Chapter-9.pdf

Full Transcript

LINUX ESSENTIALS (010-160): A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... management is an area of Linux that varies between distros, but there are a few principles in common amongst all flavors. First, every package is created as a single file. Linux package Windows installers, are not programs. files, unlike Each of these individual packages rely on other programs to do the work of installing the software into a Linux system. These installation programs are commonly referred to as package management systems or package managers. Each information. package This also contains information dependency indicates Q package manager can determine which version of each An Overview of Package Management Package = to the packaging software what other packages or individual files must be installed for the package to properly install and to ensure that the resulting program will operate correctly. To help with this installation process, each package is the most up to date. Unlike some operating systems, we can install Linux on multiple different types of architectures that have different processor instruction software into processes sets, which for the hardware converts to execute. Due to this, each package must contain the architecture information to identify which CPU type the package is intended to be installed on. This is normally either i386 (for Intel processors) or AMD (for AMD processors), but other variants like RISC and ARM can also be found in some cases. Each piece of software being installed is compiled into a binary package (or executable package) using one of those specific processor instruction sets, and, therefore, they cannot be installed on a system with a different processor. package also contains version information so that the Page 120 of 208 « 59% Ba Qh LINUX ESSENTIALS (010-160): A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... The package management system maintains a = Q Ba format of the package files they use. An RPM package database of information about all the installed packages cannot be installed on a Debian-based system, and vice on a given system. This information includes the names versa. and version numbers as distro on another is a bit risky even when they use the well as the locations of all the files installed from each same package type because a non-native package may package. This information enables the package software have dependencies that conflict with the needs of native to uninstall software quickly, establish whether a new packages within a given system. of all the installed packages, In fact, installing When package’s dependencies have been met, and determine package a package managers intended were first for one created, all whether a package that a user is trying to install has package management systems worked locally on a given already been installed and, if so, whether the installed system. To install a package, a user would have to first version is older than the one being installed. download a package file from the package creator’s site or from some other internet-based resource. After it’s Package Management Systems There are two most common systems downloaded, we could install the package with a local package management in use in Linux today are RPM and Debian. command. This approach is tedious when a package has numerous dependencies. If we These systems differ in various technical details, in the commands used to manage their packages, and in the unmet Page 121 of 208 « 60% attempted dependencies, an installation the user would and then have found to search Qh LINUX ESSENTIALS (010-160): out and download A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... several more packages. Then, after finding that one or more of those packages also has In modern Linux systems, steps to installing a new are piece of software. a program. B&B five basic First, we issue time all these dependency packages have been tracked package management software locates all the program’s down dependencies a user may have had to install a to install Q unmet dependencies, the cycle goes on and on. By the and installed, a command there = Second, the and notified the user of any additional few dozen additional packages just to install the one software that they must install. Third, the user issues program they wanted to use. an approval for the package manager to download and Thankfully provide These us, most network-enabled laborious rely for on process. what is repositories modern tools to help automate These package as software provide a central managers install all the dependencies on their behalf. Fourth, the this software downloads all the necessary dependencies and tools installs them. Finally, the package manager installs the repositories. program and returns control of the system back to the management known from which the package distributions collection point user. can automatically Upgrading software works in a similar way, although download packages and their dependencies. In practice, upgrades managing software in Linux now simply requires using of dependencies. Many distributions will automatically text-mode or GUI tools to interface with a centralized check with their repositories software repository for any distribution. notify system users when updates are available. By doing Page 122 of 208 « 60% are less likely to require downloading a from time to time lot and Aa LINUX ESSENTIALS (010-160): QO Kindle Library A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... Removing software, unlike installing or upgrading, can be done entirely locally by the package management software. This is because the package management software continually keeps track of all installed packages and their dependencies, so they can be removed when requested by the user. The user should run the package management software as a root user or by using the sudo command. This is because the software needs fully install all the dependencies configuration system, files, as the package needed. root access and modify When management to system updating the will automatically prompt the user to enter the root password when the system software requires it. Using RPM and d k es DEB Packag ae ee Q [— Scan QR code to watch a video for this topic so, the system is kept up to date by simply clicking a few buttons when the user is prompted to do so. =: As previously mentioned, RPM and Debian package management systems are two of the most commonly utilized package management distributions. Ubuntu is a Debian-based so it uses the Debian-based apt or Advanced package manager. (Yellowdog called DNF package Updater, the RedHat Linux distribution, manager Packaging Tool. CentOS, other distributions under RPM systems in some called Fedora, and family use the In CentOS, this is called YUM Modified) while, in Fedora, it is or Dandified YUM: a fork and improvement of YUM. To work with the package manager DNF, first we must update the package list. Typing "dnf check-update" on a Fedora terminal tells DNF to check the repository and get a list of the latest version of all the programs that can be installed. It will then produce the list of Page 122 of 208 « 61% Aa LN QO Kindle Library LINUX ESSENTIALS (010-160): A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... =: Q ££ the latest available versions. Then, "sudo dnf upgrade" type "sudo dnf install package", replacing package with checks if there are any programs in the system that need the package updates. The command is run as root since there might dependencies and additional software that need to be be system-installed programs that can only be updated installed needing root privileges. To remove with root privileges. As DNF finds new versions of the type "sudo dnf erase package-name", replacing ‘package- programs to install, it will ask the user if the programs name’ with the package name. In this uninstallation, will indeed be updated. To search for a program to be we again use sudo since there may be dependencies and installed in the system, typing "dnf search keyword", and software to be removed that needs root access. replacing ‘keyword’ with the keyword for the program, Ubuntu, name. being We use sudo Debian-based, since there may uses the be software,.deb file searches the repository for programs that contain that package format. To update the package list, type "sudo word. For example, typing "dnf search virtualbox" will apt update". If there are new versions of the software search the package list for programs that have the word installed in Ubuntu, virtualbox in them. All the packages with the searched update programs to the latest version available in the keyword will be listed on screen. The files listed on the repositories. Sometimes, screen come in.rpm file package format. To look into the will advise on programs that may be too old, just sitting details of a package, type "dnf info filename", replacing in the system and not being used as a dependency by filename with the package’s name. To install a package, any other program, or aren't used at all. To save space Page 123 of 208 « 61% typing when "sudo apt upgrade" doing an upgrade, will apt Aa LN LINUX ESSENTIALS (010-160): QO Kindle Library A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... currently typing "sudo apt autoremove". To search for a package updates in apt, type "apt search package managers can also be easily accessed from the replacing to newer the words in the bracket with a keyword relating to the terminal program to be installed. To view the details of a package, may not have a GUI. type "apt show [file name]". shown the include package version, etc. To install install package-name", a package, replacing type priority, “sudo ‘package-name apt with such as servers, that Previously, we discussed that the Linux kernel is at the core of a Linux memory, provides installation. The kernel manages software with a way to access the package, type "sudo apt remove package-name". software, and performs other critical low-level tasks. like DNF The boot process loads the kernel early on, and it is the and apt is that they automatically install other software, kernel that is responsible for managing every other piece called dependencies, of software code that is running on a Linux computer. by the package currently being installed. They keep track of packages in the distribution's repository, as well LN These hard disk, assigns CPU time to portions of a piece of that are needed Aa for easy the package name. To uninstall that package or any other The good thing about package managers [— Process Hierarchy section, origin, maintainer, URL to the bug reports and resolution, allowing and uninstallation. especially for systems, Information that will be name, versions system, Q and keep the system secure, these can be uninstalled by [package keyword]" installed in the =: One of the many ways that the kernel imposes as packages Page 124 of 208 « 62% order Q) LINUX ESSENTIALS (010-160): QO Kindle Library A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... =: Q on the potentially chaotic set of running software is to when illustrated, is often depicted like an upside-down create a hierarchy. tree. As shown in the figure below, there are a small it boots, the kernel runs just one program, subset of the many processes that run on a typical Linux normally /sbin/init. The init process is then responsible installation. This image only displays a few processes for starting associated with a text-mode login, including the login When must all the other basic programs run, such as the programs that Linux that manage logins tool that manages logins, a couple of daemons, and a and always-on servers and services. These programs, if few user programs. A working Linux system will likely launched have dozens or hundreds of running processes, as shown directly by init, are known as its children. Init’s children can in turn launch their own children. For example, when you log into a Linux system, a child here: init—-NetworkManager—[-h process is launched to support that function. Therefore, anytime a process is launched, it is considered a child. The process which launched a given process is then called its parent. This parent-child relationship creates a natural hierarchy for all the running processes on a given system. This results in a tree-like hierarchy of processes that, client 2*[ {NetworkManager}] Lacpid |-anacron—sh—run-parts—apt—sleep }-atd f}-avahi -daemon—avahi -daemon [-bonobo-activati—2*[{bonobo-activat}] [-clock- applet—{clock-applet} |-console-kit-dae—64*| {console-kit-da}] L-cron }-cupsd }-2* [dbus -daemon] - Launch [dbu s L-gconfd-2 |-gdm-binary——gdm-simple-slav——Xorg dm-session-wor—-gnome-session——applet.py bluetooth-apple—2*|{bluetooth-appl}] du-notificatio nome -panel—{gnome-panel} nome - power -man—{gnome-power-ma} etacity—2*| {metacity}] nautilus—2*|{nautilus}] nn-applet—2*| {nm-applet}] polkit -gnome-au-—{polkit-gnome-a} ssh-agent zeitgeist -datah—{zeitgeist-data} 2*[{gnome-session}] {gdm-session-wo} {gdm-simple-sla} U{gdm-binary} Page 125 of 208 « 63% [— Aa LN LINUX ESSENTIALS (010-160): QO Kindle Library A TIME COMPRESSED Identifying Running Processes Every process has a process ID or PID number PID for the init process is normally 1. Each process also has a parent process ID or PPID number, which points to its parent. Many of the tools for managing processes rely on these numbers, and particularly on the PID number to identify the running process. managing processes, it is important to identify them. To do so, we use the ps and top command line utilities. With both tools, we can search for processes in various ways, such as by their name or by the resource that they utilize. One of the most common reasons for identifying a process is to know how much memory it is consuming, which can be done with the free command. The =: Q [— Aa LN which produces a process listing. Given the large number associated with it. These numbers begin with 1, so the Before RESOURCE TO PASSING THE LPI® LINUX... simplest tool for identifying processes is ps, of ps options, most users have their own favorite way of using the program. For example, typing ps ax is my favorite since it usually produces the information I need, such as the PID values, command the command-line options for names, all processes on and the computer. If you slightly alter the command by adding au, as in ps aux, this will add usernames, CPU loads, and a few other details to the output produced by the ps command. The sheer scope of the information produced, however, can be overwhelming. One way to narrow this scope is to pipe the outputted results through the grep command, which eliminates lines that don’t include specified search criterion. For example, number if you for wanted the command like this: Page 126 of 208 « 63% gedit to only process, determine you might the PID run the Q) LINUX ESSENTIALS (010-160): A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... = Q ££ CPU or memory intensive processes quickly, or if there $ ps ax | grep gedit is a need to study how resource use varies over time, 27950 pts/8 S+ 0:00 grep—colour=auto gedit the top utility is a more appropriate tool. This utility is wae 27946 pts/8 S1 0:00 gedit wae.. le essentially an interactive version of the ps utility. This example reveals that gedit has a PID value of By default, top sorts its entries by CPU use, and 27946. This is usually the most important information when using ps, since the PID value can be used to it updates the display every few seconds. In order to determine if an application is behaving properly on a change a process’s priority or terminate it. If you need to terminate a process, you can do so using the kill system, it is important to become familiar with the purposes and normal habits of the programs running on command. the system. This allows you to create a mental baseline Although ps can return process priority and CPU use information, the program’s output is usually sorted by of what normal function looks like on a given system. Because each program has different legitimate needs in the PID number. Also, it is important to remember that terms of processing and memory usage, it is impossible the ps command to give only provides information at only a a simple rule for judging when a process is single moment in time, much like a snapshot. So, if you run the ps command right now and then run it again consuming too many resources, but if you have a good baseline from which to begin your comparison, this can in 3 minutes, you will get different results. To locate become much easier. Page 127 of 208 « 63% Aa W LINUX ESSENTIALS (010-160): A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... One of the pieces of information provided by top are consuming the most processing = resources. Q top is running, there are several single-letter commands for CPU time by applications. The load average can be can be entered, some of which prompt for additional useful fpr detecting runaway or malicious processes. For information. For example, if the user presses the instance, within top sorts processes by memory normally has a load average of 0.5 but suddenly gets stuck at a load average of 2.5, more it is possible that a few CPU-hogging commands, have hung or become unresponsive. sometimes needlessly consume processes Hung may processes M key use. To learn about the top utility and all these single-letter please consult the man page for the top utility. time. Ifthe top utility is currently being sorted by memory Therefore, you should use top to locate these processes usage, it is quite easy to identify the processes that are and, if necessary, stop (or kill) them. consuming the most memory. a lot of CPU memory simply because it is at the top of the list as some Processes consume important system resources like processor time utility allows and system memory. As with CPU time, we cannot determine that a process is consuming too much Measuring Memory Usage Using the user to sort the processes the programs legitimately consume a great deal of memory. For example, a simple text editor like gedit should top by CPU time by default to quickly identify the processes that Qh When is the load average, which is a measure of the demand if a system Ba consumed program Page 128 of 208 « 64% much like less memory gimp since than gedit a photo manipulates editing much Q) LINUX ESSENTIALS (010-160): QO Kindle Library A TIME COMPRESSED smaller files. But, if the same program usually requires RESOURCE TO PASSING THE LPI® LINUX... =: Q can still be done. To study the computer’s overall memory use, the free only a few megabytes of memory, and today it is using a gigabyte of memory, this is something that we should command further report on the computer’s total memory status. The two investigate investigated as abnormal activity and a possible indication of a runaway process. is a useful utility. This program generates a most important lines within the resulting display of the Sometimes a program consumes too much memory, command are the Mem: and the Swap: lines. of a The Mem: line reveals the total RAM statistics. This of software includes the computer’s total memory minus whatever bug in which the program requests memory from the is used by the motherboard and kernel, the amount of kernel and then fails to return it when it is done using memory used, and the amount of free memory. Most the memory. A program with a memory leak consumes of the computer’s memory being used is a normal state increasing amounts of memory, sometimes to the point since where as buffers either because of inefficient memory A memory leak. it interferes with coding or because leak is a type other programs. As a short- Linux puts otherwise unused memory and caches to help increase the to use speed for term solution, the user can terminate the program and accessing information from the hard disk. Therefore, the launch it again, which will reset the program’s memory Mem: line isn’t the most useful by itself, but instead consumption. The problem will likely reoccur, but if the needs to be along memory leak is small enough, then at least useful work Page 129 of 208 « 65% considered with the -/+ buffers/ [— Aa LN LINUX ESSENTIALS (010-160): A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... = Q cache: line that shows the total memory used by all the terminating some memory-hogging programs can help computer’s programs. speed up your system. Also, memory leaks can lead to The Swap: line reveals how much swap space Linux is using. Swap space is disk space that is set aside as a restore system performance to normal. Log Files out of RAM or when it determines that RAM is better used for buffers or caches than to hold currently inactive Many programs only run in the background and are programs, it will replace the use of physical RAM with not visible to the end user. These programs generally to a swap space contained as a file on the hard disk. Swap run services for the network, such as providing DHCP, space use is generally quite low, and if it rises too much running a web server, or running an email server. These then performance problems can occur. In the long run, background services are known as daemons. increasing the computer’s physical memory is generally continually require system resources, and the user can’t of memory, actually see the details of what a suitable background since their operations are not displayed to temporary workaround, if needed. When suffering from the screen. To determine what these programs are doing, performance problems because of excessive swap use, a user that but larger a is continually swap space best solution Since these programs run in the background, they for a Linux system the running can out become Aa such problems and terminating the leaking program can substitute for physical memory. Whenever Linux runs (RAM) B&B Page 130 of 208 « 65% must consult is happening a log file, since these in the daemons Q) LINUX ESSENTIALS (010-160): A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... commonly write information about their normal = Q Ba startup scripts. If your Linux system is having issues operations to text-based log files. Therefore, being able during to find and read these log files is an important boot.log file to see if an error message was recorded in of diagnosing problems with a background part service or the boot up process, you should review the the log file. There are also general-purpose log files that contains daemons. The Qh first daemon step in a problem its log file. In Linux, with most a messages from many different daemons on a given log Linux system. These are known as messages or syslog. files are stored in the /var/log directory. For the LPI There log files store messages from various daemons Linux Essentials certification exam, when they do not have their own dedicated log files. remember is to locate diagnosing it is important to where log files are commonly store. While If your system is having an issue regarding security, the following log files and directories within the /var/ such a log of which users attempted to use su, sudo, and log directory are not an exhaustive list, they do makeup other root privilege mechanisms, then you should check some log files on any Linux the log file known as secure. This file is located at /var/ system: boot.log, messages or syslog, secure, cups, gdm, log/secure and is used for all security-related messages secure, and Xorg.0.log. within the system. of the most important The boot.log file is used to summarize the services The /var/log/cups directory is used to hold log files or daemons that start late in the boot process via SysV related to the Linux printing system. CUPS is an acronym Page 131 of 208 « 66% Q) LINUX ESSENTIALS (010-160): QO Kindle Library for the Common UNIX Printing A TIME COMPRESSED System, and it is a RESOURCE TO PASSING THE LPI® LINUX... of X on the system. =: If you are having Q [— a generalized modular printing system for Unix and Linux systems graphics issue, then checking /var/log/Xorg.0.log is a which allows the computer to act as a print server. If you good place to start your troubleshooting. Because are experiencing an issue with printing from your Linux machine, you should review the logs within the cups log information files are constantly recording about the system, its operations, and its errors, these files can grow very large in size. In fact, if directory. The /var/log/gdm directory holds log files related to the log files are not limited in size, they could completely the GNOME Display Manager (GDM), which handles GUI fill up your hard drive and crash the operating system. logins on many systems. GNOME To is a commonly used prevent this, information within the log files is so if you frequently rotated. This means that the oldest entries have an issue with the graphical user interface, then within the log files are deleted and overwritten with reviewing the logs within the gdm directory is a good newer entries. desktop GUI on many Linux distributions, Also, place to start your troubleshooting efforts. There is another graphical Linux systems called the known as X. The component on most X Windows System, also simply log file for X is Xorg.0.log, and it contains all the information on the most recent startup some programs will instead create new log files. they then rename the latest log file with a date or number, reaches and a certain the age. old For log file is deleted example, if the once it messages log file was rotated on July 1, 2019, /var/log/messages Page 132 of 208 « 66% Aa LN LINUX ESSENTIALS (010-160): QO Kindle Library will become messages-1.gz, A TIME COMPRESSED /var/log/messages-20190701, or something /var/log/ similar, and a new /var/ log/messages will be created. This practice keeps log files RESOURCE TO PASSING THE LPI® LINUX... Q ££ system. Some of them provide a separate tool, like klog or klogd, to handle logging messages from the kernel separately from ordinary programs. The behavior of the log daemon from growing too large. Most log files are simply plain-text files, so they can =: including can be modified, adjusting the files to which it logs certain be checked using any tool that can examine text files. types of messages, by adjusting its configuration file. While that can parse, The name of this file depends on the specific daemon logs, for basic log reviews a simple in use, but it is typically /etc/rsyslog.conf or something there are specialized programs read, and compare display program like entering the cat command or using similar, depending on your distribution. Once running, a log daemon accepts messages from a text editor like gedit will work just fine. Some However, programs most create programs their rely own on a log files, utility too. known other processes by using a technique known as system messaging. It then sorts through generically as the system log daemon fhir this function. directs them This message’s source and a priority code. daemon’s process name is generally syslog or the messages to a suitable log file depending and on the Combining grep with log files can be a truly powerful syslogd. Like other daemons, it starts during the boot process by the system startup scripts. Several system log combination daemon packages are available for you to use on a Linux using grep, you can quickly search through hundreds of Page 133 of 208 « 67% for a system administrator. By properly Aa LN LINUX ESSENTIALS (010-160): QO Kindle Library A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... = Q ££) thousands of lines within a given log file to find the exact it. For example, to find kernel ring buffer messages about issue or error you are trying to find. the first hard disk, /dev/sda, type the following: Kernel Ring Buffer $ dmesg | grep sda The kernel ring buffer can be thought of as a log file for the kernel. However, unlike other log files, it is stored in memory rather than in a disk file. Like regular log files, though, its contents continue to change as the computer runs. To examine the kernel ring buffer, type dmesg. This can sometimes create an overwhelming amount of information, so the output is typically piped through the less utility. The kernel ring buffer’s messages can be particularly difficult to understand, but they can also be invaluable in diagnosing hardware and driver problems since it is the kernel’s job to interface with hardware. The reviewed kernel ring buffer if a hardware should be searched device is behaving and strangely. Even if it is difficult to understand, a message from this log can be entered in a search engine or passed on to a more knowledgeable colleague for expert advice and $ dmesg | less further troubleshooting. is Some distributions place a copy of the kernel ring associated with a string, you can use grep to search for buffer when the system first boots in /var/log/dmesg or Alternatively, if the necessary information Page 134 of 208 « 67% Aa LN LINUX ESSENTIALS (010-160): A TIME COMPRESSED RESOURCE TO PASSING THE LPI® LINUX... a similar file. This file can be reviewed if the computer has been running for a long time and its earliest entries are already lost from the copy within buffer. to If you want create such the memory’s a within your distribution and it isn’t already created by default, then edit the /etc/re.d/rc.local file and add the following line to the end of the script: $ dmesg > /var/log/dmesg Page 135 of 208 « 68% = Q Ba