Book : How Linux Works, 2nd Edition

# Book : How Linux Works, 2nd Edition Reference \: > * How Linux Works, 2nd Edition: What Every Superuser Should Know Second Edition https://www.amazon.com/How-Linux-Works-2nd-Superuser/dp/1593275676 *In this post, I will only include things that is new to me consider that I work with Linux for quite some time.* # Chapter \#1 \& 2 \: Basic :::success :bulb: **Difference Between CTRL-D and CTRL-C** **CTRL-D** \: End current shell input and terminate a program. $a command$ **CTRL-C** \: End current shell program. $The shell will be closed$ ::: # Chapter \#3 \: Linux Device Management ## Device Tree ```bash ls /dev -al ... crw------- 89,0 root 10 Jul 00:39 i2c-0 ... brw-rw---- 7,0 root 10 Jul 00:39 loop0 ... ``` The first character shows the type of the device it represent. * `b` is block device * `c` is character device * `p` is pipe * `s` is socket \: Mostly not in `/dev`. socket file means `Unix` socket ## `dd` Command This command can be used to copy disk to make a backup or duplication. I used to see it on the duplication of redundant SSDs in a rad-hard system. ```bash dd if=/dev/zero of=new_file bs=1024 count=1 if=file # input file of=file # output file bs=size # data block size for both input file and output file ibs=size obs=size count=num # the number of the data block. especially when copy from /dev/zero that can loop forever ``` :::success :bulb: **Instruction Format** `dd` command is not like other Unix commands. It use IBM Job Control Language style, which use `=` not `-` for parameters. ::: :::info :information_source: **SCSI** * Wiki https://zh.wikipedia.org/zh-tw/%E5%B0%8F%E5%9E%8B%E8%AE%A1%E7%AE%97%E6%9C%BA%E7%B3%BB%E7%BB%9F%E6%8E%A5%E5%8F%A3 * SCSI 硬碟不死！廠商推出完全相容的SSD固態硬碟：免改裝、耗電量更少讀取還更快 https://www.techbang.com/posts/113122-help-your-home-upgrade-your-old-scsi-hard-drive-to-ssd-solid ::: # Chapter \#4 \: Linux Disks \& File Systems ![image](https://hackmd.io/_uploads/rJsJoh2wex.png) ``` $ lsblk -a NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT loop0 7:0 0 16M 1 loop loop1 7:1 0 0 loop loop2 7:2 0 0 loop loop3 7:3 0 0 loop loop4 7:4 0 0 loop loop5 7:5 0 0 loop loop6 7:6 0 0 loop loop7 7:7 0 0 loop sda 8:0 0 1.8T 0 disk └─sda1 8:1 0 1.8T 0 part /mnt/data mtdblock0 31:0 0 4M 0 disk mmcblk0 179:0 0 58.9G 0 disk ├─mmcblk0p1 179:1 0 58.9G 0 part / ├─mmcblk0p2 179:2 0 128K 0 part ├─mmcblk0p3 179:3 0 448K 0 part ├─mmcblk0p4 179:4 0 576K 0 part ├─mmcblk0p5 179:5 0 64K 0 part ├─mmcblk0p6 179:6 0 192K 0 part ├─mmcblk0p7 179:7 0 384K 0 part ├─mmcblk0p8 179:8 0 64K 0 part ├─mmcblk0p9 179:9 0 448K 0 part ├─mmcblk0p10 179:10 0 448K 0 part ├─mmcblk0p11 179:11 0 768K 0 part ├─mmcblk0p12 179:12 0 64K 0 part ├─mmcblk0p13 179:13 0 192K 0 part └─mmcblk0p14 179:14 0 128K 0 part zram0 252:0 0 247.5M 0 disk [SWAP] zram1 252:1 0 247.5M 0 disk [SWAP] zram2 252:2 0 247.5M 0 disk [SWAP] zram3 252:3 0 247.5M 0 disk [SWAP] ``` :::info :bulb: **磁碟分割MBR、GPT是什麼？** https://www.linwei.com.tw/forum-detail/76/ ::: * `parted` can be used to check disk partitions. Notice that the program should be invoke with super user permition. ## Output From EPYC Server ```clike sudo parted -l Model: ATA TEAM T2532TB (scsi) Disk /dev/sda: 2048GB Sector size (logical/physical): 512B/512B Partition Table: loop Disk Flags: Number Start End Size File system Flags 1 0.00B 2048GB 2048GB fat32 Model: PNY CS2241 4TB SSD (nvme) Disk /dev/nvme0n1: 4001GB Sector size (logical/physical): 512B/512B Partition Table: loop Disk Flags: Number Start End Size File system Flags 1 0.00B 4001GB 4001GB ext4 Model: Samsung SSD 970 EVO Plus 1TB (nvme) Disk /dev/nvme1n1: 1000GB Sector size (logical/physical): 512B/512B Partition Table: gpt Disk Flags: Number Start End Size File system Name Flags 1 1049kB 538MB 537MB fat32 EFI System Partition boot, esp 2 538MB 1000GB 1000GB ext4 ``` :::info :bulb: `Partition Table: loop` https://askubuntu.com/questions/381211/what-is-the-loop-partition-in-ubuntu ::: ## Output From Raspberry Pi 3 B+ ```clike sudo parted -l Model: SD SD16G (sd/mmc) Disk /dev/mmcblk0: 31.7GB Sector size (logical/physical): 512B/512B Partition Table: msdos Disk Flags: Number Start End Size Type File system Flags 1 4194kB 273MB 268MB primary fat32 lba 2 273MB 31.7GB 31.4GB primary ext4 ``` :::info :information_source: **Prevent a USB external hard drive from sleeping** https://unix.stackexchange.com/questions/5211/prevent-a-usb-external-hard-drive-from-sleeping How to prevent a HDD disk from sleeping. ```bash sudo apt install hdparm sudo hdparm -l /dev/sda sudo hdparm -S 0 /dev/sda ``` ::: ## File Systems ### Types * `ext4` \: Default native file system for Linux. `ext2`, `ext3` can be mounted as `ext4` for backword compatibility, but `ext4` can not be mounted as `ext2`, `ext3`. * `iso9660` \: CD\-ROM Standard * `FAT` \: $msdos, vfat, umsdos$ is file system from Microsoft. * `HFS+` \: $hfsplus$ \: file system for Macintosh Apple. ### UUID Device name will change depand on the kernel probing order. UUID $Universally Unique Identifier$ will be identical for same device. $Disk$ Therefore, mounting a disk with UUID is possible. $`sudo mount UUID=`$ :::info :bulb: **Caching Disks** Data is always loaded into a buffer in RAM before CPU or other device can access it. Therefore, a `sync` command can be used to force updating data modification from RAM to disk. If a file system can not be removed, a `sync` command should be used. ::: ## `mount` Options :::info :information_source: **Mount Options** https://phoenixnap.com/kb/linux-mount-command ::: # # Chapter \#5 \: Bootup Linux Kernel ## Using `dmesg` :::info :information_source: **dmesg 指令的用法** https://imsardine.github.io/2016/11/06/dmesg-command/ ::: ### Sample Output This sample output is from a Raspberry Pi 3 B+. There are many information including kernel version, CPU model and even raspberry pi model showed. ```clike sudo dmesg [ 0.000000] Booting Linux on physical CPU 0x0 [ 0.000000] Linux version 6.1.21-v7+ (dom@buildbot) (arm-linux-gnueabihf-gcc-8 (Ubuntu/Linaro 8.4.0-3ubuntu1) 8.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34) #1642 SMP Mon Apr 3 17:20:52 BST 2023 [ 0.000000] CPU: ARMv7 Processor [410fd034] revision 4 (ARMv7), cr=10c5383d [ 0.000000] CPU: div instructions available: patching division code [ 0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache [ 0.000000] OF: fdt: Machine model: Raspberry Pi 3 Model B Plus Rev 1.3 ... ``` ## `dmesg` with `watch` for Real Time Monitoring > Reference \: > * How can I see dmesg output as it changes? > https://unix.stackexchange.com/questions/95842/how-can-i-see-dmesg-output-as-it-changes ```bash watch -n 0.1 "dmesg | tail -n $((LINES-6))" ``` ## Kernel Boot Parameters ```bash $ cat /proc/cmdline ───────┬──────────────────────────────────────────────────────────────────────────────────────────────────────────────── │ File: /proc/cmdline ───────┼──────────────────────────────────────────────────────────────────────────────────────────────────────────────── 1 │ BOOT_IMAGE=/boot/vmlinuz-6.8.0-59-generic root=UUID=77c4803c-a3e3-4567-a6d9-254937be4928 ro quiet splash vt.han │ doff=7 ───────┴──────────────────────────────────────────────────────────────────────────────────────────────────────────────── ``` The `root` with an UUID determine the location of the root file system. This parameter is necessary and can be `/dev/sda1` format or use UUID. ## `GRUB` Boot Loader `GRUB` $Grand Unified Boot Loader$. `GRUB` has its own kernel and `insmod` instruction to load modules. This is completely outside of Linux Kernel and will be its own thing. `GRUB`\'s instruction interface is just a Linux terminal. ### How `GRUB` Work 1. BIOS or firmware initialize hardware and searching for boot code on boot storage. 2. BIOS start `GRUB` after finding boot code. 3. Load `GRUB` kernel. 4. Initialize `GRUB` kernel and read disk and file system info. 5. `GRUB` identify boot partitions and load configure info. 6. `GRUB` provide a time period for user to change the Linux boot configuration. 7. Time out or user finish and `GRUB` run setting. 8. Possibly loading extra modules when starting partition. 9. `GRUB` run boot instructions, load and run selected Linux kernel. # Chapter \#6 \: Start User Space *Important TODO* > Reference \: > * 認識系統服務 (daemons) > https://linux.vbird.org/linux_basic/centos7/0560daemons.php ## Start Steps 1. `init` 2. Low Level Services $`udevd`, `syslogd`$ 3. Configure Internet 4. Mid to High Level Services $`cron`$ 5. Login, GUI and other applications ## `systemd` as `init` > Reference \: > * Wiki > https://zh.wikipedia.org/zh-tw/Systemd > * 第11章：控制背景運行服務介紹 > https://ithelp.ithome.com.tw/m/articles/10274348 ## Using `systemd` > Reference \: > * Linux systemd 系統服務管理基礎教學與範例 > https://blog.gtwang.org/linux/linux-basic-systemctl-systemd-service-unit-tutorial-examples/ :::info :information_source: `systemd` \& `service` * What is the difference between service and systemctl? https://serverfault.com/a/867334 ::: # Chapter \#8 \: Resource Monitoring :::success :bulb: About `PID` of threads in Linux * Are threads implemented as processes on Linux? https://unix.stackexchange.com/questions/364660/are-threads-implemented-as-processes-on-linux ::: :::info :information_source: **Linux 核心設計: Load average** https://hackmd.io/@RinHizakura/S1K4fQtaF ::: ## `htop` Utility Personally, I go for `htop` rather than `top` since it provides every information that I need and has great readability. :::info :bulb: **Understand `htop`** * 你一定用過 htop，但你有看懂每個欄位嗎？ https://medium.com/starbugs/do-you-understand-htop-ffb72b3d5629 * A Beginners Guide to htop for Process Management https://spin.atomicobject.com/htop-guide/ ::: ### Understand `htop` * **CPU Status** 1. Red \: `kernel thread`, has highest priority 2. Green \: `normal priority thread`, normal thread 3. Blue \: `low priority thread`, low priority * **Memory** 1. Green \: in-used memory 2. Blue \: `buffer pages`, store metadata 3. Orange \: `cache pages`, store content $`zram` is showed in this as well$ * **Load Average** 1 minute, 5 minutes, 15 minutes. In average how many threads need CPU * **PRI \& NI** The smaller the number the higher the priority and CPU time * **VIRT\/RES\/SHR** 1. Virtual Memory 2. Resident \: the real memory used 3. Shared Memory \: `glibc` or read-only files. Whatever files that just need one read * **State** 1. `R` \: running 2. `S` \: sleeping 3. `D` \: wait for I\/O * **Time\+** CPU times that include multiple CPUs ### Shortcut Keys > Reference \: > * How to sort processes by different criteria in htop > https://labex.io/tutorials/linux-how-to-sort-processes-by-different-criteria-in-htop-415299 ``` Direct Sorting Shortcuts htop also provides direct keyboard shortcuts for common sorting options: Press P to sort by CPU usage (Processor) Press M to sort by memory usage Press T to sort by time (cumulative CPU time) Press N to sort by process ID Try each of these shortcuts now to see how the process list changes. For example, press M to sort by memory usage. Notice how the processes are now arranged with the most memory-intensive ones at the top. Reversing Sort Order You can reverse the current sort order by pressing I (capital i). This toggles between ascending and descending order. Try sorting by CPU usage with P, then press I to reverse the order. The processes with the lowest CPU usage will now appear at the top. Column Highlighting When you sort by a specific column, that column gets highlighted to indicate it's the current sort key. This makes it easy to remember which criterion you're currently using to sort the processes. Try different sorting methods and observe how the highlighted column changes to reflect your selection. Practical Example: Finding Memory-Intensive Processes Let's practice with a specific scenario. Suppose you want to identify which processes are consuming the most memory: Press M to sort by memory usage The processes are now ordered by memory consumption (highest to lowest) The top processes in the list are your system's most memory-intensive applications This sorting method is extremely useful when troubleshooting memory issues or identifying memory leaks. When you're done exploring, exit htop by pressing q. ``` ## `lsof` > Reference \: > * Linux 列出行程開啟的檔案，lsof 指令用法教學與範例 > https://blog.gtwang.org/linux/linux-lsof-command-list-open-files-tutorial-examples/ ## `strace` \& `ltrace` https://www.youtube.com/watch?v=2AmP7Pse4U0 ## Multi-thread ### Check Program Thread Information A `- -` represent a thread used by the program. ```clike ps m PID TTY STAT TIME COMMAND ... 3988443 pts/4 - 66:10 /usr/bin/python3 /home/erebus/.local/bin/nvitop - - Sl+ 24:53 - - - Sl+ 18:16 - - - Sl+ 12:49 - - - Sl+ 10:10 - ``` Provide `PID` and `TID` ```clike ps m -o pid,tid,tty,stat,time,command PID TID TT STAT TIME COMMAND ... 3988443 - pts/4 - 01:06:15 /usr/bin/python3 /home/erebus/.local/bin/nvitop - 3988443 - Sl+ 00:24:55 - - 3988447 - Sl+ 00:18:18 - - 3988448 - Sl+ 00:12:50 - - 3988449 - Sl+ 00:10:11 - ``` ## Networking ### Socket Statistics How to Use the ss Command $Linux Crash Course Series$ https://www.youtube.com/watch?v=phY8Q7Woxsw