Unix/Windows SysAdmin and Networking Notes

So here are some of my old notes from my last course at UBC that somebody might find useful. Some of the files are all jumbled up and have been written in a bunch of different programs so they show up funny in different editors/programs. The .rtf files are all the technical stuff dealing with Cisco. I am also going to try and put some of the scripts and different things that I have written in the last while in here when I get the chance. Enjoy!

(1) BOOT_PROM.txt  (2) Certs.txt  (3) Cisco_Password_Recovery.rtf  (4) EEPROM.txt  (5) NAT.txt  

(6) Nix_FileSystem.txt  (7) RIP_test.rtf  (8) Routing_Protocols.rtf  (9) Subnetting.rtf  (10) Switches.rtf  

(11) TCP.rtf  (12) Unix_Users.txt  (13) Unix_tapedrive.txt  (14) VLANs_STP.rtf  (15) at_&_cron.txt  

(16) basic_ios.rtf  (17) gpdeploy.txt  (18) grouppolicy.txt  (19) ras.txt  (20) root_change.txt  

(21) run_levels.txt  (22) ssh.txt  (23) swap_space.txt  (24) tcp_osi_model.rtf  (25) unix_client_server.txt  

(26) unix_interfaces.txt  

Managing the Solaris File System

The file system on solaris is a collection of files and directories that make up a structured set of information. There are 3 different types of file systems that are used on the solaris os: Disk-based file systems, distributed file systems, and Pseudo file systems.

Disk based file systems are those that are found on physical disks such as hard drives, floppys, CDs, and DVDs. Disk Based File systems include:

UFS (UNIX file system; based on the Berkely Fast File System)
HSFS (the High Sierra File System that is a special file system that is used on CD-ROMs)
PCFS (the PC file system is the UNIX version of DOS (disk operating system) which uses the FAT32 file allocation table. The PCFS allows UNIX machine to access DOS based file systems.
UDFS (The Universal Disk Format file system is used for optical storage media such as DVD and CD. Allows universal data exchange and supports read and write operations)

Distributed File Systems are used to provide network acces to file system resources. NFS is the most important of this type of file system. Network File System will make it appear as though files on a remote machine are part of the local directory structure.

Pseudo File Systems are memory based. These files are actually contained in the memory of the computer. This enable these file systems to be very fast. They also allow access to Kernel information and facilities.
tmpfs: temporary file system that stores files in memory. This speeds the file system up because it does not have to written or read from the disk. These files are destroyed each time the machine is rebooted.
swapfs: the swap file system is used and managed by the kernel to manage the swap partitions on the hard disks.
fdfs: file descriptor file system is used to provide defined names for opening and using files using file descriptors. (ex. /dev/fd/0, /dev/fd/1, /dev/fd/2) These are located in the /dev/fd directory!
mntfs: the mount file system provides read only information about the mounted file systems to the kernel.

The disk label (VTOC) is located in the first sector (512 byte physical block). Only the first disk slice contains a VTOC, although file systems created on any slice skip the first sector of the slice in case it does contain a VTOC.

The Boot Block or BootStrap Program (bootblk) is contained in the first 15 disk sectors on the slice following the VTOC (sectors 1-15). Only the Root (/) file system contains an active boot block. All file systems do however have space allocated for a boot block at the beginning of the file system just the same as they have a space allocated for a VTOC although they do not have one.

The Primary SuperBlock is located in the next 16 disk sectors after the Boot Block (Sectors 16-31). THis so called "Super Block" contains much of the information of the VTOC: the number of data blocks, number of cylinder groups, the size of the data block and fragment, a description of the hardware that is derived from the label (VTOC), and the name of the mount point. The SuperBlock also contains the File System State Flag which can be clean, stable, active, logging, or unknown.

Backup SuperBlocks are used to protect the system from failure if the Primary Superblock is corrupted. The backup Superblocks start at Sector 32.

Cylinder Groups are used to enhance performance of the file system. The minimum default size of each Cylinder group is 16. The enhancement in performance is achieved because the system will attempt to consolidate a file's data into one Cylinder Group. This reduces the distance the Head has to travel when accessing each file. The system will store large files across several cylinder groups.

Each Cylinder group contains a Cylinder group block that has the following information in it:
-the number of inodes in that cylinder group
-the number of data blocks in the cylinder group
-the number of directories in the cylinder group
-Free blocks, free inodes, and free fragments in the cylinder group
-the free block map
-the used inode map

THe UFS Inode
An inode contains information about a file. The information is the type of file and the access modes, the UID and GID of the file's owner and group, the size of the file, the link count on the file, the last accessed and modified dates and times for the file, and the total number of the data blocks on the disk that are used or allocated to the file. Think of when you do an ls -l. The information in each column for each file is from the inode for that file.

The Inode for each file also contains pointers. There are 2 types of Pointers listed in the Inode: direct pointers and indirect pointers. Each pointer references a data block. Inside each Inode are 12 pointers. These 12 pointers can each reference 8-Kbyte data blocks for a file taht is up to 96 Kbytes. (12*8=96K)

Indirect pointers - Think of the levels of indirect pointers as Power/Exponential.

Single Indirect Pointer - contains 2048 addresses of 8kbyte data blocks which can point to a total of 16MB of additional data.
Double Indirect Pointer - refers to a file system that contains single indirect pointers. Double Indirect pointers refer. 32GBs data
Triple Indirect Pointer - refers up to 64Tbytes of data. Max size of UFS file system is only 1Tbyte due to the max of 32 bit addressing for device drivers

Each data block is 8192 bytes. This is the actual size of 8Kbytes. Yes it is. Data blocks are divided or fragmented into 8 blocks of 1024 bytes each. Files less than 96Kbytes are stored in the file system using fragmentation. For files more than 96Kbytes, fragmentaion is not used and full blocks are allocated exclusively. If a file grows on a fragmented data block, the file is moved to another data block. The UFS file system does not allow fragments of the same file to be stored in two different data blocks.

Creating New File Systems
There are commands that are used to create the file systems. newfs and mkfs are the commands that can be used to do this. The newfs command must be used under the root user. This command is destructive and overwrites the information on the seldected slice. newfs is the front end to the mkfs command. # newfs /dev/rdsk/c0tod0s. Once you have located a free slice to create the new file system, use the newfs command, anwser yes to the confirmation. Once the command is run, the system will show the information about the slice that is being used. Once the newfs command has been done, you can use the # fstyp -v /dev/rdsk/c0t0d0s# to view the statistics for the drive such as the minimum free space, block size, fragments, max contiguous, fragment size. You can also use the tunefs command to adjust the values of some of these settings.

Checking the File System
The fsck command is used to check the integrity of the data on the disk. This utility can also correct or repair the inconsistencies or damage that is found. Do not use this command on Mounted file systems as it may cause damage to the files. The utility checks the Superblock, Cylinder Group, Inode, and Directory Data Blocks (cannot check ordinary data blocks) for consistency. The fsck command will put stray files and directories in the lost+found directory. It will take the Inode number of the file and use that as the file name.

During system boot the fsck utility runs in Non-interactive mode. When the utility is run in Interactive mode, the system will ask for confirmation from the user for the problems that are found. The fsck utility should only be run as root user on a single user system to avoid problems. You can also use fsck and reference a mount point or directory name. The mount point directories are listed in the /etc/vfstab file. (virtual file system table)

There are several options for the fsck command. fsck -o options. fsck -o f,p. The f option is force, the p option is preen. The force option will force the file system check regardless of the state of the system's superblock state flag. The preen option will check and fix the file system non-interactively. The program will quit and exit if there is a problem that requires input from the user. Common problems that are found are Allocated Unreferenced Files, Inconsistent Link Counts, Free Block Count Corruption, and Superblock Corruption.

If the fsck utility finds an Inode that is allocated but is not referenced in any directory, the utility will ask to reconnect the inode. Answering yes will save the file to the Lost+Found dir. Once the file has been moved to the L+F dir, you can use the "file" command to find out the type of file and use "cat" to view the file. Then place the file back where it should be or delete it if it is garbage.

If the fsck command finds a directory that has an inconsistent number of links (inode link counter does not match the number of actual directory links) you will be prompted to adjust the link counter.

If fsck finds that the number of unallocated blocks does not match up with the free block number in the Superblock, it will prompt you to correct the error. If the number of actual free blocks does not match it will update the number in the Superblock.

The Superblock is located in the second 16 blocks after the boot block. (blocks 16-31). The boot block is located in the first 15 blocks after the VTOC or Label. (sectors 1-15) The Backup Superblock is located on sector 32. If the Superblock is corrupted that slice will become unusable. You can then attempt to use the Backup SuperBlock for that slice. fsck -o b=32 /dev/rdsk/c0t0d0s0. The fsck utility will compare the information from the actual filesystem against the Backup Superblock and repair the filesystem.

Monitoring Disk and File System Usage
There are several commands that can be used to the usage of the file system such as free disk blocks, disk use summaries, and file system ownership. (df, du, and quot) The SMC can also be used to view the information about disk usage GRAPHICALLY.

The "df" command is used to display the amount of space used and available. (df -option mount_point) -a option will display the usage by all mounted file systems. -b option will print total number of Kbytes free. -e will print the number files free. -k will display the disk allocation in Kbytes. -h option will display the same info as -k but in larger increments than Kbytes. -l will report on local file systems only. REMEMBER when viewing the amount of free space using this utility that some of the space (1-10%) is reserved by the system.

The "du" command is used to display the number of disk blocks used by files and directories. (Each disk block or sector is 512 bytes) -k option displays the disk usage in Kbytes. The -s option will output the actual number of 512 byte blocks used, not listed in Kbytes. -a option will display the number of blocks that are used by each file and shows the file path beside it. (this can take a while if it is going through the whole system.)

The "quot" command will show the amount of space used by each user. This command can only be used the root user. It can display the amount of space used and the number of files that are using the space.

Think of the file system of UNIX like an upside down tree. A directory is actually a mount point. The root of the file system in UNIX is normally mounted on Slice 0. The first sector on the drive is occupied by the Label or VTOC (volume table of contents). Other Slices or partitions on the drive will not use the first block even though there is no VTOC for slices other than the root slice.


KEVINOBRIEN.CA  is the property of Kevin O'Brien.>-> Visitor addresses are recorded.

JS Menu