Edition 1
1801 Varsity Drive
Raleigh, NC 27606-2072 USA
Phone: +1 919 754 3700
Phone: 888 733 4281
Fax: +1 919 754 3701
/etc/sysconfig/
Directory/etc/sysconfig/arpwatch
/etc/sysconfig/authconfig
/etc/sysconfig/autofs
/etc/sysconfig/clock
/etc/sysconfig/dhcpd
/etc/sysconfig/firstboot
/etc/sysconfig/i18n
/etc/sysconfig/init
/etc/sysconfig/ip6tables-config
/etc/sysconfig/keyboard
/etc/sysconfig/ldap
/etc/sysconfig/named
/etc/sysconfig/network
/etc/sysconfig/ntpd
/etc/sysconfig/quagga
/etc/sysconfig/radvd
/etc/sysconfig/samba
/etc/sysconfig/selinux
/etc/sysconfig/sendmail
/etc/sysconfig/spamassassin
/etc/sysconfig/squid
/etc/sysconfig/system-config-users
/etc/sysconfig/vncservers
/etc/sysconfig/xinetd
/etc/sysconfig/
Directoryproc
File Systemproc
File System/proc/buddyinfo
/proc/cmdline
/proc/cpuinfo
/proc/crypto
/proc/devices
/proc/dma
/proc/execdomains
/proc/fb
/proc/filesystems
/proc/interrupts
/proc/iomem
/proc/ioports
/proc/kcore
/proc/kmsg
/proc/loadavg
/proc/locks
/proc/mdstat
/proc/meminfo
/proc/misc
/proc/modules
/proc/mounts
/proc/mtrr
/proc/partitions
/proc/slabinfo
/proc/stat
/proc/swaps
/proc/sysrq-trigger
/proc/uptime
/proc/version
/proc/
sysctl
Commandkdump
Crash Recovery ServiceMono-spaced Bold
To see the contents of the filemy_next_bestselling_novel
in your current working directory, enter thecat my_next_bestselling_novel
command at the shell prompt and press Enter to execute the command.
Press Enter to execute the command.Press Ctrl+Alt+F2 to switch to the first virtual terminal. Press Ctrl+Alt+F1 to return to your X-Windows session.
mono-spaced bold
. For example:
File-related classes includefilesystem
for file systems,file
for files, anddir
for directories. Each class has its own associated set of permissions.
Choose Mouse Preferences. In the Buttons tab, click the Left-handed mouse check box and click to switch the primary mouse button from the left to the right (making the mouse suitable for use in the left hand).→ → from the main menu bar to launchTo insert a special character into a gedit file, choose → → from the main menu bar. Next, choose → from the Character Map menu bar, type the name of the character in the Search field and click . The character you sought will be highlighted in the Character Table. Double-click this highlighted character to place it in the Text to copy field and then click the button. Now switch back to your document and choose → from the gedit menu bar.
Mono-spaced Bold Italic
or Proportional Bold Italic
To connect to a remote machine using ssh, typessh
at a shell prompt. If the remote machine isusername
@domain.name
example.com
and your username on that machine is john, typessh john@example.com
.Themount -o remount
command remounts the named file system. For example, to remount thefile-system
/home
file system, the command ismount -o remount /home
.To see the version of a currently installed package, use therpm -q
command. It will return a result as follows:package
.
package-version-release
Publican is a DocBook publishing system.
mono-spaced roman
and presented thus:
books Desktop documentation drafts mss photos stuff svn books_tests Desktop1 downloads images notes scripts svgs
mono-spaced roman
but add syntax highlighting as follows:
package org.jboss.book.jca.ex1; import javax.naming.InitialContext; public class ExClient { public static void main(String args[]) throws Exception { InitialContext iniCtx = new InitialContext(); Object ref = iniCtx.lookup("EchoBean"); EchoHome home = (EchoHome) ref; Echo echo = home.create(); System.out.println("Created Echo"); System.out.println("Echo.echo('Hello') = " + echo.echo("Hello")); } }
6
.
DHCP
, BIND, Apache, Postfix, Sendmail and other enterprise-class servers and software
kdump
Table of Contents
yum check-update
command to see which installed packages on your system have updates available.
yum
to install, update or remove packages on your system. All examples in
this chapter assume that you have already obtained superuser privileges
by using either the su
or sudo
command.
~]# yum check-update
Loaded plugins: presto, refresh-packagekit, security
PackageKit.x86_64 0.5.8-2.el6 rhel
PackageKit-glib.x86_64 0.5.8-2.el6 rhel
PackageKit-yum.x86_64 0.5.8-2.el6 rhel
PackageKit-yum-plugin.x86_64 0.5.8-2.el6 rhel
glibc.x86_64 2.11.90-20.el6 rhel
glibc-common.x86_64 2.10.90-22 rhel
kernel.x86_64 2.6.31-14.el6 rhel
kernel-firmware.noarch 2.6.31-14.el6 rhel
rpm.x86_64 4.7.1-5.el6 rhel
rpm-libs.x86_64 4.7.1-5.el6 rhel
rpm-python.x86_64 4.7.1-5.el6 rhel
udev.x86_64 147-2.15.el6 rhel
yum.noarch 3.2.24-4.el6 rhel
PackageKit
— the name of the package
x86_64
— the CPU architecture the package was built for
0.5.8
— the version of the updated package to be installed
rhel
— the repository in which the updated package is located
yum
and rpm
packages), as well as their dependencies (such as the kernel-firmware
, rpm-libs
and rpm-python
packages), all using yum
.
yum update <package_name>
:
~]# yum update udev
Loaded plugins: presto, refresh-packagekit, rhnplugin, security
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package udev.x86_64 0:147-2.15.el6 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
===========================================================================
Package Arch Version Repository Size
===========================================================================
Updating:
udev x86_64 147-2.15.el6 rhel 337 k
Transaction Summary
===========================================================================
Install 0 Package(s)
Upgrade 1 Package(s)
Total download size: 337 k
Is this ok [y/N]:
Loaded plugins: presto, refresh-packagekit, security
— yum
always informs you which Yum plugins are installed and enabled. Here, yum
is using the presto, refresh-packagekit and security plugins. Refer to Section 1.4, “Yum Plugins” for general information on Yum plugins, or to Section 1.4.3, “Plugin Descriptions” for descriptions of specific plugins.
kernel.x86_64
— you can download and install new kernels safely with yum
.
yum
always installs a new kernel in the same sense that RPM installs a new kernel when you use the command rpm -i kernel
. Therefore, you do not need to worry about the distinction between installing and upgrading a kernel package when you use yum
: it will do the right thing, regardless of whether you are using the yum update
or yum install
command.
rpm -i kernel
command (which installs a new kernel) instead of rpm -u kernel
(which replaces the current kernel). Refer to Section 3.2.2, “Installing and Upgrading” for more information on installing/updating kernels with RPM.
yum
presents the update information and then prompts you as to whether you want it to perform the update; yum
runs interactively by default. If you already know which transactions yum
plans to perform, you can use the -y
option to automatically answer yes
to any questions yum
may ask (in which case it runs non-interactively). However, you should always examine which changes yum
plans to make to the system so that you can easily troubleshoot any problems that might arise.
cat /var/log/yum.log
at the shell prompt. The most recent transactions are listed at the end of the log file.
yum update
(without any arguments):
~]# yum update
yum
command with a set of highly-useful security-centric commands, subcommands and options. Refer to Section 1.4.3, “security (yum-plugin-security)” for specific information.
yum search <term>
[more_terms
]
command. yum
displays the list of matches for each term:
~]# yum search meld kompare
Loaded plugins: presto, refresh-packagekit, rhnplugin, security
============================ Matched: kompare =============================
kdesdk.x86_64 : The KDE Software Development Kit (SDK)
Warning: No matches found for: meld
yum search
is useful for searching for packages you do not know the name of, but for which you know a related term.
*
(which expands to match any character multiple times) and ?
(which expands to match any one character). Be careful to escape both
of these glob characters when passing them as arguments to a yum
command. If you do not, the bash shell will interpret the glob expressions as pathname expansions, and potentially pass all files in the current directory that match the globs to yum
, which is not what you want. Instead, you want to pass the glob expressions themselves to yum
, which you can do by either:
~]# yum list available gstreamer\*plugin\*
Loaded plugins: presto, refresh-packagekit, rhnplugin, security
Available Packages
gstreamer-plugins-bad-free.i686 0.10.17-4.el6 rhel
gstreamer-plugins-base.i686 0.10.26-1.el6 rhel
gstreamer-plugins-base-devel.i686 0.10.26-1.el6 rhel
gstreamer-plugins-base-devel.x86_64 0.10.26-1.el6 rhel
gstreamer-plugins-good.i686 0.10.18-1.el6 rhel
~]# yum list installed "krb?-*"
Loaded plugins: presto, refresh-packagekit, rhnplugin, security
Installed Packages
krb5-libs.x86_64 1.8.1-3.el6 @rhel
krb5-workstation.x86_64 1.8.1-3.el6 @rhel
yum list <glob_expr>
[more_glob_exprs
]
— List information on installed and available packages matching all glob expressions.
~]# yum list abrt-addon\* abrt-plugin\*
Loaded plugins: presto, refresh-packagekit, rhnplugin, security
Installed Packages
abrt-addon-ccpp.x86_64 1.0.7-5.el6 @rhel
abrt-addon-kerneloops.x86_64 1.0.7-5.el6 @rhel
abrt-addon-python.x86_64 1.0.7-5.el6 @rhel
abrt-plugin-bugzilla.x86_64 1.0.7-5.el6 @rhel
abrt-plugin-logger.x86_64 1.0.7-5.el6 @rhel
abrt-plugin-sosreport.x86_64 1.0.7-5.el6 @rhel
abrt-plugin-ticketuploader.x86_64 1.0.7-5.el6 @rhel
yum info <package_name>
[more_names
]
displays information about one or more packages (glob expressions are valid here as well):
~]# yum info abrt
Loaded plugins: presto, refresh-packagekit, rhnplugin, security
Installed Packages
Name : abrt
Arch : x86_64
Version : 1.0.7
Release : 5.el6
Size : 578 k
Repo : installed
From repo : rhel
Summary : Automatic bug detection and reporting tool
URL : https://fedorahosted.org/abrt/
License : GPLv2+
Description: abrt is a tool to help users to detect defects in applications
: and to create a bug report with all informations needed by
: maintainer to fix it. It uses plugin system to extend its
: functionality.
yum info <package_name>
is similar to the rpm -q --info <package_name>
command, but provides as additional information the ID of the Yum repository the RPM package is found in (look for the From repo: line in the output).
yumdb info <package_name>
[more_names
]
can be used to query the Yum
database for alternative and useful information about a package,
including the checksum of the package (and algorithm used to produce it,
such as SHA-256), the command given on the command line that was
invoked to install the package (if any), and the reason that the package
is installed on the system (where user
indicates it was installed by the user, and dep
means it was brought in as a dependency):
~]# yumdb info yum
yum-3.2.27-4.el6.noarch
checksum_data = 15c8eaf583fabad6974a35b9f6c6527e49362fe4e23baec1682ef51a598e4abb
checksum_type = sha256
command_line = update
from_repo = rhel
from_repo_revision = 1271991599
from_repo_timestamp = 1271991721
reason = user
releasever = 6
man yumdb
for more information on the yumdb
command.
yum history
command, which is new in Red Hat Enterprise Linux 6, can be used to show a timeline of Yum
transactions, the dates and times on when they occurred, the number of
packages affected, whether transactions succeeded or were aborted, and
if the RPM database was changed between transactions. Refer to the history
section of man yum
for details.
~]# yum install <package_name>
yum install <package_name>
[more_names
]
.
.arch
to the package name:
~]# yum install sqlite2.i586
~]# yum install audacious-plugins-\*
yum install
. If you know the name of the binary you want to install, but not its package name, you can give yum install
the path name:
~]# yum install /usr/sbin/named
yum
then searches through its package
lists, finds the package which provides /usr/sbin/named, if any, and
prompts you as to whether you want to install it.
named
binary, but don't know in which bin or sbin directory that file lives? In that situation, you can give yum provides
a glob expression:
~]#yum provides "*bin/named"
Loaded plugins: presto, refresh-packagekit, rhnplugin, security 32:bind-9.7.0-4.P1.el6.x86_64 : The Berkeley Internet Name Domain (BIND) : DNS (Domain Name System) server Repo : rhel Matched from: Filename : /usr/sbin/named ~]#yum install bind
yum provides
is the same as yum whatprovides
.
yum provides "*/<file_name>"
is a common and useful trick to quickly find the package(s) that contain <file_name>.
yum grouplist -v
command lists the names of all package groups, and, next to each of them, their groupid in parentheses. The groupid is always the term in the last pair of parentheses, such as kde-desktop
and kde-software-development
in this example:
~]# yum -v grouplist kde\*
KDE (K Desktop Environment) (kde-desktop)
KDE Software Development (kde-software-development)
groupinstall
:
~]# yum groupinstall "KDE (K Desktop Environment)"
~]# yum groupinstall kde-desktop
install
command if you prepend it with an @-symbol (which tells yum
that you want to perform a groupinstall
):
~]# yum install @kde-desktop
yum remove <package_name>
uninstalls (removes in RPM and Yum
terminology) the package, as well as any packages that depend on it. As
when you install multiple packages, you can remove several at once by
adding more package names to the command:
yum remove foo bar baz
install
, remove
can take these arguments:
install
syntax.
~]#yum groupremove "KDE (K Desktop Environment)"
~]#yum groupremove kde-desktop
~]#yum remove @kde-desktop
yum
to remove only those packages which are not required by any other packages or groups by adding the groupremove_leaf_only=1
directive to the [main]
section of the /etc/yum.conf
configuration file. For more information on this directive, refer to Section 1.3.1, “Setting [main] Options”.
[main]
section of the /etc/yum.conf
configuration file;
repository
] sections in /etc/yum.conf
and .repo
files in the /etc/yum.repos.d/
directory;
/etc/yum.conf
and files in /etc/yum.repos.d/
so that dynamic version and architecture values are handled correctly; and,
/etc/yum.conf
configuration file contains one mandatory [main]
section under which you can set Yum options. The values that you define in the [main]
section of yum.conf
have global effect, and may override values set any individual [repository
] sections. You can also add [repository
] sections to /etc/yum.conf
; however, best practice is to define individual repositories in new or existing .repo
files in the /etc/yum.repos.d/
directory. Refer to Section 1.3.2, “Setting [repository] Options” if you need to add or edit repository-specific information.
/etc/yum.conf
configuration file contains exactly one [main]
section. You can add many additional options under the [main]
section heading in /etc/yum.conf
. Some of the key-value pairs in the [main]
section affect how yum
operates; others affect how Yum treats repositories. The best source of information for all Yum options is in the [main] OPTIONS
and [repository] OPTIONS
sections of man yum.conf
.
/etc/yum.conf
configuration file:
[main]
cachedir=/var/cache/yum/$basearch/$releasever
keepcache=0
debuglevel=2
logfile=/var/log/yum.log
exactarch=1
obsoletes=1
gpgcheck=1
plugins=1
installonly_limit=3
[comments abridged]
# PUT YOUR REPOS HERE OR IN separate files named file.repo
# in /etc/yum.repos.d
[main]
section, and descriptions for each:
<value>
<value>
is one of:
0
— yum
should prompt for confirmation of critical actions it performs. This is the default.
1
— Do not prompt for confirmation of critical yum
actions. If assumeyes=1
is set, yum
behaves in the same way that the command line option -y
does.
/var/cache/yum/$basearch/$releasever
/var/cache/yum/$basearch/$releasever
. See Section 1.3.3, “Using Yum Variables” for descriptions of the $basearch
and $releasever
Yum variables.
value
<value>
is an integer between 1
and 10
. Setting a higher debuglevel
value causes yum
to display more detailed debugging output. debuglevel=0
disables debugging output, while debuglevel=2
is the default.
<value>
<value>
is one of:
0
— Do not take into account the exact architecture when updating packages.
1
— Consider the exact architecture when updating packages. With this setting, yum
will not install an i686 package to update an i386 package already installed on the system. This is the default.
<package_name>
[more_package_names
] *
and ?
) are allowed.
<value>
<value>
is one of:
0
— Disable GPG signature-checking on packages in all repositories, including local package installation.
1
— Enable GPG signature-checking on all packages in all repositories, including local package installation. gpgcheck=1
is the default, and thus all packages' signatures are checked.
[main]
section of the /etc/yum.conf
file, it sets the GPG-checking rule for all repositories. However, you can also set gpgcheck=
<value>
for individual repositories instead; i.e., you can enable GPG-checking
on one repository while disabling it on another. Setting gpgcheck=<value>
for an individual repository in its correpsonding .repo
file overrides the default if it is present in /etc/yum.conf
. Refer to Section 3.3, “Checking a Package's Signature” for further information on GPG signature-checking.
<value>
<value>
is one of:
0
— yum
should not check the dependencies of each package when removing a package group. With this setting, yum
removes all packages in a package group, regardless of whether those packages are required by other packages or groups. groupremove_leaf_only=0
is the default.
1
— yum
should check the dependencies of each package when removing a package
group, and remove only those packages which are not not required by any
other package or group.
<space>
<separated>
<list>
<of>
<packages>
yum
can install, but will never update. Refer to man yum.conf
for the list of packages which are install-only by default. If you add the installonlypkgs
directive to /etc/yum.conf
, you should ensure that you list all of the packages that should be install-only, including any of those listed under the installonlypkgs
section of man yum.conf
. In particular, kernel packages should always be listed in installonlypkgs
(as they are by default), and installonly_limit
should always be set to a value greater than 2
so that a backup kernel is always available in case the default one fails to boot. Refer to installonly_limit=<value>
for details on the installonly_limit
directive.
<value>
<value>
is an integer representing the maximum number of versions that can be
installed simultaneously for any single package listed in the installonlypkgs
directive. The defaults for the installonlypkgs
directive include several different kernel packages, so be aware that changing the value of installonly_limit
will also affect the maximum number of installed versions of any single kernel package. The default value listed in /etc/yum.conf
is installonly_limit=3
, and it is not recommended to decrease this value, particularly below 2
.
<value>
0
— Do not retain the cache of headers and packages after a successful installation. This is the default.
1
— Retain the cache after a successful installation.
/var/log/yum.log
yum
should send its logging output. By default, yum
logs to /var/log/yum.log
.
<value>
<value>
is one of:
best
— install the best-choice architecture for this system. For example, setting multilib_policy=best
on an AMD64 system causes yum
to install 64-bit versions of all packages.
all
— always install every possible architecture for every package. For example, with multilib_policy
set to all
on an AMD64 system, yum
would install both the i586 and AMD64 versions of a package, if both were available.
<value>
<value>
is one of:
0
— Disable yum
's obsoletes processing logic when performing updates.
1
— Enable yum
's obsoletes processing logic when performing updates. When one package declares in its spec file that it obsoletes
another package, the latter package will be replaced by the former
package when the former package is installed. Obsoletes are declared,
for example, when a package is renamed. obsoletes=1
the default.
<value>
<value>
is one of:
0
— Disable all Yum plugins globally.
Yum
services. In particular, rhnplugin enables connecting to Red Hat Network
,
and the security plugin allows system administrators to easily update
the system with (sometimes critical) security updates. Disabling plugins
globally is provided as a convenience option, and is generally only
recommended when diagnosing a potential problem with Yum
.
1
— Enable all Yum plugins globally. With plugins=1
, you can still disable a specific Yum plugin by setting enabled=0
in that plugin's configuration file. Refer to Section 1.4, “Yum Plugins” for more information about various Yum plugins, or to Section 1.4.1, “Enabling, Configuring and Disabling Yum Plugins” for further information on controlling plugins.
</absolute/path/to/directory/containing/repo/files>
.repo
files are located. All .repo
files contain repository information (similar to the [repository
] section(s) of /etc/yum.conf
). yum
collects all repository information from .repo
files and the [repository
] section of the /etc/yum.conf
file to create a master list of repositories to use for transactions. Refer to Section 1.3.2, “Setting [repository] Options” for more information about options you can use for both the [repository
] section and .repo
files. If reposdir
is not set, yum
uses the default directory /etc/yum.repos.d/
.
<value>
<value>
is an integer 0
or greater. This value sets the number of times yum
should attempt to retrieve a file before returning an error. Setting this to 0
makes yum
retry forever. The default value is 10
.
repository
] sections (where repository
is a unique repository ID, such as [my_personal_repo
]) to /etc/yum.conf
or to .repo
files in the /etc/yum.repos.d/
directory. All .repo
files in /etc/yum.repos.d/
are read by yum
; best practice is to define your repositories here instead of in /etc/yum.conf
. You can create new, custom .repo
files in this directory, add [repository
] sections to those files, and the next time you run a yum
command, it will take all newly-added repositories into account.
.repo
file should take:
[repository_ID] name=A Repository Name baseurl=http://path/to/repo or ftp://path/to/repo or file://path/to/local/repo
repository
] section must contain the following minimum parts:
repository_ID
] <My Repository Name>
baseurl=http://path/to/repo/releases/$releasever/server/$basearch/os/
$releasever
, $arch
and $basearch
variables in URLs. See the following section for explanations of all Yum variables: Section 1.3.3, “Using Yum Variables”.
http://path/to/repo
by prepending it as username:password@link
.
For example, if a repository on http://www.example.com/repo/ requires a
username of "user" and a password of "password", then the baseurl
link could be specified as:
baseurl=http://user
:password
@www.example.com/repo/
repository
] directive:
<value>
<value>
is one of:
0
— do not include this repository
as a package source when performing updates and installs. This is an
easy way of quickly turning repositories on and off, which is useful
when you desire a single package from a repository that you do not want
to enable for updates or installs.
1
— include this repository as a package source.
--enablerepo=<repo_name
>
or --disablerepo=<repo_name
>
option to yum
, or easily through PackageKit's Add/Remove Software window.
repository
] options exist. Refer to the [repository] OPTIONS
section of man yum.conf
for the exhaustive list and descriptions for each.
yum
commands and in all Yum configuration files (/etc/yum.conf
and all .repo
files in /etc/yum.repos.d/
.
$releasever
$releasever
from the distroverpkg=<value>
line in the /etc/yum.conf
configuration file. If there is no such line in /etc/yum.conf
, then yum
infers the correct value by deriving the version number from the redhat-release
package.
$arch
os.uname()
function. Valid values for $arch
include: i586
, i686
and x86_64
.
$basearch
$basearch
to reference the base architecture of the system. For example, i686 and i586 machines both have a base architecture of i386
, and AMD64 and Intel64 machines have a base architecture of x86_64
.
$YUM0-9
/etc/yum.conf
for example)
and a shell environment variable with the same name does not exist, then
the configuration file variable is not replaced.
createrepo
package:
~]# yum install createrepo
/mnt/local_repo/
.
createrepo --database
command on that directory:
~]# createrepo --database /mnt/local_repo
createrepo
on Red Hat Enterprise Linux 5 to create the package metadata for Red Hat Enterprise Linux 6 packages. The createrepo
command relies on rpm
to open and inspect the packages, and rpm
on Red Hat Enterprise Linux 5 is not able to open the improved Red Hat Enterprise Linux 6 RPM package format.
yum
operations.
yum
command:
~]# yum info yum
Loaded plugins: presto, refresh-packagekit, security
[output truncated]
Loaded plugins
are the names you can provide to the --disableplugins=<plugin_name>
option.
plugins=
is present in the [main]
section of /etc/yum.conf
, and that its value is set to 1
:
plugins=1
plugins=0
.
Yum
services. In particular, rhnplugin enables connecting to Red Hat Network
,
and the security plugin allows system administrators to easily update
the system with (sometimes critical) security updates. Disabling plugins
globally is provided as a convenience option, and is generally only
recommended when diagnosing a potential problem with Yum
.
/etc/yum/pluginconf.d/
directory. You can set plugin-specific options in these files. For example, here is the security plugin's security.conf
configuration file:
[main] enabled=1
[main]
section (similar to Yum's /etc/yum.conf
file) in which there is (or you can place if it is missing) an enabled=
option that controls whether the plugin is enabled when you run yum
commands.
enabled=0
in /etc/yum.conf
, then all plugins are disabled regardless of whether they are enabled in their individual configuration files.
yum
command, use the --noplugins
option.
yum
command, then you can add the --disableplugin=<plugin_name>
option to the command:
~]# yum update --disableplugin=presto
--disableplugin=
option are the same names listed after the Loaded plugins:
line in the output of any yum
command. You can disable multiple plugins by separating their names
with commas. In addition, you can match multiple similarly-named plugin
names or simply shorten long ones by using glob expressions: --disableplugin=presto,refresh-pack*
.
yum-plugin-<plugin_name>
package-naming convention, but not always: the package which provides the presto plugin is named yum-presto
, for example. You can install a Yum plugin in the same way you install other packages:
~]# yum install yum-plugin-security
yum
package and all packages it depends on from being purposefully or
accidentally removed. This simple scheme prevents many of the most
important packages necessary for your system to run from being removed.
In addition, you can list more packages, one per line, in the /etc/sysconfig/protected-packages
file[1] (which you should create if it does not exist), and protect-packages will extend protection-from-removal to those packages as well. To temporarily override package protection, use the --override-protection
option with an applicable yum
command.
Red Hat Network
(RHN). Systems registered with RHN
are able to update and install packages from Red Hat Network
.
man rhnplugin
for more information.
yum
with a set of highly-useful security-related commands, subcommands and options.
~]# yum check-update --security
Loaded plugins: presto, refresh-packagekit, security
Limiting package lists to security relevant ones
Needed 3 of 7 packages, for security
elinks.x86_64 0.12-0.13.el6 rhel
kernel.x86_64 2.6.30.8-64.el6 rhel
kernel-headers.x86_64 2.6.30.8-64.el6 rhel
yum update --security
or yum update-minimal --security
to update those packages which are affected by security advisories.
Both of these commands update all packages on the system for which a
security advisiory has been issued. yum update-minimal --security
updates them to the latest packages which were released as part of a security advisory, while yum update --security
will update all packages affected by a security advisory to the latest version of that package available.
yum update-minimal --security
will update you to kernel-2.6.30.8-32, and yum update --security
will update you to kernel-2.6.30.8-64. Conservative system administrators may want to use update-minimal
to reduce the risk incurred by updating packages as much as possible.
man yum-security
for usage details and further explanation of the enhancements the security plugin adds to yum
.
Yum Guides
section of the wiki contains more Yum documentation.
[1]
You can also place files with the extension .list
in the /etc/sysconfig/protected-packages.d/
directory (which you should create if it does not exist), and list packages—one per line—in these files. protect-packages will protect these too.
gpk-update-viewer
command at the shell prompt. In the Software Updates window, all available updates are listed along with the names of the packages being updated (minus the .rpm
suffix, but including the CPU architecture), a short summary of the
package, and, usually, short descriptions of the changes the update
provides. Any updates you do not wish to install can be de-selected here
by unchecking the checkbox corresponding to the update.
kernel
package, then it will prompt you after installation, asking you whether
you want to reboot the system and thereby boot into the newly-installed
kernel.
gpk-application
command at the shell prompt.
name=<My Repository Name>
field of all [repository
] sections in the /etc/yum.conf
configuration file, and in all repository
.repo
files in the /etc/yum.repos.d/
directory.
enabled=<1 or 0>
field in [repository
]
sections. Checking an unchecked box enables the Yum repository, and
unchecking it disables it. Performing either function causes PolicyKit to prompt for superuser authentication to enable or disable the repository. PackageKit actually inserts the enabled=<1 or 0>
line into the correct [repository
] section if it does not exist, or changes the value if it does. This means that enabling or disabling a repository through the Software Sources
window causes that change to persist after closing the window or
rebooting the system. The ability to quickly enable and disable
repositories based on our needs is a highly-convenient feature of PackageKit.
<package_name>
-devel
packages we are not interested in.
<package>
would cause the following related packages to be filtered out of the results (if it exists):
<package>
-devel
<package>
-libs
<package>
-libs-devel
<package>
-debuginfo
crontabs-1.10-32.1.el6.noarch.rpm
) are never filtered out by checking . This filter has no affect on non-multilib systems, such as x86 machines.
htop
, an colorful and enhanced version of the top
process viewer, by opening a shell prompt and entering:
~]$ htop
top
is good enough for us and we want to uninstall it. Remembering that we need to change the filter we recently used to install it to in → , we search for htop
again and uncheck it. The program did not install any dependencies of
its own; if it had, those would be automatically removed as well, as
long as they were not also dependencies of any other packages still
installed on our system.
gpk-log
command at the shell prompt.
Updated System
or Installed Packages
, the Date on which that action was performed, the Username of the user who performed the action, and the front end Application the user used (such as Update Icon
, or kpackagekit
). The Details column provides the types of the transactions, such as Updated
, Installed
or Removed
, as well as the list of packages the transactions were performed on.
packagekitd
daemon back end, which communicates with a package manager-specific back end that utilizes Yum to perform the actual transactions, such as installing and removing packages, etc.
Window Title | Function | How to Open | Shell Command |
---|---|---|---|
Add/Remove Software | Install, remove or view package info |
From the GNOME panel:
→ →
| gpk-application |
Software Update | Perform package updates |
From the GNOME panel:
→ →
| gpk-update-viewer |
Software Sources | Enable and disable Yum repositories |
From Add/Remove Software: →
| gpk-repo |
Software Log Viewer | View the transaction log |
From Add/Remove Software: →
| gpk-log |
Software Update Preferences | Set PackageKit preferences | gpk-prefs | |
(Notification Area Alert) | Alerts you when updates are available |
From the GNOME panel: Startup Programs tab
→ → , | gpk-update-icon |
packagekitd
daemon runs outside the user session and communicates with the various graphical front ends. The packagekitd
daemon[2] communicates via the DBus system message bus with another back end, which utilizes Yum's Python API to perform queries and make changes to the sytem. On Linux systems other than Red Hat and Fedora, packagekitd
can communicate with other back ends that are able to utilize the
native package manager for that system. This modular architecture
provides the abstraction necessary for the graphical interfaces to work
with many different package managers to perform essentially the same
types of package management tasks. Learning how to use the PackageKit
front ends means that you can use the same familiar graphical interface
across many different Linux distributions, even when they utilize a
native package manager other than Yum.
packagekitd
daemon, which runs outside of the user session.
gnome-packagekit
package instead of by PackageKit and its dependencies. Users working in a KDE environment may prefer to install the kpackagekit
package, which provides a KDE interface for PackageKit.
pkcon
.
[2]
System daemons are typically long-running processes that provide
services to the user or to other programs, and which are started, often
at boot time, by special initialization scripts (often shortened to init scripts). Daemons respond to the service
command and can be turned on or off permanently by using the chkconfig on
or chkconfig off
commands. They can typically be recognized by a “d ” appended to their name, such as the packagekitd
daemon. Refer to Chapter 7, Controlling Access to Services for information about system services.
x86_64.rpm
.
.tar.gz
files.
rpm --help
or man rpm
. You can also refer to Section 3.5, “Additional Resources” for more information on RPM.
tree-1.5.3-2.el6.x86_64.rpm
. The file name includes the package name (tree
), version (1.5.3
), release (2
), operating system major version (el6
) and CPU architecture (x86_64
).
rpm
's -U
option to:
rpm -U <rpm_file>
is able to perform the function of either upgrading or installing as is appropriate for the package.
tree-1.5.3-2.el6.x86_64.rpm
package is in the current directory, log in as root and type the
following command at a shell prompt to either upgrade or install the tree package as determined by rpm
:
rpm -Uvh tree-1.5.3-2.el6.x86_64.rpm
-v
and -h
options (which are combined with -U
) cause rpm to print more verbose output and display a progress meter using hash signs.
Preparing... ########################################### [100%] 1:tree ########################################### [100%]
rpm
provides two different options for installing packages: the aforementioned -U
option (which historically stands for upgrade), and the -i
option, historically standing for install. Because the -U
option subsumes both install and upgrade functions, we recommend to use rpm -Uvh
with all packages except kernel packages.
-i
option to simply install a new kernel package instead of upgrading it. This is because using the -U
option to upgrade a kernel package removes the previous (older) kernel
package, which could render the system unable to boot if there is a
problem with the new kernel. Therefore, use the rpm -i <kernel_package>
command to install a new kernel without replacing any older kernel packages. For more information on installing kernel packages, refer to Chapter 23, Manually Upgrading the Kernel.
error: tree-1.5.3-2.el6.x86_64.rpm: Header V3 RSA/SHA256 signature: BAD, key ID d22e77f2
error: tree-1.5.3-2.el6.x86_64.rpm: Header V3 RSA/SHA256 signature: BAD, key ID d22e77f2
NOKEY
:
warning: tree-1.5.3-2.el6.x86_64.rpm: Header V3 RSA/SHA1 signature: NOKEY, key ID 57bbccba
Preparing... ########################################### [100%] package tree-1.5.3-2.el6.x86_64 is already installed
--replacepkgs
option, which tells RPM to ignore the error:
rpm -Uvh --replacepkgs tree-1.5.3-2.el6.x86_64.rpm
Preparing... ################################################## file /usr/bin/foobar from install of foo-1.0-1.el6.x86_64 conflicts with file from package bar-3.1.1.el6.x86_64
--replacefiles
option:
rpm -Uvh --replacefiles foo-1.0-1.el6.x86_64.rpm
error: Failed dependencies: bar.so.3()(64bit) is needed by foo-1.0-1.el6.x86_64
rpm -Uvh foo-1.0-1.el6.x86_64.rpm bar-3.1.1.el6.x86_64.rpm
Preparing... ########################################### [100%] 1:foo ########################################### [ 50%] 2:bar ########################################### [100%]
--whatprovides
option to determine which package contains the required file.
rpm -q --whatprovides "bar.so.3"
bar.so.3
is in the RPM database, the name of the package is displayed:
bar-3.1.1.el6.i586.rpm
rpm
to install a package that gives us a Failed dependencies
error (using the --nodeps
option), this is not recommended, and will usually result in the installed package failing to run. Installing or removing packages with rpm --nodeps
can cause applications to misbehave and/or crash, and can cause serious
package management problems or, possibly, system failure. For these
reasons, it is best to heed such warnings; the package manager—whether RPM, Yum or PackageKit—shows us these warnings and suggests possible fixes because accounting for dependencies is critical. The Yum
package manager can perform dependency resolution and fetch
dependencies from online repositories, making it safer, easier and
smarter than forcing rpm
to carry out actions without regard to resolving dependencies.
saving /etc/foo.conf as /etc/foo.conf.rpmsave
foo.conf.rpmnew
,
and leave the configuration file you modified untouched. You should
still resolve any conflicts between your modified configuration file and
the new one, usually by merging changes from the old one to the new one
with a diff
program.
package foo-2.0-1.el6.x86_64.rpm (which is newer than foo-1.0-1) is already installed
--oldpackage
option:
rpm -Uvh --oldpackage foo-1.0-1.el6.x86_64.rpm
rpm -e foo
foo
, not the name of the original package file, foo-1.0-1.el6.x86_64
. If you attempt to uninstall a package using the rpm -e
command and the original full file name, you will receive a package name error.
rpm -e ghostscript
error: Failed dependencies:
libgs.so.8()(64bit) is needed by (installed) libspectre-0.2.2-3.el6.x86_64
libgs.so.8()(64bit) is needed by (installed) foomatic-4.0.3-1.el6.x86_64
libijs-0.35.so()(64bit) is needed by (installed) gutenprint-5.2.4-5.el6.x86_64
ghostscript is needed by (installed) printer-filters-1.1-4.el6.noarch
<library_name>
.so.<number>
file) in Section 3.2.2.3, “Unresolved Dependency”, we can search for a 64-bit shared object library using this exact syntax (and making sure to quote the file name):
~]# rpm -q --whatprovides "libgs.so.8()(64bit)"
ghostscript-8.70-1.el6.x86_64
rpm
to remove a package that gives us a Failed dependencies
error (using the --nodeps
option), this is not recommended, and may cause harm to other installed applications. Installing or removing packages with rpm --nodeps
can cause applications to misbehave and/or crash, and can cause serious
package management problems or, possibly, system failure. For these
reasons, it is best to heed such warnings; the package manager—whether RPM, Yum or PackageKit—shows us these warnings and suggests possible fixes because accounting for dependencies is critical. The Yum
package manager can perform dependency resolution and fetch
dependencies from online repositories, making it safer, easier and
smarter than forcing rpm
to carry out actions without regard to resolving dependencies.
rpm -Fvh foo-2.0-1.el6.x86_64.rpm
*.rpm
glob:
rpm -Fvh *.rpm
/var/lib/rpm/
,
and is used to query what packages are installed, what versions each
package is, and to calculate any changes to any files in the package
since installation, among other use cases.
-q
option. The rpm -q package name
command displays the package name, version, and release number of the installed package <package_name>
. For example, using rpm -q tree
to query installed package tree
might generate the following output:
tree-1.5.2.2-4.el6.x86_64
man rpm
for details) to further refine or qualify your query:
-a
— queries all currently installed packages.
-f <file_name>
— queries the RPM database for which package owns <file_name>
. Specify the absolute path of the file (for example, rpm -qf /bin/ls
instead of rpm -qf ls
).
-p <package_file>
— queries the uninstalled package <package_file>
.
-i
displays package information
including name, description, release, size, build date, install date,
vendor, and other miscellaneous information.
-l
displays the list of files that the package contains.
-s
displays the state of all the files in the package.
-d
displays a list of files marked as documentation (man pages, info pages, READMEs, etc.) in the package.
-c
displays a list of files marked as
configuration files. These are the files you edit after installation to
adapt and customize the package to your system (for example, sendmail.cf
, passwd
, inittab
, etc.).
-v
to the command to display the lists in a familiar ls -l
format.
rpm -V
verifies a package. You can use any of the Verify Options listed for querying to specify the packages you wish to verify. A simple use of verifying is rpm -V tree
, which verifies that all the files in the tree
package are as they were when they were originally installed. For example:
rpm -Vf /usr/bin/tree
/usr/bin/tree
is the absolute path to the file used to query a package.
rpm -Va
rpm -Vp tree-1.5.3-2.el6.x86_64.rpm
c
"
denotes a configuration file) and then the file name. Each of the eight
characters denotes the result of a comparison of one attribute of the
file to the value of that attribute recorded in the RPM database. A
single period (.
) means the test passed. The following characters denote specific discrepancies:
5
— MD5 checksum
S
— file size
L
— symbolic link
T
— file modification time
D
— device
U
— user
G
— group
M
— mode (includes permissions and file type)
?
— unreadable file (file permission errors, for example)
<rpm_file>
is the file name of the RPM package):
rpm -K --nosignature <rpm_file>
<rpm_file>
: rsa sha1 (md5) pgp md5 OK
(specifically the OK
part of it) is displayed. This brief message means that the file was
not corrupted during download. To see a more verbose message, replace -K
with -Kvv
in the command.
x
files as well.
rpm --import /usr/share/rhn/RPM-GPG-KEY
rpm -qa gpg-pubkey*
gpg-pubkey-db42a60e-37ea5438
rpm -qi
followed by the output from the previous command:
rpm -qi gpg-pubkey-db42a60e-37ea5438
<rpm-file>
with the filename of the RPM package):
rpm -K <rpm-file>
md5 gpg OK
.
This means that the signature of the package has been verified, that it
is not corrupt, and therefore is safe to install and use.
rpm -Va
rpm -qf /usr/bin/ghostscript
ghostscript-8.70-1.el6.x86_64
/usr/bin/paste
. You would like to verify the package that owns that program, but you do not know which package owns paste
. Enter the following command,
rpm -Vf /usr/bin/paste
rpm -qdf /usr/bin/free
/usr/share/doc/procps-3.2.8/BUGS /usr/share/doc/procps-3.2.8/FAQ /usr/share/doc/procps-3.2.8/NEWS /usr/share/doc/procps-3.2.8/TODO /usr/share/man/man1/free.1.gz /usr/share/man/man1/pgrep.1.gz /usr/share/man/man1/pkill.1.gz /usr/share/man/man1/pmap.1.gz /usr/share/man/man1/ps.1.gz /usr/share/man/man1/pwdx.1.gz /usr/share/man/man1/skill.1.gz /usr/share/man/man1/slabtop.1.gz /usr/share/man/man1/snice.1.gz /usr/share/man/man1/tload.1.gz /usr/share/man/man1/top.1.gz /usr/share/man/man1/uptime.1.gz /usr/share/man/man1/w.1.gz /usr/share/man/man1/watch.1.gz /usr/share/man/man5/sysctl.conf.5.gz /usr/share/man/man8/sysctl.8.gz /usr/share/man/man8/vmstat.8.gz
rpm -qip crontabs-1.10-32.1.el6.noarch.rpm
Name : crontabs Relocations: (not relocatable) Version : 1.10 Vendor: Red Hat, Inc. Release : 32.1.el6 Build Date: Thu 03 Dec 2009 02:17:44 AM CET Install Date: (not installed) Build Host: js20-bc1-11.build.redhat.com Group : System Environment/Base Source RPM: crontabs-1.10-32.1.el6.src.rpm Size : 2486 License: Public Domain and GPLv2 Signature : RSA/8, Wed 24 Feb 2010 08:46:13 PM CET, Key ID 938a80caf21541eb Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> Summary : Root crontab files used to schedule the execution of programs Description : The crontabs package contains root crontab files and directories. You will need to install cron daemon to run the jobs from the crontabs. The cron daemon such as cronie or fcron checks the crontab files to see when particular commands are scheduled to be executed. If commands are scheduled, it executes them. Crontabs handles a basic system function, so it should be installed on your system.
crontabs
RPM package installs. You would enter the following:
rpm -qlp crontabs-1.10-32.1.el6.noarch.rpm
/etc/cron.daily /etc/cron.hourly /etc/cron.monthly /etc/cron.weekly /etc/crontab /usr/bin/run-parts /usr/share/man/man4/crontabs.4.gz
rpm --help
— This command displays a quick reference of RPM parameters.
man rpm
— The RPM man page gives more detail about RPM parameters than the rpm --help
command.
Table of Contents
/etc/sysconfig/
Directory/etc/sysconfig/arpwatch
/etc/sysconfig/authconfig
/etc/sysconfig/autofs
/etc/sysconfig/clock
/etc/sysconfig/dhcpd
/etc/sysconfig/firstboot
/etc/sysconfig/i18n
/etc/sysconfig/init
/etc/sysconfig/ip6tables-config
/etc/sysconfig/keyboard
/etc/sysconfig/ldap
/etc/sysconfig/named
/etc/sysconfig/network
/etc/sysconfig/ntpd
/etc/sysconfig/quagga
/etc/sysconfig/radvd
/etc/sysconfig/samba
/etc/sysconfig/selinux
/etc/sysconfig/sendmail
/etc/sysconfig/spamassassin
/etc/sysconfig/squid
/etc/sysconfig/system-config-users
/etc/sysconfig/vncservers
/etc/sysconfig/xinetd
/etc/sysconfig/
Directoryproc
File Systemproc
File System/proc/buddyinfo
/proc/cmdline
/proc/cpuinfo
/proc/crypto
/proc/devices
/proc/dma
/proc/execdomains
/proc/fb
/proc/filesystems
/proc/interrupts
/proc/iomem
/proc/ioports
/proc/kcore
/proc/kmsg
/proc/loadavg
/proc/locks
/proc/mdstat
/proc/meminfo
/proc/misc
/proc/modules
/proc/mounts
/proc/mtrr
/proc/partitions
/proc/slabinfo
/proc/stat
/proc/swaps
/proc/sysrq-trigger
/proc/uptime
/proc/version
/proc/
sysctl
Commandsystem-config-date
command at a shell prompt (e.g., xterm or GNOME Terminal). Unless you are already authenticated, you will be prompted to enter the superuser password.
~]$ su -
Password:
date
command allows the superuser to set the system date and time manually:
YYYY
with a four-digit year, MM
with a two-digit month, and DD
with a two-digit day of the month:
~]# date +%D -s YYYY-MM-DD
~]# date +%D -s 2010-06-02
HH
stands for an hour, MM
is a minute, and SS
is a second, all typed in a two-digit form:
~]# date +%T -s HH:MM:SS
~]# date +%T -s HH:MM:SS
-u
~]# date +%T -s 23:26:00 -u
date
without any additional argument:
~]$ date
Wed Jun 2 11:58:48 CEST 2010
~]# ntpdate -q server_address
~]# ntpdate -q 0.rhel.pool.ntp.org
~]# ntpdate server_address...
~]# ntpdate 0.rhel.pool.ntp.org 1.rhel.pool.ntp.org
date
without any additional arguments as shown in Section 13.2.1, “Date and Time Setup”.
~]# chkconfig ntpdate on
/var/log/boot.log
system log, try to add the following line to /etc/sysconfig/network
:
NETWORKWAIT=1
/etc/ntp.conf
in a text editor such as vi or nano, or create a new one if it does not already exist:
~]# nano /etc/ntp.conf
server 0.rhel.pool.ntp.org server 1.rhel.pool.ntp.org server 2.rhel.pool.ntp.org
iburst
directive at the end of each server line:
server 0.rhel.pool.ntp.org iburst server 1.rhel.pool.ntp.org iburst server 2.rhel.pool.ntp.org iburst
restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery restrict 127.0.0.1 restrict -6 ::1
~]# service ntpd restart
ntpd
daemon is started at boot time:
~]# chkconfig ntpd on
system-config-users
at the shell prompt to open the User Manager.
Viewing and modifying user and group information requires superuser
privileges. If you are not the superuser when you open the User Manager, it will prompt you for the superuser password.
/bin/bash
. The default home directory is /home/<username>
/
.
You can change the home directory that is created for the user, or you
can choose not to create the home directory by unselecting Create home directory.
/etc/skel/
directory into the new home directory.
system-config-users
). For more information on User Manager, refer to Section 15.1, “User and Group Configuration”.
useradd
, usermod
, and userdel
— Industry-standard methods of adding, deleting and modifying user accounts
groupadd
, groupmod
, and groupdel
— Industry-standard methods of adding, deleting, and modifying user groups
gpasswd
— Industry-standard method of administering the /etc/group
file
pwck
, grpck
— Tools used for the verification of the password, group, and associated shadow files
pwconv
, pwunconv
— Tools used for the conversion of passwords to shadow passwords and back to standard passwords
useradd
are detailed in Table 15.1, “ useradd
Command Line Options”.
useradd
Command Line OptionsOption | Description |
---|---|
-c '<comment> '
|
<comment> can be replaced with any string. This option is generally used to specify the full name of a user.
|
-d <home-dir>
|
Home directory to be used instead of default /home/
|
-e <date>
| Date for the account to be disabled in the format YYYY-MM-DD |
-f <days>
|
Number of days after the password expires until the account is disabled. If 0 is specified, the account is disabled immediately after the password expires. If -1 is specified, the account is not be disabled after the password expires.
|
-g <group-name>
| Group name or group number for the user's default group. The group must exist prior to being specified here. |
-G <group-list>
| List of additional (other than default) group names or group numbers, separated by commas, of which the user is a member. The groups must exist prior to being specified here. |
-m
| Create the home directory if it does not exist. |
-M
| Do not create the home directory. |
-N
| Do not create a user private group for the user. |
-p <password>
|
The password encrypted with crypt
|
-r
| Create a system account with a UID less than 500 and without a home directory |
-s
|
User's login shell, which defaults to /bin/bash
|
-u <uid>
| User ID for the user, which must be unique and greater than 499 |
groupadd
:
groupadd <group-name>
groupadd
are detailed in Table 15.2, “ groupadd
Command Line Options”.
groupadd
Command Line OptionsOption | Description |
---|---|
-f, --force |
When used with -g <gid> and <gid> already exists, groupadd will choose another unique <gid> for the group.
|
-g <gid>
| Group ID for the group, which must be unique and greater than 499 |
-K, --key KEY=VALUE
|
override /etc/login.defs defaults
|
-o , --non-unique
| allow to create groups with duplicate |
-p , --password PASSWORD
| use this encrypted password for the new group |
-r
| Create a system group with a GID less than 500 |
chage
command with an option from Table 15.3, “ chage
Command Line Options”, followed by the username.
chage
command. For more information, see Section 15.6, “Shadow Passwords”.
chage
Command Line OptionsOption | Description |
---|---|
-d <days>
| Specifies the number of days since January 1, 1970 the password was changed |
-E <date>
| Specifies the date on which the account is locked, in the format YYYY-MM-DD. Instead of the date, the number of days since January 1, 1970 can also be used. |
-I <days>
| Specifies the number of inactive days after the password expiration before locking the account. If the value is 0, the account is not locked after the password expires. |
-l
| Lists current account aging settings. |
-m <days>
| Specify the minimum number of days after which the user must change passwords. If the value is 0, the password does not expire. |
-M <days>
|
Specify the maximum number of days for which the password is
valid. When the number of days specified by this option plus the number
of days specified with the -d option is less than the current day, the user must change passwords before using the account.
|
-W <days>
| Specifies the number of days before the password expiration date to warn the user. |
chage
command is followed
directly by a username (with no options), it displays the current
password aging values and allows them to be changed interactively.
python
command. It displays the following:
Python 2.4.3 (#1, Jul 21 2006, 08:46:09) [GCC 4.1.1 20060718 (Application Stack 4.1.1-9)] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>>
<password>
with the password to encrypt and <salt>
with a random combination of at least 2 of the following: any alphanumeric character, the slash (/) character or a dot (.):
import crypt; print crypt.crypt("<password>
","<salt>
")
'12CsGd8FRcMSM'
.
<encrypted-password>
with the encrypted output of the Python interpreter):
usermod -p "<encrypted-password>
"<username>
usermod -p "" username
chage -d 0 username
useradd juan
is issued on a system that has shadow passwords enabled:
juan
is created in /etc/passwd
.
juan:x:501:501::/home/juan:/bin/bash
The line has the following characteristics:
juan
.
x
for the password field indicating that the system is using shadow passwords.
juan
is set to /home/juan/
.
/bin/bash
.
juan
is created in /etc/shadow
.
juan:!!:14798:0:99999:7:::
The line has the following characteristics:
juan
.
!!
) appear in the password field of the /etc/shadow
file, which locks the account.
-p
flag, it is placed in the /etc/shadow
file on the new line for the user.
juan
is created in /etc/group
.
juan:x:501:
A group with the same name as a user is called a user private group. For more information on user private groups, refer to Section 15.1.1, “Adding a New User”.
/etc/group
has the following characteristics:
juan
.
x
appears in the password field indicating that the system is using shadow group passwords.
juan
in /etc/passwd
.
juan
is created in /etc/gshadow
.
juan:!::
The line has the following characteristics:
juan
.
!
) appears in the password field of the /etc/gshadow
file, which locks the group.
juan
is created in the /home/
directory.
This directory is owned by userls -l /home
drwx------. 4 juan juan 4096 Jul 9 14:55 juan
juan
and group juan
. It has read, write, and execute privileges only for the user juan
. All other permissions are denied.
/etc/skel/
directory (which contain default user settings) are copied into the new /home/juan/
directory.
juan
exists on the system. To activate it, the administrator must next assign a password to the account using the passwd
command and, optionally, set password aging guidelines.
/etc/passwd
file by an Everything installation. The groupid (GID) in this table is the primary group for the user. See Section 15.4, “Standard Groups” for a listing of standard groups.
User | UID | GID | Home Directory | Shell | Packages |
---|---|---|---|---|---|
root | 0 | 0 | /root |
/bin/bash
|
setup
|
bin | 1 | 1 | /bin |
/sbin/nologin
|
setup
|
daemon | 2 | 2 | /sbin |
/sbin/nologin
|
setup
|
sys | - | 3 | - |
-
|
setup
|
adm | 3 | 4 | /var/adm |
/bin/bash
|
setup
|
tty | - | 5 | - |
-
|
setup
|
disk | - | 6 | - |
-
|
setup
|
lp | 4 | 7 | /var/spool/lpd |
/sbin/nologin
|
setup
|
mem | - | 8 | - |
-
|
setup
|
kmem | - | 9 | - |
-
|
setup
|
wheel | - | 10 | - |
-
|
setup
|
cdrom | - | 11 | - |
-
|
udev,MAKEDEV
|
sync | 5 | (0) | /sbin |
/bin/sync
|
setup
|
shutdown | 6 | (0) | /sbin |
/sbin/shutdown
|
setup
|
halt | 7 | (0) | /sbin |
/sbin/halt
|
setup
|
8 | 12 | /var/spool/mail |
/sbin/nologin
|
setup
| |
news | 9 | 13 | /var/spool/news |
/sbin/nologin
|
setup
|
uucp | 10 | 14 | /var/spool/uucp |
/sbin/nologin
|
setup
|
operator | 11 | (0) | /root |
/sbin/nologin
|
setup
|
games | 12 | (100) | /usr/games |
/sbin/nologin
|
setup
|
gopher | 13 | 30 | /usr/lib/gopher-data |
/sbin/nologin
|
setup
|
ftp | 14 | 50 | /var/ftp |
/sbin/nologin
|
setup
|
man | - | 15 | - |
-
|
setup
|
oprofile | 16 | 16 | /home/oprofile |
/sbin/nologin
|
oprofile
|
pkiuser | 17 | 17 | /usr/share/pki |
/sbin/nologin
|
pki-ca,rhpki-ca
|
dialout | - | 18 | - |
-
|
udev,MAKEDEV
|
floppy | - | 19 | - |
-
|
dev,MAKEDEV
|
games | - | 20 | - |
-
|
setup
|
slocate | - | 21 | - |
-
|
slocate
|
utmp | - | 22 | - |
-
|
initscripts,libutempter
|
squid | 23 | 23 | /var/spool/squid |
/dev/null
|
squid
|
pvm | 24 | 24 | /usr/share/pvm3 |
/bin/bash
|
pvm
|
named | 25 | 25 | /var/named |
/bin/false
|
bind
|
postgres | 26 | 26 | /var/lib/pgsql |
/bin/bash
|
postgresql-server
|
mysql | 27 | 27 | /var/lib/mysql |
/bin/bash
|
mysql
|
nscd | 28 | 28 | / |
/bin/false
|
nscd
|
rpcuser | 29 | 29 | /var/lib/nfs |
/bin/false
|
nfs-utils
|
console | - | 31 | - |
-
|
dev
|
rpc | 32 | 32 | / |
/bin/false
|
portmap
|
amanda | 33 | (6) | /var/lib/amanda |
/bin/false
|
amanda
|
tape | - | 33 | - |
-
|
udev,MAKEDEV
|
netdump | 34 | 34 | /var/crash |
/bin/bash
|
netdump-client, netdump-server
|
utempter | - | 35 | - |
-
|
libutempter
|
vdsm | 36 | - | / |
/bin/bash
|
kvm, vdsm
|
kvm | - | 36 | - |
-
|
kvm, vdsm, libvirt
|
rpm | 37 | 37 | /var/lib/rpm |
/bin/bash
|
rpm
|
ntp | 38 | 38 | /etc/ntp |
/sbin/nologin
|
ntp
|
video | - | 39 | - |
-
|
setup
|
dip | - | 40 | - |
-
|
setup
|
mailman | 41 | 41 | /var/mailman |
/bin/false
|
mailman
|
gdm | 42 | 42 | /var/gdm |
/bin/bash
|
gdm
|
xfs | 43 | 43 | /etc/X11/fs |
/bin/false
|
XFree86-xfs
|
pppusers | - | 44 | - |
-
|
linuxconf
|
popusers | - | 45 | - |
-
|
linuxconf
|
slipusers | - | 46 | - |
-
|
linuxconf
|
mailnull | 47 | 47 | /var/spool/mqueue |
/dev/null
|
sendmail
|
apache | 48 | 48 | /var/www |
/bin/false
|
apache
|
wnn | 49 | 49 | /home/wnn |
/bin/bash
|
FreeWnn
|
smmsp | 51 | 51 | /var/spool/mqueue |
/dev/null
|
sendmail
|
puppet | 52 | 52 | /var/lib/puppet |
/sbin/nologin
|
puppet
|
tomcat | 53 | 53 | /var/lib/tomcat |
/sbin/nologin
|
tomcat
|
lock | - | 54 | - |
-
|
lockdev
|
ldap | 55 | 55 | /var/lib/ldap |
/bin/false
|
openldap-servers
|
frontpage | 56 | 56 | /var/www |
/bin/false
|
mod_frontpage
|
nut | 57 | 57 | /var/lib/ups |
/bin/false
|
nut
|
beagleindex | 58 | 58 | /var/cache/beagle |
/bin/false
|
beagle
|
tss | 59 | 59 | - |
/sbin/nologin
|
trousers
|
piranha | 60 | 60 | /etc/sysconfig/ha |
/dev/null
|
piranha
|
prelude-manager | 61 | 61 | - |
/sbin/nologin
|
prelude-manager
|
snortd | 62 | 62 | - |
/sbin/nologin
|
snortd
|
audio | - | 63 | - |
-
|
setup
|
condor | 64 | 64 | /var/lib/condor |
/sbin/nologin
|
condord
|
nslcd | 65 | (55) | / |
/sbin/nologin
|
nslcd
|
wine | - | 66 | - |
-
|
wine
|
pegasus | 66 | 65 | /var/lib/Pegasus |
/sbin/nologin
|
tog-pegasus
|
webalizer | 67 | 67 | /var/www/html/usage |
/sbin/nologin
|
webalizer
|
haldaemon | 68 | 68 | / |
/sbin/nologin
|
hal
|
vcsa | 69 | 69 | - |
/sbin/nologin
|
dev,MAKEDEV
|
avahi | 70 | 70 | /var/run/avahi-daemon |
/sbin/nologin
|
avahi
|
realtime | - | 71 | - |
-
|
-
|
tcpdump | 72 | 72 | / |
/sbin/nologin
|
tcpdump
|
privoxy | 73 | 73 | /etc/privoxy |
/bin/bash
|
privoxy
|
sshd | 74 | 74 | /var/empty/sshd |
/sbin/nologin
|
openssh-server
|
radvd | 75 | 75 | / |
/bin/false
|
radvd
|
cyrus | 76 | (12) | /var/imap |
/bin/bash
|
cyrus-imapd
|
saslauth | - | 76 | - |
-
|
cyrus-imapd
|
arpwatch | 77 | 77 | /var/lib/arpwatch |
/sbin/nologin
|
arpwatch
|
fax | 78 | 78 | /var/spool/fax |
/sbin/nologin
|
mgetty
|
nocpulse | 79 | 79 | /etc/sysconfig/nocpulse |
/bin/bash
|
nocpulse
|
desktop | 80 | 80 | - |
/sbin/nologin
|
desktop-file-utils
|
dbus | 81 | 81 | / |
/sbin/nologin
|
dbus
|
jonas | 82 | 82 | /var/lib/jonas |
/sbin/nologin
|
jonas
|
clamav | 83 | 83 | /tmp |
/sbin/nologin
|
clamav
|
screen | - | 84 | - |
-
|
screen
|
quaggavt | - | 85 | - |
-
|
quagga
|
sabayon | 86 | 86 | - |
/sbin/nologin
|
sabayon
|
polkituser | 87 | 87 | / |
/sbin/nologin
|
PolicyKit
|
wbpriv | - | 88 | - |
-
|
samba-common
|
postfix | 89 | 89 | /var/spool/postfix |
/bin/true
|
postfix
|
postdrop | - | 90 | - |
-
|
postfix
|
majordomo | 91 | 91 | /usr/lib/majordomo |
/bin/bash
|
majordomo
|
quagga | 92 | 92 | / |
/sbin/nologin
|
quagga
|
exim | 93 | 93 | /var/spool/exim |
/sbin/nologin
|
exim
|
distcache | 94 | 94 | / |
/sbin/nologin
|
distcache
|
radiusd | 95 | 95 | / |
/bin/false
|
freeradius
|
hsqldb | 96 | 96 | /var/lib/hsqldb |
/sbin/nologin
|
hsqldb
|
dovecot | 97 | 97 | /usr/libexec/dovecot |
/sbin/nologin
|
dovecot
|
ident | 98 | 98 | / |
/sbin/nologin
|
ident
|
nobody | 99 | 99 | / |
/sbin/nologin
|
setup
|
users | - | 100 | - |
-
|
setup
|
qemu | 107 | 107 | / |
/sbin/nologin
|
libvirt
|
ovirt | 108 | 108 | / |
/sbin/nologin
|
libvirt
|
saned | 111 | 111 | / |
/sbin/nologin
|
sane-backends
|
vhostmd | 112 | 112 | /usr/share/vhostmd |
/sbin/nologin
|
vhostmd
|
usbmuxd | 113 | 113 | / |
/sbin/nologin
|
usbmuxd
|
bacula | 133 | 133 | /var/spool/bacula |
/sbin/nologin
|
bacula
|
ricci | 140 | 140 | /var/lib/ricci |
/sbin/nologin
|
ricci
|
luci | 141 | 141 | /var/lib/luci |
/sbin/nologin
|
luci
|
stap-server | 155 | 155 | /var/lib/stap-server |
/sbin/nologin
|
systemtap
|
avahi-autoipd | 170 | 170 | /var/lib/avahi-autoipd |
/sbin/nologin
|
avahi
|
pulse | 171 | 171 | /var/run/pulse |
/sbin/nologin
|
pulseaudio
|
rtkit | 172 | 172 | /proc |
/sbin/nologin
|
rtkit
|
nfsnobody | 65534[a] | 65534 | /var/lib/nfs |
/sbin/nologin
|
nfs-utils
|
[a] nfsnobdy is 4294967294 on 64-bit platforms |
/etc/group
file.
Group | GID | Members |
---|---|---|
root | 0 | root |
bin | 1 | root, bin, daemon |
daemon | 2 | root, bin, daemon |
sys | 3 | root, bin, adm |
adm | 4 | root, adm, daemon |
tty | 5 | |
disk | 6 | root |
lp | 7 | daemon, lp |
mem | 8 | |
kmem | 9 | |
wheel | 10 | root |
12 | mail, postfix | |
uucp | 14 | uucp |
man | 15 | |
games | 20 | |
gopher | 30 | |
video | 39 | |
dip | 40 | |
ftp | 50 | |
lock | 54 | |
audio | 63 | |
nobody | 99 | |
users | 100 | |
dbus | 81 | |
usbmuxd | 113 | |
utmp | 22 | |
utempter | 35 | |
avahi-autoipd | 170 | |
floppy | 19 | |
vcsa | 69 | |
rpc | 32 | |
rtkit | 499 | |
abrt | 498 | |
nscd | 28 | |
desktop_admin_r | 497 | |
desktop_user_r | 496 | |
cdrom | 11 | |
tape | 33 | |
dialout | 18 | |
haldaemon | 68 | haldaemon |
apache | 48 | |
ldap | 55 | |
saslauth | 495 | |
postdrop | 90 | |
postfix | 89 | |
avahi | 70 | |
ntp | 38 | |
rpcuser | 29 | |
nfsnobody | 4294967294 | |
pulse | 494 | |
pulse-access | 493 | |
fuse | 492 | |
gdm | 42 | |
stapdev | 491 | |
stapusr | 490 | |
sshd | 74 | |
tcpdump | 72 | |
slocate | 21 | |
dovecot | 97 | |
dovenull | 489 | |
mailnull | 47 | |
smmsp | 51 |
/etc/bashrc
file. Traditionally on UNIX systems, the umask
is set to 022
, which allows only the user who created the file or directory to make modifications. Under this scheme, all other users, including members of the creator's group,
are not allowed to make any modifications. However, under the UPG
scheme, this "group protection" is not necessary since every user has
their own private group.
/usr/share/emacs/site-lisp/
directory. Some people are trusted to modify the directory, but not everyone. First create an emacs
group, as in the following command:
/usr/sbin/groupadd emacs
emacs
group, type:
chown -R root.emacs /usr/share/emacs/site-lisp
gpasswd
command:
/usr/bin/gpasswd -a <username>
emacs
chmod 775 /usr/share/emacs/site-lisp
emacs
). Use the following command:
chmod 2775 /usr/share/emacs/site-lisp
emacs
group can create and edit files in the /usr/share/emacs/site-lisp/
directory without the administrator having to change file permissions every time users write new files.
ls -l /usr/share/emacs/
displays the current settings:
total 4
drwxrwsr-x. 2 root emacs 4096 May 18 15:41 site-lisp
shadow-utils
package). Doing so enhances the security of system authentication
files. For this reason, the installation program enables shadow
passwords by default.
/etc/passwd
file to /etc/shadow
, which is readable only by the root user.
/etc/login.defs
file to enforce security policies.
shadow-utils
package work properly whether or not shadow passwords are enabled.
However, since password aging information is stored exclusively in the /etc/shadow
file, any commands which create or modify password aging information do not work.
chage
gpasswd
/usr/sbin/usermod
-e
or -f
options
/usr/sbin/useradd
-e
or -f
options
man chage
— A command to modify password aging policies and account expiration.
man gpasswd
— A command to administer the /etc/group
file.
man groupadd
— A command to add groups.
man grpck
— A command to verify the /etc/group
file.
man groupdel
— A command to remove groups.
man groupmod
— A command to modify group membership.
man pwck
— A command to verify the /etc/passwd
and /etc/shadow
files.
man pwconv
— A tool to convert standard passwords to shadow passwords.
man pwunconv
— A tool to convert shadow passwords to standard passwords.
man useradd
— A command to add users.
man userdel
— A command to remove users.
man usermod
— A command to modify users.
man 5 group
— The file containing group information for the system.
man 5 passwd
— The file containing user information for the system.
man 5 shadow
— The file containing passwords and account expiration information for the system.
locate
command
is updated daily. A system administrator can use automated tasks to
perform periodic backups, monitor the system, run custom scripts, and
more.
cron
, at
, and batch
.
cronie
RPM package must be installed and the crond
service must be running. anacron
is a sub-package of cronie
. To determine if these packages are installed, use the rpm -q cronie cronie-anacron
command.
/sbin/service crond status
. To start the cron service, use the command /sbin/service crond start
. To stop the service, use the command /sbin/service crond stop
. It is recommended that you start the service at boot time. Refer to Chapter 7, Controlling Access to Services for details on starting the cron service automatically at boot time.
/etc/anacrontab
(only root is allowed to modify this file), which contains the following lines:
SHELL=/bin/sh PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root # the maximal random delay added to the base delay of the jobs RANDOM_DELAY=45 # the jobs will be started during the following hours only START_HOURS_RANGE=3-22 #period in days delay in minutes job-identifier command 1 5 cron.daily nice run-parts /etc/cron.daily 7 25 cron.weekly nice run-parts /etc/cron.weekly @monthly 45 cron.monthly nice run-parts /etc/cron.monthly
SHELL
variable tells the system which shell environment to use (in this example the bash shell). The PATH
variable defines the path used to execute commands. The output of the
anacron jobs are emailed to the username defined with the MAILTO
variable. If the MAILTO
variable is not defined, (i.e. is empty, MAILTO=
), email is not sent.
RANDOM_DELAY
variable denotes the maximum number of minutes that will be added to the delay in minutes
variable which is specified for each job. The minimum delay value is set, by default, to 6 minutes. A RANDOM_DELAY
set to 12 would therefore add, randomly, between 6 and 12 minutes to the delay in minutes
for each job in that particular anacrontab. RANDOM_DELAY
can also be set to a value below 6, or even 0. When set to 0, no random
delay is added. This proves to be useful when, for example, more
computers that share one network connection need to download the same
data every day. The START_HOURS_RANGE
variable defines an interval (in hours) when scheduled jobs can be run.
In case this time interval is missed, for example, due to a power down,
then scheduled jobs are not executed that day.
/etc/anacrontab
file represent scheduled jobs and have the following format:
period in days delay in minutes job-identifier command
period in days
— specifies the frequency of execution of a job in days. This variable can be represented by an integer or a macro (@daily
, @weekly
, @monthly
), where @daily
denotes the same value as the integer 1, @weekly
the same as 7, and @monthly
specifies that the job is run once a month, independent on the length of the month.
delay in minutes
— specifies
the number of minutes anacron waits, if necessary, before executing a
job. This variable is represented by an integer where 0 means no delay.
job-identifier
— specifies a unique name of a job which is used in the log files.
command
— specifies the command to execute. The command can either be a command such as ls /proc >> /tmp/proc
or a command to execute a custom script.
/etc/anacrontab
file:
SHELL=/bin/sh PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root # the maximal random delay added to the base delay of the jobs RANDOM_DELAY=30 # the jobs will be started during the following hours only START_HOURS_RANGE=16-20 #period in days delay in minutes job-identifier command 1 20 dailyjob nice run-parts /etc/cron.daily 7 25 weeklyjob /etc/weeklyjob.bash @monthly 45 monthlyjob ls /proc >> /tmp/proc
anacrontab
file are randomly delayed by 6-30 minutes and can be executed between
16:00 and 20:00. Thus, the first defined job will run anywhere between
16:26 and 16:50 every day. The command specified for this job will
execute all present programs in the /etc/cron.daily
directory (using the run-parts
script which takes a directory as a command-line argument and
sequentially executes every program within that directory). The second
specified job will be executed once a week and will execute the weeklyjob.bash
script in the /etc
directory. The third job is executed once a month and runs a command to write the contents of the /proc
to the /tmp/proc
file (e.g. ls /proc >> /tmp/proc
).
cronie-anacron
package. Thus, you will be able to define jobs using crontabs only.
/etc/crontab
(only root is allowed to modify this file), contains the following lines:
SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/ # For details see man 4 crontabs # Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user command to be executed
anacrontab
file, SHELL
, PATH
and MAILTO
. For more information about these variables, refer to Section 16.1.2, “Configuring Anacron Jobs”. The fourth line contains the HOME
variable. The HOME
variable can be used to set the home directory to use when executing commands or scripts.
/etc/crontab
file represent scheduled jobs and have the following format:
minute hour day month day of week user command
minute
— any integer from 0 to 59
hour
— any integer from 0 to 23
day
— any integer from 1 to 31 (must be a valid day if a month is specified)
month
— any integer from 1 to 12 (or the short name of the month such as jan or feb)
day of week
— any integer from 0 to 7, where 0 or 7 represents Sunday (or the short name of the week such as sun or mon)
user
— specifies the user under which the jobs are run
command
— the command to execute (the command can either be a command such as ls /proc >> /tmp/proc
or the command to execute a custom script)
1-4
means the integers 1, 2, 3, and 4.
3, 4, 6, 8
indicates those four specific integers.
/<integer
>
. For example, 0-59/2
can be used to define every other minute in the minute field. Step
values can also be used with an asterisk. For instance, the value */3
can be used in the month field to run the task every third month.
crontab
utility. All user-defined crontabs are stored in the /var/spool/cron/
directory and are executed using the usernames of the users that
created them. To create a crontab as a user, login as that user and type
the command crontab -e
to edit the user's crontab using the editor specified by the VISUAL
or EDITOR
environment variable. The file uses the same format as /etc/crontab
. When the changes to the crontab are saved, the crontab is stored according to username and written to the file /var/spool/cron/username
. To list the contents of your own personal crontab file, use the crontab -l
command.
crontab
utility, there is no need to specify a user when defining a job.
/etc/cron.d/
directory contains files that have the same syntax as the /etc/crontab
file. Only root is allowed to create and modify files in this directory.
/etc/anacrontab
file, the /etc/crontab
file, the /etc/cron.d/
directory, and the /var/spool/cron/
directory every minute for any changes. If any changes are found, they
are loaded into memory. Thus, the daemon does not need to be restarted
if an anacrontab or a crontab file is changed.
/etc/cron.allow
and /etc/cron.deny
files are used to restrict access to cron. The format of both access
control files is one username on each line. Whitespace is not permitted
in either file. The cron daemon (crond
)
does not have to be restarted if the access control files are modified.
The access control files are checked each time a user tries to add or
delete a cron job.
cron.allow
exists, only users listed in it are allowed to use cron, and the cron.deny
file is ignored.
cron.allow
does not exist, users listed in cron.deny
are not allowed to use cron.
/etc/security/access.conf
. For example, adding the following line in this file forbids creating crontabs for all users except the root user:
-:ALL EXCEPT root :cron
access.conf.5
(i.e. man 5 access.conf
).
run-parts
script on a cron folder, such as /etc/cron.daily
, we can define which of the programs in this folder will not be executed by run-parts
.
jobs.deny
file in the folder that run-parts
will be executing from. For example, if we need to omit a particular program from /etc/cron.daily, then, a file /etc/cron.daily/jobs.deny
has to be created. In this file, specify the names of the omitted
programs from the same directory. These will not be executed when a
command, such as run-parts /etc/cron.daily
, is executed by a specific job.
jobs.allow
file.
jobs.deny
and jobs.allow
are the same as those of cron.deny
and cron.allow
described in section Section 16.1.4, “Controlling Access to Cron”.
at
command is used to schedule a one-time task at a specific time and the batch
command is used to schedule a one-time task to be executed when the systems load average drops below 0.8.
at
or batch
, the at
RPM package must be installed, and the atd
service must be running. To determine if the package is installed, use the rpm -q at
command. To determine if the service is running, use the command /sbin/service atd status
.
at time
, where time
is the time to execute the command.
time
can be one of the following:
/usr/share/doc/at-<version>
/timespec
text file.
at
command with the time argument, the at>
prompt is displayed. Type the command to execute, press Enter, and press Ctrl+D . Multiple commands can be specified by typing each command followed by the Enter key. After typing all the commands, press Enter to go to a blank line and press Ctrl+D . Alternatively, a shell script can be entered at the prompt, pressing Enter after each line in the script, and pressing Ctrl+D on a blank line to exit. If a script is entered, the shell used is the shell set in the user's SHELL
environment, the user's login shell, or /bin/sh
(whichever is found first).
atq
to view pending jobs. Refer to Section 16.2.3, “Viewing Pending Jobs” for more information.
at
command can be restricted. For more information, refer to Section 16.2.5, “Controlling Access to At and Batch” for details.
batch
command.
batch
command, the at>
prompt is displayed. Type the command to execute, press Enter, and press Ctrl+D . Multiple commands can be specified by typing each command followed by the Enter key. After typing all the commands, press Enter to go to a blank line and press Ctrl+D . Alternatively, a shell script can be entered at the prompt, pressing Enter after each line in the script, and pressing Ctrl+D on a blank line to exit. If a script is entered, the shell used is the shell set in the user's SHELL
environment, the user's login shell, or /bin/sh
(whichever is found first). As soon as the load average is below 0.8, the set of commands or script is executed.
atq
to view pending jobs. Refer to Section 16.2.3, “Viewing Pending Jobs” for more information.
batch
command can be restricted. For more information, refer to Section 16.2.5, “Controlling Access to At and Batch” for details.
at
and batch
jobs, use the atq
command. The atq
command displays a list of pending jobs, with each job on a line. Each
line follows the job number, date, hour, job class, and username format.
Users can only view their own jobs. If the root user executes the atq
command, all jobs for all users are displayed.
at
and batch
include:
at
and batch
Command Line OptionsOption | Description |
---|---|
-f
| Read the commands or shell script from a file instead of specifying them at the prompt. |
-m
| Send email to the user when the job has been completed. |
-v
| Display the time that the job is executed. |
/etc/at.allow
and /etc/at.deny
files can be used to restrict access to the at
and batch
commands. The format of both access control files is one username on
each line. Whitespace is not permitted in either file. The at
daemon (atd
)
does not have to be restarted if the access control files are modified.
The access control files are read each time a user tries to execute the
at
or batch
commands.
at
and batch
commands, regardless of the access control files.
at.allow
exists, only users listed in it are allowed to use at
or batch
, and the at.deny
file is ignored.
at.allow
does not exist, users listed in at.deny
are not allowed to use at
or batch
.
at
service, use the command /sbin/service atd start
. To stop the service, use the command /sbin/service atd stop
. It is recommended that you start the service at boot time. Refer to Chapter 7, Controlling Access to Services for details on starting the cron service automatically at boot time.
cron
man page — contains an overview of cron.
crontab
man pages in sections 1 and 5 — The man page in section 1 contains an overview of the crontab
file. The man page in section 5 contains the format for the file and some example entries.
anacron
man page — contains an overview of anacron.
anacrontab
man page — contains an overview of the anacrontab
file.
/usr/share/doc/at-<version>
/timespec
contains more detailed information about the times that can be specified for cron jobs.
at
man page — description of at
and batch
and their command line options.
rsyslogd
. A list of log messages maintained by rsyslogd
can be found in the /etc/rsyslog.conf
configuration file.
rsyslog
replaced syslogd
as the default program for forwarding syslog messages over the network. rsyslog
uses the basic syslog
protocol and extends its functionality with enhanced filtering,
encryption protected relaying of messages, various configuration
options, or support for transportation via the TCP
or UDP
protocols.
rsyslog
rsyslog
is /etc/rsyslog.conf
. It is essentially divided in the following parts:
/etc/rsyslog.conf
configuration file is described in the sections below.
/etc/rsyslog.conf
configuration file, any empty lines or any text following a hash sign (#) are comments and are not processed.
rsyslog
offers a variety of modules
which provide dynamic functionality. Note that modules can be written
by third parties. Essentially, modules are comprised of various
configuration directives that become available when a module is loaded.
To load a module, use the following syntax:
$ModLoad <MODULE>
<MODULE>
represents your desired module. For example, if you want to load the Text File Input Module
(imfile
— enables rsyslog
to convert any standard text files into a syslog messages), specify the following line in your /etc/rsyslog.conf
configuration file:
$ModLoad imfile
rsyslog
offers a number of modules which are split into these main categories:
im
prefix, such as imfile
, imrelp
, etc.
om
prefix, such as omsnmp
, omrelp
, etc.
fm
prefix.
pm
prefix, such as pmrfc5424
, pmrfc3164
, etc.
rsyslog
. For more information on templates, refer to . The name of a string generator module always starts with the sm
prefix, such as smfile
, smtradfile
, etc.
rsyslog
when needed and cannot be configured by the user.
rsyslog
loads any
modules, it provides them with access to some of its functions and data.
This poses a possible security threat. To minimize security risks, use
trustworthy modules only.
rsyslogd
daemon. All of the global directives must start with a dollar sign ($
).
Only one directive can be specified per line. The following is an
example of a global directive that specifies the maximum size of the
syslog message queue:
$MainMsgQueueSize
10,000
messages) can be overridden by specifying a different value.
/usr/share/doc/rsyslog-4.4.2/rsyslog_conf_global.html
or online at http://www.rsyslog.com/doc/rsyslog_conf_global.html.
/etc/rsyslog.conf
configuration file, define both, a selector and an action, on one line
and separate them with one or more spaces or tabs. For more information
on selectors, refer to Section 17.1.3.1, “Selectors” and for information on actions, refer to Section 17.1.3.2, “Actions”.
<FACILITY>
.<PRIORITY>
<FACILITY>
specifies the subsystem that produces a specific syslog message. For example, the mail
subsystem handles all mail related syslog messages. <FACILITY>
can be represented by one of these keywords: auth
, authpriv
, cron
, daemon
, kern
, lpr
, mail
, news
, syslog
, user
, uucp
, and local0
through local7
.
<PRIORITY>
specifies a priority of a syslog message. <PRIORITY>
can be represented by one of these keywords: debug
, info
, notice
, warning
, err
, crit
, alert
, and emerg
.
=
),
you specify that only syslog messages with that priority will be
selected. All other priorities will be ignored. Conversely, preceding a
priority with an exclamation mark (!
)
selects all syslog messages but those with the defined priority. By not
using either of these two extensions, you specify a selection of syslog
messages with the defined priority and higher.
*
)
to define all facilities or priorities (depending on where you place
the asterisk, before or after the dot). Specifying the keyword none
serves for facilities with no given priorities.
,
). To define multiple selectors on one line, separate them with a semi-colon (;
).
kern.* # Selects all kernel syslog messages with any priority
mail.crit # Selects all mail syslog messages with priority crit
and higher.
cron.!info,!debug # Selects all cron syslog messages except those with theinfo
ordebug
priority.
/var/log/cron
log file:
cron.* /var/log/cron
-
) as a prefix of
the file path you specified if you want to omit syncing the desired log
file after every syslog message is generated.
?
) prefix. For more information on templates, refer to Section 17.1.4, “Templates”.
rsyslog
allows you to send and
receive syslog messages over the network. This feature allows to
administer syslog messages of multiple hosts on one machine. To forward
syslog messages to a remote machine, use the following syntax:
@[(<OPTION>
,<MORE OPTIONS>
)]<HOST>
:[<PORT>
]
@
) indicates that the syslog messages are forwarded to a host using the UDP
protocol. To use the TCP
protocol, use two at signs with no space between them (@@
).
<OPTION>
and <MORE OPTIONS>
attributes can be replaced with an option such as z<NUMBER>
. This option enables zlib compression for syslog messages; the <NUMBER>
attribute specifies the level of compression.
<HOST>
attribute specifies the host which receives the selected syslog messages.
<PORT>
attribute specifies the host machine's port.
IPv6
address as the hoset, enclose the address in square brackets ([
, ]
).
*.* @192.168.0.1 # Forwards messages to 192.168.0.1 via the UDP
protocol
*.* @@example.com:18 # Forwards messages to "example.com" using port 18 and the TCP
protocol
*.* @(z9)[2001::1] # Compresses messages with zlib (level 9 compression)
# and forwards them to 2001::1 using the UDP
protocol
,
). To send messages to every user that is currently logged on, use an asterisk (*
).
~
). The following rule discards any cron syslog messages:
cron.* ~
;
) and specify the name of the template.
/usr/share/doc/rsyslog-4.4.2/rsyslog_conf_actions.html
.
rsyslog
Performance/var/log/
directory. Some applications such as httpd
and samba
have a directory within /var/log/
for their log files.
/var/log/
directory with numbers after them (e.g.: cron-20100906
).
These numbers represent a timestamp that has been added to a rotated
log file. Log files are rotated so their file sizes do not become too
large. The logrotate
package contains a cron task that automatically rotates log files according to the /etc/logrotate.conf
configuration file and the configuration files in the /etc/logrotate.d/
directory.
/etc/logrotate.conf
configuration file:
# rotate log files weekly weekly # keep 4 weeks worth of backlogs rotate 4 # uncomment this if you want your log files compressed compress
.gz
format. Any lines that begin with a hash sign (#) are comments and are not processed
/etc/logrotate.d/
directory and define any configuration options there.
/etc/logrotate.d/
directory:
/var/log/messages { rotate 5 weekly postrotate /usr/bin/killall -HUP syslogd endscript }
/var/log/messages
log file only. The settings specified here override the global settings where possible. Thus the rotated /var/log/messages
log file will be kept for five weeks instead of four weeks as was defined in the global options.
weekly
— Specifies the rotation of log files on a weekly basis. Similar directives include:
daily
monthly
yearly
compress
— Enables compression of rotated log files. Similar directives include:
nocompress
compresscmd
— Specifies the command to be used for compressing.
uncompresscmd
compressext
— Specifies what extension is to be used for compressing.
compressoptions
— Lets you specify any options that may be passed to the used compression program.
delaycompress
— Postpones the compression of log files to the next rotation of log files.
rotate <INTEGER>
— Specifies the number of rotations a log file undergoes before it is removed or mailed to a specific address. If the value 0
is specified, old log files are removed instead of rotated.
mail <ADDRESS>
— This option enables mailing of log files that have been rotated as many times as is defined by the rotate
directive to the specified address. Similar directives include:
nomail
mailfirst
— Specifies that the just-rotated log files are to be mailed, instead of the about-to-expire log files.
maillast
— Specifies
that the just-rotated log files are to be mailed, instead of the
about-to-expire log files. This is the default option when mail
is enabled.
logrotate
man page (man logrotate
).
Vi
or Emacs. Some log files are readable by all users on the system; however, root privileges are required to read most log files.
~]# yum install gnome-system-log
~]$ gnome-system-log
.gz
format.
rsyslogd
manual page — Type man rsyslogd
to learn more about rsyslogd
and its many options.
rsyslog.conf
manual page — Type man rsyslog.conf
to learn more about the /etc/rsyslog.conf
configuration file and its many options.
/usr/share/doc/rsyslog-<version-number>
— After installing the rsyslog package, this directory contains extensive documentation in the html
format.
logrotate
manual page — Type man logrotate
to learn more about logrotate
and its many options.
/etc/rsyslog.conf
configuration examples.
/etc/sysconfig/
Directory/etc/sysconfig/arpwatch
/etc/sysconfig/authconfig
/etc/sysconfig/autofs
/etc/sysconfig/clock
/etc/sysconfig/dhcpd
/etc/sysconfig/firstboot
/etc/sysconfig/i18n
/etc/sysconfig/init
/etc/sysconfig/ip6tables-config
/etc/sysconfig/keyboard
/etc/sysconfig/ldap
/etc/sysconfig/named
/etc/sysconfig/network
/etc/sysconfig/ntpd
/etc/sysconfig/quagga
/etc/sysconfig/radvd
/etc/sysconfig/samba
/etc/sysconfig/selinux
/etc/sysconfig/sendmail
/etc/sysconfig/spamassassin
/etc/sysconfig/squid
/etc/sysconfig/system-config-users
/etc/sysconfig/vncservers
/etc/sysconfig/xinetd
/etc/sysconfig/
Directory/etc/sysconfig/
directory, their function, and their contents. The information in this
chapter is not intended to be complete, as many of these files have a
variety of options that are only used in very specific or rare
circumstances.
/etc/sysconfig/
directory depends on the programs you have installed on your machine.
To find the name of the package the configuration file belongs to, type
the following at a shell prompt:
~]$ yum provides /etc/sysconfig/filename
/etc/sysconfig/
Directory/etc/sysconfig/
directory.
/etc/sysconfig/arpwatch
/etc/sysconfig/arpwatch
file is used to pass arguments to the arpwatch
daemon at boot time. By default, it contains the following option:
OPTIONS=value
arpwatch
daemon. For example:
OPTIONS="-u arpwatch -e root -s 'root (Arpwatch)'"
/etc/sysconfig/authconfig
/etc/sysconfig/authconfig
file sets the authorization to be used on the host. By default, it contains the following options:
USEMKHOMEDIR=boolean
yes
) or disable (no
) creating a home directory for a user on the first login. For example:
USEMKHOMEDIR=no
USEPAMACCESS=boolean
yes
) or disable (no
) the PAM authentication. For example:
USEPAMACCESS=no
USESSSDAUTH=boolean
yes
) or disable (no
) the SSSD authentication. For example:
USESSSDAUTH=no
USESHADOW=boolean
yes
) or disable (no
) shadow passwords. For example:
USESHADOW=yes
USEWINBIND=boolean
yes
) or disable (no
) using Winbind for user account configuration. For example:
USEWINBIND=no
USEDB=boolean
yes
) or disable (no
) the FAS authentication. For example:
USEDB=no
USEFPRINTD=boolean
yes
) or disable (no
) the fingerprint authentication. For example:
USEFPRINTD=yes
FORCESMARTCARD=boolean
yes
) or disable (no
) enforcing the smart card authentication. For example:
FORCESMARTCARD=no
PASSWDALGORITHM=value
value
can be bigcrypt
, descrypt
, md5
, sha256
, or sha512
. For example:
PASSWDALGORITHM=sha512
USELDAPAUTH=boolean
yes
) or disable (no
) the LDAP authentication. For example:
USELDAPAUTH=no
USELOCAUTHORIZE=boolean
yes
) or disable (no
) the local authorization for local users. For example:
USELOCAUTHORIZE=yes
USECRACKLIB=boolean
yes
) or disable (no
) using the CrackLib. For example:
USECRACKLIB=yes
USEWINBINDAUTH=boolean
yes
) or disable (no
) the Winbind authentication. For example:
USEWINBINDAUTH=no
USESMARTCARD=boolean
yes
) or disable (no
) the smart card authentication. For example:
USESMARTCARD=no
USELDAP=boolean
yes
) or disable (no
) using LDAP for user account configuration. For example:
USELDAP=no
USENIS=boolean
yes
) or disable (no
) using NIS for user account configuration. For example:
USENIS=no
USEKERBEROS=boolean
yes
) or disable (no
) the Kerberos authentication. For example:
USEKERBEROS=no
USESYSNETAUTH=boolean
yes
) or disable (no
) authenticating system accounts with network services. For example:
USESYSNETAUTH=no
USESMBAUTH=boolean
yes
) or disable (no
) the SMB authentication. For example:
USESMBAUTH=no
USESSSD=boolean
yes
) or disable (no
) using SSSD for obtaining user information. For example:
USESSSD=no
USEHESIOD=boolean
yes
) or disable (no
) using the Hesoid name service. For example:
USEHESIOD=no
/etc/sysconfig/autofs
/etc/sysconfig/autofs
file defines
custom options for the automatic mounting of devices. This file
controls the operation of the automount daemons, which automatically
mount file systems when you use them and unmount them after a period of
inactivity. File systems can include network file systems, CD-ROM
drives, diskettes, and other media.
MASTER_MAP_NAME=value
MASTER_MAP_NAME="auto.master"
TIMEOUT=value
TIMEOUT=300
NEGATIVE_TIMEOUT=value
NEGATIVE_TIMEOUT=60
MOUNT_WAIT=value
mount
. For example:
MOUNT_WAIT=-1
UMOUNT_WAIT=value
umount
. For example:
UMOUNT_WAIT=12
BROWSE_MODE=boolean
yes
) or disable (no
) browsing the maps. For example:
BROWSE_MODE="no"
MOUNT_NFS_DEFAULT_PROTOCOL=value
mount.nfs
. For example:
MOUNT_NFS_DEFAULT_PROTOCOL=4
APPEND_OPTIONS=boolean
yes
) or disable (no
) appending the global options instead of replacing them. For example:
APPEND_OPTIONS="yes"
LOGGING=value
value
has to be either none
, verbose
, or debug
. For example:
LOGGING="none"
LDAP_URI=value
protocol
://server
. For example:
LDAP_URI="ldaps://ldap.example.com/"
LDAP_TIMEOUT=value
LDAP_TIMEOUT=-1
LDAP_NETWORK_TIMEOUT=value
LDAP_NETWORK_TIMEOUT=8
SEARCH_BASE=value
SEARCH_BASE=""
AUTH_CONF_FILE=value
AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf"
MAP_HASH_TABLE_SIZE=value
MAP_HASH_TABLE_SIZE=1024
USE_MISC_DEVICE=boolean
yes
) or disable (no
) using the autofs miscellaneous device. For example:
USE_MISC_DEVICE="yes"
OPTIONS=value
OPTIONS=""
/etc/sysconfig/clock
/etc/sysconfig/clock
file controls the interpretation of values read from the system hardware clock. It is used by the Date/Time Properties tool, and should not be edited by hand. By default, it contains the following option:
ZONE=value
/usr/share/zoneinfo
that /etc/localtime
is a copy of. For example:
ZONE="Europe/Prague"
/etc/sysconfig/dhcpd
/etc/sysconfig/dhcpd
file is used to pass arguments to the dhcpd
daemon at boot time. By default, it contains the following options:
DHCPDARGS=value
dhcpd
daemon. For example:
DHCPDARGS=
/etc/sysconfig/firstboot
/etc/sysconfig/firstboot
file defines whether to run the firstboot
utility. By default, it contains the following option:
RUN_FIRSTBOOT=boolean
YES
) or disable (NO
) running the firstboot
program. For example:
RUN_FIRSTBOOT=NO
init
program calls the /etc/rc.d/init.d/firstboot
script, which looks for the /etc/sysconfig/firstboot
file. If this file does not contain the RUN_FIRSTBOOT=NO
option, the firstboot
program is run, guiding a user through the initial configuration of the system.
firstboot
Program Againfirstboot
program the next time the system boots, change the value of RUN_FIRSTBOOT
option to YES
, and type the following at a shell prompt:
~]# chkconfig firstboot on
/etc/sysconfig/i18n
/etc/sysconfig/i18n
configuration
file defines the default language, any supported languages, and the
default system font. By default, it contains the following options:
LANG=value
LANG="en_US.UTF-8"
SUPPORTED=value
SUPPORTED="en_US.UTF-8:en_US:en"
SYSFONT=value
SYSFONT="latarcyrheb-sun16"
/etc/sysconfig/init
/etc/sysconfig/init
file controls how the system appears and functions during the boot process. By default, it contains the following options:
BOOTUP=value
color
(the standard color boot display), verbose
(an old style display which provides more information), or anything
else for the new style display, but without ANSI formatting. For
example:
BOOTUP=color
RES_COL=value
RES_COL=60
MOVE_TO_COL=value
RES_COL
(see above). For example:
MOVE_TO_COL="echo -en \\033[${RES_COL}G"
SETCOLOR_SUCCESS=value
SETCOLOR_SUCCESS="echo -en \\033[0;32m"
SETCOLOR_FAILURE=value
SETCOLOR_FAILURE="echo -en \\033[0;31m"
SETCOLOR_WARNING=value
SETCOLOR_WARNING="echo -en \\033[0;33m"
SETCOLOR_NORMAL=value
SETCOLOR_NORMAL="echo -en \\033[0;39m"
LOGLEVEL=value
value
has to be in the range from 1
(kernel panics only) to 8
(everything, including the debugging information). For example:
LOGLEVEL=3
PROMPT=boolean
yes
) or disable (no
) the hotkey interactive startup. For example:
PROMPT=yes
AUTOSWAP=boolean
yes
) or disable (no
) probing for devices with swap signatures. For example:
AUTOSWAP=no
ACTIVE_CONSOLES=value
ACTIVE_CONSOLES=/dev/tty[1-6]
SINGLE=value
value
has to be either /sbin/sulogin
(a user will be prompted for a password to log in), or /sbin/sushell
(the user will be logged in directly). For example:
SINGLE=/sbin/sushell
/etc/sysconfig/ip6tables-config
/etc/sysconfig/ip6tables-config
file stores information used by the kernel to set up IPv6 packet filtering at boot time or whenever the ip6tables
service is started. Note that you should not modify it unless you are familiar with ip6tables
rules. By default, it contains the following options:
IP6TABLES_MODULES=value
IP6TABLES_MODULES="ip_nat_ftp ip_nat_irc"
IP6TABLES_MODULES_UNLOAD=boolean
yes
) or disable (no
) module unloading when the firewall is stopped or restarted. For example:
IP6TABLES_MODULES_UNLOAD="yes"
IP6TABLES_SAVE_ON_STOP=boolean
yes
) or disable (no
) saving the current firewall rules when the firewall is stopped. For example:
IP6TABLES_SAVE_ON_STOP="no"
IP6TABLES_SAVE_ON_RESTART=boolean
yes
) or disable (no
) saving the current firewall rules when the firewall is restarted. For example:
IP6TABLES_SAVE_ON_RESTART="no"
IP6TABLES_SAVE_COUNTER=boolean
yes
) or disable (no
) saving the rule and chain counters. For example:
IP6TABLES_SAVE_COUNTER="no"
IP6TABLES_STATUS_NUMERIC=boolean
yes
) or disable (no
) printing IP addresses and port numbers in a numeric format in the status output. For example:
IP6TABLES_STATUS_NUMERIC="yes"
IP6TABLES_STATUS_VERBOSE=boolean
yes
) or disable (no
) printing information about the number of packets and bytes in the status output. For example:
IP6TABLES_STATUS_VERBOSE="no"
IP6TABLES_STATUS_LINENUMBERS=boolean
yes
) or disable (no
) printing line numbers in the status output. For example:
IP6TABLES_STATUS_LINENUMBERS="yes"
ip6tables
Command to Create the Rulesip6tables
command. Once created, type the following at a shell prompt:
~]# service ip6tables save
/etc/sysconfig/ip6tables
. Once this file exists, any firewall rules saved in it persist through a system reboot or a service restart.
/etc/sysconfig/keyboard
/etc/sysconfig/keyboard
file controls the behavior of the keyboard. By default, it contains the following options:
KEYTABLE=value
/lib/kbd/keymaps/i386/
directory, and branch into different keyboard layouts from there, all labeled value
.kmap.gz
. The first filename that matches the KEYTABLE
setting is used. For example:
KEYTABLE="us"
MODEL=value
MODEL="pc105+inet"
LAYOUT=value
LAYOUT="us"
KEYBOARDTYPE=value
pc
(a PS/2 keyboard), or sun
(a Sun keyboard). For example:
KEYBOARDTYPE="pc"
/etc/sysconfig/ldap
/etc/sysconfig/ldap
file holds the basic configuration for the LDAP server. By default, it contains the following options:
SLAPD_OPTIONS=value
slapd
daemon. For example:
SLAPD_OPTIONS="-4"
SLURPD_OPTIONS=value
slurpd
daemon. For example:
SLURPD_OPTIONS=""
SLAPD_LDAP=boolean
yes
) or disable (no
) using the LDAP over TCP (that is, ldap:///
). For example:
SLAPD_LDAP="yes"
SLAPD_LDAPI=boolean
yes
) or disable (no
) using the LDAP over IPC (that is, ldapi:///
). For example:
SLAPD_LDAPI="no"
SLAPD_LDAPS=boolean
yes
) or disable (no
) using the LDAP over TLS (that is, ldaps:///
). For example:
SLAPD_LDAPS="no"
SLAPD_URLS=value
SLAPD_URLS="ldapi:///var/lib/ldap_root/ldapi ldapi:/// ldaps:///"
SLAPD_SHUTDOWN_TIMEOUT=value
slapd
to shut down. For example:
SLAPD_SHUTDOWN_TIMEOUT=3
SLAPD_ULIMIT_SETTINGS=value
ulimit
before the slapd
daemon is started. For example:
SLAPD_ULIMIT_SETTINGS=""
/etc/sysconfig/named
/etc/sysconfig/named
file is used to pass arguments to the named
daemon at boot time. By default, it contains the following options:
ROOTDIR=value
named
daemon runs. The value
has to be a full directory path. For example:
ROOTDIR="/var/named/chroot"
info chroot
at a shell prompt for more information).
OPTIONS=value
named
. For example:
OPTIONS="-6"
-t
option. Instead, use ROOTDIR
as described above.
KEYTAB_FILE=value
KEYTAB_FILE="/etc/named.keytab"
/etc/sysconfig/network
/etc/sysconfig/network
file is used to specify information about the desired network configuration. By default, it contains the following options:
NETWORKING=boolean
yes
) or disable (no
) the networking. For example:
NETWORKING=yes
HOSTNAME=value
HOSTNAME=penguin.example.com
GATEWAY=value
GATEWAY=192.168.1.0
/etc/sysconfig/ntpd
/etc/sysconfig/ntpd
file is used to pass arguments to the ntpd
daemon at boot time. By default, it contains the following option:
OPTIONS=value
ntpd
. For example:
OPTIONS="-u ntp:ntp -p /var/run/ntpd.pid -g"
ntpd
daemon.
/etc/sysconfig/quagga
/etc/sysconfig/quagga
file holds the basic configuration for Quagga daemons. By default, it contains the following options:
QCONFDIR=value
QCONFDIR="/etc/quagga"
BGPD_OPTS=value
bgpd
daemon. For example:
BGPD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/bgpd.conf"
OSPF6D_OPTS=value
ospf6d
daemon. For example:
OSPF6D_OPTS="-A ::1 -f ${QCONFDIR}/ospf6d.conf"
OSPFD_OPTS=value
ospfd
daemon. For example:
OSPFD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/ospfd.conf"
RIPD_OPTS=value
ripd
daemon. For example:
RIPD_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/ripd.conf"
RIPNGD_OPTS=value
ripngd
daemon. For example:
RIPNGD_OPTS="-A ::1 -f ${QCONFDIR}/ripngd.conf"
ZEBRA_OPTS=value
zebra
daemon. For example:
ZEBRA_OPTS="-A 127.0.0.1 -f ${QCONFDIR}/zebra.conf"
ISISD_OPTS=value
isisd
daemon. For example:
ISISD_OPTS="-A ::1 -f ${QCONFDIR}/isisd.conf"
WATCH_OPTS=value
watchquagga
daemon. For example:
WATCH_OPTS="-Az -b_ -r/sbin/service_%s_restart -s/sbin/service_%s_start -k/sbin/service_%s_stop"
WATCH_DAEMONS=value
WATCH_DAEMONS="zebra bgpd ospfd ospf6d ripd ripngd"
/etc/sysconfig/radvd
/etc/sysconfig/radvd
file is used to pass arguments to the radvd
daemon at boot time. By default, it contains the following option:
OPTIONS=value
radvd
daemon. For example:
OPTIONS="-u radvd"
/etc/sysconfig/samba
/etc/sysconfig/samba
file is used to pass arguments to the Samba daemons at boot time. By default, it contains the following options:
SMBDOPTIONS=value
smbd
. For example:
SMBDOPTIONS="-D"
NMBDOPTIONS=value
nmbd
. For example:
NMBDOPTIONS="-D"
WINBINDOPTIONS=value
winbindd
. For example:
WINBINDOPTIONS=""
/etc/sysconfig/selinux
/etc/sysconfig/selinux
file contains the basic configuration options for SELinux. It is a symbolic link to /etc/selinux/config
, and by default, it contains the following options:
SELINUX=value
value
can be either enforcing
(the security policy is always enforced), permissive
(instead of enforcing the policy, appropriate warnings are displayed), or disabled
(no policy is used). For example:
SELINUX=enforcing
SELINUXTYPE=value
value
can be either targeted
(the targeted processes are protected), or mls
(the Multi Level Security protection). For example:
SELINUXTYPE=targeted
/etc/sysconfig/sendmail
/etc/sysconfig/sendmail
is used to set the default values for the Sendmail application. By default, it contains the following values:
DAEMON=boolean
yes
) or disable (no
) running sendmail
as a daemon. For example:
DAEMON=yes
QUEUE=value
QUEUE=1h
/etc/sysconfig/spamassassin
/etc/sysconfig/spamassassin
file is used to pass arguments to the spamd
daemon (a daemonized version of Spamassassin) at boot time. By default, it contains the following option:
SPAMDOPTIONS=value
spamd
daemon. For example:
SPAMDOPTIONS="-d -c -m5 -H"
/etc/sysconfig/squid
/etc/sysconfig/squid
file is used to pass arguments to the squid
daemon at boot time. By default, it contains the following options:
SQUID_OPTS=value
squid
daemon. For example:
SQUID_OPTS=""
SQUID_SHUTDOWN_TIMEOUT=value
squid
daemon to shut down. For example:
SQUID_SHUTDOWN_TIMEOUT=100
SQUID_CONF=value
SQUID_CONF="/etc/squid/squid.conf"
/etc/sysconfig/system-config-users
/etc/sysconfig/system-config-users
file is the configuration file for the User Manager utility, and should not be edited by hand. By default, it contains the following options:
FILTER=boolean
true
) or disable (false
) filtering of system users. For example:
FILTER=true
ASSIGN_HIGHEST_UID=boolean
true
) or disable (false
) assigning the highest available UID to newly added users. For example:
ASSIGN_HIGHEST_UID=true
ASSIGN_HIGHEST_GID=boolean
true
) or disable (false
) assigning the highest available GID to newly added groups. For example:
ASSIGN_HIGHEST_GID=true
PREFER_SAME_UID_GID=boolean
true
) or disable (false
) using the same UID and GID for newly added users when possible. For example:
PREFER_SAME_UID_GID=true
/etc/sysconfig/vncservers
/etc/sysconfig/vncservers
file configures the way the Virtual Network Computing (VNC) server starts up. By default, it contains the following options:
VNCSERVERS=value
display
:username
pairs. For example:
VNCSERVERS="2:myusername"
VNCSERVERARGS[display
]=value
display
. For example:
VNCSERVERARGS[2]="-geometry 800x600 -nolisten tcp -localhost"
/etc/sysconfig/xinetd
/etc/sysconfig/xinetd
file is used to pass arguments to the xinetd
daemon at boot time. By default, it contains the following options:
EXTRAOPTIONS=value
xinetd
. For example:
EXTRAOPTIONS=""
XINETD_LANG=value
xinetd
. Note that to remove locale information from the xinetd
environment, you can use an empty string (""
) or none
. For example:
XINETD_LANG="en_US"
xinetd
services.
/etc/sysconfig/
Directory/etc/sysconfig/
.
/etc/sysconfig/cbq/
/etc/sysconfig/networking/
system-config-network
), and its contents should not be edited manually. For more information about configuring network interfaces using the Network Administration Tool, refer to Chapter 5, Network Configuration.
/etc/sysconfig/network-scripts/
ifcfg-eth0
for the eth0
Ethernet interface.
ifup
and ifdown
.
ifup-isdn
and ifdown-isdn
.
/etc/sysconfig/network-scripts/
directory, refer to Chapter 4, Network Interfaces.
/etc/sysconfig/rhn/
proc
File Systemproc
File System/proc/buddyinfo
/proc/cmdline
/proc/cpuinfo
/proc/crypto
/proc/devices
/proc/dma
/proc/execdomains
/proc/fb
/proc/filesystems
/proc/interrupts
/proc/iomem
/proc/ioports
/proc/kcore
/proc/kmsg
/proc/loadavg
/proc/locks
/proc/mdstat
/proc/meminfo
/proc/misc
/proc/modules
/proc/mounts
/proc/mtrr
/proc/partitions
/proc/slabinfo
/proc/stat
/proc/swaps
/proc/sysrq-trigger
/proc/uptime
/proc/version
/proc/
sysctl
Command/proc/
directory (also called the proc
file system) contains a hierarchy of special files which represent the
current state of the kernel, allowing applications and users to peer
into the kernel's view of the system.
/proc/
directory contains a wealth
of information detailing system hardware and any running processes. In
addition, some of the files within /proc/
can be manipulated by users and applications to communicate configuration changes to the kernel.
/proc/ide/
and /proc/pci/
directories obsolete. The /proc/ide/
file system is now superseded by files in sysfs
; to retrieve information on PCI devices, use lspci
instead. For more information on sysfs
or lspci
, refer to their respective man
pages.
/proc/
directory contains another type of file called a virtual file. As such, /proc/
is often referred to as a virtual file system.
/proc/interrupts
, /proc/meminfo
, /proc/mounts
, and /proc/partitions
provide an up-to-the-moment glimpse of the system's hardware. Others, like the /proc/filesystems
file and the /proc/sys/
directory provide system configuration information and interfaces.
/proc/
files operate
similarly to text files, storing useful system and hardware data in
human-readable text format. As such, you can use cat
, more
, or less
to view them. For example, to display information about the system's CPU, run cat /proc/cpuinfo
. This will return output similar to the following:
processor : 0 vendor_id : AuthenticAMD cpu family : 5 model : 9 model name : AMD-K6(tm) 3D+ Processor stepping : 1 cpu MHz : 400.919 cache size : 256 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 1 wp : yes flags : fpu vme de pse tsc msr mce cx8 pge mmx syscall 3dnow k6_mtrr bogomips : 799.53
/proc/
contain information that is not human-readable. To retrieve information from such files, use tools such as lspci
, apm
, free
, and top
.
/proc/
directory are readable only by the root user.
/proc/
directory are read-only. However, some can be used to adjust settings in the kernel. This is especially true for files in the /proc/sys/
subdirectory.
echo value
> /proc/file
echo www.example.com
> /proc/sys/kernel/hostname
cat /proc/sys/net/ipv4/ip_forward
returns either a 0
(off or false) or a 1
(on or true). A 0
indicates that the kernel is not forwarding network packets. To turn packet forwarding on, run echo 1 > /proc/sys/net/ipv4/ip_forward
.
/proc/sys/
subdirectory is /sbin/sysctl
. For more information on this command, refer to Section 19.4, “Using the sysctl
Command”
/proc/sys/
subdirectory, refer to Section 19.3.9, “ /proc/sys/
”.
proc
File System/proc/
directory.
/proc/buddyinfo
DMA
row references the first 16 MB on a system, the HighMem
row references all memory greater than 4 GB on a system, and the Normal
row references all memory in between.
/proc/buddyinfo
:
Node 0, zone DMA 90 6 2 1 1 ... Node 0, zone Normal 1650 310 5 0 0 ... Node 0, zone HighMem 2 0 0 1 1 ...
/proc/cmdline
/proc/cmdline
file looks like the following:
ro root=/dev/VolGroup00/LogVol00 rhgb quiet 3
(ro)
), located on the first logical volume (LogVol00
) of the first volume group (/dev/VolGroup00
). LogVol00
is the equivalent of a disk partition in a non-LVM system (Logical Volume Management), just as /dev/VolGroup00
is similar in concept to /dev/hda1
, but much more extensible.
rhgb
signals that the rhgb
package has been installed, and graphical booting is supported, assuming /etc/inittab
shows a default runlevel set to id:5:initdefault:
.
quiet
indicates all verbose kernel messages are suppressed at boot time.
/proc/cpuinfo
/proc/cpuinfo
:
processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 2 model name : Intel(R) Xeon(TM) CPU 2.40GHz stepping : 7 cpu MHz : 2392.371 cache size : 512 KB physical id : 0 siblings : 2 runqueue : 0 fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 2 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm bogomips : 4771.02
processor
— Provides each processor with an identifying number. On systems that have one processor, only a 0
is present.
cpu family
— Authoritatively
identifies the type of processor in the system. For an Intel-based
system, place the number in front of "86" to determine the value. This
is particularly helpful for those attempting to identify the
architecture of an older system such as a 586, 486, or 386. Because some
RPM packages are compiled for each of these particular architectures,
this value also helps users determine which packages to install.
model name
— Displays the common name of the processor, including its project name.
cpu MHz
— Shows the precise speed in megahertz for the processor to the thousandths decimal place.
cache size
— Displays the amount of level 2 memory cache available to the processor.
siblings
— Displays the number of sibling CPUs on the same physical CPU for architectures which use hyper-threading.
flags
— Defines a number of
different qualities about the processor, such as the presence of a
floating point unit (FPU) and the ability to process MMX instructions.
/proc/crypto
/proc/crypto
file looks like the following:
name : sha1 module : kernel type : digest blocksize : 64 digestsize : 20 name : md5 module : md5 type : digest blocksize : 64 digestsize : 16
/proc/devices
Character devices: 1 mem 4 /dev/vc/0 4 tty 4 ttyS 5 /dev/tty 5 /dev/console 5 /dev/ptmx 7 vcs 10 misc 13 input 29 fb 36 netlink 128 ptm 136 pts 180 usb Block devices: 1 ramdisk 3 ide0 9 md 22 ide1 253 device-mapper 254 mdp
/proc/devices
includes the major number and name of the device, and is broken into two major sections: Character devices
and Block devices
.
/usr/share/doc/kernel-doc-<kernel_version>
/Documentation/devices.txt
/proc/dma
/proc/dma
files looks like the following:
4: cascade
/proc/execdomains
0-0 Linux [kernel]
PER_LINUX
execution domain, different personalities can be implemented as dynamically loadable modules.
/proc/fb
/proc/fb
for systems which contain frame buffer devices looks similar to the following:
0 VESA VGA
/proc/filesystems
/proc/filesystems
file looks similar to the following:
nodev sysfs nodev rootfs nodev bdev nodev proc nodev sockfs nodev binfmt_misc nodev usbfs nodev usbdevfs nodev futexfs nodev tmpfs nodev pipefs nodev eventpollfs nodev devpts ext2 nodev ramfs nodev hugetlbfs iso9660 nodev mqueue ext3 nodev rpc_pipefs nodev autofs
nodev
are not mounted on a device. The second column lists the names of the file systems supported.
mount
command cycles through the file systems listed here when one is not specified as an argument.
/proc/interrupts
/proc/interrupts
looks similar to the following:
CPU0 0: 80448940 XT-PIC timer 1: 174412 XT-PIC keyboard 2: 0 XT-PIC cascade 8: 1 XT-PIC rtc 10: 410964 XT-PIC eth0 12: 60330 XT-PIC PS/2 Mouse 14: 1314121 XT-PIC ide0 15: 5195422 XT-PIC ide1 NMI: 0 ERR: 0
CPU0 CPU1 0: 1366814704 0 XT-PIC timer 1: 128 340 IO-APIC-edge keyboard 2: 0 0 XT-PIC cascade 8: 0 1 IO-APIC-edge rtc 12: 5323 5793 IO-APIC-edge PS/2 Mouse 13: 1 0 XT-PIC fpu 16: 11184294 15940594 IO-APIC-level Intel EtherExpress Pro 10/100 Ethernet 20: 8450043 11120093 IO-APIC-level megaraid 30: 10432 10722 IO-APIC-level aic7xxx 31: 23 22 IO-APIC-level aic7xxx NMI: 0 ERR: 0
XT-PIC
— This is the old AT computer interrupts.
IO-APIC-edge
— The voltage signal on this interrupt transitions from low to high, creating an edge, where the interrupt occurs and is only signaled once. This kind of interrupt, as well as the IO-APIC-level
interrupt, are only seen on systems with processors from the 586 family and higher.
IO-APIC-level
— Generates interrupts when its voltage signal is high until the signal is low again.
/proc/iomem
00000000-0009fbff : System RAM 0009fc00-0009ffff : reserved 000a0000-000bffff : Video RAM area 000c0000-000c7fff : Video ROM 000f0000-000fffff : System ROM 00100000-07ffffff : System RAM 00100000-00291ba8 : Kernel code 00291ba9-002e09cb : Kernel data e0000000-e3ffffff : VIA Technologies, Inc. VT82C597 [Apollo VP3] e4000000-e7ffffff : PCI Bus #01 e4000000-e4003fff : Matrox Graphics, Inc. MGA G200 AGP e5000000-e57fffff : Matrox Graphics, Inc. MGA G200 AGP e8000000-e8ffffff : PCI Bus #01 e8000000-e8ffffff : Matrox Graphics, Inc. MGA G200 AGP ea000000-ea00007f : Digital Equipment Corporation DECchip 21140 [FasterNet] ea000000-ea00007f : tulip ffff0000-ffffffff : reserved
/proc/ioports
/proc/ioports
provides a
list of currently registered port regions used for input or output
communication with a device. This file can be quite long. The following
is a partial listing:
0000-001f : dma1 0020-003f : pic1 0040-005f : timer 0060-006f : keyboard 0070-007f : rtc 0080-008f : dma page reg 00a0-00bf : pic2 00c0-00df : dma2 00f0-00ff : fpu 0170-0177 : ide1 01f0-01f7 : ide0 02f8-02ff : serial(auto) 0376-0376 : ide1 03c0-03df : vga+ 03f6-03f6 : ide0 03f8-03ff : serial(auto) 0cf8-0cff : PCI conf1 d000-dfff : PCI Bus #01 e000-e00f : VIA Technologies, Inc. Bus Master IDE e000-e007 : ide0 e008-e00f : ide1 e800-e87f : Digital Equipment Corporation DECchip 21140 [FasterNet] e800-e87f : tulip
/proc/kcore
/proc/
files, kcore
displays a size. This value is given in bytes and is equal to the size of the physical memory (RAM) used plus 4 KB.
gdb
, and is not human readable.
/proc/kcore
virtual file. The contents of the file scramble text output on the terminal. If this file is accidentally viewed, press Ctrl+C to stop the process and then type reset
to bring back the command line prompt.
/proc/kmsg
/sbin/klogd
or /bin/dmesg
.
/proc/loadavg
uptime
and other commands. A sample /proc/loadavg
file looks similar to the following:
0.20 0.18 0.12 1/80 11206
/proc/locks
/proc/locks
file for a lightly loaded system looks similar to the following:
1: POSIX ADVISORY WRITE 3568 fd:00:2531452 0 EOF 2: FLOCK ADVISORY WRITE 3517 fd:00:2531448 0 EOF 3: POSIX ADVISORY WRITE 3452 fd:00:2531442 0 EOF 4: POSIX ADVISORY WRITE 3443 fd:00:2531440 0 EOF 5: POSIX ADVISORY WRITE 3326 fd:00:2531430 0 EOF 6: POSIX ADVISORY WRITE 3175 fd:00:2531425 0 EOF 7: POSIX ADVISORY WRITE 3056 fd:00:2548663 0 EOF
FLOCK
signifying the older-style UNIX file locks from a flock
system call and POSIX
representing the newer POSIX locks from the lockf
system call.
ADVISORY
or MANDATORY
. ADVISORY
means that the lock does not prevent other people from accessing the data; it only prevents other attempts to lock it. MANDATORY
means that no other access to the data is permitted while the lock is
held. The fourth column reveals whether the lock is allowing the holder READ
or WRITE
access to the file. The fifth column shows the ID of the process
holding the lock. The sixth column shows the ID of the file being
locked, in the format of MAJOR-DEVICE
:MINOR-DEVICE
:INODE-NUMBER
. The seventh and eighth column shows the start and end of the file's locked region.
/proc/mdstat
/proc/mdstat
looks similar to the following:
Personalities : read_ahead not set unused devices: <none>
md
device is present. In that case, view /proc/mdstat
to find the current status of mdX
RAID devices.
/proc/mdstat
file below shows a system with its md0
configured as a RAID 1 device, while it is currently re-syncing the disks:
Personalities : [linear] [raid1] read_ahead 1024 sectors md0: active raid1 sda2[1] sdb2[0] 9940 blocks [2/2] [UU] resync=1% finish=12.3min algorithm 2 [3/3] [UUU] unused devices: <none>
/proc/meminfo
/proc/
directory, as it reports a large amount of valuable information about the systems RAM usage.
/proc/meminfo
virtual file is from a system with 256 MB of RAM and 512 MB of swap space:
MemTotal: 255908 kB MemFree: 69936 kB Buffers: 15812 kB Cached: 115124 kB SwapCached: 0 kB Active: 92700 kB Inactive: 63792 kB HighTotal: 0 kB HighFree: 0 kB LowTotal: 255908 kB LowFree: 69936 kB SwapTotal: 524280 kB SwapFree: 524280 kB Dirty: 4 kB Writeback: 0 kB Mapped: 42236 kB Slab: 25912 kB Committed_AS: 118680 kB PageTables: 1236 kB VmallocTotal: 3874808 kB VmallocUsed: 1416 kB VmallocChunk: 3872908 kB HugePages_Total: 0 HugePages_Free: 0 Hugepagesize: 4096 kB
free
, top
, and ps
commands. In fact, the output of the free
command is similar in appearance to the contents and structure of /proc/meminfo
. But by looking directly at /proc/meminfo
, more details are revealed:
MemTotal
— Total amount of physical RAM, in kilobytes.
MemFree
— The amount of physical RAM, in kilobytes, left unused by the system.
Buffers
— The amount of physical RAM, in kilobytes, used for file buffers.
Cached
— The amount of physical RAM, in kilobytes, used as cache memory.
SwapCached
— The amount of swap, in kilobytes, used as cache memory.
Active
— The total amount of
buffer or page cache memory, in kilobytes, that is in active use. This
is memory that has been recently used and is usually not reclaimed for
other purposes.
Inactive
— The total amount of
buffer or page cache memory, in kilobytes, that are free and available.
This is memory that has not been recently used and can be reclaimed for
other purposes.
HighTotal
and HighFree
— The total and free amount of memory, in kilobytes, that is not directly mapped into kernel space. The HighTotal
value can vary based on the type of kernel used.
LowTotal
and LowFree
— The total and free amount of memory, in kilobytes, that is directly mapped into kernel space. The LowTotal
value can vary based on the type of kernel used.
SwapTotal
— The total amount of swap available, in kilobytes.
SwapFree
— The total amount of swap free, in kilobytes.
Dirty
— The total amount of memory, in kilobytes, waiting to be written back to the disk.
Writeback
— The total amount of memory, in kilobytes, actively being written back to the disk.
Mapped
— The total amount of memory, in kilobytes, which have been used to map devices, files, or libraries using the mmap
command.
Slab
— The total amount of memory, in kilobytes, used by the kernel to cache data structures for its own use.
Committed_AS
— The total
amount of memory, in kilobytes, estimated to complete the workload. This
value represents the worst case scenario value, and also includes swap
memory.
PageTables
— The total amount of memory, in kilobytes, dedicated to the lowest page table level.
VMallocTotal
— The total amount of memory, in kilobytes, of total allocated virtual address space.
VMallocUsed
— The total amount of memory, in kilobytes, of used virtual address space.
VMallocChunk
— The largest contiguous block of memory, in kilobytes, of available virtual address space.
HugePages_Total
— The total number of hugepages for the system. The number is derived by dividing Hugepagesize
by the megabytes set aside for hugepages specified in /proc/sys/vm/hugetlb_pool
. This statistic only appears on the x86, Itanium, and AMD64 architectures.
HugePages_Free
— The total number of hugepages available for the system. This statistic only appears on the x86, Itanium, and AMD64 architectures.
Hugepagesize
— The size for
each hugepages unit in kilobytes. By default, the value is 4096 KB on
uniprocessor kernels for 32 bit architectures. For SMP, hugemem kernels,
and AMD64, the default is 2048 KB. For Itanium architectures, the
default is 262144 KB. This statistic only appears on the x86, Itanium, and AMD64 architectures.
/proc/misc
63 device-mapper 175 agpgart 135 rtc 134 apm_bios
/proc/modules
/proc/modules
file output:
/sbin/lsmod
command.
nfs 170109 0 - Live 0x129b0000 lockd 51593 1 nfs, Live 0x128b0000 nls_utf8 1729 0 - Live 0x12830000 vfat 12097 0 - Live 0x12823000 fat 38881 1 vfat, Live 0x1287b000 autofs4 20293 2 - Live 0x1284f000 sunrpc 140453 3 nfs,lockd, Live 0x12954000 3c59x 33257 0 - Live 0x12871000 uhci_hcd 28377 0 - Live 0x12869000 md5 3777 1 - Live 0x1282c000 ipv6 211845 16 - Live 0x128de000 ext3 92585 2 - Live 0x12886000 jbd 65625 1 ext3, Live 0x12857000 dm_mod 46677 3 - Live 0x12833000
Live
, Loading
, or Unloading
are the only possible values.
oprofile
.
/proc/mounts
rootfs / rootfs rw 0 0 /proc /proc proc rw,nodiratime 0 0 none /dev ramfs rw 0 0 /dev/mapper/VolGroup00-LogVol00 / ext3 rw 0 0 none /dev ramfs rw 0 0 /proc /proc proc rw,nodiratime 0 0 /sys /sys sysfs rw 0 0 none /dev/pts devpts rw 0 0 usbdevfs /proc/bus/usb usbdevfs rw 0 0 /dev/hda1 /boot ext3 rw 0 0 none /dev/shm tmpfs rw 0 0 none /proc/sys/fs/binfmt_misc binfmt_misc rw 0 0 sunrpc /var/lib/nfs/rpc_pipefs rpc_pipefs rw 0 0
/etc/mtab
, except that /proc/mounts
is more up-to-date.
ro
) or read-write (rw
). The fifth and sixth columns are dummy values designed to match the format used in /etc/mtab
.
/proc/mtrr
/proc/mtrr
file may look similar to the following:
reg00: base=0x00000000 ( 0MB), size= 256MB: write-back, count=1 reg01: base=0xe8000000 (3712MB), size= 32MB: write-combining, count=1
/proc/mtrr
file can increase performance more than 150%.
/usr/share/doc/kernel-doc-<kernel_version>
/Documentation/<arch>
/mtrr.txt
/proc/partitions
major minor #blocks name 3 0 19531250 hda 3 1 104391 hda1 3 2 19422585 hda2 253 0 22708224 dm-0 253 1 524288 dm-1
major
— The major number of the device with this partition. The major number in the /proc/partitions
, (3
), corresponds with the block device ide0
, in /proc/devices
.
minor
— The minor number of
the device with this partition. This serves to separate the partitions
into different physical devices and relates to the number at the end of
the name of the partition.
#blocks
— Lists the number of physical disk blocks contained in a particular partition.
name
— The name of the partition.
/proc/slabinfo
/proc/slabinfo
file manually, the /usr/bin/slabtop
program displays kernel slab cache information in real time. This
program allows for custom configurations, including column sorting and
screen refreshing.
/usr/bin/slabtop
usually looks like the following example:
Active / Total Objects (% used) : 133629 / 147300 (90.7%) Active / Total Slabs (% used) : 11492 / 11493 (100.0%) Active / Total Caches (% used) : 77 / 121 (63.6%) Active / Total Size (% used) : 41739.83K / 44081.89K (94.7%) Minimum / Average / Maximum Object : 0.01K / 0.30K / 128.00K OBJS ACTIVE USE OBJ SIZE SLABS OBJ/SLAB CACHE SIZE NAME 44814 43159 96% 0.62K 7469 6 29876K ext3_inode_cache 36900 34614 93% 0.05K 492 75 1968K buffer_head 35213 33124 94% 0.16K 1531 23 6124K dentry_cache 7364 6463 87% 0.27K 526 14 2104K radix_tree_node 2585 1781 68% 0.08K 55 47 220K vm_area_struct 2263 2116 93% 0.12K 73 31 292K size-128 1904 1125 59% 0.03K 16 119 64K size-32 1666 768 46% 0.03K 14 119 56K anon_vma 1512 1482 98% 0.44K 168 9 672K inode_cache 1464 1040 71% 0.06K 24 61 96K size-64 1320 820 62% 0.19K 66 20 264K filp 678 587 86% 0.02K 3 226 12K dm_io 678 587 86% 0.02K 3 226 12K dm_tio 576 574 99% 0.47K 72 8 288K proc_inode_cache 528 514 97% 0.50K 66 8 264K size-512 492 372 75% 0.09K 12 41 48K bio 465 314 67% 0.25K 31 15 124K size-256 452 331 73% 0.02K 2 226 8K biovec-1 420 420 100% 0.19K 21 20 84K skbuff_head_cache 305 256 83% 0.06K 5 61 20K biovec-4 290 4 1% 0.01K 1 290 4K revoke_table 264 264 100% 4.00K 264 1 1056K size-4096 260 256 98% 0.19K 13 20 52K biovec-16 260 256 98% 0.75K 52 5 208K biovec-64
/proc/slabinfo
that are included into /usr/bin/slabtop
include:
OBJS
— The total number of objects (memory blocks), including those in use (allocated), and some spares not in use.
ACTIVE
— The number of objects (memory blocks) that are in use (allocated).
USE
— Percentage of total objects that are active. ((ACTIVE/OBJS)(100))
OBJ SIZE
— The size of the objects.
SLABS
— The total number of slabs.
OBJ/SLAB
— The number of objects that fit into a slab.
CACHE SIZE
— The cache size of the slab.
NAME
— The name of the slab.
/usr/bin/slabtop
program, refer to the slabtop
man page.
/proc/stat
/proc/stat
, which can be quite long, usually begins like the following example:
cpu 259246 7001 60190 34250993 137517 772 0 cpu0 259246 7001 60190 34250993 137517 772 0 intr 354133732 347209999 2272 0 4 4 0 0 3 1 1249247 0 0 80143 0 422626 5169433 ctxt 12547729 btime 1093631447 processes 130523 procs_running 1 procs_blocked 0 preempt 5651840 cpu 209841 1554 21720 118519346 72939 154 27168 cpu0 42536 798 4841 14790880 14778 124 3117 cpu1 24184 569 3875 14794524 30209 29 3130 cpu2 28616 11 2182 14818198 4020 1 3493 cpu3 35350 6 2942 14811519 3045 0 3659 cpu4 18209 135 2263 14820076 12465 0 3373 cpu5 20795 35 1866 14825701 4508 0 3615 cpu6 21607 0 2201 14827053 2325 0 3334 cpu7 18544 0 1550 14831395 1589 0 3447 intr 15239682 14857833 6 0 6 6 0 5 0 1 0 0 0 29 0 2 0 0 0 0 0 0 0 94982 0 286812 ctxt 4209609 btime 1078711415 processes 21905 procs_running 1 procs_blocked 0
cpu
— Measures the number of jiffies
(1/100 of a second for x86 systems) that the system has been in user
mode, user mode with low priority (nice), system mode, idle task, I/O
wait, IRQ (hardirq), and softirq respectively. The IRQ (hardirq) is the
direct response to a hardware event. The IRQ takes minimal work for
queuing the "heavy" work up for the softirq to execute. The softirq runs
at a lower priority than the IRQ and therefore may be interrupted more
frequently. The total for all CPUs is given at the top, while each
individual CPU is listed below with its own statistics. The following
example is a 4-way Intel Pentium Xeon configuration with multi-threading
enabled, therefore showing four physical processors and four virtual
processors totaling eight processors.
page
— The number of memory pages the system has written in and out to disk.
swap
— The number of swap pages the system has brought in and out.
intr
— The number of interrupts the system has experienced.
btime
— The boot time, measured in the number of seconds since January 1, 1970, otherwise known as the epoch.
/proc/swaps
/proc/swaps
may look similar to the following:
Filename Type Size Used Priority /dev/mapper/VolGroup00-LogVol01 partition 524280 0 -1
/proc/
directory, /proc/swap
provides a snapshot of every swap file name, the type of swap space,
the total size, and the amount of space in use (in kilobytes). The
priority column is useful when multiple swap files are in use. The lower
the priority, the more likely the swap file is to be used.
/proc/sysrq-trigger
echo
command to write to this
file, a remote root user can execute most System Request Key commands
remotely as if at the local terminal. To echo
values to this file, the /proc/sys/kernel/sysrq
must be set to a value other than 0
. For more information about the System Request Key, refer to Section 19.3.9.3, “ /proc/sys/kernel/
”.
/proc/uptime
/proc/uptime
is quite minimal:
350735.47 234388.90
/proc/version
gcc
used to compile the kernel, and the time of kernel compilation. It also
contains the kernel compiler's user name (in parentheses).
Linux version 2.6.8-1.523 (user@foo.redhat.com) (gcc version 3.4.1 20040714 \ (Red Hat Enterprise Linux 3.4.1-7)) #1 Mon Aug 16 13:27:03 EDT 2004
/proc/
/proc/
directory.
/proc/
directory contains a number of directories with numerical names. A listing of them may be similar to the following:
dr-xr-xr-x 3 root root 0 Feb 13 01:28 1 dr-xr-xr-x 3 root root 0 Feb 13 01:28 1010 dr-xr-xr-x 3 xfs xfs 0 Feb 13 01:28 1087 dr-xr-xr-x 3 daemon daemon 0 Feb 13 01:28 1123 dr-xr-xr-x 3 root root 0 Feb 13 01:28 11307 dr-xr-xr-x 3 apache apache 0 Feb 13 01:28 13660 dr-xr-xr-x 3 rpc rpc 0 Feb 13 01:28 637 dr-xr-xr-x 3 rpcuser rpcuser 0 Feb 13 01:28 666
/proc/
process directory vanishes.
cmdline
— Contains the command issued when starting the process.
cwd
— A symbolic link to the current working directory for the process.
environ
— A list of the
environment variables for the process. The environment variable is given
in all upper-case characters, and the value is in lower-case
characters.
exe
— A symbolic link to the executable of this process.
fd
— A directory containing all of the file descriptors for a particular process. These are given in numbered links:
total 0 lrwx------ 1 root root 64 May 8 11:31 0 -> /dev/null lrwx------ 1 root root 64 May 8 11:31 1 -> /dev/null lrwx------ 1 root root 64 May 8 11:31 2 -> /dev/null lrwx------ 1 root root 64 May 8 11:31 3 -> /dev/ptmx lrwx------ 1 root root 64 May 8 11:31 4 -> socket:[7774817] lrwx------ 1 root root 64 May 8 11:31 5 -> /dev/ptmx lrwx------ 1 root root 64 May 8 11:31 6 -> socket:[7774829] lrwx------ 1 root root 64 May 8 11:31 7 -> /dev/ptmx
maps
— A list of memory maps
to the various executables and library files associated with this
process. This file can be rather long, depending upon the complexity of
the process, but sample output from the sshd
process begins like the following:
08048000-08086000 r-xp 00000000 03:03 391479 /usr/sbin/sshd 08086000-08088000 rw-p 0003e000 03:03 391479 /usr/sbin/sshd 08088000-08095000 rwxp 00000000 00:00 0 40000000-40013000 r-xp 0000000 03:03 293205 /lib/ld-2.2.5.so 40013000-40014000 rw-p 00013000 03:03 293205 /lib/ld-2.2.5.so 40031000-40038000 r-xp 00000000 03:03 293282 /lib/libpam.so.0.75 40038000-40039000 rw-p 00006000 03:03 293282 /lib/libpam.so.0.75 40039000-4003a000 rw-p 00000000 00:00 0 4003a000-4003c000 r-xp 00000000 03:03 293218 /lib/libdl-2.2.5.so 4003c000-4003d000 rw-p 00001000 03:03 293218 /lib/libdl-2.2.5.so
mem
— The memory held by the process. This file cannot be read by the user.
root
— A link to the root directory of the process.
stat
— The status of the process.
statm
— The status of the memory in use by the process. Below is a sample /proc/statm
file:
263 210 210 5 0 205 0
status
— The status of the process in a more readable form than stat
or statm
. Sample output for sshd
looks similar to the following:
Name: sshd State: S (sleeping) Tgid: 797 Pid: 797 PPid: 1 TracerPid: 0 Uid: 0 0 0 0 Gid: 0 0 0 0 FDSize: 32 Groups: VmSize: 3072 kB VmLck: 0 kB VmRSS: 840 kB VmData: 104 kB VmStk: 12 kB VmExe: 300 kB VmLib: 2528 kB SigPnd: 0000000000000000 SigBlk: 0000000000000000 SigIgn: 8000000000001000 SigCgt: 0000000000014005 CapInh: 0000000000000000 CapPrm: 00000000fffffeff CapEff: 00000000fffffeff
S (sleeping)
or R (running)
), user/group ID running the process, and detailed data regarding memory usage.
/proc/self/
/proc/self/
directory is a link
to the currently running process. This allows a process to look at
itself without having to know its process ID.
/proc/self/
directory produces the same contents as listing the process directory for that process.
/proc/bus/
/proc/bus/
by the same name, such as /proc/bus/pci/
.
/proc/bus/
vary depending on the devices connected to the system. However, each
bus type has at least one directory. Within these bus directories are
normally at least one subdirectory with a numerical name, such as 001
, which contain binary files.
/proc/bus/usb/
subdirectory contains files that track the various devices on any USB
buses, as well as the drivers required for them. The following is a
sample listing of a /proc/bus/usb/
directory:
total 0 dr-xr-xr-x 1 root root 0 May 3 16:25 001 -r--r--r-- 1 root root 0 May 3 16:25 devices -r--r--r-- 1 root root 0 May 3 16:25 drivers
/proc/bus/usb/001/
directory contains all devices on the first USB bus and the devices
file identifies the USB root hub on the motherboard.
/proc/bus/usb/devices
file:
T: Bus=01 Lev=00 Prnt=00 Port=00 Cnt=00 Dev#= 1 Spd=12 MxCh= 2 B: Alloc= 0/900 us ( 0%), #Int= 0, #Iso= 0 D: Ver= 1.00 Cls=09(hub ) Sub=00 Prot=00 MxPS= 8 #Cfgs= 1 P: Vendor=0000 ProdID=0000 Rev= 0.00 S: Product=USB UHCI Root Hub S: SerialNumber=d400 C:* #Ifs= 1 Cfg#= 1 Atr=40 MxPwr= 0mA I: If#= 0 Alt= 0 #EPs= 1 Cls=09(hub ) Sub=00 Prot=00 Driver=hub E: Ad=81(I) Atr=03(Int.) MxPS= 8 Ivl=255ms
/proc/bus/pci
/proc/pci
directory in favor of the /proc/bus/pci
directory. Although you can get a list of all PCI devices present on the system using the command cat /proc/bus/pci/devices
, the output is difficult to read and interpret.
~]# /sbin/lspci -vb
00:00.0 Host bridge: Intel Corporation 82X38/X48 Express DRAM Controller
Subsystem: Hewlett-Packard Company Device 1308
Flags: bus master, fast devsel, latency 0
Capabilities: [e0] Vendor Specific Information <?>
Kernel driver in use: x38_edac
Kernel modules: x38_edac
00:01.0 PCI bridge: Intel Corporation 82X38/X48 Express Host-Primary PCI Express Bridge (prog-if 00 [Normal decode])
Flags: bus master, fast devsel, latency 0
Bus: primary=00, secondary=01, subordinate=01, sec-latency=0
I/O behind bridge: 00001000-00001fff
Memory behind bridge: f0000000-f2ffffff
Capabilities: [88] Subsystem: Hewlett-Packard Company Device 1308
Capabilities: [80] Power Management version 3
Capabilities: [90] MSI: Enable+ Count=1/1 Maskable- 64bit-
Capabilities: [a0] Express Root Port (Slot+), MSI 00
Capabilities: [100] Virtual Channel <?>
Capabilities: [140] Root Complex Link <?>
Kernel driver in use: pcieport
Kernel modules: shpchp
00:1a.0 USB Controller: Intel Corporation 82801I (ICH9 Family) USB UHCI Controller #4 (rev 02) (prog-if 00 [UHCI])
Subsystem: Hewlett-Packard Company Device 1308
Flags: bus master, medium devsel, latency 0, IRQ 5
I/O ports at 2100
Capabilities: [50] PCI Advanced Features
Kernel driver in use: uhci_hcd
[output truncated]
/proc/driver/
rtc
which provides output from the driver for the system's Real Time Clock (RTC), the device that keeps the time while the system is switched off. Sample output from /proc/driver/rtc
looks like the following:
rtc_time : 16:21:00 rtc_date : 2004-08-31 rtc_epoch : 1900 alarm : 21:16:27 DST_enable : no BCD : yes 24hr : yes square_wave : no alarm_IRQ : no update_IRQ : no periodic_IRQ : no periodic_freq : 1024 batt_status : okay
/usr/share/doc/kernel-doc-<kernel_version>
/Documentation/rtc.txt
.
/proc/fs
cat /proc/fs/nfsd/exports
displays the file systems being shared and the permissions granted for
those file systems. For more on file system sharing with NFS, refer to
the Network File System (NFS) chapter of the Storage Administration Guide.
/proc/irq/
/proc/irq/prof_cpu_mask
file is a bitmask that contains the default values for the smp_affinity
file in the IRQ directory. The values in smp_affinity
specify which CPUs handle that particular IRQ.
/proc/irq/
directory, refer to the following installed documentation:
/usr/share/doc/kernel-doc-kernel_version
/Documentation/filesystems/proc.txt
/proc/net/
/proc/net/
directory:
arp
— Lists the kernel's ARP table.
This file is particularly useful for connecting a hardware address to an
IP address on a system.
atm/
directory — The files within this directory contain Asynchronous Transfer Mode (ATM) settings and statistics. This directory is primarily used with ATM networking and ADSL cards.
dev
— Lists the various network
devices configured on the system, complete with transmit and receive
statistics. This file displays the number of bytes each interface has
sent and received, the number of packets inbound and outbound, the
number of errors seen, the number of packets dropped, and more.
dev_mcast
— Lists Layer2 multicast groups on which each device is listening.
igmp
— Lists the IP multicast addresses which this system joined.
ip_conntrack
— Lists tracked network connections for machines that are forwarding IP connections.
ip_tables_names
— Lists the types of iptables
in use. This file is only present if iptables
is active on the system and contains one or more of the following values: filter
, mangle
, or nat
.
ip_mr_cache
— Lists the multicast routing cache.
ip_mr_vif
— Lists multicast virtual interfaces.
netstat
— Contains a broad yet
detailed collection of networking statistics, including TCP timeouts,
SYN cookies sent and received, and much more.
psched
— Lists global packet scheduler parameters.
raw
— Lists raw device statistics.
route
— Lists the kernel's routing table.
rt_cache
— Contains the current routing cache.
snmp
— List of Simple Network Management Protocol (SNMP) data for various networking protocols in use.
sockstat
— Provides socket statistics.
tcp
— Contains detailed TCP socket information.
tr_rif
— Lists the token ring RIF routing table.
udp
— Contains detailed UDP socket information.
unix
— Lists UNIX domain sockets currently in use.
wireless
— Lists wireless interface data.
/proc/scsi/
/proc/scsi/scsi
,
which contains a list of every recognized SCSI device. From this
listing, the type of device, as well as the model name, vendor, SCSI
channel and ID data is available.
Attached devices: Host: scsi1 Channel: 00 Id: 05 Lun: 00 Vendor: NEC Model: CD-ROM DRIVE:466 Rev: 1.06 Type: CD-ROM ANSI SCSI revision: 02 Host: scsi1 Channel: 00 Id: 06 Lun: 00 Vendor: ARCHIVE Model: Python 04106-XXX Rev: 7350 Type: Sequential-Access ANSI SCSI revision: 02 Host: scsi2 Channel: 00 Id: 06 Lun: 00 Vendor: DELL Model: 1x6 U2W SCSI BP Rev: 5.35 Type: Processor ANSI SCSI revision: 02 Host: scsi2 Channel: 02 Id: 00 Lun: 00 Vendor: MegaRAID Model: LD0 RAID5 34556R Rev: 1.01 Type: Direct-Access ANSI SCSI revision: 02
/proc/scsi/
, which contains files specific to each SCSI controller using that driver. From the previous example, aic7xxx/
and megaraid/
directories are present, since two drivers are in use. The files in
each of the directories typically contain an I/O address range, IRQ
information, and statistics for the SCSI controller using that driver.
Each controller can report a different type and amount of information.
The Adaptec AIC-7880 Ultra SCSI host adapter's file in this example
system produces the following output:
Adaptec AIC7xxx driver version: 5.1.20/3.2.4 Compile Options: TCQ Enabled By Default : Disabled AIC7XXX_PROC_STATS : Enabled AIC7XXX_RESET_DELAY : 5 Adapter Configuration: SCSI Adapter: Adaptec AIC-7880 Ultra SCSI host adapter Ultra Narrow Controller PCI MMAPed I/O Base: 0xfcffe000 Adapter SEEPROM Config: SEEPROM found and used. Adaptec SCSI BIOS: Enabled IRQ: 30 SCBs: Active 0, Max Active 1, Allocated 15, HW 16, Page 255 Interrupts: 33726 BIOS Control Word: 0x18a6 Adapter Control Word: 0x1c5f Extended Translation: Enabled Disconnect Enable Flags: 0x00ff Ultra Enable Flags: 0x0020 Tag Queue Enable Flags: 0x0000 Ordered Queue Tag Flags: 0x0000 Default Tag Queue Depth: 8 Tagged Queue By Device array for aic7xxx host instance 1: {255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255} Actual queue depth per device for aic7xxx host instance 1: {1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1} Statistics: (scsi1:0:5:0) Device using Narrow/Sync transfers at 20.0 MByte/sec, offset 15 Transinfo settings: current(12/15/0/0), goal(12/15/0/0), user(12/15/0/0) Total transfers 0 (0 reads and 0 writes) < 2K 2K+ 4K+ 8K+ 16K+ 32K+ 64K+ 128K+ Reads: 0 0 0 0 0 0 0 0 Writes: 0 0 0 0 0 0 0 0 (scsi1:0:6:0) Device using Narrow/Sync transfers at 10.0 MByte/sec, offset 15 Transinfo settings: current(25/15/0/0), goal(12/15/0/0), user(12/15/0/0) Total transfers 132 (0 reads and 132 writes) < 2K 2K+ 4K+ 8K+ 16K+ 32K+ 64K+ 128K+ Reads: 0 0 0 0 0 0 0 0 Writes: 0 0 0 1 131 0 0 0
/proc/sys/
/proc/sys/
directory is different from others in /proc/
because it not only provides information about the system but also
allows the system administrator to immediately enable and disable kernel
features.
/proc/sys/
directory. Changing the wrong setting may render the kernel unstable, requiring a system reboot.
/proc/sys/
.
-l
option at the shell prompt. If the file is writable, it may be used to configure the kernel. For example, a partial listing of /proc/sys/fs
looks like the following:
-r--r--r-- 1 root root 0 May 10 16:14 dentry-state -rw-r--r-- 1 root root 0 May 10 16:14 dir-notify-enable -rw-r--r-- 1 root root 0 May 10 16:14 file-max -r--r--r-- 1 root root 0 May 10 16:14 file-nr
dir-notify-enable
and file-max
can be written to and, therefore, can be used to configure the kernel.
The other files only provide feedback on current settings.
/proc/sys/
file is done by echoing the new value into the file. For example, to
enable the System Request Key on a running kernel, type the command:
echo 1 > /proc/sys/kernel/sysrq
sysrq
from 0
(off) to 1
(on).
/proc/sys/
configuration files
contain more than one value. To correctly send new values to them, place
a space character between each value passed with the echo
command, such as is done in this example:
echo 4 2 45 > /proc/sys/kernel/acct
echo
command disappear when the system is restarted. To make configuration
changes take effect after the system is rebooted, refer to Section 19.4, “Using the sysctl
Command”.
/proc/sys/
directory contains several subdirectories controlling different aspects of a running kernel.
/proc/sys/dev/
cdrom/
and raid/
. Customized kernels can have other directories, such as parport/
, which provides the ability to share one parallel port between multiple device drivers.
cdrom/
directory contains a file called info
, which reveals a number of important CD-ROM parameters:
CD-ROM information, Id: cdrom.c 3.20 2003/12/17 drive name: hdc drive speed: 48 drive # of slots: 1 Can close tray: 1 Can open tray: 1 Can lock tray: 1 Can change speed: 1 Can select disk: 0 Can read multisession: 1 Can read MCN: 1 Reports media changed: 1 Can play audio: 1 Can write CD-R: 0 Can write CD-RW: 0 Can read DVD: 0 Can write DVD-R: 0 Can write DVD-RAM: 0 Can read MRW: 0 Can write MRW: 0 Can write RAM: 0
/proc/sys/dev/cdrom
, such as autoclose
and checkmedia
, can be used to control the system's CD-ROM. Use the echo
command to enable or disable these features.
/proc/sys/dev/raid/
directory becomes available with at least two files in it: speed_limit_min
and speed_limit_max
. These settings determine the acceleration of RAID devices for I/O intensive tasks, such as resyncing the disks.
/proc/sys/fs/
binfmt_misc/
directory is used to provide kernel support for miscellaneous binary formats.
/proc/sys/fs/
include:
dentry-state
— Provides the status of the directory cache. The file looks similar to the following:
57411 52939 45 0 0 0
file-max
— Lists the maximum number
of file handles that the kernel allocates. Raising the value in this
file can resolve errors caused by a lack of available file handles.
file-nr
— Lists the number of allocated file handles, used file handles, and the maximum number of file handles.
overflowgid
and overflowuid
— Defines the fixed group ID and user ID, respectively, for use with file systems that only support 16-bit group and user IDs.
/proc/sys/kernel/
acct
— Controls the suspension of
process accounting based on the percentage of free space available on
the file system containing the log. By default, the file looks like the
following:
4 2 30
ctrl-alt-del
— Controls whether Ctrl+Alt+Delete gracefully restarts the computer using init
(0
) or forces an immediate reboot without syncing the dirty buffers to disk (1
).
domainname
— Configures the system domain name, such as example.com
.
exec-shield
— Configures the Exec
Shield feature of the kernel. Exec Shield provides protection against
certain types of buffer overflow attacks.
0
— Disables Exec Shield.
1
— Enables Exec Shield. This is the default value.
hostname
— Configures the system hostname, such as www.example.com
.
hotplug
— Configures the utility to
be used when a configuration change is detected by the system. This is
primarily used with USB and Cardbus PCI. The default value of /sbin/hotplug
should not be changed unless testing a new program to fulfill this role.
modprobe
— Sets the location of the program used to load kernel modules. The default value is /sbin/modprobe
which means kmod
calls it to load the module when a kernel thread calls kmod
.
msgmax
— Sets the maximum size of any message sent from one process to another and is set to 8192
bytes by default. Be careful when raising this value, as queued
messages between processes are stored in non-swappable kernel memory.
Any increase in msgmax
would increase RAM requirements for the system.
msgmnb
— Sets the maximum number of bytes in a single message queue. The default is 16384
.
msgmni
— Sets the maximum number of message queue identifiers. The default is 4008
.
osrelease
— Lists the Linux kernel release number. This file can only be altered by changing the kernel source and recompiling.
ostype
— Displays the type of operating system. By default, this file is set to Linux
, and this value can only be changed by changing the kernel source and recompiling.
overflowgid
and overflowuid
— Defines the fixed group ID and user ID, respectively, for use with
system calls on architectures that only support 16-bit group and user
IDs.
panic
— Defines the number of
seconds the kernel postpones rebooting when the system experiences a
kernel panic. By default, the value is set to 0
, which disables automatic rebooting after a panic.
printk
— This file controls a
variety of settings related to printing or logging error messages. Each
error message reported by the kernel has a loglevel associated with it that defines the importance of the message. The loglevel values break down in this order:
0
— Kernel emergency. The system is unusable.
1
— Kernel alert. Action must be taken immediately.
2
— Condition of the kernel is considered critical.
3
— General kernel error condition.
4
— General kernel warning condition.
5
— Kernel notice of a normal but significant condition.
6
— Kernel informational message.
7
— Kernel debug-level messages.
printk
file:
6 4 1 7
random/
directory — Lists a number of values related to generating random numbers for the kernel.
sem
— Configures semaphore settings within the kernel. A semaphore is a System V IPC object that is used to control utilization of a particular process.
shmall
— Sets the total amount of shared memory that can be used at one time on the system, in bytes. By default, this value is 2097152
.
shmmax
— Sets the largest shared memory segment size allowed by the kernel, in bytes. By default, this value is 33554432
. However, the kernel supports much larger values than this.
shmmni
— Sets the maximum number of shared memory segments for the whole system, in bytes. By default, this value is 4096
sysrq
— Activates the System Request Key, if this value is set to anything other than zero (0
), the default.
system request code
. Replace system request code
with one of the following system request codes:
r
— Disables raw mode for the keyboard and sets it to XLATE (a limited keyboard mode which does not recognize modifiers such as Alt, Ctrl, or Shift for all keys).
k
— Kills all processes active in a virtual console. Also called Secure Access Key (SAK), it is often used to verify that the login prompt is spawned from init
and not a trojan copy designed to capture usernames and passwords.
b
— Reboots the kernel without first unmounting file systems or syncing disks attached to the system.
c
— Crashes the system without first unmounting file systems or syncing disks attached to the system.
o
— Shuts off the system.
s
— Attempts to sync disks attached to the system.
u
— Attempts to unmount and remount all file systems as read-only.
p
— Outputs all flags and registers to the console.
t
— Outputs a list of processes to the console.
m
— Outputs memory statistics to the console.
0
through 9
— Sets the log level for the console.
e
— Kills all processes except init
using SIGTERM.
i
— Kills all processes except init
using SIGKILL.
l
— Kills all processes using SIGKILL (including init
). The system is unusable after issuing this System Request Key code.
h
— Displays help text.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/sysrq.txt
for more information about the System Request Key.
tainted
— Indicates whether a non-GPL module is loaded.
0
— No non-GPL modules are loaded.
1
— At least one module without a GPL license (including modules with no license) is loaded.
2
— At least one module was force-loaded with the command insmod -f
.
threads-max
— Sets the maximum number of threads to be used by the kernel, with a default value of 2048
.
version
— Displays the date and time the kernel was last compiled. The first field in this file, such as #3
, relates to the number of times a kernel was built from the source base.
/proc/sys/net/
ethernet/
, ipv4/
, ipx/
, and ipv6/
.
By altering the files within these directories, system administrators
are able to adjust the network configuration on a running system.
/proc/sys/net/
directories are discussed.
/proc/sys/net/core/
directory
contains a variety of settings that control the interaction between the
kernel and networking layers. The most important of these files are:
message_burst
— Sets the amount of time in tenths of a second required to write a new warning message. This setting is used to mitigate Denial of Service (DoS) attacks. The default setting is 10
.
message_cost
— Sets a cost on every warning message. The higher the value of this file (default of 5
), the more likely the warning message is ignored. This setting is used to mitigate DoS attacks.
message_burst
and message_cost
are designed to be modified based on the system's acceptable risk versus the need for comprehensive logging.
netdev_max_backlog
— Sets the
maximum number of packets allowed to queue when a particular interface
receives packets faster than the kernel can process them. The default
value for this file is 1000
.
optmem_max
— Configures the maximum ancillary buffer size allowed per socket.
rmem_default
— Sets the receive socket buffer default size in bytes.
rmem_max
— Sets the receive socket buffer maximum size in bytes.
wmem_default
— Sets the send socket buffer default size in bytes.
wmem_max
— Sets the send socket buffer maximum size in bytes.
/proc/sys/net/ipv4/
directory
contains additional networking settings. Many of these settings, used in
conjunction with one another, are useful in preventing attacks on the
system or when using the system to act as a router.
/proc/sys/net/ipv4/
directory:
icmp_echo_ignore_all
and icmp_echo_ignore_broadcasts
— Allows the kernel to ignore ICMP ECHO packets from every host or only
those originating from broadcast and multicast addresses, respectively.
A value of 0
allows the kernel to respond, while a value of 1
ignores the packets.
ip_default_ttl
— Sets the default Time To Live (TTL),
which limits the number of hops a packet may make before reaching its
destination. Increasing this value can diminish system performance.
ip_forward
— Permits interfaces on the system to forward packets to one other. By default, this file is set to 0
. Setting this file to 1
enables network packet forwarding.
ip_local_port_range
— Specifies the
range of ports to be used by TCP or UDP when a local port is needed.
The first number is the lowest port to be used and the second number
specifies the highest port. Any systems that expect to require more
ports than the default 1024 to 4999 should use a range from 32768 to
61000.
tcp_syn_retries
— Provides a limit on the number of times the system re-transmits a SYN packet when attempting to make a connection.
tcp_retries1
— Sets the number of permitted re-transmissions attempting to answer an incoming connection. Default of 3
.
tcp_retries2
— Sets the number of permitted re-transmissions of TCP packets. Default of 15
.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/networking/ip-sysctl.txt
/proc/sys/net/ipv4/
directory.
/proc/sys/net/ipv4/
directory and each covers a different aspect of the network stack. The /proc/sys/net/ipv4/conf/
directory allows each system interface to be configured in different
ways, including the use of default settings for unconfigured devices (in
the /proc/sys/net/ipv4/conf/default/
subdirectory) and settings that override all special configurations (in the /proc/sys/net/ipv4/conf/all/
subdirectory).
/proc/sys/net/ipv4/neigh/
directory contains settings for communicating with a host directly
connected to the system (called a network neighbor) and also contains
different settings for systems more than one hop away.
/proc/sys/net/ipv4/route/
. Unlike conf/
and neigh/
, the /proc/sys/net/ipv4/route/
directory contains specifications that apply to routing with any interfaces on the system. Many of these settings, such as max_size
, max_delay
, and min_delay
, relate to controlling the size of the routing cache. To clear the routing cache, write any value to the flush
file.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/filesystems/proc.txt
/proc/sys/vm/
/proc/sys/vm/
directory:
block_dump
— Configures block I/O
debugging when enabled. All read/write and block dirtying operations
done to files are logged accordingly. This can be useful if diagnosing
disk spin up and spin downs for laptop battery conservation. All output
when block_dump
is enabled can be retrieved via dmesg
. The default value is 0
.
block_dump
is enabled at the same time as kernel debugging, it is prudent to stop the klogd
daemon, as it generates erroneous disk activity caused by block_dump
.
dirty_background_ratio
— Starts background writeback of dirty data at this percentage of total memory, via a pdflush daemon. The default value is 10
.
dirty_expire_centisecs
— Defines
when dirty in-memory data is old enough to be eligible for writeout.
Data which has been dirty in-memory for longer than this interval is
written out next time a pdflush daemon wakes up. The default value is 3000
, expressed in hundredths of a second.
dirty_ratio
— Starts active
writeback of dirty data at this percentage of total memory for the
generator of dirty data, via pdflush. The default value is 20
.
dirty_writeback_centisecs
— Defines
the interval between pdflush daemon wakeups, which periodically writes
dirty in-memory data out to disk. The default value is 500
, expressed in hundredths of a second.
laptop_mode
— Minimizes the number
of times that a hard disk needs to spin up by keeping the disk spun down
for as long as possible, therefore conserving battery power on laptops.
This increases efficiency by combining all future I/O processes
together, reducing the frequency of spin ups. The default value is 0
, but is automatically enabled in case a battery on a laptop is used.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/laptop-mode.txt
max_map_count
— Configures the maximum number of memory map areas a process may have. In most cases, the default value of 65536
is appropriate.
min_free_kbytes
— Forces the Linux
VM (virtual memory manager) to keep a minimum number of kilobytes free.
The VM uses this number to compute a pages_min
value for each lowmem
zone in the system. The default value is in respect to the total memory on the machine.
nr_hugepages
— Indicates the current number of configured hugetlb
pages in the kernel.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/vm/hugetlbpage.txt
nr_pdflush_threads
— Indicates the
number of pdflush daemons that are currently running. This file is
read-only, and should not be changed by the user. Under heavy I/O loads,
the default value of two is increased by the kernel.
overcommit_memory
— Configures the conditions under which a large memory request is accepted or denied. The following three modes are available:
0
— The kernel performs heuristic
memory over commit handling by estimating the amount of memory available
and failing requests that are blatantly invalid. Unfortunately, since
memory is allocated using a heuristic rather than a precise algorithm,
this setting can sometimes allow available memory on the system to be
overloaded. This is the default setting.
1
— The kernel performs no memory
over commit handling. Under this setting, the potential for memory
overload is increased, but so is performance for memory intensive tasks
(such as those executed by some scientific software).
2
— The kernel fails requests for memory that add up to all of swap plus the percent of physical RAM specified in /proc/sys/vm/overcommit_ratio
. This setting is best for those who desire less risk of memory overcommitment.
overcommit_ratio
— Specifies the percentage of physical RAM considered when /proc/sys/vm/overcommit_memory
is set to 2
. The default value is 50
.
page-cluster
— Sets the number of pages read in a single attempt. The default value of 3
, which actually relates to 16 pages, is appropriate for most systems.
swappiness
— Determines how much a
machine should swap. The higher the value, the more swapping occurs. The
default value, as a percentage, is set to 60
.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/
, which contains additional information.
/proc/sysvipc/
msg
), semaphores (sem
), and shared memory (shm
).
/proc/tty/
drivers
file is a list of the current tty devices in use, as in the following example:
serial /dev/cua 5 64-127 serial:callout serial /dev/ttyS 4 64-127 serial pty_slave /dev/pts 136 0-255 pty:slave pty_master /dev/ptm 128 0-255 pty:master pty_slave /dev/ttyp 3 0-255 pty:slave pty_master /dev/pty 2 0-255 pty:master /dev/vc/0 /dev/vc/0 4 0 system:vtmaster /dev/ptmx /dev/ptmx 5 2 system /dev/console /dev/console 5 1 system:console /dev/tty /dev/tty 5 0 system:/dev/tty unknown /dev/vc/%d 4 1-63 console
/proc/tty/driver/serial
file lists the usage statistics and status of each of the serial tty lines.
/proc/PID
/
/proc/sys/vm/panic_on_oom
. When set to 1
the kernel will panic on OOM. A setting of 0
instructs the kernel to call a function named oom_killer
on an OOM. Usually, oom_killer
can kill rogue processes and the system will survive.
/proc/sys/vm/panic_on_oom
.
# cat /proc/sys/vm/panic_on_oom 1 # echo 0 > /proc/sys/vm/panic_on_oom # cat /proc/sys/vm/panic_on_oom 0
oom_killer
score. In /proc/PID
/
there are two tools labelled oom_adj
and oom_score
. Valid scores for oom_adj
are in the range -16 to +15. To see the current oom_killer
score, view the oom_score
for the process. oom_killer
will kill processes with the highest scores first.
PID
of 12465 to make it less likely that oom_killer
will kill it.
# cat /proc/12465/oom_score 79872 # echo -5 > /proc/12465/oom_adj # cat /proc/12465/oom_score 78
oom_killer
for that process. In the example below, oom_score
returns a value of 0, indicating that this process would not be killed.
# cat /proc/12465/oom_score 78 # echo -17 > /proc/12465/oom_adj # cat /proc/12465/oom_score 0
badness()
is used to
determine the actual score for each process. This is done by adding up
'points' for each examined process. The process scoring is done in the
following way:
CAP_SYS_ADMIN
and CAP_SYS_RAWIO
capabilities have their scores reduced.
oom_adj
file.
oom_score
value will most probably be a non-priviliged, recently started process
that, along with its children, uses a large amount of memory, has been
'niced', and handles no raw I/O.
sysctl
Command/sbin/sysctl
command is used to view, set, and automate kernel settings in the /proc/sys/
directory.
/proc/sys/
directory, type the /sbin/sysctl -a
command as root. This creates a large, comprehensive list, a small portion of which looks something like the following:
net.ipv4.route.min_delay = 2 kernel.sysrq = 0 kernel.sem = 250 32000 32 128
/proc/sys/net/ipv4/route/min_delay
file is listed as net.ipv4.route.min_delay
, with the directory slashes replaced by dots and the proc.sys
portion assumed.
sysctl
command can be used in place of echo
to assign values to writable files in the /proc/sys/
directory. For example, instead of using the command
echo 1 > /proc/sys/kernel/sysrq
sysctl
command as follows:
sysctl -w kernel.sysrq="1" kernel.sysrq = 1
/proc/sys/
is helpful during testing, this method does not work as well on a production system as special settings within /proc/sys/
are lost when the machine is rebooted. To preserve custom settings, add them to the /etc/sysctl.conf
file.
init
program runs the /etc/rc.d/rc.sysinit
script. This script contains a command to execute sysctl
using /etc/sysctl.conf
to determine the values passed to the kernel. Any values added to /etc/sysctl.conf
therefore take effect each time the system boots.
proc
file system.
proc
file system is installed on the system by default.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/filesystems/proc.txt
— Contains assorted, but limited, information about all aspects of the /proc/
directory.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/sysrq.txt
— An overview of System Request Key options.
/usr/share/doc/kernel-doc-kernel_version
/Documentation/sysctl/
— A directory containing a variety of sysctl
tips, including modifying values that concern the kernel (kernel.txt
), accessing file systems (fs.txt
), and virtual memory use (vm.txt
).
/usr/share/doc/kernel-doc-kernel_version
/Documentation/networking/ip-sysctl.txt
— A detailed overview of IP networking options.
ps ax
command displays a list of
current system processes, including processes owned by other users. To
display the owner alongside each process, use the ps aux
command. This list is a static list; in other words, it is a snapshot
of what was running when you invoked the command. If you want a
constantly updated list of running processes, use top
as described below.
ps
output can be long. To prevent it from scrolling off the screen, you can pipe it through less:
ps aux | less
ps
command in combination with the grep
command to see if a process is running. For example, to determine if Emacs is running, use the following command:
ps ax | grep emacs
top
command displays currently
running processes and important information about them including their
memory and CPU usage. The list is both real-time and interactive. An
example of output from the top
command is provided as follows:
top - 18:11:48 up 1 min, 1 user, load average: 0.68, 0.30, 0.11
Tasks: 122 total, 1 running, 121 sleeping, 0 stopped, 0 zombie
Cpu(s): 0.0%us, 0.5%sy, 0.0%ni, 93.4%id, 5.7%wa, 0.2%hi, 0.2%si, 0.0
Mem: 501924k total, 376496k used, 125428k free, 29664k buffers
Swap: 1015800k total, 0k used, 1015800k free, 189008k cached
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
1601 root 40 0 20172 1084 920 S 0.3 0.2 0:00.08 hald-addon-sto
1998 silas 40 0 14984 1160 880 R 0.3 0.2 0:00.13 top
1 root 40 0 19160 1412 1156 S 0.0 0.3 0:00.96 init
2 root 40 0 0 0 0 S 0.0 0.0 0:00.01 kthreadd
3 root RT 0 0 0 0 S 0.0 0.0 0:00.05 migration/0
4 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/0
5 root RT 0 0 0 0 S 0.0 0.0 0:00.00 watchdog/0
6 root RT 0 0 0 0 S 0.0 0.0 0:00.04 migration/1
7 root 20 0 0 0 0 S 0.0 0.0 0:00.00 ksoftirqd/1
8 root RT 0 0 0 0 S 0.0 0.0 0:00.00 watchdog/1
9 root 20 0 0 0 0 S 0.0 0.0 0:00.00 events/0
10 root 20 0 0 0 0 S 0.0 0.0 0:00.01 events/1
11 root 20 0 0 0 0 S 0.0 0.0 0:00.00 cpuset
12 root 20 0 0 0 0 S 0.0 0.0 0:00.00 khelper
[output truncated]
top
, press the q key.
top
commands” contains useful interactive commands that you can use with top
. For more information, refer to the top
(1) manual page.
top
commandsCommand | Description |
---|---|
Space | Immediately refresh the display |
h | Display a help screen |
k | Kill a process. You are prompted for the process ID and the signal to send to it. |
n | Change the number of processes displayed. You are prompted to enter the number. |
u | Sort by user. |
M | Sort by memory usage. |
P | Sort by CPU usage. |
top
, you can use the GNOME System Monitor. To start it from the desktop, select → → or execute gnome-system-monitor
at a shell prompt. Select the Processes tab.
free
command displays the total
amount of physical memory and swap space for the system as well as the
amount of memory that is used, free, shared, in kernel buffers, and
cached.
total used free shared buffers cached Mem: 4017660 1619044 2398616 0 59864 637968 -/+ buffers/cache: 921212 3096448 Swap: 3071996 0 3071996
free -m
shows the same information in megabytes, which are easier to read.
total used free shared buffers cached Mem: 3923 1569 2353 0 58 626 -/+ buffers/cache: 884 3038 Swap: 2999 0 2999
free
, you can use the GNOME System Monitor. To start it from the desktop, select → → or execute gnome-system-monitor
at a shell prompt. Click on the Resources tab.
df
command reports the system's disk space usage. If you Execute the command df
at a shell prompt, the output looks similar to the following:
Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/volgrp1-lvroot 14127024 6868092 6541316 52% / tmpfs 2008828 592 2008236 1% /dev/shm /dev/sda1 495844 65047 405197 14% /boot /dev/mapper/luks-b20f8f7a-7f0f-4497-8de4-81bfa3e541cf 122046576 12111420 103735552 11% /home
df -h
. The -h
argument stands for human-readable format. The output looks similar to the following:
Filesystem Size Used Avail Use% Mounted on /dev/mapper/volgrp1-lvroot 14G 6.6G 6.3G 52% / tmpfs 2.0G 592K 2.0G 1% /dev/shm /dev/sda1 485M 64M 396M 14% /boot /dev/mapper/luks-b20f8f7a-7f0f-4497-8de4-81bfa3e541cf 117G 12G 99G 11% /home
/dev/shm
. This entry represents the system's virtual memory file system.
du
command displays the estimated amount of space being used by files in a directory. If you execute du
at a shell prompt, the disk usage for each of the subdirectories is
displayed in a list. The grand total for the current directory and
subdirectories are also shown as the last line in the list. If you do
not want to see the totals for all the subdirectories, use the command du -hs
to see only the grand total for the directory in human-readable format. Use the du --help
command to see more options.
gnome-system-monitor
command at a shell prompt. Select the File Systems tab to view the
system's partitions. The figure below illustrates the File Systems tab.
hwbrowser
at a shell prompt. As shown in Figure 20.4, “ Hardware Browser ”,
it displays your CD-ROM devices, diskette drives, hard drives and their
partitions, network devices, pointing devices, system devices, and
video cards. Click on the category name in the left menu, and the
information is displayed.
hal-device-manager
. Depending on your installation preferences, the graphical menu above may start this application or the Hardware Browser when clicked. The figure below illustrates the Device Manager window.
lspci
command to list all PCI devices. Use the command lspci -v
for more verbose information or lspci -vv
for very verbose output.
lspci
can be used to determine the manufacturer, model, and memory size of a system's video card:
00:02.1 Display controller: Intel Corporation Mobile 4 Series Chipset Integrated Graphics Controller (rev 07) Subsystem: Lenovo Device 20e4 Flags: bus master, fast devsel, latency 0 Memory at f4200000 (64-bit, non-prefetchable) [size=1M] Capabilities: [d0] Power Management version 3
lspci
is also useful to determine the network card in your system if you do not know the manufacturer or model number.
ps --help
— Displays a list of options that can be used with ps
.
top
manual page — Execute man top
to learn more about top
and its many options.
free
manual page — Execute man free
to learn more about free
and its many options.
df
manual page — Execute man df
to learn more about the df
command and its many options.
du
manual page — Execute man du
to learn more about the du
command and its many options.
lspci
manual page — Execute man lspci
to learn more about the lspci
command and its many options.
abrtd
, the system service
~]$ yum list all | grep abrt
abrtd
daemon configured to run at boot time, and abrt-applet to run in the Notification Area of your desktop session.
abrt-desktop
package is installed on your system by running, as root:
~]# yum install abrt-desktop
abrtd
daemon is running by running the following command, as root:
~]# service abrtd status
abrt (pid 1559) is running...
abrt is stopped
, you can start the abrtd
service by running, as root:
~]# service abrtd start
Starting abrt daemon: [ OK ]
abrtd
service initializes at startup time by running the following command, as root:
~]# chkconfig abrtd on
abrt-applet
program as a normal user when logged into your desktop session, or by
arranging for it to be started when the GUI session is initialized. For
example, on the GNOME desktop, this can be configured in → → .
D-Bus
message is sent about this crash. If abrt-applet
is running, it receives this message and displays a red alarm icon in
the Notification Area. You can open the GUI application by clicking on
this icon.
]$ yum list all | grep abrt-plugin-*
/etc/abrt/plugins/
directory. The following is a list of all analyzer plugins.
/etc/abrt/plugins/Kerneloops.conf
file.
/etc/abrt/plugins/Python.conf
file.
/etc/abrt/plugins/CCpp.conf
file.
/etc/abrt/plugins/
directory or in the ABRT GUI application (for more information on reporter plugin configuration in the ABRT GUI application, refer to Section 21.3.3, “Plugin Configuration in the GUI”).
FTP
/SCP
server
/etc/abrt/plugins/*.conf
configuration files on a per-user basis. Each of the plugins specified in section Section 21.3.2, “Reporter Plugins” can be configured in the ABRT GUI application. Open the plugins window by clicking → .
This window shows a list of all installed plugins. You can also view
each of the plugins' details by selecting one and expanding . When you select one of the configurable plugins, you can click the
button and you will be able to configure your desired plugin. If you
change any of the plugins' parameters, they are saved in the Gnome
keyring and will be used in the future GUI sessions.
/etc/abrt/plugins/*.conf
configuration files are world readable and are meant to be used as
global settings. Thus, it is not advisable to store usernames, passwords
or any other sensitive data in them. The per-user settings (set in the
GUI application and readable by the owner of $HOME only) are stored in
the Gnome keyring or can be stored in a text file in $HOME/.abrt/*.conf
for use in abrt-cli
.
SSL
protocol is used when sending the data over the network.
Subject
field of a crash report email sent by mailx (by default, set to "[abrt] crash report"
).
From
field of a crash report email.
SSL
protocol is used when sending the data over the network.
/var/log/abrt.log
).
CCpp
analyzer plugin) occurs.
filelists
of various repositories in order to find the correct package names. This process may take a few minutes.
debuginfo
files. In order to speed up future backtrace generation, debuginfo
files are cached in the /var/cache/abrt-di
directory.
/etc/abrt/plugins/CCpp.conf
file:
Backtrace = <yes/no>
— Enables/Disables backtrace generation.
BacktraceRemotes = <yes/no>
— For more information about this parameter, refer to Section 21.7, “Configuring Centralized Crash Collection”.
InstallDebugInfo = <yes/no>
— Enables/Disables the installation of debuginfo packages (useful if your network is not available or it is firewalled).
ReadonlyLocalDebugInfoDirs = /path1:/path2:...
— Specifies the paths of local repositories (available, for example, through a network mount) that contain pre-downloaded debuginfo packages.
DebugInfoCacheMB = 4000
— Specifies the maximum size of the cached debuginfo packages in the /var/cache/abrt-di
directory.
Starting the debuginfo installation Getting list of build IDs 12 missing debuginfos, getting package list from cache 12 missing debuginfos, getting package list from repositories Downloading 7 packages Download 1/7: acl-debuginfo-2.2.49-6.fc13.x86_64 Unpacking: acl-debuginfo-2.2.49-6.fc13.x86_64.rpm Caching debuginfo: usr/lib/debug/.build-id/3d/e20df1db609bd9313b1dc440796004f95911fd.debug Download 2/7: firefox-debuginfo-3.6.7-1.fc13.x86_64 Unpacking: firefox-debuginfo-3.6.7-1.fc13.x86_64.rpm Caching debuginfo: usr/lib/debug/.build-id/3d/b29c9308cb276431ce8854a2d88cf83518afc6.debug Caching debuginfo: usr/lib/debug/.build-id/a3/86884285365c8288e4e761ec034fafaa1daee1.debug ⋮ Download 7/7: zlib-debuginfo-1.2.3-23.fc12.x86_64 Unpacking: zlib-debuginfo-1.2.3-23.fc12.x86_64.rpm Caching debuginfo: usr/lib/debug/.build-id/f7/933750da80f555321576e72b375caf7a3cc075.debug All needed debuginfos are present Generating backtrace
/var/run/abrt/tmp-29177-1283344373
) for its operations. Normally, this directory is removed when abrt-debuginfo-install exits.
debug=false keep_tmp=false
debug=true keep_tmp=true
/var/run/abrt/tmp-NNN-NNN
directory. You can examine the log files in this directory, they may contain useful error messages.
/tmp
directory and run the following commands, as root:
tmp]# yum --enablerepo=*debuginfo* --quiet provides /usr/bin/true tmp]# yumdownloader --enablerepo=*debuginfo* --quiet coreutils
coreutils-*.rpm
file. If any error messages appear, check your yum configuration files in the /etc/yum.repos.d/*
directory and the /etc/yum/*
directory. If any of these commands hang, check that you do not have another instance of yum running, and that your network connection is working properly.
abrt-cli --list
or abrt-cli -l
:
~]$ abrt-cli --list
0.
UID : 500
UUID : 784b06666020e9f43718d99bf2649f19b4f251a9
Package : bash-4.1.2-3.el6
Executable : /bin/bash
Crash Time : Tue 20 Jul 2010 03:22:52 PM CEST
Crash Count: 2
1.
UID : 500
UUID : 48007b98d65cca4530d99a564379e2609169239d
Package : coreutils-8.4-9.el6
Executable : /bin/sleep
Crash Time : Tue 20 Jul 2010 03:22:00 PM CEST
Crash Count: 1
UID:
field shows the ID of the user which ran the program that caused the crash. The Package
field shows the name and version of the Red Hat Enterprise Linux package that contains the program, and the Executable
field shows the location of the binary or script that crashed. The Crash Count
field indicates how many times the same crash happened.
abrt-cli --report <UUID>
or abrt-cli --r <UUID>
, where UUID
is a Universally Unique Identifier of a crash from the list of crashes; to view this list, execute the abrt-cli --list
command. You do not need to remember the exact UUID
; either use a mouse to copy and paste it, or enter a unique prefix and press <ENTER>.
~]$ abrt-cli --report 480
<ENTER>
>> Starting report creation...
abrt-cli
opens a text editor with the content of the report. You can see what is
being reported, and you can fill in instructions on how to reproduce
the crash and other comments. You should also check the backtrace,
because the backtrace might be sent to a public server and viewed by
anyone, depending on the plugin settings.
abrt-cli
uses the editor defined in the ABRT_EDITOR
environment variable. If the variable is not defined, it checks the VISUAL
and EDITOR
variables. If none of these variables is set, vi
is used. You can set the preferred editor in your .bashrc
configuration file. For example, if you prefer GNU Emacs, add the following line to the file:
exportVISUAL
=emacs
abrt-cli --delete <UUID>
.
/etc/abrt/abrt.conf
. ABRT plugins can be configured through their config files, located in the /etc/abrt/plugins/
directory.
abrt.conf
configuration file, you must restart the abrtd
daemon—as root—for the new settings to take effect:
~]# service abrtd restart
/etc/abrt/abrt.conf
.
<yes/no>
OpenGPGCheck
directive to yes
(the default setting) tells ABRT to only
analyze and handle crashes in applications provided by packages which
are signed by the GPG keys whose locations are listed in the /etc/abrt/gpg_keys
file. Setting OpenGPGCheck
to no
tells ABRT to catch crashes in all programs.
<additional_packages>
] BlackList
directive will not be handled by ABRT. If you want ABRT to ignore other packages and binaries, list them here separated by commas.
<yes/no>
/usr/share/doc/*
, */example*
abrtd
to auto-unpack crashdump tarballs which appear in the specified directory — in this case /var/spool/abrt-upload/
— (for example, uploaded via ftp
, scp
, etc.). You must ensure that whatever directory you specify in this directive exists and is writable for abrtd
. abrtd
will not create it automatically.
<size_in_megabytes>
1000
MB. Once the quota specified here has been met, ABRT will continue catching crashes, and in order to make room for the new crash dumps, it will delete the oldest and largest ones.
<additional_plugins>
] SOSreport
plugin runs the sosreport
tool which adds the data collected by it to the created crash dump. You
can turn this behavior off by commenting out this line. For further
fine-tuning, you can add SOSreport
(or any other specified plugin) to either the CCpp
or Python
options to make ABRT run sosreport
(or any other specified plugin) after any C and C++ or Python
applications crash, respectively. For more information on various Action
and Reporter plugins, refer to Section 21.3, “ ABRT Plugins”
abrt-gui
or abrt-cli
and report the crash that occurred. If you do not specify any actions
and reporters in these directives, you will not be able to report a
crash via abrt-gui
or abrt-cli
. The order of actions and reporters is important. Commenting out a directive, will cause ABRT not to catch the crashes associated with that directive. For example, commenting out the Kerneloops line will cause ABRT not to catch kernel oopses.
plugins/*.conf
file. For example, plugins/RHTSupport.conf
specifies which RHTSupport URL to use (set to https://api.access.redhat.com/rs
by default), the user's login name, password for logging in to the
RHTSupport site, etc. All these options can also be configured through
the abrt-gui
application (for more information on plugin configuration refer to Section 21.3, “ ABRT Plugins”).
<time>
= <action_to_run>
[ Cron ]
section of abrt.conf
allows you to specify the exact time, or elapsed amount of time between, when ABRT
should run a certain action, such as scanning for kernel oopses or
performing file transfers. You can list further actions to run by
appending them to the end of this section.
# Which Action plugins to run repeatedly [ Cron ] # h:m - at h:m # s - every s seconds 120 = KerneloopsScanner #02:00 = FileTransfer
<time_in_seconds> = <action_to_run>
or <hh:mm> = <action_to_run>
, where hh
(hour) is in the range 00-23
(all hours less than 10 should be zero-filled, i.e. preceded by a 0
), and mm
(minute) is 00-59
, zero-filled likewise.
yum install abrt-plugin-reportuploader
).
/var/spool/abrt-upload/
is used (the rest of the document assumes you are using /var/spool/abrt-upload/
). Make sure this directory is writable by the abrt
user.
abrt
. This user is used by the abrtd
daemon for various things, for example, as the owner:group of /var/spool/abrt/*
directories.
/etc/abrt/abrt.conf
configuration file, set the WatchCrashdumpArchiveDir
directive to the following:
WatchCrashdumpArchiveDir = /var/spool/abrt-upload/
FTP
or SCP
. For more information on how to configure SCP
, refer to Section 9.3.2, “Using the scp
Utility”.
USERNAME
and the password is PASSWORD
. If you do not already have a suitable username which can be used to perform uploads under, you may use the abrt
user which already exists on every system where ABRT is installed.
MaxCrashReportsSize
directive (in /etc/abrt/abrt.conf
) needs to be set to a larger value if the expected volume of crash data is larger than the default 1000
MB.
ProcessUnpackaged
directive (in /etc/abrt/abrt.conf
) needs to be set to yes
and the BacktraceRemotes
(in /etc/abrt/plugins/CCpp.conf
) needs to be set to no
if the client system and the server system have significantly different sets of installed packages.
/etc/abrt/plugins/ReportUploader.conf
configuration file so that the ReportUploader plugin knows where to copy the saved crash reports in the following way:
Enabled = yes Upload = yes URL = ftp://USERNAME:PASSWORD@SERVERNAME/var/spool/abrt-upload/
[ ActionsAndReporters ]
directive in the /etc/abrt/abrt.conf
configuration file to the following:
ActionsAndReporters = ReportUploader
ReportUploader
to be a reporter plugin for a specific crash type in the [ AnalyzerActionsAndReporters ]
section of the /etc/abrt/abrt.conf
configuration file. The user will be required to run abrt-cli or abrt-gui and instruct the abrtd
daemon to report the crash and send it to the server system. For
example, if you want all crash types to use this method, edit the [ AnalyzerActionsAndReporters ]
section in your /etc/abrt/abrt.conf
configuration file in the following way:
Kerneloops = ReportUploader CCpp = ReportUploader Python = ReportUploader
kill -s SEGV PID
command to terminate a process on a client system. For example, start a sleep
process and terminate it with the kill
command in the following way:
~]$ sleep 100 & [1] 2823 ~]$ kill -s SEGV 2823ABRT should detect a crash shortly after executing the
kill
command. Check that the crash was detected by ABRT on the client system (this can be checked by examining the appropriate syslog file, by running the abrt-cli --list --full
command, or by examining the crash dump created in the /var/spool/abrt
directory), copied to the server system, unpacked on the server system and can be seen and acted upon using abrt-cli
or abrt-gui
on the server system.
FTP
client:
~]$ ftp ftp> open SERVERNAME Name: USERNAME Password: PASSWORD ftp> cd /var/spool/abrt-upload 250 Operation successful ftp> put TESTFILE ftp> quit
TESTFILE
appeared in the correct directory on the server system.
Table of Contents
kdump
Crash Recovery Servicebtrfs
orNFS
.
~]# yum install module-init-tools
lsmod
command:
~]$ lsmod
Module Size Used by
xfs 803635 1
exportfs 3424 1 xfs
vfat 8216 1
fat 43410 1 vfat
tun 13014 2
fuse 54749 2
ip6table_filter 2743 0
ip6_tables 16558 1 ip6table_filter
ebtable_nat 1895 0
ebtables 15186 1 ebtable_nat
ipt_MASQUERADE 2208 6
iptable_nat 5420 1
nf_nat 19059 2 ipt_MASQUERADE,iptable_nat
rfcomm 65122 4
ipv6 267017 33
sco 16204 2
bridge 45753 0
stp 1887 1 bridge
llc 4557 2 bridge,stp
bnep 15121 2
l2cap 45185 16 rfcomm,bnep
cpufreq_ondemand 8420 2
acpi_cpufreq 7493 1
freq_table 3851 2 cpufreq_ondemand,acpi_cpufreq
usb_storage 44536 1
sha256_generic 10023 2
aes_x86_64 7654 5
aes_generic 27012 1 aes_x86_64
cbc 2793 1
dm_crypt 10930 1
kvm_intel 40311 0
kvm 253162 1 kvm_intel
[output truncated]
lsmod
output specifies:
lsmod
output is less verbose and considerably easier to read than the content of the /proc/modules
pseudo-file.
modinfo <module_name>
command.
.ko
extension to the end of the name. Kernel module names do not have extensions: their corresponding files do.
e1000e
module, which is the Intel PRO/1000 network driver, run:
~]#modinfo e1000e
filename: /lib/modules/2.6.32-71.el6.x86_64/kernel/drivers/net/e1000e/e1000e.ko version: 1.2.7-k2 license: GPL description: Intel(R) PRO/1000 Network Driver author: Intel Corporation, <linux.nics@intel.com> srcversion: 93CB73D3995B501872B2982 alias: pci:v00008086d00001503sv*sd*bc*sc*i* alias: pci:v00008086d00001502sv*sd*bc*sc*i* [somealias
lines omitted] alias: pci:v00008086d0000105Esv*sd*bc*sc*i* depends: vermagic: 2.6.32-71.el6.x86_64 SMP mod_unload modversions parm: copybreak:Maximum size of packet that is copied to a new buffer on receive (uint) parm: TxIntDelay:Transmit Interrupt Delay (array of int) parm: TxAbsIntDelay:Transmit Absolute Interrupt Delay (array of int) parm: RxIntDelay:Receive Interrupt Delay (array of int) parm: RxAbsIntDelay:Receive Absolute Interrupt Delay (array of int) parm: InterruptThrottleRate:Interrupt Throttling Rate (array of int) parm: IntMode:Interrupt Mode (array of int) parm: SmartPowerDownEnable:Enable PHY smart power down (array of int) parm: KumeranLockLoss:Enable Kumeran lock loss workaround (array of int) parm: WriteProtectNVM:Write-protect NVM [WARNING: disabling this can lead to corrupted NVM] (array of int) parm: CrcStripping:Enable CRC Stripping, disable if your BMC needs the CRC (array of int) parm: EEE:Enable/disable on parts that support the feature (array of int)
modinfo
output:
.ko
kernel object file. You can use modinfo -n
as a shorcut command for printing only the filename
field.
modinfo -d
as a shortcut command for printing only the description field.
alias
field appears as many times as there are aliases for a module, or is omitted entirely if there are none.
depends
field may be omitted from the output.
parm
field presents one module parameter in the form parameter_name
:description
, where:
parameter_name
is the exact syntax you should use when using it as a module parameter on the command line, or in an option line in a .conf
file in the /etc/modprobe.d/
directory; and,
description
is a brief
explanation of what the parameter does, along with an expectation for
the type of value the parameter accepts (such as int, unit or array of int) in parentheses.
-p
option. However, because useful value type information is omitted from modinfo -p
output, it is more useful to run:
~]# modinfo e1000e |grep "^parm" |sort
parm: copybreak:Maximum size of packet that is copied to a new buffer on receive (uint)
parm: CrcStripping:Enable CRC Stripping, disable if your BMC needs the CRC (array of int)
parm: EEE:Enable/disable on parts that support the feature (array of int)
parm: InterruptThrottleRate:Interrupt Throttling Rate (array of int)
parm: IntMode:Interrupt Mode (array of int)
parm: KumeranLockLoss:Enable Kumeran lock loss workaround (array of int)
parm: RxAbsIntDelay:Receive Absolute Interrupt Delay (array of int)
parm: RxIntDelay:Receive Interrupt Delay (array of int)
parm: SmartPowerDownEnable:Enable PHY smart power down (array of int)
parm: TxAbsIntDelay:Transmit Absolute Interrupt Delay (array of int)
parm: TxIntDelay:Transmit Interrupt Delay (array of int)
parm: WriteProtectNVM:Write-protect NVM [WARNING: disabling this can lead to corrupted NVM] (array of int)
modprobe <module_name>
as root. For example, to load the wacom
module, run:
~]# modprobe wacom
modprobe
attempts to load the module from /lib/modules/<kernel_version>
/kernel/drivers/
. In this directory, each type of module has its own subdirectory, such as net/
and scsi/
, for network and SCSI interface drivers respectively.
modprobe
command always takes dependencies into account when performing operations. When you ask modprobe
to load a specific kernel module, it first examines the dependencies of
that module, if there are any, and loads them if they are not already
loaded into the kernel. modprobe
resolves
dependencies recursively: it will load all dependencies of dependencies,
and so on, if necessary, thus ensuring that all dependencies are always
met.
-v
(i.e. --verbose
) option to cause modprobe
to display detailed information about what it is doing, which may
include loading module dependencies. Here's an example of loading the Fibre Channel over Ethernet
module verbosely:
~]# modprobe -v fcoe
insmod /lib/modules/2.6.32-71.el6.x86_64/kernel/drivers/scsi/scsi_tgt.ko
insmod /lib/modules/2.6.32-71.el6.x86_64/kernel/drivers/scsi/scsi_transport_fc.ko
insmod /lib/modules/2.6.32-71.el6.x86_64/kernel/drivers/scsi/libfc/libfc.ko
insmod /lib/modules/2.6.32-71.el6.x86_64/kernel/drivers/scsi/fcoe/libfcoe.ko
insmod /lib/modules/2.6.32-71.el6.x86_64/kernel/drivers/scsi/fcoe/fcoe.ko
modprobe
loaded the scsi_tgt
, scsi_transport_fc
, libfc
and libfcoe
modules as dependencies before finally loading fcoe
. Also note that modprobe
used the more “primitive” insmod
command to insert the modules into the running kernel.
insmod
command can also be used to load kernel modules, it does not resolve dependencies. Because of this, you should always load modules using modprobe
instead.
modprobe -r <module_name>
as root. For example, assuming that the wacom
module is already loaded into the kernel, you can unload it by running:
~]# modprobe -r wacom
wacom
module,
wacom
directly depends on, or,
wacom
—through the dependency tree—depends on indirectly.
lsmod
to obtain the names of the modules which are preventing you from unloading a certain module.
firewire_ohci
module because (because you believe there is a bug in it that is
affecting system stability, for example), your terminal session might
look similar to this:
~]#modinfo -F depends firewire_ohci
depends: firewire-core ~]#modinfo -F depends firewire_core
depends: crc-itu-t ~]#modinfo -F depends crc-itu-t
depends:
firewire_ohci
depends on firewire_core
, which itself depends on crc-itu-t
.
firewire_ohci
using the modprobe -v -r <module_name>
command, where -r
is short for --remove
and -v
for --verbose
:
~]# modprobe -r -v firewire_ohci
rmmod /lib/modules/2.6.32-71.el6.x86_64/kernel/drivers/firewire/firewire-ohci.ko
rmmod /lib/modules/2.6.32-71.el6.x86_64/kernel/drivers/firewire/firewire-core.ko
rmmod /lib/modules/2.6.32-71.el6.x86_64/kernel/lib/crc-itu-t.ko
rmmod
command can be used to unload kernel modules, it is recommended to use modprobe -r
instead.
modprobe -r
, and then load it with modprobe
along with a list of customized parameters. This method is often used
when the module does not have many dependencies, or to test different
combinations of parameters without making them persistent, and is the
method covered in this section.
/etc/modprobe.d/
directory. This method makes the module parameters persistent by
ensuring that they are set each time the module is loaded, such as after
every reboot or modprobe
command. This method is covered in Section 22.6, “Persistent Module Loading”, though the following information is a prerequisite.
modprobe
to load a kernel module with custom parameters using the following command line format:
~]# modprobe <module_name>
[parameter
=value
]
modprobe
will incorrectly interpret the values following spaces as additional parameters.
modprobe
command silently succeeds with an exit status of 0
if:
modprobe
command does not automatically reload the module, or alert you that it is already loaded.
e1000e
module, which is the network driver for Intel PRO/1000 network adapters, as an example:
~]# lsmod |grep e1000e
~]#
~]# modprobe e1000e InterruptThrottleRate=3000,3000,3000 EEE=1
<file_name>
.modules
file in the /etc/sysconfig/modules/
directory, where <file_name>
is any descriptive name of your choice. Your <file_name>
.modules
files are treated by the system startup scripts as shell scripts, and as such should begin with an interpreter directive (also called a “bang line”) as their first line:
file_name
.modules file#!/bin/sh
<file_name>
.modules
file should be executable. You can make it executable by running:
modules]# chmod +x <file_name>
.modules
bluez-uinput.modules
script loads the uinput
module:
#!/bin/sh if [ ! -c /dev/input/uinput ] ; then exec /sbin/modprobe uinput >/dev/null 2>&1 fi
if
-conditional statement on the third line ensures that the /dev/input/uinput
file does not already exist (the !
symbol negates the condition), and, if that is the case, loads the uinput
module by calling exec /sbin/modprobe uinput
. Note that the uinput
module creates the /dev/input/uinput
file, so testing to see if that file exists serves as verification of whether the uinput
module is loaded into the kernel.
>/dev/null 2>&1
clause at the end of that line simply redirects any output to /dev/null
so that the modprobe
command remains quiet.
alias
and, possibly, options
lines for each card in a user-created <module_name>
.conf
file in the /etc/modprobe.d/
directory.
bonding
kernel module and a special network interface, called a channel bonding interface.
Channel bonding enables two or more network interfaces to act as one,
simultaneously increasing the bandwidth and providing redundancy.
<bonding>
.conf
in the /etc/modprobe.d/
directory. Note that you can name this file anything you like as long as it ends with a .conf
extension. Insert the following line in this new file:
alias bond<N>
bonding
<N>
with the interface number, such as 0
. For each configured channel bonding interface, there must be a corresponding entry in your new /etc/modprobe.d/<bonding>
.conf
file.
miimon
or arp_interval
and the arp_ip_target
parameters. Refer to Section 22.7.2.1, “Bonding Module Directives” for a list of available options and how to quickly determine the best ones for your bonded interface.
BONDING_OPTS="<bonding parameters>
"
directive in your bonding interface configuration file (ifcfg-bond0
for example). Parameters to bonded interfaces can be configured without
unloading (and reloading) the bonding module by manipulating files in
the sysfs
file system.
sysfs
is a virtual file system that represents kernel objects as directories, files and symbolic links. sysfs
can be used to query for information about kernel objects, and can also
manipulate those objects through the use of normal file system
commands. The sysfs
virtual file system has a line in /etc/fstab
, and is mounted under the /sys/
directory. All bonding interfaces can be configured dynamically by interacting with and manipulating files under the /sys/class/net/
directory.
ifcfg-bond0
and inserted SLAVE=yes
and MASTER=bond0
directives in the configuration files for each interface bonded to bond0 following the instructions in Section 4.2.2, “Channel Bonding Interfaces”, you can proceed to testing and determining the best parameters for your bonding interface.
ifconfig bond<N>
up
as root:
~]# ifconfig bond0 up
ifcfg-bond0
bonding interface file, you will be able to see bond0
listed in the output of running ifconfig
(without any options):
~]# ifconfig
bond0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
eth0 Link encap:Ethernet HWaddr 52:54:00:26:9E:F1
inet addr:192.168.122.251 Bcast:192.168.122.255 Mask:255.255.255.0
inet6 addr: fe80::5054:ff:fe26:9ef1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:207 errors:0 dropped:0 overruns:0 frame:0
TX packets:205 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:70374 (68.7 KiB) TX bytes:25298 (24.7 KiB)
[output truncated]
~]# cat /sys/class/net/bonding_masters
bond0
/sys/class/net/bond<N>
/bonding/
directory. First, the bond you are configuring must be taken down:
~]# ifconfig bond0 down
~]# echo 1000 > /sys/class/net/bond0/bonding/miimon
balance-alb
mode, you could run either:
~]# echo 6 > /sys/class/net/bond0/bonding/mode
~]# echo balance-alb > /sys/class/net/bond0/bonding/mode
ifconfig bond<N>
up
. If you decide to change the options, take the interface down, modify its parameters using sysfs
, bring it back up, and re-test.
BONDING_OPTS=
directive of the /etc/sysconfig/network-scripts/ifcfg-bond<N>
file for the bonding interface you are configuring. Whenever that bond
is brought up (for example, by the system during the boot sequence if
the ONBOOT=yes
directive is set), the bonding options specified in the BONDING_OPTS
will take effect for that bond. For more information on configuring bonding interfaces (and BONDING_OPTS
), refer to Section 4.2.2, “Channel Bonding Interfaces”.
parm
in modinfo bonding
output, or the exhaustive descriptions in the bonding.txt
file in the kernel-doc package (see Section 22.8, “Additional Resources”).
arp_interval=<time_in_milliseconds>
arp_interval
and arp_ip_target
parameters are specified, or, alternatively, the miimon
parameter is specified. Failure to do so can cause degradation of network performance in the event that a link fails.
mode=0
or mode=1
(the two load-balancing modes), the network switch must be configured
to distribute packets evenly across the NICs. For more information on
how to accomplish this, refer to /usr/share/doc/kernel-doc-<kernel_version>
/Documentation/networking/bonding.txt
0
by default, which disables it.
arp_ip_target=<ip_address>
[,<ip_address_2>
,…<ip_address_16>
]
arp_interval
parameter is enabled. Up to 16 IP addresses can be specified in a comma separated list.
arp_validate=<value>
none
. Other valid values are active
, backup
, and all
.
debug=<number>
0
— Debug messages are disabled. This is the default.
1
— Debug messages are enabled.
downdelay=<time_in_milliseconds>
miimon
parameter. The value is set to 0
by default, which disables it.
<value>
slow
or 0
— Default setting. This specifies that partners should transmit LACPDUs every 30 seconds.
fast
or 1
— Specifies that partners should transmit LACPDUs every 1 second.
miimon=<time_in_milliseconds>
~]# ethtool <interface_name>
| grep "Link detected:"
<interface_name
> with the name of the device interface, such as eth0
, not the bond interface. If MII is supported, the command returns:
Link detected: yes
0
(the default), turns this feature off. When configuring this setting, a good starting point for this parameter is 100
.
arp_interval
and arp_ip_target
parameters are specified, or, alternatively, the miimon
parameter is specified. Failure to do so can cause degradation of network performance in the event that a link fails.
mode=<value>
<value>
is one of:
balance-rr
or 0
— Sets a round-robin policy for fault tolerance and load balancing.
Transmissions are received and sent out sequentially on each bonded
slave interface beginning with the first one available.
active-backup
or 1
— Sets an active-backup policy for fault tolerance. Transmissions are
received and sent out via the first available bonded slave interface.
Another bonded slave interface is only used if the active bonded slave
interface fails.
balance-xor
or 2
— Sets an XOR (exclusive-or) policy for fault tolerance and load
balancing. Using this method, the interface matches up the incoming
request's MAC address with the MAC address for one of the slave NICs.
Once this link is established, transmissions are sent out sequentially
beginning with the first available interface.
broadcast
or 3
— Sets a broadcast policy for fault tolerance. All transmissions are sent on all slave interfaces.
802.3ad
or 4
— Sets an IEEE 802.3ad dynamic link aggregation policy. Creates
aggregation groups that share the same speed and duplex settings.
Transmits and receives on all slaves in the active aggregator. Requires a
switch that is 802.3ad compliant.
balance-tlb
or 5
— Sets a Transmit Load Balancing (TLB) policy for fault tolerance and
load balancing. The outgoing traffic is distributed according to the
current load on each slave interface. Incoming traffic is received by
the current slave. If the receiving slave fails, another slave takes
over the MAC address of the failed slave.
balance-alb
or 6
— Sets an Active Load Balancing (ALB) policy for fault tolerance and
load balancing. Includes transmit and receive load balancing for IPV4
traffic. Receive load balancing is achieved through ARP negotiation.
num_unsol_na=<number>
0 - 255
; the default value is 1
. This parameter affects only the active-backup mode.
primary=<interface_name>
eth0
, of the primary device. The primary
device is the first of the bonding interfaces to be used and is not
abandoned unless it fails. This setting is particularly useful when one
NIC in the bonding interface is faster and, therefore, able to handle a
bigger load.
active-backup
mode. Refer to /usr/share/doc/kernel-doc-<kernel-version>
/Documentation/networking/bonding.txt
for more information.
primary_reselect=<value>
always
or 0
(default) — The primary slave becomes the active slave whenever it comes back up.
better
or 1
— The primary slave becomes the active slave when it comes back up, if
the speed and duplex of the primary slave is better than the speed and
duplex of the current active slave.
failure
or 2
— The primary slave becomes the active slave only if the current active slave fails and the primary slave is up.
primary_reselect
setting is ignored in two cases:
primary_reselect
policy via sysfs
will cause an immediate selection of the best active slave according to
the new policy. This may or may not result in a change of the active
slave, depending upon the circumstances
updelay=<time_in_milliseconds>
miimon
parameter. The value is set to 0
by default, which disables it.
use_carrier=<number>
miimon
should use MII/ETHTOOL ioctls or netif_carrier_ok()
to determine the link state. The netif_carrier_ok()
function relies on the device driver to maintains its state with netif_carrier_on/off
; most device drivers support this function.
netif_carrier_on/off
.
1
— Default setting. Enables the use of netif_carrier_ok()
.
0
— Enables the use of MII/ETHTOOL ioctls.
netif_carrier_on/off
.
xmit_hash_policy=<value>
balance-xor
and 802.3ad
modes. Possible values are:
0
or layer2
— Default setting. This parameter uses the XOR of hardware MAC addresses to generate the hash. The formula used is:
(<source_MAC_address>
XOR<destination_MAC>
) MODULO<slave_count>
1
or layer3+4
— Uses upper layer protocol information (when available) to generate
the hash. This allows for traffic to a particular network peer to span
multiple slaves, although a single connection will not span multiple
slaves.
((<source_port>
XOR<dest_port>
) XOR ((<source_IP>
XOR<dest_IP>
) AND0xffff
) MODULO<slave_count>
layer2
transmit hash policy.
2
or layer2+3
— Uses a combination of layer2 and layer3 protocol information to generate the hash.
(((<source_IP>
XOR<dest_IP>
) AND0xffff
) XOR (<source_MAC>
XOR<destination_MAC>
)) MODULO<slave_count>
man lsmod
— The lsmod
manual page contains usage information and explanation of all options.
man modinfo
— The modinfo
manual page contains usage information and explanation of all options.
man modprobe
— The modprobe
manual page contains usage information and explanation of all options.
man rmmod
— The rmmod
manual page contains usage information and explanation of all options.
man ethtool
— The ethtool
manual page contains usage information and explanation of all options.
man mii-tool
— The mii-tool
manual page contains usage information and explanation of all options.
/usr/share/doc/kernel-doc-<kernel_version>
/Documentation/
— This directory, which is provided by the kernel-doc
package, contains information on the kernel, kernel modules, and their
respective parameters. Before accessing the kernel documentation, you
must run the following command as root:
~]# yum install kernel-doc
[4]
Despite what the example might imply, Energy Efficient Ethernet is turned on by default in the e1000e
driver.
rpm
command instead of yum
.
/usr/share/doc/kernel-doc-<kernel_version>
/
directory.
VFAT
file system. You can create bootable USB media on media formatted as ext2
, ext3
, or VFAT
.
4 GB
is required for a distribution DVD image, around 700 MB
for a distribution CD image, or around 10 MB
for a minimal boot media image.
boot.iso
file from a Red Hat Enterprise Linux installation DVD, or installation
CD-ROM#1, and you need a USB storage device formatted with the VFAT
file system and around 16 MB
of free space. The following procedure will not affect existing files
on the USB storage device unless they have the same path names as the
files that you copy onto it. To create USB boot media, perform the
following commands as the root user:
~]# syslinux /dev/sdX1
sdX
is the device name.
boot.iso
and the USB storage device:
~]# mkdir /mnt/isoboot /mnt/diskboot
boot.iso
:
~]# mount -o loop boot.iso /mnt/isoboot
~]# mount /dev/<sdX1>
/mnt/diskboot
boot.iso
to the USB storage device:
~]# cp /mnt/isoboot/isolinux/* /mnt/diskboot
isolinux.cfg
file from boot.iso
as the syslinux.cfg
file for the USB device:
~]# grep -v local /mnt/isoboot/isolinux/isolinux.cfg > /mnt/diskboot/syslinux.cfg
boot.iso
and the USB storage device:
~]# umount /mnt/isoboot /mnt/diskboot
mkbootdisk
command as root. Refer to man mkbootdisk
man page after installing the package for usage information.
yum list installed "kernel-*"
at a shell prompt. The output will comprise some or all of the
following packages, depending on the system's architecture, and the
version numbers may differ:
~]# yum list installed "kernel-*"
kernel.x86_64 2.6.32-17.el6 installed
kernel-doc.noarch 2.6.32-17.el6 installed
kernel-firmware.noarch 2.6.32-17.el6 installed
kernel-headers.x86_64 2.6.32-17.el6 installed
-i
argument with the rpm
command to keep the old kernel. Do not use the -U
option, since it overwrites the currently installed kernel, which creates boot loader problems. For example:
~]# rpm -ivh kernel-<kernel_version>
.<arch>
.rpm
initramfs
by running the dracut
command. However, you usually don't need to create an initramfs
manually: this step is automatically performed if the kernel and its
associated packages are installed or upgraded from RPM packages
distributed by Red Hat.
initramfs
corresponding to your current kernel version exists and is specified correctly in the grub.conf
configuration file by following this procedure:
/boot/
directory and find the kernel (vmlinuz-<kernel_version>
) and initramfs-<kernel_version>
with the latest (most recent) version number:
~]# ls /boot/
config-2.6.32-17.el6.x86_64 lost+found
config-2.6.32-19.el6.x86_64 symvers-2.6.32-17.el6.x86_64.gz
config-2.6.32-22.el6.x86_64 symvers-2.6.32-19.el6.x86_64.gz
efi symvers-2.6.32-22.el6.x86_64.gz
grub System.map-2.6.32-17.el6.x86_64
initramfs-2.6.32-17.el6.x86_64.img System.map-2.6.32-19.el6.x86_64
initramfs-2.6.32-19.el6.x86_64.img System.map-2.6.32-22.el6.x86_64
initramfs-2.6.32-22.el6.x86_64.img vmlinuz-2.6.32-17.el6.x86_64
initrd-2.6.32-17.el6.x86_64kdump.img vmlinuz-2.6.32-19.el6.x86_64
initrd-2.6.32-19.el6.x86_64kdump.img vmlinuz-2.6.32-22.el6.x86_64
initrd-2.6.32-22.el6.x86_64kdump.img
/boot/
),
vmlinuz-2.6.32-22.el6.x86_64
, and
initramfs
file matching our kernel version, initramfs-2.6.32-22.el6.x86_64kdump.img
, also exists.
/boot/
directory you may find several initrd-<version>
kdump.img
files. These are special files created by the Kdump mechanism for kernel debugging purposes, are not used to boot the system, and can safely be ignored.
initramfs-<kernel_version>
file does not match the version of the latest kernel in /boot/
, or, in certain other situations, you may need to generate an initramfs
file with the Dracut utility. Simply invoking dracut
as root without options causes it to generate an initramfs
file in the /boot/
directory for the latest kernel present in that directory:
~]# dracut
--force
option if you want dracut
to overwrite an existing initramfs
(for example, if your initramfs
has become corrupt). Otherwise dracut
will refuse to overwrite the existing initramfs
file:
~]# dracut
Will not override existing initramfs (/boot/initramfs-2.6.32-22.el6.x86_64.img) without --force
dracut <initramfs_name>
<kernel_version>
:
~]# dracut "initramfs-$(uname -r).img" $(uname -r)
.ko
) inside the parentheses of the add_dracutmodules="<module>
[<more_modules>
]"
directive of the /etc/dracut.conf
configuration file. You can list the file contents of an initramfs
image file created by dracut by using the lsinitrd <initramfs_file>
command:
~]# lsinitrd initramfs-2.6.32-22.el6.x86_64.img
initramfs-2.6.32-22.el6.x86_64.img:
========================================================================
dracut-004-17.el6
========================================================================
drwxr-xr-x 23 root root 0 May 3 22:34 .
drwxr-xr-x 2 root root 0 May 3 22:33 proc
-rwxr-xr-x 1 root root 7575 Mar 25 19:53 init
drwxr-xr-x 7 root root 0 May 3 22:34 etc
drwxr-xr-x 2 root root 0 May 3 22:34 etc/modprobe.d
[output truncated]
man dracut
and man dracut.conf
for more information on options and usage.
grub.conf
configuration file in the /boot/grub/
directory to ensure that an initrd initramfs-<kernel_version>
.img
exists for the kernel version you are booting. Refer to Section 23.6, “Verifying the Boot Loader” for more information.
addRamDisk
command. This step is performed automatically if the kernel and its
associated packages are installed or upgraded from the RPM packages
distributed by Red Hat; thus, it does not need to be executed manually.
To verify that it was created, use the command ls -l /boot/
to make sure the /boot/vmlinitrd-<kernel_version>
file already exists (the <kernel_version>
should match the version of the kernel just installed).
rpm
, the kernel package creates an entry in the boot loader configuration file for that new kernel. However, rpm
does not configure the new kernel to boot as the default kernel. You must do this manually when installing a new kernel with rpm
.
rpm
to ensure that the configuration is correct. Otherwise, the system may
not be able to boot into Red Hat Enterprise Linux properly. If this
happens, boot the system with the boot media created earlier and
re-configure the boot loader.
Architecture | Boot Loader | Refer to |
---|---|---|
x86 | GRUB | Section 23.6.1, “Configuring the GRUB Boot Loader” |
AMD® AMD64 or Intel 64® | GRUB | Section 23.6.1, “Configuring the GRUB Boot Loader” |
IBM® eServer™ System i™ | OS/400® | Section 23.6.2, “Configuring the OS/400® Boot Loader” |
IBM® eServer™ System p™ | YABOOT | Section 23.6.3, “Configuring the YABOOT Boot Loader” |
IBM® System z® | z/IPL |
/boot/grub/grub.conf
, contains a few lines with directives, such as default
, timeout
, splashimage
and hiddenmenu
(the last directive has no argument). The remainder of the file contains 4-line stanzas that each refer to an installed kernel. These stanzas always start with a title
entry, after which the associated root
, kernel
and initrd
directives should always be indented. Ensure that each stanza starts with a title
that contains a version number (in parentheses) that matches the version number in the kernel /vmlinuz-<version_number>
line of the same stanza.
# grub.conf generated by anaconda
[comments omitted]
default=1
timeout=0
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux (2.6.32-22.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-22.el6.x86_64 ro root=/dev/mapper/vg_vm6b-lv_root rd_LVM_LV=vg_vm6b/lv_root rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rhgb quiet crashkernel=auto
initrd /initramfs-2.6.32-22.el6.x86_64.img
title Red Hat Enterprise Linux (2.6.32-19.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-19.el6.x86_64 ro root=/dev/mapper/vg_vm6b-lv_root rd_LVM_LV=vg_vm6b/lv_root rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rhgb quiet crashkernel=auto
initrd /initramfs-2.6.32-19.el6.x86_64.img
title Red Hat Enterprise Linux 6 (2.6.32-17.el6.x86_64)
root (hd0,0)
kernel /vmlinuz-2.6.32-17.el6.x86_64 ro root=/dev/mapper/vg_vm6b-lv_root rd_LVM_LV=vg_vm6b/lv_root rd_NO_LUKS rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYBOARDTYPE=pc KEYTABLE=us rhgb quiet
initrd /initramfs-2.6.32-17.el6.x86_64.img
/boot/
partition was created, the paths to the kernel and the initramfs
image are relative to /boot/
. This is the case in Example 23.2, “/boot/grub/grub.conf”, above. Therefore the initrd /initramfs-2.6.32-22.el6.x86_64.img
line in the first kernel stanza means that the initramfs
image is actually located at /boot/initramfs-2.6.32-22.el6.x86_64.img
when the root file system is mounted, and likewise for the kernel path (for example: kernel /vmlinuz-2.6.32-22.el6.x86_64
) in each stanza of grub.conf
.
grub.conf
, the initrd
directive must point to the location (relative to the /boot/
directory if it is on a separate partition), of the initramfs
file corresponding to the same kernel version. This directive is called initrd
because the previous tool which created initial RAM disk images, mkinitrd
, created what were known as initrd
files. Thus the grub.conf
directive remains initrd
to maintain compatibility with other tools. The file-naming convention of systems using the dracut
utility to create the initial RAM disk image is: initramfs-<kernel_version>
.img
mkinitrd
. For information on using Dracut, refer to Section 23.5, “Verifying the Initial RAM Disk Image”.
kernel /vmlinuz-<kernel_version>
line matches the version number of the initramfs
image given on the initrd /initramfs-<kernel_version>
.img
line of each stanza. Refer to Procedure 23.1, “Verifying the Initial RAM Disk Image” for more information.
default=
directive tells GRUB which kernel to boot by default. Each title
in grub.conf
represents a bootable kernel. GRUB counts the title
d stanzas representing bootable kernels starting with 0
. In Example 23.2, “/boot/grub/grub.conf”, the line default=1
indicates that GRUB will boot, by default, the second kernel entry, i.e. title Red Hat Enterprise Linux (2.6.32-19.el6.x86_64)
.
title
entry in grub.conf
, we would need to change the default
value to 0
.
rpm
, verify that /boot/grub/grub.conf
is correct, change the default=
value to the new kernel (while remembering to count from 0
), and reboot the computer into the new kernel. Ensure your hardware is detected by watching the boot process output.
timeout
directive in grub.conf
to 0
,
GRUB will not display its list of bootable kernels when the system
starts up. In order to display this list when booting, press and hold
any alphanumeric key while and immediately after BIOS information is
displayed, and GRUB will present you with the GRUB menu.
/boot/vmlinitrd-<kernel-version>
file is installed when you upgrade the kernel. However, you must use the dd
command to configure the system to boot the new kernel.
cat /proc/iSeries/mf/side
to determine the default side (either A, B, or C).
<kernel-version>
is the version of the new kernel and <side>
is the side from the previous command:
dd if=/boot/vmlinitrd-<kernel-version>
of=/proc/iSeries/mf/<side>
/vmlinux bs=8k
/etc/aboot.conf
as its configuration file. Confirm that the file contains an image
section with the same version as the kernel package just installed, and likewise for the initramfs
image:
boot=/dev/sda1 init-message=Welcome to Red Hat Enterprise Linux! Hit <TAB> for boot options partition=2 timeout=30 install=/usr/lib/yaboot/yaboot delay=10 nonvram image=/vmlinuz-2.6.32-17.EL label=old read-only initrd=/initramfs-2.6.32-17.EL.img append="root=LABEL=/" image=/vmlinuz-2.6.32-19.EL label=linux read-only initrd=/initramfs-2.6.32-19.EL.img append="root=LABEL=/"
default
and set it to the label
of the image stanza that contains the new kernel.
kdump
Crash Recovery Servicekdump
is an advanced crash dumping
mechanism. When enabled, the system is booted from the context of
another kernel. This second kernel reserves a small amount of memory,
and its only purpose is to capture the core dump image in case the
system crashes. Since being able to analyze the core dump helps
significantly to determine the exact cause of the system failure, it is
strongly recommended to have this feature enabled.
kdump
service in Red Hat Enterprise Linux, and provides a brief overview of how to analyze the resulting core dump using the crash debugging utility.
kdump
Servicekdump
service: at the first boot, using the Kernel Dump Configuration
graphical utility, and doing so manually on the command line. It also
describes how to test the configuration to verify that everything works
as expected.
kdump
service, you must have the kexec-tools package installed. Refer to Section 1.2.2, “Installing” for more information on how to install new packages in Red Hat Enterprise Linux.
kdump
at First Bootkdump
, navigate to the Kdump section, and follow the instructions below.
kdump
crash recovery is enabled, the minimum memory requirements increase by
the amount of memory reserved for it. This value is determined by a
user, and defaults to 128 MB.
kdump
daemon at boot time, select the Enable kdump? check box. This will enable the service for runlevels 2
, 3
, 4
, and 5
,
and start it for the current session. Similarly, unselecting the check
box will disable it for all runlevels and stop the service immediately.
kdump
kernel, click the up and down arrow buttons next to the Kdump Memory field to increase or decrease the value. Notice that the Usable System Memory field changes accordingly showing you the remaining memory that will be available to the system.
system-config-kdump
at a shell prompt (for example, xterm or GNOME Terminal). You will be presented with a window as shown in Figure 24.1, “Basic Settings”.
kdump
as well as to enable or disable starting the service at boot time. When you are done, click
to save the changes. The system reboot will be requested, and unless
you are already authenticated, you will be prompted to enter the
superuser password.
kdump
crash recovery is enabled, the minimum memory requirements increase by
the amount of memory reserved for it. This value is determined by a
user, and defaults to 128 MB.
kdump
daemon at boot time, click the button on the toolbar. This will enable the service for runlevels 2
, 3
, 4
, and 5
, and start it for the current session. Similarly, clicking the button will disable it for all runlevels and stop the service immediately.
kdump
kernel. To do so, select the Manual kdump memory settings radio button, and click the up and down arrow buttons next to the New kdump Memory field to increase or decrease the value. Notice that the Usable Memory field changes accordingly showing you the remaining memory that will be available to the system.
vmcore
dump. It can be either stored as a file in a local file system, written
directly to a device, or sent over a network using the NFS (Network
File System) or SSH (Secure Shell) protocol.
hpsa
Driver for a Storagehpsa
driver, kdump
is unable to save the dump to a storage that uses this driver for HP
Smart Array Controllers. If this applies to your machine, it is advised
that you save the dump to a remote system using the NFS or SSH protocol
instead.
vmcore
dump.
makedumpfile
core collector, edit the Core collector text field; see Section 24.1.3.3, “Configuring the Core Collector” for more information.
kdump
on the Command Line~]$ su -
Password:
kdump
kernel, open the /boot/grub/grub.conf
file in a text editor such as vi or nano, and add the crashkernel=<size>
M
parameter to the list of kernel options as shown in Example 24.1, “A sample /boot/grub/grub.conf
file”.
/boot/grub/grub.conf
file# grub.conf generated by anaconda # # Note that you do not have to rerun grub after making changes to this file # NOTICE: You have a /boot partition. This means that # all kernel and initrd paths are relative to /boot/, eg. # root (hd0,0) # kernel /vmlinuz-version ro root=/dev/sda3 # initrd /initrd #boot=/dev/sda default=0 timeout=5 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu title Red Hat Enterprise Linux (2.6.32-54.el6.i686) root (hd0,0) kernel /boot/vmlinuz-2.6.32-54.el6.i686 root=/dev/sda3 ro crashkernel=128M initrd /initramfs-2.6.32-54.el6.i686.img
kdump
crash recovery is
enabled, the minimum memory requirements increase by the amount of
memory reserved for it. This value is determined by a user, and defaults
to 128 MB, as lower values proved to be unreliable. For more
information on minimum memory requirements for Red Hat Enterprise Linux
6, refer to the Required minimums section of the Red Hat Enterprise Linux comparison chart.
vmcore
file in the /var/crash/
directory of the local file system. To change this, open the /etc/kdump.conf
configuration file in a text editor such as vi or nano, and edit the options as described below.
#path /var/crash
line, and replace the value with a desired directory path. Optionally,
if you wish to write the file to a different partition, follow the same
procedure with the #ext4 /dev/sda3
line as
well, and change both the file system type and the device (a device
name, a file system label, and UUID are all supported) accordingly. For
example:
ext3 /dev/sda4 path /usr/local/cores
#raw /dev/sda5
line, and replace the value with a desired device name. For example:
raw /dev/sdb1
#net my.server.com:/export/tmp
line, and replace the value with a valid hostname and directory path. For example:
net penguin.example.com:/export/cores
#net user@my.server.com
line, and replace the value with a valid username and hostname. For example:
net john@penguin.example.com
hpsa
Driver for a Storagehpsa
driver, kdump
is unable to save the dump to a storage that uses this driver for HP
Smart Array Controllers. If this applies to your machine, it is advised
that you save the dump to a remote system using the NFS or SSH protocol
instead.
vmcore
dump file, kdump
allows you to specify an external application (that is, a core
collector) to compress the data, and optionally leave out all irrelevant
information. Currently, the only fully supported core collector is makedumpfile
.
/etc/kdump.conf
configuration file in a text editor such as vi or nano, remove the hash sign (“#”) from the beginning of the #core_collector makedumpfile -c --message-level 1 -d 31
line, and edit the command line options as described below.
-c
parameter. For example:
core_collector makedumpfile -c
-d value
parameter, where value
is a sum of values of pages you want to omit as described in Table 24.1, “Supported filtering levels”. For example, to remove both zero and free pages, use the following:
core_collector makedumpfile -d 17 -c
makedumpfile
for a complete list of available options.
Option | Description |
---|---|
1
| Zero pages |
2
| Cache pages |
4
| Cache private |
8
| User pages |
16
| Free pages |
/sbin/init
is run. To change this behavior, open the /etc/kdump.conf
configuration file in a text editor such as vi or nano, remove the hash sign (“#”) from the beginning of the #default shell
line, and replace the value with a desired action as described in Table 24.2, “Supported actions”. For example:
default halt
Option | Description |
---|---|
reboot
| Reboot the system, losing the core in the process. |
halt
| After attempting to capture a core, halt the system no matter if it succeeded. |
poweroff
| Power off the system. |
shell
| Run the msh session from within the initramfs, allowing a user to record the core manually. |
kdump
daemon at boot time, type the following at a shell prompt:
~]# chkconfig kdump on
2
, 3
, 4
, and 5
. Similarly, typing chkconfig kdump off
will disable it for all runlevels. To start the service in the current session, use the following command:
~]# service kdump start
No kdump initial ramdisk found. [WARNING]
Rebuilding /boot/initrd-2.6.32-54.el6.i686kdump.img
Starting kdump: [ OK ]
kdump
enabled, and make sure that the service is running (refer to Section 7.3, “Running the Services” for more information on how to run a service in Red Hat Enterprise Linux):
~]# service kdump status
Kdump is operational
~]#echo 1 > /proc/sys/kernel/sysrq
~]#echo c > /proc/sysrq-trigger
address
-YYYY-MM-DD
-HH:MM:SS
/vmcore
file will be copied to the location you have selected in the configuration (that is, to /var/crash/
by default).
/var/crash/
after a crash~]# tree --charset=ascii /var/crash
/var/crash
`-- 127.0.0.1-2010-08-25-08:45:02
`-- vmcore
1 directory, 1 file
netdump
, diskdump
, xendump
, or kdump
. When started, it presents you with an interactive prompt very similar to the GNU Debugger (GDB).
vmcore
dump file, you must have the crash and kernel-debuginfo packages installed. To do so, type the following at a shell prompt:
~]# yum install --enablerepo=rhel-debuginfo crash kernel-debuginfo
crash /var/crash/timestamp
/vmcore /usr/lib/debug/lib/modules/kernel
/vmlinux
kernel
version should be the same that was captured by kdump
. To find out which kernel you are currently running, use the uname -r
command.
crash
utility~]#crash /usr/lib/debug/lib/modules/2.6.32-69.el6.i686/vmlinux \
/var/crash/127.0.0.1-2010-08-25-08:45:02/vmcore
crash 5.0.0-23.el6 Copyright (C) 2002-2010 Red Hat, Inc. Copyright (C) 2004, 2005, 2006 IBM Corporation Copyright (C) 1999-2006 Hewlett-Packard Co Copyright (C) 2005, 2006 Fujitsu Limited Copyright (C) 2006, 2007 VA Linux Systems Japan K.K. Copyright (C) 2005 NEC Corporation Copyright (C) 1999, 2002, 2007 Silicon Graphics, Inc. Copyright (C) 1999, 2000, 2001, 2002 Mission Critical Linux, Inc. This program is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Enter "help copying" to see the conditions. This program has absolutely no warranty. Enter "help warranty" for details. GNU gdb (GDB) 7.0 Copyright (C) 2009 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu"... KERNEL: /usr/lib/debug/lib/modules/2.6.32-69.el6.i686/vmlinux DUMPFILE: /var/crash/127.0.0.1-2010-08-25-08:45:02/vmcore [PARTIAL DUMP] CPUS: 4 DATE: Wed Aug 25 08:44:47 2010 UPTIME: 00:09:02 LOAD AVERAGE: 0.00, 0.01, 0.00 TASKS: 140 NODENAME: hp-dl320g5-02.lab.bos.redhat.com RELEASE: 2.6.32-69.el6.i686 VERSION: #1 SMP Tue Aug 24 10:31:45 EDT 2010 MACHINE: i686 (2394 Mhz) MEMORY: 8 GB PANIC: "Oops: 0002 [#1] SMP " (check log for details) PID: 5591 COMMAND: "bash" TASK: f196d560 [THREAD_INFO: ef4da000] CPU: 2 STATE: TASK_RUNNING (PANIC) crash>
exit
.
log
command at the interactive prompt.
crash> log
... several lines omitted ...
EIP: 0060:[<c068124f>] EFLAGS: 00010096 CPU: 2
EIP is at sysrq_handle_crash+0xf/0x20
EAX: 00000063 EBX: 00000063 ECX: c09e1c8c EDX: 00000000
ESI: c0a09ca0 EDI: 00000286 EBP: 00000000 ESP: ef4dbf24
DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
Process bash (pid: 5591, ti=ef4da000 task=f196d560 task.ti=ef4da000)
Stack:
c068146b c0960891 c0968653 00000003 00000000 00000002 efade5c0 c06814d0
<0> fffffffb c068150f b7776000 f2600c40 c0569ec4 ef4dbf9c 00000002 b7776000
<0> efade5c0 00000002 b7776000 c0569e60 c051de50 ef4dbf9c f196d560 ef4dbfb4
Call Trace:
[<c068146b>] ? __handle_sysrq+0xfb/0x160
[<c06814d0>] ? write_sysrq_trigger+0x0/0x50
[<c068150f>] ? write_sysrq_trigger+0x3f/0x50
[<c0569ec4>] ? proc_reg_write+0x64/0xa0
[<c0569e60>] ? proc_reg_write+0x0/0xa0
[<c051de50>] ? vfs_write+0xa0/0x190
[<c051e8d1>] ? sys_write+0x41/0x70
[<c0409adc>] ? syscall_call+0x7/0xb
Code: a0 c0 01 0f b6 41 03 19 d2 f7 d2 83 e2 03 83 e0 cf c1 e2 04 09 d0 88 41 03 f3 c3 90 c7 05 c8 1b 9e c0 01 00 00 00 0f ae f8 89 f6 <c6> 05 00 00 00 00 01 c3 89 f6 8d bc 27 00 00 00 00 8d 50 d0 83
EIP: [<c068124f>] sysrq_handle_crash+0xf/0x20 SS:ESP 0068:ef4dbf24
CR2: 0000000000000000
help log
for more information on the command usage.
bt
command at the interactive prompt. You can use bt pid
to display the backtrace of the selected process.
crash> bt
PID: 5591 TASK: f196d560 CPU: 2 COMMAND: "bash"
#0 [ef4dbdcc] crash_kexec at c0494922
#1 [ef4dbe20] oops_end at c080e402
#2 [ef4dbe34] no_context at c043089d
#3 [ef4dbe58] bad_area at c0430b26
#4 [ef4dbe6c] do_page_fault at c080fb9b
#5 [ef4dbee4] error_code (via page_fault) at c080d809
EAX: 00000063 EBX: 00000063 ECX: c09e1c8c EDX: 00000000 EBP: 00000000
DS: 007b ESI: c0a09ca0 ES: 007b EDI: 00000286 GS: 00e0
CS: 0060 EIP: c068124f ERR: ffffffff EFLAGS: 00010096
#6 [ef4dbf18] sysrq_handle_crash at c068124f
#7 [ef4dbf24] __handle_sysrq at c0681469
#8 [ef4dbf48] write_sysrq_trigger at c068150a
#9 [ef4dbf54] proc_reg_write at c0569ec2
#10 [ef4dbf74] vfs_write at c051de4e
#11 [ef4dbf94] sys_write at c051e8cc
#12 [ef4dbfb0] system_call at c0409ad5
EAX: ffffffda EBX: 00000001 ECX: b7776000 EDX: 00000002
DS: 007b ESI: 00000002 ES: 007b EDI: b7776000
SS: 007b ESP: bfcb2088 EBP: bfcb20b4 GS: 0033
CS: 0073 EIP: 00edc416 ERR: 00000004 EFLAGS: 00000246
help bt
for more information on the command usage.
ps
command at the interactive prompt. You can use ps pid
to display the status of the selected process.
crash> ps
PID PPID CPU TASK ST %MEM VSZ RSS COMM
> 0 0 0 c09dc560 RU 0.0 0 0 [swapper]
> 0 0 1 f7072030 RU 0.0 0 0 [swapper]
0 0 2 f70a3a90 RU 0.0 0 0 [swapper]
> 0 0 3 f70ac560 RU 0.0 0 0 [swapper]
1 0 1 f705ba90 IN 0.0 2828 1424 init
... several lines omitted ...
5566 1 1 f2592560 IN 0.0 12876 784 auditd
5567 1 2 ef427560 IN 0.0 12876 784 auditd
5587 5132 0 f196d030 IN 0.0 11064 3184 sshd
> 5591 5587 2 f196d560 RU 0.0 5084 1648 bash
help ps
for more information on the command usage.
vm
command at the interactive prompt. You can use vm pid
to display information on the selected process.
crash> vm
PID: 5591 TASK: f196d560 CPU: 2 COMMAND: "bash"
MM PGD RSS TOTAL_VM
f19b5900 ef9c6000 1648k 5084k
VMA START END FLAGS FILE
f1bb0310 242000 260000 8000875 /lib/ld-2.12.so
f26af0b8 260000 261000 8100871 /lib/ld-2.12.so
efbc275c 261000 262000 8100873 /lib/ld-2.12.so
efbc2a18 268000 3ed000 8000075 /lib/libc-2.12.so
efbc23d8 3ed000 3ee000 8000070 /lib/libc-2.12.so
efbc2888 3ee000 3f0000 8100071 /lib/libc-2.12.so
efbc2cd4 3f0000 3f1000 8100073 /lib/libc-2.12.so
efbc243c 3f1000 3f4000 100073
efbc28ec 3f6000 3f9000 8000075 /lib/libdl-2.12.so
efbc2568 3f9000 3fa000 8100071 /lib/libdl-2.12.so
efbc2f2c 3fa000 3fb000 8100073 /lib/libdl-2.12.so
f26af888 7e6000 7fc000 8000075 /lib/libtinfo.so.5.7
f26aff2c 7fc000 7ff000 8100073 /lib/libtinfo.so.5.7
efbc211c d83000 d8f000 8000075 /lib/libnss_files-2.12.so
efbc2504 d8f000 d90000 8100071 /lib/libnss_files-2.12.so
efbc2950 d90000 d91000 8100073 /lib/libnss_files-2.12.so
f26afe00 edc000 edd000 4040075
f1bb0a18 8047000 8118000 8001875 /bin/bash
f1bb01e4 8118000 811d000 8101873 /bin/bash
f1bb0c70 811d000 8122000 100073
f26afae0 9fd9000 9ffa000 100073
... several lines omitted ...
help vm
for more information on the command usage.
files
command at the interactive prompt. You can use files pid
to display files opened by the selected process.
crash> files
PID: 5591 TASK: f196d560 CPU: 2 COMMAND: "bash"
ROOT: / CWD: /root
FD FILE DENTRY INODE TYPE PATH
0 f734f640 eedc2c6c eecd6048 CHR /pts/0
1 efade5c0 eee14090 f00431d4 REG /proc/sysrq-trigger
2 f734f640 eedc2c6c eecd6048 CHR /pts/0
10 f734f640 eedc2c6c eecd6048 CHR /pts/0
255 f734f640 eedc2c6c eecd6048 CHR /pts/0
help files
for more information on the command usage.
man kdump.conf
/etc/kdump.conf
configuration file containing the full documentation of available options.
man makedumpfile
makedumpfile
core collector containing the full documentation on its usage.
man kexec
kexec
containing the full documentation on its usage.
man crash
/usr/share/doc/kexec-tools-version
/kexec-kdump-howto.txt
kdump
and kexec
installation and usage.
kexec
and kdump
configuration.
Revision History | |||
---|---|---|---|
Revision 2 | Tue Nov 09 2010 | ||
| |||
Revision 1 | Mon Nov 16 2009 | ||
|
Liber Liber 2023 -
Authors
abati
- abba
- abbate
- accademia_degli_intronati
- accati
- accetto
- acerbi
- adami
- agabiti
- agamennone
- aganoor
- agaraff
- agostini
- agraives
- agresti
- agrippa
- alamanni
- albergati_capacelli
- albert
- albertazzi
- albertelli
- alberti
- alberti_leandro
- alberti_tommaso
- albini
- albinoni
- albori_della_vita_italiana
- alcott
- aleardi
- alfa
- alfieri
- algarotti
- ali
- alighieri
- alighieri_jacopo
- allen
- aloysius
- amabile
- amalteo
- amari
- amati
- ambrogini
- amidei
- amodeo
- andersen
- anderson
- andrea_da_barberino
- andreis
- angiolieri
- angiolini
- anile
- anonimo
- antiquarie_prospettiche_romane
- antoccia
- antona_traversi
- antonelli
- appelius
- apuleius
- aragona
- arbib
- archinti
- arenskij
- aretino
- ariosto
- aristoteles
- armaroli
- aroldi
- arouet
- arrhenius
- arrieta
- arrighi
- arrigoni
- arsinov
- artom
- artusi
- atlante
- auber
- audran
- auto_da_fe_in_bologna
- avancini
- azeglio
- bacci
- baccini
- bacci_peleo
- bach
- bachi
- bachi_riccardo
- bachofen
- bach_carl_philipp_emanuel
- bach_johann_bernhard
- bach_johann_ludwig
- bach_wilhelm_friedemann
- bacigalupo
- badia_y_leblich
- baffo
- bakunin
- balakirev
- balbo
- balbo_italo
- baldacci
- balsamo
- balzac
- balzani
- banchieri
- bandello
- bandi
- baratono
- baratono_adelchi
- barbagallo
- barbaranelli
- barbarani
- barbarich
- barberini
- barbiera
- barbieri
- barbieri_francisco
- barbusse
- barella
- bargiacchi
- baricelli
- barla
- barni
- barrie
- barrili
- bartok
- bartoli
- bartoli_daniello
- barzini
- basile
- bassano
- bassano_anthony
- bastianelli
- baudelaire
- baunard
- bazzero
- bazzoni
- becattini
- beccari
- beccaria
- beccaria_antonella
- beckford
- beethoven
- belgioioso
- belgiojoso
- bellacchi
- bellani
- belli
- bellini
- belloc_lowndes
- bellone
- belo
- beltrame
- beltramelli
- bembo
- benaglio
- benamozegh
- benco
- benco_delia
- benedetti
- benelli
- beolco
- berchet
- berchet_guglielmo
- berg
- berlioz
- bernard
- bernardino_da_siena
- berneri
- berneri_camillo
- berneri_maria_luisa
- berni
- bersezio
- bertacchi
- bertacchi_cosimo
- bertelli
- berti
- bertinetti
- bertini
- bertola
- bertoni
- bertoni_brenno
- bertoni_luigi
- berwald
- besana
- bestiario_moralizzato
- betteloni
- betti
- bettinelli
- bettoni
- bevilacqua
- beyle
- bhagavad_gita
- biagi
- bianchi
- bianchi_giovini
- bianco
- bianconi
- bianconi_giovanni_lodovico
- bibbia
- bibbiena
- biber
- biffoli
- binazzi
- bini
- biografie_e_ritratti_d_illustri_siciliani
- bisciola
- bisi
- bizet
- bizzarri
- bizzozero
- blackwood
- blake
- blanch
- blanchard
- blaserna
- boccaccio
- boccalini
- boccardi
- boccardo
- boccherini
- bocchi
- bodrero
- boerio
- boghen_conegliani
- boiardo
- boieldieu
- boine
- boito
- boito_a
- bolza
- bon
- bonacini
- bonaparte
- bonarelli
- bonatelli
- bonaventura
- bonaventura_enzo
- bond
- bonfadini
- bonghi
- bonizzi
- bonola
- bonomo
- bonvesin_de_la_riva
- bordenave
- borgese
- borgese_giuseppe
- borghi
- borghi_armando
- borodin
- borri
- bortolotti
- boschetti_alberti
- boscovich
- bosio
- bossi
- botta
- bottazzi
- bottero
- bouchardy
- bourcet
- bourdet
- bouvier
- bovio
- bovio_libero
- bozzano
- bozzini
- bracco
- brahms
- brancaccio
- brera
- bresadola
- breton
- brocchi
- brofferio
- broglio
- bronte
- bronzino
- bruch
- bruckner
- bruna
- brunelli
- brunetti
- bruni
- bruni_giuseppe
- bruno
- brusoni
- bufardeci
- buia
- buonaiuti
- buonarroti
- buonarroti_il_giovane
- buoninsegni
- buozzi
- burchiello
- burckhardt
- burke
- burnaby
- burroughs
- burzio
- buschi
- busetto
- busoni
- butti
- buxtehude
- buzzanca
- byrne
- byron
- caccianiga
- cacciatore
- caccini
- cafiero
- cagna
- cagni
- cajkovskij
- calandra
- calcagno
- caldarella
- calestani
- calvo
- calza
- camillo
- camis
- cammarano
- camoes
- campana
- campanella
- campolonghi
- campra
- canestrini
- canestrini_alessandro
- canina
- cannabich
- cannizzaro
- cantalupo
- cantoni
- cantoni_giovanni
- canto_gregoriano
- cantu
- capasso
- capefigue
- capella
- capocci
- capparoni
- capponi
- capranica
- caprile
- capuana
- carabellese
- caracciolo
- caracciolo_enrichetta
- carafa_capecelatro
- carcano
- cardano
- cardile
- carducci
- carlyle
- carmina_burana
- carnevali
- carocci
- carpenter
- carrera
- carroll
- carubia
- casadei
- casanova
- casas
- cassini
- castelli
- castelli_david
- castelnuovo
- castelvetro
- casti
- castiglione
- castiglioni
- catalani
- caterina_da_siena
- cather
- cattaneo
- cava
- cavalcanti
- cavallotti
- cavara
- caversazzi
- caviglia
- cefali
- celesia
- cellini
- celoria
- cena
- cenni
- cennini
- cerlone
- cernysevskij
- cerro
- cervantes
- cervesato
- cesarotti
- cesi
- chabrier
- chanson_de_roland
- chapi
- charpentier
- chaucer
- chausson
- chelli
- cherubini
- cherubini_eugenio
- chesterton
- cheyney
- chiabrera
- chiara
- chiarelli
- chiaretti
- chiarini
- chiesa
- chigi
- chiocchetti
- chiosso
- chiurlo
- chopin
- christiansen
- chueca
- ciaceri
- ciamician
- ciampoli
- cian
- ciano
- cicero
- cicogna
- cielo
- cifra
- cimarosa
- cinelli
- cipriani
- cittadella
- claps
- clarke
- clementi
- club_alpino_italiano
- cocchi
- codemo
- coffa_caruso
- coglitore
- colagrossi
- colajanni
- coleridge
- collenuccio
- colletta
- collins
- collodi
- colombe
- colombo_fernando
- colombo_michele
- colonna
- colonna_vittoria
- colorni
- columba
- cominelli
- compagni
- compagnia_del_mantellaccio
- comparetti
- confucius
- contessa_lara
- conti
- coperario
- coppi
- corano
- corbino
- cordelia
- corelli
- coresio
- corio
- cornaro
- cornelius
- cornoldi
- corradini
- cortesi
- cosmi
- cossa
- costa
- costa_andrea
- coster
- couperin
- crawford
- crawford_morris
- cremonese
- crispi
- croce
- crocella
- croce_benedetto
- croce_enrico
- cronica_vita_di_cola_di_rienzo
- cucca
- cummins
- cuneo
- cuoco
- cuomo
- curiel
- curti
- curti_pier_ambrogio
- cusani
- cyrano_de_bergerac
- dadone
- dall_ongaro
- dalmasso
- dandrieu
- danti
- darwin
- darwin_erasmus
- daudet
- dauli
- da_ponte
- da_porto
- da_verona
- debay
- debenedetti
- debussy
- deledda
- delibes
- delius
- della_casa
- della_chiesa
- della_porta
- della_seta
- della_valle
- della_valle_pietro
- delpino
- del_lungo
- del_lungo_carlo
- dering
- desanctis
- descalzo
- descartes
- descuret
- despres
- devienne
- dewey
- de_amicis
- de_angelis
- de_astis
- de_blasio
- de_boni
- de_bosis
- de_cesare
- de_cleyre
- de_filippi
- de_foe
- de_franchi
- de_gamerra
- de_giovanni
- de_gubernatis
- de_marchi
- de_maria
- de_orestis
- de_paoli
- de_pellegrini
- de_pretto
- de_quincey
- de_roberto
- de_rubris
- de_ruggiero
- de_sanctis
- de_vries
- diabelli
- diamante
- dickens
- diderot
- difensore_degli_ebrei
- dini
- dito
- dittersdorf
- di_blasi
- di_genio
- di_giacomo
- di_giovanni
- di_giovanni_alessio
- di_grazia
- di_monaco
- di_san_giusto
- dolce
- domenichi
- donati
- donaver
- doni
- donizetti
- dorso
- dossi
- dostoevskij
- douhet
- doyle
- draeseke
- driesch
- drigo
- drosso
- ducati
- dukas
- dumas
- dunant
- duparc
- durante
- du_mage
- dvorak
- d_albert
- d_ambra
- d_ancona
- d_andrea
- d_annunzio
- d_arzo
- d_emilio
- d_india
- eco
- economisti_del_cinque_e_seicento
- eisner
- electronic_frontier_foundation
- elgar
- elia
- emanuelli
- emerson
- emiliani_giudici
- emma
- emmanuel
- engels
- enriques
- epictetus
- epicurus
- erasmus_roterodamus
- eredia
- ermacora
- errante
- errera
- euclides
- fabbri
- fabiani
- fabula_de_etc
- faldella
- fanciullacci
- fanciulli
- fanfani
- fantazzini
- fantoni
- farga
- fargion
- farina
- farinelli
- farnaby
- faure
- favaro
- fazello
- federici
- fernandez_caballero
- fernandez_guardia
- ferrabosco_il_giovane
- ferrari
- ferrari_carlotta
- ferrari_giuseppe
- ferrari_giuseppe_1720
- ferrari_paolo
- ferrari_pietro
- ferrari_pio_vittorio
- ferrari_severino
- ferrer
- ferrero
- ferretti
- ferri
- ferrieri
- ferri_dina
- ferri_giustino
- ferroni
- ferruggia
- feuerbach
- fiacchi
- fibich
- figner
- figuier
- filicaia
- filippi
- fillak
- filopanti
- finella
- fioravanti
- fioretti_di_san_francesco
- fiore_di_leggende_cantari_antichi_etc
- fiorini
- firenzuola
- flammarion
- flaubert
- fletcher
- flies
- florenzi
- florio
- flotow
- fogazzaro
- folengo
- folgore
- fontana
- fontanarosa
- fontane
- fontefrancesco
- fontenelle
- formichi
- fornaciari
- forteguerri
- fortis
- foscolo
- fraccacreta
- fracchia
- france
- francesco_d_assisi
- franchetti
- franck
- franco
- frari
- freud
- frezzi
- frugoni
- fucini
- fugassa
- funck_brentano
- gabetti
- gabrieli
- gabrieli_giovanni
- galassi
- galiani
- galilei
- gallaccini
- galleani
- galleria_palatina
- gallina
- gallo
- galuppi
- gamberi
- gandhi
- ganot
- gargiulo
- garibaldi
- garrone
- gatti
- gautier
- geminiani
- gentile
- gentile_iginio
- gerard
- geremicca
- gerli
- german
- gershwin
- gervasoni
- gherardi
- ghersi
- ghislanzoni
- ghisleri
- giaccani
- giacometti
- giacosa
- giamboni
- gianelli
- giannone
- gibbon
- gibellini
- gide
- gigli
- giglioli
- gille
- gilles
- ginzburg
- gioberti
- giolitti
- giordana
- giordano
- giornale_per_i_bambini
- giostra_delle_virtu_e_dei_vizi
- giovannetti
- giovannitti
- giovio
- giraud
- giraudoux
- giretti
- giribaldi
- giuseppe_da_forio
- giusta_idea
- giusti
- glazunov
- glinka
- gluck
- gobetti
- goethe
- gogol
- goldoni
- goldsmith
- golgi
- goll
- gomes
- gonin
- gori
- gori_pietro_1854_1930
- gorkij
- gossec
- gothein
- gounod
- gozzano
- gozzi
- gozzi_gasparo
- graf
- gramsci
- granados
- grande
- grandi
- grassi
- grasso
- grave
- gray
- graziani
- gregorovius
- gretry
- grieg
- grimaldi
- grimm_jakob
- grippa
- grossi
- grossi_vincenzo
- groto
- guadagnoli
- gualandris
- gualdo
- guardione
- guareschi
- guarini
- guelfi
- guerrazzi
- guerrini
- guglielminetti
- guglielmotti
- guicciardini
- guidetti
- guidi
- guidiccioni
- guidi_michelangelo
- guiducci
- gulli
- guy
- haeckel
- haendel
- hamsun
- harding
- hasse
- hauptmann
- hawthorne
- haydn
- heron
- herschel
- hewlett
- heywood
- hichens
- historia_di_papa
- holborne
- holst
- homerus
- hubay
- huch
- hugo
- hummel
- humperdinck
- huxley
- iacopone_da_todi
- iacopo_da_sanseverino
- iberti
- ibn_gubayr
- ibn_miskawayh
- ibsen
- imbriani
- indy
- ingrassia
- innocentius_papa_12
- intorcetta
- invernizio
- ippolita_comunita_di_scriventi
- ippolitov_ivanov
- issel
- istoria_critica
- italia
- jacobsen
- james
- janacek
- jarro
- jatta
- jeans
- jefferson
- jenna
- jennings
- jerome
- johansson
- johnson
- joinville
- jolanda
- joplin
- jovine
- joyce
- juvalta
- kaffka
- kahn
- kalevala
- kalidasa
- kant
- karr
- keynes
- kipling
- kleist
- kollo
- komzak
- kovalevskaja
- kropotkin
- labriola
- ladenarda
- lady_gregory
- lafargue
- lagerlof
- lalande
- lalli
- lalo
- lancillotti
- lando
- landriani
- lanzalone
- lao_tzu
- lasca
- laser
- lasso
- latini
- lattes
- lattes_dante
- lavater
- lawrence
- lazzarelli
- lazzaretti
- lazzeri
- la_boetie
- la_fontaine
- la_lumia
- leetherland
- leggenda_di_tristano
- legouve
- lehar
- leibniz
- leitgeb
- lemery
- lemonnier
- lenti_boero
- leonardo
- leoncavallo
- leoni
- leopardi
- leroux
- lesca
- lessig
- lessona
- lettera_a_diogneto
- levati
- levi
- levi_adolfo
- levi_giulio_augusto
- lewis
- libri_piu_letti
- libro_della_cucina
- liebig
- liesegang
- liguria
- linati
- lipparini
- lippi
- liszt
- littre
- lizio_bruno
- ljadov
- lleo
- locatelli
- lockyer
- lodi
- lomazzo
- lombardini
- lombroso
- lombroso_gina
- london
- longo
- longus_sophista
- lopez
- lorentz
- lorenzo
- lorenzoni
- lori
- loria
- lortzing
- lo_valvo
- lucatelli
- lucchesini
- lucianus
- lucini
- lucretius
- luigini_federico
- luini
- lully
- luna
- lupo
- lusitania
- luther_blissett
- luzio
- macaulay
- maccrie
- machiavelli
- mackay
- maes
- maeterlinck
- maffei
- magalotti
- maggi
- mahler
- maineri
- maistre
- malamani
- malatesta
- malinverni
- malon
- malpassuti
- mameli
- mamiani
- mannarino
- manni
- manno
- mannu
- mantegazza
- manucci
- manzoni
- marais
- marcelli
- marcello
- marchand
- marchesani
- marchesa_colombi
- marchetti
- marchi
- marconi
- maresca
- mariani
- marinelli
- marinetti
- marino
- mario
- marrama
- marselli
- marsili
- martello
- martineau
- martinelli
- martinelli_vincenzo
- martinetti
- martini
- martini_ferdinando
- martoglio
- martucci
- marugi
- marx
- mascagni
- masci
- masi
- massarani
- massenet
- massimi
- mastriani
- mastro_titta
- mattei
- matteucci
- mattirolo
- maupassant
- mazzarino
- mazzini
- medici
- medici_ferdinando_i
- medici_lorenzino
- mehul
- meli
- melville
- mendelssohn
- menghini
- mengozzi
- merlini
- merlino
- messa_di_requiem
- messina
- metastasio
- meyer
- meyerbeer
- meyrink
- micanzio
- michaelis
- michel
- michelstaedter
- mieli
- milani
- mill
- mille_e_una_notte
- milton
- mioni
- mirbeau
- misasi
- misefari
- moderata_fonte
- modigliani
- molinari
- molnar
- mommsen
- monchablon
- mondaini
- moneta
- mongai
- mongitore
- monicelli
- monnier
- montanelli
- montesquieu
- montessori
- monteverde
- monteverdi
- monti
- monti_achille
- montpensier
- moore
- morandi
- morandi_carlo
- morando
- morasso
- more
- moresco
- moretti
- morra
- morris
- morselli
- morselli_ercole
- mosca
- moscardelli
- mosso
- mozart
- mozzoni
- mudge
- mulazzi
- mule
- mule_bertolo
- munthe
- mura
- muratori
- muratori_lodovico
- murger
- murri
- musorgskij
- mussolini
- musumeci
- muzzi
- nagy
- nardini
- narrazione_critico_storica_etc
- natale
- navigazione_di_san_brandano
- nazioni_unite
- neera
- negri
- negri_ada
- negri_francesco
- negri_gaetano
- nencioni
- nerucci
- nettlau
- nibby
- nibelunghi
- niccolini
- nicolai
- nicolaus_cusanus
- nielsen
- nieri
- nietzsche
- nievo
- nivers
- nobili
- nordau
- nordhoff
- norsa
- nota
- notari
- notturno_napoletano
- novacek
- novaro
- novaro_mario
- novatore
- novella_del_grasso_legnajuolo
- novelle_cinesi
- novelle_indo_americane
- novelle_italiane_dalle_origini_al_cinquecento
- novellino
- nucera_abenavoli
- nuovi_misteri_del_chiostro_napoletano_etc
- offenbach
- ojetti
- olper_monis
- omodeo
- onesto
- oppenheim
- orestano
- oriani
- orsi
- orsini
- ortolani
- pachelbel
- pacini
- pacioli
- padoa
- padula
- pagani
- paganini
- pagliaro
- pailleron
- paisiello
- palazzi
- paleologue
- palladio
- pallavicini
- pallavicino
- palli_bartolommei
- palma
- palmeri
- palomba
- pananti
- pani
- pannocchieschi
- panzacchi
- panzini
- paolieri
- pareto
- parini
- paris
- parlatore
- parmeggiani
- pascal
- pascal_carlo
- pascarella
- pascoli
- pasinetti
- pasolini
- paterno
- pausanias
- pavese
- peano
- pellico
- pellizzari
- penzig
- pepoli
- percoto
- pergolesi
- perlman
- perodi
- perrault
- petrarca
- petrocchi
- petruccelli_della_gattina
- piave
- piazza
- piazza_antonio
- piazzi
- pico_della_mirandola
- pierantoni_mancini
- pieri
- pierne
- pigafetta
- pignata
- pinamonti
- pinchetti
- pindemonte
- pino
- pintor
- pinza
- pioda
- piola
- pirandello
- pisacane
- piscel
- pissilenko
- pitre
- piva
- pizzagalli
- pizzigoni
- pizzigoni_giuseppina
- pizzirani
- planche
- plato
- plinius_caecilius_saecundus
- podesta
- podrecca
- poe
- poli
- polidori
- polidori_francesco
- polimanti
- poliziano
- polo
- polybius
- pompilj
- ponchielli
- popper
- porati
- porta
- pov_ray_team
- pozzi
- pozzi_antonia
- praetorius
- praga
- praga_marco
- prati
- previati
- prevost
- prose_e_poesie_giapponesi
- proudhon
- proust
- prunas
- puccini
- puini
- pulci
- purcell
- purgotti
- puskin
- puviani
- quadrio
- quel_libro_nel_cammino_della_mia_vita
- quevedo
- rabelais
- rabizzani
- raccolta_di_lettere_ecc
- racconti_popolari_dell_ottocento_ligure
- rachmaninov
- racquet
- radcliffe
- raffaello_sanzio
- raga
- ragazzoni
- rajberti
- rajna
- ramazzini
- rameau
- ramusio
- randi
- ranieri
- rapisardi
- rastrelli
- ravagli
- ravel
- razzaguta
- reclus
- redi
- regaldi
- regalia
- reger
- reghini
- regina_di_luanto
- regnani
- regno_d_italia_1805_1814
- reinecke
- relazione_dell_atto_della_fede_etc
- renan
- renier_michiel
- rensi
- repubblica_romana_1849
- respighi
- retif_de_la_bretonne
- reuze
- reyer
- rezzonico
- ricchi
- ricchieri
- ricci
- ricci_paterno_castello
- ricci_umberto
- riccoboni
- righetti
- righi
- rignano
- rilke
- rimatori_siculo_toscani_del_dugento
- rime_dei_memoriali_bolognesi
- rimini
- rimskij_korsakov
- rinaldini
- ringhieri
- ripa
- ripamonti
- rizzatti
- roberti
- robida
- rocca
- roccatagliata_ceccardi
- rocca_enrico
- rocco
- roggero
- rohlfs
- rolando
- romagnoli
- romagnoli_augusto
- romani
- roma_e_la_opinione_etc
- romberg
- romussi
- roncaglia_gino
- rosa
- rosadi
- rosa_daniele
- rose
- rosetti
- rosi
- rosmini
- rosselli_carlo
- rosselli_nello
- rossi
- rossini
- rossi_emanuele
- rossi_giovanni
- rostand
- rousseau
- roussel
- rovani
- rovetta
- rubinstejn
- ruffini
- ruffini_francesco
- russo
- russolo
- ruzzante
- ryner
- sabatini
- sabatini_rafael
- sabbadini
- sacchetti
- sacchetti_roberto
- sacchi
- sacheli
- sacher_masoch
- saffi
- saffi_antonio
- saint_evremond
- saint_saens
- salanitro
- salfi
- salgari
- salimbene_da_parma
- sallustius
- salucci
- saluzzo_roero
- sangiorgio
- sannazaro
- santucci
- sanudo
- sanvittore
- sarasate
- sardegna_regno
- saredo
- sarno
- sarpi
- satta
- savarese
- savasta
- savinio
- savio
- savioli
- savi_lopez
- savonarola
- scarfoglio
- scarlatti
- scarpetta
- scarpetta_maria
- scartabellati
- schein
- schiaparelli
- schiavini
- schicchi
- schiller
- schioppa
- schmid
- schmidt
- schopenhauer
- schubert
- schumann
- schutz
- schwarz
- scilla
- scina
- scott
- scrofani
- scuto
- sebastian
- secchi
- sella
- seneca
- serafini
- serafino_aquilano
- serao
- sercambi
- serena
- serge
- sergi
- serra
- servi
- settembrini
- sfinge
- sforza
- shakespeare
- shaw
- shelley
- sicilia
- siciliani
- sidrac
- sienkiewicz
- sigonio
- siliprandi
- silva
- simpson
- sinding
- sismondi
- skrjabin
- slataper
- smetana
- sobrero
- sobrero_mario
- socci
- soler
- solera
- solmi
- solovev
- sommerfeld
- sonzogno
- sophocles
- sorbelli
- spampanato
- spaventa
- spaventa_filippi
- sperani
- speroni
- spinazzola
- spinelli
- spinoso
- spinoza
- spohr
- spontini
- stacpoole
- stael
- stampa
- statius
- stefanoni
- stein
- steiner
- stendhal
- stenhammar
- steno
- stephens
- sterne
- stevenson
- stewart
- stirner
- stoker
- storia_dei_paladini_di_francia
- storia_di_fra_michele_minorita
- stowe
- straparola
- strauss
- strauss_josef
- strauss_jr
- strauss_richard
- strenna_di_ascolti_per_il_natale
- stromboli
- suk
- sullivan
- supino
- suppe
- supplica_degli_stampatori_e_etc
- suzzara_verdi
- svendsen
- svevo
- swift
- sylos_labini
- synge
- szanto
- szymanowski
- tagore
- tanini
- tanini_alighiero
- tarabotti
- tarchetti
- targioni_tozzetti
- tartaglia
- tartini
- tartufari
- tassini
- tasso
- tassoni
- telemann
- teloni
- tempio
- tenca
- terentius
- tesoro_di_scienze_etc
- tessa
- testoni
- tettoni
- theuriet
- tholozan
- thomas
- thoreau
- thorpe
- thouar
- thovez
- thucydides
- tigri
- tilgher
- timmermans
- timpanaro
- tiraboschi
- titelouze
- tocco
- tolstoj
- tomei
- tommaseo
- torelli
- torelli_luigi
- torricelli
- tosco
- tosti
- tozzi
- traina
- trebbi
- treitschke
- trentin
- tresca
- trilussa
- trimmer
- troya
- tucci
- tumiati
- turco
- turgenev
- ubaldini
- uccellini
- uda
- ughetti
- ultimi_fatti_di_milano
- unesco
- unione_europea
- untersteiner
- urgnani
- vailati
- valera
- valery
- vallardi
- valles
- valletta
- valli
- valvason
- vannicola
- vanzetti
- varthema
- varvaro
- vasari
- vassallo
- vaticano
- venerandi
- venexiana
- veneziani
- venier
- veniero
- venosta
- venturi
- venturini
- venturi_adolfo
- verdi
- verdinois
- verdi_de_suzzara
- veresaev
- verga
- vergilius
- verne
- veronese
- verri_alessandro
- verri_pietro
- vertua
- vettori
- viaggi_di_gio_da_mandavilla
- viani
- vico
- vieuxtemps
- vigoni
- villa
- villabianca
- villani
- villani_matteo
- villari
- villiers_de_l_isle_adam
- vinci
- violante
- viotti
- viriglio
- viscnu_sarma
- vismara
- vitali
- vita_delitti
- vita_italiana_nel_cinquecento
- vita_italiana_nel_rinascimento
- vita_italiana_nel_risorgimento
- vita_italiana_nel_seicento
- vita_italiana_nel_settecento
- vita_italiana_nel_trecento
- vitruvius
- vivaldi
- vivante
- vivanti
- vives
- viviani
- viviani_raffaele
- vogue_melchior_de
- volin
- volpi
- volta
- voltaire
- volterra
- wagenaar
- wagner
- waldteufel
- wallace
- wallace_edgar
- wallace_lewis
- walpole
- wassermann
- weber
- wells
- wessely
- white_mario
- widmann
- wieniawski
- wilde
- wolf
- wolf_ferrari
- woolf
- world_wide_web_consortium
- wundt
- wu_ming
- wu_ming_1
- wu_ming_2
- wu_ming_5
- yambo
- yeats
- yriarte
- zagarrio
- zanazzo
- zandonai
- zanella
- zanghi
- zanotelli
- zavattero
- zena
- zhuang_zi
- zola
- zuccoli
-