{"id":336,"date":"2020-08-18T19:23:47","date_gmt":"2020-08-18T20:23:47","guid":{"rendered":"http:\/\/www.linux-tutorial.info\/?page_id=77"},"modified":"2020-08-22T19:25:59","modified_gmt":"2020-08-22T20:25:59","slug":"this-is-the-page-title-toplevel-169","status":"publish","type":"page","link":"http:\/\/www.linux-tutorial.info\/?page_id=336","title":{"rendered":"Checking the Sanity of Your System"},"content":{"rendered":"\nChecking the Sanity of Your System<\/title>\n<p>\nHave you ever tried to do something and it didn’t behave the way you expected\nit to? You read the manual and typed in the example character for a character\nonly to find it didn’t work right. Your first assumption is that the manual is\nwrong, but rather than reporting a bug, you try the command on another machine\nand to your amazement, it behaves exactly as you expect. The only logical reason\nis that your machine has gone insane.\n<\/p>\n<p>\nWell, at least that’s the attitude I have\nhad on numerous occasions. Although this personification of the system helps\nrelieve stress sometimes, it does little to get to the heart of the problem.If\nyou want, you could check every single file on your system (or at least those\nrelated to your problem) and ensure that permissions are correct, the size is\nright, and that all the support files are there. Although this works in many\ncases, often figuring out which programs and files are involved is not easy.\n<\/p>\n<p>\nFortunately, help is on the way. Linux provides several useful tools with\nwhich you can not only check the sanity of your system but return it to normal.\nI’ve already talked about the first set of tools. These are the monitoring tools\nsuch as <command>ps<\/command> and <command>vmstat<\/command>. Although these programs\ncannot correct your problems, they can indicate where problems lie.\n<\/p>\n<p>\nIf the problem is the result of\na corrupt file (either the contents are corrupt or the <glossary>permissions<\/glossary>\nare wrong), the system monitoring tools cannot help much. However, several tools specifically address different aspects of your system.\n<\/p>\n<question id=\"\" type=\"\" text=\"Which two programs create checksums of files?\" \/>\n<question id=\"334\" text=\"The -r option to sum says to ignore order of characters when creating the checksum.\" \/>\n<p>\nLinux provides a utility to compute a <glossary>checksum<\/glossary>\non a file, called <command>sum<\/command>. It provides\nthree ways of determining the sum. The first is with no options at all, which\nreports a 16-bit sum. The next way uses the <keyinput>-r<\/keyinput> option, which again provides a\n16-bit <glossary>checksum<\/glossary> but uses an older method to\ncompute the sum. In my opinion, this method is more reliable because the byte\norder is important as well. Without the <keyinput>-r<\/keyinput>, a file containing the word\n“housecat” would have the same checksum if you changed that single word to\n“cathouse.” Although both words have the exact same bytes, they are in a\ndifferent order and give a different meaning. Note that I have seen that newer\nversions of <command>sum<\/command> default to the <keyinput>-r<\/keyinput> behavior. If you want the older behavior\n(and get the same <glossary>checksum<\/glossary> in this example), use the <keyinput>-s<\/keyinput> option.\n<\/p>\n<question id=\"333\" text=\"How many bits is the checksum created by 'md5sum'?\" \/>\n<concept id=\"\" description=\"The 'md5sum' creates a 128-bit checksum\" \/>\n<p>\nOn many systems, there is\nthe <command>md5sum<\/command> command. Instead of creating a 16-bit <glossary>checksum<\/glossary>,\n<command>md5sum<\/command> creates a 128-bit\nchecksum. This makes it substantially more difficult to hide the fact that a file\nhas changed.\n<\/p>\n<p>\nBecause of the importance of the file’s <glossary>checksum<\/glossary>,\nI created a shell script while I was in tech support that would\nrun on a freshly installed system. As it ran, it would store in a database all\nthe information provided in the <glossary>permissions<\/glossary>\nlists, plus the size of the file (from an <keyinput>ls -l<\/keyinput> listing), the type of\nfile (using the <command>file<\/command> command), and the <glossary>checksum<\/glossary>\n(using <keyinput>sum<\/keyinput> with the <keyinput>-r<\/keyinput> option). If I was on the phone with a customer and things didn’t appear right, I could do a quick <command>grep<\/command> of that file name and get the necessary information. If they didn’t match, I knew something was out of whack.\n<\/p>\n<p>\nUnfortunately\nfor the customer, much of the information that my script and database provided\nwas something to which they didn’t have access. Now, each system\n<glossary>administrator<\/glossary> could write a similar script and call\nup that information. However, most administrators do not consider this issue\nuntil it’s too late.\n<\/p>\n<question id=\"335\" text=\"What command would you use to check the 'sanity' of your filesystem?\" \/>\n<p>\nWe now get to the “sanity checker” with which perhaps most people are familiar:\n<command>fsck<\/command>, the file system checker. Anyone who has lived through a system\n<glossary>crash<\/glossary> or had the system shut down improperly has seen fsck.\nOne unfamiliar aspect of fsck is the fact that it is actually several programs,\none for each of the different file systems. This is done because of the\ncomplexities of analyzing and correcting problems on each file system. As a\nresult of these complexities, very little of the code can be shared. What can be\nshared is found within the <command>fsck<\/command> program.\n<\/p>\n<question id=\"\" type=\"TF\" text=\"When it runs, the 'fsck' command determines what type of file system you want to check and runs the appropriate command\" \/>\n<concept id=\"\" description=\"When it runs, the 'fsck' command determines what type of file system you want to check and runs the appropriate command\" \/>\n<p>\nWhen it runs, <command>fsck<\/command> determines what type of file system you want to check and\nruns the appropriate command. For example, if you were checking an ext2fs file\nsystem, the program that would do the actually checking would be\n<command>fsck.ext2<\/command> (typically in the <directory>\/sbin<\/directory> directory).\n<\/p>\n<concept id=\"\" description=\"The 'rpm' command can be used to test the integrity of the files on your system.\" \/>\n<p>\nAnother very useful sanity checker is the\n<command>rpm<\/command> package manager (assuming that your system uses the <glossary>RPM<\/glossary>\nfile format) that is the RPM program\nitself. As we talked about earlier, the <command>rpm<\/command> program is used to install additional\nsoftware. However, you can use many more options to test the integrity of your system.\n<\/p>\n<p>\nWhen the system is\ninstalled, all of the file information is stored in several files located in\n<directory>\/var\/lib\/rpm<\/directory>. These are hashed files that rpm can use but mean very little to us\nhumans. Therefore, I am not going to go into more detail about these files.\n<\/p>\n<question id=\"\" type=\"MC\" text=\"What program can use use to determine to what packages a particular file belongs?\" \/>\n<concept id=\"\" description=\"You can use the 'rpm' command to determine to what packages a particular file belongs.\" \/>\n<p>\nAssuming you know what file is causing the problem, you\ncan use <command>rpm<\/command>\nto determine the package to which this file belongs. The syntax would be\n<\/p>\n<p>\n<commandexample command=\"rpm\">rpm -q -f <full_path_to_file><\/commandexample>\n<\/p>\n<p>\n<p>\nThe <keyinput>-q<\/keyinput> puts <command>rpm<\/command> into query mode and the -f tells it to query the\nfollowing file and tell me to what package it belongs. Once you know to what\npackage a file belongs, you can verify the package. For example, lets say that\nyou believe that there is something wrong with the <command>xv<\/command> file viewer. Its\n<glossary>full path<\/glossary> is <directory>\/usr\/bin\/X11R6\/xv<\/directory>, so to find out to what\npackage it belongs, the command would be\n<\/p>\n<p>\n<commandexample command=\"rpm\">rpm -q -f \/usr\/bin\/X11R6\/xv<\/commandexample>\n<\/p>\n<p>\nThis tells you that <command>xv<\/command> is part of the package\n<\/p>\n<p>\n<screenoutput>xv-3.10a-3<\/screenoutput>\n<\/p>\n<p>\nNow use the <keyinput>-V<\/keyinput> option to verify the package:<\/p>\n<p>\n<commandexample command=\"rpm\">rpm -V xv-3.10a-3<\/commandexample>\n<\/p>\n<question id=\"336\" text=\"What command would you use to check whether the permissions of files are correct?\" \/>\n<concept id=\"\" description=\"The 'rpm' command can be used to check whether the permissions of files are correct.\" \/>\n<p>\nIf <command>rpm<\/command> returns with no response, the package is fine. What if the owner and group\nare wrong? You would end up with an output that looks like\nthis:\n<\/p>\n<p>\n<screenoutput>..UG. \/usr\/bin\/X11R6\/xv<\/screenoutput>\n<\/p>\n<p>\nEach dot represents a particular characteristic of the file. These characteristics are\n<\/p>\n<p>\n<table cellspacing=0 BORDER=0 CELLPADDING=7 WIDTH=233><tr>\n<td>5<\/td>\n<td>MD5 checksum<\/td><\/tr><tr>\n<td>S<\/td>\n<td>File size<\/td><\/tr><tr>\n<td>L<\/td>\n<td>Symbolic link<\/td><\/tr><tr>\n<td>T<\/td>\n<td>Modification time<\/td><\/tr><tr>\n<td>D<\/td>\n<td>Device<\/td><\/tr><tr>\n<td>U<\/td>\n<td>User<\/td><\/tr><tr>\n<td>G<\/td>\n<td>Group<\/td><\/tr><tr>\n<td>M<\/td>\n<td>Mode (permissions and file type)<\/td><\/tr><\/table>\n<\/p>\n<p>\nIf any of these characteristics are incorrect, <command>rpm<\/command> will display the appropriate letter.\n<\/p>\n<p>\nIf you wanted to check all of the packages you could create a script that looks\nlike this:\n<p>\n<commandexample command=\"rpm\">\nrpm -qa | while read pkg\ndo\n echo “======== $pkg ================”\n rpm -V $pkg\ndone\n<\/commandexample>\n<p>\nThe first <command>rpm<\/command> command simply lists all of the package and pipes it into the read,\nwhich then loops through each package and verifies it. Since each file will be\nlisted, you should have some seperator between each packages.\n<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Checking the Sanity of Your System Have you ever tried to do something and it didn’t behave the way you expected it to? You read the manual and typed in the example character for a character only to find it … <a href=\"http:\/\/www.linux-tutorial.info\/?page_id=336\">Continue reading <span class=\"meta-nav\">→<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-336","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/pages\/336","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=336"}],"version-history":[{"count":1,"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/pages\/336\/revisions"}],"predecessor-version":[{"id":520,"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=\/wp\/v2\/pages\/336\/revisions\/520"}],"wp:attachment":[{"href":"http:\/\/www.linux-tutorial.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=336"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}