Linux: NFS intro

-nfs is protocol that lets computer share files.
-nfs was introduced by Sun in 1984 and freely available to public in v2 in 1989.
-now nfs is an open standard and all Linux/Unix have some nfs implementation.
-nfs is transparent; if the server crashes, no data is lost.
-clients can simply wait resume work when server comes back--as if nothing happened.
-nfsv2 was slow bec the server must commit each modified block before replying to client.
-nfsv2 used udp, nfsv3 gave choice of udp or tcp, nfsv4 is only tcp.
-nfsv2 and v3 are stateless, nfsv4 is stateful.
-stateless - server doesnt keep track of which client has mounted what. This simplifies recoveries after crash.
-stateful  - server and client keep track of open files and locks. recovery req both server and client to work together.
-nfsv4 has speed, security and support for other os, internet, acls etc.
-recommended nfs is v4 or v3 at least.
-nfsv2 and v3 have poor security. v4 mandates strong security.
-auth_none=>no security; auth_sys=>unix like /etc/passwd sec; rpcsec_gss=>strong security in v4.
-nfs uses raw uid, gid values to identify users and grant access. v4 does user@domain, group@domain instead.
-nfsv4 uses port 2049 and tcp prot.
-in nfs, user id mapping has nothing to do with user authentication.
-eg: user john with id 1000 on client may be a different named user joe with id 1000 on server.
-this means, files req by john can actually belong to joe.
-traditionally, root access to nfs is limited.
-root uid 0 on client is converted to user nobody on server. This is called 'root-squashing'

-nfs server daemons:
    . mountd   -    to serve mount reqs by clients.
    . nfsd     -    to actually serve data once mounted.
    . portmap  -    to run rpc protocol, the underlying proto behind mountd and nfsd.
-some systems may prefix 'rpc.' to daemons. eg rpc.mountd.
-multiple instances of nfsd may be run to increase file-serve efficiency.
-fs mounted and shared via /etc/exports
-to export files:    exportfs -a
-to unshare files:    exportfs -u
-not a good idea to share binaries over nfs.
-client cmds:
    . showmount -e remoteserver        - to see remote mounts
    . mount -o <options> remote:/dir mtpt    - to mount
-nfs option hard means clients wait indefinitely if server crashes; soft is better.
-nfs stats:
    . nfsstat -s    - server stats
    . nfsstat -c    - client stats
-if more than 3% of rpc calls fail, there is a problem in the nfs/network setup.
-automount daemon- mounts nfs when requested, unmounts when not in use.
-runs on client with startup script /etc/init.d/autofs. config file is /etc/auto.master.
-daemon is called automountd and access cmd is automount.

-aside from sharing user data, systems need to share system files like passwd files, hosts files etc.
-tools to help share config data are ldap, active dir (microsoft adoption of ldap), nis.
-nis is old and not recommended over ldap for newer installs.

Linux: Ethernet and the Internet

-Linux (and Unix) concepts of packetized data networks have changed human interaction with tech forever.
-The most prominent example of this is the Internet.

-Ethernet is the most ubiquitous network layer protocol.
-it began as a research project in MIT, Xerox in the 70s. it used coaxial cables then.
-ethernet works on the principle of csma/cd.
-csma/cd = carrier sense, multiple access, collision detect.
-its like a dinner party where guest wait for a lull in chatter, before they speak.

-if two guest talk simultaneously, they both stop, wait a bit and try again.
-switches help in detecting and reducing collision.
-ethernet packets can travel only in one direction.
-ethernet packets can be of 3 types - unicast, multicast or broadcast.
-unicast=> 1dest, multicast=> many dest, broadcast=> all hosts on a segment are dest.
-a single segment can have hosts talking at different speeds.
-ethernet runs on various media - coax, unshielded twisted pair (utp), fiber etc. it started out on coaxial in 70s.
-unshielded twisted pair or utp is the chosen medium for ethernet. they hv RJ45 terminators.
-utp works on star topology. utp is cheap, simple install and easy debug than coax and fiber.
-the common type of utp cable is cat5e or cat 6. These transmit data at 100Mbps to 1Gbps.
-utp has 4 pairs of wires (total 8), orange, green and brown paired with white.
-ethernet devices and tcp/ip layers:
 . hubs  -  physical - not smart, dont analyze packets
 . switch -  link  - smarter, analyze pkts, std devices for conn two n/w into one big n/w
 . router -  network - smarter still, analyze pkts, can do prioritization of pkts, security etc.
-autonegotiation: is a feature of ethernet defined by ieee.
-autoneg allows hosts to 'learn' the n/w transmit speed of their neighbors and modulate their own accordingly.
-this is imp bec if two devices talk at diff speeds, their connectivity will not work.
-all dev abv 1Gbps need autoneg. for dev upto 100Mbps, both ends need autoneg and full duplex.
-ethernet can even transmit power on itself to devices like voip, wireless access points etc.
-this is called PoE - power over ethernet.
-ethernet is easy to debug. One can analyze a n/w link by link. Problems can be found in minutes.
-ethernet pkts are usually 1500 bytes in size.
-jumbo pkts are usually 9000 bytes that are set by manufacturers for their devices.
-jumbo pkts are not recognized as a standard by ieee for interoperability reasons but yet they exist.
-nfsv4, smb, cifs etc benefit from jumbo pkts. some jumbo can be 64Kb in size (super jumbo).
-all devices in the n/w need to support jumbo, if jumbo is configured.
-Internet doesnt support jumbo as it is not a standard.

-Wireless is also a type of ethernet.
-wireless has two components - access points and clients.
-access points are also called wireless access points (WAPs).
-waps usually have a radio and stripped down linux kernel.
-beyond 8 clients for a wap, performance degrades.
-common ieee stds for wireless - bgn at 2.4GHz radio and upto 54Mbps.
-Wireless n/w are usually not very secure.
-To make them more secure, wifi protected area (wpa) proto is used along with bgn.
-in wifi enabled areas (like airports, campus etc), a central wireless switch serves several waps.

-dedicated hi speed conn like T1,T3,Sonet,Mpls,Framerelay are expensive and therefore rare.
-'last mile' connections therefore fill the gap.
-dsl and cable modems are two 'last mile' connections.
-dsl works on telephone lines and serves upto 5Mbps (real speed).
-unlike pots(plain old telephone system) & isdn which are dial up, dsl is always on.
-cable compaines provide lastmile conn over their existing fiber optic n/w.

-in conclusion, a network is like a chain -- as good as the weakest/slowest link.

Linux: Routing basics

Routing is the process of defining the rules and mechanism of moving a packet of data from one host to another. Routing follows rules called 'routes' that live in a hosts kernel in a routing table -- a fancy word for a set of routes. In tcp/ip, a host needs only know the next hop or next intermediate host a packet will travel en way to its destination.


-routing types:
    . static    - fixed rules defined by sa
    . dynamic    - dynamic rules driven by protocols
-routing protocls:
    . dist vector   - gossipy protocols; every router advertises self. eg rip, ripng, bgp, eigrp
    . link state    - routers observe traffic and keep log of rules. eg ospf, isis.
-dist vector prots are more prone to errors as things change but req less bandwidth and cpu time.

-cost metric:
    . a metric for the router to determine the most efficient path.
    . it measures hops, latency, bandwidth etc.

-rip     - routing info prot, an ipv4 distance vector prot based on an older xerox prot.
-rip uses hop count as a cost metric. current version of rip is ripv2.
-ripng    - an ipv6 version of rip. rip'next gen'
-if a system needs to support both ipv4 and v6, then rip and ripng need to run separately.
-rip is simple and prolific, thats why has survived for long. works for small n/w better.

-ospf    - open shortest path first, is a link state prot. 'open' => non-proprietary.
-uses internal alogrithm to decide the shortest path.
-ospf version 2 is for ipv4.
-ospf version 3 includes ipv6.
-ospf works well with large n/w;
-it doesnt have a standard cost metric, each vendor has its own - cisco has a bandwidth related default value.

-eigrp is enhance interior g/w routing prot.
-eigrp is cisco specific prot, its proprietary, supports ipv6; is evolved like ospf.
-eigrp has no known linux/unix implementations, runs only on cisco.
-isis  is and iso prot, an answer to ospf, less common than ospf.
-bgp   is border gateway prot and is quite popular internet backbone prot.

-You can setup a new subnet with as little as a linux kernel, a n/w card and a switch (all <$200).
-yet dedicated routers are simpler, faster and more reliable (even if they run linux kernel inside).

-some routing daemons:
    . routed  -  old, chatty yet simple. speaks only rip, no ripng.
    . gated   -  old, elegant yet extinct bec it changed course from opensource to a consortium.
    . quagga  -  opensource, multi prot (rip, ospf, bgp, isis), multi os (linux, sun..), popular.
-quagga is named after an extinct species of zebra.
-quagga is the chosen routing prot on linux.
-quagga runs as central 'zebra' daemon that manages individual daemons for the supported prots like ripd, ospfd etc.

-cisco routers are the backbone of the internet with over 60% marketshare.
-cisco routers run proprietary cisco ios.
-ios runs in two modes - user & privileged - both passw protected.

--Misc--

-linux is fast in adopting new changes to n/w configs.
-after network setup changes, ifdown/ifup or reboot are reqd.
-linux flavors run a network management tool called 'networkmanager'. it is useful for laptops.
-ubuntu runs nmgr by default, redhat doesnt.
-network file location:
    . red hat  -    /etc/sysconfig/network
    . ubuntu   -    /etc/network

-to query and set network parameters for an interface use the cmd 'ethtool'.
-changes made by ethtool are transient.
-To set them perm, set them in the interface files in /etc dir.
-tunable network kernel parameters are found in files in /proc/sys/net dir.
-to protect against dos/smurf attacks:
    # echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
-to set ip forwarding (routing):
    # echo 1 > /proc/sys/net/ipv4/ip_forward
-The above are transient as /proc fs is virtual.
-To set them perm, set them in /etc/sysctl.conf

-nat    - using a range of ip addr to multiplex traffic on one ip.
-pat    - using a range of ports   to multiplex traffic on one ip.
-pat is a subset of nat. linux implements pat.
-nat/pat leads pkts from Internet to come/go to one ip addr.
-the host performing nat converts external pkts to internal addr and vice versa.
-to set/modify pat or nat, iptables cmd is used.

Linux: DHCP, vpn, et al

-dhcp    - dynamic host config prot, is a system of centralized n/w config mgmt.
-in dhcp, a central server is dedicated to distribute ip addr, setup default route, connect client to dns server, etc..
-the ip addr distribution is a 'lease' to the clients.
-dhcp simplifies n/w config mgmt by centralizing the config for clients. clients refresh their info at boot time.
-dhcp is opensource from ISC (Internet Systems Consortium, isc.org).
-dhcp version 4 (latest) supports ipv6.
-dhcp is a successor and superset to bootp, a protocol originally designed for diskless Unix clients.
-dhcp server daemon is called dhcpd and client daemon is dhclient.
-dhcpd config file is /etc/dhcpd.conf.

-routing = ip forwarding.
-if routing is enabled on a linux system:
    . it receives pkts, matches them to a gateway and retransmits them.
-unless there are multiple interfaces on a system, it is advisable to turn routing off.

-smurf attack is a type of denial of service attack using ping at the networks broadcast address.
-packet filter is another name for firewall.
-it is not recommended to have workstations act as packet filters.
-this is because, even with meticulous hardening, full fledged os are too complex to be trustworthy packet filters.
-dedicated n/w equipment are simpler and more reliable--even if they secretly run linux..

-vpn are logical networks of smaller networks that are connected via encrypted tunnels on the Internet.
-this is especially relevant in case the smaller networks are separated geographically.
-vpn can be implemented above or below ip layer.
-vpn below ip layer is ipsec based and is older.
-vpn above ip layer is ssl   based and is newer. these are simpler than ipsec and more popular.
-both ipsec and ssl are standards from ietf.
-besides, there are variety of proprietary vpn implementations, but they cant talk with opensource vpns.

-ppp    - mainly seen in dial-up or cellular networks.
-ppp is basically a virtual network of two hosts.
-/etc/hosts file can have ipv6 addresses as well.
-routing is performed by ip layer.
-/etc/resolv.conf holds nameserver info for dns.
-most of the n/w configuration happens at boot time.

Linux: CIDR - Classless Inter Domain Routing

-cidr    - classless inter domain routing is a direct extension of subnetting.
-cidr is also called supernetting.
-cidr is called supernetting as it allows big n/w to be converted into many smaller n/w for purpose of routing.

-nat or network address translation is a system that is run on the border router of a network.
-nat intercepts packets and rewrites their addresses and ports to different ones.
-this rewriting is done using a table of mappings between external and internal address/port pairs.
-nat allows several internal hosts of a network to share one common external address. This conserves ipv4 addresses.

-ipv6 addresses always has the boundary between n/w and host portion set at /64.
-This means network addresses are always64 bits slong.

-routing is the process of directing a packet through the maze of networks en route to the destination.
-routing = ip forwarding
-routing happens because of rules or routes stored in a table in the kernel.
-routing rules take the packet one hop closer to the destn.
-if the kernel finds no relevant route it tries the default route.
-if the default route fails, the kernel sends a 'nettwork unreachable' icmp error to the sender.
-kernel routing table can be seen using the foll:
    . netstat -nr    or    netstat -r
-route can be added/deleted using the foll:
    . route add or route del

-arp    - address resolution protocol, translates ip addresses to h/w addresses.
-it can run on any network that supports broadcasting, usually ethernet.
-since arp uses broadcast packets, which cannot cross networks, it can only be used to find h/w addr of directly conn hosts.
-machines maintain a cache of addresses recently found. This cache can be seen using 'arp -a' cmd.
-to see current h/w addr, use 'arp' cmd or 'ifconfig' cmd.

Linux: Networking Part - 3

-in ipv4, where the ip addr is 4  bytes long, the boundary between the n/w and host portions is set by the sa.
-in ipv6, where the ip addr is 16 bytes long, the n/w and host portions are 8 bytes each.
-in olden days, ipv4 addresses were divided into 5 classes--A, B, C, D, E.
-of these, class A, B, C are common; class D & E are usually reserved for research purposes.
-the first bytes of class A = 1-127, class B = 128-191, class C = 192-223
-in these days, ipv4 addresses are  preferably represented in Classess notation. This makes more efficient use of addresses.
-subnet mask or netmask is a way to use ipv4 addresses more efficiently.
-subnet mask assigns part of the host portion of the ipv4 address to the n/w portion.
-in other words, this means you can have more smaller n/w than few big n/w.
-subnet mask is 4 bytes long where the 1s are n/w part and 0s are host part.
-the 1s are leftmost and contiguos; atleast 8 bits must be allocated to the n/w portion and 2 bits to the host part.
-this means there can be only 22 distinct ipv4 netmask values (32-10=22).
-netmask are set using the ifconfig cmd for each network interface.
-if netmask is not set, the network interface takes up the default class of ip addr.
-netmask need not end at a byte boundary.
-in those cases, the ip addr is denoted with a /xx entry to denote the bits associated with the n/w part.
-this is called CIDR (or classless inter domain routing).
-eg: 128.138.243.0/26    => a network address in cidr notation.
-in this example there are 32-26=6 bits for the host part. these 6 bits come from the 4th byte of the ip addr.
-since the 4th byte (like any byte) is 8 bits, the n/w part gains two bits (8 bits for a byte - 6 bits for host part)
-so the 4th byte could be 0 (00000000), 64 (01000000), 128 (10000000) or 192 (11000000).
-since a subnet represents the n/w part as all 1s, therefore in the above example (128.138.243.0/26):
    . the subnet would be 11111111.11111111.11111111.11 00000        or
    . 255.255.255.192   
-trick: if you know the net size (ie number of hosts or number of bits to the host portion) then:
    . last netmask byte = 256 - netsize
-in the above example, /26 => net size = 2 to the 32-26 = 2 to the 6 = 64
    => the last netmask byte = 256 - 64 = 192.
-also, the last byte of the network address must be divisible by network size.
-given an ip address, to tell its network and broadcast address, we need the netmask.
-eg: if ip=192.168.1.1/16, netmask=255.255.0.0, n/w addr=192.168.0.0/16, broadcast=192.168.255.255
-or  if ip=192.168.1.1/30, netmask=255.255.255.252, n/w =192.168.1.0/30, broadcast=192.168.1.3

Next up, CIDR...

Linux: Networking Part - 2

-tcp/ip addressing has three parts:
    . hardware addressing using media access control (mac) address
    . software addressing using ip address
    . ip to hostname conversion for humans
-ip addresses identify network interfaces not machines.
-to users this fact is irrelevant but to sysadmins it is imp.

-mac address is a 6 byte unique worldwide address assigned to nic at the time of manufacture.
-mac address has two parts:
    . first 3 bytes identifying the manufacturer
    . last  3 bytes identifying the device (using a serial number)
-mac addresses are written as a set of 6 colon separated two digit hex
-although, the manufacturer assigned mac address is unique, sysadmins can override the h/w addr (though not recommended).
-the ip to mac address mapping is defined in the link layer of tcp/ip stack.
-the address resolution protocol (arp) enables mac to ip addr conversion & vice versa.
-ip addresses identify network interfaces on a host, but how about each process that runs on the host?
-thats where 'ports' come into play.
-ports - a 16 bit number addition to ip addr in tcp or udp to identify processes/services on a system.
-port - services mapping is defined in /etc/services.
-anyone can use any ports but only root can assign and 'listen' into ports less than 1024.

-ip address types:
    . unicast    - addresses unique to nics                - eg: regular communimcation
    . multicast    - addresses targetting a set of hosts simultaneously    - eg: video conferencing
    . broadcast    - addresses targetting all hosts on a subnet        - eg: connectivity checks
    . anycast    - addresses that resolve to one of many possible hosts    - eg: load  balancing
   
-ipv4 addresses are 4  bytes long - written as 4 decimal numbers separated by dots
-ipv6 addresses are 16 bytes long - written as 8 two byte hex numbers separated by colons
-in ipv4, the leftmost byte of an address is the most significant byte and represents the network portion.
-in ipv4, when the leftmost byte is 127, it denotes a loopback n/w - a fictitious n/w that has no real h/w and only one host.
-the address, 127.0.0.1 always represents the current host, also referred to as the 'localhost'.

Next up, tcp/ip addressing details...

Linux: Networking Part - 1

-Internet is the progeny of the research project of US DoD called Arpanet.
-today's Internet is a collection of private networks that meet at 'peering points'.
-tcp/ip is the networking system that underlies the Internet.
-the technological success of the Internet is largely due to
    . the elegant and flexible design of tcp/ip
    . the fact that tcp/ip is an open and non-propreitary protocol suite.
-the governance of the Internet is largely open and vague except three main players:
    . icann    -  takes care of addressing; operates under an mou from US Dept of Commerce.
    . isoc    -  takes care of engineering aspects; superset of ietf.
    . igf    -  takes care of intergovermental operations. setup recently in 2005 by UN.

-the technical activities of the Internet are summarized in docs called RFCs or request for comments.
-RFCs are maintained by ietf.
-there are about 5600 RFCs.

-tcp/ip is a protocol suite comprising 5 protocols:
    . ip    -  responsible for routing packets
    . icmp    -  responsible for low level debug and error assistance to ip.
    . arp    -  responsible for converting ip addr to h/w addr
    . udp    -  responsible for unverified one way data delivery
    . tcp    -  responsible for reliable, full duplex communication.
-tcp/ip has 5 layers:
    . physical
    . link
    . network
    . transport
    . application
   <<< plnta like polenta >>

-tcp/ip version 4 or simply ipv4 is a 4 byte addressing scheme that has been prevalent for over 3 decades.
-ipv4 is end of life as it ran out of addresses in 2011.
-tcp/ip version 6 or simply ipv6 is an ipv4 replacement.
-ipv6 uses 16 bytes of addresses. mainstream ipv6 adoption is likely to take a few years still.
-ipv6 is a superset of ipv4. it adds a few changes in concepts and notation--but thats about it.

-tcp/ip allows compatible hardware and networks to talk to each other.
-tcp/ip data unit is called as:
    . frame    in the link layer
    . packet   in the ip   layer       and
    . segment  in the transport layer
-but the most common name is packet.
-each packet contains:
    . a header    -  source destn info + checksum
    . a payload    -  the actual data
-as a packet travels across the 5 layers of tcp/ip, each layer adds its own info to the packet header.
-this process is called encapsulation.
-the size limit of a frame is associated with the link layer and is called Max Transfer Unit (MTU).
-the payload of a standard ethernet frame is usually 1500 bytes.
-in other words, the MTU for ethernet is 1500 bytes.
-if the packet has to pass through differnt networks of different MTUs, then the router can subdivide the packets.
-this process is called fragmentation and it increases router workload.
-ipv6 has mechanisms to avoid this by making the originating host to do the work itself.
-to do so ipv6 allows the intervening small mtu network to notify the originating host by an icmp error.
-the originating host then re-sends the packets that fit the smallest mtu of the network.

Next up, tcp/ip networkings ...

Linux: kernel Part - 3

This is the 3rd and final discussion about Linux kernel, focussing on kernel modules:

-LKM or loadable kernel modules allow adding and removal of modules to the kernel while the kernel is running.
-this gives the kernel more flexibility and efficiency.
-loadable kernel modules are usually stored in the dir /lib/modules/`uname -r`
-useful loadable module cmds:
    . lsmod        -    shows currently loaded modules
    . insmod    -    lets insert modules manually
    . modprobe    -    a wrapper around insmod, semi-automatic, based on /etc/modprobe.conf.
    . modprobe -c    -    to generate new modprobe.conf file
    . rmmod        -    removes modules

-in the days of the yore, when systems had few devices, their device files were simply put in /dev
-as the number of devices increased, soon /dev dir become chaotic
-to make it simple to manage devices 'udev' was created.
-udev is a device management system that runs in the user-space instead of kernel-space.
-udev maintains devices on behalf of /dev
-ie /dev does not need to have thousands of files to begin with, instead udev creates and removes them in /dev as needed.
-udev does this with the help of the 'sysfs' fs.
-sysfs is an in-memory virtual fs that was introduced in kernel 2.6.
-sysfs info is found in /sys
-/sys  holds device  specific info
-/proc holds process specific info
-going back to udev, udev is managed via the 'udevadm' cmd.
-udevadm accepts six commands 'info, trigger, settle, control, monitor, test'
-the master config file for udev is /etc/udev/udev.conf
-man pages for udevadm have more info.

Linux: kernel Part - 2

This is the 2nd discussion about Linux kernel, focussing on device management:

-most devices except the n/w devices have a corresponding device file in /dev dir.
-each device file has a major and minor number.
-the major number helps the kernel identify the type of device (eg usb drive).
-the minor number helps the kernel identify the instance of a particular device (eg one of multiple usb drives).
-device files can be block or character device files.
-block device files read one block at a time (usually 512 bytes).
-char  device files read one byte  at a time.
-besides having 'real' devices, you can have pseudo devices too created by h/w abstraction.
-eg of pseudo devices are pseudo terminal (pty, pts), /dev/zero, /dev/null, /dev/random.
-linux device drivers are usually distributed as package or kernel patch.
-device files are created using mknod cmd.
-eg:    # mknod  filename type major minor
-in linux, the udev system manages the dynamic creation and removal of devices (eg: usb drives).

-whenever possible, the default kernel is preferable than customized rebuilt kernels for manageability & support.
-for persistent kernel parameter changes across reboots, edit /etc/sysctl.conf.
-kernel.org is the one source for latest linux kernel developments.
-good system admin practice guides that patches be applied only if relevant.

-linux kernel rebuild from source involves of the foll steps:
-downloading new source code in /usr/src
-configuring the .config file directly or via make gconfig or make menuconfig cmd.
-running make clean followed by make.
-copying new image to /boot/vmlinuz foll by adding new kernel line to grub.conf.

Linux: kernel Part - 1

This is the first discussion about kernel and its workings in Linux:

-the kernel is written mostly in C, with some assembly level language.
-all major flavors of linux and unix are monolithic.
-in monolithic kernels, the entire os runs in the kernel space -- a section of memory reserved for privileged os functions.
-in monolithic kernels, device drivers, ipc, vm, scheduler -- all run in the same address space.
-in contrast, in microkernel arch, some of the services run in user space, ie as os processes.

-in linux, the kernel resides in /vmlinuz dir or /boot/vmlinuz.
-in linux, the kernel source build dir is /usr/src/linux.

-a device driver is a program that manages the systems interaction with a particular type of h/w.
-it translates h/w cmds to kernel instructions & vice versa.
-device drivers keep the kernel relatively device independent.
-device drivers are part of the kernel not user processes but they can be accessed via both kernel or user space.
-this is done with the use of special device files that live in the /dev dir.
-device drivers are system specific.
-they are written by hardware vendors for a certain system.
-h/w vendors are becoming aware of linux market and sometimes provide linux specific drivers for their products.
-ideally, h/w vendors provide both the drivers and the installation instructions.

Linux: Package Management

In Linux, software management--adding, modifying, removal of programs -- is simplified by grouping the programs in what is called packages.

-linux uses packages to manage software. Two main types--rpm and deb.
-main advantage of pkgs over tarballs is that the former is structured and simpler.
-pkgs allow dependencies and localization (site specific pkgs) to be included.

-to convert between rpm and deb pkgs, the program called 'alien' is used.
-alien knows nothing about the software inside the pkg.
-so if contents are incompatible with the system, alien wont help.
-so, its best to stick to native pkging to the distrib.

-useful rpm options:
    . rpm -q, -i, -U, -e
-eg:    # rpm -q --whatrequires openssh            [ like --depends option ]

-useful deb options:
    . dpkg -l, --install, --remove

-on top of rpm and deb pkg cmds exist the pkg systems 'yum' and 'apt'.
-yum works with rpm pkgs only where as apt works well with both rpm and deb pkgs.
-these pkg systems make pkg mgmt very easy, esp by resolving dependencies on the fly.
-pkg systems need a connection to the repositories that usually exist on the Internet.
-rhn (redhat network) uses yum internally. it is a paid service.
-yum became the default standard for pkg mgmt in redhat world with rhel5.
-the config file for yum is /etc/yum.conf

-apt is more well documented than yum.
-apt-get is configured via the file /etc/apt/sources.list.
-after configuring this file, to install a pkg:
    . refresh apt-get's cache by     'apt-get update cmd.
    . then install the pkg by    'apt-get install pkgname' cmd.

-on ubuntu, universe component is advisable instead of multiverse.
-universe has opensource s/w whereas multiverse can have non-opensource content (like vmware).

-localized pkgs are managed by a dedicated mirror site.
-to create mirror:
    . install pkg apt-mirror        then
    . configure /etc/apt/mirror.list    then
    . run apt-mirror as root
-first run of apt-mirror can take a long time as it has to download about 40+ GB of repository data.
-subsequent apt-mirros are quick and can be scheduled via cron.

-software install and packaging is an area in which linux is clearly superior than unix.