Information about Linux

Network resources


Some questions from inside Corel

How to pronounce Linux properly?
Perhaps the most official pronounciation would be the one from Linus Torvalds, the creator of the Linux operating system himself. Here, he pronounces it "LEE-niks".
How many lines of code are in Linux 2.2?
If you include all the code written, there are 2.1 million lines of code. Most of us only use a fraction of these in our kernel, so a typical Linux install is based on about 800,000 lines of code. About half of these are descriptions or comments.
The new 2.4 kernel has about 2.7 million lines of code, with a typical install being based on about 980,000 lines of code.
What makes up Linux?
Linux (the kernel) is a fairly small operating system. It manages
  • memory
  • programs
  • users
  • files
  • network connections
  • devices
  • time
  • and that's all. It does not look after email, databases, graphics, printing, multimedia and all that other stuff that makes operating systems get big.
    Linux (the kernel) is made of 5 main sections:
  • startup code
  • memory management and task management
  • files
  • network activity
  • devices
  • What makes Linux so modular?
    Bits of the kernel that can be separated off can be loaded and unloaded as the system is running. These are "modules".
    Much of the internal design of the kernel is based on treating most "things" as files. For instance, if I plug a USB keyboard into my system while it is running, the USB-console module simply connects to the kernel as a new file, and the kernel "opens the console file" and "reads" the keystrokes out of the module. Easy, because there isn't that much special code written just for the old-style keyboard.
    Here's a list of things that can go in modules:
  • usb devices
  • pcmcia devices
  • IDE devices
  • SCSI devices
  • filesystem drivers (come to my Into-To-Linux talk!), including CD-ROM, NTFS, OS2FS, HFS, HPFS
  • ip forwarding filters (come to my Linux-Networking talk)
  • serial, parallel, mouse, infra-red drivers
  • What is the difference/advantages/disadvantges between compiled in device drives and loadable modules?
    As a rule, you want to put as much of the kernel code into modules as possible. The only thing that has to go in the kernel is the devices required to spin up your main disk. [That's because the modules are stored in files on your main disk, and you can't get at them until the system has spun up the disk.] That means you probably want EXT2-filesystem, and IDE-drivers and maybe SCSI-drivers built in to the kernel.
    This keeps the kernel small, so it loads faster. In some cases, you can actually upgrade a module with bug-fixes, if the buggy module can be unloaded and the bug-free module loaded.
    Why can't we mix a loadable module from say 2.2.12 to 2.2.14? (Perhaps explain force loading too.)
    The kernel is always changing. There are big changes from 2.2.12 to 2.4.0; there are small changes from 2.2.14. Sometimes a change may make modules incompatible. To inhibit you from using modules from the wrong version, the kernel checks the module version before it allows an install. If you really know what you're doing, you can force a module to be installed in the wrong kernel, as long as there is enought information in the module to actually load it.
    Version dependent and version independent modules - how to build this and what is the significance?
    In the above paragraph, I mentioned that the kernel checks the version of the module. Around 1998, some programmers felt that one check wasn't enough, so they check each subroutine entry for version. This makes it much more difficult to bring an incompatible module into a running kernel. But it also makes it much more difficult to bring in a compatible module, even if you are sure that it is safe. This is the price of safety.
    How to apply a patch to the kernel? (Maybe go with the USB example?)
    The GNU patch system allows you to download a large project (like the Linux kernel: 12Megabytes, thousands of files) and then use a "patch" file to modify the project. A patch file can be a few hundred bytes or a few hundred thousand bytes. It can affect hundreds of files. The "patch" file is "applied" by running commands like:
    cd /usr/src/linux
    patch -p1 <name-of-the-patch-file
    Often, patch files are compressed, and have filenames such as patch-2.4.0-test1.gz
    What do all these mean: bzImage, zImage, bzDisk...etc
    To get your machine started, the LILO boot system has to find the kernel code and load it; once the kernel is runing, the kernel can take over and load its modules.
    The kernel is about a megabyte of code. To save space on your hard disk, the kernel is often compressed. There are two popular forms of compression: the gzip form is used to make a file called zImage (or vmlinuz), and the bzip2 form is used to make a file called bzImage. In either case, the file usually gets moved to the /boot directory, and then LILO is re-initialized to that LILO knows where to find the new kernel.
    If you want to make a "rescue" disk on floppy, you would use the bzDisk file to create the floppy.
    Where is the location of the kernel in a run time system
    The kernel is usually located on your main hard disk, in /boot/vmlinuz-2.2.14 (or something like that). There is probably a symlink at /boot/vmlinuz that points to the real file. [If you ever get to the point that you have multiple kernels on your computer, you can always refer to /boot/vmlinuz to point to the most recent kernel]
    The compressed kernel is loaded into physical address 0x0010.1000, and that is expanded into physical address 0x0000.1000.  The first few block have special uses, including boot page tables. The zero page is at 0x0000.5000.
    Once the memory manager starts, these numbers become irrelevant.
    How does a boot manager work? What is LILO?
    LILO is the boot manager that most of us use. It's located near the beginning of your hard drive, where the bios normally would expect the DOS boot code. LILO starts up right after the bios, and pauses for a few seconds to allow you to select boot options. Then it goes into the disk and fetches the kernel off the disk, and launches the kernel. Once the kernel is running, LILO ceases to exist.
    When LILO is started, it has no concept of the disk layout. Subdirectories and files are meaningless. LILO bases all of its disk access on "sectors". A list of boot options and alternative kernels is built into the LILO program.
    Once the computer is up and running, the kernel is aware of subdirectories and files. If you install a new kernel into the /boot directory, you can modify the LILO config file /etc/lilo.conf, and tell LILO to rebuild its tables, by running
    For more info, see
    What is loadlin?
    [from the HowTo] The other commonly used Linux loader is `LoadLin' which is a DOS program that has the capability to launch a Linux kernel from the DOS prompt (with boot-args) assuming that certain resources are available. This is good for people that use DOS and want to launch into Linux from DOS.

    What is a daemon? Run through all the important daemons in Linux (before X starts)
    When a Linux system is starting up, there are dozens of little programs that are executed. In a Debian/CorelLinux system, these are in:
    and in a RedHat/Mandrake system, these are in
    Most of these programs do simple little things, like:
    copy the current time from the time chip, into the kernel
    set the "hostname" in the kernel, for networking
    turn on the network modules
    check the hard disk for consistency
    Some of the programs hang around, continuing to run. Some of these are:
    apache (aka httpd, the Web server)
    proftpd (the FTP server)
    smbd (the Win32 file server)
    rpc.nfsd (the Linux file server)
    crond (the background timer system)
    apmd (the power management system)
    These are called daemons. I don't know why. Here's a definition from the net: "A program that is not invoked explicitly, but lies dormant waiting for some condition(s) to occur." Notice that all these programs have names that end in "d", just as a reminder to the reader.
    What is FHS? Run through all the important FHS directories.
    The File Hierarchy Standard defines what files go into what directories. For more, come to my Intro-To-Linux talk. Or go to Filesystem Hierarchy Standard
    File compatibility?
    Linux can read files from disks created by other operating systems. The module name is shown
    Microsoft Win3/Win95/Win98 vfat
    Microsoft WinT3/4/5 ntfs
    Microsoft Network smbfs
    OS/2 hpfs
    Mac hfs
    Sun nfs
    Acorn adfs
    CDROM iso9660
    Novell ncpfs
    How do I add a RAM disk?
    First, why do you want one? In the old DOS days, it made sense to use a RAM disk for temporary storage, or for high speed files. In Linux, these things are built-in to the main system, so you don't need a RAM disk nearly as much.
    Still, if you insist, have a look at /usr/src/linux/Documentation/ramdisk.txt To summarize, most Linux distributions, including CorelLinux, come prepared with ramdisk software already loaded. All you have to do is
        mke2fs /dev/ram0
        mount /dev/ram0 /mnt/ram
    The first line will prepare the ram disk to hold files, and the second line bind the ram disk into your system. By default, most ram disks are 4 MBytes, but you can change that by a rebuild of the kernel.
    What is initrd?
    Some single-floppy versions of Linux will boot up by starting the kernel, and then loading a single file "initrd" into memory,  and mounting that single file as a ram disk. Once mounted, the ram disk appears to have dozens of files, the files required by Linux to complete the boot process. These include config files and libraries.
    What is NFS?
    Network File System was developed by Sun. This is the preferred way to share computer resources in a Linux environment. Here's a quote from a NFS faq:
    Network File System (NFS) is file system that will mount remote file systems across homogenous and heterogenous systems. NFS consists of a client and server systems. An NFS server can export local directories for remote NFS clients to use. NFS runs over IP using UDP (commonly). There are NFS implementations that will work using TCP as the network transport service. NFS was originally developed by Sun Microsystems Computer Corp. (SMCC) and is now part of their Open Network Computing (ONC) initiative. NFS has been accepted by the IETF in certain RFC's (RFC 1094 - NFS: Network File System Protocol Specification) as a standard for file services on TCP/IP networks on the Internet.

    What is Samba? What is the difference between Samba and smbfs?
    Samba is a generic term used to refer to several forms of network file sharing, all which allow sharing to/from Windows type servers. The Microsoft term for their network protocol is Server Message Block (SMB) protocol, also called the Session Message Block, NetBIOS or LanManager protocol (you know how MSoft likes to change the name of things every few years).
    The various aspects of samba are (in historic order)
  • smb access suite
    • includes programs like smbclient and smbspool, which allow Linux users to access Windows files and printers
  • smb server
    • allows Linux users (as root) to make their files and printers available to Windows users
  • smbfs
    • allows Linux users (as root) to mount Windows shares as part of their file system, the same way you mount a floppy or cdrom
    All three of these groups are based on the same original code. Obviously, the third system (the smbfs) makes the first suite sort of obsolete. See also
    What is the root file system?
    As the kernel is booting, it needs access to files. The first disk that the kernel searches for files is called the root file system. Usually, that will be your main hard disk, but through LILO, you can change the kernel to use a floppy, a cdrom, a zip drive or even the network. NOTE: The first few files that it needs are /sbin/init and /etc/inittab.
    What is root?
    Any time you are using a Linux system, you are logged into the system as a user. If you are at the keyboard, you are probably logged in as yourself. If you are surfing into a Linux machine, you are logged in as nobody. If you are getting files from a Linux FTP site, you are logged in there as ftp.  In all three cases, you are restricted in what you can do on that machine.
    To allow full access, you can "log in as root". The easiest way to do that is to type "su -" at the command prompt. (You will need the password). NOTE: as the system is booting, most of the startup programs are run as root
    What are the different modes of password support and encryption options (normal, shadow, NIS+, DES, MD5, crypt16, RADIUS)
    Every time you log into a Linux system, you are asked for a password.
    Originally, passwords were stored in a file called /etc/passwd. For certain obscure reasons, that file has to be made visible to anyone logged into the system. To avoid passwords being stolen, the passwords themselves were moved to another file, called /etc/shadow.
    In a network situation, you can have your login password checked by a central computer; that way, you can wander around the building and login wherever you chose. The Solaris/Sun way of doing this is called NIS+ (Network Information Service Plus).  Some ISP's use Remote Authentication Dial In User Service (RADIUS) .
    Passwords used to be stored using a scrambling technique called DES. Newer Linux's use a more secure scrambling called MD5. Some systems use a third technique called crypt16 or bigcrypt.
    You can configure your Linux system to use any of these login schemes. The module that coordinates this flexibility is called PAM.
    What is bash?
    When we want Linux to do something interesting, we start a program. In between times, Linux is waiting for us to tell it what to do. If you are running a graphics screen, the "window-manager" program is waiting for you to move the mouse and start a program. If you are running from the command line (or if you have command-line windows open), the "shell" program is running, waiting for you to type something. The most popular "shell" is bash. Bash handles your typing, including back-space, and figures out which program you want to run.
    What is PS1?
    Every time bash is ready for you to type, it starts the command line with a little greeting. By changing PS1, you can control the greeting. For instance, the command
        export PS1='\h:\w\$ '
    causes my command-line to look like:
    The command line
        export PS1='\u(\t) '
    causes my command line to look like:
    See the bash man page.
    What is cron? Explain its config files?
    One of the services that starts up when your machine is booted is the CRON daemon. Cron wakes up every minute, and performs any outstanding scheduled tasks. (Usually, tasks are scheduled for 3 or 4 AM, to avoid disturbing you.)
    There are two sets of config files that are used. There is a set of directories called /etc/cron.daily, /etc/cron.weekly and /etc/cron.monthly. There are scripts in these directories which are run at the appropriate frequency. These do things like
  • make backup copies of your samba password files (/etc/cron.daily/samba)
  • rotate your apache logs, to keep them from getting too big (/etc/cron.daily/apache)
  • restart your printer (/etc/cron.weekly/lpr)
  • clean out any cached files in the man viewer system (/etc/cron.weekly/man-db)
  • There are also script files which you can create per user. Users can edit their cron files by issuing this command:
        crontab -e
    For instance, I have a cron job at home which wakes up every 5 minutes, checks my email and plays some music if there is mail waiting.
    What is vi and why so many people either hate/love it?
    vi is a text editor. Text editors are important in Linux because so many config files are in text. vi has a unique set of commands which must be memorized in order to use vi effectively. Now that graphics editors (with menus and toolbars) exist, people don't need to memorize as many command keys to get their work done.
    Quick run through of file permissions
    Every file in Linux has some special properties:
  • when it was last modified
    • this is commonly know as the file date
  • when it was created
    • these dates are usually hidden in the system; you can see them with  ls -l --time=ctime
  • when it was last used
    • these dates are usually hidden in the system; you can see them with  ls -l --time=access
  • who owns it
  • the "user group" that has access to it
  • permissions
    • for the owner of the file
      • whether they can read, write or execute the file
    • for other members of the "user group"
      • whether they can read, write or execute the file
    • for anybody else
      • whether they can read, write or execute the file
    • whether the program should be executed as if the owner is using it (suid)
  • type
    • files in linux are usually containers of data; most files are like this
    • other special files include
      • directories can "contain" other files
      • symlinks point to other files
      • pipes are filenames on the disk, but their data is not stored on the disk; the data stays inside the kernel
      • sockets are just like pipes, except the programmer using the socket uses it slightly differently
      • block devices are filenames on the disk, but their data is a floppy, IDE, SCSI or zip drive
      • char devices are filenames on the disk, but their data comes from a linux device, like the keyboard, mouse, infrared, parallel port, serial port, clock chip, VGA, USB, etc.
    When you type dir at the command prompt, you get back lines like this:
    -rw-rw-r--  1 patb     patb          54 Jun 13 00:23 README.txt
    ^^  ^  ^      ^        ^              ^ ^            ^
    ||  |  |      |        |              | |            |
    ||  |  |      |        |              | |            +-filename
    ||  |  |      |        |              | +--------------date (last modified)
    ||  |  |      |        |              +----------------filesize
    ||  |  |      |        +-------------------------------group name
    ||  |  |      +----------------------------------------owner name
    ||  |  +-----------------------------------------------permissions for "world"
    ||  +--------------------------------------------------permissions for group
    |+-----------------------------------------------------permissions for owner
    +------------------------------------------------------file type: -file
                                                             d directory
                                                             s symlink
                                                             p pipe
                                                             S socket
                                                             b block device
                                                             c char device
    What is a SUID program? Why would an improperly written SUID root program be a security risk?
    Sometimes you want to let ordinary users start a powerful program. A program so powerful that it can touch many aspects of the system, and requires root priveledges to be able to execute. Linux has a special file marker called SUID which lets you mark programs of this type. Naturally, you only want to mark a program as SUID if you really trust it.
    What is a thread? Does Linux support threading?
    Most programs in Linux run independently. Each program has its own memory, files and permissions. [To learn more, attend my Linux Memory Management talk.] All the programs in the system take turns running, one after the other. Sometimes, programmers want two programs to take turns, but the two programs to share the same memory, files and permissions. So Linux has a special program type called thread, which allows programmers to do this.

    Does Linux support dynamic linking just like in Windows?
    Yes. And more. In Windows, you can only dynamic link to functions. In Linux, you can dynamic link to functions and data.
    Advantages of ELF over Windows' PE format?
    The binaries in a Linux system are store in ELF format. The format calls out how code, data and debugging should be stored. In Windows, the files are stored in PE format. These formats are very similar in what they can do. The ELF format has the ability to mark version numbers on each symbol (code or data), so that a program can dyn-link a library and select which version symbol it wants. On the other hand, the Windows PE format has a well defined format for storing GUI resource, such as menus, icons, bitmaps and strings.
    What is X? How does Linux and X compare with Windows?
    In Windows, programs are allowed to call into the Win32 programming interface for all kinds of services, including files, memory, network, graphics, multimedia, email, database, printing and so on.
    In Linux, the kernel only handles a few things. See above. The kernel does not know about graphics, windows, coordinates, colors or any of that GUI stuff.
    If you want GUI on your Linux system, you start another program, called X. When X is running, it handles all that GUI stuff. Your graphics apps talk to X through the kernel, using a socket. [This allows us to separate the graphics app from the X program, so that the screen-keyboard-mouse (all part of X) can be on a remote computer.]
    What are the two ways of starting X?
    Usually, X will be started for you. If you find yourself at the command line with no graphics, you can usually start X back up again with startx
     What is new in XFree86 4.0?
    Most of the 4.0 changes only affect programmers. The only affect that users should see is that things run faster, and more types of video cards are supported.
    For programmers:
  • new, unified /etc/XF86Config file
  • the X server can load modules; so now we all simply launch X, which can read the config file and decide which device module to load; note, however, that the binary format of the X device drive modules may not be ELF
  • multi-head support exists
  • Xpm is built into X
  • the text widget is way more powerful
  • What is IDE and what is SCSI?
    These are two ways to connect disks inside a computer. Each involves a specific type of chip on the mother board, a certain kind of cable, and a certain kind of disk. Some people think SCSI is faster. IDE is certainly cheaper.
    What is USB?
    The Unified Serial Bus is an attempt to standardize the connector cables that come out of the back of the computer. There are USB mice, keyboards, modems, network ports, scanners, printers, cameras and PalmPilots. At some point a few years from now, computer manufacturers will stop using the old connectors, and just use the new USB connectors.
    The USB wiring to your computer can carry a moderate amount of information: 12Mbps. Devices like cameras, network ports and slow disks or tapes can be connected to your computer through USB.
    Many computers have 2 USB ports on the back. If you need more, there are cheap "expanders" which convert 1 USB port to 4.
    What is Firewire?
    For some people USB is not fast enough. These people want Firewire; it's supposed to go up to 400Mbps. If you have a Mac, you probably have a Firewire port on the computer; if you have a PC, you may have to get a plugin card to get Firewire.
    The most common use of Firewire today is to connect digital video camcorders to your computer.
    There is some talk about increasing the speed of USB up to 480Mbps so USB may be a popular connector for some years to come. [USB is mostly Intel sponsored; Firewire is mostly Apple sponsored, but has the backing of the IEEE, and a 3 year head start]
    What kind of DVD support does Linux have?
    If you have a DVD drive installed in your Linux machine, the 2.4 kernels will be able to read any data disk (650MB cdrom or 3G dvd-rom). If you want to watch DVD videos on that hardware, you can:
  • purchase a DVD player card, such as the Hollywood
  • purchase a Linux software player
  • use one of the semi-legal Linux open source software players
  • Why is Linux is doing so well in the server space? What server services does Linux provides?
  • There are lots and lots of server programs available for unix-like system. These programs were written in a way that expects apps to be remote.
  • Linux source code is available, so bug-fixes and security-fixes can be discovered and installed quickly.
  • Linux is designed so that many small programs can be started quickly. This is perfect for a web server.
  • Linux is designed so that connections can be made through the keyboard, the serial port and the network port is a unified way. Remote maintenance is easy.
  • A standard Linux distribution includes these network services:
    • web server
    • ftp server
    • dhcp server
    • dns server
    • routing server
    • packet and port forwarding
    • samba file and print server
    • NFS file and print server
    • time server
    • telnet server
      • ssh server is easily installed
    Limitations of Linux 2.2
  • What is the maximum file size?
  • On the standard Linux disk, files are limited to 2G. When we go to 64 bit Linux (in about 3 years), this will be much bigger. Disks, however, can grow to enormous sized; there is a 36G disk system documented.
  • IBM is working on a JFS (Journalling File System) that will allow 4 penta bytes (4,000,000,000,000,000). When this is finalized, we'll be able to "roll back" our disk to previous version, undelete files, and have a very fast checkdisk.
  • What is the maximum number of files that can be opened (by each process or app)?
  • On a default CorelLinux
    • the maximum number of open files is 4096 (for the whole system)
    • each app can have at least 1000 open files (I tested it)
  • These limits can be changed with a rebuild of the kernel
  • What is the maximum physical memory Linux 2.2 can support?
  • The limit seems to be 2G, although you would be hard pressed to find a motherboard that can handle that much. There is a patch to allow the kernel to go up to 3.8GBytes.
  • What is the maximum memory an application can have?
  • 3 gigabytes
  • How many programs can be running at the same time?
  • 1024
  • in 2.4 kernels, >16,000
  • What is the maximum processors that it can support?
  • 16
  • What is raw i/o and why is it needed?
  • Raw block device access. There are a couple of programs out there, made by Oracle and IBM, that think they can do a better job of controlling the disk than Linux can. To let them "do their thing", recent Linux kernels have added this "raw" access. Not recommended for most people.
  • Limitations of Linux 2.4
    What is new in Linux 2.4?