Page 1
Red Hat Enterprise Linux 4.5.0
4.5.0
Reference Guide
ISBN: N/A
Publication date:
Page 2
Red Hat Enterprise Linux 4.5.0
Page 3
Red Hat Enterprise Linux 4.5.0: Reference Guide
Copyright © 2007 Red Hat, Inc.
Copyright © 2007 by Red Hat, Inc. This material may be distributed only subject to the terms and conditions set forth in
the Open Publication License, V1.0 or later (the latest version is presently available at
http://www.opencontent.org/openpub/).
Distribution of substantively modified versions of this document is prohibited without the explicit permission of the
copyright holder.
Distribution of the work or derivative of the work in any standard (paper) book form for commercial purposes is
prohibited unless prior permission is obtained from the copyright holder.
Red Hat and the Red Hat "Shadow Man" logo are registered trademarks of Red Hat, Inc. in the United States and other
countries.
All other trademarks referenced herein are the property of their respective owners.
The GPG fingerprint of the security@redhat.com key is:
CA 20 86 86 2B D6 9D FC 65 F6 EC C4 21 91 80 CD DB 42 A6 0E
1801 Varsity Drive
Raleigh, NC 27606-2072
USA
Phone: +1 919 754 3700
Phone: 888 733 4281
Fax: +1 919 754 3701
PO Box 13588
Research Triangle Park, NC 27709
USA
Page 4
Red Hat Enterprise Linux 4.5.0
Page 5
Introduction ............................................................................................................ xvii
1. Changes To This Manual ............................................................................. xvii
2. Finding Appropriate Documentation .............................................................xviii
2.1. Documentation For First-Time Linux Users ........................................xviii
2.2. For the More Experienced ...................................................................xx
2.3. Documentation for Linux Gurus ...........................................................xx
3. Document Conventions ................................................................................ xxi
4. More to Come ............................................................................................. xxii
4.1. We Need Feedback! .........................................................................xxiii
I. System Reference .................................................................................................. 1
1. Boot Process, Init, and Shutdown .................................................................... 3
1. The Boot Process .................................................................................. 3
2. A Detailed Look at the Boot Process ....................................................... 3
2.1. The BIOS ................................................................................... 3
2.2. The Boot Loader ......................................................................... 4
2.3. The Kernel .................................................................................. 5
2.4. The /sbin/init Program ............................................................ 6
3. Running Additional Programs at Boot Time .............................................. 8
4. SysV Init Runlevels ................................................................................ 9
4.1. Runlevels ................................................................................... 9
4.2. Runlevel Utilities ........................................................................10
5. Shutting Down ......................................................................................11
2. The GRUB Boot Loader ................................................................................13
1. Boot Loaders and System Architecture ...................................................13
2. GRUB ..................................................................................................13
2.1. GRUB and the x86 Boot Process ................................................13
2.2. Features of GRUB ......................................................................14
3. Installing GRUB ....................................................................................15
4. GRUB Terminology ...............................................................................15
4.1. Device Names ...........................................................................16
4.2. File Names and Blocklists ...........................................................17
4.3. The Root File System and GRUB ................................................17
5. GRUB Interfaces ...................................................................................18
5.1. Interfaces Load Order .................................................................19
6. GRUB Commands ................................................................................19
7. GRUB Menu Configuration File ..............................................................21
7.1. Configuration File Structure .........................................................21
7.2. Configuration File Directives .......................................................22
8. Changing Runlevels at Boot Time ..........................................................23
9. Additional Resources ............................................................................23
9.1. Installed Documentation .............................................................24
9.2. Useful Websites .........................................................................24
9.3. Related Books ...........................................................................24
3. File System Structure ....................................................................................25
1. Why Share a Common Structure? ..........................................................25
2. Overview of File System Hierarchy Standard (FHS) ................................25
v
Page 6
2.1. FHS Organization .......................................................................25
3. Special File Locations Under Red Hat Enterprise Linux ...........................30
4. The sysconfig Directory ...............................................................................31
1. Files in the /etc/sysconfig/ Directory ..................................................31
1.1. /etc/sysconfig/amd .................................................................33
1.2. /etc/sysconfig/apmd ...............................................................33
1.3. /etc/sysconfig/arpwatch ........................................................33
1.4. /etc/sysconfig/authconfig ....................................................33
1.5. /etc/sysconfig/autofs ...........................................................33
1.6. /etc/sysconfig/clock .............................................................34
1.7. /etc/sysconfig/desktop .........................................................35
1.8. /etc/sysconfig/devlabel ........................................................35
1.9. /etc/sysconfig/dhcpd .............................................................35
1.10. /etc/sysconfig/exim .............................................................36
1.11. /etc/sysconfig/firstboot ....................................................36
1.12. /etc/sysconfig/gpm ...............................................................36
1.13. /etc/sysconfig/harddisks ....................................................36
1.14. /etc/sysconfig/hwconf .........................................................37
1.15. /etc/sysconfig/i18n .............................................................37
1.16. /etc/sysconfig/init .............................................................37
1.17. /etc/sysconfig/ip6tables-config .......................................38
1.18. /etc/sysconfig/iptables-config .........................................39
1.19. /etc/sysconfig/irda .............................................................39
1.20. /etc/sysconfig/keyboard ......................................................40
1.21. /etc/sysconfig/kudzu ...........................................................40
1.22. /etc/sysconfig/mouse ...........................................................40
1.23. /etc/sysconfig/named ...........................................................41
1.24. /etc/sysconfig/netdump ........................................................42
1.25. /etc/sysconfig/network ........................................................42
1.26. /etc/sysconfig/ntpd .............................................................42
1.27. /etc/sysconfig/pcmcia .........................................................43
1.28. /etc/sysconfig/radvd ...........................................................43
1.29. /etc/sysconfig/rawdevices ..................................................43
1.30. /etc/sysconfig/samba ...........................................................43
1.31. /etc/sysconfig/selinux ........................................................44
1.32. /etc/sysconfig/sendmail ......................................................44
1.33. /etc/sysconfig/spamassassin ...............................................44
1.34. /etc/sysconfig/squid ...........................................................44
1.35. /etc/sysconfig/system-config-securitylevel ....................45
1.36. /etc/sysconfig/system-config-users ..................................45
1.37. /etc/sysconfig/system-logviewer .......................................45
1.38. /etc/sysconfig/tux ...............................................................45
1.39. /etc/sysconfig/vncservers ..................................................45
1.40. /etc/sysconfig/xinetd .........................................................46
2. Directories in the /etc/sysconfig/ Directory .........................................46
3. Additional Resources ............................................................................47
3.1. Installed Documentation .............................................................47
Red Hat Enterprise Linux 4.5.0
vi
Page 7
5. The proc File System ....................................................................................49
1. A Virtual File System .............................................................................49
1.1. Viewing Virtual Files ...................................................................49
1.2. Changing Virtual Files ................................................................50
2. Top-level Files within the proc File System .............................................50
2.1. /proc/apm .................................................................................51
2.2. /proc/buddyinfo ......................................................................51
2.3. /proc/cmdline ..........................................................................52
2.4. /proc/cpuinfo ..........................................................................52
2.5. /proc/crypto ...........................................................................53
2.6. /proc/devices ..........................................................................53
2.7. /proc/dma .................................................................................54
2.8. /proc/execdomains ..................................................................54
2.9. /proc/fb ...................................................................................54
2.10. /proc/filesystems .................................................................54
2.11. /proc/interrupts ..................................................................55
2.12. /proc/iomem ...........................................................................55
2.13. /proc/ioports ........................................................................56
2.14. /proc/kcore ...........................................................................56
2.15. /proc/kmsg .............................................................................57
2.16. /proc/loadavg ........................................................................57
2.17. /proc/locks ...........................................................................57
2.18. /proc/mdstat ..........................................................................57
2.19. /proc/meminfo ........................................................................58
2.20. /proc/misc .............................................................................60
2.21. /proc/modules ........................................................................60
2.22. /proc/mounts ..........................................................................60
2.23. /proc/mtrr .............................................................................61
2.24. /proc/partitions ..................................................................61
2.25. /proc/pci ...............................................................................62
2.26. /proc/slabinfo ......................................................................62
2.27. /proc/stat .............................................................................64
2.28. /proc/swaps ...........................................................................64
2.29. /proc/sysrq-trigger .............................................................65
2.30. /proc/uptime ..........................................................................65
2.31. /proc/version ........................................................................65
3. Directories within /proc/ .......................................................................65
3.1. Process Directories ....................................................................65
3.2. /proc/bus/ ...............................................................................67
3.3. /proc/driver/ ..........................................................................68
3.4. /proc/fs ...................................................................................68
3.5. /proc/ide/ ...............................................................................69
3.6. /proc/irq/ ...............................................................................70
3.7. /proc/net/ ...............................................................................70
3.8. /proc/scsi/ .............................................................................71
3.9. /proc/sys/ ...............................................................................73
3.10. /proc/sysvipc/ ......................................................................85
vii
Page 8
3.11. /proc/tty/ .............................................................................85
4. Using the sysctl Command ..................................................................86
5. Additional Resources ............................................................................87
5.1. Installed Documentation .............................................................87
5.2. Useful Websites .........................................................................87
6. Users and Groups .........................................................................................89
1. User and Group Management Tools .......................................................89
2. Standard Users .....................................................................................90
3. Standard Groups ..................................................................................91
4. User Private Groups ..............................................................................93
4.1. Group Directories .......................................................................94
5. Shadow Passwords ...............................................................................95
6. Additional Resources ............................................................................95
6.1. Installed Documentation .............................................................95
6.2. Related Books ...........................................................................96
7. The X Window System ..................................................................................99
1. The X11R6.8 Release ...........................................................................99
2. Desktop Environments and Window Managers .....................................100
2.1. Desktop Environments ..............................................................100
2.2. Window Managers ...................................................................101
3. X Server Configuration Files ................................................................101
3.1. xorg.conf ...............................................................................102
4. Fonts ..................................................................................................108
4.1. Fontconfig ................................................................................109
4.2. Core X Font System .................................................................110
5. Runlevels and X ..................................................................................112
5.1. Runlevel 3 ...............................................................................112
5.2. Runlevel 5 ...............................................................................113
6. Additional Resources ..........................................................................114
6.1. Installed Documentation ...........................................................114
6.2. Useful Websites .......................................................................114
6.3. Related Books .........................................................................115
II. Network Services Reference ................................................................................117
8. Network Interfaces ......................................................................................119
1. Network Configuration Files .................................................................119
2. Interface Configuration Files ................................................................120
2.1. Ethernet Interfaces ...................................................................120
2.2. IPsec Interfaces .......................................................................122
2.3. Channel Bonding Interfaces ......................................................124
2.4. Alias and Clone Files ................................................................125
2.5. Dialup Interfaces ......................................................................126
2.6. Other Interfaces .......................................................................127
3. Interface Control Scripts ......................................................................128
4. Network Function Files ........................................................................129
5. Additional Resources ..........................................................................130
5.1. Installed Documentation ...........................................................130
9. Network File System (NFS) .........................................................................131
Red Hat Enterprise Linux 4.5.0
viii
Page 9
1. How It Works ......................................................................................131
1.1. Required Services ....................................................................132
1.2. NFS and portmap ....................................................................133
2. Starting and Stopping NFS ..................................................................134
3. NFS Server Configuration ....................................................................135
3.1. The /etc/exports Configuration File ........................................135
3.2. The exportfs Command ..........................................................138
4. NFS Client Configuration Files .............................................................139
4.1. /etc/fstab .............................................................................140
4.2. autofs ....................................................................................140
4.3. Common NFS Mount Options ...................................................142
5. Securing NFS .....................................................................................143
5.1. Host Access .............................................................................143
5.2. File Permissions .......................................................................145
6. Additional Resources ..........................................................................145
6.1. Installed Documentation ...........................................................145
6.2. Useful Websites .......................................................................146
6.3. Related Books .........................................................................146
10. Apache HTTP Server ................................................................................147
1. Apache HTTP Server 2.0 .....................................................................147
1.1. Features of Apache HTTP Server 2.0 ........................................147
1.2. Packaging Changes in Apache HTTP Server 2.0 ........................148
1.3. File System Changes in Apache HTTP Server 2.0 ......................148
2. Migrating Apache HTTP Server 1.3 Configuration Files .........................149
2.1. Global Environment Configuration .............................................150
2.2. Main Server Configuration ........................................................153
2.3. Virtual Host Configuration .........................................................155
2.4. Modules and Apache HTTP Server 2.0 ......................................155
3. After Installation ..................................................................................161
4. Starting and Stopping httpd ................................................................162
5. Configuration Directives in httpd.conf ................................................163
5.1. General Configuration Tips .......................................................163
5.2. ServerRoot .............................................................................164
5.3. PidFile ..................................................................................164
5.4. Timeout ..................................................................................164
5.5. KeepAlive ...............................................................................164
5.6. MaxKeepAliveRequests ...........................................................164
5.7. KeepAliveTimeout ..................................................................165
5.8. IfModule .................................................................................165
5.9. MPM Specific Server-Pool Directives .........................................165
5.10. Listen ..................................................................................166
5.11. Include .................................................................................167
5.12. LoadModule ...........................................................................167
5.13. ExtendedStatus ....................................................................167
5.14. IfDefine ...............................................................................167
5.15. SuexecUserGroup ..................................................................167
5.16. User ......................................................................................168
ix
Page 10
5.17. Group ....................................................................................168
5.18. ServerAdmin .........................................................................168
5.19. ServerName ...........................................................................168
5.20. UseCanonicalName ................................................................169
5.21. DocumentRoot ........................................................................169
5.22. Directory .............................................................................169
5.23. Options .................................................................................170
5.24. AllowOverride ......................................................................170
5.25. Order ....................................................................................171
5.26. Allow ....................................................................................171
5.27. Deny ......................................................................................171
5.28. UserDir .................................................................................171
5.29. DirectoryIndex ....................................................................171
5.30. AccessFileName ....................................................................172
5.31. CacheNegotiatedDocs ...........................................................172
5.32. TypesConfig .........................................................................172
5.33. DefaultType .........................................................................172
5.34. HostnameLookups ..................................................................172
5.35. ErrorLog ...............................................................................173
5.36. LogLevel ...............................................................................173
5.37. LogFormat .............................................................................173
5.38. CustomLog .............................................................................174
5.39. ServerSignature ..................................................................174
5.40. Alias ....................................................................................174
5.41. ScriptAlias .........................................................................174
5.42. Redirect ...............................................................................174
5.43. IndexOptions ........................................................................175
5.44. AddIconByEncoding ...............................................................175
5.45. AddIconByType ......................................................................175
5.46. AddIcon .................................................................................175
5.47. DefaultIcon .........................................................................176
5.48. AddDescription ....................................................................176
5.49. ReadmeName ...........................................................................176
5.50. HeaderName ...........................................................................176
5.51. IndexIgnore .........................................................................176
5.52. AddEncoding .........................................................................176
5.53. AddLanguage .........................................................................176
5.54. LanguagePriority ................................................................176
5.55. AddType .................................................................................177
5.56. AddHandler ...........................................................................177
5.57. Action ..................................................................................177
5.58. ErrorDocument ......................................................................177
5.59. BrowserMatch ........................................................................177
5.60. Location ...............................................................................178
5.61. ProxyRequests ......................................................................178
5.62. Proxy ....................................................................................178
5.63. Cache Directives ....................................................................178
Red Hat Enterprise Linux 4.5.0
x
Page 11
5.64. NameVirtualHost ..................................................................179
5.65. VirtualHost .........................................................................179
5.66. Configuration Directives for SSL ..............................................180
6. Default Modules ..................................................................................180
7. Adding Modules ..................................................................................181
8. Virtual Hosts .......................................................................................182
8.1. Setting Up Virtual Hosts ............................................................182
8.2. The Secure Web Server Virtual Host .........................................183
9. Additional Resources ..........................................................................183
9.1. Useful Websites .......................................................................184
9.2. Related Books .........................................................................184
11. Email ........................................................................................................185
1. Email Protocols ...................................................................................185
1.1. Mail Transport Protocols ...........................................................185
1.2. Mail Access Protocols ..............................................................186
2. Email Program Classifications ..............................................................188
2.1. Mail Transfer Agent ..................................................................188
2.2. Mail Delivery Agent ..................................................................188
2.3. Mail User Agent .......................................................................189
3. Mail Transport Agents .........................................................................189
3.1. Sendmail .................................................................................189
3.2. Postfix .....................................................................................194
3.3. Fetchmail .................................................................................196
4. Mail Delivery Agents ...........................................................................200
4.1. Procmail Configuration .............................................................201
4.2. Procmail Recipes .....................................................................202
5. Mail User Agents ................................................................................207
5.1. Securing Communication ..........................................................208
6. Additional Resources ..........................................................................210
6.1. Installed Documentation ...........................................................210
6.2. Useful Websites .......................................................................211
6.3. Related Books .........................................................................211
12. Berkeley Internet Name Domain (BIND) .....................................................213
1. Introduction to DNS .............................................................................213
1.1. Nameserver Zones ...................................................................213
1.2. Nameserver Types ...................................................................214
1.3. BIND as a Nameserver .............................................................214
2. /etc/named.conf ...............................................................................215
2.1. Common Statement Types .......................................................215
2.2. Other Statement Types .............................................................220
2.3. Comment Tags ........................................................................222
3. Zone Files ..........................................................................................222
3.1. Zone File Directives ..................................................................222
3.2. Zone File Resource Records .....................................................223
3.3. Example Zone File ...................................................................226
3.4. Reverse Name Resolution Zone Files ........................................226
4. Using rndc .........................................................................................227
xi
Page 12
4.1. Configuring /etc/named.conf ..................................................227
4.2. Configuring /etc/rndc.conf ....................................................228
4.3. Command Line Options ............................................................229
5. Advanced Features of BIND ................................................................230
5.1. DNS Protocol Enhancements ....................................................230
5.2. Multiple Views ..........................................................................230
5.3. Security ...................................................................................231
5.4. IP version 6 .............................................................................231
6. Common Mistakes to Avoid .................................................................231
7. Additional Resources ..........................................................................232
7.1. Installed Documentation ...........................................................232
7.2. Useful Websites .......................................................................233
7.3. Related Books .........................................................................233
13. Lightweight Directory Access Protocol (LDAP) ............................................235
1. Why Use LDAP? .................................................................................235
1.1. OpenLDAP Features ................................................................236
2. LDAP Terminology ..............................................................................236
3. OpenLDAP Daemons and Utilities ........................................................237
3.1. NSS, PAM, and LDAP ..............................................................239
3.2. PHP4, LDAP, and the Apache HTTP Server ..............................239
3.3. LDAP Client Applications ..........................................................240
4. OpenLDAP Configuration Files ............................................................240
5. The /etc/openldap/schema/ Directory ...............................................241
6. OpenLDAP Setup Overview .................................................................242
6.1. Editing /etc/openldap/slapd.conf .........................................242
7. Configuring a System to Authenticate Using OpenLDAP ........................244
7.1. PAM and LDAP ........................................................................245
7.2. Migrating Old Authentication Information to LDAP Format ...........245
8. Migrating Directories from Earlier Releases ..........................................246
9. Additional Resources ..........................................................................246
9.1. Installed Documentation ...........................................................246
9.2. Useful Websites .......................................................................247
9.3. Related Books .........................................................................248
14. Samba .....................................................................................................249
1. Introduction to Samba .........................................................................249
1.1. Samba Features ......................................................................249
2. Samba Daemons and Related Services ................................................250
2.1. Daemon Overview ....................................................................250
2.2. Starting and Stopping Samba ....................................................250
3. Samba Server Types and the smb.conf File .........................................252
3.1. Stand-alone Server ..................................................................252
3.2. Domain Member Server ............................................................254
3.3. Domain Controller ....................................................................256
4. Samba Security Modes .......................................................................261
4.1. User-Level Security ..................................................................261
4.2. Share-Level Security ................................................................261
4.3. Domain Security Mode (User-Level Security) .............................262
Red Hat Enterprise Linux 4.5.0
xii
Page 13
4.4. Active Directory Security Mode (User-Level Security) .................262
4.5. Server Security Mode (User-Level Security) ...............................262
5. Samba Account Information Databases ................................................263
5.1. Backward Compatible Backends ...............................................263
5.2. New Backends .........................................................................264
6. Samba Network Browsing ....................................................................264
6.1. Workgroup Browsing ................................................................265
6.2. Domain Browsing .....................................................................266
6.3. WINS (Windows Internetworking Name Server) .........................266
7. Samba with CUPS Printing Support .....................................................267
7.1. Simple smb.conf Settings .........................................................267
8. Samba Distribution Programs ..............................................................268
8.1. findsmb ..................................................................................268
8.2. make_smbcodepage ..................................................................268
8.3. make_unicodemap ....................................................................269
8.4. net ..........................................................................................269
8.5. nmblookup ...............................................................................270
8.6. pdbedit ..................................................................................270
8.7. rpcclient ...............................................................................271
8.8. smbcacls .................................................................................271
8.9. smbclient ...............................................................................271
8.10. smbcontrol ...........................................................................271
8.11. smbgroupedit ........................................................................272
8.12. smbmount ...............................................................................272
8.13. smbpasswd .............................................................................272
8.14. smbspool ...............................................................................272
8.15. smbstatus .............................................................................272
8.16. smbtar ..................................................................................272
8.17. testparm ...............................................................................273
8.18. testprns ...............................................................................274
8.19. wbinfo ..................................................................................274
9. Additional Resources ..........................................................................274
9.1. Installed Documentation ...........................................................274
9.2. Red Hat Documentation ............................................................274
9.3. Related Books .........................................................................274
9.4. Useful Websites .......................................................................275
15. FTP ..........................................................................................................277
1. The File Transport Protocol .................................................................277
1.1. Multiple Ports, Multiple Modes ...................................................277
2. FTP Servers .......................................................................................278
2.1. vsftpd ....................................................................................278
3. Files Installed with vsftpd ...................................................................279
4. Starting and Stopping vsftpd ..............................................................280
4.1. Starting Multiple Copies of vsftpd ............................................280
5. vsftpd Configuration Options ..............................................................282
5.1. Daemon Options ......................................................................282
5.2. Log In Options and Access Controls ..........................................283
xiii
Page 14
5.3. Anonymous User Options .........................................................285
5.4. Local User Options ...................................................................285
5.5. Directory Options .....................................................................287
5.6. File Transfer Options ................................................................288
5.7. Logging Options .......................................................................288
5.8. Network Options ......................................................................289
6. Additional Resources ..........................................................................292
6.1. Installed Documentation ...........................................................292
6.2. Useful Websites .......................................................................293
6.3. Related Books .........................................................................293
III. Security Reference .............................................................................................295
16. Pluggable Authentication Modules (PAM) ...................................................297
1. Advantages of PAM ............................................................................297
2. PAM Configuration Files ......................................................................297
2.1. PAM Service Files ....................................................................297
3. PAM Configuration File Format ............................................................298
3.1. Module Interface ......................................................................298
3.2. Control Flag .............................................................................299
3.3. Module Name ..........................................................................300
3.4. Module Arguments ...................................................................300
4. Sample PAM Configuration Files ..........................................................300
5. Creating PAM Modules ........................................................................303
6. PAM and Administrative Credential Caching .........................................304
6.1. Removing the Timestamp File ...................................................304
6.2. Common pam_timestamp Directives ..........................................304
7. PAM and Device Ownership ................................................................305
7.1. Device Ownership ....................................................................305
7.2. Application Access ...................................................................306
8. Additional Resources ..........................................................................306
8.1. Installed Documentation ...........................................................306
8.2. Useful Websites .......................................................................307
17. TCP Wrappers and xinetd ........................................................................309
1. TCP Wrappers ....................................................................................309
1.1. Advantages of TCP Wrappers ...................................................310
2. TCP Wrappers Configuration Files .......................................................310
2.1. Formatting Access Rules ..........................................................311
2.2. Option Fields ...........................................................................315
3. xinetd ...............................................................................................318
4. xinetd Configuration Files ..................................................................318
4.1. The /etc/xinetd.conf File .....................................................318
4.2. The /etc/xinetd.d/ Directory .................................................319
4.3. Altering xinetd Configuration Files ...........................................320
5. Additional Resources ..........................................................................324
5.1. Installed Documentation ...........................................................324
5.2. Useful Websites .......................................................................325
5.3. Related Books .........................................................................325
18. iptables ..................................................................................................327
Red Hat Enterprise Linux 4.5.0
xiv
Page 15
1. Packet Filtering ...................................................................................327
2. Differences between iptables and ipchains ......................................329
3. Options Used within iptables Commands ...........................................330
3.1. Structure of iptables Options ..................................................330
3.2. Command Options ...................................................................330
3.3. iptables Parameter Options ....................................................332
3.4. iptables Match Options ..........................................................333
3.5. Target Options .........................................................................336
3.6. Listing Options .........................................................................337
4. Saving iptables Rules .......................................................................338
5. iptables Control Scripts .....................................................................338
5.1. iptables Control Scripts Configuration File ...............................340
6. ip6tables and IPv6 ............................................................................341
7. Additional Resources ..........................................................................341
7.1. Installed Documentation ...........................................................341
7.2. Useful Websites .......................................................................341
19. Kerberos ..................................................................................................343
1. What is Kerberos? ..............................................................................343
1.1. Advantages of Kerberos ...........................................................343
1.2. Disadvantages of Kerberos .......................................................343
2. Kerberos Terminology .........................................................................344
3. How Kerberos Works ..........................................................................346
4. Kerberos and PAM ..............................................................................347
5. Configuring a Kerberos 5 Server ..........................................................348
6. Configuring a Kerberos 5 Client ...........................................................350
7. Additional Resources ..........................................................................351
7.1. Installed Documentation ...........................................................351
7.2. Useful Websites .......................................................................352
20. SSH Protocol ............................................................................................355
1. Features of SSH .................................................................................355
1.1. Why Use SSH? ........................................................................355
2. SSH Protocol Versions ........................................................................356
3. Event Sequence of an SSH Connection ................................................357
3.1. Transport Layer ........................................................................357
3.2. Authentication ..........................................................................358
3.3. Channels .................................................................................358
4. OpenSSH Configuration Files ..............................................................359
5. More Than a Secure Shell ...................................................................360
5.1. X11 Forwarding ........................................................................360
5.2. Port Forwarding .......................................................................361
6. Requiring SSH for Remote Connections ...............................................362
7. Additional Resources ..........................................................................362
7.1. Installed Documentation ...........................................................362
7.2. Useful Websites .......................................................................363
7.3. Related Books .........................................................................363
21. SELinux ....................................................................................................365
1. Introduction to SELinux .......................................................................365
xv
Page 16
2. Files Related to SELinux .....................................................................365
2.1. The /selinux/ Pseudo-File System .........................................365
2.2. SELinux Configuration Files ......................................................366
2.3. SELinux Utilities .......................................................................368
3. Additional Resources ..........................................................................369
3.1. Installed Documentation ...........................................................369
3.2. Red Hat Documentation ............................................................369
3.3. Useful Websites .......................................................................369
IV. Appendixes .......................................................................................................371
A. General Parameters and Modules ...............................................................373
1. Kernel Module Utilities .........................................................................373
2. Persistent Module Loading ..................................................................376
3. Specifying Module Parameters ............................................................376
4. Storage parameters ............................................................................377
5. Ethernet Parameters ...........................................................................383
5.1. Using Multiple Ethernet Cards ...................................................390
5.2. The Channel Bonding Module ...................................................390
6. Additional Resources ..........................................................................394
6.1. Installed Documentation ...........................................................394
6.2. Useful Websites .......................................................................394
Index .....................................................................................................................395
Red Hat Enterprise Linux 4.5.0
xvi
Page 17
Introduction
Welcome to the Red Hat Enterprise Linux Reference Guide.
The Red Hat Enterprise Linux Reference Guide contains useful information about the Red Hat
Enterprise Linux system. From fundamental concepts, such as the structure of the file system,
to the finer points of system security and authentication control, we hope you find this book to
be a valuable resource.
This guide is for you if you want to learn a bit more about how the Red Hat Enterprise Linux
system works. Topics that you can explore within this manual include the following:
• The boot process
• The file system structure
• The X Window System
• Network services
• Security tools
1. Changes To This Manual
This manual has been reorganized for clarity and updated for the latest features of Red Hat
Enterprise Linux 4.5.0. Some of the changes include:
A New Samba Chapter
The new Samba chapter explains various Samba daemons and configuration options.
Special thanks to John Terpstra for his hard work in helping to complete this chapter.
A New SELinux Chapter
The new SELinux chapter explains various SELinux files and configuration options. Special
thanks to Karsten Wade for his hard work in helping to complete this chapter.
An Updated proc File System Chapter
The proc file system chapter includes updated information in regards to the 2.6 kernel.
Special thanks to Arjan van de Ven for his hard work in helping to complete this chapter.
An Updated Network File System (NFS) Chapter
The Network File System (NFS) chapter has been revised and reorganized to include
NFSv4.
An Updated The X Window System Chapter
The X Window System chapter has been revised to include information on the X11R6.8
release developed by the X.Org team.
Before reading this guide, you should be familiar with the contents of the Red Hat Enterprise
xvii
Page 18
Linux Installation Guide concerning installation issues, the Red Hat Enterprise Linux
Introduction to System Administration for basic administration concepts, the Red Hat Enterprise
Linux System Administration Guide for general customization instructions, and the Red Hat
Enterprise Linux Security Guide for security related instructions. This guide contains information
about topics for advanced users.
2. Finding Appropriate Documentation
You need documentation that is appropriate to your level of Linux expertise. Otherwise, you
might feel overwhelmed or may not find the necessary information to answer any questions. The
Red Hat Enterprise Linux Reference Guide deals with the more technical aspects and options of
a Red Hat Enterprise Linux system. This section helps you decide whether to look in this
manual for the information you need or to consider other Red Hat Enterprise Linux manuals,
including online sources, in your search.
Three different categories of people use Red Hat Enterprise Linux, and each of these
categories require different sets of documentation and informative sources. To help you figure
out where you should start, determine your own experience level:
New to Linux
This type of user has never used any Linux (or Linux-like) operating system before or has
had only limited exposure to Linux. They may or may not have experience using other
operating systems (such as Windows). Is this you? If so, skip ahead to Section 2.1,
“Documentation For First-Time Linux Users”.
Some Linux Experience
This type of user has installed and successfully used Linux (but not Red Hat Enterprise
Linux) before or may have equivalent experience with other Linux-like operating systems.
Does this describe you? If so, turn to Section 2.2, “For the More Experienced”.
Experienced User
This type of user has installed and successfully used Red Hat Enterprise Linux before. If
this describes you, turn to Section 2.3, “Documentation for Linux Gurus”.
2.1. Documentation For First-Time Linux Users
For someone new to Linux, the amount of information available on any particular subject, such
as printing, starting up the system or partitioning a hard drive, can be overwhelming. It helps to
initially step back and gain a decent base of information centered around how Linux works
before tackling these kinds of advanced issues.
Your first goal should be to obtain some useful documentation. This cannot be stressed enough.
Without documentation, you only become frustrated at your inability to get a Red Hat Enterprise
Linux system working the way you want.
You should acquire the following types of Linux documentation:
Introduction
xviii
Page 19
• A brief history of Linux — Many aspects of Linux are the way they are because of historical
precedent. The Linux culture is also based on past events, needs, or requirements. A basic
understanding of the history of Linux helps you figure out how to solve many potential
problems before you actually see them.
• An explanation of how Linux works — While delving into the most arcane aspects of the Linux
kernel is not necessary, it is a good idea to know something about how Linux is put together.
This is particularly important if you have been working with other operating systems, as some
of the assumptions you currently hold about how computers work may not transfer from that
operating system to Linux.
• An introductory command overview (with examples) — This is probably the most important
thing to look for in Linux documentation. The underlying design philosophy for Linux is that it
is better to use many small commands connected together in different ways than it is to have
a few large (and complex) commands that do the whole job themselves. Without examples
that illustrate this approach to doing things, you may find yourself intimidated by the sheer
number of commands available on a Red Hat Enterprise Linux system.
Keep in mind that you do not have to memorize all of the available Linux commands. Different
techniques exist to help you find the specific command you need to accomplish a task. You
only need to know the general way in which Linux functions, what you need to accomplish,
and how to access the tool that gives you the exact instructions you need to execute the
command.
The Red Hat Enterprise Linux Installation Guide and the Red Hat Enterprise Linux Step By Step
Guide are excellent references for helping you get a Red Hat Enterprise Linux system
successfully installed and initially configured. The Red Hat Enterprise Linux Introduction to
System Administration is a great place to start for those learning the basics of system
administration. Start with these books and use them to build the base of your knowledge of Red
Hat Enterprise Linux. Before long, more complicated concepts begin to make sense because
you already grasp the general ideas.
Beyond reading the Red Hat Enterprise Linux manuals, several other excellent documentation
resources are available for little or no cost:
2.1.1. Introduction to Linux Websites
• http://www.redhat.com/ — On the Red Hat website, you find links to the Linux Documentation
Project (LDP), online versions of the Red Hat Enterprise Linux manuals, FAQs (Frequently
Asked Questions), a database which can help you find a Linux Users Group near you,
technical information in the Red Hat Support Knowledge Base, and more.
• http://www.linuxheadquarters.com/ — The Linux Headquarters website features easy to
follow, step-by-step guides for a variety of Linux tasks.
2.1.2. Introduction to Linux Newsgroups
Documentation For First-Time Linux Users
xix
Page 20
You can participate in newsgroups by watching the discussions of others attempting to solve
problems, or by actively asking or answering questions. Experienced Linux users are known to
be extremely helpful when trying to assist new users with various Linux issues — especially if
you are posing questions in the right venue. If you do not have access to a news reader
application, you can access this information via the Web at http://groups.google.com/. Dozens
of Linux-related newsgroups exist, including the following:
• linux.help [news:linux.help] — A great place to get help from fellow Linux users.
• linux.redhat [news:linux.redhat] — This newsgroup primarily covers Red Hat Enterprise
Linux-specific issues.
• linux.redhat.install [news:linux.redhat.install] — Pose installation questions to this newsgroup
or search it to see how others solved similar problems.
• linux.redhat.misc [news:linux.redhat.misc] — Questions or requests for help that do not really
fit into traditional categories go here.
• linux.redhat.rpm [news:linux.redhat.rpm] — A good place to go if you are having trouble using
RPM to accomplish particular objectives.
2.2. For the More Experienced
If you have used other Linux distributions, you probably already have a basic grasp of the most
frequently used commands. You may have installed your own Linux system, and maybe you
have even downloaded and built software you found on the Internet. After installing Linux,
however, configuration issues can be very confusing.
The Red Hat Enterprise Linux System Administration Guide is designed to help explain the
various ways a Red Hat Enterprise Linux system can be configured to meet specific objectives.
Use this manual to learn about specific configuration options and how to put them into effect.
When you are installing software that is not covered in the Red Hat Enterprise Linux System
Administration Guide, it is often helpful to see what other people in similar circumstances have
done. HOWTO documents from the Linux Documentation Project, available at
http://www.redhat.com/mirrors/LDP/HOWTO/HOWTO-INDEX/howtos.html, document particular
aspects of Linux, from low-level kernel esoteric changes to using Linux for amateur radio station
work.
If you are concerned with the finer points and specifics of the Red Hat Enterprise Linux system,
the Red Hat Enterprise Linux Reference Guide is a great resource.
If you are concerned about security issues, the Red Hat Enterprise Linux Security Guide is a
great resource — explaining in concise terms best strategies and practices for securing Red Hat
Enterprise Linux.
2.3. Documentation for Linux Gurus
Introduction
xx
Page 21
If you are concerned with the finer points and specifics of the Red Hat Enterprise Linux system,
the Red Hat Enterprise Linux Reference Guide is a great resource.
If you are a long-time Red Hat Enterprise Linux user, you probably already know that one of the
best ways to understand a particular program is to read its source code and/or configuration
files. A major advantage of Red Hat Enterprise Linux is the availability of the source code for
anyone to read.
Obviously, not everyone is a programmer, so the source code may not be helpful for you.
However, if you have the knowledge and skills necessary to read it, the source code holds all of
the answers.
3. Document Conventions
Certain words in this manual are represented in different fonts, styles, and weights. This
highlighting indicates that the word is part of a specific category. The categories include the
following:
Courier font
Courier font represents commands, file names and paths, and prompts .
When shown as below, it indicates computer output:
Desktop about.html logs paulwesterberg.png
Mail backupfiles mail reports
bold Courier font
Bold Courier font represents text that you are to type, such as: service jonas start
If you have to run a command as root, the root prompt (#) precedes the command:
# gconftool-2
italic Courier font
Italic Courier font represents a variable, such as an installation directory:
install_dir/bin/
bold font
Bold font represents application programs and text found on a graphical interface.
When shown like this: OK , it indicates a button on a graphical application interface.
Document Conventions
xxi
Page 22
Additionally, the manual uses different strategies to draw your attention to pieces of information.
In order of how critical the information is to you, these items are marked as follows:
Note
A note is typically information that you need to understand the behavior of the
system.
Tip
A tip is typically an alternative way of performing a task.
Important
Important information is necessary, but possibly unexpected, such as a
configuration change that will not persist after a reboot.
Caution
A caution indicates an act that would violate your support agreement, such as
recompiling the kernel.
Warning
A warning indicates potential data loss, as may happen when tuning hardware
for maximum performance.
4. More to Come
The Red Hat Enterprise Linux Reference Guide is part of Red Hat's commitment to provide
useful and timely support to Red Hat Enterprise Linux users. Future editions feature expanded
information on changes to system structure and organization, new and powerful security tools,
and other resources to help you extend the power of the Red Hat Enterprise Linux system —
and your ability to use it.
That is where you can help.
Introduction
xxii
Page 23
4.1. We Need Feedback!
If you find an error in the Red Hat Enterprise Linux Reference Guide, or if you have thought of a
way to make this manual better, we would love to hear from you! Please submit a report in
Bugzilla (http://bugzilla.redhat.com/bugzilla/) against the component rhel-rg.
Be sure to mention the manual's identifier:
rhel-rg
If you mention the manual's identifier, we know exactly which version of the guide you have.
If you have a suggestion for improving the documentation, try to be as specific as possible when
describing it. If you have found an error, please include the section number and some of the
surrounding text so we can find it easily.
We Need Feedback!
xxiii
Page 24
xxiv
Page 25
Part I. System Reference
To manage the system effectively, it is crucial to know about its components and how they fit
together. This part outlines many important aspects of the system. It covers the boot process,
the basic file system layout, the location of crucial system files and file systems, and the basic
concepts behind users and groups. Additionally, the X Window System is explained in detail.
Page 26
Page 27
Boot Process, Init, and Shutdown
An important and powerful aspect of Red Hat Enterprise Linux is the open, user-configurable
method it uses for starting the operating system. Users are free to configure many aspects of
the boot process, including specifying the programs launched at boot-time. Similarly, system
shutdown gracefully terminates processes in an organized and configurable way, although
customization of this process is rarely required.
Understanding how the boot and shutdown processes work not only allows customization, but
also makes it easier to troubleshoot problems related to starting or shutting down the system.
1. The Boot Process
Below are the basic stages of the boot process for an x86 system:
1. The system BIOS checks the system and launches the first stage boot loader on the MBR of
the primary hard disk.
2. The first stage boot loader loads itself into memory and launches the second stage boot
loader from the /boot/ partition.
3. The second stage boot loader loads the kernel into memory, which in turn loads any
necessary modules and mounts the root partition read-only.
4. The kernel transfers control of the boot process to the /sbin/init program.
5. The /sbin/init program loads all services and user-space tools, and mounts all partitions
listed in /etc/fstab.
6. The user is presented with a login screen for the freshly booted Linux system.
Because configuration of the boot process is more common than the customization of the
shutdown process, the remainder of this chapter discusses in detail how the boot process works
and how it can be customized to suite specific needs.
2. A Detailed Look at the Boot Process
The beginning of the boot process varies depending on the hardware platform being used.
However, once the kernel is found and loaded by the boot loader, the default boot process is
identical across all architectures. This chapter focuses primarily on the x86 architecture.
2.1. The BIOS
When an x86 computer is booted, the processor looks at the end of system memory for the
Basic Input/Output System or BIOS program and runs it. The BIOS controls not only the first
step of the boot process, but also provides the lowest level interface to peripheral devices. For
this reason it is written into read-only, permanent memory and is always available for use.
Chapter 1.
3
Page 28
1
GRUB reads ext3 file systems as ext2, disregarding the journal file. Refer to the chapter titled The ext3 File System in
the Red Hat Enterprise Linux System Administration Guide for more information on the ext3 file system.
Other platforms use different programs to perform low-level tasks roughly equivalent to those of
the BIOS on an x86 system. For instance, Itanium-based computers use the Extensible
Firmware Interface (EFI) Shell.
Once loaded, the BIOS tests the system, looks for and checks peripherals, and then locates a
valid device with which to boot the system. Usually, it checks any diskette drives and CD-ROM
drives present for bootable media, then, failing that, looks to the system's hard drives. In most
cases, the order of the drives searched while booting is controlled with a setting in the BIOS,
and it looks on the master IDE device on the primary IDE bus. The BIOS then loads into
memory whatever program is residing in the first sector of this device, called the Master Boot
Record or MBR. The MBR is only 512 bytes in size and contains machine code instructions for
booting the machine, called a boot loader, along with the partition table. Once the BIOS finds
and loads the boot loader program into memory, it yields control of the boot process to it.
2.2. The Boot Loader
This section looks at the default boot loader for the x86 platform, GRUB. Depending on the
system's architecture, the boot process may differ slightly. Refer to Section 2.2.1, “Boot Loaders
for Other Architectures” for a brief overview of non-x86 boot loaders. For more information about
configuring and using GRUB, see Chapter 2, The GRUB Boot Loader.
A boot loader for the x86 platform is broken into at least two stages. The first stage is a small
machine code binary on the MBR. Its sole job is to locate the second stage boot loader and load
the first part of it into memory.
GRUB has the advantage of being able to read ext2 and ext31partitions and load its
configuration file — /boot/grub/grub.conf — at boot time. Refer to Section 7, “GRUB Menu
Configuration File” for information on how to edit this file.
Tip
If upgrading the kernel using the Red Hat Update Agent, the boot loader
configuration file is updated automatically. More information on Red Hat Network
can be found online at the following URL: https://rhn.redhat.com/.
Once the second stage boot loader is in memory, it presents the user with a graphical screen
showing the different operating systems or kernels it has been configured to boot. On this
screen a user can use the arrow keys to choose which operating system or kernel they wish to
boot and press Enter. If no key is pressed, the boot loader loads the default selection after a
configurable period of time has passed.
Chapter 1. Boot Process, Init...
4
Page 29
Note
If Symmetric Multi-Processor (SMP) kernel support is installed, more than one
option is presented the first time the system is booted. In this situation GRUB
displays Red Hat Enterprise Linux (<kernel-version>-smp), which is the
SMP kernel, and Red Hat Enterprise Linux (<kernel-version>), which is
for single processors.
If any problems occur using the SMP kernel, try selecting the a non-SMP kernel
upon rebooting.
Once the second stage boot loader has determined which kernel to boot, it locates the
corresponding kernel binary in the /boot/ directory. The kernel binary is named using the
following format — /boot/vmlinuz-<kernel-version> file (where <kernel-version>
corresponds to the kernel version specified in the boot loader's settings).
For instructions on using the boot loader to supply command line arguments to the kernel, refer
to Chapter 2, The GRUB Boot Loader. For information on changing the runlevel at the boot
loader prompt, refer Section 8, “Changing Runlevels at Boot Time”.
The boot loader then places one or more appropriate initramfs images into memory. Next, the
kernel decompresses these images from memory to /boot/, a RAM-based virtual file system,
via cpio. The initramfs is used by the kernel to load drivers and modules necessary to boot
the system. This is particularly important if SCSI hard drives are present or if the systems use
the ext3 file system.
Once the kernel and the initramfs image(s) are loaded into memory, the boot loader hands
control of the boot process to the kernel.
For a more detailed overview of the GRUB boot loader, refer to Chapter 2, The GRUB Boot
Loader.
2.2.1. Boot Loaders for Other Architectures
Once the kernel loads and hands off the boot process to the init command, the same
sequence of events occurs on every architecture. So the main difference between each
architecture's boot process is in the application used to find and load the kernel.
For example, the Itanium architecture uses the ELILO boot loader, the IBM eServer pSeries
architecture uses YABOOT, and the IBM eServer zSeries and IBM S/390 systems use the z/IPL
boot loader.
Consult the Red Hat Enterprise Linux Installation Guide specific to these platforms for
information on configuring their boot loaders.
2.3. The Kernel
The Kernel
5
Page 30
When the kernel is loaded, it immediately initializes and configures the computer's memory and
configures the various hardware attached to the system, including all processors, I/O
subsystems, and storage devices. It then looks for the compressed initramfs image(s) in a
predetermined location in memory, decompresses it directly to /sysroot/, and loads all
necessary drivers. Next, it initializes virtual devices related to the file system, such as LVM or
software RAID, before completing the initramfs processes and freeing up all the memory the
disk image once occupied.
The kernel then creates a root device, mounts the root partition read-only, and frees any unused
memory.
At this point, the kernel is loaded into memory and operational. However, since there are no
user applications that allow meaningful input to the system, not much can be done with the
system.
To set up the user environment, the kernel executes the /sbin/init program.
2.4. The /sbin/init Program
The /sbin/init program (also called init) coordinates the rest of the boot process and
configures the environment for the user.
When the init command starts, it becomes the parent or grandparent of all of the processes
that start up automatically on the system. First, it runs the /etc/rc.d/rc.sysinit script, which
sets the environment path, starts swap, checks the file systems, and executes all other steps
required for system initialization. For example, most systems use a clock, so rc.sysinit reads
the /etc/sysconfig/clock configuration file to initialize the hardware clock. Another example
is if there are special serial port processes which must be initialized, rc.sysinit executes the
/etc/rc.serial file.
The init command then runs the /etc/inittab script, which describes how the system should
be set up in each SysV init runlevel. Runlevels are a state, or mode, defined by the services
listed in the SysV /etc/rc.d/rc<x>.d/ directory, where <x> is the number of the runlevel. For
more information on SysV init runlevels, refer to Section 4, “SysV Init Runlevels”.
Next, the init command sets the source function library, /etc/rc.d/init.d/functions, for
the system, which configures how to start, kill, and determine the PID of a program.
The init program starts all of the background processes by looking in the appropriate rc
directory for the runlevel specified as the default in /etc/inittab. The rc directories are
numbered to correspond to the runlevel they represent. For instance, /etc/rc.d/rc5.d/ is the
directory for runlevel 5.
When booting to runlevel 5, the init program looks in the /etc/rc.d/rc5.d/ directory to
determine which processes to start and stop.
Below is an example listing of the /etc/rc.d/rc5.d/ directory:
K05innd -> ../init.d/innd K05saslauthd -> ../init.d/saslauthd K10dc_server
Chapter 1. Boot Process, Init...
6
Page 31
-> ../init.d/dc_server K10psacct -> ../init.d/psacct K10radiusd ->
../init.d/radiusd K12dc_client -> ../init.d/dc_client K12FreeWnn ->
../init.d/FreeWnn K12mailman -> ../init.d/mailman K12mysqld ->
../init.d/mysqld K15httpd -> ../init.d/httpd K20netdump-server ->
../init.d/netdump-server K20rstatd -> ../init.d/rstatd K20rusersd ->
../init.d/rusersd K20rwhod -> ../init.d/rwhod K24irda -> ../init.d/irda
K25squid -> ../init.d/squid K28amd -> ../init.d/amd K30spamassassin ->
../init.d/spamassassin K34dhcrelay -> ../init.d/dhcrelay K34yppasswdd ->
../init.d/yppasswdd K35dhcpd -> ../init.d/dhcpd K35smb -> ../init.d/smb
K35vncserver -> ../init.d/vncserver K36lisa -> ../init.d/lisa K45arpwatch ->
../init.d/arpwatch K45named -> ../init.d/named K46radvd -> ../init.d/radvd
K50netdump -> ../init.d/netdump K50snmpd -> ../init.d/snmpd K50snmptrapd ->
../init.d/snmptrapd K50tux -> ../init.d/tux K50vsftpd -> ../init.d/vsftpd
K54dovecot -> ../init.d/dovecot K61ldap -> ../init.d/ldap K65kadmin ->
../init.d/kadmin K65kprop -> ../init.d/kprop K65krb524 -> ../init.d/krb524
K65krb5kdc -> ../init.d/krb5kdc K70aep1000 -> ../init.d/aep1000 K70bcm5820
-> ../init.d/bcm5820 K74ypserv -> ../init.d/ypserv K74ypxfrd ->
../init.d/ypxfrd K85mdmpd -> ../init.d/mdmpd K89netplugd ->
../init.d/netplugd K99microcode_ctl -> ../init.d/microcode_ctl
S04readahead_early -> ../init.d/readahead_early S05kudzu -> ../init.d/kudzu
S06cpuspeed -> ../init.d/cpuspeed S08ip6tables -> ../init.d/ip6tables
S08iptables -> ../init.d/iptables S09isdn -> ../init.d/isdn S10network ->
../init.d/network S12syslog -> ../init.d/syslog S13irqbalance ->
../init.d/irqbalance S13portmap -> ../init.d/portmap S15mdmonitor ->
../init.d/mdmonitor S15zebra -> ../init.d/zebra S16bgpd -> ../init.d/bgpd
S16ospf6d -> ../init.d/ospf6d S16ospfd -> ../init.d/ospfd S16ripd ->
../init.d/ripd S16ripngd -> ../init.d/ripngd S20random -> ../init.d/random
S24pcmcia -> ../init.d/pcmcia S25netfs -> ../init.d/netfs S26apmd ->
../init.d/apmd S27ypbind -> ../init.d/ypbind S28autofs -> ../init.d/autofs
S40smartd -> ../init.d/smartd S44acpid -> ../init.d/acpid S54hpoj ->
../init.d/hpoj S55cups -> ../init.d/cups S55sshd -> ../init.d/sshd
S56rawdevices -> ../init.d/rawdevices S56xinetd -> ../init.d/xinetd S58ntpd
-> ../init.d/ntpd S75postgresql -> ../init.d/postgresql S80sendmail ->
../init.d/sendmail S85gpm -> ../init.d/gpm S87iiim -> ../init.d/iiim
S90canna -> ../init.d/canna S90crond -> ../init.d/crond S90xfs ->
../init.d/xfs S95atd -> ../init.d/atd S96readahead -> ../init.d/readahead
S97messagebus -> ../init.d/messagebus S97rhnsd -> ../init.d/rhnsd S99local
-> ../rc.local
As illustrated in this listing, none of the scripts that actually start and stop the services are
located in the /etc/rc.d/rc5.d/ directory. Rather, all of the files in /etc/rc.d/rc5.d/ are
symbolic links pointing to scripts located in the /etc/rc.d/init.d/ directory. Symbolic links
are used in each of the rc directories so that the runlevels can be reconfigured by creating,
modifying, and deleting the symbolic links without affecting the actual scripts they reference.
The name of each symbolic link begins with either a K or an S. The K links are processes that
are killed on that runlevel, while those beginning with an S are started.
The init command first stops all of the K symbolic links in the directory by issuing the
/etc/rc.d/init.d/<command> stop command, where <command> is the process to be killed. It
then starts all of the S symbolic links by issuing /etc/rc.d/init.d/<command> start.
The /sbin/init Program
7
Page 32
2
Refer to Section 3.11, “/proc/tty/” for more information about tty devices.
3
Refer to Section 5.2, “Runlevel 5” for more information about display managers.
Tip
After the system is finished booting, it is possible to log in as root and execute
these same scripts to start and stop services. For instance, the command
/etc/rc.d/init.d/httpd stop stops the Apache HTTP Server.
Each of the symbolic links are numbered to dictate start order. The order in which the services
are started or stopped can be altered by changing this number. The lower the number, the
earlier it is started. Symbolic links with the same number are started alphabetically.
Note
One of the last things the init program executes is the /etc/rc.d/rc.local
file. This file is useful for system customization. Refer to Section 3, “Running
Additional Programs at Boot Time” for more information about using the
rc.local file.
After the init command has progressed through the appropriate rc directory for the runlevel,
the /etc/inittab script forks an /sbin/mingetty process for each virtual console (login
prompt) allocated to the runlevel. Runlevels 2 through 5 have all six virtual consoles, while
runlevel 1 (single user mode) has one, and runlevels 0 and 6 have none. The /sbin/mingetty
process opens communication pathways to tty devices2, sets their modes, prints the login
prompt, accepts the user's username and password, and initiates the login process.
In runlevel 5, the /etc/inittab runs a script called /etc/X11/prefdm. The prefdm script
executes the preferred X display manager3— gdm, kdm, or xdm, depending on the contents of
the /etc/sysconfig/desktop file.
Once finished, the system operates on runlevel 5 and displays a login screen.
3. Running Additional Programs at Boot Time
The /etc/rc.d/rc.local script is executed by the init command at boot time or when
changing runlevels. Adding commands to the bottom of this script is an easy way to perform
necessary tasks like starting special services or initialize devices without writing complex
initialization scripts in the /etc/rc.d/init.d/ directory and creating symbolic links.
The /etc/rc.serial script is used if serial ports must be setup at boot time. This script runs
Chapter 1. Boot Process, Init...
8
Page 33
setserial commands to configure the system's serial ports. Refer to the setserial man page
for more information.
4. SysV Init Runlevels
The SysV init runlevel system provides a standard process for controlling which programs init
launches or halts when initializing a runlevel. SysV init was chosen because it is easier to use
and more flexible than the traditional BSD-style init process.
The configuration files for SysV init are located in the /etc/rc.d/ directory. Within this
directory, are the rc, rc.local, rc.sysinit, and, optionally, the rc.serial scripts as well as
the following directories:
init.d/ rc0.d/ rc1.d/ rc2.d/ rc3.d/ rc4.d/ rc5.d/ rc6.d/
The init.d/ directory contains the scripts used by the /sbin/init command when controlling
services. Each of the numbered directories represent the six runlevels configured by default
under Red Hat Enterprise Linux.
4.1. Runlevels
The idea behind SysV init runlevels revolves around the idea that different systems can be used
in different ways. For example, a server runs more efficiently without the drag on system
resources created by the X Window System. Or there may be times when a system
administrator may need to operate the system at a lower runlevel to perform diagnostic tasks,
like fixing disk corruption in runlevel 1.
The characteristics of a given runlevel determine which services are halted and started by init.
For instance, runlevel 1 (single user mode) halts any network services, while runlevel 3 starts
these services. By assigning specific services to be halted or started on a given runlevel, init
can quickly change the mode of the machine without the user manually stopping and starting
services.
The following runlevels are defined by default under Red Hat Enterprise Linux:
• 0 — Halt
• 1 — Single-user text mode
• 2 — Not used (user-definable)
• 3 — Full multi-user text mode
• 4 — Not used (user-definable)
• 5 — Full multi-user graphical mode (with an X-based login screen)
• 6 — Reboot
SysV Init Runlevels
9
Page 34
In general, users operate Red Hat Enterprise Linux at runlevel 3 or runlevel 5 — both full
multi-user modes. Users sometimes customize runlevels 2 and 4 to meet specific needs, since
they are not used.
The default runlevel for the system is listed in /etc/inittab. To find out the default runlevel for
a system, look for the line similar to the following near the top of /etc/inittab:
id:5:initdefault:
The default runlevel listed in this example is five, as the number after the first colon indicates.
To change it, edit /etc/inittab as root.
Warning
Be very careful when editing /etc/inittab. Simple typos can cause the system
to become unbootable. If this happens, either use a boot diskette, enter
single-user mode, or enter rescue mode to boot the computer and repair the file.
For more information on single-user and rescue mode, refer to the chapter titled
Basic System Recovery in the Red Hat Enterprise Linux System Administration
Guide.
It is possible to change the default runlevel at boot time by modifying the arguments passed by
the boot loader to the kernel. For information on changing the runlevel at boot time, refer to
Section 8, “Changing Runlevels at Boot Time”.
4.2. Runlevel Utilities
One of the best ways to configure runlevels is to use an initscript utility. These tools are
designed to simplify the task of maintaining files in the SysV init directory hierarchy and relieves
system administrators from having to directly manipulate the numerous symbolic links in the
subdirectories of /etc/rc.d/.
Red Hat Enterprise Linux provides three such utilities:
• /sbin/chkconfig — The /sbin/chkconfig utility is a simple command line tool for
maintaining the /etc/rc.d/init.d/ directory hierarchy.
• /usr/sbin/ntsysv — The ncurses-based /sbin/ntsysv utility provides an interactive
text-based interface, which some find easier to use than chkconfig.
• Services Configuration Tool — The graphical Services Configuration Tool
(system-config-services) program is a flexible utility for configuring runlevels.
Chapter 1. Boot Process, Init...
10
Page 35
Refer to the chapter titled Controlling Access to Services in the Red Hat Enterprise Linux
System Administration Guide for more information regarding these tools.
5. Shutting Down
To shut down Red Hat Enterprise Linux, the root user may issue the /sbin/shutdown
command. The shutdown man page has a complete list of options, but the two most common
uses are:
/sbin/shutdown -h now/sbin/shutdown -r now
After shutting everything down, the -h option halts the machine, and the -r option reboots.
PAM console users can use the reboot and halt commands to shut down the system while in
runlevels 1 through 5. For more information about PAM console users, refer to Section 7, “PAM
and Device Ownership”.
If the computer does not power itself down, be careful not to turn off the computer until a
message appears indicating that the system is halted.
Failure to wait for this message can mean that not all the hard drive partitions are unmounted,
which can lead to file system corruption.
Shutting Down
11
Page 36
12
Page 37
1
For more on the system BIOS and the MBR, refer to Section 2.1, “The BIOS”.
The GRUB Boot Loader
When a computer with Red Hat Enterprise Linux is turned on, the operating system is loaded
into memory by a special program called a boot loader. A boot loader usually exists on the
system's primary hard drive (or other media device) and has the sole responsibility of loading
the Linux kernel with its required files or (in some cases) other operating systems into memory.
1. Boot Loaders and System Architecture
Each architecture capable of running Red Hat Enterprise Linux uses a different boot loader. The
following table lists the boot loaders available for each architecture:
Architecture Boot Loaders
AMD® AMD64 GRUB
IBM®eServer™iSeries™ OS/400®
IBM®eServer™pSeries™ YABOOT
IBM®S/390® z/IPL
IBM®eServer™zSeries® z/IPL
Intel®Itanium™ ELILO
x86 GRUB
Table 2.1. Boot Loaders by Architecture
This chapter discusses commands and configuration options for the GRUB boot loader included
with Red Hat Enterprise Linux for the x86 architecture.
2. GRUB
The GNU GRand Unified Boot loader (GRUB) is a program which enables the selection of the
installed operating system or kernel to be loaded at system boot time. It also allows the user to
pass arguments to the kernel.
2.1. GRUB and the x86 Boot Process
This section discusses the specific role GRUB plays when booting an x86 system. For a look at
the overall boot process, refer to Section 2, “A Detailed Look at the Boot Process”.
GRUB loads itself into memory in the following stages:
1. The Stage 1 or primary boot loader is read into memory by the BIOS from the MBR1. The
Chapter 2.
13
Page 38
primary boot loader exists on less than 512 bytes of disk space within the MBR and is
capable of loading either the Stage 1.5 or Stage 2 boot loader.
2. The Stage 1.5 boot loader is read into memory by the Stage 1 boot loader, if necessary.
Some hardware requires an intermediate step to get to the Stage 2 boot loader. This is
sometimes true when the /boot/ partition is above the 1024 cylinder head of the hard drive
or when using LBA mode. The Stage 1.5 boot loader is found either on the /boot/ partition
or on a small part of the MBR and the /boot/ partition.
3. The Stage 2 or secondary boot loader is read into memory. The secondary boot loader
displays the GRUB menu and command environment. This interface allows the user to select
which kernel or operating system to boot, pass arguments to the kernel, or look at system
parameters.
4. The secondary boot loader reads the operating system or kernel as well as the contents of
/boot/sysroot/ into memory. Once GRUB determines which operating system or kernel to
start, it loads it into memory and transfers control of the machine to that operating system.
The method used to boot Red Hat Enterprise Linux is called direct loading because the boot
loader loads the operating system directly. There is no intermediary between the boot loader
and the kernel.
The boot process used by other operating systems may differ. For example, the
Microsoft®Windows® operating system, as well as other operating systems, are loaded using
chain loading. Under this method, the MBR points to the first sector of the partition holding the
operating system, where it finds the files necessary to actually boot that operating system.
GRUB supports both direct and chain loading boot methods, allowing it to boot almost any
operating system.
Warning
During installation, Microsoft's DOS and Windows installation programs
completely overwrite the MBR, destroying any existing boot loaders. If creating a
dual-boot system, it is best to install the Microsoft operating system first.
2.2. Features of GRUB
GRUB contains several features that make it preferable to other boot loaders available for the
x86 architecture. Below is a partial list of some of the more important features:
• GRUB provides a true command-based, pre-OS environment on x86 machines. This feature
affords the user maximum flexibility in loading operating systems with specified options or
gathering information about the system. For years, many non-x86 architectures have
employed pre-OS environments that allow system booting from a command line.
Chapter 2. The GRUB Boot Loader
14
Page 39
• GRUB supports Logical Block Addressing (LBA) mode. LBA places the addressing
conversion used to find files in the hard drive's firmware, and is used on many IDE and all
SCSI hard devices. Before LBA, boot loaders could encounter the 1024-cylinder BIOS
limitation, where the BIOS could not find a file after the 1024 cylinder head of the disk. LBA
support allows GRUB to boot operating systems from partitions beyond the 1024-cylinder
limit, so long as the system BIOS supports LBA mode. Most modern BIOS revisions support
LBA mode.
• GRUB can read ext2 partitions. This functionality allows GRUB to access its configuration file,
/boot/grub/grub.conf, every time the system boots, eliminating the need for the user to
write a new version of the first stage boot loader to the MBR when configuration changes are
made. The only time a user needs to reinstall GRUB on the MBR is if the physical location of
the /boot/ partition is moved on the disk. For details on installing GRUB to the MBR, refer to
Section 3, “Installing GRUB”.
3. Installing GRUB
If GRUB was not installed during the installation process, it can be installed afterward. Once
installed, it automatically becomes the default boot loader.
Before installing GRUB, make sure to use the latest GRUB package available or use the GRUB
package from the installation CD-ROMs. For instructions on installing packages, refer to the
chapter titled Package Management with RPM in the Red Hat Enterprise Linux System
Administration Guide.
Once the GRUB package is installed, open a root shell prompt and run the command
/sbin/grub-install <location>, where <location> is the location that the GRUB Stage 1
boot loader should be installed. For example, the following command installs GRUB to the MBR
of the master IDE device on the primary IDE bus:
/sbin/grub-install /dev/hda
The next time the system boots, the GRUB graphical boot loader menu appears before the
kernel loads into memory.
Important
If GRUB is installed on a RAID 1 array, the system may become unbootable in
the event of disk failure. An unsupported workaround is provided online at the
following URL:
http://www.dur.ac.uk/a.d.stribblehill/mirrored_grub.html
4. GRUB Terminology
Installing GRUB
15
Page 40
One of the most important things to understand before using GRUB is how the program refers
to devices, such as hard drives and partitions. This information is particularly important when
configuring GRUB to boot multiple operating systems.
4.1. Device Names
When referring to a specific device with GRUB, do so using the following format (note that the
parentheses and comma are very important syntactically):
(<type-of-device><bios-device-number>,<partition-number>)
The <type-of-device> specifies the type of device from which GRUB boots. The two most
common options are hd for a hard disk or fd for a 3.5 diskette. A lesser used device type is also
available called nd for a network disk. Instructions on configuring GRUB to boot over the
network are available online at http://www.gnu.org/software/grub/manual/.
The <bios-device-number> is the BIOS device number. The primary IDE hard drive is
numbered 0 and a secondary IDE hard drive is numbered 1. This syntax is roughly equivalent to
that used for devices by the kernel. For example, the a in hda for the kernel is analogous to the
0 in hd0 for GRUB, the b in hdb is analogous to the 1 in hd1, and so on.
The <partition-number> specifies the number of a partition on a device. Like the
<bios-device-number>, most types of partitions are numbered starting at 0. However, BSD
partitions are specified using letters, with a corresponding to 0, b corresponding to 1, and so on.
Tip
The numbering system for devices under GRUB always begins with 0, not 1.
Failing to make this distinction is one of the most common mistakes made by
new users.
To give an example, if a system has more than one hard drive, GRUB refers to the first hard
drive as (hd0) and the second as (hd1). Likewise, GRUB refers to the first partition on the first
drive as (hd0,0) and the third partition on the second hard drive as (hd1,2).
In general the following rules apply when naming devices and partitions under GRUB:
• It does not matter if system hard drives are IDE or SCSI, all hard drives begin with the letters
hd. The letters fd are used to specify 3.5 diskettes.
• To specify an entire device without respect to partitions, leave off the comma and the partition
number. This is important when telling GRUB to configure the MBR for a particular disk. For
example, (hd0) specifies the MBR on the first device and (hd3) specifies the MBR on the
fourth device.
Chapter 2. The GRUB Boot Loader
16
Page 41
• If a system has multiple drive devices, it is very important to know how the drive boot order is
set in the BIOS. This is a simple task if a system has only IDE or SCSI drives, but if there is a
mix of devices, it becomes critical that the type of drive with the boot partition be accessed
first.
4.2. File Names and Blocklists
When typing commands to GRUB that reference a file, such as a menu list, it is necessary to
specify an absolute file path immediately after the device and partition numbers.
The following illustrates the structure of such a command:
(<device-type><device-number>,<partition-number>)</path/to/file>
In this example, replace <device-type> with hd, fd, or nd. Replace <device-number> with the
integer for the device. Replace </path/to/file> with an absolute path relative to the top-level
of the device.
It is also possible to specify files to GRUB that do not actually appear in the file system, such as
a chain loader that appears in the first few blocks of a partition. To load such files, provide a
blocklist that specifies block by block where the file is located in the partition. Since a file is often
comprised of several different sets of blocks, blocklists use a special syntax. Each block
containing the file is specified by an offset number of blocks, followed by the number of blocks
from that offset point. Block offsets are listed sequentially in a comma-delimited list.
The following is a sample blocklist:
0+50,100+25,200+1
This sample blocklist specifies a file that starts at the first block on the partition and uses blocks
0 through 49, 100 through 124, and 200.
Knowing how to write blocklists is useful when using GRUB to load operating systems which
require chain loading. It is possible to leave off the offset number of blocks if starting at block 0.
As an example, the chain loading file in the first partition of the first hard drive would have the
following name:
(hd0,0)+1
The following shows the chainloader command with a similar blocklist designation at the
GRUB command line after setting the correct device and partition as root:
chainloader +1
4.3. The Root File System and GRUB
File Names and Blocklists
17
Page 42
The use of the term root file system has a different meaning in regard to GRUB. It is important
to remember that GRUB's root file system has nothing to do with the Linux root file system.
The GRUB root file system is the top level of the specified device. For example, the image file
(hd0,0)/grub/splash.xpm.gz is located within the /grub/ directory at the top-level (or root) of
the (hd0,0) partition (which is actually the /boot/ partition for the system).
Next, the kernel command is executed with the location of the kernel file as an option. Once
the Linux kernel boots, it sets up the root file system that Linux users are familiar with. The
original GRUB root file system and its mounts are forgotten; they only existed to boot the kernel
file.
Refer to the root and kernel commands in Section 6, “GRUB Commands” for more
information.
5. GRUB Interfaces
GRUB features three interfaces which provide different levels of functionality. Each of these
interfaces allows users to boot the Linux kernel or another operating system.
The interfaces are as follows:
Note
The following GRUB interfaces can only be accessed by pressing any key within
the three seconds of the GRUB menu bypass screen.
Menu Interface
This is the default interface shown when GRUB is configured by the installation program. A
menu of operating systems or preconfigured kernels are displayed as a list, ordered by
name. Use the arrow keys to select an option other than the default selection and press the
Enter key to boot it. Alternatively, a timeout period is set, after which GRUB loads the
default option.
Press the e key to enter the entry editor interface or the c key to load a command line
interface.
Refer to Section 7, “GRUB Menu Configuration File” for more information on configuring this
interface.
Menu Entry Editor Interface
To access the menu entry editor, press the e key from the boot loader menu. The GRUB
commands for that entry are displayed here, and users may alter these command lines
before booting the operating system by adding a command line (o inserts a new line after
the current line and O inserts a new line before it), editing one (e), or deleting one (d).
Chapter 2. The GRUB Boot Loader
18
Page 43
After all changes are made, the b key executes the commands and boots the operating
system. The Esc key discards any changes and reloads the standard menu interface. The c
key loads the command line interface.
Tip
For information about changing runlevels using the GRUB menu entry editor,
refer to Section 8, “Changing Runlevels at Boot Time”.
Command Line Interface
The command line interface is the most basic GRUB interface, but it is also the one that
grants the most control. The command line makes it possible to type any relevant GRUB
commands followed by the Enter key to execute them. This interface features some
advanced shell-like features, including Tab key completion, based on context, and Ctrl key
combinations when typing commands, such as Ctrl-a to move to the beginning of a line and
Ctrl-e to move to the end of a line. In addition, the arrow, Home, End, and Delete keys
work as they do in the bash shell.
Refer to Section 6, “GRUB Commands” for a list of common commands.
5.1. Interfaces Load Order
When GRUB loads its second stage boot loader, it first searches for its configuration file. Once
found, the menu interface bypass screen is displayed. If a key is pressed within three seconds,
GRUB builds a menu list and displays the menu interface. If no key is pressed, the default
kernel entry in the GRUB menu is used.
If the configuration file cannot be found, or if the configuration file is unreadable, GRUB loads
the command line interface, allowing the user to type commands to complete the boot process.
If the configuration file is not valid, GRUB prints out the error and asks for input. This helps the
user see precisely where the problem occurred. Pressing any key reloads the menu interface,
where it is then possible to edit the menu option and correct the problem based on the error
reported by GRUB. If the correction fails, GRUB reports an error and reloads the menu
interface.
6. GRUB Commands
GRUB allows a number of useful commands in its command line interface. Some of the
commands accept options after their name; these options should be separated from the
command and other options on that line by space characters.
The following is a list of useful commands:
Interfaces Load Order
19
Page 44
• boot — Boots the operating system or chain loader that was last loaded.
• chainloader </path/to/file> — Loads the specified file as a chain loader. If the file is
located on the first sector of the specified partition, use the blocklist notation, +1, instead of
the file name.
The following is an example chainloader command:
chainloader +1
• displaymem — Displays the current use of memory, based on information from the BIOS.
This is useful to determine how much RAM a system has prior to booting it.
• initrd </path/to/initrd> — Enables users to specify an initial RAM disk to use when
booting. An initrd is necessary when the kernel needs certain modules in order to boot
properly, such as when the root partition is formatted with the ext3 file system.
The following is an example initrd command:
initrd /initrd-2.6.8-1.523.img
• install <stage-1><install-disk><stage-2>pconfig-file — Installs GRUB to the
system MBR.
• <stage-1> — Signifies a device, partition, and file where the first boot loader image can be
found, such as (hd0,0)/grub/stage1.
• <install-disk> — Specifies the disk where the stage 1 boot loader should be installed,
such as (hd0).
• <stage-2> — Passes the stage 2 boot loader location to the stage 1 boot loader, such as
(hd0,0)/grub/stage2.
• p<config-file> — This option tells the install command to look for the menu
configuration file specified by <config-file>, such as (hd0,0)/grub/grub.conf.
Warning
The install command overwrites any information already located on the MBR.
• kernel </path/to/kernel><option-1><option-N> ... — Specifies the kernel file to load
when booting the operating system. Replace </path/to/kernel> with an absolute path from
the partition specified by the root command. Replace <option-1> with options for the Linux
kernel, such as root=/dev/VolGroup00/LogVol00 to specify the device on which the root
partition for the system is located. Multiple options can be passed to the kernel in a space
Chapter 2. The GRUB Boot Loader
20
Page 45
separated list.
The following is an example kernel command:
kernel /vmlinuz-2.6.8-1.523 ro root=/dev/VolGroup00/LogVol00
The option in the previous example specifies that the root file system for Linux is located on
the hda5 partition.
• root (<device-type><device-number>,<partition>) — Configures the root partition for
GRUB, such as (hd0,0), and mounts the partition.
The following is an example root command:
root (hd0,0)
• rootnoverify (<device-type><device-number>,<partition>) — Configures the root
partition for GRUB, just like the root command, but does not mount the partition.
Other commands are also available; type help --all for a full list of commands. For a
description of all GRUB commands, refer to the documentation available online at
http://www.gnu.org/software/grub/manual/.
7. GRUB Menu Configuration File
The configuration file (/boot/grub/grub.conf), which is used to create the list of operating
systems to boot in GRUB's menu interface, essentially allows the user to select a pre-set group
of commands to execute. The commands given in Section 6, “GRUB Commands” can be used,
as well as some special commands that are only available in the configuration file.
7.1. Configuration File Structure
The GRUB menu interface configuration file is /boot/grub/grub.conf. The commands to set
the global preferences for the menu interface are placed at the top of the file, followed by
stanzas for each operating kernel or operating system listed in the menu.
The following is a very basic GRUB menu configuration file designed to boot either Red Hat
Enterprise Linux or Microsoft Windows 2000:
default=0 timeout=10 splashimage=(hd0,0)/grub/splash.xpm.gz hiddenmenu
title Red Hat Enterprise Linux AS (2.6.8-1.523) root (hd0,0) kernel
/vmlinuz-2.6.8-1.523 ro root=/dev/VolGroup00/LogVol00 rhgb quiet initrd
/initrd-2.6.8-1.523.img # section to load Windows title Windows rootnoverify
(hd0,0) chainloader +1
This file configures GRUB to build a menu with Red Hat Enterprise Linux as the default
GRUB Menu Configuration File
21
Page 46
operating system and sets it to autoboot after 10 seconds. Two sections are given, one for each
operating system entry, with commands specific to the system disk partition table.
Note
Note that the default is specified as an integer. This refers to the first title line
in the GRUB configuration file. For the Windows section to be set as the default in
the previous example, change the default=0 to default=1.
Configuring a GRUB menu configuration file to boot multiple operating systems is beyond the
scope of this chapter. Consult Section 9, “Additional Resources” for a list of additional
resources.
7.2. Configuration File Directives
The following are directives commonly used in the GRUB menu configuration file:
• chainloader </path/to/file> — Loads the specified file as a chain loader. Replace
</path/to/file> with the absolute path to the chain loader. If the file is located on the first
sector of the specified partition, use the blocklist notation, +1.
• color <normal-color><selected-color> — Allows specific colors to be used in the menu,
where two colors are configured as the foreground and background. Use simple color names
such as red/black. For example:
color red/black green/blue
• default=<integer> — Replace <integer> with the default entry title number to be loaded if
the menu interface times out.
• fallback=<integer> — Replace <integer> with the entry title number to try if the first
attempt fails.
• hiddenmenu — Prevents the GRUB menu interface from being displayed, loading the
default entry when the timeout period expires. The user can see the standard GRUB menu
by pressing the Esc key.
• initrd </path/to/initrd> — Enables users to specify an initial RAM disk to use when
booting. Replace </path/to/initrd> with the absolute path to the initial RAM disk.
• kernel </path/to/kernel><option-1><option-N> — Specifies the kernel file to load
when booting the operating system. Replace </path/to/kernel> with an absolute path from
the partition specified by the root directive. Multiple options can be passed to the kernel when
it is loaded.
Chapter 2. The GRUB Boot Loader
22
Page 47
• password=<password> — Prevents a user who does not know the password from editing the
entries for this menu option.
Optionally, it is possible to specify an alternate menu configuration file after the
password=<password> directive. In this case, GRUB restarts the second stage boot loader
and uses the specified alternate configuration file to build the menu. If an alternate menu
configuration file is left out of the command, a user who knows the password is allowed to edit
the current configuration file.
For more information about securing GRUB, refer to the chapter titled Workstation Security in
the Red Hat Enterprise Linux Security Guide.
• root (<device-type><device-number>,<partition>) — Configures the root partition for
GRUB, such as (hd0,0), and mounts the partition.
• rootnoverify (<device-type><device-number>,<partition>) — Configures the root
partition for GRUB, just like the root command, but does not mount the partition.
• timeout=<integer> — Specifies the interval, in seconds, that GRUB waits before loading
the entry designated in the default command.
• splashimage=<path-to-image> — Specifies the location of the splash screen image to be
used when GRUB boots.
• title group-title — Specifies a title to be used with a particular group of commands used
to load a kernel or operating system.
To add human-readable comments to the menu configuration file, begin the line with the hash
mark character (#).
8. Changing Runlevels at Boot Time
Under Red Hat Enterprise Linux, it is possible to change the default runlevel at boot time.
To change the runlevel of a single boot session, use the following instructions:
• When the GRUB menu bypass screen appears at boot time, press any key to enter the
GRUB menu (within the first three seconds).
• Press the a key to append to the kernel command.
• Add <space><runlevel> at the end of the boot options line to boot to the desired runlevel.
For example, the following entry would initiate a boot process into runlevel 3:
grub append> ro root=/dev/VolGroup00/LogVol00 rhgb quiet 3
9. Additional Resources
Changing Runlevels at Boot Time
23
Page 48
This chapter is only intended as an introduction to GRUB. Consult the following resources to
discover more about how GRUB works.
9.1. Installed Documentation
• /usr/share/doc/grub-<version-number>/ — This directory contains good information
about using and configuring GRUB, where <version-number> corresponds to the version of
the GRUB package installed.
• info grub — The GRUB info page contains a tutorial, a user reference manual, a
programmer reference manual, and a FAQ document about GRUB and its usage.
9.2. Useful Websites
• http://www.gnu.org/software/grub/ [http://www.gnu.org/software/grub] — The home page of
the GNU GRUB project. This site contains information concerning the state of GRUB
development and an FAQ.
• http://www.redhat.com/mirrors/LDP/HOWTO/mini/Multiboot-with-GRUB.html — Investigates
various uses for GRUB, including booting operating systems other than Linux.
• http://www.linuxgazette.com/issue64/kohli.html — An introductory article discussing the
configuration of GRUB on a system from scratch, including an overview of GRUB command
line options.
9.3. Related Books
• Red Hat Enterprise Linux Security Guide; Red Hat, Inc. — The Workstation Security chapter
explains, in a concise manner, how to secure the GRUB boot loader.
Chapter 2. The GRUB Boot Loader
24
Page 49
File System Structure
1. Why Share a Common Structure?
The file system structure is the most basic level of organization in an operating system. Almost
all of the ways an operating system interacts with its users, applications, and security model are
dependent upon the way it organizes files on storage devices. Providing a common file system
structure ensures users and programs are able to access and write files.
File systems break files down into two logical categories:
• Shareable vs. unsharable files
• Variable vs. static files
Shareable files are those that can be accessed locally and by remote hosts; unsharable files are
only available locally. Variable files, such as documents, can be changed at any time; static
files, such as binaries, do not change without an action from the system administrator.
The reason for looking at files in this manner is to help correlate the function of the file with the
permissions assigned to the directories which hold them. The way in which the operating
system and its users interact with a given file determines the directory in which it is placed,
whether that directory is mounted with read-only or read/write permissions, and the level of
access each user has to that file. The top level of this organization is crucial. Access to the
underlying directories can be restricted or security problems could manifest themselves if, from
the top level down, it does not adhere to a rigid structure.
2. Overview of File System Hierarchy Standard (FHS)
Red Hat Enterprise Linux uses the Filesystem Hierarchy Standard (FHS) file system structure,
which defines the names, locations, and permissions for many file types and directories.
The FHS document is the authoritative reference to any FHS-compliant file system, but the
standard leaves many areas undefined or extensible. This section is an overview of the
standard and a description of the parts of the file system not covered by the standard.
Compliance with the standard means many things, but the two most important are compatibility
with other compliant systems and the ability to mount a /usr/ partition as read-only. This
second point is important because the directory contains common executables and should not
be changed by users. Also, since the /usr/ directory is mounted as read-only, it can be
mounted from the CD-ROM or from another machine via a read-only NFS mount.
2.1. FHS Organization
The directories and files noted here are a small subset of those specified by the FHS document.
Refer to the latest FHS document for the most complete information.
Chapter 3.
25
Page 50
The complete standard is available online at http://www.pathname.com/fhs/
[http://www.pathname.com/fhs].
2.1.1. The /boot/ Directory
The /boot/ directory contains static files required to boot the system, such as the Linux kernel.
These files are essential for the system to boot properly.
Warning
Do not remove the /boot/ directory. Doing so renders the system unbootable.
2.1.2. The /dev/ Directory
The /dev/ directory contains file system entries which represent devices that are attached to
the system. These files are essential for the system to function properly.
2.1.3. The /etc/ Directory
The /etc/ directory is reserved for configuration files that are local to the machine. No binaries
are to be placed in /etc/. Any binaries that were once located in /etc/ should be placed into
/sbin/ or /bin/.
The X11/ and skel/ directories are subdirectories of the /etc/ directory:
/etc |- X11/ |- skel/
The /etc/X11/ directory is for X Window System configuration files, such as xorg.conf. The
/etc/skel/ directory is for "skeleton" user files, which are used to populate a home directory
when a user is first created.
2.1.4. The /lib/ Directory
The /lib/ directory should contain only those libraries needed to execute the binaries in /bin/
and /sbin/. These shared library images are particularly important for booting the system and
executing commands within the root file system.
2.1.5. The /media/ Directory
The /media/ directory contains subdirectories used as mount points for removeable media,
such as 3.5 diskettes, CD-ROMs, and Zip disks.
2.1.6. The /mnt/ Directory
The /mnt/ directory is reserved for temporarily mounted file systems, such as NFS file system
Chapter 3. File System Structure
26
Page 51
mounts. For all removeable media, use the /media/ directory.
Note
This directory must not be used by installation programs.
2.1.7. The /opt/ Directory
The /opt/ directory provides storage for large, static application software packages.
A package placing files in the /opt/ directory creates a directory bearing the same name as the
package. This directory, in turn, holds files that otherwise would be scattered throughout the file
system, giving the system administrator an easy way to determine the role of each file within a
particular package.
For example, if sample is the name of a particular software package located within the /opt/
directory, then all of its files are placed in directories inside the /opt/sample/ directory, such as
/opt/sample/bin/ for binaries and /opt/sample/man/ for manual pages.
Large packages that encompass many different sub-packages, each of which accomplish a
particular task, are also located in the /opt/ directory, giving that large package a way to
organize itself. In this way, our sample package may have different tools that each go in their
own sub-directories, such as /opt/sample/tool1/ and /opt/sample/tool2/, each of which
can have their own bin/, man/, and other similar directories.
2.1.8. The /proc/ Directory
The /proc/ directory contains special files that either extract information from or send
information to the kernel.
Due to the great variety of data available within /proc/ and the many ways this directory can be
used to communicate with the kernel, an entire chapter has been devoted to the subject. For
more information, refer to Chapter 5, The proc File System.
2.1.9. The /sbin/ Directory
The /sbin/ directory stores executables used by the root user. The executables in /sbin/ are
only used at boot time and perform system recovery operations. Of this directory, the FHS says:
/sbin contains binaries essential for booting, restoring, recovering, and/or
repairing the system in addition to the binaries in /bin. Programs executed
after /usr/ is known to be mounted (when there are no problems) are generally
placed into /usr/sbin. Locally-installed system administration programs should
be placed into /usr/local/sbin.
At a minimum, the following programs should be in /sbin/:
FHS Organization
27
Page 52
arp, clock,halt, init, fsck.*, grub, ifconfig, mingetty, mkfs.*, mkswap,
reboot, route, shutdown, swapoff, swapon
2.1.10. The /srv/ Directory
The /srv/ directory contains site-specific data served by your system running Red Hat
Enterprise Linux. This directory gives users the location of data files for a particular service,
such as FTP, WWW, or CVS. Data that only pertains to a specific user should go in the /home/
directory.
Note
Please be aware that data files currently located in /var/may move to /srv/ in
future releases.
2.1.11. The /sys/ Directory
The /sys/ directory utilizes the new sysfs virtual file system specific to the 2.6 kernel. With the
increased support for hot plug hardware devices in the 2.6 kernel, the /sys/ directory contains
information similarly held in /proc/, but displays a hierarchical view of specific device
information in regards to hot plug devices.
To see how certain USB and FireWire devices are actually mounted, refer to the
/sbin/hotplug and /sbin/udev man pages.
2.1.12. The /usr/ Directory
The /usr/ directory is for files that can be shared across multiple machines. The /usr/
directory is often on its own partition and is mounted read-only. At a minimum, the following
directories should be subdirectories of /usr/:
/usr |- bin/ |- etc/ |- games/ |- include/ |- kerberos/ |- lib/ |- libexec/
|- local/ |- sbin/ |- share/ |- src/ |- tmp -> ../var/tmp/ |- X11R6/
Under the /usr/ directory, the bin/ subdirectory contains executables, etc/ contains
system-wide configuration files, games is for games, include/ contains C header files,
kerberos/ contains binaries and other Kerberos-related files, and lib/ contains object files
and libraries that are not designed to be directly utilized by users or shell scripts. The libexec/
directory contains small helper programs called by other programs, sbin/ is for system
administration binaries (those that do not belong in the /sbin/ directory), share/ contains files
that are not architecture-specific, src/ is for source code, and X11R6/ is for the X Window
System (XFree86 on Red Hat Enterprise Linux).
2.1.13. The /usr/local/ Directory
Chapter 3. File System Structure
28
Page 53
The FHS says:
The /usr/local hierarchy is for use by the system administrator when
installing software locally. It needs to be safe from being overwritten when the
system software is updated. It may be used for programs and data that are
shareable among a group of hosts, but not found in /usr.
The /usr/local/ directory is similar in structure to the /usr/ directory. It has the following
subdirectories, which are similar in purpose to those in the /usr/ directory:
/usr/local |- bin/ |- etc/ |- games/ |- include/ |- lib/ |- libexec/ |-
sbin/ |- share/ |- src/
In Red Hat Enterprise Linux, the intended use for the /usr/local/ directory is slightly different
from that specified by the FHS. The FHS says that /usr/local/ should be where software that
is to remain safe from system software upgrades is stored. Since software upgrades can be
performed safely with RPM Package Manager (RPM), it is not necessary to protect files by
putting them in /usr/local/. Instead, the /usr/local/ directory is used for software that is
local to the machine.
For instance, if the /usr/ directory is mounted as a read-only NFS share from a remote host, it
is still possible to install a package or program under the /usr/local/ directory.
2.1.14. The /var/ Directory
Since the FHS requires Linux to mount /usr/ as read-only, any programs that write log files or
need spool/ or lock/ directories should write them to the /var/ directory. The FHS states
/var/ is for:
...variable data files. This includes spool directories and files, administrative and
logging data, and transient and temporary files.
Below are some of the directories found within the /var/ directory:
/var |- account/ |- arpwatch/ |- cache/ |- crash/ |- db/ |- empty/ |- ftp/
|- gdm/ |- kerberos/ |- lib/ |- local/ |- lock/ |- log/ |- mail ->
spool/mail/ |- mailman/ |- named/ |- nis/ |- opt/ |- preserve/ |- run/ +spool/ |- at/ |- clientmqueue/ |- cron/ |- cups/ |- exim/ |- lpd/ |- mail/
|- mailman/ |- mqueue/ |- news/ |- postfix/ |- repackage/ |- rwho/ |- samba/
|- squid/ |- squirrelmail/ |- up2date/ |- uucp |- uucppublic/ |- vbox/ |tmp/ |- tux/ |- www/ |- yp/
System log files, such as messages and lastlog, go in the /var/log/ directory. The
/var/lib/rpm/ directory contains RPM system databases. Lock files go in the /var/lock/
directory, usually in directories for the program using the file. The /var/spool/ directory has
subdirectories for programs in which data files are stored.
Special File Locations Under Red Hat
29
Page 54
3. Special File Locations Under Red Hat Enterprise
Linux
Red Hat Enterprise Linux extends the FHS structure slightly to accommodate special files.
Most files pertaining to RPM are kept in the /var/lib/rpm/ directory. For more information on
RPM, refer to the chapter titled Package Management with RPM in the Red Hat Enterprise
Linux System Administration Guide.
The /var/spool/up2date/ directory contains files used by Red Hat Update Agent, including
RPM header information for the system. This location may also be used to temporarily store
RPMs downloaded while updating the system. For more information about Red Hat Network,
refer to the documentation online at https://rhn.redhat.com/.
Another location specific to Red Hat Enterprise Linux is the /etc/sysconfig/ directory. This
directory stores a variety of configuration information. Many scripts that run at boot time use the
files in this directory. Refer to Chapter 4, The sysconfig Directory for more information about
what is within this directory and the role these files play in the boot process.
Finally, one more directory worth noting is the /initrd/ directory. It is empty, but is used as a
critical mount point during the boot process.
Warning
Do not remove the /initrd/ directory for any reason. Removing this directory
causes the system to fail to boot with a kernel panic error message.
Chapter 3. File System Structure
30
Page 55
The sysconfig Directory
The /etc/sysconfig/ directory contains a variety of system configuration files for Red Hat
Enterprise Linux.
This chapter outlines some of the files found in the /etc/sysconfig/ directory, their function,
and their contents. The information in this chapter is not intended to be complete, as many of
these files have a variety of options that are only used in very specific or rare circumstances.
1. Files in the /etc/sysconfig/ Directory
The following files are normally found in the /etc/sysconfig/ directory:
• amd
• apmd
• arpwatch
• authconfig
• autofs
• clock
• desktop
• devlabel
• dhcpd
• exim
• firstboot
• gpm
• harddisks
• hwconf
• i18n
• init
• ip6tables-config
• iptables-config
• irda
Chapter 4.
31
Page 56
• keyboard
• kudzu
• mouse
• named
• netdump
• network
• ntpd
• pcmcia
• radvd
• rawdevices
• samba
• sendmail
• selinux
• spamassassin
• squid
• system-config-securitylevel
• system-config-users
• system-logviewer
• tux
• vncservers
• xinetd
Note
If some of the files listed here are not present in the /etc/sysconfig/ directory,
the corresponding program may not be installed.
The following sections offer descriptions of these files. Files not listed here as well as extra file
options found in the /usr/share/doc/initscripts-<version-number>/sysconfig.txt file
(replace <version-number> with the version of the initscripts package). Alternatively,
Chapter 4. The sysconfig Dire...
32
Page 57
looking through the initscripts in the /etc/rc.d/ directory can prove helpful.
1.1. /etc/sysconfig/amd
The /etc/sysconfig/amd file contains various parameters used by amd; these parameters
allow for the automatic mounting and unmounting of file systems.
1.2. /etc/sysconfig/apmd
The /etc/sysconfig/apmd file is used by apmd to configure what power settings to
start/stop/change on suspend or resume. This file configures how apmd functions at boot time,
depending on whether the hardware supports Advanced Power Management (APM) or whether
the user has configured the system to use it. The apm daemon is a monitoring program that
works with power management code within the Linux kernel. It is capable of alerting users to
low battery power on laptops and other power-related settings.
1.3. /etc/sysconfig/arpwatch
The /etc/sysconfig/arpwatch file is used to pass arguments to the arpwatch daemon at
boot time. The arpwatch daemon maintains a table of Ethernet MAC addresses and their IP
address pairings. By default, this file sets the owner of the arpwatch process to the user pcap
as well as sends any messages to the root mail queue. For more information regarding
available parameters for this file, refer to the arpwatch man page.
1.4. /etc/sysconfig/authconfig
The /etc/sysconfig/authconfig file sets the authorization to be used on the host. It contains
one or more of the following lines:
• USEMD5=<value>, where <value> is one of the following:
• yes — MD5 is used for authentication.
• no — MD5 is not used for authentication.
• USEKERBEROS=<value>, where <value> is one of the following:
• yes — Kerberos is used for authentication.
• no — Kerberos is not used for authentication.
• USELDAPAUTH=<value>, where <value> is one of the following:
• yes — LDAP is used for authentication.
• no — LDAP is not used for authentication.
1.5. /etc/sysconfig/autofs
/etc/sysconfig/amd
33
Page 58
The /etc/sysconfig/autofs file defines custom options for the automatic mounting of
devices. This file controls the operation of the automount daemons, which automatically mount
file systems when you use them and unmount them after a period of inactivity. File systems can
include network file systems, CD-ROMs, diskettes, and other media.
The /etc/sysconfig/autofs file may contain the following:
• LOCALOPTIONS="<value>", where "<value>" is a string for defining machine specific
automount rules. The default value is an empty string ("").
• DAEMONOPTIONS="<value>", where "<value>" is the timeout length in seconds before
unmounting the device. The default value is 60 seconds ("--timeout=60").
• UNDERSCORETODOT=<value>, where <value> is a binary value that controls whether to convert
underscores in file names into dots. For example, auto_home to auto.home and auto_mnt to
auto.mnt. The default value is 1 (true).
• DISABLE_DIRECT=<value>, where <value> is a binary value that controls whether to disable
direct mount support, as the Linux implementation does not conform to the Sun
Microsystems' automounter behavior. The default value is 1 (true), and allows for
compatibility with the Sun automounter options specification syntax.
1.6. /etc/sysconfig/clock
The /etc/sysconfig/clock file controls the interpretation of values read from the system
hardware clock.
The correct values are:
• UTC=<value>, where <value> is one of the following boolean values:
• true or yes — The hardware clock is set to Universal Time.
• false or no — The hardware clock is set to local time.
• ARC=<value>, where <value> is the following:
• true or yes — The ARC console's 42-year time offset is in effect. This setting is only for
ARC- or AlphaBIOS-based Alpha systems.
• false or no — This value indicates that the normal UNIX epoch is in use.
• SRM=<value>, where <value> is the following:
• true or yes — The SRM console's 1900 epoch is in effect. This setting is only for
SRM-based Alpha systems.
• false or no — This value indicates that the normal UNIX epoch is in use.
Chapter 4. The sysconfig Dire...
34
Page 59
• ZONE=<filename> — The time zone file under /usr/share/zoneinfo that /etc/localtime
is a copy of. The file contains information such as:
ZONE="America/New York"
Earlier releases of Red Hat Enterprise Linux used the following values (which are deprecated):
• CLOCKMODE=<value>, where <value> is one of the following:
• GMT — The clock is set to Universal Time (Greenwich Mean Time).
• ARC — The ARC console's 42-year time offset is in effect (for Alpha-based systems only).
1.7. /etc/sysconfig/desktop
The /etc/sysconfig/desktop file specifies the desktop for new users and the display
manager to run when entering runlevel 5.
Correct values are:
• DESKTOP="<value>", where "<value>" is one of the following:
• GNOME — Selects the GNOME desktop environment.
• KDE — Selects the KDE desktop environment.
• DISPLAYMANAGER="<value>", where "<value>" is one of the following:
• GNOME — Selects the GNOME Display Manager.
• KDE — Selects the KDE Display Manager.
• XDM — Selects the X Display Manager.
For more information, refer to Chapter 7, The X Window System.
1.8. /etc/sysconfig/devlabel
The /etc/sysconfig/devlabel is the devlabel configuration file. It should not be modified by
hand, but rather, configured using the /sbin/devlabel command.
For instructions on using the devlabel command, refer to the chapter titled User-Defined
Device Names in the Red Hat Enterprise Linux System Administration Guide.
1.9. /etc/sysconfig/dhcpd
/etc/sysconfig/desktop
35
Page 60
The /etc/sysconfig/dhcpd file is used to pass arguments to the dhcpd daemon at boot time.
The dhcpd daemon implements the Dynamic Host Configuration Protocol (DHCP) and the
Internet Bootstrap Protocol (BOOTP). DHCP and BOOTP assign hostnames to machines on the
network. For more information about what parameters are available in this file, refer to the
dhcpd man page.
1.10. /etc/sysconfig/exim
The /etc/sysconfig/exim file allows messages to be sent to one or more clients, routing the
messages over whatever networks are necessary. The file sets the default values for exim to
run. Its default values are set to run as a background daemon and to check its queue each hour
in case something has backed up.
The values include:
• DAEMON=<value>, where <value> is one of the following:
• yes — exim should be configured to listen to port 25 for incoming mail. yes implies the use
of Exim's -bd options.
• no — exim should not be configured to listen to port 25 for incoming mail.
• QUEUE=1h which is given to exim as -q$QUEUE. The -q option is not given to exim if
/etc/sysconfig/exim exists and QUEUE is empty or undefined.
1.11. /etc/sysconfig/firstboot
The first time the system boots, the /sbin/init program calls the
etc/rc.d/init.d/firstboot script, which in turn launches the Setup Agent. This application
allows the user to install the latest updates as well as additional applications and
documentation.
The /etc/sysconfig/firstboot file tells the Setup Agent application not to run on
subsequent reboots. To run it the next time the system boots, remove
/etc/sysconfig/firstboot and execute chkconfig --level 5 firstboot on.
1.12. /etc/sysconfig/gpm
The /etc/sysconfig/gpm file is used to pass arguments to the gpm daemon at boot time. The
gpm daemon is the mouse server which allows mouse acceleration and middle-click pasting. For
more information about what parameters are available for this file, refer to the gpm man page.
By default, the DEVICE directive is set to /dev/input/mice.
1.13. /etc/sysconfig/harddisks
The /etc/sysconfig/harddisks file tunes the hard drive(s). An administrator can also use
/etc/sysconfig/hardiskhd[a-h] to configure parameters for specific drives.
Chapter 4. The sysconfig Dire...
36
Page 61
Warning
Do not make changes to this file without careful consideration. By changing the
default values, it is possible to corrupt all of the data on the hard drive(s).
The /etc/sysconfig/harddisks file may contain the following:
• USE_DMA=1, where setting this value to 1 enables DMA. However, with some chipsets and
hard drive combinations, DMA can cause data corruption. Check the hard drive
documentation or with the manufacturer before enabling this option. By default, this entry is
commented out, and therefore disabled.
• Multiple_IO=16, where a setting of 16 allows for multiple sectors per I/O interrupt. When
enabled, this feature reduces operating system overhead by 30-50%. Use with caution. By
default, this entry is commented out, and therefore disabled.
• EIDE_32BIT=3 enables (E)IDE 32-bit I/O support to an interface card. By default, this entry is
commented out, and therefore disabled.
• LOOKAHEAD=1 enables drive read-lookahead. By default, this entry is commented out, and
therefore disabled.
• EXTRA_PARAMS= specifies where extra parameters can be added. By default, there are no
parameters listed.
1.14. /etc/sysconfig/hwconf
The /etc/sysconfig/hwconf file lists all the hardware that kudzu detected on the system, as
well as the drivers used, vendor ID, and device ID information. The kudzu program detects and
configures new and/or changed hardware on a system. The /etc/sysconfig/hwconf file is not
meant to be manually edited. If edited, devices could suddenly show up as being added or
removed.
1.15. /etc/sysconfig/i18n
The /etc/sysconfig/i18n file sets the default language, any supported languages, and the
default system font. For example:
LANG="en_US.UTF-8"
SUPPORTED="en_US.UTF-8:en_US:en"
SYSFONT="latarcyrheb-sun16"
1.16. /etc/sysconfig/init
/etc/sysconfig/hwconf
37
Page 62
The /etc/sysconfig/init file controls how the system appears and functions during the boot
process.
The following values may be used:
• BOOTUP=<value>, where <value> is one of the following:
• color — The standard color boot display, where the success or failure of devices and
services starting up is shown in different colors.
• verbose — An old style display which provides more information than purely a message of
success or failure.
• Anything else means a new display, but without ANSI-formatting.
• RES_COL=<value>, where <value> is the number of the column of the screen to start status
labels. The default is set to 60.
• MOVE_TO_COL=<value>, where <value> moves the cursor to the value in the RES_COL line via
the echo -en command.
• SETCOLOR_SUCCESS=<value>, where <value> sets the success color via the echo -en
command. The default color is set to green.
• SETCOLOR_FAILURE=<value>, where <value> sets the failure color via the echo -en
command. The default color is set to red.
• SETCOLOR_WARNING=<value>, where <value> sets the warning color via the echo -en
command. The default color is set to yellow.
• SETCOLOR_NORMAL=<value>, where <value> resets the color to "normal" via the echo -en.
• LOGLEVEL=<value>, where <value> sets the initial console logging level for the kernel. The
default is 3; 8 means everything (including debugging), while 1 means only kernel panics. The
syslogd daemon overrides this setting once started.
• PROMPT=<value>, where <value> is one of the following boolean values:
• yes — Enables the key check for interactive mode.
• no — Disables the key check for interactive mode.
1.17. /etc/sysconfig/ip6tables-config
The /etc/sysconfig/ip6tables-config file stores information used by the kernel to set up
IPv6 packet filtering at boot time or whenever the ip6tables service is started.
Do not modify this file by hand unless familiar with how to construct ip6tables rules. Rules also
can be created manually using the /sbin/ip6tables command. Once created, add the rules to
Chapter 4. The sysconfig Dire...
38
Page 63
the /etc/sysconfig/ip6tables file by typing the following command:
/sbin/service ip6tables save
Once this file exists, any firewall rules saved in it persists through a system reboot or a service
restart.
For more information on ip6tables, refer to Chapter 18, iptables.
1.18. /etc/sysconfig/iptables-config
The /etc/sysconfig/iptables-config file stores information used by the kernel to set up
packet filtering services at boot time or whenever the service is started.
Do not modify this file by hand unless you are familiar with constructing iptables rules. The
easiest way to add rules is to use the Security Level Configuration Tool
(system-config-securitylevel) application to create a firewall. These applications
automatically edit this file at the end of the process.
Rules can also be created manually using the /sbin/iptables command. Once created, add
the rule(s) to the /etc/sysconfig/iptables file by typing the following command:
/sbin/service iptables save
Once this file exists, any firewall rules saved in it persists through a system reboot or a service
restart.
For more information on iptables, refer to Chapter 18, iptables.
1.19. /etc/sysconfig/irda
The /etc/sysconfig/irda file controls how infrared devices on the system are configured at
startup.
The following values may be used:
• IRDA=<value>, where <value> is one of the following boolean values:
• yes — irattach runs and periodically checks to see if anything is trying to connect to the
infrared port, such as another notebook computer trying to make a network connection. For
infrared devices to work on the system, this line must be set to yes.
• no — irattach does not run, preventing infrared device communication.
• DEVICE=<value>, where <value> is the device (usually a serial port) that handles infrared
connections. A sample serial device entry could be /dev/ttyS2.
/etc/sysconfig/iptables-config
39
Page 64
• DONGLE=<value>, where <value> specifies the type of dongle being used for infrared
communication. This setting exists for people who use serial dongles rather than real infrared
ports. A dongle is a device that is attached to a traditional serial port to communicate via
infrared. This line is commented out by default because notebooks with real infrared ports are
far more common than computers with add-on dongles. A sample dongle entry could be
actisys+.
• DISCOVERY=<value>, where <value> is one of the following boolean values:
• yes — Starts irattach in discovery mode, meaning it actively checks for other infrared
devices. This must be turned on for the machine to actively look for an infrared connection
(meaning the peer that does not initiate the connection).
• no — Does not start irattach in discovery mode.
1.20. /etc/sysconfig/keyboard
The /etc/sysconfig/keyboard file controls the behavior of the keyboard. The following values
may be used:
• KEYBOARDTYPE="sun|pc" where sun means a Sun keyboard is attached on /dev/kbd, or pc
means a PS/2 keyboard connected to a PS/2 port.
• KEYTABLE="<file>", where <file> is the name of a keytable file.
For example: KEYTABLE="us". The files that can be used as keytables start in
/lib/kbd/keymaps/i386 and branch into different keyboard layouts from there, all labeled
<file>.kmap.gz. The first file found beneath /lib/kbd/keymaps/i386 that matches the
KEYTABLE setting is used.
1.21. /etc/sysconfig/kudzu
The /etc/sysconfig/kuzdu file triggers a safe probe of the system hardware by kudzu at boot
time. A safe probe is one that disables serial port probing.
• SAFE=<value>, where <value> is one of the following:
• yes — kuzdu does a safe probe.
• no — kuzdu does a normal probe.
1.22. /etc/sysconfig/mouse
The /etc/sysconfig/mouse file is used to specify information about the available mouse. The
following values may be used:
Chapter 4. The sysconfig Dire...
40
Page 65
• FULLNAME="<value>", where "<value>" refers to the full name of the kind of mouse being
used.
• MOUSETYPE="<value>", where "<value>" is one of the following:
• imps2 — A generic USB wheel mouse.
• microsoft — A Microsoft™ mouse.
• mouseman — A MouseMan™ mouse.
• mousesystems — A Mouse Systems™ mouse.
• ps/2 — A PS/2 mouse.
• msbm — A Microsoft™ bus mouse.
• logibm — A Logitech™ bus mouse.
• atibm — An ATI™ bus mouse.
• logitech — A Logitech™ mouse.
• mmseries — An older MouseMan™ mouse.
• mmhittab — An mmhittab mouse.
• XEMU3="<value>", where "<value>" is one of the following boolean values:
• yes — The mouse only has two buttons, but three mouse buttons should be emulated.
• no — The mouse already has three buttons.
• XMOUSETYPE="<value>", where "<value>" refers to the kind of mouse used when X is
running. The options here are the same as the MOUSETYPE setting in this same file.
• DEVICE=<value>, where <value> is the mouse device.
A sample value, /dev/input/mice, is a symbolic link that points to the actual mouse device.
1.23. /etc/sysconfig/named
The /etc/sysconfig/named file is used to pass arguments to the named daemon at boot time.
The named daemon is a Domain Name System (DNS) server which implements the Berkeley
Internet Name Domain (BIND) version 9 distribution. This server maintains a table of which
hostnames are associated with IP addresses on the network.
Currently, only the following values may be used:
• ROOTDIR="</some/where>", where </some/where> refers to the full directory path of a
configured chroot environment under which named runs. This chroot environment must first be
/etc/sysconfig/named
41
Page 66
configured. Type info chroot for more information.
• OPTIONS="<value>", where <value> is any option listed in the man page for named except
-t. In place of -t, use the ROOTDIR line above.
For more information about available parameters for this file, refer to the named man page. For
detailed information on how to configure a BIND DNS server, refer to Chapter 12, Berkeley
Internet Name Domain (BIND). By default, the file contains no parameters.
1.24. /etc/sysconfig/netdump
The /etc/sysconfig/netdump file is the configuration file for the /etc/init.d/netdump
service. The netdump service sends both oops data and memory dumps over the network. In
general, netdump is not a required service; only run it if absolutely necessary. For more
information about what parameters are available for this file, refer to the netdump man page.
1.25. /etc/sysconfig/network
The /etc/sysconfig/network file is used to specify information about the desired network
configuration. The following values may be used:
• NETWORKING=<value>, where <value> is one of the following boolean values:
• yes — Networking should be configured.
• no — Networking should not be configured.
• HOSTNAME=<value>, where <value> should be the Fully Qualified Domain Name (FQDN),
such as hostname.expample.com, but can be whatever hostname is necessary.
Note
For compatibility with older software that some users may need to install, such as
trn, the /etc/HOSTNAME file should contain the same value as set here.
• GATEWAY=<value>, where <value> is the IP address of the network's gateway.
• GATEWAYDEV=<value>, where <value> is the gateway device, such as eth0.
• NISDOMAIN=<value>, where <value> is the NIS domain name.
1.26. /etc/sysconfig/ntpd
The /etc/sysconfig/ntpd file is used to pass arguments to the ntpd daemon at boot time.
The ntpd daemon sets and maintains the system clock to synchronize with an Internet standard
time server. It implements version 4 of the Network Time Protocol (NTP). For more information
Chapter 4. The sysconfig Dire...
42
Page 67
about what parameters are available for this file, use a Web browser to view the following file:
/usr/share/doc/ntp-<version>/ntpd.htm (where <version> is the version number of ntpd).
By default, this file sets the owner of the ntpd process to the user ntp.
1.27. /etc/sysconfig/pcmcia
The /etc/sysconfig/pcmcia file is used to specify PCMCIA configuration information. The
following values may be used:
• PCMCIA=<value>, where <value> is one of the following:
• yes — PCMCIA support should be enabled.
• no — PCMCIA support should not be enabled.
• PCIC=<value>, where <value> is one of the following:
• i82365 — The computer has an i82365-style PCMCIA socket chipset.
• tcic — The computer has a tcic-style PCMCIA socket chipset.
• PCIC_OPTS=<value>, where <value> is the socket driver (i82365 or tcic) timing parameters.
• CORE_OPTS=<value>, where <value> is the list of pcmcia_core options.
• CARDMGR_OPTS=<value>, where <value> is the list of options for the PCMCIA cardmgr (such
as -q for quiet mode, -m to look for loadable kernel modules in the specified directory, and so
on). Read the cardmgr man page for more information.
1.28. /etc/sysconfig/radvd
The /etc/sysconfig/radvd file is used to pass arguments to the radvd daemon at boot time.
The radvd daemon listens for router requests and sends router advertisements for the IP
version 6 protocol. This service allows hosts on a network to dynamically change their default
routers based on these router advertisements. For more information about available parameters
for this file, refer to the radvd man page. By default, this file sets the owner of the radvd
process to the user radvd.
1.29. /etc/sysconfig/rawdevices
The /etc/sysconfig/rawdevices file is used to configure raw device bindings, such as:
/dev/raw/raw1 /dev/sda1
/dev/raw/raw2 8 5
1.30. /etc/sysconfig/samba
/etc/sysconfig/pcmcia
43
Page 68
The /etc/sysconfig/samba file is used to pass arguments to the smbd and the nmbd daemons
at boot time. The smbd daemon offers file sharing connectivity for Windows clients on the
network. The nmbd daemon offers NetBIOS over IP naming services. For more information
about what parameters are available for this file, refer to the smbd man page. By default, this file
sets smbd and nmbd to run in daemon mode.
1.31. /etc/sysconfig/selinux
The /etc/sysconfig/selinux file contains the basic configuration options for SELinux. This
file is a symbolic link to /etc/selinux/config. For more information on SELinux, refer to
Chapter 21, SELinux.
1.32. /etc/sysconfig/sendmail
The /etc/sysconfig/sendmail file allows messages to be sent to one or more clients, routing
the messages over whatever networks are necessary. The file sets the default values for the
Sendmail application to run. Its default values are set to run as a background daemon and to
check its queue each hour in case something has backed up.
Values include:
• DAEMON=<value>, where <value> is one of the following:
• yes — Sendmail should be configured to listen to port 25 for incoming mail. yes implies the
use of Sendmail's -bd options.
• no — Sendmail should not be configured to listen to port 25 for incoming mail.
• QUEUE=1h which is given to Sendmail as -q$QUEUE. The -q option is not given to Sendmail if
/etc/sysconfig/sendmail exists and QUEUE is empty or undefined.
1.33. /etc/sysconfig/spamassassin
The /etc/sysconfig/spamassassin file is used to pass arguments to the spamd daemon (a
daemonized version of Spamassassin) at boot time. Spamassassin is an email spam filter
application. For a list of available options, refer to the spamd man page. By default, it configures
spamd to run in daemon mode, create user preferences, and auto-create whitelists (allowed bulk
senders).
For more information about Spamassassin, refer to Section 4.2.6, “Spam Filters”.
1.34. /etc/sysconfig/squid
The /etc/sysconfig/squid file is used to pass arguments to the squid daemon at boot time.
The squid daemon is a proxy caching server for Web client applications. For more information
on configuring a squid proxy server, use a Web browser to open the
/usr/share/doc/squid-<version>/ directory (replace <version> with the squid version
Chapter 4. The sysconfig Dire...
44
Page 69
number installed on the system). By default, this file sets squid to start in daemon mode and
sets the amount of time before it shuts itself down.
1.35. /etc/sysconfig/system-config-securitylevel
The /etc/sysconfig/system-config-securitylevel file contains all options chosen by the
user the last time the Security Level Configuration Tool (system-config-securitylevel)
was run. Users should not modify this file by hand. For more information about the Security
Level Configuration Tool, refer to the chapter titled Basic Firewall Configuration in the Red Hat
Enterprise Linux System Administration Guide.
1.36. /etc/sysconfig/system-config-users
The /etc/sysconfig/system-config-users file is the configuration file for the graphical
application, User Manager. This file is used to filter out system users such as root, daemon, or
lp. This file is edited by the Preferences => Filter system users and groups pull-down menu
in the User Manager application and should never be edited by hand. For more information on
using this application, refer to the chapter called User and Group Configuration in the Red Hat
Enterprise Linux System Administration Guide.
1.37. /etc/sysconfig/system-logviewer
The /etc/sysconfig/system-logviewer file is the configuration file for the graphical,
interactive log viewing application, Log Viewer. This file is edited by the Edit => Preferences
pull-down menu in the Log Viewer application and should not be edited by hand. For more
information on using this application, refer to the chapter called Log Files in the Red Hat
Enterprise Linux System Administration Guide.
1.38. /etc/sysconfig/tux
The /etc/sysconfig/tux file is the configuration file for the Red Hat Content Accelerator
(formerly known as TUX), the kernel-based Web server. For more information on configuring the
Red Hat Content Accelerator, use a Web browser to open the
/usr/share/doc/tux-<version>/tux/index.html file (replace <version> with the version
number of TUX installed on the system). The parameters available for this file are listed in
/usr/share/doc/tux-<version>/tux/parameters.html.
1.39. /etc/sysconfig/vncservers
The /etc/sysconfig/vncservers file configures the way the Virtual Network Computing
(VNC) server starts up.
VNC is a remote display system which allows users to view the desktop environment not only
on the machine where it is running but across different networks on a variety of architectures.
It may contain the following:
/etc/sysconfig/system-config-securitylevel
45
Page 70
• VNCSERVERS=<value>, where <value> is set to something like "1:fred", to indicate that a
VNC server should be started for user fred on display :1. User fred must have set a VNC
password using the vncpasswd command before attempting to connect to the remote VNC
server.
Note that when using a VNC server, communication with it is unencrypted and it should not be
used on an untrusted network. For specific instructions concerning the use of SSH to secure
VNC communication, read the information found online at
http://www.uk.research.att.com/archive/vnc/sshvnc.html. To find out more about SSH, refer to
Chapter 20, SSH Protocol in the Red Hat Enterprise Linux System Administration Guide.
1.40. /etc/sysconfig/xinetd
The /etc/sysconfig/xinetd file is used to pass arguments to the xinetd daemon at boot
time. The xinetd daemon starts programs that provide Internet services when a request to the
port for that service is received. For more information about available parameters for this file,
refer to the xinetd man page. For more information on the xinetd service, refer to Section 3,
“xinetd”.
2. Directories in the /etc/sysconfig/ Directory
The following directories are normally found in /etc/sysconfig/.
• apm-scripts/ — This directory contains the APM suspend/resume script. Do not edit the
files directly. If customization is necessary, create a file called
/etc/sysconfig/apm-scripts/apmcontinue which is called at the end of the script. It is
also possible to control the script by editing /etc/sysconfig/apmd.
• cbq/ — This directory contains the configuration files needed to do Class Based Queuing for
bandwidth management on network interfaces. CBQ divides user traffic into a hierarchy of
classes based on any combination of IP addresses, protocols, and application types.
• networking/ — This directory is used by the Network Administration Tool
(system-config-network), and its contents should not be edited manually. For more
information about configuring network interfaces using the Network Administration Tool,
refer to the chapter called Network Configuration in the Red Hat Enterprise Linux System
Administration Guide.
• network-scripts/ — This directory contains the following network-related configuration
files:
• Network configuration files for each configured network interface, such as ifcfg-eth0 for
the eth0 Ethernet interface.
• Scripts used to bring up and down network interfaces, such as ifup and ifdown.
• Scripts used to bring up and down ISDN interfaces, such as ifup-isdn and ifdown-isdn.
Chapter 4. The sysconfig Dire...
46
Page 71
• Various shared network function scripts which should not be edited directly.
For more information on the network-scripts directory, refer to Chapter 8, Network
Interfaces.
• rhn/ — This directory contains the configuration files and GPG keys for Red Hat Network. No
files in this directory should be edited by hand. For more information on Red Hat Network,
refer to the Red Hat Network website online at https://rhn.redhat.com/.
3. Additional Resources
This chapter is only intended as an introduction to the files in the /etc/sysconfig/ directory.
The following source contains more comprehensive information.
3.1. Installed Documentation
• /usr/share/doc/initscripts-<version-number>/sysconfig.txt — This file contains a
more authoritative listing of the files found in the /etc/sysconfig/ directory and the
configuration options available for them. The <version-number> in the path to this file
corresponds to the version of the initscripts package installed.
Additional Resources
47
Page 72
48
Page 73
The proc File System
The Linux kernel has two primary functions: to control access to physical devices on the
computer and to schedule when and how processes interact with these devices. The /proc/
directory — also called the proc file system — contains a hierarchy of special files which
represent the current state of the kernel — allowing applications and users to peer into the
kernel's view of the system.
Within the /proc/ directory, one can find a wealth of information detailing the system hardware
and any processes currently running. In addition, some of the files within the /proc/ directory
tree can be manipulated by users and applications to communicate configuration changes to the
kernel.
1. A Virtual File System
Under Linux, all data are stored as files. Most users are familiar with the two primary types of
files: text and binary. But the /proc/ directory contains another type of file called a virtual file. It
is for this reason that /proc/ is often referred to as a virtual file system.
These virtual files have unique qualities. Most of them are listed as zero bytes in size and yet
when one is viewed, it can contain a large amount of information. In addition, most of the time
and date settings on virtual files reflect the current time and date, indicative of the fact they are
constantly updated.
Virtual files such as /proc/interrupts, /proc/meminfo, /proc/mounts, and
/proc/partitions provide an up-to-the-moment glimpse of the system's hardware. Others, like
the /proc/filesystems file and the /proc/sys/ directory provide system configuration
information and interfaces.
For organizational purposes, files containing information on a similar topic are grouped into
virtual directories and sub-directories. For instance, /proc/ide/ contains information for all
physical IDE devices. Likewise, process directories contain information about each running
process on the system.
1.1. Viewing Virtual Files
By using the cat, more, or less commands on files within the /proc/ directory, users can
immediately access enormous amounts of information about the system. For example, to
display the type of CPU a computer has, type cat /proc/cpuinfo to receive output similar to
the following:
processor : 0 vendor_id : AuthenticAMD cpu family : 5 model : 9 model name
: AMD-K6(tm) 3D+ Processor stepping : 1 cpu MHz : 400.919 cache size : 256
KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes
fpu_exception : yes cpuid level : 1 wp : yes flags : fpu vme de pse tsc msr
mce cx8 pge mmx syscall 3dnow k6_mtrr bogomips : 799.53
Chapter 5.
49
Page 74
When viewing different virtual files in the /proc/ file system, some of the information is easily
understandable while some is not human-readable. This is in part why utilities exist to pull data
from virtual files and display it in a useful way. Examples of these utilities include lspci, apm,
free, and top.
Note
Some of the virtual files in the /proc/ directory are readable only by the root
user.
1.2. Changing Virtual Files
As a general rule, most virtual files within the /proc/ directory are read-only. However, some
can be used to adjust settings in the kernel. This is especially true for files in the /proc/sys/
subdirectory.
To change the value of a virtual file, use the echo command and a greater than symbol (>) to
redirect the new value to the file. For example, to change the hostname on the fly, type:
echo www.example.com > /proc/sys/kernel/hostname
Other files act as binary or boolean switches. Typing cat /proc/sys/net/ipv4/ip_forward
returns either a 0 or a 1. A 0 indicates that the kernel is not forwarding network packets. Using
the echo command to change the value of the ip_forward file to 1 immediately turns packet
forwarding on.
Tip
Another command used to alter settings in the /proc/sys/ subdirectory is
/sbin/sysctl. For more information on this command, refer to Section 4, “Using
the sysctl Command”
For a listing of some of the kernel configuration files available in the /proc/sys/ subdirectory,
refer to Section 3.9, “/proc/sys/”.
2. Top-level Files within the proc File System
Below is a list of some of the more useful virtual files in the top-level of the /proc/ directory.
Chapter 5. The proc File System
50
Page 75
Note
In most cases, the content of the files listed in this section are not the same as
those installed on your machine. This is because much of the information is
specific to the hardware on which Red Hat Enterprise Linux is running for this
documentation effort.
2.1. /proc/apm
This file provides information about the state of the Advanced Power Management (APM)
system and is used by the apm command. If a system with no battery is connected to an AC
power source, this virtual file would look similar to the following:
1.16 1.2 0x07 0x01 0xff 0x80 -1% -1 ?
Running the apm -v command on such a system results in output similar to the following:
APM BIOS 1.2 (kernel driver 1.16ac) AC on-line, no system battery
For systems which do not use a battery as a power source, apm is able do little more than put
the machine in standby mode. The apm command is much more useful on laptops. For example,
the following output is from the command cat /proc/apm on a laptop while plugged into a
power outlet:
1.16 1.2 0x03 0x01 0x03 0x09 100% -1 ?
When the same laptop is unplugged from its power source for a few minutes, the content of the
apm file changes to something like the following:
1.16 1.2 0x03 0x00 0x00 0x01 99% 1792 min
The apm -v command now yields more useful data, such as the following:
APM BIOS 1.2 (kernel driver 1.16) AC off-line, battery status high: 99% (1
day, 5:52)
2.2. /proc/buddyinfo
This file is used primarily for diagnosing memory fragmentation issues. Using the buddy
algorithm, each column represents the number of pages of a certain order (a certain size) that
are available at any given time. For example, for zone DMA (direct memory access), there are
/proc/apm
51
Page 76
90 of 2^(0*PAGE_SIZE) chunks of memory. Similarly, there are 6 of 2^(1*PAGE_SIZE) chunks,
and 2 of 2^(2*PAGE_SIZE) chunks of memory available.
The DMA row references the first 16 MB on a system, the HighMem row references all memory
greater than 4 GB on a system, and the Normal row references all memory in between.
The following is an example of the output typical of /proc/buddyinfo:
Node 0, zone DMA 90 6 2 1 1 ... Node 0, zone Normal 1650 310 5 0 0 ... Node
0, zone HighMem 2 0 0 1 1 ...
2.3. /proc/cmdline
This file shows the parameters passed to the kernel at the time it is started. A sample
/proc/cmdline file looks like the following:
ro root=/dev/VolGroup00/LogVol00 rhgb quiet 3
This tells us that the kernel is mounted read-only (signified by (ro)), located on the first logical
volume (LogVol00) of the first volume group (/dev/VolGroup00). LogVol00 is the equivalent of
a disk partition in a non-LVM system (Logical Volume Management), just as /dev/VolGroup00
is similar in concept to /dev/hda1, but much more extensible.
For more information on LVM used in Red Hat Enterprise Linux, refer to
http://www.tldp.org/HOWTO/LVM-HOWTO/index.html.
Next, rhgb signals that the rhgb package has been installed, and graphical booting is
supported, assuming /etc/inittab shows a default runlevel set to id:5:initdefault:.
Finally, quiet indicates all verbose kernel messages are suppressed at boot time.
2.4. /proc/cpuinfo
This virtual file identifies the type of processor used by your system. The following is an
example of the output typical of /proc/cpuinfo:
processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 2 model name
: Intel(R) Xeon(TM) CPU 2.40GHz stepping : 7 cpu MHz : 2392.371 cache size :
512 KB physical id : 0 siblings : 2 runqueue : 0 fdiv_bug : no hlt_bug : no
f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 2 wp
: yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm bogomips : 4771.02
• processor — Provides each processor with an identifying number. On systems that have one
processor, only a 0 is present.
Chapter 5. The proc File System
52
Page 77
• cpu family — Authoritatively identifies the type of processor in the system. For an
Intel-based system, place the number in front of "86" to determine the value. This is
particularly helpful for those attempting to identify the architecture of an older system such as
a 586, 486, or 386. Because some RPM packages are compiled for each of these particular
architectures, this value also helps users determine which packages to install.
• model name — Displays the common name of the processor, including its project name.
• cpu MHz — Shows the precise speed in megahertz for the processor to the thousandths
decimal place.
• cache size — Displays the amount of level 2 memory cache available to the processor.
• siblings — Displays the number of sibling CPUs on the same physical CPU for
architectures which use hyper-threading.
• flags — Defines a number of different qualities about the processor, such as the presence of
a floating point unit (FPU) and the ability to process MMX instructions.
2.5. /proc/crypto
This file lists all installed cryptographic ciphers used by the Linux kernel, including additional
details for each. A sample /proc/crypto file looks like the following:
name : sha1 module : kernel type : digest blocksize : 64 digestsize : 20
name : md5 module : md5 type : digest blocksize : 64 digestsize : 16
2.6. /proc/devices
This file displays the various character and block devices currently configured (not including
devices whose modules are not loaded). Below is a sample output from this file:
Character devices: 1 mem 4 /dev/vc/0 4 tty 4 ttyS 5 /dev/tty 5 /dev/console
5 /dev/ptmx 7 vcs 10 misc 13 input 29 fb 36 netlink 128 ptm 136 pts 180 usb
Block devices: 1 ramdisk 3 ide0 9 md 22 ide1 253 device-mapper 254 mdp
The output from /proc/devices includes the major number and name of the device, and is
broken into two major sections: Character devices and Block devices.
Character devices are similar to block devices, except for two basic differences:
1. Character devices do not require buffering. Block devices have a buffer available, allowing
them to order requests before addressing them. This is important for devices designed to
store information — such as hard drives — because the ability to order the information before
writing it to the device allows it to be placed in a more efficient order.
/proc/crypto
53
Page 78
2. Character devices send data with no preconfigured size. Block devices can send and receive
information in blocks of a size configured per device.
For more information about devices refer to the following installed documentation:
/usr/share/doc/kernel-doc-<version>/Documentation/devices.txt
2.7. /proc/dma
This file contains a list of the registered ISA DMA channels in use. A sample /proc/dma files
looks like the following:
4: cascade
2.8. /proc/execdomains
This file lists the execution domains currently supported by the Linux kernel, along with the
range of personalities they support.
0-0 Linux [kernel]
Think of execution domains as the "personality" for an operating system. Because other binary
formats, such as Solaris, UnixWare, and FreeBSD, can be used with Linux, programmers can
change the way the operating system treats system calls from these binaries by changing the
personality of the task. Except for the PER_LINUX execution domain, different personalities can
be implemented as dynamically loadable modules.
2.9. /proc/fb
This file contains a list of frame buffer devices, with the frame buffer device number and the
driver that controls it. Typical output of /proc/fb for systems which contain frame buffer
devices looks similar to the following:
0 VESA VGA
2.10. /proc/filesystems
This file displays a list of the file system types currently supported by the kernel. Sample output
from a generic /proc/filesystems file looks similar to the following:
nodev sysfs nodev rootfs nodev bdev nodev proc nodev sockfs nodev
binfmt_misc nodev usbfs nodev usbdevfs nodev futexfs nodev tmpfs nodev
pipefs nodev eventpollfs nodev devpts ext2 nodev ramfs nodev hugetlbfs
iso9660 nodev mqueue ext3 nodev rpc_pipefs nodev autofs
Chapter 5. The proc File System
54
Page 79
The first column signifies whether the file system is mounted on a block device. Those
beginning with nodev are not mounted on a device. The second column lists the names of the
file systems supported.
The mount command cycles through the file systems listed here when one is not specified as an
argument.
2.11. /proc/interrupts
This file records the number of interrupts per IRQ on the x86 architecture. A standard
/proc/interrupts looks similar to the following:
CPU0 0: 80448940 XT-PIC timer 1: 174412 XT-PIC keyboard 2: 0 XT-PIC cascade
8: 1 XT-PIC rtc 10: 410964 XT-PIC eth0 12: 60330 XT-PIC PS/2 Mouse 14:
1314121 XT-PIC ide0 15: 5195422 XT-PIC ide1 NMI: 0 ERR: 0
For a multi-processor machine, this file may look slightly different:
CPU0 CPU1 0: 1366814704 0 XT-PIC timer 1: 128 340 IO-APIC-edge keyboard 2:
0 0 XT-PIC cascade 8: 0 1 IO-APIC-edge rtc 12: 5323 5793 IO-APIC-edge PS/2
Mouse 13: 1 0 XT-PIC fpu 16: 11184294 15940594 IO-APIC-level Intel
EtherExpress Pro 10/100 Ethernet 20: 8450043 11120093 IO-APIC-level megaraid
30: 10432 10722 IO-APIC-level aic7xxx 31: 23 22 IO-APIC-level aic7xxx NMI: 0
ERR: 0
The first column refers to the IRQ number. Each CPU in the system has its own column and its
own number of interrupts per IRQ. The next column reports the type of interrupt, and the last
column contains the name of the device that is located at that IRQ.
Each of the types of interrupts seen in this file, which are architecture-specific, mean something
different. For x86 machines, the following values are common:
• XT-PIC — This is the old AT computer interrupts.
• IO-APIC-edge — The voltage signal on this interrupt transitions from low to high, creating an
edge, where the interrupt occurs and is only signaled once. This kind of interrupt, as well as
the IO-APIC-level interrupt, are only seen on systems with processors from the 586 family
and higher.
• IO-APIC-level — Generates interrupts when its voltage signal is high until the signal is low
again.
2.12. /proc/iomem
This file shows you the current map of the system's memory for each physical device:
00000000-0009fbff : System RAM 0009fc00-0009ffff : reserved
/proc/interrupts
55
Page 80
000a0000-000bffff : Video RAM area 000c0000-000c7fff : Video ROM
000f0000-000fffff : System ROM 00100000-07ffffff : System RAM
00100000-00291ba8 : Kernel code 00291ba9-002e09cb : Kernel data
e0000000-e3ffffff : VIA Technologies, Inc. VT82C597 [Apollo VP3]
e4000000-e7ffffff : PCI Bus #01 e4000000-e4003fff : Matrox Graphics, Inc.
MGA G200 AGP e5000000-e57fffff : Matrox Graphics, Inc. MGA G200 AGP
e8000000-e8ffffff : PCI Bus #01 e8000000-e8ffffff : Matrox Graphics, Inc.
MGA G200 AGP ea000000-ea00007f : Digital Equipment Corporation DECchip 21140
[FasterNet] ea000000-ea00007f : tulip ffff0000-ffffffff : reserved
The first column displays the memory registers used by each of the different types of memory.
The second column lists the kind of memory located within those registers and displays which
memory registers are used by the kernel within the system RAM or, if the network interface card
has multiple Ethernet ports, the memory registers assigned for each port.
2.13. /proc/ioports
The output of /proc/ioports provides a list of currently registered port regions used for input
or output communication with a device. This file can be quite long. The following is a partial
listing:
0000-001f : dma1 0020-003f : pic1 0040-005f : timer 0060-006f : keyboard
0070-007f : rtc 0080-008f : dma page reg 00a0-00bf : pic2 00c0-00df : dma2
00f0-00ff : fpu 0170-0177 : ide1 01f0-01f7 : ide0 02f8-02ff : serial(auto)
0376-0376 : ide1 03c0-03df : vga+ 03f6-03f6 : ide0 03f8-03ff : serial(auto)
0cf8-0cff : PCI conf1 d000-dfff : PCI Bus #01 e000-e00f : VIA Technologies,
Inc. Bus Master IDE e000-e007 : ide0 e008-e00f : ide1 e800-e87f : Digital
Equipment Corporation DECchip 21140 [FasterNet] e800-e87f : tulip
The first column gives the I/O port address range reserved for the device listed in the second
column.
2.14. /proc/kcore
This file represents the physical memory of the system and is stored in the core file format.
Unlike most /proc/ files, kcore displays a size. This value is given in bytes and is equal to the
size of the physical memory (RAM) used plus 4 KB.
The contents of this file are designed to be examined by a debugger, such as gdb, and is not
human readable.
Caution
Do not view the /proc/kcore virtual file. The contents of the file scramble text
output on the terminal. If this file is accidentally viewed, press Ctrl-C to stop the
process and then type reset to bring back the command line prompt.
Chapter 5. The proc File System
56
Page 81
2.15. /proc/kmsg
This file is used to hold messages generated by the kernel. These messages are then picked up
by other programs, such as /sbin/klogd or /bin/dmesg.
2.16. /proc/loadavg
This file provides a look at the load average in regard to both the CPU and IO over time, as well
as additional data used by uptime and other commands. A sample /proc/loadavg file looks
similar to the following:
0.20 0.18 0.12 1/80 11206
The first three columns measure CPU and IO utilization of the last one, five, and 10 minute
periods. The fourth column shows the number of currently running processes and the total
number of processes. The last column displays the last process ID used.
2.17. /proc/locks
This file displays the files currently locked by the kernel. The contents of this file contain internal
kernel debugging data and can vary tremendously, depending on the use of the system. A
sample /proc/locks file for a lightly loaded system looks similar to the following:
1: POSIX ADVISORY WRITE 3568 fd:00:2531452 0 EOF 2: FLOCK ADVISORY WRITE
3517 fd:00:2531448 0 EOF 3: POSIX ADVISORY WRITE 3452 fd:00:2531442 0 EOF 4:
POSIX ADVISORY WRITE 3443 fd:00:2531440 0 EOF 5: POSIX ADVISORY WRITE 3326
fd:00:2531430 0 EOF 6: POSIX ADVISORY WRITE 3175 fd:00:2531425 0 EOF 7:
POSIX ADVISORY WRITE 3056 fd:00:2548663 0 EOF
Each lock has its own line which starts with a unique number. The second column refers to the
class of lock used, with FLOCK signifying the older-style UNIX file locks from a flock system call
and POSIX representing the newer POSIX locks from the lockf system call.
The third column can have two values: ADVISORY or MANDATORY. ADVISORY means that the lock
does not prevent other people from accessing the data; it only prevents other attempts to lock it.
MANDATORY means that no other access to the data is permitted while the lock is held. The fourth
column reveals whether the lock is allowing the holder READ or WRITE access to the file. The fifth
column shows the ID of the process holding the lock. The sixth column shows the ID of the file
being locked, in the format of MAJOR-DEVICE:MINOR-DEVICE:INODE-NUMBER. The seventh and
eighth column shows the start and end of the file's locked region.
2.18. /proc/mdstat
This file contains the current information for multiple-disk, RAID configurations. If the system
does not contain such a configuration, then /proc/mdstat looks similar to the following:
Personalities : read_ahead not set unused devices: <none>
/proc/loadavg
57
Page 82
This file remains in the same state as seen above unless a software RAID or md device is
present. In that case, view /proc/mdstat to find the current status of mdX RAID devices.
The /proc/mdstat file below shows a system with its md0 configured as a RAID 1 device, while
it is currently re-syncing the disks:
Personalities : [linear] [raid1] read_ahead 1024 sectors md0: active raid1
sda2[1] sdb2[0] 9940 blocks [2/2] [UU] resync=1% finish=12.3min algorithm 2
[3/3] [UUU] unused devices: <none>
2.19. /proc/meminfo
This is one of the more commonly used files in the /proc/ directory, as it reports a large
amount of valuable information about the systems RAM usage.
The following sample /proc/meminfo virtual file is from a system with 256 MB of RAM and 512
MB of swap space:
MemTotal: 255908 kB MemFree: 69936 kB Buffers: 15812 kB Cached: 115124 kB
SwapCached: 0 kB Active: 92700 kB Inactive: 63792 kB HighTotal: 0 kB
HighFree: 0 kB LowTotal: 255908 kB LowFree: 69936 kB SwapTotal: 524280 kB
SwapFree: 524280 kB Dirty: 4 kB Writeback: 0 kB Mapped: 42236 kB Slab: 25912
kB Committed_AS: 118680 kB PageTables: 1236 kB VmallocTotal: 3874808 kB
VmallocUsed: 1416 kB VmallocChunk: 3872908 kB HugePages_Total: 0
HugePages_Free: 0 Hugepagesize: 4096 kB
Much of the information here is used by the free, top, and ps commands. In fact, the output of
the free command is similar in appearance to the contents and structure of /proc/meminfo.
But by looking directly at /proc/meminfo, more details are revealed:
• MemTotal — Total amount of physical RAM, in kilobytes.
• MemFree — The amount of physical RAM, in kilobytes, left unused by the system.
• Buffers — The amount of physical RAM, in kilobytes, used for file buffers.
• Cached — The amount of physical RAM, in kilobytes, used as cache memory.
• SwapCached — The amount of swap, in kilobytes, used as cache memory.
• Active — The total amount of buffer or page cache memory, in kilobytes, that is in active
use. This is memory that has been recently used and is usually not reclaimed for other
purposes.
• Inactive — The total amount of buffer or page cache memory, in kilobytes, that are free and
available. This is memory that has not been recently used and can be reclaimed for other
purposes.
Chapter 5. The proc File System
58
Page 83
• HighTotal and HighFree — The total and free amount of memory, in kilobytes, that is not
directly mapped into kernel space. The HighTotal value can vary based on the type of kernel
used.
• LowTotal and LowFree — The total and free amount of memory, in kilobytes, that is directly
mapped into kernel space. The LowTotal value can vary based on the type of kernel used.
• SwapTotal — The total amount of swap available, in kilobytes.
• SwapFree — The total amount of swap free, in kilobytes.
• Dirty — The total amount of memory, in kilobytes, waiting to be written back to the disk.
• Writeback — The total amount of memory, in kilobytes, actively being written back to the
disk.
• Mapped — The total amount of memory, in kilobytes, which have been used to map devices,
files, or libraries using the mmap command.
• Slab — The total amount of memory, in kilobytes, used by the kernel to cache data structures
for its own use.
• Committed_AS — The total amount of memory, in kilobytes, estimated to complete the
workload. This value represents the worst case scenario value, and also includes swap
memory.
• PageTables — The total amount of memory, in kilobytes, dedicated to the lowest page table
level.
• VMallocTotal — The total amount of memory, in kilobytes, of total allocated virtual address
space.
• VMallocUsed — The total amount of memory, in kilobytes, of used virtual address space.
• VMallocChunk — The largest contiguous block of memory, in kilobytes, of available virtual
address space.
• HugePages_Total — The total number of hugepages for the system. The number is derived
by dividing Hugepagesize by the megabytes set aside for hugepages specified in
/proc/sys/vm/hugetlb_pool. This statistic only appears on the x86, Itanium, and AMD64
architectures.
• HugePages_Free — The total number of hugepages available for the system. This statistic
only appears on the x86, Itanium, and AMD64 architectures.
• Hugepagesize — The size for each hugepages unit in kilobytes. By default, the value is 4096
KB on uniprocessor kernels for 32 bit architectures. For SMP, hugemem kernels, and AMD64,
the default is 2048 KB. For Itanium architectures, the default is 262144 KB. This statistic only
appears on the x86, Itanium, and AMD64 architectures.
/proc/misc
59
Page 84
2.20. /proc/misc
This file lists miscellaneous drivers registered on the miscellaneous major device, which is
device number 10:
63 device-mapper 175 agpgart 135 rtc 134 apm_bios
The first column is the minor number of each device, while the second column shows the driver
in use.
2.21. /proc/modules
This file displays a list of all modules loaded into the kernel. Its contents vary based on the
configuration and use of your system, but it should be organized in a similar manner to this
sample /proc/modules file output:
Note
This example has been reformatted into a readable format. Most of this
information can also be viewed via the /sbin/lsmod command.
nfs 170109 0 - Live 0x129b0000 lockd 51593 1 nfs, Live 0x128b0000 nls_utf8
1729 0 - Live 0x12830000 vfat 12097 0 - Live 0x12823000 fat 38881 1 vfat,
Live 0x1287b000 autofs4 20293 2 - Live 0x1284f000 sunrpc 140453 3 nfs,lockd,
Live 0x12954000 3c59x 33257 0 - Live 0x12871000 uhci_hcd 28377 0 - Live
0x12869000 md5 3777 1 - Live 0x1282c000 ipv6 211845 16 - Live 0x128de000
ext3 92585 2 - Live 0x12886000 jbd 65625 1 ext3, Live 0x12857000 dm_mod
46677 3 - Live 0x12833000
The first column contains the name of the module.
The second column refers to the memory size of the module, in bytes.
The third column lists how many instances of the module are currently loaded. A value of zero
represents an unloaded module.
The fourth column states if the module depends upon another module to be present in order to
function, and lists those other modules.
The fifth column lists what load state the module is in: Live, Loading, or Unloading are the
only possible values.
The sixth column lists the current kernel memory offset for the loaded module. This information
can be useful for debugging purposes, or for profiling tools such as oprofile.
2.22. /proc/mounts
Chapter 5. The proc File System
60
Page 85
This file provides a list of all mounts in use by the system:
rootfs / rootfs rw 0 0 /proc /proc proc rw,nodiratime 0 0 none /dev ramfs
rw 0 0 /dev/mapper/VolGroup00-LogVol00 / ext3 rw 0 0 none /dev ramfs rw 0 0
/proc /proc proc rw,nodiratime 0 0 /sys /sys sysfs rw 0 0 none /dev/pts
devpts rw 0 0 usbdevfs /proc/bus/usb usbdevfs rw 0 0 /dev/hda1 /boot ext3 rw
0 0 none /dev/shm tmpfs rw 0 0 none /proc/sys/fs/binfmt_misc binfmt_misc rw
0 0 sunrpc /var/lib/nfs/rpc_pipefs rpc_pipefs rw 0 0
The output found here is similar to the contents of /etc/mtab, except that /proc/mount is more
up-to-date.
The first column specifies the device that is mounted, the second column reveals the mount
point, and the third column tells the file system type, and the fourth column tells you if it is
mounted read-only (ro) or read-write (rw). The fifth and sixth columns are dummy values
designed to match the format used in /etc/mtab.
2.23. /proc/mtrr
This file refers to the current Memory Type Range Registers (MTRRs) in use with the system. If
the system architecture supports MTRRs, then the /proc/mtrr file may look similar to the
following:
reg00: base=0x00000000 ( 0MB), size= 256MB: write-back, count=1 reg01:
base=0xe8000000 (3712MB), size= 32MB: write-combining, count=1
MTRRs are used with the Intel P6 family of processors (Pentium II and higher) and control
processor access to memory ranges. When using a video card on a PCI or AGP bus, a properly
configured /proc/mtrr file can increase performance more than 150%.
Most of the time, this value is properly configured by default. More information on manually
configuring this file can be found locally at the following location:
/usr/share/doc/kernel-doc-<version>/Documentation/mtrr.txt
2.24. /proc/partitions
This file contains partition block allocation information. A sampling of this file from a basic
system looks similar to the following:
major minor #blocks name 3 0 19531250 hda 3 1 104391 hda1 3 2 19422585 hda2
253 0 22708224 dm-0 253 1 524288 dm-1
Most of the information here is of little importance to the user, except for the following columns:
/proc/mtrr
61
Page 86
• major — The major number of the device with this partition. The major number in the
/proc/partitions, (3), corresponds with the block device ide0, in /proc/devices.
• minor — The minor number of the device with this partition. This serves to separate the
partitions into different physical devices and relates to the number at the end of the name of
the partition.
• #blocks — Lists the number of physical disk blocks contained in a particular partition.
• name — The name of the partition.
2.25. /proc/pci
This file contains a full listing of every PCI device on the system. Depending on the number of
PCI devices, /proc/pci can be rather long. A sampling of this file from a basic system looks
similar to the following:
Bus 0, device 0, function 0: Host bridge: Intel Corporation 440BX/ZX 82443BX/ZX Host bridge (rev 3). Master Capable. Latency=64. Prefetchable 32
bit memory at 0xe4000000 [0xe7ffffff]. Bus 0, device 1, function 0: PCI
bridge: Intel Corporation 440BX/ZX - 82443BX/ZX AGP bridge (rev 3). Master
Capable. Latency=64. Min Gnt=128. Bus 0, device 4, function 0: ISA bridge:
Intel Corporation 82371AB PIIX4 ISA (rev 2). Bus 0, device 4, function 1:
IDE interface: Intel Corporation 82371AB PIIX4 IDE (rev 1). Master Capable.
Latency=32. I/O at 0xd800 [0xd80f]. Bus 0, device 4, function 2: USB
Controller: Intel Corporation 82371AB PIIX4 USB (rev 1). IRQ 5. Master
Capable. Latency=32. I/O at 0xd400 [0xd41f]. Bus 0, device 4, function 3:
Bridge: Intel Corporation 82371AB PIIX4 ACPI (rev 2). IRQ 9. Bus 0, device
9, function 0: Ethernet controller: Lite-On Communications Inc LNE100TX (rev
33). IRQ 5. Master Capable. Latency=32. I/O at 0xd000 [0xd0ff].
Non-prefetchable 32 bit memory at 0xe3000000 [0xe30000ff]. Bus 0, device 12,
function 0: VGA compatible controller: S3 Inc. ViRGE/DX or /GX (rev 1). IRQ
11. Master Capable. Latency=32. Min Gnt=4.Max Lat=255. Non-prefetchable 32
bit memory at 0xdc000000 [0xdfffffff].
This output shows a list of all PCI devices, sorted in the order of bus, device, and function.
Beyond providing the name and version of the device, this list also gives detailed IRQ
information so an administrator can quickly look for conflicts.
Tip
To get a more readable version of this information, type:
/sbin/lspci -vb
2.26. /proc/slabinfo
Chapter 5. The proc File System
62
Page 87
This file gives full information about memory usage on the slab level. Linux kernels greater than
version 2.2 use slab pools to manage memory above the page level. Commonly used objects
have their own slab pools.
Instead of parsing the highly verbose /proc/slabinfo file manually, the /usr/bin/slabtop
program displays kernel slab cache information in real time. This program allows for custom
configurations, including column sorting and screen refreshing.
A sample screen shot of /usr/bin/slabtop usually looks like the following example:
Active / Total Objects (% used) : 133629 / 147300 (90.7%) Active / Total
Slabs (% used) : 11492 / 11493 (100.0%) Active / Total Caches (% used) : 77
/ 121 (63.6%) Active / Total Size (% used) : 41739.83K / 44081.89K (94.7%)
Minimum / Average / Maximum Object : 0.01K / 0.30K / 128.00K OBJS ACTIVE USE
OBJ SIZE SLABS OBJ/SLAB CACHE SIZE NAME 44814 43159 96% 0.62K 7469 6 29876K
ext3_inode_cache 36900 34614 93% 0.05K 492 75 1968K buffer_head 35213 33124
94% 0.16K 1531 23 6124K dentry_cache 7364 6463 87% 0.27K 526 14 2104K
radix_tree_node 2585 1781 68% 0.08K 55 47 220K vm_area_struct 2263 2116 93%
0.12K 73 31 292K size-128 1904 1125 59% 0.03K 16 119 64K size-32 1666 768
46% 0.03K 14 119 56K anon_vma 1512 1482 98% 0.44K 168 9 672K inode_cache
1464 1040 71% 0.06K 24 61 96K size-64 1320 820 62% 0.19K 66 20 264K filp 678
587 86% 0.02K 3 226 12K dm_io 678 587 86% 0.02K 3 226 12K dm_tio 576 574 99%
0.47K 72 8 288K proc_inode_cache 528 514 97% 0.50K 66 8 264K size-512 492
372 75% 0.09K 12 41 48K bio 465 314 67% 0.25K 31 15 124K size-256 452 331
73% 0.02K 2 226 8K biovec-1 420 420 100% 0.19K 21 20 84K skbuff_head_cache
305 256 83% 0.06K 5 61 20K biovec-4 290 4 1% 0.01K 1 290 4K revoke_table 264
264 100% 4.00K 264 1 1056K size-4096 260 256 98% 0.19K 13 20 52K biovec-16
260 256 98% 0.75K 52 5 208K biovec-64
Some of the more commonly used statistics in /proc/slabinfo that are included into
/usr/bin/slabtop include:
• OBJS — The total number of objects (memory blocks), including those in use (allocated), and
some spares not in use.
• ACTIVE — The number of objects (memory blocks) that are in use (allocated).
• USE — Percentage of total objects that are active. ((ACTIVE/OBJS)(100))
• OBJ SIZE — The size of the objects.
• SLABS — The total number of slabs.
• OBJ/SLAB — The number of objects that fit into a slab.
• CACHE SIZE — The cache size of the slab.
• NAME — The name of the slab.
For more information on the /usr/bin/slabtop program, refer to the slabtop man page.
/proc/stat
63
Page 88
2.27. /proc/stat
This file keeps track of a variety of different statistics about the system since it was last
restarted. The contents of /proc/stat, which can be quite long, usually begins like the
following example:
cpu 259246 7001 60190 34250993 137517 772 0 cpu0 259246 7001 60190 34250993
137517 772 0 intr 354133732 347209999 2272 0 4 4 0 0 3 1 1249247 0 0 80143 0
422626 5169433 ctxt 12547729 btime 1093631447 processes 130523 procs_running
1 procs_blocked 0 preempt 5651840 cpu 209841 1554 21720 118519346 72939 154
27168 cpu0 42536 798 4841 14790880 14778 124 3117 cpu1 24184 569 3875
14794524 30209 29 3130 cpu2 28616 11 2182 14818198 4020 1 3493 cpu3 35350 6
2942 14811519 3045 0 3659 cpu4 18209 135 2263 14820076 12465 0 3373 cpu5
20795 35 1866 14825701 4508 0 3615 cpu6 21607 0 2201 14827053 2325 0 3334
cpu7 18544 0 1550 14831395 1589 0 3447 intr 15239682 14857833 6 0 6 6 0 5 0
1 0 0 0 29 0 2 0 0 0 0 0 0 0 94982 0 286812 ctxt 4209609 btime 1078711415
processes 21905 procs_running 1 procs_blocked 0
Some of the more commonly used statistics include:
• cpu — Measures the number of jiffies (1/100 of a second for x86 systems) that the system
has been in user mode, user mode with low priority (nice), system mode, idle task, I/O wait,
IRQ (hardirq), and softirq respectively. The IRQ (hardirq) is the direct response to a hardware
event. The IRQ takes minimal work for queuing the "heavy" work up for the softirq to execute.
The softirq runs at a lower priority than the IRQ and therefore may be interrupted more
frequently. The total for all CPUs is given at the top, while each individual CPU is listed below
with its own statistics. The following example is a 4-way Intel Pentium Xeon configuration with
multi-threading enabled, therefore showing four physical processors and four virtual
processors totaling eight processors.
• page — The number of memory pages the system has written in and out to disk.
• swap — The number of swap pages the system has brought in and out.
• intr — The number of interrupts the system has experienced.
• btime — The boot time, measured in the number of seconds since January 1, 1970,
otherwise known as the epoch.
2.28. /proc/swaps
This file measures swap space and its utilization. For a system with only one swap partition, the
output of /proc/swap may look similar to the following:
Filename Type Size Used Priority /dev/mapper/VolGroup00-LogVol01 partition
524280 0 -1
While some of this information can be found in other files in the /proc/ directory, /proc/swap
Chapter 5. The proc File System
64
Page 89
provides a snapshot of every swap file name, the type of swap space, the total size, and the
amount of space in use (in kilobytes). The priority column is useful when multiple swap files are
in use. The lower the priority, the more likely the swap file is to be used.
2.29. /proc/sysrq-trigger
Using the echo command to write to this file, a remote root user can execute most System
Request Key commands remotely as if at the local terminal. To echo values to this file, the
/proc/sys/kernel/sysrq must be set to a value other than 0. For more information about the
System Request Key, refer to Section 3.9.3, “/proc/sys/kernel/”.
Although it is possible to write to this file, it cannot be read, even by the root user.
2.30. /proc/uptime
This file contains information detailing how long the system has been on since its last restart.
The output of /proc/uptime is quite minimal:
350735.47 234388.90
The first number is the total number of seconds the system has been up. The second number is
how much of that time the machine has spent idle, in seconds.
2.31. /proc/version
This file specifies the version of the Linux kernel and gcc in use, as well as the version of Red
Hat Enterprise Linux installed on the system:
Linux version 2.6.8-1.523 (user@foo.redhat.com) (gcc version 3.4.1 20040714
\ (Red Hat Enterprise Linux 3.4.1-7)) #1 Mon Aug 16 13:27:03 EDT 2004
This information is used for a variety of purposes, including the version data presented when a
user logs in.
3. Directories within /proc/
Common groups of information concerning the kernel are grouped into directories and
subdirectories within the /proc/ directory.
3.1. Process Directories
Every /proc/ directory contains a number of directories with numerical names. A listing of them
may be similar to the following:
dr-xr-xr-x 3 root root 0 Feb 13 01:28 1 dr-xr-xr-x 3 root root 0 Feb 13
01:28 1010 dr-xr-xr-x 3 xfs xfs 0 Feb 13 01:28 1087 dr-xr-xr-x 3 daemon
daemon 0 Feb 13 01:28 1123 dr-xr-xr-x 3 root root 0 Feb 13 01:28 11307
dr-xr-xr-x 3 apache apache 0 Feb 13 01:28 13660 dr-xr-xr-x 3 rpc rpc 0 Feb
/proc/sysrq-trigger
65
Page 90
13 01:28 637 dr-xr-xr-x 3 rpcuser rpcuser 0 Feb 13 01:28 666
These directories are called process directories, as they are named after a program's process
ID and contain information specific to that process. The owner and group of each process
directory is set to the user running the process. When the process is terminated, its /proc/
process directory vanishes.
Each process directory contains the following files:
• cmdline — Contains the command issued when starting the process.
• cwd — A symbolic link to the current working directory for the process.
• environ — A list of the environment variables for the process. The environment variable is
given in all upper-case characters, and the value is in lower-case characters.
• exe — A symbolic link to the executable of this process.
• fd — A directory containing all of the file descriptors for a particular process. These are given
in numbered links:
total 0 lrwx------ 1 root root 64 May 8 11:31 0 -> /dev/null lrwx------ 1
root root 64 May 8 11:31 1 -> /dev/null lrwx------ 1 root root 64 May 8
11:31 2 -> /dev/null lrwx------ 1 root root 64 May 8 11:31 3 -> /dev/ptmx
lrwx------ 1 root root 64 May 8 11:31 4 -> socket:[7774817] lrwx------ 1
root root 64 May 8 11:31 5 -> /dev/ptmx lrwx------ 1 root root 64 May 8
11:31 6 -> socket:[7774829] lrwx------ 1 root root 64 May 8 11:31 7 ->
/dev/ptmx
• maps — A list of memory maps to the various executables and library files associated with this
process. This file can be rather long, depending upon the complexity of the process, but
sample output from the sshd process begins like the following:
08048000-08086000 r-xp 00000000 03:03 391479 /usr/sbin/sshd
08086000-08088000 rw-p 0003e000 03:03 391479 /usr/sbin/sshd
08088000-08095000 rwxp 00000000 00:00 0 40000000-40013000 r-xp 00000000
03:03 293205 /lib/ld-2.2.5.so 40013000-40014000 rw-p 00013000 03:03 293205
/lib/ld-2.2.5.so 40031000-40038000 r-xp 00000000 03:03 293282
/lib/libpam.so.0.75 40038000-40039000 rw-p 00006000 03:03 293282
/lib/libpam.so.0.75 40039000-4003a000 rw-p 00000000 00:00 0
4003a000-4003c000 r-xp 00000000 03:03 293218 /lib/libdl-2.2.5.so
4003c000-4003d000 rw-p 00001000 03:03 293218 /lib/libdl-2.2.5.so
• mem — The memory held by the process. This file cannot be read by the user.
• root — A link to the root directory of the process.
Chapter 5. The proc File System
66
Page 91
• stat — The status of the process.
• statm — The status of the memory in use by the process. Below is a sample /proc/statm
file:
263 210 210 5 0 205 0
The seven columns relate to different memory statistics for the process. From left to right,
they report the following aspects of the memory used:
1. Total program size, in kilobytes.
2. Size of memory portions, in kilobytes.
3. Number of pages that are shared.
4. Number of pages that are code.
5. Number of pages of data/stack.
6. Number of library pages.
7. Number of dirty pages.
• status — The status of the process in a more readable form than stat or statm. Sample
output for sshd looks similar to the following:
Name: sshd State: S (sleeping) Tgid: 797 Pid: 797 PPid: 1 TracerPid: 0 Uid:
0 0 0 0 Gid: 0 0 0 0 FDSize: 32 Groups: VmSize: 3072 kB VmLck: 0 kB VmRSS:
840 kB VmData: 104 kB VmStk: 12 kB VmExe: 300 kB VmLib: 2528 kB SigPnd:
0000000000000000 SigBlk: 0000000000000000 SigIgn: 8000000000001000 SigCgt:
0000000000014005 CapInh: 0000000000000000 CapPrm: 00000000fffffeff CapEff:
00000000fffffeff
The information in this output includes the process name and ID, the state (such as S
(sleeping) or R (running)), user/group ID running the process, and detailed data
regarding memory usage.
3.1.1. /proc/self/
The /proc/self/ directory is a link to the currently running process. This allows a process to
look at itself without having to know its process ID.
Within a shell environment, a listing of the /proc/self/ directory produces the same contents
as listing the process directory for that process.
3.2. /proc/bus/
This directory contains information specific to the various buses available on the system. For
/proc/bus/
67
Page 92
example, on a standard system containing PCI and USB buses, current data on each of these
buses is available within a subdirectory within /proc/bus/ by the same name, such as
/proc/bus/pci/.
The subdirectories and files available within /proc/bus/ vary depending on the devices
connected to the system. However, each bus type has at least one directory. Within these bus
directories are normally at least one subdirectory with a numerical name, such as 001, which
contain binary files.
For example, the /proc/bus/usb/ subdirectory contains files that track the various devices on
any USB buses, as well as the drivers required for them. The following is a sample listing of a
/proc/bus/usb/ directory:
total 0 dr-xr-xr-x 1 root root 0 May 3 16:25 001 -r--r--r-- 1 root root 0
May 3 16:25 devices -r--r--r-- 1 root root 0 May 3 16:25 drivers
The /proc/bus/usb/001/ directory contains all devices on the first USB bus and the devices
file identifies the USB root hub on the motherboard.
The following is a example of a /proc/bus/usb/devices file:
T: Bus=01 Lev=00 Prnt=00 Port=00 Cnt=00 Dev#= 1 Spd=12 MxCh= 2 B: Alloc=
0/900 us ( 0%), #Int= 0, #Iso= 0 D: Ver= 1.00 Cls=09(hub ) Sub=00 Prot=00
MxPS= 8 #Cfgs= 1 P: Vendor=0000 ProdID=0000 Rev= 0.00 S: Product=USB UHCI
Root Hub S: SerialNumber=d400 C:* #Ifs= 1 Cfg#= 1 Atr=40 MxPwr= 0mA I: If#=
0 Alt= 0 #EPs= 1 Cls=09(hub ) Sub=00 Prot=00 Driver=hub E: Ad=81(I)
Atr=03(Int.) MxPS= 8 Ivl=255ms
3.3. /proc/driver/
This directory contains information for specific drivers in use by the kernel.
A common file found here is rtc which provides output from the driver for the system's Real
Time Clock (RTC), the device that keeps the time while the system is switched off. Sample
output from /proc/driver/rtc looks like the following:
rtc_time : 16:21:00 rtc_date : 2004-08-31 rtc_epoch : 1900 alarm : 21:16:27
DST_enable : no BCD : yes 24hr : yes square_wave : no alarm_IRQ : no
update_IRQ : no periodic_IRQ : no periodic_freq : 1024 batt_status : okay
For more information about the RTC, refer to the following installed documentation:
/usr/share/doc/kernel-doc-<version>/Documentation/rtc.txt.
3.4. /proc/fs
This directory shows which file systems are exported. If running an NFS server, typing cat
Chapter 5. The proc File System
68
Page 93
/proc/fs/nfsd/exports displays the file systems being shared and the permissions granted
for those file systems. For more on file system sharing with NFS, refer to Chapter 9, Network
File System (NFS).
3.5. /proc/ide/
This directory contains information about IDE devices on the system. Each IDE channel is
represented as a separate directory, such as /proc/ide/ide0 and /proc/ide/ide1. In
addition, a drivers file is available, providing the version number of the various drivers used on
the IDE channels:
ide-floppy version 0.99.newide ide-cdrom version 4.61 ide-disk version 1.18
Many chipsets also provide a file in this directory with additional data concerning the drives
connected through the channels. For example, a generic Intel PIIX4 Ultra 33 chipset produces
the /proc/ide/piix file which reveals whether DMA or UDMA is enabled for the devices on the
IDE channels:
Intel PIIX4 Ultra 33 Chipset. ------------- Primary Channel
---------------- Secondary Channel ------------- enabled enabled
------------- drive0 --------- drive1 -------- drive0 ---------- drive1
------ DMA enabled: yes no yes no UDMA enabled: yes no no no UDMA enabled: 2
X X X UDMA DMA PIO
Navigating into the directory for an IDE channel, such as ide0, provides additional information.
The channel file provides the channel number, while the model identifies the bus type for the
channel (such as pci).
3.5.1. Device Directories
Within each IDE channel directory is a device directory. The name of the device directory
corresponds to the drive letter in the /dev/ directory. For instance, the first IDE drive on ide0
would be hda.
Note
There is a symbolic link to each of these device directories in the /proc/ide/
directory.
Each device directory contains a collection of information and statistics. The contents of these
directories vary according to the type of device connected. Some of the more useful files
common to many devices include:
• cache — The device cache.
/proc/ide/
69
Page 94
• capacity — The capacity of the device, in 512 byte blocks.
• driver — The driver and version used to control the device.
• geometry — The physical and logical geometry of the device.
• media — The type of device, such as a disk.
• model — The model name or number of the device.
• settings — A collection of current device parameters. This file usually contains quite a bit of
useful, technical information. A sample settings file for a standard IDE hard disk looks
similar to the following:
name value min max mode ---- ----- --- --- ---- acoustic 0 0 254 rw address
0 0 2 rw bios_cyl 38752 0 65535 rw bios_head 16 0 255 rw bios_sect 63 0 63
rw bswap 0 0 1 r current_speed 68 0 70 rw failures 0 0 65535 rw init_speed
68 0 70 rw io_32bit 0 0 3 rw keepsettings 0 0 1 rw lun 0 0 7 rw max_failures
1 0 65535 rw multcount 16 0 16 rw nice1 1 0 1 rw nowerr 0 0 1 rw number 0 0
3 rw pio_mode write-only 0 255 w unmaskirq 0 0 1 rw using_dma 1 0 1 rw
wcache 1 0 1 rw
3.6. /proc/irq/
This directory is used to set IRQ to CPU affinity, which allows the system to connect a particular
IRQ to only one CPU. Alternatively, it can exclude a CPU from handling any IRQs.
Each IRQ has its own directory, allowing for the individual configuration of each IRQ. The
/proc/irq/prof_cpu_mask file is a bitmask that contains the default values for the
smp_affinity file in the IRQ directory. The values in smp_affinity specify which CPUs
handle that particular IRQ.
For more information about the /proc/irq/ directory, refer to the following installed
documentation:
/usr/share/doc/kernel-doc-<version>/Documentation/filesystems/proc.txt
3.7. /proc/net/
This directory provides a comprehensive look at various networking parameters and statistics.
Each directory and virtual file within this directory describes aspects of the system's network
configuration. Below is a partial list of the /proc/net/ directory:
• arp — Lists the kernel's ARP table. This file is particularly useful for connecting a hardware
address to an IP address on a system.
• atm/ directory — The files within this directory contain Asynchronous Transfer Mode (ATM)
Chapter 5. The proc File System
70
Page 95
settings and statistics. This directory is primarily used with ATM networking and ADSL cards.
• dev — Lists the various network devices configured on the system, complete with transmit
and receive statistics. This file displays the number of bytes each interface has sent and
received, the number of packets inbound and outbound, the number of errors seen, the
number of packets dropped, and more.
• dev_mcast — Lists Layer2 multicast groups on which each device is listening.
• igmp — Lists the IP multicast addresses which this system joined.
• ip_conntrack — Lists tracked network connections for machines that are forwarding IP
connections.
• ip_tables_names — Lists the types of iptables in use. This file is only present if iptables
is active on the system and contains one or more of the following values: filter, mangle, or
nat.
• ip_mr_cache — Lists the multicast routing cache.
• ip_mr_vif — Lists multicast virtual interfaces.
• netstat — Contains a broad yet detailed collection of networking statistics, including TCP
timeouts, SYN cookies sent and received, and much more.
• psched — Lists global packet scheduler parameters.
• raw — Lists raw device statistics.
• route — Lists the kernel's routing table.
• rt_cache — Contains the current routing cache.
• snmp — List of Simple Network Management Protocol (SNMP) data for various networking
protocols in use.
• sockstat — Provides socket statistics.
• tcp — Contains detailed TCP socket information.
• tr_rif — Lists the token ring RIF routing table.
• udp — Contains detailed UDP socket information.
• unix — Lists UNIX domain sockets currently in use.
• wireless — Lists wireless interface data.
3.8. /proc/scsi/
This directory is analogous to the /proc/ide/ directory, but it is for connected SCSI devices.
/proc/scsi/
71
Page 96
The primary file in this directory is /proc/scsi/scsi, which contains a list of every recognized
SCSI device. From this listing, the type of device, as well as the model name, vendor, SCSI
channel and ID data is available.
For example, if a system contains a SCSI CD-ROM, a tape drive, a hard drive, and a RAID
controller, this file looks similar to the following:
Attached devices: Host: scsi1 Channel: 00 Id: 05 Lun: 00 Vendor: NEC Model:
CD-ROM DRIVE:466 Rev: 1.06 Type: CD-ROM ANSI SCSI revision: 02 Host: scsi1
Channel: 00 Id: 06 Lun: 00 Vendor: ARCHIVE Model: Python 04106-XXX Rev: 7350
Type: Sequential-Access ANSI SCSI revision: 02 Host: scsi2 Channel: 00 Id:
06 Lun: 00 Vendor: DELL Model: 1x6 U2W SCSI BP Rev: 5.35 Type: Processor
ANSI SCSI revision: 02 Host: scsi2 Channel: 02 Id: 00 Lun: 00 Vendor:
MegaRAID Model: LD0 RAID5 34556R Rev: 1.01 Type: Direct-Access ANSI SCSI
revision: 02
Each SCSI driver used by the system has its own directory within /proc/scsi/, which contains
files specific to each SCSI controller using that driver. From the previous example, aic7xxx/
and megaraid/ directories are present, since two drivers are in use. The files in each of the
directories typically contain an I/O address range, IRQ information, and statistics for the SCSI
controller using that driver. Each controller can report a different type and amount of
information. The Adaptec AIC-7880 Ultra SCSI host adapter's file in this example system
produces the following output:
Adaptec AIC7xxx driver version: 5.1.20/3.2.4 Compile Options: TCQ Enabled
By Default : Disabled AIC7XXX_PROC_STATS : Enabled AIC7XXX_RESET_DELAY : 5
Adapter Configuration: SCSI Adapter: Adaptec AIC-7880 Ultra SCSI host
adapter Ultra Narrow Controller PCI MMAPed I/O Base: 0xfcffe000 Adapter
SEEPROM Config: SEEPROM found and used. Adaptec SCSI BIOS: Enabled IRQ: 30
SCBs: Active 0, Max Active 1, Allocated 15, HW 16, Page 255 Interrupts:
33726 BIOS Control Word: 0x18a6 Adapter Control Word: 0x1c5f Extended
Translation: Enabled Disconnect Enable Flags: 0x00ff Ultra Enable Flags:
0x0020 Tag Queue Enable Flags: 0x0000 Ordered Queue Tag Flags: 0x0000
Default Tag Queue Depth: 8 Tagged Queue By Device array for aic7xxx host
instance 1:
{255,255,255,255,255,255,255,255,255,255,255,255,255,255,255,255} Actual
queue depth per device for aic7xxx host instance 1:
{1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1} Statistics: (scsi1:0:5:0) Device using
Narrow/Sync transfers at 20.0 MByte/sec, offset 15 Transinfo settings:
current(12/15/0/0), goal(12/15/0/0), user(12/15/0/0) Total transfers 0 (0
reads and 0 writes) < 2K 2K+ 4K+ 8K+ 16K+ 32K+ 64K+ 128K+ Reads: 0 0 0 0 0 0
0 0 Writes: 0 0 0 0 0 0 0 0 (scsi1:0:6:0) Device using Narrow/Sync transfers
at 10.0 MByte/sec, offset 15 Transinfo settings: current(25/15/0/0),
goal(12/15/0/0), user(12/15/0/0) Total transfers 132 (0 reads and 132
writes) < 2K 2K+ 4K+ 8K+ 16K+ 32K+ 64K+ 128K+ Reads: 0 0 0 0 0 0 0 0 Writes:
0 0 0 1 131 0 0 0
This output reveals the transfer speed to the SCSI devices connected to the controller based on
channel ID, as well as detailed statistics concerning the amount and sizes of files read or written
by that device. For example, this controller is communicating with the CD-ROM at 20
Chapter 5. The proc File System
72
Page 97
megabytes per second, while the tape drive is only communicating at 10 megabytes per
second.
3.9. /proc/sys/
The /proc/sys/ directory is different from others in /proc/ because it not only provides
information about the system but also allows the system administrator to immediately enable
and disable kernel features.
Caution
Use caution when changing settings on a production system using the various
files in the /proc/sys/ directory. Changing the wrong setting may render the
kernel unstable, requiring a system reboot.
For this reason, be sure the options are valid for that file before attempting to
change any value in /proc/sys/.
A good way to determine if a particular file can be configured, or if it is only designed to provide
information, is to list it with the -l option at the shell prompt. If the file is writable, it may be used
to configure the kernel. For example, a partial listing of /proc/sys/fs looks like the following:
-r--r--r-- 1 root root 0 May 10 16:14 dentry-state -rw-r--r-- 1 root root 0
May 10 16:14 dir-notify-enable -r--r--r-- 1 root root 0 May 10 16:14
dquot-nr -rw-r--r-- 1 root root 0 May 10 16:14 file-max -r--r--r-- 1 root
root 0 May 10 16:14 file-nr
In this listing, the files dir-notify-enable and file-max can be written to and, therefore, can
be used to configure the kernel. The other files only provide feedback on current settings.
Changing a value within a /proc/sys/ file is done by echoing the new value into the file. For
example, to enable the System Request Key on a running kernel, type the command:
echo 1 > /proc/sys/kernel/sysrq
This changes the value for sysrq from 0 (off) to 1 (on).
A few /proc/sys/ configuration files contain more than one value. To correctly send new
values to them, place a space character between each value passed with the echo command,
such as is done in this example:
echo 4 2 45 > /proc/sys/kernel/acct
/proc/sys/
73
Page 98
Note
Any configuration changes made using the echo command disappear when the
system is restarted. To make configuration changes take effect after the system
is rebooted, refer to Section 4, “Using the sysctl Command”.
The /proc/sys/ directory contains several subdirectories controlling different aspects of a
running kernel.
3.9.1. /proc/sys/dev/
This directory provides parameters for particular devices on the system. Most systems have at
least two directories, cdrom/ and raid/. Customized kernels can have other directories, such
as parport/, which provides the ability to share one parallel port between multiple device
drivers.
The cdrom/ directory contains a file called info, which reveals a number of important CD-ROM
parameters:
CD-ROM information, Id: cdrom.c 3.20 2003/12/17
drive name: hdc
drive speed: 48
drive # of slots: 1
Can close tray: 1
Can open tray: 1
Can lock tray: 1
Can change speed: 1
Can select disk: 0
Can read multisession: 1
Can read MCN: 1
Reports media changed: 1
Can play audio: 1
Can write CD-R: 0
Can write CD-RW: 0
Can read DVD: 0
Can write DVD-R: 0
Can write DVD-RAM: 0
Can read MRW: 0
Can write MRW: 0
Can write RAM: 0
This file can be quickly scanned to discover the qualities of an unknown CD-ROM. If multiple
CD-ROMs are available on a system, each device is given its own column of information.
Various files in /proc/sys/dev/cdrom, such as autoclose and checkmedia, can be used to
control the system's CD-ROM. Use the echo command to enable or disable these features.
Chapter 5. The proc File System
74
Page 99
If RAID support is compiled into the kernel, a /proc/sys/dev/raid/ directory becomes
available with at least two files in it: speed_limit_min and speed_limit_max. These settings
determine the acceleration of RAID devices for I/O intensive tasks, such as resyncing the disks.
3.9.2. /proc/sys/fs/
This directory contains an array of options and information concerning various aspects of the file
system, including quota, file handle, inode, and dentry information.
The binfmt_misc/ directory is used to provide kernel support for miscellaneous binary formats.
The important files in /proc/sys/fs/ include:
• dentry-state — Provides the status of the directory cache. The file looks similar to the
following:
57411 52939 45 0 0 0
The first number reveals the total number of directory cache entries, while the second number
displays the number of unused entries. The third number tells the number of seconds
between when a directory has been freed and when it can be reclaimed, and the fourth
measures the pages currently requested by the system. The last two numbers are not used
and display only zeros.
• dquot-nr — Lists the maximum number of cached disk quota entries.
• file-max — Lists the maximum number of file handles that the kernel allocates. Raising the
value in this file can resolve errors caused by a lack of available file handles.
• file-nr — Lists the number of allocated file handles, used file handles, and the maximum
number of file handles.
• overflowgid and overflowuid — Defines the fixed group ID and user ID, respectively, for
use with file systems that only support 16-bit group and user IDs.
• super-max — Controls the maximum number of superblocks available.
• super-nr — Displays the current number of superblocks in use.
3.9.3. /proc/sys/kernel/
This directory contains a variety of different configuration files that directly affect the operation of
the kernel. Some of the most important files include:
• acct — Controls the suspension of process accounting based on the percentage of free
/proc/sys/
75
Page 100
space available on the file system containing the log. By default, the file looks like the
following:
4 2 30
The first value dictates the percentage of free space required for logging to resume, while the
second value sets the threshold percentage of free space when logging is suspended. The
third value sets the interval, in seconds, that the kernel polls the file system to see if logging
should be suspended or resumed.
• cap-bound — Controls the capability bounding settings, which provides a list of capabilities
for any process on the system. If a capability is not listed here, then no process, no matter
how privileged, can do it. The idea is to make the system more secure by ensuring that
certain things cannot happen, at least beyond a certain point in the boot process.
For a valid list of values for this virtual file, refer to the following installed documentation:
/lib/modules/<kernel-version>/build/include/linux/capability.h.
• ctrl-alt-del — Controls whether Ctrl-Alt-Delete gracefully restarts the computer using
init (0) or forces an immediate reboot without syncing the dirty buffers to disk (1).
• domainname — Configures the system domain name, such as example.com.
• exec-shield — Configures the Exec Shield feature of the kernel. Exec Shield provides
protection against certain types of buffer overflow attacks.
There are two possible values for this virtual file:
• 0 — Disables Exec Shield.
• 1 — Enables Exec Shield. This is the default value.
Important
If a system is running security-sensitive applications that were started while Exec
Shield was disabled, these applications must be restarted when Exec Shield is
enabled in order for Exec Shield to take effect.
• exec-shield-randomize — Enables location randomization of various items in memory. This
helps deter potential attackers from locating programs and daemons in memory. Each time a
program or daemon starts, it is put into a different memory location each time, never in a
static or absolute memory address.
There are two possible values for this virtual file:
Chapter 5. The proc File System
76
Loading...