Upgrade to Pro — share decks privately, control downloads, hide ads and more …

I love UNIX and so can you

58376779023f009fc13d160bb3e82515?s=47 John Downey
July 14, 2016
Technology
0
190

I love UNIX and so can you

58376779023f009fc13d160bb3e82515?s=128

John Downey

July 14, 2016
Tweet

More Decks by John Downey

See All by John Downey
Cryptography Pitfalls at CactusCon 2019
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
78
Intro to Cybersecurity Workshop
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
100
Cryptography Pitfalls at BsidesMSP 2017
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
97
Cryptography Pitfalls at THOTCON 0x8
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
150
Cryptography Pitfalls at ConFoo Montreal 2017
58376779023f009fc13d160bb3e82515?s=48 jtdowney
1
210
Cryptography Pitfalls at BSidesPhilly 2016
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
75
Cryptography Pitfalls at LASCON 2016
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
100
Debugging TLS/SSL at DevOps Days Detroit 2016
58376779023f009fc13d160bb3e82515?s=48 jtdowney
1
150
Debugging TLS/SSL at DevOpsDays Boston
58376779023f009fc13d160bb3e82515?s=48 jtdowney
1
260

Other Decks in Technology

See All in Technology
Salesforce女子部-権限についてまとめてみたその1
F95794a2051e510588225c20afb7e3b2?s=48 sfggjp
0
180
如何使用 Argo Event& Workflow 快速建置自定義的工作流程 @ #CNTUG #47
2102a6b8760bd6f57f672805723dd83a?s=48 line_developers_tw
PRO
0
4.2k
mROS 2のススメ
91b03a57e0ef56fee59fbddc66a7f6fd?s=48 takasehideki
0
290
[SRE NEXT 2022]ヤプリのSREにおけるセキュリティ強化の取り組みを公開する
Ee9f5f5b17a075129d7c48ad157a9ab3?s=48 mmochi23
1
280
20220510_簡単にできるコスト異常検出(Cost Anomaly Detection) /jaws-ug-asa-cost-anomaly-detection-20220510
97b3cca999b52cb5296675ac0a5c12cd?s=48 emiki
2
310
msal.jsのあれこれ
716a39e2ee383722f960c17467eaf55b?s=48 takas0522
0
1.4k
Power BIのモバイルと都 +1 / Tokyo
966e29b84ae7dbde170f66b0bc75b7a6?s=48 ishiayaya
0
130
アルプの 認証/認可分離戦略と手法
C6a8cb5e13aa716521d522471ec4e4cd?s=48 ma2k8
PRO
1
110
220510 プロセスマイニングを学ぶ PLAY与田さん
50bc42471d197d0dbef7171f2ef85bb6?s=48 comucal
PRO
0
640
SRE_チーム立ち上げから1年_気づいたら_SRE_っぽくない仕事まで貢献しちゃってる説
B35fa97f982d550e358a8c689c3f0fef?s=48 bitkey
PRO
0
1.9k
成長を続ける組織でのSRE戦略:プレモーテムによる信頼性の認識共有 SRE Next 2022
Dccc861c47a9a7bfc7f71a86e1245897?s=48 niwatakeru
7
2.3k
Learning from AWS Customer Security Incidents [2022]
A431674e1b362e40786876211b77455e?s=48 ramimac
0
480

Featured

See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
A9a491b0fcbe0fbce3d64063a37add99?s=48 rmw
19
1.4k
Visualization
170b760e0147792d0140e59ec78e9893?s=48 eitanlees
124
11k
The Illustrated Children's Guide to Kubernetes
0438ae60cde4c7add6f9da48f28c15cc?s=48 chrisshort
14
34k
Dealing with People You Can't Stand - Big Design 2015
44b54d2ffcb7857004071cc6795dde11?s=48 cassininazir
350
21k
GitHub's CSS Performance
64827b31aef81498662e8af4bd6d5157?s=48 jonrohan
1020
410k
No one is an island. Learnings from fostering a developers community.
6bb82b13cda86d3b821fa44100335ddf?s=48 thoeni
9
1.1k
Music & Morning Musume
A60068bce2e73de3a37ca9d2dbe36092?s=48 bryan
35
4.1k
Docker and Python
Ecdea9b9714877b86cee08458f085481?s=48 trallard
27
1.5k
Unsuck your backbone
B83d5b590577969ee79a5ad845411a7d?s=48 ammeep
659
55k
Learning to Love Humans: Emotional Interface Design
5f50f94346fbcb23706f0707169317a4?s=48 aarron
261
37k
Design by the Numbers
027d1ebf66cc039a0bd3b55eeadbe75d?s=48 sachag
271
17k
4 Signs Your Business is Dying
E4f5d494ebdc9e7cce1aecf3ce3e8bc1?s=48 shpigford
169
20k

Transcript

  1. I ❤ UNIX and so can you @jtdowney 1

  2. @jtdowney 2

  3. @jtdowney 3

  4. @jtdowney 4

  5. @jtdowney 5

  6. History @jtdowney 6

  7. Research UNIX @jtdowney 7

  8. @jtdowney 8

  9. 1. a hierarchical file system incorporating demountable volumes 2. compatible

    file, device, and inter-process I/O 3. the ability to initiate asynchronous processes 4. system command language selectable on a per-user basis 5. over 100 subsystems including a dozen languages @jtdowney 9

  10. Why was UNIX successful 1. The UNIX system was written

    in a high-level language. 2. The UNIX system was distributed in source form. 3. The UNIX system provided powerful primitives normally found in only those operating systems that ran on much more expensive hardware. @jtdowney 10

  11. Berkley Software Distribution (BSD) @jtdowney 11

  12. @jtdowney 12

  13. UNIX Wars @jtdowney 13

  14. What does UNIX mean now? @jtdowney 14

  15. Officially it means 4 POSIX 4 Single UNIX Specification 4

    The Open Group certifies compatible systems 4 Solaris 4 OS X @jtdowney 15

  16. @jtdowney 16

  17. Unofficially 4 UNIX-like systems 4 POSIX 4 Aren't certified for

    the Single UNIX Specification 4 Linux 4 BSD (Free/Net/Open) 4 illumos @jtdowney 17

  18. ❤ @jtdowney 18

  19. UNIX Philosophy 4 Write programs that do one thing and

    do it well. 4 Write programs to work together. 4 Write programs to handle text streams, because that is a universal interface. @jtdowney 19

  20. Functional operations on data 4 filter (grep) 4 map (sed

    / awk) 4 reduce (uniq / wc / awk) @jtdowney 20

  21. netstat -an | grep -i established @jtdowney 21

  22. Everything is a file (descriptor) @jtdowney 22

  23. netstat -an % lsof -p 9576 COMMAND PID USER FD

    TYPE DEVICE SIZE/OFF NODE NAME netstat 9576 pair cwd DIR 202,1 4096 8787609 /home/pair/bt/vault netstat 9576 pair rtd DIR 202,1 4096 2 / netstat 9576 pair txt REG 202,1 119784 10616898 /bin/netstat netstat 9576 pair mem REG 202,1 1607696 2886783 /lib/x86_64-linux-gnu/libc-2.13.so netstat 9576 pair mem REG 202,1 136936 2886666 /lib/x86_64-linux-gnu/ld-2.13.so netstat 9576 pair mem REG 202,1 1534672 11798922 /usr/lib/locale/locale-archive netstat 9576 pair 0u CHR 136,3 0t0 6 /dev/pts/3 netstat 9576 pair 1u CHR 136,3 0t0 6 /dev/pts/3 netstat 9576 pair 2u CHR 136,3 0t0 6 /dev/pts/3 @jtdowney 23

  24. COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME netstat

    9576 pair 0u CHR 136,3 0t0 6 /dev/pts/3 netstat 9576 pair 1u CHR 136,3 0t0 6 /dev/pts/3 netstat 9576 pair 2u CHR 136,3 0t0 6 /dev/pts/3 @jtdowney 24

  25. % tty /dev/pts/3 @jtdowney 25

  26. Every process starts with 3 file descriptors open 4 0

    = STDIN 4 1 = STDOUT 4 2 = STDERR @jtdowney 26

  27. COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME netstat

    9576 pair 0u CHR 136,3 0t0 6 /dev/pts/3 netstat 9576 pair 1u CHR 136,3 0t0 6 /dev/pts/3 netstat 9576 pair 2u CHR 136,3 0t0 6 /dev/pts/3 @jtdowney 27

  28. netstat -an | grep -i established % lsof -p 12538

    COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME netstat 12538 pair cwd DIR 202,1 4096 8787609 /home/pair/bt/vault netstat 12538 pair rtd DIR 202,1 4096 2 / netstat 12538 pair txt REG 202,1 119784 10616898 /bin/netstat netstat 12538 pair mem REG 202,1 1607696 2886783 /lib/x86_64-linux-gnu/libc-2.13.so netstat 12538 pair mem REG 202,1 136936 2886666 /lib/x86_64-linux-gnu/ld-2.13.so netstat 12538 pair mem REG 202,1 1534672 11798922 /usr/lib/locale/locale-archive netstat 12538 pair 0u CHR 136,3 0t0 6 /dev/pts/3 netstat 12538 pair 1w FIFO 0,8 0t0 735322872 pipe netstat 12538 pair 2u CHR 136,3 0t0 6 /dev/pts/3 @jtdowney 28

  29. netstat -an | grep -i established % lsof -p 12539

    COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME grep 12539 pair cwd DIR 202,1 4096 8787609 /home/pair/bt/vault grep 12539 pair rtd DIR 202,1 4096 2 / grep 12539 pair txt REG 202,1 175488 10616876 /bin/grep grep 12539 pair mem REG 202,1 1607696 2886783 /lib/x86_64-linux-gnu/libc-2.13.so grep 12539 pair mem REG 202,1 14768 2886786 /lib/x86_64-linux-gnu/libdl-2.13.so grep 12539 pair mem REG 202,1 136936 2886666 /lib/x86_64-linux-gnu/ld-2.13.so grep 12539 pair mem REG 202,1 1534672 11798922 /usr/lib/locale/locale-archive grep 12539 pair mem REG 202,1 26066 11807983 /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache grep 12539 pair 0r FIFO 0,8 0t0 735322872 pipe grep 12539 pair 1u CHR 136,3 0t0 6 /dev/pts/3 grep 12539 pair 2u CHR 136,3 0t0 6 /dev/pts/3 @jtdowney 29

  30. Shell Redirection @jtdowney 30

  31. grep test < /dev/zero % lsof -p 13828 COMMAND PID

    USER FD TYPE DEVICE SIZE/OFF NODE NAME grep 13828 pair cwd DIR 202,1 4096 7864322 /home/pair grep 13828 pair rtd DIR 202,1 4096 2 / grep 13828 pair txt REG 202,1 175488 10616876 /bin/grep grep 13828 pair mem REG 202,1 1607696 2886783 /lib/x86_64-linux-gnu/libc-2.13.so grep 13828 pair mem REG 202,1 14768 2886786 /lib/x86_64-linux-gnu/libdl-2.13.so grep 13828 pair mem REG 202,1 136936 2886666 /lib/x86_64-linux-gnu/ld-2.13.so grep 13828 pair mem REG 202,1 1534672 11798922 /usr/lib/locale/locale-archive grep 13828 pair mem REG 202,1 26066 11807983 /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache grep 13828 pair 0r CHR 1,5 0t0 1030 /dev/zero grep 13828 pair 1u CHR 136,3 0t0 6 /dev/pts/3 grep 13828 pair 2u CHR 136,3 0t0 6 /dev/pts/3 @jtdowney 31

  32. System Calls @jtdowney 32

  33. % echo "Hello World" > test % cat test Hello

    World @jtdowney 33

  34. % strace cat test execve("/bin/cat", ["cat", "test"], [/* 86 vars

    */]) = 0 ... open("test", O_RDONLY) = 3 read(3, "Hello World\n", 32768) = 12 write(1, "Hello World\n", 12) = 12 read(3, "", 32768) = 0 close(3) = 0 close(1) = 0 close(2) = 0 exit_group(0) = ? @jtdowney 34

  35. Common file-related system calls 4 creat - create a file

    4 open - open a file 4 read - read from a file descriptor 4 write - write to a file descriptor 4 close - close a file descriptor @jtdowney 35

  36. Expose special files in mount points % mount sysfs on

    /sys type sysfs (rw,nosuid,nodev,noexec,relatime) proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) udev on /dev type devtmpfs (rw,relatime,size=10240k,nr_inodes=3855906,mode=755) devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000) tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=3089000k,mode=755) /dev/xvda1 on / type ext4 (rw,relatime,stripe=128,data=ordered) tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k) tmpfs on /run/shm type tmpfs (rw,nosuid,nodev,noexec,relatime,size=6177980k) @jtdowney 36

  37. % ls /proc 1/ 111/ 13717/ 17293/ 20/ 26/ 28952/

    34/ 4125/ 44/ 4716/ 10/ 112/ 13719/ 173/ 208/ 26538/ 28962/ 35/ 4136/ 4403/ 4718/ 100/ 113/ 13720/ 174/ 209/ 26549/ 29/ 36/ 42/ 4422/ 4721/ 101/ 117/ 13926/ 176/ 21/ 267/ 3/ 37/ 4236/ 4445/ 4723/ 102/ 12/ 14/ 18/ 22/ 27/ 30/ 38/ 4276/ 45/ 4769/ 103/ 13/ 15/ 185/ 23/ 274/ 31/ 39/ 43/ 46/ 4776/ 108/ 13329/ 1533/ 186/ 24/ 28/ 32/ 3980/ 4349/ 4618/ 4778/ 109/ 13334/ 16/ 19/ 249/ 28162/ 33/ 4/ 4361/ 4683/ 4795/ 11/ 13337/ 16276/ 1969/ 25/ 28883/ 335/ 40/ 4366/ 47/ 48/ 110/ 13346/ 17/ 2/ 250/ 28888/ 339/ 41/ 4387/ 4711/ 4806/ @jtdowney 37

  38. % ls /proc/self attr/ coredump_filter gid_map mountinfo oom_score sessionid task/

    autogroup cpuset io mounts oom_score_adj smaps timers auxv cwd@ limits mountstats pagemap stack uid_map cgroup environ loginuid net/ personality stat wchan clear_refs exe@ map_files/ ns/ projid_map statm cmdline fd/ maps numa_maps root@ status comm fdinfo/ mem oom_adj sched syscall @jtdowney 38

  39. % cat /proc/self/status Name: zsh State: S (sleeping) Tgid: 20292

    Ngid: 0 Pid: 20292 PPid: 7596 TracerPid: 0 Uid: 1000 1000 1000 1000 Gid: 1000 1000 1000 1000 FDSize: 64 Groups: 4 106 918 1000 1100 2000 VmPeak: 45772 kB @jtdowney 39

  40. Process Model @jtdowney 40

  41. 4 pid - process id 4 ppid - parent process

    id 4 uid - user id 4 gid - group id @jtdowney 41

  42. % pstree init─┬─zsh───pstree ├─7*[getty] ├─2*[master─┬─pickup] │ └─qmgr] ├─atd ├─cron───cron───sh───vpair───{vpair} ├─docker─┬─docker-containe───9*[{docker-containe}]

    │ └─24*[{docker}] ├─epmd ├─haproxy ├─java───128*[{java}] @jtdowney 42

  43. fork() @jtdowney 43

  44. What does it get? 4 Get a copy of the

    file descriptors 4 Easy to use pipes for inter-process communication 4 Share virtual memory (copy on write) @jtdowney 44

  45. require "logger" logger = Logger.new($stdout) logger.info "starting parent" reader, writer

    = IO.pipe fork do writer.close logger.info "starting child" logger.info reader.gets end reader.close writer.write "sent from parent process" @jtdowney 45

  46. % ruby fork_test.rb I, [2016-07-14T16:52:38.440600 #28966] INFO -- : starting

    parent I, [2016-07-14T16:52:38.442533 #28968] INFO -- : starting child I, [2016-07-14T16:52:38.444770 #28968] INFO -- : sent from parent process @jtdowney 46

  47. Signals @jtdowney 47

  48. Signal Value Action Comment ────────────────────────────────────────────────────────────────────── SIGHUP 1 Term Hangup detected

    on controlling terminal or death of controlling process SIGINT 2 Term Interrupt from keyboard SIGQUIT 3 Core Quit from keyboard SIGILL 4 Core Illegal Instruction SIGABRT 6 Core Abort signal from abort(3) SIGFPE 8 Core Floating point exception SIGKILL 9 Term Kill signal SIGSEGV 11 Core Invalid memory reference SIGPIPE 13 Term Broken pipe: write to pipe with no readers SIGALRM 14 Term Timer signal from alarm(2) SIGTERM 15 Term Termination signal SIGUSR1 30,10,16 Term User-defined signal 1 SIGUSR2 31,12,17 Term User-defined signal 2 SIGCHLD 20,17,18 Ign Child stopped or terminated SIGCONT 19,18,25 Cont Continue if stopped SIGSTOP 17,19,23 Stop Stop process SIGTSTP 18,20,24 Stop Stop typed at tty SIGTTIN 21,21,26 Stop tty input for background process SIGTTOU 22,22,27 Stop tty output for background process The signals SIGKILL and SIGSTOP cannot be caught, blocked, or ignored. @jtdowney 48

  49. 4 SIGHUP - sent when you close a terminal on

    a running process 4 SIGINT - sent when you CTRL-C 4 SIGTERM - sent with plain kill <pid> 4 SIGKILL - not messing around, uncatchable @jtdowney 49

  50. Questions @jtdowney 50

  51. References 4 Books 4 The Daemon, the Gnu, and the

    Penguin by Peter H. Salus, et al 4 The Design and Implementation of the 4.4 BSD Operating System by Marshall Kirk McKusick, et al 4 Lions' Commentary on Unix 6th Edition by John Lions 4 Papers 4 The UNIX Time-Sharing System by Dennis M. Ritchie and Ken Thompson 4 The Evolution of the Unix Time-sharing System by Dennis M. Ritchie 4 Articles 4 https://en.wikipedia.org/wiki/History_of_Unix 4 https://en.wikipedia.org/wiki/Unix_philosophy @jtdowney 51