Chapter 2

System Components
 System Components
 Operating Systems

 File Systems

 Processes and Job Control

 Logs and Audits

 Privileged accounts
What is System ?
 (Human-computer system):- is an organized collaboration
between human and computers to solve a problem or provide a
service.
Three main components in a human-computer system:
1. Humans: who use and run the fixed infrastructure and cause
most problems.
2. Host computers: computer devises that run a software. these
might be in a fixed location or mobile devices.
3. Network hardware: a variety of specialized devises including
(Routers, Switches, cables and etc)
Operating Systems
 Operating system

▪“is a program that acts as intermediary between a user of the

computer and the hardware ”

▪Software that manages user computer’s resource (files,

programs, disks, network).

Examples Windows, MacOSX, Solaries, BSD,

Linux(mandroke, Redhat, solackware, Suse)

4
Operating Systems
 Operating system

▪Software which shares and controls hardware resources of a

computer

▪Shields user from low-level details of machines operation

OS has key elements

✓ Technical layer (kernel & drivers): for driving hardware

✓ File system : organize file logically

✓ User Interface : helps user to run his own program

5
What is Unix ?

 A modern computer operating system.

 Stable, flexible, configurable, allows multiple users and

programs.

6
Why Unix…?
 Will make you a better computer scientist.

 UNIX is also a building block for many CS concepts.

 Open source and stable(no viruses, worms, etc)

 Used in many scientific and industrial settings.

 Huge number of free and well written software programs.

 Excellent programming environment.

 Roughly more than 65% of the world’s web servers are

Linux/Unix machines running Apache.

7
Comparing Unix-like and Windows
computers
 The file and directory structures of Unix and windows are

different – but it is natural that both systems have the same

basic computers.

 File System

o Are a very basis of what system admin about

o Every task in host administration or network configuration involves

making changes to files.

o System admin focus on user functionality of the file system.

o How allowing file access to be restrictive to group of users.

9 o What command are necessary to manage this.

Windows file model
 Like the UNIX file system, is a hierarchical file system with

files and directories, but not group membership.

 Files do not have a set of default permission bits as does

UNIX.

 Instead they all have full-blooded ACL's which assign a set of

permission to specific user.

10
File hierarchy
 Window file system is changed through the different versions.

 C:\I368 – the directory contains binary code and data for the

windows operating system.

 C:\program files – official location for the new software.

 C:\Temp – temporary scratch space

 C:\WinNT – the root directory for the window system.(only for

operating system files)

 C:\WinNT\config – configuration information for programs.

 C:\WinNT\system32 – this is so called system root.(most

11
system applications and data are kept)
UNIX file Model
 The UNIX file system
 Typical UNIX directory structure
 Directory and file handling commands
 Specifying multiple filenames
 Quotes
 File and directory permissions
 Inspecting file content
 Finding files
 Finding text in files
 Sorting files
 File compression and backup
 Handling removable media
 The UNIX Filesystem
 Every item such as
✓ Configuration information,
✓ Temporary files ,
✓ User data etc that can be stored in a UNIX filesystem belongs to one of four
types.

✓ Ordinary files

✓ Directory Files

✓ Device Files

✓ Links
 The UNIX Filesystem…
1. Ordinary files
Ordinary files can contain text, data, or program information.
 Files cannot contain other files or directories.
 Unlike other operating systems, UNIX filenames are not broken into a
name part and an extension part (although extensions are still frequently
used as a means to classify files).
 Instead they can contain any keyboard character except for '/' and be up to
256 characters long (note however that characters such as *,?,# and & have
special meaning in most shells and should not therefore be used in
filenames).
 Putting spaces in filenames also makes them difficult to manipulate - rather
use the underscore '_'.
The UNIX Filesystem…
2. Directory Files
Directories are containers or folders that hold files, and other
directories.
3. Device Files
To provide applications with easy access to hardware devices, UNIX
allows them to be used in much the same way as ordinary files.
There are two types of devices in UNIX:
 block-oriented devices which transfer data in blocks (e.g. hard disks)
and
 character-oriented devices that transfer data on a byte-by-byte basis
(e.g. modems and dumb terminals).
The UNIX Filesystem…
4. Links
A link is a pointer to another file.
There are two types of links:
 A hard link to a file is indistinguishable from the file itself.

 A soft link (or symbolic link) provides an indirect pointer or

shortcut to a file.
 A soft link is implemented as a directory file entry containing a
pathname.
Typical UNIX Directory Structure
 The UNIX file system is laid out as a hierarchical tree structure which

is anchored at a special top-level directory known as the root

(designated by a slash '/').

 Because of the tree structure, a directory can have many child

directories, but only one parent directory.

Part of a typical UNIX filesystem tree
 To specify a location in the directory hierarchy, we must specify a path
through the tree.
 The path to a location can be defined by an absolute path from the
root /, or as a relative path from the current working directory.
 To specify a path, each directory along the route from the source to the
destination must be included in the path, with each directory in the
sequence being separated by a slash.
 To help with the specification of relative paths, UNIX provides the
shorthand "." for the current directory and ".." for the parent directory.
 E.g. Write an absolute and relative path to the directory "play“ from
"zeb"
is /home/will/play, while the relative path to this directory from "zeb"
is ../will/play.
/export – Network servers only use this
 Directory and File Handling Commands

 pwd (print [current] working directory)

 pwd displays the full absolute path to your current location in the

filesystem. So

$ pwd

/usr/bin

implies that /usr/bin is the current working directory.

Directory and File Handling Commands
 ls (list directory)

 ls lists the contents of a directory. If no target directory is given,

then the contents of the current working directory are displayed.

So, if the current working directory is /,

 $ ls
bin dev home mnt share usr var
boot etc lib proc sbin tmp vol
 Actually, ls doesn't show you all the entries in a directory.
 Files and directories that begin with a dot (.) are hidden (this
includes the directories '.' and '..' which are always present).
 The reason for this is that files that begin with a . usually contain
important configuration information and should not be changed
under normal circumstances. If you want to see all files, ls supports
the -a option:
 $ ls -a
 Even this listing is not that helpful - there are no hints to properties
such as the size, type and ownership of files, just their names.
 To see more detailed information, use the -l option (long listing),
which can be combined with the -a option as follows:
 $ ls -a -l
(or, equivalently,)
$ ls -al
Each line of the output looks like this:
 where:
 type is a single character which is either 'd' (directory), '-' (ordinary file), 'l'
(symbolic link), 'b' (block-oriented device) or 'c' (character-oriented device).
 permissions is a set of characters describing access rights. There are 9 permission
characters, describing 3 access types given to 3 user categories. The three access
types are read ('r'), write ('w') and execute ('x'), and the three users categories
are the user who owns the file, users in the group that the file belongs to and
other users (the general public). An 'r', 'w' or 'x' character means the
corresponding permission is present; a '-' means it is absent.
 links refers to the number of filesystem links pointing to the file/directory.
 owner is usually the user who created the file or directory.
 group denotes a collection of users who are allowed to access the file according
to the group access rights specified in the permissions field.
 size is the length of a file, or the number of bytes used by the operating system
to store the list of files in a directory.
 date is the date when the file or directory was last modified (written to). The -
u option displays the time when the file was last accessed (read).
 name is the name of the file or directory.
 ls supports more options.To find out what they are, type:

 $ man ls
 man is the online UNIX user manual, and you can use it to get help

with commands and find out about what options are supported.

 It has quite a terse style which is often not that helpful, so some

users prefer to use the (non-standard) info utility if it is installed:

 $ info ls
 cd (change [current working] directory)
 $ cd path
changes your current working directory to path (which can be an
absolute or a relative path). One of the most common relative paths
to use is '..' (i.e. the parent directory of the current directory).
 Used without any target directory
 $ cd
 resets your current working directory to your home directory
(useful if you get lost).
 If you change into a directory and you subsequently want to return
to your original directory, use
 $ cd -
 mkdir (make directory)
$ mkdir directory
 creates a subdirectory called directory in the current working
directory.You can only create subdirectories in a directory if you
have write permission on that directory.
 rmdir (remove directory)
 $ rmdir directory
 removes the subdirectory directory from the current working
directory.
 You can only remove subdirectories if they are completely empty
(i.e. of all entries besides the '.' and '..' directories).
 cp (copy)
 cp is used to make copies of files or entire directories. To copy files, use:
 $ cp source-file(s) destination
 where source-file(s) and destination specify the source and destination of
the copy respectively. The behavior of cp depends on whether the
destination is a file or a directory. If the destination is a file, only one
source file is allowed and cp makes a new file called destination that has
the same contents as the source file. If the destination is a directory,
many source files can be specified, each of which will be copied into the
destination directory.
 To copy entire directories (including their contents), use a recursive copy:
 $ cp -rd source-directories destination-directory
 mv (move/rename)
 mv is used to rename files/directories and/or move them from one
directory into another. Exactly one source and one destination must be
specified:

 $ mv source destination

 If destination is an existing directory, the new name for source (whether

it be a file or a directory) will be destination/source.
 If source and destination are both files, source is renamed destination.
 N.B.: if destination is an existing file it will be destroyed and overwritten
by source (you can use the -i option if you would like to be asked for
confirmation before a file is overwritten in this way).
 rm (remove/delete)
 $ rm target-file(s)
 removes the specified files. Unlike other operating systems, it is
almost impossible to recover a deleted file unless you have a backup
(there is no recycle bin!) so use this command with care. If you
would like to be asked before files are deleted, use the -i option:
 $ rm -i myfile
rm: remove 'myfile'?
 rm can also be used to delete directories (along with all of their
contents, including any subdirectories they contain).
 To do this, use the -r option. To avoid rm from asking any questions
or giving errors (e.g. if the file doesn't exist) you use the -f (force)
option.

 $rm -rf /home/will).

 cat (catenate/type)
 $ cat target-file(s)
 displays the contents of target-file(s) on the screen, one after the other.
You can also use it to create files from keyboard input as follows (> is
the output redirection operator, which will be discussed in the next
chapter):
$ cat > hello.txt
hello world!
[ctrl-d]
$ ls hello.txt
hello.txt
$ cat hello.txt
hello world!
$
 Making Hard and Soft (Symbolic) Links
 Direct (hard) and indirect (soft or symbolic) links from one
file or directory to another can be created using the ln command.
 $ ln filename linkname
 creates another directory entry
for filename called linkname (i.e. linkname is a hard link).
 Both directory entries appear identical (and both now have a link
count of 2).
 If either filename or linkname is modified, the change will be reflected
in the other file (since they are in fact just two different directory
entries pointing to the same file).
 Specifying multiple filenames
 Multiple filenames can be specified using special pattern-
matching characters. The rules are:
 '?' matches any single character in that position in the filename.
 '*' matches zero or more characters in the filename.
 A '*' on its own will match all files. '*.*' matches all files with
contains a '.'.
 Characters enclosed in square brackets ('[' and ']') will match any
filename that has one of those characters in that position.
 A list of comma separated strings enclosed in curly braces ("{"
and "}") will be expanded as a Cartesian product with the
surrounding characters.
 For example:
 ??? matches all three-character filenames.
 ?ell? matches any five-character filenames with 'ell' in the middle.
 he* matches any filename beginning with 'he'.
 [m-z]*[a-l] matches any filename that begins with a letter from 'm' to
'z' and ends in a letter from 'a' to 'l'.
 {/usr,}{/bin,/lib}/file expands to /usr/bin/file /usr/lib/file
/bin/file and /lib/file.
 Note that the UNIX shell performs these expansions (including any
filename matching) on a command's arguments before the command
is executed.
File and Directory Permissions
 As we have seen earlier, every file or directory on a UNIX system has

three types of permissions, describing what operations can be

performed on it by various categories of users.

 The permissions are read (r), write (w) and execute (x), and the

three categories of users are user/owner (u), group (g) and

others (o).

 Because files and directories are different entities, the interpretation of

the permissions assigned to each differs slightly, as shown in figure.

 File and directory permissions can only be modified by their owners,

or by the super user (root), by using the chmod system utility.

 chmod (change [file or directory] mode)

 $ chmod options files

 chmod accepts options in two forms.

 Firstly, permissions may be specified as a sequence of 3 octal digits

(octal is like decimal except that the digit range is 0 to 7 instead of

0 to 9).
 Each octal digit represents the access permissions for the

user/owner, group and others respectively.

 The mappings of permissions onto their corresponding octal digits

is as follows:
 For example the command:
 $ chmod 600 private.txt
 sets the permissions on private.txt to rw------- (i.e. only the owner can
read and write to the file).
 Permissions may be specified symbolically, using
symbols u (user), g (group), o (other), a (all), r (read), w (write), x (e
xecute), + (add permission), - (take away permission) and = (assign
permission).
 For example, the command:
 $ chmod ug=rw,o-rw,a-x *.txt
 sets the permissions on all files ending in *.txt to:
rw-rw---- (i.e. the owner and users in the file's group can read and write
to the file, while the general public do not have any sort of access).
 chmod also supports a -R option which can be used to

recursively modify file permissions, e.g.

 $ chmod -R go+r play

 Will grant group and other read rights to the directory play and

all of the files and directories within play.

 chgrp (change group)

 $ chgrp group files

 Can be used to change the group that a file or directory belongs to.

 It also supports a -R option.

Processes and job control
 Is a collection of resources such as file handles ,allocated

memory, program code and CPU registers that is associated

with a specific running program.

From the kernel’s perspective a process is :

 An address space (the set of memory pages with code,

libraries and data).

 Set of data structures (with the kernal)

Processes and job control
 The process’s address space map.
 Current status
 Executable used
 Resource used
 Signal mask (which signal are blocked).
 The owner
 Which instructions are currently being executed.
 Process attributes
 Process ID – PID (Unique identifier , wraps around)
 Parent PID – PPID
o when a process is cloned, there is a parent and a child.
Logs and Audits
Operating system kernels share resources and offer services.

 Logging or auditing – keep list of transactions which have

taken place so that one can later go back and see exactly what
happened at a given time.

 Full system auditing (logging every single operation that the

computer performs) consumes vast amounts of disk space and

CPU time.
Logs and Audits
 It is generally inadvisable unless one has a specific reason to

audit the system.

 Auditing is issue again in connection with security.

 Organization have become afraid of break-ins from system

crackers and Want to be able to trace the activities of the

system in order to be able to look back and find out the
identity of a cracker.

 On the other hand system accounting is So resource

consuming that the loss of performance might be more

important to an organization than the threat of intrusion.
Privileged accounts
 Is used to configure and maintain the system.

 Have access to the whole system, without regard for

restriction.

 In UNIX the privileged account is called root(super-user).

 In windows the administrator account is similar to Unix’s root,

except that the administrator does not have automatic access to

everything as does root-first granted access to an object.
Privileged accounts
 Administrator and root accounts should never be used for

normal work.

 To use the privileged accounts as a normal user account would

be to make the system as insecure.

 Restriction of unnecessary privilege protects a system from

accidental and malicious damage, infection by viruses and

prevents users from concealing their actions with false
identities.