Priority Level
Meaning
none
No priority
debug
Log debugging messages; used by programmers and software testers
info
Log informational messages generated by the program to specify what it is doing
notice
Log events worth noting such as opening files, writing to disk, mounting attempts
warning
Log detected potential problems
err
Log errors that arise that do not cause the program to terminate
crit
Log errors that arise that will cause the program to terminate
alert
Log errors that not only cause the program to terminate but may also cause
problems with other running programs
emerg
Log errors that could cause the entire OS to crash
System Initialization and Services
◾
477
You might notice also that the very first rule above is commented out. The klogd dae-
mon is already logging kernel messages for us. By uncommenting this rule, we would also
see all such messages sent to the administrator’s console.
Now let us imagine as a system administrator, we wanted to add our own log file. In this
case, we want to log all messages that originate from any of the services. The source would
be daemon. We could add the rule
daemon.*
/var/log/daemons
Or, if we prefer to only view important messages from our services, we might use
daemon.warn
so that only warnings and higher-level messages are logged. Now,
with our conf file modified, we need to save this file and restart the syslog/rsyslog service.
We would issue one of the two instructions:
/sbin/service syslog restart
/etc/init.d/syslog restart
You would use rsyslog for a newer Linux system.
11.7.2 Configuring nfs
The nfs service supports network file sharing by permitting file systems to be remotely
accessible over network. Although originally intended for local area network file sharing,
file systems can be remotely accessed over any network. We explored this in Chapter 10
when we demonstrated how to set up a file system to be remotely accessible.
The nfs service accesses three separate files. First is /etc/fstab. All file systems listed in /
etc/fstab are automatically mounted when the system is booted, or the
mount –a
com-
mand is issued. To mount a remote file system, the system administrator can either issue
the mount command from the command line, or preferably, add the remote file system to
the /etc/fstab file.
Second is /etc/exports. Any file system that is to be exported (made available remotely)
is listed here. The format here is
local_mount_point network_address(es)(options)
as in
/home/coolstuff 10.11.0.0/16(ro,sync)
In this case, /home/coolstuff can be mounted remotely by any machine whose IP address
starts with 10.11. The file system is synchronized and read-only (the file system itself may
be writable on the local host but read only for those remotely mounting it).
Third is the nfs configuration file, /
etc/nfsmount.conf
. This file contains three sec-
tions: mount point options, server options, and global options. The mount point options
478
◾
Linux with Operating System Concepts
are specific for each mount point. The server options are specific to a single server. The
global options are true of all file systems mounted. Options include whether mounting is
performed in the background or foreground, the protocol used for accessing the file sys-
tem (e.g., tcp, udp), block sizes for reads and writes, timeout amount, cache amounts, and
default mounting options such as version of nfs.
Altering any of these three files will require restarting the nfs service. One additional
instruction is exportfs. This instruction maintains a table of exported file systems via the
nfs protocol. This can be useful if you are permitting remote mounting of a file system
so that you can reference which file systems need to be exported. By default, this table is
stored in /
var/lib/nfs/etab
.
11.7.3 Other Service Configuration Examples
Unlike the complexity of either syslog or nfs, the configuration file for atd is simple. Stored
as /etc/sysconfig/atd, this file will contain any options that you wish to force atd to use.
These are the same options that you can specify when atd is executed. For instance, -l spec-
ifies a limiting load factor. By default, atd will only run a waiting batch job when the CPU
load drops below 80%. With –l, you are able to alter this behavior. The option –b allows you
to specify the minimum amount of time between atd running any two waiting batch jobs.
By default, this value is 60 seconds.
As mentioned in Section 11.5.2, the auditd software logging service has no less than
three configuration files. The primary configuration file is located under /
etc/audit/
auditd.conf
. This file stores the configuration for how auditd will run. For instance,
it specifies the location and name of the log file generated, the format of the log file, the
number of log files to retain, the maximum size of a log file before log file rotation should
kick in (or some other action, including suspending the daemon until some other action
takes place, or send a message to syslog to log a warning), and flushing operations to delete
entries from log files. The /etc/audit directory also contains a rules file,
audit.rules
. See
Table 11.4 for a description of the rule format. The file /
etc/sysconfig/auditd.conf
contains directives for extra auditd options. Specifically, this file is used to control how
auditd starts and stops as opposed to the configuration of how auditd runs. This file con-
trols the language that auditd uses (defaults to U.S. English) and whether the audit system,
including system calls, should be shut down when auditd is not running.
The cups configuration file, /
etc/cups/cupsd.conf
, contains directives much like
those found in the Apache conf file (we explore this in Chapter 15). An examination of this
file shows us values such as
•
LogLevel warn
—level for message logging
•
SystemGroup sys root
—user name and group name that this process runs
under
•
Listen ...
—IP address(es) and port(s) to listen for messages under
•
BrowseOrder allow,deny
—establish order to read BrowseAll and BrowseDeny
System Initialization and Services
◾
479
•
BrowseAllow all
—specify who is allowed to share this printer
•
BrowseDeny
IPaddr
—specify those locations who are not allowed to access the
printer
Many of the directives are placed inside of containers such as
<
Location
>
,
<
Policy
>
, and
<
Limit
>
. We will withhold any further explanation of containers until we examine Apache.
The kdump service can be controlled through the GUI that we explored in Section
11.6. There is also a configuration file, /
etc/kdump.conf
, which can be used to control
kdump. The directives found here include the options as found in the GUI. For instance,
you can specify the values in the local file system for the path and partition of the gener-
ated dump file, or the raw device or network destination for the dump, as found under the
Target settings tab. This file though contains additional directives such as the specification
of a script or executable program to run immediately prior to and after the dump.
Not all configuration files are coupled with a specific service. Instead, some files store
configuration data that may be used by multiple services or the kernel. In these cases, alter-
ing the configuration file does not require restarting a service. We see a list below of some
of the more prominent files and their roles. We have already explored many of these and
will see more of these in Chapter 12.
• /etc/fstab—list of file systems to mount upon system initialization or execution of the
command
mount –a
.
• /etc/group, /etc/passwd, /etc/shadow—group account, user account, and user pass-
word files. These files are accessed by groupadd, groupdel, groupmod, useradd,
userdel, usermod, chage, passwd, and authentication programs.
• /etc/hosts—lists IP alias to IP address mapping to bypass a DNS request.
• /etc/hosts.allow, /etc/hosts.deny—list of IP addresses of machines that are permitted
access or not permitted access to this computer.
• /etc/nologin—a text message that, if it exists, prevents nonroot users from logging in.
In such a case, this text message is displayed to users. This allows the system admin-
istrator to prevent all user logins during maintenance.
• /etc/resolv.conf—lists the IP addresses of the computer’s DNS server(s)
There are also many notable user configuration files. These files, stored in the user’s
home directory (or a subdirectory), are all dot files (start with a dot). These include login
and shell starting scripts such as .bashrc, .bash_profile, .cshrc, and .profile. There are also
logout scripts such as .bash_logout to specify what happens as a shell exits. Another Bash
file is .bash_history, which contains the history list. Other files are software specific such
as .emacs and .virc (or .vimrc) to store startup information for emacs and vi, respectively.
Similarly, .mail.rc is the user initialization file for the mail program. There are also a num-
ber of dot directories storing various software-related initialization and data files such as
480
◾
Linux with Operating System Concepts
.gnome2 for the Gnome display, .mozilla for the Firefox browser, and .openoffice.org for
OpenOffice user preferences.
11.8 CHAPTER REVIEW
Concepts and terms introduced in this chapter:
• Booting—the process of starting a computer. The boot process includes running a
power on self-test, locating bootable devices, loading the operating system kernel,
and initializing it.
• Boot loader—a program that performs the portion of booting that locates and loads
the operating system kernel.
• Configuration file—a file of directives or options that define how a service will exe-
cute. Changing the configuration file will alter the service’s behavior.
• CUPS—common Unix printer system, which is a service controlling access to system
printers, including the ability to print, track print jobs, cancel print jobs, and alter
printer configuration information.
• init—the first process run in Linux, its role is to initialize the operating system so that
it is ready for user interaction.
• Master boot record—a reserved location on the hard disk storing a portion of the
boot loader so that the boot loader can be found and begin execution during the boot
process.
• Nonvolatile memory—a form of memory whose contents are retained even without
power. ROM is a form of nonvolatile memory.
• Ramdisk—using memory to mimic the file system so that the operating system can
access contents using file commands without the slower interaction with disk files.
Linux uses ramdisks extensively.
• ROM—read-only memory, made up of nonvolatile memory. This type of memory has
its contents permanently fixed in place so it can be read from but not written to. The
primary use of ROM is to store the boot program (or a portion of it).
• Rules file—some services use multiple configuration files, separating directives/
options from rules that specify the types of tasks the service should handle.
• Runlevel—a number, 0 to 6, that indicates the services that are available (started/
stopped). The common runlevels are 5 (GUI, multiuser, network) and 3 (text-based,
multiuser, network). The runlevel is established early in the init process execution
using the file /etc/inittab.
• Service—an operating system program that responds to service requests from any
number of sources. Services are background processes, which only execute when called
upon.
System Initialization and Services
◾
481
• Upstart—recent versions of Linux have modified the init process so that it now runs
in an event-based way so that devices that take longer to respond (or are unrespon-
sive) have no impact on the init process continuing through its tasks.
• Volatile memory—a form of memory that requires a constant power input to retain
its contents. Both SRAM (cache, registers) and DRAM (main memory) are forms of
volatile memory.
Linux commands covered in this chapter:
• chkconfig—view or alter the runlevels that each service is started or stopped in
• dmesg—display the kernel ring (messages generated during kernel initialization)
• /sbin/init—first process run by the Linux kernel, responsible for bringing the rest of
the operating system up to usage after kernel initialization
• /sbin/service—command used to start/stop services
• telinit—command to switch runlevels after init is running
Linux files, scripts, and directories covered in this chapter:
• /etc/inittab—file storing the startup runlevel (along with other behaviors)
• /etc/init.d/—directory storing scripts used to start and stop services
• /etc/init.d/cups—subdirectory storing cups service configuration files and specific
printer configuration files
• /etc/init/rcS.conf—script that tests for an emergency situation upon startup and then
executes other initialization scripts
• /etc/init/rc.conf—script to provide the runlevel to the rc script
• /etc/rc.d/rc—based on the runlevel, starts and stops services
• /etc/rc.d/rc.sysinit—startup script that initializes hardware, loads modules, mounts
Do'stlaringiz bilan baham: |