LECTURE 5:

INFO 1211 – OPERATING SYSTEM’S PRINCIPLES AND APPLICATIONS

DAVID WANG
COMPUTING SCIENCE AND INFORMATION TECHNOLOGY
OUTLINE
• UNIX process
• System Administration
THE PROCESS
• An instance of a program in execution
• could be multiple instances of same program in execution
• Created by another process as its child
• init as the first process with PID = 1
• Can be killed or stopped by sending it a signal
• Similar to files
• Arranged in a hierarchical structure
• A parent can have multiple children
• A child can have only one parent
• Attributes held in a separate structure
• process: process table
• file: inode
PROCESS ID
• Process is identified by a unique PID (Process ID)
• The ps command displays
• processes
• PIDs
• the command associated with them
• other process information
DISPLAYING PROCESS ATTRIBUTES
$ ps

process ID total CPU name of the command

number usage that issued the process

PID TTY TIME CMD

5113 pts/0 00:00:00 bash
9240 pts/0 00:00:00 ps

controlling terminal of the process (who)

PS OPTION
• -e option
• all processes including user and system processes
• -f option
• to generate a full listing name of the
• Example command that
process ID parent process total CPU issued the
• $ ps -ef number ID number usage process

UID PID PPID C STIME TTY

TIME CMD
root 1 0 0 Jul11 ?
00:01:35 init [3]
root 2 1 0 Jul11 ?
00:00:21 [ksoftirqd/0]
root 3 1 0 Jul11 ?
00:00:00 [events/0]
...

wcai CPU usage

31770 and
31737 0 starting 19:21
time controlling
? terminal
00:00:00 of
sshd: wcai@notty
wcai 31771
scheduling
31770
of the process
0 19:21
the
?
process
00:00:00
(who)
THE PROCESS CYCLE
• Parent forks a child by first replicating its own process
image
• Child execs (overwrites) this image with that of another
program
• While child is running, parent may
• wait for child to complete execution (foreground execution)
• continue with its other tasks (background execution)
• Process terminates and parent picks up exit status of
child
• Kernel removes entry for dead child from process table
PROCESS ATTRIBUTE
• Not Inherited by Child • Inherited by Child
• PID • Real UID and GID
• PPID • Effective UID and GID
• Current directory
• File Descriptors
• UMASK Value
• Environment Variables
ENVIRONMENT VARIABLE
• A local variable is not visible in child processes
$ x=5
$ sh Create a child process
$ echo $x
$_ No value!
• Environment variable is visible in all child processes
$ x=5 ; export x
$ sh
$ echo $x
5
• Changes on child’s environment variable is not available in
parent
$ x=7 Value in child
$ exit
$ echo $x
5 Value in parent
UID AND GID
• In Unix, each process has a "persona".
• tells the process (and other processes) who exactly is
running the process
• what permissions are given to the process
• IDs
• real UID and real GID
• attributes that relate to a file
• present the UID and GID of user running the program
• effective UID and effective GID
• generally same to real UID and real GID
• some processes behave differently
SUID & SGID
• Three Groups of UNIX Permissions: owner, group, and
others
• Fourth set of permissions
• SUID: set user id on executing
• let a process have the privileges of the owner of the file
during the instance of the program
• SGID: set group id on executing
• let the group owner of the process to have the same power
as the group that owns the file/program
PROCESS PERMISSIONS
• Example
• $ ls -l /bin/cat /usr/bin/passwd
-rwxr-xr-x 1 root bin 10260 Jan 22 2005 /bin/cat
-rwsr-xr-x 1 root sys 27284 Jun 12 2012
/usr/bin/passwd
set-user-id (SUID)

• user dawang (me) runs cat

• real and effective UIDs of cat process are dawang
• dawang can not use cat to open a file that is readable only by
root (why?)
• user dawang runs passwd
• real ID is dawang
• effective ID is root
• passwd process run by dawang can open any file that is
readable only by root (this is the reason why you can change
your “gator” password on your own behalf)
https://docs.oracle.com/cd/E19120-01/open.solaris/819-2379/userconcept-17/index.html
PROCESS PRIVILEGES
• set user ID & set group ID permissions – 3rd permission in
the owner and group clusters resp. is set to s instead of x
• Example:
• rwsr-s--x
• Any user can execute this program
• The running program becomes a process inheriting the
persona of the user that started it
• But, the set user and group ID permissions force the
process effective user ID and effective group ID to change
to program’s own IDs
SET PERMISSIONS
• SUID and GUID can be set with the command chmod
• $ chmod u+s filename(s)
• set the setuid bit
• $ chmod g+s filename(s)
• set the setgid bit
• The permission on the file will change to -rws--s--x
• Or numerically
• chmod 4777 - setuid and read/write/execute for everyone
• chmod 2777 - setgid and read/write/execute for everyone
• chmod 6777 - setuid and setgid
SET PERMISSION EXAMPLE
"chmod 6711 file" will set both the setuid and setgid bits
(2+4=6), making the file read/write/executable for the owner (7),
and executable by the group (first 1) and others (second 1).

When a user other than the owner executes the file, the process
will run with user and group permissions set upon it by its owner.

For example, if the file is owned by user root and group wheel, it
will run as root:wheel no matter who executes the file.
SET PERMISSION EXAMPLE
• Given
• -rwx-----x 1 dmah staff 6335 Jun 12 09:49 my_cgi
• read/write/execute for the owner and execute for others
• Perform
• $ chmod u+s my_cgi
• $ chmod g+s my_cgi
• Result
• -rws--S--x 1 dmah staff 6335 Jun 12 09:49 my_cgi
• The first 's' means SUID
• The second ‘S' means SGID
• capitalized because the group does not have execute
permission on the file
SETUID AND SETGID ON DIRECTORIES
• Setting the setuid permission set on a directory
• Ignored on UNIX and Linux systems
• FreeBSD can be configured to interpret it analogously to
setgid
• Setting the setgid permission on a directory
• new files and subdirectories created within it to inherit its
group ID, rather than the primary group ID of the user who
created the file
• the owner ID is never affected, only the group ID
• Only affects the group ID of new files and subdirectories
created after the setgid bit is set, and is not applied to
existing entities
PROCESS STATES
• At any instant of time, a process is in a particular state
• runnable
• running
• sleeping
• suspended
• zombie
CHECKING PROCESS STATES
• $ ps -l
FS UID PID PPID C PRI NI ADDR SZ WCHAN TTY TIME CMD
0O 9853 2039 2015 0 40 20 ? 245 pts/3 0:00 ps
0S 9853 2015 2011 0 40 20 ? 457 ? pts/3 0:00 bash
0S 9853 2011 2005 0 98 20 ? 261 ? pts/3 0:00 csh

• Symbols
• O: Running on CPU
• S: Sleeping
• R: Runnable
• T: Suspended
• Z: Zombie
STATE PROBLEM
• when child dies before parent
• Child leaves behind exit status in process table
• Child turns to zombie state
• Parent may
• pick up exit status; child is now completely dead
• the reason for waiting
• may not wait; child continues to remain in zombie state
• Zombies can’t be killed
• shown as <defunct> in ps output
• when parent dies before child
• Child adopted by init
• PPID of child changes to 1
• When child dies, init picks up the exit status
SIGNALS
• Notification of occurrence of an event
• Every signal associated with a default action (disposition)
• Process may
• perform the default action
• ignore the signal
• catch the signal and invoke a signal-handling function
• 2 signals can’t be ignored or caught
• SIGSTOP
• SIGKILL
• The keyboard and kill command generate signals
• Keyboard issues only a few: SIGINT, SIGQUIT and SIGTSTP
• But the kill command can generate any signal
SIGNALS
Signal Number
Signal
Function
Solaris Linux Name

1 1 SIGHUP hangup – modem connection is broken; restarts a demon

2 2 SIGINT terminal interrupt – user hits interrupt key

3 3 SIGQUIT quit from terminal - process produce a core dump file

9 9 SIGKILL Surest kill – can’t be trapped

15 15 SIGTERM default termination signal used by kill command

24 24 SIGTSTP suspends process - user hits [ctrl-z]

18 17 SIGCHILD child terminates – kernel sends signal to parent

suspends process – background process attempts to read
26 21 SIGTTIN
from terminal
suspends process – background process attempts to
27 22 SIGTTOU
write to terminal (with sty tostop)
KILL A PROCESS
• The kill command
• internal command (/bin/kill if the shell lacks kill capability)
• usually with the intention of killing the process
• by default sends SIGTERM (15) signal
• Usage
• $ kill options PID(s)
• Example
• $ kill 105
• $ kill -s SIGTERM 105
• $ kill -s TERM 105
• Kill parent to kill all its children
• exception with nohup command
• init acquires their parentage
KILL
• Even though kill is normally used to kill a process, the
term is a misnomer. It can also suspend a process or
resume a suspended process.
• $ kill -l
• show the list of signals
• numbering scheme is not standard
• should use signal names and not numbers when using kill
• If the default SIGTERM signal is ignored by the process,
then kill should be used with SIGKILL, since this signal
can’t be ignored or caught.
• $ kill -s KILL 121
• $ kill -9 121
EXIT CODE
• Every Unix process terminates with an exit value
• zero means successful completion
• nonzero means failure
• Local variable ‘$?’ always contains the value of the exit code
of the previous command
• $ date
Tue Sep 10 20:17:56 PDT 2002
• $ echo $?
0
• $ fg
ksh: fg: 0403-002 The specified job does not exist.
• $ echo $?
1
EXIT CODE (CONT.)
Any script should include an explicit exit statement
… commands
exit 2
Otherwise, the exit value will be the one of the last script
command
WAITING FOR SUBSHELL
• A shell may wait for one or more of its child processes
• To make your shell wait, issue the built-in command
• $ wait
• The shell prompt will not return until all background
processes are finished
• $ wait 231
• Pause until the background process 231 finishes
executing
• Returns the same exit status as process 231
WAITING FOR SUBSHELL (CONT.)
• One can send interrupt signal to the subshell to exit the
wait command immediately
• $ wait
[ctrl-C]
• This will not kill the background processes
• To wait for the most recent background process
• $ wait $!
RUNNING A JOB IN BACKGROUND
• Job is run in background with &
• When you start a process in the background, the system
displays the job ID and PID associated with the
background process
• Background jobs can’t be killed by using interrupt key
• Background job could be terminated on logout
• Job run with nohup and & continues to run even after
logging out
• the shell (parent) dies while the job (child) is still running
• init acquires parentage of job whose parent dies before the
job
JOB CONTROL
$ (sleep 10; echo done)&
[1] 5664 process ID parent process total CPU name of the command
number ID number usage that issued the process
$ ps -f
UID PID PPID C STIME TTY TIME CMD
wcai 5113 5112 0 20:33 pts/0 00:00:00 -bash
wcai 5664 5113 0 20:33 pts/0 00:00:00 -bash
wcai 5665 5664 0 20:33 pts/0 00:00:00 sleep 10
wcai 5666 5113 0 20:33 pts/0 00:00:00 ps -f
wcai@mylinux:~> done
controlling terminal of the process (who)
[1]+ Done (sleep 10; echo done)
JOB CONTROL COMMANDS
• Job control supported by most shells but not Bourne
• List all jobs
• $ jobs
• To locate the jobs to be access
• number (%number)
• name (%name)
• string embedded in name (%?string)
• Suspending a job
• [ctrl-z]
• $ suspend
JOB CONTROL COMMANDS
• Bring a background job to foreground
• $ fg %your-job-name (e.g., find, vi, etc.)
• Bring a foreground job to background
• $ bg %your-job-name (e.g., find, vi, etc.)
• Job control scheme also includes a built-in kill command
with a job identifier as argument (kill %find)
• $ kill %your-job-name (e.g., find, vi, etc.)
WHEN A PROCESS IS CREATED AND WHEN IT IS NOT

• External command executed in a separate process.

• Internal shell command executed without creating a
process.
• Shell script executed in separate sub-shell which runs
commands in script.
• Startup shell script (like .profile) executed without
creating a process for script.
• Alias executed without creating a separate process for
alias.
SCHEDULE A JOB
• UNIX provides facilities to schedule jobs to run at a
specified time of day.
• at: One-Time Execution
• $ at 15:20
at> who > atTest
at> [Ctrl-d]
job 33472 at 2008-09-19 15:20
• cron and crontab: Running jobs periodically
• cron is a daemon process, checking the crontab file for
instructions to be performed at that instant
• crontab is a file which stores the scheduled jobs
CRONTAB
• crontab –l : displays your crontab file contents
• crontab –r: removes the content of your crontab file
• Each crontab entry has six fields
* * * * * command to be executed
- - - - -
| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (00 - 59)

• A * used in any of the first five fields matches any valid value
• A set of numbers is delimited by a comma. 3,6,9 is a valid field
specified
• Ranges are possible and not be restricted to a single digit. 00-10
includes all integer values between 0 and 10.
SYSTEM ADMINISTRATOR
• Every Unix needs to be administered
• This task is usually entrusted to a single person – the
system administrator
• The administrator mainly uses the root user-id for
performing his/her duties
• The root account and its password are automatically
created at the time of installation of operating system
SYSTEM ADMINISTRATION
RESPONSIVITIES
• System starting & stopping
• File maintenance & backup
• User accounts management
• Software install
• Device install & configuration
• Repetitive tasks automation
• System accounting
• Kernel configuration
• System security
SUPER USER
• Play it safe
• the administrator doesn’t need root all the time
• switch from common account to the superuser if necessary
• The su command (substitute user)
• Log as a regular user
• If root privileges needed, use su to log as root
• Avoid inadvertent errors
• Let su keep a log
• Usage:
• $ su [options] [commands]
• By default, su means su root (requires a password)
• su can be used to switch to non-privileged users
• $ su alice
ADMINISTRATOR’S PRIVILEGES
• The superuser has enormous powers
• any command invoked by superuser has a greater chance of
success than when issues by others
• The superuser can:
• Change the contents or attributes of any file
• Initiate or kill any process (except the essential ones for system)
• Change any user’s password without knowing the existing one
• Use date to set the system clock
• Address all users concurrently with wall
• Limit the maximum size of files for users to create with ulimit
• Control user’s access to the scheduling services like at and cron
• Control user’s access to networking services like FTP, SSH, etc.
USER ADMINISTRATION
• Adding Users create-home

• The useradd command adds a user to the system

• $ useradd -u 210 -g dba -c “THE RDBMS” -d /home/oracle -s /bin/ksh -m oracle

UID group comment home shell new user

directory name
• Modifying Users
• The usermod is used for modifying some of the parameters
• $ usermod -s /usr/bin/bash oracle

• Removing Users
• The userdel command removes all user entries
• $ userdel oracle
/etc/passwd
• Every user of the system has an entry in /etc/passwd
• Entry format in /etc/password
• User details, for example, name, address, and so on
• Used at the front of the email address for this user

Username:Password:UID:GID:comment:HomeDir:LoginShell

no longer stores the

password encryption

Every line in /etc/passwd associated with an entry in /etc/shadow

The encrypted passwords are stored in /etc/shadow

• Example:
• $ grep dawang /etc/passwd
dawang:x:9853:2000:David Wang:/gator1/dawang:/usr/bin/csh
/etc/group
• A group is associated with a separate set of privileges
• A group is comprised of one or more members
• People working on a common project are placed in the
same group, so they are able to read one another’s file
• Every group has an entry in the /etc/group file
• groupname:groupPassword:groupId:users
• Example:
• $ grep student /etc/group
student::2000:
RESTRICTED SHELL
• The administrator can set up a user account with a special
restricted shell like rbash or rksh
• Has to be specified in the last field of /etc/passwd
• A user with a restricted shell can not:
• Use the cd command
• Redefine the PATH
• Redefine the SHELL
• Use a pathname containing a /
• Use the > and >> operators
• A user can only execute programs in the directory
specified in a new unchangeable PATH
BOOTING AND SHUTDOWN
• The startup and shutdown procedures are controlled by
automated shell scripts
• The administrator needs to know the exact sequence of
steps the system follows during the two events
• Things do go wrong, especially during startup, and the
administrator must be able to fix them
BOOTING
• After a machine is powered on, the system looks for all
peripherals, and then goes through a series of steps that
ultimately lead to the loading of the kernel into memory
• The kernel then spawns init process which in turn spawns
further processes
• init maintains the system at a specific run level (state) and
decides which processes to run for each run level
• init is the parent of all system daemons that keep running
all the time
• init spawns a getty process at every terminal
• so that users can login
• init becomes the parent of all shells
RUN LEVELS
• Each run level is normally a single digit (0 to 6), or an s or S
• 0 – system shutdown
• 1 – system administration mode (local file systems mounted)
• 2 – multiuser mode (network file system not available)
• 3 – full multiuser mode
• 5 – the graphical environment mode in linux
• 6 – shutdown and reboot mode
• s or S – single-user mode (file systems mounted)
• A distinct set of processes is scheduled to run in each of
these states
• Run levels are specified in /etc/inittab
• Contains records associating processes with run level and system
action
SHUTDOWN
• Uses the shutdown command to shut the machine down
• Notifies users with wall
• the system going down
• a directive to log out
• After sleeping for a minute, shutdown performs:
• Sends signals to all running processes to terminate normally
• Logs users off and kills remaining processes
• Unmount all secondary file systems using the umount command
• Invokes sync to write all memory restricted data to disk to
preserve the integrity of the file system
• Notifies users to reboot or switch off, or remove the system to
single user-mode
FILE SYSTEMS
• A file system is organized in the form of a directory
structure with its own root
• Modern UNIX systems are set up with multiple file
systems, each meant for a specific purpose
• Every disk must have at least one file system on it
• Advantages of dividing a disk into multiple files systems:
• Separate file system prevents potential encroachment
conflicts that may arise between the various data areas
• Data corruption in one area will not effect data in other file
systems
• Each file system can be backed up separately onto a
single volume of tape.
FILE SYSTEM COMPONENTS
• contains a small boot program and the partition table
boot block • the boot program is responsible for the eventual
loading of the kernel into memory.

• contains global information about the file system (list

of indoes and data blocks)
superblock • UNIX refuses to boot if the superblock is corrupt. To
overcome this problem, many systems have multiple
superblocks written on different areas of the disk

inode blocks • contains the inode for every file of the file system

• all data and programs created by users reside in this

data blocks
area
MOUNTING & UNMOUNTING
FILE SYSTEMS
• When a file system is created, the root file system doesn’t
even know of its existence
• All secondary file systems mount (attach) themselves to
the root file system by mounting process
• mount
• The mount command is used to mount file systems
• $ mount -t ext2 /dev/hda3 /wcai/edisk
• umount
• The umount command is used to unmount file systems
• Unmounting a file system is sometimes not possible
• $ umount /wcai/edisk
FILE SYSTEM MAINTENANCE
• File system integrity check
• Disk usage
• Creating new file systems
• Backing up file systems
FILE SYSTEM CHECK
• Use utility fsck to check the integrity of a file system
• Run by the init process as part of the system initialization
• If the file system is consistent
• merely reports on the number of files, used blocks, and
free blocks in the file system
• If the file system is inconsistent
• reports the inconsistencies found and prompts for
permission to repair them
• fsck is conservative in its repair efforts and tries to avoid
actions that might result in the loss of valid data
• In certain cases, it may recommend the destruction of a
damaged file
MANAGING DISK SPACE
• There will always be a scramble for disk space
• The administrator must regularly scan the disk and locate
files that have outlived their utility
• df (Disk Free)
• The df command reports the amount of free space available
for each file system separately
• du (Disk Usage)
• The du command helps you find out the consumption of a
specific tree
• find
• The find command can test a file for practically every
attribute
• Often uses the -size keyword to locate large files:
• $ find /home –size +2048 -print
DISK USAGE
• Monitor available space on a device
• Write a script that runs the df utility and warns you if a
device is too full
• Schedule cron to run periodically the script
• Use du -s . to display the total disk usage for the working
directory
• Assign quotas for individual users
• May specify the maximum number of files and the
maximum number of blocks that a particular user is
allowed to create
• It is fairly complicated to add quotas
BACKING UP
• Performing regular backup is CRITICAL
• a crash can occurred anytime and a lot of data will be lost
• The administrator is partly responsible for the data safety
• which files should be backed up
• the periodicity of such backups
• Backups are effective only if files can be easily restored
• tar command can be used as a backup and a restore tool
• The backup device can be a tape or a floppy diskette
BACKUP POLICY
• There is no one-size-fits-all back up policy
• Principle: backups be done frequently and regularly
• Guidelines
• Make sure you can recover from major losses
• Check your backups periodically
• Keep old backups & develop a regular cycle for reusing
your backup media
• Check file systems before backing up
• Ensure files are not in use during a backup
• Back up your system before major changes are made to
the system
INSTALLING SOFTWARE
• Before installation, necessary to check
• adequate disk space
• installed physical memory to run the program
• impact of an installation on users
• Processor's serial number based licensing
• The manufacturer ask for serial number from your processor
• Use the serial number to create a lock for the software
• Each time the software starts up on the computer, it checks
the lock to make sure that it's still installed on the computer
it's licensed to run on
INSTALLING SOFTWARE
• The local software was installed in the /usr/local directory
• Over time vendors create different directories
• It is important to maintain some logic to the structure so
that you (an others) can find what you’re looking for
• There are two ways to install software:
• Create a directory for the software and put everything it
needs (except, perhaps, system files) under that directory
• Put only software in such a central directory and to put any
configuration, header or library files needed in a more
centralized location for those type of files
INSTALLING A DEVICE
• For a system to be able to talk to a new device, the
hardware must be connected and the software must be
installed or activated
• The basic steps of device installation are as follows:
• Install the device driver if it isn’t currently in the kernel and
if loadable device drivers are not used
• Determine the device’s major and minor numbers
• Use mknod to associate a filename in “/dev” with the new
device
NETWORK INTERFACES
• Getting a UNIX machine connected to local network
• Connected to network cable (or wireless access point)
• Request an IP address and a hostname
• the rest of the network will need to be made aware of this
name and address
• Dynamic Host Configuration Protocol (DHCP)
• Use ifconfig command to configure the network interface
• To communicate with any other computer that is not
directly connected to the same network cable
• Use route command to specify routing information
• Look at your current route table with the netstat command
using the -r option
ACCOUNTING
• The system administrator is responsible for collecting and
reporting on the use of various system resources by
users and groups
• The accounting information can be used to
• Bill users for the use of system resources
• Monitor various aspects of the system's operation
• Assess the adequacy of current resources
• Set resource limits and quotas
• Forecast future needs
TYPE OF ACCOUNTING DATA
• Connect-Time:
• Turned on if the file /usr/adm/wtmp exists
• A record of the login time, user ID, and logout time of every
connection
• Process Data:
• Turned on by running the accton utility
• A record of the user ID, memory usage, and CPU usage of every
process is appended to the /usr/adm/acct file
• The sa utility may be used to report the information in this file
• Disk-Usage
• Turned on by setting cron to run the dodisk utility periodically on
specified files
• Printer-Usage
• Toggled by an entry in the /etc/printcap file
• Every printer records its job information in the /usr/adm directory
• The pac utility can generate reports from this information