CST8177 – Linux II
More on file systems,Booting
CST8177– Todd Kelley
1
bind mountsquotasBooting process andSysVinitInstallation Disk rescue mode
2
Topics
A bind mount is used to mount a directory onto a mount point: man mountuse the “bind” option for the mount command# mount –o bind /some/dir/anotherdirnow /some/dirand /anotherdirare the same directoryBe careful with bind mounts, because they make it possible to form cycles in the file systeme.g.dangerous: "mount –o bind /home /home/user/dir"serious repercussions forrm–rf/home/user # will remove all of /homefind /home/user # will never stopany program that recursively descends directories
Bind mounts
CST8177 – Todd Kelley
3
make an inaccessible directory accessible:mount –o bind /home/user/private/public /publicmake disk space in one file system available in another file systemsuppose you have a large separate file system with lots of free space on /var, and root file system with /home is nearly full:mkdir/var/local/home/{user1,user2}move contents of /home/{user1,user2,...} to /var/local/homemount –o bind /var/local/home /homebeware: new /home has same mount options as /var
Bind mount examples
CST8177 – Todd Kelley
4
share directories acrosschrootenvironmentsmount –o bind /dev/home/user/myroot/devchroot/home/user/myroot/devin thechroot-edenvironment, /devwill be the same as the un-chroot-ed/dev
Bind mount examples (cont'd)
CST8177 – Todd Kelley
5
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/ch-disk-quotas.htmlQuotas give us the ability to keep track of users' disk usage: both blocks (disk space) andinodes(number of files)quotarpm must be installedFor both blocks andinodes, quotas allow hard limits and soft limits:Soft limit: user is allowed to exceed a soft limit, but they will be warned, and after a grace period, they cannot increase usageHard limit: user is never allowed to exceed the hard limitWe enable quotas for a file systemQuotas can be applied to users and/or groupsSystem administrator can report on all users' disk usage statusEach user can see their own disk usage status (quota information)
Quotas
CST8177 – Todd Kelley
6
Example: enabling quotas on /home (separate /homefilesystem)In/etc/fstab, add theusrquota,grpquotamount options forthe filesystemmounted on the/home mount pointInitialize the quota database files for/homewith the commandquotacheck–cug/homec: don't read quota files, create new quotadatabase filesu: do user quotasg: do groupquotasTurn quotas onquotaon–vaug# turn quotasonv: display a message for eachfilesystemaffecteda: turn quotas on for all automatically mounted file systems according to/etc/fstabu:user quotasg:group quotasrepquota–a# report onquotasTurn quotas offquotaoff–vaug# turn quotas offquotaoff-vaug;quotacheck–vaug;quotaon–vaug#single user mode
Turning quotas on (and off)
CST8177 – Todd Kelley
7
To set a quota for a user, as rootedquotausernamewhereyou'll see (example) DO NOT edit blocks orinodes, just soft and hard limits!Diskquotas for usertgk(uid107):Filesystemblocks soft hardinodessofthard/dev/sda8 108 1000 2000 1 0 0or this command can be used in scriptssetquota-uusernamesoft hard isoft ihardfswhereusername is the name of the usersoft is the block soft limithard is the block hard limitisoftis theinodesoft limitihardis theinodehard limitfs is the file system mount point (e.g. /home)
Setting Quotas
CST8177 – Todd Kelley
8
To set the grace period for all usersedquota–t # edit graceperiodwhere you'll see something like this (note units)Grace period before enforcing soft limits for users:Timeunits may be: days, hours, minutes, orsecondsFilesystemBlock grace periodInodegraceperiod/dev/mapper/VolGroup00-LogVol00 8days8daysTo set the grace period for an individual useredquota-Ttgkwhere you'll see something like this (note units)Times to enforcesoftlimitfor usertgk(uid498):Timeunits may be: days, hours, minutes, or secondsFilesystemblock graceinodegrace/dev/mapper/VolGroup00-LogVol00 unsetunset
Quota Grace Period
CST8177 – Todd Kelley
9
individual users can check their individual quota status withquotacommand:showsblock usage and limitsinodeusage and limitsremainder on grace period if over soft limitSystem administrator can print report of all users quota status (see alsowarnquota):repquota-ashows for each user what they've used,soft limits, hard limits,and remainder of grace periods if that user has entered one of their grace periods
quota andrepquotacommands
CST8177 – Todd Kelley
10
http://teaching.idallen.com/cst8207/14w/notes/750_booting_and_grub.htmlpage numbers for Fifth EditionSobell:Chapter 11: 424-431Chapter 15: 551-552
Booting
CST8177 – Todd Kelley
11
Power button pressedBIOSPOSTMBR : contains grub stage 1grub stage 1 : to find grub stage 2grub stage 2: to launch kernelkernel runninginitprocess (PID 1) : consultsinittab/etc/inittab/etc/rc.d/rc.sysinit/etc/rc.d/rc3 : assuming defaultrunlevel3
Booting Sequence (CentOS)
CST8177 – Todd Kelley
12
/etc/inittabcontains records of the formid:runlevels:action:processid: identifies an entryrunlevels: therunlevelsin which the action should be takenaction: the action that should be takenprocess: the process to be executedBecauseCentOS6.5 is migrating to a successor ofsysVinit(upstartd, which will be replaced withsystemd), only theinitdefaultaction is present in our/etc/inittab
/etc/inittab
CST8177 – Todd Kelley
13
Even inCentOS6.5, withupstartd, when the system boots torunlevel3, the following happens as it did withsysVinit/etc/init.d/rc.sysinit/etc/init.d/rc3 #defaultrunlevel3Thesysinitaction now is invoked due to theupstartd/etc/init/rcS.conffileThe/etc/init.d/rcscript being called with argument3is due to theupstartd/etc/init/rc.conffileUndersysVinit, this was controlled by/etc/inittab
When booting
CST8177 – Todd Kelley
14
Even withupstartd,sysVinitis supported/etc/init.d/*these are scripts for starting, stopping, restarting services/etc/rc.d/rc.N.d/* #where N is arunlevelthese are symbolic links to service's scriptbegins with K means service should not be running in thatrunlevel: call it with "stop" argumentbegins with S means service should be running in thatrunlevel: call it with "start" argumentchkconfigmaintains these scripts
SysVinitscripts
CST8177 – Todd Kelley
15
all/etc/init.d/*scripts manageable bychkconfighave two or more commented linesfirst tellschkconfigwhatrunlevels, and start and stop priorityrunlevelsis "-" if by default should not be started in anyrunlevelsecond is a descriptionFor example:/etc/init.d/ntpd#chkconfig: - 58 74# description:ntpdis the NTPv4 daemon. \# The Network ....
chkconfig
CST8177 – Todd Kelley
16
The /etc/rc.d/rcN.d/ (N=0,1,2,3,4,5,6) directories contain symbolic links to scripts in/etc/init.dThese links are maintained bychkconfig(links created or removed by commands likechkconfig<service> on)When entering a newrunlevelduring bootas controlled by/etc/inittabor by root running atelinit<newlevel>command (exampletelinit2to enterrunlevel2)The system will call scripts to stop services that should not run in thatrunlevel, and start services that should run in thatrunlevel
/etc/rc.d/rcN.d/*
CST8177 – Todd Kelley
17
When entering a newrunlevel, the system needs to stop the services that should not be running in thatrunlevel, and start the services that should be running in thatrunlevelTo do this, the system calls the scripts in thatrunlevel'sdirectory,/etc/rc<lev>.d/, where<lev>is arunlevelScripts whose names begin with K are called with a stop argument (if that service is running)Scripts whose names begin with S are called with a start argument (if that service is not running)
Entering arunlevel
CST8177 – Todd Kelley
18
Upon enteringrunlevel3 (for example):each/etc/rc3.d/K*script is called with "stop" (if that service is running)each/etc/rc3.d/S*script is called with "start" (if that service is not running)The ordering of the scriptsbeing called isgiven by thechkconfigpriority, which is a number in thesymlink-edname of each scriptThese numbers in the link names put the scripts in a certain orderchkconfigcreated the link with this number in the link name because of those commented lines in the script itself (we talked about those a few slides ago)
Example of entering arunlevel
CST8177 – Todd Kelley
19
example/etc/rc3.d/S55sshdsshdis configured to run inrunlevel3otherwise, there would be aK25sshdscript there instead (why 25?)55is the priority of startingthesshdservice when entering that run levelThisS55sshdscript is asymlinkto/etc/init.d/sshdAgain, thechkconfigcommand creates and removes these links when we use it to enable or disable a service for arunlevel
Example service:sshd
CST8177 – Todd Kelley
20
service SCRIPT COMMAND [OPTIONS]SCRIPTis/etc/init.d/SCRIPTCOMMANDis an argument to the scriptstartstoprestartetcstartandstopmust be recognized bySCRIPTExample:servicentpdstartsame effect as/etc/init.d/ntpdstartExample:servicentpdstopsame effect as/etc/init.d/ntpdstop
service – run a System Vinitscript
CST8177 – Todd Kelley
21
There are dangers associated with doing file system operations on "system directories" that might be used in system operation.For example, many programs will use the shared libraries in/usr/lib, which disappear if we move/usras we did earlier when we had to run/usr1/bin/rsyncAlso, there may come a time when the system won't boot properly: MBR corrupted, bad entry in/etc/fstab, inconsistent/file system
Installation DVD for rescue mode / Live CD
CST8177 – Todd Kelley
22
When you boot with a CD/DVD into rescue mode, you are running a differentLinux system installation (from the CD)However, because the rescue Linux system is running on your hardware, it can access the hard disks you have attached (where your "real" Linux system installation resides)Your "real" Linux installation is not running in rescue mode – it might even be brokenThe rescue system can let you make changes/repairs to that "real" Linux system which isn't even running
Rescue Mode
CST8177 – Todd Kelley
23
To boot into rescue modeensure BIOS boot order is set for booting from CD/DVD before Hard Drive (even in VMware – F2 to enter setup)insert the installation DVD into drive (or theisoimage into the virtual DVD drive)boot the systemtype "linuxrescue" at the prompt, or select the "Rescue" menu itemLinux will run "from" the DVD (Live CD), not from your file systems (your system is not running)It will offer to search for and mount your Linux file systems on /mnt/sysimage
linuxrescue
CST8177 – Todd Kelley
24
The Live CD Linux system can see your hard drives, and this is how you can repair or alter what is on those hard drivesYou need to remember that a Live CD Linux system is running from its own rootfilesystem(like dual boot?), so this meansthe users are different/etc/passwd/etc/shadow,etc(or should we say all of/etc) are differentthe services running, firewalling, and so on, are different
linuxrescue (cont'd)
CST8177 – Todd Kelley
25
Rescue mode / Live CD
CST8177 – Todd Kelley
26
/etc/ bin/dev/passwdlssdashadow bash sda1sda2
ramdisk(the root file system of the rescue system
/etc/ home/dev/fstabidallen/passwddonnelr
/dev/sda1 (your "real" root file system)
Fix /etc/fstabmount /dev/sda1 /mnt/sysimage(if it isn't already mounted – the rescue boot process probably offered to mount this for you)vi /mnt/sysimage/etc/fstabfix the problemsave and quitexit (to reboot)
linuxrescue example 1
CST8177 – Todd Kelley
27
fix MBR#our root file system is mounted on /mnt/sysimagechroot/mnt/sysimage# now / is our root file system!# our bootfilesystemis mounted on /bootgrub-install /dev/sdaWhoa! Thatchrootthing was neatchrootruns a program or interactive shell using the named directory as the root directoryDefault program is ${SHELL} –iThis simulates running off our system's root file system without going through its boot process
linuxrescue example 2
CST8177 – Todd Kelley
28
Thatchrootcommand did something very special, so let's be sure we understand what it didchroot/some/dirgives us a shell process where the/some/diris/for that shell processIn that shell process, any commands you run from its prompt and those resulting processes will work with that changed "root"They will use the/bin, /lib/, /etc...in the changed root
chroot
CST8177 – Todd Kelley
29
When we are running in rescue mode, and our "real" root file system is mounted on/mnt/sysimagethen the shell prompt we get fromchroot/mnt/sysimagewill "use" (because that's what it sees) our "real"/bin, /lib/, /etc... (our "real" root file system that resides on our disk)We can even start services from thatchroot-edprompt – they will run with our "real" root file system binaries(/bin) libraries (/lib) and configuration (/etc), but on the rescue kernel
rescuechroot/mnt/sysimage
CST8177 – Todd Kelley
30
The/devdirectory on modern Linux systems contains the device nodes, and these are managed byudevat boot timeWhen booting in rescue mode,udevputs device nodes foryourhardware (disks, partitions,etc) into/devYour "real" (non-rescue) root file system contains an empty/devdirectory (it looks full to you becauseudevpopulates it when you boot your real system!
rescue/dev
CST8177 – Todd Kelley
31
When the rescue system mounts your "real" root file system on/mnt/sysimage,it first creates a bind mount from/devto/mnt/sysimage/devso that when you dochroot/mnt/sysimagethe shell you get will see a populated/devinstead of theempty directoryThis is a good reason to know about bind mounts!
/mnt/sysimageand /dev
CST8177 – Todd Kelley
32
0
Embed
Upload