发布2024-04-21 07:52:25
发布2024-04-21 07:52:25

2.14.1 Standard Error(标准错误)

Occasionally, you may redirect standard output but find that the program still prints something to the terminal. This is called standard error (stderr); it’s an additional output stream for diagnostics and debugging.



For example, this command produces an error:


$ ls /fffffffff > f

After completion, f should be empty, but you still see the following error message on the terminal as standard error:


ls: cannot access /fffffffff: No such file or directory

You can redirect the standard error if you like. For example, to send standard output to f and standard error to e, use the 2> syntax, like this:

你可以重定向标准错误。例如,要将标准输出发送到f,将标准错误发送到e,可以使用 2> 语法,像这样:

$ ls /fffffffff > f 2> e

The number 2 specifies the stream ID that the shell modifies. Stream ID 1 is standard output (the default), and 2 is standard error.

数字2指定了shell修改的流ID。流ID 1是标准输出(默认值),2是标准错误。

You can also send the standard error to the same place as stdout with the >& notation. For example, to send both standard output and standard error to the file named f, try this command:

你也可以使用 >& 符号将标准错误发送到与stdout相同的位置。例如,要将标准输出和标准错误都发送到名为f的文件中,可以尝试以下命令:

$ ls /fffffffff > f 2>&1

2.14.2 Standard Input Redirection(标准输入重定向)

To channel a file to a program’s standard input, use the < operator:

要将文件传递给程序的标准输入,请使用 < 运算符:

$ head < /proc/cpuinfo

You will occasionally run into a program that requires this type of redirection, but because most Unix commands accept filenames as arguments, this isn’t very common. For example, the preceding command could have been written as head /proc/cpuinfo.


例如,前面的命令也可以写成 head /proc/cpuinfo。

2.15 Understanding Error Messages(理解错误消息)

When you encounter a problem on a Unix-like system such as Linux, you must read the error message. Unlike messages from other operating systems, Unix errors usually tell you exactly what went wrong.


2.15.1 UNIX错误消息的组成

Most Unix programs generate and report the same basic error messages, but there can be subtle differences between the output of any two programs. Here’s an example that you’ll certainly encounter in some form or other:


$ ls /dsafsda 
ls: cannot access /dsafsda: No such file or directory 

There are three components to this message:


o The program name, ls. Some programs omit this identifying information, which can be annoying when writing shell scripts, but it’s not really a big deal.

o The filename, /dsafsda, which is a more specific piece of information. There’s a problem with this path.

o The error No such file or directory indicates the problem with the filename.

o 程序名称 ls。一些程序会省略这个标识信息,在编写shell脚本时可能会有些烦人,但这并不是什么大问题。

o 文件名 /dsafsda,它是一个更具体的信息。这个路径有问题。

o 错误消息 "没有那个文件或目录" 指示了文件名的问题。

Putting it all together, you get something like “ls tried to open /dsafsda but couldn’t because it doesn’t exist.” This may seem obvious, but these messages can get a little confusing when you run a shell script that includes an erroneous command under a different name.

综合起来,你会得到类似于 "ls试图打开/dsafsda,但由于它不存在,所以无法打开" 的信息。这似乎很明显,但当你在以不同的名称运行一个包含错误命令的shell脚本时,这些消息可能会有点令人困惑。

When troubleshooting errors, always address the first error first. Some programs report that they can’t do anything before reporting a host of other problems. For example, say you run a fictitious program called scumd and you see this error message:


scumd: cannot access /etc/scumd/config: No such file or directory

Following this is a huge list of other error messages that looks like a complete catastrophe. Don’t let those other errors distract you. You probably just need to create /etc/scumd/config.


NOTE Don’t confuse error messages with warning messages. Warnings often look like errors, but they contain the word warning. A warning usually means something is wrong but the program will try to continue running anyway. To fix a problem noted in a warning message, you may have to hunt down a process and kill it before doing anything else. (You’ll learn about listing and killing processes in 2.16 Listing and Manipulating Processes.)注意:不要将错误消息与警告消息混淆。警告通常看起来像错误,但它们包含了"警告"一词。警告通常意味着有些问题,但程序将尝试继续运行。要修复警告消息中指出的问题,你可能需要在执行其他操作之前查找并终止一个进程(你将在2.16 列出和操作进程中学习如何列出和终止进程)。

2.15.2 Common Errors(常见错误)

Many errors that you’ll encounter in Unix programs result from things that can go wrong with files and processes. Here’s an error message hit parade:


No such file or directory(没有这个文件或目录)

This is the number one error. You tried to access a file that doesn’t exist. Because the Unix file I/O system doesn’t discriminate between files and directories, this error message occurs everywhere. You get it when you try to read a file that does not exist, when you try to change to a directory that isn’t there, when you try to write to a file in a directory that doesn’t exist, and so on.


File exists(文件已存在)

In this case, you probably tried to create a file that already exists. This is common when you try to create a directory with the same name as a file.


Not a directory, Is a directory 不是一个目录,是一个目录

These messages pop up when you try to use a file as a directory or a directory as a file. For example:


$ touch a 
$ touch a/b 
touch: a/b: Not a directory 

Notice that the error message only applies to the a part of a/b. When you encounter this problem, you may need to dig around a little to find the path component that is being treated like a directory.


No space left on device 设备上没有剩余空间

You’re out of disk space.


Permission denied(权限被拒绝)

You get this error when you attempt to read or write to a file or directory that you’re not allowed to access (you have insufficient privileges). This error also shows when you try to execute a file that does not have the execute bit set (even if you can read the file). You’ll read more about permissions in 2.17 File Modes and Permissions.


Operation not permitted(操作不允许)

This usually happens when you try to kill a process that you don’t own.


Segmentation fault, Bus error( 分段错误,总线错误)

A segmentation fault essentially means that the person who wrote the program that you just ran screwed up somewhere. The program tried to access a part of memory that it was not allowed to touch, and the operating system killed it. Similarly, a bus error means that the program tried to access some memory in a particular way that it shouldn’t. When you get one of these errors, you might be giving a program some input that it did not expect.





2.16 Listing and Manipulating Processes(进程的列举和操作)

Recall from Chapter 1 that a process is a running program. Each process on the system has a numeric process ID (PID). For a quick listing of running processes, just run ps on the command line. You should get a list like this one:


$ ps
 520 p0 S 0:00 -bash
 545 ? S 3:59 /usr/X11R6/bin/ctwm -W
 548 ? S 0:10 xclock -geometry -0-0
2159 pd SW 0:00 /usr/bin/vi lib/addresses
31956 p3 R 0:00 ps

The fields are as follows:

o PID. The process ID.

o TTY. The terminal device where the process is running. More about this later.

o STAT. The process status, that is, what the process is doing and where its memory resides. For example, S means sleeping and R means running. (See the ps(1) manual page for a description of all the symbols.)

o TIME. The amount of CPU time in minutes and seconds that the process has used so far. In other words, the total amount of time that the process has spent running instructions on the processor.

o COMMAND. This one might seem obvious, but be aware that a process can change this field from its original value.


o PID:进程ID。

o TTY:进程运行的终端设备。关于此后面会有更多介绍。

o STAT:进程的状态,即进程正在做什么以及其内存所在的位置。例如,S表示睡眠,R表示运行。(有关所有符号的描述,请参阅ps(1)手册页。)

o TIME:进程到目前为止使用的CPU时间(以分钟和秒为单位)。换句话说,进程在处理器上运行指令所花费的总时间。

o COMMAND:这个可能看起来很明显,但请注意,进程可以将此字段从其原始值更改为其他值。

2.16.1 命令选项

The ps command has many options. To make things more confusing, you can specify options in three different styles—Unix, BSD, and GNU. Many people find the BSD style to be the most comfortable (perhaps because it involves less typing), so we’ll use the BSD style in this book. Here are some of the most useful option combinations:




As with other programs, you can combine options, as in ps aux and ps auxw. To check on a specific

process, add its PID to the argument list of the ps command. For example, to inspect the current shell process,

you could use ps \$\$, because \$\$ is a shell variable that evaluates to the current shell’s PID. (You’ll find

information on the administration commands top and lsof in Chapter 8. These can be useful for locating

processes, even when doing something other than system maintenance.)

与其他程序一样,您可以组合选项,例如 ps aux 和 ps auxw。

要检查特定进程,请将其 PID 添加到 ps 命令的参数列表中。

例如,要检查当前 shell 进程,可以使用 ps u \$\$,因为 \$\$ 是一个 shell 变量,它的值为当前 shell 的 PID。

(关于管理命令 top 和 lsof 的信息可以在第8章找到。即使在进行系统维护以外的操作时,它们也可以用于定位进程。)

2.16.2 Killing Processes(终止进程)

To terminate a process, send it a signal with the kill command. A signal is a message to a process from the kernel. When you run kill, you’re asking the kernel to send a signal to another process. In most cases, all you need to do is this:

要终止一个进程,请使用 kill 命令向其发送一个信号。信号是内核向进程发送的一条消息。

当您运行 kill 命令时,您正在请求内核向另一个进程发送一个信号。


$ kill pid

There are many types of signals. The default is TERM, or terminate. You can send different signals by adding an extra option to kill. For example, to freeze a process instead of terminating it, use the STOP signal:

有许多类型的信号。默认信号是 TERM,即终止。您可以通过在 kill 命令中添加额外选项来发送不同的信号。例如,要冻结一个进程而不是终止它,请使用 STOP 信号:

$ kill -STOP pid

A stopped process is still in memory, ready to pick up where it left off. Use the CONT signal to continue running the process again:

一个被停止的进程仍然在内存中,准备继续从上次停止的地方继续执行。使用 CONT 信号可以继续运行该进程:

$ kill -CONT pid

NOTE Using ctrl-c to terminate a process that is running in the current terminal is the same as using kill to end the process with the INT (interrupt) signal.注意在当前终端中使用ctrl-c终止正在运行的进程与使用kill命令以INT(中断)信号结束进程是相同的。

The most brutal way to terminate a process is with the KILL signal. Other signals give the process a chance to clean up after itself, but KILL does not. The operating system terminates the process and forcibly removes it from memory. Use this as a last resort.




You should not kill processes indiscriminately, especially if you don’t know what they’re doing. You may be shooting yourself in the foot.


You may see other users entering numbers instead of names with kill; for example, kill -9 instead of kill -KILL. This is because the kernel uses numbers to denote the different signals; you can use kill this way if you know the number of the signal that you want to send.

您可能会看到其他用户使用数字而不是名称输入kill命令;例如,kill -9而不是kill -KILL。


2.16.3 Job Control(作业控制)

Shells also support job control, which is a way to send TSTP (similar to STOP) and CONT signals to programs by using various keystrokes and commands. For example, you can send a TSTP signal with CTRL-Z, then start the process again by entering fg (bring to foreground) or bg (move to background; see the next section). But despite its utility and the habits of many experienced users, job control is not necessary and can be confusing for beginners: It’s common for users to press CTRL-Z instead of CTRL-c, forget about what they were running, and eventually end up with numerous suspended processes hanging around.

Shell 还支持作业控制,这是一种通过使用各种按键和命令向程序发送 TSTP(类似于 STOP)和 CONT 信号的方式。

例如,你可以使用 CTRL-Z 发送 TSTP 信号,然后通过输入 fg(将进程带到前台)或 bg(移到后台;请参见下一节)来重新启动进程。

但是,尽管它很实用并且许多有经验的用户习惯使用它,但作业控制对于初学者来说并不是必需的,可能会造成困惑:用户经常按下 CTRL-Z 而不是 CTRL-C,忘记他们正在运行什么,最终导致大量挂起的进程存在。

HINT To see if you’ve accidentally suspended any processes on your current terminal, run the jobs command.提示要查看是否在当前终端上意外挂起了任何进程,请运行 jobs 命令。

If you want to run multiple shells, run each program in a separate terminal window, put noninteractive processes in the background (as explained in the next section), or learn to use the screen program.

如果你想运行多个 shell,请在单独的终端窗口中运行每个程序,将非交互式进程放在后台(如下一节所述),或学习使用 screen 程序。

2.16.4 Background Processes(后台进程)

Normally, when you run a Unix command from the shell, you don’t get the shell prompt back until the program finishes executing. However, you can detach a process from the shell and put it in the “background” with the ampersand (&); this gives you the prompt back. For example, if you have a large file that you need to decompress with gunzip (you’ll see this in 2.18 Archiving and Compressing Files), and you want to do some other stuff while it’s running, run a command like this one:

通常,当你从 shell 运行 Unix 命令时,直到程序执行完成,你才会得到 shell 提示符。

然而,你可以使用和号(&)将一个进程从 shell 中分离并放到“后台”;这样你就能够立即得到提示符。

例如,如果你有一个需要使用 gunzip(你将在 2.18 文件归档和压缩 中看到)解压缩的大文件,并且你希望在它运行时做其他事情,可以运行以下命令:

$ gunzip file.gz &

The shell should respond by printing the PID of the new background process, and the prompt should return immediately so that you can continue working. The process will continue to run after you log out, which comes in particularly handy if you have to run a program that does a lot of number crunching for a while. (Depending on your setup, the shell might notify you when the process completes.)

Shell 应该会打印新后台进程的 PID,并立即返回提示符,以便你可以继续工作。


(根据你的设置,当进程完成时,shell 可能会通知你。)

The dark side of running background processes is that they may expect to work with the standard input (or worse, read directly from the terminal). If a program tries to read something from the standard input when it’s in the background, it can freeze (try fg to bring it back) or terminate. Also, if the program writes to the standard output or standard error, the output can appear in the terminal window with no regard for anything else running there, meaning that you can get unexpected output when you’re working on something else.


如果一个程序在后台时尝试从标准输入读取内容,它可能会冻结(尝试使用 fg 将其带回前台)或终止。


The best way to make sure that a background process doesn’t bother you is to redirect its output (and possibly input) as described in 2.14 Shell Input and Output.

确保后台进程不会打扰你的最佳方法是根据 2.14 Shell 输入和输出 中所述重定向其输出(和可能的输入)。

If spurious output from background processes gets in your way, learn how to redraw the content of your terminal window. The bash shell and most full-screen interactive programs support CTRL-L to redraw the entire screen. If a program is reading from the standard input, CTRL-R usually redraws the current line, but pressing the wrong sequence at the wrong time can leave you in an even worse situation than before. For example, entering CTRL-R at the bash prompt puts you in reverse isearch mode (press ESC to exit).


bash shell和大多数全屏交互式程序都支持使用CTRL-L重新绘制整个屏幕。



2.17 File Modes and Permissions(文件模式和权限)

Every Unix file has a set of permissions that determine whether you can read, write, or run the file. Running ls -l displays the permissions. Here’s an example of such a display:


运行ls -l命令显示权限。以下是一个示例显示:

-rw-r--r--➊ 1 juser somegroup 7041 Mar 26 19:34 endnotes.html

The file’s mode ➊ represents the file’s permissions and some extra information. There are four parts to the mode, as illustrated in Figure 2-1.

文件的模式 ➊ 表示文件的权限和一些额外信息。模式有四个部分,如图2-1所示。

The first character of the mode is the file type. A dash (-) in this position, as in the example, denotes a regular file, meaning that there’s nothing special about the file. This is by far the most common kind of file. Directories are also common and are indicated by a d in the file type slot. (3.1 Device Files lists the remaining file types.)




(3.1 设备文件列出了其他文件类型。)


The rest of a file’s mode contains the permissions, which break down into three sets: user, group, and other, in that order. For example, the rw- characters in the example are the user permissions, the r-- characters that follow are the group permissions, and the final r-- characters are the other permissions.




Each permission set can contain four basic representations:


The user permissions (the first set) pertain to the user who owns the file. In the preceding example, that’s juser. The second set, group permissions, are for the file’s group (somegroup in the example). Any user in that group can take advantage of these permissions. (Use the groups command to see what group you’re in, and see 7.3.5 Working with Groups for more information.)






Everyone else on the system has access according to the third set, the other permissions, which are sometimes called world permissions.


NOTE Each read, write, and execute permission slot is sometimes called a permission bit. Therefore, you may hear people refer to parts of the permissions as “the read bits.”注意:每个读取、写入和执行权限位有时被称为权限位。因此,您可能会听到人们将权限的部分称为“读取位”。

Some executable files have an s in the user permissions listing instead of an x. This indicates that the executable is setuid, meaning that when you execute the program, it runs as though the file owner is the user instead of you. Many programs use this setuid bit to run as root in order to get the privileges they need to change system files. One example is the passwd program, which needs to change the /etc/passwd file.





2.17.1 Modifying Permissions 修改权限

To change permissions, use the chmod command. First, pick the set of permissions that you want to change, and then pick the bit to change. For example, to add group (g) and world (o, for “other”) read (r) permissions to file, you could run these two commands:



$ chmod g+r file
$ chmod o+r file

Or you could do it all in one shot:


$ chmod go+r file

To remove these permissions, use go-r instead of go+r.


NOTE Obviously, you shouldn’t make files world-writable because doing so gives anyone on your system the ability to change them. But would this allow anyone connected to the Internet to change your files? Probably not, unless your system has a network security hole. In that case, file permissions won’t help you anyway.注意显然,您不应该将文件设置为全局可写,因为这样做会使系统上的任何人都能够更改它们。但是,这样做是否允许连接到互联网的任何人更改您的文件呢?可能不会,除非您的系统存在网络安全漏洞。在这种情况下,文件权限也无法帮助您。

You may sometimes see people changing permissions with numbers, for example:


$ chmod 644 file

This is called an absolute change because it sets all permission bits at once. To understand how this works, you need to know how to represent the permission bits in octal form (each numeral represents a number in base 8 and corresponds to a permission set). See the chmod(1) manual page or info manual for more.




You don’t really need to know how to construct absolute modes; just memorize the modes that you use most often. Table 2-4 lists the most common ones.


Table 2-4. Absolute Permission Modes


Directories also have permissions. You can list the contents of a directory if it’s readable, but you can only access a file in a directory if the directory is executable. (One common mistake people make when setting the permissions of directories is to accidentally remove the execute permission when using absolute modes.)




Finally, you can specify a set of default permissions with the umask shell command, which applies a predefined set of permissions to any new file you create. In general, use umask 022 if you want everyone to be able to see all of the files and directories that you create, and use umask 077 if you don’t. (You’ll need to put the umask command with the desired mode in one of your startup files to make your new default permissions apply to later sessions, as discussed in Chapter 13.)

最后,你可以使用umask shell命令指定一组默认权限,该命令会将预定义的权限应用于你创建的任何新文件。

一般来说,如果你希望每个人都能看到你创建的所有文件和目录,请使用umask 022;如果不希望每个人都能看到,请使用umask 077。


2.17.2 Symbolic Links(符号链接)

A symbolic link is a file that points to another file or a directory, effectively creating an alias (like a shortcut in Windows). Symbolic links offer quick access to obscure directory paths.



In a long directory listing, symbolic links look like this (notice the l as the file type in the file mode):


lrwxrwxrwx 1 ruser users 11 Feb 27 13:52 somedir -> /home/origdir

If you try to access somedir in this directory, the system gives you /home/origdir instead. Symbolic links are simply names that point to other names. Their names and the paths to which they point don’t have to mean anything. For example, /home/origdir doesn’t even need to exist.




In fact, if /home/origdir does not exist, any program that accesses somedir reports that somedir doesn’t exist (except for ls somedir, a command that stupidly informs you that somedir is somedir). This can be baffling because you can see something named somedir right in front of your eyes.

实际上,如果/home/origdir不存在,访问somedir的任何程序都会报告somedir不存在(除了ls somedir,这个命令愚蠢地告诉您somedir是somedir)。


This is not the only way that symbolic links can be confusing. Another problem is that you can’t identify the characteristics of a link target just by looking at the name of the link; you must follow the link to see if it goes to a file or directory. Your system may also have links that point to other links, which are called chained symbolic links.




2.17.3 Creating Symbolic Links(创建符号链接)

To create a symbolic link from target to linkname, use ln -s:

要从目标到链接名创建符号链接,请使用ln -s命令:

$ ln -s target linkname

The linkname argument is the name of the symbolic link, the target argument is the path of the file or directory that the link points to, and the -s flag specifies a symbolic link (see the warning that follows).


When making a symbolic link, check the command twice before you run it because several things can go wrong. For example, if you reverse the order of the arguments (ln -s linkname target), you’re in for some fun if linkname is a directory that already exists. If this is the case (and it quite often is), ln creates a link named target inside linkname, and the link will point to itself unless linkname is a full path. If something goes wrong when you create a symbolic link to a directory, check that directory for errant symbolic links and remove them.


例如,如果您颠倒了参数的顺序(ln -s 链接名 目标),如果链接名是一个已经存在的目录,那么您就会遇到一些麻烦。



Symbolic links can also cause headaches when you don’t know that they exist. For example, you can easily edit what you think is a copy of a file but is actually a symbolic link to the original.



WARNING Don’t forget the -s option when creating a symbolic link. Without it, ln creates a hard link, giving an additional real filename to a single file. The new filename has the status of the old one; it points (links) directly to the file data instead of to another filename as a symbolic link does. Hard links can be even more confusing than symbolic links. Unless you understand the material in 4.5 Inside a Traditional Filesystem, avoid using them.注意 在创建符号链接时,不要忘记使用“-s”选项。如果没有使用该选项,ln命令会创建一个硬链接,为单个文件提供一个额外的真实文件名。新的文件名具有旧文件名的状态;它直接指向文件数据,而不像符号链接那样指向另一个文件名。硬链接可能比符号链接更令人困惑。除非你理解4.5节“传统文件系统内部”的内容,否则请避免使用硬链接。

With all of these warnings regarding symbolic links, why would anyone bother to use them? Because they offer a convenient way to organize and share files, as well as patch up small problems.



2.18 Archiving and Compressing Files(归档和压缩文件)

Now that you’ve learned about files, permissions, and possible errors, you need to master gzip and tar.


2.18.1 gzip

The program gzip (GNU Zip) is one of the current standard Unix compression programs. A file that ends with .gz is a GNU Zip archive. Use gunzip file.gz to uncompress .gz and remove the suffix; to compress it again, use gzip file.

gzip(GNU Zip)是当前标准的Unix压缩程序之一。

以.gz结尾的文件是GNU Zip归档文件。使用gunzip file.gz来解压缩< file>.gz并移除后缀;要再次压缩它,使用gzip file。

2.18.2 tar

Unlike the zip programs for other operating systems, gzip does not create archives of files; that is, it doesn’t pack multiple files and directories into one file. To create an archive, use tar instead:



$ tar cvf archive.tar file1 file2 ...

Archives created by tar usually have a .tar suffix (this is by convention; it isn’t required). For example, in the command above, file1, file2, and so on are the names of the files and directories that you wish to archive in .tar. The c flag activates create mode. The r and f flags have more specific roles.


例如,在上述命令中,file1、file2等是您希望在< archive>.tar中归档的文件和目录的名称。


The v flag activates verbose diagnostic output, causing tar to print the names of the files and directories in the archive when it encounters them. Adding another v causes tar to print details such as file size and permissions. If you don’t want tar to tell you what it’s doing, omit the v flag.



The f flag denotes the file option. The next argument on the command line after the f flag must be the archive file for tar to create (in the preceding example, it is .tar). You must use this option followed by a filename at all times, except with tape drives. To use standard input or output, enter a dash (-) instead of the filename.

f标志表示文件选项。f标志后的命令行参数必须是tar要创建的归档文件(在上面的例子中,它是< archive>.tar)。



Unpacking tar files(解压tar文件)

To unpack a .tar file with tar use the x flag:


$ tar xvf archive.tar

In this command, the x flag puts tar into extract (unpack) mode. You can extract individual parts of the archive by entering the names of the parts at the end of the command line, but you must know their exact names. (To find out for sure, see the table-of-contents mode described shortly.)




NOTE When using extract mode, remember that tar does not remove the archived .tar file after extracting its contents.注意在使用提取模式时,请记住tar在提取内容后不会删除归档的.tar文件。

Table-of-Contents Mode(目录结构模式)

Before unpacking, it’s usually a good idea to check the contents of a .tar file with the table-of-contents mode by using the t flag instead of the x flag. This mode verifies the archive’s basic integrity and prints the names of all files inside. If you don’t test an archive before unpacking it, you can end up dumping a huge mess of files into the current directory, which can be really difficult to clean up.




When you check an archive with the t mode, verify that everything is in a rational directory structure; that is, all file pathnames in the archive should start with the same directory. If you’re unsure, create a temporary directory, change to it, and then extract. (You can always use mv * .. if the archive didn’t create a mess.)



(如果归档没有创建混乱,您始终可以使用mv * ..命令。)

When unpacking, consider using the p option to preserve permissions. Use this in extract mode to override your umask and get the exact permissions specified in the archive. The p option is the default when working as the superuser. If you’re having trouble with permissions and ownership when unpacking an archive as the superuser, make sure that you are waiting until the command terminates and you get the shell prompt back. Although you may only want to extract a small part of an archive, tar must run through the whole thing, and you must not interrupt the process because it sets the permissions only after checking the entire archive






Commit all of the tar options and modes in this section to memory. If you’re having trouble, make some flash cards. This may sound like grade-school, but it’s very important to avoid careless mistakes with this command.




2.18.3 Compressed Archives (.tar.gz) (压缩归档文件 (.tar.gz))

Many beginners find it confusing that archives are normally found compressed, with filenames ending in .tar.gz. To unpack a compressed archive, work from the right side to the left; get rid of the .gz first and then worry about the .tar. For example, these two commands decompress and unpack .tar.gz:



例如,以下两个命令可以解压缩并解包< file>.tar.gz:

$ gunzip file.tar.gz
$ tar xvf file.tar

When starting out, you can do this one step at a time, first running gunzip to decompress and then tar to verify and unpack. To create a compressed archive, do the reverse; run tar first and gzip second. Do this frequently enough, and you’ll soon memorize how the archiving and compression process works. You’ll also get tired of all of the typing and start to look for shortcuts. Let’s take a look at those now.






2.18.4 zcat

The method shown above isn’t the fastest or most efficient way to invoke tar on a compressed archive, and it wastes disk space and kernel I/O time. A better way is to combine archival and compression functions with a pipeline. For example, this command pipeline unpacks .tar.gz:



例如,以下命令通过管道解包< file>.tar.gz:

$ zcat file.tar.gz | tar xvf -

The zcat command is the same as gunzip -dc. The -d option decompresses and the -c option sends the result to standard output (in this case, to the tar command).

zcat命令与gunzip -dc命令相同。


Because it’s so common to use zcat, the version of tar that comes with Linux has a shortcut. You can use z as an option to automatically invoke gzip on the archive; this works both for extracting an archive (with the x or t modes in tar) and creating one (with c). For example, use the following to verify a compressed archive:





$ tar ztvf file.tar.gz

However, you should try to master the longer form before taking the shortcut


NOTE A .tgz file is the same as a .tar.gz file. The suffix is meant to fit into FAT (MS-DOS-based) filesystems.注意tgz文件与.tar.gz文件相同。后缀是为了适应FAT(基于MS-DOS的)文件系统。

2.18.5 Other Compression Utilities(其他压缩工具)

Another compression program in Unix is bzip2, whose compressed files end with .bz2. While marginally slower than gzip, bzip2 often compacts text files a little more, and it is therefore increasingly popular in the distribution of source code. The decompressing program to use is bunzip2, and the options of both components are close enough to those of gzip that you don’t need to learn anything new. The bzip2 compression/decompression option for tar is j.






A new compression program named xz is also gaining popularity. The corresponding decompression program is unxz, and the arguments are similar to those of gzip. Most Linux distributions come with zip and unzip programs that are compatible with the zip archives on Windows systems. They work on the usual .zip files as well as self-extracting archives ending in .exe. But if you encounter a file that ends in .Z, you have found a relic created by the compress program, which was once the Unix standard. The gunzip program can unpack these files, but gzip won’t create them.





2.19 Linux Directory Hierarchy Essentials(Linux目录层次结构基础)

Now that you know how to examine files, change directories, and read manual pages, you’re ready to start exploring your system files. The details of the Linux directory structure are outlined in the Filesystem Hierarchy Standard, or FHS (http://www.pathname.com/fhs/), but a brief walkthrough should suffice for now


Linux目录结构的详细信息在文件系统层次结构标准(Filesystem Hierarchy Standard,简称FHS)中有介绍(http://www.pathname.com/fhs/),但是简要的概述现在应该足够了。

Figure 2-2 offers a simplified overview of the hierarchy, showing some of the directories under /, /usr, and /var. Notice that the directory structure under /usr contains some of the same directory names as /.



Figure 2-2. Linux directory hierarchy
Figure 2-2. Linux directory hierarchy

Figure 2-2. Linux directory hierarchy

Here are the most important subdirectories in root:


o /bin Contains ready-to-run programs (also known as an executables), including most of the basic Unix commands such as ls and cp. Most of the programs in /bin are in binary format, having been created by a C compiler, but some are shell scripts in modern systems.

o /dev Contains device files. You’ll learn more about these in Chapter 3.

o /etc This core system configuration directory (pronounced EHT-see) contains the user password, boot, device, networking, and other setup files. Many items in /etc are specific to the machine’s hardware. For example, the /etc/X11 directory contains graphics card and window system configurations.

o /home Holds personal directories for regular users. Most Unix installations conform to this standard.

o /lib An abbreviation for library, this directory holds library files containing code that executables can use. There are two types of libraries: static and shared. The /lib directory should contain only shared libraries, but other lib directories, such as /usr/lib, contain both varieties as well as other auxiliary files. (We’ll discuss shared libraries in more detail in Chapter 15.)

o /proc Provides system statistics through a browsable directory-and-file interface. Much of the /proc subdirectory structure on Linux is unique, but many other Unix variants have similar features. The /proc directory contains information about currently running processes as well as some kernel parameters.

o /sys This directory is similar to /proc in that it provides a device and system interface. You’ll read more about /sys in Chapter 3.

o /sbin The place for system executables. Programs in /sbin directories relate to system management, so regular users usually do not have /sbin components in their command paths. Many of the utilities found here will not work if you’re not running them as root.

o /tmp A storage area for smaller, temporary files that you don’t care much about. Any user may read to and write from /tmp, but the user may not have permission to access another user’s files there. Many programs use this directory as a workspace. If something is extremely important, don’t put it in /tmp because most distributions clear /tmp when the machine boots and some even remove its old files periodically. Also, don’t let /tmp fill up with garbage because its space is usually shared with something critical (like the rest of /, for example).

o /usr Although pronounced “user,” this subdirectory has no user files. Instead, it contains a large directory hierarchy, including the bulk of the Linux system. Many of the directory names in /usr are the same as those in the root directory (like /usr/bin and /usr/lib), and they hold the same type of files. (The reason that the root directory does not contain the complete system is primarily historic—in the past, it was to keep space requirements low for the root.)

o /var The variable subdirectory, where programs record runtime information. System logging, user tracking, caches, and other files that system programs create and manage are here. (You’ll notice a /var/tmp directory here, but the system doesn’t wipe it on boot.

o /bin:包含可直接运行的程序(也称为可执行文件),包括大多数基本的Unix命令,如ls和cp。/bin目录中的大多数程序都是以二进制格式创建的,由C编译器生成,但在现代系统中也有一些shell脚本。

o /dev:包含设备文件。您将在第3章中了解更多相关信息。

o /etc:这是核心系统配置目录(发音为EHT-see),包含用户密码、引导、设备、网络和其他设置文件。/etc目录中的许多项目都是特定于机器硬件的。例如,/etc/X11目录包含图形卡和窗口系统的配置。

o /home:为普通用户提供个人目录。大多数Unix安装都符合这个标准。

o /lib:缩写为库,该目录包含包含可执行文件可以使用的代码的库文件。有两种类型的库:静态库和共享库。/lib目录只应包含共享库,但其他lib目录(例如/usr/lib)也包含两种类型的库以及其他辅助文件。(我们将在第15章中更详细地讨论共享库。)

o /proc:通过可浏览的目录和文件接口提供系统统计信息。Linux上的/proc子目录结构很独特,但许多其他Unix变种也具有类似的功能。/proc目录包含有关当前运行的进程以及一些内核参数的信息。

o /sys:此目录类似于/proc目录,提供设备和系统接口。您将在第3章中了解更多关于/sys目录的信息。

o /sbin:系统可执行文件的位置。/sbin目录中的程序与系统管理相关,因此普通用户通常不会在其命令路径中包含/sbin组件。这里找到的许多实用程序如果不以root身份运行,则无法工作。

o /tmp是一个存储较小、临时文件的区域,你对它并不太在意。任何用户都可以读取和写入/tmp,但用户可能没有权限访问其他用户在此处的文件。许多程序将此目录用作工作空间。如果某个文件非常重要,不要放在/tmp中,因为大多数发行版在机器启动时会清除/tmp,有些甚至会定期删除其旧文件。此外,不要让/tmp充满垃圾,因为它的空间通常与某些关键内容(例如根目录的其他部分)共享。

o /usr虽然发音为“user”,但这个子目录没有用户文件。相反,它包含一个大型的目录层次结构,包括大部分Linux系统。/usr中的许多目录名与根目录中的目录名相同(如/usr/bin和/usr/lib),并且它们保存着相同类型的文件。(根目录不包含完整的系统的原因主要是历史原因——过去为了使根目录的空间要求较低。)

o /var是变量子目录,程序在此记录运行时信息。系统日志、用户跟踪、缓存和其他系统程序创建和管理的文件都在这里。(你会注意到这里有一个/var/tmp目录,但系统不会在启动时清除它。)

2.19.1 Other Root Subdirectories(其他根目录的子目录)

There are a few other interesting subdirectories in the root directory:


o /boot Contains kernel boot loader files. These files pertain only to the very first stage of the Linux startup procedure; you won’t find information about how Linux starts up its services in this directory. See Chapter 5 for more about this.

o /media A base attachment point for removable media such as flash drives that is found in many distributions.

o /opt This may contain additional third-party software. Many systems don’t use /opt.






2.19.2 The /usr Directory(/usr目录)

The /usr directory may look relatively clean at first glance, but a quick look at /usr/bin and /usr/lib reveals that there’s a lot here; /usr is where most of the user-space programs and data reside. In addition to /usr/bin, /usr/sbin, and /usr/lib, /usr contains the following:

/ usr目录乍一看可能相对干净,但快速查看/usr/bin和/usr/lib会发现这里有很多内容;



o /include Holds header files used by the C compiler.

o /info Contains GNU info manuals (see 2.13 Getting Online Help).

o /local Is where administrators can install their own software. Its structure should look like that of / and /usr.

o /man Contains manual pages.

o /share Contains files that should work on other kinds of Unix machines with no loss of functionality. In the past, networks of machines would share this directory, but a true /share directory is becoming rare because there are no space issues on modern disks. Maintaining a /share directory is often just a pain. In any case, /man, /info, and some other subdirectories are often found here.

  • /include保存C编译器使用的头文件。
  • /info包含GNU info手册(见2.13 获取在线帮助)。
  • /local是管理员可以安装自己软件的地方。它的结构应该类似于/和/usr。
  • /man包含手册页。
  • /share包含应该在其他类型的Unix机器上正常工作的文件,而不会丧失功能。过去,机器网络会共享此目录,但真正的/share目录变得越来越少,因为现代磁盘没有空间问题。维护/share目录通常只是一种麻烦。无论如何,/man、/info和其他一些子目录通常在这里找到。

2.19.3 Kernel Location(内核位置)

On Linux systems, the kernel is normally in /vmlinuz or /boot/vmlinuz. A boot loader loads this file into memory and sets it in motion when the system boots. (You’ll find details on the boot loader in Chapter 5.)



Once the boot loader runs and sets the kernel in motion, the main kernel file is no longer used by the running system. However, you’ll find many modules that the kernel can load and unload on demand during the course of normal system operation. Called loadable kernel modules, they are located under /lib/modules.




2.20 Running Commands as the Superuser(以超级用户身份运行命令)

Before going any further, you should learn how to run commands as the superuser. You probably already know that you can run the su command and enter the root password to start a root shell. This practice works, but it has certain disadvantages:


您可能已经知道可以运行su命令并输入root密码来启动root shell。这种做法是可行的,但也存在一些缺点:

o You have no record of system-altering commands.

o You have no record of the users who performed system-altering commands.

o You don’t have access to your normal shell environment.

o You have to enter the root password.

  • 您无法记录修改系统的命令。
  • 您无法记录执行修改系统命令的用户。
  • 您无法访问正常的shell环境。
  • 您需要输入root密码。

2.20.1 sudo

Most larger distributions use a package called sudo to allow administrators to run commands as root when they are logged in as themselves. For example, in Chapter 7, you’ll learn about using vipw to edit the /etc/passwd file. You could do it like this:


$ sudo vipw

When you run this command, sudo logs this action with the syslog service under the local2 facility. You’ll also learn more about system logs in Chapter 7.



2.20.2 /etc/sudoers

Of course, the system doesn’t let just any user run commands as the superuser; you must configure the privileged users in your /etc/sudoers file. The sudo package has many options (that you’ll probably never use), which makes the syntax in /etc/sudoers somewhat complicated. For example, this file gives user1 and user2 the power to run any command as root without having to enter a password:




User_Alias ADMINS = user1, user2
root ALL=(ALL) ALL

The first line defines an ADMINS user alias with the two users, and the second line grants the privileges. The ALL = NOPASSWD: ALL part means that the users in the ADMINS alias can use sudo to execute commands as root. The second ALL means “any command.” The first ALL means “any host.” (If you have more than one machine, you can set different kinds of access for each machine or group of machines, but we won’t cover that feature.)


ALL = NOPASSWD: ALL部分表示ADMINS别名中的用户可以使用sudo以root身份执行命令。



The root ALL=(ALL) ALL simply means that the superuser may also use sudo to run any command on any host. The extra (ALL) means that the superuser may also run commands as any other user. You can extend this privilege to the ADMINS users by adding (ALL) to the /etc/sudoers line, as shown at ➊: ADMINS ALL = (ALL)➊ NOPASSWD: ALL

root ALL=(ALL) ALL简单地表示超级用户也可以使用sudo在任何主机上运行任何命令。




NOTE Use the visudo command to edit /etc/sudoers. This command checks for file syntax errors after you save the file. That’s it for sudo for now. If you need to use its more advanced features, see the sudoers(5) and sudo(8) manual pages. (The actual mechanics of user switching are covered in Chapter 7.)注意使用visudo命令编辑/etc/sudoers文件。此命令在保存文件后会检查文件语法错误。目前关于sudo的介绍就到这里了。如果你需要使用它的更高级功能,请参阅sudoers(5)和sudo(8)的手册页面。(有关用户切换的实际机制将在第7章中介绍。)

2.21 Looking Forward(展望未来)

You should now know how to do the following at the command line: run programs, redirect output, interact with files and directories, view process listings, view manual pages, and generally make your way around the user space of a Linux system. You should also be able to run commands as the superuser. You may not yet know much about the internal details of user-space components or what goes on in the kernel, but with the basics of files and processes under your belt, you’re on your way. In the next few chapters, you’ll be working with both kernel and user-space system components using the command-line tools that you just learned.






