# Lab 1: Introduction to Linux ## *Kseniya Evdokimova* --- ## Excercise 1 - Text processing: #### 1. Part - echo pipes redirects and quotes - on your machine login with password. Open terminal. Check your location `$pwd` - create directory `$mkdir mydocs` - change directory `$cd mydocs` - create file `$touch textproc` - check directory `$ls -la` - copy the files from the /home/$USER/mydocs/textproc directory into your home directory `$cd ..` `$cp -R mydocs/textproc ~ ` - Type in the following in a shell `$echo “My name is $USER and my home directory is $HOME” > simple_echo` `$cat simple_echo`  - We will now append to the file using “>>” `$echo "My Salary is "$"100" >> simple _echo` `$cat simple_echo` - Notice how the following copies a file. Same as using $cp simple_echo new_echo. `$cat simple_echo > new_echo` - If we cat a file that doesn’t exist `$cat nofile` - We get an error message. This is stderr. Let’s handle that using the 2> `$cat nofile 2> error_out` - If you view the error_out it now contains the error messages that would have gone to the screen. We can send errors to the same place as stdout by using the 2>&1 `$cat nofile > allout 2>&1` - We should now have a file that contains the “simple_echo” text and the error message in the file “allout”. Now let’s see what the << does. Type in the following `$cat << foobar` `Hello foobar` `foobar` - Notice how it only outputs when the line foobar is entered on its own line. Let’s add line numbers to the file fragmented using the nl command. Before you use it, create a file “fragmented.txt” with 5 lines of any text `$nl < fragmented.txt`   - Notice how it only puts line numbers on lines with entries. Also re-run the command without the “<”. It should still work. This is because it takes its std input from a file. If no file was specified then it would expect std in from the keyboard. Try it. You will get a flashing cursor. Put some values in followed by return. Notice it numbers each entry. Use Ctrl-c to end it. - Now let us read std input from the keyboard until a specific marker. We will make the specific marker the word “end” `$sort << end`  - Enter some names followed by return. Then the last entry type “end”. Notice how it finishes the stdin from the keyboard and outputs the sorted information. If you wanted to store this information `$sort << end > sorted` - If you wanted to line number this output regardless of blank lines `$sort << end | nl –ba > sorted_numbered` - You can turn on the backslash escaped character like tab, backspace, form feed, newline etc, by specifying –e with echo `$echo -e "Next is the \nNew line"`  #### 2. Part - Heads and tails, cat and tac - Create a file and following data inside `$echo -e "for1\nfor2\nfor3\nfor4\nfor5\nfor6\nfor7\nfor8\nfor9\nfor10" > numbers` - To see the last 5 numbers we can use `tail -n5 numbers` - To look at the first 3 lines we can use `$head -n3 numbers` - If you want to reverse the file use tac `$tac numbers`  #### 3. Part - Cutting comments - To cut out specific information from a file you can use the cut command. You can specify delimiters and fields within the cut command. Following will pull out field 1, 4 and 5 in the passwd file `$cut –d: -f1,4,5 /etc/passwd`  - To output the mounted filesystems. Space as the field delimiter `$ cut -d" " -f1,2 /etc/mtab`   - Extracting fields 1 3 11 and 12 from a uname kernel output. `$uname -a | cut -d" " -f1,3,11,12`  ### The similar way I also got myself acquainted with the rest parts of commands: #### 4. Part - Unique lines extraction, sorting and filtering #### 5. Part - Debian Package Management DPKG #### 6. Part - Using APT ## **Questions to answer:** ### 1. What is /etc/apt/sources.list.d directory stands for? How can you use it? Provide an example. *etc* - (et cetera) hierarchy contains configuration files. A "configuration file" is a local file used to control the operation of a program; it must be static and cannot be an executable binary. *apt* - Advanced Package Tool is a free-software user interface that works with core libraries to handle the installation and removal of software on Debian, and Debian-based Linux Distributions *sources.list* - List of configured APT data sources *d* - directory */etc/apt/sources.list.d/* is designed to support any number of active sources and a variety of source media, provides a way to add sources.list entries in separate files. *Example of usage:* New repositories can be easily added without the need to edit the central /etc/apt/sources.list file: just put a file with a unique name and the same format as /etc/apt/sources.list into this folder and it is used by apt. The removing of the specific file will happen without the need for handling side effects, parsing or mangling with /etc/apt/sources.list. *More specific example of usage:* You can create the file somewhere and then copy it to the etc/apt/sources.list.d: `sudo cp path/to/some-repository.list /etc/apt/sources.list.d/`  ### 2. How can you add/delete 3rd party repositories to install required software? Provide an example. *To add a repository:* - Open Software & Updates via the Activities search bar. - Switch to the Other Software tab. - Click Add and enter the APT line for the repository. This should be available from the website of the repository, and should look similar to: deb http://archive.ubuntu.com/ubuntu/ impish main - Click Add Source. Enter your password in the Authenticate window. - Close the Software & Updates window. Ubuntu Software will then check your software sources for new software. - Most repositories provide a signing key to be able to verify downloaded packages. So in addition to the steps above, you should follow possible instructions on how to download and install the signing key (GPG key). Or with the command: *sudo apt-add-repository -r <repository name>* as in the previous question:  *You can disable third party repository by following any of two ways:* - Execute this command in terminal `sudo software-properties-gtk` In Software Sources window go to Other Softwares .tab and delete or uncheck the repositories listed there. First delete/uncheck the repositories except first four. If it doesn't solve your issue then Uncheck the first four also. Close and run `sudo apt-get update` - You can also disable by following these steps: Ubuntu Software Center > Edit > Software Sources > Other Software tab > clear/uncheck the check-boxes. Follow the same rule as given in 1st method. 3rd part repository provides additional packages/software which are generally not available in default Ubuntu repository. So disabling it would not cause any issue. ### 3. When do you need to get public key for the usage of the remote repo? Provide an example. As far as I understand, the question is regarding the public key authentication with SSH (Secure Shell). To exclude the brute-force attacks. Example: In order to provide remote communication, SSH uses public (to encrypt data) and private keys (to decypher the data). The public key is sent to the remote server for SSH key authentication. Then SSH compares the public and private keys. The access will be given, if they will match. To generate SSH key pair the following command is used:  ## Excercise 2 - Managing processes: #### I got myself acquainted with the theoretical material regarding the commands: #### 1. Part - Process id and jobs #### 2. Part - Nice and Renice ## Questions to answer: ### 1. Describe how “top” works. Explain all important fields in its output based on your system resources.  The `top` command allows users to monitor processes and system resource usage on Linux. *How to work with it?* To use it we just need to type "top". The upper half of the output contains statistics on processes and resource usage, while the lower half contains a list of the currently running processes. By using the arrow keys and Page Up/Down keys to browse through the list. For quiting “q” is used. *Elaboration on the output of top command* *And example in the brackets based on the first line of the table output in the image:*  - PID (129657) The process ID, a unique positive integer that identifies a process. - USER (root) This is the “effective” username (which maps to a user ID) of the user who started the process. Linux assigns a real user ID and an effective user ID to processes; so a process can act on the behalf of another user later (For instance, a non-root user can elevate to root in order to install a package). - PR (20; Can be 20(highest) or -20(lowest)) The scheduling priority of the process from the perspective of the kernel. The nice value (NI) affects the priority of a process. - NI (0) The “NI” field shows the “nice” value of a process. These next three fields are related with to memory consumption of the processes. - VIRT (8064) The total amount of virtual memory consumed by a process. This includes the program’s code, the data stored by the process in memory, as well as any regions of memory that have been swapped to the disk. - RES (3660) The memory consumed by the process in RAM - %MEM (0,2) The percentage of the total RAM available. - SHR (3096) The amount of memory shared with other processes. - S (R ) As we have seen before, a process may be in various states. This field shows the process state in the single-letter form. - TIME+ (0:00.05) This is the total CPU time used by the process since it started, precise to the hundredths of a second. - COMMAND (top) The COMMAND column shows the name of the processes. ### 2. Explain briefly each process states from the output of the “top” command. In Linux, a process is an instance of executing a program or command. While these processes exist, they’ll be in one of the five possible states: * Runnable - R: A process in this state is either executing on the CPU, or it is present on the run queue, ready to be executed. * Interruptible sleep - S: Processes in this state are waiting for an event to complete. * Uninterruptible sleep - D: In this case, a process is waiting for an I/O operation to complete. * Stopped - T: These processes have been stopped by a job control signal (such as by pressing Ctrl+Z) or because they are being traced. * Zombie - Z: The kernel maintains various data structures in memory to keep track of processes. A process may create a number of child processes, and they may exit while the parent is still around. However, these data structures must be kept around until the parent obtains the status of the child processes. Such terminated processes whose data structures are still around are called zombies. In my example:   there are 100 sleeping processes and only one (with PID 129657) is running; no zombies nor stopped processes. We can only find ### 3. What happens to a child process that dies and has no parent process to wait for it and what’s bad about this? A child process becomes a zombie only when its parent process hasn't died and hasn't yet waited for it. If the original parent died, then the child becomes an orphaned child. It is reclaimed or adopted by the init process (PID 1), which waits for its (inherited) children to die and remove them from the process list, since they are not zombies. Between the time that the child dies and the parent collects the exit information via wait() /waitpid()/waitid()/other, it is a zombie in the process list, shown as defunct by ps. ### 4. How to know which process ID used by application? For this goal several approaches are acceptible. - The pid of a running program: `pidof <application name>` For example, to find the PID of the SSH server, you would run:: `pidof sshd`  - PID of the process Linux file is busy with by the filename Using the `lsof` utility, you can see which processes are using the directory or the file currently. For instance:  - Fuser is similar to the previous, but with only PID, filename and current state:  - Also we can find out PID, if we know the name of the process: `ps aux | grep "process_name"` (without the PID for the grep:`ps aux | grep имя_процесса | grep -v grep`), `pgrep process_name"`, etc.  ### 5. What is a zombie process and what could be the cause of it? How to find and kill zombie process? Regarding the first part of the question, as was mentioned earlier: *A zombie process or defunct process* is a process that has completed execution (via the exit system call) but still has an entry in the process table: it is a process in the "Terminated state". *Possible causes:* a process that has finished its execution and is waiting for its Parent to read its exit status. Because the child process has finished, it is technically a “dead” process. However, since it is waiting for its parent, there is still an entry in the process table. The zombie's parent process does not necessarily need to be running for a zombie to appear, but it is most common to see a zombie process whose parent has died unexpectedly.  *How to find:* Zombie processes can be spotted with the `ps` command: a zombie process will have `z` in the STAT column (column with the statuses of the processes)and commonly the words `<defunct>` in the CMD column. Example: `ps -elf | grep Z` or `ps aux | grep defunct`  My example does not have zombies:  *How to kill:* Linux zombie processes are not executed and cannot be killed, even with sigkill, they continue to hang in memory until their parent process is completed. What should we do then? We should find the parent with `ps -o ppid= <Child_PID>`. If the parent process is still active (not PID 1), then it is stalled on a certain task and has not yet read the exit status of the child processe(-s). At this point you can use the `strace` command to attach to the parent process and troubleshoot from there. You may also can make the parent process exit cleanly taking its zombie children with it by using the `kill` command. Kill command with the default signal -15 (SIGTERM) will tell the parent process to exit cleanly (more likely to read the exit status of the zombie children). If the parent process is no longer active, then the clean up activity becomes a choice: you can leave the zombie processes on your system or reboot. A Zombie process whose parent is no longer active is not going to be cleaned up without rebooting the system. If the zombie processes are only in small numbers and not reoccurring or multiplying than it may be best to leave these processes be until the next reboot. If however they are multiplying or in a large number than this is an indication that there is a significant issue with your system.