ICS 54: Selected Topics -- Brief Notes on Chapters 20, 21, 22, 24

UC Irvine, Information and Computer Science Department Winter 2000

ICS 54: Selected Topics -- Brief Notes on Chapters 20, 21, 22, 24

UNIX Processes

UNIX supports multiple concurrent processes

A "process" is the UNIX abstraction that
manages the Memory, CPU, and I/O resources
that comprise a running program.

Components of a Process

A process is the execution of a program/file.
Normally a process has the rights of the user causing the execution of the program.
UID and EUID = User ID and Effective User ID
The UID of a process is the user ID of the user causing its execution.
The EUID is the same as its UID unless the set user ID (suid) permission has been set for the file/program being executed, in which case the EUID is the user ID of (the owner of) the file/program.
suid permission can be set via chmod u+s
GID and EGID = Group ID and Effective Group ID
The GID of a process is the group ID of the user causing its execution.
The EGID is the same as its GID unless the set group ID (sgid) permission has been set for the file/program being executed, in which case the EGID is the group ID of the file/program.
sgid permission can be set via chmod g+s
PID = Process ID
PPID = Parent Process's ID
Priority and Nice Value
Control Terminal

The Life Cycle of a Process

     kidpid = fork();
     if (kidpid == 0) { /* child should exec somthing */ }
     else { /* parent can continue or wait */ }

Processes and Scheduling

ps: Print information about active processes. It does for processes what ls does for files.
See examples below.
kill [ -sig ] [ pid ]: Sends a signal sig to the process pid or the job %jobID
kill -l: Lists the signals. Most often used are HUP (1) and KILL (9)
at [ -m ] [ -f afile ] [-t whentime ] [ timespec ]: Read commands from a file afile (or from standard input) and group them together to be executed at a later time, whentime (format = "[[CC]YY]MMDDhhmm[.SS]") or timespec (almost colloquial format; e.g., "2pm next week" or "midnight tomorrow").
"-m" sends mail to the invoking user after the job is completed including standard output and standard error unless these have been redirected elsewhere.
crontab: Manages the cron daemon.
nice [ -level ] command [ argument ]: Run command at a "nice priority" of level which ranges from 1 to 19 (with 10 being the default if level is not specified) where 1 is the normal run priority and is more urgent than 19.
sleep time: Suspend execution for at least the integral number of seconds specified by the time operand.
wait [ pid ] [ %jobID ]: The shell itself (i.e., without creating a new process) waits until the the process pid (or job %jobID) exits.
zombie: A zombie is a child process which has exited but whose parent process has not yet coordinated with this via a wait
daemon: A daemon is a background process which performs a systems-related task.
Essential Daemons (System V):
    sched = swapping daemon, pid=0
    init = process control initialization, pid=1
    pageout = paging daemon, pid=2
    cron = clock daemon
    fsflush = periodically update the super block
    sendmail = send mail over the Internet
    lpsched = lpsched - printer daemon
    inetd = Internet services daemon

`ps` Examples

% ps -H
ps: illegal option -- H
usage: ps [ -aAdeflcjLPy ] [ -o format ] [ -t termlist ]
        [ -u userlist ] [ -U userlist ] [ -G grouplist ]
        [ -p proclist ] [ -g pgrplist ] [ -s sidlist ]
  'format' is one or more of:
        user ruser group rgroup uid ruid gid rgid pid ppid pgid sid
        pri opri pcpu pmem vsz rss osz nice class time etime stime
        f s c lwp nlwp psr tty addr wchan fname comm args
% ps
   PID TTY      TIME CMD
 17020 pts/3    0:01 tcsh
% ps -f
     UID   PID  PPID  C    STIME TTY      TIME CMD
   ics54 17020 17018  0 14:03:26 pts/3    0:01 -tcsh
% ps -u$USER | more
   PID TTY      TIME CMD
 17322 pts/5    0:00 more
 17212 pts/5    0:01 tcsh
 17020 pts/3    0:02 tcsh
 17332 pts/3    0:00 more
 17330 pts/5    0:00 vi
 17256 pts/5    0:01 vi
% ps -f -u$USER | more
     UID   PID  PPID  C    STIME TTY      TIME CMD
   ics54 17322 17212  0 14:41:18 pts/5    0:00 more
   ics54 17212 17210  0 14:34:16 pts/5    0:01 -tcsh
   ics54 17020 17018  0 14:03:26 pts/3    0:02 -tcsh
   ics54 17325 17212  0 14:42:14 pts/5    0:00 vi s1.txt s2.txt
   ics54 17327 17020  0 14:42:19 pts/3    0:00 more
   ics54 17256 17212  0 14:35:58 pts/5    0:01 vi ../c20.html

Periodic Processes

Started at system boot, the cron daemon uses the sh shell to execute commands
in various crontab files according to the periodic timetables those files specify.

crontab Installs, Edits, Lists, or Removes a user's crontab file

   crontab [ filename ]
   crontab -e [ username ]
   crontab -l [ username ]
   crontab -r [ username ]

/var/spool/cron/crontabs/ contains users' chrontab files
/var/spool/cron/cron.allow = list of allowed users
/var/spool/cron/cron.deny = list of denied users
If neither exists, only root can use chrontab.
If there is no cron.allow and cron.deny exists and is empty,
everyone can use chrontab.
Make a copy of your crontab entry before editing!
As we learn by Reading The Friendly Man:
If you inadvertently enter the crontab command with no argument,
do not attempt to get out by typing CTRL-D.
This removes all entries in your crontab file.
Instead, exit by typing your interrupt character (normally CTRL-C).

`crontab` Format


minutes hours day_of_month month day_of_week  command

Fields are separated by spaces or tabs

minutes = 0-59, *
hours = 0-23, *
day_of_month = 1-31, *
month = 1-12, *
day_of_week = 0-6, * 0=Sunday
command = Command to be run. % indicates NEWLINE.
Lines after the first line are stdin for the command.

Examples

0 0 * * 1-5 /usr/local/weekdays
0 0 * * 0,6 /usr/local/weekends
# days-daze runs on 1st, 15th, and every Monday
0 0 1,15 * 1  /home/guest/bin/days-daze
0 0  *   * 1  /home/guest/bin/Only-on-Mondays
# 0 1 * * * write guest % Good Guests Leave % by 1 a.m.
15 0 * * * /usr/etc/sa -s >/dev/null
15 4 * * * find /var/preserve -mtime +7 -a -exec rm -f {} ';'
40 4 * * * find / -name '#*' -atime +3 -exec rm -f {} ';'

Multiuser Concepts

logins and passwords for Authentication
various permission mechanisms for Authorization
scheduled maintenance and other system administration activities in off-hours
advanced notice to users
virtual memory, virtual cpu, virtual machine (for each user)
Security is always a Compromise between Convenience (of use) and Confidence (that things are safe/secure).

Administrative Interfaces:
Menus vs Commands

Menus lead you through tasks, presenting options and feedback
Commands give you flexibility and are easier to automate
Menus are easier for beginners
Commands allow/encourage/force you to learn what's "really happening."
Menus vary greatly among systems
Commands vary less

Password Files

/etc/passwd and /etc/shadow

`/etc/passwd`

World-readable (why?),
each line contains almost all the information about a user except that related to passwords, each line is separated into fields by colons (:)

% man -s 4 passwd

File Formats                                            passwd(4)

NAME
   passwd - password file

SYNOPSIS
   /etc/passwd

DESCRIPTION
   /etc/passwd is a local source of  information  about  users'
   accounts.  The password file can be used in conjunction with
   other   password   sources,   including   the    NIS    maps
   passwd.byname and  passwd.bygid and the NIS+ table  passwd .
   Programs use the getpwnam(3C) routines to access this infor-
   mation.

   Each  passwd  entry is a single line of the form:

   username:password:uid:gid:gcos-field:home-dir:login-shell

   where

   username  is the user's login name. It is  recommended  that
	     this  field  conform  to  the  checks performed by
	     pwck(1M).

   password  is an empty field. The encrypted password for  the
	     user   is   in  the  corresponding  entry  in  the
	     /etc/shadow file.  pwconv(1M) relies on a  special
	     value of 'x' in the password field of /etc/passwd.
	     If this value of 'x' exists in the password  field
	     of  /etc/passwd,  this indicates that the password
	     for the user is already in /etc/shadow and  should
	     not be modified.

   uid       is the user's unique numerical ID for the system.

   gid       is the unique numerical ID of the group  that  the
	     user belongs to.

   gcos-field
	     is the user's real name, along with information to
	     pass  along  in  a  mail-message heading.   (It is
	     called the gcos-field for historical reasons.)  An
	     ``&''  (ampersand)  in  this  field stands for the
	     login name (in cases where the login name  appears
	     in a user's real name).

   home-dir  is the pathname to the directory in which the user
	     is initially positioned upon logging in.

   login-shell
	     is the user's initial shell program. If this field
	     is empty, the default shell is /usr/bin/sh.

   The maximum value of the  uid and gid fields is  2147483647.
   To  maximize interoperability and compatibility, administra-
   tors are recommended to assign users a range  of   UIDs  and
   GIDs below 60000 where possible.

   The password file is an ASCII file.  Because  the  encrypted
   passwords  are  always  kept in the shadow file, /etc/passwd
   has general read permission on all systems and can  be  used
   by  routines  that  map  between numerical user IDs and user
   names.

   Previous releases used a password entry beginning with a `+'
   (plus  sign)  or `-' (minus sign) to selectively incorporate
   entries from NIS maps for password. If still required,  this
   is   supported   by   specifying   ``passwd  :  compat''  in
   nsswitch.conf(4). The "compat" source may not  be  supported
   in  future releases. The preferred sources are, "files" fol-
   lowed by "nisplus". This has the effect of incorporating the
   entire contents of the NIS+ passwd  table after the password
   file.

EXAMPLES
   Example 1: A sample passwd  file.

   Here is a sample passwd  file:

   root:q.mJzTnu8icF.:0:10:God:/:/bin/csh
   fred:6k/7KCFRPNVXg:508:10:& Fredericks:/usr2/fred:/bin/csh

   and the sample password entry from nsswitch.conf:

   passwd: files nisplus

   In this example, there are specific entries for  users  root
   and  fred to assure that they can login even when the system
   is running single-user.  In addition,  anyone  in  the  NIS+
   table   passwd  will be able to login with their usual pass-
   word, shell and home directory.

   If the password file is:

   root:q.mJzTnu8icF.:0:10:God:/:/bin/csh
   fred:6k/7KCFRPNVXg:508:10:& Fredericks:/usr2/fred:/bin/csh
   +

   and the password entry from nsswitch.conf is:

   passwd: compat

   then all the entries listed  in  the  NIS  passwd.byuid  and
   passwd.byname  maps  will  be effectively incorporated after
   the entries for root and fred.

....

SunOS 5.7           Last change: 14 May 1998

`/etc/shadow`

Readable only by root (why?),
each line contains information about a user login (name only) and password separated into fields by colons (:)

% man -s 4 shadow

File Formats                                            shadow(4)


NAME
   shadow - shadow password file

DESCRIPTION
   /etc/shadow is an access-restricted ASCII system  file  that
   stores  users'  encrypted passwords and related information.
   The shadow file can be used in conjunction with other shadow
   sources,   including   the   NIS   maps   passwd.byname  and
   passwd.byuid and the NIS+ table passwd .  Programs  use  the
   getspnam(3C) routines to access this information.

   The fields for each user entry are separated by colons. Each
   user  is  separated  from  the next by a newline. Unlike the
   /etc/passwd file, /etc/shadow does  not  have  general  read
   permission.

   Each entry in the shadow file has the form:

   username:password:lastchg:min:max:warn:inactive:expire:flag

   The fields are defined as follows:

   username  The user's login name (UID).

   password  A 13-character encrypted password for the user,  a
	     lock  string  to  indicate  that  the login is not
	     accessible, or no string, which shows  that  there
	     is no password for the login.

   lastchg   The number of days between January  1,  1970,  and
	     the date that the password was last modified.

   min       The minimum number of days required between  pass-
	     word changes.

   max       The maximum number of days the password is valid.

   warn      The number of days before  password  expires  that
	     the user is warned.

   inactive  The number of days of inactivity allowed for  that
	     user.

   expire    An absolute date specifying when the login may  no
	     longer be used.

   flag      Reserved for future use, set  to  zero.  Currently
	     not used.

   The encrypted password consists of 13 characters chosen from
   a  64-character  alphabet  (., /, 0-9, A-Z, a-z).  To update
   this file, use the passwd(1), useradd(1M), usermod(1M), or
    userdel(1M) commands.

   In  order  to   make   system   administration   manageable,
   /etc/shadow  entries should appear in exactly the same order
   as
    /etc/passwd entries;  this includes ``+'' and ``-'' entries
   if the compat source is being used (see nsswitch.conf(4)).

...

SunOS 5.7           Last change: 10 Dec 1991

Comments are welcome.
Current as of 28 February 2000
HTML 4.01 Checked.