Linux
System Shutdown
Linux
Because there are many processes going on simultaneously in UNIX, it is not possible to guarantee that when you write something to disk it will be written immediately, although it would not normally be longer than 5-10 seconds before it is. This is why it is important not to simply turn the power off when you have finished using the computer.
Most UNIX systems have a shutdown procedure which only the superuser can execute. This first sends a message to all logged-in users warning of imminent system shutdown asking them to finish up and logout; then it disables all new logins, flushes all disk buffers to disk and systematically, and in a fixed order, kills all running processes.
Shutting Down
Some day, computers will probably be as easy to use as televisions are today (no, we're not there yet...). Maybe we'll have remote controls to navigate easily between features and to turn off the machine.
At present, though, you can't simply turn off your computer when you're finished. You can always log out from your account, which will return you to your login screen, but if you want to completely shut off your machine, you've got a couple more steps to take.
Figure 15: The command `top' shows you running processes
Here's why: Even though you may not be typing, listening to music or browsing with Netscape, your machine is still working on a variety of processes in the background. (A process is a program which is being executed. Multiple processes are running all the time on your system.)
Tip: Curious to take a peek? Just go to a shell prompt and type top. You'll see the processes that are currently running (see Figure 15). To quit this view, type [Q].
(To learn more about the top command, type man top at the shell prompt; to move forward a screen, press the [Spacebar]; to move back a screen, press [B]; to quit, press [Q]. You'll learn more about these ``man pages'' later in this chapter.)
Like a faithful assistant, your Linux system is carrying out tasks silently all the time. You can't just turn out the lights and lock the door on your assistant. Instead, you've got to give them time to put away their work and make sure everything's in its proper place before saying ``good night.''
To shutdown or reboot while you're in GNOME, exit from your X session (panel -> Log out). Once you're at the login screen, left-click on Options, and select Halt or Reboot.
You'll then be asked whether you want to stop or restart your machine. Choose Halt to shutdown your machine; chooseRestart to restart, or ``reboot'' your machine.
Figure 16: The shutdown command at the shell prompt
At the shell prompt, you can reboot or halt your system from your root account.
To reboot from the prompt, type:
shutdown -r now Twenty-two points, plus triple-word-score,
plus fifty points for using all my letters.
Game's over. I'm outta here.
(See Figure 16.)
Or, if you want to exit from your system and turn off your machine, type:
shutdown -h now
The -r option stands for ``reboot,'' while the -h option means ``halt.'' Stating now means that you want to perform this action immediately.
Please Note: Remember to save your work and exit from any applications which may be running before you perform a shutdown from the shell prompt, because you could lose work.
If you choose to halt the system, you'll see a list of messages about which services are stopping; then, you'll see:
The system is halted
Now everything's put away and it's safe to turn off your computer.
Tip: Try substituting +5 for now; you'll find that you've just commanded your assistant to put everything away and stop working in five minutes.
You can learn more about the shutdown command by typing:
man shutdown
at a shell prompt. You'll be presented with a ``man page,'' which will tell you about this command.
To go forward a screen, press the [Spacebar]; to go back a screen, press [B]; and to quit, press [Q].
Summary: To shutdown or reboot from GNOME, from the log in screen, go to Options -> Halt or Reboot. From the shell prompt: Log in as root, and type shutdown -r now (to reboot) or shutdown -h now (to halt).
Shutting down a Linux system can be tricky. You should never
simply turn off the power or press the reset switch. The kernel keeps track of
the disk read/write data in memory buffers. If you reboot the system without
giving the kernel a chance to write its buffers to disk, you can corrupt the
file systems. Other precautions are taken during shutdown as well. All
processes are sent a signal that allows them to die gracefully (by first
writing and closing all files, for example). File systems are unmounted for
safety. If you wish, the system can also alert users that the system is going
down and give them a chance to log off. The easiest way to shut down is with
the shutdown command. The
format of the command is
The time argument is the time to shut
down the system (in the format hh:mm:ss), and warning-message is a message displayed on all user's terminals
before shutdown. Alternately, you can specify the time as ``now'',
to shut down immediately. The -r
option may be given to shutdown
to reboot the system after shutting down.
For example, to shut down and reboot the system at 8:00 pm,
use the command
The command halt
may be used to force an immediate shutdown without any warning messages or
grace period. halt is
useful if you're the only one using the system and want to shut down and turn
off the machine. Don't turn off the power or reboot the system until you see
the message:
It is very important that you
shut down the system, ``cleanly,'' using the shutdown
or halt command. On some
systems, pressing Ctrl-Alt-Del will be trapped and cause a shutdown. On other
systems, using the ``Vulcan nerve pinch'' will reboot the system immediately
and cause disaster.
Shutting Down and Rebooting
To shut down your system, type shutdown -h now, which tells the shutdown program to begin system halt immediately. You can also tell it to halt the system at a later time, I think, but you'll have to consult the shutdown manual page for that (man shutdown).
To do a reboot, you can either type reboot or shutdown -r. You can also use the famous Ctrl-Alt-Delete combination to reboot, which you might already be familiar with.
Shutting down and restarting properly (as described above) will prevent your filesystem from being damaged. Filesystem damage is the most obvious of the consequences, but there are probably other things out there that I don't know about. The point is, shut down your system properly.There are (rare!) cases in which the machine might lock up entirely, and prevent you from being able to access a command prompt. Only then will your last resort be to do a forced reboot (just pressing the restart button on the case).
The
Boot Process, Init, and Shutdown
System V Init
This section is a brief description of the internals of the boot process. It basically covers in detail how the machine boots using SysV Init and the differences between the original init used in older Linux releases. Init is the program that gets run by the kernel at boot time. It is in charge of starting all the normal processes that need to run at boot time. These include the gettys that allow you to log in, NFS daemons, FTP daemons, and anything else you want to run when your machine boots. SysV Init is fast becoming the standard in the Linux world to control the startup of software at boot time. This is because it is easier to use and more powerful and flexible than the traditional BSD init. SysV init also differs from BSD init in that the config files are in a subdirectory of /etc instead of residing directly in /etc. Basically, you need one script for each service you may need to start at boot time or when entering another runlevel. Services include things like networking, nfs, sendmail, httpd, etc. Services do not include things like setserial that must only be run once and then exited. Things like that should go in rc.local or rc.serial. If you want rc.local, it should be in /etc/rc.d. Most systems include one even though it doesn't do much. You can also include an rc.serial in /etc/rc.d if you need to do serial port specific things at boot time. The chain of events is as follows:
· The kernel looks in several places for init and runs the first one it finds
· init runs /etc/rc.d/rc.sysinit
· rc.sysinit does a bunch of necessary things and then runs rc.serial (if it exists)
· init runs all the scripts for the default runlevel.
· init runs rc.local
The default runlevel is decided in /etc/inittab. You should have a line close to the top like:
id:3:initdefault:
From this, you'd look in the second column and see that the default runlevel is 3, as should be the case for most systems. If you want to change it, you can edit /etc/inittab by hand and change the 3. Be very careful when you are messing with the inittab. If you do mess up, you can fix it by rebooting and doing:
LILO boot: linux
single
This should allow you to boot into single user mode so you can fix inittab.
What you'll notice is that there are no real ``files'' in the directory. Everything there is a link to one of the scripts in the init.d directory. The links also have an ``S'' and a number at the beginning. The ``S'' means to start this particular script and a ``K'' would mean to stop it. The number is there just for ordering purposes. Init will start all the services based on the order they appear. You can duplicate numbers, but it will only confuse you somewhat. You just need to use a two digit number only, along with an upper case ``S'' or ``K'' to start or stop the services you need to.
How does init start and stop services? Simple. Each of the scripts is written to accept an argument which can be ``start'' and ``stop''. You can execute those scripts by hand in fact with a command like:
/etc/rc.d/init.d/httpd.init stop
to stop the httpd server. Init just reads the name and if it has a ``K'', it calls the script with the ``stop'' argument. If it has an ``S'' it calls the script with a ``start'' argument. Why all these runlevels? Some people want an easy way to set up machines to be multi-purpose. I could have a ``server'' runlevel that just runs httpd, sendmail, networking, etc. Then I could have a ``user'' runlevel that runs xdm, networking, etc.
Unix
Shutdown and Reboot
It is critical for system administrators to have a firm understanding of how the machine is being used and actively involve the users in scheduling downtime. For example, on most systems (except Cray to my knowledge), a shutdown will cause all user processes to be killed. If users on a system are running jobs that take days or weeks to complete then shutting the system down and cause all processes to be killed could severly impact the productivity of users. Whenever possible, users should be given as much lead time as possible when scheduling a shutdown. Once brought up to multi-user mode it is not uncommon for the system to run for many days, possibly even months, without being shutdown or rebooted. There are valid reasons for shutting down the system, these include:
· Many systems now have a graphics dispaly and use an assortment of X11 based applications. Also, it is not uncommon for a server machine to support remote X11 applications. Under many vendors version of X11 there are known memory leaks. These memory leaks result in the X11 server or application allocating memory and never releasing it. Over time you may find that free memory becomes tight. Rebooting will elliminate that.
·
Installation of system software or changes in hardware
often require a system reboot to take affect.
·
Devices can get in a state where
they don't function properly. The only fix is to shutdown the system and power
off the component. Likewise, system software may get in a confused state and
require a reboot to be corrected.
· Often, system administrators bring the system down to single-user mode to perform full backups of file systems. Performing a full backup on a quiescent is one way of gaurenteeing a complete backup.
·
Methods
of shuting down and rebooting
There are three possible states you can end up in when you start to shutdown the system, these are:
· Single-user mode;
· The system is completely shutdown and ready to be powered off;
· The system is shutdown put then brought immediately back up without any intervention.
Single-user mode
Previously when we discussed single-user mode we went over some of the tasks
you may want to accomplish here. To leave multi-user mode under a BSD system
you can enter the command shutdown
time [message] , where time can be in absolute or relative
terms. For relative time, use a value such as +5 to refer to five minutes from
now. Absolute time is referenced as HH:MM and uses 24 hour notation. Finally,
the keyword now may be specified to start a shutdown immediately. The message
parameter is optional, but highly recommended. This should be enclosed in
quotes and give a brief explanation of the reason for the shutdown and when the
machine may be back up again.
Under System V, shutdown is acccomplished by issueing the command shutdown -y -i1 -g### . Where the -y option informs shutdown to auto-answer all questions with yes; -i1 instructs the system to go to init level 1 (single-user mode); -g### is the grace period to give users before shutting down. The ### symbols should be replace with the number of seconds to wait. Note that there is no message field to use under System V. It is strongly recommended that the system manager use a command such as wall to send a message to all users informing them of the reason for the shutdown and the time when the machine will be available again.
System
StratUp
How did Linux
get started?
The concept of open source programming has been around for many
years—its roots stem from universities that needed to be able to share
information as well as allow students and developers to adapt programs to meet
their needs. In 1984, Richard Stallman, a researcher at the MIT AI Lab, started
a project he called GNUto counter the fast-moving trend toward proprietary,
fee-based software. Stallman, who remains an open advocate of open source,
believes that making source code available to anyone who wants it is integral
to furthering computer science and innovation.
This concept served as the basisof Linux development, the brainchild of Linus Torvalds. When Torvalds began developing Linux in 1991, he was a student at the University of Helsinki and originally targeted Linux at the Intel 386 (although it is now one of the most widely ported operating systems available for PCs). Torvalds wanted to write a new version of UNIX, so he and a group of programmers combined talents and created a core operating system called Linux.
The system evolved as a large
number of volunteer developers worked on the kernel, sharing information over
the Internet and creating an unusual community that supported and policed
itself. If one developer decided to drop a specific Linux project, others would
pick up where their predecessors left off. The result, which continues to grow
and change, is the open source system available over the Internet (and in
packaged CDs) today.
Booting the system.
Some people boot Linux with a floppy diskette that contains a copy of the Linux kernel. This kernel has the Linux root partition coded into it, so it knows where to look for the root file system. This is the type of floppy created by Slackware during installation, for example.
To create your own boot floppy, locate the kernel image on your hard disk. It should be in the file /vmlinuz, or /vmlinux. In some installations, /vmlinuz is a soft link to the actual kernel, so you may need to track down the kernel by following the links.
Once you know where the kernel is, set the root device of the kernel image to the name of your Linux root partition with the rdev command. The format of the command is
where kernel-name is the name of the kernel image, and root-device is the name of the Linux
root partition. For example, to set the root device in the kernel /vmlinuz to /dev/hda2, use the
command
rdev can set other
options in the kernel, like the default SVGA mode to use at boot time. The
command
prints a help message on the screen. After setting the root device, simply copy
the kernel image to the floppy. Before copying data to any floppy, however,
it's a good idea to use the MS-DOS FORMAT.COM
or the Linux fdformat
program to format the diskette. This lays down the sector and track information
that is appropriate to the floppy's capacity.
The
Boot Procedure
Bootstrapping is the process of starting up a computer from a halted or powered-down condition. When the computer is switched on, it activates the memory-resident code which resides on the CPU board. The normal facilities of the operating system are not available at this stage and the computer must 'pull itself up by its own boot-straps' so to speak. This procedure therefore is often referred to as bootstrapping, also known as cold boot. Although the bootstrap procedure is very hardware dependent, it typically consists of the following steps:
· The memory-resident code
· Runs self-test.
· Probes bus for the boot device
· Reads the boot program from the boot device.
· Boot program reads in the kernel and passes control to it.
· Kernel identifies and configures the devices.
· Initializes the system and starts the system processes.
· Brings up the system in single-user mode (if necessary).
· Runs the appropriate startup scripts.
· Brings up the system for multi-user operation.
Kernel
Most Unix systems implement a two-stage loading process. During the first stage, a small boot program is read into memory from a default or specified device. It is this program that reads in the kernel and relinquishes the control to it. The path to the kernel is vendor-dependent. For example, it is /vmunix on SunOS 4.x, Digital Unix and Ultrix, /kernel/unix on SunOS 5.x, /hp-ux on HP-UX, and /unix on IRIX and AIX systems.
One of the very first, probably the most difficult, tasks a system administrator must perform, is configuring the kernel. You'll read the details later in the sections dealing with the 'Operating System Installation'. Once the kernel is loaded, it remains in the memory during the running of the system and is usually run in a fixed amount of memory. When the kernel starts, it normally displays its size and the amount of physical memory remaining after the kernel is loaded. The kernel probes the bus to locate the devices specified during the configuration, and initializes the located devices (ignoring those that it can't contact). Any device not detected and initialized during the boot will not be accessible to system until it is properly connected and the system is rebooted.
System
Processes
The kernel identifies the root, swap, and dump devices and then starts programs to schedule processes, manage physical memory and virtual memory, and the init process. BSD systems starts three initialization processes; swapper, init and pagedaemon. On the SVR4 systems the initialization processes include sched, init, and various memory handlers (except on Solaris).
Normal Use
What are the advantages and disadvantages of
using Linux?
Linux is an extremely powerful and reliable operating system that
gives users a certain flexibility not found within other systems. Aside from
the fact that Linux can be downloaded and upgraded for free (and therefore
becomes attractive to small businesses and individuals on a small budget), it
can also be altered by the user to fix bugs or meetspecific operating needs.
Another advantage: Linux gives users a choice for their operating system. No
longer do people have to rely on Windows or other Microsoft products to get
their computing jobs done, they can turn to any number of open source programs.
And if the company that developed a specific version of Linux goes out of
business, the software can still be maintained. This promises Linux users a
certain continuity to their systems, and minimal concern that critical updates
and improvements will ever stop being developed.
The disadvantages to using Linux currently includes the simple fact that it can be tricky to install if there isn't support to help guide new users through the process. Likewise, users who are accustomed to using a Windows interface will have to adjust to a different system—although the adjustment generally isn't a complicated one. Some users have complained that the Linux interface is not as intuitive as a Windows interface, but Linux advocates argue that developers are improving the interface and graphics with each new version. Turning open source software into a user-friendly operating system remains one of the highest priorities for the development community, which will greatly benefit users in the long run.
Linux is Multi-user
Linux is an implementation of the UNIX design philosophy, which means that it is a multi-user system from the word "go." This has numerous advantages, even for a system where only one or two people will be using it. Security, which is necessary for protection of sensitive information, is built into Linux at selectable levels. More importantly, the system is designed to multi-task. Whether one user is running several programs or several users are running one program, Linux is capable of managing the traffic.
Linux is Open
Perhaps most importantly for what we are trying to accomplish with SEUL, Linux is open. That means that for the entire base system, which includes the kernel, the GNU tools, and all the basic utilities, we as programmers and users have access to the source code as well as the right to modify it. Without that access and that right, this project would not be possible. Neither would many of the other Linux projects currently underway, including GNOME, the GNU Network Object Model Environment, a desktop interface; MNEMONIC, a free web browser under development; or many others. If users like SEUL, they will be able to modify it if they wish.
An important aspect of open software is the ability to write kernel extensions and drivers as needed. What if new hardware comes out that we want to take advantage of? We just write the driver -- if someone else doesn't do it first.
Another huge advantage of an open system is a large number of software authors and beta testers. This makes the software testing and refinement process faster and better. Because there is not a lot of commercial software for Linux (though that is an increasing market), most software written for Linux is written because the authors want to do it. Since there are no corporate deadlines, there need be no compromise of quality. Also, I think many programmers relish the idea of showing off some artistry, since others will actually see and appreciate their code.
Linux is "Free"
Linux is "Free" in two senses. In one sense, the Linux consumer is free to modify the system and do anything he or she wishes with it. In another sense, acquiring Linux does not necessarily require any cash outlay at all.
There are two very popular methods for acquiring and distributing Linux: FTP and CD-ROM. Most of the major Linux distributions (Red Hat, Debian, Slackware, Caldera) are available for free download from several popular sites. Though time consuming, it does not cost anything beyond connection charges.
Getting Linux by CD-ROM seems to make more sense in many cases. For a few dollars (essentially the cost of the physical disc itself and shipping and handling), anyone can get the major Linux distributions. Many vendors even offer several-CD sets with prices averaging less than $2 per disc.
This would be a bargain if Linux were a run of the mill system with few frills and no truly compelling features. As a matter of fact, Linux comes with full networking capabilities, a mind-boggling array of programs, utilities, and development tools.
The development tools in particular make Linux a great platform for learning how to write software. In addition to the tools, you often get a full CD of source code to browse and study and tinker with. Another advantage is that, as a multi-user system, it is much more likely to keep you from shooting yourself in the foot as you learn to program -- I have seen Windows 95 and how it handles errors in Borland's C++ compiler, and I am very glad I use Linux. Of course, if you are not inclined to write software, these things do not need to be installed.
Linux is Network-friendly
Nowadays, people are becoming more and more enamored of the Internet and what it can do for them. It is by no means an uncommon thing to see major vendors advertise their World Wide Web addresses during football games and other events; many TV commercials have them, too. The American marketing machine sees the Internet as a phenomenon that is here to stay, and the public wants to take advantage of it. The best way to do that now is with a computer. Set top devices, like WebTV (which Microsoft owns, in case you were curious) have a long way to go before they offer the flexibility and power of a PC with a modem.
General & Future
Security
Host Security
Perhaps the area of security on which administrators concentrate most is host-based security. This typically involves making sure your own system is secure, and hoping everyone else on your network does the same. Choosing good passwords, securing your host's local network services, keeping good accounting records, and upgrading programs with known security exploits are among the things the local security administrator is responsible for doing. Although this is absolutely necessary, it can become a daunting task once your network becomes larger than a few machines.
Network Security
Network security is also as necessary as local host security. With hundreds, thousands, or more computers on the same network, you can't rely on each one of those systems being secure. Ensuring that only authorized users can use your network, building firewalls, using strong encryption, and ensuring there are no "rogue" (that is, unsecured) machines on your network are all part of the network security administrator's duties. This document will discuss some of the techniques used to secure your site, and hopefully show you some of the ways to prevent an intruder from gaining access to what you are trying to protect.
Security Through Obscurity
One type of security that must be discussed is "security through obscurity". This means, for example, moving a service that has known security vunerabilities to a non standard port in hopes that attackers won't notice it's there and thus won't exploit it. Rest assured that they can determine that its there and will exploit it. Security through obscurity is no security at all. Simply because you may have a small site, or a relatively low profile, does not mean an intruder won't be interested in what you have. We'll discuss what you're protecting in the next sections.
Physical Security
The first layer of security you need to take into account is the physical security of your computer systems. Who has direct physical access to your machine? Should they? Can you protect your machine from their tampering? Should you? How much physical security you need on your system is very dependent on your situation, and/or budget. If you are a home user, you probably don't need a lot (although you might need to protect your machine from tampering by children or annoying relatives). If you are in a Lab, you need considerably more, but users will still need to be able to get work done on the machines. Many of the following sections will help out. If you are in an office, you may or may not need to secure your machine off hours or while you are away. At some companies, leaving your console unsecured is a termination offense. Obvious physical security methods such as locks on doors, cables, locked cabinets, and video surveillance are all good ideas, but beyond the scope of this document.
Computer locks
Many modern PC cases include a "locking" feature. Usually this will be a socket on the front of the case that allows you to turn an included key to a locked or unlocked position. Case locks can help prevent someone from stealing your PC, or opening up the case and directly manipulating/stealing your hardware. They can also sometimes prevent someone from rebooting your computer on their own floppy or other hardware. These case locks do different things according to the support in the motherboard and how the case is constructed. On many PC's they make it so you have to break the case to get the case open. On some others, they make it so that it will not let you plug in new keyboards and mice. Check your motherboard or case instructions for more information. This can sometimes be a very useful feature, even though the locks are usually very low quality and can easily be defeated by attackers with locksmithing. Some cases (most notably SPARCs and macs) have a dongle on the back that, if you put a cable through attackers would have to cut the cable or break the case to get into it. Just putting a padlock or combo lock through these can be a good deterrent to someone stealing your machine.
BIOS Security
The BIOS is the lowest level of software that configures or manipulates your x86-based hardware. LILO and other Linux boot methods access the BIOS to determine how to boot up your Linux machine. Other hardware that Linux runs on has similar software (OpenFirmware on Macs and new Suns, Sun boot PROM, etc...). You can use your BIOS to prevent attackers from rebooting your machine and manipulating your Linux system. Many PC BIOSs let you set a boot password. This doesn't provide all that much security (the BIOS can be reset, or removed if someone can get into the case), but might be a good deterrent (i.e. it will take time and leave traces of tampering). Similarly, on S/Linux (Linux for SPARC(tm) porcessor machines), your EEPROM can be set to require a boot-up password. This might slow attackers down. Many x86 BIOSs also allow you to specify various other good security settings. Check your BIOS manual or look at it the next time you boot up. For example, some BIOSs disallow booting from floppy drives and some require passwords to access some BIOS features. Note: If you have a server machine, and you set up a boot password, your machine will not boot up unattended. Keep in mind that you will need to come in and supply the password in the event of a power failure.
Boot Loader Security
The various Linux boot loaders also can have a boot password set. LILO, for example, has password and restricted settings; password always requires password at boot time, whereas restricted requires a boot-time password only if you specify options (such as single) at the LILO prompt. Keep in mind when setting all these passwords that you need to remember them.. Also remember that these passwords will merely slow the determined attacker. They won't prevent someone from booting from a floppy, and mounting your root partition. If you are using security in conjunction with a boot loader, you might as well disable booting from a floppy in your computer's BIOS, and password-protect the BIOS. If anyone has security-related information from a different boot loader, we would love to hear it. (grub, silo, milo, linload, etc). Note: If you have a server machine, and you set up a boot password, your machine will not boot up unattended. Keep in mind that you will need to come in and supply the password in the event of a power failure.
Local Security
The next thing to take a look at is the security in your system against attacks from local users. Did we just say local users? Yes! Getting access to a local user account is one of the first things that system intruders attempt while on their way to exploiting the root account. With lax local security, they can then "upgrade" their normal user access to root access using a variety of bugs and poorly setup local services. If you make sure your local security is tight, then the intruder will have another hurdle to jump. Local users can also cause a lot of havoc with your system even (especially) if they really are who they say they are. Providing accounts to people you don't know or have no contact information for is a very bad idea.
Network Security
Network security is becoming more and more important as
people spend more and more time connected. Compromising network security is
often much easier than compromising physical or local, and is much more common.
There are a number of good tools to assist with network security, and more and
more of them are shipping with Linux distributions.