Kernel detected hardware

# dmesg # Detected hardware and boot messages

# lsdev # information about installed hardware

# dd if=/dev/mem bs=1k skip=768 count=256 2>/dev/null | strings -n 8 # Read BIOS

Linux

# cat /proc/cpuinfo # CPU model

# cat /proc/meminfo # Hardware memory

# grep MemTotal /proc/meminfo # Display the physical memory

# watch -n1 'cat /proc/interrupts' # Watch changeable interrupts continuously

# free -m # Used and free memory (-m for MB)

# cat /proc/devices # Configured devices

# lspci -tv # Show PCI devices

# lsusb -tv # Show USB devices

# lshal # Show a list of all devices with their properties

# dmidecode # Show DMI/SMBIOS: hw info from the BIOS

FreeBSD

# sysctl hw.model # CPU model

# sysctl hw # Gives a lot of hardware information

# sysctl vm # Memory usage

# dmesg | grep "real mem" # Hardware memory

# sysctl -a | grep mem # Kernel memory settings and info

# sysctl dev # Configured devices

# pciconf -l -cv # Show PCI devices

# usbdevs -v # Show USB devices

# atacontrol list # Show ATA devices

The following commands are useful to find out what is going on on the system.

# top # display and update the top cpu processes

# mpstat 1 # display processors related statistics

# vmstat 2 # display virtual memory statistics

# iostat 2 # display I/O statistics (2 s intervals)

# systat -vmstat 1 # BSD summary of system statistics (1 s intervals)

# systat -tcp 1 # BSD tcp connections (try also -ip)

# systat -netstat 1 # BSD active network connections

# systat -ifstat 1 # BSD network traffic through active interfaces

# systat -iostat 1 # BSD CPU and and disk throughput

# tail -n 500 /var/log/messages # Last 500 kernel/syslog messages

# tail /var/log/warn # System warnings messages see syslog.conf

# id # Show the active user id with login and group

# last # Show last logins on the system

# who # Show who is logged on the system

# groupadd admin # Add group "admin" and user colin (Linux/Solaris)

# useradd -c "Colin Barschel" -g admin -m colin

# userdel colin # Delete user colin (Linux/Solaris)

# adduser joe # FreeBSD add user joe (interactive)

# rmuser joe # FreeBSD delete user joe (interactive)

# pw groupadd admin # Use pw on FreeBSD

# pw groupmod admin -m newmember # Add a new member to a group

# pw useradd colin -c "Colin Barschel" -g admin -m -s /bin/tcsh

# pw userdel colin; pw groupdel admin

Encrypted passwords are stored in /etc/shadow for Linux and Solaris and /etc/master.passwd on FreeBSD. If the master.passwd is modified manually (say to delete a password), run #

pwd_mkdb -p master.passwd to rebuild the database.

To temporarily prevent logins system wide (for all users but root) use nologin. The message in nologin will be displayed.

# echo "Sorry no login now" > /etc/nologin # (Linux)

# echo "Sorry no login now" > /var/run/nologin # (FreeBSD)

Some application require higher limits on open files and sockets (like a proxy web server,database). The default limits are usually too low.

Linux

Per shell/script

The shell limits are governed by ulimit. The status is checked with ulimit -a. For example to change the open files limit from 1024 to 10240 do:

# ulimit -n 10240 # This is only valid within the shell

The ulimit command can be used in a script to change the limits for the script only.

Per user/process

Login users and applications can be configured in /etc/security/limits.conf. For example:

# cat /etc/security/limits.conf

* hard nproc 250 # Limit user processes

asterisk hard nofile 409600 # Limit application open files

System wide

Kernel limits are set with sysctl. Permanent limits are set in /etc/sysctl.conf.

# sysctl -a # View all system limits

# sysctl fs.file-max # View max open files limit

fs.file-max=102400 # Permanent entry in sysctl.conf

# cat /proc/sys/fs/file-nr # How many file descriptors are in use

FreeBSD

Per shell/script

Use the command limits in csh or tcsh or as in Linux, use ulimit in an sh or bash shell.

Per user/process

The default limits on login are set in /etc/login.conf. An unlimited value is still limited by the

system maximal value.

System wide

Kernel limits are also set with sysctl. Permanent limits are set in /etc/sysctl.conf or /boot/

loader.conf. The syntax is the same as Linux but the keys are different.

# sysctl -a # View all system limits

# sysctl kern.maxfiles=XXXX # maximum number of file descriptors

kern.ipc.nmbclusters=32768 # Permanent entry in /etc/sysctl.conf

kern.maxfiles=65536 # Typical values for Squid

kern.maxfilesperproc=32768

kern.ipc.somaxconn=8192 # TCP queue. Better for apache/sendmail

# sysctl kern.openfiles # How many file descriptors are in use

# sysctl kern.ipc.numopensockets # How many open sockets are in use

See The FreeBSD handbook Chapter 111 for details.

Solaris

The following values in /etc/system will increase the maximum file descriptors per proc:

set rlim_fd_max = 4096 # Hard limit on file descriptors for a single proc

set rlim_fd_cur = 1024 # Soft limit on file descriptors for a single proc

Linux

Once booted, the kernel starts init which then starts rc which starts all scripts belonging to a runlevel. The scripts are stored in /etc/init.d and are linked into /etc/rc.d/rcN.d with N the runlevel number.

The default runlevel is configured in /etc/inittab. It is usually 3 or 5:

# grep default: /etc/inittab

id:3:initdefault:

The actual runlevel (the list is shown below) can be changed with init. For example to go from 3 to 5:

# init 5 # Enters runlevel 5

0 Shutdown and halt

1 Single-User mode (also S)

2 Multi-user without network

3 Multi-user with network

5 Multi-user with X

6 Reboot

Use chkconfig to configure the programs that will be started at boot in a runlevel.

# chkconfig --list # List all init scripts

# chkconfig --list sshd # Report the status of sshd

1.http://www.freebsd.org/handbook/configtuning-kernel-limits.html

# chkconfig sshd --level 35 on # Configure sshd for levels 3 and 5

# chkconfig sshd off # Disable sshd for all runlevels

Debian and Debian based distributions like Ubuntu or Knoppix use the command update-rc.d

to manage the runlevels scripts. Default is to start in 2,3,4 and 5 and shutdown in 0,1 and 6.

# update-rc.d sshd defaults # Activate sshd with the default runlevels

# update-rc.d sshd start 20 2 3 4 5 . stop 20 0 1 6 . # With explicit arguments

# update-rc.d -f sshd remove # Disable sshd for all runlevels

# shutdown -h now (or # poweroff) # Shutdown and halt the system

FreeBSD

The BSD boot approach is different from the SysV, there are no runlevels. The final boot state (single user, with or without X) is configured in /etc/ttys. All OS scripts are located in /etc/rc.d/ and in /usr/local/etc/rc.d/ for third-party applications. The activation of the service is configured in /etc/rc.conf and /etc/rc.conf.local. The default behavior is configured in /etc/defaults/rc.conf. The scripts responds at least to start|stop|status.

# /etc/rc.d/sshd status

sshd is running as pid 552.

# shutdown now # Go into single-user mode

# exit # Go back to multi-user mode

# shutdown -p now # Shutdown and halt the system

# shutdown -r now # Reboot

The process init can also be used to reach one of the following states level. For example #

init 6 for reboot.

0 Halt and turn the power off (signal USR2)

1 Go to single-user mode (signal TERM)

6 Reboot the machine (signal INT)

c Block further logins (signal TSTP)

q Rescan the ttys(5) file (signal HUP)

Linux method 1

At the boot loader (lilo or grub), enter the following boot option:

init=/bin/sh

The kernel will mount the root partition and init will start the bourne shell instead of rc and then a runlevel. Use the command passwd at the prompt to change the password and then reboot. Forget the single user mode as you need the password for that.

If, after booting, the root partition is mounted read only, remount it rw:

# mount -o remount,rw /

# passwd # or delete the root password (/etc/shadow)

# sync; mount -o remount,ro / # sync before to remount read only

# reboot

FreeBSD and Linux method 2

FreeBSD won't let you go away with the simple init trick. The solution is to mount the root partition from an other OS (like a rescue CD) and change the password on the disk.

• Boot a live CD or installation CD into a rescue mode which will give you a shell.

• Find the root partition with fdisk e.g. fdisk /dev/sda

• Mount it and use chroot:

# mount -o rw /dev/ad4s3a /mnt

# chroot /mnt # chroot into /mnt

# passwd

# reboot

Alternatively on FreeBSD, boot in single user mode, remount / rw and use passwd.

# mount -u /; mount -a # will mount / rw

# passwd

# reboot

Linux

# lsmod # List all modules loaded in the kernel

# modprobe isdn # To load a module (here isdn)

FreeBSD

# kldstat # List all modules loaded in the kernel

# kldload crypto # To load a module (here crypto)

Linux

# cd /usr/src/linux

# make mrproper # Clean everything, including config files

# make oldconfig # Create a new config file from the current kernel

# make menuconfig # or xconfig (Qt) or gconfig (GTK)

# make # Create a compressed kernel image

# make modules # Compile the modules

# make modules_install # Install the modules

# make install # Install the kernel

# reboot

FreeBSD

To modify and rebuild the kernel, copy the generic configuration file to a new name and edit it as needed. It is however also possible to edit the file GENERIC directly.

# cd /usr/src/sys/i386/conf/

# cp GENERIC MYKERNEL

# cd /usr/src

# make buildkernel KERNCONF=MYKERNEL

# make installkernel KERNCONF=MYKERNEL

To rebuild the full OS:

# make buildworld # Build the full OS but not the kernel

# make buildkernel # Use KERNCONF as above if appropriate

# make installkernel

# reboot

# mergemaster -p # Compares only files known to be essential

# make installworld

# mergemaster # Update all configuration and other files

# reboot

For small changes in the source, sometimes the short version is enough:

# make kernel world # Compile and install both kernel and OS

# mergemaster

# reboot