Essential Administrative Tools

Administrative tools 1-1

Essential Administrative Tools Use command man Piping into grep

❍ The grep command searches its input for lines containing a given pattern.

❍ The grep is commonly used to search files❍ Use grep with pipe is very useful

• Example: find out about a process owned by one certain user

$ps –ef | grep chavez $ps –aux | grep chavez $ps –aux | egrep ‘chavez|PID’ $alias pu “ps –aux | egrep ‘\!:1|PID” $ pu chavez


Essential Administrative Tools

Piping into awk❍ Manipulate the output of another command❍ Picking out the columns

Example:• List the users that run dooms.

$ps –ef | grep “[d]oom” | awk ‘{print $1}’$ps –ef | grep doom| grep –v grep | awk ‘{print $1}’

• Create a file to store the users that run dooms, include the data cpu time

$ (date ; ps –ef | grep “[d]oom” | awk ‘{print $1 “ [ “ $7 “]” }’ | sort | uniq) >> doomed.users



Piping into awk❍ Sum up a column of numbers

Example: search files owned by chavez and calculate the total size.

#find . -user chavez –ls –fstype 4.2| awk ‘{sum+=$7}; END {print “User chavez total disk use =“ sum}’

❍ Generate a filename with current date, such as 24Oct2004.icu4.sysdoc

• $ sys_doc > `date | awk ‘{print $3 $2 $6}’ `.`hostname`.sysdoc

Or on some systems date has the function• $ date +report_%d%b%y%H%M%S.output

will be report_17Jan05223305.output



Finding files: find❍ Find locates files having certain characteristics

on where you tell it to look.❍ Basic syntax

#find starting-dir(s) criteria-and-action❍ Matching criteria❍ Action

• What to do with the files matches all the criteria



The file’s group owner is not listed in the group file

-nogroup

The file’s owner is not listed in the password file

-nouserThe file’s group owner is grp-group grp The file’s owner is usr-user usrThe file’s access mode is p-perm pThe filename is nam-name namSpecifies file typeL f, d -type cFile is exactly n 512-byte blocks long-size nFile was modified more recently than file was-newer fileFile was last modified exactly n days ago-mtime nFile was last accessed n days ago-atime n



Use +, - to indicate more than, less than❍ -mtime +7 last modified more than 7 days ago❍ -atime –2 last accessed less than 2 days ago❍ -size +100 larger than 50k

Use wildcards with –name option❍ -name “*.dat”

Join more condition together❍ Or relation -o

$ -atime +7 –o –mtime +30 $❍ Not relation !

! –name gold.dat –name \*.dat



Check for a specific access mode with –perm❍ Exact permission

• -perm 75❍ At least permission with “‘-” sign

• -perm –002 world writable• -perm –4000 SUID access is set• -perm –2000 SGID access is set



Actions

Restrict the search to the file system of the starting directory

-xdev

Don’t descend into diretories encounted

-prune

Prompt before executing command on file

-ok cmd

Execute command on file-exec cmd

Display long directory listing for matching files

-ls

Display pathname of matching file-print

Meaningoption



Default is –print❍ Example: $ find . –name \*.c -print

-exec and –ok must end with \; {} may be used in commands as a

placeholder for the pathname of each found file.❍ -exec rm –f {} \;



The usage of find for administration❍ Monitoring disk use❍ Locating file that pose potential security

problems❍ Performing recursive operations

Example:$find /chem –size +2048 –mtime +30 –exec ls –l {} \;$find /chem –size +2048 $ -mtime +30 –o –atime +120 $ –

ls$find / $ -perm –2000 –o –perm –4000$ –print | diff –

files.secure$find /chem –name ‘*.c’ –exec mv {} /chem1/src \;



Repeating Commands: xargs❍ Command find is limited to files❍ Command xargs can accept any objects❍ Example

• Send all the arguments to one commands.– Low all the priority of doom processes by increasing nice

number by 10.#ps –ef | grep “[d]oom” | awk ‘{print $2}’ | xargs renice +10

• Send the arguments in groups by using –n option– Warn each user

#ps –ef | grep “[d]oom” | awk ‘{print $1}’ | xargs –n1 warn_user



❍ More xargs examples• Place the argument in a specific position

#ps –ef | grep “[d]oom” | awk ‘{print $1}’ | xargs –I chargefee {} 100

❍ -t option to display each constructed command before executing

❍ -p to allow you to selectively execute commands by prompting you before each one.



Creating several directory levels at once❍ The command mkdir has option –m, -p

• Set the mode with creating a file$mkdir –m 775 ./phone.list$mkdir –m g+w ./things

• Create any missing parents required for the subdirectories

$mkdir –p ./a/b/c



Duplicating an Entire Directory tree❍ Command tar, cpio, cp❍ Example

• Copy the directory /chem/olddir to /chem1/newdir• Use tar

# cd /chem1# tar –cf - -C /cdem olddir | tar –xvpf –#mv olddir newdir-p option of tar restores the ownership and access modes.

• Use cpio#mkdir /chem1/newdir#cd /chem1/olddir# find . –print | cpio –pdvm /chem1/newdir



Deleting Pesky Files❍ Use quote “”❍ Use emacs

Starting at the end❍ Command tail❍ Example

• $tail • $tail –l 100• $tail –f



wc count the number of characters, words and lines cat display the contents of a file or join files more and less Display the contents of a file a page

at a time head display the first few lines of a file tail Display the last few lines of a file sort sort the content of a file into order uniq Remove duplicate lines from a file cut remove columns of characters from a file paste join columns of files together tr translate specific characters split split files evenly


vi Commands

vi is an editor. It is the editor I strongly suggest you start using Why?

•it's always available on UNIX •it includes access to an ex command line •it is hugely powerful •it will make stuff later easier

Command format is normally

[ count] command [where] •count number of times to repeat a command (optional) •command the actual command •where how much to act on or where to take the cursor depending on the command (optional) •Examples

•23xDelete 23 characters •25ddDelete 25 lines •d$Delete from current position to the end of the line


Cutting and Pasting/Deleting text Key stroke Purpose " Specify a buffer to be used any of the commands using buffers. Follow the " with

a letter or a number, which corresponds to a buffer. D Delete to the end of the line from the current cursor position.

P Paste the specified buffer before the current cursor position or line. If no buffer is specified (with the " command.) then 'P' uses the general buffer.

X Delete the character before the cursor. Y Yank the current line into the specified buffer. If no buffer is specified, then the

general buffer is used. d Delete until where. "dd" deletes the current line. A count deletes that many lines.

Whatever is deleted is placed into the buffer specified with the " command. If no buffer is specified, then the general buffer is used.

p Paste the specified buffer after the current cursor position or line. If no buffer is specified (with the " command.) then 'p' uses the general buffer.

x Delete character under the cursor. A count tells how many characters to delete. The characters will be deleted after the cursor.

y Yank until , putting the result into a buffer. "yy" yanks the current line. a count yanks that many lines. The buffer can be specified with the " command. If no buffer is specified, then the general buffer is used.


Moving the Cursor Within the File

$ Move the cursor to the end of the current line. A count moves to the end of the following lines. % Move the cursor to the matching parenthesis or brace. ^ Move the cursor to the first non-whitespace character. ( Move the cursor to the beginning of a sentence. ) Move the cursor to the beginning of the next sentence. { Move the cursor to the preceding paragraph. } Move the cursor to the next paragraph.

Replacing Text Key stroke Purpose

C Change to the end of the line from the current cursor position.

R Replace characters on the screen with a set of characters entered, ending with the Escape key.

S Change an entire line.

r Replace one character under the cursor. Specify a count to replace a number of characters.

s Substitute one character under the cursor, and go into insert mode. Specify a count to substitute a number of characters. A dollar sign ($) will be put at the last character to be substituted.


Searching for Text or Characters

Key stroke Purpose , Repeat the last f, F, t or T command in the reverse direction. / Search the file downwards for the string specified after the /. ; Repeat the last f, F, t or T command. ? Search the file upwards for the string specified after the ?. F Search the current line backwards for the character specified after the 'F'

command. If found, move the cursor to the position. N Repeat the last search given by '/' or '?', except in the reverse direction. T Search the current line backwards for the character specified after the 'T'

command, and move to the column after if it's found. f Search the current line for the character specified after the 'f' command. If found,

move the cursor to the position. n Repeat last search given by '/' or '?'.

t Search the current line for the character specified after the 't' command, and move to the column before the character if it's found.


Manipulating Character/Line Formatting

Key stroke Purpose ~ Switch the case of the character under the cursor. < Shift the lines up to where to the left by one shiftwidth. "<<" shifts the current

line to the left, and can be specified with a count.

> Shift the lines up to where to the right by one shiftwidth. ">>" shifts the current line to the right, and can be specified with a count.

J Join the current line with the next one. A count joins that many lines.


Controlling processes

UID and EUID GID and EGID Niceness Signals

❍ By processes to communication among processes❍ By special key ctrl-c, ctrl-z to kill or suspend processes❍ By the administrator (kill) to achieve various results❍ By the Kernel


Unix signals

NoYesYesTerminateUser-definedUSR2NoYesYesTerminateUser-defined [debug]USR1NoYesYesIgnoreWindow changedWINCHNoYesYesIgnoreContinue after stopCONTNoYesYesStopKeyboard stop [ctrl-z]TSTPNoNoNoStopStop STOPNoYesYesTerminateSoftware termination [kill]TERM15YesYesYesTerminateSegmentation faultSEGVYesYesYesTerminateBus errorBUSNoNoNoTerminateKill [kill –9]KILL9

YesYesYesTerminateQuitQUIT3NoYesYesTerminateInterrupt [ctrl-c]INT2NoYesYesTerminateHangup [reread, hangup-nohup]HUP1

Dump core?

Can block?

Can catch?DefaultDescriptionName#

See /usr/include/signal.h for signal number and more signals


Kill: send signals

When to use ❍ Terminate a process, sending TERM❍ Send any signals.❍ Syntax

kill [-signal] pidNote: pid = -1 may mean all process except system

processes and the current shell. See man pid for more options.

❍ Kill pid • Can be caught, blocked and ignored

❍ kill –9 pid• Guarantee the process die?


Process States

Process states❍ Runnable

• The process can be executed• Waiting for CPU

❍ Sleeping• The process is waiting for some resource• Waiting for signal indicating request finishes

❍ Zombie• The process is trying to die

❍ Stopped• The process is suspended


Nice and renice: influence scheduling priority

Nice value is a numeric hint❍ Higher value –> more nicer -> save time for

others ❍ Lower value -> not so nice -> high priority for

itself. System has default nice range SA can adjust the value

❍ Can not make child’s value lower than parent.❍ Command nice and renice❍ Create a high priority shell for you in special

case


Monitor processes

ps❍ Example: part of $ps aux on Fedora1

USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMANDroot 1 0.0 0.0 2320 428 ? S Jan21 0:06 init [5]root 2 0.0 0.0 0 0 ? SW Jan21 0:00 [swapper]root 3 0.0 0.0 0 0 ? SW Jan21 0:00 [swapper]root 4 0.0 0.0 0 0 ? SW Jan21 0:00 [keventd]root 1351 7.2 1.5 282112 15672 ? SL Jan21 296:19 /usr/X11R6/bin/Xruihong 17964 1.0 0.0 4604 900 pts/1 R 11:02 0:00 ps aux

• VSZ: virtual size of the process• RSS: Resident set size


Monitor processes• STAT:

PROCESS STATE CODES D uninterruptible sleep (usually IO) R runnable (on run queue) S sleeping T traced or stopped Z a defunct ("zombie") processFor BSD formats and when the "stat" keyword is used, additional letters may be displayed:

W has no resident pages < high-priority process N low-priority task L has pages locked into memory (for real-time and custom IO)

❍ Use user defined format with –o option• To see every process with a user-defined format:

ps -eo pid,tt,user,fname,tmout,f,wchan


Monitor processes Free distributed utility: top 11:11:34 up 2 days, 20:08, 4 users, load average: 0.49, 0.19, 0.0791 processes: 90 sleeping, 1 running, 0 zombie, 0 stoppedCPU states: cpu user nice system irq softirq iowait idle total 0.8% 0.0% 0.8% 0.0% 0.0% 0.0% 198.0% cpu00 0.9% 0.0% 0.9% 0.0% 0.0% 0.0% 98.0% cpu01 0.0% 0.0% 0.0% 0.0% 0.0% 0.0% 100.0%Mem: 1031276k av, 787484k used, 243792k free, 0k shrd, 159212k buff 332472k active, 226532k inactiveSwap: 2096472k av, 0k used, 2096472k free 303348k cached

PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME CPU COMMAND18041 ruihong 17 0 1260 1260 980 R 1.9 0.1 0:00 0 top 1 root 16 0 428 428 372 S 0.0 0.0 0:06 1 init 4 root 15 0 0 0 0 SW 0.0 0.0 0:00 0 keventd 5 root 34 19 0 0 0 SWN 0.0 0.0 0:06 0 ksoftirqd/0 6 root 34 19 0 0 0 SWN 0.0 0.0 0:06 1 ksoftirqd/1


Runaway processes

User processes used up excessive amounts of a system resource

System processes exhibit wild behavior Handle it

❍ Identify process by CPU time, disk space, etc.❍ Kill ❍ Renice❍ Suspend/cont❍ Cleanup the mess if apply

• Let’s try an infinite loop

Essential Administrative Tools

Documents

Transcript of Essential Administrative Tools