Linux File System

Tags

Linux, Network

You must be logged in to download this document

be first to review

prudentneo

LINUX WORLD Expert Linux Left to its own devices David Coulson investigates an alternative to the chaos commonly known as /dev f there is one thing in the Unix world which is little short of embarrassing, it is the /dev directory. Many standard installations build a directory containing every possible device entry known to man, just to cover every eventuality. Of course, this confuses users, particularly those who are new to Linux, when searching for a specific device node to use in order to access a piece of hardware. Throw in the symlinks which everyone has to give nice names to common devices, and there is something little short of a nightmare sitting in your root directory. Rather than having a static /dev directory, Linux now has the ability to use a virtual file system instead, which greatly improves the usefulness of the entire machine. devfs, once mounted on /dev, structures device names in a far more logical format, making them nSetting up aliases assists automatic module loading for devices when you access their /dev file. ,Getting started with devfs How to run a user-space daemon for backwards compatibility Devfs consists of a kernel configuration option, with some level of customisation, as well as a user-space daemon to control the creation of symlinks, for both backwards compatibility with the older style /dev directory and for user-friendly filenames, and to ensure that permissions and ownership of device nodes are appropriate for usage and security. The file system cannot be compiled as a kernel module, so it’s going to take a reboot for devfs to work properly. There are also options to have /dev mounted with devfs at boot time, which makes migration rather more problematic, and for devfs debugging, though only hardened kernel hackers need bother with that. All the debugging information a regular user needs is sent through syslogd. We also need the user-space daemon, devfsd, for nothing more than backwards compatibility at the moment. This saves having to edit /etc/fstab, plus it gives us the option of rebooting to a nondevfs kernel should it not work as expected. Debian users can just ‘apt-get install devfsd’, and nearly all distributions have packages for devfsd. If you’re a die-hard source user, then download it from ftp://ftp.atnf.csiro.au/pub/people/rgooch/linux/daemons/devfsd/ devfsd will only start up if /dev is mounted as a devfs directory, so if you decide to revert to a regular kernel you don’t need to worry about devsfd making a mess of your system. Usually, the init.d script will mount /dev automatically, and then proceed to check that it mounted correctly, so you don’t need to edit any other scripts in order to have /dev mounted at boot time. You do, however, generally need a /dev entry in /etc/fstab, as most scripts simply ‘mount /dev’. The appropriate entry would look similar to: devfs /dev devfs defaults,noauto 0 0 I Related files on SuperDisc PATH: linux easy to find and even easier to use. No longer do we have to figure out from dmesg if our CD-ROM drive is /dev/hda or /dev/hde, as it now lives in /dev/cdroms/0, which make so much more sense. The biggest advantage of devfs is when using it on large machines, with more SCSI adaptors than you can shake a stick at, and more hard drives for ever more. Accessing an individual partition on any drive by host adaptor ID, Bus ID, drive ID, and finally by partition number, saves on admin time and stress, as opposed to an arbitrary letter. There are also numerous improvements for users of USB hardware; all USB devices are organised nicely, separated from their PCI cousins, so you know if lp0 is really a printer, or a parallel port sending your data out into the ether. This month we’re going to find out how to set up devfs on a Linux system, and we’ll look at how the device directory works on a Unix system. PCP Dave Coulson dcoulson.pcpmag.co.uk NEXT MONTH David Coulson will be looking at IP tunnelling for VPNs and mobile IP 194/PCPlus.co.uk #191 As devfs handles all of /dev, you can remove any fstab entry for /dev/pts, and you don’t need to compile in support for the devpts file system in the kernel any longer, although you will still want support for Unix98 PTYs selected. At this stage, you can reboot the machine and it should come back up correctly with /dev mounted as a devfs file system. It’s worth checking that all of your partitions were mounted, which is an indicator that devfsd is working correctly, otherwise you will need to track down using ‘dmesg’ the reason why it isn’t working. You’re probably wondering what the point of all this is, but devfs has many advantages, although most are only noticeable once you start using modular kernels or have hot-plug devices. The EXPERT LINUX ndevfsd not only offers backwards compatibility with old-style /dev entries, but also gives greater flexibility with permissions. ndevfs is rather complex, particularly if you're wanting to customise it, but fortunately there is plenty of documentation. most basic thing devfsd can do is automatically load a kernel module for a specific device when someone tries to access the /dev entry for it – nothing especially new, but when the /dev entry does not exist in the first place, it makes life a little more complex. Our first CD-ROM drive lives under /dev/cdroms/cdrom0, which won’t exist unless you have the ‘cdrom’ module, and any extra modules you need for the support of cdroms on the system. If you try to mount /dev/cdroms/cdrom0, the devfsd daemon will try to modprobe for ‘/dev/cdroms/cdrom0’, assuming /dev/cdroms exists, otherwise it will start with ‘modprobe /dev/cdroms’. We want it to load all of the relevant modules when we access anything in /dev/cdroms, so we can alias all entries in /dev/cdroms to the actual /dev/cdroms directory: probeall /dev/cdroms scsi-hosts sr_mod ide-probemod ide-cd cdrom alias /dev/cdroms/* /dev/cdroms to allow any user to access the soundcard, you would normally simply chmod the /dev/dsp device. Thankfully, devfsd has a number of methods to ensure that permissions are set up correctly when entries are created by devfs. The configuration file /etc/devfsd.conf, or /etc/devfs/devfsd.conf under Debian, is used to configure the functionality of the devfs daemon and to set up permissions, module loading and permission storage. The simplest way to set up permissions is to use a REGISTER entry in devfsd.conf, which is called whenever a /dev entry is created. It’s worth remembering the security implications of setting devices to global r/w, so instead the general devfsd configuration sets entries to be owner and group r/w, and each different type of device, such as audio, video, disk, terminal, and so forth. If you want to permit a user to have access to a specific device, it’s far safer to add them to the group, rather than chmod the device 0666. devfsd.conf is clever enough to make use of regular expressions, avoiding the need to list each /dev entry. For all entries in /dev/sound, the REGISTER line looks like: REGISTER ^sound/.* PERMISSIONS root.audio 0660 Rather than using your regular /etc/modules.conf, devfsd will use /etc/modules.devfs, or /dev/modutils/devfs on Debian. Generally, a devfsd installation will have entries for most common /dev files, so unless you’re using uncommon modules or want to rearrange things, don’t worry about changing the module loading preferences. The biggest issue with devfs is permissions and access rights for /dev entries, as they’re not saved between reboots. If you want Whenever a device node in /dev/sound is created, it is automatically chowned to root.audio, and its permissions set to www.futureforums.co.uk/pcplus ,16-bit devices in a 32-bit world Devices under Linux are a little confusing, so what do all the numbers mean? number. So, /dev/hda5, which is the fifth partition on the master drive on the first bus has a major of three, and a minor of five. brw-rw—— 1 root disk 3, 0 May 5 1998 You might be thinking that this is going to give us a huge number of devices, but Linux is in fact running /dev/hda out of major and minor numbers for devices. The ‘b’ in the permissions suggests that /dev/hda is a Particularly where one has a large system, with many block device. As well as block devices, there are also hard drives, and is making use of LVM, the lack of character devices, such as terminals, serial and parallel extra minor numbers is a problem. The major can be ports, and mice. Each device, be it character or block, between 0 and 255, as can the minor, which gives us has two numbers defining it. The first, known as the a 16-bit descriptor for any device under Linux, totalling major, specifies the type of device, so all hard drives, around 65,536 different devices. At first glance this is and their partitions, on the first IDE channel have the a huge number, but as they are allocated in groups of major of three. All devices on the second IDE channel 256, any individual device group can only have 256 have a major of 22. As well as a major, devices have different minor numbers, which can be an important a minor number, which is simply a way to further limiting factor. The expected future for Linux in order discriminate devices, and with an IDE hard drive, the to solve this problem is to use 32-bit numbers for the nIf you've ever wondered quite what the obscure master drive on the bus has a minor of zero, and each major and minor, giving 64-bit device references, numbers mean for /dev entries, devices.txt from the partition on it has a minor equal to its partition kernel knows all. which should be more than enough, for now. If you’ve ever looked in /dev, whether using devfs or not, you’ll have noticed that all of the files look like: # 191 PCPlus.co.uk /195 LINUX WORLD ,USB devices under devfs Hot-plug devices with devfs make life so much easier O nA single kernel option and your /dev directory is nice and neat. 0660. Entries in devsfd.conf automatically have the /dev/ stripped off; remember that not all devices are straight off /dev, which is why we use ^ at the beginning to ensure that only top-level directories within /dev are affected. If you want to change permissions by hand and have them saved between reboots, create a ‘dev-state’ directory, where /dev entries are copied to when they are created or changed, and entries are copied from when they are registered. All you need in devfsd.conf to enable this is: REGISTER ^pt[sy] IGNORE CREATE ^pt[sy] IGNORE CHANGE ^pt[sy] IGNORE DELETE ^pt[sy] IGNORE REGISTER .* COPY /dev-state/$devname $devpath CREATE .* COPY $devpath /dev-state/$devname CHANGE .* COPY $devpath /dev-state/$devname DELETE .* CFUNCTION GLOBAL unlink /devstate/$devname RESTORE /dev-state ne of the fancy things about devfs is that for USB devices, it will create the /dev entry for it on the fly when the module is loaded, either by hand, or by using a hot-plug device. Of course, if you try to access the device, devfsd will load the appropriate modules, rather than having everything fall to pieces right in front of you, but if you decide to plug in a USB mouse, /dev/input/mice will magically appear out of the ether for you to use. There has always been confusion in the past with the major and minor numbers for many USB devices, and certainly beginners had no idea what they were supposed to use. However, USB is a little special, as it has its own version of devfs, known as usbdevfs, which gives access to devices which would not normally have a regular /dev entry, such as digital cameras, for instance. This gives far nUSB devices have their own devfs implementation mounted at /proc/bus/usb greater flexibility, particularly when it comes to permissions, because you only need to change the access rights of a file in /proc/bus/usb to permit a non-root user to read or write from a device, rather than having to do something a little more complex. We also need to hack whatever script is mounting our /dev directory, so we can enable VFS binding: mount —bind /dev /dev-state mount -t devfs none /dev devfsd /dev ,Oops! That’s not right devfs might be very fancy, but some things just don’t like it %Software-RAID can work happily with the new-style device locations, but other things may have a few problems. $devpath is the full path to the /dev entry, and $devname is the same thing, but with /dev/ removed from the beginning. These variables are also useful for creating symlinks to more friendly device names, such as /dev/cdrom, without impacting on the rest of the devfs system. Each symlink needs two devfsd.conf entries, one to create the symlink, and one to remove it. If we wanted to symlink /dev/cdroms/cdrom0 to /dev/dvd, we might do: REGISTER cdroms/cdrom0 CFUNCTION GLOBAL mksymlink $devname dvd UNREGISTER cdroms/cdrom0 CFUNCTION GLOBAL unlink dvd A similar method can be used to create symlinks for /dev/modem and /dev/mouse, although devfs is arranged in a much clearer way: REGISTER ^tts/0 CFUNCTION GLOBAL mksymlink $devname modem UNREGISTER ^tts/0 CFUNCTION GLOBAL unlink modem REGISTER ^misc/psaux CFUNCTION GLOBAL mksymlink $devname mouse UNREGISTER ^misc/psaux CFUNCTION GLOBAL unlink mouse Naturally, you will also want to set up an alias for each /dev entry you symlink, if its parent file is part of a loadable module, so that it is automatically loaded each time you access the symlink you have created. Full documentation for devfs can be found at www.atnf.csiro.au/people/rgooch/linux/docs/devfs.html Probably the first thing you’ll notice after using devfs is that you can’t log in as root from a virtual console anymore. Notwithstanding the rather desirable security implications of this, some people do really like logging in as root from scratch, so a little reconfiguration is required. /etc/securetty lists all terminals that are considered ‘secure’, which includes the virtual consoles that are started up when the machine boots. Without devfs, these are known as /dev/tty[0-5], but devfs refers to them as /dev/vc/[0-5], which is not recognised by securetty. You simply need to add ‘vc/0’, ‘vc/1’, and so forth to /etc/securetty, then PAM will happily let you log in from the console. A rather obscure problem is the use of a devfs described root, such as /dev/md/0, with LILO when you have a system which only permits the use of devfs devices. The ‘root=’ option in /etc/lilo.conf stores the major and minor numbers of the root file system when it writes the kernel to the MBR, which stops the system being able to mount the correct device. The quick fix is to pass a ‘root=’ command to the kernel, which is done in lilo.conf with an append: append=’root=’ 196/PCPlus.co.uk #191

Public Domain

downloads:12

rating:2(1)

reviews:0

posted:4/26/2008

language:English

search termpage on Googletimes searched

Linux File System

Linux File Structure

Linux Network configuration

The Layered Approach to Security on Linux

Linux Security IpTables

Building A Linux IPV6 DNS Server

SMS From Linux

Linux and The Internet

Linux Installation

Linux Partitioning

linux

Linux Viruses - ELF File Format

Linux Network Server-Firewall

Linux_Disk Quotas

Welcome to Linux Installation

Beat Hackers

10 Cyber Security Tips for Businesses

Survive and Prevent Virus Outbreaks

WhitePaper Virtual LAN Communications

Understanding VLANs

Personal VPN Comparison WhitePaper

Personal pcAnywhere Comparison WhitePaper

Name Resolution DNS Performance

Manage Traffic with Iproute

Dynamically Routing with BGP4