodes are free but not more than NR_INODE are in existence. } u. * i_prev. struct inode * i_mount. /* lock */ unsigned char i_dirt. /* number of blocks */ unsigned long i_version.  For fast access. /* inode represents socket */ unsigned char i_seek. struct inode * i_bound_to. */ struct inode * i_hash_next. /* memory areas */ struct inode * i_next. * i_bound_by. /* mounted inode */ struct socket * i_socket. namei() and iput( ). as the complete list of inodes also includes the 'free'.  Access to any of the NR_IHASH entries is made through the device and inode numbers. .  The number of unused inodes and the count of all available inodes are held in the static variables nr_free and nr_inode respectively. the inodes are managed in two ways. they are managed in a doubly linked circular list starting with first_i node. /* flags (= i_sb->s_flags) */ unsigned char i_lock. i_dirt and i_lock should all be zero. /* superbLock */ struct wait_queue * i_wait.  The functions for working with inodes are iget().

int.const char *. struct inode **).const char * int (*follow_link) (struct inode *.int. int (*Link) (struct inode *. struct inode **). }.int). res_inode) .  _namei() function supplies the inode for the directory that contains the file with the name  If it is not found. int).  All functions return an error code smaller than 0 if they are not successful.struct inode *.int). struct inode **). The Inode operations  The inode structure also has its own operations. struct inode_operations { struct file_operations * defauLt_file_ops.const char *. int). which are held in the inode_operations structure and mainly provide for file management. name. int (*readlink) (struct inode *. a 'free' inode is selected (get_empty_inode()) and the implementation of the relevant file system calls the superblock operation read_inode() to fill it with information. int (*mkdir) (struct inode *.  This decrements the reference counter by 1 and marks the inode structure as 'free' if the former is 0.const char *.int).int.struct inode *. int (*create) (struct inode *.const char *. int (*symLink) (struct inode *.struct inode *.int.const char *.int.char * void (•truncate) (struct inode *). int (*lookup) (struct inode *. int (•permission) (struct inode *.int. If the required inode is included in the hash table. the i_count reference counter is simply incremented.const char *).int. • create( char *.const char *.int).  These functions are usually called directly from the implementations of the appropriate system calls.const char *. int (*rmdir) (struct inode *. const char *. int (*bmap) (struct inode *. int (*rename) (struct inode *.  The resulting inode is then added to the hash table. int (*unLink) (struct inode *. len. int (*mknod) (struct inode *.int).  An inode obtained using iget() has to be released using the function iput( ). int (*smap) (struct inode *. mode.

• rmdir(dir.  The mkdir() function first has to check whether further subdirectories are permitted in the directory.  Before thisfunction is called by the VFS. create( ) enters the filename name of length ten in the directory specified by the inode dir.  It performs a number of tasks. Len. to which the directory is then written together with its default entries '. • unLink(dir. the access permissions will have been checked by a call to permission(). name. name.  The file oldinode will be linked under the stated name and the associated length in the directory specified by the inode dir.  The calling function first confirms that this operation possesses the relevant permissions. Len. with Len giving the length of the name name. name. res_inode)  This function is supplied with a filename and its length and returns the inode for the filein the argument res_inode. if the root inode for a mounted file system is overstepped by '.'.  then allocate a free inode on the data media and a free block.  The calling VFS function LookupO performs a special procedure for the name '. • Lookup(dir. Len) .  The access rights will already have been checked in the calling VFS function. name. Len)  This function deletes the specified file in the directory specified by the inode dir. the root inode is returned. for which. name. the VFS function uses the 'hidden' inode to call the inode operation. • mkdir(dir.  This is carried out by scanning the directory specified by the  inode dir.  If the process is already in its root directory. it extracts a free inode from the complete list of inodes with the aid of the get_empty_inode()) function. • symLink(dir.  Before Link() is called.. name. • After this. Len)  This function sets up a hard link.  The symbolic link points to the path symname. mode)  This function sets up a subdirectory with the name and the access rights mode in the directory dir. • Link(oldinode. symname)  This function sets up the symbolic link name in the directory dir. a free inode on the media is sought out..'. This function is called from within the VFS function open_namei().' and '.  The Lookup() function must be defined for directories. Len.'. dir. The inode structure now needs to be filled with filesystem-specific data. for example. • First. a check is made that the inodes dir and old inode are on the same device and that the current process is authorized to write to dir.  However..

fLag. the pathname should simply be truncated. If the inode is not a symbolic link.' and '. nlen)  This function changes the name of a file. This function deletes subdirectory name from the directory dir.  This function is called directly from sys_read Link( ) once the write  access permission to the buffer buf has been checked and the inode has been found using Lnamei(). res_inode)  This function is used to resolve symbolic links. • follow_Link(dir.  The function first checks that the directory to be deleted is empty and whether it is currently being used by a process. and  a further checkis made to ensure that the directories '.  This inode will be given the name in the directory dir. • mknod(dir. ndir. the maximum number of links to be resolved is set at 5  If follow_link() is missing.  The calling functionchecks the relevant access permissions in the . name. oname. block)  This function is called to enable memory mapping of files.' do not appear as the source or destination of an operation. • rename(odir. EINVAL should be returned.  This may in some cases involve reading other blocks from the media.  as well as the access rights are checked beforehand by a VFS function. directories beforehand. inode. Len. • bmap(inode.  To do this. size)  This function reads symbolic links and should copy into the buffer in the user address space -the pathname for the file to which the link points. but.  This function is used by generic_mmap() to map a block from the file to an address in the user address space.  This number must be converted by bmap() into the logical number of the block on the media. nnane.  To avoid endless loops.  If the inode is a device file. rdev)  This function sets up a new inode in the mode mode. point to another symbolic link without testing whether the current inode describes a file or a symbolic link. the calling function of the same name in the VFS simply returns inode.  In the argument block it is given the number of a logical data block in the file. .  For the inode assigned to a symbolic link.  If the buffer is too small. after all. mode. mode. this function returns the inode to which the link points to the argument res_inode. oLen.. as if the link were pointing to itself.  A symbolic link can.  This involves removing the old name oname from the odir directory and entering the new name nname in ndir. • : readLink(Inode. the parameter rdev gives the number of the device. bmap() searches for the block in the actual implementation of the specified inode and returns its number.

LINUX has simply introduced a structure file. To avoid synchronization problems and allow shared access to files by different processes. /* loff_t f_pos. • truncate(inode)  This function is mainly intended to shorten a file. /* *private_data. the type of access f_flags and the number of accesses f_count. the current file position f_pos. contains information on a specific file's access rights f_mode. Even a single process may be reading and writing at different points in the file. both to read and to write. If it cannot be found.  In the memory management function rw_swap_pagc(). struct file_operations * f_op. both by the system call sys_truncate() and when a file is opened. unsigned short f_flags.  The only parameter required by truncate() is the inode of the file to be amended. but can also lengthen a file to any length if this is supported by the specific implementation. executable files must first be loaded into memory completely.  The truncate() function is used at a number of places in the kernel. /* off_t f_reada.*f_prev. unsigned short f_count. /* struct inode *f_inode. the smap() function is required to prepare to work with a swap file In a multi-tasking system the problem often arises that a number of processes wish to access a file at the same time. /* f_owner. the truncate() function can be used to delete a file physically if the inode on the media is cleared afterwards. sector)  This function is intended to allow swap files to be created  this inode operation supplies the logical sector number (not block or cluster) on the media for the sector of the file specified. flag)  This function checks the inode to confirm the access rights to the file given by the mask. /* access type */ /* file position */ /* openO -flags */ reference counter */ read ahead flag */ Links */ PID or -PGRP for SIGIO */ /* related inode */ /* file operations */ Dcache version management */ void needed for tty driver */ . unsigned long f_version. • permission(inode. as the more efficient demand paging is not then available.  It will also release the blocks no longer required by a file. struct file { mode_t f_mode. MAY_WRITE and MAY_EXEC • smap(inode.  Thus.  The possible values for the mask are MAY_READ. with the i_size field set to the new length before the function is called. /* struct file *f_next.

on the other hand. int (*ioctl) (struct inode *. struct vm_area_struct *). struct file *. int). struct file *. The file structures are managed in a doubly linked circular list via the pointers f_next and f_prev. struct file *). The inode operations. char *. the default function can also be positioned from the end of the file. }. only use the representation of the socket or device in the related file system or its copy in memory. If this function is not implemented. unsigned long). These functions are also useful for sockets and device drivers. close. int (*fsync) (struct inode *.}. off_t. as they contain the actual functions for sockets and devices. int (*read) (struct inode *. int (*wnte) (struct inode *. in which the standard file operations are already specified. struct file *. offset. int). The reason why these functions are not held in inode_ope rat ions but in a separate structure is that they need to make changes to the file structure. struct file *). int (*fasync) (struct inode *. filp. int (*select) (struct inode *. the file position in the file structure is updated by the VFS. struct file *. This file table can be accessed via the pointer first_file. If the file is represented by an inode. struct file *. int (*open) (struct inode *. struct dirent *. If the function is missing. struct file *. File operations The file_operations structure is the general interface for work on files. int). struct file_operations { int (*Lseek) (struct inode *. int). select_table *). and contains the functions to open. the default action simply converts the file position f_pos for the file structure if the positioning is to be carried out from the start or from the current position. The inode's inode_operations structure also includes the component default_file_ops. read and write files. int (*mmap) (struct inode *. int). unsigned int. struct file *). struct file *. void (*release) (struct inode *. • lseek(inode. struct file *. char *. int (*readdir) (struct inode *. origin) The job of the lseek function is to deal with positioning within the file. int (*revalidate) (dev_t). int. int (*check_media_change) (dev_t). .

when interrogating files the VFS always returns the value 1 if it is a normal file. type. • ioctl(inode. and also that the file pointer is valid and the file has been opened to read. count) The write function operates in an analogous manner to read and copies data from the user address space to the file. If this function is not implemented. cmd. count) This function copies count bytes from the file into the buffer but in the user address space. FIONCLEX FIOCLEX FIONBIO . This function only serves a useful purpose for device drivers and sockets. it tests the following default arguments: Clears the close-on-exec bit. the Virtual File System returns ENOTDIR error • select(inode. buf. buf. filp. Sets the close-on-exec bit. Before calling the function. wait) This function checks whether data can be read from a file or written to one. The main task of the function is taken care of by the Virtual File System. the error EINVAL is returned. However. If no read function is implemented. FIOASYNC Sets or clears the O_SYNC flag as for FIONBIO. If the additional argument arg refers to a value not equal to zero. flip. the Virtual File System first confirms that the entire buffer is located in the user address space and can be written to. the O_NONBLOCK flag is set. • write(inode. filp. arg) the ioctl() function sets device-specific parameters. An additional test for exception conditions can also be made.• read(inode. before the Virtual File System calls the ioctl operation. filp. otherwise 0.  readdir(inode. thus. count) This function returns the next directory entry in the dirent structure or an error. This flag is not at present evaluated. otherwise it is cleared. filp. dirent.

The messaging will take . flip) This function is called when the file structure is released.If cmd is not among these values. otherwise the file-specific ioctL function is called. flip) The fsync() function ensures that all buffers for the file have been updated and written back to the device. as the standard function in the Virtual File System will already have taken care of all the necessary actions on regular files. on) This function is called by the VFS when a process uses the system call fcnti to log on or off for asynchronous messaging by sending a SIGIO signal. such as allocating the file structure. the function file_ioctl() is called and the system call terminates. • open(inode. the EINVAL error is returned. • map(inode. a check is performed on whether filp refers to a normal file. that is. Updating of the inode is also taken care of automatically by the Virtual File System. The structure vm_area specified describes all the characteristics of the memory area to be mapped: the components vm_start and vm_end give the start and end addresses of the memory area to which the file is to be mapped and vm_offset the position in the file from which mapping is to be carried out. This function is primarily intended for device drivers. which means that the function is only relevant for file systems • fasync(inode. If so. flip. and its absence will be ignored by the Virtual File System. vm_area) This function maps part of a file to the user address space of the current process. when its reference counter f_count is zero. • release( inode. If there is none.the VFS tests for the presence of an ioctl function. flip. For other files. flip) This function only serves a useful purpose for device drivers. • fsync(inode.

If so. the function will return a when data are received and the on flag is set. the first LINUX file system was the MINIX file system. discards all the buffers belonging to the device dev which are still in the buffer cache. if a change of media has taken place.the first to be designed for LINUX. along with all the inodes on this device. it is only called when mounting a device. so the search for a better file system was not long in starting. but its administration of free blocks in bitmaps and optimizing block allocation functions make it faster and more robust than the Ext file system. The result. It tests whether there has been a change of media since the last operation on it. It should establish and record all the necessary parameters of the media. • revalidate(dev) This function is called by the VFS after a media change has been recognized. Wayne Davidson presented the Ext2 file system as a further development of the Ext file system. was the Ext file system . number of tracks and so on. it had the drawbacks that it was slower than its MINIX counterpart and the simple implementation of free block administration led to extensive fragmentation of the file system. As check_disk_change() requires a considerable amount of time. This is also based on the MINIX file system and permits partitions of up to 2 Gbytes in size along with filenames of up to 248 characters. At the same time. otherwise a zero. it calls put_super() to remove any superblock belonging to the device. Remy Card. this file system restricts partitions to a maximum of 64 Mbytes and filenames to no more than 14 characters. The check_media_change() function is called by the VFS function check_disk_change(). It can be considered by now to be the LINUX file system. the process unregisters the file structure from asynchronous messaging. Although this allowed partitions of up to 2 Gbytes and filenames up to 255 characters. Its return values are the same as for check_media_change0. A file system which is now little used was Xia file system. Ext2 File System The ext2 or second extended filesystem is a file system for the Linux kernel. as it is used in most LINUX systems and distributions. to restore the consistency of a block device. If on is not set. However. The canonical implementation of ext2 is the ext2fs filesystem driver in the Linux kernel LINUX was initially developed under MINIX. • check_media_change(dev) This function is only relevant to block devices supporting changeable media. such as the number of blocks. . and then calls revalidate().

Block sizes can typically be 1024. The target name is not stored in a data block but in the inode itself. Ext2fs provides long file names. Normally. This allows the administrator to recover easily from situations where user processes fill up filesystems. Our goal was to provide a powerful filesystem. so as blocks get bigger. A mount option allows the administrator to choose the file creation semantics. new files inherit the group id of the directory and subdirectories inherit the group id and the setgid bit. On the other hand. in the other case. System V semantics are a bit more complex: if a directory has the setgid bit set. In the later case. but not least. Thus. more space is wasted in the last block of each file. which implements Unix file semantics and offers advanced features. It uses variable length directory entries. the last block allocated to a file is only half full. Ext2fs had to include provision for extensions to allow users to benefit from new features without reformatting their filesystem. files and subdirectories are created with the primary group id of the calling process. files are created with the same group id as their parent directory. This policy can save some disk space (no data block needs to be allocated) and speeds up link operations . we wanted to Ext2fs to have excellent performance. device special files and symbolic links. Using big block sizes can speed up I/O since fewer I/O requests. 5% of the blocks are reserved. it is now possible to use big disks without the need of creating many partitions. We also wanted to provide a very robust filesystem in order to reduce the risk of data loss in intensive use. A fast symbolic link does not use any data block on the filesystem. most of the advantages of larger block sizes are obtained by Ext2 filesystem's preallocation techniques (see section Performance optimizations). BSD or System V Release 4 semantics can be selected at mount time. Ext2fs reserves some blocks for the super user (root). Ext2fs supports some extensions which are not usually present in Unix filesystems. Ext2fs allows the administrator to choose the logical block size when creating the filesystem. 2048 and 4096 bytes. Ext2fs is able to manage filesystems created on really big partitions. File attributes allow the users to modify the kernel behavior when acting on a set of files. One can set attributes on a file or on a directory. In addition. Ext2fs implements fast symbolic links. big blocks waste more disk space: on the average. and thus fewer disk head seeks. This limit could be extended to 1012 if needed. need to be done to access a file. Last. ``Standard'' Ext2fs features The Ext2fs supports standard Unix file types: regular files.The Second Extended File system (EXT2) structure Motivations The Second Extended File System has been designed and implemented to fix some problems present in the first Extended File System. On a filesystem mounted with BSD semantics. The maximal file name size is 255 characters. recent work in the VFS layer have raised this limit to 4 TB. directories. ``Advanced'' Ext2fs features In addition to the standard Unix features. While the original kernel code restricted the maximal filesystem size to 2 GB. Of course. new files created in the directory inherit these attributes.

make the kernel panic and reboot to run the filesystem checker. A mount counter is maintained in the superblock. An attribute allows the users to request secure deletion on files. Like immutable files. the checker ignores the filesystem state and forces a filesystem check.  the maximal mount count. Block groups are not tied to the physical layout of the blocks on the disk. Block . Ext2 Physical File Structure The physical file structure of Ext2 filesystems is made up of block groups. so Ext2fs provides two ways to force checks at regular intervals. Immutable files can only be read: nobody can write or delete them. Ext2fs offers tools to tune the filesystem behavior.. Ext2fs keeps track of the filesystem state. the space available in the inode is limited so not every link can be implemented as a fast symbolic link. When it reaches a maximal value (also recorded in the superblock). The kernel code also records errors in this field. A special field in the superblock is used by the kernel code to indicate the status of the file system. the filesystem is marked as ``Erroneous'' and one of the three following actions can be done: continue normal execution. This prevents malicious people from gaining access to the previous content of the file by using a disk editor. When such a file is deleted. its state is reset to ``Clean''.(there is no need to read a data block when accessing such a link). they cannot be deleted or renamed. This is especially useful for log files which can only grow. random data is written in the disk blocks previously allocated to the file. When it is unmounted or remounted in read-only mode.. The physical structure of a filesystem is represented in this table: Boot Block Block . A last check time and a maximal check interval are also maintained in the superblock. Mount options can also be used to change the kernel error behavior. Append-only files can be opened in write mode but data is always appended at the end of the file. When an inconsistency is detected by the kernel code. Always skipping filesystem checks may sometimes be dangerous. When an inconsistency is detected by the kernel code. Of course. since modern drives tend to be optimized for sequential access and hide their physical geometry to the operating system. Each time the filesystem is mounted in read/write mode.  the maximal check interval. This can be used to protect sensitive configuration files. These two fields allow the administrator to request periodical checks. its state is set to ``Not Clean''. The maximal size of the target name in a fast symbolic link is 60 characters. the filesystem checker uses this information to decide if a filesystem must be checked. At boot time. this counter is incremented. When the maximal check interval has been reached. the filesystem checker forces the check even if the filesystem is ``Clean''. the filesystem is marked as ``Erroneous''. When a filesystem is mounted in read/write mode. The tune2fs program can be used to modify:  the error behavior. remount the filesystem in read-only mode to avoid corrupting the filesystem.  the number of logical blocks reserved for the super user.

Readaheads are normally performed during sequential reads on files and Ext2fs extends them to directory reads. Ext2fs. This structure also helps to get good performances: by reducing the distance between the inode table and the data blocks. The structure of a directory entry is shown in this table: inode number entry length name length filename As an example. The structure of a block group is represented in this table: Super Block FS descriptors Block Bitmap Inode Bitmap Inode Table Data Blocks Using block groups is a big win in terms of reliability: since the control structures are replicated in each block group. and f2: i1 i2 i3 16 40 05 14 12 file1 long_file_name 02 f2 Performance optimizations The Ext2fs kernel code contains many performance optimizations. long_file_name. the entry length.. Each entry contains the inode number.Sector Group 1 Group 2 . . either explicit reads (readdir(2) calls) or implicit ones (namei kernel directory lookup). the file name and its length. When writing data to a file. By using variable length entries. which tend to improve I/O speed when reading and writing files. This way. directories In Ext2fs. it tries to ensure that the next block to read will already be loaded into the buffer cache. it is possible to implement long file names without wasting disk space in directories. an inode bitmap. Ext2fs takes advantage of the buffer cache management by performing readaheads: when a block has to be read. Ext2fs preallocates up to 8 adjacent blocks when allocating a new block. it is easy to recover from a filesystem where the superblock has been corrupted. The next table represents the structure of a directory containing three files: file1. This preallocation achieves good write performances under heavy load. thus it speeds up the future sequential reads. Preallocation hit rates are around 75% even on very full filesystems. a piece of the inode table. Ext2fs also contains many allocation optimizations.. and data blocks). This is intended to reduce the disk head seeks made when the kernel reads an inode and its data blocks. Group N Each block group contains a redundant copy of crucial filesystem control informations (superblock and the filesystem descriptors) and also contains a part of the filesystem (a block bitmap. It also allows contiguous blocks to be allocated to files. it is possible to reduce the disk head seeks during I/O on files. the kernel code requests the I/O on several contiguous blocks. Block groups are used to cluster together related inodes and data: the kernel code always tries to allocate data blocks for a file in the same group as its inode. directories are managed as linked lists of variable length entries.

Developed by Rémy Card. Ext2  Ext2 stands for second extended file system.15 ext3 was available. as it doesn’t need to do the over head of journaling.  Ext2 does not have journaling feature. Metadata might be journaled either before or after the content is written to the disk.  The main benefit of ext3 is that it allows journaling.4.  On flash drives. When the system crashes.  It was introduced in 2001. Metadata are journaled only after writing the content to disk. the possibility of file system corruption is less because of journaling. Difference between ext2 and ext3 FS. ext4 file systems. ext2.  Maximum individual file size can be from 16 GB to 2 TB  Overall ext2 file system size can be from 2 TB to 32 TB Ext3  Ext3 stands for third extended file system.  Starting from Linux Kernel 2. o Ordered – Only metadata is saved in the journal. You can convert a ext2 file system to ext3 file system directly (without backup/restore).  Journaling has a dedicated area in the file system. ext2 is recommended.  Maximum individual file size can be from 16 GB to 2 TB  Overall ext3 file system size can be from 2 TB to 32 TB  There are three types of journaling available in ext3 file system.These two allocation optimizations produce a very good locality of:  related files through block groups  related blocks through the 8 bits clustering of block allocations. o Writeback – Only metadata is saved in the journal.  This was developed to overcome the limitation of the original ext file system. Overview of Ext3.  o Journal – Metadata and content are saved in the journal.  It was introduced in 1993. where all the changes are tracked. This is the default. Developed by Stephen Tweedie. . ext3 and ext4 are all filesystems created for Linux. usb drives.

 It was introduced in 2008. delayed allocation.a single person who owns the file.19 ext4 was available. etc.  Directory can contain a maximum of may execute or run the file if it is a program or script.000 in ext3)  You can also mount an existing ext3 fs as ext4 fs (without having to upgrade it). Now let's see how we can view and change them. Three persmissions and three groups of may change the contents of the may view the contents of the file.everyone else who is not in the group or the owner. read.8-File Permission:Linux permissions dictate 3 things you may do with a file. (typically the person who created the file but ownership may be granted to some one else by certain users)  group . View Permissions To view permissions for a file we use the long listing option for the command ls. write and execute.Ext4  Ext4 stands for fourth extended file system. 1.  Supports huge individual file size and overall file system size. fast fsck.  In ext4. 1 EB = 1024 PB (petabyte).  owner . 1 PB = 1024 TB (terabyte).  w write . That's about all there is to permissions really.000 subdirectories (as opposed to 32. They are referred to in Linux by a single letter each.  others .  Starting from Linux Kernel 2.  Several other new features are introduced in ext4: multiblock allocation.  x execute . . All you need to know is that these new features have improved the performance and reliability of the filesystem when compared to ext3. you also have the option of turning the journaling feature “off”.  r read . For every file we define 3 sets of people for whom we may specify permissions. journal checksum.  Maximum individual file size can be from 16 GB to 16 TB  Overall maximum ext4 file system size is 1 EB (exabyte).every file belongs to a single group.

write ( w ) or execute ( x ) The following examples will make their usage clearer. Note that the order of permissions is always read.png 2. chmod [permissions] [path] chmod has permission arguments that are made up of 3 components  Who are we changing the permission for? [ugoa] . ls -l /home/ryan/linuxtutorialwork/frog. In the above example the first 10 characters of the output are what we look at to identify permissions. If it is a dash ( . all  Are we granting or revoking the permission . In this example the group has the ability to read but not write or execute.) then it is a normal file. . A letter represents the presence of a permission and a dash ( . -rwxr----x 1 harry users 2.  Finally the last 3 characters represent the permissions for others (or everyone else).  The first character identifies the file -l [path] 1.user (or owner). then write then execute. If it is a d then it is a directory.  The following 3 characters represent the persmissions for the owner. others. Grant the execute permission to the ( r ). group. In this example the owner has all permissions (read. In this example they have the execute permission and nothing else.)  Which permission are we setting? .7K Jan 4 07:32 /home/ryan/linuxtutorialwork/frog. Change Permissions To change permissions on a file or directory we use a command called chmod It stands for change file mode bits which is a bit of a mouthfull but think of the mode bits as the permission indicators. Then remove the write permission for the owner. write and execute).  The following 3 characters represent the permissions for the group.png 3.) represents the absence of a permission.indicated with either a plus ( + ) or minus ( .

7K Jan 4 07:32 frog.png 11. 8.png 5.7K Jan 4 07:32 frog.png 9.1.png 5. -rwxrw---.png 3. Maybe we have a file with data in it we wish not to accidentally change for instance. It may seem odd that as the owner of a file we can remove our ability to read. -rwxrwx--x 1 harry users 2. -rwxr----x 1 harry users 2. chmod g+wx frog.png 3.png 6.png 7. write and execute that file but there are valid reasons we may wish to do this.7K Jan 4 07:32 frog. chmod g+x frog. 4. chmod u-w frog.7K Jan 4 07:32 frog.7K Jan 4 07:32 frog. ls -l frog. . Don't want to assign permissions individually? We can assign multiple permissions at once. we may not remove our ability to set those permissions and as such we always have control over every file under our ownership.png 7.png 2. -rwxr----x 1 harry users 2. ls -l frog.png 10. 1. 8. ls -l frog. chmod go-x frog.png 2.png 9.7K Jan 4 07:32 frog. While we may remove these permissions. 4.png 10.png 6. -rwxr-x--x 1 harry users 2. ls -l frog. ls -l frog.png 11.1 harry users 2. -r-xr-x--x 1 harry users 2. ls -l frog.

or root.And you know that normally user whose uid and gid is above their umask is 002.sshd) uid and gid (1-499) 3.). the PATH for a super user does’t include the current directory(.Super user (root) uid and gid =0 2.Regular user (what u create with useradd cmd) uid and gid (500<) [Note: If you assign uid below to 500 like between 1 to 100 it means that user umask will be 022 like root.] Super User:The super user is also known as system administrator. It is given full and complete access to all system resources or the "superuser". root: The system administrator’s login The superuser. is a special user account used for system administration.System user ( and managing disk space to performing backups. . you are placed in root’s home directory. The root password is required to become root. It is also used to describe the directory named "/"as in. "the root directory" . One can become root by either logging in as user "root" or by typing "su" within a normal user's login session. Its password is set at the time of installation of the Linux and has to be logged in : login: root password: The prompt of root is #. unlike $ used by non privileged users. The job of system administrator involves the management of the entire system-ranging from maintaining user accounts. Once you logged in as root.1. Linux uses Bash shell for normal and system administrative activities. This directory can be / or /root.This account need not to be separately created but comes with every syatem.9-User Management:Types of Users.Powers of Root:There are three type of user accounts1. Since the super user has to constantly navigate the file system.

A user with sudo rights to use the su command can become root. He can delete any file even if the directory is write protected  Installing and configuring servers  Installing and configuring application software  Creating and maintaining user accounts  Backing up and restoring files  Monitoring and tuning performance . you become super or root user. To be in root’s home directory on super user login. but they only need to know their own password.recreates the user’s environment without taking the login-password route: su – henry This sequence executes henry’s profile. Type su command as follows: $ su – Output: Password: <TYPE ROOT PASSWORD> # Once you typed the root user password. not that of root as seen here. Tip: typing "su . It is highly recommend that you use argument this mode is terminated by hitting ctrl+d or exit Becoming root for a Complete Login Session The su command allows a regular user to become the system's root user if they know the root password. and temporarily creates henry’s environment. use su-l Creating User’s environment su when used with a . It is used is used to become another user during a login session or to login as super user. Su runs a separate subshell. It is used to provide an environment similar to what the user root would expect had the user logged in directly. su defaults to becoming the super user.SU : ACQUIRING SUPERUSER LOGIN – HOW TO BECOME SUPERUSER IN LINUX Under Linux you use command called su . If invoked without a username. the session behaves the same as though user root had actually logged in to begin with. Power of Root User:The superuser has enormous powers including the following:  Can change the contents or attributes of any file like its permissions and ownership. someuser@u-bigboy:~$ sudo su Password: root@u-bigboy:~# Some systems administrators will use sudo to grant root privileges to their own personal user account without the need to provide a password." instead of "su" actually changes the login session to that of su command.

/usr/bin/etc/sbin etc )and the files written in them are protected. Files and devices may be granted access based on a users ID or group ID. sgid.   Address all users concurrently on the wall # wall The machine will be shut down today at 14:30 hrs. and the sticky bit  Change the file creation mask  Grant file access to group members Linux groups are a mechanism to manage a collection of computer system users. All Linux users have a user ID and a group ID and a unique numerical identification number called a userid (UID) and a groupid (GID) respectively.  To configure I/O devices like – a scanner or a TV tuner card. Examples of various functions performed by the super user to configure the system  Set the system clock with date command date -s "11/20/2003 12:48:00" Set the date to the date and time shown.Managing Users Adding User . Ctrl+d Limit the maximum size of files that users are permitted to create with ulimit Ulimit 20971510 (measured in 512. 1. privilege and access purpose. It is the foundation of Linux security and access.byte blocks) This statement can be placed in /etc/profile MAINTAINING SECURITY As system administrator .10. Groups can be assigned to logically tie users together for a common security. for example.  To configure system services like – a web or FTP have to ensure that the system directories (/bin. Manage file permissions and ownership  Manage access permissions on both regular and special files as well as directories  Maintain security using access modes such as suid. Configuring a secure system  Using tools to monitor security  Initiate or kill any process.

It is better to choose shadow passwords and. Usually. Where there are many users to manage.  Numeric group id. which lists all valid usernames and their associated information. Usually.  Previously this was where the user's password was stored.  home defines the home directory of that user. in that case. you should keep in mind that it has to exist. for users.  Numeric user id. It's a numerical value that is bound to a user.  Full name or other description of account.  Login shell (program to run at login) Each entry has the following fields: user:password:UID:GID:comment:home:shell  user is the username that is used for logging or by programs. The username is case sensitive on Linux systems and it is recommended to keep the special characters out of it. /etc/passwd file has several entries that are actually users for programs that need to control processes or need "special" access to the filesystem. /etc/passwd and other informative files The basic user database in a Linux system is the text file.  comment is a field that holds text information about a user. /etc/passwd (called the password file). The default encryption algorithm used is considered rather poor today.  Home directory. Both the UID and the GID are very important for filesystem security. the UID is greater than 100. To assign a password for that user use the command passwd bart.The easiest way to add a new user is to use the useradd command like this: useradd bart.  GID is the group ID for the primary group of the user. This field identifies the primary group to which a user belongs. This directory is created automatically by the useradd command. The UID has to be unique and should have a value between 0 and 4 mil. All the files in a Linux system have an UID. For every user. We have now created a new user called bart. If you want to change it from here. there is at least a GID. Note that a user can be assigned to several groups. the comment field can really come in handy. the e-mail address or whatever you like. . This is also a numerical value and to root. This UID determines the ownership of files and processes. The passwd command encrypts the passwords and stores them in that field. you add here the name of the user but you can also add the phone number.  UID is the user ID. also has the value 0. For the root user is always 0.  password is the field where the encrypted password is stored in. and is divided into seven colon-delimited fields:  Username. the field will remain blank and all the passwords will be stored in the /etc/shadow file. The file has one line per username.

enter: . Changing group ownership of files. The default should be more than ok most of the time. devices: chown / chgrp chown: This command is used by root (system superuser) only. enter: # userdel vivek To remove the user's home directory pass the -r option to userdel. directories. shell is the shell that will be used by the user. The userdel command must be run as root user. the group ownership of a file. the default group association is the group id of user. directory or device can be changed with the "chown" command:  Change the ownership of the file to the group "accounting": chown :accounting filename  Command format: chown user:group filename chgrp: This command is used by any system user who is a member of multiple groups. Linux: Delete / Remove User Account You need to use the userdel command to delete a user account and related files from user account. If he wishes to change it to another group of which he is a member issue the command: chgrp new-group-id file-name If the user is not a member of the group then a password is required. As root. If the user creates a file. The syntax is as follows: userdel userName userdel Example To remove the user vivek account from the local system / server / workstation. Accounts created for people will have assigned the bash shell and the accounts created for programs will have no login which is a nice trick for disallowing logins with that user.

enter # find /var/spool/at/ -name "[^.tar.$now.# userdel -r vivek The above command will remove all files along with the home directory itself and the user's mail spool.$uid. $now with actual UID and date/time. enter: # crontab -r -u vivek . Complete Example The following is recommend procedure to delete a user from the Linux server. userdel command will not allow you to remove an account if the user is currently logged in. enter: # userdel -r vivek Delete at jobs. enter: # passwd -l username Backup files from /home/vivek to /nas/backup # tar -zcvf /nas/backup/account/deleted/v/vivek. enter: # pgrep -u vivek # ps -fp $(pgrep -u vivek) # killall -KILL -u vivek To delete user account called vivek.gz /home/vivek/ Please replace $uid. You must kill any running processes which belong to an account that you are deleting.]*" -type f -user vivek -delete To remove cron jobs. First. lock user account. Please note that files located in other file systems will have to be searched for and deleted manually.

Some open source software is available within the public domain. typically all the underlying source code can be used. freely modified. change. enter: # find / -user vivek -print You can find file owned by a user called vivek and change its ownership as follows: # find / -user vivek -exec chown newUserName:newGroupName {} \. By contrast. enter: # lprm vivek To find all files owned by user vivek. by anyone under licenses such as the GNU General Public License. Typically Linux is packaged in a format known as a Linux distribution for desktop and server use. Other Topics of Unit-1 Open-source software (OSS) is computer software that is available in source code form: the source code and certain other rights normally reserved for copyright holders are provided under a software license that permits users to study. improve and at times also to distribute the software. . and redistributed. The development of Linux is one of the most prominent examples of free and open source software collaboration.To remove print jobs. the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. Linux Licensing The licenses for most software are designed to take away your freedom to share and change it. both commercially and non-commercially.

or the updates will have been marked as not yet fully committed.  The most commonly used journaling filesystem for Linux is the third extended filesystem (ext3fs). we are referring to freedom. in which case the system will read the journal. which can be rolled up to the most recent point of data consistency.  Such shutdowns are usually due to an interruption of the power supply or to a software problem that cannot be resolved without a rebooting.This General Public License applies to most of the Free Software Foundation's software.. HDD checks during rebooting after a system crash can take many minutes. although some data may be lost.  This is far faster than a scan of the entire HDD when rebooting.  Also featured is the ability for ext2 partitions to be converted to ext3 and vice-versa without any need for backing up the data and repartitioning. in which case there is no problem. not price. . Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software that you receive source code or can get it if you want it.  Moreover. a given set of updates may have either been fully committed to the filesystem (i.16 (released in January 1993). or even hours in the case of large HDDs with capacities of hundreds of gigabytes. that you can change the software or use pieces of it in new free programs. written to the HDD). and it provides the same high degree of reliability because of the exhaustively fieldproven nature of its underlying ext2.  Journaling filesystems write metadata (i.e. a journaling filesystem typically allows a computer to be rebooted much more quickly after a system crash. it is sometimes necessary for intervention by a skilled technician to answer complicated questions about how to repair certain filesystem problems. data about files and directories) into the journal that is flushed to the HDD before each command returns.  In the event of a system crash.  In the case of non-journaling filesystems. Journaling: A journaling file system is a fault-resilient file system in which data integrity is ensured because updates to directories and bitmaps are constantly written to a serial log on disk before the original disk log is updated. if an inconsistency in the data is found.  Thus.  A journaling filesystem is a filesystem that maintains a special file called a journal that is used to repair any inconsistencies that occur as the result of an improper shutdown of a computer. When we speak of free software. which was added to the kernel from version 2. and it guarantees that the structure of the filesystem is always internally consistent.  It is basically an extension of ext2fs to which a journaling capability has been added.  Such downtime can be very costly in the case of big systems used by large organizations.e..4.

In an embedded target. or reset. If necessary. a splash screen is commonly displayed. the second-stage boot loader checks the system hardware. these boot monitors perform some level of system test and hardware initialization. At this stage. When the images are loaded. This boot loader is less than 512 bytes in length (a single sector). When complete. 4. When a boot device is found. the second-stage boot loader passes control to the kernel image and the kernel is decompressed and initialized. When a system is first booted. an ext3 partition can even be mounted by an older kernel that has no ext3 support. the first user-space program (init) starts. System startup The system startup stage depends on the hardware that Linux is being booted on. enumerates the attached hardware devices. When the second-stage boot loader is in RAM and executing. 6. In a personal computer (PC). . Now let's explore some of the details of the Linux boot process. The Linux boot process 1. That's Linux boot in a nutshell. and high-level system initialization is performed.and second-stage boot loaders. and Linux and an optional initial RAM disk (temporary root file system) are loaded into memory. and then loads the necessary kernel modules. mounts the root device. or is reset. which is stored in flash memory on the motherboard. In addition to having the ability to store and boot a Linux image. 3. these boot monitors commonly cover both the first. 2. A bootstrap environment is used when the system is powered on. 5. this is because it would be seen as just another normal ext2 partition and the journal would be ignored. the processor executes code at a well-known location. and its job is to load the second-stage boot loader. this location is in the basic input/output system (BIOS). the first-stage boot loader is loaded into RAM and executed.

When this is verified. the BIOS yields control to it. it scans the remaining partitions in the table to ensure that they're all inactive. The MBR ends with two bytes that are defined as the magic number (0xAA55). The job of the primary boot loader is to find and load the secondary boot loader (stage 2) by looking through the partition table for an active partition. which contains a record for each of four partitions (sixteen bytes each). The magic number serves as a validation check of the MBR. The MBR is a 512-byte sector. The first 446 bytes are the primary boot loader. where the Master Boot Record (MBR) contains the primary boot loader. Anatomy of the MBR . Linux is booted from a hard disk. The next sixty-four bytes are the partition table. After the MBR is loaded into RAM.Commonly. the active partition's boot record is read from the device into RAM and executed. Figure . located in the first sector on the disk. When it finds an active partition. Stage 1 boot loader The primary boot loader that resides in the MBR is a 512-byte image containing both program code and a small partition table (see Figure ). which contains both executable code and error message text.

the kernel checks what other hardware there is and configures some of its device drivers appropriately 3. LILO will read the file "/etc/lilo. The Linux kernel is installed compressed. Init will start the services setup in the system. The configuration file tells LILO where it should place its boot loader. 2. or any time with rdev or LILO. The init process reads the file "/etc/inittab" and uses this file to determine how to create processes. Then the kernel will try to mount the root file system(read-only). by default is read by LILO. 5. Both allow users—root users—to boot into single-user-mode. 4. The first. LILO and GRUB: Boot Loaders Made Simple LILO (Linux Loader) and GRUB (GRand Unified Bootloader) are both configured as a primary boot loader (installed on the MBR) or secondary boot loader (installed onto a bootable partition). 1. so it will first uncompress itself. and other information. a similar process also occurrs. LILO LILO comes as standard on all distributions of Linux. In general. What is LILO? LILO is the Linux Loader. or second-stage. . LILO will give the user a choice of booting from any label included in this file. To work with LILO an administrator edits the file /etc/lilo. the most popular boot loader for Linux. The file system type is detected automatically. MBR Vs.conf". The task at this stage is to load the Linux kernel and optional initial RAM disk. Normally LILO is initially configured for you during the Linux installation process.and second-stage boot loaders combined are called Linux Loader (LILO) or GRand Unified Bootloader (GRUB) in the x86 PC environment. The place is configurable at compilation time. After this the kernel starts the program "init" (located in /sbin/init) in the background (process number 1). It is used to load Linux into memory and start the operating system. Linux Startup Process using LILO Note: If using Grub. boot loader could be more aptly called the kernel loader. init is always running and can dynamically do things . Root Partition The configuration file. you can either specify the master boot record (MBR) on the first physical disk (/dev/hda) or the root partition of your Linux installation (/dev/hda1 or /dev/hda2). where LILO should be installed.Stage 2 boot loader The secondary. After this.conf to set a default partition to boot.The administrator can also cause it to dynamically change system processes and run levels by using the telinit program or editing the "/etc/inittab" file.

If LILO fails at some point. This condition usually indicates a media failure or bad disk parameters in the BIOS. except for the image= line and possibly the root= line. type: # /sbin/lilo –v -v LILO Configuration File Given below is a sample /etc/lilo. Detailed explanation follows. This can be caused by bad disk parameters in the BIOS. LILThe descriptor table is corrupt. LI The first stage boot loader was able to load the second stage boot loader. you are in the second stage. The two-digit error codes indicate the type of problem.conf File The sample lilo. This is typically caused by a media failure or by bad disk parameters in the BIOS. If you are starting with LILO. This can be caused by bad disk parameters in the BIOS. LILO with WIN XP If you have WINXP installed to MBR on your hard drive. but it can't load the descriptor table from the map file. but it can't load the second stage boot loader.conf file shown below is for a typical dual-boot configuration. You can probably use this as-is. The /etc/lilo. The boot media is incorrect or faulty. When you see the LILO prompt. L The first stage boot loader has been loaded and started.The first stage of loading LILO is completed when LILO brings up in order of the each of the letters—L-I-L-O. the letters printed so far can be used to identify the problem. If you want to boot up Linux. LIL? The second stage boot loader has been loaded at an incorrect address. After you install LILO on your system. you must mark the LILO partition as bootable.conf file. (nothing) No part of LILO has been loaded.b compact prompt . you can begin editing the configuration file. This is typically caused by bad disk parameters in the BIOS. depending on where Linux was installed. LILO All parts of LILO have been successfully loaded. Each letter is printed before or after some specific action. boot=/dev/hda map=/boot/map install=/boot/boot. LILO either isn't installed or the partition on which its boot sector is located isn't active. you can make it take over your MBR. LIL The second stage boot loader has been started. but has failed to execute it. When LILO loads itself it displays the word “LILO”. with Windows installed on the first partition and Linux on the second. install LILO to the root partition instead of the MBR. As a root user.

label=linux: The name that is used to identify this image at the LILO: boot prompt. It is given the value of the partition where this other operating system lives. Typing this name will select this image.0. Don't mess with it. In that case. which means LILO will control the boot process of all operating systems from the start. When a configuration file is configured incorrectly. unless you specify otherwise. the system reverts to the command-line prompts. install=/boot/boot.36: The name of a Linux kernel for LILO to boot.36 label=linux root=/dev/hda2 read-only other=/dev/hda1 label=win boot=/dev/hda: Tells LILO where to install the bootloader. map=/boot/map: The map file is automatically generated by LILO and is used internally. and booting Linux would require setting the Linux partition active using fdisk. image=/boot/vmlinuz-2. it is going into the master boot record of the first hard drive. gives you a way to refer to this section.timeout=50 image=/boot/vmlinuz-2. In this case. The first image listed in the file is the default. compact: Makes LILO read the hard drive faster. It will be remounted as read-write later in the boot process. so that the Linux kernel can mount it at boot time. measured in tenths of a second.0. timeout=50: Tells LILO how long to wait at the prompt before booting the default operating system. MBR Vs. This file contains the "bootstrap" code that starts your operating system. Root Partition .b: Tells LILO what to use as the new boot sector. It could also have been /dev/hda2. read-only: Tells LILO to instruct the Linux kernel to initially mount the root file system as readonly. root=/dev/hda2: Tells LILO where the root (/) file system is (where Linux lives). the DOS bootloader would need to be in the master boot record. the boot sector of the Linux partition. This is the normal method of booting other=/dev/hda1: other tells LILO to boot an operating system other than Linux. GRUB GRUB combines installations with one install command and allows for MD5 encryption of passwords. The configuration shown waits for 5 seconds. label=win: Same as the label above. prompt: Tells LILO to prompt us at boot time to choose an operating system or enter parameters for the Linux kernel.

2)/boot/grub/menu.2)/boot/grub/menu. the stage two image is installed: (hd1. After you install GRUB.23-13.2)/boot/grub/stage1 (hd1) What this says is that GRUB is installing the first stage image on the third partition of the second disk (Linux).conf file.6.0) chainloader +1  The default = option tells GRUB which image to boot by default after the timeout period. install GRUB to the root partition instead of the MBR.2)/grub/splash.conf GRUB Configuration File Given below is a sample /boot/grub/grub. you can use the GRUB command grub> install (hd1. you can make it take over your MBR.2)/boot/grub/stage2 Finally.2) kernel /vmlinuz-2.xpm. the installation is complete with the optional location of the configuration file: p (hd1.23-13 ro root=LABEL=/ initrd /initrd-2. default=0 timeout=10 splashimage=(hd1.conf Let's take a look at the installation of the first stage in the install command: install (hd1.6.2)/boot/grub/stage2 p (hd1.gz password --md5 [encrypted password] title Linux password --md5 [encrypted password] root (hd1. In the second part of the command. .img title Windows XP password --md5 [encrypted password] rootnoverify (hd0.If you have WINXP installed to MBR on your hard drive.It is also installing to MBR on this same disk. Do this at the prompt as a root user: # /boot/grub/grub Now.2)/boot/grub/stage1 (hd1) (hd1.

using the "grub-install" utility. Which Is Better? GRUB or LILO LILO is older and less powerful. Any changes made to grub. which anyone can read from the lilo. If LILO MBR is configured incorrectly. it will default to the GRUB command-line interface without risking of making the system unbootable. Both have a password protection feature with a difference. LILO has no interactive command interface and does not support booting from a network.conf are not read at boot time. start with LILO and then migrate to GRUB. It uses the blocklist notation to grab the first sector of the current partition with '+1'. the LILO system becomes unbootable. An administrator only needs to install GRUB once.LILO and GRUB allows users—the root users—to boot into single-user mode. The MBR needs to be "refreshed.conf file when booting.conf will be automatically used when the system is next booted. let's look into GRUB 1. The splashimage option specifies the location of the image for use as the background for the GRUB GUI. Ease in Locating configuration file -GRUB is a bit easier to administer because the GRUB loader is smart enough to locate the /boot/grub/grub. Security. To generate an md5 password. While GRUB allows for MD5 encrypted passwords. To work with LILO an administrator has many tasks to perform in addition to editing the configuration files.  The password option specified the MD-5 password to gain access to GRUB's interactive boot options. For the novice. . You can create separate passwords for each entry in the file. any changes made to lilo. Originally LILO did not include a GUI menu choice (but did provide a text user interface).conf file with the command cat /etc/lilo.  The initrd option specifies the file that will be loaded at boot time as the initial RAM disk. Interactive command interface-Like GRUB does. Because LILO has some disadvantages that were corrected in GRUB.  The chainloader+1 tells GRUB to use a chain loader to load Windows on the first partition of the first disk.conf.  The rootnoverify option tells GRUB to not try to vary the root of the OS. LILO manages only text passwords. Copy this into your grub-conf password—md5. In contrast. run the tool grub-md5-crypt as root. 3." 2. If the GRUB configuration file is configured incorrectly.