Linux Component Configuration

Linux

Published

June 21, 2010

Modified

February 15, 2024

Kernel Modules

Linux kernel can be extended with additional modules…

…without the need to reboot the system
…modules are extra kernel code …build into .ko object files
….executed in kernel-space in the unrestricted mode
Modules commonly enable…
- …device drivers for hardware
- …support for file-systems
- …additional system calls
…automatically loaded when needed

`/lib/modules`

Modules are located in the /lib/modules/$(uname -r)/kernel/$subsystem/ directory…

…modules can have dependencies to other modules
- …/lib/modules/$(uname -r)/modules.dep …list of kernel module dependencies
- …generated with depmod …part of the kmod package
…modules have parameters to adjust their behaviour

# list all available kernel modules
find /lib/modules/$(uname -r) -type f -name \*.ko

lsmod …list all currently loaded kernel modules

…first column …names of currently loaded modules
…second column …amount of memory per module in kilobytes
…last column …number, and optionally the names of modules that are dependent

`modinfo` & `modprobe`

modinfo $module …display information about any kernel module

…not required that the modules is loaded
…parm entries show parameters …type of value they expect

modprobe $module …load the relevant kernel module at run-time

…will not persist after rebooting the system
modprobe -r …unload the relevant kernel module

systool -v -m <name>                          # list the options that are set for a loaded module
modprobe -c | less                            # comprehensive configuration of all the modules
modprobe --show-depends <name>                # list dependencies of a module
insmod <path> <args>                          # load a module from a file
rmmod <name>                                  # ^^
/etc/modules                                  # list of modules to load at boot
/etc/modules-load.d/*.conf                    # ^^
/etc/modprobe.d/*.conf                        # module parameter configuration

Users

Command-line tools…

id        # user and group information (defaults to $USER)
su        # execute command as different user ID
useradd   # create user configuration
usermod   # modify user configuration
userdel   # delete user configuration

groups    # list groups associated to user (defaults to $USER)
newgrp    # change the current group ID during a login session
sg        # execute command as different group ID
groupadd  # create group configuration
groupmod  # modify group configuration
groupdel  # delete group configuration

Numeric UID/GID ranges…see /etc/login.defs

0-200…same on all systems (depending on the distribution)
201-999…dynamically allocated system users/groups
1000-59999…dynamically allocated user accounts
60000-64999…allocated by the distribution
65000-65533…reserved
65534…user nobody
65536-4294967293…dynamically allocated user accounts

# list all the users with a GID of 0-999
cut -d: -f 1,4 /etc/passwd \
      | egrep ":[1-9][0-9]{2}$|:[0-9]{1,2}$" \
      | sort -t':' -k 2

`/etc/group`

/etc/group group file…man 5 group…

…defines the groups on the system
…one entry per line…colon-separated fields…
- group_name…
- password…empty (no password needed)…(encrypted) group password
- GID…numeric group ID
- user_list…list of the usernames…separated by commas

group_name:password:GID:user_list

`/etc/passwd`

/etc/passwd password file…man 5 passwd…

…describes user login accounts for the system
…x character in the password field…
- …uses shadow password suit
- …/etc/shadown substitutes with encrypted passwords
…each line of the file describes a single user
- name…login name
- password…x for shadow file
- UID…numeric user ID (0 for root)
- GID…primary group ID
- GECOS…optional information about user
- directory…user’s home directory..sets $HOME
- shell…program to run at login

name:password:UID:GID:GECOS:directory:shell

`useradd` & `groupadd`

groupadd…creates a new group account

…up to 32 characters long
…lower and upper case letters
…digits, underscores, or dashes
…dash not allowed at the beginning

# add a new group
sudo groupadd -g $GID $name
# modify a GID...reassign file to new ID
sudo groupmod -g $GID $name
sudo find / -gid $GID_OLD -exec chgrp $GID_NEW {} \;

useradd …create a new user …/etc/default/useradd default configuration

# create user associated to multiple groups
sudo useradd -u $UID -g $group_primary -G $group_secondary,$group_secondary $name
# modify a UID...reassign file to new ID
sudo usermod -u $UID $name
sudo find / -uid $UID_OLD -exec chown $UID_NEW: {} \;

`logrotate`

Rotate log files in /var/logs…

…configuration in /etc/logrotate.conf…
- …default configuration for log rotation
- …weekly rotation
- …create new (empty) files after rotation
- …dateext use date as suffix
…includes /etc/logrotate.d/ sub-directory
- …service specific configuration files
- …notifempty rotate unless empty
- …missingok error if the log file is missing
- …copytruncate…close file…copy…rename…zero file
- …olddir PATH move rotation files to directory

# manually...
logrotate /etc/logrotate.conf
logrotate /etc/logrotate.d/$service
# dry-run...
logrotate --debug /etc/logrotate.d/$service

--- title: Linux Component Configuration categories: - Linux date: 2010/06/21 date-modified: 2024/02/15 toc-expand: 3 --- # Kernel Modules Linux kernel can be extended with additional modules... - ...without the need to reboot the system - ...modules are **extra kernel code** ...build into **`.ko` object files** - ....executed in kernel-space in the unrestricted mode - Modules commonly enable... - ...device drivers for hardware - ...support for file-systems - ...additional system calls - ...automatically loaded when needed ## `/lib/modules` Modules are located in the `/lib/modules/$(uname -r)/kernel/$subsystem/` directory... - ...modules can have dependencies to other modules - ...`/lib/modules/$(uname -r)/modules.dep` ...list of kernel module dependencies - ...generated with `depmod` ...part of the `kmod` package - ...modules have parameters to adjust their behaviour ```sh # list all available kernel modules find /lib/modules/$(uname -r) -type f -name \*.ko ``` `lsmod` ...list all **currently loaded kernel modules** - ...first column ...names of currently loaded modules - ...second column ...amount of memory per module in kilobytes - ...last column ...number, and optionally the names of modules that are dependent ## `modinfo` & `modprobe` `modinfo $module` ...display information about any kernel module - ...not required that the modules is loaded - ...`parm` entries show parameters ...type of value they expect `modprobe $module` ...load the relevant kernel module at run-time - ...will not persist after rebooting the system - `modprobe -r` ...unload the relevant kernel module ```sh systool -v -m <name> # list the options that are set for a loaded module modprobe -c | less # comprehensive configuration of all the modules modprobe --show-depends <name> # list dependencies of a module insmod <path> <args> # load a module from a file rmmod <name> # ^^ /etc/modules # list of modules to load at boot /etc/modules-load.d/*.conf # ^^ /etc/modprobe.d/*.conf # module parameter configuration ``` # Users Command-line tools... ```sh id # user and group information (defaults to $USER) su # execute command as different user ID useradd # create user configuration usermod # modify user configuration userdel # delete user configuration groups # list groups associated to user (defaults to $USER) newgrp # change the current group ID during a login session sg # execute command as different group ID groupadd # create group configuration groupmod # modify group configuration groupdel # delete group configuration ``` Numeric UID/GID ranges...see `/etc/login.defs` - `0-200`...same on all systems (depending on the distribution) - `201-999`...dynamically allocated system users/groups - `1000-59999`...dynamically allocated user accounts - `60000-64999`...allocated by the distribution - `65000-65533`...reserved - `65534`...user `nobody` - `65536-4294967293`...dynamically allocated user accounts ```sh # list all the users with a GID of 0-999 cut -d: -f 1,4 /etc/passwd \ | egrep ":[1-9][0-9]{2}$|:[0-9]{1,2}$" \ | sort -t':' -k 2 ``` ## `/etc/group` `/etc/group` group file...`man 5 group`... - ...defines the groups on the system - ...one entry per line...colon-separated fields... - `group_name`... - `password`...empty (no password needed)...(encrypted) group password - `GID`...numeric group ID - `user_list`...list of the usernames...separated by commas ``` group_name:password:GID:user_list ``` ## `/etc/passwd` `/etc/passwd` password file...`man 5 passwd`... - ...describes user login accounts for the system - ...`x` character in the password field... - ...uses shadow password suit - ...`/etc/shadown` substitutes with encrypted passwords - ...each line of the file describes a single user - `name`...login name - `password`...`x` for shadow file - `UID`...numeric user ID (`0` for root) - `GID`...primary group ID - `GECOS`...optional information about user - `directory`...user's home directory..sets `$HOME` - `shell`...program to run at login ``` name:password:UID:GID:GECOS:directory:shell ``` ## `useradd` & `groupadd` `groupadd`...creates a new group account - ...up to 32 characters long - ...lower and upper case letters - ...digits, underscores, or dashes - ...dash not allowed at the beginning ```sh # add a new group sudo groupadd -g $GID $name # modify a GID...reassign file to new ID sudo groupmod -g $GID $name sudo find / -gid $GID_OLD -exec chgrp $GID_NEW {} \; ``` `useradd` …create a new user …`/etc/default/useradd` default configuration ```sh # create user associated to multiple groups sudo useradd -u $UID -g $group_primary -G $group_secondary,$group_secondary $name # modify a UID...reassign file to new ID sudo usermod -u $UID $name sudo find / -uid $UID_OLD -exec chown $UID_NEW: {} \; ``` # `logrotate` Rotate log files in `/var/logs`... - ...configuration in `/etc/logrotate.conf`... - ...default configuration for log rotation - ...`weekly` rotation - ...`create` new (empty) files after rotation - ...`dateext` use date as suffix - ...includes `/etc/logrotate.d/` sub-directory - ...service specific configuration files - ...`notifempty` rotate unless empty - ...`missingok` error if the log file is missing - ...`copytruncate`...close file...copy...rename...zero file - ...`olddir PATH` move rotation files to directory ```sh # manually... logrotate /etc/logrotate.conf logrotate /etc/logrotate.d/$service # dry-run... logrotate --debug /etc/logrotate.d/$service ```

Kernel Modules

/lib/modules

modinfo & modprobe

Users

/etc/group

/etc/passwd

useradd & groupadd