Узбекистан, Бухара, Бухарский институт высоких технологий, 2013 |
Тaking control
Becoming super user
Frequently when you're logged in normally, you want to do something that requires you to be root. You can log out and log in again as root, of course, but there's an easier way:
$ su become super user Password: as usual, it doesn't echo # root prompt
To use su , you must be a member of the group wheel. Normally you do this when you add the user, but otherwise just put the name of the user at the end of the line in /etc/group:
wheel:*:0:root,grog add the text in boldface
Having a single root password is a security risk on a system where multiple people know the password. If one of them leaves the project, you need to change the password. An alternative is the sudo port (/usr/ports/security/sudo). It provides fine-grained access to root privileges, all based on the user's own password. Nobody needs to know the root password. If a user leaves, you just remove his account, and that cancels his access.
Adding or changing passwords
If your system has any connection with the outside world, it's a good idea to change your password from time to time. Do this with the passwd program. The input doesn't look very interesting:
$ passwd Changing local password for yana. Old password: doesn't echo New password: doesn't echo Retype new password: doesn't echo passwd: rebuilding the database... passwd: done
You have to enter the old password to make sure that some passer-by doesn't change it for you while you're away from your monitor, and you have to enter the new password twice to make sure that you don't mistype and lock yourself out of your account. If this does happen anyway, you can log in as root and change the password: root doesn't have to enter the old password, and it can change anybody's password. For example:
# passwd yana Changing local password for yana. New password: doesn't echo Retype new password: doesn't echo passwd: rebuilding the database... passwd: done
In this case, you specify the name of the user for whom you change the password.
If you are changing the root password, be careful: it's easy enough to lock your self out of the system if you mess things up, which could happen if, for example, you mistyped the password twice in the same way (don't laugh, it happens). If you're running X, open another window and use su to become root If you're running in character mode, select another virtual terminal and log in as root there. Only when you're sure you can still access root should you log out.
If you do manage to lose the root password, all may not be lost. Reboot the machine to single-user mode (see page 540), and enter:
# mount -u / mount root file system read/write # mount /usr mount /usrfile system (if separate) # passwd root change the password for root Enter new password: Enter password again: # ^D enter ctrl-D to continue with startup
If you have a separate /usr file system (the normal case), you need to mount it as well, since the passwd program is in the directory /usr/bin. Note that you should explicitly state the name root: in single-user mode, the system doesn't have the concept of user IDs.
Processes
As we have seen, UNIX is a multi-user, multi-tasking operating system. In particular, you can run a specific program more than once. We use the term process to refer to a particular instance of a running program. Each process is given a process ID more frequently referred to as PID a number between 0 and 99999 that uniquely identifies it. There are many things that you might like to know about the processes that are currently running, such as:
- How many processes are running?
- Who is running the processes?
- Why is the system so slow?
- Which process is blocking my access to the modem?
Your primary tool for investigating process behavior is the ps (process status) command. It has a large number of command options, and it can tell you a whole lot of things that you will only understand when you have investigated how the kernel works, but it can be very useful for a number of things. Here are some typical uses:
What processes do I have running?
After starting a large number of processes in a number of windows under X, you probably can't remember what is still running? Maybe processes that you thought had stopped are still running. To display a brief summary of the processes you have running, use the ps command with no options:
$ ps PID TT STAT TIME COMMAND 187 p0 Is+ 0:01.02 -bash (bash) 188 Pi Ss 0:00.62 -bash (bash) 453 Pi R+ 0:00.03 ps
This display shows the following information:
- The PID of the process.
- TT is short for teletype, and shows the last few letters of the name of thecontrolling terminal, the terminal on which the process is running. In this example, the terminals are /dev/ttyp0 and /dev/ttypl.
- STAT shows the current process status. It's involved and requires a certain amount of understanding of how the kernel runs to interpret it—see the man page for ps for more details.
- TIME is the CPU time that the process has used in minutes, seconds and hundredths of a second. Note that many other UNIX systems, particularly System V, only show this field to the nearest second.
- COMMAND is normally the command you entered, but don't rely on this. In the next section, you'll see thatsendmail has changed its COMMAND field to tell you what it is doing. You'll notice that the command on the last line is the ps that performs the listing. Due to some complicated timing issue in the kernel, this process may or may not appear in the listing.
What processes are running?
There are many more processes in the system than the list above shows. To show them all, use the a option to ps. To show daemons as well (see the next section for a definition of daemon ), use the x option. To show much more detail, use the u or l options. For example:
$ ps waux USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND root 12 95.7 0.0 0 12 ?? RL 1Jan70 1406:43.85 (idle: cpu0) root 11 95.1 0.0 0 12 ?? RL 1Jan70 1406:44.64 (idle: cpu1) root 1 0.0 0.0 708 84 ?? ILs 1Jan70 0:09.10 /sbin/init root 12 0.0 0.0 0 12 ?? WL 1Jan70 15:04.95 (swi1: net) root 13 0.0 0.0 0 12 ?? WL 1Jan70 21:30.29 (swi6: tty:sio clock) root 15 0.0 0.0 0 12 ?? DL 1Jan70 2:17.27 (random) root 18 0.0 0.0 0 12 ?? WL 1Jan70 0:00.00 (swi3: cambio) root 20 0.0 0.0 0 12 ?? WL 1Jan70 0:00.00 (irq11: ahc0 uhci0++) root 21 0.0 0.0 0 12 ?? WL 1Jan70 39:00.32 (irq5: rl0) root 22 0.0 0.0 0 12 ?? WL 1Jan70 7:12.92 (irq14: ata0) root 23 0.0 0.0 0 12 ?? WL 1Jan70 0:47.99 (irq15: ata1) root 24 0.0 0.0 0 12 ?? DL 1Jan70 0:00.08 (usb0) root 25 0.0 0.0 0 12 ?? DL 1Jan70 0:00.00 (usbtask) root 26 0.0 0.0 0 12 ?? DL 1Jan70 0:00.07 (usb1) root 27 0.0 0.0 0 12 ?? DL 1Jan70 0:00.08 (usb2) root 340 0.0 0.1 1124 280 ?? S 18Dec02 16:41.11 nfsd: server (nfsd) root 375 0.0 0.0 1192 12 ?? Ss 18Dec02 0:01.70 /usr/sbin/lpd daemon 408 0.0 0.0 1136 152 ?? Ss 18Dec02 0:11.41 /usr/sbin/rwhod root 420 0.0 0.1 2648 308 ?? Ss 18Dec02 0:04.20 /usr/sbin/sshd root 491 0.0 0.1 2432 368 ?? Ss 18Dec02 0:38.61 /usr/local/sbin/httpd root 551 0.0 0.0 1336 12 ?? Ss 18Dec02 0:02.71 /usr/sbin/inetd -wW root 562 0.0 0.0 1252 216 ?? Is 18Dec02 0:15.50 /usr/sbin/cron root 572 0.0 0.0 1180 8 v2 IWs+ - 0:00.00 /usr/libexec/getty Pc www 582 0.0 0.0 2432 8 ?? IW - 0:00.00 /usr/local/sbin/httpd grog 608 0.0 0.1 1316 720 v0 I 18Dec02 0:00.04 -bash (bash) root 2600 0.0 0.0 1180 8 v1 IWs+ - 0:00.00 /usr/libexec/getty Pc root 33069 0.0 0.3 5352 1716 ?? Ss 29Dec02 0:01.30 xterm -name xterm grog 33081 0.0 0.1 1328 752 p8 Is+ 29Dec02 0:00.09 /usr/local/bin/bash
This list is just an excerpt. Even on a freshly booted system, the real list of processes will be much larger, about 50 processes.
We've seen a number of these fields already. The others are:
- USER is the real user ID of the process, the user ID of the person who started it.
- %CPU is an approximate count of the proportion of CPU time that the process has been using in the last few seconds. This is the column to examine if things suddenly get slow.
- %MEM is an approximate indication of the amount of physical memory that the process is using.
- VSZ (virtual size) is the amount of virtual memory that the process is using, measured in kilobytes.
- RSS (resident segment size) is the amount of physical memory currently in use, measured in kilobytes.
- STARTED is the time or date when the process was started.
In addition, a surprising number of processes don't have a controlling terminal. They are daemons and we'll look at them in the next section.