system administration mtat.08.021 lecture 3 unix … · 2016. 3. 2. · remote login lecture 3:...

LECTURE 3 UNIX SERVICES

SYSTEM ADMINISTRATION MTAT.08.021

1

Prepared By: Amnir Hadachi and Artjom Lind

University of Tartu, Institute of Computer Science [email protected] / [email protected]

mailto:[email protected]

mailto:[email protected]?subject=

OUTLINE

LECTURE 3: UNIX SERVICES

1. System Boot

2. Remote Login

3. Managing Rights

4. Administration interfaces

5. “syslog” System Events

6. Scheduling Tasks

7. Scheduling Asynchronous Tasks

8. Quotas

9. Backup

10. Hot Plugging

2

SYSTEM BOOT

(RECALL)

1.

The system V init system

The systemd init system

3

SYSTEM BOOT


• The system V init system

REMARK4.1:

The system V init is not anymore default in Debian 8 the systemd is.

DEFINITION4.1:

The system V init is a program that executes several processes by following instruction from the “inittab"

Reference for more details Lecture 1

4

BOOT SYSTEM


• Boot sequence of a machine running linux with “systemd”

BIOS

BOOT LOADER

LINUX KERNEL

INITRAMFS

INIT

executes

executes

executes

executes

/etc/init.d/rcS

/etc/init.d/rc 2

getty

executes

/etc/init.d/S02mountvirtfs

/etc/init.d/S75sudo

---

/etc/init.d/S10sysklogd

/etc/init.d/s99gdm

---

5

SYSTEM BOOT


• The systemd init systemQUOTE6.1:

“Real init” is provided by the “systemd"

CULTURE6.1:

“systemd” is relatively young as “init system” and it is the default in debian Jessie However,

it already existed to some extant trough debian “Wheezy”

6

BOOT SYSTEM


• Boot sequence of a machine running linux with “systemd”

BIOS

BOOT LOADER

LINUX KERNEL

INITRAMFS

SYSTEMD

executes

executes

executes

executes

systemd-journal

gdm3

getty

sshdexecutes

7

BOOT SYSTEM


• System component

• Each one is described by a “unit file”[Section] Directive1 = value Directive2 = value …

EXAMPLE8.1: [Unit] Description=OpenBSD Secure Shell server After=network.target audits.service ConditionPathExists=!/etc/ssh/sshd-not-to-be-run

[Service] EnvironmentFile=-/etc/default/ssh ExecStart=/usr/sbin/sshd -D $SSHD_OPTS ExecReload=/bin/kill -HUP $MAINPID KillMode=process Restart=on-failure

[Install] WanteBy=multi.user.target Alias=sshd.service 8

BOOT SYSTEM


• Journald DEFINITION9.1:

systmd contains a personal logging system called the journal or jouranld; thus running a “syslog” daemon is not needed anymore.

To read the journal logs use: # journalctl

EXAMPLE9.1:

# journalctl -u ssh.service-- Logs begin at Tue 2015-03-31 10:08:49 CEST, end at Tue 2015-03-31 17:06:02 CEST. --Mar 31 10:08:55 mirtuel sshd[430]: Server listening on 0.0.0.0 port 22.Mar 31 10:08:55 mirtuel sshd[430]: Server listening on :: port 22.Mar 31 10:09:00 mirtuel sshd[430]: Received SIGHUP; restarting.

A UNIX PROGRAM THAT RUNS IN THE BACKGROUND OF THE SYSTEM

9

BOOT SYSTEM


• To keep displaying the logs use:

• In case service not working properly or does not work at all.

• first step check that the service is running

• Second strep checking again the journal log files and fixing the error

• Last step restart the services

Command-line flag: -f

use: # systemctl status

EXAMPLE6.1:

# systemctl status ssh.service! ssh.service - OpenBSD Secure Shell serverLoaded: loaded (/lib/systemd/system/ssh.service; enabled)Active: failed (Result: start-limit) since Tue 2015-03-31 17:30:36 CEST; 1s agoProcess: 1023 ExecReload=/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCESS)Process: 1188 ExecStart=/usr/sbin/sshd -D $SSHD_OPTS (code=exited, status=255)Main PID: 1188 (code=exited, status=255)Mar 31 17:30:36 mirtuel systemd[1]: ssh.service: main process exited, code=exited,å status=255/n/aMar 31 17:30:36 mirtuel systemd[1]: Unit ssh.service entered failed state.Mar 31 17:30:36 mirtuel systemd[1]: ssh.service start request repeated too quickly,å refusing to start.Mar 31 17:30:36 mirtuel systemd[1]: Failed to start OpenBSD Secure Shell server.Mar 31 17:30:36 mirtuel systemd[1]: Unit ssh.service entered failed state.

10

BOOT PROCESS


• Other Type Unit Files:

• Socket activation: a “socket” unit file can be used to describe a network or Unix socket managed by systemd;

• Timers: a “timer” unit file describes events that occur with a fixed frequency or on specific times;

• Network: a “network“ unit file describes a network interface,

• Configuring

• Dependencies

11

REMOTE LOGIN

2.

Secure remote login: SSH

Remote graphic desktops

12

REMOTE LOGIN


• Remote login:

QUOTE13.1:

Remote login is very essential for a system administrator to be able to connect to a computer remotely. (makes life easy)

Remote login is a command line that allows to the user to get authorization to access the host computer remotely via the network or internet.

DEFINITION13.1:

13

REMOTE LOGIN


• Secure remote login: SSH

• SSH “Basics”:

Client Server

System

Requests

TAKES REQUESTS FROM THE CLIENT AND EXECUTE THEM

MAKE REQUESTS AND CONTROL THEM

14

REMOTE LOGIN



• Key Steps:

• Authentication

• Encryption

DEFINITION13.1:

The SSH (Secure Shell) is a protocol designed creating a secured and reliable connections.

15

REMOTE LOGIN



• SSH Architecture

Client Server

Authentication

Message Anhfk309s@kdfl.,xkw098 Message

Network

Encryption Decryption

16

REMOTE LOGIN



• SSH Layers

Application layer

ssh-connection session multiplexing, X11 and port

forwarding, remote command execution, etc. ssh-userauthentification

User authentication using public key, host name based, password,etc.

ssh-transport Initial key exchange and server authentication setup encryption

Transport layer TCP

Internet layer IPNetwork access layer Ethernet17

REMOTE LOGIN



• SSH Connection sequence

• A cryptographic handshake with the server is made.

• Connection between client & server is encrypted using symmetric cipher

• Client authenticates itself

• Client can now interact safely

18

REMOTE LOGIN



• SSH features

Strong authentication

Strong encryption

Authorization

Integrity of communication

Forwarding or tunneling

19

REMOTE LOGIN



• SSH Configuration files

• Example OpenSSH Config files:

System wide configuration files

User specific configuration files

20

REMOTE LOGIN




System wide configuration files: (stored in “/etc/ssh” directory)

File Name Description

ssh_config This files set the default configuration for all users of OpenSSH clients on that desktop/laptop and it must be readable by all users on the system.

sshd_config Configuration file for sshd server daemon

ssh_host_dsa_key The DSA private key used by the sshd daemon

ssh_host_dsa_key.pub The DSA public key used by the sshd daemon

ssh_host_rsa_kep The RSA private key used by the sshd daemon for version 2 of the SSH protocol

ssh_host_rsa_kep.pub The RSA public key used by the sshd for version 2 of SSH protocol 21

REMOTE LOGIN




System wide configuration files: (stored in “/etc/ssh” directory)

All running processes ID by SSH server will be stored in “sshd.pid” file and it is located in “/run/sshd.pid”

22

REMOTE LOGIN




User specific configuration files (located in “~User/.ssh”)

File Name Description

authorized_key2 This file holds a list of authorized public keys for users. (when the client connects to a server, the server authenticates the client by checking its signed public key stores with the file.)

id_dsa Contains the DSA private key of the user

id_dsa.pub Contains the DSA public key of the user

id_rsa Contains the RSA private key of the user

id_rsa.pub Contains the RSA public key of the user

known_hosts This file regroup DSA host keys of SSH servers accessed by the user. (This file is very important for ensuring that SSH client is connecting the correct SSH server)

23

REMOTE LOGIN



• SSH Key management

• SSH authentication users uses key pairs:

• private key

• public key

24

REMOTE LOGIN



• SSH Key management

• management commands

commands Description

ssh-keygen create key pairs

ssh-agent holds private key in memory

ssh-add adds key to the key agent

ssh-copy-iduse locally available

keys to authorize logins on a remote

25

REMOTE LOGIN



• Creating Encrypted Tunnels with Port Forwarding

• To create an encrypted tunnels between two machine:

• -R and -L options allows it.

• (the forward will be established in a secured way via local TCP port to the remote machine and vice versa.)

26

REMOTE LOGIN





• -L option will forwarding a local port with SSH

ssh -L 8080:server:80 SSH Connection

8080

80

27

REMOTE LOGIN





• -R option will forwarding a remote port with SSH

ssh -R 8080:server:80 SSH Connection

8080

80

28

REMOTE LOGIN



• File transfer

• “scp” command which is a line tool that can be used like “cp” to copy a file from a remote machine to your local machine.

• Another alternative is “sftp” that can transfer serval files and also manipulate the remote files.

scp [email protected]:file.txt /some/local/directory

sftp [email protected]:

“get” command to retrieve a file from the remote unix server get text.txt

“put” command to transfer a file from your machine to the remote unix system that you are connected to.

put file.txt

EXAMPLE29.1

29

mailto:[email protected]?subject=

REMOTE LOGIN


• Remote Graphical Desktops

• (e.g Virtual Network Computing)

ssh -L localhost:5901:localhost:5900 -N -T machine

DEFINITION30.1:

VNC is a tool that permits remote access to graphical desktops.

REMARK30.1:

In case you are using VNC and you want your data not to be visible on the network in plain text, then you have to encapsulate the data in an SSH tunnel (Reference previous section “Creating Encrypted Tunnels with Port Forwarding”)

CREATE A TUNNEL BETWEEN LOCAL PORT 5901 IN THE LOCALHOST INTERFACE AND PORT 590030

MANAGING RIGHTS

3. WHO

WHEN

HOW

HOW LONG

WHAT

WHICH

31

MANAGING RIGHTS


• Managing rights:

QUOTE32.1:

As we know linux is definitely a multiuser system, therefore we have to provide a permission system to the control the overall authorized operations on the files and directories.

RECALL :Ownership Description Permission Description

Owner User, Symb “u” Reading read, Symb “r”

Owner Group Group, Symb ”g” Writing write, Symb “w”

Others Others, Symb “o” Executing eXecute, Symb

“x”32

MANAGING RIGHTS


• Security

• for executing files:

• setuid “set user ID”

• setgid “set group ID”

REMARK33.1:

setuid and setgid are symbolised by “s”. Note that we used in previous lecture word “bit”, since each of this boolean are represented by 0 or 1.

33

MANAGING RIGHTS


• Security

• for executing files:

• setuid “set user ID”

• setgid “set group ID”

REMARK34.1:

Moreover, a setuid root program is systematically run under super-user identity which make is very important to ensure it is secured and reliable.

Let’s suppose we have user A and user B. User A owns the setuid shell, then any other user including user B inherit the user A permission to execute the file; therefore user B has the ability to delete all the file owned by user A.

EXAMPLE34.1

!

34

MANAGING RIGHTS


• Understanding permissions

TYPEACCESS MODE

LINKS

USER

GROUP SIZE (BYTES)

MODIFICATION DATE AND TIME

NAME

USER PERMISSION

GROUP PERMISSION

OTHER PERMISSION

FILESYSTEM PERMISSION BIT

35

MANAGING RIGHTS



• Commands for controlling permissions associated to files:

chown <user> <file>

chgrp <group> <file>

chmod <rights> <file>

changes the owner of the file

alters the owner group

changes the permission for the fileREMARK36.1:

setgid bit can be used for directories. if it is set then any other newly created file or directory will inherits the same group as the parent directory. the sticky bit is a permission that is only useful in directories because it gave you the power to protect your shared folders and their items from deletion by other users who has the write permission.

36

MANAGING RIGHTS



• Adding rights in the commands+ = Add

- = Remove

chmod u+w file

u = Owner g = Group

a = All / o = Other

r = Read w = Write

x = Execute

37

MANAGING RIGHTS



• Adding rights in the commands

• Recursive operation:

• We need to change the rights for an entire file tree:

• Changing the user and the group:

chmod -R u+w directory

chown user:group file

38

MANAGING RIGHTS



Permissions Description

--S --- --- SETUID IS SET, HOWEVER USER/OWNER EXECUTE PERMISSION IS NOT SET.

--s --- --- setuid and user execute permission is both set.

--- --S --- SETGID IS SET, HOWEVER GROUP EXECUTE PERMISSION IS NOT SET.

--- --s --- setgid and group execute permission is both set.

--- --- --Tsticky bit is set, but other execute permission is not

set

--- --- --t sticky bit and other execute permission are both set.

USER GROUP OTHER

39

ADMINISTRATION INTERFACE

4.

Administrating on a web interface: webmin/debian maintainer

Configuring Packages: debconf

40



• Using interface for administrating

• Why

• Because administrators does not know all the configuration details

• no time to dig into the documentation

In general

Since no interface is perfect, then it should be considered as an aid tool to save time

41



• Using interface for administrating

• Administrating on a web interface:

• web interface provides all base services:

REMARK42.1:

webmin is no longer part of debian, now you have debian maintainer. (it still exist as external packages)

✴user and group management ✴bind: DNS server configuration (name server) ✴postfix: SMTP (Simple Mail Transfers Protocol) server configuration (email) ✴inetd: configuration of the inetd super-server ✴quota: user quota management ✴dhcpd: DHCP (Dynamic Host Configuration Protocol) server configuration ✴etc. 42



• Configuring Packages debconf:REMARK43.1:

most of the packages are automatically configured when you install them through the Debconf tool.

you can reconfigure the packages using command: “dpkg-reconfigure package”

43

“SYSLOG” SYSTEM EVENTS

5.

Principle and mechanism

Configuration file

44



• Principle and mechanism:

• Every syslog contains:

DEFINITION45.1:

rsyslogd daemon is the one responsible for collecting services message s from the applications and also the kernel, then dispatching them into the log file.

what? descriptionPRI facilities and priority/severity values

Header Timestamp Hostname IP

MSGTag: name of generating program of

process Content: message details

45




• Facilities (application subsystem)• auth and authpriv: for authentication; • cron: comes from task scheduling services, cron and atd; • daemon: affects a daemon without any special classification (DNS, NTP, etc.); • ftp: concerns the FTP (File Transfer Protocol) server; • kern: message coming from the kernel; • lpr: comes from the printing subsystem; • mail: comes from the e-mail subsystem; • news: Usenet subsystem message (especially from an NNTP (Network News Transfer Protocol) server that manages newsgroups); • syslog: messages from the syslogd server, itself; • user: user messages (generic); • uucp: messages from the UUCP server (Unix to Unix Copy Program, an old protocol notably used to distribute e-mail messages); • local0 to local7: reserved for local use.

46




• Priority level:

• emerg: “Help!” There is an emergency, the system is probably unusable.• alert: hurry up, any delay can be dangerous, action must be taken immediately;• crit: conditions are critical;• err: error;• warn: warning (potential error);• notice: conditions are normal, but the message is important;• info: informative message;• debug: debugging message.

47




Facility: ={ mail: email subsystem authpriv: authentication cron: task scheduling }

Priority: = { info: informative message }

EXAMPLE48.1:

48



• The configuration file:

• The configuration file are structured in three layers:

1) Modules

2) Directives

3) Rules

a. Syntax of the selector

b. Syntax of the actions

REMARK49.1:

The syntax of the configuration file “/etc/rsyslog.conf” is detailed in the syslog.conf(8)

49




• Modules:

• The modules has two categories:

DEFINITION50.1:

“rsyslog”has a modular architecture. This latter enables functionalities to be added dynamically through these modules.

Categories Description

Input modules gather message from different sources

Output modules

podcast or write message to various locations (e.g. file,

socket,etc.)

Parser modules parse the message content

50




• Modules:EXAMPLE51.1:

51




• DirectivesDEFINITION52.1:

All the directives must set and defined because it has an influence on the rules

EXAMPLE52.1:

52




• Rules

• Syntax of the selectorDEFINITION53.1:

The selector is a semicolon-separated list of subsystem.priority pairs

SECTOR: FACILITY AND PRIORITY

53




• Rules

• Syntax of the actionDEFINITION54.1:

The action is set of possible action that can done such as: write, send, add, etc.

ACTION: WRITE DESTINATION

54

SCHEDULING TASKS WITH CRON AND AND

6.

55

SCHEDULING TASKS WITH CRON & ATD


• Scheduling Tasks with:

• cron

• atd

DEFINITION56.1:

cron is the daemon responsible for executing scheduled and recurring commands. (everyday, every week,etc.)

DEFINITION56.2:

atd is the one in charge of dealing with the commands to be executed a single time at a specific moment in the future.

56



• Unit-Like system, scheduled updates:EXAMPLE57.1: • back-ups

• maintenance scripts (e.g. cleaning out temporary files) • updating the database for the locate program • etc.

57



• Unit-Like system, scheduled updates:EXAMPLE57.1: • back-ups

• maintenance scripts (e.g. cleaning out temporary files) • updating the database for the locate program • etc.

REMARK57.1:

Each user can program its own customized scheduled tasks on “crontab” directory.

“/var/spool/cron/crontabs/user file”

For the root user has its own“crontab” file located in “/etc/crontab file” or can also write additional crontab files in the “/etc/cron.d” directory.

58



• Unit-Like system, scheduled updates:

• the cron package contains by default the following scheduled tasks:

• Security

Programs locations Description

/etc/cron.hourly/ once per hour/etc/cron.daily/ once per day

/etc/cron.weekly/ once per week

/etc/cron.monthly/ once per month

REMARK59.1:

You can create restriction to access cron file by configuring “/etc/cron.allow”. (where you can indicate the user authorized to schedule commands)

59



• Unit-Like system, scheduled updates:

• crontab file format:

MINUTES

HOURDAYS OF MONTH

(1-31)

MONTH (1-12) DAYS OF WEEK (0=SUN, 1=MON, 2= TUE, 3= WED, ETC.)

USER ID TO RUN THE COMMAND WITH

THE COMMAND TO RUN

60

COMMAND

SCHEDULING ASYNCHRONOUS TASKS

7.

anacron

61



• Scheduling asynchronous Tasks with:

• anacronDEFINITION62.1:

anacron is the daemon that completes cron for computers that are not on on at the moment scheduled tasks.

REMARK62.1:

For more details about anacron check anacrontab(5) manual page

62



• anacron file format:

THE PERIOD (IN DAYS) BETWEEN INVOCATIONS OF

THIS JOB.

THE SHELL COMMAND THAT ANACRON WILL RUN

THE JOB NAME. THE NAME IS USED FOR THE JOB’S

TIMESTAMP FILE, AND IN ANY MESSAGES THAT

ANACRON GENERATES

THE DELAY (MINUTES) BEFORE THE JOB WILL RUN. THE DELAYS ARE

USED TO PREVENT ANACRON FROM DOING ALL THE JOBS AT ONCE.

63

QUOTAS 8.

64

QUOTAS


• Quotas:DEFINITION65.1:

The quota allows to set limitation on the use of space disk and file system by user or group.

REMARK65.1:

In order to set a quotas you need a kernel that support it, which is the case of the debian. The quota management software is found in the quota debian package.

65

QUOTAS


• Activating the quotas:

• the quotas are activated in the filesystem

• you should indicates:

• usrquota

• grpquota+ In /etc/fstab

edquota user edquota -g group edquota -t

command permits to change the l imits w h i l e e x a m i n i n g current disk space usage

ASSIGN QUOTA PER

USER

ASSIGN QUOTA PER

GROUP

ASSIGN QUOTA PER FILE SYSTEM 66

QUOTAS


• Activating the quotas:

• the quotas limits types

• hard: prevent the user from using more space when the limit of the allocated space is reached.

• soft: does not prevent the expansion of the quota, however it does generate configured notification.

67

QUOTAS


• The quotas:

DEFINITION68.1:

the filesystem divides the hard drive into blocks and they are small continuous areas. The blocks are used to store real data of a file or meta data used by the filesystem.

DEFINITION68.2:

Among the meta-data you can find the inodes which uses the blocks on the hard drive. They can also reference or point to list of blocks.

68

for showing quota summary (-a) for all filesystems (-s) for number of users and inodes

QUOTAS


• Inodes/Blocks:

69

BACKUP 9.

Backing up with rsync

70

BACKUP


• Backup:

Making backups is an important tasks that system administrator have to do, no matter how its complexity is.

EXAMPLE71.1:

They are so many programs that can help to make backups such as: amanda, bacula, backupPC, etc. (their configuration might be difficult, their provided interface might be not really friendly, etc ).

No Panic!!! Debian contains dozens of other backup tools and softwares that can make your life easy.

QUOTE71.1:

71

BACKUP


• Backup:

• Objective behind backups in system Admin:

• Recovering erroneously deleted files

• Quickly restoring any machine whose hard drive has failed.

• Server

• Desktop

72

BACKUP


• Backing up with rsync:

• Characteristics:

• Efficiency (in coping or synchronizing)

• Faster then scp

• Capable of copying links, devices, owners, groups and permissions.

• Consume less bandwidth.

DEFINITION73.1:

rsync is a build protocol for unix like systems that allows backing up, copying and synchronizing data, remotely or locally.

73

BACKUP



• Basic syntax command of rsync:

• Options:

# rsync options source destination

Options Description

-v Verbose

-rcopies the data recursively

(without timestamps or permissions)

-a archive mode-h human readable output-z compress copied file

74

BACKUP



• rsync:

• personalized script

EXAMPLE75.1:#!/bin/sh

# This script does personal backups to a rsync backup server. You will end up# with a 7 day rotating incremental backup. The incrementals will go# into subdirectories named after the day of the week, and the current# full backup goes into a directory called "current"# [email protected]

# directory to backupBDIR=/home/$USER

# excludes file - this contains a wildcard pattern per line of files to excludeEXCLUDES=$HOME/cron/excludes

# the name of the backup machineBSERVER=owl

# your password on the backup serverexport RSYNC_PASSWORD=XXXXXX########################################################################BACKUPDIR=`date +%A`OPTS="--force --ignore-errors --delete-excluded --exclude-from=$EXCLUDES --delete --backup --backup-dir=/$BACKUPDIR -a"export PATH=$PATH:/bin:/usr/bin:/usr/local/bin

# the following line clears the last weeks incremental directory[ -d $HOME/emptydir ] || mkdir $HOME/emptydirrsync --delete -a $HOME/emptydir/ $BSERVER::$USER/$BACKUPDIR/rmdir $HOME/emptydir

# now the actual transferrsync $OPTS $BDIR $BSERVER::$USER/current75

BACKUP



• rsync:

• easy to implement using dirvish program

• for more details check:

• http://www.dirvish.org/dirvish.conf.5.html

• http://www.dirvish.org/debian.howto.html

76

http://www.dirvish.org/dirvish.conf.5.html

http://www.dirvish.org/debian.howto.html

BACKUP



• rsync:

• dirvish

EXAMPLE52.1:

bank: #storage space location/backup

exclude: #exclude filelost+found/*~.nfs*

Runall:root 22:00

expire-default: +15 daysexpire-rule:# MIN HR DOM MON DOW STRFTIME_FMT

* * * * 1 +3 months* * 1-7 * 1 +1 year* * 1-7 1,4,7,10 1* 10-20 * * * +4 days

# * * * * 2-7 +15 days

/etc/dirvish/master.conf

client: thishosttree: /xdev: trueindex: gzipimage-default: %Y%m%dexclude:

var/cache/apt/archivesvar/cache/mantmpvar/tmp

/backup/root/dirvish/defualt.conf

MASTER CONFIGURATION

SPECIFY THE FILES TO BE BACKED UP

77

HOT PLUGGING

10.

Introduction

Problematic

How udev works

78

HOT PLUGGING


• Introduction:DEFINITION79.1:

The hotplug is a kernel subsystem and has the ability to handle dynamically the additional or removal of devices using the right drivers and creating device files.

REMARK79.1:

the kernel has a database associated with all device ID and their drivers that is used during the boot process to mount all hardware part. At this level a message is sent to “udevd”in order to create a corresponding entry in /dev/.

EVENT MANAGING DAEMON. IT LISTEN TO KERNEL EVENTS AND EXECUTE THE CORRESPONDING INSTRUCTIONS.

79

HOT PLUGGING


• Problematic:

USER SPACE

KERNEL

HARDWARE

PROCESS 1

PROCESS 2

PROCESS 3

KERNEL CORE

DRIVER 1 DRIVER 2

DEVICE 1

DEVICE 2

hardware communication

inter-kernel communication

user-kernel communication

80

HOT PLUGGING


• Problematic:

USER SPACE

KERNEL

HARDWARE

PROCESS 1

PROCESS 2

PROCESS 3

KERNEL CORE

DRIVER 1 DRIVER 2

DEVICE 1

DEVICE 2




DEVICE N

?

81

HOT PLUGGING


• Problematic:

USER SPACE

KERNEL

HARDWARE

PROCESS 1

PROCESS 2

PROCESS 3

KERNEL CORE

DRIVER 1 DRIVER 2

DEVICE 1

DEVICE 2




DEVICE N

?

How to call the device? which permission to assign to it? which driver ?

82

HOT PLUGGING


• Problematic:

USER SPACE

KERNEL

HARDWARE

PROCESS 1

PROCESS 2

PROCESS 3

KERNEL CORE

DRIVER 1 DRIVER 2

DEVICE 1

DEVICE 2




DEVICE N

?

How to call the device? which permission to assign to it? which driver ?

kernel cannot handle this dynamic allocation it needs help from an outsider83

HOT PLUGGING


• How udev works:INFORMATION ABOUT DEVICE

TO MOUNT

RECEIVE NOTIFICATIONS OF EVENTS AND ALSO POST EVENT NOTIFICATIONS

RESPONSIBLE FOR DISCOVERING, ENUMERATING AND MEDIATING ACCESS

TO MOST OF THE HARDWARE ON THE HOST COMPUTER

RESPONSIBLE FOR INFORMING OTHER USER LAND APPLICATIONS OF

CHANGES. 84

system administration mtat.08.021 lecture 3 unix … · 2016. 3. 2. · remote login lecture 3:...

Documents