Category Archives: Linux

Kernel Modules or Putting it all Together

Leave a reply

The Linux® kernel is not one huge thing that can run every hardware ever made and talk to every application ever created.  Can you imagine that? It would be huge and every time something new was added, you’d have to add it on.  Even if it wasn’t anything you needed.  Instead, the kernel is a modular kernel, which means you can add pieces on as needed.  These pieces are called modules.

It’s like Lego® blocks.  You add the blocks on that you need but you don’t have to use every single one.

Lego Blocks

Lego Blocks

Just like that picture.  If I’m making a wall, I don’t need to add this head:

Lego Head

Lego Head

It doesn’t make any sense to add that to a wall, does it?  But if the rule is ‘use every single Lego® block you own no matter what’, then even if you’re making a wall, you have to add that on .  Maybe to the top, it would be good at scaring intruders, or at least making them laugh.

With the Linux® kernel, you don’t have to do that.  You can use modules to build your kernel so it does exactly what you need and nothing more.

It’s hard to find computing hardware that Linux® won’t support.  It runs motherboards, networking connections, webcams, security systems, CDs, DVDs, mice, keyboards, card readers, I could go on and on.  In fact, it might be easier to list things it doesn’t support, but… I really can’t think of anything.  If someone really wants to use Linux® to run a piece of hardware, they’ll either write the kernel module or find someone to write it for them.

You may not use all of the modules in Linux® but when you download the source code for it from https://kernel.org (that’s where the most recent source code is) you do get almost all of the modules along with it.  You can pick and choose which parts you want when you build it, which is something we’ll talk about in the future.  That’s because it’s about how to compile a program from source code, a more advanced topic than this.

I said ‘almost all’ because sometimes hardware manufacturers offer the modules separately.  It depends on the manufacturer and the people that maintain the kernel source code.

Kernel of the Matter

Leave a reply

We’ve talked about how your computer gets places on the Internet.  Now let’s talk about how your computer, well, works!  How does Linux® do its thing, aside from  typing commands at the command line?  It’s called the kernel and it’s the core (or kernel) of the operation of your system.

So it’s not like the kernel of your popcorn, it’s more like the thing in the middle.  Like Nick Fury.  He’s always in the middle of the Avengers keeping things going.  Or making things go.  He’s always up to something.

Nick Fury

Nick Fury

He showed up with that helicarrier at the end of The Age of Ultron, didn’t he? He made that happen and got the Avengers (and the towns people) from the flying in the sky town (something I never want to see) and on to safety.

That’s what the kernel does.  It’s in between the hardware and the software.  Like this picture:

What the Kernel Does

What the Kernel Does

Linus Torvalds made the first Linux® kernel in 1991 for his own system. These days it runs on all sorts of things, but back then, he just wanted something for his own computer.

So how does it control your hardware?  It uses things called device drivers.  It lets you type on your keyboard and have it show up on a screen, or print to a printer, or read a CD, or read a USB, or… you get the idea.  It’s really flexible.

The kernel is also  modular.  That means that it isn’t one huge thing that keeps things going, but it’s made up of lots of little systems that put it all together and make it go.

It’s kind of like a Death Star built from Legos.  It needs all the parts together to make it a Death Star, but you can leave pieces off and still mostly have a Death Star.  You can add pieces to it and it’ll be a Death Star with more abilities.  Like if someone added an ice cream maker to the Death Star.  Or a spa for the emperor.  It’s still the Death Star and still acts like it, it’s just more!

 

SuperUser aka Root

Leave a reply

Before we go back into the world of Linux (having spent time in the world of networking), let’s talk about users again.  In particular, the SuperUser also known as Root.  Root is his every day name, SuperUser is his power!  And with great power comes great responsibility.

Groot not Root

Groot not Root

That’s Groot, not root, even though they rhyme.  Groot is a superhero, root is a superuser, and root doesn’t go around saying ‘I am Groot’ all the time.  They’re both super though.

SuperUsers’s great power is that he can do anything on a system and  I do mean, anything.  You change the permissions on your file so that you’re the only one that can see it?  Well, the superuser can see it too. He’s all powerful like Superman, but without that annoying green rock allergy.

His username is root and because he’s so powerful, he shouldn’t be logged in unless he’s absolutely needed.  The administrator of your system shouldn’t keep him logged in, but there’s a command to see who is logged in.  It’s called who.

Alpha:~ computerlamp$ who
computerlamp  console  Mar 17 08:01

There I am, logged into the system and I don’t have root logged into my system right now and that’s a good thing.

Since root is a user, he (or she!) has a password.  If you know the password, you can become root.  Like IronMan putting on his suit or BatMan suiting up, you can put on the root armor and be… SuperUser!  And like I always say, there’s a command for that.  This one is called su.

Alpha:~ computerlamp$ su
Password:
Alpha:~ :~ root#

You have to know the password in order for it to work.  If you don’t know the password, don’t try to do this.  It means you don’t have the permission to do it and if you try, you’re attempting to go around the system’s security and that’s a bad thing.  It’s like trying to lift Thor’s hammer and you’re not worthy.

If your root password gets out, then that’s a security problem.  When we made the shield group to hide the helicarrier plans, we thought we were safe from prying eyes.  But if Hydra got the root password, it wouldn’t matter.  That’s why it’s so important to keep that root password safe. The administrator of the system shouldn’t share it with anyone who doesn’t absolutely need it.

Ping — Are You There Computer?

Leave a reply

We talked about traceroute, that’s a way to see how your traffic gets to its destination.  Like putting a GPS tracker on someone and saying ‘now how did you get to the comic book store?’.  What if you want to know ‘is the other computer on the network’?  Not how do I get there, but just are you there?  There’s a command for that!  It’s called ping.

ping is a way of saying ‘are you alive?’ to another computer.  It doesn’t mean the computer is actually doing anything worthwhile, but it does mean that the computer is talking on the network.

It’s like playing ping pong.

One Person Ping Pong

One Person Ping Pong

Pretend that there’s a field that blocks your view of the other guy.   You hit the ball over to him and the only way you’re sure he’s over there is if he hits it back to you. He could be there and just not in the mood to hit, but you don’t know because you can’t see him.

Alpha:~ computerlamp$ ping www.google.com
PING www.google.com (216.58.217.132): 56 data bytes
64 bytes from 216.58.217.132: icmp_seq=0 ttl=54 time=16.306 ms
64 bytes from 216.58.217.132: icmp_seq=1 ttl=54 time=15.747 ms
64 bytes from 216.58.217.132: icmp_seq=2 ttl=54 time=15.769 ms
64 bytes from 216.58.217.132: icmp_seq=3 ttl=54 time=15.342 ms
64 bytes from 216.58.217.132: icmp_seq=4 ttl=54 time=16.163 ms

If you try it, you’ll see that it keeps pinging along and it’ll keep going until you hit control-C to stop it.  When you do that, you’ll see:

^C
--- www.google.com ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 15.342/15.865/16.306/0.341 ms

It’s nice how it keeps up with the statistics, doesn’t it?  And it tells you how long the ping took in milliseconds.

Suppose we know we only want to ping a computer a couple of times.  There’s a flag for that!

Alpha:~ computerlamp$ ping -c 2 www.marvel.com PING www.marvel.com (72.32.138.96): 56 data bytes 64 bytes from 72.32.138.96: icmp_seq=0 ttl=242 time=51.122 ms 64 bytes from 72.32.138.96: icmp_seq=1 ttl=242 time=50.637 ms — www.marvel.com ping statistics — 2 packets transmitted, 2 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 50.637/50.880/51.122/0.243 ms

If your favorite website is down, or not responding to your polite web request, then a good first step is to ping it.  Maybe the entire computer is down and if it is, well, maybe you could try a traceroute next.  A traceroute might tell you if the computer is down or if there’s something down between you and the computer.

In other words, ping is a useful networking tool to keep in your Linux® bag of tricks.

 

CIDR Addressing: What is it?

Leave a reply

A collection of IP addresses is a network.  We want the addresses to be contiguous, that means they should be right next to each other.  We want 127.0.0.1, 127.0.0.2, 127.0.0.3, not the addresses 127.0.0.1, 192.168.5.4 and 8.8.8.8.  Those first three are next to each other, the next three are all over the Internet.  Instead of listing everything in a network, CIDR addressing lets us use one thing to mean the whole network. We could list everything out.  That would take too long.  I want a shorthand.

An IP address is also a 32 bit number.  Instead of writing 192.168.0.5,  I could do:

1 1 0 0 0 0 0 0 1 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1

That’s quite a mouthful, isn’t it? All 32 1’s and 0’s.  Imagine having to type that every time.

Back to CIDR addressing and networks.  To create a network, we say, ‘okay, the first 24 of these 32  1’s and 0’s cannot change!’.  Like on the Millennium Falcon the hyperdrive goes wonky and 24 of the 32 switches Han and Chewie need to flip won’t flip.  They’re stuck.  But they can flip any of the other 8.  Of course, that’s when the Empire shows up and tries to shoot them out of the sky, but that’s not the point of CIDR addressing and networks.

Back to CIDR addressing.  We fix the first 24 bits.  That looks like:

1 1 0 0 0 0 0 0 1 0 1 0 1 0 0 0 0 0 0 0 0 0

And now we let the last 8 bits be aaaaanything they want.  They can be 1 0 0 1 1 0 0 1, 1 1 1 1 1 1 1 1, or any other combination you can dream up.  Each one of those combinations makes a number.  And (insert math magic here) an 8 bit number is anything between 0 and 255.

Moving away from the 1’s and 0’s for a moment, what we’ve done is said ‘ok, the first part of my network is 192.168.0’.  The ‘second part of my network is any number between 0 and 255’.

In CIDR addressing terms, we’ve made 192.168.0/24.  That 24 is from those 24 1’s and 0’s we fixed.

You can fix any number of bits between 0 and 32.  If you fix 0 bits, then you’re listing every single IP address in the Internet.  If you fix all the bits, well, your network is just a single IP address.

Netmask

Leave a reply

The last post talked about how to find your gateway, also known as your first hop.  In the output to netstat there was a weird thing called a Genmask.  We’re going to talk about that and something called a netmask this time.

It isn’t the same thing as the mask Batman wears.  It isn’t even the same thing as the helmet Iron Man wears.  It’d be cool if it was, then we could have a helmet over the computer and wouldn’t that just be too cool for words?  But it isn’t, it’s just a fancy way of saying something else.

So the first thing, your computer is part of a local network.  It might not seem that way because you’re using a cable provider or DSL or wireless at a library or however you’re using the Internet, but there’s a local network your computer is part of.  We’ll pretend it’s 256 computers.  It makes things easier to begin with.

The first part of your IP address is the network that it is a part of.  So if your IP address is 192.168.0.25 then the network part of that IP address is 192.168.0.  (Why is that true?  Remember how I said that every part of an IP address is a number between 0 and 255? So that last dotted quad can be any number between  0 and 255 and there’s 256 numbers right there.)

Back to talking about networks!  We now know what your network is, that’s a start.  We also know that there’s 255 possible other IP addresses in that network.

The netmask (or subnet mask or network mask your choice!) is another way of saying this.  The netmask for your network is 255.255.255.0.  That means that the first three quads are fixed and the last is allowed to roam free!  Free!  Free as a bird!

Wait, I digress.  It also means that those are the computers you don’t need routing for because you’re all together.  There’s all different sizes of networks, next time we’ll talk about some more and how we write them in shorthand notation.

Wait, I almost left off genmask!

Alpha:~ computerlamp$ netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.0.2.0       0.0.0.0         UG        0 0          0 eth0

If 255.255.255.0 means that that last quad can be anything, then 0.0.0.0 means that, well, anything goes!  You can put any IP address in those spots that you want  In other words, this Gateway (192.0.2.0) is how you get anywhere from your computer, no matter what.

That First Hop

1 Reply

In the last post we talked about how your data moves around the Internet, which is neat and all, but how does your computer know how to take that first hop?  Somehow your data has to get onto the route to get to www.google.com.  When you get into a car to take a ride to the comic book store, or the gaming store, or the computer store, you open the door to your home and step out through that.  That’s what your computer does, it takes the gateway to the Internet to get anywhere on the Internet.

Like in Star Trek, when they step onto the transporter to go somewhere, that’s their first hop.  Or in Portal, when you jump through the portal to go anywhere, that’s your first hop.

But what’s the computer’s first hop? If you’re reading this blog from your home Linux® system, you had to get here somehow.

And of course, there’s a command for that!  It’s called netstat.

Alpha:~ computerlamp$ netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         192.0.2.0       0.0.0.0         UG        0 0          0 eth0

Now the next question:  What in the world does that mean?  Looks kind of like nonsense, right?  Kind of what you’d see when watching The Avengers, they’d show it on one of the screens so it would look official, even if it is just a status report.

The Iface at the end of the report is the hardware that the computer uses to connect to the Internet.  It’s usually called eth0, or ethernet 0.  If you have multiple interfaces on your computer, you might see eth1, eth2, eth3, or more.  Sometimes you’ll see lo0 as an interface.  That’s the interface that the computer uses to talk to itself on the Internet.  Isn’t that weird?  Your computer talks to itself on the network and to make that happen, it has a hardware interface to do it.

The IP address under Gateway is the IP address that your computer uses as its first hop.  We’ll talk about masks next time, for now, you can read more in the man page.  Of course there’s a man page, there’s always a man page!

 

History

1 Reply

Remember that teacher who never forgot a single thing in history? Who could not only tell you what General Custer was wearing at his last stand but the grade you got on your last test?

Well, bash, the shell you’re using in your command line has the same thing. It’s called history. How original! You use the command history to see your history. Okay, maybe not original. Maybe it should be called thingsIdid or whatIdid. Anyway, it looks like:

Alpha:~ computerlamp$ history
    1  ls
    2  pwd
    3  cd
    4  history

See?  Those are the last four commands I happened to type.  Bash is like that teacher, it doesn’t forget.

It’s also useful to combine history with a grep:

Alpha:~ computerlamp$ history | grep ls
    1  ls
    5  history | grep ls

So if you forget ‘exactly how did I do that find command?’ you can, well, find it!

Another way in bash to see your history is to hit the up arrow at the command line.  You’ll see previous commands that you executed and can hit enter and run them again.  If I hit the up arrow ↑ I get:

Alpha:~ computerlamp$ history | grep ls

Which, guess what? It’s the command I just typed.

Your history can contain 500 (or more) commands… and that’s a lot to see. To see the last 10 commands you typed, try this:

Alpha:~ computerlamp$ history 10
    4  ls
    5  echo "Stop Hydra" >plans
    6  ls
    7  history
    8  fortune
    9  yes
   10  find . -type f
   11  ps auxw
   12  ps
   13  history 10

See those numbers before each command? They’re useful too. You can either hit that up-arrow until you find the command you’re looking for (boy, that’s boring) or you can do:

Alpha:~ computerlamp$ !8
fortune
You learn to write as if to someone else because NEXT YEAR YOU WILL BE
"SOMEONE ELSE."

Now you don’t have to remember every command flag you’ve ever used, bash does it for you.

 

Finding Processes

Leave a reply

Now that we know that processes run, how can we go about finding processes?  There must be some way to find a particular process… like if I want to find every process that has the letter a in the name. Or if I want to find every process that has a name like ‘insight’ because I’m sure Hydra is running something on my system and I want to know what it is.  Or if I want to know every process that’s being run by a user with the name hydra.

You get the idea.  I want to find processes!

To do this, we’re going to combine two commands.  The first is ps, that useful command that lists the processes.  The second is that useful command grep that we used to find things in files.

ps auxw shows you every single process that’s currently running on a system.  On a system that’s very very busy, this can be a lot.  There’s 65536 processes allowed at any time, so combing through those looking for hydra (or Hydra or hYdRa) would take too long.  I’m lazy!  I want the system to do it for me!

From this post we know that grep has an option where it ignores case.  This means it can find hydra, Hydra, HYdra, HyDrA, or… I’m stopping that now.  It means you can find any combination of the 5 letters hydra no matter what capitals you use.

Now that we have those two commands, we’re going to combine them.  Remember this post on pipes?  We can take the output from one command, ps and pipe it through to the other command, grep.

Alpha:~ computerlamp$ ps auwx | grep -i hydra

Nothing was found from that command.  Hurray!  No Hydra user on the system!

…unless they’re hiding themselves.  Alexander Pierce didn’t have a username of Hydra.  He was hiding and probably had a user name of apierce or alexander or alexander.pierce or even supersecretary.  But not something we could actually look for in ps.

Remember ps a from this post? It showed what processes you were running in a single terminal.  If you want to see every single process you were running, no matter what terminal, then this combination of ps and grep  would work for you!

Alpha:~ computerlamp$ ps auwx | grep -i computerlamp

Finding processes is easy with that combination of ps and grep!

Silly Commands

Leave a reply

In honor of New Year’s Day, today we’re going to talk about more silly commands.

The first one is called yes

Alpha:~ computerlamp$ yes
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y
y

 

And it keeps going and going and going! It’s the Energizer Bunny of commands!

To stop it, hit control-C.  That’ll stop the Bunny, er, Y from streaming on your terminal.

So what’s this command for? Other than to fill your screen up with more y’s than should be legal. Well, remember from this post the xargs command? Some commands insist you sit there and type y over and over and over before they’ll finish. This command lets you do:

Alpha:~ computerlamp$ yes | xargs annoying_command

So you can be lazy and not type it over and over and… did I mention over? Then when that command finishes, your yes command will exit.

Linux® has lots of silly commands.  Another one has no redeeming feature at all. Aside from pure amusement. It’s called fortune.

Alpha:~ computerlamp$ fortune
Long life is in store for you.
Alpha:~ computerlamp$ fortune
Q:    What do you say to a New Yorker with a job?
A:    Big Mac, fries and a Coke, please!
Alpha:~ computerlamp$ fortune
So she went into the garden to cut a cabbage leaf to make an apple pie;
and at the same time a great she-bear, coming up the street pops its head
into the shop. "What! no soap?" So he died, and she very imprudently
married the barber; and there were present the Picninnies, and the Grand
Panjandrum himself, with the little round button at top, and they all
fell to playing the game of catch as catch can, till the gunpowder ran
out at the heels of their boots.
        -- Samuel Foote
Alpha:~ computerlamp$ fortune
You may worry about your hair-do today, but tomorrow much peanut butter will
be sold.

It even has a man page. You can type man fortune and see the flags it has too.

For example, if you only want short fortunes, then you could do:

Alpha:~ computerlamp$  fortune -s
How apt the poor are to be proud.
		-- William Shakespeare, "Twelfth-Night"

If you’re only interested in long fortunes, then you would do:

Alpha:~ computerlamp$  fortune -l
At once it struck me what quality went to form a man of achievement,
especially in literature, and which Shakespeare possessed so enormously
-- I mean negative capability, that is, when a man is capable of being
in uncertainties, mysteries, doubts, without any irritable reaching
after fact and reason.
		-- John Keats

The fortune command pulls it’s sayings from many different files. If you want to know what file the fortune came from, you would do:

Alpha:~ computerlamp$  fortune -c
(riddles)
%
Q:	How do you play religious roulette?
A:	You stand around in a circle and blaspheme and see who gets
	struck by lightning first.

As you can see, not all of the fortunes are polite.

So there you have it. Two silly commands found in Linux®.