Опубликован: 06.08.2012 | Доступ: свободный | Студентов: 1179 / 25 | Оценка: 5.00 / 5.00 | Длительность: 53:41:00
Лекция 8:

Тaking control

< Лекция 7 || Лекция 8: 123456 || Лекция 9 >

Becoming super user

Frequently when you're logged in normally, you want to do something that requires you to be root. You can log out and log in again as root, of course, but there's an easier way:

$ su        become super user
Password:   as usual, it doesn't echo
#           root prompt

To use su , you must be a member of the group wheel. Normally you do this when you add the user, but otherwise just put the name of the user at the end of the line in /etc/group:

wheel:*:0:root,grog    add the text in boldface
BSD treats su somewhat differently from System V. First, you need to be a member of the group wheel, and secondly BSD gives you more of the super user environment than System V. See the man page for further information.

Having a single root password is a security risk on a system where multiple people know the password. If one of them leaves the project, you need to change the password. An alternative is the sudo port (/usr/ports/security/sudo). It provides fine-grained access to root privileges, all based on the user's own password. Nobody needs to know the root password. If a user leaves, you just remove his account, and that cancels his access.

Adding or changing passwords

If your system has any connection with the outside world, it's a good idea to change your password from time to time. Do this with the passwd program. The input doesn't look very interesting:

$ passwd
Changing local password for yana.
Old password:                        doesn't echo
New password:                        doesn't echo
Retype new password:                 doesn't echo
passwd: rebuilding the database...
passwd: done

You have to enter the old password to make sure that some passer-by doesn't change it for you while you're away from your monitor, and you have to enter the new password twice to make sure that you don't mistype and lock yourself out of your account. If this does happen anyway, you can log in as root and change the password: root doesn't have to enter the old password, and it can change anybody's password. For example:

# passwd yana
Changing local password for yana.
New password:                     doesn't echo
Retype new password:              doesn't echo
passwd: rebuilding the database...
passwd: done

In this case, you specify the name of the user for whom you change the password.

If you are changing the root password, be careful: it's easy enough to lock your self out of the system if you mess things up, which could happen if, for example, you mistyped the password twice in the same way (don't laugh, it happens). If you're running X, open another window and use su to become root If you're running in character mode, select another virtual terminal and log in as root there. Only when you're sure you can still access root should you log out.

If you do manage to lose the root password, all may not be lost. Reboot the machine to single-user mode (see page 540), and enter:

# mount -u /           mount root file system read/write
# mount /usr           mount /usrfile system (if separate)
# passwd root          change the password for root
Enter new password:
Enter password again:
# ^D                   enter ctrl-D to continue with startup

If you have a separate /usr file system (the normal case), you need to mount it as well, since the passwd program is in the directory /usr/bin. Note that you should explicitly state the name root: in single-user mode, the system doesn't have the concept of user IDs.


As we have seen, UNIX is a multi-user, multi-tasking operating system. In particular, you can run a specific program more than once. We use the term process to refer to a particular instance of a running program. Each process is given a process ID more frequently referred to as PID a number between 0 and 99999 that uniquely identifies it. There are many things that you might like to know about the processes that are currently running, such as:

  • How many processes are running?
  • Who is running the processes?
  • Why is the system so slow?
  • Which process is blocking my access to the modem?

Your primary tool for investigating process behavior is the ps (process status) command. It has a large number of command options, and it can tell you a whole lot of things that you will only understand when you have investigated how the kernel works, but it can be very useful for a number of things. Here are some typical uses:

What processes do I have running?

After starting a large number of processes in a number of windows under X, you probably can't remember what is still running? Maybe processes that you thought had stopped are still running. To display a brief summary of the processes you have running, use the ps command with no options:

$ ps
187  p0  Is+  0:01.02  -bash (bash)
188  Pi  Ss   0:00.62  -bash (bash)
453  Pi  R+   0:00.03  ps

This display shows the following information:

  • The PID of the process.
  • TT is short for teletype, and shows the last few letters of the name of thecontrolling terminal, the terminal on which the process is running. In this example, the terminals are /dev/ttyp0 and /dev/ttypl.
  • STAT shows the current process status. It's involved and requires a certain amount of understanding of how the kernel runs to interpret it—see the man page for ps for more details.
  • TIME is the CPU time that the process has used in minutes, seconds and hundredths of a second. Note that many other UNIX systems, particularly System V, only show this field to the nearest second.
  • COMMAND is normally the command you entered, but don't rely on this. In the next section, you'll see thatsendmail has changed its COMMAND field to tell you what it is doing. You'll notice that the command on the last line is the ps that performs the listing. Due to some complicated timing issue in the kernel, this process may or may not appear in the listing.

What processes are running?

There are many more processes in the system than the list above shows. To show them all, use the a option to ps. To show daemons as well (see the next section for a definition of daemon ), use the x option. To show much more detail, use the u or l options. For example:

$ ps waux
root     12  95.7   0.0     0    12  ??  RL     1Jan70  1406:43.85  (idle: cpu0)
root     11  95.1   0.0     0    12  ??  RL     1Jan70  1406:44.64  (idle: cpu1)
root      1   0.0   0.0   708    84  ??  ILs    1Jan70     0:09.10  /sbin/init
root     12   0.0   0.0     0    12  ??  WL     1Jan70    15:04.95  (swi1: net)
root     13   0.0   0.0     0    12  ??  WL     1Jan70    21:30.29  (swi6: tty:sio clock)
root     15   0.0   0.0     0    12  ??  DL     1Jan70     2:17.27  (random)
root     18   0.0   0.0     0    12  ??  WL     1Jan70     0:00.00  (swi3: cambio)
root     20   0.0   0.0     0    12  ??  WL     1Jan70     0:00.00  (irq11: ahc0 uhci0++)
root     21   0.0   0.0     0    12  ??  WL     1Jan70    39:00.32  (irq5: rl0)
root     22   0.0   0.0     0    12  ??  WL     1Jan70     7:12.92  (irq14: ata0)
root     23   0.0   0.0     0    12  ??  WL     1Jan70     0:47.99  (irq15: ata1)
root     24   0.0   0.0     0    12  ??  DL     1Jan70     0:00.08  (usb0)
root     25   0.0   0.0     0    12  ??  DL     1Jan70     0:00.00  (usbtask)
root     26   0.0   0.0     0    12  ??  DL     1Jan70     0:00.07  (usb1)
root     27   0.0   0.0     0    12  ??  DL     1Jan70     0:00.08  (usb2)
root    340   0.0   0.1  1124   280  ??  S     18Dec02    16:41.11  nfsd: server (nfsd)
root    375   0.0   0.0  1192    12  ??  Ss    18Dec02     0:01.70  /usr/sbin/lpd
daemon  408   0.0   0.0  1136   152  ??  Ss    18Dec02     0:11.41  /usr/sbin/rwhod
root    420   0.0   0.1  2648   308  ??  Ss    18Dec02     0:04.20  /usr/sbin/sshd
root    491   0.0   0.1  2432   368  ??  Ss    18Dec02     0:38.61  /usr/local/sbin/httpd
root    551   0.0   0.0  1336    12  ??  Ss    18Dec02     0:02.71  /usr/sbin/inetd -wW
root    562   0.0   0.0  1252   216  ??  Is    18Dec02     0:15.50  /usr/sbin/cron
root    572   0.0   0.0  1180     8  v2  IWs+   -          0:00.00  /usr/libexec/getty Pc
www     582   0.0   0.0  2432     8  ??  IW     -          0:00.00  /usr/local/sbin/httpd
grog    608   0.0   0.1  1316   720  v0  I     18Dec02     0:00.04  -bash (bash)
root   2600   0.0   0.0  1180     8  v1  IWs+   -          0:00.00  /usr/libexec/getty Pc
root  33069   0.0   0.3  5352  1716  ??  Ss    29Dec02     0:01.30  xterm -name xterm
grog  33081   0.0   0.1  1328   752  p8  Is+   29Dec02     0:00.09  /usr/local/bin/bash

This list is just an excerpt. Even on a freshly booted system, the real list of processes will be much larger, about 50 processes.

We've seen a number of these fields already. The others are:

  • USER is the real user ID of the process, the user ID of the person who started it.
  • %CPU is an approximate count of the proportion of CPU time that the process has been using in the last few seconds. This is the column to examine if things suddenly get slow.
  • %MEM is an approximate indication of the amount of physical memory that the process is using.
  • VSZ (virtual size) is the amount of virtual memory that the process is using, measured in kilobytes.
  • RSS (resident segment size) is the amount of physical memory currently in use, measured in kilobytes.
  • STARTED is the time or date when the process was started.

In addition, a surprising number of processes don't have a controlling terminal. They are daemons and we'll look at them in the next section.

< Лекция 7 || Лекция 8: 123456 || Лекция 9 >
Владимир Шишкин
Владимир Шишкин
Россия, Киров
Олег Страхов
Олег Страхов