Understanding Linux Profile Classification and usage

Source: Internet
Author: User
Tags create directory file transfer protocol

Understanding Linux Profile Classification and usage

This article describes the configuration files for Linux systems, which control user rights, system applications, daemons, services, and other administrative tasks in a multiuser, multitasking environment. These tasks include managing user accounts, assigning disk quotas, managing e-mail and newsgroups, and configuring kernel parameters. This article also classifies the current configuration files in the Red Hat Linux system based on the usage of the profile and the services it affects.

Each Linux program is an executable file that contains a list of opcode that the CPU will execute to accomplish certain operations. For example, the LS command is provided by the/bin/ls file, which contains a list of machine instructions that need to be used when displaying a list of files in the current directory on the screen. Almost every program's behavior can be customized according to your preferences or needs by modifying its profile.

Is there a standard configuration file format for Linux?

In a word, no. Users who are unfamiliar with Linux will feel frustrated because each profile looks like a new challenge to meet. In Linux, each programmer is free to choose the profile format he or she likes. You can choose from a lot of formats, from the/etc/shells file (which contains a list of shells separated by a newline character), to the complex/etc/httpd.conf file of Apache.

What is a system configuration file?

The kernel itself can also be seen as a "program." Why does the kernel need configuration files? The kernel needs to understand the list of users and groups in the system, thus managing file permissions (that is, determining whether a particular user (Unix_users) can open a file based on permissions). Note that these files are not explicitly read by the program, but are read by a function provided by the system library and used by the kernel. For example, a program that requires a user's (encrypted) password should not open the/etc/passwd file. Instead, the program should call the GETPW () function of the system library. This function is also known as a system call. Opening the/etc/passwd file and then finding the password for the requested user is determined by the kernel (through the system library).

Most of the configuration files in the Red Hat Linux system are in the/etc directory unless otherwise specified. Profiles can be broadly divided into the following categories:

--------------------------------------------------------------------------------

accessing files

/etc/host.conf tells the network name server how to find the host name. (usually/etc/hosts, then a name server, which can be changed by netconf)

/etc/hosts contains a list of known hosts (on the local network). If the system's IP is not dynamically generated, it can be used. For simple host name resolution (dot notation), before requesting a DNS or NIS Network name server,/etc/hosts.conf usually tells the resolver to check here first.

/etc/hosts.allow See the online help page for hosts_access. Read at least by TCPD. /etc/hosts.deny See the online help page for hosts_access. Read at least by TCPD.

--------------------------------------------------------------------------------

Boot and Logon/logoff

/etc/issue &/etc/issue.net

These files are read by Mingetty (and similar programs) to display a "welcome" string to a user who is connected from a terminal (issue) or through a Telnet session (Issue.net). They include several lines of information stating the Red Hat version number, name, and kernel ID. They are used by rc.local.

/etc/redhat-release includes a line of information that declares the Red Hat version number and name. Used by rc.local.

/ETC/RC.D/RC are typically run at all run levels, and levels are passed as parameters. For example, to boot a machine in graphical (graphics) mode (x-server), run the following command at the command line: Init 5. Run Level 5 indicates that the system is booted in graphical mode.

/etc/rc.d/rc.local informal. Can be called from RC, Rc.sysinit, or/etc/inittab.

/etc/rc.d/rc.sysinit is usually the first script of all runlevel.

/ETC/RC.D/RC/RCX.D a script that runs from RC (X represents any number between 1 and 5). These directories are specific "runlevel" directories. When the system starts, it recognizes the runlevel to start, and then calls all startup scripts that exist in the specific directory for that RunLevel. For example, a "entering Run-level 3" message is typically displayed after the boot message when the system starts, which means that all initialization scripts in the/etc/rc.d/rc3.d/directory are called.

--------------------------------------------------------------------------------

File system

The kernel provides an interface to display some of its data structures, which may be useful for system parameters such as interrupts used, initialized devices, and memory statistics. This interface is provided as a standalone but virtual file system, called the/proc file system. Many system utilities use the values present in this file system to display system statistics. For example, the/proc/modules file enumerates the modules currently loaded in the system. The Lsmod command reads this information and then displays it in a format that people can understand. The mTAB file specified in the following table reads the/proc/mount file containing the currently installed file system in the same way.

/etc/mtab This will change as the/proc/mount file changes. In other words, when the file system is installed and uninstalled, changes are immediately reflected in this file.

/etc/fstab enumerates the file systems that the computer is currently "ready to install".  This is important because the MOUNT-A command is run when the computer boots, which installs every file system with the "1" tag in the penultimate column of Fstab. /etc/mtools.conf the configuration of all operations on a DOS type file system (create directory, copy, format, and so on).

--------------------------------------------------------------------------------

System Management

The/etc/group contains a valid group name and the users that are included in the specified group. A single user can exist in multiple groups if they perform multiple tasks. For example, if a user is a member of the Project 1 project group and is also an administrator, his entry looks like this in the group file: User: *: Group-id:project1

/etc/nologin If a/etc/nologin file exists, login (1) will allow access only to the root user. It will display the contents of this file to other users and refuse to sign in. ETC/PASSWD See "Man passwd". It contains some user account information, including the password (if it has not been encrypted by the shadow program).

/ETC/RPMRC rpm command configuration. All RPM command-line options can be set together in this file, so that when any RPM command runs on the system, all options are applied globally.

/etc/securetty contains the device name, consisting of a TTY line (one name per line, excluding the previous/dev/), where the root user is allowed to log in.

/etc/usertty/etc/shadow contains encrypted user account password information and can also include password aging information. The fields that are included are: the password for the login is encrypted from January 1, 1970 to the password that was last changed from the days before the password can be changed before the number of days before the password expires the number of days before the user is warned of the number of days the password expires payback the number of days from January 1, 1970 to account number disabled The number of days that are disabled/etc/shells contains a list of possible "shells" that are available to the system.

/ETC/MOTD daily messages, used when an administrator wants to communicate a message to all users of a Linux server.

--------------------------------------------------------------------------------

Networking

/etc/gated.conf the configuration of the gated. Can only be used by the gated daemon.

/etc/gated.version contains the version number of the gated daemon.

/etc/gateway is optionally used by the routed daemon.

/etc/networks lists the network name and network address that can be accessed from the network to which the machine is connected. Used by routing commands. Allows the use of network names.

/etc/protocols enumerates the currently available protocols. Please refer to the NAG (network Administrator's Guide) and the online help page for Administrators. The C interface is getprotoent. can never be changed.

/etc/resolv.conf tells the kernel which name server to query when the program requests "resolve" an IP address.

The/ETC/RPC contains RPC directives/rules that can be used in NFS calls, remote file system installations, and so on.

/etc/exports the file System (NFS) to export and the permissions to it.

/etc/services converts the network service name to a port number/protocol. Read by inetd, Telnet, tcpdump, and some other programs. There are some C access routines.

/etc/inetd.conf the inetd configuration file. See the inetd online help page. Contains entries for each network service, inetd must control daemons or other services for these network services. Note that the services will run, but they will be commented out in/etc/services, so that they will not be available even if the services are running. Format:<service_name> <sock_type> <proto> <flags> <user> <server_path> <args> /ETC/SENDMAIL.CF the SendMail configuration file for the mail program. Rather obscure, it is difficult to understand. /etc/sysconfig/network points out networking=yes or No. Read at least by Rc.sysinit.

/etc/sysconfig/network-scripts/if* Red Hat Network configuration script.

--------------------------------------------------------------------------------

System commands

System commands want to control the system exclusively and let everything work properly. All programs such as login (completing the console user authentication phase) or bash (providing interaction between users and computers) are system commands. Therefore, the documents relating to them are also of particular importance. The following files are of interest to users and administrators in this category.

The/etc/lilo.conf contains the default boot command line parameters for the system, as well as the different images used at startup. You can see this list by pressing the Tab key at the LILO boot prompt.

/ETC/LOGROTATE.CONF maintains log files in the/var/log directory.

/etc/identd.conf Identd is a server that implements the standard IDENT user identification protocol proposed by TCP/IP in the manner specified in the RFC 1413 documentation. Identd works by locating a specific TCP/IP connection and returning the user name of the process that owns the connection. As a choice, it can also return other information, rather than the user name. See the Identd online help page.

/etc/ld.so.conf the configuration of the dynamic Link program (Linker).

/etc/inittab in chronological terms, this is the first configuration file in UNIX. The first program that starts after a UNIX machine is opened is init, and it knows what to start, which is due to the existence of the inittab. When the runlevel changes, Init reads Inittab and then controls the start of the main process.

/etc/termcap a database that contains all possible terminal types and the performance of those terminals.

--------------------------------------------------------------------------------

Daemon process

A daemon is a program that runs in non-interactive mode. In general, daemon tasks are related to networking zones: They wait to connect to provide services over a connection. Linux can use many daemons from a WEB server to an FTP server.

/etc/syslogd.conf the configuration file for the syslogd daemon. SYSLOGD is a daemon that is responsible for recording (writing to disk) messages sent from other programs to the system. This service is especially used by certain daemons, which do not have another way to emit signals that may be problematic or to send messages to users.

/etc/httpd.conf the WEB server Apache configuration file. This file is generally not in/etc. It may be in/usr/local/httpd/conf/or/etc/httpd/conf/, but to determine its location, you will also need to check for specific Apache installation information.

/etc/conf.modules or/etc/modules.conf Kerneld configuration file. Interestingly, Kerneld is not a "daemon" kernel. It is actually a daemon that is responsible for "fast" loading additional kernel modules when needed.

--------------------------------------------------------------------------------

User Program

In Linux (and General UNIX), there are countless "user" programs. The most common type of user program configuration file is/etc/lynx.cfg. This is the configuration file for the famous text browser lynx. With this file, you can define a proxy server, the character set to use, and so on. The following code sample shows part of the Lynx.cfg file, and modifying this part of the code can change the proxy server settings for the Linux system. By default, these settings apply to all users who run lynx in their own shell, unless a user resets the default profile by specifying--CFG = "Mylynx.cfg".

The proxy server in/etc/lynx.cfg is set.

. H1 Proxy. H2 http_proxy. H2 https_proxy. H2 ftp_proxy. H2 gopher_proxy. H2 news_proxy. H2 Nntp_proxy

# Lynx version 2.2 and beyond supports the use of proxy servers that can act as

# Firewall gateways and caching servers. They is preferable to the older

# gateway servers. Each protocol used by Lynx can mapped separately using

# Protocol_proxy environment variables (see Lynx Users Guide). If you have

# not set them externally, you can set them at run time via the this configuration file.

# They would not override external settings. The No_proxy variable can be used

# to inhibit proxying-selected regions of the WEB (see below). Note that on

# VMS These proxy variables is set as process logicals rather than symbols, to

# Preserve lowercasing, and'll outlive the Lynx image.

#. Ex http_proxy:http://proxy3.in.ibm.com:80/ftp_proxy:http://proxy3.in.ibm.com:80/

#http_proxy: http://penguin.in.ibm.com:8080

#ftp_proxy: http://penguin.in.ibm.com:8080/. H2 No_proxy

# The No_proxy variable can be a comma-separated list of strings defining

# No-proxy zones in the DNS domain name space. If a tail substring of the

# Domain-path for a host matches one of the these strings, transactions with that

# node is not being proxied. . ex no_proxy:demiurge.in.ibm.com, Demiurge

--------------------------------------------------------------------------------

Change the configuration file

If the program is not controlled by the system administrator or the kernel when the configuration file is changed, make sure that the program that uses the configuration is restarted. Normal users typically do not have permission to start or stop system programs and/or daemons.

Kernel

Changing the configuration file in the kernel immediately affects the system. For example, changing the passwd file to increase the user will immediately make the user available. And there are some kernel tunable parameters in the/proc/sys directory of any Linux system. Only Superuser can get write access to all of these files, while other users have read-only access rights. The classification of files in this directory is the same as the way the Linux kernel source code is categorized. Each file in this directory represents a kernel data structure that can be modified dynamically to alter system performance.

Note: Before you change any of the values in any of these files, you should make sure that you fully understand the file to avoid irreparable damage to the system. Files in the/proc/sys/kernel/directory

Filename

Describe

The maximum number of tasks that the Threads-max kernel can run. Ctrl-alt-del if the value is 1, then pressing these keys in order will "completely" reboot the system. SysRq If the value is 1,ALT-SYSRQ, the activation state. Osrelease displays the operating system's release version number OSType displays the type of operating system. The host name of the hostname system. DomainName the network domain, the system is part of the network domain. MODPROBE Specifies whether the modprobe should run automatically at startup and load the required modules.

Daemons and System programs

The daemon is a program that runs in the background forever, and it silently executes its own task. Common daemons are IN.FTPD (FTP server daemon), in.telnetd (Telnet Server daemon), and syslogd (System logging daemon). Some daemons monitor the configuration file closely at run time and reload it automatically when the configuration file changes. However, most daemons do not automatically reload the configuration file. We need to "tell" in some way that these daemon profiles have been changed and should be reloaded. You can do this by restarting the service using the Service command (on the Red Hat Linux system).

For example, if we change the network configuration, we need to issue: Service network restart.

Note: The most common of these services is the script that exists in the/etc/rc.d/init.d/* directory, which is initiated by Init when the system is booted. Therefore, you can also restart the service by doing the following:/etc/rc.d/init.d/<script-for-the-service> start | Stop | Status start, stop, and status are the input values that these scripts accept to perform the operation.

User Program

The user or System program reads its configuration file each time it is started. However, keep in mind that some system programs do not behave the same when the computer is opened, and their behavior depends on what is read in the configuration file in/etc/. Therefore, the default configuration is read from a file that exists in the/etc/directory the first time the user program starts. The user can then customize the program by using the RC and. (dot) files, as shown in the following section.

--------------------------------------------------------------------------------

User profiles:. (dot) files and RC files

We've seen how easy it is to configure the program. But what if someone doesn't like how to configure the program in/etc/? "Normal" users can not simply enter/etc and then change the configuration file, from the point of view of the file system, the owner of the configuration file is the root user! This is why most user programs define two profiles: The first is the "system" level, located in/etc/, and the other belongs to the user "private", which can be found in his or her home directory.

For example, I have a very useful wget utility installed in my system. There is a/etc/wgetrc file in the/etc/. In my home directory, there is a file named. WGETRC, which describes my custom configuration (this configuration file will only be loaded when I, the user runs the wget command). Other users can also have. wgetrc files in their own home directory (/home/other); Of course, only those users will be able to read this file when they run the wget command. In other words, the/etc/wgetrc file provides a "default" value for Wget, and the/home/xxx/.wgetrc file lists the custom items for a user. It is important that this is only a "general rule", not all cases. For example, a program like pine, which does not have any files in/etc/, has a custom configuration file in the user's home directory, named. Pinerc. Other programs may have only the default profile in/etc/and may not allow users to "customize" these profiles (only a few config files in the/etc directory.) File is the case).

RC and. (point) files commonly used

Filename

Describe

~/.bash_login please refer to "Man bash". If ~/.bash_profile does not exist, Bash takes ~/.bash_login as ~/.bash_profile processing.

~/.bash_logout please refer to "Man bash". It is referenced by the bash login shell when exiting.

~/.bash_profile referenced by the bash login shell after referencing/etc/profile.

~/.bash_history a list of previously executed commands.

~/.BASHRC please refer to "Man bash". By bash non-logon interactive shell references (no other files). Non-interactive shells do not reference any files unless bash_env or ENV is set.

~/.emacs is read by EMAC when it starts.

~/.forward If this contains an e-mail address, all messages sent to the owner will be forwarded to this email address.

~/.FVWMRC ~/.FVWM2RC fvwm and fvwm2 (basic X Window Manager) configuration file.

~/.hushlogin please refer to "Man login". Causes a "silent" login (no email notification, last login information, or MOD information).

~/.mail.rc the user initialization file for the mail program.

A directory of ~/.NCFTP/NCFTP programs that contain bookmarks, logs, macros, preferences, and tracking information. See Man NcFTP. The purpose of the NCFTP is to provide a powerful and flexible interface for the Internet standard File Transfer Protocol, the Internet standards files Transfer Protocol. It is intended to replace the standard FTP program used by the system.

~/.profile please refer to "Man bash". If the ~/.bash_profile and ~/.bash_login files do not exist, Bash takes ~/.profile as ~/.bash_profile and is used by other shells that inherit Bourn.

~/.PINERC Pine configuration ~/.muttrc Mutt configuration ~/.EXRC This file can control the configuration of VI. Example: Set AI sm ruler writing the above line in this file causes VI to set the options for automatic indentation, matching parentheses, displaying line numbers, and row-column.

~/.VIMRC the default "Vim" configuration file. Same as the. Exrc.

~/.GTKRC Gnome Toolkit (Gnome Toolkit). ~/.KDERC KDE configuration.

~/.NETRC FTP Default login name and password.

~/.rhosts is used by R-tools such as rsh, Rlogin, and so on. Because impersonating a host is easy, security is very low. 1. Must be owned by the user (owner of the ~/) or Superuser. 2. List some hosts from which users can access the account. 3. If it is a symbolic link, it is ignored.

~/.RPMRC See "Man rpm". If/ETC/RPMRC does not exist, it is read by RPM.

The ~/.signature message text is automatically appended to the end of the message sent from this account.

~/.TWMRC TWM (The Window Manager) configuration file.

~/.XINITRC is read by X at startup (rather than by the Xinit script).  Some programs are usually started. Example: Exec/usr/sbin/startkde If the above line is present in the file, this line launches the KDE Window Manager (KDE window manager) When the STARTX command is issued from this account.

~/.XMODMAPRC This file is transferred to the XMODMAP program and can be named any file (for example, ~/. Xmodmap and ~/.keymap.km).

~/.XSERVERRC if Xinit can find the X,xinit to execute, the file will be run as an X server.

~/news/sent-message-ids The default message history file for Gnus.

~/. Xauthority is read and written by the XDM program to handle permissions. See the X, XDm, and Xauth online help pages.

~/. Xdefaults, ~/. Xdefaults-hostname is read by the X application during the startup of the host hostname. If the-hostname file is not found, find it. Xdefaults file. ~/. Xmodmap points to. xmodmaprc;red Hat has a. xinitrc file with this name.

~/. Xresources is typically the name of the file that is passed to Xrdb to load the X resource database, and is designed to avoid the application needing to read a very long. Xdefaults files in this case. (In some cases, ~/has been used.) Xres. ) ~/mbox the user's old messages.

http://www.ibm.com/developerworks/cn/linux/management/configuration/#ibm-pcon

Understanding Linux Profile Classification and usage

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.