System and Network Administration

lecture in color

UNIX Concepts (users' eye view)

users and groups.
files and directories.
protections and access.
processes and daemons.
user environment and shells.
commands and libraries.

UNIX Concepts (adminstrative view)

filesystems and fileservers.
- how to build
- how to fix.
- how to gain access.
network services
- name service (nis, nis+)
- login service (telnet, ssh)
- file transfer (ftp, tftp)
- mail (smtp, imap, pop)

Users and Groups

/etc/passwd : defines users.

name: login name
password: encrypted password
UID: user id, 0<=UID<=65535, 0 is ROOT.
GID: group id, 0<=GID<=65535, 0 is SYS.
GCOS: user description (treated as a comment)
home: home directory location
shell: what command to start when you log in.

couch:983h9482936fk:30:30:Alva L. Couch:/u/f/couch:/usr/bin/tcsh
^     ^             ^  ^  ^             ^          ^^^^^^^^^^^^^ shell
^     ^             ^  ^  ^             ^^^^^^^^^^ home directory
^     ^             ^  ^  ^^^^^^^^^^^^^ GCOS (comment)
^     ^             ^  ^^ GID
^     ^             ^^ UID
^     ^^^^^^^^^^^^^ password      
^^^^^ name

/etc/shadow: shows actual encrypted passwords of users.

 
name  password      aging policy
couch:8h938495029ms:6445::::::
^     ^             ^^^^ aging policy on account and password 
^     ^^^^^^^^^^^^^ password
^^^^^ name

/etc/group: defines groups of users

group name.
group id (GID), 0<=GID<=65535, 0 is SYS.
passwd: password (unused)
group members: a list of login names.

 
ta6:*:227:dwk,comp6,astudent,couch,dwv
^   ^ ^   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ group members
^   ^ ^^^ group id
^   ^ group password (unused) 
^^^ group name

Network databases

Not all user data is contained in /etc/passwd, /etc/shadow, /etc/group.
Information is also kept in network-wide databases.
Two prevalent databases:
- the Network Information Service (NIS) (A.K.A. the Yellow Pages)
- Sun NIS+.

NIS

Widely available.
Supported virtually on all UNIX platforms.
Insecure and easy to crack.
Defacto standard.
Domain-specific: only certain kinds of information can be distributed.
Easy to administrate.
How to get info:
```
ypcat passwd | more
ypcat group | more
```

NIS+

Sun proprietary.
Only on Suns.
Quite secure.
Generic: information can be of virtually any type.
Very complex to administrate.
Can have multiple information domains spanning large enterprises.
Precursor of X.25 and the Lightweight Directory Access Protocol (LDAP).

How to get info:

niscat passwd.org_dir | more
niscat group.org_dir | more

What gets used on suns

/etc/nsswitch.conf: tells what name services are being used.

#
# /etc/nsswitch.nisplus:
#
# An example file that could be copied over to /etc/nsswitch.conf; it
# uses NIS+ (NIS Version 3) in conjunction with files.
#
# "hosts:" and "services:" in this file are used only if the
# /etc/netconfig file has a "-" for nametoaddr_libs of "inet" transports.

# the following two lines obviate the "+" entry in /etc/passwd and /etc/group.
passwd:     files nisplus
group:      files nisplus

# consult /etc "files" only if nisplus is down. 
# hosts:      nisplus [NOTFOUND=return] files

#Uncomment the following line, and comment out the above, to use both DNS
#and NIS+.  You must also set up the /etc/resolv.conf file for DNS name
#server lookup.  See resolv.conf(4).
hosts:     nisplus dns [NOTFOUND=return] files

services:   nisplus [NOTFOUND=return] files
networks:   nisplus [NOTFOUND=return] files
protocols:  nisplus [NOTFOUND=return] files
rpc:        nisplus [NOTFOUND=return] files
ethers:     nisplus [NOTFOUND=return] files
netmasks:   nisplus [NOTFOUND=return] files        
bootparams: nisplus [NOTFOUND=return] files

publickey:  nisplus

netgroup:   nisplus

automount:  files nisplus
aliases:    files nisplus
sendmailvars:   files nisplus

Alas, we're using mostly NIS+. Sigh.

Files and Directories

/ - the 'root' filesystem.
directory: contains files and directories.
- hierarchy starts at /
- each directory has:
  - . - this directory.
  - .. - parent of this directory.
Exploring:
- ls -a - list all files in a directory (including hidden ones) Compare with plain ls.
- ls -l - list everything about files in a directory.
- du -k - compute disk utilization in a directory (sum up file sizes). This sums up hidden files .file that you won't see in ls.
Absolute path: /g/150NET/public_html
- starts with /
- ls /g/150NET/public_html - works the same regardless of where my current directory is.
Current directory: where you are right now
- cd - sends you to your home directory (something like /s/*/yourlogin)
- cd /g/150NET/public_html takes you to a new current directory.
- pwd tells you what the directory is.
Any path not starting with a / is relative:
- cd /g/150NET/public_html ; ls notes means ls /g/150NET/public_html/notes.

Really subtle

The current directory is a pointer into a filesystem, not a name but a number.
pwd: figure out name from number.
How UNIX does pwd:
- Prerequisites:
  - every directory is numbered.
  - a directory is a list of names of subdirectories and numbers.
- Algorithm:
  - start at current directory
  - cd .. (parent)
  - check where you came from (match your number to entry in ..)
  - until you get to /
  - name of directory is the sequence of names that correspond with sequence of numbers (backward)
Oversimplified example:

/ 50

/.. 50

/usr 30

/usr/.. 50

/usr/bin/ 55

/usr/bin/.. 30
Suppose your pwd is 55.
- 55/.. = 30 = 55/../bin so last pathname is bin
- 30/.. = 50 = 30/../usr so next pathname is usr
- 50 is / so we're done and path is /usr/bin

Observe!

.. isn't arbitary.
if directory doesn't have ..,
- no files have full pathnames.
- can't cd to it.

Directory names

Convention: certain directory names mean the same thing regardless of where they are in the UNIX filesystem

`/`	root directory
`/bin`	"binary" program repository
`/sbin`	"root binaries"
`/lib`	"libraries" that make commands work. .a, .so
`/etc`	"local databases" passwd, group, nsswitch.conf, inetd.conf, hosts
`/usr`	"stuff that's needed for multiuser operation"
`/var`	"stuff that's local from /, /usr"
`/man`	"manual pages"
`/doc`	"documentation"
`/share`	"machine-independent stuff"
`/adm`	"administrative stuff (root)"

E.g., ls contents of /, /usr, /usr/local, /usr/share, /local.

Commands to try

find /local -name bin -print - find every file or directory named bin inside /local.
/usr/sbin/ping emerald.tufts.edu - use a command ping inside /usr/sbin to see whether emerald is alive or dead!

File Protections and Access

A combination of filesystem, user, and group concepts.

Each filesystem node (directory, file, device, etc) has a specific owner and group.

owner: who is responsible for this file?
group: what group of people might be able to access this file?

 
ls -l 
total 116
protection    owner     group      size  modification name
flags 
drwxr-xr-x   3 couch    faculty      512 Nov 30  1993 4.Xupdate
drwxr-xr-x   5 root     other        512 Mar  3  1994 5.Xupdate
-rw-r--r--   1 couch    faculty     1168 Jul 20  1994 Notes-bugs
-rw-r--r--   1 couch    faculty     7573 Apr 30  1994 block-schedule
-rw-r--r--   1 couch    faculty     6287 Mar  7  1994 choosing2
 ^  ^  ^       ^        ^           ^    ^            ^^^^^^^^^^^^ filename
 ^  ^  ^       ^        ^           ^    ^^^^^^^^^^^^ last modified
 ^  ^  ^       ^        ^           ^^^^ size in bytes
 ^  ^  ^       ^        ^^^^^^^ group
 ^  ^  ^       ^^^^^ owner
 ^  ^  ^^^   other permissions: everybody can do this. 
 ^  ^^^      group permissions: people in the file's group can do this. 
 ^^^         owner permissions: the owner can do this.
^ type: what type is this file

type - what kind of thing is this:

d directory

- normal file

l symbolic link (file alias)

c character special (terminal device)

b block special (disk)

s socket (network link)

There are more...

Permissions

What can we do with the file or directory, etc.
Most general permissions: rwxrwxrwx. Anyone can do anything
Least powerful permissions: ----------. No one can do anything.
Permissions are OCTAL (base-8) numbers. rw-rw-r-- = 110110100₂ = 664₈.
Meanings differ for files and directories!

For files

r means you can read it
w means you can change it
x means you can run it as a program

For directories

r means you can do an ls of it.
w means you can create and delete files in it.
x means that if you know the name of the file, you can open it.

For example, we can read /g/15/ug/g/hello but can't ls the directories containing it:

drwxrws--x   7 couch    grading      512 Jan 21  1996 /g/15/ug
drwxrws--x  18 couch    grading     2048 Jan 26 14:48 /g/15/ug/g
-rw-rw-r--   1 couch    grading       26 Sep 20 11:41 /g/15/ug/g/hello

Program execution permission

The only difference between a file and a program is the state of the execute permission.
gcc and g++ make a.out executable!
A text file can also be made executable. It is interpreted as a script of commands to type.
If the first two characters of the script are #!, then the rest of the line is a command to use to process the script.
- #! /local/bin/perl - this is a perl-5 script (man perl for details)
- #! /bin/csh -fb - this is a csh script (man csh for details)

Special file protections

x can be s instead:
??s as owner protection means the file is executable, but execute as the owner of the file, not the person executing the command. This is called set-user-id (or setuid) execution!
```
 
andante{couch}52: ls -l rlogin
-r-sr-xr-x   1 root     bin        14552 Oct 25  1995 rlogin
```
shows that the rlogin command is setuid root! You couldn't contact other computers as yourself.
??s as group protection means executable, but execute as group of the file, not the group of the person executing it. This is called set-group-id (or setgid) execution!
```
andante{couch}54: ls -l submit
-rwxr-sr-x   1 ugrade   grading      452 Oct 26  1993 submit
```
shows that the beloved submit command executes as group grading (which you aren't a member of).
??S in either user or group protections indicates that the file isn't executable, but that setuid or setgid bits are set.
??s and ??S have no meaning in the world protection field (and can't happen).

Special directory protections

x can be s instead.
for user and other protections, this is meaningless.
an s in the group field means to enable "BSD compatibility mode" so that files created in the directory inherit the group of the enclosing directory, not the effective group of the user running the program that created the file.
in BSD systems, this is the DEFAULT.
SVR4 systems must use g+s permission to enable this(suns, decs, sgi6.0).

The "sticky bit"

/tmp is drwxrwxrwt (01777): anyone anywhere can write to it,
But only owners of files in /tmp can delete them.
This behavior is caused by the sticky bit, notated as a trailing t.

Numeric versions of protections

Setuid and setgid protections are also numeric in octal:

 
    -rwsr-xr-- = 04754 
  100                for set user-id
     111
        101
           100
  ------------
   4  7  5  4


    -rwSrw-rw-
  100                for set group-id
     110
        110
           110
  ------------
   4  6  6  6

Real protection code is, in binary:

 
111110000000000
432109876543210
XXXsstrwxrwxrwx
^     ^  ^  ^^^ other
^     ^  ^^^ group
^     ^^^ user
^    ^ sticky bit: protect files from non-owners
^   ^ set group-id
^  ^ set user-id
^^^ binary code for kind of file: -, d, c, b, l, s
sst: set user id, set group id, set sticky bit

Watch out!

whether you can read from or write to a file is controlled by the file's protection
whether you can create or delete a file is controlled by the protection of the directory that contains it.

Problem of the Day #1

node	owner	group	protection
/u/f/couch/trash	couch	faculty	drwxr-xr-x
/u/f/couch/trash/stuff	couch	faculty	-rwxr-xr--
/u/f/couch/trash/idiot	couch	faculty	-rw-r-xr-x
/u/f/couch/trash/garbage	couch	faculty	dr-x--x--x
/u/f/couch/trash/garbage/stuff	root	bin	-r--------
/u/f/couch/trash/garbage/other	root	faculty	-r--rw----

and the following facts:
- couch is a member of faculty.
- couch is not a member of group bin.
Answer the following questions:
- Which files can couch look at (using more)
- Which files can couch execute as commands?
- Which directories can couch list?
- Which files can anyone look at (using more)
- Which files can anyone execute as commands?
- Which directories can anyone list?

Keep in mind:

On andante, default for user files is unreadable for group and world, read-write for owner (rw-------).
default for directories is rwx for owner, none for group and world (rwx------).
But: system files (the ones you'll be modifying as a sysadmin) are generally world readable, world executable, and possibly even group writeable.
- File: -rw-r--r--, owner:you group:staff
- Program: -rwxr-xr-x owner:you group:staff
- Directory: drwxr-xr-x owner:you group:staff

Controlling file protections:

You determine how many protection bits can be set in a new file with your umask. This is a mask of bits that should be 0.
Normal users have umask 077: make everything private
When working on a system, you should type umask 022: make everything public.

Your umask is the octal complement of the bits you make available:

 
              executable file/dir        normal file
umask 077     -rwx------ 700             -rw------- 600
umask 002     -rwxrwxr-x 775             -rw-rw-r-- 664

Changing file owner

Must be root.
Changing the owner of one file or directory
```
chown newown file-or-dir
```
Changing the owner of a hierarchy of directories and files.
```
 
chown -R newown dir
```
Example:
```
 
chown couch .
```
makes the current directory owned by me!

Changing the group of a file

Must be owner or root.
Must be in the group you're putting a file into.
Changing a group of a file or directory:
```
 
chgrp group file-or-dir
```
Changing the group of a hierarchy of files all at once:
```
 
chgrp -R group dir
```
All files in the directory dir get changed.

Changing protections

Many options depending upon how you'd like to type commands.

Examples:

chmod 755 file      makes a file executable.
chmod go+rx file    makes a file executable to group and others.
chmod -R go+rX dir  makes directories readable and searchable to all. 
                    X means "make something x only if it makes sense."

Entities: ugo represents user, group, and other.
Protections: rwx represents read, write, execute,
X : make executable only if one execute bit already set.
s and t have special meanings as above.
+ : add a permission.
- : remove a permission.

Problem of the day #2

Suppose file1 has protection -rw-------. What is its protection after
```
chmod g+s file1; chmod o+X file1
```
?
Suppose file2 has protection -rwxr-xr-x. What is its protection after
```
chmod go-x file2
```
?
Suppose file3 has protection -rwxr--r--. What is its protection after
```
chmod 06755 file3
```
?

Caveats

To make a command accessible to others, it must be executable to them.
To make a script executable by others, it must be readable and executable.
Most common mistake in beginning system administration: botching protections on files users need!

Protection Rackets

How does one protect a file from all users yet let a command modify it?
Answer: use setuid or setgid execution.
Case study: gripe command to allow users to gripe about things.

First, we write a command gripe that allows people to gripe.

requested code file files-old-old/gripe.c is not appropriate!

Then we compile it:
```
gcc -g -o gripe gripe.c
```
and change it to a non-public group
```
chgrp staff gripe
```
and change it to be setgid.
```
 
chmod g+s gripe
```
Now make a file gripes:
```
touch gripes
```
and make it available only to you and staff:
```
 
chgrp staff gripes
chmod 660 gripes
```

At the end of this you have the following situation:

 
blackhole{couch}113: ls -l
-rwxr-sr-x   1 couch    faculty    27400 Jan 25 15:36 gripe
-rw-r--r--   1 couch    faculty      354 Jan 25 15:36 gripe.c
-rw-rw----   1 couch    faculty      102 Jan 25 15:37 gripes

Now when a user types gripe, the command becomes group staff and can write into the gripes file.
But no user can even read it.
To read it we can create another setgid program that tells users what gripes are.

Application: policy-based execution

Place all games in a directory readable only to staff.
Create a wrapper program that is setgid staff, and can figure out its own name and the time of day.
If it's after 5:00, let people play (by executing the file with the same name in the games directory). If before 5:00, exit.

Processes and Daemons

Process: one independent program.
Every process has
- a process identifier (between 0 and 65535) that uniquely identifies the process on the machine it is executing upon.
- a parent process identifier (between 0 and 65535) of the process that invoked the given process.
To see your own processes (for your current session):
```
ps -l
```
or all your processes from all sessions:
```
 
ps -efl | grep couch | more
```
where you subsitute yourself for couch.

Process Rules

Process 1 is special: the init process that starts UNIX.
- process 1 is an ancestor of all processes.
- if Process 1 dies, system reboots.
When you invoke a process (by running a command), your shell's process invokes the command as a child process.
- if your shell dies, so do all children of it.
- if you send a signal to your shell, then all children get it.

Manipulating processes

Look at all processes

 
ps -efl | grep couch | more

This might result in:

contents of files-old/ps-ef...
   couch 15742 15740  0 11:29:45 pts/9    0:01 /usr/bin/tcsh
   couch 11217     1  0   Jan 22 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 14030 13996  0   Jan 24 ?        0:00 /bin/cat /tmp/.removable/notify8
   couch 10112     1  0   Jan 21 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 13996     1  0   Jan 24 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch  6596     1  0   Jan 20 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch  1236     1  0   Jan 18 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15531 15506  0 10:14:15 pts/4    0:01 /usr/bin/tcsh
   couch 15676 15505  0 10:49:49 ??       0:01 /usr/dt/bin/dtterm
   couch  2901  2865  0   Jan 18 ?        0:00 /bin/cat /tmp/.removable/notify0
   couch 15648 15505  1 10:34:12 ??       0:05 /usr/dt/bin/dtterm
   couch 15499 15480  0 10:13:49 pts/2    0:01 /usr/dt/bin/dtsession
   couch 10150 10112  0   Jan 21 ?        0:00 /bin/cat /tmp/.removable/notify4
   couch  1273  1236  0   Jan 18 ?        0:00 /bin/cat /tmp/.removable/notify2
   couch   371     1  0   Jan 17 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15514     1  0 10:14:10 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15691 15690  0 10:51:31 pts/8    0:01 (dns helper)
   couch   414   371  0   Jan 17 ?        0:00 /bin/cat /tmp/.removable/notify1
   couch 15478     1  0 10:13:40 ?        0:00 /usr/dt/bin/dsdm
   couch 16146 15650  0 16:01:00 pts/7    0:00 grep couch
   couch 15480 15477  0 10:13:40 pts/2    0:00 tcsh -c unsetenv _ PWD;     source /u/f/couch/.login;            unsetenv DT;
   couch 15498     1  0 10:13:48 pts/2    0:01 /usr/dt/bin/ttsession
   couch 15425 14791  0 10:13:31 ?        0:01 /bin/ksh /usr/dt/bin/Xsession
   couch 15740 15505  0 11:29:41 ??       0:20 /usr/dt/bin/dtterm
   couch 15477 15425  0 10:13:39 pts/2    0:01 /usr/dt/bin/sdt_shell -c unsetenv _ PWD;     source /u/f/couch/.login;       
   couch  9175     1  0   Jan 21 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15550 15511  0 10:14:18 ?        0:00 /bin/cat /tmp/.removable/notify10
   couch 14790   249 10 19:12:09 ?       10:17 /usr/openwin/bin/Xsun :0 -nobanner -auth /var/dt/A:0-tRaiFa
   couch  6634  6596  0   Jan 20 ?        0:00 /bin/cat /tmp/.removable/notify3
   couch  9214  9175  0   Jan 21 ?        0:00 /bin/cat /tmp/.removable/notify5
   couch 15551 15514  0 10:14:18 ?        0:00 /bin/cat /tmp/.removable/notify9
   couch 13796 13756  0   Jan 24 ?        0:00 /bin/cat /tmp/.removable/notify6
   couch 15435 15425  0 10:13:32 ?        0:00 /usr/openwin/bin/fbconsole
   couch  2865     1  0   Jan 18 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 11264 11217  0   Jan 22 ?        0:00 /bin/cat /tmp/.removable/notify7
   couch 15524 15506  0 10:14:14 pts/3    0:01 /usr/bin/tcsh
   couch 13756     1  0   Jan 24 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15511     1  0 10:14:09 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15505 15499  0 10:13:52 ?        0:26 dtwm
   couch 15566 15506  0 10:14:22 pts/6    0:00 /usr/bin/tcsh
   couch 15557 15506  0 10:14:20 pts/5    0:00 /usr/bin/tcsh
   couch 15506 15499  0 10:14:09 ??       2:18 dtterm -session dtBia4Ra -sdtserver
   couch 15508 15499  0 10:14:09 ?        0:06 sdtperfmeter -f -H -t cpu -t disk -s 1 -name fpperfmeter
   couch 15650 15648  0 10:34:13 pts/7    0:02 /usr/bin/tcsh
   couch 15678 15676  0 10:49:50 pts/8    0:01 /usr/bin/tcsh
   couch 15690 15678  5 10:51:26 pts/8    2:44 netscape http://conbrio/g/150NET/register.html
...end of files-old/ps-ef

Processes are manipulated directly via the kill command (which does a lot more than just kill processes).
Shut down a process gracefully:
```
 
kill 15566
```
would end one of my shells (that I might be typing within at the time).
Shut down a process rudely and with no recourse:
```
 
kill -9 15566
```
or
```
kill -KILL 15566
```
This gives the process no choice; it can't block or ignore the request (as it can with the above signal).
Tell a process something has changed.
```
kill -HUP 15566
```
sends a HANGUP signal to a process. This means the connection hung up.

Process concepts

Processes can be:
- foreground: talking directly to your terminal.
- background: running in the background while you do other things.
Typical uses of background processes:
- Things that take too long to wait for.
- Things that must happen all the time.
Example: moving lots of files:
- If I type:
```
 
cd /g; tar cf - 150NET | (cd /loc/adm; tar xfBp -)
```
  this'll have the effect of copying the whole 150NET hierarchy from /g to /loc/adm. This'll take awhile!
- If I don't want to wait, I can type:
```
 
cd /g; tar cf - 150NET | (cd /loc/adm; tar xfBp -) &
```
  The trailing & tells the shell to run this process in the background. I can continue doing other things.

Process Tasks

Typical task: log yourself off of a machine remotely.
Comment: you're logged off if you have no processes at all.

Find your processes:

 
% ps -ef | grep couch
   couch 15742 15740  0 11:29:45 pts/9    0:01 /usr/bin/tcsh
   couch 11217     1  0   Jan 22 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 14030 13996  0   Jan 24 ?        0:00 /bin/cat /tmp/.removable/notify8
   couch 10112     1  0   Jan 21 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 13996     1  0   Jan 24 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch  6596     1  0   Jan 20 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch  1236     1  0   Jan 18 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15531 15506  0 10:14:15 pts/4    0:01 /usr/bin/tcsh
   couch 15676 15505  0 10:49:49 ??       0:01 /usr/dt/bin/dtterm
   couch  2901  2865  0   Jan 18 ?        0:00 /bin/cat /tmp/.removable/notify0
   couch 15648 15505  1 10:34:12 ??       0:05 /usr/dt/bin/dtterm
   couch 15499 15480  0 10:13:49 pts/2    0:01 /usr/dt/bin/dtsession
   couch 10150 10112  0   Jan 21 ?        0:00 /bin/cat /tmp/.removable/notify4
   couch  1273  1236  0   Jan 18 ?        0:00 /bin/cat /tmp/.removable/notify2
   couch   371     1  0   Jan 17 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15514     1  0 10:14:10 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15691 15690  0 10:51:31 pts/8    0:01 (dns helper)
   couch   414   371  0   Jan 17 ?        0:00 /bin/cat /tmp/.removable/notify1
   couch 15478     1  0 10:13:40 ?        0:00 /usr/dt/bin/dsdm
   couch 16146 15650  0 16:01:00 pts/7    0:00 grep couch
   couch 15480 15477  0 10:13:40 pts/2    0:00 tcsh -c unsetenv _ PWD;     source /u/f/couch/.login;            unsetenv DT;
   couch 15498     1  0 10:13:48 pts/2    0:01 /usr/dt/bin/ttsession
   couch 15425 14791  0 10:13:31 ?        0:01 /bin/ksh /usr/dt/bin/Xsession
   couch 15740 15505  0 11:29:41 ??       0:20 /usr/dt/bin/dtterm
   couch 15477 15425  0 10:13:39 pts/2    0:01 /usr/dt/bin/sdt_shell -c unsetenv _ PWD;     source /u/f/couch/.login;       
   couch  9175     1  0   Jan 21 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15550 15511  0 10:14:18 ?        0:00 /bin/cat /tmp/.removable/notify10
   couch 14790   249 10 19:12:09 ?       10:17 /usr/openwin/bin/Xsun :0 -nobanner -auth /var/dt/A:0-tRaiFa
   couch  6634  6596  0   Jan 20 ?        0:00 /bin/cat /tmp/.removable/notify3
   couch  9214  9175  0   Jan 21 ?        0:00 /bin/cat /tmp/.removable/notify5
   couch 15551 15514  0 10:14:18 ?        0:00 /bin/cat /tmp/.removable/notify9
   couch 13796 13756  0   Jan 24 ?        0:00 /bin/cat /tmp/.removable/notify6
   couch 15435 15425  0 10:13:32 ?        0:00 /usr/openwin/bin/fbconsole
   couch  2865     1  0   Jan 18 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 11264 11217  0   Jan 22 ?        0:00 /bin/cat /tmp/.removable/notify7
   couch 15524 15506  0 10:14:14 pts/3    0:01 /usr/bin/tcsh
   couch 13756     1  0   Jan 24 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15511     1  0 10:14:09 ?        0:00 /bin/ksh /usr/dt/bin/sdtvolcheck -d -z 5 cdrom
   couch 15505 15499  0 10:13:52 ?        0:26 dtwm
   couch 15566 15506  0 10:14:22 pts/6    0:00 /usr/bin/tcsh
   couch 15557 15506  0 10:14:20 pts/5    0:00 /usr/bin/tcsh
   couch 15506 15499  0 10:14:09 ??       2:18 dtterm -session dtBia4Ra -sdtserver
   couch 15508 15499  0 10:14:09 ?        0:06 sdtperfmeter -f -H -t cpu -t disk -s 1 -name fpperfmeter
   couch 15650 15648  0 10:34:13 pts/7    0:02 /usr/bin/tcsh
   couch 15678 15676  0 10:49:50 pts/8    0:01 /usr/bin/tcsh
   couch 15690 15678  5 10:51:26 pts/8    2:44 netscape http://conbrio/g/150NET/register.html

Then kill all of them:

 
% kill -9 15742 11217 14030 10112 13996 6596 1236 15531 15676 2901 15648 \
15499 10150 1273 371 15514 15691 414 15478 16146 15480 15498 15425 15740 \
15477 9175 15550 14790 6634 9214 15551 13796 15435 2865 11264 15524 13756 \
15511 15505 15566 15557 15506 15508 15650 15678 15690

Or for the lazy and esoterically inclined:
```
 
kill -9 `ps -ef | awk '$1=="couch" { print $2 }'`
```
- The backquote syntax:
```
`ps -ef | awk '$1=="couch" { print $2 }'`
```
  executes the command
```
ps -ef | awk '$1=="couch" { print $2 }'
```
  and substitutes its output inline! This is the process list.
- ps -ef generates the list of all processes, while
```
 
awk '$1=="couch" { print $2 }'
```
  selects only the lines with couch in the first field, and then prints the second field (the process ID).
This logs you out of all sessions, including the one you're typing within.

Daemons

Normal processes are executed at the request of users.
Daemons are processes that execute in the background in order to:
- provide services to remote machines or users.
- Perform internal bookkeeping and monitor security.

A simple daemon

Let's make a simple daemon that spies on your mail and tells you when you have new mail. To do this, it'll compare the date on your mailbox with its previous date.
Sketch of code:
- Start by recording the modification date of your mailbox.
- Every 10 seconds, check it against the current modification date.
- If the new date is newer, then write a message to you.

Try this version:

contents of files-old/daemon.c...
#include <stdio.h> 
#include <sys/types.h>
#include <sys/stat.h>

#define MAIL "/g/150NET/public_html/notes/solaris/mail"
main() { 
  struct stat buf; 
  time_t lastmod; 
  stat(MAIL,&buf); 
  lastmod = buf.st_mtime; 
  while (1) { 
    sleep (10); 
    stat(MAIL,&buf); 
    if (buf.st_mtime>lastmod) { 
      printf("you've got mail!"); 
      exit(0); 
    } 
  } 
} 
...end of files-old/daemon.c

stat(file,&buf): find out about a file, place the results into buf.
stat.st_mtime: the seconds between the time the file was last modified and Jan 1 1970 00:00:00 GMT (the birthday of UNIX).

Then we execute:

blackhole{couch}129: touch mail
blackhole{couch}130: daemon &
[1] 16248
... time passes ...
blackhole{couch}131: touch mail
blackhole{couch}132: you've got mail!
[1]    Done                   daemon
blackhole{couch}132:

touch file: make file have the current time as modification time (as if mail arrived).

Daemon Caveat

Daemons don't die by themselves!
If you write one to, e.g., notify you when your girlfriend logs in, you have to kill it before you log out!
Case history:
- Person wrote daemon, put into .cshrc to be started every time they logged in.
- Logged in and out 100 times.
- 100 daemons were running!
- load average on machine was 10!

lecture in color

/comp/150NET/notes/files-old.php
downloaded on Nov-23-2009 05:41:02 AM,
was last modified on Feb-17-2004 10:47:49 PM.
All lecture note content is copyright 2004 by
Alva L. Couch, Computer Science, Tufts University

d	directory
-	normal file
l	symbolic link (file alias)
c	character special (terminal device)
b	block special (disk)
s	socket (network link)

/	50
/..	50
/usr	30
/usr/..	50
/usr/bin/	55
/usr/bin/..	30