Php5 Hosting, Mysql, Java, Jsp, Linux Web Hosting - Servlet, Tomcat, Ssh Blog

Chapter 31. The /proc File System The /proc file system is specific to GNU/Linux. It is a virtual file system, so the files that you will find in this directory do not actually take up any space on your hard drive. It is a very convenient way to obtain information about the system, especially since most files in this directory are human readable (well, with a little help). Many programs actually gather information from files in /proc, format it in their own way and then display the results. There are a few programs which display information about processes (top, ps and friends) which do exactly that. /proc is also a good source of information about your hardware, and just like the programs which display processes, quite a few programs are just interfaces to the information contained in /proc. There is also a special subdirectory, /proc/sys. It allows you to display kernel parameters and to change them, with the changes taking effect immediately. 1. Information About Processes If you list the contents of the /proc directory, you will see many directories where the name of the directory is a number. These are the directories containing information on all processes currently running on the system: $ ls -d /proc/[0-9]* /proc/1/ /proc/302/ /proc/451/ /proc/496/ /proc/556/ /proc/633/ /proc/127/ /proc/317/ /proc/452/ /proc/497/ /proc/557/ /proc/718/ /proc/2/ /proc/339/ /proc/453/ /proc/5/ /proc/558/ /proc/755/ /proc/250/ /proc/385/ /proc/454/ /proc/501/ /proc/559/ /proc/760/ /proc/260/ /proc/4/ /proc/455/ /proc/504/ /proc/565/ /proc/761/ /proc/275/ /proc/402/ /proc/463/ /proc/505/ /proc/569/ /proc/769/ /proc/290/ /proc/433/ /proc/487/ /proc/509/ /proc/594/ /proc/774/ /proc/3/ /proc/450/ /proc/491/ /proc/554/ /proc/595/ Note that as a user, you can (logically) only display information related to your own processes, but not those of other users. So, login as root and see what information is available from process 1, which is the init process and is the one responsible for starting up all other processes: $ su Password: # cd /proc/1 # ls -l total 0 -r——–1 root root 0 Aug 15 18:14 auxv -r–r–r–1 root root 0 Aug 15 18:14 cmdline

420

7. File Attributes 4. i ( immutable ): a file or directory with this attribute set can not be modified 3 at all: it cannot be renamed, no further link can be created to it and it cannot be removed. Only root can set or clear this attribute. Note that this also prevents changes to access time, therefore you don’t need to set the A attribute when i is set. 5. s ( secure deletion ): when a file or directory with this attribute is deleted, the blocks it was occupying on disk are overwritten with zeroes. 6. S ( Synchronous mode ): when a file or directory has this attribute set, all modifications on it are synchronous and written to the disk immediately. For example, you may want to set the i attribute on essential system files in order to avoid bad surprises. Also, consider the A attribute on man pages: this prevents a lot of disk operations and, in particular, can save some battery life on laptops. Be sure to understand what adding a link means, both for a file and a directory!

7. File Attributes You cannot link directories to avoid creating loops in the file system. But you can make a symlink point to a directory and use it as if it were actually a directory. Symbolic links are therefore very useful in several circumstances, and very often, people tend to use them to link files together even when a normal link could be used instead. One advantage of normal linking, though, is that you do not lose the file if you delete the original one . Lastly, if you observed carefully, you know what the size of a symbolic link is: it is simply the size of the string. 7. File Attributes The same way that FAT has file attributes (archive, system file, invisible, read- only), a GNU/Linux file system has its own, but they are different. We will briefly go over them here for the sake of completeness, but they are very seldom used. However, if you really want a secure system, read on. There are two commands for manipulating file attributes: lsattr and chattr. You probably guessed it, lsattr LiSts attributes, whereas chattr CHanges them. These attributes can only be set on directories and regular files. The following are some of the attributes possible, for a complete list please refer to chattr(1): 1. A ( no Access time ): if a file or directory has this attribute set, whenever it is accessed, either for reading or for writing, its last access time won’t be updated. This can be useful, for example, on files or directories which are often accessed for reading, especially since this parameter is the only one which changes on an inode when it is open read-only. 2. a ( append only ): if a file has this attribute set and is open for writing, the only operation possible will be to append data to its previous contents. For a directory, this means that you can only add files to it, but not rename or delete any existing file. Only root can set or clear this attribute. 3. d ( no dump ): dump is the standard UNIX utility for backups. It dumps any file system for which the dump counter is 1 in /etc/fstab (see chapter Chapter 32, File Systems and Mount Points [433]). But if a file or directory has this attribute set, unlike others, it will not be taken into account when a dump is in progress. Note that for directories, this also includes all sub-directories and files under it.

6. Symbolic Links, Limitation of Hard Links we first explain what symbolic links ( soft links, or even more often symlinks ) are. Symbolic links are files of a particular type whose sole content is an arbitrary string, which may or may not point to an existing file. When you mention a symbolic link on the command line or in a program, in fact, you access the file it points to, if it exists. For example: $ echo Hello >myfile $ ln -s myfile mylink $ ls -il total 4 169 -rw-rw-r–1 queen queen 6 Dec 10 21:30 myfile 416 lrwxrwxrwx 1 queen queen 6 Dec 10 21:30 mylink -> myfile $ cat myfile Hello $ cat mylink Hello You can see that the file type for mylink is l, for symbolic Link. The access rights for a symbolic link are not significant: they will always be rwxrwxrwx. You can also see that it is a different file from myfile, as its inode number is different. But it refers to it symbolically, therefore when you type cat mylink, you will in fact print the contents of the myfile file. To demonstrate that a symbolic link contains an arbitrary string, we can do the following: $ ln -s “I’m no existing file” anotherlink $ ls -il anotherlink 418 lrwxrwxrwx 1 queen queen 20 Dec 10 21:43 anotherlink -> I’m no existing file $ cat anotherlink cat: anotherlink: No such file or directory $ But symbolic links exist because they overcome several limitations encountered by normal ( hard ) links: You cannot create a link to an inode in a directory which is on a different file system to the said inode. The reason is simple: the link counter is stored in the inode itself, and inodes cannot be shared between file systems. Symlinks allow do this;

6. Symbolic Links, Limitation of Hard Links $ dd if=/dev/fd0 of=/dev/null You should have observed the following: the first time the command was launched, the entire content of the floppy was read. The second time you executed the command, there was no access to the floppy drive at all. This is because the content of the floppy was buffered the first time you launched the command and you did not change anything on the floppy between the two instances. But now, if you want to print a big file this way (yes it will work): $ cat /a/big/printable/file/somewhere >/dev/lp0 The command will take as much time, whether you launch it once, twice or fifty times. This is because /dev/lp0 is a character mode file, and its contents are not buffered. The fact that block mode files are buffered has a nice side effect: not only are reads buffered, but writes are buffered too. This allows for writes to the disks to be asynchronous: when you write a file on disk, the write operation itself is not immediate. It will only occur when the Linux kernel decides to execute the write to the hardware. Of course, if you need it can be overridden for a certain filesystem; take a look at the sync and async options at the mount(8) man page and also at Section 7, File Attributes [418] for more details. Finally, each special file has a major and minor number. On a ls -l output, they appear in place of the size, as the size for such files is irrelevant: $ ls -l /dev/hdc /dev/lp0 brw-rw—-1 queen cdrom 22, 0 Feb 23 19:18 /dev/hdc crw-rw—-1 root root 6, 0 Feb 23 19:17 /dev/lp0 Here, the major and minor of /dev/hdc are 22 and 0, whereas for /dev/lp0, they are 6 and 0. Note that these numbers are unique per file category, which means that there can be a character mode file with major 22 and minor 0, and similarly, there can be a block mode file with major 6 and minor 0. These numbers exist for a simple reason: it allows the kernel to associate the correct operations to these files (that is, to the peripherals these files refer to): you don’t handle a floppy drive the same way as, say, a SCSI hard drive. 6. Symbolic Links, Limitation of Hard Links Here we have to face a very common misconception, even among UNIX users, which is mainly due to the fact that links as we have seen them so far (wrongly called hard links) are only associated with regular files (and we have seen that it is not the case since even symbolic links are linked ). But this requires that

5. Special Files: Character Mode and Block Mode Files /proc/3/ /proc/4/ /proc/5/ [1]+ Done ls -F –show-control-chars –color=auto -d . /proc/[0-9] >a_pipe $ Similarly, reads are also blocking. If we execute the above commands in the reverse order, we will see that head blocks, waiting for some process to give it something to read: $ head -5 the_same_pipe /proc/1/ /proc/2/ /proc/3/ /proc/4/ /proc/5/ [1]+ Done head -5

4. Anonymous Pipes and Named Pipes One thing that you will not notice in this example (because it happens too fast for one to see) is that writes on pipes are blocking. This means that when the ls command writes to the pipe, it is blocked until a process at the other end reads from the pipe. In order to visualize the effect, you can create named pipes, which unlike the pipes used by shells, have names (i.e.: they are linked, whereas shell pipes 2 are not). The command to create a named pipe is mkfifo: $ mkfifo a_pipe $ ls -il total 0 169 prw-rw-r–1 queen queen 0 Aug 6 19:37 a_pipe| # # You can see that the link counter is 1, and that the output shows # that the file is a pipe (’p'). # # You can also use ln here: # $ ln a_pipe the_same_pipe $ ls -il total 0 169 prw-rw-r–2 queen queen 0 Aug 6 19:37 a_pipe| 169 prw-rw-r–2 queen queen 0 Aug 6 19:37 the_same_pipe| $ ls -d /proc/[0-9] >a_pipe # # The process is blocked, as there is no reader at the other end. # Type Control Z to suspend the process… # [1]+ Stopped ls -F –show-control-chars –color=auto -d . /proc/[0-9] >a_pipe # # …Then put in into the background: # $ bg [1]+ ls -F –show-control-chars –color=auto -d /proc/[0-9] >a_pipe & # # now read from the pipe… # $ head -5

4. Anonymous Pipes and Named Pipes Now, if we do: $ rm a $ ls -il b 32555 -rw-r–r–1 queen queen 0 Aug 6 19:26 b $ We see that even though we deleted the original file , the inode still exists. But now, the only link to it is the file named /home/queen/example/b. Therefore a file in UNIX has no name; instead, it has one or more link(s) in one or more directories. Directories themselves are also stored in inodes. Their link count coincides with the number of sub-directories within them. This is due to the fact that there are at least two links per directory: the directory itself (represented by the entry .) and its parent directory (represented by ..). So a directory with two sub-directories will have at least four links: ., .. and links for each sub-directory. Typical examples of files which are not linked (i.e.: have no name) are network connections. You will never see the file corresponding to your connection to the Mandriva Linux web site [http://www.mandrivalinux.com] in your file tree, no matter which directory you look in. Similarly, when you use a pipe in the shell, the inode corresponding to the pipe exists, but it is not linked. Temporary files are another example of inodes without names. You create a temporary file, open it, and then remove it. The file exists while it’s open, but nobody else can open it (as there is no name to open it). This way, if the application crashes, the temporary file is removed automatically. 4. Anonymous Pipes and Named Pipes Let’s get back to the example of pipes, as it is quite interesting and is also a good illustration of the links notion. When you use a pipe in a command line, the shell creates the pipe for you and operates so that the command before the pipe writes to it, while the command after the pipe reads from it. All pipes, whether they be anonymous (like the ones used by the shells) or named (see below) act like FIFOs (First In, First Out). We’ve already seen examples of how to use pipes in the shell, but let’s take another look for the sake of our demonstration: $ ls -d /proc/[0-9] | head -5 /proc/1/ /proc/2/ /proc/3/ /proc/4/ /proc/5/

3. Links or even no name. In UNIX, a file name is just an entry in a directory inode. Such an entry is called a link. Let us look at links in more detail. 3. Links The best way to understand what links are is to look at an example. Let’s create a (regular) file: $ pwd /home/queen/example $ ls $ touch a $ ls -il a 32555 -rw-r–r–1 queen queen 0 Aug 6 19:26 a The -i option of the ls command prints the inode number, which is the first field on the output. As you can see, before we created file a, there were no files in the directory. The other field of interest is the third one, which is the number of file links (well, inode links, in fact). The touch a command can be separated into two distinct actions: creation of an inode, to which the operating system has given the number 32555, and whose type is the one of a regular file; creation of a link to this inode, named a, in the current directory (/home/queen/example). Therefore the /home/queen/example/a file is a link to the inode numbered 32555, and it’s currently the only one: the link counter shows 1. But now, if we type: $ ln a b $ ls -il a b 32555 -rw-r–r–2 queen queen 0 Aug 6 19:26 a 32555 -rw-r–r–2 queen queen 0 Aug 6 19:26 b $ We create another link to the same inode. As you can see, we didn’t create a file named b. Instead, we just added another link to the inode numbered 32555 in the same directory, and attributed the name b to this new link. You can see on the ls -l output that the link counter for the inode is now 2 rather than 1. systems, in-memory inodes have a unique number right across the system. One solution to obtain uniqueness, for example, is to hash the on-disk inode number against the block device identifier.