PHP5 Hosting, Java , Jsp, J2Ee, Struts, Servlets And Jboss Blog

Book II Chapter 2 Commanding the Shell Discovering and Using Linux Commands 161 Substituting or deleting characters from a file Another interesting command is tr it substitutes one group of characters for another (or deletes a selected character) throughout a file. Suppose that you occasionally have to use MS-DOS text files on your Linux system. Although you may expect to use a text file on any system without any problems, you find one catch: DOS uses a carriage return followed by a line feed to mark the end of each line, whereas Linux uses only a line feed. On your Linux system, you can get rid of the extra carriage returns in the DOS text file by using the tr command with the -d option. Essentially, to convert the DOS text file filename.dos to a Linux text file named filename.linux, type the following: tr -d 15 < filename.dos > filename.linux In this command, 15 denotes the code for the carriage-return character in octal notation. Splitting a file into several smaller files The split command is handy for those times when you want to copy a file to a floppy disk, but the file is too large to fit on a single floppy. You can then use the split command to break up the file into multiple smaller files, each of which can fit on a floppy. By default, split puts 1,000 lines into each file. The files are named by groups of letters such as aa, ab, ac, and so on. You can specify a prefix for the filenames. For example, to split a large file called hugefile.tar into smaller files that fit into several high-density 3.5-inch floppy disks, use split as follows: split -b 1440k hugefile.tar part. This command splits the hugefile.tar file into 1440K chunks so each one can fit onto a floppy disk. The command creates files named part.aa, part.ab, part.ac, and so on. To combine the split files back into a single file, use the cat command as follows: cat part.?? > hugefile.tar In this case, the two question marks (??) match any two character extension in the filename. In other words, the filename part.?? would match all filenames such as part.12, part.aa, part.ab, part.2b, and so on.#BREAK# 162 Writing Shell Scripts Writing Shell Scripts If you have ever used MS-DOS, you may remember MS-DOS batch files. These are text files with MS-DOS commands. Similarly, shell scripts are also text files with a bunch of shell commands. If you aren t a programmer, you may feel apprehensive about programming. But shell programming can be as simple as storing a few commands in a file. Right now, you might not be up to writing complex shell scripts, but you can certainly try out a simple shell script. To try your hand at a little shell programming, type the following text at the shell prompt exactly as shown and then press Ctrl+D when you re done: cd cat > simple #!/bin/sh echo This script s name is: $0 echo Argument 1: $1 echo Argument 2: $2 The cd command changes the current directory to your home directory. Then the cat command displays whatever you type; in this case, I m sending the output to a file named simple. After you press Ctrl+D, the cat command ends and you see the shell prompt again. What you have done is created a file named simple that contains the following shell script: #!/bin/sh echo This script s name is: $0 echo Argument 1: $1 echo Argument 2: $2 The first line causes Linux to run the Bash shell program (its name is /bin/ bash). The shell then reads the rest of the lines in the script. Just as most Linux commands accept command-line options, a Bash script also accepts command-line options. Inside the script, you can refer to the options as $1, $2, and so on. The special name $0 refers to the name of the script itself. To run this shell script, first you have to make the file executable (that is, turn it into a program) with the following command: chmod +x simple Now run the script with the following command: ./simple one two#BREAK# Book II Chapter 2 Commanding the Shell Writing Shell Scripts 163 This script s name is: ./simple Argument 1: one Argument 2: two The ./ prefix to the script s name indicates that the simple file is in the current directory. This script simply prints the script s name and the first two command-line options that the user types after the script s name. Next, try running the script with a few arguments, as follows: ./simple This is one argument second-argument third This script s name is: ./simple Argument 1: This is one argument Argument 2: second-argument The shell treats the entire string within the double quotation marks as a single argument. Otherwise, the shell uses spaces as separators between arguments on the command line. Most useful shell scripts are more complicated than this simple script, but this simple exercise gives you a rough idea of how to write shell scripts. Place Linux commands in a file and use the chmod command to make the file executable. Voil ! You have created a shell script!#BREAK# 164 Book II: Linux Desktops#BREAK# Chapter 3: Navigating the Linux File System In This Chapter Understanding the Linux file system Navigating the file system with Linux commands Understanding file permissions Manipulating files and directories with Linux commands To use files and directories well, you need to understand the concept of a hierarchical file system. Even if you use the GUI file managers to access files and folders (folders are also called directories), you can benefit from a lay of the land of the file system. In this chapter, I introduce you to the Linux file system, and you discover how to work with files and directories with several Linux commands. Understanding the Linux File System Like any other operating system, Linux organizes information in files and directories. Directories, in turn, hold the files. A directory is a special file that can contain other files and directories. Because a directory can contain other directories, this method of organizing files gives rise to a hierarchical structure. This hierarchical organization of files is called the file system. The Linux file system gives you a unified view of all storage in your PC. The file system has a single root directory, indicated by a forward slash (/). Within the root directory is a hierarchy of files and directories. Parts of the file system can reside in different physical media, such as hard drive, floppy disk, and CD-ROM. Figure 3-1 illustrates the concept of the Linux file system (which is the same in any Linux system) and how it spans multiple physical devices. If you re familiar with MS-DOS or Windows, you may find something missing in the Linux file system: You don t find drive letters in Linux. All disk drives and CD-ROM drives are part of a single file system. In Linux, you can have long filenames (up to 256 characters), and filenames are case-sensitive. Often these filenames have multiple extensions, such as#BREAK# 166 Understanding the Linux File System sample.tar.Z. UNIX filenames can take many forms, such as the following: index.html, Makefile, binutils_2.14.90.0.7-8_i386.deb, vsftpd- 1.2.1-5.i386.rpm, .bash_profile, and httpd_src.tar.gz. To locate a file, you need more than just the filename. You also need information about the directory hierarchy. The extended filename, showing the full hierarchy of directories leading to the file, is called the pathname. As the name implies, it s the path to the file through the maze of the file system. Figure 3-2 shows a typical pathname for a file in Linux. As Figure 3-2 shows, the pathname has the following parts: . The root directory, indicated by a forward slash (/) character. . The directory hierarchy, with each directory name separated from the previous one by a forward slash (/) character. A / appears after the last directory name. . The filename, with a name and one or more optional extensions. (A period appears before each extension.) CD-ROM Hard Drive Floppy Disk /(root) Linux File System /bin /boot /dev /mnt/dcrom /mnt/floypp /usr/X11R6 /usr/doc /usr/laolc /usr/sehar /usr/csr /etc /mnt /sbin /usr Figure 3-1: The Linux file system provides a unified view of storage that may span multiple storage devices.#BREAK# Book II Chapter 3 Navigating the Linux File System Understanding the Linux File System 167 The Linux file system has a well-defined set of top-level directories, and some of these directories have specific purposes. Finding your way around the file system is easier if you know the purpose of these directories. You also become adept at guessing where to look for specific types of files when you face a new situation. Table 3-1 briefly describes the top-level directories in the Linux file system. Table 3-1 Top-Level Directories in the Linux File System Directory Description / This root directory forms the base of the file system. All files and directories are contained logically in the root directory, regardless of their physical locations. /bin Contains the executable programs that are part of the Linux operating system. Many Linux commands, such as cat, cp, ls, more, and tar, are located in /bin. /boot Contains the Linux kernel and other files that the LILO and GRUB boot managers need. (The kernel and other files can be anywhere, but placing them in the /boot directory is customary.) /dev Contains special files that represent devices attached to the system. /etc Contains most system configuration files and the initialization scripts (in the /etc/rc.d subdirectory). /home Conventional location of the home directories of all users. User naba s home directory, for example, is /home/naba. /lib Contains library files for all programs stored in /sbin and /bin directories (including the loadable driver modules) needed to start Linux. /lost+found Directory for lost files. Every disk partition has a lost+found directory. (continued) Root directory First-level directory /home/naba/public_html/index.html Directory separator Name Extension Second-level directory Third-level directory Figure 3-2: Filename The pathname of a file shows the sequence of directories leading up to the file.#BREAK# 168 Understanding the Linux File System Table 3-1 (continued) Directory Description /mnt A directory for temporarily mounted file systems, such as CD-ROM drives, floppy disks, and Zip drives. Contains the /mnt/floppy directory for mounting floppy disks and the /mnt/cdrom directory for mounting the CD-ROM drive. /opt Provides a storage area for large application software packages. For example, some distributions install the OpenOffice.org office suite in the /opt directory. /proc A special directory that contains various information about the processes running in the Linux system. /root The home directory for the root user. /sbin Contains executable files representing commands typically used for system administration tasks and used by the root user. Commands such as halt and shutdown reside in the /sbin directory. /selinux Contains information used by the Security Enhanced Linux (SELinux) kernel patch and utilities that provide a more secure access control system for Linux. /sys A special directory that contains information about the devices, as seen by the Linux kernel. /tmp A temporary directory that any user can use as a scratch directory, meaning that the contents of this directory are considered unimportant and usually are deleted every time the system boots. /usr Contains the subdirectories for many important programs, such as the X Window System (in the /usr/X11R6 directory) and the online manual. (Table 3-2 shows some of the standard subdirectories in /usr.) /var Contains various system files (such as logs), as well as directories for holding other information, such as files for the Web server and anonymous FTP server. The /usr and /var directories also contain a number of standard subdirectories. Table 3-2 lists the important subdirectories in /usr. Table 3-3 shows a similar breakdown for the /var directory. Table 3-2 Important /usr Subdirectories Subdirectory Description /usr/X11R6 Contains the X.org X11 (X Window System) software. /usr/bin Contains executable files for many more Linux commands, including utility programs that are commonly available in Linux but aren t part of the core Linux operating system.#BREAK# Book II Chapter 3 Navigating the Linux File System Understanding the Linux File System 169 Subdirectory Description /usr/games Contains some old Linux games. /usr/include Contains the header files (files names ending in .h) for the C and C++ programming languages; also includes the X11 header files in the /usr/include/X11 directory and the Linux kernel header files in the /usr/include/linux directory. /usr/lib Contains the libraries for C and C++ programming languages; also contains many other libraries, such as database libraries, graphical toolkit libraries, and so on. /usr/local Contains local files. The /usr/local/bin directory, for example, is supposed to be the location for any executable program developed on your system. /usr/sbin Contains many administrative commands, such as commands for electronic mail and networking. /usr/share Contains shared data, such as default configuration files and images for many applications. For example, /usr/share/ gnome contains various shared files for the GNOME desktop, and /usr/share/doc has the documentation files for many Linux applications (such as the Bash shell, the Sawfish window manager, and the GIMP image-processing program). /usr/share/man Contains the online manual (which you can read by using the man command). /usr/src Contains the source code for the Linux kernel (the core operating system). Table 3-3 Important /var Subdirectories Subdirectory Description /var/cache Storage area for cached data for applications. /var/lib Contains information relating to the current state of applications. /var/lock Contains locked files to ensure that a resource is used by one application only. /var/log Contains log files organized into subdirectories. The syslogd server stores its log files in /var/log, with the exact content of the files depending on the syslogd configuration file /etc/syslog.conf. For example, /var/log/messages is the main system log file; /var/log/secure contains log messages from secure services (such as sshd and xinetd); and /var/log/maillog contains the log of mail messages. /var/mail Contains user mailbox files. /var/opt Contains variable data for packages stored in /opt directory. /var/run Contains data describing the system since it was booted. (continued)#BREAK# 170 Using GUI File Managers Table 3-3 (continued) Subdirectory Description /var/spool Contains data that s waiting for some kind of processing. /var/tmp Contains temporary files preserved between system reboots. /var/yp Contains Network Information Service (NIS) database files. Using GUI File Managers Both GNOME and KDE desktops come with GUI file managers that enable you to easily browse the file system and perform tasks such as copying or moving files. The GNOME file manager is called Nautilus and the KDE file manager is Konqueror. I briefly describe these GUI file managers in the following sections. Using the Nautilus shell The Nautilus file manager more accurately called a graphical shell comes with GNOME. Nautilus is intuitive to use it s similar to the Windows Active Desktop. You can manage files and folders and also manage your system with Nautilus. The latest version of Nautilus has changed from what you may have known in previous versions of Red Hat Linux or Fedora Core. Nautilus now provides a new Object Window view in addition to the navigation window that you know from the past. When you double-click any object on the desktop, Nautilus opens an object window that shows that object s contents. If you want the older navigation window with its Web browser-like user interface, right-click a folder and choose Open.Browse Folder from the pop-up menu. Viewing files and folders in object windows When you double-click a file or a folder, Nautilus opens that object in what it calls an object window. Unlike the Nautilus windows of the past windows that enabled you to navigate the directory hierarchy the object window doesn t have any Back and Forward buttons, toolbars, or side panes. For example, double-click the Start Here icon on the left side of the GNOME desktop, and Nautilus opens an object window where it displays the contents of the Start Here object. If you then double-click an object inside that window, Nautilus opens another object window where that object s contents appear. Figure 3-3 shows the result of double-clicking some objects in Nautilus. The Nautilus object window has a sparse user interface that has just the menu bar. You can perform various operations from the menu bar such as open an object using an application, create folders and documents, and close the object window. #BREAK# Book II Chapter 3 Navigating the Linux File System Using GUI File Managers 171 Burning data CDs from Nautilus If you have a CD recorder attached to your system (it can be a built-in ATAPI CD recorder or an external one attached to the USB port), you can use Nautilus to burn data CDs. From a Nautilus object window, you can access the CD Creator built into Nautilus. Just follow these simple steps: 1. In any Nautilus object window, choose Places.CD Creator. Nautilus opens a CD Creator object window. Note: If you don t have any Nautilus object windows open, just doubleclick the Computer icon on the desktop. 2. From other Nautilus windows, drag and drop into the CD Creator window whatever files and folders you want to put on the CD. To get to files on your computer, double-click the Computer icon to open it in Nautilus and find the files you want. Then drag and drop those file or folder icons into the CD Creator window. 3. From the CD Creator window, choose File.Write to Disc. Nautilus displays a dialog box where you can select the CD recorder, the write speed, and several other options, such as whether to eject the CD when done. You can also specify the CD title. Figure 3-3: By default, Nautilus opens a new object window for each object.#BREAK# 172 Using GUI File Managers 4. Click the Write button. Nautilus burns the CD. Browsing folders in a navigation window If you prefer to use the familiar navigation window for browsing folders, you have to do a bit of extra work. Instead of double-clicking an icon, right-click the icon and choose Browse Folder from the context menu. Nautilus then opens a navigation window with the contents of the object represented by the icon. For example, double-click the Home Folder icon in the upper-left corner of the GNOME desktop. Nautilus opens a navigation window where it displays the contents of your home directory. (Think of a directory as a folder that can contain other files and folders.) Figure 3-4 shows a typical user s home directory in a Nautilus navigation window. The navigation window is vertically divided into two parts. The left pane shows different views of the file system and other objects that you can browse with Nautilus. The right pane shows the files and folders in the currently selected folder in the left pane. Nautilus displays icons for files and folders. For image files, it shows a thumbnail of the image. Figure 3-4: You can view files and folders in the Nautilus navigation window.#BREAK# Book II Chapter 3 Navigating the Linux File System Using GUI File Managers 173 The navigation window s user interface is similar to that of a Web browser. The window s title bar shows the name of the currently selected folder. The Location text box along the top of the window shows the full name of the directory in Linuxspeak for example, Figure 3-4 shows the contents of the /home/naba directory. If you have used Windows Explorer, you can use the Nautilus navigation window in a similar manner. To view the contents of another directory, do the following: 1. Select Tree from the Information drop-down menu (located in the left window). A tree menu of directories appears in that window. Initially the tree shows your home folder and the file system s root directory as a FileSystem folder. 2. Click the right arrow next to the FileSystem folder; in the resulting tree view, locate the directory you want to browse. For example, to look at the /etc directory, click the right arrow next to the etc directory. Nautilus displays the subdirectories in /etc and changes the right arrow to a down arrow. X11 is one of the subdirectories in /etc that you view in the next step. 3. To view the contents of the X11 subdirectory, click X11. The window on the right now shows the contents of the /etc/X11 directory. Nautilus displays the contents of the selected directory by using different types of icons. Each directory appears as a folder with the name of the directory shown underneath the folder icon. Ordinary files, such as xorg.conf, appear as a sheet of paper. The X file is a link to an executable file. The prefdm file is another executable file. The Nautilus navigation window has the usual menu bar and a toolbar. Notice the View as Icons button in Figure 3-4 on the right side of the toolbar. This button shows that Nautilus is displaying the directory contents with large icons. Click the button, and a drop-down list appears. Select View as List from the list, and Nautilus displays the contents by using smaller icons in a list format, along with detailed information, such as the size of each file or directory and the time when each was last modified, as shown in Figure 3-5.#BREAK# 174 Using GUI File Managers If you click any of the column headings Name, Size, Type, or Date Modified along the top of the list view, Nautilus sorts the list according to that column. For example, go ahead and click the Date Modified column heading. Nautilus now displays the list of files and directories sorted according to the time of their last modification. Clicking the Name column heading sorts the files and folders alphabetically. Not only can you move around different folders by using the Nautilus navigation window, you can also do things such as move a file from one folder to another or delete a file. I don t outline each step the steps are intuitive and similar to what you do in any GUI, such as Windows or Mac. Here are some of the things you can do in Nautilus: . To move a file to a different folder, drag and drop the file s icon on the folder where you want the file. . To copy a file to a new location, select the file s icon and choose Edit. Copy File from the Nautilus menu. You can also right-click the file s icon and choose Copy File from the context menu. Then move to the folder where you want to copy the file and choose Edit.Paste Files. . To delete a file or directory, right-click the icon, and choose Move to Trash from the context menu. (You can do this only if you have permission to delete the file.) To permanently delete the file, right-click the Trash icon on the desktop and choose Empty Trash from the context menu. Of course, do this only if you really want to delete the file. Once you Empty Trash, you are never going to see the file again. If you have to Figure 3-5: The Nautilus navigation window with a list view of the /etc/X11 directory.#BREAK# Book II Chapter 3 Navigating the Linux File System Using GUI File Managers 175 retrieve a file from the trash, double-click the Trash icon and then drag the file s icon back to the folder where you want to save it. You can retrieve a file from the trash until you empty it. . To rename a file or a directory, right-click the icon and choose Rename from the context menu. Then you can type the new name (or edit the name) in the text box that appears. . To create a new folder, right-click an empty area of the window on the right and choose Create Folder from the context menu. After the new folder icon appears, you can rename it by right-clicking the icon and choosing Rename from the context menu. If you don t have permission to create a folder, that menu item is grayed out. Using Konqueror Konqueror is a file manager and Web browser that comes with KDE. It s intuitive to use somewhat similar to the Windows Active Desktop. You can manage files and folders (and also view Web pages) with Konqueror. Viewing files and folders When you double-click a folder icon on the desktop, Konqueror starts automatically. For example, double-click the Home icon in the upper-left corner of the KDE desktop. Konqueror runs and displays the contents of your home directory (think of a directory as a folder that can contain other files and folders). Figure 3-6 shows a typical user s home directory in Konqueror. If you ve used Windows Explorer, you can use Konqueror in a similar manner. Figure 3-6: You can view files and folders in Konqueror.#BREAK# 176 Using GUI File Managers The Konqueror window is vertically divided into three parts: . A narrow left pane shows icons you can click to perform various tasks in Konqueror. . A wider middle pane (that can be toggled on or off) shows a tree view of the current folder. . The widest pane (at the right) uses icons to show the files and folders in the current folder. Konqueror uses different types of icons for different files and shows a preview of each file s contents. For image files, the preview is a thumbnail version of the image. The Konqueror window s title bar shows the name of the currently selected directory. The Location text box (along the top of the window) shows the full name of the directory in this case, Figure 3-6 shows the contents of the /home/naba directory. Use the leftmost vertical row of buttons to select other things to browse. When you click one of these buttons, the middle pane displays a tree menu of items that you can browse. For example, to browse other parts of the file system, do the following: 1. From the leftmost vertical column of icons in the Konqueror window (refer to Figure 3-6), click the Root Folder icon (the second icon from the bottom). A tree menu of directories appears in the middle pane. 2. In the tree view, locate the folder that you want to browse. For example, to look at the etc folder, click the plus sign next to the etc folder. Konqueror displays the other folders and changes the plus sign to a minus sign. 3. To view the contents of the X11 subdirectory, scroll down and click X11. The pane on the right now shows the contents of the /etc/X11 directory. Konqueror displays the contents of a folder using different types of icons. Each directory appears as a folder, with the name of the directory shown underneath the folder icon. Ordinary files appear as a sheet of paper. The Konqueror window has the usual menu bar and a toolbar. You can view the files and folders in other formats as well. For example, choose View.View Mode.Detailed List View to see the folder s contents with smaller icons in a list format (see Figure 3-7), along with detailed information (such as the size of each file or directory, and at what time each was last modified).#BREAK# Book II Chapter 3 Navigating the Linux File System Using GUI File Managers 177 If you click any of the column headings Name, Size, File Type, or Modified, to name a few along the top of the list view, Konqueror sorts the list according to that column. For example, if you click the Modified column heading, Konqueror displays the list of files and folders sorted according to the time of last modification. Clicking the Name column heading sorts the files and directories alphabetically by name. Not only can you move around different folders by using Konqueror, you can also do things such as move a file from one folder to another or delete a file. I don t outline each step because the steps are intuitive and similar to what you do in any GUI (such as Windows or the Mac interface). Here are some things you can do in Konqueror: . View a text file: Click the filename, and Konqueror runs the KWrite word processor, displaying the file in a new window. . Copy or move a file to a different folder: Drag and drop the file s icon on the folder where you want the file to go. A menu pops up and asks you whether you want to copy, move, or simply link the file to that directory. . Delete a file or directory: Right-click the icon and choose Move to Trash from the context menu. To permanently delete the file, right-click the Trash icon on the desktop and choose Empty Trash from the context menu. Of course, do this only if you really want to delete the file. When you Empty Trash, the deleted files are really gone forever. If you want to recover a file from the trash, double-click the Trash icon on the desktop and from that window drag and drop the file icon into the folder where you want to save the file. When asked whether you want to copy or move, select Move. You can recover files from the trash until the moment you empty the trash. Figure 3-7: Konqueror shows a detailed list view of the /etc/X11 directory.#BREAK# 178 Using GUI File Managers . Rename a file or a directory: Right-click the icon and choose Rename from the context menu. Then you can type the new name (or edit the old name) in the text box that appears. . Create a new folder: Choose View.View Mode.Icon View. Then rightclick an empty area of the rightmost pane and choose Create New. Directory from the context menu. Then type the name of the new directory and click OK. (If you don t have permission to create a directory, you get an error message.) Viewing Web pages Konqueror is much more than a file manager. With it, you can view a Web page as easily as you can view a folder. Just type a Web address in the Location text box and see what happens. For example, Figure 3-8 shows the Konqueror window after I type www.irs.gov in the Location text box on the toolbar and press Enter. Konqueror displays the Web site in the pane on the right. The left pane still shows whatever it was displaying earlier. Figure 3-8: Konqueror can browse the Web as well.#BREAK# Book II Chapter 3 Navigating the Linux File System Navigating the File System with Linux Commands 179 Navigating the File System with Linux Commands Although GUI file managers such as Nautilus (in GNOME) or Konqueror (in KDE) are easy to use, you can use them only if you have a working GUI desktop. Sometimes, you may not have a graphical environment to run a graphical file manager. For example, you may be logged in through a text terminal, or X may not be working on your system. In those situations, you have to rely on Linux commands to work with files and directories. Of course, you can always use Linux commands, even in the graphical environment all you have to do is open a terminal window and type the Linux commands. In the sections that follow, I briefly show some Linux commands for moving around the Linux file system. Commands for directory navigation In Linux, when you log in as root, your home directory is /root. For other users, the home directory is usually in the /home directory. My home directory (when I log in as naba) is /home/naba. This information is stored in the /etc/passwd file. By default, only you have permission to save files in your home directory, and only you can create subdirectories in your home directory to further organize your files. Linux supports the concept of a current directory, which is the directory on which all file and directory commands operate. After you log in, for example, your current directory is the home directory. To see the current directory, type the pwd command. To change the current directory, use the cd command. To change the current directory to /usr/lib, type the following: cd /usr/lib Then, to change the directory to the cups subdirectory in /usr/lib, type this command: cd cups Now, if you use the pwd command, that command shows /usr/lib/cups as the current directory. These two examples show that you can refer to a directory s name in two ways: . An absolute pathname (such as /usr/lib) that specifies the exact directory in the directory tree . A relative directory name (such as cups, which represents the cups subdirectory of the current directory, whatever that may be)#BREAK# 180 Navigating the File System with Linux Commands If you type cd cups in /usr/lib, the current directory changes to /usr/ lib/cups. However, if I type the same command in /home/naba, the shell tries to change the current directory to /home/naba/cups. Use the cd command without any arguments to change the current directory back to your home directory. No matter where you are, typing cd at the shell prompt brings you back home! By the way, the tilde character (~) refers to your home directory. Thus the command cd ~ also changes the current directory to your home directory. You can also refer to another user s home directory by appending that user s name to the tilde. Thus, cd ~superman changes the current directory to the home directory of superman. Wait, there s more. A single dot (.) and two dots (..) often cleverly referred to as dot-dot also have special meanings. A single dot (.) indicates the current directory, whereas two dots (..) indicate the parent directory. For example, if the current directory is /usr/share, you go one level up to /usr by typing cd .. Commands for directory listings and permissions You can get a directory listing by using the ls command. By default, the ls command without any options displays the contents of the current directory in a compact, multicolumn format. For example, type the next two commands to see the contents of the /etc/X11 directory: cd /etc/X11 ls The output looks like this (on the console, you see some items in different colors): X Xsession.options fonts serverconfig xserver XF86Config-4 Xwrapper.config gdm starthere xsm Xresources app-defaults rgb.txt sysconfig Xsession cursors rstart xinit Xsession.d default-display-manager rxvt.menu xkb From this listing (without the colors), you cannot tell whether an entry is a file or a directory. To tell the directories and files apart, use the -F option with ls like this: ls -F#BREAK# Book II Chapter 3 Navigating the Linux File System Navigating the File System with Linux Commands 181 This time, the output gives you some more clues about the file types: X@ Xsession.options fonts/ serverconfig/ xserver/ XF86Config-4 Xwrapper.config gdm@ starthere/ xsm/ Xresources/ app-defaults/ rgb.txt sysconfig/ Xsession* cursors/ rstart/ xinit/ Xsession.d/ default-display-manager rxvt.menu xkb/ The output from ls -F shows the directory names with a slash (/) appended to them. Plain filenames appear as is. The at sign (@) appended to a file s name (for example, notice the file named X) indicates that this file is a link to another file. (In other words, this filename simply refers to another file; it s a shortcut.) An asterisk (*) is appended to executable files. (Xsession, for example, is an executable file.) The shell can run any executable file. You can see even more detailed information about the files and directories with the -l option: ls -l For the /etc/X11 directory, a typical output from ls -l looks like the following: total 104 lrwxrwxrwx 1 root root 20 Aug 22 15:15 X -> /usr/bin/X11/XFree86 -rw-r–r– 1 root root 3126 Aug 22 15:15 XF86Config-4 drwxr-xr-x 2 root root 4096 Aug 22 15:13 Xresources -rwxr-xr-x 1 root root 3322 May 29 03:57 Xsession drwxr-xr-x 2 root root 4096 Sep 5 10:44 Xsession.d -rw-r–r– 1 root root 217 May 29 03:57 Xsession.options -rw——- 1 root root 771 Aug 22 15:15 Xwrapper.config drwxr-xr-x 2 root root 4096 Aug 22 15:15 app-defaults … lines deleted … This listing shows considerable information about every directory entry each of which can be a file or another directory. Looking at a line from the right column to the left, you see that the rightmost column shows the name of the directory entry. The date and time before the name show when the last modifications to that file were made. To the left of the date and time is the size of the file in bytes. The file s group and owner appear to the left of the column that shows the file size. The next number to the left indicates the number of links to the file. (A link is like a shortcut in Windows.) Finally, the leftmost column shows the file s permission settings, which determine who can read, write, or execute the file.#BREAK# 182 Navigating the File System with Linux Commands The first letter of the leftmost column has a special meaning, as the following list shows: . If the first letter is l, the file is a symbolic link (a shortcut) to another file. . If the first letter is d, the file is a directory. . If the first letter is a dash ( ), the file is normal. . If the first letter is b, the file represents a block device, such as a disk drive. . If the first letter is c, the file represents a character device, such as a serial port or a terminal. After that first letter, the leftmost column shows a sequence of nine characters, which appear as rwxrwxrwx when each letter is present. Each letter indicates a specific permission. A hyphen (-) in place of a letter indicates no permission for a specific operation on the file. Think of these nine letters as three groups of three letters (rwx), interpreted as follows: . The leftmost group of rwx controls the read, write, and execute permission of the file s owner. In other words, if you see rwx in this position, the file s owner can read (r), write (w), and execute (x) the file. A hyphen in the place of a letter indicates no permission. Thus the string rw- means the owner has read and write permission but no execute permission. Although executable programs (including shell programs) typically have execute permission, directories treat execute permission as equivalent to use permission a user must have execute permission on a directory before he or she can open and read the contents of the directory. . The middle three rwx letters control the read, write, and execute permission of any user belonging to that file s group. . The rightmost group of rwx letters controls the read, write, and execute permission of all other users (collectively referred to as the world). Thus, a file with the permission setting rwx—— is accessible only to the file s owner, whereas the permission setting rwxr–r– makes the file readable by the world. An interesting feature of the ls command is that it doesn t list any file whose name begins with a period. To see these files, you must use the ls command with the -a option, as follows: ls -a#BREAK# Book II Chapter 3 Navigating the Linux File System Navigating the File System with Linux Commands 183 Try this command in your home directory (and then compare the result with what you see when you don t use the -a option): 1. Type cd to change to your home directory. 2. Type ls -F to see the files and directories in your home directory. 3. Type ls -aF to see everything, including the hidden files. Most Linux commands take single-character options, each with a minus sign (think of this sign as a hyphen) as a prefix. When you want to use several options, type a hyphen and concatenate (string together) the option letters, one after another. Thus, ls -al is equivalent to ls -a -l as well as ls -l -a. Commands for changing permissions and ownerships You may need to change a file s permission settings to protect it from others. Use the chmod command to change the permission settings of a file or a directory. To use chmod effectively, you have to specify the permission settings. A good way is to concatenate letters from the columns of Table 3-4 in the order shown (Who/Action/Permission). Note: You use only the single character from each column the text in parentheses is for explanation only. Table 3-4 Letter Codes for File Permissions Who Action Permission u (user) + (add) r (read) g (group) - (remove) w (write) o (others) = (assign) x (execute) a (all) s (set user ID) For example, to give everyone read access to all files in a directory, pick a (for all) from the first column, + (for add) from the second column, and r (for read) from the third column to come up with the permission setting a+r. Then use the whole set of options with chmod, like this: chmod a+r *. On the other hand, to permit everyone to execute one specific file, type chmod a+x filename#BREAK# 184 Navigating the File System with Linux Commands Suppose you have a file named mystuff that you want to protect. You can make it accessible to no one but you if you type the following commands, in this order: chmod a-rwx mystuff chmod u+rw mystuff The first command turns off all permissions for everyone, and the second command turns on the read and write permissions for the owner (you). Type ls -l to verify that the change took place. (You see a permission setting of -rw——-.) Here s a sample output from ls -l: drwxr-xr-x 2 naba naba 4096 Sep 5 22:18 sdump Note: The third and fourth fields show naba naba. These two fields show the file s user and group ownership. In this case, the name of the user is naba and the name of the group is also naba. Sometimes you have to change a file s user or group ownership for everything to work correctly. For example, suppose you are instructed (by a manual, what else?) to create a directory named cups and give it the ownership of user ID lp and group ID sys. How do you it? Well, you can log in as root and create the cups directory with the command mkdir: mkdir cups If you check the file s details with the ls -l command, you see that the user and group ownership is root root. To change the owner, use the chown command. For example, to change the ownership of the cups directory to user ID lp and group ID sys, type chown lp.sys cups Commands for working with files To copy files from one directory to another, use the cp command. For example, to copy the file /usr/X11R6/lib/X11/xinit/Xclients to the Xclients.sample file in the current directory (such as your home directory), type the following: cp /usr/X11R6/lib/X11/xinit/xinitrc xinitrc.sample#BREAK# Book II Chapter 3 Navigating the Linux File System Navigating the File System with Linux Commands 185 If you want to copy a file to the current directory but retain the original name, use a period (.) as the second argument of the cp command. Thus, the following command copies the Xresources file from the /etc/X11 directory to the current directory (denoted by a single period): cp /etc/X11/Xresources . The cp command makes a new copy of a file and leaves the original intact. If you want to copy the entire contents of a directory including all subdirectories and their contents to another directory, use the command cp -ar sourcedir destdir. (This command copies everything in sourcedir directory to destdir.) For example, to copy all files from the /etc/X11 directory to the current directory, type the following command: cp -ar /etc/X11 . To move a file to a new location, use the mv command. The original copy is gone, and a new copy appears at the destination. You can use mv to rename a file. If you want to change the name of today.list to old.list, use the mv command, as follows: mv today.list old.list On the other hand, if you want to move the today.list file to a subdirectory named saved, use this command: mv today.list saved An interesting feature of mv is that you can use it to move entire directories with all their subdirectories and files to a new location. If you have a directory named data that contains many files and subdirectories, you can move that entire directory structure to old_data by using the following command: mv data old_data To delete files, use the rm command. For example, to delete a file named old.list, type the following command: rm old.list Be careful with the rm command especially when you log in as root. You can inadvertently delete important files with rm.#BREAK# 186 Navigating the File System with Linux Commands Commands for working with directories To organize files in your home directory, you have to create new directories. Use the mkdir command to create a directory. For example, to create a directory named images in the current directory, type the following: mkdir images After you create the directory, you can use the cd images command to change to that directory. You can create an entire directory tree by using the -p option with the mkdir command. For example, suppose your system has a /usr/src directory and you want to create the directory tree /usr/src/book/java/examples/ applets. To create this directory hierarchy, type the following command: mkdir -p /usr/src/book/java/examples/applets When you no longer need a directory, use the rmdir command to delete it. You can delete a directory only when the directory is empty. To remove an empty directory tree, you can use the -p option, like this: rmdir -p /usr/src/book/java/examples/applets This command removes the empty parent directories of applets. The command stops when it encounters a directory that s not empty. Commands for finding files The find command is very useful for locating files (and directories) that meet your search criteria. When I began using UNIX many years ago (Berkeley UNIX in the early 1980s), I was confounded by the find command. I stayed with one basic syntax of find for a long time before graduating to more complex forms. The basic syntax that I discovered first was for finding a file anywhere in the file system. Here s how it goes: Suppose you want to find any file or directory with a name that starts with gnome. Type the following find command to find these files: find / -name gnome* -print#BREAK# Book II Chapter 3 Navigating the Linux File System Navigating the File System with Linux Commands 187 If you re not logged in as root, you may get a bunch of error messages. If these error messages annoy you, just modify the command as follows and the error messages are history (or, as UNIX aficionados say, Send em to the bit bucket ): find / -name gnome* -print 2> /dev/null This command tells find to start looking at the root directory (/), to look for filenames that match gnome*, and to display the full pathname of any matching file. The last part (2> /dev/null) simply sends the error messages to a special file that s the equivalent of simply ignoring them. You can use variations of this simple form of find to locate a file in any directory (as well as any subdirectories contained in the directory). If you forget where in your home directory you ve stored all files named report* (names that start with report), you can search for the files by using the following command: find ~ -name report* -print When you become comfortable with this syntax of find, you can use other options of find. For example, to find only specific types of files (such as directories), use the type option. The following command displays all toplevel directory names in your Linux system: find / -type d -maxdepth 1 -print You probably don t have to use the complex forms of find in a typical Linux system but if you ever need to, you can look up the rest of the find options by using the following command: man find An easy way to find all files that match a name is to use the locate command that searches a periodically updated database of files on your system. For example, here s a typical output I get when I type locate Xresources on a Debian system: /etc/X11/Xresources /etc/X11/Xresources/xbase-clients /etc/X11/Xresources/xfree86-common The locate command isn t installed by default in SUSE Linux. To install it, select Main Menu.System.YaST from the SUSE desktop to start the YaST2 Control Center. Click Software in the left-hand side of the window and then click Install/Remove Software in the right-hand side of the window. In the YaST software installation window, search for locate. Then select the package from the search results and click Accept to install it.#BREAK# 188 Navigating the File System with Linux Commands Commands for mounting and unmounting Suppose you want to access the files on this book s companion DVD-ROM when you are logged in at a text console (with no GUI to help you). To do so, you have to first mount the DVD-ROM drive s file system on a specific directory in the Linux file system. Start by looking at the /etc/fstab file for clues to the name of the CD-ROM device. For example, some Linux distributions use the device name /dev/ cdrom to refer to CD/DVD-ROM drives, whereas others may use device names such as /dev/hdc, /dev/cdroms/cdrom0, or /dev/cdrecorder (for a DVD/CD-R drive). The entry in /etc/fstab file also tells you the directory where that distribution expects the CD/DVD to be mounted. Some distributions use /mnt/cdrom as the mount point, whereas others use /mnt/ cdrom0, /media/cdrom0, or /media/cdrecorder. Log in as root (or type su - to become root), insert the DVD-ROM in the DVD drive, and then type the following command: mount /dev/hdc /media/cdrom0 This command mounts the file system on the device named /dev/hdc (An IDE DVD/CD-ROM drive) on the /media/cdrom0 directory (which is also called the mount point) in the Linux file system. After the mount command successfully completes its task, you can access the files on the DVD-ROM by referring to the /media/cdrom0 directory as the top-level directory of the disc. In other words, to see the contents of the DVD-ROM, type ls -F /media/cdrom0 When you re done using the DVD-ROM and before you eject it from the drive you have to unmount the disc drive with the following umount command: umount /dev/hdc You can mount devices on any empty directory on the file system. However, each distribution has customary locations with directories meant for mounting devices. For example, some distributions use directories in /mnt whereas others use the /media directory for the mount points.#BREAK# Book II Chapter 3 Navigating the Linux File System Navigating the File System with Linux Commands 189 Commands for checking disk-space usage I want to tell you about two commands df and du that you can use to check the disk-space usage on your system. These commands are simple to use. The df command shows you a summary of disk-space usage for all mounted devices, as shown in this example: df Filesystem 1K-blocks Used Available Use% Mounted on /dev/hda10 5766924 2491424 2982552 46% / tmpfs 124624 0 124624 0% /dev/shm /dev/hda6 42469 10497 29706 27% /boot /dev/hdc 714214 714214 0 100% /media/cdrom0 The output is a table that lists the device, the total kilobytes of storage, how much is in use, how much is available, the percentage being used, and the mount point. To see the output of df in a more human-readable format, type df -h. Here is the output of the df -h command: Filesystem Size Used Avail Use% Mounted on /dev/hda10 5.5G 2.4G 2.9G 46% / tmpfs 122M 0 122M 0% /dev/shm /dev/hda6 42M 11M 30M 27% /boot /dev/hdc 698M 698M 0 100% /media/cdrom0 If you compare this output with the output of plain df (see previous listing), you see that df -h prints the sizes with terms like M for megabytes and G for gigabytes. These are clearly easier to understand than 1K-blocks. The other command du is useful for finding out how much space a directory takes up. For example, type du /etc/X11 to view the contents of all the directories in the /etc/X11 directory. (This directory contains X Window System configuration files.) You end up with the following: 12 /etc/X11/Xresources 36 /etc/X11/Xsession.d 272 /etc/X11/app-defaults 20 /etc/X11/cursors 12 /etc/X11/xinit … lines deleted … 12 /etc/X11/fonts/misc 8 /etc/X11/fonts/100dpi 8 /etc/X11/fonts/75dpi 8 /etc/X11/fonts/Speedo 8 /etc/X11/fonts/Type1 48 /etc/X11/fonts 2896 /etc/X11#BREAK# 190 Navigating the File System with Linux Commands Each directory name is preceded by a number which tells you the number of kilobytes of disk space used by that directory. Thus the /etc/X11 directory, as a whole, uses 2896KB (or about 2.9MB) disk space. If you simply want the total disk space used by a directory (including all the files and subdirectories contained in that directory), use the -s option, as follows: du -s /etc/X11 2896 /etc/X11 The -s option causes du to print just the summary information for the entire directory. Just as df -h prints the disk-space information in megabytes and gigabytes, you can use the du -h command to view the output of du in more humanreadable form. For example, here s how I combine it with the -s option to see the space that I m using in my home directory (/home/naba): du -sh /home/naba 645M /home/naba #BREAK# Chapter 4: Introducing Linux Applications In This Chapter Taking stock of typical Linux applications Trying out the office applications Setting up databases Playing with multimedia Working with images Each Linux distribution comes with a whole lot of applications. All you have to do is look at the menus in the GUI desktops to see what I mean. Often more than one application of the same type exists. Most distributions come with the OpenOffice.org office application suite with a word processor, spreadsheet, presentation software, and more. You find many choices for CD players and multimedia players, not to mention the games, utility programs, and useful tools, such as a scanner and digital camera applications. Some commercial distributions come with commercial office suites such as StarOffice from Sun Microsystems. When it comes to playing multimedia audio and video in various formats such as MP3, MPEG, QuickTime, freely available Linux distributions rarely come with the appropriate decoders because of licensing restrictions on some of these decoders. Commercial distributions such as Xandros and SUSE usually come with some of these decoders. I give you an overview of some of these Linux applications. After you know about these applications, you can explore them further and use them when you need them. Taking Stock of Linux Applications Table 4-1 shows a sampling of major Linux applications, organized by category. For the major applications, I also show a relevant Web site where you can get more information about that application. This list is by no means comprehensive. Each Linux distribution comes with many more applications and utilities than the ones I show in this table. #BREAK# 192 Taking Stock of Linux Applications If your system has both GNOME and KDE installed, most of these applications are already available from either GUI desktop. In later sections of this chapter, I briefly introduce some of the applications from Table 4-1, selecting one or two from each category. I describe the Internet applications in Book IV. Table 4-1 A Sampling of Linux Applications Application Description Office Applications OpenOffice.org Free open-source office suite (compatible with Microsoft Office) that includes the Writer word-processor, Calc spreadsheet, Impress presentation application, Draw drawing program, and Math equation editor (www. openoffice.org) StarOffice Commercial office suite from which OpenOffice.org was derived (www.sun.com/staroffice) CrossOver Office Commercial office suite that enables you to install and run Microsoft Office software on Linux (www. codeweavers.com/products/office) AbiWord A free word processing program similar to Microsoft Word (www.abisource.com) Dia Drawing program, designed to be like the Windows application called Visio (www.gnome.org/ gnome-office/dia.shtml) Office Tools GNOME Calculator Simple calculator for GNOME KCalc Calculator for KDE KOrganizer Calendar and scheduling program for KDE (korganizer.kde.org) Aspell Text-mode spell checker (aspell.sourceforge. net) Dictionary Graphical client for the dict.org dictionary server so you can look up words Text Editors Emacs Well-known text editor with both text and graphical interfaces (www.gnu.org/software/emacs) KWrite Text editor for KDE Kate Advanced text editor for KDE Vim Text editor with text-mode interface and compatible with the well-known UNIX editor vi (www.vim.org)#BREAK# Book II Chapter 4 Introducing Linux Applications Taking Stock of Linux Applications 193 Application Description Database PostgreSQL A sophisticated object-relational database-management system that supports Structured Query Language (SQL) (www.postgresql.org) MySQL A popular relational database-management system that supports SQL (www.mysql.com) Rekall A commercially-available database front-end for KDE that can access a number of databases, including PostgeSQL, MySQL, and IBM DB2 (www.thekompany.com/ products/rekall) Multimedia GNOME CD Player Audio CD player (needs a working sound card) KsCD Audio CD player from KDE (needs a working sound card) Rhythmbox A multimedia audio player that can play several different sound formats (rhythmbox.sourceforge.net) including MP3 files if you download a plugin for the purpose XMMS X Multimedia System a multimedia audio player that can play many different sound formats (www.xmms. org) including MP3 files (for some distributions, you have to download a plugin to play MP3) Xine A free multimedia player that can play CDs, DVDs, and video CDs (VCDs) and also decode multimedia files such as AVI, MOV, WMV, and MP3 (xinehq.de) Kaffeine A KDE media player that is based on Xine, so Kaffeine s capabilities are similar to those of Xine (kaffeine. sourceforge.net) Cdrdao A command-line application that can burn audio or data CD-Rs in disk-at-once (DAO) mode based on the descriptions of the CD s content in a text file (cdrdao. sourceforge.net) Cdrecord A command-line application that can burn audio and data CD-Rs as well as DVD-Rs (www.fokus.gmd.de/ research/cc/glone/employees/joerg. schilling/private/cdrecord.html) Growisofs A command-line application that uses the mkisofs command to append data to a ISO 9660 file system that s used in CD-Rs and DVD-Rs (fy.chalmers.se/ ~appro/linux/DVD+RW) X-CD-Roast GUI front-end for cdrecord and cdrdao that makes burning data and audio CD-Rs easy (www. xcdroast.org) (continued)#BREAK# 194 Taking Stock of Linux Applications Table 4-1 (continued) Application Description K3b KDE-based GUI front-end for cdrecord, cdrdao, and growisofs for burning CD-Rs and DVD-Rs (k3b. sourceforge.net) Gtkam GUI front-end for the gPhoto2 (gphoto. sourceforge.net) command-line application that provides access to nearly 400 digital cameras (gphoto.sourceforge.net/proj/gtkam) Digikam A digital camera and photo management application that supports all the digital cameras supported by gPhoto2 (digikam.sourceforge.net) Graphics and Imaging The GIMP The GNU Image Manipulation Program, an application suitable for tasks such as photo retouching, image composition, and image authoring (www.gimp.org) Gqview Powerful image viewer (gqview.sourceforge.net) Kfax Fax viewer for KDE Kview Simple image viewer for KDE GGV Gnome Ghostview (GGV) is a PostScript document viewer (www.gnu.org/directory/print/ misc/ggv.html) Xpdf Adobe PDF document viewer (www.foolabs.com/ xpdf) Xsane Graphical front-end for accessing scanners with the SANE (Scanner Access Now Easy) library (www. xsane.org) Ksnapshot Screen-capture program Kooka A scanner program for KDE that uses the SANE library (www.kde.org/apps/kooka) xscanimage Graphical front-end for controlling a scanner Internet Novell Evolution (formerly Personal information management application that Ximian Evolution) integrates e-mail, calendar, contact management, and online task lists (www.novell.com/products/ evolution) GFTP Graphical FTP client for downloading files from the Internet Gaim GNOME Instant Messenger client (gaim. sourceforge.net)#BREAK# Book II Chapter 4 Introducing Linux Applications Taking Stock of Linux Applications 195 Application Description Kopete KDE Instant Messenger client (kopete.kde.org) Mozilla Well-known open-source Web browser that started with source code from Netscape (www.mozilla.org) Epiphany A Mozilla-based open-source Web browser for GNOME (www.gnome.org/projects/epiphany) Lynx Text-mode Web browser (lynx.browser.org) XChat Internet Relay Chat (IRC) client (www.xchat.org) Konqueror Web browser and file manager in KDE (www. konqueror.org) KMail E-mail client for KDE (kmail.kde.org) Not all Linux distributions come with all the applications shown in Table 4-1, although you can often download and install all these applications in any distribution. Table 4-2 lists the default availability of major applications in each of this book s Linux distributions Debian GNU/Linux, Fedora Core, Knoppix, SUSE, and Xandros. A check mark indicates that the application is available by default. You typically must select specific groups of applications to install as you install a Linux distribution. The exact list of applications on your Linux system depend on the choices you make during the installation. It s very easy to install missing applications in Debian as long as you have a broadband (cable or DSL) connection to the Internet. For example, to see whether the k3b CD/DVD burner exists for Debian, I type apt-cache search k3b. I get the following output: k3b - A sophisticated KDE cd burning application k3b-i18n - Internationalized (i18n) files for k3b k3blibs - The KDE cd burning application library - runtime files k3blibs-dev - The KDE cd burning application library - development files Next, I type apt-get install k3b and a few moments later I have k3b installed on my Debian system. This ease of installing (or upgrading) software is why Debian users swear by apt-get (even though it s a command-line tool). Table 4-2 Default Availability of Some Applications Application Debian Fedora Knoppix SUSE Xandros Calculator - Gcalctool . Calculator - KCalc . . . . CD/DVD burning - K3b . . (continued)#BREAK# 196 Taking Stock of Linux Applications Table 4-2 (continued) Application Debian Fedora Knoppix SUSE Xandros CD player - GNOME . . CD player - KsCD . . . . Database - PostgreSQL . . . Database - MySQL . . . Database - Rekall . Dictionary - GNOME dictionary . Dictionary - KDict . Digital camera tool - Gtkam . . Digital camera tool - Digikam . . Drawing program - Dia . . E-mail - KMail . . . E-mail - Novell Evolution . . File manager - Konqueror . . . . File manager - Nautilus . . (integrated CD writer) File manager - Xandros File . Manager (integrated CD writer) Image processing - . . . ImageMagick Image processing - The GIMP . . . . . Instant messenger - Gaim . . Instant messenger - Kopete . . Internet Relay Chat - XChat . . Music player - RealPlayer . . Music player - Rhythmbox . .* Music player - XMMS . . . . Office suite - CrossOver Office . for Microsoft Office Office suite - OpenOffice.org . . . . . Office suite - StarOffice . PDF viewer - Acrobat Reader . . PDF viewer - gpdf . PDF viewer - xpdf . Personal organizer - KOrganizer. . . . PostScript viewer - GNOME . . Ghostview (GGV) #BREAK# Book II Chapter 4 Introducing Linux Applications Office Applications and Tools 197 Application Debian Fedora Knoppix SUSE Xandros PostScript/PDF viewer - . . . KGhostview Scanner - Kooka . Scanner - xsane . Scanner - xscanimage . Screen capture - ksnapshot. . . . Sound recorder - GNOME . . sound recorder Sound recorder - KDE sound . . recorder (Krecord) Spellcheck - aspell . . Web browser - Epiphany . Web browser - Konqueror . . . Web browser - Lynx text- . . mode browser Web browser - Mozilla . . . . Word processor - AbiWord . Video player - xine . . Video player - Kaffeine . * Requires additional plugin Office Applications and Tools Word processor, spreadsheet, presentation software, calendar, calculator these are some of the staples of the office. Most Linux distributions come with the OpenOffice.org (often shortened as OO.o or Ooo) suite of office applications and tools. You can try all of them one by one and see which one takes your fancy. Each application is fairly intuitive to use. Even though some nuances of the user interface may be new to you, you ll become comfortable with it after using it a few times. I briefly introduce a few of the following applications in this section: . OpenOffice.org Office Suite: A Microsoft Office-like office suite with the Writer word processor; Calc spreadsheet program; Impress presentation program; Draw drawing and illustration application; and Math, a mathematical formula editor . KOrganizer: A calendar in KDE . Calculators: A GNOME calculator and KDE calculator#BREAK# 198 Office Applications and Tools . aspell: A spelling checker . And more: Commercially available office applications for Linux OpenOffice.org Office Suite OpenOffice.org is an office suite developed by the OpenOffice.org project (www.openoffice.org). OpenOffice.org is similar to major office suites such as Microsoft Office. It s main components are the Writer word processor, Calc spreadsheet, and Impress presentation program. You can easily start OpenOffice.org either the overall suite or each individual application from most GUI desktops by clicking a panel icon or by selecting from the Main Menu. For example, in SUSE, you can click a desktop icon to open the initial window of the OpenOffice.org suite. You can create new OpenOffice documents or open existing documents (which can be Microsoft Office files as well) from the main window of the OpenOffice.org. I briefly introduce Writer, Calc, and Impress in the following sections. Writer Choosing File.New.Text Document from any OpenOffice.org window starts OpenOffice.org Writer with a blank document in its main window. Using Writer is simple it s similar to other word processors such as Microsoft Word. For example, you can type text into the blank document, format text, and save text when done. You can also open documents that you have prepared with Microsoft Word on a Windows machine. Figure 4-1 shows a Microsoft Word document being opened in OpenOffice.org Writer. When you save a document, by default Writer saves it in OpenOffice.org 1.0 Text Document format in a file with the .sxw extension. If you need to share OpenOffice.org Writer documents with Microsoft Word, you can save the documents in one of several formats, including Microsoft Word 97/2000/XP, Microsoft Word 95, Microsoft Word 6.0, and Rich Text Format (.rtf). Microsoft Word can open .rtf files. I don t explain how to use Writer because it s simple and intuitive to use. If you need it, online help is available. Choose Help.Contents from the Writer menu. This brings up the OpenOffice.org Help window with help information on Writer. You can then click the links to view specific help information.#BREAK# Book II Chapter 4 Introducing Linux Applications Office Applications and Tools 199 Calc Calc is the spreadsheet program in the OpenOffice.org application suite. To start Calc, choose File.New.Spreadsheet from any OpenOffice.org window. Calc displays its main window, which looks similar to Windows-based spreadsheets, such as Microsoft Excel. (In fact, Calc can read and write Microsoft Excel format spreadsheet files.) Use Calc in the same way you use Microsoft Excel. You can type entries in cells, use formulas, and format the cells (for example, you can specify the type of value and the number of digits after the decimal point). Figure 4-2 shows a typical spreadsheet in Calc. When preparing the spreadsheet, use formulas that you normally use in Microsoft Excel. For example, use the formula SUM(D2:D6) to add up the entries from cell D2 to D6. To set cell D2 as the product of the entries A2 and C2, type =A2*C2 in cell D2. To find out more about the functions available in OpenOffice.org Calc, choose Help.Contents from the menu. This opens the OpenOffice.org Help window, from which you can browse the functions by category and click a function to read more about it. To save the spreadsheet, choose File.Save As. A dialog box appears, from which you can specify the file format, the directory location, and the name of the file. OpenOffice.org Calc can save the file in several formats, including Microsoft Excel 97/2000/XP, Microsoft Excel 95, Microsoft Excel 5.0, as well as text file with comma separated values (CSV). Figure 4-1: You can prepare documents in OpenOffice. org Writer.#BREAK# 200 Office Applications and Tools If you want to exchange files with Microsoft Excel, save the spreadsheet in Microsoft Excel format (choose an appropriate version of Excel). Then you can transfer that file to a Windows system and open it in Microsoft Excel. Impress Impress is similar to Microsoft PowerPoint. You can prepare briefing packages (slide presentations) with Impress. To run Impress, choose File.New. Presentation from any OpenOffice.org window. When you first start it, Impress prompts you for the presentation style and template. To begin working, select the type of document (paper or screen presentation) and any template you want to use. The template provides a style for the presentation package that you want to prepare. You can also choose to open an existing document. The Impress window in Figure 4-3 shows the first slide. The exact appearance depends on the document type and template that you select. You can begin adding text and other graphic objects, such as images, text, and lines, to the slide. To insert a new slide, choose Insert Slide from the floating menu. A gallery of slide layouts appear in a dialog box. Click the style of slide you want in the dialog box. You can then add text and graphic to that new slide. Figure 4-2: Prepare your spreadsheets with OpenOffice. org Calc.#BREAK# Book II Chapter 4 Introducing Linux Applications Office Applications and Tools 201 To save a presentation, choose File.Save. For new documents, you have to provide a filename and select the directory where you want to save the file. If you want to share the slides with someone who uses Microsoft PowerPoint, save the presentation in Microsoft PowerPoint 97/2000/XP format. Calendars KDE comes with KOrganizer a calendar program. You can start it from panel icons or the main menu. (The exact location of the menu entry depends on the Linux distribution.) The KOrganizer program displays a window from which you can click a date to set or view that day s schedule. Figure 4-4 shows a typical calendar. You can go to a different month or year by clicking the arrows next to the month and the year. To add a to-do item for a specific date, select the date from the calendar, click the To-do item s text box, and type the description of the task. To add appointments for a specific time, double-click the time and type a brief description of the appointment in the dialog box that appears. Click OK when done. After you finish adding events and appointments, choose File. Save to save the calendar. The first time you save the calendar, you have to provide a name for the file. Figure 4-3: You can prepare briefing packages in OpenOffice. org Impress.#BREAK# 202 Office Applications and Tools Calculators You have a choice of the GNOME calculator or the KDE calculator. Both are scientific calculators, and you can do the typical scientific calculations, such as square root and inverse, as well as trigonometric functions, such as sine, cosine, and tangent. To use the calculator, look for it in the Utilities or Accessories category of the main menu. Figure 4-5 shows the KDE calculator in SUSE. You can display additional buttons by selecting options from the Settings menu. For example, choose Settings.Trigonometric Buttons to show buttons that enable you to perform trigonometric calculations with the calculator. Figure 4-5: Do your calculations in the KDE calculator. Figure 4-4: Store your appointments and view your calendar in KOrganizer.#BREAK# Book II Chapter 4 Introducing Linux Applications Office Applications and Tools 203 Commercially available office applications for Linux Because office applications are important to many businesses as well as individuals, I briefly mention some of the commercial office applications available for Linux. These commercial offerings include Applixware Office and StarOffice. These products do cost some money, but the cost is usually less than that of Microsoft Office the leading office application suite for Windows. (In case you don t know, Microsoft Office is a collection of several applications: Microsoft Word for word processing, Microsoft Excel for spreadsheets, Microsoft PowerPoint for presentation graphics, and Microsoft Access for databases.) Another commercial product for Linux is CrossOver Office from CodeWeavers. With CrossOver Office, you can run your existing Microsoft Office applications such as Word, Excel, and PowerPoint under Linux and the X Window System. This book s companion DVD-ROM doesn t include any of these commercial office applications for Linux, but I briefly describe them in the next few sections. You can visit each vendor s Web site for more about the products. Applixware Office www.vistasource.com/products Applixware Office is an office application suite for all Linux distributions. In April 2000, Applix, Inc., formed a separate group VistaSource, Inc. that focuses solely on Linux applications. Like other office suites, Applixware Office includes Words (for word processing), Spreadsheets (for spreadsheets), Graphics, and Presents (for presentational graphics). In addition, it also has Mail (an e-mail interface) and Data (an interactive relational database-browsing tool). Applixware Office can read and write documents in Microsoft Office and Corel WordPerfect formats, as well as in several other file formats. StarOffice www.sun.com/staroffice StarOffice is another commercial office applications suite; it was created by StarDivision of Hamburg, Germany, and was recently purchased by Sun Microsystems. StarOffice is a cross-platform solution it runs on Linux, Windows 95/98/Me/NT/2000/XP, Sun Solaris SPARC, and Sun Solaris x86. Also, StarOffice is available in several languages: English, French, German, Spanish, Italian, and Swedish.#BREAK# 204 Office Applications and Tools StarOffice is unique in that it combines all its components into a common desktop from which you can open new documents, drag and drop documents from one application to another, and access the Internet. Here s what StarOffice 7 includes: . StarOffice Writer for word processing (Microsoft Word compatible) . StarOffice Calc for spreadsheets (Microsoft Excel compatible) . StarOffice Impress for presentations (Microsoft PowerPoint compatible) . StarOffice Draw for vector graphics drawing . StarOffice Base for data management In October 2000, Sun released the source code of StarOffice under opensource licenses. OpenOffice.org, an open-source project that Sun supports, released the OpenOffice.org 1.0 office productivity suite in May 2002. Current Linux distributions come with OpenOffice.org 1.1.1 or later versions. To find out more about OpenOffice.org, visit www.openoffice.org. Xandros comes with StarOffice 7. Look for the desktop icon that you can click to start StarOffice. Xandros also includes OpenOffice.org. CrossOver Office www.codeweavers.com/products/office Chances are better than good that you have Windows and Microsoft Office installed on your PC. When you decide to run Linux on the PC, you can continue to run most Microsoft Office applications from the GNOME or KDE desktop. The convenience of running Microsoft Office in Linux comes from a commercial product called CrossOver Office. CrossOver Office, from CodeWeavers, is a software package that enables you to install your Microsoft Office applications (all versions of Office, including Office 97, Office 2000, and Office XP) in Linux. You don t need Microsoft Windows to run the Office applications in CrossOver Office. You simply install CrossOver Office and then install Microsoft Office (as well as many other Windows applications) from the CD-ROM. After you install Microsoft Office, the Office applications are available directly from GNOME or KDE desktop. CrossOver Office uses Wine an open-source implementation of the Windows Win32 and Win16 application programming interfaces (APIs) using the X Window System and designed to run in UNIX and Linux systems. Wine includes the Wine loader and WineLib. Wine loader can load and run Windows applications. WineLib is used for compiling and linking Windows applications in Linux. Wine is available free of charge from www.winehq.com.#BREAK# Book II Chapter 4 Introducing Linux Applications Office Applications and Tools 205 CodeWeavers created CrossOver Office by using a customized version of Wine to make sure that the Microsoft Office applications (especially Microsoft Word, Excel, and PowerPoint) run properly on Wine. CodeWeavers charges a nominal amount for CrossOver Office the list price for the CrossOver Office Standard Download version is $39.95 for a single copy but all code changes and improvements to Wine are returned to the Wine project. Thus, the Wine open-source project benefits from the sale of CrossOver Office. Xandros comes with CrossOver Office. You have to run the CrossOver Office setup and then install Microsoft Office from the original CD before you can start using Microsoft Office applications. During installation, you have to enter the product key for Microsoft Office, just as you would on a Windows installation. aspell spelling checker The aspell utility is an interactive spelling checker. You can use it to check the spelling of words in a text file. To do so, simply type the following command in a terminal window: aspell check filename If you want to try out aspell, type some notes and save them in a text file named notes.txt. (The filename can be anything, but I use this filename in this section.) To run the spelling checker on that file, type the following command in a terminal window: aspell check notes.txt This note describes the *concensus* reached during the August 16 meeting. 1) consensus 6) consensual 2) con census 7) consciences 3) con-census incenses 4) condenses 9) consensus s 5) concerns 0) consensuses i) Ignore I) Ignore all r) Replace R) Replace all a) Add x) Exit ? Everything from the second line on is what aspell displays. When aspell finds a misspelled word (any word that doesn t appear in its dictionary), it displays the sentence with the misspelled word (concensus) and highlights that word by enclosing it in a pair of asterisks. Below that sentence, aspell lists possible corrections, numbering them sequentially from 1. In this case, aspell lists consensus the correct choice as the first correction for concensus. #BREAK# 206 Databases After the sentence, aspell displays a list of 16 options 10 numbered 0 through 9, 6 of which are labeled with single letters i, r, a, I, R, and x followed by a question mark prompt. You have to press one of the numbers or letters from the list shown in the output to indicate what you want aspell to do. The numbered options show 10 possible replacement words for the misspelled word. Here are the meanings of the letter options: . Space means accept the word this time. . i means ignore the misspelled word. . I means ignore all occurrences of the word. . r means replace this occurrence (after pressing r, you have to type a replacement word). . R means replace all occurrences (after pressing R, you have to type a replacement word). . a means accept the word and add it to the your private dictionary. . x means save the rest of the file and exit, ignoring misspellings. These options are case sensitive. Make sure you don t have Caps Lock engaged. Databases Linux distributions typically come with one of two common relational databases PostgreSQL and MySQL. PostgreSQL (pronounced Post Gres Que Ell), is a powerful and popular relational database (the type of database that works as a collection of connected tables). You can use the Structured Query Language (SQL) to work with the database. PostgreSQL is developed by a team of developers and distributed under the BSD (Berkeley System Development) open-source license. The license places no restrictions on how the PostgreSQL source code may be used. To keep up with the latest PostgreSQL developments, visit www. PostgreSQL.org. MySQL, pronounced My Ess Que Ell, is another popular relational database. You can use SQL to work with MySQL databases. A Swedish company called MySQL AB develops MySQL (www.mysql.com). I briefly show you how to use MySQL on Xandros. By the way, if you don t see MySQL in Debian, log in as root and type apt-get install mysql-admin mysql-client mysql-common mysql-server in a terminal window.#BREAK# Book II Chapter 4 Introducing Linux Applications Databases 207 To use MySQL, you have to first log in as root and start the database server with the following command: /etc/init.d/mysqld start The database server mysqld is a daemon (a background process that runs continuously) that accepts database queries from the MySQL monitor. Now you have to design a database, create that database in MySQL, and load it with the data. Reviewing the steps to build the database Use this basic sequence of steps to build a database: 1. Design the database. This involves defining the tables and attributes that will be used to store the information. 2. Create an empty database. Before you can add tables, database systems require you to build an empty database. 3. Create the tables in the database. In this step, you define the tables by using the CREATE TABLE statement of SQL. 4. Load the tables with any fixed data. For example, if you had a table of manufacturer names or publisher names (in the case of books), you d want to load that table with information that s already known. 5. Back up the initial database. This step is necessary to ensure that you can create the database from scratch, if necessary. 6. Load data into tables. You may either load data from an earlier dump of the database or interactively through forms. 7. Use the database by querying it. Make queries, update records, or insert new records using SQL commands. To illustrate how to create and load a database, I set up a simple book catalog database as an example.#BREAK# 208 Databases Designing the database For my book catalog example, I don t follow all the steps of database building. For the example, the database design step is going to be trivial because my book catalog database will include a single table. The attributes of the table are as follows: . Book s title with up to 50 characters . Name of first author with up to 20 characters . Name of second author (if any) with up to 20 characters . Name of publisher with up to 30 characters . Page count as a number . Year published as a number (such as 2005) . International Standard Book Number (ISBN), as a 10-character text (such as 0764579363) I store the ISBN without the dashes that are embedded in a typical ISBN. I also use the ISBN as the primary key of the table because ISBN is a worldwide identification system for books. That means each book entry must have a unique ISBN because all books have unique ISBNs. Creating an empty database To create the empty database in MySQL, use the mysqladmin program. For example, to create an empty database named books, I type the following command: mysqladmin create books You have to log in as root to run the mysqladmin program. As the name suggests, mysqladmin is the database administration program for MySQL. In addition to creating a database, you can use mysqladmin to remove a database, shutdown the database server, or check the MySQL version. For example, to see the version information, type the following command: mysqladmin version Using the MySQL monitor After you create the empty database, all of your interactions with the database are through the mysql program the MySQL monitor that acts as a client to the database server. You need to run mysql with the name of a database as#BREAK# Book II Chapter 4 Introducing Linux Applications Databases 209 argument. The mysql program then prompts you for input. Here is an example where I type the first line and the rest is the output from the mysql program: mysql books Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or g. Your MySQL connection id is 10 to server version: 3.23.49 Type help; or h for help. Type c to clear the buffer. mysql> When creating tables or loading data into tables, a typical approach is to place the SQL statements (along with mysql commands such as g) in a file and then run mysql with the standard input directed from that file. For example, suppose a file named sample.sql contains some SQL commands that you want to try out on a database named books. Then, you should run mysql with the following command: mysql books < sample.sql I use mysql in this manner to create a database table. Defining a table To create a table named books, I edited a text file named makedb.sql and placed the following line in that file: # # Table structure for table books # CREATE TABLE books ( isbn CHAR(10) NOT NULL PRIMARY KEY, title CHAR(50), author1 CHAR(20), author2 CHAR(20), pubname CHAR(30), pubyear INT, pagecount INT ) g CREATE TABLE books is an SQL statement to create the table named books. The g at the end of the statement is a mysql command. The attributes of the table appear in the lines enclosed in parentheses. If a table contains fixed data, you can also include other SQL statements (such as INSERT INTO) to load the data into the table right after the table is created.#BREAK# 210 Databases To execute the SQL statements in the makedb.sql file in order to create the books table, I run mysql as follows: mysql books < makedb.sql Now the books database should have a table named books. (Okay, maybe I should have named them differently, but it seemed convenient to call them by the same name). I can now begin loading data into the table. Loading data into a table One way to load data into the table is to prepare SQL statements in another file and then run mysql with that file as input. For example, suppose I want to add the following book information into the books table: isbn = 156884798X title = Linux SECRETS author1 = Naba Barkakati author2 = NULL pubname = IDG Books Worldwide pubyear = 1996 pagecount = 900 Then, the following MySQL statement loads this information into the books table: INSERT INTO books VALUES ( 156884798X , Linux SECRETS , Naba Barkakati , NULL, IDG Books Worldwide , 1996, 900) g On the other hand, suppose you had the various fields available in a different order an order different from the one you defined by using the CREATE TABLE statement. In that case, you can use a different form of the INSERT INTO command to add the row in the correct order, as shown in the following example: INSERT INTO books (pubyear, author1, author2, title, pagecount, pubname, isbn) values (1996, Naba Barkakati , NULL, Linux SECRETS , 900, IDG Books Worldwide , 156884798X )g Essentially, you have to specify the list of attributes as well as the values and make sure that the order of the attributes matches that of the values. If I save all the INSERT INTO commands in a file named additems.sql, I can load the database from the mysql command line by using the source command like this (type mysql books to start the SQL client): mysql> source additems.sql#BREAK# Book II Chapter 4 Introducing Linux Applications Multimedia Applications 211 Querying the database You can query the database interactively through the mysql monitor. You do have to know SQL to do this. For example, to query the books database, I start the SQL client with the command: mysql books Then I would type SQL commands at the mysql> prompt to look up items from the database. When done, I type quit to exit the mysql program. Here s an example (I typed all of this in a terminal window): mysql> select title from books where pubyear < 2005 g +--------------------------------------+ | title | +--------------------------------------+ | Linux SECRETS | | Linux All-in-One Desk Ref For Dummies| +--------------------------------------+ 2 rows in set (0.09 sec) mysql> quit Bye Multimedia Applications Most Linux distributions include quite a few multimedia applications mostly multimedia audio players and CD players, but also applications for using digital cameras and burning CD-ROMs. To play some other multimedia files (such as MPEG video), you may have to download and install additional software in your Linux system. Here s a quick sketch of a few typical multimedia tasks and the applications you can use to perform these tasks: . Using digital cameras: Use the Digital Camera tool to download photos from your digital camera in Linux (or simply access the camera as a USB mass storage device). . Playing audio CDs: Use one of many audio CD players that come with Linux. . Playing sound files: Use Rhythmbox or XMMS multimedia audio players. (You have to download some additional software to play MP3 files with Rhythmbox or XMMS.) You can also download other players from the Internet. . Burning a CD: Use a CD burner such as K3b to burn audio and data CDs.#BREAK# 212 Multimedia Applications Using a digital camera Most Linux distributions come with a digital-camera application that you can use to download pictures from digital cameras. For example, SUSE and Xandros come with Digikam, which works with many different makes and models of digital cameras. Depending on the model, the cameras can connect to the serial port or the Universal Serial Bus (USB) port. To use Digikam with your digital camera, follow these steps: 1. Connect your digital camera to the serial port or USB port (whichever interface the camera supports) and turn on the camera. 2. Start Digikam. Look for it in the Main Menu under graphics or images. 3. From the Digikam menu, choose Settings.Configure Digikam. A configuration dialog box appears. 4. Click the Cameras tab in the dialog box and click Auto Detect. If your camera is supported and the camera is configured to be in PTP (Picture Transfer Protocol) mode, the camera is detected. If not, you can get the photos from your camera by using an alternate method that I describe after these steps. 5. Select your camera model from the Camera menu. A new window appears and, after a short while, displays the photos in the camera. 6. Click the thumbnails to select the images you want to download; then choose Camera.Download to download the images. Digikam then downloads the images. You can save the file in a folder and edit the photos in The GIMP or your favorite photo editor. Don t despair if Digikam doesn t recognize your digital camera. You can still access the digital camera s storage media (compact flash card, for example) as a USB mass storage device, provided your camera supports USB Mass Storage. To access the images on your USB digital camera, use the following steps. (I tested these steps on SUSE Linux, but they should work on most Linux distributions.) 1. Read the camera manual and use the menu options of the camera to set the USB mode to Mass Storage. If the camera doesn t support USB Mass Storage, you cannot use this procedure to access the photos. If the camera supports the Picture Transfer Protocol mode, you can use Digikam to download the pictures.#BREAK# Book II Chapter 4 Introducing Linux Applications Multimedia Applications 213 2. Connect your digital camera to the USB port by using the cable that came with the camera, and then turn on the camera. This causes Linux to detect the camera and open the contents of the camera in a file manager window (see Figure 4-6). 3. Click to select photos and copy them to your hard drive by dragging and dropping them into a selected folder. 4. Turn off the camera and disconnect the USB cable from the PC. Who needs a digital camera tool when you can access the camera just like any other storage device! Playing audio CDs All Linux distributions come with either the GNOME or KDE CD player applications. To play an audio CD, you need a sound card, and that sound card must be configured to work in Linux. In some distributions, you can insert an audio CD into the drive, and a dialog box appears and asks whether you want to play the CD with the CD player. For example, Figure 4-7 shows the KDE CD Player (KsCD) playing a track from an audio CD in SUSE Linux. The KDE CD Player displays the title of the CD and the name of the current track. The CD Player gets the song titles from freedb.org a free opensource CD database on the Internet (freedb.freedb.org at port 888). You need an active Internet connection for the CD Player to download song information from the CD database. After the CD Player downloads information Figure 4-6: You can access your camera as a USB mass storage device.#BREAK# 214 Multimedia Applications about a particular CD, it caches that information in a local database for future use. The CD Player user interface is intuitive, and you can figure it out easily. One nice feature is that you can select a track by title. Playing sound files You can use Rhythmbox or XMMS to open and play a sound file. Rhythmbox is liked by users with large MP3 music libraries because Rhythmbox can help organize the music files. You can start Rhythmbox by selecting the music player application from the Main Menu in several distributions, including Debian and Fedora Core. When you first start Rhythmbox, it displays an assistant that prompts you (see Figure 4-8) for the location of your music files so that Rhythmbox can manage your music library. After you identify the locations of music files, Rhythmbox starts and displays the library in an organized manner. You can then select music and play it, as shown in Figure 4-9. (Here you see Rhythmbox running on Debian.) XMMS is another music player that can play many types of sound files, including Ogg Vorbis, FLAC (Free Lossless Audio Codec, an audio file format that is similar to MP3), and Windows WAV. Figure 4-8: Rhythmbox can manage your music library. Figure 4-7: Play audio CDs with the KDE CD Player.#BREAK# Book II Chapter 4 Introducing Linux Applications Multimedia Applications 215 You can start XMMS by selecting the audio player application from the Main Menu (look under Multimedia or Sound & Video). After XMMS starts, you can open a sound file (such as an MP3 file) by choosing Window Menu.Play File or by pressing L. Then select one or more music files from the Load File dialog box. Click the Play button, and XMMS starts playing the sound file. Figure 4-10 shows the XMMS window (in SUSE Linux) when it s playing a sound file. In some free Linux distributions, you may not be able to play MP3 files because the MP3 decoder is not included. However, MP3 playing works fine in Debian, Knoppix, SUSE, and Xandros. Because of legal reasons, the versions of Rhythmbox and XMMS in Fedora Core don t include the code needed to play MP3 files, so you have to somehow translate MP3s into a supported format, such as WAV, before you can play them. You can, however, download the source code for Rhythmbox and XMMS and build the applications with MP3 support. You can also use the Ogg Vorbis format for compressed audio files because Ogg Vorbis is a patent- and royalty-free format. Figure 4-10: You can play many different types of sound files in XMMS. Figure 4-9: You can play music from your library in Rhythmbox.#BREAK# 216 Multimedia Applications Burning a CD Nowadays, GUI file managers often have the capability to burn CDs. For example, Nautilus and Xandros File Manager have built-in features to burn CDs. Linux distributions also come with standalone GUI programs that enable you to easily burn CDs and DVDs. For example, K3b is a popular CD/DVD burning application for KDE that s available in Knoppix and SUSE. Most CD burning applications are simple to use. You basically gather up the files that you want to burn to the CD or DVD and then start the burning process. Of course, for this to work, your PC must have a CD or DVD burner installed. Figure 4-11 shows the initial window of the K3b CD/DVD burning application in SUSE Linux. The upper part of the K3b window is for browsing the file system to select what you want to burn onto a CD or DVD. The upper-left corner shows the CD writer device installed; in this example, it s a DVD/ CD-RW drive so that the drive can read DVDs and CDs, but burn CDs only. To burn a CD, you start with one of the projects shown in the lower part of the K3b window New Audio CD Project, for example, or New Data DVD Project. Then you have to add files and, finally, burn the project to the CD or DVD by choosing Project.Burn or pressing Ctrl+B. For an audio CD, you can drag and drop MP3 files as well as audio tracks. K3b needs the external command-line programs cdrecord and cdrdao to burn CDs. K3b also needs the growisofs program to burn DVDs. Figure 4-11: You can burn CDs and DVDs with the K3b application.#BREAK# Book II Chapter 4 Introducing Linux Applications Graphics and Imaging 217 If you get an error about missing cdrdao in Debian, make sure that your Debian system is connected to the Internet and then type apt-get install cdrdao to install it. Graphics and Imaging You can use graphics and imaging applications to work with images and graphics (line drawings and shapes). I discuss two applications: . The GIMP (GNU Image Manipulation Program) is a program for viewing and performing image-manipulation tasks, such as photo retouching, image composition, and image creation. . Gnome Ghostview (GGV) is a graphical application capable of displaying PostScript files. The GIMP The GIMP is an image-manipulation program written by Peter Mattis and Spencer Kimball and released under the GNU General Public License (GPL). Most Linux distributions come with this program, although you may have to specifically select a package to install it. The GIMP is comparable to other image-manipulation programs, such as Adobe Photoshop and Corel PHOTO-PAINT. To try out The GIMP, look for it under the Graphics category in the Main Menu. When you start it, The GIMP displays a window with copyright and license information. Click the Continue button to proceed with the installation. The next screen shows the directories to be created when you proceed with a personal installation of The GIMP. The GIMP installation involves creating a directory in your home directory and placing a number of files in that directory. This directory essentially holds information about any changes to user preferences you may make to The GIMP. Go ahead and click the Continue button at the bottom of the window. The GIMP creates the necessary directories, copies the necessary files to those directories, and guides you through a series of dialog boxes to complete the installation. After the installation is done, click the Continue button. From now on, you don t see the installation window anymore; you have to deal with installation only when you run The GIMP for the first time. The GIMP then loads any plugins external modules that enhance its functionality. It displays a startup window that shows a message about each plugin as it loads. After finishing the startup, The GIMP displays a tip of the#BREAK# 218 Graphics and Imaging day in a window. You can browse the tips and click the Close button to close the Tip window. At the same time, The GIMP displays a number of windows, as shown in Figure 4-12. These windows include a main toolbox window titled The GIMP, a Tool Options window, a Brush Selection window, and a Layers, Channels, Paths window. Of these, the main toolbox window is the most important in fact, you can close the other windows and work by using the menus and buttons in the toolbox. The toolbox has three menus on the menu bar: . The File menu has options to create a new image, open an existing image, save and print an image, mail an image, and quit The GIMP. . The Xtns menu gives you access to numerous extensions to The GIMP. The exact content of the Xtns menu depends on which extensions are installed on your system. . The Help menu is where you can get help and view tips. For example, choose Help.Help to bring up The GIMP Help Browser with online information about The GIMP. To open an image file in The GIMP, choose File.Open. The Load Image dialog box comes up, which you can then use to select an image file. You can change directories and select the image file that you want to open. The GIMP can read all common image-file formats, such as GIF, JPEG, TIFF, PCX, BMP, Figure 4-12: Touch up your photos with The GIMP.#BREAK# Book II Chapter 4 Introducing Linux Applications Graphics and Imaging 219 PNG, and PostScript. After you select the file and click OK, The GIMP loads the image into a new window. (Refer to Figure 4-12 to see an image after it s loaded in The GIMP, along with all the other The GIMP windows.) The toolbox also has many buttons that represent the tools you use to edit the image and apply special effects. You can get pop-up help on each tool button by placing the mouse pointer on the button. You can select a tool by clicking the tool button, and you can apply that tool s effects to the image. For your convenience, The GIMP displays a pop-up menu when you rightclick the image window. The pop-up menu has most of the options from the File and Xtns menus in the toolbox. You can then select specific actions from these menus. You can do much more than just load and view images with The GIMP, but a complete discussion of all its features is beyond the scope of this book. If you want to try the other features of The GIMP, consult The GIMP User Manual (GUM), available online at manual.gimp.org. You can also choose Xtns.Web Browser.GIMP.ORG.Documentation to access the online documentation for The GIMP. (Of course, you need an Internet connection for this command to work.) Visit The GIMP home page at www.gimp.org to find the latest news about The GIMP and links to other resources. Gnome Ghostview Gnome Ghostview is a graphical application ideal for viewing and printing PostScript or PDF documents. For a long document, you can view and print selected pages. You can also view the document at various levels of magnification by zooming in or out. To run Gnome Ghostview in Fedora Core, choose Main Menu.Graphics. PostScript Viewer from GUI desktop. The Gnome Ghostview application window appears. In addition to the menu bar and toolbar along the top edge, a vertical divide splits the main display area of the window into two parts. To load and view a PostScript document in Gnome Ghostview, choose File.Open, or click the Open icon on the toolbar. Gnome Ghostview displays a File-Selection dialog box. Use this dialog box to navigate the file system and select a PostScript file. You can select one of the PostScript files that come with Ghostscript. For example, open the file tiger.ps in the /usr/ share/ghostscript/7.07/examples directory. (If your system has a version of Ghostscript later than 7.07, you have to use the new version number in place of 7.07.)#BREAK# 220 Graphics and Imaging To open the selected file, click the Open File button in the File-Selection dialog box. Gnome Ghostview opens the selected file, processes its contents, and displays the output in its window, as shown in Figure 4-13. Gnome Ghostview is useful for viewing various kinds of documents that come in PostScript format. (These files typically have the .ps extension in their names.) You can also open PDF files which typically have .pdf extensions in Gnome Ghostview. Figure 4-13: You can view PostScript files in Gnome Ghostview.#BREAK# Chapter 5: Using Text Editors In This Chapter Using GUI text editors Working with the ed text editor Getting to know the vi text editor In Linux, most system-configuration files are text files. If you write any shell scripts or other computer programs, they re text files too. Sometimes you have to edit these files by using programs designed for that purpose: text editors. For example, you may need to edit files such as /etc/hosts, /etc/ resolv.conf, /etc/X11/XF86Config, /etc/apt/sources.list, and many more. In this chapter, I introduce you to a few text editors both the GUI editors and text-mode editors. Using GUI Text Editors Each of the GUI desktops GNOME and KDE comes with GUI text editors (text editors that have graphical user interfaces). To use a GUI text editor, look in the Main Menu and search for text editors in an appropriate category. For example, in Fedora Core, choose Main Menu. Accessories.Text Editor from the GNOME desktop. In Debian, choose Main Menu.Editors.Advanced Text Editor. After you have a text editor up and running, you can open a file by clicking the Open button on the toolbar, which brings up the Open File dialog box. You can then change directories and select the file to edit by clicking the OK button. The GNOME text editor then loads the file in its window. You can open more than one file at a time and move among them as you edit the files. Figure 5-1 shows a typical editing session with the editor. In this case, the editor has three files hosts, fstab, and inittab (all from the /etc directory) open for editing. The filenames appear as tabs below the toolbar of the editor s window. You can switch among the files by clicking the tabs.#BREAK# 222 Text Editing with ed and vi If you open a file for which you have only read permission, the text RO- is appended to the filename to indicate that the file is read-only. In Figure 5-1, all the files are opened read-only because here I m logged in as a normal user and I m opening system files that only the root can modify. The rest of the text-editing steps are intuitive. To enter new text, click to position the cursor and then begin typing. You can select text, copy, cut, and paste by using the buttons on the toolbar above the text-editing area. From the KDE desktop, you can start the KDE advanced text editor (Kate) by choosing Main Menu.Editors.Advanced Text Editor. To open a text file, choose File.Open. Kate displays a dialog box. From this dialog box, you can go to the directory of your choice, select the file to open, and click OK. Kate then opens the file and displays its contents in the window. You can then edit the file. Text Editing with ed and vi GUI text editors enable you to edit text files using the mouse and keyboard much the same way as you use any word processor. Text-mode editors are a complete different beast you work using only the keyboard and you have to type cryptic commands to perform editing tasks such as cutting and pasting text or entering and deleting text. Linux comes with two text-mode text editors: . ed, a line-oriented text editor . vi, a full-screen text editor that supports the command set of an earlier editor named ex Figure 5-1: You can use the GNOME text editor to edit text files.#BREAK# Book II Chapter 5 Using Text Editors Text Editing with ed and vi 223 The ed and vi editors are cryptic compared to the graphical text editors. However, you should still get to know the basic editing commands of ed and vi because sometimes these two may be the only editors available. For example, if Linux refuses to boot from the hard drive, you may have to boot from a floppy disk. In that case, you have to edit system files with the ed editor because that editor is small enough to fit on the floppy. I walk you through the basic text-editing commands of ed and vi they re not that hard. Using ed Typically, you have to use ed only when you boot a minimal version of Linux (for example, from a floppy you ve set up as a boot disk), and the system doesn t support full-screen mode. In all other situations, you can use the vi editor that works in full-screen text mode. When you use ed, you work in command mode or text-input mode: . Command mode is what you get by default. In this mode, anything that you type is interpreted as a command. The ed text editor has a simple command set where each command consists of one or more characters. . Text-input mode is for typing text. You can enter input mode with the commands a (append), c (change), or i (insert). After entering lines of text, you can leave input mode by entering a period (.) on a line by itself. To practice editing a file, copy the /etc/fstab file to your home directory by issuing the following commands: cd cp /etc/fstab . Now you have a file named fstab in your home directory. Type ed -p: fstab to begin editing a file in ed. The editor responds thusly: 526 : This example uses the -p option to set the prompt to the colon character (:) and opens the fstab file (in the current directory, which is your home directory) for editing. The ed editor opens the file, reports the number of characters in the file (526), displays the prompt (:), and waits for a command. When you re editing with ed, make sure you that always turn on a prompt character (use the -p option). Without the prompt, distinguishing whether ed is in input mode or command mode is difficult.#BREAK# 224 Text Editing with ed and vi After ed opens a file for editing, the current line is the last line of the file. To see the current line number (the current line is the line to which ed applies your command), use the .= command like this: :.= 9 This output tells you that the fstab file has nine lines. (Your system s /etc/ fstab file may have a different number of lines, in which case ed shows a different number.) You can use the 1,$p command to see all lines in a file, as the following example shows: :1,$p # /etc/fstab: static file system information. # #
proc /proc proc defaults 0 0 /dev/hda10 / ext3 defaults,errors=remount-ro 0 1 /dev/hda6 /boot ext3 defaults 0 2 /dev/hda8 none swap sw 0 0 /dev/hdc /media/cdrom0 iso9660 ro,user,noauto 0 0 /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0 : To go to a specific line, type the line number: :7 The editor responds by displaying that line: /dev/hda8 none swap sw 0 0 : Suppose you want to delete the line that contains cdrom. To search for a string, type a slash (/) followed by the string that you want to locate: :/cdrom /dev/hdc /media/cdrom0 iso9660 ro,user,noauto 0 0 : The editor locates the line that contains the string and then displays it. That line becomes the current line. To delete the current line, use the d command as follows: :d :#BREAK# Book II Chapter 5 Using Text Editors Text Editing with ed and vi 225 To replace a string with another, use the s command. To replace cdrom with the string cd, for example, use this command: :s/cdrom/cd/ : To insert a line in front of the current line, use the i command: :i (type the line you want to insert) . (type a single period to indicate you re done) : You can enter as many lines as you want. After the last line, enter a period (.) on a line by itself. That period marks the end of text-input mode, and the editor switches to command mode. In this case, you can tell that ed switches to command mode because you see the prompt (:). When you re happy with the changes, you can write them to the file with the w command. If you want to save the changes and exit, type wq to perform both steps at the same time: :wq 531 The ed editor saves the changes in the file, displays the number of saved characters, and exits. If you want to quit the editor without saving any changes, use the Q command. These examples give you an idea of how to use ed commands to perform the basic tasks of editing a text file. Table 5-1 lists some of the commonly used ed commands. Table 5-1 Commonly Used ed Commands Command Does the Following !command Executes a shell command. (For example, !pwd shows the current directory.) $ Goes to the last line in the buffer. % Applies a command that follows to all lines in the buffer. (For example, %p prints all lines.) + Goes to the next line. +n Goes to the nth next line (where n is a number you designate). , Applies a command that follows to all lines in the buffer. (For example, ,p prints all lines.) Similar to %. (continued)#BREAK# 226 Text Editing with ed and vi Table 5-1 (continued) Command Does the Following - Goes to the preceding line. -n Goes to the nth previous line (where n is a number you designate). . Refers to the current line in the buffer. /text/ Searches forward for the specified text. ; Refers to a range of lines; current through last line in the buffer. = Prints the line number. ?text? Searches backward for the specified text. ^ Goes to the preceding line; see also the - command. ^n Goes to the nth previous line (where n is a number you designate); see also the -n command. a Appends after the current line. c Changes the specified lines. d Deletes the specified lines. i Inserts text before the current line. n Goes to line number n. Press Enter Displays the next line and makes that line current. q Quits the editor. Q Quits the editor without saving changes. r file Reads and inserts the contents of the file after the current line. s/old/new/ Replaces an old string with a new one. u Undoes the last command. W file Appends the contents of the buffer to the end of the specified file. w file Saves the buffer in the specified file. (If no file is named, it saves in the default file the file whose contents ed is currently editing.) Using vi The vi editor is a full-screen text editor, so you can view several lines at the same time. Most UNIX systems, including Linux, come with vi. Therefore, if you know the basic features of vi, you can edit text files on almost any UNIX system. When vi edits a file, it reads the file into a buffer a block of memory so you can change the text in the buffer. The vi editor also uses temporary files during editing, but the original file isn t altered until you save the changes.#BREAK# Book II Chapter 5 Using Text Editors Text Editing with ed and vi 227 To start the editor, type vi and follow it with the name of the file you want to edit, like this: vi /etc/fstab The vi editor then loads the file into memory and displays the first few lines in a text screen and positions the cursor on the first line, as shown in Figure 5-2. The last line shows the pathname of the file as well as the number of lines (9) and the number of characters (526) in the file. In this case, the text [readonly] appears after the filename because I m opening the /etc/fstab file while I am logged in as a normal user (which means I don t have permission to modify the file). Later, the last line in the vi display functions as a command-entry area. The rest of the lines display the file. If the file contains fewer lines than the screen, vi displays the empty lines with a tilde (~) in the first column. The current line is marked by the cursor, which appears as a small black rectangle. The cursor appears on top of a character. When using vi, you work in one of three modes: . Visual-command mode is what you get by default. In this mode, anything that you type is interpreted as a command that applies to the line containing the cursor. The vi commands are similar to the ed commands. . Colon-command mode is for reading or writing files, setting vi options, and quitting vi. All colon commands start with a colon (:). When you enter the colon, vi positions the cursor on the last line and waits for you to type a command. The command takes effect when you press Enter. Figure 5-2: You can edit text files with the vi full-screen text editor.#BREAK# 228 Text Editing with ed and vi . Text-input mode is for typing text. You can enter input mode with the command a (insert after cursor), A (append at end of line), or i (insert after cursor). After entering lines of text, you have to press Esc to leave input mode and re-enter visual-command mode. One problem with all these modes is that you cannot easily tell the current mode that vi is in. You may begin typing only to realize that vi is not in input mode, which can be frustrating. If you want to make sure that vi is in command mode, just press Esc a few times. (Pressing Esc more than once doesn t hurt.) To view online help in vi, type :help while in colon-command mode. When you re done with help, type :q to exit the Help screen and return to the file you re editing. The vi editor initially positions the cursor on the first character of the first line and one of the handiest things you can know is how to move the cursor around. To get a bit of practice, try the commands shown in Table 5-2. Table 5-2 Cursor Movement Commands in vi Key Does the Following . Moves the cursor one line down. . Moves the cursor one line up. . Moves the cursor one character to the left. . Moves the cursor one character to the right. W Moves the cursor one word forward. B Moves the cursor one word backward. Ctrl+D Moves down half a screen. Ctrl+U Scrolls up half a screen. You can go to a specific line number at any time by using the handy colon command. To go to line 6, for example, type the following and then press Enter: :6 When you type the colon, vi displays the colon on the last line of the screen. From then on, vi uses any text you type as a command. You have to press Enter to submit the command to vi. In colon-command mode, vi accepts all commands that the ed editor accepts and then some.#BREAK# Book II Chapter 5 Using Text Editors Text Editing with ed and vi 229 To search for a string, first type a slash (/). The vi editor displays the slash on the last line of the screen. Type the search string and then press Enter. The vi editor locates the string and positions the cursor at the beginning of that string. Thus, to locate the string cdrom in the file /etc/fstab, type /cdrom To delete the line that contains the cursor, type dd (two lowercase ds). The vi editor deletes that line of text and makes the next line the current one. To begin entering text in front of the cursor, type i (a lowercase i all by itself). The vi editor switches to text-input mode. Now you can enter text. When you finish entering text, press Esc to return to visual-command mode. After you finish editing the file, you can save the changes in the file with the :w command. To quit the editor without saving any changes, use the :q! command. If you want to save the changes and exit, you can type :wq to perform both steps at the same time. The vi editor saves the changes in the file and exits. You can also save the changes and exit the editor by pressing Shift+ZZ (hold Shift down and press Z twice). vi accepts a large number of commands in addition to the commands I mention above. Table 5-3 lists some commonly used vi commands, organized by task. Table 5-3 Commonly Used vi Commands Command Does the Following Insert Text a Inserts text after the cursor. A Inserts text at the end of the current line. I Inserts text at the beginning of the current line. i Inserts text before the cursor. Delete Text D Deletes up to the end of the current line. dd Deletes the current line. dw Deletes from the cursor to the end of the following word. x Deletes the character on which the cursor rests. Change Text C Changes up to the end of the current line. cc Changes the current line. (continued)#BREAK# 230 Text Editing with ed and vi Table 5-3 (continued) Command Does the Following rx Replaces the character under the cursor with x (where x is any character). J Joins the current line with the next one. Move Cursor h or . Moves one character to the left. j or . Moves one line down. k or . Moves one line up. L Moves to the end of the screen. l or . Moves one character to the right. w Moves to the beginning of the following word. Scroll Text Ctrl+D Scrolls forward by half a screen. Ctrl+U Scrolls backward by half a screen. Refresh Screen Ctrl+L Redraws screen. Cut and Paste Text yy Yanks (copies) current line into an unnamed buffer. P Puts the yanked line above the current line. p Puts the yanked line below the current line. Colon Commands :!command Executes a shell command. :q Quits the editor. :q! Quits without saving changes. :r filename Reads the file and inserts it after the current line. :w filename Writes a buffer to the file. :wq Saves changes and exits. Search Text /string Searches forward for a string. ?string Searches backward for a string. Miscellaneous u Undoes the last command. Esc Ends input mode and enters visual-command mode. U Undoes recent changes to the current line.#BREAK# Book III Networking#BREAK# Contents at a Glance Chapter 1: Connecting to the Internet ……………………………………………………………………233 Chapter 2: Setting Up a Local Area Network…………………………………………………………..255 Chapter 3: Adding a Wireless Ethernet LAN …………………………………………………………..267 Chapter 4: Managing the Network …………………………………………………………………………277#BREAK# Chapter 1: Connecting to the Internet In This Chapter Understanding the Internet Deciding how to connect to the Internet Connecting to the Internet with DSL Connecting to the Internet with cable modem Setting up a dialup PPP link The Internet is quickly becoming a lifeline for most people. Seems like a lot of folks can t get through a day without it (and I know I could not write this book without it). Sometimes, I wonder how we ever managed without the Internet. Given the prevalence and popularity of the Internet, it s a pretty safe bet for me to assume that you want to connect your Linux system to the Internet. In this chapter, I show you how to connect to the Internet in several different ways depending on whether you have a DSL, cable modem, or dialup network connection. Two of the options for connecting to the Internet DSL and cable modem involve connecting a special modem to an Ethernet card on your Linux system. In these cases, you have to set up Ethernet networking on your Linux system. (I explain networking in Chapter 2 of this minibook.) In this chapter, I show you in detail how to set up a DSL or a cable modem connection. I also show you the other option dialup networking that involves dialing up an Internet Service Provider (ISP) from your Linux system. Understanding the Internet How you view the Internet depends on your perspective. Common folks see the Internet in terms of the services they use. For example, as a user, you might think of the Internet as an information-exchange medium with features such as . E-mail: Send e-mail to any other user on the Internet, using addresses such as mom@home.net.#BREAK# 234 Deciding How to Connect to the Internet . Web: Download and view documents from millions of servers throughout the Internet. . Newsgroups: Read newsgroups and post news items to newsgroups with names such as comp.os.linux.networking or comp.os.linux.setup. . Information sharing: Download software, music files, videos, and so on. Reciprocally, you may provide files that users on other systems can download. . Remote access: Log on to another computer on the Internet, assuming that you have access to that remote computer. The techies say that the Internet is a worldwide network of networks. The term internet (without capitalization) is a shortened form of internetworking the interconnection of networks. The Internet Protocol (IP) was designed with the idea of connecting many separate networks. In terms of physical connections, the Internet is similar to a network of highways and roads. This similarity is what has prompted the popular press to dub the Internet the Information Superhighway. Just as the network of highways and roads includes some interstate highways, many state roads, and many more residential streets, the Internet has some very high-capacity networks (for example, a 10 Gbps backbone can handle 10 billion bits per second) and a large number of lower-capacity networks ranging from 56 Kbps dialup connections to 45 Mbps T3 links. (Kbps is thousand-bits-per-second, and Mbps is million-bits-per-second.) The high-capacity network is the backbone of the Internet. In terms of management, the Internet is not run by a single organization, nor is it managed by any central computer. You can view the physical Internet as a network of networks managed collectively by thousands of cooperating organizations. Yes, a collection of networks managed by thousands of organizations sounds amazing, but it works! Deciding How to Connect to the Internet So you want to connect to the Internet, but you don t know how? Let me count the ways. Nowadays you have three popular options for connecting homes and small offices to the Internet (of course, huge corporations and governments have many other ways to connect): . Digital Subscriber Line (DSL): Your local telephone company, as well as other telecommunications companies, may offer DSL. DSL provides a way to send high-speed digital data over a regular phone line. Typically, DSL offers data transfer rates of between 128 Kbps and 1.5 Mbps. You can download from the Internet at much higher rates than when you#BREAK# Book III Chapter 1 Connecting to the Internet Deciding How to Connect to the Internet 235 send data from your PC to the Internet (upload). One caveat with DSL is that your home must be between 12,000 and 15,000 feet from your local central office (the phone company facility where your phone lines end up). The distance limitation varies from provider to provider. In the United States, you can check out the distance limits for many providers at www.dslreports.com/distance. . Cable modem: If the cable television company in your area offers Internet access over cable, you can use that service to hook up your Linux system to the Internet. Typically, cable modems offer higher data-transfer rates than DSL for about the same cost. Downloading data from the Internet via cable modem is much faster than sending data from your PC to the Internet. You can expect routine download speeds of 1.5 Mbps and upload speeds of around 128 Kbps, but sometimes you may get even higher speeds than these. . Dialup networking: A dialup connection is what most folks were using before DSL and cable modems came along. You hook up your PC to a modem that s connected to the phone line. Then you dial up an ISP to connect to the Internet. That s why it s called dialup networking establishing a network connection between your Linux PC and another network (the Internet) through a dialup modem. In this case, the maximum data-transfer rate is 56 Kbps. DSL and cable modem services connect you to the Internet and also act as your Internet Service Provider (ISP); in addition to improved speed, what you re paying for is an IP address and your e-mail accounts. If you use a dialup modem to connect to the Internet, first you have to connect to the phone line (for which you pay the phone company) and then select and pay a separate ISP which gives you a phone number to dial and all the other necessary goodies (such as an IP address and e-mail accounts). Table 1-1 summarizes all these options. You can consult that table and select the type of connection that s available to you and that best suits your needs. Table 1-1 Comparison of Dialup, DSL, and Cable Feature Dialup DSL Cable Equipment Modem DSL modem, Cable modem, Ethernet card Ethernet card Also requires Phone service Phone service and Cable TV and an Internet location within 12,000 connection Service Provider to 15,000 feet (ISP) of central office Connection type Dial to connect Always on, dedicated Always on, shared (continued)#BREAK# 236 Connecting with DSL Table 1-1 (continued) Feature Dialup DSL Cable Typical speed 56 Kbps maximum 640 Kbps download, 1.5 Mbps down 128 Kbps upload load, 128 Kbps (higher speeds upload cost more) One-time costs None Install = $100-200; Install = $100-200; (estimate) Equipment = $200-300 Equipment = (may be leased and $60-100 (may be may require leased) activation cost) Typical monthly Phone charges = $50/month; may $50/month; may cost (2004) $20/month; ISP require monthly require monthly charges = $15-30/ modem lease modem lease month Note: Costs vary by region and provider. Costs shown are typical ones for U.S. metropolitan areas. Connecting with DSL DSL stands for Digital Subscriber Line. DSL uses your existing phone line to send digital data in addition to the normal analog voice signals (analog means continuously varying, whereas digital data is represented by 1s and 0s). The phone line goes from your home to a central office, where the line connects to the phone company s network by the way, the connection from your home to the central office is called the local loop. When you sign up for DSL service, the phone company hooks up your phone line to some special equipment at the central office. That equipment can separate the digital data from voice. From then on, your phone line can carry digital data that is then directly sent to an Internet connection at the central office. How DSL works A special box called a DSL modem takes care of sending digital data from your PC to the phone company s central office over your phone line. Your PC can connect to the Internet with the same phone line that you use for your normal telephone calls you can make voice calls even as the line is being used for DSL. Figure 1-1 shows a typical DSL connection to the Internet. Your PC talks to the DSL modem through an Ethernet connection, which means that you need an Ethernet card in your Linux system.#BREAK# Book III Chapter 1 Connecting to the Internet Connecting with DSL 237 Your PC sends digital data over the Ethernet connection to the DSL modem. The DSL modem sends the digital data at different frequencies than those used by the analog voice signals. The voice signals occupy a small portion of all the frequencies that the phone line can carry. DSL uses the higher frequencies to transfer digital data, so both voice and data can travel on the same phone line. The distance between your home and the central office the loop length is a factor in DSL s performance. Unfortunately, the phone line can reliably carry the DSL signals over only a limited distance typically three miles or less, which means that you can get DSL service only if your home (or office) is located within about three miles of your phone company s central office. Your phone company can tell you whether your location can get DSL or not. Often, it has a Web site where you can type in your phone number and get a response about DSL availability. For example, try www.dslavailability.com for U.S. locations. DSL alphabet soup: ADSL, IDSL, SDSL I have been using the term DSL as if there were only one kind of DSL. As you may imagine, nothing is ever that simple. There are in fact three variants of DSL, each with different features. Take a look: Telephone company Central Office (CO) Other customers Telephone Network Interface Device (NID) where your phone wires come into your home Local loop Ethernet card in PC Your PC DSL modem To Internet backbone 0 10 0 10 11 Figure 1-1: DSL provides high-speed connection to the Internet over a regular phone line.#BREAK# 238 Connecting with DSL . ADSL: Asymmetric DSL, the most common form of DSL, has much higher download speeds (from the Internet to your PC) than upload speeds (from your PC to the Internet). ADSL can have download speeds of up to 8 Mbps and upload speeds of up to 1 Mbps. ADSL works best when your location is within about 21/2 miles (12,000 feet) of your central office. ADSL service is priced according to the download and upload speeds you want. A popular form of ADSL, called G.lite, is specifically designed to work on the same line you use for voice calls. G.lite has a maximum download speed of 1.5 Mbps and maximum upload speed of 512 Kbps. . IDSL: ISDN DSL (ISDN is an older technology called Integrated Services Digital Network) is a special type of DSL that works at distances of up to five miles between your phone and the central office. The downside is that IDSL only offers downstream (from the Internet to your PC) and upstream (from your PC to the Internet) speeds of up to 144 Kbps. . SDSL: Symmetric DSL provides equal download and upload speeds of up to 1.5 Mbps. SDSL is priced according to the speed you want, with the higher speeds costing more. The closer your location is to the phone company central office, the faster the connection you can get. DSL speeds are typically specified by two numbers separated by a slash, such as this: 1500/384. The numbers refer to data-transfer speeds in kilobits per second (that is, thousands-of-bits per second, abbreviated Kbps). The first number is the download speed, the second the upload. Thus, 1500/384 means you can expect to download from the Internet at a maximum rate of 1,500 Kbps (or 1.5 Mbps) and upload to the Internet at 384 Kbps. If your phone line s condition is not perfect, you may not get these maximum rates both ADSL and SDSL adjust the speeds to suit existing line conditions. The price of DSL service depends on which variant ADSL, IDSL, or SDSL you select. For most home users, the primary choice is ADSL (or, more accurately, the G.lite form of ADSL) with transfer speed ratings of 1500/128. Typical DSL setup To get DSL for your home or business, you have to contact a DSL provider. In addition to your phone company, you can find many other DSL providers. No matter who provides the DSL service, some work has to be done at your central office the place where your phone lines connect to the rest of the phone network. The work involves connecting your phone line to equipment that can work with the DSL modem at your home or office. The central office equipment and the DSL modem at your location can then do whatever magic is needed to send and receive digital data over your phone line.#BREAK# Book III Chapter 1 Connecting to the Internet Connecting with DSL 239 Because of the need to set up your line at the central office, it takes some time after you place an order to get your line ready for DSL. The first step for you is to check out the DSL providers that provide service and see if you can actually get the service. Because DSL can work only over certain distances typically less than 2.5 miles between your location and the central office, you have to check to see if you are within that distance limit. Contact your phone company to verify. You may be able to check this availability on the Web. Try typing into Google (www.google.com) the words DSL, availability and then your local phone company s name. The search results will probably include a Web site where you can type in your phone number to find out if DSL is available for your home or office. If DSL is available, you can look for the types of service ADSL versus SDSL and the pricing. The price depends on the download and upload speeds you want. Sometimes, phone companies offer a simple residential DSL (basically the G.lite form of ADSL) with a 1500/128 speed rating meaning you can download at up to 1,500 Kbps and upload at 128 Kbps. Of course, these are the maximums, and your mileage may vary. After selecting the type of DSL service and provider you want, you can place an order and have the provider install the necessary equipment at your home or office. Figure 1-2 shows a sample connection diagram for typical residential DSL service. Wall plate Your PC Ethernet card in your PC DSL modem Microfilter Your phone Figure 1-2: You can connect a PC s Ethernet card directly to the DSL modem.#BREAK# 240 Connecting with DSL Here are some key points to note in Figure 1-2: . Connect your DSL modem s data connection to the phone jack on a wall plate. . Connect the DSL modem s Ethernet connection to the Ethernet card on your PC. . When you connect other telephones or fax machines on the same phone line, install a microfilter between the wall plate and each of these devices. Because the same phone line carries both voice signals and DSL data, you need the microfilter to protect the DSL data from possible interference. You can buy them at electronics stores or from the DSL provider. When you connect your Linux PC to the Internet using DSL, the connection is always on, which means a greater potential for outsiders to break into the PC. You can protect your Linux system from intruders and, as an added bonus, share the high-speed connection with other PCs in a local area network (LAN) by using a router that can perform Network Address Translation (NAT). Such a NAT router translates multiple private Internet Protocol (IP) addresses from an internal LAN into a single public IP address, which allows all the internal PCs to access the Internet. The NAT router acts as a gateway between your LAN and the Internet, and it isolates your LAN from the Internet this makes it harder for intruders to reach the systems on your LAN. If you also want to set up a local area network, you need an Ethernet hub to connect the other PCs to the network. Figure 1-3 shows a typical setup that connects a LAN to the Internet through a NAT router and a DSL modem. Here are the points to note when setting up a connection like the one shown in Figure 1-3: . You need a NAT router with two 10BaseT Ethernet ports (the 10BaseT port looks like a large phone jack, also known as an RJ-45 jack). Typically, one Ethernet port is labeled Internet (or External or WAN for wide area network) and the other one is labeled Local or LAN (for local area network). . You also need an Ethernet hub. For a small home network, you can buy a 4- or 8-port Ethernet hub. Basically, you want a hub with as many ports as the number of PCs you intend to connect to your local area network. . Connect the Ethernet port of the DSL modem to the Internet port of the NAT router, using a 10BaseT Ethernet cable. (These look like phone wires with bigger RJ-45 jacks and are often labeled Category 5 or Cat 5 wire.) . Connect the Local Ethernet port of the NAT router to one of the ports on the Ethernet hub, using a 10BaseT Ethernet cable. . Now connect each of the PCs to the Ethernet hub. (Of course, to do so, you must first have an Ethernet card installed and configured in each PC.)#BREAK# Book III Chapter 1 Connecting to the Internet Connecting with DSL 241 You can also buy a NAT router with a built-in 4- or 8-port Ethernet hub. With such a combined router-hub, you need only one box to set up a LAN and connect it to the Internet via a DSL modem. These boxes are typically sold under the name Cable/DSL router because they work with both DSL and a cable modem. Consult Chapter 2 of this minibook for information on how to configure networking on the Linux system so that your system can access the Internet. DSL providers typically use a protocol known as PPP over Ethernet (PPPoE) to establish a connection between your PC and the equipment at the provider s central office. PPPoE requires you to provide a username and password to establish the network connection over Ethernet. To set up your system for a PPPoE DSL connection, all you have to do is run a utility program that configures the system for PPPoE. You can find the utility by searching in the Main Menu in the GUI desktop. In Fedora Core, you can set up a PPPoE DSL connection by choosing Main Menu.System Tools.Internet Configuration Wizard and clicking xDSL connection from the list. Then go through the successive screens and provide the requested information, such as login name and password. Phone jack DSL modem Ethernet hub PCs in a local area network (LAN). Each PC must have a 10 BASE-T Ethernet card. NAT router Ethernet cables (10 BASE-T) Ethernet cables (10 BASE-T) Figure 1-3: A NAT router isolates your PC from the Internet and also lets you share the DSL connection with other PCs in a local area network.#BREAK# 242 Connecting with a Cable Modem Connecting with a Cable Modem Cable TV companies also offer high-speed Internet access over the same coaxial cable that carries television signals to your home. After the cable company installs the necessary equipment at its facility to send and receive digital data over the coaxial cables, customers can sign up for cable Internet service. You can then get high-speed Internet access over the same cable that delivers cable TV signals to your home. How cable modem works A box called a cable modem is at the heart of Internet access over the cable TV network. (See Figure 1-4.) The cable modem takes digital data from your PC s Ethernet card and puts it in an unused block of frequency. (Think of it as another TV channel, but instead of pictures and sound, this channel carries digital data.) The cable modem places upstream data data that s being sent from your PC to the Internet in a different channel than the downstream data that s coming from the Internet to your PC. By design, the speed of downstream data transfers is much higher than that of upstream transfers. The assumption is that people download far more stuff from the Internet than they upload. (Probably true for most of us.) The coaxial cable that carries all those hundreds of cable TV channels to your home is a very capable signal carrier. In particular, the coaxial cable can carry signals covering a huge range of frequencies hundreds of megahertz (MHz). Each TV channel requires 6 MHz and the coaxial cable can carry hundreds of such channels. The cable modem places the upstream data in a small frequency band and expects to receive the downstream data in a whole other frequency band. At the other end of your cable connection to the Internet is the Cable Modem Termination System (CMTS) also known as the head end that your cable company installs at its central facility. (Refer to Figure 1-4.) The CMTS connects the cable TV network to the Internet. It also extracts the upstream digital data sent by your cable modem (and by those of your neighbors as well), and sends all of it to the Internet. The CMTS also puts digital data into the upstream channels so that your cable modem can extract that data and provide it to your PC via the Ethernet card. Cable modems can receive downstream data at the rate of about 30 Mbps and send data upstream at around 3 Mbps. However, all the cable modems in a neighborhood share the same downstream capacity. Each cable modem filters out separates the data it needs from the stream of data that the CMTS sends out. Cable modems follow a modem standard called DOCSIS,#BREAK# Book III Chapter 1 Connecting to the Internet Connecting with a Cable Modem 243 which stands for Data Over Cable Service Interface. You can buy any DOCSIScompliant modem and use it with your cable Internet service; all you have to do is call the cable company and give them the modem s identifying information so that the CMTS can recognize and initialize the modem. In practice, with a cable modem you can get downstream transfer rates of around 1.5 Mbps and upstream rates of 128 Kbps. These are maximum rates, and your transfer rate is typically lower, depending on how many users in your neighborhood are using cable modems at the same time. If you want to check your downstream transfer speed, go to bandwidthplace. com/speedtest and click the link to start the test. For my cable modem connection (for example), the tests reported a downstream transfer rate of about 1.4 Mbps. Another neighborhood (all homes with Cable modems share the same cable) Cable company head end (the central distribution point) To Internet backbone From cable TV Ethernet card in PC A neighborhood (one or more homes with Cable modems) Cable Modem Termination System (CMTS) 01001 0 11 Cable modem Your PC Figure 1-4: Cable modems provide high-speed Internet access over the cable TV network.#BREAK# 244 Connecting with a Cable Modem Typical cable modem setup To set up cable modem access, your cable TV provider must offer highspeed Internet access. If the service is available, you can call to sign up. The cable companies often have promotional offers such as no installation fee or a reduced rate for three months. Look for these offers. If you are lucky, a local cable company may have a promotion going on just when you want to sign up. The installation is typically done by a technician, who splits your incoming cable into two one side goes to the TV and the other to the cable modem. The technician provides information about the cable modem to the cable company s head end for set up at its end. When all that is done, you can plug in your PC s Ethernet card to the cable modem and you re all set to enjoy high-speed Internet access. Figure 1-5 shows a typical cable-modem hookup. The cable modem connects to an Ethernet card in your PC. If you don t have an Ethernet card in your PC, the cable company technician often provides one. Here are some key points to note about the cable modem setup in Figure 1-5: . Split the incoming cable TV signal into two parts by using a two-way splitter. (The cable company technician installs the splitter.) By the way, the two-way splitter needs to be rated for 1 GHz; otherwise, it may not let the frequencies that contain the downstream data from the Internet pass through. . Connect one of the video outputs from the splitter to your cable modem s F-type video connector using a coaxial cable. . Connect the cable modem s 10BaseT Ethernet connection to the Ethernet card on your PC. . Connect your TV to the other video output from the two-way splitter. When you use cable modem to directly connect your Linux PC to the Internet, the connection is always on, so you have more of a chance that someone may try to break into the PC. Linux includes the iptables packet filtering capability, which you may want to use to protect your PC from unwanted Internet connections. In Fedora Core, you can set the firewall setting to High Security. To configure the firewall settings in Fedora Core, choose Main Menu.System Settings. Security Level from the GUI desktop.#BREAK# Book III Chapter 1 Connecting to the Internet Connecting with a Cable Modem 245 To isolate your Linux PC or local area network from the public Internet, you may want to add a NAT router between your PC and the cable modem. One of the NAT router s network interfaces connects to the Internet, and the other connects to your LAN; the router then acts as a gateway between your LAN and the Internet. As an added bonus, you can even share a cable modem connection with all the PCs in your own local area network (LAN) by adding an Ethernet hub. Better yet, buy a combination NAT-router-and-hub so you have only one box do the whole job. By the way, the NAT router/hubs are typically sold under the name Cable/DSL router because they work with both DSL and cable modem. The NAT router translates private IP addresses into a public IP address. When connected through a NAT router, any PC in the internal LAN can access the Internet as if it had its own unique IP address. Result: You can share a single Internet connection among many PCs. (An ideal solution for an entire family of Net surfers!) Figure 1-6 shows a typical setup with a cable modem connection being shared by a number of PCs in a LAN. Your PC Ethernet card in your PC Cable modem 10 BASE-T Ethernet cable 2-way splitter To cable distribution box Coaxial cables Television set Figure 1-5: The cable TV signal is split between the TV and the cable modem.#BREAK# 246 Connecting with a Cable Modem Here are the points to note when setting up a connection like the one shown in Figure 1-6: . You need a Cable/DSL NAT router with two 10BaseT Ethernet ports (the 10BaseT port also known as an RJ-45 jack, which looks like a large phone jack). Typically, one Ethernet port is labeled Internet (or External or WAN for wide area network), and the other one is labeled Local. . If you plan to set up a LAN, you also need an Ethernet hub. For a small home network, you can buy a 4- or 8-port Ethernet hub. Basically, you want a hub with as many ports as the number of PCs you intend to connect to your local area network. . Consider buying a single box that acts as both a NAT router and a hub with a number of Ethernet ports. . Connect the video cable to the video input port of the cable modem. 2-way splitter Video cable To television To cable distribution box Cable modem Ethernet hub PCs in a local area network (LAN). Each PC must have a 10 BASE-T Ethernet card. NAT router Ethernet cables (10 BASE-T) Ethernet cables (10 BASE-T) Figure 1-6: A NAT router isolates your PC from the Internet and also lets you share cable modem connection with other PCs in a local area network.#BREAK# Book III Chapter 1 Connecting to the Internet Setting Up Dialup Networking 247 . Connect the Ethernet port of the cable modem to the Internet port of the NAT router using a 10BaseT Ethernet cable. (These look like phone wires except that the Ethernet cables have bigger RJ-45 jacks and are often labeled Category 5 or Cat 5 wire.) . Connect the Local Ethernet port of the NAT router to one of the ports on the Ethernet hub using a 10BaseT Ethernet cable. . Now connect each of the PCs to the Ethernet hub. Of course, each PC must have an Ethernet card. In Chapter 2 of this minibook, I explain how to configure the PCs in such a LAN so that they can all access the Internet through the router. Setting Up Dialup Networking Dialup networking refers to connecting a PC to a remote network through a dialup modem. If you are ancient enough to remember the days of dialing up with Procomm or some serial communications software, realize that there is a significant difference between dialup networking and the old days of serial communication. Both approaches use a modem to dial up a remote computer and to establish a communication path, but the serial-communication software makes your computer behave like a dumb terminal connected to the remote computer. The serial-communication software exclusively uses dialup connection. You cannot run another copy of the communication software and use the same modem connection, for example. In dialup networking, both your PC and the remote system run networkprotocol (called TCP/IP) software. When your PC dials up and sets up a communication path, the network protocols exchange data packets over that dialup connection. The neat part is that any number of applications can use the same dialup connection to send and receive data packets. So your PC becomes a part of the network to which the remote computer belongs. (If the remote computer is not on a network, dialup networking creates a network that consists of the remote computer and your PC.) In Chapter 2 of this minibook, I describe TCP/IP protocol some more, but I have to use the term as well as a few concepts such as Internet Protocol (IP) address and Domain Name Service (DNS) when describing how to set up dialup networking. Setting up a TCP/IP network over a dialup link involves specifying the protocol the convention for packaging a data packet over the communication link. Point-to-Point Protocol (PPP) is such a protocol for establishing a TCP/IP connection over any point-to-point link, including dialup phone lines. Linux supports PPP, and it comes with the configuration tools you can use to set up PPP so that your system can establish a PPP connection with your ISP.#BREAK# 248 Setting Up Dialup Networking Here s what you have to do to set up dialup networking in Linux: 1. Install an internal or external modem in your PC. If your PC did not already come with an internal modem, you can buy an external modem and connect it to the PC s serial or USB port. 2. Connect the modem to the phone line, and power up the modem. 3. Get an account with an ISP. Every ISP provides you a phone number to dial, a username, and a password. Additionally, the ISP gives you the full names of servers for e-mail and news. Typically, your system automatically gets an IP address. 4. Run a GUI tool (if available) to set up a PPP connection. If you cannot find a GUI tool, type wvdialconf /etc/wvdial.conf at the shell prompt. The wvdialconf program automatically detects the modem and sets up the configuration file /etc/wvdial.conf. Now use a text editor to edit the file /etc/wvdial.conf and enter the ISP s phone number as well as the username and password of your Internet account with the ISP. (You can guess where to enter these items, just look for the fields labeled Username, Password, and Phone.) 5. Use a GUI tool (if available) to activate the PPP connection to connect to the Internet. If there is no GUI tool, log in as root and type wvdial to establish the PPP connection. I briefly go over these steps in the following sections. Connecting the modem Modem is a contraction of modulator/demodulator a device that converts digital signals (strings of 1s and 0s) into continuously varying analog signals that transmit over telephone lines and radio waves. Thus, the modem is the intermediary between the digital world of the PC and the analog world of telephones. Figure 1-7 illustrates the concept of a modem. Modem 01 001 0 1 1 Figure 1-7: A modem bridges the digital world of PCs and the analog world of telephones.#BREAK# Book III Chapter 1 Connecting to the Internet Setting Up Dialup Networking 249 Inside the PC, 1s and 0s are represented with voltage levels, but signals carried over telephone lines are usually tones of different frequencies. The modem sits between the PC and the telephone lines and makes data communication possible over the phone lines. The modem converts information back and forth between the voltage/no voltage representation of digital circuits and different frequency tones that are appropriate for transmission over phone lines. Before you can dial out using an external modem, you have to make sure that the modem is properly connected to one of the serial or USB ports of your PC. If you have an external modem, make sure that your modem is properly connected to the power supply and that the modem is connected to the telephone line. Buy the right type of cable to connect the modem to the PC. You need a straight-through serial cable to connect the modem to the PC. The connectors at the ends of the cable depend on the type of serial connector on your PC. The modem end of the cable needs a male 25-pin connector. The PC end of the cable often is a female 9-pin connector. You can buy modem cables at most computer stores. Often, you can find 9-pin-female-to-25- pin-male modem cables sold under the label AT Modem Cable. Connect USB modems by using a USB cable. If your PC has an internal modem, all you have to do is connect the phone line to the phone jack at the back of the internal modem card. If it s a WinModem, you still connect the phone line, but you also have to do a bit of research on the Internet and download a driver that makes the WinModem WinModems: They do only Windows A quick word of caution about the WinModems that come with many new PCs and laptops. WinModems are software-based internal modems totally different from the traditional hardware modems. Also known as Windows modems or software modems (softmodem for short), they work only with special driver software (which in turn works only with Microsoft Windows). With WinModems and Linux, you re pretty much on your own but you can find some useful guidance online at the Linux WinModem Support home page at www.lin modems.org. For example, I found out that the WinModem in my laptop uses a Conexant chipset and that a Linux driver is available from www.linuxant.com/drivers/hsf/full /downloads.php. I could then download a version appropriate for my distribution the Web site offered both Debian package (DPKG) and RPM format files. By the way, the free version of the driver from Conexant is limited to 14.4 Kbps only. To go up to 56 Kbps, you have to get the full version for a modest price of around $15 (U.S. dollars). The free version, however, is good for testing to make sure that the driver works with your softmodem. By the way, you can locate Linux drivers for many other WinModems by checking the www.linmodems.org Web site.#BREAK# 250 Setting Up Dialup Networking work in Linux. After you install a working Linux driver for a WinModem, it works just like the older serial port modems. See the sidebar, WinModems: They only do Windows, for more information. Setting up and activating a PPP connection Most ISPs provide PPP dialup access to the Internet through one or more systems that the ISP maintains. If you sign up for such a service, the ISP provides you the information that you need to make a PPP connection to the ISP s system. Typically, this information includes the following: . The phone number to dial to connect to the remote system. . The username and password that you must use to log in to the remote system. . The names of the ISP s mail and news servers. . The IP address for your PPP connection. Your ISP does not provide this address if the IP address is assigned dynamically (which means the IP address may change every time that your system establishes a connection). . IP addresses of the ISP s Domain Name Servers (DNS). The ISP does not provide these addresses if it assigns the IP address dynamically. Of this information, the first two items are what you need to set up a PPP connection. The exact steps for setting up and using a PPP connection depend on the distribution. For distributions with a GUI Internet connection tool, you can easily figure out where to enter your ISP account information the phone number, username, and password. I point out distribution-specific approaches for configuring PPP next. Debian does not have a GUI tool to set up a PPP connection. Instead, you should use the command-line utilities wvdialconf and wvdial. If wvdial is not installed on your system, type apt-get install wvdial to install it. Then type wvdialconf /etc/wvdial.conf to set up the configuration file. Edit the file to add on appropriate lines the ISP s phone number and your ISP account s username and password, to be precise. Then you can type wvdial to establish a PPP connection. In Fedora Core, choose Main Menu.System Tools.Internet Configuration Wizard from the GNOME desktop. Select the Modem Connection option from the first dialog box (see Figure 1-8) and continue with the configuration. In SUSE, choose Main Menu.System.YaST to open the YaST control center window. Click Network Devices on the left-hand side of the window and then click Modem on the right-hand side. (See Figure 1-9.) YaST detects the modem and displays a window with information about the modem. You can then #BREAK# Book III Chapter 1 Connecting to the Internet Setting Up Dialup Networking 251 configure the detected modem for a PPP connection. You can either select your ISP from a list or enter the ISP s name as well as an access phone number and the ISP account s username and password. After you set up the modem in SUSE, the KInternet tool should start and a plug icon should appear in the panel, as shown in Figure 1-10. You can then click the KInternet tool s icon to activate the PPP connection. If the connection does not seem to come up, right-click the KInternet icon, select View Log, and look for clues about any problems. Figure 1-9: In SUSE, configure the modem from YaST. Figure 1-8: In Fedora Core, configure the PPP connection from this dialog box.#BREAK# 252 Setting Up Dialup Networking In Xandros, select Main Menu.Applications.Internet.Connection Wizard. The Connection Wizard dialog box appears (see Figure 1-11). Select the Dialup Modem (PPP) option in the dialog box and then continue with the PPP setup process. Configuring CHAP and PAP authentication The PPP server on your system has to authenticate itself to the ISP s PPP server before the PPP connection can get fully up and running. Authentication requires proving that you have a valid account with the ISP, essentially providing a username and a secret (that is, a password). PPP specifies two ways of exchanging the authentication information between the two ends of the connection: Figure 1-11: In Xandros, configure the dialup PPP connection from this dialog box. Figure 1-10: In SUSE, click the KInternet tool to activate a PPP connection.#BREAK# Book III Chapter 1 Connecting to the Internet Setting Up Dialup Networking 253 . Challenge Handshake Authentication Protocol (CHAP) requires the remote end to send a randomly generated challenge string along with the remote server s name. The local system looks up the secret, using the server s name; then it sends back a response that includes its name and a value that combines the secret and the challenge, using a one-way hash function. The remote system then checks that value against its own calculation of the expected hash value. If the values match, the authentication succeeds; otherwise, the remote system terminates the connection. In this case, the name and secret are stored in the /etc/ppp/ chap-secrets file. Note that the remote system can repeat the CHAP authentication any time while the PPP link is up. . Password Authentication Protocol (PAP) is like the normal login process. When using PAP, the local system repeatedly sends a username (name) and password (secret) until the remote system acknowledges the authentication or ends the connection. The name and secret are stored in the /etc/ppp/pap-secrets file. Note that the username and password are sent in the clear (that is, unencrypted). The Linux PPP server supports both types of authentication. For both PAP and CHAP, the information that the PPP server needs is a name and a secret a username-password pair. This authentication information is stored in the following configuration files: . /etc/ppp/chap-secrets stores the information for CHAP. Here s what a typical chap-secrets file looks like: # Secrets for authentication using CHAP # client server secret IP addresses naba * mypassword . /etc/ppp/pap-secrets stores the information for PAP. Here s a typical pap-secrets file: # Secrets for authentication using PAP # client server secret IP addresses naba * mypassword As you can see, the formats of the entries are the same for both chap-secrets and pap-secrets. Four fields are in each line, in the following order: . client: This field contains the name that is used during authentication. You get this name from the ISP. . server: This field contains the name of the remote system to which you are authenticating the local system. If you don t know the server s name, put an asterisk to indicate any server.#BREAK# 254 Setting Up Dialup Networking . secret: This field is the secret that your system s PPP server has to send to the remote system to authenticate itself. You receive this password from the ISP. . IP addresses: This optional field can contain a list of the IP addresses that the local system may use when connecting to the specified server. Typically, this field is left blank because the local system usually gets a dynamic IP address from the server and (therefore) doesn t know what IP address it uses.#BREAK# Chapter 2: Setting Up a Local Area Network In This Chapter Understanding TCP/IP networks Setting up an Ethernet LAN Configuring TCP/IP networking Connecting your LAN to the Internet Linux comes with built-in support for Transmission Control Protocol/ Internet Protocol (TCP/IP) networking, as do most modern operating systems from Windows to Mac OS. You can have TCP/IP networking over many different physical interfaces, such as Ethernet cards, serial ports, and parallel ports. Typically, you use an Ethernet network for your local area network (LAN) at your office or even your home (if you happen to have several systems at home). To connect to remote systems over a modem, you use TCP/IP networking over Point-to-Point Protocol (PPP). This chapter describes how to set up an Ethernet network. Even if you have a single PC, you may need to set up an Ethernet network interface so that you can connect your PC to high-speed Internet access that uses a DSL or cable modem. (I cover DSL and cable modems in Chapter 1 of this minibook.) Understanding TCP/IP You can understand TCP/IP networking best if you think in terms of a layered model with four layers. Think of each layer as responsible for performing a particular task. The layered model describes the flow of data between the physical connection to the network and the end-user application. Figure 2-1 shows the four-layer network model for TCP/IP. In this four-layer model, information always moves from one layer to the next. For example, when an application sends data to another application, the data goes through the layers in this order: Application.Transport. Network.Physical. At the receiving end, the data goes up from Physical. Network.Transport.Application.#BREAK# 256 Understanding TCP/IP Each layer has its own set of protocols conventions for handling and formatting the data. If you think of sending data as something akin to sending letters through the postal service, a typical protocol is a preferred sequence of actions for a task such as addressing an envelope (first the name, then the street address, and then city, state, and ZIP or other postal code). Here s what each of the four layers does, top to bottom: . Application: Runs the applications that users use, such as e-mail readers, file transfers, and Web browsers. Application-level protocols are Simple Mail Transfer Protocol (SMTP) and Post Office Protocol (POP) for e-mail; HyperText Transfer Protocol (HTTP) for the Web; and File Transfer Protocol (FTP) for file transfers. Application-level protocols also have a port number that you can think of as an identifier for a specific application. For example, port 80 is associated with HTTP or the Web server. . Transport: Sends data from one application to another. The two most important protocols in this layer are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). TCP guarantees delivery of data; UDP just sends the data without ensuring that it actually reaches the destination. . Network: This layer is responsible for getting data packets from one network to another. If the networks are far apart, the data packets are routed from one network to the next until they reach their destination. The primary protocol in this layer is the Internet Protocol (IP). . Physical: Refers to the physical networking hardware (such as an Ethernet card or token ring card) that carries the data packets in a network. The beauty of the layered model is that each layer takes care of only its specific task, leaving the rest to the other layers. The layers can mix and match you can have TCP/IP network over any type of physical network medium, from Ethernet to radio waves (in a wireless network). The software is modular as 4 Application Mail, file transfer, TELNET 3 Transport TCP (Transmission Control Protocol) UDP (User Datagram Protocol) 2 Network IP (Internet Protocol) 1 Physical Ethernet Figure 2-1: You can understand TCP/IP using the four-layer network model.#BREAK# Book III Chapter 2 Setting Up a Local Area Network Understanding TCP/IP 257 well because each layer can be implemented in different modules. For example, typically the Transport and Network layers already exist as part of the operating system, and any application can make use of these layers. TCP/IP and the Internet TCP/IP has become the protocol of choice on the Internet the network of networks that evolved from ARPAnet. The U.S. Government s Advanced Research Projects Agency (ARPA) initiated research in the 1970s on a new way of sending information, using packets of data sent over a network. The result was ARPAnet: a national network of linked computers. Subsequently, ARPA acquired a Defense prefix and became DARPA. Under the auspices of DARPA, the TCP/IP protocols emerged as a popular collection of protocols for internetworking communication among networks. TCP/IP has flourished because the protocol is open. That means the technical descriptions of the protocol appear in public documents, so anyone can implement TCP/IP on specific hardware and software. TCP/IP also made great inroads because stable, working software was available. Instead of a paper description of network architecture and protocols, the TCP/IP protocols started out as working software and who can argue with what s already working? These days (as a result), TCP/IP rules the Internet. Next-generation IP (IPv6) When the 4-byte IP address was created, the number of available addresses seemed adequate. Now, however, the 4-byte addresses are running out. The Internet Engineering Task Force (IETF) recognized the potential for running out of IP addresses in 1991 and began work on the next-generation IP addressing scheme. They called it IPng (for Internet Protocol Next Generation) and intended that it will eventually replace the old 4-byte addressing scheme (called IPv4, for IP Version 4). Several alternative addressing schemes for IPng were proposed and debated. The final contender, with a 128-bit (16-byte) address, was dubbed IPv6 (for IP Version 6). On September 18, 1995, the IETF declared the core set of IPv6 addressing protocols to be an IETF Proposed Standard. IPv6 is designed to be an evolutionary step from IPv4. The proposed standard provides direct interoperability between hosts using the older IPv4 addresses and any new IPv6 hosts. The idea is that users can upgrade their systems to use IPv6 when they want and that network operators are free to upgrade their network hardware to use IPv6 without affecting current users of IPv4. Sample implementations of IPv6 are being developed for many operating systems, including Linux. For more information about IPv6 in Linux, consult the Linux IPv6 FAQ/HOWTO at www.linuxhq.com/IPv6/. The IPv6 128-bit addressing scheme allows for 340,282,366,920,938,463,463,374,607,431,768,211, 456 unique hosts! That should last us for a while!#BREAK# 258 Understanding TCP/IP IP addresses When you have many computers on a network, you need a way to identify each one uniquely. In TCP/IP networking, the address of a computer is the IP address. Because TCP/IP deals with internetworking, the address is based on the concepts of a network address and a host address. You may think of the idea of a network address and a host address as having to provide two addresses to identify a computer uniquely: . Network address indicates the network on which the computer is located. . Host address indicates a specific computer on that network. The network and host addresses together constitute an IP address, and it s a 4-byte (32-bit) value. The convention is to write each byte as a decimal value and to put a dot (.) after each number. Thus, you see network addresses such as 132.250.112.52. This way of writing IP addresses is known as dotteddecimal or dotted-quad notation. In decimal notation, a byte (which has 8 bits) can have a value between 0 and 255. Thus, a valid IP address can use only the numbers between 0 and 255 in the dotted-decimal notation. Internet services and port numbers The TCP/IP protocol suite has become the lingua franca of the Internet because many standard services are available on any system that supports TCP/IP. These services make the Internet tick by facilitating the transfer of mail, news, and Web pages. These services go by well-known names such as the following: . DHCP (Dynamic Host Configuration Protocol) is for dynamically configuring TCP/IP network parameters on a computer. DHCP is primarily used to assign dynamic IP addresses and other networking information (such as name server, default gateway, and domain names) needed to configure TCP/IP networks. The DHCP server listens on port 67. . FTP (File Transfer Protocol) is used to transfer files between computers on the Internet. FTP uses two ports data is transferred on port 20, and control information is exchanged on port 21. . HTTP (HyperText Transfer Protocol) is a protocol for sending documents from one system to another. HTTP is the underlying protocol of the Web. By default, the Web server and client communicate on port 80. . SMTP (Simple Mail Transfer Protocol) is for exchanging e-mail messages between systems. SMTP uses port 25 for information exchange. . NNTP (Network News Transfer Protocol) is for distribution of news articles in a store-and-forward fashion across the Internet. NNTP uses port 119.#BREAK# Book III Chapter 2 Setting Up a Local Area Network Setting Up an Ethernet LAN 259 . SSH (Secure Shell) is a protocol for secure remote login and other secure network services over an insecure network. SSH uses port 22. . TELNET is used when a user on one system logs in to another system on the Internet. (The user must provide a valid user ID and password to log in to the remote system.) TELNET uses port 23 by default, but the TELNET client can connect to any port. . SNMP (Simple Network Management Protocol) is for managing all types of network devices on the Internet. Like FTP, SNMP uses two ports: 161 and 162. . TFTP (Trivial File Transfer Protocol) is for transferring files from one system to another (typically used by X terminals and diskless workstations to download boot files from another host on the network). TFTP data transfer takes place on port 69. . NFS (Network File System) is for sharing files among computers. NFS uses Sun s Remote Procedure Call (RPC) facility, which exchanges information through port 111. A well-known port is associated with each of these services. The TCP protocol uses each such port to locate a service on any system. (A server process a special computer program running on a system provides each service.) Setting Up an Ethernet LAN Ethernet is a standard way to move packets of data between two or more computers connected to a single hub. (You can create larger networks by connecting multiple Ethernet segments with gateways.) To set up an Ethernet local area network (LAN), you need an Ethernet card for each PC. Linux supports a wide variety of Ethernet cards for the PC. Ethernet is a good choice for the physical data-transport mechanism for the following reasons: . Ethernet is a proven technology that has been in use since the early 1980s. . Ethernet provides good data-transfer rates: Typically 10 million bits per second (10 Mbps), although 100-Mbps Ethernet and Gigabit Ethernet (1,000 Mbps) are now available. . Ethernet hardware is often built into the PC or can be installed at a relatively low cost. (PC Ethernet cards cost about $10 $20 U.S.) . With wireless Ethernet, you can easily connect laptop PCs to your Ethernet LAN without having to run wires all over the place. (Go to Chapter 3 of this minibook for more information on wireless Ethernet.)#BREAK# 260 Setting Up an Ethernet LAN How Ethernet works So what makes Ethernet tick? In essence, it s the same thing that makes playground recess work: taking turns. In an Ethernet network, all systems in a segment are connected to the same wire. Because a single wire is used, a protocol is used for sending and receiving data because only one data packet can exist on the cable at any time. An Ethernet LAN uses a data-transmission protocol known as Carrier-Sense Multiple Access/Collision Detection (CSMA/CD) to share the single transmission cable among all the computers. Ethernet cards in the computers follow the CSMA/CD protocol to transmit and receive Ethernet packets. The idea behind the CSMA/CD protocol is similar to the way in which you have a conversation at a party. You listen for a pause (that s sensing the carrier) and talk when no one else is speaking. If you and another person begin talking at the same time, both of you realize the problem (that s collision detection) and pause for a moment; then one of you starts speaking again. As you know from experience, everything works out. In an Ethernet LAN, each Ethernet card checks the cable for signals that s the carrier-sense part. If the signal level is low, the Ethernet card sends its packets on the cable; the packet contains information about the sender and the intended recipient. All Ethernet cards on the LAN listen to the signal, and the recipient receives the packet. If two cards send out a packet simultaneously, the signal level in the cable rises above a threshold, and the cards know a collision has occurred. (Two packets have been sent out at the same time.) Both cards wait for a random amount of time before sending their packets again. Ethernet was invented in the early 1970s at the Xerox Palo Alto Research Center (PARC) by Robert M. Metcalfe. In the 1980s, Ethernet was standardized by the cooperative effort of three companies: Digital Equipment Corporation (DEC), Intel, and Xerox. Using the first initials of the company names, that Ethernet standard became known as the DIX standard. Later, the DIX standard was included in the 802-series standards developed by the Institute of Electrical and Electronics Engineers (IEEE). The final Ethernet specification is formally known as IEEE 802.3 CSMA/CD, but people continue to call it Ethernet. Ethernet sends data in packets (discrete chunks also known as frames). You don t have to hassle much with the innards of Ethernet packets, except to note the 6-byte source and destination addresses. Each Ethernet controller has a unique 6-byte (48-bit) address at the Physical layer; every packet must have one.#BREAK# Book III Chapter 2 Setting Up a Local Area Network Setting Up an Ethernet LAN 261 Ethernet cables Any time you hear experts talking about Ethernet, you re also going to hear some bewildering terms used for the cables that carry the data. Here s a quick rundown. The original Ethernet standard used a thick coaxial cable, nearly half an inch in diameter. This wiring is called thickwire or thick Ethernet although the IEEE 802.3 standard calls it 10Base5. That designation means several things: The data-transmission rate is 10 megabits per second (10 Mbps); the transmission is baseband (which simply means that the cable s signal-carrying capacity is devoted to transmitting Ethernet packets only), and the total length of the cable can be no more than 500 meters. Thickwire was expensive, and the cable was rather unwieldy. Unless you re a technology history buff, you don t have to care one whit about 10Base5 cables. Nowadays, two other forms of Ethernet cabling are more popular. The first alternative to thick Ethernet cable is thinwire, or 10Base2, which uses a thin, flexible coaxial cable. A thinwire Ethernet segment can be, at most, 185 meters long. The other, more recent, alternative is Ethernet over unshielded twisted-pair cable (UTP), known as 10BaseT. The Electronic Industries Association/Telecommunications Industries Association (EIA/TIA) defines the following five categories of shielded and unshielded twisted-pair cables: . Category 1 (Cat 1): Traditional telephone cable. . Category 2 (Cat 2): Cable certified for data transmissions up to 4 Mbps. . Category 3 (Cat 3): Cable that can carry signals up to a frequency of 16 MHz. Cat 3 is the most common type of wiring in old corporate networks and it normally contains four pairs of wire. . Category 4 (Cat 4): Cable that can carry signals up to a frequency of 20 MHz. Cat 4 wires are not that common. . Category 5 (Cat 5): Cable that can carry signals up to a frequency of 100 MHz. Cat 5 cables normally have four pairs of copper wire. Cat 5 UTP is the most popular cable used in new installations today. To set up a 10BaseT Ethernet network, you need an Ethernet hub a hardware box with RJ-45 jacks. (These look like big telephone jacks.) You build the network by running twisted-pair wires (usually, Category 5, or Cat5, cables) from each PC s Ethernet card to this hub. You can get a 4-port 10BaseT hub for about $20 U.S. Figure 2-2 shows a typical small 10BaseT Ethernet LAN that you may set up at a small office or your home. When you install any of the Linux distributions from this book s companion DVD-ROM on a PC connected with an Ethernet card, the Linux kernel automatically detects the Ethernet card and installs the appropriate drivers. The installer also lets you set up TCP/IP networking.#BREAK# 262 Configuring TCP/IP Networking The Linux kernel loads the driver for the Ethernet card every time it boots. To verify that the Ethernet driver is loaded, type the following command in a terminal window: dmesg | grep eth0 On one of my PCs, I get the following output when I type that command: eth0: RealTek RTL8139 at 0xd016c000, 00:0c:76:f4:38:b3, IRQ 11 eth0: Identified 8139 chip type RTL-8101 eth0: link up, 100Mbps, full-duplex, lpa 0×45E1 eth0: no IPv6 routers present You should see something similar, showing the name of your Ethernet card and other related information. Configuring TCP/IP Networking When you set up TCP/IP networking during Linux installation, the installation program prepares all appropriate configuration files using the information you provide. This means that you typically never have to manually configure the network. However, most Linux distributions come with GUI tools to configure the network devices, just in case something needs changing. Ethernet hub PCs with Ethernet card Category 5 cables Figure 2-2: You can use an Ethernet hub to set up a 10BaseT Ethernet LAN.#BREAK# Book III Chapter 2 Setting Up a Local Area Network Configuring TCP/IP Networking 263 In Debian, the network interfaces are configured in the text file /etc/network/ interfaces. For example, here is a typical /etc/network/interfaces file with a network card configured using DHCP: # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet dhcp Then you can activate the network interfaces by logging in as root and typing ifup eth0. To deactivate the Ethernet connection, type ifdown eth0. A bit cryptic, but not that hard. Fedora Core comes with the graphical network configuration tool that you can use to add a new network interface or alter information such as name servers and host names. To start the GUI network configuration tool, choose Main Menu.System Settings.Network. If you are not logged in as root, you re prompted for the root password. The network configuration tool displays a tabbed dialog box, as shown in Figure 2-3. You can then configure your network through the four tabs that appear along the top of the dialog box. After configuring the network card, you can select the device and click the Activate button to turn the Ethernet on. In most cases, you can set the network card so that it can automatically obtain an IP address (which is the case when the Ethernet card is connected to DSL or cable modem) by using the DHCP. If your network does not have a DHCP server (which is typically built into routers), you have to specify an IP Figure 2-3: In Fedora Core, configure the Ethernet network with this network configuration tool.#BREAK# 264 Connecting Your LAN to the Internet address for the network card. If you are running a private network, you may use IP addresses in the 192.168.0.0 to 192.168.255.255 range. (Other ranges of addresses are reserved for private networks, but this range suffices for most needs.) In SUSE, choose Main Menu.System.YaST to open the YaST Control Center. Then select Network Devices on the left-hand side of the window and Network card on the right-hand side. YaST then brings up a window (as shown in Figure 2-4) with information about the already configured network card and any new network cards that it detects. You can then configure any new network card. In Xandros, choose Main Menu.Applications.Internet.Connection Wizard. In the Connection Wizard dialog box that appears, select LAN or Cable Modem (Ethernet) and then continue with the Ethernet configuration. Of course, you need to do this only if your network is not yet configured. Connecting Your LAN to the Internet If you have a LAN with several PCs, you can connect the entire LAN to the Internet by using DSL or cable modem. Basically, you can share the highspeed DSL or cable modem connection with all the PCs in the LAN. Figure 2-4: In SUSE, configure the Ethernet network with YaST.#BREAK# Book III Chapter 2 Setting Up a Local Area Network Connecting Your LAN to the Internet 265 In Chapter 1 of this minibook, I explain how to set up a DSL or cable modem. In this section, I briefly explain how to connect a LAN to the Internet so that all the PCs can access the Internet. The most convenient way to connect a LAN to the Internet via DSL or cable modem is to buy a hardware device called DSL/Cable Modem NAT Router with a 4- or 8-port Ethernet hub. NAT stands for Network Address Translation, and the NAT router can translate many private IP addresses into a single externally known IP address. The Ethernet hub part appears to you as a number of RJ-45 Ethernet ports where you can connect the PCs to set up a LAN. In other words, you need only one extra box besides the DSL or cable modem. Figure 2-5 shows how you might connect your LAN to the Internet through a NAT router with a built-in Ethernet hub. Of course, you need a DSL or cable modem hookup for this scenario to work (and you have to sign up with the phone company for DSL service or with the cable provider for cable Internet service). To Internet Cable or DSL modem NAT router and Ethernet hub PCs in a local area network (LAN). Each PC must have a 10 BASE-T Ethernet card. Ethernet cable (10 BASE-T) Ethernet cables (10 BASE-T) Figure 2-5: Connect your LAN to the Internet through a NAT router with a builtin Ethernet hub.#BREAK# 266 Connecting Your LAN to the Internet When you connect a LAN to the Internet, the NAT router acts as a gateway for your LAN. The NAT router also dynamically provides IP addresses to the PCs in your LAN. Therefore, on each PC, you have to set up the networking options to obtain the IP address dynamically. Your LAN can mix and match all kinds of computers: Some may be running Linux, and some may be running Microsoft Windows or any other operating system that supports TCP/IP. When configuring the network settings, remember to select the option that enables Linux to automatically obtain IP address settings and DNS information with DHCP.#BREAK# Chapter 3: Adding a Wireless Ethernet LAN In This Chapter Understanding wireless Ethernet networks Setting up the wireless hardware Configuring the wireless network If you have laptop computers on your LAN or if you don t want to run a rat s nest of wires to connect a PC to the LAN you have the option of using a wireless Ethernet network. In a typical scenario, you have a cable modem or DSL connection to the Internet, and you want to connect one or more laptops with wireless network cards to access the Internet through the cable or DSL modem. This chapter shows you how to set up wireless networking for connecting to an Ethernet LAN and accessing the Internet. Understanding Wireless Ethernet Networks You ve probably heard about Wi-Fi. Wi-Fi stands for Wireless Fidelity network a short-range wireless network similar to the wired Ethernet networks. A number of standards from an organization known as IEEE (the Institute of Electrical and Electronics Engineers) defines the technical details of how Wi-Fi networks work. Manufacturers use these standards to build the components that you can buy to set up a wireless network, also known as WLAN for short. Until mid-2003, two popular IEEE standards 802.11a and 802.11b were for wireless Ethernet networks. These two standards were finalized in 1999. A third standard 802.11g was finalized by the IEEE in the summer of 2003. All these standards specify how the wireless Ethernet network works at the Physical layer. You don t have to fret all the details of all those standards to set up a wireless network, but knowing some pertinent details is good so that you can buy the right kind of equipment for your wireless network. The three wireless Ethernet standards have the following key characteristics: . 802.11b: Operates in the 2.4 GHz radio band (2.4 GHz to 2.4835 GHz) in up to three non-overlapping frequency bands or channels. Supports a maximum bit rate of 11 Mbps per channel. One disadvantage of 802.11b is that the 2.4 GHz frequency band is crowded many devices (such as#BREAK# 268 Understanding Wireless Ethernet Networks microwave ovens, cordless phones, medical and scientific equipment, as well as Bluetooth devices), all work within the 2.4 GHz frequency band. Nevertheless, 802.11b is very popular in corporate and home networks. . 802.11a: Operates in the 5 GHz radio band (5.725 GHz to 5.850 GHz) in up to eight non-overlapping channels. Supports a maximum bit rate of 54 Mbps per channel. The 5 GHz band is not as crowded as the 2.4 GHz band, but the 5 GHz band is not approved for use in Europe. Products conforming to 802.11a standard are available on the market, and wireless access points are designed to handle both 802.11a and 802.11b connections. . 802.11g: Supports up to 54 Mbps data rate in the 2.4 GHz band. (The same band that 802.11b uses.) 802.11g achieves the higher bit rate by using a technology called OFDM (orthogonal frequency-division multiplexing), which is also used by 802.11a. Although 802.11g was only recently finalized, equipment that complies with it is already on the market. That s because 802.11.g has generated excitement by working in the same band as 802.11b but promising much higher data rates and by being backward-compatible with 802.11b devices. Vendors currently offer access points that can support both the 802.11b and 802.11g connection standards. If you are buying a new wireless access point, get an 802.11g one. An 802.11g access point can also communicate with older (and slower) 802.11b devices. The maximum data throughput that a user actually sees is much less because all users of that radio channel share the capacity of the channel. Also, the data transfer rate decreases as the distance between the user s PC and the wireless access point increases. To find out more about wireless Ethernet, visit www.wi-fi.org, the home page of the Wi-Fi Alliance, which is the nonprofit international association formed in 1999 to certify interoperability of wireless LAN products based on IEEE 802.11 standards. Understanding infrastructure and ad hoc modes The 802.11 standard defines two modes of operation for wireless Ethernet networks: infrastructure and ad hoc. Ad hoc mode is simply two or more wireless Ethernet cards communicating with each other without an access point. Infrastructure mode refers to the approach in which all the wireless Ethernet cards communicate with each other and with the wired LAN through an access point. For the discussions in this chapter, I assume that you set your wireless Ethernet card to infrastructure mode. In the configuration files, this mode is referred to as Managed mode.#BREAK# Book III Chapter 3 Adding a Wireless Ethernet LAN Setting Up the Wireless Hardware 269 Understanding Wired Equivalent Privacy (WEP) The 802.11 standard includes Wired Equivalent Privacy (WEP) for protecting wireless communications from eavesdropping. WEP relies on a 40-bit or 104- bit secret key that is shared between a mobile station (such as a laptop with a wireless Ethernet card) and an access point (also called a base station). The secret key is used to encrypt data packets before they transmit and an integrity check performs to ensure that packets are not modified in transit. The 802.11 standard does not explain how the shared key is established. In practice, most wireless LANs use a single key that is shared between all mobile stations and access points. Such an approach, however, does not scale up very well to an environment such as a college campus because the keys are shared with all users and you know how it is if you share a secret with hundreds of people. That s why WEP is typically not used on large wireless networks such as the ones at universities. In such wireless networks, you have to use other security approaches such as SSH (Secure Shell) to log in to remote systems. WEP, however, is good to use on your home wireless network. WEP has its weaknesses, but it s better than nothing. You can use it in smaller wireless LANs where sharing the same key among all wireless stations is not an onerous task. Work is underway to provide better security than WEP for wireless networks. The soon-to-be-finalized 802.11i standard uses public key encryption with digital certificates along with an authentication, authorization, and accounting done on a RADIUS (Remote Authentication Dial-In User Service) server to provide better security for wireless Ethernet networks. While the 802.11i standard is in progress, the Wi-Fi Alliance a multivendor consortium that supports Wi-Fi has developed an interim specification called Wi-Fi Protected Access (WPA) that s a precursor to 802.11i. WPA replaces the existing WEP standard and improves security by making some changes. For example, unlike WEP (which uses fixed keys), the WPA standard uses Temporal Key-Integrity Protocol (TKIP), which generates new keys for every 10K of data transmitted over the network. TKIP makes WPA more difficult to break. You may want to consider wireless products that support WPA while waiting for products that implement 802.11i. Setting Up the Wireless Hardware To set up the wireless connection, you need a wireless access point and a wireless network card in each PC. You can also set up an ad hoc wireless network among two or more PCs with wireless network cards, but that is a standalone wireless LAN among those PCs only. In this section, I focus on the scenario in which you want to set up a wireless connection to an established LAN that has a wired Internet connection through a cable modem or DSL.#BREAK# 270 Setting Up the Wireless Hardware Is the WEP stream cipher good enough? WEP uses the RC4 encryption algorithm, which is known as a stream cipher. Such an algorithm works by taking a short secret key and generating an infinite stream of pseudorandom bits. Before sending the data, the sending station performs an exclusive-OR operation between the pseudorandom bits and the bits representing the data packet, which results in a 1 when two bits are different and 0 if they are the same. The receiver has a copy of the same secret key, and generates an identical stream of pseudorandom bits and performs an identical exclusive-OR operation between this pseudorandom stream and the received bits. Doing so regenerates the original, unencrypted data packet. Such a method of stream cipher has a few problems. If a bit is flipped (from a 0 to 1 or vice versa) in the encrypted data stream, the corresponding bit is flipped in the decrypted output, which can help an attacker derive the encryption key. Also, an eavesdropper who intercepts two encoded messages that were encoded with the same stream can generate the exclusive- OR of the original messages. That knowledge is enough to mount attacks that can eventually break the encryption. To counter these weaknesses, WEP uses some defenses: Integrity Check (IC) field: To make sure that data packets are not modified in transit, WEP uses an Integrity Check field in each packet. Initialization vector (IV): To avoid encrypting two messages with the same key stream, WEP uses a 24-bit initialization vector (IV) that augments the shared secret key to produce a different RC4 key for each packet. The IV itself is also included in the packet. Experts say that both these defenses are poorly implemented, making WEP ineffective. IC and IV have two main problems: The Integrity Check field is implemented by using a checksum algorithm called 32-bit cyclic redundancy code (CRC-32); that checksum is then included as part of the data packet. Unfortunately, an attacker can flip arbitrary bits in an encrypted message and correctly adjust the checksum so that the resulting message appears valid. The 24-bit IV is sent in the clear (unencrypted). There are only 224 possible initialization vectors (no big challenge for a fast machine), and they have to be reused after running through all of them. In other words, after sending 224, or 16,777,216 packets, the IV is repeated. The number may sound like a lot, but consider the case of a busy access point that sends 1,500-byte packets at a rate of 11 Mbps. Each packet has 8 1,500 = 12,000 bits. That means each second the access point sends 11,000,000/12,000 = 916 packets. At that rate, the access point sends 16,777,216 packets in 16,777,216/916 = 18,315 seconds or 5 hours. That means the IV is reused after 5 hours, and the time may be less than that because many messages are smaller than 1,500 bytes. Thus an attacker has ample opportunities to collect two encrypted messages encrypted with the same key stream and perform statistical attacks (which amount to trying the possible combinations really fast) to decrypt the message.#BREAK# Book III Chapter 3 Adding a Wireless Ethernet LAN Setting Up the Wireless Hardware 271 In addition to the wireless access point, you also need a cable modem or DSL connection to the Internet, along with a NAT router/hub, as described in the previous chapters of this minibook. Figure 3-1 shows a typical setup for wireless Internet access through an existing cable modem or DSL connection. As Figure 3-1 shows, the LAN has both wired and wireless PCs. In this example, either a cable or DSL modem connects the LAN to the Internet through a NAT router/hub. Laptops with wireless network cards connect to the LAN through a wireless access point attached to one of the RJ-45 ports on the hub. To connect desktop PCs to this wireless network, you can use a USB wireless network card (which connects to a USB port). If you have not yet purchased a NAT router/hub for your cable or DSL connection, consider buying a router/hub that has a built-in wireless access point. To Internet Cable or DSL modem NAT router and Ethernet hub PCs in a local area network (LAN). Each PC must have a 10 BASE-T Ethernet card. Ethernet cable (10 BASE-T) Ethernet cables (10 BASE-T) Wireless Access Point Laptop PC with wireless Ethernet card Figure 3-1: Typical connection of a mixed wired and wireless Ethernet LAN to the Internet.#BREAK# 272 Configuring Wireless Networking Configuring the wireless access point Configuring the wireless access point involves the following tasks: . Setting a name for the wireless network. (The technical term is ESSID.) . Setting the frequency or channel on which the wireless access point communicates with the wireless network cards. The access point and the cards must use the same channel. . Deciding whether to use encryption. . If encryption is to be used, setting the number of bits in the encryption key and the value of the encryption key. For the encryption key, 24 bits are internal to the access point; you specify only the remaining bits. Thus, for 64-bit encryption, you have to specify a 40-bit key, which comes to 10 hexadecimal digits. (A hexadecimal digit is an integer from 0 9 or a letter from A F.) For a 128-bit encryption key, you specify 104 bits, or 26 hexadecimal digits. . Setting the access method that wireless network cards must use when connecting to the access point. You can opt for either open access or shared key. The open-access method is typical (even when using encryption). . Setting the wireless access point to operate in infrastructure (managed) mode (because that s the way you connect wireless network cards to an existing Ethernet LAN). The exact method of configuring a wireless access point depends on make and model; the vendor provides instructions to configure the wireless access point. You typically work through a graphical client application on a Windows PC to do the configuration. If you enable encryption, make note of the encryption key; you have to specify that same key for each wireless network card on your laptops or desktops. Configuring Wireless Networking On your Linux laptop, the PCMCIA or PC Card manager recognizes the wireless network card and loads the appropriate driver for the card. Linux treats the wireless network card like another Ethernet device and assigns it a device name such as eth0 or eth1. If you already have an Ethernet card in the laptop, that card gets the eth0 device name, and the wireless PC Card becomes the eth1 device. You do have to configure certain parameters to enable the wireless network card to communicate with the wireless access point. For example, you have to specify the wireless network name assigned to the access point and the encryption settings must match those on the access point. You can usually#BREAK# Book III Chapter 3 Adding a Wireless Ethernet LAN Configuring Wireless Networking 273 configure everything using a graphical network configuration tool that s available for your Linux distribution just select the Wireless Network option and fill in the requested information. For example, in Fedora Core, choose Main Menu.System Settings.Network from the GUI desktop. Then add a wireless device. You can then select the wireless device and get to a window where you can configure the wireless connection. (See Figure 3-2.) In particular, set the Mode to Managed, specify the name of the wireless network (the one you want to connect to), and set the encryption key, if any. You can set the option for getting the IP address to DHCP (a protocol for obtaining network configuration parameters, including IP addresses from a server on the network). When everything is done and you return to the Network Configuration tool s main window, select the new wireless device and click the Activate button. If all goes well, the wireless network should be up and running after a few moments. In Fedora Core, the Network Configuration tool saves your wireless network settings in a text file whose name depends on the wireless network device name. If the wireless network device name is eth0, the configuration is stored in the text file /etc/sysconfig/network-scripts/ifcfg-eth0. If the wireless device name is eth1, the file is /etc/sysconfig/network-scripts/ ifcfg-eth1. This configuration file contains various settings for the wireless network card. Table 3-1 explains the meaning of the settings. Here is a slightly edited version of the /etc/sysconfig/network-scripts/ifcfg-eth1 file from my laptop PC running Fedora Core: IPV6INIT=no USERCTL=no PEERDNS=yes TYPE=Wireless Figure 3-2: In Fedora Core, configure the wireless connection from this window.#BREAK# 274 Configuring Wireless Networking DEVICE=eth1 HWADDR=00:02:2d:8c:f9:c4 BOOTPROTO=dhcp ONBOOT=no DHCP_HOSTNAME= NAME= ESSID= HOME CHANNEL=6 MODE=Managed RATE=auto In Fedora Core, the encryption key is stored separately. For a wireless Ethernet card whose device name is eth1, the encryption key is stored in the /etc/sysconfig/network-scripts/keys-eth1 file. For example, here is what this file contains for my example: KEY=AECFA00F03 Note that the key has 10 hexadecimal digits for a 40-bit key (for example, 1fdf-3fde-fe) or 26 hexadecimal digits for a 104-bit key. The keys are, in fact, 64-bit and 128-bit, but the encryption algorithm automatically generates 24 bits of the key, so you need to specify only the remaining bits. Needless to say, the longer the key, the more secure the encryption. If you ever manually edit the parameters in the wireless Ethernet configuration file in Fedora Core, type the following command to reactivate the wireless network interface after editing the configuration file: /etc/init.d/pcmcia restart Table 3-1 Settings in Configuration File for a Wireless Ethernet Network Interface in Fedora Core This Parameter Means the Following BOOTPROTO The name of the protocol used to get the IP address for the interface. It s either dhcp or bootp for an Ethernet interface. CHANNEL Channel number (between 1 and 14 in United States and Canada). Must be the same as that set for the wireless access point. In Managed mode, you don t need to specify the channel. DEVICE The device name for the wireless Ethernet network interface (eth0 for the first interface, eth1 for second, and so on). ESSID Extended Service Set (ESS) Identifier, also known as the wireless network name. It is case sensitive and must be the same as the name specified for the wireless access point. Provide the name within single quotes (for example, HOME ).#BREAK# Book III Chapter 3 Adding a Wireless Ethernet LAN Configuring Wireless Networking 275 This Parameter Means the Following HWADDR The hardware address (also called the MAC address) of the wireless network card (six pairs of colon-separated hexadecimal numbers; for example, 00:02:2d:8c:f9:c4). The wireless card s device driver automatically detects this address. IPV6INIT When set to yes, this parameter initializes IPv6 configuration for the wireless interface. Set it to no if you are not using IPv6. MODE The mode of operation of the wireless network card. Set to Managed for a typical network that connects through a wireless access point. NAME A nickname for your wireless network. If you don t specify it, the host name is used as the nickname. ONBOOT Set to yes to activate the wireless interface at boot time; otherwise, set to no. PEERDNS Set to yes to enable the interface to modify your system s /etc/resolv.conf file to use the DNS servers obtained from the DHCP server (the same server that provides the IP address for the interface). If you set this parameter to no, the /etc/resolv.conf file is left unchanged. RATE Bit rate for the wireless connection (set to one of the following options: 1M, 2M, 5.5M, 11M, or auto). The M means Mbps or a million bits per second. Set to auto to use the maximum possible transmission rate. TYPE Set to Wireless for wireless network interface. USERCTL When set to yes, a non-root user can control the device. Set it to no so that only root can control the device. In SUSE Linux, use YaST to configure the wireless network. SUSE stores the wireless configuration parameters in a file whose name begins with ifcfg-eth, followed by the unique hardware address of the wireless Ethernet card. The configuration file is stored in the /etc/sysconfig/network directory. Here is a typical list of wireless configuration parameters from a configuration file in SUSE Linux: WIRELESS= yes WIRELESS_MODE= Managed WIRELESS_ESSID= HOME WIRELESS_NICK= WIRELESS_CHANNEL= 6 WIRELESS_RATE= auto WIRELESS_KEY= 0123-4567-89 To check the status of the wireless network interface, type the following command: iwconfig#BREAK# 276 Configuring Wireless Networking Here s a typical output from a Fedora Core laptop with a wireless Ethernet PC card (the output should be similar in other Linux distributions): lo no wireless extensions. eth0 no wireless extensions. eth1 IEEE 802.11-DS ESSID: HOME Nickname: localhost.localdomain Mode:Managed Frequency:2.437GHz Access Point: 00:30:AB:06:2E:5D Bit Rate=11Mb/s Tx-Power=15 dBm Sensitivity:1/0 Retry limit:4 RTS thr:off Fragment thr:off Encryption key:AECF-A00F-03 Power Management:off Link Quality:66/0 Signal level:-27 dBm Noise level:-93 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0 Here, the eth1 interface refers to the wireless network card. I edited the encryption key and some other parameters to hide those details, but the sample output shows you what you d typically see when the wireless link is working.#BREAK# Chapter 4: Managing the Network In This Chapter Learning the TCP/IP configuration files Checking TCP/IP networks Configuring networks at boot time Like almost everything else in Linux, TCP/IP setup is a matter of preparing numerous configuration files (text files you can edit with any text editor). Most of these configuration files are in the /etc directory. The Linux installer tries to be helpful by hiding the details of the TCP/IP configuration files. Nevertheless, if you know the names of the files and their purposes, editing the files manually, if necessary, is easier. Discovering the TCP/IP Configuration Files You can configure TCP/IP networking when you install Linux. However, if you want to effectively manage the network, you need to become familiar with the TCP/IP configuration files so that you can edit the files, if necessary. (For example, if you want to check whether the name servers are specified correctly, you have to know about the /etc/resolv.conf file, which stores the IP addresses of name servers.) Table 4-1 summarizes the basic TCP/IP configuration files. I describe these configuration files in the next few sections. Table 4-1 Basic TCP/IP Network Configuration Files This File Contains the Following /etc/hosts IP addresses and host names for your local network as well as any other systems that you access often /etc/networks Names and IP addresses of networks /etc/host.conf Instructions on how to translate host names into IP addresses /etc/resolv.conf IP addresses of name servers /etc/hosts.allow Instructions on which systems can access Internet services on your system /etc/hosts.deny Instructions on which systems must be denied access to Internet services on your system /etc/nsswitch.conf Instructions on how to translate host names into IP addresses#BREAK# 278 Discovering the TCP/IP Configuration Files /etc/hosts The /etc/hosts text file contains a list of IP addresses and host names for your local network. In the absence of a name server, any network program on your system consults this file to determine the IP address that corresponds to a host name. Think of /etc/hosts as the local phone directory where you can look up the IP address (instead of a phone number) for a local host. Here is the /etc/hosts file from a system, showing the IP addresses and names of other hosts on a typical LAN: 127.0.0.1 localhost localhost.localdomain # Other hosts on the LAN 192.168.0.100 lnbp933 192.168.0.50 lnbp600 192.168.0.200 lnbp200 192.168.0.233 lnbp233 192.168.0.40 lnbp400 As the example shows, each line in the file starts with an IP address, followed by the host name for that IP address. (You can have more than one host name for any given IP address.) /etc/networks /etc/networks is another text file that contains the names and IP addresses of networks. These network names are commonly used in the routing command (/sbin/route) to specify a network by name instead of by its IP address. Don t be alarmed if your Linux PC does not have the /etc/networks file. Your TCP/IP network works fine without this file. In fact, the Linux installer does not create a /etc/networks file. /etc/host.conf Linux uses a special library (that is, a collection of computer code) called the resolver library to obtain the IP address that corresponds to a host name. The /etc/host.conf file specifies how names are resolved (that is, how the name gets converted to a numeric IP address). A typical /etc/host.conf file might contain the following lines: order hosts, bind multi on The entries in the /etc/host.conf file tell the resolver library what services to use (and in which order) to resolve names.#BREAK# Book III Chapter 4 Managing the Network Discovering the TCP/IP Configuration Files 279 The order option indicates the order of services. The sample entry tells the resolver library to first consult the /etc/hosts file and then check the name server to resolve a name. Use the multi option to indicate whether or not a host in the /etc/hosts file can have multiple IP addresses. Hosts that have more than one IP address are called multihomed because the presence of multiple IP addresses implies that the host has several network interfaces. (In effect, the host lives in several networks simultaneously.) /etc/resolv.conf The /etc/resolv.conf file is another text file used by the resolver the library that determines the IP address for a host name. Here is a sample /etc/ resolv.conf file: nameserver 192.168.0.1 # dhcp: eth0 search nrockv01.md.comcast.net The nameserver line provides the IP addresses of name servers for your domain. If you have multiple name servers, list them on separate lines. They are queried in the order in which they appear in the file. The search line tells the resolver how to search for a host name. For example, when trying to locate a host name myhost, the search directive in the example causes the resolver to try myhost.nrockv01.md.comcast.net first, then myhost.md.comcast.net, and finally myhost.comcast.net. If you do not have a name server for your network, you can safely ignore this file. TCP/IP still works, even though you may not be able to refer to hosts by name (other than those listed in the /etc/hosts file). /etc/hosts.allow The /etc/hosts.allow file specifies which hosts are allowed to use the Internet services (such as TELNET and FTP) running on your system. This file is consulted before certain Internet services start. The services start only if the entries in the hosts.allow file imply that the requesting host is allowed to use the services. The entries in /etc/hosts.allow are in the form of a servername:IP address format, where server refers to the name of the program providing a specific Internet service, and IP address identifies the host allowed to use that service. For example, if you want all hosts in your local network (which has the network address 192.168.0.0) to access the TELNET service (provided by the in.telnetd program), add the following line in the /etc/ hosts.allow file:#BREAK# 280 Discovering the TCP/IP Configuration Files in.telnetd:192.168.0. If you want to let all local hosts have access to all Internet services, you can use the ALL keyword and rewrite the line as follows: ALL:192.168.0. Finally, to open all Internet services to all hosts, you can replace the IP address with ALL, as follows: ALL:ALL You can also use host names in place of IP addresses. To find out the detailed syntax of the entries in the /etc/hosts.allow file, type man hosts.allow at the shell prompt in a terminal window. /etc/hosts.deny This file is just the opposite of /etc/hosts.allow whereas hosts.allow specifies which hosts may access Internet services (such as TELNET and TFTP) on your system, the hosts.deny file identifies the hosts that must be denied services. The /etc/hosts.deny file is consulted if no rules are in the /etc/hosts.allow file that apply to the requesting host. Service is denied if the hosts.deny file has a rule that applies to the host. The entries in /etc/hosts.deny file have the same format as those in the /etc/hosts.allow file; they are in the form of a server:IP address format, where server refers to the name of the program providing a specific Internet service and IP address identifies the host that must not be allowed to use that service. If you already set up entries in the /etc/hosts.allow file to allow access to specific hosts, you can place the following line in /etc/hosts.deny to deny all other hosts access to any service on your system: ALL:ALL To find out the detailed syntax of the entries in the /etc/hosts.deny file, type man hosts.deny at the shell prompt in a terminal window. /etc/nsswitch.conf This file, known as the name service switch (NSS) file, specifies how services such as the resolver library, NIS, NIS+, and local configuration files (such as /etc/hosts and /etc/shadow) interact.#BREAK# Book III Chapter 4 Managing the Network Checking Out TCP/IP Networks 281 NIS and NIS+ are network information services another type of namelookup service. Newer versions of the Linux kernel use the /etc/nsswitch. conf file to determine what takes precedence: a local configuration file, a service such as DNS (Domain Name Service), or NIS. As an example, the following hosts entry in the /etc/nsswitch.conf file says that the resolver library first tries the /etc/hosts file, and then tries NIS+, and finally tries DNS: hosts: files nisplus dns You can find out more about the /etc/nsswitch.conf file by typing man nsswitch.conf in a terminal window. Checking Out TCP/IP Networks After you configure Ethernet and TCP/IP (whether during Linux installation or by running a network configuration tool or command later on), you can use various networking applications without much problem. On the off chance that you do run into trouble, Linux includes several tools to help you monitor and diagnose problems. Checking the network interfaces Use the /sbin/ifconfig command to view the currently configured network interfaces. The ifconfig command is used to configure a network interface (that is, to associate an IP address with a network device). If you run ifconfig without any command-line arguments, the command displays information about current network interfaces. The following is a typical invocation of ifconfig and the resulting output: /sbin/ifconfig eth0 Link encap:Ethernet HWaddr 00:08:74:E5:C1:60 inet addr:192.168.0.6 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::208:74ff:fee5:c160/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:93700 errors:0 dropped:0 overruns:1 frame:0 TX packets:74097 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:33574333 (32.0 Mb) TX bytes:8832457 (8.4 Mb) Interrupt:10 Base address:0×3000 eth1 Link encap:Ethernet HWaddr 00:02:2D:8C:F8:C5 inet addr:192.168.0.8 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::202:2dff:fe8c:f8c5/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3403 errors:0 dropped:0 overruns:0 frame:0 TX packets:22 errors:1 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:254990 (249.0 Kb) TX bytes:3120 (3.0 Kb) Interrupt:3 Base address:0×100#BREAK# 282 Checking Out TCP/IP Networks lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:3255 errors:0 dropped:0 overruns:0 frame:0 TX packets:3255 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2686647 (2.5 Mb) TX bytes:2686647 (2.5 Mb) This output shows that three network interfaces the loopback interface (lo) and two Ethernet cards (eth0 and eth1) are currently active on this system. For each interface, you can see the IP address, as well as statistics on packets delivered and sent. If the Linux system has a dialup PPP link up and running, you also see an item for the ppp0 interface in the output. Checking the IP routing table The other network configuration command, /sbin/route, also provides status information when it is run without any command-line argument. If you re having trouble checking a connection to another host (that you specify with an IP address), check the IP routing table to see whether a default gateway is specified. Then check the gateway s routing table to ensure that paths to an outside network appear in that routing table. A typical output from the /sbin/route command looks like the following: /sbin/route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0 192.168.0.0 * 255.255.255.0 U 0 0 0 eth1 169.254.0.0 * 255.255.0.0 U 0 0 0 eth1 127.0.0.0 * 255.0.0.0 U 0 0 0 lo default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 As this routing table shows, the local network uses the eth0 and eth1 Ethernet interfaces, and the default gateway is the eth0 Ethernet interface. The default gateway is a routing device that handles packets addressed to any network other than the one in which the Linux system resides. In this example, packets addressed to any network address other than those beginning with 192.168.0 are sent to the gateway 192.168.0.1. The gateway forwards those packets to other networks (assuming, of course, that the gateway is connected to another network, preferably the Internet). Checking connectivity to a host To check for a network connection to a specific host, use the ping command. ping is a widely used TCP/IP tool that uses a series of Internet Control Message Protocol (ICMP, pronounced eye-comp) messages. ICMP provides for an Echo message to which every host responds. Using the ICMP messages and replies, ping can determine whether or not the other system is alive and can compute the round-trip delay in communicating with that system.#BREAK# Book III Chapter 4 Managing the Network Checking Out TCP/IP Networks 283 The following example shows how I run ping to see whether a system on my network is alive: ping 192.168.0.1 Here is what this command displays on my home network: PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data. 64 bytes from 192.168.0.1: icmp_seq=1 ttl=63 time=0.256 ms 64 bytes from 192.168.0.1: icmp_seq=2 ttl=63 time=0.267 ms 64 bytes from 192.168.0.1: icmp_seq=3 ttl=63 time=0.272 ms 64 bytes from 192.168.0.1: icmp_seq=4 ttl=63 time=0.267 ms 64 bytes from 192.168.0.1: icmp_seq=5 ttl=63 time=0.275 ms — 192.168.0.1 ping statistics — 5 packets transmitted, 5 received, 0% packet loss, time 3999ms rtt min/avg/max/mdev = 0.256/0.267/0.275/0.016 ms In Linux, ping continues to run until you press Ctrl+C to stop it; then it displays summary statistics showing the typical time it takes to send a packet between the two systems. On some systems, ping simply reports that a remote host is alive. However, you can still get the timing information by using appropriate command-line arguments. Checking network status To check the status of the network, use the netstat command. This command displays the status of network connections of various types (such as TCP and UDP connections). You can view the status of the interfaces quickly with netstat -i, as follows: netstat -i Kernel Interface table Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg eth0 1500 0 94237 0 0 1 74889 0 0 0 BMRU eth1 1500 0 3942 0 0 0 24 1 0 0 BMRU lo 16436 0 3255 0 0 0 3255 0 0 0 LRU In this case, the output shows the current status of the loopback and Ethernet interfaces. Table 4-2 describes the meanings of the columns. Table 4-2 Meaning of Columns in the Kernel Interface Table Column Meaning Iface Name of the interface. MTU Maximum Transfer Unit the maximum number of bytes that a packet can contain. RX-OK, TX-OK Number of error-free packets received (RX) or transmitted (TX). RX-ERR, TX-ERR Number of packets with errors. (continued)#BREAK# 284 Checking Out TCP/IP Networks Table 4-2 (continued) Column Meaning RX-DRP, TX-DRP Number of dropped packets. RX-OVR, TX-OVR Number of packets lost due to overflow. Flg A = receive multicast; B = broadcast allowed; D = debugging turned on; L = loopback interface (notice the flag on lo), M = all packets received, N = trailers avoided; O = no ARP on this interface; P = point-to-point interface; R = interface is running; and U = interface is up. Another useful form of netstat option is -t, which shows all active TCP connections. Following is a typical result of typing netstat -t on one Linux PC: Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 localhost:2654 localhost:1024 ESTABLISHED tcp 0 0 localhost:1024 localhost:2654 ESTABLISHED tcp 0 0 LNBNECXAN.nrockv01.:ssh 192.168.0.6:1577 ESTABLISHED In this case, the output columns show the protocol (Proto); the number of bytes in the Receive and Transmit queues (Recv-Q, Send-Q); the local TCP port in hostname:service format (Local Address); the remote port (Foreign Address); and the state of the connection. Type netstat -ta to see all TCP connections both active and the ones your Linux system is listening to (with no connection established yet). For example, here s a typical output from the netstat -ta command: Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 LNBNECXAN.nrockv01.:427 *:* LISTEN tcp 0 0 localhost:427 *:* LISTEN tcp 0 0 *:netbios-ssn *:* LISTEN tcp 0 0 *:sunrpc *:* LISTEN tcp 0 0 *:ftp *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:ipp *:* LISTEN tcp 0 0 *:microsoft-ds *:* LISTEN tcp 0 0 *:2654 *:* LISTEN tcp 0 0 *:639 *:* LISTEN tcp 0 0 localhost:2654 localhost:1024 ESTABLISHED tcp 0 0 localhost:1024 localhost:2654 ESTABLISHED tcp 0 1 LNBNECXAN.nrockv01:1037 192.168.0.6:auth SYN_SENT tcp 0 0 LNBNECXAN.nrockv01.:ftp 192.168.0.6:1593 ESTABLISHED tcp 0 132 LNBNECXAN.nrockv01.:ssh 192.168.0.6:1577 ESTABLISHED#BREAK# Book III Chapter 4 Managing the Network Checking Out TCP/IP Networks 285 Sniffing network packets Sniffing network packets sounds like something illegal, doesn t it? Nothing like that. Sniffing simply refers to viewing the TCP/IP network data packets. The concept is to capture all the network packets so that you can examine them later. If you feel like sniffing TCP/IP packets, you can use tcpdump, a command-line utility that comes with Linux. As its name implies, it dumps (prints) the headers of TCP/IP network packets. To use tcpdump, log in as root and type the tcpdump command in a terminal window. Typically, you want to save the output in a file and examine that file later. Otherwise, tcpdump starts spewing out results that just flash by on the window. For example, to capture 1,000 packets in a file named tdout and attempt to convert the IP addresses to names, type the following command: tcpdump -a -c 1000 > tdout After capturing 1,000 packets, tcpdump quits. Then you can examine the output file, tdout. It s a text file, so you can simply open it in a text editor or type more tdout to view the captured packets. Just to whet your curiosity, here are some lines from a typical output from tcpdump: 20:05:57.723621 arp who-has 192.168.0.1 tell LNBNECXAN.nrockv01.md.comcast.net 20:05:57.723843 arp reply 192.168.0.1 is-at 0:9:5b:44:78:fc 20:06:01.733633 LNBNECXAN.nrockv01.md.comcast.net.1038 > 192.168.0.6.auth: S 536321100:536321100(0) win 5840 (DF) 20:06:02.737022 LNBNECXAN.nrockv01.md.comcast.net.ftp > 192.168.0.6.1596: P 1:72 (71) ack 1 win 5840 (DF) 20:06:02.935335 192.168.0.6.1596 > LNBNECXAN.nrockv01.md.comcast.net.ftp: . ack 72 win 65464 (DF) 20:06:05.462481 192.168.0.6.1596 > LNBNECXAN.nrockv01.md.comcast.net.ftp: P 1:12 (11) ack 72 win 65464 (DF) 20:06:05.462595 LNBNECXAN.nrockv01.md.comcast.net.ftp > 192.168.0.6.1596: . ack 12 win 5840 (DF) 20:06:05.465344 LNBNECXAN.nrockv01.md.comcast.net.ftp > 192.168.0.6.1596: P 72:105(33) ack 12 win 5840 (DF) … lines deleted… The output does offer some clues to what s going on each line shows information about one network packet. Each line starts with a timestamp, followed by details of the packet, information such as where it originates and where it is going. I don t try to explain the details here, but you can type man tcpdump to find out more about some of the details (and, more importantly, see what other ways you can use tcpdump).#BREAK# 286 Configuring Networks at Boot Time If tcpdump is not installed in Debian, type apt-get install tcpdump to install it. You can use another packet sniffer called Ethereal in Linux. To find out more about Ethereal, visit www.ethereal.com. Configuring Networks at Boot Time It makes sense to start your network automatically every time you boot the system. For that to happen, various startup scripts must contain appropriate commands. You don t have to do anything special other than configure your network (either during installation or by using the Network Configuration tool at a later time). If the network balks at startup, however, you can troubleshoot by checking the files I mention in this section. In Debian and Xandros, the /etc/network/interfaces file describes the network interfaces available in your system and the /sbin/ifup command activates the interfaces when you boot the system. Here is the content of a typical /etc/network/interfaces file from a Debian system: # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet dhcp The auto eth0 line indicates that the Ethernet interface can be brought up at initialization by the command ifup -a invoked by a system startup script. The line ifup eth0 inet dhcp identifies the Ethernet as a TCP/IP network interface that is configured by Dynamic Host Configuration Protocol (DHCP). In Fedora Core, the network-activation script uses a set of text files in the /etc/sysconfig directory to activate the network interfaces. For example, the script checks the variables defined in the /etc/sysconfig/network file to decide whether to activate the network. In /etc/sysconfig/network, you see a line with the NETWORKING variable as follows: NETWORKING=yes The network activates only if the NETWORKING variable is set to yes. A number of scripts in the /etc/sysconfig/network-scripts directory activate specific network interfaces. For example, the configuration file for activating the#BREAK# Book III Chapter 4 Managing the Network Configuring Networks at Boot Time 287 Ethernet interface eth0, is the file /etc/sysconfig/network-scripts/ ifcfg-eth0. Here is what a typical /etc/sysconfig/network-scripts/ ifcfg-eth0 file contains: DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes TYPE=Ethernet The DEVICE line provides the network device name. The BOOTPROTO variable is set to dhcp, indicating that the IP address is obtained dynamically by using DHCP. The ONBOOT variable states whether this network interface activates when Linux boots. If your PC has an Ethernet card and you want to activate the eth0 interface at boot time, ONBOOT must be set to yes. Of course, the configuration file ifcfg-eth0 in the /etc/sysconfig/network-scripts directory works only if your PC has an Ethernet card and the Linux kernel has detected and loaded the specific driver for that card. In SUSE, the network information is kept in the /etc/sysconfig/network directory in files whose names begin with ifcfg. For Ethernet interfaces, the configuration filename begins with ifcfg-eth. Here are the key lines in a typical Ethernet configuration file: BOOTPROTO= dhcp STARTMODE= onboot The BOOTPROTO= dhcp line indicates that the interface is set up using DHCP, and STARTMODE= onboot means that the interface is initialized when the system boots.#BREAK# 288 Book III: Networking#BREAK# Book IV Internet#BREAK# Contents at a Glance Chapter 1: E-Mailing and IMing in Linux ………………………………………………………………..291 Chapter 2: Browsing the Web ………………………………………………………………………………..309 Chapter 3: Reading Newsgroups…………………………………………………………………………….323 Chapter 4: Using FTP …………………………………………………………………………………………….337#BREAK# Chapter 1: E-Mailing and IMing in Linux In This Chapter Understanding electronic mail Taking stock of mail readers and IM (Instant Messaging) clients Introducing Ximian Evolution Introducing Mozilla Mail Introducing KMail Instant messaging with Gaim and Kopete Electronic mail (e-mail) is a mainstay of the Internet. E-mail is great because you can exchange messages and documents with anyone on the Internet. One of the most common ways people use the Internet is to keep in touch with friends, acquaintances, loved ones, and strangers through e-mail. You can send a message to a friend thousands of miles away and get a reply within a couple of minutes. Essentially, you can send messages anywhere in the world from an Internet host, and that message typically makes its way to its destination within minutes something you cannot do with paper mail (also known as snail mail, and appropriately so). I love e-mail because I can communicate without having to play the game of phone tag, in which two people can leave a seemingly infinite number of telephone messages for each other without ever successfully making contact. When I send an e-mail message, it waits in the recipient s mailbox to be read at the recipient s convenience. I guess I like the converse even better when people send me e-mail, I can read and reply at my convenience. Linux comes with several mail clients also called mail readers that can download mail from your Internet Service Provider (ISP). You can also read and send e-mail using these mail clients. In this chapter, I mention several mail clients available in Linux and briefly introduce you to a few of them. And when you know one, you can easily use any of the mail readers.#BREAK# 292 Understanding Electronic Mail There is yet another type of keeping in touch that s more in line with today s teenagers. I m talking about IM instant messaging. IM is basically one-to-one chat, and Linux includes IM clients for AOL Instant Messenger (or AIM), as well as other instant messaging protocols such as Jabber, ICQ, MSN Messenger, Yahoo!, Gadu-Gadu, IRC (Internet Relay Chat), and SMS (Short Message Service or text messaging). I briefly describe a few IM clients in this chapter. Understanding Electronic Mail E-mail messages are addressed to a username at a host (host is just a fancy name for an online computer). That means if John Doe logs in with the username jdoe, e-mail to him is addressed to jdoe. The only other piece of information needed to identify the recipient uniquely is the fully qualified domain name of the recipient s system. Thus, if John Doe s system is named someplace.com, his complete e-mail address becomes jdoe@someplace. com. Given that address, anyone on the Internet can send e-mail to John Doe. How MUA and MTA work The two types of mail software are as follows: . Mail-user agent (MUA) is the fancy name for a mail reader a client that you use to read your mail messages, write replies, and compose new messages. Typically, the mail-user agent retrieves messages from the mail server by using the POP3 or IMAP4 protocol. POP3 is the Post Office Protocol Version 3, and IMAP4 is the Internet Message Access Protocol Version 4. Linux comes with mail-user agents such as Balsa, Mozilla Mail, KMail, and Ximian Evolution. . Mail-transport agent (MTA) is the fancy name for a mail server that actually sends and receives mail-message text. The exact method used for mail transport depends on the underlying network. In TCP/IP networks, the mail-transport agent delivers mail using the Simple Mail Transfer Protocol (SMTP). Linux includes sendmail, a powerful and popular mailtransport agent for TCP/IP networks. Figure 1-1 shows how the MUAs and MTAs work with one another when Alice sends an e-mail message to Bob. (In case you didn t know, using Alice and Bob to explain e-mail and cryptography is customary just pick up any book on cryptography and you ll see what I mean.) And you may already know this, but the Internet is always diagrammed as a cloud the boundaries of the Internet are so fuzzy that a cloud seems just right to represent it (or is it because no one knows where it starts and where it ends?).#BREAK# Book IV Chapter 1 E-Mailing and IMing in Linux Understanding Electronic Mail 293 The scenario in Figure 1-1 is typical of most people. Alice and Bob both connect to the Internet through an ISP and get and send their e-mail through their ISPs. When Alice types a message and sends it, her mail-user agent (MUA) sends the message to her ISP s mail-transfer agent (MTA) using the Simple Mail Transfer Protocol (SMTP). The sending MTA then sends that message to the receiving MTA Bob s ISP s MTA using SMTP. When Bob connects to the Internet, his MUA downloads the message from his ISP s MTA using the POP3 (or IMAP4) protocol. That s the way mail moves around the Internet from sending MUA to sending MTA to receiving MTA to receiving MUA. The Internet Alice s Mail User Agent (MUA) Alice s ISP s Mail Transfer Agent (MTA) MTA Bob s ISP SMTP SMTP POP3 or IMAP4 MTA Bob s MUA Alice Bob Figure 1-1: How Alice sends e-mail to Bob (or all about MUAs and MTAs).#BREAK# 294 Taking Stock of Mail Readers and IM Clients in Linux Mail message enhancements Mail messages used to be plain text (and most still are), but many messages today have much more than text. Two typical new features of today s mail are . Attachments: Many messages today include attached files, which can be anything from documents to images. The recipient can save the attachment on disk or open it directly from the mail reader. Unfortunately, attachments are one way hackers try to get viruses and worms into your PC. (If it s any consolation, most Windows-based viruses and worms do not work in Linux.) . HTML messages: Mail messages can be in HTML (HyperText Markup Language), the language used to lay out Web pages. When you read an HTML message on a capable mail reader, the message appears in its full glory with nice fonts and embedded graphics. While HTML messages are nice, they don t appear right when you use a textbased mail reader. In a text mail reader, HTML messages appear as a bunch of gobbledygook (which is just the HTML code). If you have an ISP account, all you need is a mail client to access your e-mail. In this case, your e-mail resides on your ISP s server and the mail reader downloads mail when you run it. You have to do some setup before you can start reading mail from your ISP s mail server. The setup essentially requires you to enter information that you get from your ISP the mail server s name, server type (POP3, for example), your username, and your password. Taking Stock of Mail Readers and IM Clients in Linux Time was when most mail readers were text programs, but times have changed. Now mail readers are graphical applications capable of displaying HTML messages and handling attachments with ease. They are easy to use; if you can work with one, it s a pretty sure bet that you can use any of the graphical mail readers out there. (Linux comes with several mail readers; feel free to try a few out to see which one fits your needs best.) IM (instant messaging) is a more recent phenomenon, but Linux tries to stay on top of things, so it comes with two IM clients that can work with various IM protocols. Table 1-1 gives you an overview of the major mail readers and IM clients in Linux.#BREAK# Book IV Chapter 1 E-Mailing and IMing in Linux E-Mailing in Linux 295 Table 1-1 Linux Mail Readers and IM Clients Software Description Kmail The KDE e-mail client that supports both POP3 and IMAP4 Mozilla Mail A mail client as well as a newsreader, part of the Mozilla opensource Web browser (open-source incarnation of Netscape Communicator) Ximian Evolution A personal information manager (PIM) that includes e-mail, calendar, contact management, and an online task list Gaim An IM client for GNOME that supports a number of instantmessaging protocols such as AIM, ICQ, Yahoo!, MSN, Gadu-Gadu, and Jabber Kopete An IM client for KDE that supports a number of messaging protocols such as Jabber, ICQ, AIM, MSN, Yahoo!, IRC, Gadu-Gadu, and SMS If you don t see a specific mail or IM client in your distribution, chances are that you can easily download and install it from the Internet. E-Mailing in Linux Each Linux distribution s GUI desktop has one or two default e-mail clients. GNOME desktops typically offer Ximian Evolution, whereas KDE desktops go with KMail. Both GNOME and KDE desktops often come with Mozilla as the Web browser and Mozilla includes a mail client as well. Debian includes KMail and Ximian Evolution. Fedora Core offers Ximian Evolution as its default mail client. SUSE uses KMail as the default mail reader, and Xandros provides Mozilla Mail. In Debian, you can easily install the mail and news component of Mozilla and then use Mozilla Mail. In the following sections, I briefly introduce you to Ximian Evolution, Mozilla Mail, and KMail. All mail clients are intuitive to use, so you don t need much more than an introduction to start using them effectively. Introducing Ximian Evolution I have heard so much about Ximian Evolution that I want to start with it. What better way than to just jump right in! In Fedora Core, you can start Evolution by selecting Main Menu.Internet. Evolution Email from the GNOME or KDE desktop. (In Debian, I had to select Main Menu.Debian.Apps.Net.Evolution.) When you start Evolution for the first time, the Evolution Setup Assistant window appears, as shown in Figure 1-2.#BREAK# 296 E-Mailing in Linux Click Forward in the Welcome screen and the Setup Assistant guides you through the following steps: 1. Enter your name and e-mail address in the Identity screen and click the Forward button. For example, if your e-mail address is jdoe@someplace.com, that s what you enter. 2. Set up the options for receiving e-mail and click Forward. Select the type of mail download protocol POP or IMAP. Then provide the name of the mail server (for example, mail.comcast.net). You are prompted for the password when Evolution connects to the mail server for the first time. 3. Provide further information about receiving e-mail how often to check for mail and whether to leave messages on the server and then click Forward. Typically, you want to download the messages and delete them from the server (otherwise the ISP complains when your mail piles up). 4. Set up the following options for sending e-mail and click Forward when you re done: Select the server type as SMTP. Enter the name of the server, such as smtp.comcast.net. Figure 1-2: The Evolution Setup Assistant guides you through the initial setup.#BREAK# Book IV Chapter 1 E-Mailing and IMing in Linux E-Mailing in Linux 297 If the server requires you to log in, select the Server Requires Authentication check box. Enter your username the same username you use to log in to your ISP s mail server. (Often, you don t have to log in to send mail; you only log in when receiving downloading mail messages.) 5. Indicate whether you want this e-mail account to be your default account, and, if you want, give this e-mail account a descriptive name; click Forward. 6. Set your time zone by clicking a map; click Forward. 7. Click Apply to complete the Evolution setup. After you complete the setup, Evolution opens its main window, as shown in Figure 1-3. The main display area is vertically divided into two windows: a narrow window on the left (containing a number of shortcut icons), and a bigger window that s further divided into two. In the right-hand window, Evolution displays information relevant to the currently selected shortcut icon. Initially, the Summary icon is selected by default. You can click the icons in the lower-left area to switch to different views. Table 1-2 describes what happens when you click each of the five shortcut icons in Evolution s Shortcuts window. Figure 1-3: Evolution takes care of mail, calendar, contact management, and to-do lists.#BREAK# 298 E-Mailing in Linux Table 1-2 Shortcut Icons in Ximian Evolution Name of Icon What It Does Summary Displays a summary of mail, appointments, and tasks. Inbox Switches to mail display, where you can read mail and send mail. Calendar Opens your calendar, where you can look up and add appointments. Tasks Shows your task ( to do ) list, where you can add new tasks and check what s due when. Contacts Opens your contact list, where you can add new contacts or look up someone from your current list. As the icons listed in Table 1-2 show, Ximian Evolution has all the necessary components of a PIM e-mail, calendar, task list, and contacts. To access your e-mail, click the Inbox icon. Evolution opens your Inbox, as shown in Figure 1-4. If you turn on the feature to automatically check for mail every so often, Evolution prompts you for your mail password and downloads your mail. The e-mail Inbox looks very much like any other mail reader s inbox, such as the Outlook Express Inbox. To read a message, click the message in the upper window of the Inbox and the message text appears in the lower window. Figure 1-4: Read your e-mail in the Evolution Inbox.#BREAK# Book IV Chapter 1 E-Mailing and IMing in Linux E-Mailing in Linux 299 To reply to the current message, click the Reply button on the toolbar. A message composition window pops up. You can write your reply and then click the Send button on the toolbar to send the reply. Simple, isn t it? To send a new e-mail, click the New Message button on the Evolution toolbar. A new message composition window appears; you can type your message in that window, and when you re finished composing the message, click Send. Ximian Evolution comes with extensive online help. Choose Help.Contents from the Evolution menu and A User s Guide to Ximian Evolution appears in a window. You can then read the user s guide in that window. Introducing Mozilla Mail Mozilla Mail is the mail and newsreader that comes with Mozilla the open source successor to Netscape Communicator. Mozilla is a Web browser that also includes a mail and newsreader. Mozilla is available on every Linux distribution. To use Mozilla Mail, start by running the Mozilla Web browser. You can typically click an icon on the panel. Otherwise, look for the Web browser in the Main Menu under the Internet category. Some distributions provide a menu choice for directly accessing Mozilla Mail (instead of having to start it from the Mozilla Web browser window). Some distributions do not install Mozilla s mail and news component by default. You can, however, install these components easily. For example, in Debian, type su - and enter the root password in a terminal window and then type apt-get install mozilla-mailnews to install the mail and news component of Mozilla. After you install this component, you can access Mozilla Mail from the Mozilla Web browser. To access the Mozilla Mail e-mail and newsreader from the Mozilla Web browser, choose Window.Mail and Newsgroups. Mozilla Mail runs, starts the Account Wizard (shown in Figure 1-5), and prompts you for information about your e-mail account. Figure 1-5: Enter your e-mail account information in Mozilla Mail s Account Wizard. #BREAK# 300 E-Mailing in Linux Select the Email Account radio button and click Next. The Account Wizard then takes you through the following steps: 1. Enter your identity information your name and your full e-mail address, such as jdoe@someplace.com and then click Next. 2. Provide information about your ISP s mail server the protocol type (POP or IMAP) as well as the incoming and outgoing server names and click Next. The incoming server is the POP or IMAP server, whereas the outgoing server is the one through which you send mail out. (It s the SMTP server.) 3. Enter the username that your ISP has given you; click Next. 4. Enter a name that you want to use to identify this account and click Next. This name is just for Mozilla Mail, so you can pick anything you want, such as My home account. The Account Wizard then displays a summary of the information you entered. 5. Verify the information; if it s correct, click Finish. Otherwise, click Back and fix the errors. After you set up the e-mail account, Mozilla Mail s main window appears and shows you the contents of your Inbox. Soon a dialog box pops up and asks you for your e-mail password. Mozilla Mail needs your password to download your e-mail messages from your ISP. Enter your password and click OK. Mozilla Mail downloads your messages and displays them in a familiar format. To read a message, click that message, and the full text appears in the lower window, as shown in Figure 1-6. Mozilla Mail is intuitive to use. Most of the time, you can click the toolbar buttons to do most anything you want to do with the e-mail messages. Here s what each toolbar button does: . Get Msgs: Downloads messages from your e-mail accounts. (You can set up as many as you want.) . Compose: Opens a window where you can compose and send a message. . Reply: Opens a window where you can send back a reply to the person who sent you the message you are reading now. . Reply All: Opens a window for sending a reply to everyone who was on the addressee list of the message you are reading now. . Forward: Brings up the current message in a window so that you can forward it to someone else. . Next: Shows the next unread message.#BREAK# Book IV Chapter 1 E-Mailing and IMing in Linux E-Mailing in Linux 301 . Junk: Marks the selected messages as junk. (You can mark selected messages as junk and select Tools.Junk Mail Controls to block similar messages.) . Delete: Deletes the selected message. If you use any GUI mail reader from Microsoft Outlook Express to Novell GroupWise you find a similar set of toolbar buttons. In the following sections, I describe how to perform a few common e-mail-related tasks. Managing your Inbox Mozilla Mail downloads your incoming mail and stores it in the Inbox folder. You can see the folders organized along the narrow window on the left-hand side. (Refer to Figure 1-6.) Each e-mail account you have set up has a set of folders. You have the following folders by default: . Inbox: Holds all your incoming messages for this e-mail account. . Drafts: Contains the messages that you save as a draft. (Click the Save button on the message composition window to save something as a draft.) . Templates: Contains the messages you save as templates. . Sent: Holds all the messages you send. . Trash: Contains the messages you delete. (To empty the Trash folder, choose File.Empty Trash from the Mozilla Mail menu.) Figure 1-6: You can read and send e-mail messages from Mozilla Mail. #BREAK# 302 E-Mailing in Linux You can create other folders to better organize your mail. To create a folder, do the following: 1. Choose File.New.Folder. The New Folder dialog box appears. 2. Fill in the folder name and select where you want to put the folder; then click OK. The new folder appears in the left window of Mozilla Mail. You can then drag and drop messages into the folder. When you select a folder from the left window, Mozilla Mail displays the contents of that folder in the upper window on the right-hand side. The list is normally sorted by date, with the latest messages shown at the end of the list. If you want to sort the list any other way say, by sender or by subject simply click that column heading and Mozilla Mail sorts the list according to that column. Composing and sending messages To send an e-mail message, you either write a new message or reply to a message you are reading. The general steps for sending an e-mail message are as follows: 1. To reply to a message, click the Reply or Reply All button on the toolbar as you are reading the message. To write a new message, click the Compose button on the toolbar. To forward a message, click the Forward button. A message composition window appears, as shown in Figure 1-7. 2. In the message composition window, fill in the subject line and type your message. The message can include images as well as links to Web sites. To insert any of these items, choose Insert.Image or Insert.Link from the menu. 3. If you re creating a new message or forwarding a message, type the e-mail addresses of the recipients. To select addressees from the Address Book, click the Address button on the toolbar. Your Address Book opens, from which you can select the addressees. 4. When you re done composing the message, click the Send button. Mozilla Mail asks whether you want to send the message in HTML format or plain text or both. 5. Select a format and then click Send to send the message. If you inserted images and Web links and you know the recipient can read HTML mail, be sure to select HTML format; otherwise, choose plain text.#BREAK# Book IV Chapter 1 E-Mailing and IMing in Linux E-Mailing in Linux 303 If you want to complete a message later, click Save in the message composition window and then close the window. Mozilla Mail saves the message in the Drafts folder. When you re ready to work on that message again, go to the Drafts folder and then double-click the saved message to open it. Introducing KMail KMail is a mail reader for KDE. When you first run KMail, you get its main window, but you cannot start using it to send and receive e-mail until you have configured the mail accounts in KMail. You can use KMail as your mail client in SUSE and Debian s KDE desktop. To configure KMail, select Settings.Configure KMail. In the Configure KMail window (see Figure 1-8), click Network on the left side of the window and then set up the information about your e-mail accounts. KMail uses this information to send and receive mail. For outgoing mail, click the Add button on the Sending tab (see Figure 1-8) and then select the mail transport agent. Typically, for an ISP-provided mail account, you should select SMTP and enter the mail server s name (for example, smtp.comcast.net) that your ISP provided you. Figure 1-7: Compose your message and then enter the e-mail addresses of the recipients. #BREAK# 304 E-Mailing in Linux To set up the incoming mail information, click Add on the Receiving tab, and then select the mail protocol such as POP3 or IMAP. Your ISP would have told you what protocol to use. (Typically, it s POP3 or IMAP.) Then enter the mail server s name (for example, mail.comcast.net) as well as the username and password of your ISP account. After the e-mail account information is set up, you can start using KMail. The user interface is intuitive, as shown in Figure 1-9. KMail periodically checks and downloads messages from your incoming mail accounts. You can view messages as they arrive in your Inbox. Figure 1-9: Read and manage your e-mail in KMail. Figure 1-8: Configure e-mail accounts in the Configure KMail window. #BREAK# Book IV Chapter 1 E-Mailing and IMing in Linux Instant Messaging in Linux 305 Instant Messaging in Linux There are two major IM clients in Linux. In GNOME desktops, you can use Gaim, whereas Kopete is designed to work well on KDE desktops. I briefly describe both IM clients in the following sections. Using Gaim You can use Gaim to keep in touch with all of your contacts on many different IM services such as AIM, ICQ, Yahoo!, MSN, Gadu-Gadu, and Jabber. If you use any of the IM services, you ll be right at home with Gaim. In Fedora Core, start Gaim by choosing Main Menu.Internet.Messaging Client from the GNOME desktop. You can start Gaim in a similar manner from GNOME desktops in other distributions. The initial Gaim window appears together with an Accounts window, as shown in Figure 1-10. Start by setting up your messaging accounts in the Accounts window. Click the Add button, and then fill in the requested information in the Add Account window, as shown in Figure 1-11. You have to select the protocol for your IM service. For example, the protocol for AIM is AIM/ICQ. Other protocol choices include Gadu-Gadu, Jabber, MSN, and Yahoo!, among others. After you enter account information, the Accounts window shows all currently defined accounts. You can then select an account from the Gaim main window and click Sign On, as shown in Figure 1-12. After Gaim logs you in, it opens the standard Buddy List window. (See Figure 1-13.) To add buddies, select Buddies.Add Buddy. In the Add Buddy window that appears, enter the screen name of the buddy and click Add. To create a new group, choose Buddies.Add Group. Type the name of the new group in the Add Group window that appears and then click Add. Figure 1-10: Manage all of your IM accounts in this window. #BREAK# 306 Instant Messaging in Linux Figure 1-13: A buddy list window in Gaim. Figure 1-12: Sign on to AIM with Gaim. Figure 1-11: Enter information about each IM account. #BREAK# Book IV Chapter 1 E-Mailing and IMing in Linux Instant Messaging in Linux 307 If any of your buddies are online, their names show up in the Buddy List window. To send a message to a buddy, double-click the name and a message window pops up. If someone sends you a message, a message window pops up with the message and you can begin conversing in that window. Using Kopete Kopete the KDE IM client enables you to connect to many messaging services including AIM, IRC, MSN Messenger, Yahoo!, Gadu-Gadu, and SMS. In Debian, you can run Kopete by selecting Main Menu.Internet.Instant Messenger. In SUSE, select Main Menu.Internet.Chat to start Kopete. In Xandros, start Kopete by choosing Main Menu.Applications.Internet. Instant Messaging. When you first run Kopete, you get the Configure Kopete window (see Figure 1-14), where you can enter information about your IM and other messaging service accounts. For example, to add your AIM account information, click New and then answer and respond to the prompts from the Account Wizard. The first step is to select your messaging service. (See Figure 1-15.) Figure 1-14: Enter information about your messaging accounts in this window. #BREAK# 308 Instant Messaging in Linux Select the appropriate messaging service, such as AIM if you use AOL s instant messaging service. Then provide the AIM screen name and the password. After you have set up your messaging service accounts, the Account Wizard closes and you get the regular Kopete window. To sign on with your messaging services and begin using Kopete, click the Connect button the leftmost button on the toolbar in the Kopete window. (See Figure 1-16.) Click the magnifying-glass icon to see your buddies. You see a solid smiley face icon for buddies who are online. Click an online buddy to start chatting. Select File.Add Contact to add more contacts. Well, if you know AIM, you know what to do: Have fun IMing with Kopete! Figure 1-16: Viewing a buddy list in Kopete. Figure 1-15: Select your messaging service in this window. #BREAK# Chapter 2: Browsing the Web In This Chapter Discovering the World Wide Web Understanding a URL Checking out Web servers and Web browsers Taking stock of Web browsers for Linux Web browsing with Mozilla Introducing Epiphany and Firefox Isuspect you already know about the Web, but did you know that the Web (or more formally, the World Wide Web), made the Internet what it is today? The Internet has been around for quite a while, but it did not reach the masses until the Web came along in 1993. Before the Web came along, you had to use arcane UNIX commands to download and use files, which was simply too complicated for most of us. With the Web, however, anyone can enjoy the benefits of the Internet by using a Web browser a graphical application that downloads and displays Web documents. A click of the mouse is all you need to go from reading a document from your company Web site to downloading a video clip from across the country. In this chapter, I briefly describe the Web and introduce Mozilla the primary Web browser (and, for that matter, mail and newsreader, too) in most Linux distributions. I also briefly discuss how you can create your own Web pages. KDE desktops often use Konqueror as the Web browser, but after you have used one Web browser, you can easily use any other Web browser. Discovering the World Wide Web If you have used a file server at work, you know the convenience of sharing files. You can use the word processor on your desktop to get to any document on the shared server.#BREAK# 310 Discovering the World Wide Web Now imagine a word processor that enables you to open and view a document that resides on any computer on the Internet. You can view the document in its full glory, with formatted text and graphics. If the document makes a reference to another document (possibly residing on yet another computer), you can open that linked document by clicking the reference. That kind of easy access to distributed documents is essentially what the World Wide Web provides. Of course, the documents have to be in a standard format, so that any computer (with the appropriate Web browser software) can access and interpret the document. And a standard protocol is necessary for transferring Web documents from one system to another. The standard Web document format is HyperText Markup Language (HTML), and the standard protocol for exchanging Web documents is HyperText Transfer Protocol (HTTP). HTML documents are text files and don t depend on any specific operating system, so they work on any system from Windows and Mac to any type of UNIX and Linux. A Web server is software that provides HTML documents to any client that makes the appropriate HTTP requests. A Web browser is the client software that actually downloads an HTML document from a Web server and displays the contents graphically. Like a giant spider s web The World Wide Web is the combination of the Web servers and the HTML documents that the servers offer. When you look at the Web in this way, the Web is like a giant book whose pages are scattered throughout the Internet. You use a Web browser running on your computer to view the pages the pages are connected like a giant spider s web, with the documents everywhere, as illustrated in Figure 2-1. Imagine that the Web pages HTML documents are linked by network connections that resemble a giant spider s web, so you can see why the Web is called the Web. The World Wide part comes from the fact that the Web pages are scattered around the world. Links and URLs Like the pages of real books, Web pages contain text and graphics. Unlike real books, however, Web pages can include multimedia, such as video clips, sound, and links to other Web pages that can actually take you to those Web pages.#BREAK# Book IV Chapter 2 Browsing the Web Discovering the World Wide Web 311 The links in a Web page are references to other Web pages that you can follow to go from one page to another. The Web browser typically displays these links as underlined text (in a different color) or as images. Each link is like an instruction to you something like, For more information, please consult Chapter 4, that you might find in a real book. In a Web page, all you have to do is click the link; the Web browser brings up the referenced page, even though that document may actually reside on a far-away computer somewhere on the Internet. The links in a Web page are referred to as hypertext links because when you click a link, the Web browser jumps to the Web page referenced by that link. This arrangement brings up a question. In a real book, you might ask the reader to go to a specific chapter or page in the book. How does a hypertext link indicate the location of the referenced Web page? In the World Wide Web, each Web page has a special name, called a Uniform Resource Locator (URL). A URL uniquely specifies the location of a file on a computer. Figure 2-2 shows the parts of a URL. Domain name Directory path Filename Port Protocol HTML anchor http://www.tldp.org:80/HOWTO/Wireless-HOWTO-2.html#ss2.1 Figure 2-2: The parts of a Uniform Resource Locator (URL). Web pages Web browser Figure 2-1: The Web is like billions of pages, scattered across the network, that you can read from your computer by using a Web browser.#BREAK# 312 Discovering the World Wide Web As Figure 2-2 shows, a URL has the following parts: . Protocol: Name of the protocol that the Web browser uses to access the data from the file the URL specifies. In Figure 2-2, the protocol is http://, which means that the URL specifies the location of a Web page. Here are some of the common protocol types and their meanings: file:// means the URL is pointing to a local file. You can use this URL to view HTML files without having to connect to the Internet. For example, file:///var/www/html/index.html opens the file /var/www/html/index.html from your Linux system. ftp:// means that you can download a file using the File Transfer Protocol (FTP). For example, ftp://ftp.purdue.edu/pub/uns/ NASA/nasa.jpg refers to the image file nasa.jpg from the /pub/ uns/NASA directory of the FTP server ftp.purdue.edu. If you want to access a specific user account via FTP, use a URL in the following form: ftp://username:password@ftp.somesite.com/ with the username and password embedded in the URL. (Note that the password is in plain text and not secure.) http:// means that the file is downloaded using the HyperText Transfer Protocol (HTTP). This protocol is the well-known format of URLs for all Web sites, such as http://fedora.redhat.com for the Fedora Project s home page. If the URL does not have a filename, the Web server sends a default HTML file named index.html. (That s the default filename for the popular UNIX-based Apache Web servers; Microsoft Windows Web servers use a different default filename.) https:// specifies that the file is accessed through a Secure Sockets Layer (SSL) connection a protocol designed by Netscape Communications for encrypted data transfers across the Internet. This form of URL is typically used when the Web browser sends sensitive information (such as credit card number, username, and password) to a Web server. For example, a URL such as https://some.site.com/secure/takeorder.html may display an HTML form that requests credit card information and other personal information (such as name, address, and phone number). mailto:// specifies an e-mail address that you can use to send an e-mail message. This URL opens your e-mail program, from which you can send the message. For example, mailto:webmaster@someplace. com refers to the Webmaster at the host someplace.com. news:// specifies a newsgroup that you can read by means of the Network News Transfer Protocol (NNTP). For example, news://news.md.comcast.giganews.com/comp.os.linux.setup#BREAK# Book IV Chapter 2 Browsing the Web Discovering the World Wide Web 313 accesses the comp.os.linux.setup newsgroup at the news server news.md.comcast.giganews.com. If you have a default news server configured for the Web browser, you can omit the news server s name and use the URL news:comp.os.linux.setup to access the newsgroup. . Domain name: Contains the fully qualified domain name of the computer that has the file this URL specifies. You can also provide an IP address in this field. The domain name is not case sensitive. . Port: Port number that is being used by the protocol listed in the first part of the URL. This part of the URL is optional; all protocols have default ports. The default port for HTTP, for example, is 80. If a site configures the Web server to listen to a different port, the URL has to include the port number. . Directory path: Directory path of the file being referred to in the URL. For Web pages, this field is the directory path of the HTML file. The directory path is case sensitive. . Filename: Name of the file. For Web pages, the filename typically ends with .htm or .html. If you omit the filename, the Web server returns a default file (often named index.html). The filename is case sensitive. . HTML anchor: Optional part of the URL that makes the Web browser jump to a specific location in the file. If this part starts with a question mark (?) instead of a hash mark (#), the browser takes the text following the question mark to be a query. The Web server returns information based on such queries. Web servers and Web browsers The Web server serves up the Web pages, and the Web browser downloads them and displays them to the user. That s pretty much the story with these two cooperating software packages that make the Web work. In a typical scenario, the user sits in front of a computer that s connected to the Internet and runs a Web browser. When the user clicks a link or types a URL into the Web browser, the browser connects to the Web server and requests a document from the server. The Web server sends the document (usually in HTML format) and ends the connection. The Web browser interprets and displays the HTML document with text, graphics, and multimedia (if applicable). Figure 2-3 illustrates this typical scenario of a user browsing the Web. The Web browser s connection to the Web server ends after the server sends the document. When the user browses through the downloaded document and clicks another hypertext link, the Web browser again connects to the Web server named in the hypertext link, downloads the document, ends the connection, and displays the new document. That s how the user can move from one document to another with ease.#BREAK# 314 Web Browsing in Linux A Web browser can do more than simply talk HTTP with the Web server in fact, Web browsers can also download documents using FTP and many have integrated mail and newsreaders as well. Web Browsing in Linux Web browsing is fun because so many of today s Web pages are so full of graphics and multimedia. Then there s the element of surprise you can click a link and end up at unexpected Web pages. Links are the most curious (and useful) aspect of the Web. You can start at a page that shows today s weather, and a click later, you can be reading this week s issue of Time magazine. To browse the Web, all you need is a Web browser and an Internet connection. I assume that you ve already taken care of the Internet connection (see Book III, Chapter 1 if you haven t yet set up your Internet connection), so all you need to know are the Web browsers in Linux. Internet Web server sends back the requested Web page User HTTP User Web server Web browser Web browser connects to the server and requests a Web page Figure 2-3: The Web browser requests documents and the Web server sends them.#BREAK# Book IV Chapter 2 Browsing the Web Web Browsing in Linux 315 Checking out Web browsers for Linux Many Linux distributions come with the Mozilla Web browser. Mozilla is an open source version of the venerable Netscape Communicator. Several other Web browsers are available for Linux. I briefly mention the other browsers, but I focus on Mozilla in the rest of the discussions. Here are the major Web browsers for Linux: . Mozilla: The reincarnation of that old workhorse Netscape Communicator only better. Includes mail and a newsreader. The Web browser is called the Mozilla Navigator, or simply Navigator (just as it was in Netscape Communicator). . Epiphany: The GNOME Web browser that uses parts of the Mozilla code to draw the Web pages, but has a simpler user interface than Mozilla. If Epiphany is not installed, you can download it from www.gnome.org/projects/epiphany. . Firefox: Mozilla s next-generation browser that blocks pop-up ads, provides tabs for easily viewing multiple Web pages in a single window, and includes a set of privacy tools. You can download Firefox from www. mozilla.org/download.html. . Konqueror: The KDE Web browser that also doubles as a file manager and a universal viewer. In addition to these, many other applications are capable of downloading and displaying Web pages. Mozilla may not be installed by default on SUSE, but you can easily use YaST to search for mozilla and then install it. You can install Mozilla Firefox the same way in SUSE. In Debian, you can install Firefox by typing apt-get install mozilla-firefox in a terminal window. Learning Mozilla s user interface You can typically start Mozilla by clicking an icon on the panel or by selecting it from the Main Menu. When Mozilla starts, it displays a browser window with a default home page. (The main Web page on a Web server is known as the home page.) You can configure Mozilla to use a different Web page as the default home page. Figure 2-4 shows a Web page from a U.S. government Web site (www.gao. gov), as well as the main elements of the Mozilla browser window.#BREAK# 316 Web Browsing in Linux The Mozilla Web browser includes lots of features in its user interface, but you can master it easily. You can turn off some of the items that make it look busy. You can also start with just the basics to get going with Mozilla and then gradually expand to areas that you haven t yet explored. Mozilla toolbars Starting from the top of the window, you see a menu bar with the standard menus (File, Edit, and so forth), followed by the two toolbars the Navigation toolbar and the Personal toolbar. The area underneath the Personal toolbar is where the current Web page appears. Here s what you can do with the buttons on the Navigation toolbar that appears just below the menu bar, from left to right: . Back: Move to the previous Web page. . Forward: Move to the page from which you may have gone backward. . Reload: Reload the current Web page. . Stop: Stop loading the current page. Menu bar Navigation toolbar Personal toolbar Online icon Padlock icon Component bar Status bar (icons to open new Mozilla windows) Figure 2-4: The Mozilla Web browser in action.#BREAK# Book IV Chapter 2 Browsing the Web Web Browsing in Linux 317 . Location text box: Show the URL of the current Web page. (Type a URL in this box to view that Web page.) . Search: Takes you to the Google Web Search page (www.google.com). . Print: Print the current Web page. (You can also preview how the page will appear when printed.) . Mozilla icon: Go to the Mozilla.org Web site (www.mozilla.org). Immediately below the Navigation toolbar comes the Personal toolbar with the Home and Bookmarks buttons. These two buttons serve the following purposes: . Home: Takes you to the home page. . Bookmarks: Displays a menu from which you can bookmark the current page as well as manage your bookmarks. Mozilla includes a number of other links and a folder, named Bookmarks, on the Personal toolbar. You can save links by dragging and dropping them into the Bookmarks folder on the Personal toolbar. Status bar You can think of the bar along the bottom edge of the Mozilla window as the status bar because the middle part of that area displays status information as Mozilla loads a Web page. The left side of the status bar includes a component bar, which displays a few small icons. If you want a hint about what any of these icons do, simply mouse over the button, and Mozilla displays a small balloon help message. You can click these icons to open other Mozilla windows to perform various tasks. In the right corner of Mozilla s status bar, to the right of the status message, you see two icons. The icon on the left indicates that you re online; if you click it, Mozilla goes offline. The rightmost icon is a security padlock. Mozilla supports a secure version of HTTP that uses a protocol called Secure Sockets Layer (SSL) to transfer encrypted data between the browser and the Web server. When Mozilla connects to a Web server that supports secure HTTP, the security padlock appears locked. Otherwise the security padlock is open, signifying an insecure connection. The URL for secure HTTP transfers begins with https:// instead of the usual http://. (Note the extra s in https.) Mozilla displays status messages in the middle portion of the status bar. You can watch the messages in this area to see what s going on. If you mouse over a link on the Web page, the status bar displays the URL for that link.#BREAK# 318 Web Browsing in Linux Mozilla menus I haven t mentioned the Mozilla menus much. That s because you can usually get by without having to go to them. Nevertheless, taking a quick look through the Mozilla menus is worthwhile so you know what each one offers. Table 2-1 gives you an overview of the Mozilla menus. Table 2-1 Mozilla Menus This Menu Enables You to Do the Following File Open a file or Web location, close the browser, send a Web page or link by e-mail, edit a Web page, print the current page, and quit Mozilla. Edit Copy and paste selections, find text in the current page, and edit your preferences. View Show or hide various toolbars, reload the current page, make the text larger or smaller, view the HTML code for the page, and view information about the page. Go Go backward and forward in the list of pages you have visited, or jump to other recently visited Web pages. Bookmarks Bookmark a page, manage the bookmarks, and add links to the Personal toolbar folder. (These then appear in the Personal toolbar.) Tools Search the Web and manage various aspects of the Web page, such as image loading, cookies, and stored passwords. Window Open other Mozilla windows, such as Mozilla Mail, Navigator, Address Book, and Composer. Help Get online help on Mozilla. Changing your home page Your home page is the page that Mozilla loads when you start it. By default, Mozilla loads a file from your system s hard drive. Changing the home page is easy. First locate the page on the Web that you want to be the home page. You can get to that page any way you want. You can search with a search engine to find the page you want, you can type in the URL in the Location text box, or you may even accidentally end up on a page that you want to make your home page. It doesn t matter. When you re viewing the Web page that you want to make your home page in Mozilla, choose Edit.Preferences from the Mozilla menu. The Preferences dialog box appears, as shown in Figure 2-5.#BREAK# Book IV Chapter 2 Browsing the Web Web Browsing in Linux 319 On the right side of Figure 2-5, notice that the Home Page radio button is selected. This option means that Mozilla Navigator displays the home page when you start it up. Then you see the URL for the home page, and underneath the address is a Use Current Page button. Click that button to make the current page your home page. You can set a lot of other options using the Preferences window. Although I am not explaining all the options, you can click around to explore everything that you can do from this window. For example, you can click the Choose File button to select a file on your local system as the home page. Surfing the Net with Mozilla Where you go from the Mozilla home page depends on you. All you have to do is click and see where you end up. Move your mouse around. You know when you are on a link because the mouse pointer changes to a hand with an extended index finger. Click the link, and Mozilla downloads the Web page referenced by that link. How you use the Web depends on what you want to do. When you first get started, you may explore a lot browsing through Web sites and following links without any specific goal in mind; what you may call Web windowshopping. The other, more purposeful, use of the Web is to find specific information from the Net. For example, you might want to locate all the Web sites that contain documents with a specified keyword. For such searches, you can use one of many Web search tools available on the Net. Mozilla s Search button takes you to the Google Web Search page (www.google.com). Figure 2-5: Click the Use Current Page button to make the current Web page your home page.#BREAK# 320 Web Browsing in Linux A third type of use is a visit to a specific site with a known URL. For example, when reading about a specific topic in this book, you may come across a specific URL. In that case, you want to go directly to that Web page. If you want to surf the Net with Mozilla, all you need is a starting Web page then you can click whatever catches your fancy. For example, select the text in the Location text box in Mozilla s Navigation toolbar, type www.yahoo.com, and then press Enter. You get to the Yahoo! home page that shows the Yahoo! Web directory organized by subject. There s your starting point. All you have to do is click and you re on your way! Introducing Epiphany and Firefox Epiphany is the GNOME Web browser (you can run it in both GNOME and KDE desktops) with a simple user interface. You can download Epiphany and get more information from www.gnome.org/projects/epiphany. Debian s KDE desktop includes the Epiphany Web browser. To start Epiphany in Debian, select Main Menu.Debian.Apps.Net.Epiphany Web Browser. In SUSE, select Main Menu.System.YaST to start YaST, select Software and then Install/Remove Software. In the YaST2 window that appears, enter mozilla the name of the Mozilla package in the search field and press Enter. You should then see epiphany in the results list. Select it and click Accept to install it. Figure 2-6 shows the initial Epiphany window showing a U.S. government Web site. If you compare Figure 2-6 with the Mozilla window in Figure 2-4, you can probably see that the Epiphany window is simpler, with just the navigation toolbar and the text entry area where you can type a new URL. Epiphany supports tabs. You can press Ctrl+T (or select File.New Tab) to open a new tab where you can view a new Web page. Firefox is the next-generation Web browser from Mozilla and, like Mozilla, Firefox is available for many different operating systems, including Linux. You can download it from www.mozilla.org/download.html. In Debian, it s easy to install Firefox. Make sure that your Debian system is connected to the Internet. Type su - in a terminal window and enter the root password, and then type apt-get install mozilla-firefox. After you install Firefox, start it by selecting Main Menu.Internet.Mozilla Firefox. Figure 2-7 shows the Mozilla Firefox window showing a U.S. government Web site. Firefox has a user interface that s similar to Mozilla. Like Epiphany, Firefox also supports tabbed browsing, which means that you can open a new tab (by pressing Ctrl+T) and view a Web page in that tab. That way, you can view multiple Web pages in a single window. #BREAK# Book IV Chapter 2 Browsing the Web Web Browsing in Linux 321 Figure 2-7: Mozilla Firefox displaying a U.S. government Web site. Figure 2-6: Epiphany Web browser window with a typical Web page.#BREAK# 322 Book IV: Internet#BREAK# Chapter 3: Reading Newsgroups In This Chapter Understanding newsgroups Reading newsgroups from your ISP using Mozilla Mail, KNode, and Pan Reading and searching newsgroups at some Web sites Internet newsgroups are like the bulletin board systems (BBSs) of the pre- Web age or the forums offered on online systems such as AOL and MSN. Essentially, newsgroups provide a distributed conferencing system that spans the globe. You can post articles essentially e-mail messages to a whole group of people and respond to articles others have posted. Think of an Internet newsgroup as a gathering place a virtual meeting place where you can ask questions and discuss various issues (and best of all, everything you discuss gets archived for posterity). To participate in newsgroups, you need access to a news server your Internet Service Provider (ISP) can give you this access. You also need a newsreader. Luckily, Linux comes with software that you can use to read newsgroups. In this chapter, I introduce you to newsgroups and show you how to read newsgroups with a few of the newsreaders. I also briefly explain how you can read and search newsgroups for free from a few Web sites. Understanding Newsgroups Newsgroups originated in Usenet a store-and-forward messaging network that was widely used for exchanging e-mail and news items. Usenet works like a telegraph in that news and mail are relayed from one system to another. In Usenet, the systems are not on any network; the systems simply dial up one another and use the UNIX-to-UNIX Copy Protocol (UUCP) to transfer text messages. Although it s a very loosely connected collection of computers, Usenet works well and continues to be used because very little expense is involved in connecting to it. All you need is a modem and a site willing to store and forward your mail and news. You have to set up UUCP on your system, but you don t#BREAK# 324 Understanding Newsgroups need a sustained network connection; just a few phone calls are all you need to keep the e-mail and news flowing. The downside of Usenet is that you cannot use TCP/IP services such as the Web, TELNET, or FTP with UUCP. From their Usenet origins, the newsgroups have now migrated to the Internet (even though the newsgroups are still called Usenet newsgroups). Instead of UUCP, the Network News Transfer Protocol (NNTP) now transports the news. Although (for most of the online world) the news transport protocol has changed from UUCP to NNTP, the store-and-forward concept of news transfer remains. Thus, if you want to get news on your Linux system, you have to find a news server from which your system can download news. Typically, you can use your ISP s news server. Newsgroup hierarchy The Internet newsgroups are organized in a hierarchy for ease of maintenance as well as ease of use. The newsgroup names help keep things straight by showing the hierarchy. Admittedly, these newsgroup names are written in Internet-speak, which can seem rather obscure at first. But the language is pretty easy to pick up after a little bit of explanation. For example, a typical newsgroup name looks like this: comp.os.linux.announce This name says that comp.os.linux.announce is a newsgroup for announcements (announce) about the Linux operating system (os.linux) and that these subjects fall under the broad category of computers (comp). As you can see, the format of a newsgroup name is a sequence of words separated by periods. These words denote the hierarchy of the newsgroup. Figure 3-1 illustrates the concept of hierarchical organization of newsgroups. To understand the newsgroup hierarchy, compare the newsgroup name with the path name of a file (for example, /usr/lib/X11/xinit/Xclients) in Linux. Just as a file s path name shows the directory hierarchy of the file, the newsgroup name shows the newsgroup hierarchy. In filenames, a slash (/) separates the names of directories; in a newsgroup s name, a period (.) separates the different levels in the newsgroup hierarchy. In a newsgroup name, the first word represents the newsgroup category. The comp.os.linux.announce newsgroup, for example, is in the comp category, whereas alt.books.technical is in the alt category.#BREAK# Book IV Chapter 3 Reading Newsgroups Understanding Newsgroups 325 Top-level newsgroup categories Table 3-1 lists some of the major newsgroup categories. You find a wide variety of newsgroups covering subjects ranging from politics to computers. The Linux-related newsgroups are in the comp.os.linux hierarchy. Table 3-1 Some Major Newsgroup Categories Category Subject alt Alternative newsgroups (not subject to any rules), which run the gamut from the mundane to the bizarre bionet Biology newsgroups bit Bitnet newsgroups biz Business newsgroups clari Clarinet news service (daily news) comp Computer hardware and software newsgroups (includes operating systems such as Linux and Microsoft Windows) ieee Newsgroups for the Institute of Electrical and Electronics Engineers (IEEE) k12 Newsgroups devoted to elementary and secondary education linux Newsgroups devoted to Linux (includes a linux.redhat hierarchy) (continued) Alt Comp Linux Soc Cable TV Cars Music Announce Setup OS MS-Windows Politics Figure 3-1: Newsgroups are organized in a hierarchy with many top-level categories.#BREAK# 326 Understanding Newsgroups Table 3-1 (continued) Category Subject misc Miscellaneous newsgroups news Newsgroups about Internet news administration rec Recreational and art newsgroups sci Science and engineering newsgroups soc Newsgroups for discussing social issues and various cultures talk Discussions of current issues (think talk radio ) This short list of categories is deceptive because it doesn t really tell you about the wide-ranging variety of newsgroups available in each category. The top-level categories alone number close to a thousand, but many toplevel categories are distributed only in specific regions of the world. Because each newsgroup category contains several levels of subcategories, the overall count of newsgroups can be close to 60,000 or 70,000! The comp category alone has more than 500 newsgroups. Unfortunately, many newsgroups are flooded with spam, just like your e-mail inbox only worse because anyone can post anything on a newsgroup. There are some newsgroups, called moderated newsgroups, that offer some relief. Anyone who wants to post on a moderated newsgroup must first submit the article to a moderator a human being who can then decide whether to post the article or reject it. You can reduce the spam overload by browsing moderated newsgroups whenever possible. To browse newsgroup categories and get a feel for the breadth of topics covered by the newsgroups, visit the Free Usenet Newsgroup News Web site at newsone.net. Linux-related newsgroups Typically, you have to narrow your choice of newsgroups according to your interests. If you re interested in Linux, for example, you can pick one or more of these newsgroups: . comp.os.linux.admin: Information about Linux system administration. . comp.os.linux.advocacy: Discussions about promoting Linux. . comp.os.linux.announce: Important announcements about Linux. This newsgroup is moderated, which means you must mail the article to a moderator, who then posts it to the newsgroup if the article is appropriate for the newsgroup. (This method keeps the riff-raff from clogging up the newsgroup with marketing pitches.)#BREAK# Book IV Chapter 3 Reading Newsgroups Reading Newsgroups from Your ISP 327 . comp.os.linux.answers: Questions and answers about Linux. All the Linux HOWTOs are posted in this moderated newsgroup. . comp.os.linux.development: Current Linux development work. . comp.os.linux.development.apps: Linux application development. . comp.os.linux.development.system: Linux operating system development. . comp.os.linux.hardware: Discussions about Linux and various types of hardware. . comp.os.linux.help: Help with various aspects of Linux. . comp.os.linux.misc: Miscellaneous Linux-related topics. . comp.os.linux.networking: Networking under Linux. . comp.os.linux.redhat: Red Hat Linux-related topics. . comp.os.linux.setup: Linux setup and installation. . comp.os.linux.x: Discussions about setting up and running the X Window System under Linux. . linux.debian: Moderated newsgroup about Debian GNU/Linux. . linux.debian.news: Moderated newsgroup for news items about Debian GNU/Linux. . linux.redhat: Discussions about Red Hat Linux. You have to be selective about what newsgroups you read because keeping up with all the news is impossible, even in a specific area such as Linux. When you first install and set up Linux, you might read newsgroups such as comp.os.linux.help, comp.os.linux.setup, comp.os.linux.hardware, and comp.os.linux.x (especially if you run X). After you have Linux up and running, you may want to find out about only new things happening in Linux. For such information, read the comp.os.linux.announce newsgroup. Reading Newsgroups from Your ISP If you sign up with an ISP for Internet access, it can provide you with access to a news server. Such Internet news servers communicate by using the Network News Transfer Protocol (NNTP). You can use an NNTP-capable newsreader, such as Pan, to access the news server and read selected newsgroups. You can also read news by using the newsreader that comes with the Mozilla Web browser. Using a newsreader is the easiest way to access news from your ISP s news server.#BREAK# 328 Reading Newsgroups from Your ISP My discussion of reading newsgroups assumes that you obtained access to a news server from your ISP. The ISP provides you the name of the news server and any username and password needed to set up your news account on the newsreader you use. To read news, you need a newsreader a program that enables you to select a newsgroup and view the items in that newsgroup. You also have to understand the newsgroup hierarchy and naming conventions (which I describe in the Newsgroup hierarchy section, earlier in this chapter). Now I show you how to read news from a news server. If you don t have access to newsgroups through your ISP, you can try using one of the many public news servers that are out there. For a list of public news servers, visit NewzBot at www.newzbot.com. At this Web site, you can search for news servers that carry specific newsgroups. Taking stock of newsreaders You can use one of several software packages that enable you to download and read newsgroups in Linux. Here are a few major newsreaders: . Mozilla Mail: Mozilla s mail and news component includes the ability to download news from an NNTP server. You can read newsgroups and post items to newsgroups. Xandros uses Mozilla Mail for mail and news. . KNode: A newsreader for KDE that you can download from knode. sourceforge.net. Debian and SUSE use KNode as the newsreader. . Pan: A GUI newsreader that, according to the developer s Web site (pan. rebelbase.com), . . . attempts to be pleasing to both new and experienced users. You can download Pan for various Linux distributions from pan.rebelbase.com/download. If you don t find any newsreader in your Linux system, you can download and install any of these newsreaders easily in any of the Linux distributions. Often, you can locate the download site by a simple search at a search engine just search for the word download and the name of the newsreader. Reading newsgroups with Mozilla Mail You can browse newsgroups and post articles from Mozilla Mail, one of the components of Mozilla. In some distributions such as Xandros, the Main Menu has options to start Mozilla Mail directly. In others, you can first start Mozilla (either from the panel or by selecting a menu option from the Main Menu) and then select Windows.Mail & Newsgroups from the Mozilla menu. In many Linux distributions, the mail and news component of Mozilla may not be installed. In that case, you have to download and install the Mozilla mail and news component or use another newsreader.#BREAK# Book IV Chapter 3 Reading Newsgroups Reading Newsgroups from Your ISP 329 When you re starting to read newsgroups for the first time, follow these steps to set up the news account: 1. Choose Edit.Mail & Newsgroups Account Settings from the Mozilla Mail menu. A dialog box appears. 2. Click Add Account. The Account Wizard appears, as shown in Figure 3-2. 3. Select the Newsgroup Account radio button (see Figure 3-2) and click Next. 4. In the new screen that appears, fill in your identity information name and e-mail address and click Next to move to the next screen. 5. Enter your news server name and click Next. 6. Enter a descriptive name of the newsgroup account and click Next. 7. Click Finish to complete the newsgroup account setup. The new newsgroup account now appears in the list of accounts on the left side of the Mozilla Mail window. Click the newsgroup account name, and the right side of the window shows the options for the newsgroup account. Click the Subscribe to Newsgroups link. Mozilla Mail starts to download the list of newsgroups from the news server. If your ISP s news server requires a username and password, you re prompted for that information. After that, Mozilla Mail downloads the list of newsgroups and displays them in the Subscribe dialog box. (You can enter a search string in a text box to narrow the list.) When you find the newsgroups you want, click the check box to subscribe to these newsgroups, as shown in Figure 3-3. Then click OK to close the dialog box. Figure 3-2: Mozilla s Account Wizard guides you through the newsgroup account setup.#BREAK# 330 Reading Newsgroups from Your ISP After you subscribe to newsgroups, these newsgroups appear under the newsgroup account name in the left side of the Mozilla Mail window. You can then read a newsgroup using these steps: 1. Click a newsgroup name (for example, comp.os.linux.announce). If your news server requires a username and password, a dialog box prompts you for this information. Then another dialog box asks you how many message headers you want to download. 2. Specify the number of headers (for example, 500) you want and then click Download to proceed. Mozilla Mail downloads the headers from the newsgroup and displays a list in the upper-right area of the window. 3. From the list of headers, click an item to read that article, as shown in Figure 3-4. Figure 3-4: Click an article to read it in the lower-right part of the window. Figure 3-3: Indicate which newsgroups you want to subscribe to in this dialog box.#BREAK# Book IV Chapter 3 Reading Newsgroups Reading Newsgroups from Your ISP 331 To select other subscribed newsgroups, simply click the newsgroup s name in the left side of the window. Newsgroup subscriptions Unlike magazines or newspapers, newsgroups don t require that you subscribe to them; you can read any available newsgroup on the news server. The news server s administrator may decide to exclude certain newsgroups, however; if they aren t included, you cannot read them. The only thing that can be called subscribing is when you indicate the newsgroups you routinely want to read. The news server does not receive any of this subscription information the information is used only by the newsreader to determine what to download from the news server. Posting news You can use any newsreader to post a news article (a new item or a reply to an old posting) to one or more newsgroups. The exact command for posting a news item depends on the newsreader. For example, in the Mozilla Mail newsreader, you follow these steps to post an article: 1. Click the Reply button on the toolbar to post a follow-up to a news item you re reading. To post a new news article, click the Compose button. A window appears where you can compose the message. 2. Type the names of the newsgroups, just as you would type the addresses of recipients when sending e-mail; then enter the subject and your message. For this test posting, type ignore as the subject line and enter misc. test as the name of the newsgroup. Otherwise, any site that receives your article replies by mail to tell you the article has reached the site; that s in keeping with the purpose of the misc.test newsgroup. 3. After you finish composing the message, click Send on the toolbar. Mozilla Mail sends the message to the news server, which in turn sends it to other news servers, and soon it s all over the world! 4. To verify that the test message reaches the newsgroup, choose File. Subscribe; then subscribe to the misc.test newsgroup (that s where you recently posted the new article). Look at the latest article (or one of the most recent ones) in misc.test; it should be the article you recently posted.#BREAK# 332 Reading Newsgroups from Your ISP If you post an article and read the newsgroup immediately, you see the new article, but that does not mean the article has reached other sites on the Internet. After all, your posting shows up on your news server immediately because that s where you posted the article. Because of the store-and-forward model of news distribution, the news article gradually propagates from your news server to others around the world. The misc.test newsgroup provides a way to see whether or not your news posting is really getting around. If you post to that newsgroup and don t include the word ignore in the subject, news servers acknowledge receipt of the article by sending an e-mail message to the address listed in the Reply To field of the article s header. Using KNode Debian and SUSE use KNode as its default newsreader. In Debian, select Main Menu.Internet.News Reader to start KNode. In SUSE, select Main Menu. Internet.Usenet News Reader. When KNode runs for the first time, it brings up the Configure KNode dialog box, shown in Figure 3-5, through which you can configure everything needed to read newsgroups and post items to newsgroups. The left-hand side of the dialog box shows all the items that you can configure, and the right-hand side is where you enter the information for the item that you have currently selected on the left-hand side. Figure 3-5: Configure KNode from this dialog box.#BREAK# Book IV Chapter 3 Reading Newsgroups Reading Newsgroups from Your ISP 333 When the Configure KNode dialog box first opens, it prompts for your personal information. Enter your identification information such as name, e-mail address, and organization this information is used when you post a new item to a newsgroup. Then, click the plus sign next to Accounts in the left-hand side. (Refer to Figure 3-5.) Then click News to set up information about the news server from which you will be reading news. Click New in the Newsgroup servers window to bring up a dialog box (see Figure 3-6) where you can enter the information about the news server. Your ISP should have provided you with the information needed to access the news server. If the news server requires a login name and a password, you must enter that information as well. After you set up the news account, the KNode window shows the name of the news server in its left-hand side, as shown in Figure 3-7. Right-click on the server s name and select Subscribe to Newsgroups from the pop-up menu. A dialog box appears where you can subscribe to selected newsgroups (such as comp.os.linux.announce). Figure 3-7 shows a typical view of the KNode window while reading an article from one of the subscribed newsgroups. The KNode user interface is similar to many other mail and newsreaders, including Mozilla Mail. Using Pan Pan is a GUI newsreader that you can run on any Linux GUI. Pan may not be installed in your Linux distribution, but you can download it from pan. rebelbase.com/download. Figure 3-6: Enter information about the news server in this dialog box.#BREAK# 334 Reading Newsgroups from Your ISP In Debian, it s simple to install Pan. Just type su - in a terminal window, enter the root password, and then type apt-get install pan. If you get some errors, try typing apt-get update followed by apt-get upgrade. When you first run Pan, the Pan Setup Wizard starts and prompts you for information. Enter identifying information about yourself your name and e-mail address. Next, Pan Setup Wizard prompts for information about the news server, as shown in Figure 3-8. You also have to indicate which mail server Pan should use. Specify the SMTP server that you use to send mail through your ISP account. Pan uses the mail server when you want to reply to news items. Figure 3-8: Enter information about the news server in this window in Pan Setup Wizard. Figure 3-7: Read news items from newsgroups in KNode.#BREAK# Book IV Chapter 3 Reading Newsgroups Reading and Searching Newsgroups at Web Sites 335 Click Save after providing all the setup information. The Pan window appears, and a dialog box asks if you want to download a list of groups. Click Yes. Pan downloads the list of newsgroups and displays it in the left-hand side of its main window, as shown in Figure 3-9. An easy way to get to your desired newsgroup is to enter the first part of the newsgroup name (for example, comp.news.linux) in the Find box in the toolbar and press Enter. Pan displays the newsgroups that contain the text you entered. You can then click a newsgroup to download the headers from that group. Pan displays the headers in the upper-right side of the window. You can click a header and Pan displays the contents of that news item in the lower-right part of the window. (Refer to Figure 3-9.) Reading and Searching Newsgroups at Web Sites If you don t have access to newsgroups through your ISP, you can still read newsgroups and post articles to newsgroups at a number of Web sites. Some of them archive old news articles and provide good search capabilities, so you can search these for articles related to some question you may have. The best part about reading newsgroups through a Web site is that you don t even need access to a news server and you can read news from your Web browser. Figure 3-9: Reading a news item in Pan.#BREAK# 336 Reading and Searching Newsgroups at Web Sites Table 3-2 lists Web sites that offer free access to Usenet newsgroups. Some sites offer Usenet newsgroup service for a fee. I don t list them here, but you can search for them with Google (www.google.com) type the search words usenet newsgroup access to get a list of all Web sites that offer newsgroup access (including the ones that charge a fee). Table 3-2 Web Sites with Free Access to Usenet Newsgroups Web Site URL Google Groups groups.google.com News2Web www.news2web.com InterBulletin news.interbulletin.com Usenet Replayer www.usenet-replayer.com Mailgate www.mailgate.org One of the best places to read newsgroups, post articles, and search old newsgroup archives is Google Groups Google s Usenet discussion forums on the Web at groups.google.com. At that Web site, you can select a newsgroup to browse and you can post replies to articles posted on various newsgroups. The best part of Google Groups is the search capability. You already know how good Google s Web search is; you get that same comprehensive search capability to locate newsgroup postings that relate to your search words. To search newsgroups, fill in the search form at groups.google.com and press Enter. To browse newsgroups in Google Groups, ignore the search box and look at the list of high-level newsgroup categories such as alt, comp, and soc. Click the category, and you can gradually drill down to specific newsgroups. When viewing an article in Google Groups, you can click a link that enables you to post a follow-up to that article.#BREAK# Chapter 4: Using FTP In This Chapter Using the GNOME FTP client Using the Mozilla Web browser as an FTP client Getting to know the FTP commands Just as the name implies, File Transfer Protocol (FTP) is used to transfer files between computers. For example, if your Internet Service Provider (ISP) gives you space for a personal Web site, you may have already used FTP to upload the files making up the Web site. Using an FTP client on your computer, you log in to your ISP account, provide your password, and then copy the files from your home system to the ISP s server. You can also use FTP to download other files anonymously, such as opensource software from other computers on the Internet in which case, you don t need an account on the remote system to download files. You can simply log in using the word anonymous as the username and provide your e-mail address as the password. (In fact, your Web browser can do this on your behalf, so you may not even know this process is happening.) This type of anonymous FTP is great for distributing files to anyone who wants them. For example, a hardware vendor might use anonymous FTP to provide updated device drivers to anyone who needs them. Linux comes with several FTP clients, both command-line ones and GUI ones. In this chapter, I introduce you to a few GUI FTP clients and, for the command-line FTP client, describe the commands you use to work with remote directories. Using Graphical FTP Clients You can use one of the following GUI FTP clients in Linux: . gFTP a graphical FTP client for GNOME (gftp.seul.org) . KBear a graphical FTP client for KDE (kbear.sourceforge.net) . Mozilla Web browser for anonymous FTP downloads#BREAK# 338 Using Graphical FTP Clients For uploading files, you may want to use gFTP because you typically have to provide a username and password for such transfers. Web browsers work fine for anonymous downloads, which is how you typically download software from the Internet. I briefly describe all three GUI FTP clients in the next two sections. Using gFTP GNOME comes with gFTP, a graphical FTP client. gFTP is not installed by default, but you can download it from gftp.seul.org and install it easily. In some distributions, it may be in a package already and all you have to do is install that package. In Debian, type su - in a terminal window and enter the root password, then type apt-get install gftp. In Fedora Core, install gFTP from the companion DVD. Log in as root, insert the DVD into the DVD drive, and type mount /mnt/cdrom in a terminal window. (You may have to change cdrom to cdrom1, if the DVD drive is the second CD/DVD drive on your system.) Then type cd /mnt/cdrom/Fedora/ RPMS, followed by rpm -ivh gftp*. In Fedora Core, start gFTP by selecting Main Menu.Internet.gFTP. In other distributions, you should be able to find it in the Main Menu. The gFTP window appears, as shown in Figure 4-1. Figure 4-1: The gFTP window just after opening a connection to an FTP server.#BREAK# Book IV Chapter 4 Using FTP Using Graphical FTP Clients 339 The gFTP window has a menu bar with menus for performing various tasks. Just below the menu bar is a toolbar with a number of buttons and text fields. Here you can type the name or IP address of the remote host, the username, and the password needed to log in to the remote host. Figure 4-1 shows the gFTP window after you fill in this information and establish a connection with the remote host by clicking the button with the icon showing two computers (the leftmost one on the toolbar). To upload or download files using gFTP, follow these steps: 1. Fill in the host name or the IP address of the remote system in the Host field. If you have used that host before, you can select it from the drop-down list that appears when you click the downward-pointing arrow next to the Host field. 2. Provide the username in the User field and the password in the Pass field, and then click the button with the icon showing two computers (to the left of the Host field). This operation causes gFTP to connect to your chosen host and to log in with the username and password you provided. The lower part of the gFTP window shows the FTP protocol messages exchanged between the two systems. 3. Observe this area for any indication of error messages. The directory listing of the remote system appears in the right half of the gFTP window. The left half shows the current local directory. 4. To upload one or more files from the current system to the remote system, select the files in the list on the left, and then click the rightarrow button. 5. To download files from the remote system, select the filenames in the list on the right, and then click the left-arrow button. 6. When you re done transferring files, choose FTP.Quit from the menu. As these steps show, transferring files with a GUI FTP client, such as gFTP, is a simple task. Believe it or not, gFTP isn t for FTP transfers alone. It can also transfer files using the HTTP protocol and secure file transfers using the Secure Shell (SSH) protocol. #BREAK# 340 Using Graphical FTP Clients Introducing KBear KBear is a GUI FTP client for KDE. You find it in the Main Menu (in the Internet category) on KDE desktops such as the one in Debian. When you first start KDE, it runs the KBear Wizard that enables you to configure KBear. This configuration step mostly involves the layout of the KBear window, so you can just accept the defaults. When the main KBear window appears, it displays your home folder in a view similar to that in Windows Explorer. To connect to an FTP server, choose FTP.Quick Connect. A dialog box (see Figure 4-2) prompts you for the hostname of the FTP server as well as the username and password. After entering the requested information, click Connect. KBear establishes a connection to the remote FTP server. In the KBear main window, shown in Figure 4-3, you see both the local and remote directories side by side. You can now transfer files by dragging them from one system s folder and dropping them on the other system s folder, so FTP transfers become just normal drag-and-drop file copying. When you are done using KBear, select FTP.Quit or click the power off button (the leftmost one) on the toolbar. Using a Web browser as an FTP client Any Web browser can act as an FTP client, but such programs are best for anonymous FTP downloads, where the Web browser can log in using the anonymous username and any password. Figure 4-2: Enter information about the remote FTP server and click Connect.#BREAK# Book IV Chapter 4 Using FTP Using Graphical FTP Clients 341 For example, you can use the Mozilla Web browser as an FTP client. All you have to know is how to write the URL so that the Web browser can tell that you want to download a file using FTP. The syntax of the FTP URL is like this: ftp://hostname/pathname The first part (ftp://) indicates that you want an FTP transfer. The hostname part is the name of the FTP server (the name often starts with an ftp for example, ftp.netscape.com). The pathname is the full directory path and filename of the file that you want to download. If you simply provide the hostname for the FTP server, the Web browser displays the contents of the anonymous FTP directory. If you want to access anonymous FTP on your Linux system, start Mozilla (click the Mozilla icon on the GNOME panel), and then type the following line in the Location text box: ftp://localhost/ Then press Enter. Mozilla shows the contents of the anonymous FTP directory on your Linux system. Figure 4-4 shows a typical appearance of an anonymous FTP directory in Mozilla. You can click folders to see their contents and download any files. Although I am showing how you can access your local system by using Mozilla s FTP capabilities, the purpose of FTP is (of course) to download files from other systems to your system. Figure 4-3: The KBear window shows the local directory and the remote FTP server s directory side by side.#BREAK# 342 Using the Command-Line FTP Client When you use the ftp://localhost/ URL, you won t get a response from your system if you re not running an FTP server or if you have set up your firewall so that no FTP connections are allowed. In Debian and Fedora Core, log in as root and type /etc/init.d/vsftpd start (in a terminal window) to start the FTP server. In SUSE, the xinetd super server controls the FTP server vsftpd. The /etc/xinetd.d/vsftpd configuration file specifies how vsftpd is started. See Book VII, Chapter 1 for more information about xinetd configuration files. The same approach of accessing anonymous FTP sites works if you type the hostname of some other anonymous FTP server. For example, try typing the following URL: ftp://ftp.netscape.com/ You get the directory of the ftp.netscape.com server. Using the Command-Line FTP Client Knowing how to use FTP from the command line is a good idea just in case. For example, your GUI desktop may not be working, and in order to fix the problem, you may have to download some files. If you know how to use the command-line FTP client, you can download the files and take care of the problem. It s not that hard, and the command-line FTP client is available in all Linux distributions. The best way to figure out the command-line FTP client is to try it out. The command is called ftp, and you can try out the ftp commands from your Linux system. You don t even need an Internet connection because you can use the ftp command to connect to your own system I show you how. Figure 4-4: You can use Mozilla to download files from anonymous FTP servers.#BREAK# Book IV Chapter 4 Using FTP Using the Command-Line FTP Client 343 Note that the exact output from the ftp command might be different because some distributions, such as Debian, use a text-mode version of gFTP as the command-line FTP client. In the following sample FTP session, I use the command-line FTP client to log in using my username (naba) and browse the directories on one of my Linux systems. When you try a similar operation, replace the name with your username and provide your password. Here s the listing illustrating interaction with a typical command-line FTP client (my comments appear in italics): ftp localhost Connected to localhost (127.0.0.1). 220 (vsFTPd 2.0.1) Name (localhost:naba): (I press Enter.) 331 Please specify the password. Password: (I type my password.) 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> help (I type help to see a list of FTP commands.) Commands may be abbreviated. Commands are: ! debug mdir sendport site $ dir mget put size account disconnect mkdir pwd status append exit mls quit struct ascii form mode quote system bell get modtime recv sunique binary glob mput reget tenex bye hash newer rstatus tick case help nmap rhelp trace cd idle nlist rename type cdup image ntrans reset user chmod lcd open restart umask close ls prompt rmdir verbose cr macdef passive runique ? delete mdelete proxy send ftp> help mget (I can get help on a specific command.) mget get multiple files ftp> cd /var/ftp (This changes directory to /var/ftp.) 250 Directory successfully changed. ftp> ls (This command lists the contents of the directory.) 227 Entering Passive Mode (127,0,0,1,38,142) 150 Here comes the directory listing. drwxr-xr-x 2 0 0 4096 Feb 21 21:42 pub 226 Directory send OK. ftp> bye (This command ends the session.) 221 Goodbye.#BREAK# 344 Using the Command-Line FTP Client As the listing shows, you can start the command-line FTP client by typing the command ftp hostname, where hostname is the name of the system you want to access. When the FTP client establishes a connection with the FTP server at the remote system, the FTP server prompts you for a username and password. After you supply the information, the FTP client displays the ftp> prompt, and you can begin typing commands to perform specific tasks. If you can t remember a specific FTP command, type help to view a list of them. You can get additional help for a specific command by typing help command, where command is what you want help on. Many FTP commands are similar to the Linux commands for navigating the file system. For example, cd changes directory, pwd prints the name of the current working directory, and ls lists the contents of the current directory. Two other common commands are get and put get is what downloads a file from the remote system to your system, and put uploads (sends) a file from your system to the remote host. Table 4-1 describes some commonly used FTP commands. You don t have to type the entire FTP command. For a long command, you only have to type the first few characters enough to identify the command uniquely. For example, to delete a file, you can type dele and to change the file transfer mode to binary, you can type bin. When downloading files from the Internet, you almost always want to transfer the files in binary mode because the software is usually archived and compressed in a binary form. (Its files aren t plain text files.) So always use the binary command to set the mode to binary. Then use the get command to download the files. When transferring multiple files with similar names (such as image1.jpg, image2.jpg, and so on), type prompt to turn off prompting. (Otherwise the FTP client will ask you after each file transfer whether you want to transfer the next file.) Then type mget followed by the filename with wildcard. For example, to download all files with name starting with image and the .jpg extension, type mget image*.jpg. Table 4-1 Commonly Used FTP Commands Command Description ! Executes a shell command on the local system. For example, !ls lists the contents of the current directory on the local system. ? Displays a list of commands (same as help). append Appends a local file to a remote file. ascii Sets the file-transfer type to ASCII (or plain text). This command is the default file-transfer type. binary Sets the file-transfer type to binary.#BREAK# Book IV Chapter 4 Using FTP Using the Command-Line FTP Client 345 Command Description bye Ends the FTP session with the remote FTP server and quits the FTP client. cd Changes the directory on the remote system. For example, cd /pub/ Linux changes the remote directory to /pub/Linux. chmod Changes the permission settings of a remote file. For example, chmod 644 index.html changes the permission settings of the index. html file on the remote system. close Ends the FTP session with the FTP server and returns to the FTP client s prompt. delete Deletes a remote file. For example, delete bigimage.jpg deletes that file on the remote system. dir Lists the contents of the current directory on the remote system. disconnect Ends the FTP session and returns to the FTP client s prompt. (This command is the same as close.) get Downloads a remote file. For example, get junk.tar.gz junk. tgz downloads the file junk.tar.gz from the remote system and saves it as the file junk.tgz on the local system. hash Turns on or off the hash-mark (#) printing that shows the progress of file transfer. When this feature is turned on, a hash mark prints on-screen for every 1,024 bytes transferred from the remote system. (It s the commandline version of a progress bar.) help Displays a list of commands. image Same as binary. lcd Changes the current directory on the local system. For example, lcd /var/ftp/pub changes the current local directory to /var/ ftp/pub. ls Lists the contents of the current remote directory. mdelete Deletes multiple files on a remote system. For example, mdelete *.jpg deletes all remote files with names ending in .jpg in the current directory. mdir Lists multiple remote files and saves the listing in a specified local file. For example, mdir /usr/share/doc/w* wlist saves the listing in the local file named wlist. mget Downloads multiple files. For example, mget *.jpg downloads all files with names ending in .jpg. If the prompt is turned on, the FTP client asks for confirmation before downloading each file. mkdir Creates a directory on the remote system. mkdir images creates a directory named images in the current directory on the remote system. mls Same as mdir. mput Uploads multiple files. For example, mput *.jpg sends all files with names ending in .jpg to the remote system. If the prompt is turned on, the FTP client asks for confirmation before sending each file. (continued)#BREAK# 346 Using the Command-Line FTP Client Table 4-1 (continued) Command Description open Opens a connection to the FTP server on the specified host. For example, open ftp.netscape.com connects to the FTP server on the host ftp.netscape.com. prompt Turns the prompt on or off. When the prompt is on, the FTP client prompts you for confirmation before downloading or uploading each file during a multiple-file transfer. put Sends a file to the remote system. For example, put index.html sends the index.html file from the local system to the remote system. pwd Displays the full pathname of the current directory on the remote system. When you log in as a user, the initial current working directory is your home directory. quit Same as bye. recv Same as get. rename Renames a file on the remote system. For example, rename old.html new.html renames the file old.html to new.html on the remote system. rmdir Deletes a directory on the remote system. For example, rmdir images deletes the images directory in the current directory of the remote system. send Same as put. size Shows the size of a remote file. For example, size bigfile.tar.gz shows the size of that remote file. status Shows the current status of the FTP client. user Sends new user information to the FTP server. For example, user naba sends the username naba; the FTP server then prompts for the password for that username.#BREAK# Book V Administration#BREAK# Contents at a Glance Chapter 1: Learning Basic System Administration ………………………………………………….349 Chapter 2: Managing Users and Groups ………………………………………………………………..387 Chapter 3: Managing File Systems …………………………………………………………………………397 Chapter 4: Installing and Updating Applications ……………………………………………………421 Chapter 5: Customizing the Linux Kernel ………………………………………………………………445#BREAK# Chapter 1: Learning Basic System Administration In This Chapter Introducing the GUI sysadmin tools Becoming root Understanding the system startup process Taking stock of the system configuration files Viewing system information through the /proc file system Monitoring system performance Managing devices Scheduling jobs System administration or sysadmin refers to whatever has to be done to keep a computer system up and running; the system administrator (also called the sysadmin) is whoever is in charge of taking care of these tasks. If you re running Linux at home or in a small office, you re most likely the system administrator for your systems. Or maybe you re the system administrator for a whole LAN full of Linux systems. No matter. In this chapter, I introduce you to basic system administration procedures and show you how to perform some common tasks. Each Linux distribution comes with quite a few graphical tools for performing specific system administration tasks. I introduce you to some of these GUI tools in this chapter and describe some of them in greater detail in the other chapters of this minibook. Taking Stock of System Administration Tasks So what are system administration tasks? My off-the-cuff reply is anything you have to do to keep the system running well. More accurately, though, a system administrator s duties include the following:#BREAK# 350 Taking Stock of System Administration Tasks . Adding and removing user accounts. You have to add new user accounts and remove unnecessary user accounts. If a user forgets the password, you have to change the password. . Managing the printing system. You have to turn the print queue on or off, check the print queue s status, and delete print jobs if necessary. . Installing, configuring, and upgrading the operating system and various utilities. You have to install or upgrade parts of the Linux operating system and other software that are part of the operating system. . Installing new software. You have to install software that comes in various package formats such as RPM or DEB. You also have to download and unpack software that comes in source-code form and then build executable programs from the source code. . Managing hardware. Sometimes, you have to add new hardware and install drivers so the devices work properly. . Making backups. You have to back up files, either in a Zip drive or on tape (if you have a tape drive). . Mounting and unmounting file systems. When you want to access the files on a CD-ROM, for example, you have to mount that CD-ROM s file system on one of the directories in your Linux file system. You also have to mount floppy disks, in both Linux format and DOS format. . Automating tasks. You have to schedule Linux tasks to take place automatically (at specific times) or periodically (at regular intervals). . Monitoring the system s performance. You may want to keep an eye on system performance to see where the processor is spending most of its time, and to see the amount of free and used memory in the system. . Starting and shutting down the system. Although starting the system typically involves nothing more than powering up the PC, you do have to take some care when you want to shut down your Linux system. If your system is set up for a graphical login screen, you can perform the shutdown operation by selecting a menu item from the login screen. Otherwise, use the shutdown command to stop all programs before turning off your PC s power switch. . Monitoring network status. If you have a network presence (whether a LAN, a DSL line, or cable modem connection), you may want to check the status of various network interfaces and make sure your network connection is up and running. . Setting up host and network security. You have to make sure that system files are protected and that your system can defend itself against attacks over the network. . Monitoring security. You have to keep an eye on any intrusions, usually by checking the log files.#BREAK# Book V Chapter 1 Learning Basic System Administration Introducing Some GUI Sysadmin Tools 351 That s a long list of tasks! I don t cover all of them in this chapter, but the rest of the minibook describes most of these tasks. Here, I focus on some of the basics by introducing you to some GUI tools, explaining how to become root (the superuser), describing the system configuration files, and showing you how to monitor system performance, manage devices, and set up periodic jobs. Introducing Some GUI Sysadmin Tools Each Linux distribution comes with GUI tools for performing system administration tasks. The GUI tools prompt you for input and then run the necessary Linux commands to perform the task. In the following sections, I briefly introduce the GUI sysadmin tools in Debian, Fedora Core, SUSE, and Xandros. GUI sysadmin tools in Debian Debian does not have too many GUI tools for performing sysadmin tasks. You can, however, use some of the KDE GUI tools to take care of some sysadmin chores. Table 1-1 lists some common tasks and the menu selection you use to start the GUI tool that enables you to perform that task. Table 1-1 Performing Sysadmin Tasks with GUI Tools in Debian To Do This Select the Following the KDE Desktop Add or remove software Main Menu.System.Package Manager Change password Main Menu.Settings.Change Password Configure KDE desktop Main Menu.Settings.Control Center Find files Main Menu.Find Files Format floppy Main Menu.Utilities.Floppy Formatter Manage printers Main Menu.System.Printers Manage user accounts Main Menu.System.User Manager Monitor system performance Main Menu.System.System Monitor Schedule a task Main Menu.System.Task Scheduler View system logs Main Menu.System.System Log GUI sysadmin tools in Fedora Core Fedora Core comes with a set of GUI system configuration tools that can ease the burden of performing typical sysadmin chores. Table 1-2 briefly summarizes the menu selections you use to start a GUI tool for a specific task.#BREAK# 352 Introducing Some GUI Sysadmin Tools Table 1-2 Starting GUI Sysadmin Tools in Fedora Core To Configure or Manage This Start GUI Tool by Selecting This Date and time Main Menu.System Settings.Date&Time Disks and DVD/CD-ROM Main Menu.System Tools.Disk Management Display settings Main Menu.System Settings.Display Firewall settings Main Menu.System Settings.Security Level Hardware Main Menu.System Tools.Hardware Browser Internet connection Main Menu.System Tools.Internet Configuration Wizard Network Main Menu.System Settings.Network Preferences such as desktop Main Menu.Preferences and password Printer Main Menu.System Settings.Printing root password Main Menu.System Settings.Root Password Servers Main Menu.System Settings.Server Settings Software Main Menu.System Settings.Add/Remove Application System logs Main Menu.System Tools.System Logs System performance Main Menu.System Tools.System Monitor User accounts Main Menu.System Settings.Users and Groups GUI sysadmin tools in Knoppix Knoppix is a Live CD distribution that you can use either to try out Linux or as a tool to fix problems in an existing Linux system. As such, Knoppix comes with several GUI tools that you can use for system administration tasks. Table 1-3 summarizes some of the GUI tools in Knoppix. Table 1-3 Using GUI tools for Sysadmin Tasks in Knoppix To Do This Select This from the Knoppix GUI Desktop Configure desktop Main Menu.Settings.Desktop Settings Wizard Configure KDE Main Menu.Settings.Control Center Configure network Main Menu.KNOPPIX.Network/Internet. Network card configuration Configure printer Main Menu.KNOPPIX.Configure.Configure printer(s) Find Files Main Menu.Find Files#BREAK# Book V Chapter 1 Learning Basic System Administration Introducing Some GUI Sysadmin Tools 353 To Do This Select This from the Knoppix GUI Desktop Manage disk partitions (for Main Menu.System.QTParted troubleshooting existing Linux installations) Open a terminal window with Main Menu.KNOPPIX.Root Shell root permission Start Samba Server Main Menu.KNOPPIX.Services.Start Samba Server Start SSH server Main Menu.KNOPPIX.Services.Start SSH Server GUI sysadmin tools in SUSE In SUSE, select Main Menu.System.YaST to start your system administration tasks in the YaST Control Center. Figure 1-1 shows the YaST Control Center window. The left side of the YaST Control Center shows icons for the categories of tasks you can perform. The right-hand side shows icons for specific tasks in the currently selected category. When you click an icon in the right-hand side of the YaST Control Center, a new YaST window appears and enables you to perform that task. Figure 1-1: YaST Control Center is your starting point for many sysadmin tasks in SUSE.#BREAK# 354 Introducing Some GUI Sysadmin Tools Table 1-4 summarizes the tasks for each of the category icons you see in the left side of the YaST Control Center. As you can see from the entries in the second column of Table 1-4, YaST Control Center is truly one-stop shopping for all of your sysadmin chores. Table 1-4 Tasks by Category in the YaST Control Center This Category Enables You to Configure/Manage the Following Software Online Update; Install and Remove Software; Change Source of Installation; Installation into Directory; Patch CD Update; System Update Hardware CD-ROM Drives; Disk Controllers; Graphics Card and Monitor; Hardware Information; IDE DMA Mode; Joystick; Printer; Scanner; Select Mouse Model; Sound; TV Card System /etc/sysconfig Editor; Boot Loader Configuration; Choose Language; Create a Boot, Rescue, or Module Floppy; Date and Time; LVM; Partitioner; Power Management; Powertweak Configuration; Profile Manager; Restore System; Runlevel Editor; Select Keyboard Layout; System Backup Network Devices DSL; Fax; ISDN; Modem; Network Card; Phone Answering Machine Network Services DHCP Server; DNS Server; DNS Host and Name; HTTP Server; Host Names; Kerberos Client; LDAP Client; Mail Transfer Agent; NFS Client; NFS Server; NIS Client; NIS Server; NTP Client; Network Services (inetd); Proxy; Remote Administration; Routing; SLP Browser; Samba Client; Samba Server; TFTP Server Security and Users Edit and create groups; Edit and create users; Firewall; Security settings Misc Autoinstallation; Load Vendor Driver CD; Post a Support Query; View Start-up Log; View System Log GUI sysadmin tools in Xandros Xandros is designed to be a desktop operating system, and as such, everything is easily accessible from the desktop. For most sysadmin tasks, you start at the Xandros Control Center select Main Menu.Control Center to get there. (Figure 1-2 shows you what you find when you do get there.) As you can see, the left-hand side of the window shows a tree menu of task categories. You can click the plus sign next to a category to view the subcategories. When you click a specific task, the right-hand side of the window displays the GUI through which you can perform that task. For some tasks, such as mounting file systems or adding printers, you can open the Xandros File Manager as a system administrator by selecting Main Menu.Applications.System.Administrator Tools.Xandros File Manager (Administrator). Figure 1-3 shows the Xandros File Manager window from which you can perform some sysadmin tasks.#BREAK# Book V Chapter 1 Learning Basic System Administration How to Become root 355 How to Become root You have to log in as root to perform the system administration tasks. The root user is the superuser and the only account with all the privileges needed to do anything in the system. Figure 1-3: For some sysadmin tasks, use the Xandros File Manager. Figure 1-2: You can perform many sysadmin tasks from the Xandros Control Center.#BREAK# 356 How to Become root Common wisdom says you should not normally log in as root. When you re root, one misstep, and you can easily delete all the files especially when you re typing commands. Take, for example, the command rm *.html that you may type to delete all files that have the .html extension. What if you accidentally press the spacebar after the asterisk (*)? The shell takes the command to be rm * .html and because * matches any filename deletes everything in the current directory. Seems implausible until it happens to you! Using the su - command If you re logged in as a normal user, how do you do any system administration chores? Well, you become root for the time being. If you re working at a terminal window or console, type su - Then enter the root password in response to the prompt. From this point on, you re root. Do whatever you have to do. To return to your usual self, type exit That s it! It s that easy. By the way, Knoppix does not have any root password, so you can become root by simply typing su - at the shell prompt in a terminal window. Becoming root for the GUI utilities Most Linux distributions include GUI utilities to perform system administration chores. If you use any of these GUI utilities to perform a task that requires you to be root, the utility typically pops up a dialog box that prompts you for the root password, as shown in Figure 1-4. Just type the password and press Enter. If you don t want to use the utility, click Cancel. Figure 1-4: Type the root password and press Enter to gain root privileges.#BREAK# Book V Chapter 1 Learning Basic System Administration How to Become root 357 Recovering from a forgotten root password To perform system administration tasks, you have to know the root password. What happens if you forget the root password? Not to worry: Just reboot the PC and you can reset the root password by following these steps: 1. Reboot the PC (select Reboot as you log out of the GUI screen) or power up as usual. Soon you see the graphical GRUB boot loader screen that shows the names of the operating systems you can boot. If your system runs the LILO boot loader, press Ctrl+X and at the boot: prompt, type linux single and press Enter. Then proceed to step 4. 2. If you have more than one operating system installed, use the arrow key to select Linux as your operating system. Then press the A key. GRUB prompts you for commands to add to its default boot command. 3. Press the spacebar, type the following, and then press Enter: single Linux starts up as usual but runs in a single-user mode that does not require you to log in. After Linux starts, you see the following commandline prompt that ends with a hash mark (#), similar to the following: sh-2.05b# 4. Type the passwd command to change the root password as follows: sh-2.05b# passwd Changing password for user root. New password: 5. Type the new root password that you want to use (it doesn t appear on-screen) and then press Enter. Linux asks for the password again, like this: Retype new password: 6. Type the password again, and press Enter. If you enter the same password both times, the passwd command changes the root password. 7. Now type reboot to reboot the PC. After Linux starts, it displays the familiar login screen. Now you can log in as root with the new password.#BREAK# 358 Understanding How Linux Boots Make sure that your Linux PC is physically secure. As these steps show, anyone who can physically access your Linux PC can simply reboot, set a new root password, and do whatever he or she wants with the system. Another way to protect against resetting the password is to set a GRUB password, which causes GRUB to require a valid password before it boots Linux. Of course, you must then remember to enter the GRUB password every time you boot your system! Understanding How Linux Boots Knowing the sequence in which Linux starts processes as it boots is important. You can use this knowledge to start and stop services, such as the Web server and Network File System (NFS). The next few sections provide you with an overview of how Linux boots and starts the initial set of processes. These sections also familiarize you with the shell scripts that start various services on a Linux system. Understanding the init process When Linux boots, it loads and runs the core operating system program from the hard drive. The core operating system is designed to run other programs. A process named init starts the initial set of processes on your Linux system. To see the processes currently running on the system, type ps ax | more You get an output listing that starts off like this: PID TTY STAT TIME COMMAND 1 ? S 0:22 init [2] The first column, with the heading PID, shows a number for each process. PID stands for process ID (identification) a sequential number assigned by the Linux kernel. The first entry in the process list, with a process ID (PID) of 1, is the init process. It s the first process, and it starts all other processes in your Linux system. That s why init is sometimes referred to as the mother of all processes. What the init process starts depends on the following: . The run level, an identifier that identifies a system configuration in which only a selected group of processes can exist. . The contents of the /etc/inittab file, a text file that specifies which processes to start at different run levels.#BREAK# Book V Chapter 1 Learning Basic System Administration Understanding How Linux Boots 359 . A number of shell scripts that are executed at specific run levels. (The scripts are located in the /etc/init.d directory and a number of subdirectories in /etc these subdirectories have names that begin with rc.) Most Linux distributions use seven run levels 0 through 6. The meaning of the run levels differ from one distribution to another. Table 1-5 shows the meanings of the run levels and points out some of the actions specific to Fedora Core, Debian, SUSE, and Xandros. Table 1-5 Run Levels in Linux Run Level Meaning 0 Shuts down the system 1 Runs in single-user standalone mode (no one else can log in; you work at the text console) 2 Runs in multiuser mode (Debian and Xandros use run level 2 as the default run level) 3 Runs in full multiuser mode (used for text-mode login in Fedora Core and SUSE) 4 Runs in full multiuser mode (unused in Fedora Core and SUSE) 5 Runs in full multiuser mode (used as the default run level with graphical login in Fedora Core and SUSE) 6 Reboots the system The current run level, together with the contents of the /etc/inittab file, controls which processes init starts in Linux. The default run level is 2 in Debian and Xandros. In Fedora Core and SUSE, run level 3 is used for textmode login screens and 5 for the graphical login screen. You can change the default run level by editing a line in the /etc/inittab file. To check the current run level, type the following command in a terminal window: /sbin/runlevel In Debian, the runlevel command prints an output like this: N 2 The first character of the output shows the previous run level (N means no previous run level), and the second character shows the current run level (2). In this case, the system started at run level 2. If you are in a GUI desktop in Fedora Core, the runlevel command should show 5 as the current run level.#BREAK# 360 Understanding How Linux Boots Examining the /etc/inittab file The /etc/inittab file is the key to understanding the processes that init starts at various run levels. You can look at the contents of the file by using the more command, as follows: more /etc/inittab To see the contents of the /etc/inittab file with the more command, you don t have to log in as root. To interpret the contents of the /etc/inittab file, follow these steps: 1. Look for the line that looks like this: id:2:initdefault: That line shows the default run level. In this case, it s 2. 2. Find all the lines that specify what init runs at run level 2. Look for a line that has a 2 between the first two colons (:). Here is a relevant line in Debian: l2:2:wait:/etc/init.d/rc 2 This line specifies that init executes the file /etc/init.d/rc with 2 as an argument. If you look at the file /etc/init.d/rc in a Debian system, you find it s a shell script. You can study this file to see how it starts various processes for run levels 1 through 5. Each entry in the /etc/inittab file tells init what to do at one or more run levels you simply list all run levels at which the process runs. Each inittab entry has four fields separated by colons in the following format: id:runlevels:action:process Table 1-6 shows what each of these fields means. Table 1-6 Meaning of the Fields in Each inittab Entry Field Meaning id A unique one- or two-character identifier. The init process uses this field internally. You can use any identifier you want, as long as you don t use the same identifier on more than one line.#BREAK# Book V Chapter 1 Learning Basic System Administration Understanding How Linux Boots 361 Field Meaning runlevels A sequence of zero or more characters, each denoting a run level. For example, if the runlevels field is 12345, that entry applies to each of the run levels 1 through 5. This field is ignored if the action field is set to sysinit, boot, or bootwait. action Tells the init process what to do with that entry. If this field is initdefault, for example, init interprets the runlevels field as the default run level. If this field is set to wait, init starts the program or script specified in the process field and waits until that process exits. process Name of the script or program that init starts. Of course, some settings of the action field require no process field. For example, when the action field is initdefault, there is no need for a process field. Trying a new run level with the init command To try a new run level, you don t have to change the default run level in the /etc/inittab file. If you log in as root, you can change the run level (and, consequently, the processes that run in Linux) by typing init followed by the run level. For example, to put the system in single-user mode, type the following: init 1 Thus, if you want to try run level 3 without changing the default run level in /etc/inittab file, enter the following command at the shell prompt: init 3 The system ends all current processes and enters run level 3. By default, the init command waits 20 seconds before stopping all current processes and starting the new processes for run level 3. To switch to run level 3 immediately, type the command init -t0 3. The number after the -t option indicates the number of seconds init waits before changing the run level. You can also use the telinit command, which is simply a symbolic link (a shortcut) to init. If you make changes to the /etc/inittab file and want init to reload its configuration file, use the command telinit q.#BREAK# 362 Understanding How Linux Boots Understanding the Linux startup scripts The init process runs a number of scripts at system startup. In the following discussions, I use a Debian system as an example, but the basic sequence is similar in other distributions only the names and locations of the scripts may vary. If you look at the /etc/inittab file in a Debian system, you find the following lines near the beginning of the file: # Boot-time system configuration/initialization script. si::sysinit:/etc/init.d/rcS The first line is a comment line. The second line causes init to run the /etc/init.d/rcS script the first Linux startup script that init runs in a Debian system. The rcS script performs many initialization tasks, such as mounting the file systems, setting the clock, configuring the keyboard layout, starting the network, and loading many other driver modules. The rcS script performs these initialization tasks by calling many other scripts and reading configuration files located in the /etc/rcS.d directory. After executing the /etc/init.d/rcS script, the init process runs the /etc/init.d/rc script with the run level as argument. For example, for run level 2, the following line in /etc/inittab specifies what init executes: l2:2:wait:/etc/init.d/rc 2 This example says init executes the command /etc/init.d/rc 2 and waits until that command completes. The /etc/init.d/rc script is somewhat complicated. Here s how it works: . It executes scripts in a directory corresponding to the run level. For example, for run level 2, the /etc/init.d/rc script runs the scripts in the /etc/rc2.d directory. . In the directory that corresponds with the run level, /etc/init.d/rc looks for all files that begin with a K and executes each of them with the stop argument. This argument kills any currently running processes. Then it locates all files that begin with an S and executes each file with a start argument. This argument starts the processes needed for the specified run level. To see what gets executed at run level 2, type the following command: ls -l /etc/rc2.d#BREAK# Book V Chapter 1 Learning Basic System Administration Understanding How Linux Boots 363 In the resulting listing, the K scripts the files whose names begin with K stop (or kill ) servers, whereas the S scripts start servers. The /etc/ init.d/rc script executes these files in exactly the order in which they appear in the directory listing. Manually starting and stopping servers In Linux, the server startup scripts reside in the /etc/init.d directory. You can manually invoke scripts in this directory to start, stop, or restart specific processes usually servers. For example, to stop the FTP server (the server program is called vsftpd), type the following command: /etc/init.d/vsftpd stop If vsftpd is already running and you want to restart it, type the following command: /etc/init.d/vsftpd restart You can enhance your system administration skills by familiarizing yourself with the scripts in the /etc/init.d directory. To see its listing, type the following command: ls /etc/init.d The script names give you some clue about which server the script can start and stop. For example, the samba script starts and stops the processes required for Samba Windows networking services. At your leisure, you may want to study some of these scripts to see what each one does. You don t have to understand all the shell programming; the comments help you discover the purpose of each script. Automatically starting servers at system startup You want some servers to start automatically every time you boot the system. The exact commands to configure the servers varies from one distribution to another. In Fedora Core and SUSE, use the chkconfig command to set up a server to start whenever the system boots into a specific run level. For example, if you start the SSH server, you want the sshd server to start whenever the system starts. You can make that happen by using the chkconfig command. To set sshd to start whenever the system boots into run level 3, 4, or 5, you type the following command (while logged in as root): chkconfig –level 345 sshd on#BREAK# 364 Taking Stock of Linux System Configuration Files In Fedora Core and SUSE, you can also use the chkconfig command to check which servers are turned on or off. For example, to see the complete list of all servers for all run levels, type the following command: chkconfig –list In Debian and Xandros, you can use the update-rc.d command to enable a server to start automatically at system startup. For example, to set sshd to start automatically at the default run levels, type update-rc.d sshd defaults in a terminal window while logged in as root. You can also specify the exact run levels and the sequence number (the order in which each server starts). To find out more about the update-rc.d command, type man update-rc.d in a terminal window. Taking Stock of Linux System Configuration Files Linux includes a host of configuration files. All these files share text files that you can edit with any text editor. To edit these configuration files, you must log in as root. I don t discuss the files individually, but I show a selection of the configuration files in Table 1-7, along with a brief description of each. This listing gives you an idea of what types of configuration files a system administrator has to work with. In many cases, Linux includes GUI utility programs to set up many of these configuration files. Table 1-7 Some Linux Configuration Files Configuration File Description /boot/grub Location of files for the GRUB boot loader /boot/grub/menu.lst Configuration file for the boot menu that GRUB displays before it boots your system /boot/System.map Map of the Linux kernel (maps kernel addresses into names of functions and variables) /boot/vmlinuz The Linux kernel (the operating system s core) /etc/apache2/httpd.conf Configuration file for the Apache Web server (Debian) /etc/apt/sources.list Configuration file that lists the sources FTP or Web sites or CD-ROM from which the Advanced Packaging Tool (APT) obtains packages (Debian and Xandros) /etc/at.allow Usernames of users allowed to use the at command to schedule jobs for later execution /etc/at.deny Usernames of users forbidden to use the at command#BREAK# Book V Chapter 1 Learning Basic System Administration Taking Stock of Linux System Configuration Files 365 Configuration File Description /etc/bashrc System-wide functions and aliases for the BASH shell (Fedora Core) /etc/bash.bashrc System-wide functions and aliases for the BASH shell (Debian, SUSE, and Xandros) /etc/cups/cupsd.conf Printer configuration file for the Common UNIX Printing System (CUPS) scheduler /etc/fonts Directory with font configuration files (in particular, you can put local font configuration settings in the file /etc/fonts/local.conf) /etc/fstab Information about file systems available for mounting and where each file system is to be mounted /etc/group Information about groups /etc/grub.conf The configuration for the GRUB boot loader in Fedora Core and SUSE /etc/hosts List of IP numbers and their corresponding hostnames /etc/hosts.allow Hosts allowed to access Internet services on this system /etc/hosts.deny Hosts forbidden to access Internet services on this system /etc/httpd/conf/ Configuration file for the Apache Web server (Fedora httpd.conf Core) /etc/init.d Directory with scripts to start and stop various servers /etc/inittab Configuration file used by the init process that starts all the other processes /etc/issue File containing a message to be printed before displaying the text-mode login prompt (usually the distribution name and the version number) /etc/lilo.conf The configuration for the Linux Loader (LILO) one of the boot loaders that can load the operating system from disk (present only if you use the LILO boot loader) /etc/login.defs Default information for creating user accounts, used by the useradd command /etc/modprobe.conf Configuration file for loadable kernel modules, used by the modprobe command (Fedora Core and SUSE) /etc/modules.conf Configuration file for loadable modules (Debian and Xandros) /etc/mtab Information about currently mounted file systems (continued)#BREAK# 366 Taking Stock of Linux System Configuration Files Table 1-7 (continued) Configuration File Description /etc/passwd Information about all user accounts (actual passwords are stored in /etc/shadow) /etc/profile System-wide environment and startup file for the BASH shell /etc/profile.d Directory containing script files (with names that end in .sh) that the /etc/profile script executes /etc/init.d/rcS Linux initialization script in Debian, SUSE, and Xandros /etc/rc.d/rc.sysinit Linux initialization script in Fedora Core /etc/shadow Secure file with encrypted passwords for all user accounts (can be read only by root) /etc/shells List of all the shells on the system that the user can use /etc/skel Directory that holds initial versions of files such as .bash_profile that copy to a new user s home directory /etc/sysconfig Linux configuration files (Fedora Core and SUSE) /etc/sysctl.conf Configuration file with kernel parameters that are read in and set by sysctl at system startup /etc/termcap Database of terminal capabilities and options (Fedora Core and SUSE) /etc/udev Directory containing configuration files for udev the program that provides the ability to dynamically name hot-pluggable devices and create device files in the /dev directory /etc/X11 Directory with configuration files for the X Window System (X11) and various display managers such as gdm and xdm /etc/X11/XF86Config or Configuration file for XFree86 X11 (Debian, SUSE, and /etc/X11/XF86Config-4 Xandros) /etc/X11/xorg.xonf Configuration file for X.org X11 the X Window System (Fedora Core) /etc/xinetd.conf Configuration for the xinetd daemon that starts a number of Internet services on demand /etc/yum.conf Configuration for the yum package updater and installer (Fedora Core) /var/log/apache2 Web-server access and error logs (Debian) /var/log/cron Log file with messages from the cron process that runs scheduled jobs#BREAK# Book V Chapter 1 Learning Basic System Administration Monitoring System Performance 367 Configuration File Description /var/log/boot.msg File with boot messages (SUSE) /var/log/dmesg File with boot messages (Debian, Fedora Core, and Xandros) /var/log/httpd Web server access and error logs (Fedora Core) /var/log/messages System log Monitoring System Performance When you re the system administrator, you must keep an eye on how well your Linux system is performing. You can monitor the overall performance of your system by looking at information such as . Central Processing Unit (CPU) usage . Physical memory usage . Virtual memory (swap-space) usage . Hard drive usage Linux comes with a number of utilities that you can use to monitor one or more of these performance parameters. Here I introduce a few of these utilities and show you how to understand the information presented by these utilities. Using the top utility To view the top CPU processes the ones that are using most of the CPU time you can use the text mode top utility. To start that utility, type top in a terminal window (or text console). The top utility then displays a text screen listing the current processes, arranged in the order of CPU usage, along with various other information, such as memory and swap-space usage. Figure 1-5 shows a typical output from the top utility. The top utility updates the display every 5 seconds. If you keep top running in a window, you can continually monitor the status of your Linux system. To quit top, press Q or Ctrl+C or close the terminal window. The first five lines of the output screen (refer to Figure 1-5) provide summary information about the system. Here is what these five lines show: . The first line shows the current time, how long the system has been up, how many users are logged in, and three load averages the average number of processes ready to run during the last 1, 5, and 15 minutes. #BREAK# 368 Monitoring System Performance . The second line lists the total number of processes and the status of these processes. . The third line shows CPU usage what percentage of CPU time is used by user processes, what percentage by system (kernel) processes, and during what percentage of time the CPU is idle. . The fourth line shows how the physical memory is being used the total amount, how much is used, how much is free, and how much is allocated to buffers (for reading from the hard drive, for example). . The fifth line shows how the virtual memory (or swap space) is being used the total amount of swap space, how much is used, how much is free, and how much is being cached. The table that appears below the summary information (refer to Figure 1-5) lists information about the current processes, arranged in decreasing order by amount of CPU time used. Table 1-8 summarizes the meanings of the column headings in the table that top displays. Table 1-8 Meanings of Column Headings in top Utility s Output Heading Meaning PID The process ID of the process USER Username under which the process is running PR Priority of the process Figure 1-5: You can see the top CPU processes by using the top utility.#BREAK# Book V Chapter 1 Learning Basic System Administration Monitoring System Performance 369 Heading Meaning NI Nice value of the process the value ranges from -20 (highest priority) to 19 (lowest priority) and the default is 0 (the nice value represents the relative priority of the process, the higher the value the lower the priority and the nicer the process because it yields to other processes) VIRT The total amount of virtual memory used by the process, in kilobytes RES Total physical memory used by a task (typically shown in kilobytes, but an m suffix indicates megabytes) SHR Amount of shared memory used by process S State of the process (S for sleeping, D for uninterruptible sleep, R for running, Z for zombies processes that should be dead, but are still running or T for stopped) %CPU Percentage of CPU time used since last screen update %MEM Percentage of physical memory used by the process TIME+ Total CPU time the process has used since it started COMMAND Shortened form of the command that started the process Using the uptime command You can use the uptime command to get a summary of the system s state. Just type the command like this: uptime It displays output similar to the following: 15:03:21 up 32 days, 57 min, 3 users, load average: 0.13, 0.23, 0.27 This output shows the current time, how long the system has been up, the number of users, and (finally) the three load averages the average number of processes that were ready to run in the past 1, 5, and 15 minutes. Load averages greater than 1 imply that many processes are competing for CPU time simultaneously. The load averages give you an indication of how busy the system is. #BREAK# 370 Monitoring System Performance Using the vmstat utility You can get summary information about the overall system usage with the vmstat utility. To view system usage information averaged over 5-second intervals, type the following command (the second argument indicates the total number of lines of output vmstat displays): vmstat 5 8 You see output similar to the following listing: procs ———–memory———- —swap– —–io—- –system– —-cpu—- r b swpd free buff cache si so bi bo in cs us sy id wa 0 0 31324 4016 18568 136004 1 1 17 16 8 110 33 4 61 1 0 1 31324 2520 15348 139692 0 0 7798 199 1157 377 8 8 6 78 1 0 31324 1584 12936 141480 0 19 5784 105 1099 437 12 5 0 82 2 0 31324 1928 13004 137136 7 0 1586 138 1104 561 43 6 0 51 3 1 31324 1484 13148 132064 0 0 1260 51 1080 427 50 5 0 46 0 0 31324 1804 13240 127976 0 0 1126 46 1082 782 19 5 47 30 0 0 31324 1900 13240 127976 0 0 0 0 1010 211 3 1 96 0 0 0 31324 1916 13248 127976 0 0 0 10 1015 224 3 2 95 0 The first line of output shows the averages since the last reboot. After that, vmstat displays the 5-second average data seven more times, covering the next 35 seconds. The tabular output is grouped as six categories of information, indicated by the fields in the first line of output. The second line shows further details for each of the six major fields. You can interpret these fields using Table 1-9. Table 1-9 Meaning of Fields in the vmstat Utility s Output Field Name Description procs Number of processes and their types: r = processes waiting to run; b = processes in uninterruptible sleep; w = processes swapped out, but ready to run memory Information about physical memory and swap-space usage (all numbers in kilobytes): swpd = virtual memory used; free = free physical memory; buff = memory used as buffers; cache = virtual memory that s cached swap Amount of swapping (the numbers are in kilobytes per second): si = amount of memory swapped in from disk; so = amount of memory swapped to disk io Information about input and output (the numbers are in blocks per second where the block size depends on the disk device): bi = rate of blocks sent to disk; bo = rate of blocks received from disk#BREAK# Book V Chapter 1 Learning Basic System Administration Monitoring System Performance 371 Field Name Description system Information about the system: in = number of interrupts per second (including clock interrupts); cs = number of context switches per second how many times the kernel changed which process was running cpu Percentages of CPU time used: us = percentage of CPU time used by user processes; sy = percentage of CPU time used by system processes; id = percentage of time CPU is idle; wa = time spent waiting for input or output (I/O) In the vmstat utility s output, high values in the si and so fields indicate too much swapping. (Swapping refers to the copying of information between physical memory and the virtual memory on the hard drive.) High numbers in the bi and bo fields indicate too much disk activity. Checking disk performance and disk usage Linux comes with the /sbin/hdparm program that you can use to control IDE or ATAPI hard drives that are common on most PCs. One feature of the hdparm program is that you can use the -t option to determine the rate at which data is read from the disk into a buffer in memory. For example, here s the result of the command on my system: /sbin/hdparm -t /dev/hda /dev/hda: Timing buffered disk reads: 64 MB in 3.04 seconds = 21.05 MB/sec The command requires the IDE drive s device name (/dev/hda) as an argument. If you have an IDE hard drive, you can try this command to see how fast data is read from your system s disk drive. To display the space available in the currently mounted file systems, use the df command. If you want a more human-readable output from df, type the following command: df -h Here s a typical output from this command: Filesystem Size Used Avail Use% Mounted on /dev/hda5 7.1G 3.9G 2.9G 59% / /dev/hda3 99M 18M 77M 19% /boot none 125M 0 125M 0% /dev/shm /dev/scd0 3.8G 3.8G 0 100% /mnt/cdrom1#BREAK# 372 Viewing System Information via the /proc File System As this example shows, the -h option causes the df command to show the sizes in gigabytes (G) and megabytes (M). To check the disk space being used by a specific directory, use the du command you can specify the -h option to view the output in kilobytes (k) and megabytes (M), as shown in the following example: du -h /var/log Here s a typical output of that command: 152K /var/log/cups 4.0K /var/log/vbox 4.0K /var/log/httpd 508K /var/log/gdm 4.0K /var/log/samba 8.0K /var/log/mail 4.0K /var/log/news/OLD 8.0K /var/log/news 4.0K /var/log/squid 2.2M /var/log The du command displays the disk space used by each directory and the last line shows the total disk space used by that directory. If you want to see only the total space used by a directory, use the -s option, like this: du -sh /home 89M /home Viewing System Information via the /proc File System Your Linux system has a special file system called the /proc file system. You can find out many things about your system from this file system. In fact, you can even change kernel parameters through the /proc file system (just by writing to a file in that file system), thereby modifying the system s behavior. The /proc file system isn t a real directory on the hard drive but a collection of data structures in memory, managed by the Linux kernel, that appears to you as a set of directories and files. The purpose of /proc (also called the process file system) is to give you access to information about the Linux kernel as well as to help you find out about all processes currently running on your system. You can access the /proc file system just as you access any other directory, but you have to know the meaning of various files to interpret the information. Typically, you can use the cat or more commands to view the contents of a file in /proc; the file s contents provide information about some aspect of the system.#BREAK# Book V Chapter 1 Learning Basic System Administration Viewing System Information via the /proc File System 373 As with any directory, start by looking at a detailed directory listing of /proc. To do so, log in as root and type ls -l /proc in a terminal window. In the output, the first set of directories (indicated by the letter d at the beginning of the line) represents the processes currently running on your system. Each directory that corresponds to a process has the process ID (a number) as its name. Notice also a very large file named /proc/kcore; that file represents the entire physical memory of your system. Although /proc/kcore appears in the listing as a huge file, no single physical file is occupying that much space on your hard drive so don t try to remove the file to reclaim disk space. Several files and directories in /proc contain interesting information about your Linux PC. The /proc/cpuinfo file, for example, lists the key characteristics of your system, such as processor type and floating-point processor information. You can view the processor information by typing cat /proc/ cpuinfo. For example, here s what I get when I type cat /proc/cpuinfo on my system: processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 3 model name : Intel(R) Celeron(R) CPU 2.53GHz stepping : 3 cpu MHz : 2533.129 cache size : 256 KB fdiv_bug : no hlt_bug : no f00f_bug : no coma_bug : no fpu : yes fpu_exception : yes cpuid level : 5 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe pni monitor ds_cpl cid bogomips : 4997.12 This output is from a 2.5 GHZ Celeron system. The listing shows many interesting characteristics of the processor. Notice the line that starts with fdiv_ bug. Remember the infamous Pentium floating-point-division bug? The bug is in an instruction called fdiv (for floating-point division). Thus, the fdiv_bug line indicates whether this particular Pentium has the bug. (Fortunately, my PC s processor does not.) The last line in the /proc/cpuinfo file shows the BogoMips for the processor, as computed by the Linux kernel when it boots. BogoMips is something that Linux uses internally to time-delay loops.#BREAK# 374 Viewing System Information via the /proc File System Table 1-10 summarizes some of the files in the /proc file system that provide information about your Linux system. You can view some of these files on your system to see what they contain, but note that not all files shown in Table 1-10 are present on your system. The specific contents of the /proc file system depends on the kernel configuration and the driver modules that are loaded (which, in turn, depend on your PC s hardware configuration). You can navigate the /proc file system just as you d work with any other directories and files in Linux. Use the more or cat commands to view the contents of a file. Table 1-10 Some Files and Directories in /proc Filename Content /proc/acpi Information about Advanced Configuration & Power Interface (ACPI) an industry-standard interface for configuration and power management on laptops, desktops, and servers /proc/bus Directory with bus-specific information for each bus type, such as PCI /proc/cmdline The command line used to start the Linux kernel (for example, ro root=LABEL=/ rhgb) /proc/cpuinfo Information about the CPU (the microprocessor) /proc/devices Available block and character devices in your system /proc/dma Information about DMA (direct memory access) channels that are being used /proc/driver/rtc Information about the PC s real-time clock (RTC) /proc/filesystems List of supported file systems /proc/ide Directory containing information about IDE devices /proc/interrupts Information about interrupt request (IRQ) numbers and how they are being used /proc/ioports Information about input/output (I/O) port addresses and how they are being used /proc/kcore Image of the physical memory /proc/kmsg Kernel messages /proc/loadavg Load average (average number of processes waiting to run in the last 1, 5, and 15 minutes) /proc/locks Current kernel locks (used to ensure that multiple processes don t write to a file at the same time) /proc/meminfo Information about physical memory and swap-space usage /proc/misc Miscellaneous information /proc/modules List of loaded driver modules /proc/mounts List of mounted file systems#BREAK# Book V Chapter 1 Learning Basic System Administration Understanding Linux Devices 375 Filename Content /proc/net Directory with many subdirectories that contain information about networking /proc/partitions List of partitions known to the Linux kernel /proc/pci Information about PCI devices found on the system /proc/scsi Directory with information about SCSI devices found on the system (present only if you have a SCSI device) /proc/stat Overall statistics about the system /proc/swaps Information about the swap space and how much is used /proc/sys Directory with information about the system; you can change kernel parameters by writing to files in this directory (using this method to tune system performance requires expertise to do properly) /proc/uptime Information about how long the system has been up /proc/version Kernel version number Understanding Linux Devices Linux treats all devices as files and uses a device just as it uses a file opens it, writes data to it, reads data from it, and closes it when done. This ability to treat every device as a file comes through the use of device drivers. A device driver is a special program that controls a particular type of hardware. When the kernel writes data to the device, the device driver does whatever is appropriate for that device. For example, when the kernel writes data to the floppy drive, the floppy device driver puts that data onto the physical medium of the floppy disk. On the other hand, if the kernel writes data to the parallel port device, the parallel port driver sends the data to the printer connected to the parallel port. Thus the device driver isolates the device-specific code from the rest of the kernel and makes a device look like a file. Any application can access a device by opening the file specific to that device. Figure 1-6 illustrates this concept of a Linux device driver. Device files As Figure 1-6 shows, applications can access a device as if it were a file. These files are special files called device files, and they appear in the /dev directory in the Linux file system. If you use the ls command to look at the list of files in the /dev directory, you see several thousand files. These files do not mean that your system has several thousand devices. The /dev directory has files for all possible types of devices that s why the number of device files is so large.#BREAK# 376 Understanding Linux Devices So how does the kernel know which device driver to use when an application opens a specific device file? The answer is in two numbers called the major and minor device numbers. Each device file is mapped to a specific device driver through these numbers. To see an example of the major and minor device numbers, type the following command in a terminal window: ls -l /dev/hda You see a line of output similar to the following: brw-rw—- 1 root disk 3, 0 Jul 23 14:50 /dev/hda In this line, the major and minor device numbers appear just before the date. In this case, the major device number is 3 and the minor device number is 0. The kernel selects the device driver for this device file by using the major device number. You don t really have to know much about the device files and the device numbers, except to be aware of their existence. In case you are curious, all the major and minor numbers for devices are assigned according to device type. The Linux Assigned Names And Numbers Authority (LANANA) assigns these numbers. You can see the current device list at www.lanana.org/docs/device-list/devices.txt. Application /dev/cdrom /dev/fd0 CD-ROM Software driver Hardware Floppy driver Linux kernel eth0 Ethernet driver Figure 1-6: An application can access a device through a special file that, in turn, uses a device driver.#BREAK# Book V Chapter 1 Learning Basic System Administration Understanding Linux Devices 377 Block devices The first letter in the listing of a device file also provides an important clue. For the /dev/hda device, the first letter is a b, which indicates that /dev/ hda is a block device one that can accept or provide data in chunks (typically 512 bytes or 1KB). By the way, /dev/hda refers to the first IDE hard drive on your system (the C: drive in Windows). Hard drives, floppy drives, and CD-ROM drives are all examples of block devices. Character devices If the first letter in the listing of a device file is a c, the device is a character device one that can receive and send data one character (one byte) at a time. For example, the serial port and parallel ports are character devices. To see the specific listing of a character device, type the following command in a terminal window: ls -l /dev/ttyS0 The listing of this device is similar to the following: crw-rw—- 1 root uucp 4, 64 Jul 23 14:50 /dev/ttyS0 Notice that the very first letter is a c because /dev/ttyS0 the first serial port is a character device. Network devices Network devices that enable your system to interact with a network for example, Ethernet and dialup point-to-point protocol (PPP) connections are somewhat special because they need no file to correspond to the device. Instead, the kernel uses a special name for the device. For example, the Ethernet devices are named eth0 for the first Ethernet card, eth1 for the second one, and so on. PPP connections are named ppp0, ppp1, and so on. Because network devices aren t mapped to device files, no files corresponding to these devices are in the /dev directory. Persistent device naming with udev Linux kernel 2.6 introduces a new approach for handling devices, based on the following features: . sysfs: Kernel 2.6 provides the sysfs file system that is mounted on the /sys directory of the file system. The sysfs file system shows all the devices in the system as well as lots of information about each device. The information includes location of the device on the bus, attributes such as name and serial number, and the major and minor numbers of the device. #BREAK# 378 Managing Loadable Driver Modules . /sbin/hotplug: This program is called whenever a device is added or removed. It can then do whatever is necessary to handle the device. . /sbin/udev: This program takes care of dynamically named devices based on device characteristics such as serial number, device number on a bus, or a user-assigned name based on a set of rules that are set through the text file /etc/udev/udev.rules. The udev program s configuration file is /etc/udev/udev.conf. Based on settings in that configuration file, udev creates device nodes automatically in the directory specified by the udev_root parameter. For example, to manage the device nodes in the /dev directory, udev_root should be defined in /etc/udev/udev.conf as follows: udev_root= /dev/ Managing Loadable Driver Modules To use any device, the Linux kernel must contain the driver. If the driver code is linked into the kernel as a monolithic program (a program that s in the form of a single large file), adding a new driver means rebuilding the kernel with the new driver code. Rebuilding the kernel means you have to reboot the PC with the new kernel before you can use the new device driver. Luckily, the Linux kernel uses a modular design that does away with rebooting hassles. Linux device drivers can be created in the form of modules that the kernel can load and unload without having to restart the PC. Driver modules are one type of a broader category of software modules called Loadable Kernel Modules. Other types of kernel modules include code that can support new types of file systems, modules for network protocols, and modules that interpret different formats of executable files. Loading and unloading modules You can manage the loadable device driver modules by using a set of commands. You have to log in as root to use some of these commands. In Table 1-11, I summarize a few of the commonly used module commands. Table 1-11 Commands to Manage Kernel Modules This Command Does the Following insmod Inserts a module into the kernel rmmod Removes a module from the kernel depmod Determines interdependencies between modules#BREAK# Book V Chapter 1 Learning Basic System Administration Managing Loadable Driver Modules 379 This Command Does the Following ksyms Displays a list of symbols along with the name of the module that defined the symbol lsmod Lists all currently loaded modules modinfo Displays information about a kernel module modprobe Inserts or removes a module or a set of modules intelligently (for example, if module A requires B, then modprobe automatically loads B when asked to load A) If you have to use any of these commands, log in as root or type su - in a terminal window to become root. To see what modules are currently loaded, type lsmod You see a long list of modules that depends on the types of devices installed on your system. The list displayed by lsmod includes all types of Linux kernel modules, not just device drivers. For example, you typically find two modules jbd, and ext3 that are all part of the EXT3 file system (the latest file system for Linux). Besides lsmod, one commonly used module command is modprobe. Use modprobe whenever you need to manually load or remove one or more modules. The best thing about modprobe is that you don t need to worry if a module requires other modules to work. The modprobe command automatically loads any other module needed by a module. On one of my systems, for example, I manually load the sound driver with the command modprobe snd-card-0 This command causes modprobe to load everything needed to make sound work. You can use modprobe with the -r option to remove modules. For example, to remove the sound modules, I use the following command: modprobe -r snd-card-0 This command gets rid of all the modules that the modprobe snd-card-0 command had loaded.#BREAK# 380 Managing Loadable Driver Modules Using the /etc/modprobe.conf file How does the modprobe command know that it needs to load the sndintel8×0 driver module when I use a module name snd-card-0? The answer is in the /etc/modprobe.conf configuration file. That file contains a line that tells modprobe what it should load when it sees the module name snd-card-0. To view the contents of /etc/modprobe.conf, type cat /etc/modprobe.conf On one of my Fedora Core PCs running Linux 2.6, the /etc/modprobe.conf file contains the following lines: alias eth0 3c59x alias snd-card-0 snd-intel8×0 alias usb-controller uhci-hcd Each line that begins with the keyword alias defines a standard name for an actual driver module. For example, the first line defines 3c59x as the actual driver name for the alias eth0, which stands for the first Ethernet card. Similarly, the third line defines snd-intel8×0 as the module to load when I use the name snd-card-0. The modprobe command consults the /etc/modprobe.conf file to convert an alias to the real name of a driver module as well as for other tasks, such as obtaining parameters for driver modules. For example, you can insert lines that begin with the options keyword to provide values of parameters that a driver may need. For example, to set the debug level parameter for the Ethernet driver to 5 (this parameter generates lots of information in /var/log/messages), I add the following line to the /etc/modprobe.conf file: options 3c59x debug=5 This line specifies 5 as the value of the parameter named debug in the 3c59x module. If you want to know the names of the parameters that a module accepts, use the modinfo command. For example, to view information about the 3c59x driver module, I type modinfo 3c59x | more From the resulting output, I can tell that debug is the name of the parameter for setting the debug level. #BREAK# Book V Chapter 1 Learning Basic System Administration Scheduling Jobs in Linux 381 Unfortunately, the information shown by the modinfo command can be somewhat cryptic. The only saving grace is that you may not have to do much more than use a graphical utility to configure the device, and the utility takes care of adding whatever is needed to configuration files, such as /etc/modprobe.conf. Scheduling Jobs in Linux As a system administrator, you may have to run some programs automatically at regular intervals or execute one or more commands at a specified time in the future. Your Linux system includes the facilities to schedule jobs to run at any future date or time you want. You can also set up the system to perform a task periodically or just once. Here are some typical tasks you can perform by scheduling jobs on your Linux system: . Back up the files in the middle of the night. . Download large files in the early morning when the system isn t busy. . Send yourself messages as reminders of meetings. . Analyze system logs periodically and look for any abnormal activities. You can set up these jobs by using the at command or the crontab facility of Linux. In the next few sections, I introduce these job-scheduling features of Linux. Scheduling one-time jobs If you want to run one or more commands at a later time, you can use the at command. The atd daemon a program designed to process jobs submitted using at runs your commands at the specified time and mails the output to you. Before you try the at command, you need to know that the following configuration files control which users can schedule tasks using the at command: . /etc/at.allow contains the names of the users who may submit jobs using the at command. . /etc/at.deny contains the names of users not allowed to submit jobs using the at command. If these files aren t present, or if you find an empty /etc/at.deny file, any user can submit jobs by using the at command. The default in Linux is an empty /etc/at.deny file; with this default in place, anyone can use the at command. If you don t want some users to use at, simply list their usernames in the /etc/at.deny file.#BREAK# 382 Scheduling Jobs in Linux To use at to schedule a one-time job for execution at a later time, follow these steps: 1. Run the at command with the date or time when you want your commands executed. When you press Enter, the at> prompt appears, as follows: at 21:30 at> This method is the simplest way to indicate the time when you want to execute one or more commands simply specify the time in a 24-hour format. In this case, you want to execute the commands at 9:30 p.m. tonight (or tomorrow, if it s already past 9:30 p.m.). You can, however, specify the execution time in many different ways. (See Table 1-12 for examples.) 2. At the at> prompt, type the commands you want to execute as if typing at the shell prompt; after each command, press Enter and continue with the next command. When you finish entering the commands you want to execute, press Ctrl+D to indicate the end. Here is an example showing how to execute the ps command at a future time: at> ps at> job 1 at 2004-12-28 21:30 After you press Ctrl+D, the at command responds with a job number and the date and time when the job will execute. Table 1-12 Formats for the Time of Execution with the at Command Command When the Job Will Run at now Immediately at now + 15 minutes 15 minutes from the current time at now + 4 hours 4 hours from the current time at now + 7 days 7 days from the current time at noon At noontime today (or tomorrow, if already past noon) at now next hour Exactly 60 minutes from now at now next day At the same time tomorrow at 17:00 tomorrow At 5:00 p.m. tomorrow at 4:45pm At 4:45 p.m. today (or tomorrow, if it s already past 4:45 p.m.) at 3:00 Dec 28, 2004 At 3:00 a.m. on December 28, 2004#BREAK# Book V Chapter 1 Learning Basic System Administration Scheduling Jobs in Linux 383 After you enter one or more jobs, you can view the current list of scheduled jobs with the atq command: atq The output looks similar to the following: 4 2004-12-28 03:00 a root 5 2004-10-26 21:57 a root 6 2004-10-26 16:45 a root The first field on each line shows the job number the same number that the at command displays when you submit the job. The next field shows the year, month, day, and time of execution. The last field shows the jobs pending in the queue named a. If you want to cancel a job, use the atrm command to remove that job from the queue. When removing a job with the atrm command, refer to the job by its number, as follows: atrm 4 This command deletes job 4 scheduled for 3:00 a.m. December 28, 2004. When a job executes, the output is mailed to you. Type mail at a terminal window to read your mail and to view the output from your jobs. Scheduling recurring jobs Although at is good for running commands at a specific time, it s not useful for running a program automatically at repeated intervals. You have to use crontab to schedule such recurring jobs for example, if you want to back up your files to tape at midnight every evening. You schedule recurring jobs by placing job information in a file with a specific format and submitting this file with the crontab command. The cron daemon crond checks the job information every minute and executes the recurring jobs at the specified times. Because the cron daemon processes recurring jobs, such jobs are also referred to as cron jobs. Any output from a cron job is mailed to the user who submits the job. (In the submitted job-information file, you can specify a different recipient for the mailed output.) Two configuration files control who can schedule cron jobs using crontab:#BREAK# 384 Scheduling Jobs in Linux . /etc/cron.allow contains the names of the users who may submit jobs using the crontab command. . /etc/cron.deny contains the names of users not allowed to submit jobs using the crontab command. If the /etc/cron.allow file exists, only users listed in this file can schedule cron jobs. If only the /etc/cron.deny file exists, users listed in this file cannot schedule cron jobs. If neither file exists, the default Linux setup enables any user to submit cron jobs. To submit a cron job, follow these steps: 1. Prepare a shell script (or an executable program in any programming language) that can perform the recurring task you want to perform. You can skip this step if you want to execute an existing program periodically. 2. Prepare a text file with information about the times when you want the shell script or program (from Step 1) to execute, and then submit this file by using crontab. You can submit several recurring jobs with a single file. Each line with timing information about a job has a standard format with six fields the first five specify when the job runs, and the sixth and subsequent fields constitute the actual command that runs. For example, here is a line that executes the myjob shell script in a user s home directory at five minutes past midnight each day: 5 0 * * * $HOME/myjob Table 1-13 shows the meaning of the first five fields. Note: An asterisk (*) means all possible values for that field. Also, an entry in any of the first five fields can be a single number, a comma-separated list of numbers, a pair of numbers separated by a dash (indicating a range of numbers), or an asterisk. 3. Suppose the text file jobinfo (in the current directory) contains the job information. Submit this information to crontab with the following command: crontab jobinfo That s it! You are set with the cron job. From now on, the cron job runs at regular intervals (as specified in the job information file), and you receive mail messages with the output from the job. To verify that the job is indeed scheduled, type the following command: crontab -l#BREAK# Book V Chapter 1 Learning Basic System Administration Scheduling Jobs in Linux 385 The output of the crontab -l command shows the cron jobs currently installed in your name. To remove your cron jobs, type crontab -r. Table 1-13 Format for the Time of Execution in crontab Files Field Number Meaning of Field Acceptable Range of Values* 1 Minute 0 59 2 Hour of the day 0 23 3 Day of the month 0 31 4 Month 1 12 (1 means January, 2 means February, and so on) or the names of months using the first three letters (Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, Dec) 5 Day of the week 0 6 (0 means Sunday, 1 means Monday, and so on) or the threeletter abbreviations of weekdays (Sun, Mon, Tue, Wed, Thu, Fri, Sat) * An asterisk in a field means all possible values for that field. For example, if an asterisk is in the third field, the job is executed every day. If you log in as root, you can also set up, examine, and remove cron jobs for any user. To set up cron jobs for a user, use this command: crontab u username filename Here, username is the user for whom you install the cron jobs, and filename is the file that contains information about the jobs. Use the following form of crontab command to view the cron jobs for a user: crontab u username -l To remove a user s cron jobs, use the following command: crontab -u username -r Note: The cron daemon also executes the cron jobs listed in the systemwide cron-job file /etc/crontab. Here s a typical /etc/crontab file from a Linux system (type cat /etc/crontab to view the file): SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root HOME=/#BREAK# 386 Scheduling Jobs in Linux # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly The first four lines set up several environment variables for the jobs listed in this file. The MAILTO environment variable specifies the user who receives the mail message with the output from the cron jobs in this file. The line that begins with a # is a comment line. The four lines following the run-parts comment execute the run-parts shell script (located in the /usr/bin directory) at various times with the name of a specific directory as argument. Each of the arguments to run-parts /etc/cron.hourly, /etc/cron.daily, /etc/cron.weekly, and /etc/cron.monthly are directories. Essentially, run-parts executes all scripts located in the directory that you provide as an argument. Table 1-14 lists the directories where to locate these scripts and when they execute. You have to look at the scripts in these directories to know what executes at these periodic intervals. Table 1-14 Script Directories for cron Jobs Directory Name Contents /etc/cron.hourly Scripts execute every hour. /etc/cron.daily Scripts execute each day. /etc/cron.weekly Scripts execute weekly. /etc/cron.monthly Scripts execute once each month.#BREAK# Chapter 2: Managing Users and Groups In This Chapter Adding user accounts Understanding the password file Managing groups Exploring the user environment Changing user and group ownerships of files and directories Linux is a multiuser system, so it has many user accounts. Even if you are the only user on your system, many servers require a unique username and group name. Take, for example, the FTP server. It runs under the username ftp. A whole host of system users are not for people, but just for running specific programs. Also, users can belong to one or more groups. Typically, each username has a corresponding private group name. By default, each user belongs to that corresponding private group. However, you can define other groups for the purpose of providing access to specific files and directories based on group membership. User and group ownerships of files are a way to make sure that only the right people (or the right process) can access the right files and directories. Managing the user and group accounts is a typical system administration job. It s not that hard to do this part of the job, given the tools that come with Linux. I show you how in this chapter. Adding User Accounts You get the chance to add user accounts when you boot your system for the first time after installing Linux. The root account is the only one that you must set up during installation. If you didn t add other user accounts when you start the system for the first time, you can do so later on, using a GUI user account manager or the useradd command to add new users on your system.#BREAK# 388 Adding User Accounts Creating other user accounts besides root is a good idea. Even if you re the only user of the system, logging in as a less privileged user is good practice because that way you can t damage any important system files inadvertently. If necessary, you can type su - to log in as root and then perform any system administration tasks. Using a GUI User Manager to add user accounts Most Linux distributions come with a GUI tool to manage user accounts. You can use that GUI tool to add new user accounts. The basic steps, regardless of the specific GUI tool, involves the following: 1. The tool displays a list of current user accounts and has an Add button for adding new users. 2. Click the Add button to bring up a dialog box that prompts you for information about the new user account. 3. Enter the requested information the username, the password (enter twice), and the full name of the user. 4. Click the button to create a new account and the GUI tool takes care of adding the new user account. For example, in SUSE, select the Security and Users category from the YaST Control Center s left side and then click the Edit and Create Users icon in the right-hand side of the window. YaST then brings up the User and Group Administration pane, shown in Figure 2-1, where you can define new user accounts. Figure 2-1: In SUSE, you can manage user accounts and groups from YaST.#BREAK# Book V Chapter 2 Managing Users and Groups Adding User Accounts 389 Notice that the pane has two radio buttons: Users and Groups (as shown in Figure 2-1). Selecting the Users radio button displays the current list of users from the /etc/passwd file. Selecting the Groups radio button lists the names of groups from the /etc/group. Initially, the User and Group Administration tool filters out any system users and groups. However, you can view the system users by clicking Set Filter and selecting System Users from the dropdown menu. (System users refer to user accounts that are not assigned to human users, rather these user accounts are used to run various services.) You can add new users and groups or edit existing users and groups from the pane shown in Figure 2-1. To add a new user account, click the Add button and enter the information requested in the Add a New Local User window, as shown in Figure 2-2. Fill in the requested information in the window (refer to Figure 2-2), and click the Create button. The new user now appears in the list of users in the User and Group Administration pane. You can add more user accounts, if you like. When you are done, click the Finish button in the User and Group Administration pane (refer to Figure 2-1) to create the new user accounts. Figure 2-2: Create a new user account by filling in the information in this YaST window.#BREAK# 390 Adding User Accounts By default, YaST places all local users in a group named users. Sometimes you want a user to be in other groups as well, so that the user can access the files owned by that group. Adding a user to another group is easy. For example, suppose I want to add the username naba to the group called wheel. I simply type the following command in a terminal window: usermod -G wheel naba To remove a user account in SUSE, click the username in the list of user accounts (refer to Figure 2-1). Then click the Delete button. Using commands to manage user accounts If you re working from a text console, you can create a new user account by using the useradd command. Follow these steps to add an account for a new user: 1. Log in as root. If you re not already logged in as root, type su - to become root. 2. Type the following useradd command with the -c option to create the account: /usr/sbin/useradd -c Ashley Barkakati ashley 3. Set the password by using the passwd command, as follows: passwd ashley You re prompted for the password twice. If you type a password that someone can easily guess, the passwd program rejects it. The useradd command consults the following configuration files to obtain default information about various parameters for the new user account: . /etc/default/useradd: Specifies the default shell (/bin/bash) and the default home directory location (/home). . /etc/login.defs: Provides system-wide defaults for automatic group and user IDs, as well as password-expiration parameters. . /etc/skel: Contains the default files that useradd creates in the user s home directory. Examine these files with the cat or more commands to see what they contain. You can delete a user account by using the userdel command. Simply type /usr/sbin/userdel username at the command prompt to delete a user s account. To wipe out that user s home directory as well, type /usr/sbin/ userdel -r username.#BREAK# Book V Chapter 2 Managing Users and Groups Understanding the /etc/passwd File 391 To modify any information in a user account, use the usermod command. For example, if I want my username, naba, to have root as the primary group, I type the following: usermod -g root naba To find out more about the useradd, userdel, and usermod commands, type man useradd, man userdel, or man usermod in a terminal window. Understanding the /etc/passwd File The /etc/passwd file is a list of all user accounts. It s a text file and any user can read it no special privileges needed. Each line in /etc/passwd has seven fields, separated by colons (:). Here is a typical entry from the /etc/passwd file: naba:x:500:10:Naba Barkakati:/home/naba:/bin/bash Figure 2-3 explains the meaning of the seven fields in this entry. As the example shows, the format of each line in /etc/passwd looks like this: username:password:UID:GID:GECOS:homedir:shell Login shell naba: x :500: 10 :Naba Barkakati: /home/naba :/bin/bash Home directory User information (optional) Default group ID User ID Encrypted password (x means password is stored in /etc/shadow) Username (login name) Figure 2-3: This typical /etc/pas swd entry illustrates the meaning of the various fields.#BREAK# 392 Managing Groups Table 2-1 explains the meaning of the seven fields in each /etc/passwd entry. Table 2-1 Meaning of the Fields in /etc/passwd File This Field Contains username An alphanumeric username, usually eight characters long and unique (Linux allows usernames to be longer than eight characters, but some other operating systems do not) password When present, a 13-character encrypted password (an empty field means that no password is required to access the account, an x means the password is stored in the /etc/shadow file, which is more secure) UID A unique number that serves as the user identifier (root has a UID of 0 and usually the UIDs between 1 to 100 are reserved for non-human users such as servers; keeping the UID less than 32,767 is best) GID The default group ID of the group to which the user belongs (GID 0 is for group root, other groups are defined in /etc/ group and users can be and usually are in more than one group at a time) GECOS Optional personal information about the user (the finger command uses this field and GECOS stands for General Electric Comprehensive Operating System, a long-forgotten operating system that s immortalized by the name of this field in /etc/ passwd) homedir The name of the user s home directory shell The command interpreter (shell), such as Bash (/bin/bash), that executes when this user logs in Managing Groups A group is something to which users belong. A group has a name and an identification number (ID). After a group is defined, users can belong to one or more of these groups. You can find all the existing groups listed in /etc/group. For example, here is the line that defines the group named wheel: wheel:x:10:root,naba As this example shows, each line in /etc/group has the following format, with four fields separated by colons: groupname:password:GID:membership#BREAK# Book V Chapter 2 Managing Users and Groups Exploring the User Environment 393 Table 2-2 explains the meaning of the four fields in a group definition. Table 2-2 Meaning of Fields in /etc/group File Field Name Meaning groupname The name of the group (for example, wheel) password The group password (an x means that the password is stored in the /etc/shadow file) GID The numerical group ID (for example, 10) membership A comma-separated list of usernames that belong to this group (for example, root,naba) If you want to create a new group, you can simply use the groupadd command. For example, to add a new group called class with an automatically selected group ID, just type the following command in a terminal window (you have to be logged in as root): groupadd class Then you can add users to this group with the usermod command. For example, to add the users naba and ashley to the group named class, I type the following commands: usermod -G class naba usermod -G class ashley That s it. Now I check /etc/group to find that it contains the following definition of class: class:x:502:naba,ashley It s that simple! If you want to remove a group, use the groupdel command. For example, to remove group named class, type groupdel class Exploring the User Environment When you log in as a user, you get a set of environment variables that control many aspects of what you see and do on your Linux system. If you want to see your current environment, go ahead and type the following command in a terminal window: env#BREAK# 394 Exploring the User Environment (By the way, the printenv command also displays the environment, but env is shorter.) The env command prints a long list of lines. That whole collection of lines is the current environment, and each line defines an environment variable. For example, the env command displays this typical line: HOSTNAME=localhost.localdomain This line defines the environment variable HOSTNAME, and it s defined as localhost.localdomain. An environment variable is nothing more than a name associated with a string. For example, the environment variable named PATH is typically defined as follows for a normal user: PATH=/usr/local/bin:/bin:/usr/bin:/usr/X11R6/bin The string to the right of the equal sign is the value of the PATH environment variable. By convention, the PATH environment variable is a sequence of directory names, each name separated from the preceding one by a colon (:). Each environment variable has a specific purpose. For example, when the shell has to search for a file, it simply searches the directories listed in the PATH environment variable. The shell searches the directories in PATH in the order of their appearance. Therefore, if two programs have the same name, the shell executes the one it finds first. In a fashion similar to the shell s use of the PATH environment variable, an editor such as vi uses the value of the TERM environment variable to figure out how to display the file you are editing with vi. To see the current setting of TERM, type the following command at the shell prompt: echo $TERM If you type this command in a terminal window, the output is as follows: xterm To define an environment variable in Bash, use the following syntax: export NAME=Value Here, NAME denotes the name of the environment variable, and Value is the string representing its value. Therefore, you set TERM to the value xterm by using the following command: export TERM=xterm#BREAK# Book V Chapter 2 Managing Users and Groups Exploring the User Environment 395 After you define an environment variable, you can change its value by simply specifying the new value with the syntax NAME=new-value. For example, to change the definition of TERM to vt100, type TERM=vt100 at the shell prompt. With an environment variable such as PATH, you typically want to append a new directory name to the existing definition, rather than define the PATH from scratch. For example, if you download and install the Java 2 Development Kit (available from java.sun.com/j2se/1.5.0/download.jsp), you have to add the location of the Java binaries to PATH. Here s how you accomplish that task: export PATH=$PATH:/usr/java/jdk1.5.0/bin This command appends the string :/usr/java/jdk1.5.0/bin to the current definition of the PATH environment variable. The net effect is to add /usr/java/jdk1.5.0/bin to the list of directories in PATH. Note: You also can write this export command as follows: export PATH=${PATH}:/usr/java/jdk1.5.0/bin After you type that command, you can access programs in the /usr/java/ jdk1.5.0/bin directory such as javac, the Java compiler that converts Java source code into a form that the Java interpreter can execute. PATH and TERM are only two of a handful of common environment variables. Table 2-3 lists some of the environment variables for a typical Linux user. Table 2-3 Typical Environment Variables in Linux Environment Variable Contents DISPLAY The name of the display on which the X Window System displays output (typically set to :0.0) HOME Your home directory HOSTNAME The host name of your system LOGNAME Your login name MAIL The location of your mail directory PATH The list of directories in which the shell looks for programs SHELL Your shell (SHELL=/bin/bash for Bash) TERM The type of terminal#BREAK# 396 Changing User and Group Ownership of Files Changing User and Group Ownership of Files In Linux, each file or directory has two types of owners a user and a group. In other words, a user and group own each file and directory. The user and group ownerships can control who can access a file or directory. To view the owner of a file or directory, use the ls -l command to see the detailed listing of a directory. For example, here s a typical file s information: -rw-rw-r– 1 naba naba 40909 Aug 16 20:37 composer.txt In this example, the first set of characters shows the file s permission setting who can read, write, or execute the file. The third and fourth fields (in this example, naba naba) indicate the user and group owner of the file. Each user has a private group that has the same name as the username. So most files user and group ownership appear to show the username twice. As a system administrator, you may decide to change the group ownership of a file to a common group. For example, suppose you want to change the group ownership of the composer.txt file to the class group. To do that, log in as root and type the following command: chgrp class composer.txt This chgrp command changes the group ownership of composer.txt to class. After I tried this, I typed ls -l again to verify the ownership, and here s what I got: -rw-rw-r– 1 naba class 40909 Aug 16 20:37 composer.txt You can use the chown command to change the user owner. The command has the following format: chown username filename For example, to change the user ownership of a file named sample.jpg to naba, I type chown naba sample.jpg In fact, chown can change both the user and group owner at the same time. For example, to change the user owner to naba and the group owner to class, I type chown naba.class composer.txt In other words, you simply append the group name to the username with a period in between, and use that as the name of the owner.#BREAK# Chapter 3: Managing File Systems In This Chapter Navigating the Linux file system Sharing files with NFS Backing up and restoring files Mounting the NTFS file system Accessing MS-DOS files Afile system refers to the organization of files and directories. As a system administrator, you have to perform certain operations to manage file systems on various storage media. For example, you have to know how to mount add a file system on a storage medium by attaching it to the overall Linux file system. You also have to back up important data and restore files from a backup. Other file system operations include sharing files with the Network File System (NFS) and accessing MS-DOS files. In this chapter, I show you how to perform all the file system management tasks. Exploring the Linux File System The files and directories in your PC store information in an organized manner, just like paper filing systems. When you store information on paper, you typically put several pages in a folder and then store the folder in a file cabinet. If you have many folders, you probably have some sort of filing system. For example, you may label each folder s tab and then arrange them alphabetically in the file cabinet. You probably have several file cabinets, each with lots of drawers, which, in turn, contain folders full of pages. Operating systems such as Linux organize information in your computer in a manner similar to your paper filing system. Linux uses a file system to organize all information in your computer. Of course, the storage medium isn t a metal file cabinet and paper. Instead, Linux stores information on devices such as hard drives, floppy disk drives, and CD-ROM drives. To draw an analogy between your computer s file system and a paper filing system, think of a disk drive as the file cabinet. The drawers in the file cabinet correspond to the directories in the file system. The folders in each drawer are also directories because a directory in a computer file system can contain other directories. You can think of files as the pages inside the folder and that s where the actual information is stored. Figure 3-1 illustrates the analogy between a file cabinet and the Linux file system.#BREAK# 398 Exploring the Linux File System The Linux file system has a hierarchical structure directories can contain other directories, which in turn contain individual files. Everything in your Linux system is organized in files and directories in the file system. To access and use documents and programs on your system, you have to be familiar with the file system. Understanding the file-system hierarchy The Linux file system is organized like a tree, with a root directory from which all other directories branch out. When you write a complete pathname, the root directory is represented by a single slash (/). Then there is a hierarchy of files and directories. Parts of the file system can be in different physical drives or different hard drive partitions. Linux uses a standard directory hierarchy. Figure 3-2 shows the standard parts of the Linux file system. Of course, you can create new directories anywhere in this structure. bin boot dev etc home lib mnt / opt root sbin tmp usr var X11R6 bin include lib local sbin share src Figure 3-2: The Linux file system uses this standard directory hierarchy. Directory Directory Directory File File File File Directory Directory Drive Figure 3-1: It s a bit of a stretch, but you can think of the Linux file system as similar to a filing cabinet.#BREAK# Book V Chapter 3 Managing File Systems Exploring the Linux File System 399 Write the name of any file or directory by concatenating the names of directories that identify where that file or directory is and using the forward slash (/) as a separator. For example, in Figure 3-2, the usr directory at the top level is written as /usr because the root directory (/) contains usr. On the other hand, the X11R6 directory is inside the usr directory, which is inside the root directory (/). Therefore, the X11R6 directory is uniquely identified by the name /usr/X11R6. This type of full name is called a pathname because the name identifies the path you take from the root directory to reach a file. Thus, /usr/X11R6 is a pathname. The Filesystem Hierarchy Standard (FHS) specifies the organization of files and directories in UNIX-like operating systems such as Linux. FHS defines a standard set of directories and their intended use. The FHS, if faithfully adopted by all Linux distributions, should help improve the interoperability of applications, system administration tools, development tools, and scripts across all Linux distributions. FHS even helps the system documentation as well as books like this one because the same description of the file system applies to all Linux distributions. Version 2.3 of FHS was announced on January 29, 2004. FHS 2.3 is part of the Linux Standard Base version 2.0 (LSB 2.0), which was released on August 30, 2004. LSB 2.0 (see www.linuxbase. org) is a set of binary standards aimed at reducing variations among the Linux distributions and promoting portability of applications. To find out more about FHS, check out the FHS home page at www.pathname.com/fhs. Each of the standard directories in the Linux file system has a specific purpose. Table 3-1 summarizes these directories. Table 3-1 Standard Directories in Linux File System Directory Used to Store /bin Executable files for user commands (for use by all users) /boot Files needed by the boot loader to load the Linux kernel /dev Device files /etc Host-specific system configuration files /home User home directories /lib Shared libraries and kernel modules /media Mount point for removable media /mnt Mount point for a temporarily mounted file system /opt Add-on application software packages /root Home directory for the root user /sbin Utilities for system administration (continued)#BREAK# 400 Exploring the Linux File System Table 3-1 (continued) Directory Used to Store /srv Data for services (such as Web and FTP) offered by this system /tmp Temporary files The /usr Hierarchy Secondary Directory Hierarchy /usr/X11R6 X Window System, Version 11 Release 6 /usr/bin Most user commands /usr/include Directory for included files used in developing Linux applications /usr/lib Libraries used by software packages and for programming /usr/libexec Libraries for applications /usr/local Any local software /usr/sbin Nonessential system administrator utilities /usr/share Shared data that does not depend on the system architecture (whether the system is an Intel PC or a Sun SPARC workstation) /usr/src Source code The /var Hierarchy Variable Data /var/cache Cached data for applications /var/lib Information relating to the current state of applications /var/lock Lock files to ensure that a resource is used by one application only /var/log Log files organized into subdirectories /var/mail User mailbox files /var/opt Variable data for packages stored in the /opt directory /var/run Data describing the system since it was booted /var/spool Data that s waiting for some kind of processing /var/tmp Temporary files preserved between system reboots /var/yp Network Information Service (NIS) database files Mounting a device on the file system The storage devices that you use in Linux contain Linux file systems. Each device has its own local file system consisting of a hierarchy of directories. Before you can access the files on a device, you have to attach the device s directory hierarchy to the tree that represents the overall Linux file system. Mounting is the operation you perform to cause the file system on a physical storage device (a hard drive partition or a CD-ROM) to appear as part of the Linux file system. Figure 3-3 illustrates the concept of mounting.#BREAK# Book V Chapter 3 Managing File Systems Exploring the Linux File System 401 Figure 3-3 shows each device with a name that begins with /dev. For example, /dev/cdrom is the first DVD/CD-ROM drive and /dev/fd0 is the floppy drive. These physical devices are mounted at specific mount points on the Linux file system. For example, the DVD/CD-ROM drive, /dev/cdrom, is mounted on /media/cdrom in the file system. After mounting the CD-ROM in this way, the Fedora directory on a CD-ROM or DVD-ROM appears as /media/cdrom/ Fedora in the Linux file system. You can use the mount command to manually mount a device on the Linux file system at a specified directory. That directory is the mount point. For example, to mount the DVD/CD-ROM drive at /media/cdrom directory, you type the following command (after logging in as root): mount /dev/cdrom /media/cdrom The mount command reports an error if the DVD/CD-ROM device is mounted already or if no CD or DVD media is in the drive. Otherwise, the mount operation succeeds, and you can access the DVD or CD s contents through the /media/cdrom directory. You can use any directory as the mount point. If you mount a device on a nonempty directory, however, you cannot access the files in that directory until you unmount the device by using the umount command. Therefore, always use an empty directory as the mount point. Debian and Fedora Core define /media/cdrom directory as the mount point for mounting DVDs and CDs and /media/floppy for mounting floppies. Knoppix comes with the /mnt/cdrom directory for mounting DVDs or CDs and /mnt/floppy for mounting floppy drives. SUSE also uses mount points /dev/hda1 /dev/cdrom /dev/fd0 / sbin floppy media Mount point cdrom usr /dev/sda1 usr Mount points local bin src lib doc Fedora dosutils driver Figure 3-3: You have to mount a device on the Linux file system before accessing it.#BREAK# 402 Exploring the Linux File System in the /media directory (for example, /media/cdrecorder and /mnt/ floppy). In Xandros, the mount points for CD and floppy are /mnt/cdrom0 and /mnt/fd0, respectively. To unmount a device when you no longer need it, use the umount command. For example, for a DVD/CD-ROM device with the device name /dev/cdrom, type the following command to unmount the device: umount /dev/cdrom The umount command succeeds as long as no one is using the DVD/CD-ROM. If you get an error when trying to unmount the DVD/CD-ROM, check to see whether the current working directory is on the DVD or CD. If you re currently working in one of the DVD/CD-ROM s directories, that also qualifies as a use of the DVD/CD-ROM. Examining the /etc/fstab file The mount command has the following general format: mount device-name mount-point However, you can mount by specifying only the CD-ROM device name or the mount-point name, provided there is an entry in the /etc/fstab file for the CD-ROM mount point. That entry specifies the CD-ROM device name and the file system type. That s why you can mount the CD-ROM with a shorter mount command. For example, in Debian, you can mount the CD-ROM by typing one of the following commands: mount /dev/cdrom mount /media/cdrom The /etc/fstab file is a configuration file a text file containing information that the mount and umount commands use. Each line in the /etc/fstab file provides information about a device and its mount point in the Linux file system. Essentially, the /etc/fstab file associates various mount points within the file system with specific devices, which enables the mount command to work from the command line with only the mount point or the device as argument. Here is a /etc/fstab file from a SUSE system (the file has a similar format in other Linux distributions):#BREAK# Book V Chapter 3 Managing File Systems Exploring the Linux File System 403 /dev/hda11 / reiserfs acl,user_xattr 1 1 /dev/hda7 /boot ext3 acl,user_xattr 1 2 /dev/hda6 /data1 auto noauto,user 0 0 /dev/hda9 /data2 auto noauto,user 0 0 /dev/hda10 /data3 auto noauto,user 0 0 /dev/hda5 /data4 auto noauto,user 0 0 /dev/hda2 /windows/C ntfs ro,users,gid=users,umask=0002,nls=utf8 0 0 /dev/hda8 swap swap pri=42 0 0 devpts /dev/pts devpts mode=0620,gid=5 0 0 proc /proc proc defaults 0 0 usbfs /proc/bus/usb usbfs noauto 0 0 sysfs /sys sysfs noauto 0 0 /dev/cdrecorder /media/cdrecorder subfs fs=cdfss,ro,procuid,nosuid,nodev,exec,iocharset=utf8 0 0 /dev/fd0 /media/floppy subfs fs=floppyfss,procuid,nodev,nosuid,sync 0 0 The first field on each line shows a device name, such as a hard drive partition. The second field is the mount point, and the third field indicates the type of file system on the device. You can ignore the last three fields for now. This /etc/fstab file shows that the /dev/hda8 device functions as a swap device for virtual memory, which is why both the mount point and the file system type are set to swap. The Linux operating system uses the contents of the /etc/fstab file to mount various file systems automatically. During Linux startup, the init process executes a shell script that runs the mount -a command. That command reads the /etc/fstab file and mounts all listed file systems (except those with the noauto option). The third field on each line of /etc/fstab specifies the type of file system on that device and the fourth field shows a comma-separated list of options that the mount command uses when mounting that device on the file system. Typically, you find the defaults option in this field. The defaults option implies among other things that the device mounts at boot time; that only the root user can mount the device; and that the device mounts for both reading and writing. If the options include noauto, the device doesn t mount automatically as the system boots. In Fedora Core, you often find the kudzu option in the fourth field of /etc/ fstab entries. The kudzu option indicates that the line was added to the fstab file by the kudzu hardware-detection utility kudzu runs the updfstab command to add an entry in the /etc/fstab file for each removable drive it detects. You typically find that the entries for DVD/CD-ROM drives (/dev/cdrom and /dev/cdrom1) and floppy drive (dev/fd0) have the kudzu option in the fourth field. On a PC with an IDE Zip drive, for instance, the /etc/fstab file has another entry set up by kudzu that associates the /mnt/zip mount point with the Zip drive device (/dev/hdd4), as follows: /dev/hdd4 /mnt/zip auto noauto,owner,kudzu 0 0#BREAK# 404 Sharing Files with NFS Sharing Files with NFS Sharing files through the Network File System (NFS) is simple and involves two basic steps: . On the NFS server, export one or more directories by listing them in the /etc/exports file and by running the /usr/sbin/exportfs command. In addition, you must run the NFS server. . On each client system, use the mount command to mount the directories the server has exported. How you start the NFS server depends on the Linux distribution. In Debian, you can type invoke-rc.d nfs-kernel-server start and invoke-rc.d nfs-common start to start the NFS server. In Fedora Core, type service nfs start. In SUSE, you can use YaST Control Center (Main Menu.System.YaST) to start the NFS server. (It s in the Network Services category.) In Xandros, you can start the NFS server from the Xandros Control Center (Main Menu.Control Center) or you can type invoke-rc.d nfs-user-server start in a terminal window. The only problem in using NFS is that each client system must support it. Most PCs don t come with NFS that means you have to buy NFS software separately if you want to share files by using NFS. If, however, all systems on your LAN run Linux (or other variants of UNIX with built-in NFS support), using NFS makes sense. NFS has security vulnerabilities. Therefore, do not set up NFS on systems directly connected to the Internet. In the upcoming section, I walk you through an NFS setup, using an example of two Linux PCs on a LAN. Exporting a file system with NFS Start with the server system that exports makes available to the client systems the contents of a directory. On the server, you must run the NFS service and also designate one or more file systems to be exported, or made available, to the client systems. To export a file system, you have to add an appropriate entry to the /etc/ exports file. For example, suppose you want to export the /home directory and you want to enable the host named LNBP75 to mount this file system for read-and-write operations. (You can use a host s IP address in place of the host name.) You can do so by adding the following entry to the /etc/exports file: /home LNBP75(rw)#BREAK# Book V Chapter 3 Managing File Systems Sharing Files with NFS 405 If you use the IP address of a host, the entry might look like this: /home 192.168.0.2(rw) This specifies that 192.168.0.2 is the IP address of the host that s allowed full access to the /home directory. After adding the entry in the /etc/exports file, start the NFS server using a method appropriate for your Linux distribution. For example, in Fedora Core, I log in as root and type the following command in a terminal window: service nfs start When the NFS service is up, the server side of NFS is ready. Now you can try to mount the exported file system from a client system and access the exported file system. If you ever make any changes to the exported file systems listed in the /etc/exports file, remember to restart the NFS service. For example, in Fedora Core, I type service nfs restart in a terminal window. In Xandros, I type invoke-rc.d nfs-user-server restart. Mounting an NFS file system To access an exported NFS file system on a client system, you have to mount that file system on a mount point which is, in practical terms, nothing more than a local directory. For example, suppose you want to access the /home directory exported from the server named LNBP200 at the local directory /mnt/lnbp200 on the client system. To do so, follow these steps: 1. Log in as root, and then create the directory with the following command: mkdir /mnt/lnbp200 2. Type the following command to perform the mount operation: mount lnbp200:/home/public /mnt/lnbp200 If you only know the IP address of the server, replace the host name (in this case, lnbp200) with the IP address. 3. Change the directory to /mnt/lnbp200 with the command cd /mnt/ lnbp200. Now you can view and access exported files from this directory.#BREAK# 406 Backing Up and Restoring Files To confirm that the NFS file system is indeed mounted, log in as root on the client system and type mount in a terminal window. You see a line similar to the following one about the NFS file system: lnbp200:/home/public on /mnt/lnbp200 type nfs (rw,addr=192.168.1.200) Backing Up and Restoring Files Backing up and restoring files is a crucial system administration task. If something happens to your system s hard drive, you have to rely on the backups to recover important files. Here I present some backup strategies, describe several backup media, and explain how to back up and restore files by using the tape archiver (tar) program that comes with Linux. Also, you find out how to perform incremental and automatic backups on tapes. If you have a CD burner, you can also back up files by recording them on a CD-R. Consult Book II, Chapter 4 for information on what application you can use to burn a data CD. Selecting a backup strategy and media Your Linux system s hard drive contains everything needed to keep the system running as well as other files (such as documents and databases) that keep your business running. You have to back up these files so you can recover quickly and bring the system back to normal in case the hard drive crashes. Typically, you have to follow a strict regimen of regular backups because you can never tell when the hard drive may fail or the file system may get corrupted. To implement such a regimen, first decide which files you want to back up, how often, and what backup storage media to use. This process is what I mean by selecting a backup strategy and backup media. Your choice of backup strategy and backup media depends on your assessment of the risk of business disruption due to hard drive failure. Depending on how you use your Linux system, a disk failure may or may not have much impact on you. For example, if you use your Linux system as a learning tool (to find out more about Linux or programming), all you may need are backup copies of some system files required to configure Linux. In this case, your backup strategy can be to save important system configuration files on one or more floppies every time you change any system configuration. On the other hand, if you use your Linux system as an office server that provides shared file storage for many users, the risk of business disruption due to disk failure is much higher. In this case, you have to back up all the files every#BREAK# Book V Chapter 3 Managing File Systems Backing Up and Restoring Files 407 week and back up any new or changed files every day. You can perform these backups in an automated manner (where you can use the job-scheduling features that I describe in Chapter 1 of this minibook). Also, you probably need a backup storage medium that can store large amounts (many gigabytes) of data. In other words, for high-risk situations, your backup strategy is more elaborate and requires additional equipment (such as a tape drive). Your choice of backup media depends on the amount of data you have to back up. For a small amount of data (such as system configuration files), you can use floppy disks or USB flash drives as the backup media. If your PC has a Zip drive, you can use Zip disks as backup media; these are good for backing up a single-user directory. To back up entire servers, use a tape drive, typically a 4mm or 8mm tape drive that connects to a SCSI controller. Such tape drives can store several gigabytes of data per tape, and you can use them to back up an entire file system on a single tape. When backing up files to these media, you have to refer to the backup device by name. Table 3-2 lists device names for some common backup devices. Table 3-2 Device Names for Common Backup Devices Backup Device Linux Device Name Floppy disk /dev/fd0 IDE Zip drive /dev/hdc4 or /dev/hdd4 SCSI Zip drive /dev/sda (assuming it s the first SCSI drive; otherwise, the device name depends on the SCSI ID) SCSI tape drive /dev/st0 or /dev/nst0 (the n prefix means that the tape isn t rewound after files copy to the tape) Commercial backup utilities for Linux In the next section, I explain how to back up and restore files using the tape archiver (tar) program that comes with Linux. Although you can manage backups with tar, a number of commercial backup utilities come with graphical user interfaces and other features to simplify backups. Here are some well-known commercial backup utilities for Linux: . BRU: A backup and restore utility from The TOLIS Group, Inc. (www. tolisgroup.com) . LONE-TAR: Tape-backup software package from Lone Star Software Corporation (www.cactus.com) . Arkeia: Backup and recovery software for heterogeneous networks from Arkeia (www.knox-software.com)#BREAK# 408 Backing Up and Restoring Files . CTAR: Backup and recovery software for UNIX systems from UniTrends Software Corporation (www.unitrends.com) . BrightStor ARCserve Backup for Linux: Data-protection technology for Linux systems from Computer Associates (www3.ca.com/Solutions/ Product.asp?ID=3370) Using the tape archiver tar You can use the tar command to archive files to a device, such as a floppy disk or tape. The tar program creates an archive file that can contain other directories and files and (optionally) compress the archive for efficient storage. The archive is then written to a specified device or another file. In fact, many software packages are distributed in the form of a compressed tar file. The command syntax of the tar program is as follows: tar options destination source Here, options are usually specified by a sequence of single letters, with each letter specifying what tar will do. The destination is the device name of the backup device. And source is a list of file or directory names denoting the files to back up. Backing up and restoring a single-volume archive For example, suppose you want to back up the contents of the /etc/X11 directory on a floppy disk. Log in as root, place a disk in the floppy drive, and type the following command: tar zcvf /dev/fd0 /etc/X11 The tar program displays a list of filenames as each file copies to the compressed tar archive on the floppy disk. In this case, the options are zcvf, the destination is /dev/fd0 (the floppy disk), and the source is the /etc/ X11 directory (which implies all its subdirectories and their contents). You can use a similar tar command to back up files to a tape simply replace /dev/fd0 with the tape device such as /dev/st0 for a SCSI tape drive. Table 3-3 defines a few common tar options. Table 3-3 Common tar Options Option Does the Following c Creates a new archive f Specifies the name of the archive file or device on the next field in the command line#BREAK# Book V Chapter 3 Managing File Systems Backing Up and Restoring Files 409 Option Does the Following M Specifies a multivolume archive (the next section describes multivolume archives) t Lists the contents of the archive v Displays verbose messages x Extracts files from the archive z Compresses the tar archive using gzip To view the contents of the tar archive you create on the floppy disk, type the following command: tar ztf /dev/fd0 You see a list of the filenames (each begins with /etc/X11) indicating what s in the backup. In this tar command, the t option lists the contents of the tar archive. To extract the files from a tar backup, follow these steps while logged in as root: 1. Change the directory to /tmp by typing this command: cd /tmp This step is where you can practice extracting the files from the tar backup. For a real backup, change the directory to an appropriate location (typically, you type cd /). 2. Type the following command: tar zxvf /dev/fd0 This tar command uses the x option to extract the files from the archive stored on /dev/fd0 (the floppy disk). Now if you check the contents of the /tmp directory, you notice that the tar command creates an etc/X11 directory tree in /tmp and restores all the files from the tar archive into that directory. The tar command strips off the leading / from the filenames in the archive and restores the files in the current directory. If you want to restore the /etc/X11 directory from the archive on the floppy, use this command: tar zxvf /dev/fd0 -C / The / at the end of the command denotes the directory where you want to restore the backup files.#BREAK# 410 Backing Up and Restoring Files You can use the tar command to create, view, and restore an archive. You can store the archive in a file or in any device you specify with a device name. Backing up and restoring a multivolume archive Sometimes the capacity of a single storage medium is less than the total storage space needed to store the archive. In this case, you can use the M option for a multivolume archive meaning the archive can span multiple tapes or floppies. Note, however, that you cannot create a compressed, multivolume archive. That means you have to drop the z option. To see how multivolume archives work, log in as root, place one disk in the floppy drive, and type the following tar command: tar cvfM /dev/fd0 /usr/share/doc/ghostscript* Note: The M option is in the option letters; it tells tar to create a multivolume archive. The tar command prompts you for a second floppy when the first one is filled. Take out the first floppy, and then insert another floppy when you see the following prompt: Prepare volume #2 for /dev/fd0 and hit return: When you press Enter, the tar program continues with the second floppy. In this example, you need only two floppies to store the archive; for larger archives, the tar program continues to prompt for floppies in case more floppies are needed. To restore from this multivolume archive, type cd /tmp to change the directory to /tmp (I use the /tmp directory for illustrative purposes here, but you have to use a real directory when you restore files from archive). Then type tar xvfM /dev/fd0 The tar program prompts you to feed the floppies as necessary. Use the du -s command to determine the amount of storage you need for archiving a directory. For example, here s how you can get the total size of the /etc directory in kilobytes: du -s /etc 35724 /etc The resulting output shows that the /etc directory requires at least 35,724K of storage space to back up.#BREAK# Book V Chapter 3 Managing File Systems Backing Up and Restoring Files 411 Backing up on tapes Although backing up on tapes is as simple as using the right device name in the tar command, you do have to know some nuances of the tape device to use it well. When you use tar to back up to the device named /dev/st0 (the first SCSI tape drive), the tape device automatically rewinds the tape after the tar program finishes copying the archive to the tape. The /dev/st0 device is called a rewinding tape device because it rewinds tapes by default. If your tape can hold several gigabytes of data, you may want to write several tar archives one after another to the same tape (otherwise much of the tape may be left empty). If you plan to do so, your tape device can t rewind the tape after the tar program finishes. To help you with scenarios like this one, several Linux tape devices are nonrewinding. The nonrewinding SCSI tape device is called /dev/nst0. Use this device name if you want to write one archive after another on a tape. After each archive, the nonrewinding tape device writes an end-of-file (EOF) marker to separate one archive from the next. Use the mt command to control the tape you can move from one marker to the next or rewind the tape. For example, after you finish writing several archives to a tape using the /dev/nst0 device name, you can force the tape to rewind with the following command: mt f /dev/nst0 rewind After rewinding the tape, you can use the following command to extract files from the first archive to the current disk directory: tar xvf /dev/nst0 After that, you must move past the EOF marker to the next archive. To do so, use the following mt command: mt f /dev/nst0 fsf 1 This positions the tape at the beginning of the next archive. Now use the tar xvf command again to read this archive. If you save multiple archives on a tape, you have to keep track of the archives yourself. The order of the archives can be hard to remember, so you may be better off simply saving one archive per tape.#BREAK# 412 Backing Up and Restoring Files Performing incremental backups Suppose you use tar to back up your system s hard drive on a tape. Because such a full backup can take quite some time, you don t want to repeat this task every night. (Besides, only a small number of files may have changed during the day.) To locate the files that need backing up, you can use the find command to list all files that have changed in the past 24 hours: find / -mtime 1 type f print This command prints a list of files that have changed within the last day. The -mtime -1 option means you want the files that were last modified less than one day ago. You can now combine this find command with the tar command to back up only those files that have changed within the last day: tar cvf /dev/st0 `find / -mtime 1 type f print` When you place a command between single back quotes, the shell executes that command and places the output at that point in the command line. The net result is that the tar program saves only the changed files in the archive. What this process gives you is an incremental backup of only the files that have changed since the previous day. Performing automated backups In Chapter 1 of this minibook, I show you how to use crontab to set up recurring jobs (called cron jobs). The Linux system performs these tasks at regular intervals. Backing up your system is a good use of the crontab facility. Suppose your backup strategy is as follows: . Every Sunday at 1:15 a.m., your system backs up the entire hard drive on the tape. . Monday through Saturday, your system performs an incremental backup at 3:10 a.m. by saving only those files that have changed during the past 24 hours. To set up this automated backup schedule, log in as root and type the following lines in a file named backups (this example assumes that you use a SCSI tape drive): 15 1 * * 0 tar zcvf /dev/st0 / 10 3 * * 1-6 tar zcvf /dev/st0 `find / -mtime 1 type f print` Next, submit this job schedule by using the following crontab command: crontab backups#BREAK# Book V Chapter 3 Managing File Systems Accessing a DOS/Windows File System 413 Now you are set for an automated backup. All you need to do is to place a new tape in the tape drive everyday. Remember to also give each tape an appropriate label. Accessing a DOS/Windows File System If you have Microsoft Windows 95/98/Me installed on your hard drive, you ve probably already mounted the DOS/Windows partition under Linux. If not, you can easily mount DOS/Windows partitions in Linux. Mounting makes the DOS/Windows directory hierarchy appear as part of the Linux file system. Mounting a DOS/Windows disk partition To mount a DOS/Windows hard drive partition or floppy in Linux, use the mount command but include the option -t vfat to indicate the file system type as DOS. For example, if your DOS partition happens to be the first partition on your IDE (Integrated Drive Electronics) drive and you want to mount it on /dosc, use the following mount command: mount -t vfat /dev/hda1 /dosc The -t vfat part of the mount command specifies that the device you mount /dev/hda1 has an MS-DOS file system. Figure 3-4 illustrates the effect of this mount command. / (root) Red Hat Linux File System DOS partition /dev/hda1 /bin /boot /dev /dosc /dosc/dos /dosc/windows /etc /mnt /sbin /usr DOS WINDOWS C: Figure 3-4: Here s how you mount a DOS partition on the /dosc directory.#BREAK# 414 Accessing a DOS/Windows File System Figure 3-4 shows how directories in your DOS partition map to the Linux file system. What was the C:DOS directory under DOS becomes /dosc/dos under Linux. Similarly, C:WINDOWS now is /dosc/windows. You probably can see the pattern. To convert a DOS filename to Linux (when you mount the DOS partition on /dosc), perform the following steps: 1. Change the DOS names to lowercase. 2. Change C: to /dosc/. 3. Change all backslashes () to slashes (/). Mounting DOS floppy disks Just as you mount a DOS hard drive partition on the Linux file system, you can also mount a DOS floppy disk. You must log in as root to mount a floppy, but you can follow the steps I show in the latter part of this section to set up your system so that any user can mount a DOS floppy disk. You also have to know the device name for the floppy drive. By default, Linux defines the following two generic floppy device names: . /dev/fd0 is the A drive (the first floppy drive) . /dev/fd1 is the B drive (the second floppy drive, if you have one) As for the mount point, you can use any empty directory in the file system as the mount point, but the Linux system comes with a directory, /media/ floppy, specifically for mounting a floppy disk. To mount a DOS floppy disk on the /media/floppy directory, put the floppy in the drive and type the following command: mount -t vfat /dev/fd0 /media/floppy After you mount the floppy, you can copy files to and from the floppy by using the Linux copy command (cp). To copy the file gnome1.pcx from the current directory to the floppy, type the following: cp gnome1.pcx /media/floppy Similarly, to see the contents of the floppy disk, type the following: ls /media/floppy If you want to remove the floppy disk from the drive, first unmount the floppy drive. Unmounting removes the association between the floppy disk s file system and the mount point on the Linux file system. Use the umount command to unmount the floppy disk like this: umount /dev/fd0#BREAK# Book V Chapter 3 Managing File Systems Accessing a DOS/Windows File System 415 You can set up your Linux system so that any user can mount a DOS floppy. To enable any user to mount a DOS floppy in the A drive on the /a directory, for example, perform the following steps: 1. Log in as root. 2. Create the /a directory (the mount point) by typing the following command in a terminal window: mkdir /a 3. Edit the /etc/fstab file in a text editor (such as vi or emacs) by inserting the following line, and then save the file and quit the editor: /dev/fd0 /a vfat noauto,user 0 0 The first field in that line is the device name of the floppy drive (/dev/ fd0); the second field is the mount directory (/a); and the third field shows the type of file system (vfat). The user option (which appears next to noauto) is what enables all users to mount DOS floppy disks. 4. Log out and then log back in as a normal user. 5. To confirm that you can mount a DOS floppy as a normal user and not just as root, insert a DOS floppy in the A drive and type the following command: mount /a The mount operation succeeds, and you see a listing of the DOS floppy when you type the command ls /a. 6. To unmount the DOS floppy, type umount /a. Mounting an NTFS partition Nowadays, most PCs come with Windows XP or Windows 2000 preinstalled on the hard drive. Both Windows XP and 2000, as well as Windows NT, typically use the NT File System (NTFS). Linux supports read-only access to NTFS partitions and many distributions come with the ntfs.ko kernel module that s needed to access an NTFS partition. If you have installed Linux on a Windows XP system and want to access files on the NTFS partition but your distribution does not include the ntfs.ko module, you can build the kernel after enabling an NTFS module during the kernel configuration step. (See Chapter 5 of this minibook for detailed instructions on configuring, building, and installing the kernel.)#BREAK# 416 Using mtools After rebuilding and booting from the new kernel, log in as root, and then type the following command to create a mount point for the NTFS partition (in this case, I am creating a mount point in the /mnt directory): mkdir /mnt/xp Now, you can mount the NTFS partition with the following command: mount /dev/hda2 /mnt/xp -t ntfs -r -o umask=0222 Replace /dev/hda2 with the device name for the NTFS partition on your system. On most PCs that come with Windows XP preinstalled, the NTFS partition is the second one (/dev/hda2) the first partition (/dev/hda1) is usually a hidden partition used to hold files used for Windows XP installation. Using mtools One way to access the MS-DOS file system is to first mount the DOS hard drive or floppy disk by using the mount command and then use regular Linux commands, such as ls and cp, to work with the mounted DOS file system. This approach of mounting a DOS file system is fine for hard drives. Linux can mount the DOS partition automatically at startup, and you can access the DOS directories on the hard drive at any time. If you want a quick directory listing of a DOS floppy disk, however, mounting can soon become quite tedious. First, you have to mount the floppy drive. Then you must use the ls command. Finally, you must use the umount command before ejecting the floppy out of the drive. This situation is where the mtools package comes to the rescue. The mtools package implements most common DOS commands; the commands use the same names as in DOS except that you add an m prefix to each command. Thus the command for getting a directory listing is mdir, and mcopy copies files. The best part of mtools is the fact that you don t have to mount the floppy disk to use the mtools commands. Because the mtools commands write to and read from the physical device (floppy disk), you must log in as root to perform these commands. If you want any user to access the mtools commands, you must alter the permission settings for the floppy drive devices. Use the following command to permit anyone to read from and write to the first floppy drive: chmod o+rw /dev/fd0#BREAK# Book V Chapter 3 Managing File Systems Using mtools 417 Trying mtools To try out mtools, follow these steps: 1. Place an MS-DOS floppy disk in your system s A drive. 2. Type mdir. You see the directory of the floppy disk (in the standard DOS directorylisting format). Typically, you use the mtools utilities to access the floppy disks. The default configuration file, /etc/mtools.conf, is set up to access the floppy drive as the A drive. Although you can edit that file to define C and D drives for your DOS hard drive partitions, you can access the hard drive partitions as well by using the Linux mount command to mount them. Because you can mount the hard drive partitions automatically at startup, accessing them through the Linux commands is normally just as easy. Understanding the /etc/mtools.conf file The mtools package works with the default setup, but if you get any errors, check the /etc/mtools.conf file. That file contains the definitions of the drives (such as A, B, and C) that the mtools utilities see. Following are a few lines from a typical /etc/mtools.conf file: drive a: file= /dev/fd0 exclusive mformat_only drive b: file= /dev/fd1 exclusive mformat_only # First SCSI hard disk partition #drive c: file= /dev/sda1 # First IDE hard disk partition on a Windows 98 PC drive c: file= /dev/hda1 # Internal IDE Zip drive drive e: file= /dev/hdd4 exclusive The pound sign (#) indicates the start of a comment. Each line defines a drive letter, the associated Linux device name, and some keywords that indicate how to access the device. In this example, the first two lines define drives A and B. The third noncomment line defines drive C as the first partition on the first IDE drive (/dev/hda1). If you have other DOS drives (D, for example), you can add another line that defines drive D as the appropriate disk partition. If your system s A drive is a high-density, 3.5-inch drive, you don t need to change anything in the default /etc/mtools.conf file to access the floppy drive. If you also want to access any DOS partition in the hard drive, uncomment and edit an appropriate line for the C drive.#BREAK# 418 Using mtools You also can access Iomega Zip drives through mtools. Simply specify a drive letter and the appropriate device s filename. For built-in IDE (ATAPI) Zip drives, try /dev/hdd4 as the device file and add the following line in the /etc/mtools.conf file: drive e: file= /dev/hdd4 After that, you can use mtools commands to access the Zip drive (refer to it as the E drive). For example, to see the directory listing, place the Zip disk in the Zip drive and type: mdir e: Learning the mtools commands The mtools package is a collection of utilities. So far, I have been using mdir the mtools counterpart of the DIR command in DOS. The other mtools commands are fairly easy to use. If you know MS-DOS commands, using the mtools commands is easy. Type the DOS command in lowercase letters, and remember to add m in front of each command. Because the Linux commands and filenames are case sensitive, you must use all lowercase letters as you type mtools commands. Table 3-4 summarizes the commands available in mtools. Table 3-4 The mtools Commands mtools Utility MS-DOS Command The mtools Utility Does the Following (If Any) mattrib ATTRIB Changes MS-DOS file-attribute flags mbadblocks Tests a floppy disk and marks the bad blocks in the file allocation table (FAT) mcd CD Changes an MS-DOS directory mcopy COPY Copies files between MS-DOS and Linux mdel DEL or ERASE Deletes an MS-DOS file mdeltree DELTREE Recursively deletes an MS-DOS directory mdir DIR Displays an MS-DOS directory listing mdu Lists space that a directory and its contents occupy#BREAK# Book V Chapter 3 Managing File Systems Using mtools 419 mtools Utility MS-DOS Command The mtools Utility Does the Following (If Any) mformat FORMAT Places an MS-DOS file system on a lowlevel- formatted floppy disk (Use fdformat to low-level format a floppy disk in Linux.) minfo Gets information about an MS-DOS file system mkmanifest Makes a list of short name equivalents mlabel LABEL Initializes an MS-DOS volume label mmd MD or MKDIR Creates an MS-DOS directory mmove Moves or renames an MS-DOS file or subdirectory mmount Mounts an MS-DOS disk mpartition Creates an MS-DOS file system as a partition mrd RD or RMDIR Deletes an MS-DOS directory mren REN or RENAME Renames an existing MS-DOS file mshowfat Shows FAT entries for an MS-DOS file mtoolstest Tests and displays the current mtools configuration mtype TYPE Displays the contents of an MS-DOS file mwrite COPY Copies a Linux file to MS-DOS mzip Performs certain operations on SCSI Zip disks You can use the mtools commands just as you use the corresponding DOS commands. The mdir command, for example, works the same as the DIR command in DOS. The same goes for all the other mtools commands shown in Table 3-4. You can use wildcard characters (such as *) with mtools commands, but you must remember that the Linux shell is the first program to see your command. If you don t want the shell to expand the wildcard character all over the place, use quotation marks around filenames that contain any wildcard characters. For example, to copy all *.txt files from the A drive to your current directory, use the following command: mcopy a:*.txt . If you omit the quotation marks, the shell tries to expand the string a:*.txt with filenames from the current Linux directory. It also tries to copy those files (if any) from the DOS floppy disk.#BREAK# 420 Using mtools On the other hand, if you want to copy files from the Linux directory to the DOS floppy disk, you do want the shell to expand any wildcard characters. To copy all *.jpg files from the current Linux directory to the DOS floppy disk, for example, use mcopy like this: mcopy *.jpg a: With the mtools utilities, you can use the backslash character () as the directory separator, just as you do in DOS. However, when you type a filename that contains the backslash character, you must enclose the name in double quotation marks ( ). For example, here s a command that copies a file from a subdirectory on the A drive to the current Linux directory: mcopy a:testsample.dat .#BREAK# Chapter 4: Installing and Updating Applications In This Chapter Working with RPM files with the rpm command Working with DEB files with dpkg, dselect, and APT Building applications from source files Updating Linux applications online Most software packages for Linux are distributed in one of two special file formats Red Hat Package Manager (RPM) files or Debian (DEB) files, which is why you have to know how to install or remove software packages that come in the form of RPM or DEB files. Luckily for you, this is the chapter where I show you how to work with RPM and DEB files. You can install RPM and DEB files in all Linux distributions, but each distribution has its favored distribution format. Fedora Core, with its Red Hat Linux heritage, favors RPM files, whereas most Debian-based distributions use DEB files for distributing software. (To prove there s an exception to every rule, SUSE Linux is Debian-based, but SUSE uses RPM files for its software packages.) Many other open-source software packages come in source-code form, usually in compressed archives. You have to unpack, build, and install the software to use it. I describe the steps you typically follow when downloading, building, and installing source-based software packages. Finally, I briefly describe how to update your Linux system online. As you ll find out, each distribution has its own tools for online updates. Working with RPM Files Red Hat Package Manager (RPM) is a system for packaging all the necessary files for a software product in a single file called an RPM file or simply an RPM. In fact, the entire Fedora Core and SUSE distributions are a whole lot of RPMs. The best way to work with RPMs is through the RPM commands. You have to type these commands at the shell prompt in a terminal window or a text console.#BREAK# 422 Working with RPM Files In Fedora Core, the RPM commands are suitable only if you have to install only a handful of RPM files. To install large number of RPM files, you should select Main Menu.System Settings.Add/Remove Applications from the desktop. If you are installing RPM files from a CD or DVD, first mount the CD/ DVD and then type system-cdinstall-helper /mnt/cdrom. (If your CD/DVD is mounted at some other directory, replace /mnt/cdrom with that directory name.) That should bring up a Package Management window from which you can select and install groups of packages. Using the RPM commands When you install an RPM-based distribution such as Fedora Core, the installer uses the rpm command to unpack the packages (RPM files) and to copy the contents to your hard drive. You don t have to understand the internal structure of an RPM file, but you need to know how to use the rpm command to work with RPM files. Here are some of the things you can do with the rpm command: . Find out the version numbers and other information about the RPMs installed on your system. . Install a new software package from an RPM. For example, you may install a package you skipped during the initial installation. You can do that with the rpm command. . Remove (uninstall) unneeded software you previously installed from an RPM. You may uninstall a package to reclaim the disk space, if you find that you rarely (or never) use the package. . Upgrade an older version of an RPM with a new one. For example, in Fedora Core, you may upgrade after you download a new version of a package from Fedora Core download sites (listed online at fedora. redhat.com/download/mirrors.html). You must upgrade an RPM to benefit from the fixes in the new version. . Verify that an RPM is in working order. You can verify a package to check that all necessary files are in the correct locations. As you can see, the rpm command is versatile it can do a lot of different things, depending on the options you use. If you ever forget the rpm options, type the following command to see a list: rpm –help | more The number of rpm options will amaze you!#BREAK# Book V Chapter 4 Installing and Updating Applications Working with RPM Files 423 Understanding RPM filenames An RPM contains a number of files, but it appears as a single file on your Fedora Core system. By convention, the RPM filenames have a specific format. A typical RPM filename looks like this: OpenOffice_org-1.1.1-20.i586.rpm This filename has the following parts, the first three of which are separated by dashes (-): . Package name: OpenOffice_org . Version number: 1.1.1 . Release number: 20 . Architecture: i586 (this package is for Intel 80586 or Pentium-compatible processors) Usually, the package name is descriptive enough for you to guess what the RPM may contain. The version number is the same as that of the software package s current version number (even when it s distributed in some other form, such as a tar file). Developers assign the release number to keep track of changes. The architecture is i386 or noarch for the RPMs you want to install on a PC with an Intel x86-compatible processor. Querying RPMs As it installs packages, the rpm command builds a database of installed RPMs. You can use the rpm -q command to query this database to find out information about packages installed on your system. For example, to find out the version number of the Linux kernel installed on your system, type the following rpm -q command: rpm -q cups You see a response similar to the following: cups-1.1.20-103 The response is the name of the RPM for the kernel. (This version is the executable version of the kernel, not the source files.) The name is the same as the RPM filename, except that the last part .i386.rpm isn t shown. In this case, the version part of the RPM tells you that you have cups (the Common UNIX Printing System) version 1.1.20 installed.#BREAK# 424 Working with RPM Files You can see a list of all installed RPMs by using the following command: rpm -qa You see a long list of RPMs scroll by your screen. To view the list one screen at a time, type rpm -qa | more If you want to search for a specific package, feed the output of rpm -qa to the grep command. For example, to see all packages with kernel in their names, type rpm -qa | grep kernel The result depends on what parts of the kernel RPMs are installed on a system. You can query much more than a package s version number with the rpm -q command. By adding single-letter options, you can find out other useful information. For example, try the following command to see the files in the cups package: rpm -ql cups Here are a few more useful forms of the rpm -q commands to query information about a package (to use any of these rpm -q commands, type the command, followed by the package name): . rpm -qc: Lists all configuration files in a package. . rpm -qd: Lists all documentation files in a package. These are usually the online manual pages (also known as man pages). . rpm -qf: Displays the name of the package (if any) to which a specified file belongs. . rpm -qi: Displays detailed information about a package, including version number, size, installation date, and a brief description. . rpm -ql: Lists all the files in a package. For some packages, you see a very long list. . rpm -qs: Lists the state of all files in a package (the state of a file can be one of the following: normal, not installed, or replaced).#BREAK# Book V Chapter 4 Installing and Updating Applications Working with RPM Files 425 These rpm commands provide information about installed packages only. If you want to find information about an uninstalled RPM file, add the letter p to the command-line option of each command. For example, to view the list of files in the RPM file named rdist-6.1.5-792.i586.rpm, go to the directory where that file is located and then type the following command: rpm -qpl rdist-*.rpm Of course, this command works only if the current directory contains that RPM file. Two handy rpm -q commands enable you to find out which RPM file provides a specific file and which RPMs need a specified package. To find out the name of the RPM that provides a file, use the following command: rpm -q –whatprovides filename For example, to see which RPM provides the file /etc/vsftpd.conf, type rpm -q –whatprovides /etc/vsftpd.conf RPM then prints the name of the package that provides the file, like this: vsftpd-1.2.1-69 If you provide the name of a package instead of a filename, RPM displays the name of the RPM package that contains the specified package. On the other hand, to find the names of RPMs that need a specific package, use the following command: rpm -q –whatrequires packagename For example, to see which packages need the openssl package, type rpm -q –whatrequires openssl The output from this command shows all the RPM packages that need the openssl package. Installing an RPM To install an RPM, use the rpm -i command. You have to provide the name of the RPM file as the argument. If you want to view the progress of the RPM installation, use rpm -ivh. A series of hash marks (#) displays as the package is unpacked.#BREAK# 426 Working with RPM Files For example, to install the kernel-source RPM (which contains the source files for the Linux operating system) for Fedora Core from the companion DVD-ROM, I insert the DVD and after it s mounted, I type the following commands: cd /mnt/cdrom/Fedora/RPMS rpm -ivh kernel-source* You don t have to type the full RPM filename you can use a few characters from the beginning of the name followed by an asterisk (*). Make sure you type enough of the name to identify the RPM file uniquely. If you try to install an RPM that s already installed, the rpm -i command displays an error message. For example, here is what happens when I type the following command to install the man package on my system: rpm -i man-2* I get the following error message from the rpm -i command: package man-2.4.1-209 is already installed To force the rpm command to install a package even if errors are present, just add –force to the rpm -i command, like this: rpm -i –force man-1* Removing an RPM You may want to remove uninstall a package if you realize you don t really need the software. For example, if you have installed the X Window System development package but discover you re not interested in writing X applications, you can easily remove the package by using the rpm -e command. You have to know the name of the package before you can remove it. One good way to find the name is to use rpm -qa in conjunction with grep to search for the appropriate RPM file. For example, to remove the package named qt3-devel, type rpm -e qt3-devel To remove an RPM, you don t need the full RPM filename; all you need is the package name the first part of the filename up to the dash (-) before the version number. The rpm -e command does not remove a package that other packages need. #BREAK# Book V Chapter 4 Installing and Updating Applications Working with RPM Files 427 Upgrading an RPM Use the rpm -U command to upgrade an RPM. You must provide the name of the RPM file that contains the new software. For example, if I have version 1.1.19 of cups (printing system) installed on my system but I want to upgrade to version 1.1.20, I download the RPM file cups-1.1.20-103.i586.rpm from a repository and use the following command: rpm -U cups-1.1.20-103.i586.rpm The rpm command performs the upgrade by removing the old version of the cups package and installing the new RPM. Whenever possible, upgrade rather than remove the old package and install a new one. Upgrading automatically saves your old configuration files, which saves you the hassle of reconfiguring the software after a fresh installation. When you re upgrading the kernel packages that contain a ready-to-run Linux kernel, install it by using the rpm -i command (instead of the rpm -U command). That way, you won t overwrite the current kernel. Verifying an RPM You may not do so often, but if you suspect that a software package isn t properly installed, use the rpm -V command to verify it. For example, to verify the kernel package, type the following: rpm -V kernel This command causes rpm to compare the size and other attributes of each file in the package against those of the original files. If everything verifies correctly, the rpm -V command does not print anything. If it finds any discrepancies, you see a report of them. For example, I have modified the configuration files for the Apache httpd Web server. Here is what I type to verify the httpd package: rpm -V httpd Here s the result I get: S.5….T c /etc/httpd/conf/httpd.conf In this case, the output from rpm -V tells me that a configuration file has changed. Each line of this command s output has three parts: . The line starts with eight characters: Each character indicates the type of discrepancy found. For example, S means the size is different, and T means the time of last modification is different. Table 4-1 shows each#BREAK# 428 Working with DEB Files character and its meaning. A period means that that specific attribute matches the original. . For configuration files, a c appears next; otherwise, this field is blank. That s how you can tell whether or not a file is a configuration file. Typically, you don t worry if a configuration file has changed; you probably made the changes yourself. . The last part of the line is the full pathname of the file. From this part, you can tell exactly where the file is located. Table 4-1 Characters Used in RPM Verification Reports Character Meaning S Size has changed M Permissions and file type are different 5 Checksum computed with the MD5 algorithm is different D Device type is different L Symbolic link is different U File s user is different G File s group is different T File s modification time is different Working with DEB Files Debian packages with .deb file extensions store executable files together with configuration files, online documentation, and other information. You can unpack and manipulate these DEB files using the Debian utility dpkg, which is a command-line program that takes many options. A text-mode, menu-driven program called dselect is also available for you to manage the packages without having to type dpkg commands. You typically use a higher-level utility called APT (Advanced Packaging Tool) to work with packages in Debian. For example, instead of downloading a DEB file and installing it with the dpkg command, you can simply use the apt-get command to install the package. The apt-get command can even download the package from an online Debian repository and then install it on your system. The dpkg command is still useful when you want to look at the contents of a DEB file that you have manually downloaded from a repository or that might be in the APT cache directory (/var/cache/apt/archives in Debian). I introduce you to dpkg, dselect, and APT in the following sections.#BREAK# Book V Chapter 4 Installing and Updating Applications Working with DEB Files 429 Understanding DEB filenames A typical DEB package has a filename of the following form: vsftpd_2.0.1-1_i386.deb The filename has three parts separated by underscores (_): . Package name: vsftpd . Version and Revision: 2.0.1-1 (version has two parts separated by a dash the first part is the package maintainer s version number, the second part is the Debian revision number) . Architecture: i386 (the package is for Intel x386 compatible systems) The filename has a .deb extension, which indicates that this is a DEB file. Using the dpkg command To get a feel for the dpkg command, type dpkg –help | more. The output shows the large number of options that dpkg accepts. You can also type man dpkg to read the online man page for dpkg. You can use dpkg to perform a whole lot of operations on packages, but you have to work at a shell prompt in a terminal window or a text console. The format of a dpkg command is dpkg [options] action package with zero or more options, an action indicating what dpkg has to do, and the name of a package, a DEB file, or a directory (depends on the action argument). Sometimes the dpkg command does not need any name of package or file, just an action. Here are some examples of actions you can perform with dpkg: . Install a package from a DEB file with the command dpkg -i packagefile where packagefile is the name of the DEB file (for example, vsftpd-*.deb). . Remove a package but retain the configuration files with the command dpkg -r packagename where packagename is the name of the package (for example, vsftpd) . Configure a package with the command dpkg –configure packagename where packagename is the name of a package (for example, vsftpd)#BREAK# 430 Working with DEB Files . Purge remove everything including the configuration files with the command dpkg -P packagename where packagename is the name of a package (for example, vsftpd) . Audit packages (and find the ones that are partially installed on your system) with the command dpkg -C (does not need any file or package name) . List contents of a DEB file with the command dpkg -c packagefile where packagefile is the name of the DEB file (for example, vsftpd-*.deb) . View information about a DEB file with the command dpkg -I packagefile where packagefile is the name of the DEB file (for example, vsftpd-*.deb) . List packages matching pattern with the command dpkg -l pattern where pattern is the package name pattern, usually with wildcard characters, that you want to match (for example, kernel*) . Find packages that contain file with the command dpkg -S pattern where pattern is the filename pattern, usually with wildcard characters, that the package contains (for example, stdio*) . List files installed from a package with the command dpkg -L packagename where packagename is the name of a package (for example, vsftpd) You can try these commands out on a Debian system or any system that uses DEB packages. For example, to look for all packages matching names that begin with mozilla, type dpkg -l mozilla* in a terminal window. Here is the relevant portion of this command s output on my Debian system: ||/ Name Version Description +++-==============-==============-============================================ ii mozilla-browse 1.6-5 Mozilla Web Browser - core and browser ii mozilla-firefo 0.8-12 lightweight web browser based on Mozilla ii mozilla-mailne 1.6-5 Mozilla Web Browser - mail and news support ii mozilla-psm 1.6-5 Mozilla Web Browser - Personal Security Mana un mozilla-xft (no description available) The ii in the first column indicates that the package is installed; un means the package is not installed. Another common use of dpkg -l is to list all packages and use grep to find lines that match a search string. For example, to find anything containing kernel, type dpkg -l | grep kernel. If the package names (in the second column of the dpkg -l output) are truncated, adjust the width of the output lines with a command like this: COLUMNS=132 dpkg -l | grep kernel#BREAK# Book V Chapter 4 Installing and Updating Applications Working with DEB Files 431 I find the dpkg -S command a handy way to locate which package provided a specific file in the system. For example, if I want to figure out what package includes the /etc/host.conf file, I type dpkg -S /etc/host.conf and the output shows that the base-files package contains /etc/host.conf: base-files: /etc/host.conf Introducing dselect The dselect is meant to be a front-end to the dpkg utility. To try out dselect, log in as root and type dselect in a terminal window (or a text console). When dselect starts, you get dselect s text-mode menu (as shown in Figure 4-1). I won t describe dselect in detail, but here are some of the tasks you can perform from the dselect main menu: . Specify an access method how to find the DEB packages. . Update the list of available packages. . View the status of installed and available packages. . Select packages and manage dependencies among packages. . Install new packages or upgrade to existing ones to newer versions. . Configure packages that are not yet configured. . Remove packages. One common sequence in dselect is to update the list of available packages and then upgrade all packages for which updates are available. You can, of course, perform that same task with a simple APT command as well. Figure 4-1: You can use dselect to manage packages in Debian.#BREAK# 432 Working with DEB Files Using APT to manage DEB packages APT stands for Advanced Packaging Tool, and it s truly an advanced utility for keeping your Debian system up to date. You can use a number of APT utilities to manage DEB packages. The two commonly used commands are apt-get and apt-cache. To install a package with apt-get, simply type apt-get install packagename where packagename is the name of the package that you want to install. For example, to install the vsftpd package, type apt-get install vsftpd. Removing a package is equally simple. Type apt-get remove packagename where packagename is the name of the package you want to remove. If you want to find the name of a package and you know some terms associated with the package, you can look for it with the apt-cache utility. For example, to look for a CD/DVD burner package, I type apt-cache search burn | more to search through the APT s package cache (list of Debian packages that APT downloads from the servers listed in the /etc/apt/sources.list file). Here are some lines of output from that command: arson - KDE frontend for burning CDs bootcd-dvdplus - bootcd extension to use DVD+ media burn - Command line Data-CD, Audio-CD, ISO-CD, Copy-CD writing tool caca-utils - text mode graphics utilities cdcontrol - A parallel burner that allow you to write to one or more CD-Writers at once cdlabelgen - generates front cards and tray cards for CDs cdrtoaster - Tcl/Tk front-end for burning cdrom cdw - Tool for burning CD s - console version cdw-common - Tool for burning CD s - common files cpuburn - a collection of programs to put heavy load on CPU cwcdr - Chez Wam CD Ripper dvd+rw-tools - DVD+-RW/R tools dvdbackup - Tool to rip DVD s from the command line gcdw - Tool for burning CD s - graphical version gcombust - GTK+ based CD mastering and burning program … lines deleted … The output shows several potential CD/DVD burning programs that I could install. To discover more about any of the packages, I type apt-cache show packagename where packagename is the name of the package for which I want information. For example, to find out more about the dvd+rw-tools package, I type apt-cache show dvd+rw-tools and the output shows me a description of the package. I can then install the package with apt-get install. To search for a keyword that appears in the package s name only, use the — names-only option like this: apt-cache search –names-only keyword where keyword is something that appears in the package s name. For example, if I want to find packages that contain selinux in their names, I type apt-cache search –names-only selinux.#BREAK# Book V Chapter 4 Installing and Updating Applications Building Software Packages from Source Files 433 Run apt-get clean periodically to clean out the local repository (in the /var/cache/apt/archives directory) of DEB files that have already been installed. You can free up some disk space by removing these DEB files. Building Software Packages from Source Files Many open-source software packages are distributed in source-code form, without executable binaries. Before you can use such software, you have to build the executable binary files by compiling, and you have to follow some instructions to install the package. In this section, I show you how to build software packages from source files. Downloading and unpacking the software Open-source software source files are typically distributed in compressed tar archives. These archives are created by the tar program and compressed with the gzip program. The distribution is in the form of a single large file with the .tar.gz or .tar.Z extension often referred to as a compressed tarball. If you want the software, you have to download the compressed tarball and unpack it. Download the compressed tar file by using anonymous FTP or through your Web browser. Typically, this process involves no effort on your part beyond clicking a link and saving the file in an appropriate directory on your system. To try your hand at downloading and building a software package, you can practice on the X Multimedia System (XMMS) a graphical X application for playing MP3 and other multimedia files. XMMS is bundled with Fedora Core and already installed on your system. However, you do no harm in downloading and rebuilding the XMMS package again. Download the source files for XMMS from www.xmms.org/download.php. The files are packed in the form of a compressed tar archive. Click the http link for the source files, and then save them in the /usr/local/src directory in your Linux system. (Be sure to log in as root; otherwise you cannot save in the /usr/local/src directory.) After downloading the compressed tar file, examine the contents with the following tar command: tar ztf xmms*.gz | more You see a listing similar to the following: xmms-1.2.10/ xmms-1.2.10/intl/ xmms-1.2.10/intl/ChangeLog#BREAK# 434 Building Software Packages from Source Files xmms-1.2.10/intl/Makefile.in xmms-1.2.10/intl/config.charset xmms-1.2.10/intl/locale.alias xmms-1.2.10/intl/ref-add.sin xmms-1.2.10/intl/ref-del.sin xmms-1.2.10/intl/gmo.h xmms-1.2.10/intl/gettextP.h xmms-1.2.10/intl/hash-string.h xmms-1.2.10/intl/loadinfo.h … rest of the output not shown … The output of this tar command shows you what s in the archive and gives you an idea of the directories that are created after you unpack the archive. In this case, a directory named xmms-1.2.10 is created in the current directory, which, in my case, is /usr/local/src. From the listing, you also figure out the programming language used to write the package. If you see .c and .h files, the source files are in the C programming language used to write many open-source software packages. To extract the contents of the compressed tar archive, type the following tar command: tar zxvf xmms*.gz You again see the long list of files as they extract from the archive and copy to the appropriate directories on your hard drive. Now you re ready to build the software. Building the software from source files After you unpack the compressed tar archive, all source files are in a directory whose name is usually that of the software package with a versionnumber suffix. For example, the XMMS version 1.2.10 source files extract to the xmms-1.2.10 directory. To start building the software, change directories with the following command: cd xmms* You don t have to type the entire name the shell can expand the directory name and change to the xmms-1.2.10 directory. Nearly all software packages come with some sort of README or INSTALL file a text file that tells you how to build and install the package. XMMS is no exception; it comes with a README file you can peruse by typing more README. An INSTALL file contains instructions for building and installing XMMS.#BREAK# Book V Chapter 4 Installing and Updating Applications Building Software Packages from Source Files 435 Most open-source software packages, including XMMS, also come with a file named COPYING. This file contains the full text of the GNU General Public License (GPL), which spells out the conditions under which you can use and redistribute the software. If you re not familiar with the GNU GPL, read this file and show the license to your legal counsel for a full interpretation and an assessment of applicability to your business. To build the software package, follow the instructions in the README or INSTALL file. For the XMMS package, the README file lists some of the prerequisites (such as libraries) and tells you what commands to type to build and install the package. In the case of XMMS, the instructions tell you to use the following steps: 1. Type ./configure to run a shell script that checks your system configuration and creates a file named Makefile a file the make command uses to build and install the package. (You can type ./configure –help to see a list of options that configure accepts.) If you get any errors about missing packages, you have to install those missing packages. Use your distribution s software installation tools to add the missing packages. For example, in Debian use the apt-get install command. In Fedora Core, select Main Menu.System Settings. Add/Remove Applications. In SUSE, use the YaST GUI tool. 2. Type make to build the software. This step compiles the source files in all the subdirectories. (Compiling source code converts each source file into an object file a file containing binary instructions that your PC s processor can understand.) 3. Type make install to install the software. This step copies libraries and executable binary files to appropriate directories on your system. Although these steps are specific to XMMS, most other packages follow these steps configure, make, and install. The configure shell script guesses system-dependent variables and creates a Makefile with commands needed to build and install the software. Usually, you don t have to do anything but type the commands to build the software, but you must install the software-development tools on your system. In Fedora Core, you must install the Development Tools and the GNOME Software Development packages. In Debian, to build and run XMMS, you must also install the X Software Development package because it s an X application.#BREAK# 436 Building Software Packages from Source Files After you have installed XMMS, try running it from the GNOME or KDE desktop by typing xmms in a terminal window. From the XMMS window, press L to get the Load File dialog box and select an MP3 file to play. Your PC must have a sound card, and the sound card must be configured correctly for XMMS to work. XMMS already comes with Fedora Core, but that version does not include the plugin needed to play MP3 files. After you build the new version of XMMS, you should be able to play MP3 files. To summarize, here s an overview of the steps you follow to download, unpack, build, and install a typical software package: 1. Use a Web browser to download the source code, usually in the form of a .tar.gz file, from the anonymous FTP site or Web site. 2. Unpack the file with a tar zxvf filename command. 3. Change the directory to the new subdirectory where the software is unpacked, with a command such as cd software_dir. 4. Read any README or INSTALL files to get a handle on any specific instructions you must follow to build and install the software. 5. The details of building the software may differ slightly from one software package to another, but typically you type the following commands to build and install the software: ./configure make make install 6. Read any other documentation that comes with the software to find out how to use the software and whether you must configure the software further before using it. Installing SRPMS If you have the source CDs for Fedora Core (you can download the source CD images from one of the sites listed at fedora.redhat.com/download/ mirrors.html), you can install the source files and build various applications directly from the source files. Fedora Core source-code files also come in RPMs, just as the executable binary files, and these source-code RPM files are generally known as SRPMS (for source RPMs). To install a specific source RPM and build the application, follow these steps: 1. Mount the DVD-ROM by typing mount /mnt/cdrom or waiting for the GNOME desktop to mount the DVD.#BREAK# Book V Chapter 4 Installing and Updating Applications Updating Linux Applications Online 437 2. Typically, source RPMs are in the SRPMS directory. Change to that directory by typing the following command: cd /mnt/cdrom/SRPMS 3. Install the source RPM file by using the rpm -i command. For example, to install the Web server (httpd) source, type rpm -ivh httpd*.src.rpm The files install in the /usr/src/redhat/SOURCES directory. A spec file with a .spec extension is placed in the /usr/src/redhat/SPECS directory. The spec file describes the software and also contains information used to build and install the software. 4. Use the rpmbuild command with the spec file to build the software. You perform different tasks from unpacking the source files to building and installing the binaries by using different options with the rpmbuild command. For example, to process the entire spec file, type: rpmbuild -ba packagename.spec Here packagename is the name of the SRPM. This command typically builds the software and installs the binary files. Updating Linux Applications Online Each of the Linux distributions Debian, Fedora Core, SUSE, and Xandros come with utilities that enable you to update the software online. In the following sections, I provide an overview of the update methods in Debian, Fedora Core, SUSE, and Xandros. You need a fast Internet connection (such as a DSL or cable modem) to easily update your Linux applications or download new software packages. Make sure that your Internet connection is up and running before you attempt to update your Linux system online. Keeping Debian updated with APT The best way to keep your Debian system updated is to use APT. More specifically, you use the apt-get command-line utility with appropriate options. In a nutshell, assuming the APT sources were configured during Debian installation, you can keep the current collection of software updated with the following two commands, typed in that order: apt-get update apt-get upgrade#BREAK# 438 Updating Linux Applications Online The apt-get update command checks the current list of packages against the ones available from the locations specified in /etc/apt/sources.list file and gathers information about new versions of installed packages. The apt-get upgrade command actually installs any available new versions of the packages installed in your Debian system. You must perform apt-get upgrade to install any available upgrades. To install new packages in Debian, use apt-cache search to find the package name in APT s package cache and then use apt-get install to install the package. Updating Fedora Core Applications Fedora Core comes with Up2date a graphical Update Agent that can download any new RPM files your system requires and install those files for you. Up2date is also known as the Red Hat Update Agent because Red Hat developed it for its Red Hat Network through which Red Hat provides services to its commercial customers. To update Fedora Core software packages using Up2date, follow these steps: 1. Log in as root, and choose Main Menu.System Tools.Red Hat Network. You can also type up2date in a terminal window. The Red Hat Update Agent starts, and, if you re using Up2date for the first time, a dialog box prompts you to install a public key in your GPG key ring. (GPG refers to GNU Privacy Guard or GnuPG, a program for encrypting, decrypting, and signing e-mail and other data using the OpenPGP Internet standard.) That public GPG key verifies that the package developer has securely signed the package that Up2date has downloaded. If prompted to do so, click Yes to install the public key. 2. Up2date displays a window with a welcome message. Click the Forward button to proceed. 3. Up2date displays a list of what it calls channels repositories from where the agent downloads package headers. Click Forward to continue. By default, the Update Agent uses a channel that works with Yum a command-line package updater/installer that I describe in the next section. The channels are identified in the text configuration file /etc/ sysconfig/rhn/sources. Besides Yum, the Up2date can also access repositories meant for APT the Advanced Packaging Tool used in Debian. After you click Forward, Up2date figures out what needs to be updated and retrieves a list of all headers from the specified channel.#BREAK# Book V Chapter 4 Installing and Updating Applications Updating Linux Applications Online 439 4. After Up2date downloads the headers, it displays a list of packages. You can then scroll through the list and pick the packages you want to update; click the box to the left of a package s name to select it. Click Forward to continue. Up2date then checks for any package dependencies and begins downloading the packages. Progress bars show the status of the download. 5. After the download finishes, click the Forward button to proceed with the installation. 6. Up2date displays progress bars as it installs each package update. Click the Forward button when the installation is complete. Up2date displays a message about the package(s) it installs successfully. 7. Click the Finish button to exit Up2date. In Fedora Core, you can also use the Yellow dog Updater, Modified (Yum) a command-line utility for updating as well as installing and removing RPM packages. Yum downloads RPM package headers from a specified Web site and then uses the rpm utility to figure out any interdependencies among packages and what needs to be installed on your system. Then it downloads and uses rpm to install the necessary packages. Yum downloads just the headers to do its job and the headers are much smaller in size than the complete RPM packages. Yum is much faster than the alternative, where you manually download the complete RPM packages using the rpm command. Typically, you keep your system up to date with the graphical Update Agent because it s easy to use. However, knowing how to run Yum from the command line is good, just in case you have problems with the Update Agent. You can read more about Yum and keep up with Yum news by visiting the Yum Web page at linux.duke.edu/projects/yum. The command line for Yum has the following syntax: yum [options] command [packagenames] options is a list of Yum options, command specifies what you want Yum to do, and packagenames are the names of a packages on which Yum performs that action. You must provide the command, but the options and packagenames are optional. That s why I show them in square brackets in the syntax. Table 4-2 summarizes the Yum commands and Table 4-3 lists some common Yum options.#BREAK# 440 Updating Linux Applications Online Table 4-2 Yum Commands Command What Yum Does for This Command check-update Checks for available updates for your system. clean Cleans up the cache directory. info Displays summary information about the specified packages. install Installs latest versions of specified packages, making sure that all dependencies are satisfied. list Lists information about available packages. provides Provides information on which package provides a file. remove Removes specified packages as well as any packages that depend on the packages being removed. search Finds packages whose header contains what you specify as the package name. update Updates specified packages, making sure that all dependencies are satisfied. Table 4-3 Some Common Yum Options Option Causes Yum to Do the Following –download-only Downloads the packages, but does not install them. –exclude=pkgname Excludes the specified package. (You can use this option more than once on the command line.) –help Displays a help message and quits. –installroot=path Uses the specified path name as the directory under which all packages are installed. -y Assumes that your answer to any question is yes. If you simply want Yum to update your system, just type the following (you have to be logged in as root): yum update Yum consults its configuration file, /etc/yum.conf, and does everything needed to update the packages installed on your system. You can specify package names to update only some packages. For example, to update the kernel and xorg-x11 packages, use the following Yum command: yum update kernel* xorg-x11*#BREAK# Book V Chapter 4 Installing and Updating Applications Updating Linux Applications Online 441 This command updates all packages whose names begin with kernel and xorg-x11. You may use the options to further instruct Yum what to do. For example, if you want to download the updated packages, but not install them, type yum –download-only update Another typical option is –exclude, which enables you to exclude one or more packages from the update process. Suppose you want to update everything except the GNOME packages (whose names begin with gnome) and the rhythmbox package. Then you type the following Yum command: yum –exclude=gnome* –exclude=rhythmbox upd Updating SUSE online SUSE comes with YOU YaST Online Update for online software updates. To access YOU, select Main Menu.System.YaST and from the YaST Control Center s Software category, click Online Update. This brings up the YaST Online Update window, as shown in Figure 4-2. Figure 4-2: You can keep your SUSE system updated with YaST Online Update.#BREAK# 442 Updating Linux Applications Online To set up YOU automatic updates, click the Configure Fully Automatic Update button. You can then specify a time of the day when you want YOU to download any available patches and install them. If you want, you can specify that YOU only download the patches and not install them. To update your SUSE system online, select the installation source and click Next. (Refer to Figure 4-2.) YOU then downloads the list of patches and displays them, as shown in Figure 4-3. Select the patches (some are recommended and preselected for you) and click Accept. YOU then downloads the required packages and installs them on your SUSE system. Using Xandros Networks In Xandros, use Xandros Networks to update applications or install new ones. Select Main Menu.Xandros Networks to open the Xandros Networks window, as shown in Figure 4-4. To install the latest updates from Xandros, select File.Install All Latest Updates from Xandros or click the Update button (to the left of the key in the toolbar at the top of Figure 4-4). Xandros Networks then downloads information about the available updates and shows a summary (see Figure 4-5) of the packages to be downloaded and the disk space needed to install them. Figure 4-3: Select YOU patches and click Accept to install them.#BREAK# Book V Chapter 4 Installing and Updating Applications Updating Linux Applications Online 443 Click Ok. Xandros Networks then downloads the software updates and installs them. Behind the scenes, Xandros Networks uses Debian s apt-get command to download and install the software updates. The Xandros Networks window also offers options to install new software. You can even shop for new applications through Xandros Networks. If you have RPM or DEB files to install, you can do so in Xandros Networks by selecting File.Install RPM File or File.Install DEB File. Figure 4-5: Xandros Networks displays summary information about updates. Figure 4-4: Use Xandros Networks to update or install software in Xandros.#BREAK# 444 Book V: Administration#BREAK# Chapter 5: Customizing the Linux Kernel In This Chapter Configuring the kernel Building a new kernel and any modules Installing the modules Building and installing a new initial RAM disk file Installing the kernel and setting up GRUB One reason why Linux is so exciting is that many programmers are constantly improving it. Some programmers, for example, write drivers that add support for new hardware, such as a new sound card or a new networking card. All these innovations come to you in the form of new versions of the Linux kernel. Although you don t have to upgrade or modify the Linux operating system the kernel every time a new version is available, sometimes you have to upgrade simply because the new version corrects some problems or supports your hardware better. On the other hand, if an earlier kernel version has everything you need, you don t have to rush out and upgrade. Sometimes, you may want to rebuild the kernel even when it has no fixes or enhancements. The Linux kernel on the companion DVD-ROM is generic and uses modules to support all types of hardware. You may want to build a new kernel that links in incorporates into the kernel s binary file the drivers for only the devices installed on your system. In particular, if you have a SCSI hard drive, you may want to create a kernel that supports your SCSI adapter. Depending on your needs, you may also want to change some of the kernel-configuration options, such as creating a kernel that s specific for your processor (instead of a generic Intel 386 processor). In this chapter, I explain how to rebuild and install a new Linux kernel. Rebuilding the Kernel Rebuilding the kernel refers to creating a new binary file for the core Linux operating system. This binary file is the one that runs when Linux boots.#BREAK# 446 Rebuilding the Kernel You may wonder why you would ever want to rebuild the kernel. Well, here are a few reasons: . After you initially install Linux, you may want to create a new kernel that includes support for only the hardware installed on your system. In particular, if you have a SCSI adapter, you may want to create a kernel that links in the SCSI driver. The kernel on the companion DVD-ROM includes the SCSI driver as an external module that the kernel loads at startup. . If you have a system with hardware for which only experimental support is available, you have to rebuild the kernel to include that support into the operating system. . You may want to recompile the kernel and generate code that works well on your specific Pentium processor (instead of the generic 386 processor code that comes in most Linux distributions). To rebuild the Linux kernel, you need the kernel source files. The kernel source files are not normally installed. Use your distribution s software installation tool to install the kernel source package. For example, in Fedora Core, you can install the kernel source RPM file (the filename begins with kernel-source) from the DVD s Fedora/RPMS directory. (If the DVD is mounted on /media/cdrom, then the RPM is in the /media/cdrom/Fedora/ RPMS directory.) In SUSE, use YaST to install the kernel sources to find it, use the search feature in YaST s software installation window. After installing the kernel source package, the source files appear in the /usr/src/linux-VERSION directory, where VERSION is the version number of the kernel. Thus, for kernel version 2.6.5-7.108, the source files are in the /usr/src/linux-2.6.5-7.108 directory. Some distributions set up /usr/ src/linux as a symbolic link (shortcut) to the version-specific directory containing the source files for the Linux kernel. In Debian, the kernel sources are installed in the /usr/src/kernel-source- VERSION directory, where VERSION is the kernel version. Therefore, for kernel version 2.6.8, the sources are in /usr/src/kernel-source-2.6.8. To change to the kernel source directory in Debian, type cd /usr/src/kernel-source*. Building the kernel involves the following phases: . Configuring the kernel . Building the kernel . Building and installing the modules . Building a new initial RAM disk (initrd) file . Installing the kernel and setting up GRUB#BREAK# Book V Chapter 5 Customizing the Linux Kernel Rebuilding the Kernel 447 I explain these phases in the next few sections, but first you need to know the difference between linking in a driver versus building a driver as a loadable module. Creating a monolithic versus a modular kernel You have two options for the device drivers needed to support various hardware devices in Linux: . Link in support: You can link the drivers for all hardware on your system into the kernel. The size of the kernel grows as device-driver code incorporates into the kernel. A kernel that links in all necessary code is called a monolithic kernel because it s one big file. . Use modules: You can create the device drivers in the form of loadable kernel modules. A module is a block of code that the kernel can load after it starts running. A typical use of modules is to add support for a device without having to rebuild the kernel for each new device. Modules don t have to be device drivers; they can also add new functionality to the kernel. A kernel that uses modules is called a modular kernel. You don t have to create a fully monolithic or fully modular kernel. In fact, linking some support directly into the kernel but building infrequently used device drivers in the form of modules is common practice. For a Linux distribution, including a mostly modular kernel makes sense, along with a large number of modules that can support many different types of hardware. Then the Linux installer configures the system to load only modules needed to support the hardware installed in a user s system. When you create a custom kernel for your hardware configuration, you may want to link all required device drivers into the kernel. You can still keep the size of such a monolithic kernel under control because you link in device drivers only for the exact set of hardware installed on your system. Configuring the kernel The first phase in rebuilding a kernel is to configure it. To configure the kernel, log in as root. Then change the kernel source directory by using the cd command as follows: cd /usr/src/linux* To configure the kernel, you have to indicate which features and device drivers you want to include in your Linux kernel. In essence, you build your very own version of the Linux kernel with just the features you want.#BREAK# 448 Rebuilding the Kernel Linux provides several ways for you to configure the kernel: . Type make menuconfig to enter the kernel-configuration parameters through a text-based interface similar to the one the Linux installation program uses. . Type make xconfig to use an X Window System-based configuration program to configure the kernel. You have to run X to use this configuration program with a graphical interface. . Type make config to use a shell script that prompts you for each configuration option one by one. You can use this configuration program from the Linux command prompt. When you use this option, you undergo a long question-and-answer process to specify the configuration parameters. For each question, respond with a y to link support into the kernel, m to build a module, and n to skip the support for that specific device. . Type make oldconfig to use a shell script to reconfigure the kernel after upgrading the sources. This configuration script keeps the existing options and prompts you only for new or changed options. The make menuconfig, make xconfig, make config, and make oldconfig commands achieve the same end result each stores your choices in a text file named .config located in the /usr/src/linux* directory. Because the filename starts with a period, you don t see it when you use the ls command alone to list the directory. Instead, type ls -a to see the .config file in the directory listing. The kernel-configuration step merely captures your choices in the .config file. (In fact, the .config file does not exist until you configure the kernel once.) The kernel file does not change until you compile the kernel with the make command. That means you can go through the kernel-configuration option as many times as you want. If you want to start over with default settings, type the following command before you start configuring the kernel: make mrproper For an overview of the kernel configuration build steps that you can perform with the make command, type the following in a terminal window (after you type cd /usr/src/linux* to change the current directory to the correct location): make help | more Before starting to reconfigure the kernel, take a look at a typical .config file. For example, here are some lines of output when I type more .config on a Linux system (after I configure the kernel):#BREAK# Book V Chapter 5 Customizing the Linux Kernel Rebuilding the Kernel 449 # # Automatically generated make config: don t edit # CONFIG_X86=y CONFIG_MMU=y CONFIG_UID16=y CONFIG_GENERIC_ISA_DMA=y # # Code maturity level options # CONFIG_EXPERIMENTAL=y CONFIG_CLEAN_COMPILE=y CONFIG_BROKEN_ON_SMP=y # # General setup # CONFIG_SWAP=y CONFIG_SYSVIPC=y (rest of the file not shown) Essentially, each configuration option has a name, and each one is assigned a value. The name begins with CONFIG_ followed by a word that identifies the option. Each selected option has a value of y (to link in