201.3. Kernel runtime management and troubleshooting

201.3 Kernel runtime management and troubleshooting

Weight: 4
Description: Candidates should be able to manage and/or query a 2.6.x, 3.x or 4.x kernel and its loadable modules. Candidates should be able to identify and correct common boot and run time issues. Candidates should understand device detection and management using udev. This objective includes troubleshooting udev rules.
Key Knowledge Areas:
    Use command-line utilities to get information about the currently running kernel and kernel modules
    Manually load and unload kernel modules
    Determine when modules can be unloaded
    Determine what parameters a module accepts
    Configure the system to load modules by names other than their file name.
    /proc filesystem
    Content of /, /boot/ , and /lib/modules/
    Tools and utilities to analyze information about the available hardware
    udev rules
Terms and Utilities:
    /lib/modules/kernel-version/modules.dep
    module configuration files in /etc/
    /proc/sys/kernel/
    /sbin/depmod
    /sbin/rmmod
    /sbin/modinfo
    /bin/dmesg
    /sbin/lspci
    /usr/bin/lsdev
    /sbin/lsmod
    /sbin/modprobe
    /sbin/insmod
    /bin/uname
    /usr/bin/lsusb
    /etc/sysctl.conf, /etc/sysctl.d/
    /sbin/sysctl
    udevmonitor
    udevadm monitor
    /etc/udev/

Kernel Modules

Linux Kernel is modular since version 2.0. Being modular make simplicity and efficiency, the code which is not needed wouldn't be loaded. Kernel Modules have different conditions. A module might be compiled, or not. If it has already compiled it might be loaded or not. So Loading an unload but compiled kernel is easy, otherwise required kernel manipulation.We use CentOS7 for demonstartion:

lsmod

To list Kernel Loaded modules use lsmod
2
Module Size Used by
3
bnep 20480 2
4
nfnetlink_queue 24576 0
5
nfnetlink_log 20480 0
6
nfnetlink 16384 2 nfnetlink_log,nfnetlink_queue
7
bluetooth 557056 7 bnep
8
vmw_vsock_vmci_transport 28672 2
9
vsock 36864 3 vmw_vsock_vmci_transport
10
vmw_balloon 20480 0
11
crct10dif_pclmul 16384 0
12
crc32_pclmul 16384 0
13
ghash_clmulni_intel 16384 0
14
snd_ens1371 28672 4
15
snd_ac97_codec 131072 1 snd_ens1371
16
gameport 16384 1 snd_ens1371
17
ac97_bus 16384 1 snd_ac97_codec
18
pcbc 16384 0
19
snd_pcm 102400 2 snd_ac97_codec,snd_ens1371
20
aesni_intel 167936 0
21
aes_x86_64 20480 1 aesni_intel
22
snd_seq_midi 16384 0
23
snd_seq_midi_event 16384 1 snd_seq_midi
24
crypto_simd 16384 1 aesni_intel
25
snd_rawmidi 32768 2 snd_seq_midi,snd_ens1371
26
snd_seq 65536 2 snd_seq_midi_event,snd_seq_midi
27
glue_helper 16384 1 aesni_intel
28
cryptd 24576 3 crypto_simd,ghash_clmulni_intel,aesni_intel
29
intel_rapl_perf 16384 0
30
snd_seq_device 16384 3 snd_seq,snd_rawmidi,snd_seq_midi
31
snd_timer 32768 2 snd_seq,snd_pcm
32
input_leds 16384 0
33
joydev 20480 0
34
serio_raw 16384 0
35
i2c_piix4 24576 0
36
shpchp 36864 0
37
snd 77824 15 snd_seq,snd_ac97_codec,snd_timer,snd_rawmidi,snd_ens1371,snd_seq_device,snd_pcm
38
soundcore 16384 1 snd
39
vmw_vmci 69632 2 vmw_balloon,vmw_vsock_vmci_transport
40
nfit 49152 0
41
mac_hid 16384 0
42
parport_pc 32768 0
43
ppdev 20480 0
44
lp 20480 0
45
parport 49152 3 lp,parport_pc,ppdev
46
autofs4 40960 2
47
vmw_pvscsi 24576 0
48
vmxnet3 61440 0
49
hid_generic 16384 0
50
usbhid 53248 0
51
hid 118784 2 hid_generic,usbhid
52
vmwgfx 241664 3
53
ttm 98304 1 vmwgfx
54
drm_kms_helper 151552 1 vmwgfx
55
mptspi 24576 2
56
syscopyarea 16384 1 drm_kms_helper
57
mptscsih 40960 1 mptspi
58
sysfillrect 16384 1 drm_kms_helper
59
psmouse 139264 0
60
sysimgblt 16384 1 drm_kms_helper
61
mptbase 102400 2 mptscsih,mptspi
62
fb_sys_fops 16384 1 drm_kms_helper
63
ahci 36864 0
64
e1000 143360 0
65
drm 352256 6 vmwgfx,ttm,drm_kms_helper
66
libahci 32768 1 ahci
67
scsi_transport_spi 32768 1 mptspi
68
pata_acpi 16384 0
69
fjes 77824 0
Copied!
lets try to load and unloaded module " jfs " that old journaling file system. for loading an unloaded but compiled module there are two solutions. An old solution is insmod , lets try it first
1
[email protected]:~# insmod jfs
2
insmod: ERROR: could not load module jfs: No such file or directory
Copied!
But it doesn't work :(( so let get more information about "jfs" module with modinfo:
1
[email protected]:~# modinfo jfs
2
filename: /lib/modules/4.10.0-40-generic/kernel/fs/jfs/jfs.ko
3
alias: fs-jfs
4
license: GPL
5
author: Steve Best/Dave Kleikamp/Barry Arndt, IBM
6
description: The Journaled Filesystem (JFS)
7
srcversion: 3249CD436BA490FF745560A
8
depends:
9
intree: Y
10
vermagic: 4.10.0-40-generic SMP mod_unload
11
parm: nTxBlock:Number of transaction blocks (max:65536) (int)
12
parm: nTxLock:Number of transaction locks (max:65536) (int)
13
parm: commit_threads:Number of commit threads (int)
Copied!
modinfo shows a bunch of information about a module. Like its filename, dependencies and possible parameters.Till now we have realize that "jfs" module has been compiled and its available but it is not loaded. inorder to load a module with insmod we have to specify the full patch of module:
1
[email protected]:~# insmod /lib/modules/4.10.0-40-generic/kernel/fs/jfs/jfs.ko
2
[email protected]:~# lsmod | grep jfs
3
jfs 184320 0
Copied!
Haha its loaded now, Lets remove it by using rmmod:
1
[email protected]:~# lsmod | grep jfs
2
jfs 184320 0
4
[email protected]:~# rmmod jfs
5
[email protected]:~# lsmod | grep jfs
Copied!
But as you see using insmod is not that much easy, insmod has another problem and that is dependencies. "jfs" module has no dependency so we were able to load it very easily, if a module has some dependencies, insmod dosn't load those required dependencies automatically. So it would be administrator task. All these shortages cause we come to this conclusion that insmod is not perfect and we need a modern tool, which automatically know the patch and load required dependencies, that is modprobe.
1
[email protected]:~# lsmod | grep lp
2
lp 20480 0
3
glue_helper 16384 1 aesni_intel
4
parport 49152 1 lp
5
drm_kms_helper 151552 1 vmwgfx
6
syscopyarea 16384 1 drm_kms_helper
7
sysfillrect 16384 1 drm_kms_helper
8
sysimgblt 16384 1 drm_kms_helper
9
fb_sys_fops 16384 1 drm_kms_helper
10
drm 352256 6 vmwgfx,ttm,drm_kms_helper
11
[email protected]:~# modinfo lp
12
filename: /lib/modules/4.10.0-40-generic/kernel/drivers/char/lp.ko
13
license: GPL
14
alias: char-major-6-*
15
srcversion: 5273B3FB623D57CACC37C09
16
depends: parport
17
intree: Y
18
vermagic: 4.10.0-40-generic SMP mod_unload
19
parm: parport:array of charp
20
parm: reset:bool
21
[email protected]:~# modinfo parport
22
filename: /lib/modules/4.10.0-40-generic/kernel/drivers/parport/parport.ko
23
license: GPL
24
srcversion: CED357203546F0957229054
25
depends:
26
intree: Y
27
vermagic: 4.10.0-40-generic SMP mod_unload
28
[email protected]:~# rmmod lp
29
[email protected]:~# rmmod parport
30
[email protected]:~# insmod /lib/modules/4.10.0-40-generic/kernel/drivers/char/lp.ko
31
insmod: ERROR: could not insert module /lib/modules/4.10.0-40-generic/kernel/drivers/char/lp.ko: Unknown symbol in module
32
[email protected]:~# modprobe lp
33
[email protected]:~# lsmod | grep lp
34
lp 20480 0
35
parport 49152 1 lp
36
glue_helper 16384 1 aesni_intel
37
drm_kms_helper 151552 1 vmwgfx
38
syscopyarea 16384 1 drm_kms_helper
39
sysfillrect 16384 1 drm_kms_helper
40
sysimgblt 16384 1 drm_kms_helper
41
fb_sys_fops 16384 1 drm_kms_helper
42
drm 352256 6 vmwgfx,ttm,drm_kms_helper
Copied!
also for removing use modprobe -r lp. But how modprobe realize module dependencies and act such a smart tool? modules.dep
1
[email protected]:~# cd /lib/modules/
2
[email protected]:/lib/modules# ls
3
4.10.0-28-generic 4.10.0-40-generic
4
[email protected]:/lib/modules# cd 4.10.0-40-generic/
5
[email protected]:/lib/modules/4.10.0-40-generic# ls
6
build modules.alias.bin modules.dep.bin modules.symbols
7
initrd modules.builtin modules.devname modules.symbols.bin
8
kernel modules.builtin.bin modules.order vdso
9
modules.alias modules.dep modules.softdep
10
[email protected]:/lib/modules/4.10.0-40-generic# depmod -a
Copied!
we can use depmod -a to create and update modules.dep with all new modules and dependencies. Now that we have learned alot of tools, let play game with cdrom parameters [in ubunto cdrom is not a module, so use other distro]:
1
[[email protected] ~]# lsmod | grep cdrom
2
cdrom 42556 1 sr_mod
3
[[email protected] ~]# modinfo cdrom
4
filename: /lib/modules/3.10.0-693.el7.x86_64/kernel/drivers/cdrom/cdrom.ko.xz
5
license: GPL
6
rhelversion: 7.4
7
srcversion: BE3BD0D17D080229D55B173
8
depends:
9
intree: Y
10
vermagic: 3.10.0-693.el7.x86_64 SMP mod_unload modversions
11
signer: CentOS Linux kernel signing key
12
sig_key: DA:18:7D:CA:7D:BE:53:AB:05:BD:13:BD:0C:4E:21:F4:22:B6:A4:9C
13
sig_hashalgo: sha256
14
parm: debug:bool
15
parm: autoclose:bool
16
parm: autoeject:bool
17
parm: lockdoor:bool
18
parm: check_media_type:bool
19
parm: mrw_format_restart:bool
20
[[email protected] ~]# modprobe cdrom lookdoor=1
Copied!
We as users like modules to load automatically, mean while parameters should be loaded automatically, to make parameters persistence create a file in /etc/modprobe.d :
1
[email protected]:~# cd /etc/modprobe.d/
2
[email protected]:/etc/modprobe.d# ls
3
alsa-base.conf blacklist-framebuffer.conf blacklist-watchdog.conf
4
blacklist-ath_pci.conf blacklist-modem.conf fbdev-blacklist.conf
5
blacklist.conf blacklist-oss.conf iwlwifi.conf
6
blacklist-firewire.conf blacklist-rare-network.conf mlx4.conf
7
[email protected]:/etc/modprobe.d# vi cdroom-lookdoor.conf
Copied!
and insert:
1
options cdroom lookdoor=1
Copied!
If you have noticed there is blacklist.conf file in /etc/modfprobe.d , if you don't wana let a specific module be loaded use it:
1
# This file lists those modules which we don't want to be loaded by
2
# alias expansion, usually so some other driver will be loaded for the
3
# device instead.
4
5
# evbug is a debug tool that should be loaded explicitly
6
blacklist evbug
7
8
# these drivers are very simple, the HID drivers are usually preferred
9
blacklist usbmouse
10
blacklist usbkbd
11
12
# replaced by e100
13
blacklist eepro100
14
15
# replaced by tulip
16
blacklist de4x5
17
18
# causes no end of confusion by creating unexpected network interfaces
19
blacklist eth1394
20
21
# snd_intel8x0m can interfere with snd_intel8x0, doesn't seem to support much
22
# hardware on its own (Ubuntu bug #2011, #6810)
23
blacklist snd_intel8x0m
24
25
# Conflicts with dvb driver (which is better for handling this device)
26
blacklist snd_aw2
27
28
# causes failure to suspend on HP compaq nc6000 (Ubuntu: #10306)
29
blacklist i2c_i801
30
31
# replaced by p54pci
32
blacklist prism54
33
34
# replaced by b43 and ssb.
35
blacklist bcm43xx
36
37
# most apps now use garmin usb driver directly (Ubuntu: #114565)
38
blacklist garmin_gps
39
40
# replaced by asus-laptop (Ubuntu: #184721)
41
blacklist asus_acpi
42
43
# low-quality, just noise when being used for sound playback, causes
44
# hangs at desktop session start (Ubuntu: #246969)
45
blacklist snd_pcsp
46
47
# ugly and loud noise, getting on everyone's nerves; this should be done by a
48
# nice pulseaudio bing (Ubuntu: #77010)
49
blacklist pcspkr
50
51
# EDAC driver for amd76x clashes with the agp driver preventing the aperture
52
# from being initialised (Ubuntu: #297750). Blacklist so that the driver
53
# continues to build and is installable for the few cases where its
54
# really needed.
55
blacklist amd76x_edac
Copied!
go to /sys/module/<module name> directory to see current running environment parameters.

sysctl

We discussed that by manipulating /proc/sys/kernel we can change some current running kernel parameters. But as we said these settings are not permanent and they all gone after reboot. sysctl lets us make permanent settings . sysctl is loaded from /sbin/sysctl and read setting from /etc/sysctl.conf. As user we can change settings inside sysctl.conf file or make our custom file with desired parameters in /etc/sysctl.d/ directory. sysctl has a command interface and let us to see and write paramets trough /proc/sys/kernel/.
sysctl -a to show all tuneables.
1
[email protected]:~# sysctl -a | wc
2
sysctl: reading key "net.ipv6.conf.all.stable_secret"
3
sysctl: reading key "net.ipv6.conf.default.stable_secret"
4
sysctl: reading key "net.ipv6.conf.ens33.stable_secret"
5
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
6
947 2960 35450
Copied!
that is a large file you can see.To set a new value to a parameter use sysctl -w :
1
[email protected]:~# sysctl -a | grep swap
2
sysctl: reading key "net.ipv6.conf.all.stable_secret"
3
sysctl: reading key "net.ipv6.conf.default.stable_secret"
4
sysctl: reading key "net.ipv6.conf.ens33.stable_secret"
5
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
6
vm.swappiness = 60
7
[email protected]:~# sysctl -w vm.swappiness=80
8
vm.swappiness = 80
9
[email protected]:~# sysctl -a | grep swap
10
sysctl: reading key "net.ipv6.conf.all.stable_secret"
11
sysctl: reading key "net.ipv6.conf.default.stable_secret"
12
sysctl: reading key "net.ipv6.conf.ens33.stable_secret"
13
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
14
vm.swappiness = 80
Copied!
Before quit lets take a look at sysctl.conf :
1
# /etc/sysctl.conf - Configuration file for setting system variables
2
# See /etc/sysctl.d/ for additional system variables.
3
# See sysctl.conf (5) for information.
4
#
5
6
#kernel.domainname = example.com
7
8
# Uncomment the following to stop low-level messages on console
9
#kernel.printk = 3 4 1 3
10
11
##############################################################3
12
# Functions previously found in netbase
13
#
14
15
# Uncomment the next two lines to enable Spoof protection (reverse-path filter)
16
# Turn on Source Address Verification in all interfaces to
17
# prevent some spoofing attacks
18
#net.ipv4.conf.default.rp_filter=1
19
#net.ipv4.conf.all.rp_filter=1
20
21
# Uncomment the next line to enable TCP/IP SYN cookies
22
# See http://lwn.net/Articles/277146/
23
# Note: This may impact IPv6 TCP sessions too
24
#net.ipv4.tcp_syncookies=1
25
26
# Uncomment the next line to enable packet forwarding for IPv4
27
#net.ipv4.ip_forward=1
28
29
# Uncomment the next line to enable packet forwarding for IPv6
30
# Enabling this option disables Stateless Address Autoconfiguration
31
# based on Router Advertisements for this host
32
#net.ipv6.conf.all.forwarding=1
33
34
###################################################################
35
# Additional settings - these settings can improve the network
36
# security of the host and prevent against some network attacks
37
# including spoofing attacks and man in the middle attacks through
38
# redirection. Some network environments, however, require that these
39
# settings are disabled so review and enable them as needed.
40
#
41
# Do not accept ICMP redirects (prevent MITM attacks)
42
#net.ipv4.conf.all.accept_redirects = 0
43
#net.ipv6.conf.all.accept_redirects = 0
44
# _or_
45
# Accept ICMP redirects only for gateways listed in our default
46
# gateway list (enabled by default)
47
# net.ipv4.conf.all.secure_redirects = 1
48
#
49
# Do not send ICMP redirects (we are not a router)
50
#net.ipv4.conf.all.send_redirects = 0
51
#
52
# Do not accept IP source route packets (we are not a router)
53
#net.ipv4.conf.all.accept_source_route = 0
54
#net.ipv6.conf.all.accept_source_route = 0
55
#
56
# Log Martian Packets
57
#net.ipv4.conf.all.log_martians = 1
58
59
#net.ipv4.ip_forwarding = 1
Copied!
as you can see includes /etc/sysctl.d/ directory setting files but don't for get that setting in sysctl.conf file always over write /etc/sysctl.d/ directory and Win :) You can uncomment or add setting weather in sysctl.conf or go and create custom file in /etc/sysctl.d/ directory but Take care of contrasts.

udev

During boot process when kernel is loaded and Device Driver start setting up hardware, next step of hardware initializing is udev. So kernel initial device loading and send uevents to udev daemon. udev keep these event and handle them base on attributes it has received in the event. Then udev take action based on its rules .there are two types of rules in two different locations :
/lib/udev/rules.d "default rules"
/etc/udev/rules.d "custom rules/ user defined"
After Finishing boot process udev is active and receive kernel messages an uevent messages from hot-pluggable devices.

udevadm monitor , udevadm

udev has a monitoring tool, and it monitor and shows event received from the kernel after hardware initializing and uevent which are udev events after processing udev rules, lets attach a usb and monitor what it shows:
1
[email protected]:~# udevadm monitor
2
monitor will print the received events for:
3
UDEV - the event which udev sends out after rule processing
4
KERNEL - the kernel uevent
5
6
KERNEL[3520.586975] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1 (usb)
7
KERNEL[3520.589831] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0 (usb)
8
UDEV [3520.610064] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1 (usb)
9
KERNEL[3520.653543] add /module/usb_storage (module)
10
UDEV [3520.655921] add /module/usb_storage (module)
11
KERNEL[3520.655983] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33 (scsi)
12
KERNEL[3520.656293] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/scsi_host/host33 (scsi_host)
13
KERNEL[3520.656671] add /bus/usb/drivers/usb-storage (drivers)
14
UDEV [3520.659555] add /bus/usb/drivers/usb-storage (drivers)
15
KERNEL[3520.664336] add /module/uas (module)
16
KERNEL[3520.664472] add /bus/usb/drivers/uas (drivers)
17
UDEV [3520.665071] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0 (usb)
18
UDEV [3520.666828] add /module/uas (module)
19
UDEV [3520.669972] add /bus/usb/drivers/uas (drivers)
20
UDEV [3520.671676] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33 (scsi)
21
UDEV [3520.673836] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/scsi_host/host33 (scsi_host)
22
KERNEL[3521.702618] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0 (scsi)
23
KERNEL[3521.703797] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0 (scsi)
24
KERNEL[3521.703877] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/scsi_disk/33:0:0:0 (scsi_disk)
25
KERNEL[3521.703990] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/scsi_device/33:0:0:0 (scsi_device)
26
KERNEL[3521.706049] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/scsi_generic/sg2 (scsi_generic)
27
KERNEL[3521.707046] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/bsg/33:0:0:0 (bsg)
28
UDEV [3521.709816] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0 (scsi)
29
UDEV [3521.715283] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0 (scsi)
30
UDEV [3521.728137] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/scsi_disk/33:0:0:0 (scsi_disk)
31
UDEV [3521.728500] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/scsi_device/33:0:0:0 (scsi_device)
32
UDEV [3521.732039] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/bsg/33:0:0:0 (bsg)
33
UDEV [3521.732504] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/scsi_generic/sg2 (scsi_generic)
34
KERNEL[3522.394218] add /devices/virtual/bdi/8:16 (bdi)
35
UDEV [3522.405809] add /devices/virtual/bdi/8:16 (bdi)
36
KERNEL[3522.446634] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/block/sdb (block)
37
UDEV [3522.871787] add /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/block/sdb (block)
38
KERNEL[3523.061202] add /module/nls_iso8859_1 (module)
39
UDEV [3523.066143] add /module/nls_iso8859_1 (module)
Copied!
You can see both kernel messages and udev events. And finally our usb flash is mounted as sdb. For having more readable data:
1
[email protected]:~# udevadm info --query=all --name=/dev/sdb
2
P: /devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/block/sdb
3
N: sdb
4
S: disk/by-id/usb-Kingston_DT_101_II_0013729982D5B97196320049-0:0
5
S: disk/by-label/MYLINUXLIVE
6
S: disk/by-path/pci-0000:02:03.0-usb-0:1:1.0-scsi-0:0:0:0
7
S: disk/by-uuid/3879-A38A
8
E: DEVLINKS=/dev/disk/by-uuid/3879-A38A /dev/disk/by-label/MYLINUXLIVE /dev/disk/by-id/usb-Kingston_DT_101_II_0013729982D5B97196320049-0:0 /dev/disk/by-path/pci-0000:02:03.0-usb-0:1:1.0-scsi-0:0:0:0
9
E: DEVNAME=/dev/sdb
10
E: DEVPATH=/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/block/sdb
11
E: DEVTYPE=disk
12
E: ID_BUS=usb
13
E: ID_FS_LABEL=MYLINUXLIVE
14
E: ID_FS_LABEL_ENC=MYLINUXLIVE
15
E: ID_FS_TYPE=vfat
16
E: ID_FS_USAGE=filesystem
17
E: ID_FS_UUID=3879-A38A
18
E: ID_FS_UUID_ENC=3879-A38A
19
E: ID_FS_VERSION=FAT32
20
E: ID_INSTANCE=0:0
21
E: ID_MODEL=DT_101_II
22
E: ID_MODEL_ENC=DT\x20101\x20II\x20\x20\x20\x20\x20\x20\x20
23
E: ID_MODEL_ID=1625
24
E: ID_PATH=pci-0000:02:03.0-usb-0:1:1.0-scsi-0:0:0:0
25
E: ID_PATH_TAG=pci-0000_02_03_0-usb-0_1_1_0-scsi-0_0_0_0
26
E: ID_REVISION=PMAP
27
E: ID_SERIAL=Kingston_DT_101_II_0013729982D5B97196320049-0:0
28
E: ID_SERIAL_SHORT=0013729982D5B97196320049
29
E: ID_TYPE=disk
30
E: ID_USB_DRIVER=usb-storage
31
E: ID_USB_INTERFACES=:080650:
32
E: ID_USB_INTERFACE_NUM=00
33
E: ID_VENDOR=Kingston
34
E: ID_VENDOR_ENC=Kingston
35
E: ID_VENDOR_ID=0951
36
E: MAJOR=8
37
E: MINOR=16
38
E: SUBSYSTEM=block
39
E: TAGS=:systemd:
40
E: USEC_INITIALIZED=3522768898
Copied!
use udevadm info attribute-walk --name=/dev/sdb | less to have summary of device attributes:
1
[email protected]:~# udevadm info --attribute-walk --name=/dev/sdb
2
3
Udevadm info starts with the device specified by the devpath and then
4
walks up the chain of parent devices. It prints for every device
5
found, all possible attributes in the udev rules key format.
6
A rule to match, can be composed by the attributes of the device
7
and the attributes from one single parent device.
8
9
looking at device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0/block/sdb':
10
KERNEL=="sdb"
11
SUBSYSTEM=="block"
12
DRIVER==""
13
ATTR{alignment_offset}=="0"
14
ATTR{badblocks}==""
15
ATTR{capability}=="51"
16
ATTR{discard_alignment}=="0"
17
ATTR{events}=="media_change"
18
ATTR{events_async}==""
19
ATTR{events_poll_msecs}=="-1"
20
ATTR{ext_range}=="256"
21
ATTR{inflight}==" 0 0"
22
ATTR{range}=="16"
23
ATTR{removable}=="1"
24
ATTR{ro}=="0"
25
ATTR{size}=="15679488"
26
ATTR{stat}==" 344 15135 17586 3160 2 0 2 268 0 1792 3428"
27
28
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0/33:0:0:0':
29
KERNELS=="33:0:0:0"
30
SUBSYSTEMS=="scsi"
31
DRIVERS=="sd"
32
ATTRS{device_blocked}=="0"
33
ATTRS{device_busy}=="0"
34
ATTRS{dh_state}=="detached"
35
ATTRS{eh_timeout}=="10"
36
ATTRS{evt_capacity_change_reported}=="0"
37
ATTRS{evt_inquiry_change_reported}=="0"
38
ATTRS{evt_lun_change_reported}=="0"
39
ATTRS{evt_media_change}=="0"
40
ATTRS{evt_mode_parameter_change_reported}=="0"
41
ATTRS{evt_soft_threshold_reached}=="0"
42
ATTRS{inquiry}==""
43
ATTRS{iocounterbits}=="32"
44
ATTRS{iodone_cnt}=="0x590"
45
ATTRS{ioerr_cnt}=="0x2"
46
ATTRS{iorequest_cnt}=="0x590"
47
ATTRS{max_sectors}=="240"
48
ATTRS{model}=="DT 101 II "
49
ATTRS{queue_depth}=="1"
50
ATTRS{queue_type}=="none"
51
ATTRS{rev}=="PMAP"
52
ATTRS{scsi_level}=="0"
53
ATTRS{state}=="running"
54
ATTRS{timeout}=="30"
55
ATTRS{type}=="0"
56
ATTRS{vendor}=="Kingston"
57
58
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33/target33:0:0':
59
KERNELS=="target33:0:0"
60
SUBSYSTEMS=="scsi"
61
DRIVERS==""
62
63
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0/host33':
64
KERNELS=="host33"
65
SUBSYSTEMS=="scsi"
66
DRIVERS==""
67
68
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1/1-1:1.0':
69
KERNELS=="1-1:1.0"
70
SUBSYSTEMS=="usb"
71
DRIVERS=="usb-storage"
72
ATTRS{authorized}=="1"
73
ATTRS{bAlternateSetting}==" 0"
74
ATTRS{bInterfaceClass}=="08"
75
ATTRS{bInterfaceNumber}=="00"
76
ATTRS{bInterfaceProtocol}=="50"
77
ATTRS{bInterfaceSubClass}=="06"
78
ATTRS{bNumEndpoints}=="02"
79
ATTRS{supports_autosuspend}=="1"
80
81
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1/1-1':
82
KERNELS=="1-1"
83
SUBSYSTEMS=="usb"
84
DRIVERS=="usb"
85
ATTRS{authorized}=="1"
86
ATTRS{avoid_reset_quirk}=="0"
87
ATTRS{bConfigurationValue}=="1"
88
ATTRS{bDeviceClass}=="00"
89
ATTRS{bDeviceProtocol}=="00"
90
ATTRS{bDeviceSubClass}=="00"
91
ATTRS{bMaxPacketSize0}=="64"
92
ATTRS{bMaxPower}=="300mA"
93
ATTRS{bNumConfigurations}=="1"
94
ATTRS{bNumInterfaces}==" 1"
95
ATTRS{bcdDevice}=="0110"
96
ATTRS{bmAttributes}=="80"
97
ATTRS{busnum}=="1"
98
ATTRS{configuration}==""
99
ATTRS{devnum}=="6"
100
ATTRS{devpath}=="1"
101
ATTRS{idProduct}=="1625"
102
ATTRS{idVendor}=="0951"
103
ATTRS{ltm_capable}=="no"
104
ATTRS{manufacturer}=="Kingston"
105
ATTRS{maxchild}=="0"
106
ATTRS{product}=="DT 101 II"
107
ATTRS{quirks}=="0x0"
108
ATTRS{removable}=="unknown"
109
ATTRS{serial}=="0013729982D5B97196320049"
110
ATTRS{speed}=="480"
111
ATTRS{urbnum}=="3230"
112
ATTRS{version}==" 2.00"
113
114
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0/usb1':
115
KERNELS=="usb1"
116
SUBSYSTEMS=="usb"
117
DRIVERS=="usb"
118
ATTRS{authorized}=="1"
119
ATTRS{authorized_default}=="1"
120
ATTRS{avoid_reset_quirk}=="0"
121
ATTRS{bConfigurationValue}=="1"
122
ATTRS{bDeviceClass}=="09"
123
ATTRS{bDeviceProtocol}=="00"
124
ATTRS{bDeviceSubClass}=="00"
125
ATTRS{bMaxPacketSize0}=="64"
126
ATTRS{bMaxPower}=="0mA"
127
ATTRS{bNumConfigurations}=="1"
128
ATTRS{bNumInterfaces}==" 1"
129
ATTRS{bcdDevice}=="0410"
130
ATTRS{bmAttributes}=="e0"
131
ATTRS{busnum}=="1"
132
ATTRS{configuration}==""
133
ATTRS{devnum}=="1"
134
ATTRS{devpath}=="0"
135
ATTRS{idProduct}=="0002"
136
ATTRS{idVendor}=="1d6b"
137
ATTRS{interface_authorized_default}=="1"
138
ATTRS{ltm_capable}=="no"
139
ATTRS{manufacturer}=="Linux 4.10.0-40-generic ehci_hcd"
140
ATTRS{maxchild}=="6"
141
ATTRS{product}=="EHCI Host Controller"
142
ATTRS{quirks}=="0x0"
143
ATTRS{removable}=="unknown"
144
ATTRS{serial}=="0000:02:03.0"
145
ATTRS{speed}=="480"
146
ATTRS{urbnum}=="88"
147
ATTRS{version}==" 2.00"
148
149
looking at parent device '/devices/pci0000:00/0000:00:11.0/0000:02:03.0':
150
KERNELS=="0000:02:03.0"
151
SUBSYSTEMS=="pci"
152
DRIVERS=="ehci-pci"
153
ATTRS{acpi_index}=="16777752"
154
ATTRS{broken_parity_status}=="0"
155
ATTRS{class}=="0x0c0320"
156
ATTRS{companion}==""
157
ATTRS{consistent_dma_mask_bits}=="32"
158
ATTRS{d3cold_allowed}=="0"
159
ATTRS{device}=="0x0770"
160
ATTRS{dma_mask_bits}=="32"
161
ATTRS{driver_override}=="(null)"
162
ATTRS{enable}=="1"
163
ATTRS{irq}=="17"
164
ATTRS{label}=="ehci"
165
ATTRS{local_cpulist}=="0-3"
166
ATTRS{local_cpus}=="00000000,00000000,00000000,0000000f"
167
ATTRS{msi_bus}=="1"
168
ATTRS{numa_node}=="-1"
169
ATTRS{revision}=="0x00"
170
ATTRS{subsystem_device}=="0x0770"
171
ATTRS{subsystem_vendor}=="0x15ad"
172
ATTRS{uframe_periodic_max}=="100"
173
ATTRS{vendor}=="0x15ad"
174
175
looking at parent device '/devices/pci0000:00/0000:00:11.0':
176
KERNELS=="0000:00:11.0"
177
SUBSYSTEMS=="pci"
178
DRIVERS==""
179
ATTRS{broken_parity_status}=="0"
180
ATTRS{class}=="0x060401"
181
ATTRS{consistent_dma_mask_bits}=="32"
182
ATTRS{d3cold_allowed}=="0"
183
ATTRS{device}=="0x0790"
184
ATTRS{dma_mask_bits}=="32"
185
ATTRS{driver_override}=="(null)"
186
ATTRS{enable}=="1"
187
ATTRS{irq}=="0"
188
ATTRS{local_cpulist}=="0-3"
189
ATTRS{local_cpus}=="00000000,00000000,00000000,0000000f"
190
ATTRS{msi_bus}=="1"
191
ATTRS{numa_node}=="-1"
192
ATTRS{revision}=="0x02"
193
ATTRS{subsystem_device}=="0x0790"
194
ATTRS{subsystem_vendor}=="0x15ad"
195
ATTRS{vendor}=="0x15ad"
196
197
looking at parent device '/devices/pci0000:00':
198
KERNELS=="pci0000:00"
199
SUBSYSTEMS==""
200
DRIVERS==""
Copied!
Oh. That is a long long list of attributes, but we notice that udev consider all of these attributes when it checks it rules!
Thanks udev, but udev dose another great job for us, can you remember? udev populate /dev/ and create Hardware Abstraction, which is used my other programs. Udev has made world easier place for us and other programs.Thank you udev :)

dmesg

In LPIC1 Course we discussed that during boot process (when operating system hasn't been started yet) dmesg logs kernel ring buffer. Let go deeper, during the boot process kernel is loaded into RAM. At this stage there is a Device Driver presents in kernel which set up to drive relevant hardware. As any other elements of kernel, device driver produce messages. These messages have information about modules presents and value of any parameters. As booting process is so fast, dmesg help us to review what has happened during boot process.
Even after booting kernel might generate some messages, for example when an I/O devicefacing the problem, or a hot-pluggable device like USB is attached to system. Again dmesg can be used to review what kernel has generated during doing its jobs.
1
tion="profile_load" profile="unconfined" name="/usr/lib/lightdm/lightdm-guest-session" pid=638 comm="apparmor_parser"
2
[ 5.013133] audit: type=1400 audit(1512370178.278:3): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/lib/lightdm/lightdm-guest-session//chromium" pid=638 comm="apparmor_parser"
3
[ 5.032577] audit: type=1400 audit(1512370178.302:4): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/evince" pid=640 comm="apparmor_parser"
4
[ 5.032579] audit: type=1400 audit(1512370178.302:5): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/evince//sanitized_helper" pid=640 comm="apparmor_parser"
5
[ 5.032580] audit: type=1400 audit(1512370178.302:6): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/evince-previewer" pid=640 comm="apparmor_parser"
6
[ 5.032581] audit: type=1400 audit(1512370178.302:7): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/evince-previewer//sanitized_helper" pid=640 comm="apparmor_parser"
7
[ 5.032582] audit: type=1400 audit(1512370178.302:8): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/evince-thumbnailer" pid=640 comm="apparmor_parser"
8
[ 5.032583] audit: type=1400 audit(1512370178.302:9): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/bin/evince-thumbnailer//sanitized_helper" pid=640 comm="apparmor_parser"
9
[ 5.046032] audit: type=1400 audit(1512370178.314:10): apparmor="STATUS" operation="profile_load" profile="unconfined" name="/usr/sbin/cups-browsed" pid=668 comm="apparmor_parser"
10
[ 5.662430] random: crng init done
11
[ 5.668377] Adding 1045500k swap on /dev/sda5. Priority:-1 extents:1 across:1045500k FS
12
[ 6.567089] IPv6: ADDRCONF(NETDEV_UP): ens33: link is not ready
13
[ 6.574513] IPv6: ADDRCONF(NETDEV_UP): ens33: link is not ready
14
[ 6.575691] e1000: ens33 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
15
[ 6.576992] IPv6: ADDRCONF(NETDEV_CHANGE): ens33: link becomes ready
16
[ 6.866049] NET: Registered protocol family 40
17
[ 12.878693] Bluetooth: Core ver 2.22
18
[ 12.878785] NET: Registered protocol family 31
19
[ 12.878787] Bluetooth: HCI device and connection manager initialized
20
[ 12.878792] Bluetooth: HCI socket layer initialized
21
[ 12.878795] Bluetooth: L2CAP socket layer initialized
22
[ 12.878805] Bluetooth: SCO socket layer initialized
23
[ 12.887893] Netfilter messages via NETLINK v0.30.
24
[ 13.014635] device ens33 entered promiscuous mode
25
[ 2076.880855] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
26
[ 2076.880856] Bluetooth: BNEP filters: protocol multicast
27
[ 2076.880860] Bluetooth: BNEP socket layer initialized
28
[ 2080.858589] ISO 9660 Extensions: Microsoft Joliet Level 3
29
[ 2080.875428] ISO 9660 Extensions: RRIP_1991A
30
[ 2098.732330] usb 1-1: new high-speed USB device number 2 using ehci-pci
31
[ 2098.920575] usb 1-1: device descriptor read/64, error 18
32
[ 2099.260910] usb 1-1: device descriptor read/64, error 18
33
[ 2099.597146] usb 1-1: new high-speed USB device number 3 using ehci-pci
34
[ 2099.839122] usb 1-1: device descriptor read/64, error 18
35
[ 2100.182250] usb 1-1: device descriptor read/64, error 18
36
[ 2100.522218] usb 1-1: new high-speed USB device number 4 using ehci-pci
37
[ 2100.546399] usb 1-1: Invalid ep0 maxpacket: 9
38
[ 2100.779187] usb 1-1: new high-speed USB device number 5 using ehci-pci
39
[ 2100.813183] usb 1-1: Invalid ep0 maxpacket: 9
40
[ 2100.819476] usb usb1-port1: unable to enumerate USB device
Copied!
result above is abstracted, how ever you can see that dmesg dosn't workout well to give information about modules and parameters.
There are some user space commands from lpic1, lets just review:
command
Description
lspci
List PCi devices on the computer
lsusb
Shows Connected USB Devices
lsdev
List all Devices and Device Information
Last modified 2yr ago