CompTIA Linux+ XK0-005 – Unit 07 – Process and Module Management Part 4

  • By
  • August 6, 2023
0 Comment

30. Demo – Viewing Kernel Information

All right, we’re going to take a look at some of our kernel information and I’m going to start off here with the little command like you name and there’s the kernel. That was exciting. It was just plain old Linux. Well let’s try that. You name again with the A and it says oh, okay, you want to know a little more about the kernel information? All right. So that’s the one thing about Linux you have to know all the command line options to get more and more more of your verbose information. So this shows me the distribution of the kernel, even the installation date and time, the hardware platform and more information as it goes on from there. All right, so now we’re going to take a look at some other information. We’re going to talk about some of the file that has pretty much the same information that we got from you.

Name a little bit more information too. It’s in the Proc folder, it’s called Version. So I’m going to cat that right out to the front. And again it looks very much like what we expect to see before. It’s given me a little bit more information about contact information, the GCC version. Again pre release information and then of course when it was put in. So again just a bit more detail than you had before. Now one of the other things you could do is list all of the current sys control keys and their values and this is going to be kind of interesting. I’m going to go into the super user here or the administrator as we more appropriately call them and I’m going to do the syscontrol a and watch out. Okay, did you get all of that? Now I can still try to page up or scroll up and see these things.

But one of the issues you have to be careful of with something like this and you’ll notice it right away is I’m not at the top. You might think I’m at the top but if I was at the top of the list what you would have seen up here was my command that I had typed. So what happened is that the amount of buffer that this shell program is capable of holding the amount of data has been exceeded. So it purged a whole lot of stuff that I had typed or that I would have seen. So I’m going to try using the less option. And this one here I’m going to see if I can kind of get the idea of whether or not I can use my page up or page down to get further information. And so it’s kind of, again another little option that allows me to have better view and better control.

Right, page up, page down on my keyboard. It’s giving me a little better option in viewing my information. Now what’s different here is that I don’t have this control bar here, this scroll bar should say on the right working. Some of you might say, well, why don’t you use the More command? And I think that’s a valid question, but if I use the More command where I could see the top page and I hit the space bar and see all the other pages, at some point I’m going to again, because of the limit of buffer, lose that stuff at the top. This program, the Less is letting me go through up and down, page by page with the page up, page down, and it makes life just a lot easier to view information. I’m not losing it in the buffer like the More command would queue gets me out. As you saw, it looked very much like a VI command.

Okay. I think that’s an important option for you to also know about was that pipe less. Now, one of the things that we’ll see with the sys control variables is that the syscontrol has these kernel variables and they are often described, some people in the current terms today for programming is that the name of the object dot its property or its method? A method was actually an action, a verb, and a property was just a description about the object. So in this case, if I talk about kernel PID max, it shows me the value of that property, which is the largest amount of processes IDs that I could issue out. Now, you can see that information in another location under the pro sys kernel and the PID underscore max and see the same value there. But I kind of like the kernel dot option with the syscontrol.

Okay. And again, if you wanted to, you could actually start playing around with some of these if you wanted to change the values with the sys control, again, as long as you’re the route, you can do this, the w to write to this kernel PID max, and we could make it equal to 30,000 oops, there we go. Instead of what we had before. And so now if I look at that PID max, you can see it has been changed. So you can also change some of these variables. But boy, I’d just be telling you be all sorts of careful when you’re trying to deal with these values that you just don’t destroy something important. Limit yourself overextend yourself always. Again, practice, research, but know that you have a lot of control, especially from the command line. And as the root in what this operating system does.

31. Kernel Modules Part

Now, when it comes to kernel modules, you have to remember that a module is a loadable component. It could be an extension, a driver, a program that’s added on, or a service that’s added on. They are loaded on demand, just like most modules would be for any operating system. Now, the reason that’s important for us is that if you had an operating system installation that loaded everything on all at once, whether you needed it or not, you would again be committing a bad security breach by having these modules open and running that you don’t need, giving hackers potentially new ways of gathering information and getting inside your system.

Now, when you load them, they do become a part of the kernel. So it’s important that you know what you’re trying to accomplish, like adding Apache. Many people would say that’s another module that I’m going to put on. Now, if you add it on, that means you’ve opened up a whole set of web services port 84, 43, and everything associated with that. That gives people access to your system whether you want it or not. Hopefully it’s because you do.

32. Kernel Modules Part

So there are a lot of commands that we can use to be able to make these changes. And the module commands are very straightforward. They are things like insmod insert mod, which allows you to insert a module into the kernel. RM mod, as you probably guessed, means removing a module from the kernel. LS mod lets you see what are the currently loaded modules, so you can make a decision if you’re missing one or need to remove mod. Info command will display information about a particular module. Mod probe would allow you to insert or remove a module from the kernel. Now, we haven’t talked a lot about all of the different modules, so I would encourage you to do an LS mod, see what are currently in there, get the information about those modules, and have fun working with those.

Now be careful with these commands. Just like the sys control command and these mod commands, if you’re not careful about what you do, you could leave yourself with an unbootable operating system. That’s right, you can get what we call in the business name recognition. When the server won’t come back online and everybody’s at a standstill because it’s not working, they’re going to say, well, who did that? Once they know who you are, trust me, everybody knows who you’re going to your name. That’s why I call it name recognition. Don’t want it. So be careful about what you’re doing. Look at the information, look at the research. Make some good decisions before you go too crazy playing with these commands.

33. The lsmod Command

So as an example, with the LS mod, the goal was to show you the modules that are currently loaded. Now you’re going to be surprised by some of these names that you see because you’re going to look at them, you’re going to say, well I just thought IP was a normal thing. Well, you know, it’s a stack of protocols that are running on the particular operating system. You don’t have to use IP addresses. You don’t have to use IP version six. You know, for the longest time, many networks ran on Novell’s IPX address information and not IP. So it’s important for you to look and say, oh, I see that. All of these things that I kind of thought were just fundamentally a part of the kernel are actually looking at the kernel as a common operating system or a common set of code that they attach themselves to.

In other words, their modules. And so it’s kind of nice to look at the modules and see what’s installed. It might, as I said, surprise you to see some things that you just thought were internally part of the kernel, never separable or separatable. And here it is, it’s a module. And you say, wow, I can take this stuff off. Remember, be careful. Take IP off. Don’t expect to reach it to the network. So you want to at least look at it, get the information. And if you’re going to play with this stuff, play with your own copies. Don’t use enterprise equipment.

34. The modprobe Command

Now, the mod probe command we told you was kind of pretty powerful. It could insert or remove a module from a kernel. So it’s a little different than the insert mod. The mod probe will automatically handle all module dependencies as well. So that means your dependent modules will be automatically loaded or unloaded by using the mod probe command. Now, this is something that is crucial because when you load a module, we sometimes forget that certain modules are dependent on other modules being in place.

And so when you load a module, if you don’t put all of the dependencies, the actual module is not going to boot up. You’re going to get errors. It’s just not going to work. So mod probe helps you out in putting in the correct module and the dependencies, as we said. Now, there are some options. You can use the dashc to show the configuration file the dash l, because we did say mod probe will also list the modules like LS mod or the dash r was the remove module and also hopefully cleaning up everything else that was put in to support that particular module.

35. Module Related Files

Now, there are a lot of module related files that you’ll find under the Etsy folder, the Slash, etc. You can look at the related files with the Modules, comf, or config file. There’s also a config modules file. There’s a mod probe, config and a mod probe Damon, that will show you all related files to all of these different processes. Now, the reason I bring that up is that you might find it important to see how each of those modules might be independently configured, and looking at files related to those modules could be useful for you.

And again, trying to fine tune this operating system. Now, I left that as a very vague statement because that’s where we’re taking this to, is we’re not going to get into all the great detail about how you would make this change or that change. It’s going to take a little research on your part. The goal is to make sure that we let you know that you have this ability to work with these modules, to insert, to modify, to remove them, to be able to, as we said, finetune this operating system, and we’ll leave that as an area for you to explore what kind of changes you can make.

36. Demo – Exploring Kernel Modules

Alright, so now we’re going to take a look at some of the kernel modules. Look at some more commands on the command line. We’re going to start off with the LS mod. And again, this is one of those ones that might give us more than our screen can actually hold in its buffer. So we’ll pipe it with the less command. And again, page up, page down shows us all of these modules that’s actually not too bad that are loaded Q to let me quit. Now we can also do, I think I am, let me make sure I’m the root good. We can also do the mod probe L. And this should give me a list of all the modules that are available, whether they’re loaded or not. So again, I’m going to use the less pipe so I can look at all the modules that could be loaded. I’m hitting page down, by the way, showing you all of these options.

And obviously, when we looked at those modules that were loaded and which ones could be loaded, we’re seeing that certainly we have more that could be than currently are. So I’m going to hit the Q again to quit out of there. Now, if you wanted to find some specific modules with the mod probe, I could use the Dashl. Again, in this case, I’m going to, instead of piping it, put in a wild card of all those that start with net. So there we go. That gave me kind of a little bit more information. All right, so now I’m going to change directories and I’m going to go to the Etsy directory with the CD. And in this configuration we’re going to do an LS mod asterisk so we can see all of the potential modules anyway, or all of the things that have those options to deal with. And one of the things we see there is a directory called the mod probe.

So what we’re going to do now is take a look inside the mod probe by doing something very similar to what we just did. We’re going to use the CD to get into the mod probe D directory. And once there, we’re going to do the LS command and let’s try to LS LF. Here we go. So again, you can see kind of some of the information that’s available there as far as other files and other directories. And the goal here in putting that information in there was that we wanted to see the files and directories that I started off with, that started with the word mod. We entered the as you saw the mod probe D so we could look at all of the information that is available in that particular daemon and some of those being other again, programs, some of those being actual folders that we can move to.

So this is a very rudimentary overview of just looking at the modules that are in your system. I’m going to change my directory locations into the Lib directory under modules. And again, I had some under Etsy, I have some here under Lib. Do an LS command again, and not much there really. Let’s do the CD to get to that particular directory. LS again. There we go. Now we see a few more module options that we have running there, at least some ideas of some information. We’ll use the LS, LF again to see those size of those different configurations. Okay, now, what about some of these? What kind of information can I find inside of some of these things? Well, that’s where we’ll use the less command again. And let’s look at this one big one, this modules dep.

Let’s take a look at what’s inside there. And the less command again, is showing us what’s actually inside that particular library set of modules. So, again, as a file, look at all the things it’s pointing to and referencing as I hit this page down. And it’s showing me the contents with each module being basically on its own line. And that kind of shows me these are dependencies for the modules that I might be running in other locations. So, it’s amazing the type of information that you can find. And some of you might be saying, I really don’t get it at all, I don’t see what our goal is, and I’m with you on that. So, the first part of this was, I think, very good to see the modules that were loaded, or could be loaded, taking you to the Etsy to see some of the modules that were there.

Taking you to the library to see some of the modules, and specifically showing you this file, these module dependencies. So you can actually see the list of dependencies that actually can be found running on this system. The goal is to let you know that there’s an incredible amount of information of modules making this operating system run and put together. And if you ever got into this idea of hardening your operating system, this is where you might find modules that you don’t need take them out. So you eliminate potential areas of attack. But if you’re more curious about modules, I’d encourage you to play around even more with these different directories and these different commands to see what’s running on your system.

37. Unit 07 Review

All right, so in this unit, we got under the hood of how Linux works. We looked at the processes, how to view them, describe them, to kill them, reprioritize those processes. It allowed us to really kind of get our hands dirty about how we want Linux to run. We also looked at how we can view the kernel information, kill modules, add new modules, fine tune it, harden it, try to improve performance. We did a lot to really be able to say, wow, I’m in full control of this operating system. I can really affect how it performs, how it runs, how programs run. And it gives you what I think is a lot of good control over your system to make it perform exactly the way you want. And that’s what we are hopefully getting you down in the, what I call the nitty gritty. To be able to go in there and make changes, make appropriate changes and see some great successes. You might see some failures, but that’s okay. You’ll know how to reverse it because of what we’ve shown you.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img