Presentation is loading. Please wait.

Presentation is loading. Please wait.

New SA Training Topic 4: System Architecture  System architecture is a broad topic, comprised of many different things. In our organization, SA’s primarily.

Similar presentations


Presentation on theme: "New SA Training Topic 4: System Architecture  System architecture is a broad topic, comprised of many different things. In our organization, SA’s primarily."— Presentation transcript:

1 New SA Training Topic 4: System Architecture  System architecture is a broad topic, comprised of many different things. In our organization, SA’s primarily are concerned with the following.  File systems  Devices  File system permissions  Run levels  Win32 system components  Processes

2 File Systems A File System relates to how data is stored o Local or remote storage o Devices -> partitions -> file systems o Usually this means: o disk -> partition -> file system -> files (remind me to draw this for you) o fdisk, gparted, or the like Our organization uses both Windows and Linux file systems.

3 File systems (cont.) Windows FAT (8, 12, 16, 32; exFAT for flash drives) NTFS (most modern Windows boxes) ReFS (newest: increased resilience) format chkdsk Linux UFS (the Unix File System) ext*, and many, many others mkfs fsck (journaling on ext3, reiserfs, etc.)

4 File systems (cont.) Most PC’s use MBR (Master Boot Record) partitioning Each hard disk can contain up to four different "true" partitions, which are called primary partitions. One of the four partitions may be designated as an extended partition. The extended partition may then be subdivided into multiple logical partitions. The limit on the maximum number of logical volumes varies. Windows can generally provide 26 or more (A, B, C...). Unix/Linux systems may max at 15, 63, or other values.

5 File systems (cont.) MBR is slowly being replaced by GPT (GUID Partition Table) Eliminates concepts of Primary, Extended, and Logical volumes Uses a more extendable addressing system – thus HUGE partitions available (MBR generally maxes at ~2 TB depending on drive, GPT can do ~9 ZB!) Maximum number of partitions is generally considered to be 128. Not all OSes fully support GPT yet though

6 An exercise Diagram(s) - disk, partition, file system, files 1-1-1-1 (1 disk, 1 partition, 1 fs, 1 file) 1-2-2-N (1 disk, 2 partitions, 2 fs, many files) 1-3/1-M-N (1 disk, 3 primary + 1 extended partitions, many fs, many files) SAGE Level 1 SA’s should be able to label disk, partition, file system, and files with appropriate commands

7 Devices Windows detects disk devices automatically attaches as drive letter Linux can auto-detect some, but PNP support not complete usually need to mount (and umount -- note the missing 'n')

8 File system permissions Incomplete example – draw a better one

9 Thinking about permissions What is the simplest way to change permissions on emp_pay.xls so that HRMrg1 has access to the file, but Employee1 does not? What is a better way to do the above, that might be slightly more complex? Do you need to “give” access? Do you need to “deny” access? Both? How?

10 File system permissions (cont.) Windows GUI cacls – change acls Linux (chapter 2) Chmod – change mode (-rwxrw-r--=764) Chown – change owner (owner:group) Chgrp – change group Umask - sets the mask applied to newly created file and directory permissions (0666-0002=0664 / 0777-0002=0775) GUI (for some settings)

11 File system permissions (cont.) Special Linux Modes - sticky bit, SUID and SGID.sticky bitSUID SGID 1000: If the sticky bit is set on a directory, then only the file owner, the directory owner, or superuser can delete a file in that directory. If a directory has permissions 0770, then the directory owner or anyone in the directory's group can add files or delete any files (regardless of who the file's owner is). If the sticky bit is set, so the permissions are 1770, then anyone in the group can add files to the directory, but each user can only delete his or her own files. (chmod +t - drwxrwxrwt)

12 File system permissions (cont.) 2000: set group ID: Executables with this will run with effective gid set as the gid of the file owner. When a directory has this permission, files created in the directory have the group ID of the directory, rather than the default group setting for the user who created the file. (chmod g=s -rwx--Sr-x)set group ID 4000: set user ID: Executables with this will run with effective uid set as the uid of the file owner. Directories with set-user-id bit force all files/folders created in them to be owned by the directory owner and not by the uid of the creating process. (chmod u=s d--Sr-xr-x)set user ID NOTE – Not every *NIX implementation supports all functions of these permissions

13 File system permissions (cont.) Linux Access Control Lists Give emp1 and the group jrSA rwx on SAdir. Using the setfacl utility (note – file system must be mounted with ACL support) setfacl -m user:emp1:rwx,group:jrSA:rwx SAdir getfacl should return the following: # file: SAdir # owner: foo # group: bar user::rwx user:emp1:rwx group::r-x group:jrSA:rwx mask::rwx other::---

14 Review of Linux runlevels Runlevels 0 – Shutdown 1 – Single user 2 – Multi-user w/o networking 3 – Multi-user w/networking 4 – Unused 5 – Multi-user w/networking and GUI 6 – Reboot

15 System components (Win32)

16 System components (cont.) Layered OS (see handout) Protection Modularity Kernel Privileged accounts Windows: Administrator Unix/Linux: root (UID=0)

17 Processes Windows User Mode processes Use individual memory spaces Runs “as” a particular user Three types System processes – Manage User Mode environment (winlogon) Windows Services (services) User applications

18 Processes (cont.) Windows Kernel Mode processes Share memory space Have direct access to hardware Includes Executive Services, Microkernel, HAL Viewing Processes Task Manager Stopping Processes Services Utility Task Manager Net commands

19 Processes (cont.) Linux doesn't really make a distinction between types of processes su command allows for user switching Viewing Processes ps command Stopping Processes Services Utility kill command

20 New SA Training Topic 5: Startup / Shutdown Normal hard disk based startup sequence, generally uses “chain loading” (A->B->C) POST MBR, GPT, or similar Not OS specific Loads from known location If set device is set “active”, then… Program / software (OS, boot loader, Volume Boot Record…)

21 System Startup (Cont.) Windows startup sequence: Boot phase – NTLDR (uses boot.ini) or BOOTMGR (uses Boot Configuration Data or BCD) Kernel phase (ntoskernel.exe), kernel initialization (drivers) Services phase (smss.exe), Logon phase (winlogon.exe and lsass.exe)

22 System Startup (cont.) Linux startup sequence: lilo/grub kernel init (/etc/inittab – determines runlevel) /etc/rc*  Scripts used to control how the system will startup/shutdown are /etc/inittab and /etc/rc.d (or /etc/rcX.d, where X corresponds to runlevel. “S” scripts designate items to run at startup.) multi-booting: NTLDR/BOOTMGR vs Lilo/Grub vs VirtualPC/other virtualization

23 System Startup (cont.) Advanced startup Windows advanced startup options Last known good System Restore Safe mode Recovery console Emergency repair disk (ERD) Linux advanced startup options boot from floppy single-user mode

24 System Shutdown Windows Ctrl-Alt-Del – Shutdown Start – Shutdown From command line - shutdown –s (or –r) Applications are closed/services stopped Linux Init 0 (init 6 will reboot) shutdown -h now (-r will reboot) /etc/rc* handles some process shutdown, using “K” scripts


Download ppt "New SA Training Topic 4: System Architecture  System architecture is a broad topic, comprised of many different things. In our organization, SA’s primarily."

Similar presentations


Ads by Google