Run-levels in Linux

A run level is a state of init and the whole system that defines what system services are operating. Run levels are identified by numbers. Some system administrators use run levels to define which subsystems are working, e.g., whether X is running, whether the network is operational, and so on. Others have all subsystems always running or start and stop them individually, without changing run levels, since run levels are too coarse for controlling their systems. You need to decide for yourself, but it might be easiest to follow the way your Linux distribution does things. The following table defines how most Linux Distributions define the different run levels. However, run-levels 2 through 5 can be modified to suit your own tastes. 

0	Halt the system.
1	Single-user mode (for special administration).
2	Local Multiuser with Networking but without network service (like NFS)
3	Full Multiuser with Networking
4	Not Used
5	Full Multiuser with Networking and X Windows(GUI)
6	Reboot.

Table: Run-Levels in Linux

When a Linux system boots, it enters its default run level and runs the startup scripts associated with that run level. You can also switch between run levels – for example, there’s a run level designed for recovery and maintenance operations.

Fig1: Readme File

Traditionally, Linux used System V-style init scripts – while new init systems will eventually obsolete traditional run levels, they haven’t yet. For example, Ubuntu’s Upstart system still uses traditional System V-style scripts. "Runlevel" defines the state of the machine after boot. Different runlevels are typically assigned to:

• Single-user mode
• Multi-user mode without network services started
• Multi-user mode with network services started
• System shutdown
• System reboot

 What is a Run level?

When a Linux system boots, it launches the init processes. init is responsible for launching the other processes on the system. For example, when you start your Linux computer, the kernel starts init, and init executes the startup scripts to initialize your hardware, bring up networking, and start your graphical desktop.

However, there isn’t just one single set of startup scripts init executes. There are multiple run levels with their own startup scripts – for example, one run level may bring up networking and launch the graphical desktop, while another run level may leave networking disabled and skip the graphical desktop. This means you can drop from “graphical desktop mode” to “text console mode without networking” with a single command, without manually starting and stopping different services.

More specifically, init runs the scripts located in a specific directory that corresponds to the run level. For example, when you enter run level 3 on Ubuntu, init runs the scripts located in the /etc/rc3.d directory.

Fig2:rc3d File

At least, this is how it works with a traditional System V init system – Linux distributions are beginning to replace the old System V init system. While Ubuntu’s Upstart currently maintains compatibility with SysV init scripts, this is likely to change in the future.

Run levels:

Some run levels are standard between Linux distributions, while some runlevels vary from distribution to distribution.

The following runlevels are standard:

• 0 – Halt (Shuts down the system.)
• 1 – Single User Mode (The system boots into super user mode without starting      daemons or networking. Ideal for booting into a recovery or diagnostics environment.)
• 6 – Reboot

Run levels 2-5 vary depending on distribution. For example, on Ubuntu and Debian, run levels 2-5 are the same and provide a full multi-user mode with networking and graphical login. On Fedora and Red Hat, runlevel 2 provides multi-user mode without networking (console login only), runlevel 3 provides multi-user mode with networking (console login only), runlevel 4 is unused, and runlevel 5 provides multi-user mode with networking and graphical login.

Switching to a Different Runlevel:

To switch to a different runlevel while the system is already running, use the following command:

            sudo telinit #

Replace # with the number of the runlevel you want to switch to. Omit sudo and run the command as root if you’re running a distribution that doesn’t use sudo.

 Fig3:Terminal window

Booting Directly to a Specific Runlevel:

You can select a runlevel to boot into from the boot loader – Grub, for example. At the start of the boot process, press a key to access Grub, select your boot entry, and press e to edit it.

 

Fig4:Login window

You can add single to the end of the Linux line to enter the single-user runlevel (runlevel 1). (Press Ctrl+x to boot after.) This is the same as the recovery mode option in Grub.

 Fig5:Mode verify

Traditionally, you could specify a number as a kernel parameter and you’d boot to that runlevel – for example, using 3 instead of single to boot to runlevel 3. However, this doesn’t appear to work on the latest versions of Ubuntu – Upstart doesn’t seem to allow it. Similarly, how you change the default runlevel will depend on your distribution.

While Ubuntu’s Upstart daemon still emulates the SystemV init system, much of this information will change in the future. For example, Upstart is event-based – it can stop and start services when events occur (for example, a service could start when a hardware device is connected to the system and stop when the device is removed.) Fedora also has its own successor to init, systemd.

OPENSSH-SERVER

SSH is program to login into remote computer in Network. You can have all accessibility when you logged into remote computer. This is done by Linux terminal. You can also login from Windows to Linux System but you must have the Public key and password of the remote System, but for Linux you just need password of remote system. As I mention in the  beginning of this blog SSH is a program from which you can login into remote System. But it is must that Remote System must have Openssh-server installed in its system.

You can read more about SSH program by typing “man ssh” on your Linux terminal, as shown below.

Fig :1

In above image you can see at left most corner is given “SSH(1)”, that 1 means its “Executable programs or shell commands”. In Linux there are different types of programs that run on Linux Terminal. For example there is one command that is “kill()” which can be use for two different purposes.

You can check program type by typing on terminal “man man”, it shows following output on terminal as below.

Fig : 2

As mention we must have Openssh-server on Remote system, following is an example for installing Openssh-server in your system.

For installing openssh-server:

    sudo apt-get install openssh-server

Fig :3

You can also download openssh-server(any package) instead of installing it for later use.

For downloading openssh-server:

        sudo apt-get download openssh-server

Fig:4

Now, to connect to remote System you have to type on your terminal,

          ssh -4 IP_Address_of_Remote_System

Fig:5

In above command I used “-4”, which indicate that it's a IPV4, for IPV6 use “-6”. When you'll try to login into Remote host, it will ask for the Remote account password for security purpose. After logged into Remote Host you can have all access to Remote host on your terminal. But for Administrative or root access you must know it's password. To access as Administrative or root you can switch to that account by typing on terminal:

      su account_name

It will ask you the password for the same account. After entering into that account you can have access as Admin or root.

Many times it happened that you login as Admin but you can't use some commands like poweroff . So for that purpose just try following command,

       sudo poweroff

Here, it will ask for the Admin Account password, type it and then you can use some of the root command easily.

AppArmor in Ubuntu

AppArmor is the most important security feature in Ubuntu which has been included since Ubuntu 7.10. We are not aware of this security feature because it’s a background process. As it is runs in the background silently we couldn’t identify what it is and what it’s doing.

AppArmor:-

AppArmor locks down vulnerable processes and restrict the damage that vulnerable process can cause thus providing a good security. AppArmor is similar to SELinux which is included by default in Fedora and RedHat. Both provide “mandatory access control” security. But AppArmor also allows Ubuntu’s developers to restrict the actions, processes can take.

For example, one application that is restricted in Ubuntu’s default configuration is the Evince PDF viewer. When Evince runs as a user account, it can only take specific actions. Evince only has the permission to run the PDF documents. If Evince discovered and opened a malicious document, AppArmor would protect the damage that Evince could do. So AppArmor gives the particular actions to be run by the applications or the process that user can access for restricting the exploitation of the software.

Viewing AppArmor’s Status:-

 We can view the AppArmor’s status by running the following command:

           sudo apparmor_status

We can see the AppArmor profiles that are installed, the confined and enforced process that are running.

AppArmor Profiles:-

In AppArmor, the restriction put in the processes are done by the profiles. We can see the list in the AppArmor status, the profiles that are installed on the system which comes with Ubuntu. You can also install other profiles by installing the apparmor-profiles package. You also can create your own AppArmor profiles to restrict the software.

As we saw in the status, that profiles run in the “complain mode” or “enforce mode”. In enforce mode, the default setting for the profiles that come with the Ubuntu - AppArmor prevents the applications from taking restricted actions. In complain mode it does the same and also it creates a log entry complaining about this. Complain mode is ideal for testing the AppArmor before enabling it in enforce mode so that we can see the error’s that would occur in the enforce mode.

Profiles are stored in the /etc/apparmor.d directory. These profiles are plain-text files that can contain comments.

You can also lock down the Mozilla FireFox for the increased security, but it doesn’t do this by default. The /etc/apparmor.d/disable folder contains a link that shows it’s disabled. You can see the Firefox profile i.e. usr.bin.firefox in the /etc/apparmor.d directory.

To enable it and confine Firefox profile with AppArmor, run the following commands:

        sudo rm /etc/apparmor.d/disable/usr.bin.firefox

        cat /etc/apparmor.d/usr.bin.firefox | sudo apparmor_parser –a

After you run these commands, run the sudo apparmor_status command again, and now we will see that the Firefox profiles are also added.

We can also disable this Firefox profile, run the following commands:

       sudo ls -s /etc/apparmor.d/ usr.bin.firefox /etc/apparmor.d/disable/

       sudo apparmor_parser –R /etc/apparmor.d/ usr.bin.firefox

INSTALL FONTS IN UBUNTU

In current era, Windows users are migrating from Windows os to Linux Operating System. Because everything which we had in windows, are also available in all Linux distros, with some great features. And if we don’t have sort of things available in Linux os then we can easily install it in Linux and also we can access Windows software’s through Wine.

Most probably when Windows users are migrated to Linux they have problem with fonts, which are available in Windows but not in Linux. This problem can be solved in two ways. First way is that we can directly download the required fonts and second way is that we can install those fonts through Linux Terminal.

First Way: - Download and Install Fonts. (Install Book-Antiqua font in Ubuntu 11.10)

Step 1:- Download Fonts from http: //font.downloadatoz.com/download,3959,book-antiqua-for-linux.html

Step 2: - Open .Zip file with Archive Manager.

 

Fig1 : Opening of .zip file

 Step 3: - Extract .Zip file as shown below. 
 

Fig2 : Extracting file

 Step 4: - Select Location to extract file.
 

Fig3: Selection of Location

 Step 5: - Extract file. (Wait until its shows extraction complete successfully)

Fig4: After Extracting a file

 Step 6: - Open Font file and Click on Install font and wait for some time, after installation of font, it will show “Installed”.

Fig5: Installing of font

 Step 7:- For checking font is installed or not open Libre Office Writer and check font in your font List.

Fig : Libre Office Writer

Second way:-

I will recommend you to install the Microsoft TrueType core fonts. To install them type the following command on a terminal:

              sudo apt-get install msttcorefonts
 

This will install fonts like Arial, Times New Roman and other Microsoft proprietary fonts. It will not however install Tahoma. Sometimes this server is really busy or down so be patient.

Also there are some Java fonts like Lucida that you can install. This requires the 1.5 JRE to be installed. To install them type the following in a terminal.

             sudo apt-get install sun-java5-fonts

All the fonts you will use in Ubuntu are stored in two places:-
1->/usr/share/fonts
2-> ~/.fonts

I recommend you install them in the First Location. Reason behind is that if you install them to your /home directory they will not be accessible from another account on the computer. So you can directly install all your fonts in above locations. I hope it will help you.

 

Add User Account to root in Ubuntu

Whenever we create any user account which doesn't has the authority of the “sudo” (Super user do) command, then that user account doesn't have any kind of permission to do anything with System. But as per the future requirement, we have to give the permission of “sudo” Command to the user account. Now how to do this?
 There are two ways to do this activity, first from the account that has the permission to used “sudo” command or the second way is from the root. Now what you have to do is just open the “sudoers” file which is located at /etc/sudoers using your favorite text editor.

    To use gedit you have to do following:

    Open the Terminal and type:

    sudo gedit /etc/sudoers

    If you want to use vim you can simply enter the following into the Terminal:

    sudo visudo

Fig. Opening sudoer file in vim editor

When you used the “sudo visudo” command in terminal the “sudoers” file is open in terminal with vim editor.
   
Once you have the sudoers file open, scroll down to the line:
   
root   ALL = (ALL)    ALL

Add the following line below the root line (replacing “user” with the name of the account you wish to give sudo access to)

user   ALL = (ALL)    ALL

Fig.2 Adding user account to root

For example, your account name is “Admin”, then simply replace the user with Admin.

Admin  ALL=(ALL)  ALL

Save and close the file.  The new user has now been added.

Creating 'root' in Ubuntu

The users of the Ubuntu system are aware that generally when you install the operating system on your PC, it doesn’t ask for the ‘root’ password. It doesn’t mean that Ubuntu system doesn’t contain the root! Ubuntu installation asks for the name of the administrator and its password. You can login to this account as general administrator user. As all we know that ‘root’ is the supreme user of the computer system. So, only ‘root’ has super-rights of your computer. Look at the diagram below that shows the relation among three different kinds of users of the Ubuntu.

Account types in Ubuntu

The ‘root’ is superuser. All major supervisor activities can be done through root. It does not ask for the password for these superuser activities! The ‘admin’ is administrator account. It can do many administrative tasks but asks password for it. It has limitations in supreme user activities. The ‘limuser’ is limited user account. It requires the admin or root password for many activities. So its name is limited user. It can’t do any administrative work! Most importantly, its entry is not mentioned in sudoers file. That is, it cannot execute command like ‘sudo’ (i.e. Super User DO). In such cases we need to switch temporarily to ‘root’ using ‘su’ command.

If Ubuntu doesn’t contain ‘root’ by default, then how to create it? The picture below shows the creation process of root.

Creating a 'root'

1.      Login to your administrator account and open terminal.

2.      Execute following command:

sudo passwd root

3.      It will ask for current user password. Then type it.

4.      After this the password for the root (new UNIX password) will be asked twice! Type the password twice and your ‘root’ account will be created.

5.      Now, you may use ‘su’ command to temporarily switch to ‘root’ account.

6.      Or, logout current account and go to ‘other’ account login window where you need the type both ‘root’ and its password too!

7.      After this you will get complete control of your Ubuntu system.