Yet Another Linux Introduction

Basics

Every directory has two special subdirectories called "." and "..". "." always points to the same directory itself, so "/path/to/./././" is e qual to "/path/to/". ".." points to the parent directory, so "/path/to/../" equals "/path/".

Files and directories with names starting with a periode "." are hidden by convention. Usually they are not listed by ls and file dialogs. Note that this is not a file system function but only a convention. You can see all hidden files with the "-l" parameter of ls

ls -la

Give it a try in your home directory, you will be surpriesed!

Every program has three file descriptors when it is started. These are

Number	Name	Description
0	stdin	input to the program
1	stdout	output of the program
2	stderr	error messages of the program

That means, that every (console) program writes it output to stdout and gets its input from stdin. Error messages are written to stderr. These file descriptors can be redirected, see below.

An important feature of Linux is, that everything is a file. This means, that every device, every pipe, ... is a file. The hard disk is usually the file /dev/hda, its first partition is /dev/hda1, and so on. The directory /dev/ holds lots of "special" files, called device nodes. The device "/dev/null" is the Nirvana. Everything written to /dev/null is ignored (and thus lost). See here how to redirect error messages to /dev/null.

Programs usually get command line parameters when executed. There are option parameters. These have a long form, e.g. "--recursive", "--invert-match" and a short form "-r", "-v". Short forms can always be combined, e.g. "-rv" (for "grep"). Some options need an additional parameter, e.g. "--file=FILE" or "-f FILE". In this case the "-f" must be the last one in a combination immediately followed by the parameter, e.g. "-rvf FILE". Long forms can not be combined.

If a command expects a file name as its parameter, it is always the last one. This is necessary, because most programs can accept one or more file names, e.g. "grep -v pattern FILE1 FILE2". How this is used by the shell is documented here.

Getting Help

The Program Explains itself: --help

Nearly every program can be executed with the command line parameter --help.

The Manual: man

The most power full features of Linux are the manual pages. Every (!) program is documented in quite extensive manual pages. You can access them with

man program

where program is the name of the program, e.g. grep, head or even man itself. Go on, give it a try! Manual pages are usually viewed with less (see below). To quit type the [Q] key.

Man pages are organized in 8 chapters. Sometimes there are man pages with the same name in more than 1 chapter, then use e.g.

man 3 printf

for the LibC function printf().

To search a tool for a certain task, e.g. to download a file from the internet, use

apropos download

This searches in all one-line-descriptions of all manpages.

The Info Pages: info

Many programs additionally have info pages. This documentation is usually more verbose than man pages and organized as hyper text (with links, ...). Usage:

info program

where program is e.g. nano, gdb or even info itself.

Terminal

Unix terminals (XTerm, Konsole, Eterm, RXVT, the text console, ...) are feature rich. E.g. they can display colors, move the cursor, ... The most often used feature is the backtrace of the output. When the screen is full and more lines come, the screen is scrolled. You can look what was before by pressing [Shift]-[PgUp] and [Shift]-[PgDn]. A certain amount of lines is kept in the buffer.

Pattern Search: grep

grep is used to search strings inside of files. The pattern to match is given as a regular expression. Grep searches line by line. It is used

grep pattern file1 file2 ...

Usually you want to put the pattern in quotes (e.g. "foo.*bar")
The option '-v' inverts the match, so all lines not containing the pattern are printed to stdout.

File Comparision: diff

To compare two text files, diff is used. Give it two file names and both files are compared. If the files are identical, diff will not print anything.

diff file-old.ext file-new.ext

You can use the command line parameter -u to get a unified diff which is somewhat more beautiful and readable. To search recursively, use the paramter -r (Note: both items given to diff must be directories then).

diff -ru /path/to/old/ /path/to/new/

File Patch: patch

patch uses the output of diff -u to apply a difference to a file or directory tree. This is used to transfer small changes of huge files or directory trees.

Filesystem Mounting: mount and umount

In Unix there are not drive letters but there is a single directory tree. Different partitions, floppies, USB sticks, ... are mounted to various directories (so called mount points). Every directory can be a mount point, even directories with files and subdirectories inside. These are hidden while it is used as a mount point. You mount a partition with

mount -t fstype /dev/xxx /path/to/mount/point/

where fstype is the file system type (e.g. vfat. ext3, reiserfs) and /dev/xxx is the device node (e.g. /dev/hda1, /dev/sdc1, ...).

Execute mount without parameters to show all currently mounted volumes.

To release a mounted volume, use the command umount (note the missing n!).

umount /path/to/mount/point/

This will fail if the volume is still used, i.e. any program has a file or directory on the volume opened or the current working directory of any program is inside the mounted volume.

Kernel Messages: dmesg

The Linux kernel has an internal buffer to store debug and status messages. This buffer can be displayed with dmesg. Usually only the bottom of its output is of interrest.

Text Tools I: cat, head and tail

To display the content of a text file, use cat.

cat filename

This is not an animal but the short form of concatenation. This comes from the usage of this program to concatenate several text files.

cat filename1 filename2 filename3 > totalfile

Text Tools II: sort, join

A text file can be sorted with sort.

join is used to join two sorted text files side by side by a key. Think of a file with the content

1 Eins
2 Zwei
3 Drei
4 Vier
5 Fünf

and another file with the content

1 One
2 Two
3 Three
4 Four
5 Five

then these two files can be joined to

1 Eins One
2 Zwei Two
3 Drei Three
4 Vier Four
5 Fünf Five

by the command

join file1 file2

Text Tools III: tr and sed

To replace certain characters in a file (or data stream), use tr.

tr 'abc' 'ABC' < filein > fileout

Note that tr can't use file names so you have to redirect its stdin and stdout. The above line translates every 'a' to an 'A', every 'b' to a 'B' and every 'c' to a 'C'.

The Stream EDitor sed is way more powerfull than tr. It supports a stream editing programming language which is explained detailed in its man page and lots of books. We just discuss how to substitute strings inside of a stream or text file.

sed -r 's/pattern/replacement/' < filein > fileout

The pattern is any valid regular expression. If you paranthesize certain parts of the pattern, e.g. ^[[:space:]]*([a-z]+).*$ this part can be referred too in the replacement with \1, \2 and so on.

Pager: more and less

When using cat to display the content of a file or when a tool prints lots of text to the screen it is inconvenient to use the terminals scrolling capability to scroll back. Therefore a pager is used. The file or stram is read by the pager and displayed page by page.

The first available pager was more. By pressing the [Space] key it forwards (screen) page by page. The key [Return] forwards line by line. Note that you can not scroll back upwards nor search the test.

This limitation is removed by less (note the pun). You can scroll with the arrow keys, [PgUp], [PgDn], [Home], [End]. To search simply type [/] and then the phrase. All matching words are marked and you can jump from one to the next with the [N] key. Type [h] for less' internal help.

Use your favourite pager with

less filename

or

program_with_lots_of_output params | less

Less accepts the option -S (capital S). Then it doesn't wrap long lines on the screen.

BTW: When viewing man pages, you are using your $PAGER (usually less)

Other Tools: ls, find, locate, sleep

To list the content of a directory, use ls (short form of list, unix guys are lazy :-) ). It accepts many parameters. The most usefull are

Parameter	Effect
-a	display all files, including hidden files
-A	display almost all files, including hidden files except . and ..
-l	display in long format
-1	display one file name per line
-d	display the directory name instead of its content
-S	sort by file size
-t	sort by file date
-r	reverse sort order
--color=auto	color file according to their type

With find you can find a file which matches certain conditions in the current and all deeper directories. Usage:

find . -iname 'pattern'

where pattern is a glob pattern. Find can also search for certain file types (e.g. only directories), file sizes, dates, ... Please refer to its extensive man page for the options.

To search a file on the whole hard disk, find is very slow. Therefore a find index is stored somewhere and locate is used to search through it. This index is sometimes outdated, but global files should not change too often. locate is a substring search in the index, you can't use globs or regular exprssions. -i searches case independent.

sleep just waits for a number of seconds (here: 3.2 seconds)

sleep 3.2

You can use integer and float values.

File Tools I: cp, mv, rm, cd, pwd, mkdir, rmdir, chown, chmod,

Command	Purpose
cp	copy a file, -r is recursive
mv	move or rename a file, this is always recursive
rm	remove a file (but no directorry), -r is recursive
cd	change the current woring directory
pwd	print the current (present) working directory
mkdir	create a new directory, -p is recursive
rmdir	delete an empty directory, use rm -r for non-empty directories
chown	change the owner (and group) of a file, usage: chown user:group filename, -R is recursive
chmod	change the access permissions of a file, usage: chmod 0644 filename, -R is recursive

Process Tools: ps, kill, killall

To list running processes, use

ps

To see all processes and more information, use

ps faxuw

Terminate a process with

kill pid

with the process' process ID (PID). This sends the "SIGTERM" signal to the process which can then exit gracefully (write edit buffer to to file, ...). If the process has crashed badly and doesn't react on the SIGTERM (or it intentionally ignores the signal) you can kill it with

kill -9 pid

which sends the SIGKILL signal. The process cannot ignore this signal and can not exit gracefully.

kill always needs the PID, which is tedious to find out using ps. killall accepts the process name instead

killall myprogram

You can use the -9 option here too.

Network Sockets: netstat

The program netstat shows all open network connections. Use the option '-n' to avoid reverse address lookups (IP -> hostname), '-a' to include listening sockets, '-t' to only show the TCP connections, '-u' to only show the UDP connections, and '-p' to include the program which is using the connection.

netstat -anpt

Network Scanner: nmap

With nmap the open TCP and UDP ports of a remote host can be scanned.

nmap hostname

Network Sniffer: tcpdump and Ethereal

With tcpdump the traffic at a network card of the particular machine is sniffed and printed (beautifully) to the screen. You can supply filters to pick up only the traffic you are interrested in

tcpdump -n
tcpdump -n -i eth1
tcpdump -n udp
tcpdump -n icmp
tcpdump -n not port 22
tcpdump -n tcp and port 80

Use Wireshark as a graphical network sniffer and protocol analyzer. You can also use tcpdump on a remote machine to store the sniffed packets into a file ('-w' option) and then load this file on your local machine with Wireshark for an offline analysis.

Editors: joe, vim, nano, kedit, kate, gedit, gvim, xemacs

My favourite editor is joe, because it is similar to WordStar (i.e. old Turbo Pascal editors). Type [Ctrl]-[K] [H] to fade in its help. nano is similar to the non-free pico. The most feature-rich editor is vim (V IMproved), but it is rather tedious to lern. All these editors are pure text editors executed in the terminal window.

kedit is the default editor of the KDE Desktop Environment. I recomend kate which is more powerful, especially for program development.

Gnome's default editor is gedit. gvim is a graphical frontend to vim.

For editing VHDL files I strongly recommend XEmacs with its powerful VHDL mode.

User Management: su, getent, w, id, whoami, last

To change the current user, use su (Substitute User)

su - username

Only ''root' can do this without knowing the other users password. If you want to get root, you can simply omit the username.

The program getent displays entries of the administrative databases. Usage

getent database [key ...]

where database is one of passwd, group, hosts, services, protocols, or networks.

With w you can determine who is logged in and what he is currently doing.

id shows the current UID and GIDs.

whoami shows the current user's username.

With last all previous logins and logouts are listed (up to a certain point in the past). This is read from the file /var/log/wtmp. Programms like login, su, ssh, ... append entries to this (binary) file.

Misc: mknod, mkfifo, strings, file,

To create device special files (usually in /dev/) use mknod. For named pipes you need mkfifo.

The program strings filters all text strings from a binary (e.g. executable) file.

The command file uses magic to determine the type of a file (see also man magic). In Unix file types usually are not dependent on their file name (extension) but only on file content.

Filesystem: df, du

With df (Disk Free) all mounted partitions are shown including the used and free space. The numbers are blocks, usually 1kiByte blocks.

du (Disk Usage) displays the size of a directory and all its subdirectories.

Packing: zip, unzip, tar, gzip, bzip2

Command	Purpose
zip	compress files/directories into one zip archive, Usage: zip archive.zip file1 file2 *.txt zip -r archive2.zip src/
unzip	uncompress an archive into the current directory, -l just lists the content of a zip file
tar	Tape ARchive, similar to zip/unzip, Compress: tar cvfz archive.tar.gz files..., eXtract: tar xvfz archive.tar.gz, Test (=list): tar tvfz archive.tar.gz, internally calls gzip, replace the 'z' by a 'j' (and '.gz' by '.bz2') to use bzip2.
gzip	compress single files with the GZip algorithm, every file gets is compressed and gets the (additional) extension '.gz'
gunzip	uncompress .gz files
bzip2	compress single files with the BZip2 algorithm, every file gets is compressed and gets the (additional) extension '.gz'
bunzip2	uncompress .bz2 files

Calculator: bc

Usage:

bc -l

(-l enables floating point calculation) Type in a formula and get the result.