Files created using this format typically use the ".IMG" file extension.
>resides on the hard drive,
>but is recognized by the computer as a disc or hard disk when mounted.
Use
IMG files are used for:
* Digital storage, transmission, and replication of floppy disks.
* Mounting virtual floppy disk volumes.
Introduction to System Calls (I/O System Calls)
System Calls for I/O
The way that programs talk to the operating system is via ``system calls.'' -- it is a request to the operating system to perform some activity.
There are 5 basic system calls that Unix provides for file I/O.
Close() tells the operating system that you are done with a file descriptor
Read() tells the operating system to read "size" bytes from the file opened in file descriptor "fd", and to put those bytes into the location pointed to by "buf".
Write() is just like read(), only it writes the bytes instead of reading them. It returns the number of bytes actually written, which is almost invariably "size".
/*
This giving the input and taking o/p from computers ivloves lot of jagularies inside which we are not aware as os is providing it as a service to us. The reason the operating system controls I/O is for safety -- the computer must ensure that if my program has a bug in it, then it doesn't crash the system, and it doesn't mess up other people's programs that may be running at the same time or later. Thus, whenever you do disk or screen or network I/O, you must go through the operating system and use system calls.For efficiently and protection users cannot control I/O so this service cannot be provided by user-level programs.
All actions that you will perform on files will be done through the operating system. Whenever you want to do file I/O, you specify the file by its file descriptor. Thus, whenever you want to do file I/O on a specific file, you must first open that file to get a file descriptor.
The way that programs talk to the operating system is via ``system calls.'' -- it is a request to the operating system to perform some activity.
There are 5 basic system calls that Unix provides for file I/O.
1. int open(char *path, int flags [ , int mode ] );Open makes a request to the operating system to use a file
2. int close(int fd);
3. int read(int fd, char *buf, int size);
4. int write(int fd, char *buf, int size);
5. off_t lseek(int fd, off_t offset, int whence);
Close() tells the operating system that you are done with a file descriptor
Read() tells the operating system to read "size" bytes from the file opened in file descriptor "fd", and to put those bytes into the location pointed to by "buf".
Write() is just like read(), only it writes the bytes instead of reading them. It returns the number of bytes actually written, which is almost invariably "size".
/*
I/O Operations: U may be thinking What the hell this I/O operation is rite?????
Following are the five services provided by an operating systems to the convenience of the users.- Program Execution
- I/O Operations
- File System Manipulation
- Communications
- Error Detection
This giving the input and taking o/p from computers ivloves lot of jagularies inside which we are not aware as os is providing it as a service to us. The reason the operating system controls I/O is for safety -- the computer must ensure that if my program has a bug in it, then it doesn't crash the system, and it doesn't mess up other people's programs that may be running at the same time or later. Thus, whenever you do disk or screen or network I/O, you must go through the operating system and use system calls.For efficiently and protection users cannot control I/O so this service cannot be provided by user-level programs.
*/
Open
Open makes a request to the operating system to use a file. The 'path' argument specifies what file you would like to use, and the 'flags' and 'mode' arguments specify how you would like to use it. If the operating system approves your request, it will return a ``file descriptor'' to you. This is a non-negative integer. If it returns -1, then you have been denied access, and you have to check the value of the variable "errno" to determine why.All actions that you will perform on files will be done through the operating system. Whenever you want to do file I/O, you specify the file by its file descriptor. Thus, whenever you want to do file I/O on a specific file, you must first open that file to get a file descriptor.
Close
Close() tells the operating system that you are done with a file descriptor. The OS can then reuse that file descriptor. The file c1.c (say)shows some examples with opening and closing the file in1. You should look at it carefully, as it opens the file multiple times without closing it, which is perfectly legal in Unix.System Startup and the Kernel
System Startup
* The Linux System Startup handout covers the sequence of startup steps in detail. The important parts to keep in mind are: the bootloader (LILO or GRUB), kernel messages (visible using dmesg), the init process and the rc scripts, and the roles of /etc/profile, .bash_profile, and .bashrc.
Bootloaders
* LILO (LInux LOader) is the most common bootloader and the one installed in the lab.
* The configuration file for LILO is /etc/lilo.conf.
* The bootloader's job is to select an operating system/kernel version to load.
* Typically the OS will be Linux but it is possible to use LILO to boot MS-DOS or Windows 9x on dual-boot machines.
* LILO can also boot different versions of kernels that are installed on the machine.
* LILO is responsible for the Red Hat logo screen that appears while the machine is starting up. It can be configured to allow the user to choose an operating system and/or kernel version. There is usually a default option as well if the user doesn't make a selection in a given period of time.
* LILO cannot be used to dual-boot OS/2, Windows NT/2000/XP. Those operating systems have to be installed in the MBR (Master Boot Record) and so conflict with LILO if it too is installed in the MBR.
* It is possible to use WinNT/2K/XP as the "master" bootloader which in turn can call LILO on a Linux partition, but this can be tricky to configure. See the articles: Linux + Windows 95 mini-HOWTO, and NT OS Loader + Linux mini-HOWTO in the Resources section of this site for more information.
* GRUB (GRand Unified Bootloader) is another bootloader. It's part of the GNU Project.
* GRUB is much more flexible than LILO, but in most respects does exactly the same thing as LILO.
The init Process
* The init process is the master process in Linux. It has Process ID 1 (PID). init is responsible for launching all other processes.
* init is configured through the /etc/inittab file.
* init's job during startup is the following: set the default runlevel, run the rc.sysinit script (usually in /etc/rc.d), run the rc script (usually in /etc/rc.d), install an interrupt handler to catch Ctrl+Alt+Del sequences, and launch the tty processes that handle each of the virtual terminals. Each of these tty processes in turn runs the login process that is responsible for accepting the user's login name and password, and then launching the user's shell and running the /etc/profile script for global settings.
Runlevels
* A runlevel is a "mode of operation that provides a particular set of services."
* Linux has 7 runlevels: 0 through 6.
* Runlevels 0, 1, and 6 are standardized across distributions, but the meanings of the other runlevels can vary considerably.
* Runlevel 0: halts the system
* Runlevel 1: single-user text mode. Usually used to diagnose and repair serious problems.
* Runlevel 2: multi-user text mode without networking (Red Hat). Rarely used.
* Runlevel 3: multi-user text mode with networking (Red Hat). The usual runlevel for servers that don't use the X Windows GUI.
* Runlevel 4: not used (Red Hat)
* Runlevel 5: multi-user X Windows mode with networking (Red Hat). The usual runlevel for graphical workstations (as in the lab).
* Runlevel 6: reboots the system
* The runlevel program (in /sbin) displays the current and previous runlevels.
The rc Script
* The rc script (usually in /etc/rc.d) is called by init to launch the services depending on the current runlevel (also set by init).
* Simply put, rc runs all of the scripts in one of the /etc/rc.d/rcN.d directories (N = runlevel) in alphabetical order.
* In each rcN.d directory, there will be a number of files beginning with "K" (Kill) and "S" (Start). Following the K or S, a two digit number is used to precisely order the files. These files are usually symbolic links to scripts in the /etc/rc.d/init.d directory. Links are used so that multiple copies of script files don't have to be copied amongst the various runlevel directories. Each of these scripts is responsible for starting or stopping (killing) a service: printer daemons, web servers, databases, email, firewalls, etc.
* rc first runs all of the Kill scripts in order. This can be thought of as a "clean-up" operation for runlevels other than 0 and 6. As expected, the scripts listed in the rc0.d and rc6.d directories are mostly Kill scripts since there is very little that needs to be started when the system is shutting down.
* rc then runs all of the Start scripts in order.
* For runlevels 2 through 5, the last Start script is usually /etc/rc.d/rc.local. The rc.local script is a handy place to put any of your own service initialization for which you don't have a full startup script like those in the /etc/rc.d/init.d directory.
* The green "OK" messages that appear during startup (or shutdown) are produced as the rc scripts iterates through the rcN.d directory.
The Shell rc Scripts
* The /etc/profile script contains global settings for all users (including root). This is the place to put any special settings that apply to everyone (e.g. "safe" versions of rm, mv, and cp).
* The .bash_profile script (in the user's home directory) contains any settings that only apply to that particular user. .bash_profile is only run once when the user first logs in. It usually calls the .bashrc script to do most of the work.
* The .bashrc script (in the user's home directory) also contains user-specific settings, but it is run for every new shell the user opens. This is usually the best place to put personal settings.
Kernel
/boot
* The kernel is typically located in the /boot directory.
* The compressed version of the kernel is called "vmlinuz" ("vm" = Virtual Machine, "z" = Compressed/Zipped). This is usually a symbolic link to the full name of the compressed kernel which may include the kernel version number.
* Many different kernel versions may be in /boot. The vmlinuz link will usually point to the most recent one, but LILO can still be used to select any particular kernel during startup.
Compiling the Kernel
* While not common, it is possible to compile the kernel itself from source.
* The main reason for doing so is to trim away any unnecessary code, thereby producing a lean 'n' mean kernel that consumes less memory. This may be necessary to run Linux on a machine with limited hardware (esp memory).
* The sorts of things that can be pruned out of the kernel include: device drivers, floating-point emulation, SMP (multi-CPU) support, loadable modules, networking, PCI support, parallel port support, Plug 'n' Play card support, ISDN, sound, SCSI, etc.
Kernel Modules
* While Linux is thought of as a "monolithic" kernel (meaning that it is one big program with all of the device drivers built-in), recent versions of the kernel support loadable modules.
* These modules, usually device drivers, can be manually or automatically loaded as needed, rather than having to re-compile the kernel each time a new piece of hardware is added to the machine.
* The modules themselves are stored in the /lib/modules/kernel_version directory.
* The /boot/module-info file contains short descriptions of the modules installed on the system.
* The kerneld (replaced by kmod in more recent distributions) daemon process can automatically load or remove modules as they are needed.
* The /etc/modules.conf file (this used to be called conf.modules) lists the modules that should be loaded by the system during startup.
* The lsmod command lists modules currently loaded in the kernel. Non-root users can run this command, but may have to run it as /sbin/lsmod since it won't be in the user's path.
Shell
Environent Variables
* Linux makes extensive use of environment variables for configuration or personalization settings.
* By convention, environment variable names are always fully capitalized.
* When referring to an environment variable, the variable is prefixed with "$".
The Path
* Linux has the concept of a "path" very much like in Windows/MS-DOS. The path is a set of directories that the shell searches though to locate a command you enter on the command line.
* The current path is stored in the $PATH environent variable. Directories are separated by colons (:).
* Unlike MS-DOS, Linux does not consider the current working directory part of the path unless the "." directory is explicitly included in $PATH.
* To run a program or script in the current directory, the program name must be prefixed with "./" to indicate to the shell that you mean to execute the program in this directory.
* The current directory (.) is not usually included in $PATH for security reasons.
Aliases
* Aliases are handy synonyms for commands, or specific versions of commands.
* The current aliases can be listed by running the alias command without any parameters.
* Aliases can be deleted using the unalias command.
Quotes
* Single quotes (') and double quotes (") have slightly different meanings to the shell.
* Use single quotes to specify literal strings (i.e. the shell won't evaluate anything within the string).
* Use double quotes if you want environment variables within the string to be evaluated.
Redirection
* Most Linux programs can be thought of as possessing one input and two outputs. The input is called Standard Input. The outputs are called Standard Output and Standard Error.
* By default, both Standard Output and Standard Error are sent to the terminal screen.
* By using the output redirection operators, the output can be diverted to files, or elsewhere.
* > redirects Standard Output
* 1> also redirects Standard Output
* 2> redirects Standard Error
* &> redirects both Standard Output and Standard Error
* The output of programs can be redirected to a file, or perhaps /dev/null which just throws out anything it's given.
* If redirecting to a file, the file will be overwritten using the above operators. Use >> to append to the file.
Tarballs
* Large groups of files are usually distributed in what is called a compressed tarball format.
* A "tarball" is a file created using the tar command (Tape ARchiver) which can group together many files into a single archive file.
* The tar command does not compress its contents.
* Tarballs are usually identified by the filename suffix ".tar".
* The gzip (and gunzip) programs are used to compress (and uncompress) individual files or tarballs.
* A gzip-ed tarball usually has the suffix ".tar.gz", or ".tgz" for short.
* Examine the commands in the handout, or the man pages, for more details.
* The Linux System Startup handout covers the sequence of startup steps in detail. The important parts to keep in mind are: the bootloader (LILO or GRUB), kernel messages (visible using dmesg), the init process and the rc scripts, and the roles of /etc/profile, .bash_profile, and .bashrc.
Bootloaders
* LILO (LInux LOader) is the most common bootloader and the one installed in the lab.
* The configuration file for LILO is /etc/lilo.conf.
* The bootloader's job is to select an operating system/kernel version to load.
* Typically the OS will be Linux but it is possible to use LILO to boot MS-DOS or Windows 9x on dual-boot machines.
* LILO can also boot different versions of kernels that are installed on the machine.
* LILO is responsible for the Red Hat logo screen that appears while the machine is starting up. It can be configured to allow the user to choose an operating system and/or kernel version. There is usually a default option as well if the user doesn't make a selection in a given period of time.
* LILO cannot be used to dual-boot OS/2, Windows NT/2000/XP. Those operating systems have to be installed in the MBR (Master Boot Record) and so conflict with LILO if it too is installed in the MBR.
* It is possible to use WinNT/2K/XP as the "master" bootloader which in turn can call LILO on a Linux partition, but this can be tricky to configure. See the articles: Linux + Windows 95 mini-HOWTO, and NT OS Loader + Linux mini-HOWTO in the Resources section of this site for more information.
* GRUB (GRand Unified Bootloader) is another bootloader. It's part of the GNU Project.
* GRUB is much more flexible than LILO, but in most respects does exactly the same thing as LILO.
The init Process
* The init process is the master process in Linux. It has Process ID 1 (PID). init is responsible for launching all other processes.
* init is configured through the /etc/inittab file.
* init's job during startup is the following: set the default runlevel, run the rc.sysinit script (usually in /etc/rc.d), run the rc script (usually in /etc/rc.d), install an interrupt handler to catch Ctrl+Alt+Del sequences, and launch the tty processes that handle each of the virtual terminals. Each of these tty processes in turn runs the login process that is responsible for accepting the user's login name and password, and then launching the user's shell and running the /etc/profile script for global settings.
Runlevels
* A runlevel is a "mode of operation that provides a particular set of services."
* Linux has 7 runlevels: 0 through 6.
* Runlevels 0, 1, and 6 are standardized across distributions, but the meanings of the other runlevels can vary considerably.
* Runlevel 0: halts the system
* Runlevel 1: single-user text mode. Usually used to diagnose and repair serious problems.
* Runlevel 2: multi-user text mode without networking (Red Hat). Rarely used.
* Runlevel 3: multi-user text mode with networking (Red Hat). The usual runlevel for servers that don't use the X Windows GUI.
* Runlevel 4: not used (Red Hat)
* Runlevel 5: multi-user X Windows mode with networking (Red Hat). The usual runlevel for graphical workstations (as in the lab).
* Runlevel 6: reboots the system
* The runlevel program (in /sbin) displays the current and previous runlevels.
The rc Script
* The rc script (usually in /etc/rc.d) is called by init to launch the services depending on the current runlevel (also set by init).
* Simply put, rc runs all of the scripts in one of the /etc/rc.d/rcN.d directories (N = runlevel) in alphabetical order.
* In each rcN.d directory, there will be a number of files beginning with "K" (Kill) and "S" (Start). Following the K or S, a two digit number is used to precisely order the files. These files are usually symbolic links to scripts in the /etc/rc.d/init.d directory. Links are used so that multiple copies of script files don't have to be copied amongst the various runlevel directories. Each of these scripts is responsible for starting or stopping (killing) a service: printer daemons, web servers, databases, email, firewalls, etc.
* rc first runs all of the Kill scripts in order. This can be thought of as a "clean-up" operation for runlevels other than 0 and 6. As expected, the scripts listed in the rc0.d and rc6.d directories are mostly Kill scripts since there is very little that needs to be started when the system is shutting down.
* rc then runs all of the Start scripts in order.
* For runlevels 2 through 5, the last Start script is usually /etc/rc.d/rc.local. The rc.local script is a handy place to put any of your own service initialization for which you don't have a full startup script like those in the /etc/rc.d/init.d directory.
* The green "OK" messages that appear during startup (or shutdown) are produced as the rc scripts iterates through the rcN.d directory.
The Shell rc Scripts
* The /etc/profile script contains global settings for all users (including root). This is the place to put any special settings that apply to everyone (e.g. "safe" versions of rm, mv, and cp).
* The .bash_profile script (in the user's home directory) contains any settings that only apply to that particular user. .bash_profile is only run once when the user first logs in. It usually calls the .bashrc script to do most of the work.
* The .bashrc script (in the user's home directory) also contains user-specific settings, but it is run for every new shell the user opens. This is usually the best place to put personal settings.
Kernel
/boot
* The kernel is typically located in the /boot directory.
* The compressed version of the kernel is called "vmlinuz" ("vm" = Virtual Machine, "z" = Compressed/Zipped). This is usually a symbolic link to the full name of the compressed kernel which may include the kernel version number.
* Many different kernel versions may be in /boot. The vmlinuz link will usually point to the most recent one, but LILO can still be used to select any particular kernel during startup.
Compiling the Kernel
* While not common, it is possible to compile the kernel itself from source.
* The main reason for doing so is to trim away any unnecessary code, thereby producing a lean 'n' mean kernel that consumes less memory. This may be necessary to run Linux on a machine with limited hardware (esp memory).
* The sorts of things that can be pruned out of the kernel include: device drivers, floating-point emulation, SMP (multi-CPU) support, loadable modules, networking, PCI support, parallel port support, Plug 'n' Play card support, ISDN, sound, SCSI, etc.
Kernel Modules
* While Linux is thought of as a "monolithic" kernel (meaning that it is one big program with all of the device drivers built-in), recent versions of the kernel support loadable modules.
* These modules, usually device drivers, can be manually or automatically loaded as needed, rather than having to re-compile the kernel each time a new piece of hardware is added to the machine.
* The modules themselves are stored in the /lib/modules/kernel_version directory.
* The /boot/module-info file contains short descriptions of the modules installed on the system.
* The kerneld (replaced by kmod in more recent distributions) daemon process can automatically load or remove modules as they are needed.
* The /etc/modules.conf file (this used to be called conf.modules) lists the modules that should be loaded by the system during startup.
* The lsmod command lists modules currently loaded in the kernel. Non-root users can run this command, but may have to run it as /sbin/lsmod since it won't be in the user's path.
Shell
Environent Variables
* Linux makes extensive use of environment variables for configuration or personalization settings.
* By convention, environment variable names are always fully capitalized.
* When referring to an environment variable, the variable is prefixed with "$".
The Path
* Linux has the concept of a "path" very much like in Windows/MS-DOS. The path is a set of directories that the shell searches though to locate a command you enter on the command line.
* The current path is stored in the $PATH environent variable. Directories are separated by colons (:).
* Unlike MS-DOS, Linux does not consider the current working directory part of the path unless the "." directory is explicitly included in $PATH.
* To run a program or script in the current directory, the program name must be prefixed with "./" to indicate to the shell that you mean to execute the program in this directory.
* The current directory (.) is not usually included in $PATH for security reasons.
Aliases
* Aliases are handy synonyms for commands, or specific versions of commands.
* The current aliases can be listed by running the alias command without any parameters.
* Aliases can be deleted using the unalias command.
Quotes
* Single quotes (') and double quotes (") have slightly different meanings to the shell.
* Use single quotes to specify literal strings (i.e. the shell won't evaluate anything within the string).
* Use double quotes if you want environment variables within the string to be evaluated.
Redirection
* Most Linux programs can be thought of as possessing one input and two outputs. The input is called Standard Input. The outputs are called Standard Output and Standard Error.
* By default, both Standard Output and Standard Error are sent to the terminal screen.
* By using the output redirection operators, the output can be diverted to files, or elsewhere.
* > redirects Standard Output
* 1> also redirects Standard Output
* 2> redirects Standard Error
* &> redirects both Standard Output and Standard Error
* The output of programs can be redirected to a file, or perhaps /dev/null which just throws out anything it's given.
* If redirecting to a file, the file will be overwritten using the above operators. Use >> to append to the file.
Tarballs
* Large groups of files are usually distributed in what is called a compressed tarball format.
* A "tarball" is a file created using the tar command (Tape ARchiver) which can group together many files into a single archive file.
* The tar command does not compress its contents.
* Tarballs are usually identified by the filename suffix ".tar".
* The gzip (and gunzip) programs are used to compress (and uncompress) individual files or tarballs.
* A gzip-ed tarball usually has the suffix ".tar.gz", or ".tgz" for short.
* Examine the commands in the handout, or the man pages, for more details.
System Logs
- There are three main reasons for logging system activities:
- to monitor for security intrusions or attempts,
- to tweak performance based on historical system use,
- and to diagnose problems by checking the system state just before the problem occurred.
- Most Linux log files will be stored in /var/log. Certain programs may store logs elsewhere, but can typically be configured to use /var/log as well.
- The log files are all written with the same fields: date and time, host name, program name, and the message itself.
- Logs can also be stored on remote machines. This is useful for the following reasons: consolidates all of the logs into one place for easy monitoring, safeguard log entries from fatal disk failures on the local machine, and add an additional impediment to crackers who will typically want to change the log files to cover their tracks.
- For most programs, logging is managed by two daemons: klogd (kernel log daemon) and syslogd (system log daemon). These two daemons accept log messages from the kernel, and all other programs, respectively, and write them to the appropriate log file/device/remote machine, as directed by the /etc/syslog.conf configuration file.
- The kernel also logs boot-time messages. Because these messages are generated before the rc scripts have a chance to start either the klogd or syslogd daemons, the kernel writes these messages to the "kernel ring buffer". The kernel ring buffer is usally about 8K and size, and overwrites old messages as new ones are added. The dmesg command displays the contents of the kernel ring buffer. The Red Hat distribution also stores the contents of the kernel ring buffer as it exists immediately after system startup in the /var/log/dmesg file. This is so that an administrator can diagnose any boot-time problems even if the kernel ring buffer has long since overwritten all of those messages.
- The /etc/syslog.conf file has its own particular syntax. Each logging decision is phrased as "selector action" where the selector is made up of "facility.priority". The facility and priority codes are described in the syslog Facilities and Priorities handout. Multiple selectors can be placed on a single line, separated by semicolons. The action is either a device file name, a log file name, a remote machine designation, or the * character which means display the message on all user terminals.
- Either the facility code or the priority code can be replaced with a * which means match any facility or priority, respectively.
- The priority may also be "none" which means that no messages for the specified facility will be logged. This syntax is typically used to filter out certain facilities from an encompassing selector on the same line.
- When a priority is specified, it means that all priorities of that level and higher will be logged.
- A comma may be used to list multiple facilities for a single priority. This is just a notational shorthand.
- There are other ways to narrow down the exact priority level, but this won't be covered in the course.
syslog Facilities
A facility is a process category. The syslogd and klogd daemons may take different logging actions based on the facility of the process attempting to write a log entry.| Facility | Description |
|---|---|
| auth, security | User authentication messages. |
| auth-priv | Private user authentication messages. |
| cron | crond daemon messages. |
| daemon | Generic daemon messages. |
| kern | Kernel messages. |
| lpr | Printer daemon messages. |
| Mail daemon messages. | |
| news | News daemon messages. |
| syslog | System logging daemon messages. |
| user | User-process messages. |
| uucp | Unix-to-Unix-Copy networking messages. |
| localN | Special-purpose messages defined by certain applications or Linux distributions. N can be between 0 and 7. |
syslog Priorities
Each log message is assigned a priority. The following table describes all of the defined priority, in order from lowest to highest (most important).| Priority | Description |
|---|---|
| debug | Debugging messages used by programmers during software development. |
| info | Informational messages written during normal program execution. |
| notice | Noteworthy information messages. |
| warning, warn | Warnings about potential problems. |
| err, error | Notices of errors. |
| crit | Notices of errors that are serious enough to abnormally terminate the program. |
| alert | Notices of errors that may cause other processes to terminate, in addition to the process logging the message. |
| emerg, panic | Notices of errors that could potentially crash the kernel. |
Linux Startup Sequence
To trace the full startup sequence from hardware powerup to shell, we'll assume: x86 hardware, the boot manager is LILO installed in the MBR, the kernel is on the hard disk, the system normally starts in runlevel 3, the example user's shell is bash, and the system is not using X Windows. Other possibilities are indicated where appropriate.
Hardware
- When the computer power is turned on, a special circuit signals the RESET pin of the CPU.
- The CPU resets its registers and executes the code at a fixed address (0xFFFFFFF0), the starting point of the BIOS (Basic Input/Output System).
BIOS
- Executes the POST (Power-On Self-Test) and displays various banners on the monitor screen.
- Initializes the hardware devices and maps IRQs for PCI devices.
- Searches for an operating system to load (usually floppy disk then CD-ROM then hard disk).
- Copies first sector of operating system device into memory and begins execution.
LILO Bootloader
- Only part of LILO fits into the MBR (the first sector loaded by the BIOS) so its role is to load the rest of the bootloader code into memory and begin execution of that code. (If the system was booted from a floppy, a portion of the kernel itself is located in the first sector--enough to load the rest of the compressed kernel image into memory.)
- Displays a timed prompt for the user to choose a kernel to load.
- Loads the full kernel image into memory and begins execution at the setup() function entry point.
Kernel
- setup(): determines amount of RAM, initializes keyboard and mouse, initializes video adapter, looks up hard disk partitions, resets the FPU, maps the IRQ lines, switches the CPU from Real to Protected mode, and finally jumps to Part I of the startup_32() function.
- startup_32() Part I: decompresses the kernel, and jumps to the now uncompressed Part II of the startup_32() function.
- startup_32() Part II: initializes internal kernel tables, identifies the processor type, and then jumps to the start_kernel() function.
- start_kernel(): initializes the memory management tables, finalizes the interrupt tables, spawns the kernel threads (which are responsible for the dmesg messages as they complete the system initialization), and finally launches init as process ID (PID) 1.
init
- Reads the /etc/inittab configuration file.
- Sets the default runlevel.
- Runs the rc.sysinit script which: enables disk swapping, checks and mounts filesystems, and synchronizes the system time with the CMOS clock. The rc.sysinit script is responsible for the OK messages that appear during the startup before entering interactive/non-interactive mode.
- Runs the rc script, passing the runlevel as a parameter. The rc script in turn starts or stops all of the services in the approprate rcN.d directory in numerical order. Usually the rc.local script is run last. The rc script is responsible for the OK messages that appear during the startup after entering interactive/non-interactive mode.
- Installs the Ctrl+Alt+Del interrupt handler (usually a form of shutdown ).
- Starts the virtual terminals using a variant of the getty program which in turn run login to accept user logins.
login
- User logs in through one of the tty processes (virtual terminals).
- Authenticates the login and password against the /etc/passwd file.
- Runs the /etc/profile script to set global user settings.
- Sets the current working directory to the user's home directory (from /etc/passwd).
- Launches the user's preferred shell (from /etc/passwd).
bash
- Runs the .bash_profile script to set personalized shell settings. Typically .bash_profile in turn calls .bashrc for the bulk of the settings. On subsequent opening of subshells, only the .bashrc script is run.
- The command line prompt signals to the user that the shell is ready to accept commands.
User space and kernel space
When you write device drivers, it’s important to make the distinction between “user space” and “kernel space”.
* Kernel space. Linux (which is a kernel) manages the machine’s hardware in a simple and efficient manner, offering the user a simple and uniform programming interface. In the same way, the kernel, and in particular its device drivers, form a bridge or interface between the end-user/programmer and the hardware. Any subroutines or functions forming part of the kernel (modules and device drivers, for example) are considered to be part of kernel space.
* User space. End-user programs, like the UNIX shell or other GUI based applications (kpresenter for example), are part of the user space. Obviously, these applications need to interact with the system’s hardware . However, they don’t do so directly, but through the kernel supported functions.
All of this is shown in figure 1.
Figure 1: User space where applications reside, and kernel space where modules or device drivers reside
* Kernel space. Linux (which is a kernel) manages the machine’s hardware in a simple and efficient manner, offering the user a simple and uniform programming interface. In the same way, the kernel, and in particular its device drivers, form a bridge or interface between the end-user/programmer and the hardware. Any subroutines or functions forming part of the kernel (modules and device drivers, for example) are considered to be part of kernel space.
* User space. End-user programs, like the UNIX shell or other GUI based applications (kpresenter for example), are part of the user space. Obviously, these applications need to interact with the system’s hardware . However, they don’t do so directly, but through the kernel supported functions.
All of this is shown in figure 1.
Figure 1: User space where applications reside, and kernel space where modules or device drivers reside
Everything about DMESG.........
1.About dmesg
Print or control the kernel ring buffer. The program helps users to print out their bootup messages. Instead of copying the messages by hand and mail the boot.messages file to whoever can debug their problem.
Syntax
dmesg [ -c ] [ -n level ] [ -s bufsize ]
-c Clear the ring buffer contents after printing.
-sbufsize Use a buffer of size bufsize to query the kernel ring buffer. This is 16392 by default. (The default kernel syslog buffer size was 4096 at first, 8192 since 1.3.54, 16384 since 2.1.113.) If you have set the kernel buffer to be larger than the default then this option can be used to view the entire buffer.
-nlevel Set the level at which logging of messages is done to the console. For example, -n 1 prevents all messages, expect panic messages, from appearing on the console. All levels of messages are still written to /proc/kmsg, so syslogd(8) can still be used to control exactly where kernel messages appear. When the -n option is used, dmesg will not print or clear the kernel ring buffer.
When both options are used, only the last option on the command line will have an effect.
Examples
dmesg
Display the kernel ring buffer to the screen.
dmesg > boot.messages
Send the kernel ring buffer to the boot.messages file, which could then be sent to another person.
2.dmesg (for "display message") is a command on Unix-like operating systems that prints the message buffer of the kernel.
dmesg (for "display message") is a command on Unix-like operating systems that prints the message buffer of the kernel.
When the computer system is initially booted the kernel is loaded into memory. At this stage each device driver present in the kernel probes the system for the existence of relevant hardware. If the hardware is located, a diagnostic message is produced documenting precisely what was found. Other elements within the kernel may also produce similar output reporting both the presence of that particular module, and the values of any parameters adopted. This process typically happens at a speed where individual messages scroll off the top of the screen before they can be read. The dmesg command allows these messages to be reviewed in a controlled manner after the system has started.
Even after the system has fully booted, the kernel may occasionally produce further diagnostic messages. Common examples of when this might happen are when I/O devices encounter errors, or USB devices are hot-plugged. dmesg provides a mechanism to review these messages at a later time. When first produced they will be directed to the system console: if the console is in use then these messages may be confused with or quickly overwritten by the output of user programs.
The output of dmesg can amount to several complete screens. For this reason, this output is normally reviewed using standard text-manipulation tools such as more, tail, or grep. The output is often captured in a permanent system logfile via a logging daemon, such as syslog.
Many commercial operating systems display an animated splash screen during this stage of the boot process, so the user does not see these messages. However, there is frequently a mechanism to disable the splash screen and view the messages. This is an important diagnostic capability if the system fails to boot. There is also usually a method of reviewing these messages subsequent to start up in a manner equivalent to dmesg.
3.
Abstract
Often someone will write to a Linux help list asking for help with a particular device they want to get working under Linux, and a standard reply is "check the output of the dmesg command". This leaves a lot of new users will be confused, and this document is here to hopefully help them navigate this powerful debugging tool. Two sets of kernel boot messages are presented and annotated, from an i386 system and a Linux-Pmac system.
Introduction
The Linux kernel is the central interface between the user and the hardware. As such, it has to incorporate support for hardware if you are to use it. Often, though, cryptic device names are used by the system, making it difficult at first inspection to determine if some particular hardware is supported. The command 'dmesg', which is used to print kernel messages, is very useful in determining if a piece of hardware has been found, and if so, what the system is referring to it as.
This artcle, including the title and format of the dmesg comments, were directly inspired and copied from the OpenBSD Explained article by the same name. I felt one on Linux would be useful for people.
The manpage for dmesg is quite simple:
DMESG(8) DMESG(8)
NAME
dmesg - print or control the kernel ring buffer
SYNOPSIS
dmesg [ -c ] [ -n level ] [ -s bufsize ]
DESCRIPTION
dmesg is used to examine or control the kernel ring
buffer.
Upon boot, the dmesg output is from the kernel booting, showing the devices it has found and if it has been able to configure them at all (aside from userland configuration). This log is also available in the file /var/log/dmesg.
Kernel output on an i386 system
Shown below is a dmesg from an x86 system immediately after boot. The output is indented by several space, and comments and descriptions are left justified.
Linux version 2.2.14-5.0 (root@porky.devel.redhat.com) (gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)) #1 Tue Mar 7 20:53:41 EST 2000
First up is the kernel version (2.2.14) and build (5), along with who built it, with what compile it was built, and when it wass built. This can be some inportant information, as some kernel versions and the GCC project don't interact correctly.
Detected 300683434 Hz processor.
My K6/2-300 processor running at 300 MHz.
Console: colour VGA+ 80x25
A standard PC console screen (15 inch monitor).
Calibrating delay loop... 599.65 BogoMIPS
The useless benchmark of BogoMIPS. They're bogus (hence the name), but are often used as a relative processor speed indicator.
Memory: 63008k/65536k available (1084k kernel code, 412k reserved, 968k data, 64k init, 0k bigmem)
My memory statistics. My machine has 64MB of real memory.
Dentry hash table entries: 262144 (order 9, 2048k)
The dentry cache (dcache) represents the kernel's view of the namespace of mounted filesystems. There's pretty good documentation of it in Documentation/filesystems/vfs.txt in the kernel source tree.
Buffer cache hash table entries: 65536 (order 6, 256k)
In 2.2, the buffer cache is used for caching and aggregating data for writes to block devices. After 2.3.6, it is used for caching fs metadata, such as inode information.
Page cache hash table entries: 16384 (order 4, 64k)
In 2.2, the page (VM) cache is used for caching swap, read and mmap data (which was bad, because shared writable mappings were ugly). After 2.3.6, it also is used for write data (i.e., the buffer and page caches are mostly unified), and all became happiness and light (sorta like BSD).
VFS: Diskquotas version dquot_6.4.0 initialized
My kernel support quotas (though I'm not using them).
CPU: AMD AMD-K6(tm) 3D processor stepping 00
A quick identification of the processor.
Checking 386/387 coupling... OK, FPU using exception 16 error reporting.
Checking 'hlt' instruction... OK.
I seem to recall there being some Intel processor issues, which the kernel has to know about if it's to invoke corrections.
POSIX conformance testing by UNIFIX
PCI: PCI BIOS revision 2.10 entry at 0xfb490
And we start the probing of the PCI bus for peripherals.
PCI: Using configuration type 1
PCI: Probing PCI hardware
PCI: 00:38 [1106/0586]: Work around ISA DMA hangs (00)
Activating ISA DMA hang workarounds.
Linux NET4.0 for Linux 2.2
This kernel supports the Net4 networking codebase, which has a lot of features yet to be fully utilized.
Based upon Swansea University Computer Society NET3.039
NET4: Unix domain sockets 1.0 for Linux NET4.0.
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP, IGMP
My core IP protocols supported. While not needed, IGMP can be fun. Note that some networks do not support muticasting.
TCP: Hash tables configured (ehash 65536 bhash 65536)
Initializing RT netlink socket
Starting kswapd v 1.5
Detected PS/2 Mouse Port.
Should be quite obvious...
Serial driver version 4.27 with MANY_PORTS MULTIPORT SHARE_IRQ enabled
ttyS00 at 0x03f8 (irq = 4) is a 16550A
ttyS01 at 0x02f8 (irq = 3) is a 16550A
The information about my serial ports.
pty: 256 Unix98 ptys configured
apm: BIOS version 1.2 Flags 0x07 (Driver version 1.9)
My motherboard supports the APM standard for sleeping.
Real Time Clock Driver v1.09
RAM disk driver initialized: 16 RAM disks of 4096K size
My kernel supports RAM disks. While I'm not using any most days, sometimes I do use them; if you have the memory, they make a real fast filesystem (like /tmp or, for a webserver, the main pages loaded).
VP_IDE: IDE controller on PCI bus 00 dev 39
VP_IDE: not 100% native mode: will probe irqs later
ide0: BM-DMA at 0xe000-0xe007, BIOS settings: hda:DMA, hdb:DMA
ide1: BM-DMA at 0xe008-0xe00f, BIOS settings: hdc:DMA, hdd:DMA
My IDE controllers.
hda: Maxtor 51369U3, ATA DISK drive
My hard drive in the machine.
hdb: IDE/ATAPI CD-ROM 32X, ATAPI CDROM drive
My CDROM drive.
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
hda: Maxtor 51369U3, 12949MB w/2048kB Cache, CHS=6577/64/63
hdb: ATAPI 16X CD-ROM drive, 128kB Cache
Disk information.
Uniform CDROM driver Revision: 2.56
Floppy drive(s): fd0 is 1.44M
FDC 0 is a post-1991 82077
Floppy drive information.
md driver 0.90.0 MAX_MD_DEVS=256, MAX_REAL=12
raid5: measuring checksumming speed
raid5: MMX detected, trying high-speed MMX checksum routines
pII_mmx : 761.238 MB/sec
p5_mmx : 726.567 MB/sec
8regs : 447.675 MB/sec
32regs : 308.610 MB/sec
using fastest function: pII_mmx (761.238 MB/sec)
A bunch of RAID and MD (used in multiple device devices, like disk arrays) information, again not used.
scsi : 0 hosts.
scsi : detected total.
While the kernel supports SCSI, I'm not using any on this host.
md.c: sizeof(mdp_super_t) = 4096
Partition check:
hda: hda1 hda2 < hda5 hda6 >
My disk partition information. The brackets indicate extended partitions.
autodetecting RAID arrays
autorun ...
... autorun DONE.
Like I said above, I'm using not using any RAID arrays.
VFS: Mounted root (ext2 filesystem) readonly.
At this point we're almost done with the kernel and ready to start the system.
Freeing unused kernel memory: 64k freed
Adding Swap: 66488k swap-space (priority -1)
ne2k-pci.c:vpre-1.00e 5/27/99 D. Becker/P. Gortmaker http://cesdis.gsfc.nasa.gov/linux/drivers/ne2k-pci.html
ne2k-pci.c: PCI NE2000 clone 'RealTek RTL-8029' at I/O 0xe800, IRQ 11.
eth0: RealTek RTL-8029 found at 0xe800, IRQ 11, 00:80:AD:41:22:10.
My ethernet device is a PCI NE2000 based device. (A real cheap NIC, but almost every OS supports it.)
VFS: Disk change detected on device fd(2,0)
At this point, the kernel is done booting and we're ready to start /sbin/init (unless we supplied some information about init upon boot). The system then starts rc.sysinit and begins normal boot operations. The kernel has finished booting.
Kernel output on a Linux-Pmac system
And, for comparison's sake, this is the output of Linux 2.2 on a PowerPC system. Again, the dmesg output is indented and the description and comments are left justified. For this system I was using BootX, which loads the kernel into memory from within the MacOS, then completes bootstrapping it after ditching the MacOS. Options can be passed to the kernel, as you would with LILO on an Intel based PC, from within the app.
device tree used 17860 bytes
PowerPC systems use what is known as OpenFirmware, rather than a PC like BIOS, and it has a 'device tree', which is arranged a bit like a UNIX filesystem. This one uses about 16kb.
Total memory = 72MB; using 512kB for hash table (at c0280000)
Again, total physical RAM available.
Linux version 2.2.6-15apmac (root@video.linuxppc.org) (gcc version egcs-2.91.66 19990314 (egcs-1.1.2 release)) #1 Mon May 31 03:54:09 EDT 1999
Kernel version (2.2.6 build 15 on a Pmac), who built it (root@video.linuxppc.org), what version of gcc (or egcs), and when it was built. This can be diagnostic as some versions of the Linux kernel don't play well with some versions of GCC.
PCI bus 0 controlled by bandit at f2000000
PCI bus 1 controlled by chaos at f0000000
Two PCI busses. OpenFirmware (OF) calls their controllers bandit and chaos.
System has 32 possible interrupts
via_calibrate_decr: decrementer_count = 100001 (600010 ticks)
Console: colour dummy device 80x25
Calibrating delay loop... 239.21 BogoMIPS
Ahh... sweet BogoMIPS, which mean pretty much nothing.
Memory: 69900k available (1532k kernel code, 2184k data, 112k init) [c0000000,c4800000]
After the initial bootstrap, about 68 MB of memory is left, having reserved some for the kernel and core system.
VFS: Diskquotas version dquot_6.4.0 initialized
POSIX conformance testing by UNIFIX
PCI: Probing PCI hardware
Let the PCI probing begin!
USB: Universal USB Driver v$Revision: 1.2 $
USB-OHCI: USB Open Host Controller Interface Driver
USB-HUBD: UUSBD Hub Driver v$Revision: 1.2 $
USB-HIDD: USB Human Interface Devices Driver v$Revision: 1.2 $
USB-HIDBP: USB HID Boot Protocol Driver v$Revision: 1.2 $
USB support is in the kernel, though I have no USB devices on the system.
adb devices: [2]: 2 2 [3]: 3 1
ADB, or Apple Desktop Bus, has two devices, the keyboard and the mouse. We'll see them detected below.
Linux NET4.0 for Linux 2.2
Based upon Swansea University Computer Society NET3.039
NET4: Unix domain sockets 1.0 for Linux NET4.0.
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP, IGMP
Core networking protocols (NET4) built into the kernel. The IGMP comes from multicast support (see Stevens for more info).
Starting kswapd v 1.5
MacOS display is /bandit/IMS,tt128mb8
Recall that bandit is the PCI controller (bus0). I use an IMS Twin Turbo 8 MB video chipset.
Console: switching to colour frame buffer device 80x30
fb0: IMS TT (TVP) frame buffer; 8MB vram; chip version 2
Monitor sense value = 0x73f, using video mode 6 and color mode 0.
fb1: control display adapter
Some video settings. On PowerMac hardware, sometimes this can be important if you've loaded a kernel level video driver, which can cause havoc on some systems. This is useful stuff to check on a PPC that has some video problems (ie in X).
ADB mouse at 3, handler set to 4
ADB keyboard at 2, handler set to 5
PowerMac Z8530 serial driver version 1.01
tty00 at 0xc900e020 (irq = 15) is a Z8530 ESCC, port = modem
tty01 at 0xc9011000 (irq = 16) is a Z8530 ESCC, port = printer
It found the ADB devices and also the two serial ports. It's useful to know which ones are which. Recall that Macintosh machines have one labeled modem and one labeled printer, so this is useful info to know.
pty: 256 Unix98 ptys configured
Macintosh ADB mouse driver installed.
DMA sound driver installed, using 4 buffers of 32k.
RAM disk driver initialized: 16 RAM disks of 4096K size
loop: registered device at major 7
fd0: SWIM3 floppy controller
fd0, or the floppy drive 0, on PowerMacs uses a controller called 'SWIM3'. Unfortunately, in this instance of the kernel, it's broken.
md driver 0.90.0 MAX_MD_DEVS=256, MAX_REAL=12
USB-HUBM: Starting kusbdd (pid 2)
USBD: No USB hosts found
linear personality registered
raid0 personality registered
raid1 personality registered
raid5: measuring checksumming speed
If I had RAID controllers, this would be neat. As such, it's just sucking up space in my kernel.
8regs : 140.970 MB/sec
32regs : 122.301 MB/sec
using fastest function: 8regs (140.970 MB/sec)
scsi0 : MESH
scsi1 : 53C94
scsi : 2 hosts.
I have two SCSI controllers, both onboard, with one being internal (the MESH one) and one being external (the 53C94 controller).
mesh: target 0 synchronous at 10.0 MB/s
Vendor: IBM Model: DPES-31080 Rev: S31S
Type: Direct-Access ANSI SCSI revision: 01 CCS
Detected scsi disk sda at scsi0, channel 0, id 0, lun 0
Vendor: QUANTUM Model: CTS80S Rev: 4.05
Type: Direct-Access ANSI SCSI revision: 02
Detected scsi disk sdb at scsi0, channel 0, id 1, lun 0
mesh: target 3 synchronous at 5.0 MB/s
Vendor: MATSHITA Model: CD-ROM CR-8005A Rev: 4.0i
Type: CD-ROM ANSI SCSI revision: 02
Detected scsi CD-ROM sr0 at scsi0, channel 0, id 3, lun 0
mesh: target 4 synchronous at 10.0 MB/s
Vendor: SEAGATE Model: ST31200N Rev: 8648
Type: Direct-Access ANSI SCSI revision: 02
Detected scsi disk sdc at scsi0, channel 0, id 4, lun 0
Vendor: QUANTUM Model: FIREBALL_TM2110S Rev: 300X
Type: Direct-Access ANSI SCSI revision: 02
Detected scsi disk sdd at scsi1, channel 0, id 2, lun 0
scsi : detected 1 SCSI cdrom 4 SCSI disks total.
Uniform CDROM driver Revision: 2.54
SCSI device sda: hdwr sector= 512 bytes. Sectors= 2118144 [1034 MB] [1.0 GB]
SCSI device sdb: hdwr sector= 512 bytes. Sectors= 166200 [81 MB] [0.1 GB]
SCSI device sdc: hdwr sector= 512 bytes. Sectors= 2061108 [1006 MB] [1.0 GB]
SCSI device sdd: hdwr sector= 512 bytes. Sectors= 4124736 [2014 MB] [2.0 GB]
Disk detection. I'm not a big fan of how Linux names its disks (in the order it finds them), but it found all of my devices.
PPP: version 2.3.3 (demand dialling)
TCP compression code copyright 1989 Regents of the University of California
PPP line discipline registered.
Kernel PPP support. Compressed TCP headers in PPP is a great feature, by the way, in keeping message overhead low.
eth0: MACE at 00:05:02:10:e6:6d, chip revision 9.64
Good old eth0, the ethernet device. It's MACE on a PowerMac. If this had been a modular driver, it wouldn't have shown up here but only after the module had been inserted.
Partition check:
sda: sda1 sda2 sda3 sda4 sda5 sda6
sdb: sdb1
sdc: sdc1 sdc2 sdc3 sdc4
sdd: sdd1 sdd2 sdd3 sdd4
The partition check is useful for knowing what the disks are laid out as.
md.c: sizeof(mdp_super_t) = 4104
autodetecting RAID arrays
autorun ...
... autorun DONE.
VFS: Mounted root (ext2 filesystem) readonly.
Freeing unused kernel memory: 112k init 32k prep
Adding Swap: 131428k swap-space (priority -1)
And we're done booting.
Concluding remarks
Like I noted above at the end of the i386 dmesg output, the kernel, once finished, then moves on to /sbin/init unless an argument poiting it elsewhere has been passed to the kernel at boot time. An example would be telling the kernel "init=/bin/sh", such that it would execute a shell upon boot, rather than /sbin/init (and what follows). Note that the kernel only mounts the root filesystem read-only, so if all you do is boot the kernel you have to mount your disks read-write in order to affect changes on them (ie editing /etc/passwd to rescue root's password).
While this isn't the most thorough of jobs, I hope that this little tour has been enjoyable for everyone, and educational.
Print or control the kernel ring buffer. The program helps users to print out their bootup messages. Instead of copying the messages by hand and mail the boot.messages file to whoever can debug their problem.
Syntax
dmesg [ -c ] [ -n level ] [ -s bufsize ]
-c Clear the ring buffer contents after printing.
-sbufsize Use a buffer of size bufsize to query the kernel ring buffer. This is 16392 by default. (The default kernel syslog buffer size was 4096 at first, 8192 since 1.3.54, 16384 since 2.1.113.) If you have set the kernel buffer to be larger than the default then this option can be used to view the entire buffer.
-nlevel Set the level at which logging of messages is done to the console. For example, -n 1 prevents all messages, expect panic messages, from appearing on the console. All levels of messages are still written to /proc/kmsg, so syslogd(8) can still be used to control exactly where kernel messages appear. When the -n option is used, dmesg will not print or clear the kernel ring buffer.
When both options are used, only the last option on the command line will have an effect.
Examples
dmesg
Display the kernel ring buffer to the screen.
dmesg > boot.messages
Send the kernel ring buffer to the boot.messages file, which could then be sent to another person.
2.dmesg (for "display message") is a command on Unix-like operating systems that prints the message buffer of the kernel.
dmesg (for "display message") is a command on Unix-like operating systems that prints the message buffer of the kernel.
When the computer system is initially booted the kernel is loaded into memory. At this stage each device driver present in the kernel probes the system for the existence of relevant hardware. If the hardware is located, a diagnostic message is produced documenting precisely what was found. Other elements within the kernel may also produce similar output reporting both the presence of that particular module, and the values of any parameters adopted. This process typically happens at a speed where individual messages scroll off the top of the screen before they can be read. The dmesg command allows these messages to be reviewed in a controlled manner after the system has started.
Even after the system has fully booted, the kernel may occasionally produce further diagnostic messages. Common examples of when this might happen are when I/O devices encounter errors, or USB devices are hot-plugged. dmesg provides a mechanism to review these messages at a later time. When first produced they will be directed to the system console: if the console is in use then these messages may be confused with or quickly overwritten by the output of user programs.
The output of dmesg can amount to several complete screens. For this reason, this output is normally reviewed using standard text-manipulation tools such as more, tail, or grep. The output is often captured in a permanent system logfile via a logging daemon, such as syslog.
Many commercial operating systems display an animated splash screen during this stage of the boot process, so the user does not see these messages. However, there is frequently a mechanism to disable the splash screen and view the messages. This is an important diagnostic capability if the system fails to boot. There is also usually a method of reviewing these messages subsequent to start up in a manner equivalent to dmesg.
3.
Abstract
Often someone will write to a Linux help list asking for help with a particular device they want to get working under Linux, and a standard reply is "check the output of the dmesg command". This leaves a lot of new users will be confused, and this document is here to hopefully help them navigate this powerful debugging tool. Two sets of kernel boot messages are presented and annotated, from an i386 system and a Linux-Pmac system.
Introduction
The Linux kernel is the central interface between the user and the hardware. As such, it has to incorporate support for hardware if you are to use it. Often, though, cryptic device names are used by the system, making it difficult at first inspection to determine if some particular hardware is supported. The command 'dmesg', which is used to print kernel messages, is very useful in determining if a piece of hardware has been found, and if so, what the system is referring to it as.
This artcle, including the title and format of the dmesg comments, were directly inspired and copied from the OpenBSD Explained article by the same name. I felt one on Linux would be useful for people.
The manpage for dmesg is quite simple:
DMESG(8) DMESG(8)
NAME
dmesg - print or control the kernel ring buffer
SYNOPSIS
dmesg [ -c ] [ -n level ] [ -s bufsize ]
DESCRIPTION
dmesg is used to examine or control the kernel ring
buffer.
Upon boot, the dmesg output is from the kernel booting, showing the devices it has found and if it has been able to configure them at all (aside from userland configuration). This log is also available in the file /var/log/dmesg.
Kernel output on an i386 system
Shown below is a dmesg from an x86 system immediately after boot. The output is indented by several space, and comments and descriptions are left justified.
Linux version 2.2.14-5.0 (root@porky.devel.redhat.com) (gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)) #1 Tue Mar 7 20:53:41 EST 2000
First up is the kernel version (2.2.14) and build (5), along with who built it, with what compile it was built, and when it wass built. This can be some inportant information, as some kernel versions and the GCC project don't interact correctly.
Detected 300683434 Hz processor.
My K6/2-300 processor running at 300 MHz.
Console: colour VGA+ 80x25
A standard PC console screen (15 inch monitor).
Calibrating delay loop... 599.65 BogoMIPS
The useless benchmark of BogoMIPS. They're bogus (hence the name), but are often used as a relative processor speed indicator.
Memory: 63008k/65536k available (1084k kernel code, 412k reserved, 968k data, 64k init, 0k bigmem)
My memory statistics. My machine has 64MB of real memory.
Dentry hash table entries: 262144 (order 9, 2048k)
The dentry cache (dcache) represents the kernel's view of the namespace of mounted filesystems. There's pretty good documentation of it in Documentation/filesystems/vfs.txt in the kernel source tree.
Buffer cache hash table entries: 65536 (order 6, 256k)
In 2.2, the buffer cache is used for caching and aggregating data for writes to block devices. After 2.3.6, it is used for caching fs metadata, such as inode information.
Page cache hash table entries: 16384 (order 4, 64k)
In 2.2, the page (VM) cache is used for caching swap, read and mmap data (which was bad, because shared writable mappings were ugly). After 2.3.6, it also is used for write data (i.e., the buffer and page caches are mostly unified), and all became happiness and light (sorta like BSD).
VFS: Diskquotas version dquot_6.4.0 initialized
My kernel support quotas (though I'm not using them).
CPU: AMD AMD-K6(tm) 3D processor stepping 00
A quick identification of the processor.
Checking 386/387 coupling... OK, FPU using exception 16 error reporting.
Checking 'hlt' instruction... OK.
I seem to recall there being some Intel processor issues, which the kernel has to know about if it's to invoke corrections.
POSIX conformance testing by UNIFIX
PCI: PCI BIOS revision 2.10 entry at 0xfb490
And we start the probing of the PCI bus for peripherals.
PCI: Using configuration type 1
PCI: Probing PCI hardware
PCI: 00:38 [1106/0586]: Work around ISA DMA hangs (00)
Activating ISA DMA hang workarounds.
Linux NET4.0 for Linux 2.2
This kernel supports the Net4 networking codebase, which has a lot of features yet to be fully utilized.
Based upon Swansea University Computer Society NET3.039
NET4: Unix domain sockets 1.0 for Linux NET4.0.
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP, IGMP
My core IP protocols supported. While not needed, IGMP can be fun. Note that some networks do not support muticasting.
TCP: Hash tables configured (ehash 65536 bhash 65536)
Initializing RT netlink socket
Starting kswapd v 1.5
Detected PS/2 Mouse Port.
Should be quite obvious...
Serial driver version 4.27 with MANY_PORTS MULTIPORT SHARE_IRQ enabled
ttyS00 at 0x03f8 (irq = 4) is a 16550A
ttyS01 at 0x02f8 (irq = 3) is a 16550A
The information about my serial ports.
pty: 256 Unix98 ptys configured
apm: BIOS version 1.2 Flags 0x07 (Driver version 1.9)
My motherboard supports the APM standard for sleeping.
Real Time Clock Driver v1.09
RAM disk driver initialized: 16 RAM disks of 4096K size
My kernel supports RAM disks. While I'm not using any most days, sometimes I do use them; if you have the memory, they make a real fast filesystem (like /tmp or, for a webserver, the main pages loaded).
VP_IDE: IDE controller on PCI bus 00 dev 39
VP_IDE: not 100% native mode: will probe irqs later
ide0: BM-DMA at 0xe000-0xe007, BIOS settings: hda:DMA, hdb:DMA
ide1: BM-DMA at 0xe008-0xe00f, BIOS settings: hdc:DMA, hdd:DMA
My IDE controllers.
hda: Maxtor 51369U3, ATA DISK drive
My hard drive in the machine.
hdb: IDE/ATAPI CD-ROM 32X, ATAPI CDROM drive
My CDROM drive.
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
hda: Maxtor 51369U3, 12949MB w/2048kB Cache, CHS=6577/64/63
hdb: ATAPI 16X CD-ROM drive, 128kB Cache
Disk information.
Uniform CDROM driver Revision: 2.56
Floppy drive(s): fd0 is 1.44M
FDC 0 is a post-1991 82077
Floppy drive information.
md driver 0.90.0 MAX_MD_DEVS=256, MAX_REAL=12
raid5: measuring checksumming speed
raid5: MMX detected, trying high-speed MMX checksum routines
pII_mmx : 761.238 MB/sec
p5_mmx : 726.567 MB/sec
8regs : 447.675 MB/sec
32regs : 308.610 MB/sec
using fastest function: pII_mmx (761.238 MB/sec)
A bunch of RAID and MD (used in multiple device devices, like disk arrays) information, again not used.
scsi : 0 hosts.
scsi : detected total.
While the kernel supports SCSI, I'm not using any on this host.
md.c: sizeof(mdp_super_t) = 4096
Partition check:
hda: hda1 hda2 < hda5 hda6 >
My disk partition information. The brackets indicate extended partitions.
autodetecting RAID arrays
autorun ...
... autorun DONE.
Like I said above, I'm using not using any RAID arrays.
VFS: Mounted root (ext2 filesystem) readonly.
At this point we're almost done with the kernel and ready to start the system.
Freeing unused kernel memory: 64k freed
Adding Swap: 66488k swap-space (priority -1)
ne2k-pci.c:vpre-1.00e 5/27/99 D. Becker/P. Gortmaker http://cesdis.gsfc.nasa.gov/linux/drivers/ne2k-pci.html
ne2k-pci.c: PCI NE2000 clone 'RealTek RTL-8029' at I/O 0xe800, IRQ 11.
eth0: RealTek RTL-8029 found at 0xe800, IRQ 11, 00:80:AD:41:22:10.
My ethernet device is a PCI NE2000 based device. (A real cheap NIC, but almost every OS supports it.)
VFS: Disk change detected on device fd(2,0)
At this point, the kernel is done booting and we're ready to start /sbin/init (unless we supplied some information about init upon boot). The system then starts rc.sysinit and begins normal boot operations. The kernel has finished booting.
Kernel output on a Linux-Pmac system
And, for comparison's sake, this is the output of Linux 2.2 on a PowerPC system. Again, the dmesg output is indented and the description and comments are left justified. For this system I was using BootX, which loads the kernel into memory from within the MacOS, then completes bootstrapping it after ditching the MacOS. Options can be passed to the kernel, as you would with LILO on an Intel based PC, from within the app.
device tree used 17860 bytes
PowerPC systems use what is known as OpenFirmware, rather than a PC like BIOS, and it has a 'device tree', which is arranged a bit like a UNIX filesystem. This one uses about 16kb.
Total memory = 72MB; using 512kB for hash table (at c0280000)
Again, total physical RAM available.
Linux version 2.2.6-15apmac (root@video.linuxppc.org) (gcc version egcs-2.91.66 19990314 (egcs-1.1.2 release)) #1 Mon May 31 03:54:09 EDT 1999
Kernel version (2.2.6 build 15 on a Pmac), who built it (root@video.linuxppc.org), what version of gcc (or egcs), and when it was built. This can be diagnostic as some versions of the Linux kernel don't play well with some versions of GCC.
PCI bus 0 controlled by bandit at f2000000
PCI bus 1 controlled by chaos at f0000000
Two PCI busses. OpenFirmware (OF) calls their controllers bandit and chaos.
System has 32 possible interrupts
via_calibrate_decr: decrementer_count = 100001 (600010 ticks)
Console: colour dummy device 80x25
Calibrating delay loop... 239.21 BogoMIPS
Ahh... sweet BogoMIPS, which mean pretty much nothing.
Memory: 69900k available (1532k kernel code, 2184k data, 112k init) [c0000000,c4800000]
After the initial bootstrap, about 68 MB of memory is left, having reserved some for the kernel and core system.
VFS: Diskquotas version dquot_6.4.0 initialized
POSIX conformance testing by UNIFIX
PCI: Probing PCI hardware
Let the PCI probing begin!
USB: Universal USB Driver v$Revision: 1.2 $
USB-OHCI: USB Open Host Controller Interface Driver
USB-HUBD: UUSBD Hub Driver v$Revision: 1.2 $
USB-HIDD: USB Human Interface Devices Driver v$Revision: 1.2 $
USB-HIDBP: USB HID Boot Protocol Driver v$Revision: 1.2 $
USB support is in the kernel, though I have no USB devices on the system.
adb devices: [2]: 2 2 [3]: 3 1
ADB, or Apple Desktop Bus, has two devices, the keyboard and the mouse. We'll see them detected below.
Linux NET4.0 for Linux 2.2
Based upon Swansea University Computer Society NET3.039
NET4: Unix domain sockets 1.0 for Linux NET4.0.
NET4: Linux TCP/IP 1.0 for NET4.0
IP Protocols: ICMP, UDP, TCP, IGMP
Core networking protocols (NET4) built into the kernel. The IGMP comes from multicast support (see Stevens for more info).
Starting kswapd v 1.5
MacOS display is /bandit/IMS,tt128mb8
Recall that bandit is the PCI controller (bus0). I use an IMS Twin Turbo 8 MB video chipset.
Console: switching to colour frame buffer device 80x30
fb0: IMS TT (TVP) frame buffer; 8MB vram; chip version 2
Monitor sense value = 0x73f, using video mode 6 and color mode 0.
fb1: control display adapter
Some video settings. On PowerMac hardware, sometimes this can be important if you've loaded a kernel level video driver, which can cause havoc on some systems. This is useful stuff to check on a PPC that has some video problems (ie in X).
ADB mouse at 3, handler set to 4
ADB keyboard at 2, handler set to 5
PowerMac Z8530 serial driver version 1.01
tty00 at 0xc900e020 (irq = 15) is a Z8530 ESCC, port = modem
tty01 at 0xc9011000 (irq = 16) is a Z8530 ESCC, port = printer
It found the ADB devices and also the two serial ports. It's useful to know which ones are which. Recall that Macintosh machines have one labeled modem and one labeled printer, so this is useful info to know.
pty: 256 Unix98 ptys configured
Macintosh ADB mouse driver installed.
DMA sound driver installed, using 4 buffers of 32k.
RAM disk driver initialized: 16 RAM disks of 4096K size
loop: registered device at major 7
fd0: SWIM3 floppy controller
fd0, or the floppy drive 0, on PowerMacs uses a controller called 'SWIM3'. Unfortunately, in this instance of the kernel, it's broken.
md driver 0.90.0 MAX_MD_DEVS=256, MAX_REAL=12
USB-HUBM: Starting kusbdd (pid 2)
USBD: No USB hosts found
linear personality registered
raid0 personality registered
raid1 personality registered
raid5: measuring checksumming speed
If I had RAID controllers, this would be neat. As such, it's just sucking up space in my kernel.
8regs : 140.970 MB/sec
32regs : 122.301 MB/sec
using fastest function: 8regs (140.970 MB/sec)
scsi0 : MESH
scsi1 : 53C94
scsi : 2 hosts.
I have two SCSI controllers, both onboard, with one being internal (the MESH one) and one being external (the 53C94 controller).
mesh: target 0 synchronous at 10.0 MB/s
Vendor: IBM Model: DPES-31080 Rev: S31S
Type: Direct-Access ANSI SCSI revision: 01 CCS
Detected scsi disk sda at scsi0, channel 0, id 0, lun 0
Vendor: QUANTUM Model: CTS80S Rev: 4.05
Type: Direct-Access ANSI SCSI revision: 02
Detected scsi disk sdb at scsi0, channel 0, id 1, lun 0
mesh: target 3 synchronous at 5.0 MB/s
Vendor: MATSHITA Model: CD-ROM CR-8005A Rev: 4.0i
Type: CD-ROM ANSI SCSI revision: 02
Detected scsi CD-ROM sr0 at scsi0, channel 0, id 3, lun 0
mesh: target 4 synchronous at 10.0 MB/s
Vendor: SEAGATE Model: ST31200N Rev: 8648
Type: Direct-Access ANSI SCSI revision: 02
Detected scsi disk sdc at scsi0, channel 0, id 4, lun 0
Vendor: QUANTUM Model: FIREBALL_TM2110S Rev: 300X
Type: Direct-Access ANSI SCSI revision: 02
Detected scsi disk sdd at scsi1, channel 0, id 2, lun 0
scsi : detected 1 SCSI cdrom 4 SCSI disks total.
Uniform CDROM driver Revision: 2.54
SCSI device sda: hdwr sector= 512 bytes. Sectors= 2118144 [1034 MB] [1.0 GB]
SCSI device sdb: hdwr sector= 512 bytes. Sectors= 166200 [81 MB] [0.1 GB]
SCSI device sdc: hdwr sector= 512 bytes. Sectors= 2061108 [1006 MB] [1.0 GB]
SCSI device sdd: hdwr sector= 512 bytes. Sectors= 4124736 [2014 MB] [2.0 GB]
Disk detection. I'm not a big fan of how Linux names its disks (in the order it finds them), but it found all of my devices.
PPP: version 2.3.3 (demand dialling)
TCP compression code copyright 1989 Regents of the University of California
PPP line discipline registered.
Kernel PPP support. Compressed TCP headers in PPP is a great feature, by the way, in keeping message overhead low.
eth0: MACE at 00:05:02:10:e6:6d, chip revision 9.64
Good old eth0, the ethernet device. It's MACE on a PowerMac. If this had been a modular driver, it wouldn't have shown up here but only after the module had been inserted.
Partition check:
sda: sda1 sda2 sda3 sda4 sda5 sda6
sdb: sdb1
sdc: sdc1 sdc2 sdc3 sdc4
sdd: sdd1 sdd2 sdd3 sdd4
The partition check is useful for knowing what the disks are laid out as.
md.c: sizeof(mdp_super_t) = 4104
autodetecting RAID arrays
autorun ...
... autorun DONE.
VFS: Mounted root (ext2 filesystem) readonly.
Freeing unused kernel memory: 112k init 32k prep
Adding Swap: 131428k swap-space (priority -1)
And we're done booting.
Concluding remarks
Like I noted above at the end of the i386 dmesg output, the kernel, once finished, then moves on to /sbin/init unless an argument poiting it elsewhere has been passed to the kernel at boot time. An example would be telling the kernel "init=/bin/sh", such that it would execute a shell upon boot, rather than /sbin/init (and what follows). Note that the kernel only mounts the root filesystem read-only, so if all you do is boot the kernel you have to mount your disks read-write in order to affect changes on them (ie editing /etc/passwd to rescue root's password).
While this isn't the most thorough of jobs, I hope that this little tour has been enjoyable for everyone, and educational.
Understanding your (Red Hat Enterprise Linux) daemons
The term 'daemon' is used for processes that performs service in background.
rather than under the direct control of a user.
Unix processes works either in foreground or background. A process running in foreground interacts with the user in front of the terminal (makes I/O), whereas a background process runs by itself.
In a Unix environment, the parent process of a daemon is often (but not always) the init process (PID=1). Processes usually become daemons by forking a child process and then having their parent process immediately exit, thus causing init to adopt the child process. This is a somewhat simplified view of the process as other operations are generally performed, such as disassociating the daemon process from any controlling tty.
rather than under the direct control of a user.
Unix processes works either in foreground or background. A process running in foreground interacts with the user in front of the terminal (makes I/O), whereas a background process runs by itself.
In a Unix environment, the parent process of a daemon is often (but not always) the init process (PID=1). Processes usually become daemons by forking a child process and then having their parent process immediately exit, thus causing init to adopt the child process. This is a somewhat simplified view of the process as other operations are generally performed, such as disassociating the daemon process from any controlling tty.
What is the difference between a daemon and a server process?
A 'daemon' is a software process that runs in the background (continuously) and provides the service to client upon request.
For example
* named is a daemon. When requested it will provide DNS service. Other examples are:
* xinetd (it is a super-daemon, it is responsible for invoking other Internet servers when they are needed)
* inetd (same as xinetd, but with limited configuration options)
* sendmail/postfix (to send/route email)
* Apache/httpd (web server)
A 'server process' run runs one time, when called by a daemon. Once done it will stop. For example telnetd (in.telnetd) or ftpd called from xinetd/inetd daemon . By calling server process from daemon you can save the load and memory. Use a server process for small services such as ftpd, telnetd
For example
* named is a daemon. When requested it will provide DNS service. Other examples are:
* xinetd (it is a super-daemon, it is responsible for invoking other Internet servers when they are needed)
* inetd (same as xinetd, but with limited configuration options)
* sendmail/postfix (to send/route email)
* Apache/httpd (web server)
A 'server process' run runs one time, when called by a daemon. Once done it will stop. For example telnetd (in.telnetd) or ftpd called from xinetd/inetd daemon . By calling server process from daemon you can save the load and memory. Use a server process for small services such as ftpd, telnetd
What is BIOS ?
1.BIOS - Basic Input/Output System. A set of routines that works with a computer system's hardware to support data transfers between the various components, such as the monitor and disk drives, of a system.
2.BIOS Basic Input Output System. The part of the system software of the PC that provides the lowest level interface to peripheral devices and controls the first stage of the start up process, including installing the operating system. The BIOS is stored in ROM or equivalent, in every PC. Its main task is to load and execute the operating system which is usually stored on the computer's hard disk, but may be loaded from CD-ROM or floppy disk at install time.
System Software Software is generally divided into systems software and applications software. System software is the operating system and all utility programs that manage computer resources at a low level.
3.BIOS - An acronym for Basic Input/Output System. The BIOS is built-in software that determines what a computer can do without accessing programs from a disk. On PCs, the BIOS contains all the code required to control the keyboard, display screen, disk drives, serial communications, and a number of miscellaneous functions. The BIOS is typically placed in a ROM chip that comes with the computer (it is often called a ROM BIOS). This ensures that the BIOS will always be available and will not be damaged by disk failures. It also makes it possible for a computer to boot itself. Many modern PCs have a flash BIOS, which means that the BIOS has been recorded on a flash memory chip, which can be updated if necessary. The PC BIOS is fairly standardized, so all PCs are similar at this level (although there are different BIOS versions). Additional DOS functions are usually added through software modules. This means you can upgrade to a newer version of DOS without changing the BIOS.
4.The BIOS is boot firmware, designed to be the first code run by a PC when powered on. The initial function of the BIOS is to identify, test, and initialize system devices such as the video display card, hard disk, and floppy disk and other hardware. This is to prepare the machine into a known state, so that software stored on compatible media can be loaded, executed, and given control of the PC.[3] This process is known as booting, or booting up, which is short for bootstrapping.
Firmware
The first set of machine instructions to run on the hardware after the application of power.
2.BIOS Basic Input Output System. The part of the system software of the PC that provides the lowest level interface to peripheral devices and controls the first stage of the start up process, including installing the operating system. The BIOS is stored in ROM or equivalent, in every PC. Its main task is to load and execute the operating system which is usually stored on the computer's hard disk, but may be loaded from CD-ROM or floppy disk at install time.
System Software Software is generally divided into systems software and applications software. System software is the operating system and all utility programs that manage computer resources at a low level.
3.BIOS - An acronym for Basic Input/Output System. The BIOS is built-in software that determines what a computer can do without accessing programs from a disk. On PCs, the BIOS contains all the code required to control the keyboard, display screen, disk drives, serial communications, and a number of miscellaneous functions. The BIOS is typically placed in a ROM chip that comes with the computer (it is often called a ROM BIOS). This ensures that the BIOS will always be available and will not be damaged by disk failures. It also makes it possible for a computer to boot itself. Many modern PCs have a flash BIOS, which means that the BIOS has been recorded on a flash memory chip, which can be updated if necessary. The PC BIOS is fairly standardized, so all PCs are similar at this level (although there are different BIOS versions). Additional DOS functions are usually added through software modules. This means you can upgrade to a newer version of DOS without changing the BIOS.
4.The BIOS is boot firmware, designed to be the first code run by a PC when powered on. The initial function of the BIOS is to identify, test, and initialize system devices such as the video display card, hard disk, and floppy disk and other hardware. This is to prepare the machine into a known state, so that software stored on compatible media can be loaded, executed, and given control of the PC.[3] This process is known as booting, or booting up, which is short for bootstrapping.
Firmware
The first set of machine instructions to run on the hardware after the application of power.
What is EEPROM?
1.EEPROM (also written E2PROM and pronounced "e-e-prom," "double-e prom" or simply "e-squared") stands for Electrically Erasable Programmable Read-Only Memory and is a type of non-volatile memory used in computers and other electronic devices to store small amounts of data that must be saved when power is removed, e.g., calibration tables or device configuration.
When larger amounts of static data are to be stored (such as in USB flash drives) a specific type of EEPROM such as flash memory is more economical than traditional EEPROM devices.
2.Electrically Erasable Programmable Read-Only Memory (EEPROM): A special nonvolatile memory that can be erased and (re)programmed electrically. Commonly used in contact and contact-less smart cards. Retains the content of its memory even when the power is turned off.
3.Electrical Erasable ROM (EEPROM) It is inconvenient to have to remove a chip to prepare it for programming using a separate light source. EEPROMs allow the erasing of data to be achieved with the ROM in situ. The main difference between EPROMs and EEPROMs is the way that they discharge the charge stored in the floating gate. Fowler-Nordheim tunnelling technique (allowing low energy electrons to jump the gap) this alows the gate to be discharged when required. It is possible to change just individual locations.
4.EEPROM (Electrically Erasable Programmable Read-Only Memory)
A small memory chip that retains data even without power.
5.EEPROM (Electrically Erasable Programmable Read-Only Memory): A non-volatile storage device on microchips. Usually bytes can be erased and reprogrammed individually.
When larger amounts of static data are to be stored (such as in USB flash drives) a specific type of EEPROM such as flash memory is more economical than traditional EEPROM devices.
2.Electrically Erasable Programmable Read-Only Memory (EEPROM): A special nonvolatile memory that can be erased and (re)programmed electrically. Commonly used in contact and contact-less smart cards. Retains the content of its memory even when the power is turned off.
3.Electrical Erasable ROM (EEPROM) It is inconvenient to have to remove a chip to prepare it for programming using a separate light source. EEPROMs allow the erasing of data to be achieved with the ROM in situ. The main difference between EPROMs and EEPROMs is the way that they discharge the charge stored in the floating gate. Fowler-Nordheim tunnelling technique (allowing low energy electrons to jump the gap) this alows the gate to be discharged when required. It is possible to change just individual locations.
4.EEPROM (Electrically Erasable Programmable Read-Only Memory)
A small memory chip that retains data even without power.
5.EEPROM (Electrically Erasable Programmable Read-Only Memory): A non-volatile storage device on microchips. Usually bytes can be erased and reprogrammed individually.
In Unix, what is a daemon?
Daemon stands for Disk and Execution Monitor. A daemon is a long-running background process that answers requests for services. The term originated with Unix, but most operating systems use daemons in some form or another. In Windows NT, 2000, and XP, for example, daemons are called "services". In Unix, the names of daemons conventionally end in "d". Some examples include inetd, httpd, nfsd, sshd, named, and lpd.
Driver Definition - What is a Driver?
A driver is a small piece of software that tells the operating system and other software how to communicate with a piece of hardware.
For example, all printers come accompanied with drivers to install that tell the operating system exactly how to print information on the page. Sound card drivers tell your software exactly how to translate data into audio signals that the card can output to a set of speakers. The same applies to video cards, keyboards, monitors, etc.
The drivers for each piece of hardware in your computer are centrally managed from Device Manager, available in all versions of Microsoft Windows.
For example, all printers come accompanied with drivers to install that tell the operating system exactly how to print information on the page. Sound card drivers tell your software exactly how to translate data into audio signals that the card can output to a set of speakers. The same applies to video cards, keyboards, monitors, etc.
The drivers for each piece of hardware in your computer are centrally managed from Device Manager, available in all versions of Microsoft Windows.
What happens When you boot your system?
When you boot your system
services and processes are started via shell scripts.
All shell scripts that could possibly get executed when you boot your system are stored in the /etc/init.d sub-directory. (Note that even directories can have periods in their name.)
In order to understand the boot-up process you have to be familier with runlevels.
Linux/UNIX systems can be set to run in different modes of functionality.
They can operate in a single-user mode, such as in the case of strictly being a "workstation" (desktop PC), or they can run in multi-user mode to operate as a server.
Each runlevel is identified by a single-digit number.
The runlevels worth remembering are:
0 - shut down the system
1 - single-user mode
2 - 5 multi-user mode
6 - reboot
Recall that any shell script that might be run at system startup are stored in the /etc/init.d directory. All these different runlevels do is run a different set of the scripts stored in this directory at startup. When the system boots up the first startup file it reads is the /etc/inittab text file. This file basically tells the system what the default run level is via the line
id:2:initdefault:
This is the line in the /etc/inittab file you need to edit if you want to change the default run level. Most distros default to runlevel 3 which is not a secure thing to do for Internet servers.
Recall that any shell script that might be run at system startup are stored in the /etc/init.d directory.
All these different runlevels do is run a different set of the scripts.
These different scripts are stored in/etc/init.d directory.
When the system boots up the first startup file it reads is the /etc/inittab text file.
This file basically tells the system what the default run level is via the line
id:2:initdefault: This is the line in the /etc/inittab file you need to edit if you want to change the default run level. Most distros default to runlevel 3 which is not a secure thing to do for Internet servers.
Each runlevel also has it's own subdirectory under the /etc directory, and the subdirectory name contains the runlevel number. The naming convention for these subdirectories is:
rc2.d
with the runlevel represented as the number (in blue) above.
These runlevel subdirectories don't actually contain any scripts. Rather, they all contain symbolic links to the scripts in the /etc/init.d subdirectory.
This is so all the different runlevels can share common scripts eliminating the need to have multiple copies of the same script in multiple runlevel subdirectories. (That's why any script that could be run at startup is saved to the /etc/init.d subdirectory.) Here's a diagram of the process. Note that special single-user runlevel is always run at bootup to set up the basic system. The higher runlevel scripts are additionally run to provide the multi-user/server functionality.
There's another reason for using links in the individual runlevel subdirectories. These links use a special naming convention to indicate when they should be run and in what order they should be run. Links that have names starting with an upper-case S are called when the runlevel is entered (starting). Links that have names starting with an upper-case K are called when the runlevel is exited to Kill services. (Due to this naming convention it is more common to simply rename a symbolic link so that it begins with a dash (-) or underscore (_) rather than delete them when customizing a runlevel.)
The directories for the multi-user runlevels only contain links that start with an S. Only those run levels that deal with shutting down or restricting functionality of the system (0, 1, 6) have links that start with a K to kill services.
The numbers after the leading S or K determine the order in which the links are called, lowest number first. This is important for process dependancy reasons. For example, you wouldn't want to start up the Samba service if the networking service wasn't already running. For example:
services and processes are started via shell scripts.
All shell scripts that could possibly get executed when you boot your system are stored in the /etc/init.d sub-directory. (Note that even directories can have periods in their name.)
In order to understand the boot-up process you have to be familier with runlevels.
Linux/UNIX systems can be set to run in different modes of functionality.
They can operate in a single-user mode, such as in the case of strictly being a "workstation" (desktop PC), or they can run in multi-user mode to operate as a server.
Each runlevel is identified by a single-digit number.
The runlevels worth remembering are:
0 - shut down the system
1 - single-user mode
2 - 5 multi-user mode
6 - reboot
Recall that any shell script that might be run at system startup are stored in the /etc/init.d directory. All these different runlevels do is run a different set of the scripts stored in this directory at startup. When the system boots up the first startup file it reads is the /etc/inittab text file. This file basically tells the system what the default run level is via the line
id:2:initdefault:
This is the line in the /etc/inittab file you need to edit if you want to change the default run level. Most distros default to runlevel 3 which is not a secure thing to do for Internet servers.
Recall that any shell script that might be run at system startup are stored in the /etc/init.d directory.
All these different runlevels do is run a different set of the scripts.
These different scripts are stored in/etc/init.d directory.
When the system boots up the first startup file it reads is the /etc/inittab text file.
This file basically tells the system what the default run level is via the line
id:2:initdefault:
Each runlevel also has it's own subdirectory under the /etc directory, and the subdirectory name contains the runlevel number. The naming convention for these subdirectories is:
rc2.d
with the runlevel represented as the number (in blue) above.
These runlevel subdirectories don't actually contain any scripts. Rather, they all contain symbolic links to the scripts in the /etc/init.d subdirectory.
This is so all the different runlevels can share common scripts eliminating the need to have multiple copies of the same script in multiple runlevel subdirectories. (That's why any script that could be run at startup is saved to the /etc/init.d subdirectory.) Here's a diagram of the process. Note that special single-user runlevel is always run at bootup to set up the basic system. The higher runlevel scripts are additionally run to provide the multi-user/server functionality.
The directories for the multi-user runlevels only contain links that start with an S. Only those run levels that deal with shutting down or restricting functionality of the system (0, 1, 6) have links that start with a K to kill services.
The numbers after the leading S or K determine the order in which the links are called, lowest number first. This is important for process dependancy reasons. For example, you wouldn't want to start up the Samba service if the networking service wasn't already running. For example:
S20thisservice
S30thatservice
S40anotherservice
S80yetanother
Mounting CD/DVD-ROM
Because a DVD-ROM drive is a "removable" storage device, you may find that you can't access a DVD after inserting it. You have to manually enter a command to "mount" the DVD-ROM drive before you can access it. On my system, the DVD-ROM drive is the first drive (master) on the secondary IDE channel. As a result, the command I use to mount my DVD-ROM drive is:
mount -t iso9660 /dev/hdc /cdrom I know this looks a little cryptic at first but it's really quite simple.
Using the above mount command simply maps the DVD-ROM drive to the /cdrom directory (which was created during the installation). The directory a device gets mapped to is called the "mount point". As such, in order to access the files on the DVD-ROM once it's been mounted you just go to the mount point its been mapped to by entering
cd /cdrom
and use the ls command to view a list of the files on it. If you get an error along the lines of:
kernel does not recognize /dev/hdc
it's likely your DVD-ROM drive is connected as the slave on the primary IDE channel (i.e. it's /dev/hdb).
mount -t iso9660 /dev/hdc /mnt/cdrom
Just as you mounted the removable disk to access it, you have to unmount it when you are done. Pressing the eject button on the DVD drive won't open the tray until you do unmount the drive. For this you just use the umount and specify its mount point in the file system:
umount /mnt/cdrom
mount -t iso9660 /dev/hdc /cdrom
- mount makes a device part of the file system.
- -t iso9660 specifies the format of the file system being mounted. (The iso9660 is the standard format for data CDs (and most DVDs) but would be msdos if we were mounting a floppy drive with a DOS-formatted floppy in it.)
- /dev/hdc is the path to the DVD-ROM drive's device driver file. The c in the hdc indicates the first hard-drive on the secondary IDE channel. With SCSI hard-drives the third hard-drive would be sdc.)
- /cdrom is the directory to "map" the device to in the file system so it can be accessed. This has to be an existing directory but it can actually be any directory you want. You could use the mkdir command to create a directory called "shiny-spinning-thing" off the root of the file system and replace /cdrom with /shiny-spinning-thing in the above command if you wanted to.
Using the above mount command simply maps the DVD-ROM drive to the /cdrom directory (which was created during the installation). The directory a device gets mapped to is called the "mount point". As such, in order to access the files on the DVD-ROM once it's been mounted you just go to the mount point its been mapped to by entering
cd /cdrom
and use the ls command to view a list of the files on it. If you get an error along the lines of:
kernel does not recognize /dev/hdc
it's likely your DVD-ROM drive is connected as the slave on the primary IDE channel (i.e. it's /dev/hdb).
Note that Debian creates the /cdrom and /floppy directories off of the root of the file system during the installation. Other Linux distros and UNIX more often put them under the /mnt directory. In order to mount a DVD drive on these systems you simply change the target directory in the command:Tip: The mount command to access a DOS formatted floppy in the first floppy drive would be:
mount -t msdos /dev/fd0 /floppy
mount -t iso9660 /dev/hdc /mnt/cdrom
Just as you mounted the removable disk to access it, you have to unmount it when you are done. Pressing the eject button on the DVD drive won't open the tray until you do unmount the drive. For this you just use the umount and specify its mount point in the file system:
umount /mnt/cdrom
Linux/UNIX treats everything like a file.
- Linux/UNIX treats everything like a file.
- When it's writing to your screen it thinks it's just writing to a file.
- When it sends data through a modem it thinks it's just writing to a file.
- As a result, all your hardware, including
ports,
hard-drives,
video cards, etc.
on your system must be represented somehow somewhere in the file system.
hard-drives,
video cards, etc.
on your system must be represented somehow somewhere in the file system.
Mounting a Windows XP NTFS partition in Linux
How to access a Windows XP or Vista NTFS partition from Linux. The following tutorial explains how to gain access to a Windows NTFS partition using Linux. Reading or accessing NTFS partitions in Linux is important for many reasons. Some users repair Windows Operating environments using Linux, while others use a dual boot operating environment and would like to have access to their Windows File system.
The good news is that this is not a complicated task to accomplish. As a matter of fact, for those using a Linux version derived from Debian, (I.E. Ubuntu, Knoppix, etc…) the process can be accomplished in a matter of seconds.
How to Mount a Windows NTFS file system partition in Linux:
NOTE: In step four of the following tutorial, replace hdx1 with your actual partition found in step two. For example hda1, hdb2, sda1, etc.
- Open a terminal and type sudo su
- Type fdisk -l (note which partition contains the NTFS file system)
- Type mkdir /media/windows (This directory is where we will access the partition)
- Type mount /dev/hdx1 /media/windows/ -t ntfs -o nls=utf8,umask=0222
- Type cd /media/windows (Moves us to the windows directory)
- Type ls to list the files on the NTFS partition
Notes: Alternately, you can navigate to the media/windows directory outside of terminal to view the files.
To unmount the Windows NTFS partiton, from the terminal simply type umount /media/windows/
Linux Interview Questions For software QA Engineers
Software testing - Questions and Answers - Linix / Unix
1. Q. How do you list files in a directory?
A. ls - list directory contents
ls �l (-l use a long listing format)
2. Q. How do you list all files in a directory, including the hidden files?
A. ls -a (-a, do not hide entries starting with .)
3. Q. How do you find out all processes that are currently running?
A. ps -f (-f does full-format listing.)
4. Q. How do you find out the processes that are currently running or a particular user?
A. ps -au Myname (-u by effective user ID (supports names)) (a - all users)
5. Q. How do you kill a process?
A. kill -9 8 (process_id 8) or kill -9 %7 (job number 7)
kill -9 -1 (Kill all processes you can kill.)
killall - kill processes by name most (useful - killall java)
6. Q. What would you use to view contents of the file?
A. less filename
cat filename
pg filename
pr filename
more filename
most useful is command: tail file_name - you can see the end of the log file.
7. Q. What would you use to edit contents of the file?
A. vi screen editor or jedit, nedit or ex line editor
8. Q. What would you use to view contents of a large error log file?
A. tail -10 file_name ( last 10 rows)
9. Q. How do you log in to a remote Unix box?
A. Using telnet server_name or ssh -l ( ssh - OpenSSH SSH client (remote login program))
10.Q. How do you get help on a UNIX terminal?
A. man command_name
info command_name (more information)
11.Q. How do you list contents of a directory including all of its
subdirectories, providing full details and sorted by modification time?
A. ls -lac
-a all entries
-c by time
12.Q. How do you create a symbolic link to a file (give some reasons of doing so)?
A. ln /../file1 Link_name
Links create pointers to the actual files, without duplicating the contents of
the files. That is, a link is a way of providing another name to the same file.
There are two types of links to a file:Hard link, Symbolic (or soft) link;
13.Q. What is a filesystem?
A. Sum of all directories called file system.
A file system is the primary means of file storage in UNIX.
File systems are made of inodes and superblocks.
14.Q. How do you get its usage (a filesystem)?
A. By storing and manipulate files.
15.Q. How do you check the sizes of all users� home directories (one command)?
A. du -s
df
The du command summarizes disk usage by directory. It recurses through all subdirectories and shows disk usage by each subdirectory with a final total at the end.
Q. in current directory
A. ls -ps (p- directory; s - size)
16.Q. How do you check for processes started by user 'pat'?
A. ps -fu pat (-f -full_format u -user_name )
17.Q. How do you start a job on background?
A. bg %4 (job 4)
18 Q. What utility would you use to replace a string '2001' for '2002' in a text file?
A. Grep, Kde( works on Linux and Unix)
19. Q. What utility would you use to cut off the first column in a text file?
A. awk, kde
20. Q. How to copy file into directory?
A. cp /tmp/file_name . (dot mean in the current directory)
21. Q. How to remove directory with files?
A. rm -rf directory_name
22. Q. What is the difference between internal and external commands?
A. Internal commands are stored in the; same level as the operating system while external
commands are stored on the hard disk among the other utility programs.
23. Q. List the three main parts of an operating system command:
A. The three main parts are the command, options and arguments.
24 Q. What is the difference between an argument and an option (or switch)?
A. An argument is what the command should act on: it could be a filename,
directory or name. An option is specified when you want to request additional
information over and above the basic information each command supplies.
25. Q. What is the purpose of online help?
A. Online help provides information on each operating system command, the
syntax, the options, the arguments with descriptive information.
26. Q. Name two forms of security.
A. Two forms of security are Passwords and File Security with permissions specified.
27. Q. What command do you type to find help about the command who?
A. $ man who
28. Q. What is the difference between home directory and working directory?
A. Home directory is the directory you begin at when you log into the
system. Working directory can be anywhere on the system and it is where you are currently
working.
29. Q. Which directory is closer to the top of the file system tree, parent directory or current directory?
A. The parent directory is above the current directory, so it is closer to
the root or top of the
file system.
30. Q. Given the following pathname:
$ /business/acctg/payable/supplier/april
a) If you were in the directory called acctg, what would be the relative
pathname name for the file called april?
b) What would be the absolute pathname for april?
A.
a) $ payable/supplier/april
b) $ /business/acctg/payable/supplier/april
31. Q. Suppose your directory had the following files:
help. 1 help.2 help.3 help.4 help.O1 help.O2
aid.O1 aid.O2 aid.O3 back. 1 back.2 back.3
a) What is the command to list all files ending in 2?
b) What is the command to list all files starting in aid?
c) What is the command to list all "help" files with one character extension?
A.
a) ls *2
b) ls aid.*
c) ls help.?
32. Q. What are two subtle differences in using the more and the pg commands?
A. With the more command you display another screenful by pressing
the spacebar, with pg you press the return key.
The more command returns you automatically to the UNIX
shell when completed, while pg waits until you press return.
33. Q. When is it better to use the more command rather than cat command?
A. It is sometimes better to use the more command when you are viewing
a file that will display over one screen.
34. Q. What are two functions the move mv command can carry out?
A. The mv command moves files and can also be used to rename a file or directory.
35. Q. Name two methods you could use to rename a file.
A. Two methods that could be used:
a. use the mv command
b. copy the file and give it a new name and then remove the original file if no longer needed.
36. The soccer league consists of boy and girl teams. The boy file names begin
with B, the girl teams begin with G. All of these files are in one directory
called "soccer", which is your current directory:
Bteam.abc Bteam.OOl Bteam.OO2 Bteam.OO4
Gteam.win Gteam.OOl Gteam.OO2 Gteam.OO3
Write the commands to do the following:
a) rename the file Bteam.abc to Bteam.OO3.
b) erase the file Gteam. win after you have viewed the contents of the file
c) make a directory for the boy team files called "boys", and one for the girl team files
called" girls"
d) move all the boy teams into the "boys" directory
e) move all the girl teams into the "girls" directory
f) make a new file called Gteam.OO4 that is identical to Gteam.OOl
g) make a new file called Gteam.OO5 that is identical to Bteam.OO2
A.
a) mv Bteam.abc Bteam.OO3.
b) cat Gteam.win -or- more Gteam.win
rm Gteam. win
c) mkdir boys
mkdir girls
d) mv Bteam* boys
e) mv Gteam* girls
f) cd girls
cp Gteam.OO1 Gteam.OO4
g) There are several ways to do this. Remember that we are currently in the directory
/soccer/girls.
cp ../boys/Bteam.OO2 Gteam.OO5
or
cd ../boys
cp Bteam.OO2 ../girls/Gteam.OO5
37. Q. Draw a picture of the final directory structure for the "soccer"
directory, showing all the files and directories.
38. Q. What metacharacter is used to do the following:
1.1 Move up one level higher in the directory tree structure
1.2 Specify all the files ending in .txt
1.3 Specify one character
1.4 Redirect input from a file
1.5 Redirect the output and append it to a file
A.
1. 1.1 double-dot or ..
1.2 asterisk or *
1.3 question or ?
1.4 double greater than sign: >>
1.5 the less than sign or <
39. Q. List all the files beginning with A
A. To list all the files beginning with A command: ls A*
40. Q. Which of the quoting or escape characters allows the dollar sign ($) to retain its special meaning?
A. The double quote (") allows the dollar sign ($) to retain its special meaning.
Both the backslash (\) and single quote (') would remove the special meaning of the dollar sign.
41. Q. What is a faster way to do the same command?
mv fileO.txt newdir
mv filel.txt newdir
mv file2.txt newdir
mv file3.txt newdir
A. A shortcut method would be: mv file?.txt newdir
42. Q. List two ways to create a new file:
A.
a. Copy a file to make a new file.
b. Use the output operator e.g. ls -l > newfile.txt
43. Q. What is the difference between > and >> operators?
A. The operator > either overwrites the existing file (WITHOUT WARNING) or creates a new file.
The operator >> either adds the new contents to the end of an existing file or creates a new file.
44. Write the command to do the following:
44.1 Redirect the output from the directory listing to a printer.
44.2 Add the file efg.txt to the end of the file abc.txt.
44.3 The file testdata feeds information into the file called program
44.4 Observe the contents of the file called xyz.txt using MORE.
44.5 Observe a directory listing that is four screens long.
A.
44.1 ls > lpr
44.2 cat efg.txt >> abc.txt
44.3 program < testdata
44.4 more < xyz.txt
44.5 ls > dirsave | more
45. Q. How do you estimate file space usage
A. Use du command (Summarize disk usage of each FILE, recursively for
directories.) Good to use arguments du -hs
(-h, --human-readable print sizes in human readable format (e.g., 1K 234M 2G)
(-s, --summarize display only a total for each argument)
46. Q. How can you see all mounted drives?
A. mount -l
47. Q. How can you find a path to the file in the system?
A. locate file_name (locate - list files in databases that match a pattern)
48. Q. What Linux HotKeys do you know?
A. Ctrl-Alt-F1 Exit to command prompt
Ctrl-Alt-F7 or F8 Takes you back to KDE desktop from command prompt
Crtl-Alt-Backspace Restart XWindows
Ctrl-Alt-D Show desktop
49. Q. What can you tell about the tar Command?
A. The tar program is an immensely useful archiving utility. It can combine
an entire directory tree into one large file suitable for transferring or
compression.
50. Q. What types of files you know?
A. Files come in eight flavors:
Normal files
Directories
Hard links
Symbolic links
Sockets
Named pipes
Character devices
Block devices
51. Q. How to copy files from on PC to another on the same network
A. Use the following command:scp yur_file you_login@your_IP
example: copy .conf file from your PC to alex computer-
scp /etc/X11/xorg.conf alex@10.0.10.169:
52. Q. Please describe information below:
-rw-rw-r-- 1 dotpc dotpc 102 Jul 18 2003 file.buf
drwxr-xr-x 9 dotpc dotpc 4096 Oct 21 09:34 bin
lrwxrwxrwx 1 dotpc dotpc 20 Mar 21 15:00 client -> client-2.9.5
drwxrwxr-x 11 dotpc dotpc 4096 Sep 2 2005 client-2.8.9
drwxrwxr-x 7 dotpc dotpc 4096 Dec 14 12:13 data
drwxr-xr-x 12 dotpc dotpc 4096 Oct 21 09:41 docs
drwxr-xr-x 5 dotpc dotpc 4096 Dec 7 14:22 etc
drwxr-xr-x 11 dotpc dotpc 4096 Mar 21 15:54 client-2.9.5
-rw-r--r-- 1 dotpc dotpc 644836 Mar 22 09:53 client-2.9.5.tar.gz
A. This is a result of command $ls -l
we have two files, 6 directories and one link to client-2.9.5 directory.
There is number of files in every directory, size and data of last change.
53. Q. If you would like to run two commands in sequence what operators you can use?
A. ; or && the difference is:
if you separate commands with ; second command will be run automatically.
if you separate commands with && second command will be run only in the case
the first was run successfully.
54. Q. How you will uncompress the file?
A. Use tar command (The GNU version of the tar archiving utility):
tar -zxvf file_name.tar.gz
55. Q.How do you execute a program or script, my_script in your current directoty?
A. ./my_script
56. Q.How to find current time configuration in the file my_new.cfg
A. grep time my_new.cfg
Grep searches the named input files (or standard input if
no files are named, or the file name - is given) for lines
containing a match to the given pattern.
Q. What does grep() stand for?
A. General Regular Expression Parser.
57. Q. What does the top command display?
A. Top provides an ongoing look at processor activity in real
time. It displays a listing of the most CPU-intensive
tasks on the system, and can provide an interactive interÂ
face for manipulating processes. (q is to quit)
58. Q. How can you find configuration on linux?
A. by using /sin/ifconfig
If no arguments are given, ifconfig displays the status of the cur-
rently active interfaces. If a single interface argument is given, it displays the status of the given interface only; if a single -a argu-
ment is given, it displays the status of all interfaces, even those
that are down. Otherwise, it configures an interface.
59. Q. How to find difference in two configuration files on the same server?
A. Use diff command that is compare files line by line
diff -u /usr/home/my_project1/etc/ABC.conf /usr/home/my_project2/etc/ABC.conf
60. Q. What is the best way to see the end of a logfile.log file?
A. Use tail command - output the last part of files
tail -n file_name ( the last N lines, instead of the last 10 as default)
61. Q. Please write a loop for removing all files in the current directory that contains a word 'log'
A. for i in *log*; do rm $i; done
62. Question: How to switch to a previously used directory?
Answer: cd -
1. Q.How many VI editor modes do you know?
A.Three modes -
Command mode: letters or sequence of letters interactively command vi.
Insert mode: Text is inserted.
Command line mode: enter this mode by typing ":" and entry command line at the foot of the screen.
2. Q. How can you terminate VI session?
A.
# Use command: ZZ that is save changes and quit.
# Use command line: ":wq" that is write changes and quit.
# Use command line: ":q!" to ignore changes and quit. 3. Q. How can you copy lines into the buffer in command mode? A. yy - copy a single line defined by current cursor position 3yy - copy 3 lines. Current line and two lines below it.
1. Q. How do you list files in a directory?
A. ls - list directory contents
ls �l (-l use a long listing format)
2. Q. How do you list all files in a directory, including the hidden files?
A. ls -a (-a, do not hide entries starting with .)
3. Q. How do you find out all processes that are currently running?
A. ps -f (-f does full-format listing.)
4. Q. How do you find out the processes that are currently running or a particular user?
A. ps -au Myname (-u by effective user ID (supports names)) (a - all users)
5. Q. How do you kill a process?
A. kill -9 8 (process_id 8) or kill -9 %7 (job number 7)
kill -9 -1 (Kill all processes you can kill.)
killall - kill processes by name most (useful - killall java)
6. Q. What would you use to view contents of the file?
A. less filename
cat filename
pg filename
pr filename
more filename
most useful is command: tail file_name - you can see the end of the log file.
7. Q. What would you use to edit contents of the file?
A. vi screen editor or jedit, nedit or ex line editor
8. Q. What would you use to view contents of a large error log file?
A. tail -10 file_name ( last 10 rows)
9. Q. How do you log in to a remote Unix box?
A. Using telnet server_name or ssh -l ( ssh - OpenSSH SSH client (remote login program))
10.Q. How do you get help on a UNIX terminal?
A. man command_name
info command_name (more information)
11.Q. How do you list contents of a directory including all of its
subdirectories, providing full details and sorted by modification time?
A. ls -lac
-a all entries
-c by time
12.Q. How do you create a symbolic link to a file (give some reasons of doing so)?
A. ln /../file1 Link_name
Links create pointers to the actual files, without duplicating the contents of
the files. That is, a link is a way of providing another name to the same file.
There are two types of links to a file:Hard link, Symbolic (or soft) link;
13.Q. What is a filesystem?
A. Sum of all directories called file system.
A file system is the primary means of file storage in UNIX.
File systems are made of inodes and superblocks.
14.Q. How do you get its usage (a filesystem)?
A. By storing and manipulate files.
15.Q. How do you check the sizes of all users� home directories (one command)?
A. du -s
df
The du command summarizes disk usage by directory. It recurses through all subdirectories and shows disk usage by each subdirectory with a final total at the end.
Q. in current directory
A. ls -ps (p- directory; s - size)
16.Q. How do you check for processes started by user 'pat'?
A. ps -fu pat (-f -full_format u -user_name )
17.Q. How do you start a job on background?
A. bg %4 (job 4)
18 Q. What utility would you use to replace a string '2001' for '2002' in a text file?
A. Grep, Kde( works on Linux and Unix)
19. Q. What utility would you use to cut off the first column in a text file?
A. awk, kde
20. Q. How to copy file into directory?
A. cp /tmp/file_name . (dot mean in the current directory)
21. Q. How to remove directory with files?
A. rm -rf directory_name
22. Q. What is the difference between internal and external commands?
A. Internal commands are stored in the; same level as the operating system while external
commands are stored on the hard disk among the other utility programs.
23. Q. List the three main parts of an operating system command:
A. The three main parts are the command, options and arguments.
24 Q. What is the difference between an argument and an option (or switch)?
A. An argument is what the command should act on: it could be a filename,
directory or name. An option is specified when you want to request additional
information over and above the basic information each command supplies.
25. Q. What is the purpose of online help?
A. Online help provides information on each operating system command, the
syntax, the options, the arguments with descriptive information.
26. Q. Name two forms of security.
A. Two forms of security are Passwords and File Security with permissions specified.
27. Q. What command do you type to find help about the command who?
A. $ man who
28. Q. What is the difference between home directory and working directory?
A. Home directory is the directory you begin at when you log into the
system. Working directory can be anywhere on the system and it is where you are currently
working.
29. Q. Which directory is closer to the top of the file system tree, parent directory or current directory?
A. The parent directory is above the current directory, so it is closer to
the root or top of the
file system.
30. Q. Given the following pathname:
$ /business/acctg/payable/supplier/april
a) If you were in the directory called acctg, what would be the relative
pathname name for the file called april?
b) What would be the absolute pathname for april?
A.
a) $ payable/supplier/april
b) $ /business/acctg/payable/supplier/april
31. Q. Suppose your directory had the following files:
help. 1 help.2 help.3 help.4 help.O1 help.O2
aid.O1 aid.O2 aid.O3 back. 1 back.2 back.3
a) What is the command to list all files ending in 2?
b) What is the command to list all files starting in aid?
c) What is the command to list all "help" files with one character extension?
A.
a) ls *2
b) ls aid.*
c) ls help.?
32. Q. What are two subtle differences in using the more and the pg commands?
A. With the more command you display another screenful by pressing
the spacebar, with pg you press the return key.
The more command returns you automatically to the UNIX
shell when completed, while pg waits until you press return.
33. Q. When is it better to use the more command rather than cat command?
A. It is sometimes better to use the more command when you are viewing
a file that will display over one screen.
34. Q. What are two functions the move mv command can carry out?
A. The mv command moves files and can also be used to rename a file or directory.
35. Q. Name two methods you could use to rename a file.
A. Two methods that could be used:
a. use the mv command
b. copy the file and give it a new name and then remove the original file if no longer needed.
36. The soccer league consists of boy and girl teams. The boy file names begin
with B, the girl teams begin with G. All of these files are in one directory
called "soccer", which is your current directory:
Bteam.abc Bteam.OOl Bteam.OO2 Bteam.OO4
Gteam.win Gteam.OOl Gteam.OO2 Gteam.OO3
Write the commands to do the following:
a) rename the file Bteam.abc to Bteam.OO3.
b) erase the file Gteam. win after you have viewed the contents of the file
c) make a directory for the boy team files called "boys", and one for the girl team files
called" girls"
d) move all the boy teams into the "boys" directory
e) move all the girl teams into the "girls" directory
f) make a new file called Gteam.OO4 that is identical to Gteam.OOl
g) make a new file called Gteam.OO5 that is identical to Bteam.OO2
A.
a) mv Bteam.abc Bteam.OO3.
b) cat Gteam.win -or- more Gteam.win
rm Gteam. win
c) mkdir boys
mkdir girls
d) mv Bteam* boys
e) mv Gteam* girls
f) cd girls
cp Gteam.OO1 Gteam.OO4
g) There are several ways to do this. Remember that we are currently in the directory
/soccer/girls.
cp ../boys/Bteam.OO2 Gteam.OO5
or
cd ../boys
cp Bteam.OO2 ../girls/Gteam.OO5
37. Q. Draw a picture of the final directory structure for the "soccer"
directory, showing all the files and directories.
38. Q. What metacharacter is used to do the following:
1.1 Move up one level higher in the directory tree structure
1.2 Specify all the files ending in .txt
1.3 Specify one character
1.4 Redirect input from a file
1.5 Redirect the output and append it to a file
A.
1. 1.1 double-dot or ..
1.2 asterisk or *
1.3 question or ?
1.4 double greater than sign: >>
1.5 the less than sign or <
39. Q. List all the files beginning with A
A. To list all the files beginning with A command: ls A*
40. Q. Which of the quoting or escape characters allows the dollar sign ($) to retain its special meaning?
A. The double quote (") allows the dollar sign ($) to retain its special meaning.
Both the backslash (\) and single quote (') would remove the special meaning of the dollar sign.
41. Q. What is a faster way to do the same command?
mv fileO.txt newdir
mv filel.txt newdir
mv file2.txt newdir
mv file3.txt newdir
A. A shortcut method would be: mv file?.txt newdir
42. Q. List two ways to create a new file:
A.
a. Copy a file to make a new file.
b. Use the output operator e.g. ls -l > newfile.txt
43. Q. What is the difference between > and >> operators?
A. The operator > either overwrites the existing file (WITHOUT WARNING) or creates a new file.
The operator >> either adds the new contents to the end of an existing file or creates a new file.
44. Write the command to do the following:
44.1 Redirect the output from the directory listing to a printer.
44.2 Add the file efg.txt to the end of the file abc.txt.
44.3 The file testdata feeds information into the file called program
44.4 Observe the contents of the file called xyz.txt using MORE.
44.5 Observe a directory listing that is four screens long.
A.
44.1 ls > lpr
44.2 cat efg.txt >> abc.txt
44.3 program < testdata
44.4 more < xyz.txt
44.5 ls > dirsave | more
45. Q. How do you estimate file space usage
A. Use du command (Summarize disk usage of each FILE, recursively for
directories.) Good to use arguments du -hs
(-h, --human-readable print sizes in human readable format (e.g., 1K 234M 2G)
(-s, --summarize display only a total for each argument)
46. Q. How can you see all mounted drives?
A. mount -l
47. Q. How can you find a path to the file in the system?
A. locate file_name (locate - list files in databases that match a pattern)
48. Q. What Linux HotKeys do you know?
A. Ctrl-Alt-F1 Exit to command prompt
Ctrl-Alt-F7 or F8 Takes you back to KDE desktop from command prompt
Crtl-Alt-Backspace Restart XWindows
Ctrl-Alt-D Show desktop
49. Q. What can you tell about the tar Command?
A. The tar program is an immensely useful archiving utility. It can combine
an entire directory tree into one large file suitable for transferring or
compression.
50. Q. What types of files you know?
A. Files come in eight flavors:
Normal files
Directories
Hard links
Symbolic links
Sockets
Named pipes
Character devices
Block devices
51. Q. How to copy files from on PC to another on the same network
A. Use the following command:scp yur_file you_login@your_IP
example: copy .conf file from your PC to alex computer-
scp /etc/X11/xorg.conf alex@10.0.10.169:
52. Q. Please describe information below:
-rw-rw-r-- 1 dotpc dotpc 102 Jul 18 2003 file.buf
drwxr-xr-x 9 dotpc dotpc 4096 Oct 21 09:34 bin
lrwxrwxrwx 1 dotpc dotpc 20 Mar 21 15:00 client -> client-2.9.5
drwxrwxr-x 11 dotpc dotpc 4096 Sep 2 2005 client-2.8.9
drwxrwxr-x 7 dotpc dotpc 4096 Dec 14 12:13 data
drwxr-xr-x 12 dotpc dotpc 4096 Oct 21 09:41 docs
drwxr-xr-x 5 dotpc dotpc 4096 Dec 7 14:22 etc
drwxr-xr-x 11 dotpc dotpc 4096 Mar 21 15:54 client-2.9.5
-rw-r--r-- 1 dotpc dotpc 644836 Mar 22 09:53 client-2.9.5.tar.gz
A. This is a result of command $ls -l
we have two files, 6 directories and one link to client-2.9.5 directory.
There is number of files in every directory, size and data of last change.
53. Q. If you would like to run two commands in sequence what operators you can use?
A. ; or && the difference is:
if you separate commands with ; second command will be run automatically.
if you separate commands with && second command will be run only in the case
the first was run successfully.
54. Q. How you will uncompress the file?
A. Use tar command (The GNU version of the tar archiving utility):
tar -zxvf file_name.tar.gz
55. Q.How do you execute a program or script, my_script in your current directoty?
A. ./my_script
56. Q.How to find current time configuration in the file my_new.cfg
A. grep time my_new.cfg
Grep searches the named input files (or standard input if
no files are named, or the file name - is given) for lines
containing a match to the given pattern.
Q. What does grep() stand for?
A. General Regular Expression Parser.
57. Q. What does the top command display?
A. Top provides an ongoing look at processor activity in real
time. It displays a listing of the most CPU-intensive
tasks on the system, and can provide an interactive interÂ
face for manipulating processes. (q is to quit)
58. Q. How can you find configuration on linux?
A. by using /sin/ifconfig
If no arguments are given, ifconfig displays the status of the cur-
rently active interfaces. If a single interface argument is given, it displays the status of the given interface only; if a single -a argu-
ment is given, it displays the status of all interfaces, even those
that are down. Otherwise, it configures an interface.
59. Q. How to find difference in two configuration files on the same server?
A. Use diff command that is compare files line by line
diff -u /usr/home/my_project1/etc/ABC.conf /usr/home/my_project2/etc/ABC.conf
60. Q. What is the best way to see the end of a logfile.log file?
A. Use tail command - output the last part of files
tail -n file_name ( the last N lines, instead of the last 10 as default)
61. Q. Please write a loop for removing all files in the current directory that contains a word 'log'
A. for i in *log*; do rm $i; done
62. Question: How to switch to a previously used directory?
Answer: cd -
1. Q.How many VI editor modes do you know?
A.Three modes -
Command mode: letters or sequence of letters interactively command vi.
Insert mode: Text is inserted.
Command line mode: enter this mode by typing ":" and entry command line at the foot of the screen.
2. Q. How can you terminate VI session?
A.
# Use command: ZZ that is save changes and quit.
# Use command line: ":wq" that is write changes and quit.
# Use command line: ":q!" to ignore changes and quit. 3. Q. How can you copy lines into the buffer in command mode? A. yy - copy a single line defined by current cursor position 3yy - copy 3 lines. Current line and two lines below it.
Linux admin interview questions
1. How do you take a single line of input from the user in a shell script?
2. Write a script to convert all DOS style backslashes to UNIX style slashes in a list of files.
3. Write a regular expression (or sed script) to replace all occurrences of the letter ‘f’, followed by any number of characters, followed by the letter ‘a’, followed by one or more numeric characters, followed by the letter ‘n’, and replace what’s found with the string “UNIX”.
4. Write a script to list all the differences between two directories.
5. Write a program in any language you choose, to reverse a file.
6. What are the fields of the password file?
7. What does a plus at the beginning of a line in the password file signify?
8. Using the man pages, find the correct ioctl to send console output to an arbitrary pty.
9. What is an MX record?
10. What is the prom command on a Sun that shows the SCSI devices?
11. What is the factory default SCSI target for /dev/sd0?
12. Where is that value controlled?
13. What happens to a child process that dies and has no parent process to wait for it and what’s bad about this?
14. What’s wrong with sendmail? What would you fix?
15. What command do you run to check file system consistency?
16. What’s wrong with running shutdown on a network?
17. What can be wrong with setuid scripts?
18. What value does spawn return?
19. Write a script to send mail from three other machines on the network to root at the machine you’re on. Use a ‘here doc’, but include in the mail message the name of the machine the mail is sent from and the disk utilization statistics on each machine?
20. Why can’t root just cd to someone’s home directory and run a program called a.out sitting there by typing “a.out”, and why is this good?
21. What is the difference between UDP and TCP?
22. What is DNS?
23. What does nslookup do?
24. How do you create a swapfile?
25. How would you check the route table on a workstation/server?
26. How do you find which ypmaster you are bound to?
27. How do you fix a problem where a printer will cutoff anything over 1MB?
28. What is the largest file system size in solaris? SunOS?
29. What are the different RAID levels?
30. Advantages/disadvantages of script vs compiled program.
31. Name a replacement for PHP/Perl/MySQL/Linux/Apache and show main differences.
32. Why have you choosen such a combination of products?
33. Differences between two last MySQL versions. Which one would you choose and when/why?
34. Main differences between Apache 1.x and 2.x. Why is 2.x not so popular? Which one would you choose and when/why?
35. Which Linux distros do you have experience with?
36. Which distro you prefer? Why?
37. Which tool would you use to update Debian / Slackware / RedHat / Mandrake / SuSE ?
38. You’re asked to write an Apache module. What would you do?
39. Which tool do you prefer for Apache log reports?
40. Your portfolio. (even a PHP guest book may work well)
41. What does ‘route’ command do?
42. Differences between ipchains and iptables.
43. What’s eth0, ppp0, wlan0, ttyS0, etc.
44. What are different directories in / for?
45. Partitioning scheme for new webserver. Why?
Unix/Linux administration interview questions
What is LILO?
LILO stands for Linux boot loader. It will load the MBR, master boot record, into the memory, and tell the system which partition and hard drive to boot from.
What is the main advantage of creating links to a file instead of copies of the file?
A: The main advantage is not really that it saves disk space (though it does that too) but, rather, that a change of permissions on the file is applied to all the link access points. The link will show permissions of lrwxrwxrwx but that is for the link itself and not the access to the file to which the link points. Thus if you want to change the permissions for a command, such as su, you only have to do it on the original. With copies you have to find all of the copies and change permission on each of the copies.
Write a command to find all of the files which have been accessed within the last 30 days.
find / -type f -atime -30 > December.files
This command will find all the files under root, which is ‘/’, with file type is file. ‘-atime -30′ will give all the files accessed less than 30 days ago. And the output will put into a file call December.files.
What is the most graceful way to get to run level single user mode?
A: The most graceful way is to use the command init s.
If you want to shut everything down before going to single user mode then do init 0 first and from the ok prompt do a boot -s.
What does the following command line produce? Explain each aspect of this line.
$ (date ; ps -ef | awk ‘{print $1}’ | sort | uniq | wc -l ) >> Activity.log
A: First let’s dissect the line: The date gives the date and time as the first command of the line, this is followed by the a list of all running processes in long form with UIDs listed first, this is the ps -ef. These are fed into the awk which filters out all but the UIDs; these UIDs are piped into sort for no discernible reason and then onto uniq (now we see the reason for the sort - uniq only works on sorted data - if the list is A, B, A, then A, B, A will be the output of uniq, but if it’s A, A, B then A, B is the output) which produces only one copy of each UID.
These UIDs are fed into wc -l which counts the lines - in this case the number of distinct UIDs running processes on the system. Finally the results of these two commands, the date and the wc -l, are appended to the file “Activity.log”. Now to answer the question as to what this command line produces. This writes the date and time into the file Activity.log together with the number of distinct users who have processes running on the system at that time. If the file already exists, then these items are appended to the file, otherwise the file is created.
2. Write a script to convert all DOS style backslashes to UNIX style slashes in a list of files.
3. Write a regular expression (or sed script) to replace all occurrences of the letter ‘f’, followed by any number of characters, followed by the letter ‘a’, followed by one or more numeric characters, followed by the letter ‘n’, and replace what’s found with the string “UNIX”.
4. Write a script to list all the differences between two directories.
5. Write a program in any language you choose, to reverse a file.
6. What are the fields of the password file?
7. What does a plus at the beginning of a line in the password file signify?
8. Using the man pages, find the correct ioctl to send console output to an arbitrary pty.
9. What is an MX record?
10. What is the prom command on a Sun that shows the SCSI devices?
11. What is the factory default SCSI target for /dev/sd0?
12. Where is that value controlled?
13. What happens to a child process that dies and has no parent process to wait for it and what’s bad about this?
14. What’s wrong with sendmail? What would you fix?
15. What command do you run to check file system consistency?
16. What’s wrong with running shutdown on a network?
17. What can be wrong with setuid scripts?
18. What value does spawn return?
19. Write a script to send mail from three other machines on the network to root at the machine you’re on. Use a ‘here doc’, but include in the mail message the name of the machine the mail is sent from and the disk utilization statistics on each machine?
20. Why can’t root just cd to someone’s home directory and run a program called a.out sitting there by typing “a.out”, and why is this good?
21. What is the difference between UDP and TCP?
22. What is DNS?
23. What does nslookup do?
24. How do you create a swapfile?
25. How would you check the route table on a workstation/server?
26. How do you find which ypmaster you are bound to?
27. How do you fix a problem where a printer will cutoff anything over 1MB?
28. What is the largest file system size in solaris? SunOS?
29. What are the different RAID levels?
30. Advantages/disadvantages of script vs compiled program.
31. Name a replacement for PHP/Perl/MySQL/Linux/Apache and show main differences.
32. Why have you choosen such a combination of products?
33. Differences between two last MySQL versions. Which one would you choose and when/why?
34. Main differences between Apache 1.x and 2.x. Why is 2.x not so popular? Which one would you choose and when/why?
35. Which Linux distros do you have experience with?
36. Which distro you prefer? Why?
37. Which tool would you use to update Debian / Slackware / RedHat / Mandrake / SuSE ?
38. You’re asked to write an Apache module. What would you do?
39. Which tool do you prefer for Apache log reports?
40. Your portfolio. (even a PHP guest book may work well)
41. What does ‘route’ command do?
42. Differences between ipchains and iptables.
43. What’s eth0, ppp0, wlan0, ttyS0, etc.
44. What are different directories in / for?
45. Partitioning scheme for new webserver. Why?
Unix/Linux administration interview questions
What is LILO?
LILO stands for Linux boot loader. It will load the MBR, master boot record, into the memory, and tell the system which partition and hard drive to boot from.
What is the main advantage of creating links to a file instead of copies of the file?
A: The main advantage is not really that it saves disk space (though it does that too) but, rather, that a change of permissions on the file is applied to all the link access points. The link will show permissions of lrwxrwxrwx but that is for the link itself and not the access to the file to which the link points. Thus if you want to change the permissions for a command, such as su, you only have to do it on the original. With copies you have to find all of the copies and change permission on each of the copies.
Write a command to find all of the files which have been accessed within the last 30 days.
find / -type f -atime -30 > December.files
This command will find all the files under root, which is ‘/’, with file type is file. ‘-atime -30′ will give all the files accessed less than 30 days ago. And the output will put into a file call December.files.
What is the most graceful way to get to run level single user mode?
A: The most graceful way is to use the command init s.
If you want to shut everything down before going to single user mode then do init 0 first and from the ok prompt do a boot -s.
What does the following command line produce? Explain each aspect of this line.
$ (date ; ps -ef | awk ‘{print $1}’ | sort | uniq | wc -l ) >> Activity.log
A: First let’s dissect the line: The date gives the date and time as the first command of the line, this is followed by the a list of all running processes in long form with UIDs listed first, this is the ps -ef. These are fed into the awk which filters out all but the UIDs; these UIDs are piped into sort for no discernible reason and then onto uniq (now we see the reason for the sort - uniq only works on sorted data - if the list is A, B, A, then A, B, A will be the output of uniq, but if it’s A, A, B then A, B is the output) which produces only one copy of each UID.
These UIDs are fed into wc -l which counts the lines - in this case the number of distinct UIDs running processes on the system. Finally the results of these two commands, the date and the wc -l, are appended to the file “Activity.log”. Now to answer the question as to what this command line produces. This writes the date and time into the file Activity.log together with the number of distinct users who have processes running on the system at that time. If the file already exists, then these items are appended to the file, otherwise the file is created.
Subscribe to:
Posts (Atom)