Table of Contents
Sooner or later, you will find yourself in a situation that requires a change in your computer's configuration. You may find yourself installing a printer, scanner, or CD-burner. You may need to configure Internet access when you start or change Internet Service Providers. You may want to install or remove software from your computer, and you will certainly want to keep your software up to date with security fixes. In Linux, all these tasks are administrative: they require the use of the root account. Because they permanently change the configuration of your system, all of these tasks must be carried out with caution.
One way to deal with administrative tasks is to get somebody else to do them for you. Friends or family members who are familiar with Linux may be willing and able to do your system administration. The organization or individual who installed Linux on your computer may offer follow up support for free or a fee. You may be able to find companies who offer home administration services. The members of your local LUG (Linux Users Group) are another good resource for administration help. Getting other people to do your administration for you is a legitimate strategy -- it is the usual practice in corporate and academic environments -- but it can be expensive (if you hire professionals), unreliable (if your friends and family know less about Linux than they think), or both.
Even if you find others willing to administrate your computer for you, it is worthwhile to learn a little bit about system administration. A strong "Do it Yourself" ethic runs through Linux culture. People will generally be more receptive to helping you administrate your machine if you demonstrate that you are willing to learn and do some of the work yourself. Furthermore, understanding something about the situation will help you follow what your administrator is doing to your machine.
In many cases people are willing to share their experience and knowledge, but will be unable or unwilling to come to your computer physically and help you out. For example, a person living in a foreign company might help you via e-mail, but will not be able to log into your computer and fix things for you. [1] You will have to serve as an intermediary between your computer and the person helping you by typing in commands and relating the error messages and prompts that your computer displays. Knowing some basic system administration skills will help you do a better job of helping your helper.
If you are new to Linux administration, it is well worth finding a human mentor (or group of mentors) who will answer your questions and offer their advice. The reality of system administration is that it rarely goes smoothly. When you get stuck, a fresh brain and experienced set of eyes can save you days of frustration.
In addition to human help and this chapter, a large amount of written documentation exists about Linux system administration using the command line. A good place to start is the [DEBIAN USER REFERENCE], which may be installed on your computer already. [HOW DO YOU ACCESS THIS?] Additional help resources are listed [WHERE].
Fpr better or for worse, many administrative tools assume a familiarity with the command line, so the first section introduces the command line and some useful utilities from a user's point of view. We then discuss how to become the root user, and then move into a long list of administrative tasks, including setting file permissions, installing software, and changing the date and time. [FINISH ME]
Although graphical tools exist for some administrative tasks in Linux, the interface of choice remains the command line shell. There are some good reasons for this. The command line has thirty years of history behind it. In some ways -- such as manual pages -- it certainly shows its age. However, over the decades people have refined the command line into an efficient, powerful interface. A lot of good tools exist for the command line that do not exist in GUI format. This situation is unlikely to change anytime soon. For this reason alone it is worth becoming comfortable with using the command line.
One of the biggest advantages of the command line interface is that it is scriptable. The command line shell supports an entire programming language which makes it possible to automate repetitive or tedious administration tasks. Programs that are run in the command line can often be chained together using pipes to solve difficult problems. Although you may not need to write scripts or complicated pipelines yourself, the scripts others have written will make your administration life easier.
To get a command line, select -> [DID THIS CHANGE TO "command line shell"? ] from the IceWM program menu. A command line window with a shell prompt will appear. [MAKE SCREENSHOT]
By default, the command line prompt looks like this:
linuxuser@wclp-box:~$
You interact with the command line shell by typing in commands, then pressing Enter. The command line shell will interpret what you have typed and attempt to follow your orders. If it gets confused then it will display an error message. [EXAMPLE]
Commands and files in Linux are case-sensitive. For example, my_documents and My_Documents are different files. Most Linux commands and many files and directories use only lower-case letters.
Let's look at the format for the command line prompt. By default, it looks something like this:
linuxuser@wclp-box:~$
This gives you some information. It tells you that this is the prompt for a regular user called "linuxuser", who is logged into a computer named "wclp-box". The ~ indicates that we are in linuxuser's home directory, and the "$" tells us that this account is not using root privileges.
If we changed directories, the prompt also changes:
linuxuser@wclp-box:~$ cd My_Documents/
linuxuser@wclp-box:~/My_Documents$
The cd command stands for "change directory". We have changed the directory to the My_Documents directory, and this is reflected in the prompt.
To become the root user, we use the su command:
linuxuser@wclp-box:~/My_Documents$ su
At this point we are asked for the root password. After typing this in, we get the following prompt:
wclp-box:/home/linuxuser/My_Documents#
The "#" at the end oft the prompt tells us that we are the root user. /home/linuxuser/My_Documents is the full path of the My_Documents directory.
The shell prompt can be configured to show all kinds of information. See the HOWTO in /usr/share/doc/HOWTO/en-txt/Bash-Prompt-HOWTO.gz for more information. Customizing your prompt can be fun, but the default prompt shows enough information to be useful.
Some people feel that the command line interface is inefficient because you have to type in all your commands. In fact, the opposite is true. Thanks to shortcuts offered by the shell, most commands and filenames can be entered with only a few keystrokes, without needing to reach for a mouse. The following sections will document some of the most useful shell shortcuts.
Autocompletion may be the most useful feature the shell offers. When you type a few characters and hit the Tab key, the shell attempts to guess the rest of the command or file you want. If there is no ambiguity, the shell will complete the command or file fully. Otherwise, the shell will complete as much of the line as it can. Pressing Tab twice will show the possible completions it has found.
For example, to get to my working directory for this manual, I need to enter the following line:
cd volunteer/wclp/manuals/userguide/
To enter this line, I type the following keystrokes:
cd vTabwTabmaTabuTab
Instead of typing 39 keystrokes, I end up typing 9, where four keystrokes are Tab.
It turns out that I have two directories in my volunteer/wclp/ directory. One is called manuals and the other morphix. If I press
cd vTabwTabmTab
then the shell will not be able to tell which of the directories I want to visit, and it will display
cd volunteer/wclp/m
Pressing Tab again will show my options:
manuals morphix
I can then type oTab to go to the morphix directory, or aTab to go to the manuals directory.
The shell knows that I am looking for a filename or directory because I already typed in a command -- namely, the cd command. If you press Tab when typing the first word of a command line, the shell will know that you are trying to type a command, and it will try to complete the name of the command for you.
For example, say I type:
xscTab
The shell completes this to the following:
xscreensaver
If I press Tab twice more I can see all the commands starting with the word xscreensaver:
xscreensaver xscreensaver-getimage-file
xscreensaver-command xscreensaver-getimage-video
xscreensaver-demo xscreensaver.kss
xscreensaver-getimage
I could then press Enter (to run the xscreensaver command), or I could type the next few characters of the command I wanted, and then press Tab to let the shell autocomplete the command.
The shell knows what commands to look through by examing its $PATH environment variable . This is a variable that lists directories in which the shell should look for commands. You can display the contents of your $PATH by typing
echo $PATH
The values of this variable are often set in the .bash_profile configuration file. Usually you will not need to change your PATH variable, but knowing the list of directories can be useful if there are two commands with the same name; in this case the command in the directory that appears first in the PATH gets executed by default.
[SHOULD I GET RID OF THIS LAST SECTION?]The shell keeps track of the commands you type in. You can visit this command line history by pressing the up and down arrow keys. You can then edit the previous line and run it again. This is very useful if you mistyped a command and need to re-edit it, or if you need to repeat some complicated command on a different file or directory.
The shell provides other keystrokes (such as ctrl-A) to speed up command-line editing. To learn about these, see [WHERE?]
Command-line wildcards allow you to specify many files at once. There are several wildcards, but probably the most useful one is the asterisk (*) wildcard. For example, to look at all the text files in a directory, one at a time, you might type
less *.txt
This will match all files that end with .txt, and ignore all other files. You can surround the asterisk wildcard with other characters. For example,
less a*.txt
would match aardvark.txt and acorn.txt, but not bunnyrabbit.txt.
Wildcards are useful whenever you need to perform some action on a group of files, but you must treat them with caution. A famous example is the rm command, which is used to delete files. Typing
rm * .bak
instead of
rm *.bak
is almost always disastrous. In the first case, you will delete all files in the current directory, and also any files named .bak . In the second case, you will delete all files that have an extension of .bak, which is probably what you wanted.
This section will document some of the most frequently used shell commands. For the most part, these commands are not administrative; they are everyday commands used by regular users. Although this list is not comprehensive, it should get you started. For a more thorough introduction, see [WHERE? THERE IS NO HOWTO, IS THERE?].
The command to list the files in a directory is ls. This command shows different information depending on the options you specify. Without any arguments, ls shows files and directories that do not begin with a period. Here is some sample output:
linuxuser@migraine:~/My_Documents$ ls
Blah.rtf demo.rtf.bak~ exampledir pix
demo.rtf demonstration.rtf joeresume.rtf rename_this.txt
Depending on your configuration, ls will show different colours depending on file type. For example, directories will be displayed in blue.
To display slightly more information, you might use ls -sF:
linuxuser@migraine:~/My_Documents$ ls -sF
total 36
4 Blah.rtf 4 demonstration.rtf 4 pix/
4 demo.rtf 4 exampledir/ 4 rename_this.txt
4 demo.rtf.bak~ 8 joeresume.rtf
The s option displays a file size between each file, and the F displays the file type. For example, directories are displayed followed by a slash. Note that the F option must be in uppercase.
By default, ls will not display so-called hidden files -- files or directories that begin with a period. The a option displays these files:
linuxuser@migraine:~/My_Documents$ ls -a
. .hidden demo.rtf demonstration.rtf joeresume.rtf
.. Blah.rtf demo.rtf.bak~ exampledir pix
The . and .. directories have special meaning. The first refers to the current directory, and the second refers to the directory above this one. We also see a regular directory called .hidden .
A very common option to ls is l:
linuxuser@migraine:~/My_Documents$ ls -l
total 36
-rw-r--r-- 1 linuxuser linuxuser 3160 Jan 2 17:17 Blah.rtf
-rw-r--r-- 1 linuxuser linuxuser 2008 Dec 28 00:01 demo.rtf
-rw-r--r-- 1 linuxuser linuxuser 2832 Dec 28 11:08 demo.rtf.bak~
-rw-r--r-- 1 linuxuser linuxuser 2008 Dec 27 23:59 demonstration.rtf
drwxr-xr-x 2 linuxuser linuxuser 4096 Dec 31 00:55 exampledir
-rw-r--r-- 1 linuxuser linuxuser 5051 Dec 30 23:34 joeresume.rtf
drwxr-xr-x 4 linuxuser linuxuser 4096 Dec 29 23:12 pix
-rw-r--r-- 1 linuxuser linuxuser 106 Jan 2 17:20 rename_this.txt
Each row of this listing corresponds to the information associated with a single file. To understand the meanings of these rows, it helps to know something about file ownership and permissions in Linux.
For security reasons, every file in Linux has permissions associated with it. File permissions determine how the file is allowed to be accessed. Here are the meanings for regular files:
In Linux, directories are treated as files. Like files, every directory has read, write, and execute permissions. However, the meanings of these permission types is different.
To illustrate these concepts, we will use the example of a directory called My_Documents which contains a file called resume.rtf, and we'll say that both My_Documents and resume.rtf are owned by a user linuxuser.
Read permissions on directories determine who may list the contents of the directories to find out what files are inside. This is different than being able to use files inside the directory.
Read permissions are almost always granted along with execute permissions. If a directory has read permissions but not execute permissions, then users can see the names of the files in the directory, but cannot use them in any way. Say that My_Documents had read but not execute permissions for linuxuser, and that resume.rtf had both read and write permissions. Contrast the following situations:
$ ls My_Documents
resume.rtf
$ ls -l My_Documents
ls: My_Documents/resume.rtf: Permission denied
In the second case, ls complains because it cannot access information about resume.rtf. It cannot even look up the file size.
Write permissions on directories determine who may create and delete files within that directory. In our example, assume that linuxuser had read and write permissions resume.rtf, and read and execute (but not execute) permissions on on My_Documents. Then linuxuser could read or edit resume.rtf -- and could even erase all the data inside the file -- but would not be able to delete the file totally. Similarly, linuxuser would not be able to create any new files in My_Documents.
Execute permissions on directories determine who may use the files in the directory. Say that linuxuser had execute (but not read or write) permissions on My_Documents and had read and write permissions on resume.rtf. Then a person using the linuxuser account could view or edit resume.rtf if he or she knew the filename. For example, the user might be able to type
$ cp My_Documents/resume.rtf /media/floppy
but would not be able to successfully execute the following:
$ cp My_Documents/*.rtf /media/floppy
cp: cannot stat `My_Documents/*.rtf': No such file or directory
In the second example, "cannot stat" means that the cp command cannot read the directory's contents.
Execute permissions are often used for webpages, so that people visiting the webpage can access particular HTML files without being allowed to snoop around.
Read, write, and execute permissions for files and directories can be given independently to three different sets of users: the owner of a file, members of the group associated with that file, and everybody else. Each file has an owner and a group. Owners are individual users defined in /etc/passwd. Groups are defined in /etc/group. A user may belong to many groups, and many users may belong to a group.
Traditionally, groups are used to give multiple users access to a file. For example, in a class project people might work in pairs, and each pair might get a group. That way, both members of the pair can modify the class project files, but outsiders will be locked out. Another use of groups is to give particular users access to resources such as floppy drives, CD-ROMs and the sound card.
In practice, you will rarely have to worry about group ownership or permissions of files.
In the Debian distribution (and therefore on your computer) each user account gets a group with its own name. This is used to keep files private -- by default, only the user should be able to access his or her files.
We can now understand the output produced by ls -l:
linuxuser@migraine:~/My_Documents$ ls -l
total 36
-rw-r--r-- 1 linuxuser linuxuser 3160 Jan 2 17:17 Blah.rtf
-rw-r--r-- 1 linuxuser linuxuser 2008 Dec 28 00:01 demo.rtf
-rw-r--r-- 1 linuxuser linuxuser 2832 Dec 28 11:08 demo.rtf.bak~
-rw-r--r-- 1 linuxuser linuxuser 2008 Dec 27 23:59 demonstration.rtf
drwxr-xr-x 2 linuxuser linuxuser 4096 Dec 31 00:55 exampledir
-rw-r--r-- 1 linuxuser linuxuser 5051 Dec 30 23:34 joeresume.rtf
drwxr-xr-x 4 linuxuser linuxuser 4096 Dec 29 23:12 pix
-rw-r--r-- 1 linuxuser linuxuser 106 Jan 2 17:20 rename_this.txt
The output of the command is organized into columns. The first column consists of ten characters. The leftmost character describes the file type, and the other nine characters describe the permissions of the file.
The leftmost character can take on several different values. An entry of - indicates a regular file. An entry of d indicates a directory. There are a number of other possibilities as well, including l (symbolic links), b (block devices), and c (character devices).
From this character alone, we can tell that exampledir and pix are directories, and the other files are regular files.
The other nine characters are grouped into three groups of three characters each. The first set (characters 2-5) list the owner permissions for the file. The second set lists group permissions, and the third set lists world permissions -- permissions for accounts that are not the owner and not in the group. Entries of - indicate that the permission is not granted, and r, w, or x indicate read, write, and execute permissions respectively.
From the output above, we can see that all the regular files give read and write permissions to the owner, and read permissions to the group and rest of the world. The directories give read, write, and execute permissions to the owner, and read and execute permissions to the group and world.
This configuration is unusual: usually regular files should deny all access to accounts other than the owner or group.
The second column is a single number. It is mostly unimportant. It records the number of references to the file in question. All the regular files have a single reference. The directories have multiple references because they refer to themselves and their parent directories also refer to them. The pix directory has two subdirectories, both of which point to it and increase the reference count. Sometimes the reference count becomes important when dealing with security issues or hard links, but for the most part you can ignore it.
The third column lists the owner of the file, and the fourth column lists the group associated with the file. We can see that all of these files are owned by linuxuser and the linuxuser group. [MAKE THIS EXAMPLE MORE INTERESTING?]
The fourth column lists the size of the file in bytes. The next three columns list the date and time of the last modification to the file, and the final column lists the filename.
The shell keeps track of a working directory -- a location in the directory tree that the shell is currently ``active''. Unless specified otherwise, the shell operates on files in the working directory.
By default, the shell initializes its working directory to your home directory. You can change your working directory by using the cd command.
Typing cd with no arguments will return you to your home directory. You can also specify the home directory using ~. For example, by typing
cd ~/My_Documents
you can navigate to the My_Documents directory inside your home directory. You can also specify the home directories of other users using ~. For example, typing
cd ~charm
would navigate to the home directory of a user named charm .
If you are currently in a directory, you can navigate one level "upward" by typing
cd ..
This navigates to the current directory's parent directory -- the directory that contains this one. For example, say that your current directory was /home/linuxuser . Then typing cd .. would change the current working directory to /home. The topmost directory / is called the root directory, and its parent directory is itself.
Directories can be specified as their locations in the directory tree (called the absolute path) or as directories relative to the current directory (called a relative path). Entering either the absolute or a relative path of a directory to the cd command will change to that directory.
For example, say we have a home directory called /home/linuxuser which contains two subtrees called My_Documents and downloads, and that the working directory is currently /home/linuxuser/downloads. Any of the following commands will change to the My_Documents directory:
cd ../My_Documents
or
cd /home/linuxuser/My_Documents
or
cd ~/My_Documents
You can use whichever option is most convenient for you.
If you ever get lost and want to know your current working directory, type
pwd
This will print out your current working directory. Usually, the current working directory is also displayed in the shell prompt.
Although graphical file managers such as XFE allow you to manipulate files and directories easily, it is not hard to perform these operations on the command line. Here is a quick summary of the most common commands:
rm -Rf tempfiles
Beware! The rm command is notorious for causing
accidental data loss. See [WHERE?] for more information.
cp -r document document-copy
mv oldname newname
One of the most useful command line utilities is less, which displays the contents of text files one page at a time. For example, typing
less /etc/passwd
would show you the password file, which shows all the user accounts on the system. The less command is keyboard driven. Here are some of the most common keystrokes:
A variation of less called zless will display text files compressed using gzip, and bzless will display text files compressed using bzip2. For example, to display the Security Quickstart HOWTO, type:
zless /usr/share/doc/HOWTO/en-txt/Security-Quickstart-HOWTO.gz
The less command also comes in handy to read output which would otherwise scroll off the screen. For example, on most systems the following command will produce too much text to fit on one screen:
ls -l /usr/share/doc/
You can use less to display this information a page at a time by typing:
ls -l /usr/share/doc/ | less
The vertical bar | is known as a pipe. It takes the output of ls and feeds it as the input to less.
If you have many commands to type and you want a textual log of the input and output, use the script command. This command is also useful when less does not capture the output you want. To start script, type:
script /tmp/output
This tells script to record the following input and output to a file called /tmp/output. If you do not specify a file, script will write its output to a file called typescript in the current directory.
After you have started script, run the commands you need to run. script will record everything you type on the command line, and the output of every command. When you are done, type
exit
to end the script session. You can then read the contents of the session using less:
less /tmp/output
Both less and script should be used for text-only commands. Do not use them for programs that offer an interactive text-user interface such as aptitude. If you do so, you will just see a lot of garbage characters. [THIS IS NOT EXPLAINED CLEARLY. HOW DO I DESCRIBE CURSES PROGRAMS AND DISTINGUISH THEM FROM OTHER PROGRAMS?]
A process is a running program. Every time you run a command or application, a new Linux process starts (and depending on the application, sometimes many processes start). When a process is started, it is given a unique identifier called a process ID (PID).
From time to time, you may need to look at what processes are running on your computer. Occasionally a program might crash or lock up, and you will need to use brute force to end the process. You might notice a large amount of hard drive activity and wonder what is going on. The ps, pstree and top commands allow you to check what processes are running and what they are up to.
Processes also have an owner, which is the name of the account that started the process. Administrative processes (usually started by the root account) are called system processes and processes started by user accounts are called user processes. Some processes provide services (such as web access, printing, and font display). The programs that provide these services are called daemons. Most daemons are started when your computer boots up, by running scripts in the /etc/init.d/ directory.
Processes are started by other processes. For example, when you run ls in a command line shell, the shell starts a new process to run the command. The starting process (in this example, the shell) is called the parent process, and the process that is created (in this case the process for ls) is called the child process.
The ps command lists running processes and their PIDs. For example, if your user account is linuxuser then the following command will list the processes you are running:
ps -u linuxuser
Here is some sample output of this command:
PID TTY TIME CMD
214 tty1 00:00:00 bash
309 tty1 00:00:00 startx
316 tty1 00:00:00 xinit
321 tty1 00:00:00 wm2
349 ? 00:00:00 ssh-agent
350 tty1 00:00:00 x-terminal-emul
351 tty1 00:00:01 x-terminal-emul
354 tty1 00:00:21 coral
355 pts/0 00:00:00 bash
356 pts/1 00:00:00 bash
397 pts/1 00:00:00 screen
398 ? 00:00:01 screen
399 pts/2 00:00:00 bash
422 pts/3 00:00:00 bash
537 pts/3 00:00:02 vi
860 pts/2 00:00:00 ps
The first and last columns of this output are the most important. The "PID" column lists the process identifier of the process, and the "CMD" column lists the name of the command.
To list all of the processes running on the machine type:
ps aux
This command produces a lot of output, so you may need to pipe it through less.
The pstree command provides another way to look at the processes running on your computer. This command shows the parent-child relationships between processes. Here is some sample output:
pnijjar@wclp-box:~$ pstree | less
init-+-atd
|-bash---startx---xinit-+-XF86_SVGA
| `-wm2-+-ssh-agent
| |-x-terminal-emul---bash
| `-x-terminal-emul---bash---screen---screen-+- bash-+-less
|
|
`-pstree
|
|-bash---vi
|
|-bash---woody
|
`-bash---less
|-coral
|-cron
|-dictd
|-5*[getty]
|-inetd
|-keventd
|-khubd
|-2*[kjournald]
|-klogd
The process names that end with the letter "d" (dictd, klogd, inetd, kswapd and so on) are daemons. The processes that begin with "k" are kernel processes, which are important system processes.
The pstree command has some useful options. The l option wraps long lines, and the p option prints the PIDs of processes along with their relationships. You can get quite a lot of information about running processes by typing
pstree -lu | less
A third tool to observe processes is top, which is a text-only interactive application that shows the processes that are currently running on your system. To start top, type
top
The output looks something like this:
10:45:09 up 51 min, 5 users, load average: 0.33, 0.41, 0.47
45 processes: 41 sleeping, 4 running, 0 zombie, 0 stopped
CPU states: 15.5% user, 4.4% system, 4.0% nice, 76.1% idle
Mem: 29592K total, 27640K used, 1952K free, 3564K buffers
Swap: 124736K total, 3900K used, 120836K free, 9916K cached
PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
530 root 12 -10 4316 1888 980 S < 28.3 6.3 7:47 XF86_SVGA
711 pnijjar 14 0 932 932 740 R 4.7 3.1 0:00 top
567 pnijjar 19 17 1524 1436 880 R N 1.8 4.8 1:37 petri
6 root 9 0 0 0 0 SW 0.9 0.0 0:00 kupdated
1 root 8 0 116 72 72 S 0.0 0.2 0:03 init
2 root 9 0 0 0 0 RW 0.0 0.0 0:00 keventd
3 root 19 19 0 0 0 SWN 0.0 0.0 0:00 ksoftirqd_CPU0
4 root 9 0 0 0 0 SW 0.0 0.0 0:05 kswapd
5 root 9 0 0 0 0 SW 0.0 0.0 0:00 bdflush
8 root 9 0 0 0 0 SW 0.0 0.0 0:00 kreiserfsd
38 root 9 0 0 0 0 SW 0.0 0.0 0:00 khubd
75 root 9 0 0 0 0 SW 0.0 0.0 0:00 kjournald
647 pnijjar 9 0 1300 1300 1036 S 0.0 4.3 0:00 bash
675 pnijjar 9 0 2228 2228 1136 S 0.0 7.5 0:05 woody
679 pnijjar 9 0 2076 2076 1276 S 0.0 7.0 0:01 vi
680 pnijjar 9 0 1280 1280 1028 S 0.0 4.3 0:00 bash
The first five lines show useful information about the overall performance of the computer. In particular, the third line shows how much of your CPU is being used, and by what processes. If your "idle" percentage is low, then you can expect your applications to be sluggish. The fourth line tells you about your RAM. If very little RAM is free, your computer will start swapping -- it will move some memory contents to the swap space on your hard drive. This will cause a lot of hard drive activity, and will typically make applications run very slowly. The fifth line tells you about your swap space. For good performance you do not want too much of your swap in use. If all of your swap gets used up then your computer is in essence out of memory, and unpredictable things will happen. Fortunately, running out of swap is rare.
Note that these numbers are approximations. Having a low amount of free memory does not necessarily mean that your computer will be slow, because the memory usage numbers can inflate over time or frequent use.
The rest of the screen contains information about the processes that are running. Many of the columns are self-explanatory, but a few deserve attention.
The "STAT" column tells you the state of the process. An "R" indicates that the process is currently running -- that it is using CPU cycles. An "S" indicates that the process is sleeping -- that it is currently in memory, but is not using any CPU cycles. A "W" indicates that the process currently has some of its memory swapped to the hard drive. There can also be "N", "D", and "Z" flags as well, which you can learn more about by reading the top manual page.
The "TIME" column tells you the cumulative CPU Time the process has used so far. A process can have a large number here for two reasons: it may require a lot of CPU, or it may have been running for a long time. This column provides a history of this process's activity.
The "%CPU" entry shows the CPU cycles currently being used by processes. You can discover what processes hog the CPU by looking in this column.
If your computer is very slow and you notice a lot of hard drive activity, watch the activity of the kswapd daemon. Its job is to swap memory to the hard drive and back. If it shows a lot of activity, your computer might be thrashing -- one or more processes cannot fully fit in RAM, and the kswapd daemon repeatedly moves memory contents between RAM and the hard drive to accomodate everybody. Thrashing is usually bad -- it will slow your computer down to the point where it becomes aggravating to use. If you find that your computer is thrashing, you may have to stop some processes that are hogging memory. This may mean that you do not run hoggy applications together (for example, you don't run OpenOffice and Mozilla at the same time) or that you avoid certain memory-intensive applications entirely. A third option is to install more memory in your computer, but that can get expensive.
The top application will continue to run until it is stopped. It will refresh the display every five seconds. To exit top, press the q key.
Note that top itself is a process, and that it can consume a fair number of CPU cycles as well. It is an excellent program to run to get a sense of what is going on with your computer, but you may not want to run it continually.
Another command called watch can also help you monitor processes. The watch periodically runs a command and displays the output. For example, if you wanted to look at the current running processes, you might type:
watch -n 10 -d pstree
The n option tells watch to refresh the display every 10 seconds, and the d option tells watch to highlight differences between screen updates. To quit the command, type ctrl-c .
Some applications (such as w3m, cvs and mutt) will start a text editor so that you can edit files. For example, mutt will start a text editor so that you can compose a mail message. Unless otherwise specified by the EDITOR environment variable, command-line applications will start the nano editor. You can identify that this editor is running by the "GNU nano" in the top left hand corner. [SCREENSHOT?] This editor is fairly easy to use, but it can be confusing if you have never used it before.
The first thing to understand about nano is that it is keyboard driven by default. The second thing to understand is that most of the commands offered by the editor are listed at the bottom of the screen. Many commands consist of the ctrl key followed by a letter. (To save screen real estate, the instructions at the bottom of the screen write the ctrl key as "^".) Here are the most common commands:
One annoyance about nano is that it wraps long lines to the screen width by default. While this is useful when composing e-mails, it sometimes causes errors when editing configuration files. To turn off word wrap, type Esc-w.
The grep command is used to search through text files for patterns. In its simplest form, the command has the following form:
grep pattern file
For example, to find all occurences of the word "HOSTNAME" in /etc, you would type
grep "HOSTNAME" /etc/*
The /etc/* means that every file in the /etc directory should be searched. However, files inside subdirectories of /etc will not be searched. To do this, you can use the r flag:
grep -r "HOSTNAME" /etc
If you do not care about whether your search pattern uses upper or lower case letters, use the i flag:
grep -i "HOSTNAME" /etc
The grep command has many other options. In particular, it is possible to specify complicated patterns by specifying regular expressions. To learn about regular expressions, see [WHERE?] Although regular expressions are a powerful tool, you do not need them to benefit from grep.
In addition to graphical applications like XFE, command line tools exist to work with archives. The most common archive format in Linux are tar files, which are manipulated using the tar command.
For example, consider a gzipped tar file named example.tar.gz which is in the current directory. To list the contents of the archive, you can type:
tar tvzf example.tar.gz
The t flag tells tar to list the contents of the archives. The vzf flags are often used together, but they have distinct meanings. The v stands for "verbose"; it prints out detailed information about the files in the archive. The z is used to indicate that the archive is compressed using gzip. Finally, the f indicates that we should use a file for input: in this case the file is example.tar.gz.
We can perform other operations to this archive. To unpack the archive into the current directory, type:
tar xvzf example.tar.gz
The x option stands for "extract".
Another common use of tar is to create archives. By convention, people first place all the files they wish to archive in a directory, and then archive the directory. For example, if you wanted to create a tarball of a big project, you could create a directory named project, place copies of the files to archive in that directory, then traverse to the parent of the project directory and type:
tar cvzf project.tar.gz project
The c option stands for "create". This will create a tarball in the current directory called project.tar.gz.
Note that x, t and c are "special" options -- they must appear first in the list of options, and only one of them may be present when invoking tar.
In addition to archives compressed with gzip, you may run into tar files compressed with bzip2. To work with these files, replace the z option with j. For example, to unpack example.tar.bz2, you would type
tar xvjf example.tar.bz2