Understand Linux profile

xiaoxiao2021-03-06  71

Classification and use

Subodh Soni (Subodh@in.ibm.com)

IBM software engineer

This article describes the profile of the Linux system, in multi-user, multi-tasking environments, configuration file control user rights, system applications, daemons, services, and other management tasks. These tasks include managing user accounts, assigning disk quotas, managing email, and newsgroups, and configuring kernel parameters. This article also classifies the configuration files in the Red Hat Linux system based on the use of the configuration file and the services they affect.

Introduction

Each Linux program is an executable file that contains an operating code list, and the CPU will execute these opcodes to complete a specific operation. For example, the LS command is provided by the / bin / ls file, which contains a list of machine instructions, which displays these machine instructions when displaying a list of files in the current directory on the screen. Almost every program can be customized by modifying its profile or needs to be customized.

Is there a standard profile format in Linux?

One sentence, no. Users who are not familiar with Linux will be frustrated because each profile looks like a new challenge to welcome. In Linux, each programmer can freely select his or her favorite profile format. There are many formats that can be selected, from the / etc / shells file (which contains a list of shells separated by a wrap), to the complex /etc/httpd.conf file of Apache.

What is a system profile?

The kernel itself can also be seen as a "program". Why is the kernel need a configuration file? The kernel needs to understand the list of users and groups in the system, and then manage file privileges (ie, determine if a specific user (UNIX_USERS) can open a file). Note that these files are not explicitly read by the program, but is read by a function provided by the system library and is used by the kernel. For example, the program should not open the / etc / passwd file when the program needs a user (encrypted) password. Instead, the program should call the GetPW () function of the system library. This function is also known as system calls. The password of the UTC / PASSWD file and then lookup that the requested user is determined by the kernel (through the system library).

Most of the configuration files in the Red Hat Linux system are in the / etc directory unless otherwise specified. The configuration file can be roughly divided into several categories:

Access file

/etc/host.conf tells the network domain name server how to find the host name. (Usually / etc / hosts, then the name server; can be changed via NetConf)

/ etc / hosts contains a list of known hosts in the local network. If the IP of the system is not dynamically generated, you can use it. For simple hostname parsing (dummy representation), / etc / hosts.conf usually tells the resolution program before requesting a DNS or NIS Network Name Server.

/etc/hosts.allow See the Hosts_Access's online help page. At least read by TCPD.

/etc/hosts.deny Please refer to the Hosts_Access's online help page. At least read by TCPD.

Guide and login / logout

/ etc / ixue & /etc/issue.net These files are read by MINGETTY (and similar programs) to display a "Welcome" character to users connected to the terminal (Issue) or through the Telnet session (Issue.Net). string. They include several lines of information about the Red Hat version number, name and kernel ID. They are used by rc.local. / etc / redhat-release information includes information on the RED HAT version number and name. Used by rc.local.

/etc/rc.d/rc typically runs at all run levels, levels as parameters. For example, to boot the machine with a Graphics mode (X-Server), run the following command in the command line: init 5. Running level 5 indicates a graphical mode boot system.

/etc/rc.d/rc.local is informal. You can call from RC, RC.SYSINIT or / ETC / INITTAB.

/etc/rc.d/rc.sysinit is usually the first script for all run levels.

/etc/rc.d/rc/rcx.d The script running from the RC (X represents any number between 1 to 5). These directories are directorys for specific "run levels". When the system starts, it recognizes the run level to be started, then call all startup scripts existing in the specific directory of the run level. For example, when the system is started, "Entering Run-Level 3" will be displayed after the boot message; this means that all initialization scripts in the /etc/rc.d/rc3.d/ directory will be called.

File system

The kernel provides an interface to display some of its data structures, which may be useful for determining system parameters such as interrupts used, initialized devices and memory statistics. This interface is provided as an independent but virtual file system, called / proc file system. Many system utilities use the values ​​existing in this file system to display system statistics. For example, the / proc / modules file enumerates the module currently loaded in the system. The lsmod command reads this information and then displays it in the format that people can understand. The MTAB file specified in the table below reads the / proc / mount file containing the currently installed file system in the same manner. / etc / mtab This will continue to change as the / proc / mount file changes. In other words, when the file system is installed and uninstalled, the change will be immediately reflected in this file.

/ etc / fstab lists the computer current "can install" file system. This is very important, because the computer boot will run the mount -a command, which is responsible for installing each file system with the "1" tag in the second column of the FSTAB.

/etc/mtools.conf DOS type of file system all operations (create directory, replication, formatting, etc.) configuration.

System Management

/ etc / group contains valid group names and users included in the specified group. Single users can exist in multiple groups if multiple tasks are executed. For example, if a "user" is a member of the "Project 1" engineering group, it is also an administrator, then his entry in the group file looks like this: user: *: group-id: project1

/ etc / nologin If there is a / etc / nologin file exists, login (1) will only allow root users to access. It will display other users to this file and reject its login.

Etc / Passwd See "Man Passwd". It contains some user account information, including a password (if it is not encrypted by the Shadow program).

/ etc / rpmrc rpm command configuration. All rpm command line options can be set together in this file so that all options are globally available when any RMM commands are running in the system. / etc / securetty contains the device name, composed of TTY lines (one name per line, does not include the front / dev /), and the root user is allowed to log in.

/ etc / usertty

/ etc / shadow contains the encrypted user account password information, and can also include password aging information. The fields included are:

log-in name

Encrypted password

From January 1, 1970 to the last number of days to password

The number of days before the password can be changed

The number of days before the password must be changed

The number of days before password expires before the password

Post-expiration of the account is disabled

From January 1, 1970 to the number of days to be disabled

/ etc / shells contains a list of possible "shells" available for system.

/ etc / motd daily message; use when administrators want to communicate a message to all users of the Linux server.

networking

/etc/gated.conf Gated configuration. Can only be used by the Gated daemon.

/etc/gated.version contains the version number of the GATed daemon.

/ etc / gateway is optionally used by the ROUTED daemon.

/ etc / networks enumerate the network name and network address that can be accessed from the network connected to the machine. Use by routing commands. Allow the use of the network name.

/ etc / protocols enumerate the currently available protocol. See NAG (Network Administrator Guide, Network Administrators Guide) and online help pages.

The C interface is GetProtoent. Never change it.

/etc/resolv.conf tells the kernel which name server should be queried when the program requests "parsing" an IP address.

/ etc / rpc contains RPC instructions / rules that can be used in NFS calls, remote file system installations.

/ etc / exports To export the file system (NFS) and the permissions to it.

/ etc / services convert the network service name to the port number / protocol. Read by inetd, telnet, tcpdump, and some other programs. There are some C access routines.

/etc/inetd.conf inetd configuration file. See the inetd online help page. The entry containing each network service, INETD must control these network services to control daemon or other services. Note that the service will run, but they commented in / etc / services, so even if these services are running. Format is:

/etc/sendmail.cf Mail Program Sendmail configuration file. It is more embarrassing and it is difficult to understand.

/ etc / sysconfig / network pointing out NetWorking = YES or NO. At least it is read by rc.sysinit.

/ etc / sysconfig / network-scripts / if * Red HAT network configuration script.

System command

The system command should be exclusively control the system and let everything work. All programs such as login (completed console user authentication phase) or Bash (providing interactions between users and computers) are system commands. Therefore, the documents related to them are also particularly important. This category has the following documents that make users and administrators interested. /etc/lilo.conf contains the default boot command line parameters of the system, as well as different images used during startup. You can see this list when you press the Tab while the LILO boot prompt. The /etc/logrotate.conf Maintains the log file in the / var / log directory.

/etc/identd.conf identd is a server that implements the standard Ident user identity identification protocol for TCP / IP proposals in the way specified in the RFC 1413 document. Identd's operating principle is to find a specific TCP / IP connection and return a user name that has this connection. Alternatively, it can also return other information instead of a username. Please refer to the IdentD online help page.

/etc/ld.so.conf "Dynamic Linker" configuration.

/ etc / inittab In the year, this is the first configuration file in UNIX. The first program started after a UNIX machine is open is init, which knows what to start, this is due to the existence of inittabs. When the run level changes, the initTab reads initTab and then controls the startup of the main process.

/ etc / termcap A database contains all possible terminal types and performance of these terminals.

Daemon

The daemon is a program running in non-interactive mode. In general, the daemon task is related to the networking area: they wait for the connection to provide services. Linux can use many daemons from the web server to the FTP server. The /etc/syslogd.conf syslogd Profile of the daemon. Syslogd is a daemon that is responsible for recording (write to disk) Send a message from other programs to the system. This service is especially often used by some daemon, which does not have additional methods to issue signals that may have problems or send messages to the user.

/etc/httpd.conf web server Apache configuration file. This file is generally not in / ETC. It may be in / usr / local / httpd / conf / or / etc / httpd / conf / or / etc / httpd / conf / or to determine its location, you also need to check specific Apache installation information.

/etc/conf.modules or /etc/modules.conf Kerneld configuration file. Interesting is that kernel is not "as a" kernel as a daemon. It is actually a daemon that is responsible for "fast" loading additional kernel module when needed.

User program

In Linux (and a general unix), there are countless "user" programs. The most common user program profile is /etc/lynx.cfg. This is the famous text browser Lynx profile. With this file, you can define the proxy server, the character set to use, and so on. The following code sample shows part of the Lynx.cfg file, modifying this part of the code can change the Linux system's proxy settings. By default, these settings apply to all users running Lynx in their respective shells unless a user resets the default profile by specifying --cfg = "mylynx.cfg".

Proxy Server Settings in /etc/lynx.cfg

.h1 proxy

.h2 http_proxy

.h2 https_proxy

.h2 ftp_proxy

.h2 gopher_proxy

.h2 news_proxy

.h2 nntp_proxy # lynx version 2.2 and beyond supports the Use of proxy Servers That Can Act As

# FireWall Gateways and Caching Servers. They is preformed to the Older

# Gateway Servers. Each Protocol Used by Lynx Can Be mapped Separately Using

# Protocol_Proxy Environment Variables (See Lynx Uses Guide). If you have

# NOT SET THEM EXTERNALLY, You CAN SEM At Run Time Via This Configuration FILE.

# T will not override external settings. The no_proxy variable can be used

# to inhibit proxying to selected regions of the web (see below). Note That on

# VMS these proxy variables area set as process logicals rather Than Symbols, To

# Preserve LowerCasing, and Will Outlive The Lynx Image.

#

.ex 15

http_proxy: http://proxy3.in.ibm.com: 80 /

FTP_Proxy: http://proxy3.in.ibm.com: 80 /

#http_proxy: http://penguin.in.ibm.com: 8080

#ftp_proxy: http://penguin.in.ibm.com: 8080 /

.h2 NO_PROXY

# The no_proxy variable can be becomma-separated list of strings defining

# no-proxy zones in The DNS Domain name space. if a tail substring of there

# domain-path for a host matches one of these strings, Transactions with That

# Node Will Not Be Proxied.

.ex

NO_PROXY: DEMIURGE.IN.IBM.com, Demiurge

Change the configuration file

When changing the configuration file, if the program is not controlled by the system administrator or kernel, be sure to restart the program that uses the configuration. Ordinary users usually do not start or stop the permissions of the system program and / or daemon.

Kernel

Changing the configuration files in the kernel will immediately affect the system. For example, change the passwd file to increase the user to become available immediately. And there are some kernel tunable parameters in any Linux system / proc / sys directory. Only super users can get write access to all of these files; other users only read only access. The classification of files in this directory is the same as the classification of the Linux kernel source code. Each file in this directory represents a kernel data structure, which can be dynamically modified to change system performance.

Note: Before changing any of the values ​​of any file, you should make sure you have a comprehensive understanding of the file to avoid unpaid damage to the system.

/ proc / sys / kernel / directory file file name description

The maximum number of THREADS-MAX kernels can run.

Ctrl-Alt-DEL If the value is 1, then the sequence presses these keys to reboot the system.

Sysrq If the value is 1, Alt-SysRQ is an activation state. OSRELEASE Displays the release version number of the operating system

Ostype displays the type of operating system.

Hostname system hostname.

The DomainName network field, the system is part of the network domain.

ModProbe specifies whether ModProbe should automatically run and load the required modules when startup.

Daemon process and system procedure

The daemon is the program that is always running in the background, and it silently performs its own task. The common daemon has in.ftpd (FTP server daemon), in.telnetd (Telnet server daemon) and syslogd (system logging daemon). Some daemons are tightly monitored at runtime, which automatically reloads it when the configuration file changes. But most daemon does not automatically reload the configuration file. We need to "tell" these daemon configuration files in some way and should have changed and should be reloaded. This purpose can be reached by using the service command to reach the service (on the Red Hat Linux system).

For example, if we change the network configuration, we need to issue:

Service Network Restart.

Note: These services are the most common is the script in the /etc/rc.d/init.d/* directory, and started by init when the system is booted. So, you can also perform the following operations to restart the service:

/etc/rc.d/init.d/

START | Stop | Status

Start, STOP and STATUS are input values ​​for these scripts that are used to perform operations.

User program

The user or system program reads its configuration file at each startup. Despite this, keep in mind that some system programs are different when the computer is opened, and their behavior relies on the content read in the / etc / in the configuration file. Therefore, the user program will read the default configuration from the / etc / directory when the user program is started. The user can then customize the program by using the RC and. (Point) file, as shown in the following section.

User profile:. (Point) file and RC file

We have seen how it is easy to configure programs. But what if someone doesn't like the way to configure programs in / etc /? "Ordinary" users cannot simply enter / etc and change the configuration file; from the perspective of the file system, the owner of the configuration file is root user! This is why most user programs define two configuration files: the first is the "system" level, located in / etc /; another belongs to the user "dedicated", can be found in his or her home directory.

For example, I have installed a very useful WGET utility in my system. / etc / there is a / etc / wgetrc file. In my home directory, there is a file called .wgetrc, which describes the configuration I customized (only in me, that is, when the user runs the wget command, this configuration file is loaded). Other users can also have .wgetrc files in their own home directory (/ home / Other); of course, this file will only be read when these users run the wget command. In other words, the / etc / wgetrc file provides the "default" value for Wget, and /Home/xxx/.wgetrc files list a "custom item" for a user. What is important is that this is just a "general rule", not all cases. For example, a program like Pine, there is no file in / etc /, which only has a custom configuration file in the user home directory, named .pinerc. Other programs may only have the default configuration file in / etc /, and may not allow the user to "customize" these configuration files (only a few config. Files in / etc directory are this). Usually used RC and. (Point) files

File name description

~ / .bash_login Please refer to "Man Bash". If ~ / .bash_profile does not exist, Bash will be processed to ~ / .bash_login as ~ / .bash_profile.

~ / .bash_logout Please refer to "Man Bash". Log in to the shell reference by the bash when exiting.

~ / .bash_profile is referenced after the Bash login shell reference / etc / profile.

~ / .bash_history list of previously executed commands.

~ / .bashrc Please refer to "Man Bash". BASH Non-login interactive shell references (no other files). Non-interactive shells do not quote any files unless the Bash_ENV or ENV is set.

~ / .Emacs is read by EMAC during startup.

~ / .forward

If you include an email address here, you will be forwarded to this email address.

~ / .fvwmrc ~ / .fvwm2rc FVWM and FVWM2 (Basic X Window Manager) profile.

~ / .hushlogin Please refer to "Man Login". Causes "No Tips" login (no mail notification, last login information or MOD information).

~ / .mail.rc mail program user initialization file.

~ / .ncftp / NCFTP program directory; contain bookmarks, logs, macros, preferences, and tracking information. See MAN NCFTP. The purpose of NCFTP is to provide a powerful and flexible interface for Internet Standard File Transfer Protocol. It is designed to replace the standard FTP program used by the system.

~ / .profile Please refer to "Man Bash". If the ~ / .bash_profile and ~ / .bash_login file do not exist, BASH will be ~ / .profile as ~ / .bash_profile, and is used by other inherited bourn.

~ / .pinerc pine configuration

~ / .muttrc MUTT configuration

~ / .exrc This file can control the configuration of the VI.

Example: SET AI SM RULER

Writing above this file will allow VI to set up automatic indentation, matching parentheses, display line numbers, and lines - columns.

~ / .vimrc default "VIM" profile. Like .exrc.

~ / .gtkrc gnome toolkit (GNOME Toolkit).

~ /. Kderc KDE configuration.

~ / .Netrc FTP default login name and password.

~ / .rhosts is used by R-tools such as RSH, Rlogin, and so on. Because the pretending host is easy, the security is very low.

Must be owned by the user (~ / owner) or superuser.

List some hosts, users can access the account from these hosts.

If it is a symbolic link, it is ignored.

~ / .rpmrc See "Man RPM". If the / etc / rpmrc does not exist, it is read by RPM.

~ / .signature message text, will be automatically attached to the end of the message emitted from this account.

~ / .Twmrc TWM (The Window Manager) profile.

~ / .xinitrc starts by x read (not by xinit script). Some programs are usually started.

Example: Exec / USR / SBIN / STARTKDE

If there is a line content in this file, this line will start the "KDE Window Manager" when the STARTX command is issued from this account.

~ / .XMODMAPRC This file is transmitted to the XMODMAP program, and can be named any file (for example, ~ / .xmodmap and ~ / .KeyMap.km).

~ / .xserverrc If xinit can find X, xinit will run the file as the X server.

~ / News / Sent-Message-IDs Gnus default mail history file.

~ / .Xauthority is read and written by the XDM program to handle permissions. See the X, XDM, and Xauth Online Help Pages.

~ / .Xdefaults,

~ / .Xdefaults-hostname is read by the X application during the startup of the host hostname. If you can't find the -hostname file, look for the .xdefaults file.

~ / .Xmodmap points to .xmodmaprc; red Hat has a .xinitrc file using this name.

~ / .XResources is usually transmitted to XRDB to load the name of the X resource database, intended to avoid the application needs to read a very .xdefaults file. (Some situations have been used ~ / .xres.

~ / mbox

User's old mail.

Reference

For more information, please read Jack Wallen, Jr. Linux Configuration Files.

Also on developerWorks:

Technical FAQ for Linux Users

What good is a linux client?

Using the xinetd program for system administration

More Linux references on the flow of developerWorks.

More open source reference information on the flowchart developerWorks.

About author

Boped by Engineering Science and Technology Area Engineering in Computer Science and Technology Area. He works for India's IBM Global Services (IBM Software Labs); he is one of the members of IBM Linux Technology Center, where he is committed to Linux Ras (reliants, availability, and applicability)). Other areas of him are also interested in operating internal, Linux system management and troubleshooting. You can contact him through Subodh@in.ibm.com. Excerpt from:

IBM: DeveloperWorks China website

转载请注明原文地址:https://www.9cbs.com/read-118440.html

New Post(0)